Security News
/Research
node-ipc npm Package Compromised in Supply Chain Attack
Socket detected malicious node-ipc versions with obfuscated stealer/backdoor behavior in a developing npm supply chain attack.
By Socket Research Team - May 14, 2026
🚨 Latest Research:Tanstack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack.Learn More →
@clerk/testing
Advanced tools
@clerk/testing
Getting started
This package provides utilities for testing Clerk applications.
It currently supports the following testing frameworks:
- Playwright, a Node.js library to automate browsers and web pages.
- Cypress, a JavaScript-based end-to-end testing framework.
Prerequisites
- Node.js
>=20.9.0or later - Playwright v1+ or Cypress v13.x or 14.x
Installation
npm install @clerk/testing --save-dev
Usage
Learn how to use @clerk/testing with different frameworks:
Support
You can get in touch with us in any of the following ways:
- Join our official community Discord server
- On our support page
Contributing
We're open to all community contributions! If you'd like to contribute in any way, please read our contribution guidelines and code of conduct.
Security
@clerk/testing follows good practices of security, but 100% security cannot be assured.
@clerk/testing is provided "as is" without any warranty. Use at your own risk.
For more information and to report security issues, please refer to our security documentation.
License
This project is licensed under the MIT license.
See LICENSE for more information.
FAQs
Utilities to help you create E2E test suites for apps using Clerk
The npm package @clerk/testing receives a total of 368,146 weekly downloads. As such, @clerk/testing popularity was classified as popular.
We found that @clerk/testing demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Package last updated on 01 May 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
TeamPCP and BreachForums Launch $1,000 Contest for Supply Chain Attacks
TeamPCP and BreachForums are promoting a Shai-Hulud supply chain attack contest with a $1,000 prize for the biggest package compromise.
By Sarah Gooding - May 14, 2026
Security News
Packagist Urges Immediate Composer Update After GitHub Actions Token Leak
Packagist urges PHP projects to update Composer after a GitHub token format change exposed some GitHub Actions tokens in CI logs.
By Sarah Gooding - May 13, 2026