Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Even if KAF is the true OpeNER data representation format, it is not very friendly for humans. It is also difficult to parse and work with it, specially for new users that are not familiarized with KAF. This is part of the feedback we got from the OpeNER hackathon held in Amsterdam during first days of July. To ease the post-processing of the results by any potential user, we are designing an alternative JSON format to output translate KAF, and turn its complexity into a much more usable format. Although, the specification for this JSON is currently work in progress, we have already a version that covers the most relevant parts from the KAF representation.
This software is part of a larger collection of natural language processing tools known as "the OpeNER project". You can find more information about the project at the OpeNER portal. There you can also find references to terms like KAF (an XML standard to represent linguistic annotations in texts), component, cores, scenario's and pipelines.
Installing the kaf2json can be done by executing:
gem install opener-kaf2json
Please keep in mind that all components in OpeNER take KAF as an input and output KAF by default.
You should now be able to call the kaf2json as a regular shell command: by its name. Once installed the gem normally sits in your path so you can call it directly from anywhere.
This aplication reads a text from standard input in order to convert it to JSON.
cat some_kind_of_kaf_file.kaf | kaf2json
The output will look like the following JSON:
{
"text" : "Beatrix Wilhelmina Armgard van Oranje -Nassau (Baarn , 31 januari 1938 ) is sinds 30 april 1980 koningin van het Koninkrijk der Nederlandén ",
"language" : "nl",
"terms" : {},
"sentiments": [],
"entities" : {},
"opinions" : {}
}
You can launch a webservice by executing:
kaf2json-server
This will launch a mini webserver with the webservice. It defaults to port 9292, so you can access it at http://localhost:9292.
To launch it on a different port provide the -p [port-number]
option like
this:
kaf2json-server -p 1234
It then launches at http://localhost:1234
Documentation on the Webservice is provided by surfing to the urls provided
above. For more information on how to launch a webservice run the command with
the --help
option.
Last but not least the kaf2json comes shipped with a daemon that can read jobs (and write) jobs to and from Amazon SQS queues. For more information type:
kaf2json-daemon -h
This component runs best if you run it in an environment suited for OpeNER components. You can find an installation guide and helper tools in the OpeNER installer and an installation guide on the Opener Website
At least you need the following system setup:
sudo apt-get install libarchive-dev
If you encounter problems, please email support@opener-project.eu or leave an issue tracker.
git checkout -b my-new-feature
)git commit -am 'Add some feature'
)git push origin my-new-feature
)FAQs
Unknown package
We found that opener-kaf2json demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.