{"id":13559141,"url":"https://github.com/comunica/comunica","last_synced_at":"2026-04-14T11:01:47.316Z","repository":{"id":38816188,"uuid":"107345960","full_name":"comunica/comunica","owner":"comunica","description":"📬 A knowledge graph querying framework for JavaScript","archived":false,"fork":false,"pushed_at":"2026-04-09T05:19:49.000Z","size":197249,"stargazers_count":549,"open_issues_count":77,"forks_count":96,"subscribers_count":13,"default_branch":"master","last_synced_at":"2026-04-11T13:21:00.332Z","etag":null,"topics":["decentralization","federation","graphql","hacktoberfest","heterogeneity","javascript","mcp","query-engine","rdf","sparql","triple-pattern-fragments"],"latest_commit_sha":null,"homepage":"https://comunica.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/comunica.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":"publiccode.yml","codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"open_collective":"comunica-association"}},"created_at":"2017-10-18T01:57:55.000Z","updated_at":"2026-04-08T06:23:47.000Z","dependencies_parsed_at":"2023-09-22T20:58:35.827Z","dependency_job_id":"81dd9187-415c-4e8b-a421-5680fc465eee","html_url":"https://github.com/comunica/comunica","commit_stats":{"total_commits":2463,"total_committers":50,"mean_commits":49.26,"dds":0.3101908241981324,"last_synced_commit":"7f2c7dbf5d957b0728af4065c2c6721c43e6aeae"},"previous_names":[],"tags_count":138,"template":false,"template_full_name":null,"purl":"pkg:github/comunica/comunica","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/comunica%2Fcomunica","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/comunica%2Fcomunica/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/comunica%2Fcomunica/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/comunica%2Fcomunica/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/comunica","download_url":"https://codeload.github.com/comunica/comunica/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/comunica%2Fcomunica/sbom","scorecard":{"id":301961,"data":{"date":"2025-08-11","repo":{"name":"github.com/comunica/comunica","commit":"e943589fbe08c99c270019d5b2772288d17fb48b"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.5,"checks":[{"name":"Maintained","score":10,"reason":"28 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":3,"reason":"Found 9/30 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/close-issues-no-response.yml:1","Warn: no topLevel permission defined: .github/workflows/issue-label-commenter.yml:1","Warn: no topLevel permission defined: .github/workflows/issue-label-to-project-board.yml:1","Warn: no topLevel permission defined: .github/workflows/new-issue-label.yml:1","Warn: no topLevel permission defined: .github/workflows/publish-github-release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/ci.yml:207"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 9 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:263: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:273: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:293: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:295: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:302: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:306: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:310: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:314: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:327: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:341: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:370: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:372: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:381: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:406: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/close-issues-no-response.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/close-issues-no-response.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/close-issues-no-response.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/close-issues-no-response.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-label-commenter.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/issue-label-commenter.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-label-commenter.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/issue-label-commenter.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-label-to-project-board.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/issue-label-to-project-board.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-label-to-project-board.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/issue-label-to-project-board.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/new-issue-label.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/new-issue-label.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-github-release.