abstract-npm-registry
Advanced tools
An open and extendible test suite for you can use to test various functional areas of an npm registry.
An open and extendible test suite for you can use to test various functional areas of an npm registry.
Understanding the wire protocol expected by the npm CLI is incredibly important. Without a thorough, accurate, and open representation of this HTTP-based API a number of important scenarios to the success of the Node.js ecosystem are largely impossible and definitely improbable:
npm (e.g. a remote npm post-publish hook similar to a git post-commit hook).This project is an attempt to document the public npm wire protocol for these reasons and more by creating an open and extendible test suite for anyone to use and contribute to. It pulls data from multiple sources:
url.resolve represent one or more routes that Client instances consume when used by the npm CLI.The goal of this project is to have 100% coverage over all routes and important usage scenarios (e.g. attempting to publish a package that is not yours). We cannot do this without YOUR HELP!
abstract-npm-registry uses mocha and assume for test execution and assertion. Most common configurations can be accomplished by using the micro-runner provided by abstract-npm-registry.
const abstractNpmRegistry = require('abstract-npm-registry');
//
// Runs the entire suite of tests
//
abstractNpmRegistry({
registry: 'https://registry.npmjs.org',
headers: {
'X-ANY-HEADER-YOU-WANT': true
},
//
// By default all of these suites are
// included.
//
suites: [
'publish',
'unpublish'
]
});
n.b. By default all test suites are included
suites: [
'pkg/show',
'pkg/fetch',
'publish',
'unpublish',
'pkg/dist-tag',
'user/add',
'user/logout',
'pkg/update',
'ping',
'whoami',
'team',
'access',
'views/all',
'views/query'
]
Want more options or more granular options? Use abstract-npm-registry with mocha directly (see below) or open an issue!.
mocha directlyEach named export on any requireable "suite" exposed by abstract-npm-registry is simply a function that returns an it function. The returned function can be passed to it in any mocha suite. e.g.
my.custom.test.js
const abstractNpmRegistry = require('../')({
registry: 'https://registry.npmjs.org',
headers: { 'X-ANY-HEADER-YOU-WANT': true }
});
console.log('\n\n> Starting my custom test suite using mocha...');
describe('My super custom test suite', function () {
abstractNpmRegistry.it('pkg/dist-tag.add');
abstractNpmRegistry.it('pkg/dist-tag.list');
abstractNpmRegistry.it('pkg/dist-tag.remove');
abstractNpmRegistry.it('pkg/fetch.found');
abstractNpmRegistry.it('pkg/fetch.noVersion');
abstractNpmRegistry.it('pkg/fetch.noPackage');
});
FAQs
An open and extendible test suite for you can use to test various functional areas of an npm registry.
The npm package abstract-npm-registry receives a total of 5 weekly downloads. As such, abstract-npm-registry popularity was classified as not popular.
We found that abstract-npm-registry demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The remediated findings include organization permission bugs, stale project access after transfers, OIDC replay edge cases, audit logging gaps, and an IDOR in API token deletion.
Research
/Security News
GitHub account BufferZoneCorp published sleeper packages that later added credential theft, GitHub Actions tampering, fake go wrappers, and SSH persistence.
Research
/Security News
Socket found a malicious Intercom PHP package on Packagist using Composer plugin execution to steal credentials and spread across ecosystems.