npm - eyeling - Versions diffs - 1.13.2 → 1.13.4 - Mend

eyeling 1.13.2 → 1.13.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/HANDBOOK.md +2 -0
package/examples/allen-interval-calculus.n3 +180 -0
package/examples/deck/odrl-dpv-risk-ranked.md +251 -0
package/examples/dining-philosophers.n3 +383 -0
package/examples/input/annotation.ttl +3 -1
package/examples/input/reifies.ttl +2 -0
package/examples/input/triple-term.ttl +3 -2
package/examples/kaprekar.n3 +205 -0
package/examples/odrl-dpv-ehds-risk-ranked.n3 +473 -0
package/examples/odrl-dpv-healthcare-risk-ranked.n3 +575 -0
package/examples/odrl-dpv-risk-ranked.n3 +30 -31
package/examples/output/allen-interval-calculus.n3 +157 -0
package/examples/output/dining-philosophers.n3 +808 -0
package/examples/output/kaprekar.n3 +9992 -0
package/examples/output/odrl-dpv-ehds-risk-ranked.n3 +144 -0
package/examples/output/odrl-dpv-healthcare-risk-ranked.n3 +117 -0
package/examples/output/odrl-dpv-risk-ranked.n3 +70 -6
package/examples/output/wind-turbine.n3 +6 -0
package/examples/reifies.n3 +1 -2
package/examples/triple-term.n3 +3 -3
package/examples/wind-turbine.n3 +63 -0
package/eyeling.js +7 -2
package/lib/cli.js +4 -1
package/lib/engine.js +3 -1
package/package.json +1 -1
package/test/api.test.js +11 -0
package/tools/n3gen.js +36 -7

