Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@stryker-mutator/core
Advanced tools
Professor X: For someone who hates mutants... you certainly keep some strange company. William Stryker: Oh, they serve their purpose... as long as they can be controlled.
For an introduction to mutation testing and StrykerJS features, see stryker-mutator.io.
Please follow the quickstart on the website.
For small js projects, you can try the following command:
npm install --save-dev @stryker-mutator/core
# Only for small projects:
npx stryker run
It will run stryker with default values:
npm test
as your test commandlib
and src
directories$ npx stryker <command> [options] [configFile]
See usage on stryker-mutator.io
See our website for the list of currently supported mutators.
See configuration on stryker-mutator.io.
Stryker can also be used programmatically from nodejs. It exports 2 classes for you to use: Stryker
and StrykerCli
.
import { Stryker, StrykerCli } from '@stryker-mutator/core';
Both classes can be used to run Stryker. The main difference is that Stryker
is a slightly more low-level approach, while StrykerCli
is the straight up CLI api.
In this example you can see how to use both.
async function main() {
// Runs Stryker as if it was called directly from the cli. Not even returns a promise, it assumes to be allowed to call `process.exit`.
new StrykerCli(process.argv /* RAW argv array */ ).run();
// Runs Stryker, will not assume to be allowed to exit the process.
const stryker = new Stryker({ concurrency: 4 } /* Partial Stryker options object */ );
const mutantResults = await stryker.runMutationTest();
// mutantResults or rejected with an error.
}
Stryker is written in TypeScript, so it is recommended to use Typescript as well to get the best developer experience.
FAQs
The extendable JavaScript mutation testing framework
We found that @stryker-mutator/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.