Research
/Security News
Shai Hulud Strikes Again (v2)
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.
By Socket Research Team -  Nov 24, 2025
🚨 Shai-Hulud Strikes Again:More than 500 packages and 700+ versions compromised.Technical Analysis →
@invisible/basic-tests
Advanced tools
@invisible/basic-tests
Basic tests for your project: requiring each file and testing environment variables
@invisible/basic-tests
Basic tests for your project: requiring each file and testing environment variables
Installation
yarn add --dev @invisible/basic-tests
Usage
Programmatically
This module exposes two methods checkRequireAllFiles and checkEnvFromSample.
checkRequireAllFiles()will attempt to require every file in your project, aside from those that are ignored by your.gitignoreor are in yourtestdirectory. If it encounters any that throw an error on require, or are simply invalid javascript, this function will throw. If it encounters multiple such errors, it will throw one error at the end with all un-requirable files listed.
This test is useful because it ensures that you don't have any obvious errors in your files. It should also encourage you to not have any side effects on requiring files.
checkEnvFromSample()checks that all env vars inenv.sampleare actually set in your environment. This is useful so that you won't try to run your package when it is missing a required environment variable.
Note: both of these methods are synchronous.
To use these methods, create a test file and call these functions
// test/index.js
'use strict'
const {
checkEnvFromSample,
checkRequireAllFiles,
} = require('@invisible/basic-tests')
describe('env', () => {
it('env.sample should exist, and all env vars should be set', checkEnvFromSample)
})
describe('dependencies', () => {
it('should be able to require all files', checkRequireAllFiles)
})
$ mocha test
․․
2 passing (20ms)
CLI
For convenience, we also expose these two methods for the CLI as check-env-from-sample and check-require-all-files so you can call them from your CI as part of your checks before deploying, or you can add them to the lifecycle script itself so that even after deploy you can get immediate feedback (and your server won't start).
For example:
// package.json:
{
"prestart": "check-env-from-sample && check-require-all-files",
"start": "node index.js"
...
}
Note: check-env-from-sample requires dotenv before checking.
FAQs
Basic tests for your project: requiring each file and testing environment variables
The npm package @invisible/basic-tests receives a total of 3 weekly downloads. As such, @invisible/basic-tests popularity was classified as not popular.
We found that @invisible/basic-tests demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Package last updated on 27 Dec 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025