package/examples/output/odrl-dpv-ehds-risk-ranked.n3 ADDED Viewed

@@ -0,0 +1,144 @@
+@prefix : <https://example.org/odrl-dpv-ehds-risk-ranked#> .
+@prefix dct: <http://purl.org/dc/terms/> .
+@prefix dpv: <https://w3id.org/dpv#> .
+@prefix eu-dga: <https://w3id.org/dpv/legal/eu/dga#> .
+@prefix eu-ehds: <https://w3id.org/dpv/legal/eu/ehds#> .
+@prefix genid: <https://eyereasoner.github.io/.well-known/genid/> .
+@prefix log: <http://www.w3.org/2000/10/swap/log#> .
+@prefix odrl: <http://www.w3.org/ns/odrl/2/> .
+@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix risk: <https://w3id.org/dpv/risk#> .
+genid:b4170cf8-6d12-05e6-0d62-0f4c42cbb77c a risk:RiskSource .
+genid:b4170cf8-6d12-05e6-0d62-0f4c42cbb77c a risk:LegalComplianceRisk .
+genid:b4170cf8-6d12-05e6-0d62-0f4c42cbb77c dct:source :PermSecondaryUseDUA .
+genid:b4170cf8-6d12-05e6-0d62-0f4c42cbb77c dct:description "Secondary use permitted without EHDS Data Permit." .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c a dpv:Risk .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c a risk:PolicyRisk .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dct:source :PermSecondaryUseDUA .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c risk:hasRiskSource genid:b4170cf8-6d12-05e6-0d62-0f4c42cbb77c .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dpv:hasConsequence risk:CustomerConfidenceLoss .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dpv:hasImpact risk:FinancialLoss .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dpv:hasImpact risk:NonMaterialDamage .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c :aboutClause :ClauseH1 .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c :scoreRaw 100 .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c :violatesNeed :Need_RequireDataPermit .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dct:description "Risk: secondary use is permitted without an EHDS Data Permit safeguard. Clause H1: Hospital may provide electronic health data for secondary use based on a bilateral data use agreement with the applicant." .
+:ProcessContext1 dpv:hasRisk genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c .
+genid:89664258-fefa-8d30-6eb9-72e87d93d99c a dpv:RiskMitigationMeasure .
+genid:89664258-fefa-8d30-6eb9-72e87d93d99c dct:description "Require an EHDS Data Permit (eu-ehds:DataPermit) issued by a Health Data Access Body prior to secondary use." .
+genid:89664258-fefa-8d30-6eb9-72e87d93d99c dpv:mitigatesRisk genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c .
+genid:89664258-fefa-8d30-6eb9-72e87d93d99c :suggestAdd {
+    :PermSecondaryUseDUA odrl:constraint _:sk_0 .
+    _:sk_0 a odrl:Constraint .
+    _:sk_0 odrl:leftOperand :hasDataPermit .
+    _:sk_0 odrl:operator odrl:eq .
+    _:sk_0 odrl:rightOperand true .
+    :PermitExample a eu-ehds:DataPermit .
+    :PermitExample dct:description "Example placeholder for an issued data permit." .
+} .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dpv:isMitigatedByMeasure genid:89664258-fefa-8d30-6eb9-72e87d93d99c .
+genid:884e4487-8c4b-8810-90c0-17a495889b30 a risk:RiskSource .
+genid:884e4487-8c4b-8810-90c0-17a495889b30 a risk:LegalComplianceRisk .
+genid:884e4487-8c4b-8810-90c0-17a495889b30 dct:source :PermSecondaryUseAllPatients .
+genid:884e4487-8c4b-8810-90c0-17a495889b30 dct:description "Opt-out from secondary use not explicitly respected." .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c a dpv:Risk .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c a risk:PolicyRisk .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c a risk:UnwantedDisclosureData .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c dct:source :PermSecondaryUseAllPatients .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c risk:hasRiskSource genid:884e4487-8c4b-8810-90c0-17a495889b30 .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c dpv:hasConsequence risk:CustomerConfidenceLoss .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c dpv:hasImpact risk:NonMaterialDamage .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c :aboutClause :ClauseH2 .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c :scoreRaw 100 .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c :violatesNeed :Need_RespectOptOutSecondaryUse .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c dct:description "Risk: secondary use may include patients who opted out (EHDS A71). Clause H2: Secondary use may include all patient records for training and evaluating health-related algorithms." .
+:ProcessContext1 dpv:hasRisk genid:e8c966b0-9c81-ff94-18b1-21d486bac44c .
+genid:3679a190-523c-9332-6005-4e14ea5e6e88 a dpv:RiskMitigationMeasure .
+genid:3679a190-523c-9332-6005-4e14ea5e6e88 dct:description "Add an explicit safeguard to exclude records of persons who exercised the EHDS opt-out from secondary use (A71)." .
+genid:3679a190-523c-9332-6005-4e14ea5e6e88 dpv:mitigatesRisk genid:e8c966b0-9c81-ff94-18b1-21d486bac44c .
+genid:3679a190-523c-9332-6005-4e14ea5e6e88 :suggestAdd {
+    :PermSecondaryUseAllPatients odrl:constraint _:sk_1 .
+    _:sk_1 a odrl:Constraint .
+    _:sk_1 odrl:leftOperand :respectOptOutSecondaryUse .
+    _:sk_1 odrl:operator odrl:eq .
+    _:sk_1 odrl:rightOperand true .
+} .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c dpv:isMitigatedByMeasure genid:3679a190-523c-9332-6005-4e14ea5e6e88 .
+genid:72ae1018-4dcd-392a-9bbf-c080b5d038b0 a risk:RiskSource .
+genid:72ae1018-4dcd-392a-9bbf-c080b5d038b0 a risk:PolicyRisk .
+genid:72ae1018-4dcd-392a-9bbf-c080b5d038b0 dct:source :PermDownloadLocalCopy .
+genid:72ae1018-4dcd-392a-9bbf-c080b5d038b0 dct:description "Local download permitted; secure processing environment not required." .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 a dpv:Risk .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 a risk:UnwantedDisclosureData .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dct:source :PermDownloadLocalCopy .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 risk:hasRiskSource genid:72ae1018-4dcd-392a-9bbf-c080b5d038b0 .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dpv:hasConsequence risk:CustomerConfidenceLoss .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dpv:hasImpact risk:FinancialLoss .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dpv:hasImpact risk:NonMaterialDamage .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 :aboutClause :ClauseH3 .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 :scoreRaw 88 .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 :violatesNeed :Need_SecureProcessingEnvironment .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dct:description "Risk: the agreement permits local downloads rather than processing within a secure processing environment. Clause H3: The applicant may download a complete local copy of the dataset to its own infrastructure for analysis." .
+:ProcessContext1 dpv:hasRisk genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 .
+genid:c516de60-83e5-b4b8-2de8-c5b4edf763b0 a dpv:RiskMitigationMeasure .
+genid:c516de60-83e5-b4b8-2de8-c5b4edf763b0 dct:description "Require processing only within a secure processing environment (e.g., eu-dga:SecureProcessingEnvironment), and prohibit local downloads of raw datasets." .
