Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@asaayers/redux-saga-tester
Advanced tools
Expect every 0.x release to break the API. Nothing is settled.
I am releasing this under my namespace because 3LOK already has a
redux-saga-tester
. When the API settles and I want to
release a 1.0.0, I'd like to have a different
name.
For this example I created a toy saga based on 3LOK's comment.
function* addSaga() {
const a = yield select(selectA)
const b = yield select(selectB)
const total = yield call(sum, a, b)
yield put({
type: "RESULT",
payload: total
})
}
I want to verify that this saga uses sum()
to add store.a
and store.b
and
updates store.result
with the total. By default the tester doesn't tell you
about yield select
or yield put
. they happen automatically.
import { addSaga, sum, reducer, selectResult, selectA, selectB } from "./add-saga.js"
test("add-saga", () => {
const tester = SagaTester({
initialState: {
a: 2,
b: 3,
},
reducer,
})
tester.testAgainst(addSaga, function* ({ getState }) {
let actual
// yield gives you the next effect from your saga that you want to test.
// This didn't care about the selectors, they execute normally.
actual = yield
expect(actual).toEqual(call(sum, 2, 3))
const callSumResult = 5
// You need to yield a result back to the saga to continue and pick up
// the next significant effect.
actual = yield callSumResult
// END is a special value automatically emitted when/if your saga ends
expect(actual).toBe(END)
// Instead of verifying the action was fired, now verify the state.
actual = selectResult(getState())
expect(actual).toBe(callSumResult)
})
})
This test and some other variations are available in
src/tests/add-saga.test.js
.
FAQs
Test your sagas by intercepting effects
We found that @asaayers/redux-saga-tester demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.