
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@mapbox/assert-http
Advanced tools
Test helpers for testing a HTTP interface. This library contains two primary interfaces; a test runner which executes a set of HTTP calls as described by files in a directory, and a extension to the assert module.
With mocha, usage looks like;
describe('api server', function(done) {
fixtures.load('/path/to/tests/').forEach(function(test) {
it(test.name, function(done) {
fixtures.runtest(test, {handlers: handlers, clean: clean}, done);
});
});
});
Syncronous function that loads text fixtures from a directory. Returns an array of test objects.
Runs an individual test. Requires a test object (from assertHTTP.load), options object and callback function. The options object may contain the keys;
handlers
; an object of keys and replacer methods for populating http requests. Handlers are async and have the function signature function(req, value, next)
clean
; an object of keys and replacer methods for sanitizing http response headers and body. Replacer methodes have the signature function(key, value, context)
Call this method to notify assertHTTP to update fixtures as it runs.
Sync version of mkdirp
md5 helper.
A pixel-by-pixel comparison of two image buffers using the node-mapnik Image.compare()
API. The options object may contain the keys:
threshold
; tolerance level of RGB value difference between two pixels. Defaults to 16.diffsize
; a float between 0-1 expressing the max allowed difference between buffer lengths. Defaults to 0.1.diffpx
; a float between 0-1 expressing the max number of pixels allowed to exceed the threshold
option. Defaults to 0.02.If res.clean
is present it is expected to be a method that json.stringify
can use to sanitize the response headers.
3.2.0
FAQs
HTTP test fixture helper
The npm package @mapbox/assert-http receives a total of 120 weekly downloads. As such, @mapbox/assert-http popularity was classified as not popular.
We found that @mapbox/assert-http demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 28 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.