Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
@decathlon/newman-reporter-pullrequest-decorator
Advanced tools
Newman reporter allowing to decorate Github's PullRequest with postman collection results
Report newman collection results on an extra check in the Pull Request Checks tab. If you need a way to export your Postman collection results into Github Pull Request, and you're using github workflow to handle your CI then you're in the right place !
PullRequest's Check example :
newman
@decathlon/newman-reporter-pullrequest-decorator
node
and npm
newman
- npm install -g newman
npm install -g @decathlon/newman-reporter-pullrequest-decorator
Installation should be done globally if newman is installed globally, otherwise install without
-g
option
Specify -r @decathlon/pullrequest-decorator
option while running the collection
In non export mode (it means you actually want to update github pull request) :
newman run <collection-url> --environment=<env-url> -r @decathlon/pullrequest-decorator \
--reporter-pullrequest-decorator-repo <repo> \
--reporter-pullrequest-decorator-token <github-token> \
--reporter-pullrequest-decorator-checkname <check-name> \
--reporter-pullrequest-decorator-refcommit <ref-commit>
In export mode :
newman run <collection-url> --environment=<env-url> -r @decathlon/pullrequest-decorator \
--reporter-export <export-path>
Option | Remarks |
---|---|
--reporter-pullrequest-decorator-repo | (Required) Usually you can get it from ${{ github.repository }}. It follows this pattern : "organization/repository" |
--reporter-pullrequest-decorator-token | (Required) Github token : Usually you can get it from ${{ secrets.GITHUB_TOKEN }} while job is running. For more details : https://docs.github.com/en/actions/reference/authentication-in-a-workflow#about-the-github_token-secret |
--reporter-pullrequest-decorator-checkname | (Optional : Default newman-check ) Name you want to give to the check name that will be created by the reporter. This parameter is useful if you want to wait for a specific check name to be completed inside your workflow. See, for example, the following github action : fountainhead/action-wait-for-check@v1.0.0 |
--reporter-pullrequest-decorator-refcommit | (Required) Long Commit hash. When you run this reporter from a Pull Request. You should use : ${{ github.event.pull_request.head.sha }} |
--reporter-debug | (Optional : Default false ) Reporter debug mode |
--suppress-exit-code | (Optional) Ensure that asynchronous github API is called before reporter termination. |
PullRequest's check report can appear on the wrong check suite. This is due to a known github limitation. See here : https://github.community/t/specify-check-suite-when-creating-a-checkrun/118380
To solve this issue, you can use a token from your own created Github App (and not the one used in the github workflow) so this way, the check run will be automatically created on a specific check suite.
npm pack
npm i -g decathlon-newman-reporter-pullrequest-decorator.<version>.tgz
FAQs
Newman reporter allowing to decorate Github's PullRequest with postman collection results
The npm package @decathlon/newman-reporter-pullrequest-decorator receives a total of 82 weekly downloads. As such, @decathlon/newman-reporter-pullrequest-decorator popularity was classified as not popular.
We found that @decathlon/newman-reporter-pullrequest-decorator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.