Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Framework for baseline acceptance driven development in JavaScript.
It's annoying to maintain tests. Every time you change an api, all the tests fail and they need to be manually updated.
baddsert
allows you to keep the data of tests separate from the test themselves, allowing you to update each separately for cleaner diffs and sane programmers. baddsert
keeps tracks of the newly-provided data on failures and provides a CLI to update the expected data.
baddsert replaces your old assert library. Write your tests as usual, using baddsert as the assert. Step one is to init the whole shebang:
import {baddsert} from 'baddsert';
let docTests = baddsert('docTests');
You'll need to init once per file. Try and make it descriptive of that particular test battery.
Now that everything's all init-ifyed, let's use baddsert:
it('runs a superfluous demo test', () => {
let result = hammertime(`can't touch this`);
docTests('I am a steg-o-saurus', result);
});
The first param describes this particular assertion - what are you testing?
The second is the thing you want asserted.
There's an optional third param that allows you to define your own equality. Otherwise baddsert will just use deepStrictEqual
from Node's assert package.
And now, the magic happens. When you run your tests, baddsert will take the result from the first test and save it under the badd-baseline
directory (in this case, as the file docTests
). Future runs will throw if the value passed in is not deepStrictEqual
to the original one.
When you inevitably change something that makes the tests fail (because your function is correctly returning a new value) run baddsert
in the same dir as your badd-baseline
directory. This will run through all of your asserts, letting you replace the old data with the data that was passed in during the failing test.
--- Checking docTests ---
I am a steg-o-sarus: AGH THEY DON'T MATCH DOOOOOOOM
Stored result: result
Latest: NEW SWEET DATAS
Should I replace this? [y/n] :
Install the baddsert cli globally:
$ npm install -g baddsert
Add it as a dev dependency (for npm scripts & such)
$ npm install --save-dev baddsert
When installing as a dev dependency I recommend you add a npm script to your package.json:
{
"scripts": {
"baddsert": "baddsert"
}
}
Then you can run baddsert without requiring a global install
$ npm run baddsert -s
Easy as pie.
Further reading on BADD development practices: https://medium.com/@tinganho/baseline-acceptance-driven-development-f39f7010a04#.d1fdg36x0
FAQs
Baseline Acceptance Driven Development for JavaScript
The npm package baddsert receives a total of 1 weekly downloads. As such, baddsert popularity was classified as not popular.
We found that baddsert demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.