Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@clerk/testing
Advanced tools
Utilities to help you create E2E test suites for apps using Clerk
This package provides utilities for testing Clerk applications.
It currently supports the following testing frameworks:
>=18.17.0
or laternpm install @clerk/testing --save-dev
Firstly, add your Clerk keys (CLERK_PUBLISHABLE_KEY
and CLERK_SECRET_KEY
) to your environment variables file (e.g. .env.local
or .env.
).
You can find these keys in your Clerk Dashboard.
All Playwright related utilities are exported from @clerk/testing/playwright
. Make sure that your import paths are correct!
In your global setup file for Playwright, you must use the clerkSetup
function to set up Clerk for your tests.
// global-setup.ts
import { clerkSetup } from '@clerk/testing/playwright';
import { test as setup } from '@playwright/test';
setup('global setup', async ({ }) => {
await clerkSetup();
...
});
Then, you can use the setupClerkTestingToken
function to bypass bot protection in your tests.
// my-test.spec.ts
import { setupClerkTestingToken } from "@clerk/testing/playwright";
import { test } from "@playwright/test";
test("sign up", async ({ page }) => {
await setupClerkTestingToken({ page });
await page.goto("/sign-up");
...
});
⚠️ Please note: Support for Cypress is still experimental. Be aware that there are limitations and potential issues at this stage. Please open an issue with a minimal reproduction so that these issues can be fixed. Thanks!
Firstly, add your Clerk keys (CLERK_PUBLISHABLE_KEY
and CLERK_SECRET_KEY
) to your environment variables file (e.g. .env.local
or .env.
).
You can find these keys in your Clerk Dashboard.
All Cypress related utilities are exported from @clerk/testing/cypress
. Make sure that your import paths are correct!
In your cypress.config.ts
, you must use the clerkSetup
function to set up Clerk for your tests.
Keep in mind that you must pass the Cypress config
object to the clerkSetup
function and also return the new config object from the setupNodeEvents
function.
// cypress.config.ts
import { clerkSetup } from '@clerk/testing/cypress';
import { defineConfig } from 'cypress';
export default defineConfig({
e2e: {
setupNodeEvents(on, config) {
return clerkSetup({ config });
},
baseUrl: 'http://localhost:3000', // your app's URL
},
});
Then, you can use the setupClerkTestingToken
function to bypass bot protection in your tests.
// cypress/e2e/app.cy.ts
import { setupClerkTestingToken } from "@clerk/testing/cypress";
it("sign up", () => {
setupClerkTestingToken();
cy.visit('/sign-up');
...
});
You can get in touch with us in any of the following ways:
We're open to all community contributions! If you'd like to contribute in any way, please read our contribution guidelines.
@clerk/testing
follows good practices of security, but 100% security cannot be assured.
@clerk/testing
is provided "as is" without any warranty. Use at your own risk.
For more information and to report security issues, please refer to our security documentation.
This project is licensed under the MIT license.
See LICENSE for more information.
FAQs
Utilities to help you create E2E test suites for apps using Clerk
We found that @clerk/testing demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.