![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
@woocommerce/api-core-tests
Advanced tools
Readme
This package contains automated API tests for WooCommerce.
Before running the tests, the following environment variables need to be configured as shown in .env.example
:
# Your site's base URL, not including a trailing slash
BASE_URL="https://mysite.com"
# The admin user's username or generated consumer key
USER_KEY=""
# The admin user's password or generated consumer secret
USER_SECRET=""
For local setup, create a .env
file in this folder with the three required values described above.
Alternatively, these values can be passed in via the command line. For example:
BASE_URL=http://localhost:8086 USER_KEY=admin USER_SECRET=password npm run e2e:api
When using a username and password combination instead of a consumer secret and consumer key, make sure to have the JSON Basic Authentication plugin installed and activated on the test site.
For more information about authentication with the WooCommerce API, please see the Authentication section in the WooCommerce REST API documentation.
The following optional variables can be set in your local .env
file:
VERBOSE
: determine whether each individual test should be reported during the run.USE_INDEX_PERMALINKS
: determine whether to use index permalinks (?p=123
) for the API route.To verify that everything is configured correctly, the following test script is available:
npm run e2e:hello
This tests connectivity to the API by validating connection to the following:
To run all of the API tests, you can use the following command:
npm run e2e:api
To run a specific group of tests, you can use the npm test -- --group=
command and pass in the group's name you want to run.
For example, if you wanted to only run the orders API tests, you can use the following:
npm e2e -- --group=orders
Alternatively, you can use jest
to run test groups:
jest --group=api
tests
directory.@group
. See the Test groups section for more info on grouping tests.data
folder when generating test data instead of constructing them from scratch within the test.endpoints
folder to send requests instead of directly using SuperTest's request()
function.describe.each()
or it.each()
when writing repetitive tests.This package makes use of the jest-runner-groups
package, which allows grouping tests together around semantic groups (such as orders
API calls, or coupons
API calls) to make running test suites more granular.
Before the describe()
statement, add in a doc block containing the desired groups:
/**
* Tests for the WooCommerce API.
*
* @group api
* @group endpoint
*
*/
describe('', () => {
it('', async () => {});
});
The api
group should be included on all tests that should be run with the rest of the test suite. Groups can also contain a path, such as orders/delete
.
For more information on how groups work, please refer to the jest-runner-groups
documentation.
For tests that use query strings, these can be passed into the getRequest()
method using an object of one or more key value pairs:
const { getRequest } = require('./utils/request');
const queryString = {
dates_are_gmt: true,
after: '2021-05-13T19:00:00',
before: '2021-05-13T22:00:00'
};
const response = await getRequest('/orders', queryString);
Most of the time, test data would be in the form of a request payload. Instead of building them from scratch inside the test, create a test data file inside the data
directory. Create a model of the request payload within that file, and export it as an object or a function that generates this object.
Afterwards, make sure to add the test data file to the data/index.js
file.
This way, the test data would be decoupled from the test itself, allowing for easier test data management, and more readable tests.
All functions for sending requests to endpoints should be placed in the endpoints
directory.
Newly created files should be added to the endpoints/index.js
file.
You can make use of the REST API log plugin to see how requests are being made, and check the request payload, response, and more.
This package also allows generating a collection.json
file using the test data in this package. This file can be imported into Postman and other REST clients that support the Postman v2 collection. To generate this file, run:
npm run make:collection
This will output a collection.json
file in this directory.
This package makes use of the SuperTest HTTP assertion package. For more information on the response
properties that are available can be found in the SuperAgent documentation.
For the list of WooCommerce API endpoints, expected responses, and more, please see the WooCommerce REST API Documentation.
FAQs
API tests for WooCommerce
The npm package @woocommerce/api-core-tests receives a total of 5 weekly downloads. As such, @woocommerce/api-core-tests popularity was classified as not popular.
We found that @woocommerce/api-core-tests demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 17 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.