Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
A plugin for BusterJS that allows you to use an AMD loader to test asynchronous modules. You must provide your own loader. By default, a loader that provides require(deps, callback)
is assumed. This will eventually be pluggable.
Installation is done using npm:
$ npm install buster-amd
Load in your configuration file, specifying your loader and the required configuration file as libs.
You also need to add the buster-amd
extension to your configuration::
var config = module.exports;
config["Browser tests"] = {
rootPath: "../",
libs: [
"libs/require.js",
"requirejs-config.js"
],
sources: ["src/**/*.js"],
tests: ["test/**/*.js"],
extensions: [require("buster-amd")]
};
require
them from
your tests, otherwise, Buster will not make them available on the test server.If you have any issues with paths for your required files, check the configuration section below.
Your tests will drive the show. To run tests with the AMD extension, your
tests should be wrapped in a call to define
, which pulls in
dependencies (i.e. your modules) and in the callback define specs/test cases
as usual::
define(['moduleToTest.js'], function(moduleToTest){
buster.testCase("A test case", {
"test the module": function(){
assert.isObject(moduleToTest);
}
});
});
The AMD extension has one configuration option: a path mapper. The path mapper
is an optional function that translates Buster.JS paths (which are absolute,
e.g. /test/my-test.js
) to AMD friendly module IDs.
The default mapper converts /test/my-test.js
to test/my-test
, i.e. strips leading
slash and file suffix::
function (path) {
return path.replace(/\.js$/, "").replace(/^\//, "");
}
However, if your AMD loader specifies a basePath
in its configuration the default mapper might cause you issues::
require.config({
baseUrl: 'src/'
});
In this case, every module your loader attempts to load will be prefixed with this basePath::
src/test/my-test.js
You don't need to restructure your project to solve this issue. If your tests live outside of that directory, you can fix that with a different mapping function::
config["Browser tests"] = {
rootPath: "../",
libs: [
"libs/require.js",
"requirejs-config.js"
],
sources: ["src/**/*.js"],
tests: ["test/**/*.js"],
extensions: [require("buster-amd")],
"buster-amd": {
pathMapper: function (path) {
// prefix any path starting with a slash with ../
return path.replace(/\.js$/, "").replace(/^\//, "../");
}
}
};
In this case, your AMD loader will load the files with the following path in the browser with
the path src/../test/my-test.js
which is equivalent to test/my-test.js
baseUrl
option, but curl.js will treat these files as any other modules.Another example: use the following mapper for AMD loader plugins::
var config = module.exports;
config["Browser tests"] = {
rootPath: "../",
sources: ["src/**/*.js"],
tests: ["test/**/*.js"],
extensions: [require("buster-amd")],
"buster-amd": {
pathMapper: function (path) {
return "plugin!" + path.replace(/^\//, "").replace(/\.js$/, "");
}
}
};
Check the demos repository for example projects.
FAQs
Extension for testing AMD modules
The npm package buster-amd receives a total of 16 weekly downloads. As such, buster-amd popularity was classified as not popular.
We found that buster-amd demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.