Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@web/test-runner-chrome
Advanced tools
Browser launcher for @web/test-runner
. Looks for a locally installed instance of Chrome, and controls it using puppeteer-core. This avoids the postinstall step of puppeteer
or playwright
, speeding up installation of projects.
If you don't want to install Chrome globally, for example in a CI environment, you can use @web/test-runner-puppeeteer or @web/test-runner-playwright
See @web/test-runner for a default implementation and CLI for the test runner.
If you are using @web/test-runner, the chrome launcher is used by default. You can instantiate it yourself from the config to use on the advanced options.
If you want to customize the puppeteer launcher options, you can add the browser launcher in the config.
You can find all possible launch options in the official documentation
const { chromeLauncher } = require('@web/test-runner-chrome');
module.exports = {
browsers: [
chromeLauncher({
launchOptions: {
headless: false,
args: ['--some-flag'],
},
}),
],
};
You can use a custom function to create the puppeteer Page
. You can use this for example to set up injecting scripts for environment variables or to expose functions to the browser to control the page.
const { chromeLauncher } = require('@web/test-runner-chrome');
module.exports = {
browsers: [
chromeLauncher({
async createPage({ browser, config }) {
const page = await browser.newPage();
// expose websocket endpoint as an environment variable in the browser
page.evaluateOnNewDocument(wsEndpoint => {
window.__ENV__ = { wsEndpoint };
}, browser.wsEndpoint());
// expose a function in the browser, which calls a function on the
// puppeteer page in NodeJS
page.exposeFunction('puppeteerBringToFront', () => {
page.bringToFront();
});
return page;
},
}),
],
};
FAQs
Chrome browser launcher for Web Test Runner
We found that @web/test-runner-chrome demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.