Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@aredridel/best6
Advanced tools
Best is a bare test runner. It looks for test sources, finds exported functions, and runs them - without requiring any imports or exposing any globals.
All functions are awaited upon, but run in series.
Best can be installed with either yarn or npm.
$ yarn add --dev @zeit/best
$ npm install --save-dev @zeit/best
best
A dead simple test runner.
- Export your functions and they're evaluated
- Function names become test names
- Exported functions are awaited upon
USAGE
best --help
best [-I /dir/or/file [-I ...]] [-T] [test_name...]
test_names's correspond to the name of the exported functions within test sources,
and are prefixed with the path of the source file (sans extension) in which it was defined.
For example, the following test function inside test/foo.js:
exports.my_example_test = async () => {
assert(foo === bar);
};
would translate to the test_name:
test/foo/my_example_test
Specify one or more (optional) test_name's to only run certain tests (or prefix
with - to skip the named test).
OPTIONS
--help Shows this help message
-v, --verbose Shows more verbose test results
-I, --include /dir/or/file Uses one or more directories/files as test sources.
Defaults to ./test/**/*.js if no include directives
are specified
-r, --require module-name Imports a module or a script prior to running tests
To use with Typescript, install ts-node
and esm
and register them.
$ npm install --save-dev ts-node esm
$ best -r esm -r ts-node
NOTE:
esm
must come beforets-node
!
Best is copyright © 2018-2019 by ZEIT, Inc. and released under the MIT License.
FAQs
Bare testing framework (ESM)
The npm package @aredridel/best6 receives a total of 5 weekly downloads. As such, @aredridel/best6 popularity was classified as not popular.
We found that @aredridel/best6 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.