Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The assert npm package is a module that provides a set of assertion functions for verifying invariants. It is primarily used for writing tests to ensure that code behaves as expected. The module includes functions to test strict equality, deep equality, and various other conditions.
Strict Equality Assertion
This feature is used to test if two values are strictly equal using the === operator.
const assert = require('assert');
assert.strictEqual(1, 1, '1 is strictly equal to 1');
Deep Equality Assertion
This feature is used to test if two objects or arrays are equal by comparing their properties or elements.
const assert = require('assert');
assert.deepStrictEqual({ a: 1 }, { a: 1 }, 'Objects are deeply equal');
Assertion with a Predicate Function
This feature is used to test if a value passes a specified predicate function.
const assert = require('assert');
assert.ok(value => value > 10, 'Value is greater than 10');
Throws Assertion
This feature is used to test if a function throws an error as expected.
const assert = require('assert');
assert.throws(
() => { throw new Error('Wrong value'); },
Error,
'Function should throw an Error'
);
Chai is a BDD/TDD assertion library for node and the browser that can be delightfully paired with any javascript testing framework. It offers more plugins and a more flexible API compared to assert.
Expect is a minimalistic assertion library that provides a set of assertion functions and is often used with Jest. It offers a more fluent and readable syntax compared to assert.
Should.js is an expressive, readable, framework-agnostic assertion library. It extends the Object prototype with a single non-enumerable getter that allows for a more fluent and chainable API, providing a different style of coding compared to assert.
The
assert
module from Node.js, for the browser.
With browserify, simply require('assert')
or use the assert
global and you will get this module.
The goal is to provide an API that is as functionally identical to the Node.js assert
API as possible. Read the official docs for API documentation.
To use this module directly (without browserify), install it as a dependency:
npm install assert
assert
Due to differences between browsers, some error properties such as message
and stack
will be inconsistent. However the assertion behaviour is as close as possible to Node.js and the same error code
will always be used.
Bundlers like webpack 5
and Vite.js
(and possibly others) don't automatically include polyfills for Node.js APIs. Like most packages on npm, this module depends on other Node.js APIs, so it won't work with these bundlers without also including a polyfill for the process
Node.js global. You can use this library to polyfill the process
global.
Note that this is not a flaw in this package - this package will work without any manual configuration with browserify
and webpack 4
and other working bundlers. Unfortunately, some bundlers decided to require an explicit allow-list of all Node.js API specific packages instead of having them work out of the box, hence the incompatibility. See https://github.com/browserify/commonjs-assert/issues/55 for some more context.
To contribute, work on the source files. Then build and run the tests against the built files. Be careful to not introduce syntax that will be transpiled down to unsupported syntax. For example, for...of
loops will be transpiled to use Symbol.iterator
which is unavailable in IE.
npm run build
Builds the project into the build
dir.
npm run dev
Watches source files for changes and rebuilds them into the build
dir.
npm run test
Builds the source files into the build
dir and then runs the tests against the built project.
npm run test:nobuild
Runs the tests against the built project without rebuilding first.
This is useful if you're debugging in the transpiled code and want to re-run the tests without overwriting any changes you may have made.
npm run test:source
Runs the tests against the unbuilt source files.
This will only work on modern Node.js versions.
npm run test:browsers
Run browser tests against the all targets in the cloud.
Requires airtap credentials to be configured on your machine.
npm run test:browsers:local
Run a local browser test server. No airtap configuration required.
When paired with npm run dev
any changes you make to the source files will be automatically transpiled and served on the next request to the test server.
MIT © Joyent, Inc. and other Node contributors
FAQs
The assert module from Node.js, for the browser.
We found that assert demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.