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/publish-github-release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-github-release.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/comunica/comunica/publish-github-release.yml/master?enable=pin","Warn: containerImage not pinned by hash: engines/query-sparql-file/Dockerfile:1: pin your Docker image by updating node:22 to node:22@sha256:5cc527147c43e671934c3530e9f66863162db5f57ce1ed0f227a3bb57b93cfab","Warn: containerImage not pinned by hash: engines/query-sparql/Dockerfile:1: pin your Docker image by updating node:22 to node:22@sha256:5cc527147c43e671934c3530e9f66863162db5f57ce1ed0f227a3bb57b93cfab","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-file/combinations/combination_0/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql-file:latest to comunica/query-sparql-file:latest@sha256:bdd5fe0d306b16e6170da7a17f612beb2b06417970b6da61019b703cffa8e027","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-file/combinations/combination_1/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql-file:latest to comunica/query-sparql-file:latest@sha256:bdd5fe0d306b16e6170da7a17f612beb2b06417970b6da61019b703cffa8e027","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-file/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql-file:latest to comunica/query-sparql-file:latest@sha256:bdd5fe0d306b16e6170da7a17f612beb2b06417970b6da61019b703cffa8e027","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/combinations/combination_0/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/combinations/combination_0/input/dockerfiles/Dockerfile-ldf-server:1: pin your Docker image by updating linkeddatafragments/server:v3.3.0 to linkeddatafragments/server:v3.3.0@sha256:d3de77b9aebaaf97dd02ed61f09e026beffe4e72549472e1e28d6911c7d1671e","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/combinations/combination_0/input/dockerfiles/Dockerfile-ldf-server-cache:1: pin your Docker image by updating nginx:1.23.2 to nginx:1.23.2@sha256:ab589a3c466e347b1c0573be23356676df90cd7ce2dbf6ec332a5f0a8b5e59db","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/combinations/combination_1/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/combinations/combination_1/input/dockerfiles/Dockerfile-ldf-server:1: pin your Docker image by updating linkeddatafragments/server:v3.3.0 to linkeddatafragments/server:v3.3.0@sha256:d3de77b9aebaaf97dd02ed61f09e026beffe4e72549472e1e28d6911c7d1671e","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/combinations/combination_1/input/dockerfiles/Dockerfile-ldf-server-cache:1: pin your Docker image by updating nginx:1.23.2 to nginx:1.23.2@sha256:ab589a3c466e347b1c0573be23356676df90cd7ce2dbf6ec332a5f0a8b5e59db","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/input/dockerfiles/Dockerfile-ldf-server:1: pin your Docker image by updating linkeddatafragments/server:v3.3.0 to linkeddatafragments/server:v3.3.0@sha256:d3de77b9aebaaf97dd02ed61f09e026beffe4e72549472e1e28d6911c7d1671e","Warn: containerImage not pinned by hash: performance/benchmark-bsbm-tpf/input/dockerfiles/Dockerfile-ldf-server-cache:1: pin your Docker image by updating nginx:1.23.2 to nginx:1.23.2@sha256:ab589a3c466e347b1c0573be23356676df90cd7ce2dbf6ec332a5f0a8b5e59db","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-file/combinations/combination_0/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql-file:latest to comunica/query-sparql-file:latest@sha256:bdd5fe0d306b16e6170da7a17f612beb2b06417970b6da61019b703cffa8e027","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-file/combinations/combination_1/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql-file:latest to comunica/query-sparql-file:latest@sha256:bdd5fe0d306b16e6170da7a17f612beb2b06417970b6da61019b703cffa8e027","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-file/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql-file:latest to comunica/query-sparql-file:latest@sha256:bdd5fe0d306b16e6170da7a17f612beb2b06417970b6da61019b703cffa8e027","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/combinations/combination_0/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/combinations/combination_0/input/dockerfiles/Dockerfile-ldf-server:1: pin your Docker image by updating linkeddatafragments/server:v3.3.0 to linkeddatafragments/server:v3.3.0@sha256:d3de77b9aebaaf97dd02ed61f09e026beffe4e72549472e1e28d6911c7d1671e","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/combinations/combination_0/input/dockerfiles/Dockerfile-ldf-server-cache:1: pin your Docker image by updating nginx:1.23.2 to nginx:1.23.2@sha256:ab589a3c466e347b1c0573be23356676df90cd7ce2dbf6ec332a5f0a8b5e59db","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/combinations/combination_1/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/combinations/combination_1/input/dockerfiles/Dockerfile-ldf-server:1: pin your Docker image by updating