+genid:c516de60-83e5-b4b8-2de8-c5b4edf763b0 dpv:mitigatesRisk genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 .
+genid:c516de60-83e5-b4b8-2de8-c5b4edf763b0 :suggestAdd {
+    :ProhibitDownloadLocalCopy a odrl:Prohibition .
+    :ProhibitDownloadLocalCopy odrl:assigner :HospitalA .
+    :ProhibitDownloadLocalCopy odrl:assignee :UniLab .
+    :ProhibitDownloadLocalCopy odrl:action :download .
+    :ProhibitDownloadLocalCopy odrl:target :Dataset1 .
+    :ProhibitDownloadLocalCopy :clause :ClauseH3 .
+    :ProcessContext1 dpv:hasTechnicalOrganisationalMeasure eu-dga:SecureProcessingEnvironment .
+} .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dpv:isMitigatedByMeasure genid:c516de60-83e5-b4b8-2de8-c5b4edf763b0 .
+genid:d31b6ae0-cb02-39e0-1fa0-86946b7e44c0 a risk:RiskSource .
+genid:d31b6ae0-cb02-39e0-1fa0-86946b7e44c0 a risk:PolicyRisk .
+genid:d31b6ae0-cb02-39e0-1fa0-86946b7e44c0 dct:source :PermProvidePseudonymisedData .
+genid:d31b6ae0-cb02-39e0-1fa0-86946b7e44c0 dct:description "Statistical anonymisation safeguard missing for secondary use." .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 a dpv:Risk .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 a risk:UnwantedDisclosureData .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 dct:source :PermProvidePseudonymisedData .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 risk:hasRiskSource genid:d31b6ae0-cb02-39e0-1fa0-86946b7e44c0 .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 dpv:hasConsequence risk:CustomerConfidenceLoss .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 dpv:hasImpact risk:NonMaterialDamage .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 :aboutClause :ClauseH4 .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 :scoreRaw 80 .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 :violatesNeed :Need_StatisticallyAnonymisedSecondaryUse .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 dct:description "Risk: secondary-use dataset is only described as pseudonymised, without a safeguard requiring statistically anonymised data for secondary use. Clause H4: The dataset will be provided in pseudonymised form by removing direct identifiers." .
+:ProcessContext1 dpv:hasRisk genid:315f48bc-4e89-b706-ef07-dc88e29c5050 .
+genid:09f44e28-35fe-53c0-2b73-d8f51a1d4f24 a dpv:RiskMitigationMeasure .
+genid:09f44e28-35fe-53c0-2b73-d8f51a1d4f24 dct:description "Require an EHDS Health Data Request for statistically anonymised data (eu-ehds:HealthDataRequest), and add a constraint that secondary-use data must be statistically anonymised." .
+genid:09f44e28-35fe-53c0-2b73-d8f51a1d4f24 dpv:mitigatesRisk genid:315f48bc-4e89-b706-ef07-dc88e29c5050 .
+genid:09f44e28-35fe-53c0-2b73-d8f51a1d4f24 :suggestAdd {
+    :PermProvidePseudonymisedData odrl:constraint _:sk_2 .
+    _:sk_2 a odrl:Constraint .
+    _:sk_2 odrl:leftOperand :statisticallyAnonymised .
+    _:sk_2 odrl:operator odrl:eq .
+    _:sk_2 odrl:rightOperand true .
+    :ProcessContext1 dpv:hasOrganisationalMeasure eu-ehds:HealthDataRequest .
+} .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 dpv:isMitigatedByMeasure genid:09f44e28-35fe-53c0-2b73-d8f51a1d4f24 .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c :score 100 .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c :score 100 .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 :score 88 .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 :score 80 .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dpv:hasSeverity risk:HighSeverity .
+genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c dpv:hasRiskLevel risk:HighRisk .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c dpv:hasSeverity risk:HighSeverity .
+genid:e8c966b0-9c81-ff94-18b1-21d486bac44c dpv:hasRiskLevel risk:HighRisk .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dpv:hasSeverity risk:HighSeverity .
+genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 dpv:hasRiskLevel risk:HighRisk .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 dpv:hasSeverity risk:HighSeverity .
+genid:315f48bc-4e89-b706-ef07-dc88e29c5050 dpv:hasRiskLevel risk:HighRisk .
+(:AgreementEHDS1 :PatientProfileExample 0) log:outputString "\n=== Ranked DPV Risk Report (EHDS-aligned) ===\nAgreement: EHDS Secondary Use Agreement (example)\nProfile: Example patient profile (EHDS rights expectations)\n\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 900 "H1" 0 genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c) log:outputString "score=100 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause H1\n  Risk: secondary use is permitted without an EHDS Data Permit safeguard. Clause H1: Hospital may provide electronic health data for secondary use based on a bilateral data use agreement with the applicant.\n\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 900 "H2" 0 genid:e8c966b0-9c81-ff94-18b1-21d486bac44c) log:outputString "score=100 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause H2\n  Risk: secondary use may include patients who opted out (EHDS A71). Clause H2: Secondary use may include all patient records for training and evaluating health-related algorithms.\n\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 912 "H3" 0 genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4) log:outputString "score=88 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause H3\n  Risk: the agreement permits local downloads rather than processing within a secure processing environment. Clause H3: The applicant may download a complete local copy of the dataset to its own infrastructure for analysis.\n\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 920 "H4" 0 genid:315f48bc-4e89-b706-ef07-dc88e29c5050) log:outputString "score=80 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause H4\n  Risk: secondary-use dataset is only described as pseudonymised, without a safeguard requiring statistically anonymised data for secondary use. Clause H4: The dataset will be provided in pseudonymised form by removing direct identifiers.\n\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 900 "H1" 1 genid:8b6d63fe-3aba-fc8c-d435-107b8d2d437c genid:89664258-fefa-8d30-6eb9-72e87d93d99c) log:outputString "  - mitigation for clause H1: Require an EHDS Data Permit (eu-ehds:DataPermit) issued by a Health Data Access Body prior to secondary use.\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 900 "H2" 1 genid:e8c966b0-9c81-ff94-18b1-21d486bac44c genid:3679a190-523c-9332-6005-4e14ea5e6e88) log:outputString "  - mitigation for clause H2: Add an explicit safeguard to exclude records of persons who exercised the EHDS opt-out from secondary use (A71).\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 912 "H3" 1 genid:8d3275f0-67e6-28c8-79c4-9e8012d185f4 genid:c516de60-83e5-b4b8-2de8-c5b4edf763b0) log:outputString "  - mitigation for clause H3: Require processing only within a secure processing environment (e.g., eu-dga:SecureProcessingEnvironment), and prohibit local downloads of raw datasets.\n" .
+(:AgreementEHDS1 :PatientProfileExample 1 920 "H4" 1 genid:315f48bc-4e89-b706-ef07-dc88e29c5050 genid:09f44e28-35fe-53c0-2b73-d8f51a1d4f24) log:outputString "  - mitigation for clause H4: Require an EHDS Health Data Request for statistically anonymised data (eu-ehds:HealthDataRequest), and add a constraint that secondary-use data must be statistically anonymised.\n" .

