Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
github.com/Eun/go-hit
hit is an http integration test framework written in golang.
It is designed to be flexible as possible, but to keep a simple to use interface for developers.
So lets get started!
go get -u github.com/Eun/go-hit
package main
import (
"net/http"
. "github.com/Eun/go-hit"
)
func main() {
MustDo(
Description("Post to httpbin.org"),
Get("https://httpbin.org/post"),
Expect().Status().Equal(http.StatusMethodNotAllowed),
Expect().Body().String().Contains("Method Not Allowed"),
)
}
Or use the Test()
function:
package main_test
import (
"testing"
"net/http"
. "github.com/Eun/go-hit"
)
func TestHttpBin(t *testing.T) {
Test(t,
Description("Post to httpbin.org"),
Get("https://httpbin.org/post"),
Expect().Status().Equal(http.StatusMethodNotAllowed),
Expect().Body().String().Contains("Method Not Allowed"),
)
}
MustDo(
Get("https://httpbin.org/post"),
Expect().Status().Equal(http.StatusMethodNotAllowed),
Expect().Headers("Content-Type").NotEmpty(),
Expect().Body().String().Contains("Method Not Allowed"),
)
MustDo(
Post("https://httpbin.org/post"),
Send().Body().String("Hello HttpBin"),
Expect().Status().Equal(http.StatusOK),
Expect().Body().String().Contains("Hello HttpBin"),
)
MustDo(
Post("https://httpbin.org/post"),
Send().Headers("Content-Type").Add("application/json"),
Send().Body().JSON(map[string][]string{"Foo": []string{"Bar", "Baz"}}),
Expect().Status().Equal(http.StatusOK),
Expect().Body().JSON().JQ(".json.Foo[1]").Equal("Baz"),
)
var name string
var roles []string
MustDo(
Post("https://httpbin.org/post"),
Send().Headers("Content-Type").Add("application/json"),
Send().Body().JSON(map[string]interface{}{"Name": "Joe", "Roles": []string{"Admin", "Developer"}}),
Expect().Status().Equal(http.StatusOK),
Store().Response().Body().JSON().JQ(".json.Name").In(&name),
Store().Response().Body().JSON().JQ(".json.Roles").In(&roles),
)
fmt.Printf("%s has %d roles\n", name, len(roles))
Debug
!MustDo(
Post("https://httpbin.org/post"),
Debug(),
Debug().Response().Body(),
)
It is possible to handle errors in a custom way.
func login(username, password string) error {
err := Do(
Get("https://httpbin.org/basic-auth/joe/secret"),
Send().Headers("Authorization").Add("Basic " + base64.StdEncoding.EncodeToString([]byte(username + ":" + password))),
Expect().Status().Equal(http.StatusOK),
)
var hitError *Error
if errors.As(err, &hitError) {
if hitError.FailingStepIs(Expect().Status().Equal(http.StatusOK)) {
return errors.New("login failed")
}
}
return err
}
MustDo(
Request().Method(http.MethodPost),
Request().URL().Scheme("https"),
Request().URL().Host("httpbin.org"),
Request().URL().Path("/post"),
Request().URL().Query("page").Add(1),
Expect().Status().Equal(200),
Send().Body().String("Hello World"),
Expect().Body().String().Contains("Hello"),
)
Although the following is hard to read it is possible to do!
MustDo(
Post("https://httpbin.org/post"),
Expect().Status().Equal(200),
Send().Body().String("Hello World"),
Expect().Body().String().Contains("Hello"),
)
MustDo(
Get("https://httpbin.org/get"),
Send().Custom(func(hit Hit) error {
hit.Request().Body().SetStringf("Hello %s", "World")
return nil
}),
Expect().Custom(func(hit Hit) error {
if len(hit.Response().Body().MustString()) <= 0 {
return errors.New("expected the body to be not empty")
}
return nil
}),
Custom(AfterExpectStep, func(Hit) error {
fmt.Println("everything done")
return nil
}),
)
template := CombineSteps(
Post("https://httpbin.org/post"),
Send().Headers("Content-Type").Add("application/json"),
Expect().Headers("Content-Type").Equal("application/json"),
)
MustDo(
template,
Send().Body().JSON("Hello World"),
)
MustDo(
template,
Send().Body().JSON("Hello Universe"),
)
Sometimes it is necessary to remove some steps that were added before.
template := CombineSteps(
Get("https://httpbin.org/basic-auth/joe/secret"),
Expect().Status().Equal(http.StatusOK),
)
MustDo(
Description("login with correct credentials"),
template,
Send().Headers("Authorization").Add("Basic " + base64.StdEncoding.EncodeToString([]byte("joe:secret"))),
)
Test(t,
Description("login with incorrect credentials"),
template,
Clear().Expect().Status(),
Expect().Status().Equal(http.StatusUnauthorized),
Send().Headers("Authorization").Add("Basic " + base64.StdEncoding.EncodeToString([]byte("joe:joe"))),
)
More examples can be found in the examples directory
Store()
functionalityClear()
pathsJQ()
functionalityREADME.md
and documentation partsCombineSteps
(#3)Clear
functionality, you can now clear any previous step by prepending Clear()
,
eg.
Do(
Get("https://example.com"),
Expect().Body("Hello World"),
Clear().Expect(), // remove all previous Expect() steps
// Clear().Expect().Body("Hello World"), // remove only the Expect().Body("Hello World") step
)
// also works for CombineSteps
Do(
Post("https://example.com"),
CombineSteps(
Send().Body().String("Hello World"),
Expect().Body("Hello World"),
),
Clear().Expect(),
)
Expect().Header()
use, no more Expect().Headers()
,
everything can now be done in the Expect().Header()
function.hit.Do
and hit.MustDo
for inline steps.hit.Do
and hit.MustDo
)
Do(
Get("https://example.com"),
Expect().Custon(func (hit Hit) {
// Expect("Hello World") is invalid now
// you must use MustDo() or Do()
hit.MustDo(
Expect("Hello World"),
)
}),
)
hit.InsertSteps
to insert steps during runtimeFAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.