linkeddatafragments/server:v3.3.0 to linkeddatafragments/server:v3.3.0@sha256:d3de77b9aebaaf97dd02ed61f09e026beffe4e72549472e1e28d6911c7d1671e","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/combinations/combination_1/input/dockerfiles/Dockerfile-ldf-server-cache:1: pin your Docker image by updating nginx:1.23.2 to nginx:1.23.2@sha256:ab589a3c466e347b1c0573be23356676df90cd7ce2dbf6ec332a5f0a8b5e59db","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/input/dockerfiles/Dockerfile-ldf-server:1: pin your Docker image by updating linkeddatafragments/server:v3.3.0 to linkeddatafragments/server:v3.3.0@sha256:d3de77b9aebaaf97dd02ed61f09e026beffe4e72549472e1e28d6911c7d1671e","Warn: containerImage not pinned by hash: performance/benchmark-watdiv-tpf/input/dockerfiles/Dockerfile-ldf-server-cache:1: pin your Docker image by updating nginx:1.23.2 to nginx:1.23.2@sha256:ab589a3c466e347b1c0573be23356676df90cd7ce2dbf6ec332a5f0a8b5e59db","Warn: containerImage not pinned by hash: performance/benchmark-web/combinations/combination_0/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-web/combinations/combination_1/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: containerImage not pinned by hash: performance/benchmark-web/input/dockerfiles/Dockerfile-client:1: pin your Docker image by updating comunica/query-sparql:latest to comunica/query-sparql:latest@sha256:55fd9ad0d4b141f25f97f0a2cfd420bb00c1ab18e68b0128da76a56b67565f15","Warn: npmCommand not pinned by hash: engines/query-sparql-file/Dockerfile:20","Warn: npmCommand not pinned by hash: engines/query-sparql/Dockerfile:20","Info:   0 out of  34 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  10 third-party GitHubAction dependencies pinned","Info:   0 out of  29 containerImage dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"40 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-434g-2637-qmqr","Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m","Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw","Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p","Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747","Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6","Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx","Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T20:52:38.903Z","repository_id":38816188,"created_at":"2025-08-17T20:52:38.903Z","updated_at":"2025-08-17T20:52:38.903Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31778585,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T00:11:49.126Z","status":"online","status_checked_at":"2026-04-14T02:00:06.344Z","response_time":153,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["decentralization","federation","graphql","hacktoberfest","heterogeneity","javascript","mcp","query-engine","rdf","sparql","triple-pattern-fragments"],"created_at":"2024-08-01T12:05:22.446Z","updated_at":"2026-04-14T11:01:47.310Z","avatar_url":"https://github.com/comunica.png","language":"TypeScript","funding_links":["https://opencollective.com/comunica-association"],"categories":["TypeScript","javascript","Platforms","Uncategorized","Software"],"sub_categories":["BBedit","Uncategorized","Additional Tools"],"readme":"\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://comunica.dev/\"\u003e\n    \u003cimg alt=\"Comunica\" src=\"https://comunica.dev/img/comunica_red.svg\" width=\"200\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eA knowledge graph querying framework for JavaScript\u003c/strong\u003e\n  \u003cbr /\u003e\n  \u003ci\u003eFlexible SPARQL and GraphQL over decentralized RDF on the Web.\u003c/i\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/comunica/comunica/actions/workflows/ci.yml\"\u003e\u003cimg src=\"https://github.com/comunica/comunica/actions/workflows/ci.yml/badge.svg?branch=master\" alt=\"Build Status\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://coveralls.io/github/comunica/comunica?branch=master\"\u003e\u003cimg src=\"https://coveralls.io/repos/github/comunica/comunica/badge.svg?branch=master\" alt=\"Coverage Status\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://zenodo.org/badge/latestdoi/107345960\"\u003e\u003cimg src=\"https://zenodo.org/badge/107345960.svg\" alt=\"DOI\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://gitter.im/comunica/Lobby\"\u003e\u003cimg src=\"https://img.shields.io/gitter/room/comunica/Lobby.svg?label=Lobby-Chat\" alt=\"Gitter Lobby chat\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://gitter.im/comunica/core-dev\"\u003e\u003cimg src=\"https://img.shields.io/gitter/room/comunica/Lobby.svg?label=Dev-Chat\" alt=\"Gitter Dev chat\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://comunica.github.io/comunica/\"\u003e\u003cimg src=\"https://img.shields.io/badge/doc-code_documentation-blueviolet\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n**[Learn more about Comunica on our website](https://comunica.dev/).