Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
@nichoth/tapzero
Advanced tools
@nichoth/tapzero
Zero dependency test framework
A fork of raynos/tapzero
Source code
The implementation is <250 loc, (<500 with comments) ( https://github.com/nichoth/tapzero/blob/master/index.js ) and very readable.
install
npm i -D @nichoth/tapzero
Migrating from tape
const tape = require('tape')
// Tapzero exports an object with a test function property.
const tapzero = require('@nichoth/tapzero').test
tape('my test', (t) => {
t.equal(2, 2, 'ok')
t.end()
})
// Auto ending behavior on function completion
tapzero('my test', (t) => {
t.equal(2, 2, 'ok')
// t.end() does not exist.
})
End automatically
Return a promise. The test will end when the promise resolves.
// tapzero "auto" ends async tests when the async function completes
tapzero('my cb test', async (t) => {
await new Promise((resolve) => {
t.equal(2, 2, 'ok')
setTimeout(() => {
// instead of calling t.end(), resolve a promise
resolve()
}, 10)
})
})
Plan the number of assertions
tapzero('planning example', t => {
// this test will fail if we execute more or fewer
// than planned assertions
t.plan(2)
t.ok('hello')
t.equal(2, 2, 'two is two')
})
API
No aliases, smaller API surface area
tape('my test', (t) => {
t.equals(2, 2)
t.is(2, 2)
t.isEqual(2, 2)
})
tapzero('my test', (t) => {
// tapzero does not implement any aliases, very small surface area.
t.equal(2, 2)
t.equal(2, 2)
t.equal(2, 2)
})
Motivation
Zero dependencies
$ package-size ./build/src/index.js zora baretest,assert qunit tape jasmine mocha
package size minified gzipped
./build/src/index.js 8.97 KB 3.92 KB 1.53 KB
zora@3.1.8 32.44 KB 11.65 KB 4.08 KB
baretest@1.0.0,assert@2.0.0 51.61 KB 16.48 KB 5.82 KB
qunit@2.9.3 195.83 KB 62.04 KB 20.38 KB
tape@4.13.0 304.71 KB 101.46 KB 28.8 KB
jasmine@3.5.0 413.61 KB 145.2 KB 41.07 KB
mocha@7.0.1 811.55 KB 273.07 KB 91.61 KB
Small install size
| @nichoth/tapzero | baretest | zora | pta | tape | |
|---|---|---|---|---|---|
| pkg size | |||||
| Min.js size | |||||
| dep count |
| Mocha | Ava | Jest | tap | |
|---|---|---|---|---|
| pkg size | ||||
| Min.js size | ||||
| dep count |
Docs
import { test } from '@nichoth/tapzero'
test(name, [fn])
Run a single named test case. The fn will be called with the t test object.
Tests run one at a time and complete when the fn completes, the fn can be async.
test.only(name, fn)
Like test(name, fn) except if you use .only this is the only test case that will run for the entire process, all other test cases using tape will be ignored.
test.skip(name, [fn])
Creates a test case that will be skipped
Harness docs
const testHarness = require('@nichoth/tapzero/harness')
See HARNESS.md
FAQs
Smallest test library
The npm package @nichoth/tapzero receives a total of 3 weekly downloads. As such, @nichoth/tapzero popularity was classified as not popular.
We found that @nichoth/tapzero demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 09 Nov 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025