
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
danger-plugin-jest
Advanced tools
Danger plugin for Jest
This Danger plugin relies on modifying your Jest configuration slightly on CI to also output a JSON file of the results.
You need to make the yarn jest
command include: --outputFile test-results.json --json
. This will run your tests
like normal, but will also create a file with the full test results after.
You may also want to add the JSON output file to your
.gitignore
, since it doesn't need to be checked into source control.
Install this Danger plugin:
yarn add danger-plugin-jest --dev
By default, this package will assume you've set the filename as test-results.json
, but you can use any path.
// dangerfile.js
import path from 'path'
import jest from 'danger-plugin-jest'
// Default
jest()
// Custom path
jest({ testResultsJsonPath: path.resolve(__dirname, 'tests/results.json') })
See src/index.ts
for more details.
See the GitHub release history.
Install Yarn, and install the dependencies - yarn install
.
Run the Jest test suite with yarn test
.
This project uses semantic-release for automated NPM package publishing.
:heart:
FAQs
Danger plugin for Jest
The npm package danger-plugin-jest receives a total of 22,393 weekly downloads. As such, danger-plugin-jest popularity was classified as popular.
We found that danger-plugin-jest demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.