You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jena.apache.org by gi...@apache.org on 2023/03/21 20:33:07 UTC
[jena-site] branch asf-staging updated: Staged site from script-setting (b04971c9881bbf8fc04b2599096be9c2b0b844dd)
This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/jena-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new 911af6a64 Staged site from script-setting (b04971c9881bbf8fc04b2599096be9c2b0b844dd)
911af6a64 is described below
commit 911af6a64a6cf14cc18e52eaaf8ed76d335f6ce5
Author: jenkins <bu...@apache.org>
AuthorDate: Tue Mar 21 20:33:01 2023 +0000
Staged site from script-setting (b04971c9881bbf8fc04b2599096be9c2b0b844dd)
---
content/documentation/index.xml | 2 +-
content/documentation/query/javascript-functions.html | 3 +++
content/index.xml | 2 +-
3 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/content/documentation/index.xml b/content/documentation/index.xml
index 19c6b5c9f..98a0625b9 100644
--- a/content/documentation/index.xml
+++ b/content/documentation/index.xml
@@ -370,7 +370,7 @@ ARQ consists of the following parts:
<guid>https://jena.apache.org/documentation/query/javascript-functions.html</guid>
<description>ARQ supports writing custom SPARQL functions in JavaScript. These functions can be used in FILTERs and for calculating values to assign with AS in BIND and SELECT expressions.
XSD datatypes for strings, numbers and booleans are converted to the native JavaScript datatypes. RDFterms that do not fit easily into JavaScript datatypes are handled with a object class NV.
-Requirements ARQ requires a javascript engine such as GraalVM to be added to the classpath.</description>
+Applications should be aware that there are risks in exposing a script engine with full computational capabilities through SPARQL.</description>
</item>
<item>
diff --git a/content/documentation/query/javascript-functions.html b/content/documentation/query/javascript-functions.html
index 005b83937..5e6d6c48d 100644
--- a/content/documentation/query/javascript-functions.html
+++ b/content/documentation/query/javascript-functions.html
@@ -196,6 +196,9 @@ values to assign with AS in BIND and SELECT expressions.</p>
<p>XSD datatypes for strings, numbers and booleans are converted to the
native JavaScript datatypes. RDFterms that do not fit easily into
JavaScript datatypes are handled with a object class <code>NV</code>.</p>
+<p>Applications should be aware that there are risks in exposing a script engine
+with full computational capabilities through SPARQL. Script functions are only
+as secure as the script engine environment they run in.</p>
<h2 id="requirements">Requirements</h2>
<p>ARQ requires a javascript engine such as <a href="https://www.graalvm.org/">GraalVM</a> to
be added to the classpath.</p>
diff --git a/content/index.xml b/content/index.xml
index ad2e1fcda..b0ac8c366 100644
--- a/content/index.xml
+++ b/content/index.xml
@@ -413,7 +413,7 @@ ARQ consists of the following parts:
<guid>https://jena.apache.org/documentation/query/javascript-functions.html</guid>
<description>ARQ supports writing custom SPARQL functions in JavaScript. These functions can be used in FILTERs and for calculating values to assign with AS in BIND and SELECT expressions.
XSD datatypes for strings, numbers and booleans are converted to the native JavaScript datatypes. RDFterms that do not fit easily into JavaScript datatypes are handled with a object class NV.
-Requirements ARQ requires a javascript engine such as GraalVM to be added to the classpath.</description>
+Applications should be aware that there are risks in exposing a script engine with full computational capabilities through SPARQL.</description>
</item>
<item>