Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@phantom/synpress
Advanced tools
Synpress is e2e testing framework based around Cypress.io & playwright with included MetaMask support. Test your dapps with ease.
We're Hiring ๐ โ Think you have what it takes? We're looking for Software Engineer, find out more.
Synpress
is E2E testing framework
based on Cypress
and Playwright
with support for MetaMask.
Synpress makes sure to always use latest version of metamask and puts a lot of effort to make sure that dapp tests are stable and trustful.
It also provides an easy way to use and access metamask straight from your e2e tests with all features of cypress and playwright.
๐ฅ Synpress works out-of-the-box with other frameworks! There is no need to use it directly. Check usage examples for more details.
โ ๏ธ This branch showcases the current stable release of Synpress which will receive only critical hotfixes. โ ๏ธ
Active development of the upcoming version of Synpress is happening on this branch. The new release is a full rewrite of Synpress and will feature major breaking changes, and multitude of new features and improvements across the board such as:
Curious and want to learn more? ๐ค
Read this Twitter thread ๐งต and do not forget to check out the attached document there!
# with pnpm
pnpm add --save-dev @synthetixio/synpress
# with npm
npm install --save-dev @synthetixio/synpress
# with yarn
yarn add -D @synthetixio/synpress
For full Synpress commands and their examples, check here.
To see in which direction Synpress is headed to, take a look at planning board.
synpress run --headless
)
.env
file automatically (from project root
folder)Project structure:
project_dir
โโโ src
โโโ tests
โโโ e2e
โโโ .eslintrc.js
โโโ support.js
โโโ tsconfig.json
โโโ specs
โโโ example-spec.js
โโโ pages
โโโ example-page.js
.eslintrc.js
inside your tests folder (/project_dir/tests/e2e
):const path = require('path');
const synpressPath = path.join(
process.cwd(),
'/node_modules/@synthetixio/synpress',
);
module.exports = {
extends: `${synpressPath}/.eslintrc.js`,
};
support.js
inside your tests folder (/project_dir/tests/e2e
):import '@synthetixio/synpress/support/index';
^ hint: you can also use this file to extend synpress - add custom commands, and more..
tsconfig.json
inside your tests folder (/project_dir/tests/e2e
):{
"compilerOptions": {
"allowJs": true,
"baseUrl": "../../node_modules",
"types": [
"cypress",
"@synthetixio/synpress/support",
"cypress-wait-until",
"@testing-library/cypress"
],
"outDir": "./output"
},
"include": ["**/*.*"]
}
To change specific values in default config, you can use --config
flag. For
example, to change path for support.js
file, you can use
synpress run --config "supportFile=__tests__/e2e/supportFile.js"
If you would like to use custom paths for your tests and configs, you should
mirror (full) default synpress config
and then modify it for your needs. Then you can direct synpress to use it with
--configFile
flag.
For example: synpress run --configFile __tests__/e2e/customConfig.config.js
Synpress doesn't seem to communicate with metamask properly if
"chromeWebSecurity": false
flag is set. More about it
here.
Thanks to
new headless mode in Chrome,
tests are now working in headless mode ๐ค (synpress run --headless
). However,
I recommend to use it only for local development as this feature is new and
experimental and may cause issues on CI (UNIX). So please, stick to non-headless
mode on CI.
In the past, tests worked only in non-headless mode because extensions were not supported in headless mode by playwright and Cypress. As a workaround, we've provided Docker ๐ณ containers. They solved this issue and it's an alternative.
You have to setup xvfb
and window manager (like fluxbox
or xfce4
) to run
tests without issues on CI (together with DISPLAY
env var). Take a look at
CI tips & tricks
for working examples.
There is a global
before()
which runs metamask setup before all tests:
goerli
) or creates custom network and changes
to it (depending on your setup)It requires environmental variable called SECRET_WORDS
to be present in
following format => 'word1 word2 word3 ..'
(delimited with spaces) or private
key in an environmental variable called PRIVATE_KEY
.
To change default network (goerli
), you can use NETWORK_NAME
environmental
variable, for example: NETWORK_NAME=sepolia
.
Available choices are: mainnet
, goerli
, sepolia
and localhost
.
To create and switch to custom network at metamask setup phase, use these:
NETWORK_NAME
=> ex: synthetix
RPC_URL
=> ex: https://synthetix-node.io
CHAIN_ID
=> ex: 123
SYMBOL
=> ex: SNX
BLOCK_EXPLORER
(optional) => ex: https://synthetix-explorer.io
IS_TESTNET
(optional) => ex: false
Metamask version is hardcoded and frequently updated under supervision to avoid
a case when e2e tests break because of CSS classes changes in new version, so
all you need is to keep synpress updated in your project. However, you can still
override metamask with METAMASK_VERSION
environmental variable, for example:
METAMASK_VERSION=10.21.0
or METAMASK_VERSION=latest
.
If you don't want to use environmental variables, you can modify
setupMetamask()
to following:
setupMetamask(secretWordsOrPrivateKey, network, password)
, for example:
setupMetamask('word1 word2 word3 ..', 'mainnet', 'password')
(delimited with
spaces).
You can also add and switch to custom network by passing an object
instead of
string
inside setupMetamask(secretWordsOrPrivateKey, network, password)
function for network
parameter.
If you want to use Etherscan API helpers, you will have to provide Etherscan API
key using ETHERSCAN_KEY
environmental variable.
To fail a test if there are any browser console errors, set FAIL_ON_ERROR
to
1
or true
.