package/examples/output/odrl-dpv-healthcare-risk-ranked.n3 ADDED Viewed

@@ -0,0 +1,117 @@
+@prefix : <https://example.org/odrl-dpv-healthcare-risk-ranked#> .
+@prefix dct: <http://purl.org/dc/terms/> .
+@prefix dpv: <https://w3id.org/dpv#> .
+@prefix genid: <https://eyereasoner.github.io/.well-known/genid/> .
+@prefix log: <http://www.w3.org/2000/10/swap/log#> .
+@prefix odrl: <http://www.w3.org/ns/odrl/2/> .
+@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix risk: <https://w3id.org/dpv/risk#> .
+genid:499c8c88-3ef3-7ae0-932f-c74cf4fb20f4 a risk:RiskSource .
+genid:499c8c88-3ef3-7ae0-932f-c74cf4fb20f4 a risk:LegalComplianceRisk .
+genid:499c8c88-3ef3-7ae0-932f-c74cf4fb20f4 dct:source :PermResearchUse .
+genid:499c8c88-3ef3-7ae0-932f-c74cf4fb20f4 dct:description "Research use permitted without explicit consent constraint." .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 a dpv:Risk .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 a risk:PolicyRisk .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 a risk:CustomerConfidenceLoss .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dct:source :PermResearchUse .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 risk:hasRiskSource genid:499c8c88-3ef3-7ae0-932f-c74cf4fb20f4 .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dpv:hasConsequence risk:CustomerConfidenceLoss .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dpv:hasImpact risk:NonMaterialDamage .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dpv:hasImpact risk:FinancialLoss .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 :aboutClause :ClauseH1 .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 :scoreRaw 120 .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 :violatesNeed :Need_ConsentForResearch .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dct:description "Risk: health/genomic data may be used for research without explicit opt-in consent. Clause H1: Hospital may use EHR and genomic data for internal clinical research and publication." .
+:ProcessContextHC1 dpv:hasRisk genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 .
+genid:d8249b0c-66d8-73a8-c1d0-8c7c5256b338 a dpv:RiskMitigationMeasure .
+genid:d8249b0c-66d8-73a8-c1d0-8c7c5256b338 dct:description "Add an explicit consent constraint for secondary research use." .
+genid:d8249b0c-66d8-73a8-c1d0-8c7c5256b338 dpv:mitigatesRisk genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 .
+genid:d8249b0c-66d8-73a8-c1d0-8c7c5256b338 :suggestAdd {
+    :PermResearchUse odrl:constraint _:sk_0 .
+    _:sk_0 a odrl:Constraint .
+    _:sk_0 odrl:leftOperand :explicitConsent .
+    _:sk_0 odrl:operator odrl:eq .
+    _:sk_0 odrl:rightOperand true .
+} .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dpv:isMitigatedByMeasure genid:d8249b0c-66d8-73a8-c1d0-8c7c5256b338 .
+genid:3c85dd80-8e33-c0fa-8b1c-89f4c16ca4cc a risk:RiskSource .
+genid:3c85dd80-8e33-c0fa-8b1c-89f4c16ca4cc a risk:LegalComplianceRisk .
+genid:3c85dd80-8e33-c0fa-8b1c-89f4c16ca4cc dct:source :PermShareWithPharma .
+genid:3c85dd80-8e33-c0fa-8b1c-89f4c16ca4cc dct:description "External sharing permitted without de-identification/pseudonymisation requirement." .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 a dpv:Risk .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 a risk:UnwantedDisclosureData .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 a risk:ReputationalRisk .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dct:source :PermShareWithPharma .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 risk:hasRiskSource genid:3c85dd80-8e33-c0fa-8b1c-89f4c16ca4cc .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dpv:hasConsequence risk:CustomerConfidenceLoss .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dpv:hasImpact risk:NonMaterialDamage .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dpv:hasImpact risk:FinancialLoss .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dpv:hasImpact risk:Discrimination .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 :aboutClause :ClauseH2 .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 :scoreRaw 125 .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 :violatesNeed :Need_DeIdentifyBeforeSharing .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dct:description "Risk: genomic data may be shared with external pharma partners without a de-identification/pseudonymisation requirement. Clause H2: Hospital may share genomic data with pharmaceutical partners for drug discovery and R&D." .
+:ProcessContextHC1 dpv:hasRisk genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 .
+genid:be734cc0-bf89-eac8-fa57-8bfba350cb64 a dpv:RiskMitigationMeasure .
+genid:be734cc0-bf89-eac8-fa57-8bfba350cb64 dct:description "Require de-identification/pseudonymisation before external sharing of genomic data." .
+genid:be734cc0-bf89-eac8-fa57-8bfba350cb64 dpv:mitigatesRisk genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 .
+genid:be734cc0-bf89-eac8-fa57-8bfba350cb64 :suggestAdd {
+    :PermShareWithPharma odrl:constraint _:sk_1 .
+    _:sk_1 a odrl:Constraint .
+    _:sk_1 odrl:leftOperand :deIdentified .
+    _:sk_1 odrl:operator odrl:eq .
+    _:sk_1 odrl:rightOperand true .
+    :PermShareWithPharma odrl:duty _:sk_2 .
+    _:sk_2 a odrl:Duty .
+    _:sk_2 odrl:action :deIdentify .
+    _:sk_2 odrl:constraint _:sk_3 .
