Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@reactioncommerce/data-factory
Advanced tools
Factory util that creates mock data fixtures based on simpl-schema definitions
Reaction Data Factory creates a simple fixture factory from SimpleSchema definitions for testing and seeding applications.
npm install @reactioncommerce/data-factory
Adding schemas to the Factory object.
import SimpleSchema from 'simpl-schema';
import { createFactoryForSchema } from "@reactioncommerce/data-factory";
const Example = new SimpleSchema({
strProp: String,
boolProp: Boolean,
});
createFactoryForSchema("Example", Example);
Creating mock data structures.
import { Factory } from "@reactioncommerce/data-factory";
const mockExample = Factory.Example.makeOne();
// mockExample output
// { _id: "e02993ea96d7", strProp: "mockStrProp", boolProp: true }
const mockExamples = Factory.Example.makeMany(2);
// mockExamples output
// [{ _id: "e02993ea96d7", strProp: "mockStrProp", boolProp: true }, { _id: "3ff4e0634ecc", strProp: "mockStrProp", boolProp: false }]
Creating mock data with custom property values.
const mockExample = Factory.Example.makeOne({ strProp: "Custom Value" });
// mockExample output
// { _id: "e02993ea96d7", strProp: "Custom Value", boolProp: true }
Creating mock data with custom property function.
const mockExamples = Factory.Example.makeMany(3, { _id: (i) => (i + 100).toString() });
// mockExamples output
// [{ _id: "100", strProp: "mockStrProp", boolProp: true }, { _id: "101", strProp: "mockStrProp", boolProp: false }], { _id: "102", strProp: "mockStrProp", boolProp: false }]
When you call makeOne
or makeMany
, a full document (including all nested schemas recursively) is automatically built based on the schema. The value of each node is determined like this:
mockValue
is found in the schema definition, use that value. mockValue
is not part of normal SimpleSchema but is added by and checked by this package.defaultValue
is found in the schema definition, use that value.autoValue
is found in the schema definition, use it to get a value.allowedValues
is found in the schema definition, use a random item from the array as the value.faker.js
to generate a random value of the type specified in the schema definition. For Number fields, the min and max values are respected when generating a random number. For String fields, the regEx value will be used if it matches one of the SimpleSchema.RegEx.*Thanks to @MaxGuitet and the team at Cambridge Software for their work on simpl-schema-mockdoc that heavily influenced this package.
We use the Developer Certificate of Origin (DCO) in lieu of a Contributor License Agreement for all contributions to Reaction Commerce open source projects. We request that contributors agree to the terms of the DCO and indicate that agreement by signing-off all commits made to Reaction Commerce projects by adding a line with your name and email address to every Git commit message contributed:
Signed-off-by: Jane Doe <jane.doe@example.com>
You can sign-off your commit automatically with Git by using git commit -s
if you have your user.name
and user.email
set as part of your Git configuration.
We ask that you use your real full name (please no anonymous contributions or pseudonyms) and a real email address. By signing-off your commit you are certifying that you have the right to submit it under the Apache License, Version 2.0.
We use the Probot DCO GitHub app to check for DCO sign-offs of every commit.
If you forget to sign-off your commits, the DCO bot will remind you and give you detailed instructions for how to amend your commits to add a signature.
Data Factory is licensed under the Apache License, Version 2.0.
FAQs
Factory util that creates mock data fixtures based on simpl-schema definitions
We found that @reactioncommerce/data-factory demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.