**\n\nComunica is an open-source project that is used by [many other projects](https://github.com/comunica/comunica/network/dependents),\nand is being maintained by a [group of volunteers](https://github.com/comunica/comunica/graphs/contributors).\nIf you would like to support this project, you may consider:\n\n* Contributing directly by [writing code or documentation](https://comunica.dev/contribute/); or\n* Contributing indirectly by funding this project via [Open Collective](https://opencollective.com/comunica-association).\n\n## Supported by\n\nComunica is a community-driven project, sustained by the [Comunica Association](https://comunica.dev/association/).\nIf you are using Comunica, [becoming a sponsor or member](https://opencollective.com/comunica-association) is a way to make Comunica sustainable in the long-term.\n\nOur top sponsors are shown below!\n\n\u003ca href=\"https://opencollective.com/comunica-association/sponsor/0/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/comunica-association/sponsor/0/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/comunica-association/sponsor/1/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/comunica-association/sponsor/1/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/comunica-association/sponsor/2/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/comunica-association/sponsor/2/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/comunica-association/sponsor/3/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/comunica-association/sponsor/3/avatar.svg\"\u003e\u003c/a\u003e\n\n## Query with Comunica\n\nRead one of our [guides to **get started** with querying](https://comunica.dev/docs/query/getting_started/):\n\n* [Querying from the command line](https://comunica.dev/docs/query/getting_started/query_cli/)\n* [Updating from the command line](https://comunica.dev/docs/query/getting_started/update_cli/)\n* [Querying local files from the command line](https://comunica.dev/docs/query/getting_started/query_cli_file/)\n* [Querying in a JavaScript app](https://comunica.dev/docs/query/getting_started/query_app/)\n* [Updating in a JavaScript app](https://comunica.dev/docs/query/getting_started/update_app/)\n* [Querying in a JavaScript browser app](https://comunica.dev/docs/query/getting_started/query_browser_app/)\n* [Setting up a SPARQL endpoint](https://comunica.dev/docs/query/getting_started/setup_endpoint/)\n* [Querying from a Docker container](https://comunica.dev/docs/query/getting_started/query_docker/)\n* [Setting up a Web client](https://comunica.dev/docs/query/getting_started/setup_web_client/)\n* [Query using the latest development version](https://comunica.dev/docs/query/getting_started/query_dev_version/)\n\nOr jump right into one of the available query engines:\n* [Comunica SPARQL](https://github.com/comunica/comunica/tree/master/engines/query-sparql#readme): SPARQL/GraphQL querying from JavaScript applications or the CLI ([Browser-ready via a CDN](https://github.com/rdfjs/comunica-browser))\n\n - Engines with support for specific types of sources\n   * [Comunica SPARQL File](https://github.com/comunica/comunica/tree/master/engines/query-sparql-file#readme): Engine to query over local RDF files\n   * [Comunica SPARQL RDF/JS](https://github.com/comunica/comunica/tree/master/engines/query-sparql-rdfjs#readme): Engine to query over in-memory [RDF/JS-compliant sources](https://rdf.js.org/stream-spec/#source-interface).\n   * [Comunica SPARQL RDF/JS Lite](https://github.com/comunica/comunica/tree/master/engines/query-sparql-rdfjs-lite#readme): Engine optimized for small bundle size to query over in-memory [RDF/JS-compliant sources](https://rdf.js.org/stream-spec/#source-interface).\n   * [Comunica SPARQL HDT](https://github.com/comunica/comunica-feature-hdt/tree/master/engines/query-sparql-hdt#readme): Library to query over local [HDT](https://www.rdfhdt.org/) files\n   * [Comunica SPARQL OSTRICH](https://github.com/comunica/comunica-feature-versioning/tree/master/engines/query-sparql-ostrich#readme): Library to query over local versioned [OSTRICH](https://github.com/rdfostrich/ostrich) archives\n   * [Comunica MCP](https://github.com/comunica/comunica-feature-mcp/): [MCP](https://modelcontextprotocol.io/) wrappers over most Comunica engines for interaction with AI agents.\n\n - Engines with alternative querying paradigms:\n   * [Comunica SPARQL Link Traversal](https://github.com/comunica/comunica-feature-link-traversal/tree/master/engines/query-sparql-link-traversal#readme): Engine to query over multiple files by following links between them.\n   * [Comunica SPARQL Solid](https://github.com/comunica/comunica-feature-solid/tree/master/engines/query-sparql-solid#readme): Engine to query over files behind [Solid access control](https://solidproject.org/).