+    _:sk_3 a odrl:Constraint .
+    _:sk_3 odrl:leftOperand :deIdentificationStandard .
+    _:sk_3 odrl:operator odrl:eq .
+    _:sk_3 odrl:rightOperand :StateOfTheArt .
+} .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dpv:isMitigatedByMeasure genid:be734cc0-bf89-eac8-fa57-8bfba350cb64 .
+genid:fc8b3e87-761e-e430-a338-09d827d7d764 a risk:RiskSource .
+genid:fc8b3e87-761e-e430-a338-09d827d7d764 a risk:PolicyRisk .
+genid:fc8b3e87-761e-e430-a338-09d827d7d764 dct:source :PermRetention10y .
+genid:fc8b3e87-761e-e430-a338-09d827d7d764 dct:description "Retention period exceeds patient preference." .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec a dpv:Risk .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec a risk:PolicyRisk .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec a risk:CustomerConfidenceLoss .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec dct:source :PermRetention10y .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec risk:hasRiskSource genid:fc8b3e87-761e-e430-a338-09d827d7d764 .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec dpv:hasConsequence risk:CustomerConfidenceLoss .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec dpv:hasImpact risk:NonMaterialDamage .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec :aboutClause :ClauseH4 .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec :scoreRaw 70 .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec :violatesNeed :Need_RetentionLimit3y .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec dct:description "Risk: retention (3650 days) exceeds patient preference (1095 days). Clause H4: Hospital retains patient health records for 10 years." .
+:ProcessContextHC1 dpv:hasRisk genid:e333f4ec-b543-e01c-ae40-fce8760f4fec .
+genid:4576211e-2495-d7a8-ebb0-5eb4707c9ce4 a dpv:RiskMitigationMeasure .
+genid:4576211e-2495-d7a8-ebb0-5eb4707c9ce4 dct:description "Limit retention to 3 years (or document the legal obligation requiring longer retention)." .
+genid:4576211e-2495-d7a8-ebb0-5eb4707c9ce4 dpv:mitigatesRisk genid:e333f4ec-b543-e01c-ae40-fce8760f4fec .
+genid:4576211e-2495-d7a8-ebb0-5eb4707c9ce4 :suggestAdd {
+    :PermRetention10y odrl:constraint _:sk_4 .
+    _:sk_4 a odrl:Constraint .
+    _:sk_4 odrl:leftOperand :retentionDays .
+    _:sk_4 odrl:operator odrl:lteq .
+    _:sk_4 odrl:rightOperand 1095 .
+} .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec dpv:isMitigatedByMeasure genid:4576211e-2495-d7a8-ebb0-5eb4707c9ce4 .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 :score 100 .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 :score 100 .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec :score 70 .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dpv:hasSeverity risk:HighSeverity .
+genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 dpv:hasRiskLevel risk:HighRisk .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dpv:hasSeverity risk:HighSeverity .
+genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 dpv:hasRiskLevel risk:HighRisk .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec dpv:hasSeverity risk:ModerateSeverity .
+genid:e333f4ec-b543-e01c-ae40-fce8760f4fec dpv:hasRiskLevel risk:ModerateRisk .
+(:AgreementHC1 :PatientExample 0) log:outputString "\n=== Ranked DPV Risk Report (Healthcare & Life Sciences) ===\nAgreement: Example Healthcare & Life-Sciences Data Use Agreement\nProfile: Example patient profile\n\n" .
+(:AgreementHC1 :PatientExample 1 900 "H1" 0 genid:6e6083d0-be14-5284-ce15-b2f04cc273c8) log:outputString "score=100 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause H1\n  Risk: health/genomic data may be used for research without explicit opt-in consent. Clause H1: Hospital may use EHR and genomic data for internal clinical research and publication.\n\n" .
+(:AgreementHC1 :PatientExample 1 900 "H2" 0 genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280) log:outputString "score=100 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause H2\n  Risk: genomic data may be shared with external pharma partners without a de-identification/pseudonymisation requirement. Clause H2: Hospital may share genomic data with pharmaceutical partners for drug discovery and R&D.\n\n" .
+(:AgreementHC1 :PatientExample 1 930 "H4" 0 genid:e333f4ec-b543-e01c-ae40-fce8760f4fec) log:outputString "score=70 (https://w3id.org/dpv/risk#ModerateRisk, https://w3id.org/dpv/risk#ModerateSeverity)  clause H4\n  Risk: retention (3650 days) exceeds patient preference (1095 days). Clause H4: Hospital retains patient health records for 10 years.\n\n" .
+(:AgreementHC1 :PatientExample 1 900 "H1" 1 genid:6e6083d0-be14-5284-ce15-b2f04cc273c8 genid:d8249b0c-66d8-73a8-c1d0-8c7c5256b338) log:outputString "  - mitigation for clause H1: Add an explicit consent constraint for secondary research use.\n" .
+(:AgreementHC1 :PatientExample 1 900 "H2" 1 genid:b9e2eab8-2d4b-c4a4-50ea-6468777be280 genid:be734cc0-bf89-eac8-fa57-8bfba350cb64) log:outputString "  - mitigation for clause H2: Require de-identification/pseudonymisation before external sharing of genomic data.\n" .
+(:AgreementHC1 :PatientExample 1 930 "H4" 1 genid:e333f4ec-b543-e01c-ae40-fce8760f4fec genid:4576211e-2495-d7a8-ebb0-5eb4707c9ce4) log:outputString "  - mitigation for clause H4: Limit retention to 3 years (or document the legal obligation requiring longer retention).\n" .