Automatic waiting for XHR requests to finish before tests start can be turned on
with CYPRESS_RESOURCES_WAIT
environmental variable, set it to 1
or true
.
If you want to skip metamask extension installation or metamask setup, you can
use SKIP_METAMASK_INSTALL
and SKIP_METAMASK_SETUP
separately. Both variables
accept 1
or true
.
Synpress is blazingly-fast โก by default! If you want to change that, you can
use STABLE_MODE=true
(which will introduce delays only between main actions,
300ms by default) / STABLE_MODE=<value>
or SLOW_MODE=true
(which will
introduce delay between every action, 50ms by default) / SLOW_MODE=<value>
.
DEBUG=synpress:*
is very useful while debugging your tests. It enables
following features:
You may encounter 403 errors (on shared IPs & CI) related to rate limiting while
fetching metamask releases from GitHub REST API. This should never happen at
all, but it's good to mention. To prevent it from happening, you can create new
private access token on GitHub (without any additional access) and specify
GH_USERNAME
& GH_PAT
environmental variables.
Docker is awesome for CI. Give it a try.
git clone git@github.com:Synthetixio/synpress.git
cd synpress
.env
filedocker-compose --profile synpress --profile foundry up --build --exit-code-from synpress
or ./start-tests.sh
docker-compose up --profile synpress --build --exit-code-from synpress
docker-compose --profile synpress --profile foundry --profile ngrok up --build --exit-code-from synpress
All examples of setup are present in this repository. Just take a look around.
ubuntu-latest
.ubuntu-latest
, has configured VNC, noVNC and ngrok for easy
debugging.ubuntu-latest
with docker compose
stack.ubuntu-latest
, using official
cypress-io/github-action.synpress run
to run testssynpress open
to open Cypress UI (may be bugged in some cases because it
doesn't clear metamask state before each e2e test, please use synpress run
)Command line interface (synpress help
):
Usage: synpress run [options]
launch tests
Options:
-b, --browser <name> run on specified browser (default: "chrome")
-c, --config <config> set configuration values, separate multiple values with a comma
-cf, --configFile <path> specify a path to *.js file where configuration values are set
-e, --env <env=val> set environment variables, separate multiple values with comma
-s, --spec <path or glob> run only provided spec files
-ne, --noExit keep runner open after tests finish
-pr, --project <path> run with specific project path
-q, --quiet only test runner output in console
-r, --reporter <reporter> specify mocha reporter
-ro, --reporterOptions <options> specify mocha reporter options, separate multiple values with comma
-r, --record [dashboard] record video of tests running after setting up your project to record
-k, --key <key> [dashboard] set record key
-p, --parallel [dashboard] run recorded specs in parallel across multiple machines
-g, --group [name] [dashboard] group recorded tests together under a single run
-t, --tag <name> [dashboard] add tags to dashboard for test run
-h, --help display help for command
Usage: synpress open [options]
launch test runner UI
Options:
-cf, --configFile <path> specify a path to *.js file where configuration values are set
-h, --help display help for command
If your MetaMask is stuck on the loading screen, check what's happening under the hood in the console. You can find vital information about why it's stuck on this step.
"Do not scan encrypted connections"
.Variable | Description |
---|---|
SECRET_WORDS | Space separated words for the test wallet recovery phrase (mnemonic; 12 words) |
PRIVATE_KEY | Test wallet private key |
NETWORK_NAME | Network name (eg NETWORK_NAME=Optimism ) |
RPC_URL | Network RPC (egRPC_URL=https://mainnet.optimism.io ) |
CHAIN_ID | Network ID (egCHAIN_ID=10 ) |
SYMBOL | Native chain token ticker (eg SYMBOL=OP ) |
IS_TESTNET | boolean indicates that the added network is testnet |
BLOCK_EXPLORER | Blockchain explorer (eg BLOCK_EXPLORER=https://optimistic.etherscan.io/ ) |
SYNDEBUG | Set debugging mode to be on |
STABLE_MODE | Introduce delay between main actions, 300ms by default (eg STABLE_MODE=300ms , STABLE_MODE=true ) |
SLOW_MODE | Introduce delay between every action, 50ms by default (eg SLOW_MODE=true , SLOW_MODE=200ms ) |
METAMASK_VERSION | Metamask version to be installed |
SKIP_METAMASK_INSTALL | Will skip MetaMask installation |
SKIP_METAMASK_SETUP | Will skip MetaMask initial setup |
GH_USERNAME | GitHub username (used to avoid rate-limit issues while downloading Metamask) |
GH_PAT | GitHub personal access token (used to avoid rate-limit issue while downloading metamask) |
ETHERSCAN_KEY | Etherscan key (used only for etherscan-related commands) |
FAIL_ON_ERROR | Fail a test if there are any browser console errors |
CYPRESS_GROUP | Group tests |
CI | Boolean value indicates that tests are running from CI/CD pipeline |
dev
branch to master
branch-beta
version is automatically released)patch|minor|major
depending on your needs to promote your build.Alternatively, instead of running GitHub Action for release, you can move on with manual release process:
master
branch and pull latest changespnpm release:patch/minor/major
commanddev
branch up to date with master
Above actions will lead to:
FAQs
Synpress is e2e testing framework based around Cypress.io & playwright with included MetaMask support. Test your dapps with ease.
The npm package @phantom/synpress receives a total of 2,691 weekly downloads. As such, @phantom/synpress popularity was classified as popular.
We found that @phantom/synpress demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.ย It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.