\n   * [Comunica SPARQL Link Traversal Solid](https://github.com/comunica/comunica-feature-link-traversal/tree/master/engines/query-sparql-link-traversal-solid#readme): Engine to query within [Solid data vaults](https://solidproject.org/) by following links between documents.\n   * [Comunica SPARQL Reasoning](https://github.com/comunica/comunica-feature-reasoning/tree/master/engines/query-sparql-reasoning): Engine that adds support for reasoning\n   * [Comunica SPARQL Reasoning File](https://github.com/comunica/comunica-feature-reasoning/tree/master/engines/query-sparql-file-reasoning): Engine to query over local RDF files with support for reasoning\n\n## Modify or Extend Comunica\n\n[Read one of our guides to **get started** with modifying Comunica](https://comunica.dev/docs/modify/),\nor have a look at some [examples](https://github.com/comunica/examples):\n\n* [Querying with a custom configuration from the command line](https://comunica.dev/docs/modify/getting_started/custom_config_cli/)\n* [Querying with a custom configuration in a JavaScript app](https://comunica.dev/docs/modify/getting_started/custom_config_app/)\n* [Exposing your custom config as an npm package](https://comunica.dev/docs/modify/getting_started/custom_init/)\n* [Exposing your custom config in a Web client](https://comunica.dev/docs/modify/getting_started/custom_web_client/)\n* [Contributing a new query operation actor to the Comunica repository](https://comunica.dev/docs/modify/getting_started/contribute_actor/)\n* [Adding a config parameter to an actor](https://comunica.dev/docs/modify/getting_started/actor_parameter/)\n\n## Contribute\n\nInterested in contributing? Have a look at our [contribution guide](https://comunica.dev/contribute/).\n\n## Development Setup\n\n_(JSDoc: https://comunica.github.io/comunica/)_\n\nThis repository should be used by Comunica module **developers** as it contains multiple Comunica modules that can be composed.\nThis repository is managed as a [monorepo](https://github.com/babel/babel/blob/master/doc/design/monorepo.md)\nusing [Lerna](https://lernajs.io/).\n\nIf you want to develop new features\nor use the (potentially unstable) in-development version,\nyou can set up a development environment for Comunica.\n\nComunica requires [Node.JS](http://nodejs.org/) and the [Yarn](https://yarnpkg.com/en/) package manager (only when using this repo).\nComunica is tested on OSX, Linux and Windows.\n\nThis project can be setup by cloning and installing it as follows:\n\n```bash\n$ git clone https://github.com/comunica/comunica.git\n$ cd comunica\n$ yarn install\n```\n\n**Note: `npm install` is not supported at the moment, as this project makes use of Yarn's [workspaces](https://yarnpkg.com/lang/en/docs/workspaces/) functionality**\n\nThis will install the dependencies of all modules, and bootstrap the Lerna monorepo.\nAfter that, all [Comunica packages](https://github.com/comunica/comunica/tree/master/packages) are available in the `packages/` folder,\nand the [Comunica engines](https://github.com/comunica/comunica/tree/master/engines) are available in the `engines/` folder.\nThese can be used in a development environment, such as querying with [Comunica SPARQL (`@comunica/query-sparql`)](https://github.com/comunica/comunica/tree/master/engines/query-sparql).\n\nFurthermore, this will add pre-commit hooks using [husky](https://www.npmjs.com/package/husky) to build, lint and test.\nThese hooks can temporarily be disabled at your own risk by adding the `-n` flag to the commit command.\n\n## Benchmarking\n\nIf you want to do benchmarking with Comunica in Node.js,\nmake sure to run Node.js in production mode as follows:\n\n```bash\n\u003e NODE_ENV=production node packages/some-package/bin/some-bin.js\n```\n\nRead more about benchmarking [on our website](https://comunica.dev/docs/modify/benchmarking/).\n\n## Cite\n\nIf you are using or extending Comunica as part of a scientific publication,\nwe would appreciate a citation of our [article](https://comunica.github.io/Article-ISWC2018-Resource/).\n\n```bibtex\n@inproceedings{taelman_iswc_resources_comunica_2018,\n  author    = {Taelman, Ruben and Van Herwegen, Joachim and Vander Sande, Miel and Verborgh, Ruben},\n  title     = {Comunica: a Modular SPARQL Query Engine for the Web},\n  booktitle = {Proceedings of the 17th International Semantic Web Conference},\n  year      = {2018},\n  month     = oct,\n  url       = {https://comunica.github.io/Article-ISWC2018-Resource/}\n}\n```\n\n## License\nThis code is copyrighted by [the Comunica Association](https://comunica.dev/association/) and [Ghent University – imec](http://idlab.ugent.be/)\nand released under the [MIT license](http://opensource.org/licenses/MIT).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcomunica%2Fcomunica","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcomunica%2Fcomunica","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcomunica%2Fcomunica/lists"}