
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
cypress-plugin-network-shim
Advanced tools
A plugin for Cypress.io tests enabling record and replay of application network requests.
This is a utility for Cypress.io end-to-end testing which enables recording snapshots of real backend traffic.
The generated snapshots can then be used to replay or "stub" the network on subsequent test runs, effectively mocking out the server to increase test repeatability and performance.
There are three modes of operation:
Your project must be using Cypress:
yarn install --dev cypress
yarn install --dev cypress-plugin-network-shim
In cypress/support/index.js
initialize the Network Shim:
import initNetworkShim from 'cypress-plugin-network-shim'
initNetworkShim();
// Cypress.NetworkShim should now be accessible from any Cypress support or test file
In a test file, i.e. cypress/integration/test.spec.js
, add the following:
before(() => {
Cypress.NetworkShim.enable({
specName: 'test',
});
});
At this point, the network shim will be enabled whenever this test is run.
> export CYPRESS_NETWORK_SHIM_HOST_API=https://api.example.com
> export CYPRESS_NETWORK_SHIM_MODE=GENERATE
> cypress
OR
> cypress --env NETWORK_SHIM_HOST_API=https://api.example.com --env NETWORK_SHIM_MODE=GENERATE
To set default app-wide network shim configuration, pass a configuration object to initNetworkShim
in cypress/support/index.js
:
import initNetworkShim from 'cypress-plugin-network-shim'
initNetworkShim({
hosts: {
'api': 'https://api.example.com'
}
});
FAQs
A plugin for Cypress.io tests enabling record and replay of application network requests.
We found that cypress-plugin-network-shim demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.