You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

github.com/korya/http-assert

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/korya/http-assert

v0.0.6
Source
Go
Version published
Created
Source

http-assert Github Actions Go Reference

A command-line tool for performing HTTP requests and asserting properties of the response. This tool is designed for testing HTTP endpoints, health checks, monitoring, and CI/CD pipelines.

Purpose

http-assert combines the functionality of making HTTP requests with the ability to validate responses against multiple criteria. It's particularly useful for:

  • Health checks and monitoring: Verify that your APIs are returning expected responses
  • CI/CD pipelines: Validate deployed services before proceeding with deployment
  • Integration testing: Test HTTP endpoints with various assertion conditions
  • Load balancer testing: Use host mapping to test different backend servers
  • SSL/TLS validation: Test secure endpoints with certificate validation options

Installation

From Source

go install github.com/korya/http-assert@latest

Build from Repository

git clone https://github.com/korya/http-assert.git
cd http-assert
go build -o http-assert .

Usage

Basic Syntax

http-assert [flags] <URL>

Request Options

FlagShortDescription
--request-XHTTP method (default: GET)
--data-dRequest body data
--header-HSet request headers (can be used multiple times)
--max-time-mRequest timeout in seconds (default: 20)
--insecure-kSkip SSL certificate verification
--maphostMap hostname:port to different destination

Assertion Options

FlagDescription
--assert-okAssert 2xx status code
--assert-statusAssert specific status code
--assert-headerAssert header matches regex pattern
--assert-header-eqAssert header equals exact value
--assert-header-missingAssert header is not present
--assert-bodyAssert body matches regex pattern
--assert-body-eqAssert body equals exact value
--assert-body-emptyAssert body is empty
--assert-redirectAssert redirect location matches regex
--assert-redirect-eqAssert redirect location equals exact value

Logging Options

FlagShortDescription
--verbose-vEnable verbose logging
--silent-sOnly log errors
--log-levelSet log level (debug, info, warn, error)

Examples

Basic Health Check

# Simple health check - assert 200 OK
http-assert --assert-ok https://api.example.com/health

POST Request with JSON Body

# POST with JSON data and assert specific status
http-assert -X POST \
  -H "Content-Type: application/json" \
  -d '{"username":"test","password":"secret"}' \
  --assert-status 201 \
  https://api.example.com/login

Multiple Assertions

# Multiple assertions on the same request
http-assert \
  --assert-ok \
  --assert-header-eq "Content-Type: application/json" \
  --assert-body "\"status\":\"success\"" \
  https://api.example.com/status

Header Validation

# Assert specific headers are present and have expected values
http-assert \
  --assert-header-eq "X-API-Version: v1" \
  --assert-header-missing "X-Debug-Info" \
  --assert-header "Cache-Control: max-age=\d+" \
  https://api.example.com/data

SSL and Security Testing

# Test with SSL verification disabled
http-assert --insecure --assert-ok https://self-signed.example.com

# Test with custom timeout
http-assert --max-time 5 --assert-ok https://slow-api.example.com

Host Mapping for Load Balancer Testing

# Map requests to specific backend servers
http-assert \
  --maphost "api.example.com:443=backend1.internal:8443" \
  --assert-ok \
  https://api.example.com/health

# Test multiple backends
http-assert \
  --maphost "*:80=192.168.1.10" \
  --assert-status 200 \
  http://loadbalancer.example.com

Redirect Testing

# Assert redirect to specific URL
http-assert \
  --assert-redirect-eq "https://new-domain.com/path" \
  https://old-domain.com/path

# Assert redirect matches pattern
http-assert \
  --assert-redirect "https://.*\.example\.com/.*" \
  https://redirect.example.com

# Note: URLs with query parameters should be quoted to avoid shell interpretation
http-assert \
  --assert-redirect-eq "https://example.com/target" \
  "https://example.com/redirect?url=https://example.com/target"

Body Content Validation

# Assert exact body content
http-assert \
  --assert-body-eq "OK" \
  https://api.example.com/ping

# Assert body matches regex pattern
http-assert \
  --assert-body "\"users\":\s*\[\]" \
  https://api.example.com/users

# Assert empty response body
http-assert \
  --assert-body-empty \
  https://api.example.com/delete-resource

Environment Variables

You can also configure the tool using environment variables with the HTTP_ASSERT_ prefix:

export HTTP_ASSERT_VERBOSE=true
export HTTP_ASSERT_MAX_TIME=30
export HTTP_ASSERT_INSECURE=true

http-assert --assert-ok https://api.example.com

Exit Codes

  • 0: All assertions passed
  • 93: Failed to perform HTTP request or assertions failed
  • 103: Invalid command line arguments or other errors

Use Cases

CI/CD Pipeline Integration

#!/bin/bash
# Deploy and validate service
deploy-service.sh

# Wait for service to be ready
sleep 10

# Validate deployment
http-assert \
  --max-time 30 \
  --assert-ok \
  --assert-header-eq "X-Service-Version: $EXPECTED_VERSION" \
  https://api.example.com/health

if [ $? -eq 0 ]; then
  echo "Deployment validation passed"
else
  echo "Deployment validation failed"
  exit 1
fi

Monitoring Script

#!/bin/bash
# Simple monitoring script
ENDPOINTS=(
  "https://api.example.com/health"
  "https://db.example.com/ping"
  "https://cache.example.com/status"
)

for endpoint in "${ENDPOINTS[@]}"; do
  if http-assert --silent --assert-ok "$endpoint"; then
    echo "✓ $endpoint"
  else
    echo "✗ $endpoint"
  fi
done

Load Balancer Health Check

# Test all backend servers through load balancer
BACKENDS=("backend1.internal" "backend2.internal" "backend3.internal")

for backend in "${BACKENDS[@]}"; do
  echo "Testing $backend..."
  http-assert \
    --maphost "api.example.com:443=$backend:8443" \
    --assert-ok \
    --assert-header "X-Backend-Server: $backend" \
    https://api.example.com/health
done

FAQs

Package last updated on 01 Jul 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Socket MCP for Claude Desktop

Product

Introducing Socket MCP for Claude Desktop

Add secure dependency scanning to Claude Desktop with Socket MCP, a one-click extension that keeps your coding conversations safe from malicious packages.

By Alexandros Kapravelos  -  Jul 29, 2025
Introducing Scala and Kotlin Support in Socket

Product

Introducing Scala and Kotlin Support in Socket

Socket now supports Scala and Kotlin, bringing AI-powered threat detection to JVM projects with easy manifest generation and fast, accurate scans.

By Peter van der Zee, Eli Insua  -  Jul 28, 2025
AI + a16z Podcast: Vibe Coding, Security Risks, and the Path to Progress

Application Security

/

Security News

AI + a16z Podcast: Vibe Coding, Security Risks, and the Path to Progress

Socket CEO Feross Aboukhadijeh and a16z partner Joel de la Garza discuss vibe coding, AI-driven software development, and how the rise of LLMs, despite their risks, still points toward a more secure and innovative future.

By Sarah Gooding  -  Jul 25, 2025