Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@guardian/ab-core
Advanced tools
A client-side library for A/B & multivariate testing
pnpm add @guardian/ab-core
Note There is also a (P)React framework-specific implementation, @guardian/ab-react
This library:
There’s some background to the early requirements to the library and some documentation in Frontend, there’s some notes about the migration of A/B tests.
import { AB } from '@guardian/ab-core';
import type { AbTestConfig } from '@guardian/ab-core';
const config: AbTestConfig = {
mvtId: 999_999,
pageIsSensitive: false,
abTestSwitches: {},
arrayOfTestObjects: [],
};
const abTests = new AB(config);
// Must be performed in the platform after initialisation to ensure tracking defined in ABTests is setup
// [tests] being an array of *runnable* ab tests
abTest.registerCompleteEvents([tests]);
abTest.registerImpressionEvents([tests]);
abTest.trackABTests([tests]);
// The API then provides access to the utility methods for use within modules
abTests.runnableTest(test);
abTests.firstRunnableTest([tests]);
abTests.isUserInVariant(testId, variantId);
Config | Type | Example |
---|---|---|
mvtMaxValue | number | 10_000 |
mvtCookieId | number | getCookie('mvt_id') |
pageIsSensitive | boolean | guardian.config.page.isSensitive |
abTestSwitches | Record | {'TestOne': true} |
forcedTestVariants | Optional: { [key: string]: { variant: string } }; | { TestOne: { variant: 'myCoolVariant' }, TestTwo: { variant: 'myCoolVariant' } }; |
forcedTestException | Optional: ABTest['id'] | |
arrayOfTestObjects | ABTest[] | |
ServerSideTets | ServerSideTests | |
errorReporter | ErrorReporterFunc | |
ophanRecord | OphanRecordFunction |
type CoreAPI = {
allRunnableTests: (
tests: ReadonlyArray<ABTest>,
) => ReadonlyArray<Runnable<ABTest>> | [];
runnableTest: (
test: ABTest,
) => Runnable<ABTest & { variantToRun: Variant }> | null;
firstRunnableTest: (tests: ReadonlyArray<ABTest>) => Runnable<ABTest> | null;
isUserInVariant: (testId: ABTest['id'], variantId?: Variant['id']) => boolean;
};
API Method | Params | Returns |
---|---|---|
allRunnableTests | Array of ab tests | Array of Runnable tests or empty array |
runnableTest | A single AB test | A runnable ab test object with variantToRun property containing the variant to run or null |
firstRunnableTest | Array of AB Tests | A runnable ab test object or null |
isUserInVariant | A AB test ID, and a Variant ID | A boolean |
Within your platforms, you should define the test this way. If the test needs to run across platforms, then the test definition needs to be the same (as well as the initialisation config).
import { ABTest } from '@guardian/ab-core';
export const abTestTest: ABTest = {
id: 'AbTestTest', // This ID must match the Server Side AB Test
start: '2020-05-20',
expiry: '2020-12-01', // Remember that the server side test expiry can be different
author: 'anemailaddress@theguardian.com',
description: 'This Test'
audience: 0.0001, // 0.01% (1 is 100%)
audienceOffset: 0.5, // 50% (1 is 100%). Prevent overlapping with other tests.
successMeasure: 'It works',
audienceCriteria: 'Everyone',
idealOutcome: 'It works',
showForSensitive: true, // Should this A/B test run on sensitive articles?
canRun: () => true, // Check for things like user or page sections
variants: [
{
id: 'control',
test: (): void => {}, // You can define what you want your variant to do in here or use the isUserInVariant API
impression: (impression) => {
// This will be immediate.
// You could also use eventListeners as below
// Make sure abTest.registerCompleteEvents([tests]); and abTest.registerImpressionEvents([tests]); have been called
impression();
},
success: (success) => {
// https://developer.mozilla.org/en-US/docs/Web/Guide/Events/Creating_and_triggering_events
window.addEventListener('guAbTestEvent', (e) => {
const detail = e?.detail;
if (
detail?.abTest === 'abTestTest' &&
detail?.variant === 'control' &&
detail?.event === 'success') {
success();
}
});
},
},
{
id: 'variant',
test: (): void => {},
impression: (impression) => {
impression();
},
success: (success) => {
//...
},
},
],
};
// If you're using event listeners for the impression and success events you can call them with CustomEvents
// Say a user clicked something
window.dispatchEvent(new CustomEvent('guAbTestEvent', {
detail: {
abTest: 'abTestTest',
variant: 'control'
event: 'success'
}
}))
The initialisation values are populated on these platforms like so:
Config | Note |
---|---|
mvtMaxValue | MVT % is calculated from 0 to mvtMaxValue |
mvtCookieId | The user's MVT ID to calculate what tests and variants they fall into |
pageIsSensitive | Sensitive pages must have explicit settings in AB tests |
abTestSwitches | An object containing all of the boolean values of abTestSwitches, in Frontend from page.config.switches.abTests |
forcedTestVariants | In Frontend this might be set by the URL override, but otherwise can be used to force a user into a test and variant at init time |
forcedTestException | Can be used to force a user out of a test (in Frontend, again with url override) |
arrayOfTestObjects | Pass all tests definitions into the config |
ServerSideTets | ServerSideTests are accessed via client-side config in Frontend and DCR |
errorReporter | Pass an error reporter, probably Sentry |
ophanRecord | Probably Ophan's 'record' function |
experiments
folder
(Frontend,
DCR)
and the test definition and structure of those folders should match. The
difference will be where to import - in Frontend in
ab-test.ts
and in DCR in
ab-tests.ts.isUserInVariant
(this does make
it difficult to copy and paste an implementation between Frontend and DCR
right now until this library is integrated with Frontend)Use this simple calculator to see what MVT ID your test variant will fall into.
Uses Jest, see .test.ts
files.
FAQs
A client-side library for A/B & multivariate testing
The npm package @guardian/ab-core receives a total of 820 weekly downloads. As such, @guardian/ab-core popularity was classified as not popular.
We found that @guardian/ab-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.