Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/jstemmer/go-junit-report/v2
go-junit-report is a tool that converts go test
output to a JUnit compatible
XML report, suitable for use with applications such as Jenkins.
Pre-built packages for Windows, macOS and Linux are found on the Releases page.
Download and install the latest stable version from source by running:
go install github.com/jstemmer/go-junit-report/v2@latest
By default, go-junit-report reads go test -v
output generated by the standard
library testing package from stdin
and writes a JUnit XML report to
stdout
.
Go build and runtime errors are also supported, but this requires that stderr
is redirected to go-junit-report as well.
Typical use looks like this:
go test -v 2>&1 ./... | go-junit-report -set-exit-code > report.xml
JSON produced by go test -json
is supported by the gojson
parser. Note that
stderr
still needs to be redirected to go-junit-report in order for build
errors to be detected. For example:
go test -json 2>&1 | go-junit-report -parser gojson > report.xml
Go benchmark output is also supported. The following example runs benchmarks for
the package in the current directory and uses the -out
flag to write the
output to a file called report.xml
.
go test -v -bench . -count 5 2>&1 | go-junit-report -out report.xml
The -iocopy
flag copies stdin
directly to stdout
, which is helpful if you
want to see what was sent to go-junit-report. The following example reads test
input from a file called tests.txt
, copies the input to stdout
and writes
the output to a file called report.xml
.
go-junit-report -in tests.txt -iocopy -out report.xml
Run go-junit-report -help
for a list of all supported flags.
Flag | Description |
---|---|
-in file | read go test log from file |
-iocopy | copy input to stdout; can only be used in conjunction with -out |
-no-xml-header | do not print xml header |
-out file | write XML report to file |
-package-name name | specify a default package name to use if output does not contain a package name |
-parser parser | specify the parser to use, available parsers are: gotest (default), gojson |
-p key=value | add property to generated report; properties should be specified as key=value |
-set-exit-code | set exit code to 1 if tests failed |
-subtest-mode | set subtest mode , modes are: ignore-parent-results , exclude-parents |
-version | print version and exit |
The test output parser and JUnit XML report generator are also available as Go
packages. This can be helpful if you want to use the go test
output parser or
create your own custom JUnit reports for example. See the package documentation
on pkg.go.dev for more information:
_test
suffix.-race
flag in go test
.=== NAME
lines introduced in Go1.20testsuite
.Testsuites.WriteXML
convenience method.go test -json
output.-subtest-mode
flag to exclude or ignore results of subtest parent tests.-in
and -out
flags for specifying input and output files respectively.-iocopy
flag to copy stdin directly to stdout.-prop
flags to set key/value properties in generated report.-parser
flag to switch between regular go test
(default) and go test -json
parsing.<![CDATA[]]>
tags for improved readability.hostname
, timestamp
and id
attributes to JUnit XML.formatter
and parser
packages have been replaced with junit
and parser/gotest
packages respectively.-go-version
flag.See CONTRIBUTING.md.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.