Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
coverify-lcov
Advanced tools
This module converts the output of the excellent coverify
module
into something similar to the lcov.info
files that some tools
require.
Note: it may not work for most purposes as it uses only the line coverage.
The assumption behind this module is that the only relevant metric is the line coverage. If the line coverage is 100% then the function coverage is also 100%. If the line coverage is not 100% then it doesn't matter whether the function coverage is 100% or not.
Because test coverage is like the speed of light: 99% is better than 98%, but even 99.999% is nothing compared to 100%.
Install to use in your Node project, updating the development
dependencies in package.json
:
npm install browserify coverify coverify-lcov --save-dev
Run coverify
with browserify
and filter with coverify-lcov
:
./node_modules/browserify/bin/cmd.js -t coverify test.js \
| node | ./node_modules/coverify-lcov/bin/cmd.js
For any bug reports or feature requests please post an issue on GitHub.
Rafał Pocztarski - https://github.com/rsp
MIT License (Expat). See LICENSE.md for details.
FAQs
Minimallistic translation of coverify output to lcov.info format
The npm package coverify-lcov receives a total of 0 weekly downloads. As such, coverify-lcov popularity was classified as not popular.
We found that coverify-lcov demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.