package/examples/output/odrl-dpv-risk-ranked.n3 CHANGED Viewed

@@ -3,8 +3,10 @@
 @prefix dpv: <https://w3id.org/dpv#> .
 @prefix genid: <https://eyereasoner.github.io/.well-known/genid/> .
 @prefix log: <http://www.w3.org/2000/10/swap/log#> .
+@prefix odrl: <http://www.w3.org/ns/odrl/2/> .
+@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
 @prefix risk: <https://w3id.org/dpv/risk#> .
-@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
+@prefix tosl: <https://example.org/tosl-profile#> .
 genid:1c780f80-9b90-f310-2ce9-2d829e5616d8 a risk:RiskSource .
 genid:1c780f80-9b90-f310-2ce9-2d829e5616d8 a risk:LegalComplianceRisk .
@@ -27,6 +29,26 @@ genid:59bf9d7c-6868-401e-bb47-667826cd85bc :scoreRaw 110 .
 genid:59bf9d7c-6868-401e-bb47-667826cd85bc :violatesNeed :Need_DataCannotBeRemoved .
 genid:59bf9d7c-6868-401e-bb47-667826cd85bc dct:description "Risk: account/data removal is permitted without notice safeguards (no notice constraint and no duty to inform). Clause C1: Provider may remove the user account (and associated data) at its discretion." .
 :ProcessContext1 dpv:hasRisk genid:59bf9d7c-6868-401e-bb47-667826cd85bc .
+genid:f2f8e420-4979-6bb4-9d7a-724cdbeeeef4 a dpv:RiskMitigationMeasure .
+genid:f2f8e420-4979-6bb4-9d7a-724cdbeeeef4 dct:description "Add a notice constraint (minimum noticeDays) before account removal." .
+genid:f2f8e420-4979-6bb4-9d7a-724cdbeeeef4 dpv:mitigatesRisk genid:59bf9d7c-6868-401e-bb47-667826cd85bc .
+genid:f2f8e420-4979-6bb4-9d7a-724cdbeeeef4 :suggestAdd {
+    :PermDeleteAccount odrl:constraint _:sk_0 .
+    _:sk_0 a odrl:Constraint .
+    _:sk_0 odrl:leftOperand tosl:noticeDays .
+    _:sk_0 odrl:operator odrl:gteq .
+    _:sk_0 odrl:rightOperand 14 .
+} .
+genid:4d551ac7-50e7-79bc-bbc6-d35022c24650 a dpv:RiskMitigationMeasure .
+genid:4d551ac7-50e7-79bc-bbc6-d35022c24650 dct:description "Add a duty to inform the consumer prior to account removal." .
+genid:4d551ac7-50e7-79bc-bbc6-d35022c24650 dpv:mitigatesRisk genid:59bf9d7c-6868-401e-bb47-667826cd85bc .
+genid:4d551ac7-50e7-79bc-bbc6-d35022c24650 :suggestAdd {
+    :PermDeleteAccount odrl:duty _:sk_1 .
+    _:sk_1 a odrl:Duty .
+    _:sk_1 odrl:action odrl:inform .
+} .
+genid:59bf9d7c-6868-401e-bb47-667826cd85bc dpv:isMitigatedByMeasure genid:f2f8e420-4979-6bb4-9d7a-724cdbeeeef4 .
+genid:59bf9d7c-6868-401e-bb47-667826cd85bc dpv:isMitigatedByMeasure genid:4d551ac7-50e7-79bc-bbc6-d35022c24650 .
 genid:b00dbc9c-519f-4664-518c-32853c2cfabc a risk:RiskSource .
 genid:b00dbc9c-519f-4664-518c-32853c2cfabc a risk:PolicyRisk .
 genid:b00dbc9c-519f-4664-518c-32853c2cfabc dct:source :PermChangeTerms .
@@ -43,6 +65,20 @@ genid:423c1420-b028-620c-fcd2-78f08f0da0ca :scoreRaw 85 .
 genid:423c1420-b028-620c-fcd2-78f08f0da0ca :violatesNeed :Need_ChangeOnlyWithPriorNotice .
 genid:423c1420-b028-620c-fcd2-78f08f0da0ca dct:description "Risk: terms may change with notice (3 days) below consumer requirement (14 days). Clause C2: Provider may change terms by informing users at least 3 days in advance." .
 :ProcessContext1 dpv:hasRisk genid:423c1420-b028-620c-fcd2-78f08f0da0ca .
+genid:6eda9020-28eb-8740-c9c2-4d0139e1499c a dpv:RiskMitigationMeasure .
+genid:6eda9020-28eb-8740-c9c2-4d0139e1499c dct:description "Increase minimum noticeDays in the inform duty to meet the consumer requirement." .
+genid:6eda9020-28eb-8740-c9c2-4d0139e1499c dpv:mitigatesRisk genid:423c1420-b028-620c-fcd2-78f08f0da0ca .
+genid:6eda9020-28eb-8740-c9c2-4d0139e1499c :suggestAdd {
+    :PermChangeTerms odrl:duty _:sk_2 .
+    _:sk_2 a odrl:Duty .
+    _:sk_2 odrl:action odrl:inform .
+    _:sk_2 odrl:constraint _:sk_3 .
+    _:sk_3 a odrl:Constraint .
+    _:sk_3 odrl:leftOperand tosl:noticeDays .
+    _:sk_3 odrl:operator odrl:gteq .
+    _:sk_3 odrl:rightOperand 14 .
+} .
+genid:423c1420-b028-620c-fcd2-78f08f0da0ca dpv:isMitigatedByMeasure genid:6eda9020-28eb-8740-c9c2-4d0139e1499c .
 genid:e4304204-5fbc-1dc2-cb50-da7597604550 a risk:RiskSource .
 genid:e4304204-5fbc-1dc2-cb50-da7597604550 a risk:PolicyRisk .
 genid:e4304204-5fbc-1dc2-cb50-da7597604550 dct:source :PermShareData .
@@ -60,6 +96,17 @@ genid:dbffbd20-c09d-995c-7973-d378be8f6d4c :scoreRaw 97 .
 genid:dbffbd20-c09d-995c-7973-d378be8f6d4c :violatesNeed :Need_NoSharingWithoutConsent .
 genid:dbffbd20-c09d-995c-7973-d378be8f6d4c dct:description "Risk: user data sharing is permitted without an explicit consent constraint. Clause C3: Provider may share user data with partners for business purposes." .
 :ProcessContext1 dpv:hasRisk genid:dbffbd20-c09d-995c-7973-d378be8f6d4c .
+genid:1beecfb8-c205-dae0-e5f6-2f2aa3dc178c a dpv:RiskMitigationMeasure .
+genid:1beecfb8-c205-dae0-e5f6-2f2aa3dc178c dct:description "Add an explicit consent constraint before data sharing." .
+genid:1beecfb8-c205-dae0-e5f6-2f2aa3dc178c dpv:mitigatesRisk genid:dbffbd20-c09d-995c-7973-d378be8f6d4c .
+genid:1beecfb8-c205-dae0-e5f6-2f2aa3dc178c :suggestAdd {
+    :PermShareData odrl:constraint _:sk_4 .
+    _:sk_4 a odrl:Constraint .
+    _:sk_4 odrl:leftOperand tosl:consent .
+    _:sk_4 odrl:operator odrl:eq .
+    _:sk_4 odrl:rightOperand true .
+} .
+genid:dbffbd20-c09d-995c-7973-d378be8f6d4c dpv:isMitigatedByMeasure genid:1beecfb8-c205-dae0-e5f6-2f2aa3dc178c .
 genid:f83f5ee8-215f-977e-4e89-f9812cda0c04 a risk:RiskSource .
 genid:f83f5ee8-215f-977e-4e89-f9812cda0c04 a risk:PolicyRisk .
 genid:f83f5ee8-215f-977e-4e89-f9812cda0c04 dct:source :ProhibitExportData .
@@ -76,7 +123,19 @@ genid:ee944cc3-a770-063a-274c-98e4f8af162c :scoreRaw 70 .
 genid:ee944cc3-a770-063a-274c-98e4f8af162c :violatesNeed :Need_DataPortability .
 genid:ee944cc3-a770-063a-274c-98e4f8af162c dct:description "Risk: portability is restricted because exporting user data is prohibited. Clause C4: Users are not permitted to export their data." .
