Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
eslint-plugin-cypress
Advanced tools
The eslint-plugin-cypress npm package provides a set of linting rules specific to Cypress, an end-to-end testing framework. These rules help developers adhere to best practices and avoid common mistakes when writing Cypress tests.
Enforcing Assertions
Ensures that assertions are made in test cases to prevent tests that mistakenly pass without asserting any conditions.
expect(something).to.be.true;
Disallowing Assignment in Conditional Expressions
Prevents the use of assignment operators in conditional expressions, which can lead to tests that pass incorrectly due to an assignment rather than a proper comparison.
if (user = getUser()) { /* ... */ }
Disallowing Unnecessary Waiting
Discourages the use of arbitrary wait times in tests, promoting the use of Cypress's built-in waiting mechanisms that are more reliable and efficient.
cy.wait(5000);
This package provides linting rules for Jest, another popular testing framework. It is similar to eslint-plugin-cypress in that it offers a set of rules tailored to the specific testing framework to encourage best practices.
Similar to eslint-plugin-cypress, this package offers linting rules for Mocha, a test framework for Node.js and the browser. It helps maintain code quality and adherence to Mocha-specific conventions.
This package is designed for linting code that uses the Testing Library family of utilities. It provides rules that help enforce best practices when writing tests with Testing Library, similar to how eslint-plugin-cypress does for Cypress tests.
An ESLint plugin for your Cypress tests.
Note: If you installed ESLint globally then you must also install eslint-plugin-cypress
globally.
npm install eslint-plugin-cypress --save-dev
or
yarn add eslint-plugin-cypress --dev
Add an .eslintrc.json
file to your cypress
directory with the following:
{
"plugins": [
"cypress"
]
}
You can add rules:
{
"rules": {
"cypress/no-assigning-return-values": "error",
"cypress/no-unnecessary-waiting": "error",
"cypress/assertion-before-screenshot": "warn",
"cypress/no-force": "warn",
"cypress/no-async-tests": "error"
}
}
You can allow certain globals provided by Cypress:
{
"env": {
"cypress/globals": true
}
}
Use the recommended configuration and you can forego configuring plugins, rules, and env individually. See below for which rules are included.
{
"extends": [
"plugin:cypress/recommended"
]
}
These rules enforce some of the best practices recommended for using Cypress.
Rules with a check mark (✅) are enabled by default while using the plugin:cypress/recommended
config.
NOTE: These rules currently require eslint 5.0 or greater. If you would like support added for eslint 4.x, please 👍 this issue.
Rule ID | Description | |
---|---|---|
✅ | no-assigning-return-values | Prevent assigning return values of cy calls |
✅ | no-unnecessary-waiting | Prevent waiting for arbitrary time periods |
✅ | no-async-tests | Prevent using async/await in Cypress test case |
no-force | Disallow using force: true with action commands | |
assertion-before-screenshot | Ensure screenshots are preceded by an assertion | |
require-data-selectors | Only allow data-* attribute selectors (require-data-selectors) |
no-unused-expressions
Using an assertion such as expect(value).to.be.true
can fail the ESLint rule no-unused-expressions
even though it's not an error in this case. To fix this, you can install and use eslint-plugin-chai-friendly.
npm install --save-dev eslint-plugin-chai-friendly
In your .eslintrc.json
:
{
"plugins": [
"cypress",
"chai-friendly"
],
"rules": {
"no-unused-expressions": 0,
"chai-friendly/no-unused-expressions": 2
}
}
Or you can simply add its recommended
config:
{
"extends": ["plugin:chai-friendly/recommended"]
}
To add a new rule:
yarn start
or npm start
docs
fileUse the following commit message conventions: https://github.com/semantic-release/semantic-release#commit-message-format
FAQs
An ESLint plugin for projects using Cypress
The npm package eslint-plugin-cypress receives a total of 2,428,787 weekly downloads. As such, eslint-plugin-cypress popularity was classified as popular.
We found that eslint-plugin-cypress demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.