Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/go-bdd/gobdd
This is a BDD testing framework. Uses gherkin for the test's syntax. From version 1.0, the API is stable.
There is godog library for BDD tests in Go. I found this library useful but it runs as an external application which compiles our code. It has several disadvantages:
Add the package to your project:
go get github.com/go-bdd/gobdd
Inside features
folder create your scenarios. Here is an example:
Feature: math operations
Scenario: add two digits
When I add 1 and 2
Then I the result should equal 3
Add a new test main_test.go
:
func add(t gobdd.StepTest, ctx gobdd.Context, var1, var2 int) {
res := var1 + var2
ctx.Set("sumRes", res)
}
func check(t gobdd.StepTest, ctx gobdd.Context, sum int) {
received, err := ctx.GetInt("sumRes")
if err != nil {
t.Error(err)
return
}
if sum != received {
t.Error(errors.New("the math does not work for you"))
}
}
func TestScenarios(t *testing.T) {
suite := NewSuite(t)
suite.AddStep(`I add (\d+) and (\d+)`, add)
suite.AddStep(`I the result should equal (\d+)`, check)
suite.Run()
}
and run tests
go test ./...
More detailed documentation can be found on the docs page: https://go-bdd.github.io/gobdd/. A sample application is available in a separate repository.
All contributions are very much welcome. If you'd like to help with GoBDD development, please see open issues and submit your pull request via GitHub.
If you didn't find the answer to your question in the documentation, feel free to ask us directly!
Please join us on the #gobdd-library
channel on the Gophers slack: You can get an invite here.
You can find updates about the progress on Twitter: GoBdd.
You can support my work using issuehunt or by buying me a coffee.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.