 :ProcessContext1 dpv:hasRisk genid:ee944cc3-a770-063a-274c-98e4f8af162c .
-genid:59bf9d7c-6868-401e-bb47-667826cd85bc :score "100"^^xsd:integer .
+genid:0e1f48a8-1550-a59e-0559-5f70ca9b3ac4 a dpv:RiskMitigationMeasure .
+genid:0e1f48a8-1550-a59e-0559-5f70ca9b3ac4 dct:description "Add a permission allowing data export (or remove the prohibition) to support portability." .
+genid:0e1f48a8-1550-a59e-0559-5f70ca9b3ac4 dpv:mitigatesRisk genid:ee944cc3-a770-063a-274c-98e4f8af162c .
+genid:0e1f48a8-1550-a59e-0559-5f70ca9b3ac4 :suggestAdd {
+    :Policy1 odrl:permission _:sk_5 .
+    _:sk_5 a odrl:Permission .
+    _:sk_5 odrl:assigner :Provider .
+    _:sk_5 odrl:assignee :ConsumerExample .
+    _:sk_5 odrl:action tosl:exportData .
+    _:sk_5 odrl:target :UserData .
+} .
+genid:ee944cc3-a770-063a-274c-98e4f8af162c dpv:isMitigatedByMeasure genid:0e1f48a8-1550-a59e-0559-5f70ca9b3ac4 .
+genid:59bf9d7c-6868-401e-bb47-667826cd85bc :score 100 .
 genid:423c1420-b028-620c-fcd2-78f08f0da0ca :score 85 .
 genid:dbffbd20-c09d-995c-7973-d378be8f6d4c :score 97 .
 genid:ee944cc3-a770-063a-274c-98e4f8af162c :score 70 .
@@ -89,7 +148,12 @@ genid:dbffbd20-c09d-995c-7973-d378be8f6d4c dpv:hasRiskLevel risk:HighRisk .
 genid:ee944cc3-a770-063a-274c-98e4f8af162c dpv:hasSeverity risk:ModerateSeverity .
 genid:ee944cc3-a770-063a-274c-98e4f8af162c dpv:hasRiskLevel risk:ModerateRisk .
 (:Agreement1 :ConsumerExample 0) log:outputString "\n=== Ranked DPV Risk Report ===\nAgreement: Example Agreement\nProfile: Example consumer profile\n\n" .
-(:Agreement1 :ConsumerExample 1 900 genid:59bf9d7c-6868-401e-bb47-667826cd85bc) log:outputString "score=100 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause C1\n  Risk: account/data removal is permitted without notice safeguards (no notice constraint and no duty to inform). Clause C1: Provider may remove the user account (and associated data) at its discretion.\n\n" .
-(:Agreement1 :ConsumerExample 1 915 genid:423c1420-b028-620c-fcd2-78f08f0da0ca) log:outputString "score=85 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause C2\n  Risk: terms may change with notice (3 days) below consumer requirement (14 days). Clause C2: Provider may change terms by informing users at least 3 days in advance.\n\n" .
-(:Agreement1 :ConsumerExample 1 903 genid:dbffbd20-c09d-995c-7973-d378be8f6d4c) log:outputString "score=97 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause C3\n  Risk: user data sharing is permitted without an explicit consent constraint. Clause C3: Provider may share user data with partners for business purposes.\n\n" .
-(:Agreement1 :ConsumerExample 1 930 genid:ee944cc3-a770-063a-274c-98e4f8af162c) log:outputString "score=70 (https://w3id.org/dpv/risk#ModerateRisk, https://w3id.org/dpv/risk#ModerateSeverity)  clause C4\n  Risk: portability is restricted because exporting user data is prohibited. Clause C4: Users are not permitted to export their data.\n\n" .
+(:Agreement1 :ConsumerExample 1 900 "C1" 0 genid:59bf9d7c-6868-401e-bb47-667826cd85bc) log:outputString "score=100 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause C1\n  Risk: account/data removal is permitted without notice safeguards (no notice constraint and no duty to inform). Clause C1: Provider may remove the user account (and associated data) at its discretion.\n\n" .
+(:Agreement1 :ConsumerExample 1 915 "C2" 0 genid:423c1420-b028-620c-fcd2-78f08f0da0ca) log:outputString "score=85 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause C2\n  Risk: terms may change with notice (3 days) below consumer requirement (14 days). Clause C2: Provider may change terms by informing users at least 3 days in advance.\n\n" .
+(:Agreement1 :ConsumerExample 1 903 "C3" 0 genid:dbffbd20-c09d-995c-7973-d378be8f6d4c) log:outputString "score=97 (https://w3id.org/dpv/risk#HighRisk, https://w3id.org/dpv/risk#HighSeverity)  clause C3\n  Risk: user data sharing is permitted without an explicit consent constraint. Clause C3: Provider may share user data with partners for business purposes.\n\n" .
+(:Agreement1 :ConsumerExample 1 930 "C4" 0 genid:ee944cc3-a770-063a-274c-98e4f8af162c) log:outputString "score=70 (https://w3id.org/dpv/risk#ModerateRisk, https://w3id.org/dpv/risk#ModerateSeverity)  clause C4\n  Risk: portability is restricted because exporting user data is prohibited. Clause C4: Users are not permitted to export their data.\n\n" .
+(:Agreement1 :ConsumerExample 1 900 "C1" 1 genid:59bf9d7c-6868-401e-bb47-667826cd85bc genid:f2f8e420-4979-6bb4-9d7a-724cdbeeeef4) log:outputString "  - mitigation for clause C1: Add a notice constraint (minimum noticeDays) before account removal.\n" .
+(:Agreement1 :ConsumerExample 1 900 "C1" 1 genid:59bf9d7c-6868-401e-bb47-667826cd85bc genid:4d551ac7-50e7-79bc-bbc6-d35022c24650) log:outputString "  - mitigation for clause C1: Add a duty to inform the consumer prior to account removal.\n" .
+(:Agreement1 :ConsumerExample 1 915 "C2" 1 genid:423c1420-b028-620c-fcd2-78f08f0da0ca genid:6eda9020-28eb-8740-c9c2-4d0139e1499c) log:outputString "  - mitigation for clause C2: Increase minimum noticeDays in the inform duty to meet the consumer requirement.\n" .
+(:Agreement1 :ConsumerExample 1 903 "C3" 1 genid:dbffbd20-c09d-995c-7973-d378be8f6d4c genid:1beecfb8-c205-dae0-e5f6-2f2aa3dc178c) log:outputString "  - mitigation for clause C3: Add an explicit consent constraint before data sharing.\n" .
+(:Agreement1 :ConsumerExample 1 930 "C4" 1 genid:ee944cc3-a770-063a-274c-98e4f8af162c genid:0e1f48a8-1550-a59e-0559-5f70ca9b3ac4) log:outputString "  - mitigation for clause C4: Add a permission allowing data export (or remove the prohibition) to support portability.\n" .

package/examples/output/wind-turbine.n3 ADDED Viewed

@@ -0,0 +1,6 @@
+@prefix : <http://example.org/> .
+:turbine1 :hasAnomaly :highVibration .
+:turbine1 :hasAnomaly :highTemperature .
+:turbine1 :requires :urgentInspection .
+:turbine1 :requires :gearboxMaintenance .

package/examples/reifies.n3 CHANGED Viewed

@@ -1,8 +1,7 @@
-@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
 @prefix : <http://www.example.org/> .
 @prefix log: <http://www.w3.org/2000/10/swap/log#> .
-_:b rdf:reifies { :Socrates a :Human . } .
+_:b log:nameOf { :Socrates a :Human . } .
 _:b :is true .
 :employee38 :familyName "Smith" .
 _:id log:nameOf { :employee38 :jobTitle "Assistant Designer" . } .

package/examples/triple-term.n3 CHANGED Viewed

@@ -1,7 +1,7 @@
 @prefix : <http://www.example.org/> .
-@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
-@prefix skolem: <https://eyereasoner.github.io/.well-known/genid/f327f7b5-4499-5c8b-9520-eab7551cbf00#> .
+@prefix skolem: <https://eyereasoner.github.io/.well-known/genid/3ce038d5-ea5f-5c1e-8635-dcdabec19d5f#> .
+@prefix log: <http://www.w3.org/2000/10/swap/log#> .
 skolem:e38 :familyName "Smith" .
-_:anno rdf:reifies { skolem:e38 :jobTitle "Designer" . } .
+_:anno log:nameOf { skolem:e38 :jobTitle "Designer" . } .
 _:anno :accordingTo _:e22 .

package/examples/wind-turbine.n3 ADDED Viewed

@@ -0,0 +1,63 @@
+@prefix : <http://example.org/> .
+@prefix math: <http://www.w3.org/2000/10/swap/math#> .
+@prefix log: <http://www.w3.org/2000/10/swap/log#> .
+@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
+# --- Sensor Data ---
+:turbine1 :vibration "0.42"^^xsd:decimal.
+:turbine1 :temperature "78"^^xsd:decimal.
+:turbine1 :rpm "1650"^^xsd:decimal.
+:turbine1 :gearboxStatus :degraded.
+# --- Threshold Values ---
+:highVibrationThreshold :value "0.35"^^xsd:decimal.
+:highTemperatureThreshold :value "75"^^xsd:decimal.
+:criticalRPM :value "1800"^^xsd:decimal.
+# --- Rule: Vibration Anomaly ---
+{
+  ?T :vibration ?V.
+  :highVibrationThreshold :value ?VT.
+  ?V math:greaterThan ?VT.
+} => {
+  ?T :hasAnomaly :highVibration.
+}.
+# --- Rule: Temperature Anomaly ---
+{
+  ?T :temperature ?Temp.
+  :highTemperatureThreshold :value ?TT.
+  ?Temp math:greaterThan ?TT.
+} => {
+  ?T :hasAnomaly :highTemperature.
+}.
+# --- Rule: Combined Anomalies Trigger Urgent Inspection ---
+{
+  ?T :hasAnomaly :highVibration.
+  ?T :hasAnomaly :highTemperature.
+} => {
+  ?T :requires :urgentInspection.
+}.
+# --- Rule: Gearbox Status Triggers Maintenance ---
+{
+  ?T :gearboxStatus :degraded.
+} => {
+  ?T :requires :gearboxMaintenance.
+}.
+# --- Query: Detected Anomalies ---
+{
+  ?T :hasAnomaly ?Anomaly.
+} log:query {
+  ?T :hasAnomaly ?Anomaly.
+}.
+# --- Query: Required Actions ---
+{
+  ?T :requires ?Action.
+} log:query {
+  ?T :requires ?Action.
+}.

package/eyeling.js CHANGED Viewed

@@ -3834,7 +3834,10 @@ function main() {
   // Named list nodes keep identity; list:* builtins can traverse them.
   engine.materializeRdfLists(triples, frules.concat(qrules || []), brules);
-  const facts = triples.filter((tr) => engine.isGroundTriple(tr));
+  // Keep non-ground top-level facts too (e.g., universally quantified N3 vars)
+  // so they can participate in rule matching. Derived/output facts remain
+  // ground-gated in the engine.
+  const facts = triples.slice();
   // If requested, print log:outputString values (ordered by subject key) and exit.
   // Note: log:outputString values may depend on derived facts, so we must saturate first.
@@ -7103,7 +7106,9 @@ function reasonStream(n3Text, opts = {}) {
   materializeRdfLists(triples, frules.concat(logQueryRules || []), brules);
   // facts becomes the saturated closure because pushFactIndexed(...) appends into it
-  const facts = triples.filter((tr) => isGroundTriple(tr));
+  // Keep non-ground top-level facts (e.g., universally-quantified N3 variables)
+  // so they can participate in rule matching. Derived/output facts remain ground-gated elsewhere.
+  const facts = triples.slice();
   let derived = [];
   let queryTriples = [];

package/lib/cli.js CHANGED Viewed

@@ -173,7 +173,10 @@ function main() {
   // Named list nodes keep identity; list:* builtins can traverse them.
   engine.materializeRdfLists(triples, frules.concat(qrules || []), brules);
-  const facts = triples.filter((tr) => engine.isGroundTriple(tr));
+  // Keep non-ground top-level facts too (e.g., universally quantified N3 vars)
+  // so they can participate in rule matching. Derived/output facts remain
+  // ground-gated in the engine.
+  const facts = triples.slice();
   // If requested, print log:outputString values (ordered by subject key) and exit.
   // Note: log:outputString values may depend on derived facts, so we must saturate first.

package/lib/engine.js CHANGED Viewed

@@ -2637,7 +2637,9 @@ function reasonStream(n3Text, opts = {}) {
   materializeRdfLists(triples, frules.concat(logQueryRules || []), brules);
   // facts becomes the saturated closure because pushFactIndexed(...) appends into it
-  const facts = triples.filter((tr) => isGroundTriple(tr));
+  // Keep non-ground top-level facts (e.g., universally-quantified N3 variables)
+  // so they can participate in rule matching. Derived/output facts remain ground-gated elsewhere.
+  const facts = triples.slice();
   let derived = [];
   let queryTriples = [];

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "eyeling",
-  "version": "1.13.2",
+  "version": "1.13.4",
   "description": "A minimal Notation3 (N3) reasoner in JavaScript.",
   "main": "./index.js",
   "keywords": [

package/test/api.test.js CHANGED Viewed

@@ -1012,6 +1012,17 @@ ex:w a ex:Woman .
       /(?:ex:w|<http:\/\/example\.org\/ns#w>)\s+(?:rdfs:label|<http:\/\/www\.w3\.org\/2000\/01\/rdf-schema#label>)\s+"human being"\s*\./,
     ],
   },
+  {
+    name: '58 regression: top-level variable fact can satisfy a ground forward-rule premise',
+    opt: { proofComments: false },
+    input: `@prefix : <http://example.org/#>.
+?X :p :o.
+{ :s :p :o } => { :test :is true }.
+`,
+    expect: [/:(?:test)\s+:(?:is)\s+true\s*\./],
+  },
 ];
 let passed = 0;