Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
grunt-blanket-mocha
Advanced tools
Headless Blanket.js code coverage and Mocha testing via PhantomJS
Other plugins look similar, but are different in that they:
This plugin, however:
This plugin is based on kmiyashiro/grunt-mocha and supports all the configurations of that plugin. Please see that repo for more options on configuration.
This plugin requires Grunt ~0.4.1
If you haven't used Grunt before, be sure to check out the Getting Started guide, as it explains how to create a Gruntfile as well as install and use Grunt plugins. Once you're familiar with that process, you may install this plugin with this command:
npm install grunt-blanket-mocha --save-dev
Once the plugin has been installed, it may be enabled inside your Gruntfile with this line of JavaScript:
grunt.loadNpmTasks('grunt-blanket-mocha');
This plugin requires Blanket.js v1.1.5 which is currently still in development. Check the blanket.js version in the dev branch in the meantime.
This plugin is based off of grunt-contrib-mocha. For general config options and examples, please see that repo.
In your project's Gruntfile, add a section named blanket_mocha
to the data object passed into grunt.initConfig()
.
grunt.initConfig({
blanket_mocha: {
all: [ 'specs/index.html' ],
options: {
threshold: 70
}
}
})
Use the all
param to specify where your mocha browser spec HTML file lives.
This works the same way as it does in the base grunt-mocha
plugin.
NOTE: Be sure to include the blanketJS script tag in your test html file
To allow Blanket to communicate with the parent Grunt process, add this snippet in your test HTML, after all the other scripts:
<script>
if (window.PHANTOMJS) {
blanket.options("reporter", "../node_modules/grunt-blanket-mocha/support/grunt-reporter.js");
}
</script>
NOTE: The above path is assuming that the specs are being run from a directory one deeper than the root directory.
Adjust the path accordingly.
NOTE 2: The conditional if (window.PHANTOMJS)
statement is there because of the hacky way that messages are passed
between an HTML page and the PhantomJS process (using alerts). Without this condition, you would get bombarded
with alert messages in your in-browser mocha report.
If you want to see blanketJS coverage reports in the browser as well (useful for visually scanning which lines have coverage and which do not) include this snippet it in your test html blanket and mocha.
<script type="text/javascript" src="../node_modules/grunt-blanket-mocha/support/mocha-blanket.js"></script>
NOTE: The above path is assuming that the specs are being run from a directory one deeper than the root directory.
Adjust the path accordingly.
Type: Number
Default value: 60
The minimum percent coverage per-file. Any files that have coverage below this threshold will fail the build. By default, only the failing files will be output in the console. To show passing files as well, use the grunt --verbose
option.
Type: Number
Default value: undefined
The minimum percent coverage per-module. Any modules that have coverage below this threshold will fail the build. Both passing and failing module statistics will be shown in the output.
This option requires that the modulePattern
property is also set (see below).
Type: RegEx
Default value: undefined
A regular expression defining how to extract a module name from the path of a covered file. The regular expression should include a single parenthetical expression which will be matched as the module name. For example, to define the module name as the text in between the first two slashes, you could use:
modulePattern: "./(.*?)/"
Type: Number
Default value: undefined
The minimum percent coverage overall, averaged for all files. An average coverage percentage below this value will fail the build.Both passing and failing module statistics will be shown in the output.
Type: Array
Default value: undefined
List filenames that need to be excluded. This will inform the Grunt Task to not mark these files as failed. The result will be printed as, SKIP: [..%] filename
Example:
excludedFiles: [ "./src/my/file1.js", "./src/my/project/file2.js" ]
Override the threshold specified in the Gruntfile.
For example, if you wanted to test your files using a 90% threshold, and the Gruntfile had a different threshold specified, you could override it like so:
grunt --threshold=90
Override the moduleThreshold specified in the Gruntfile.
For example, if you wanted to test your files using a 90% module threshold, and the Gruntfile had a different module threshold specified, you could override it like so:
grunt --moduleThreshold=90
Override the globalThreshold specified in the Gruntfile.
For example, if you wanted to test your files using a 90% global threshold, and the Gruntfile had a different global threshold specified, you could override it like so:
grunt --globalThreshold=90
List the files to be excluded as an array.
Example,
grunt --excludedFiles=["./src/my/file1.js", "./src/my/project/file2.js"]
Only run test specs that match a certain pattern.
For example, if you only wanted to run specs that match the word "login" you could run:
grunt --grep="login"
In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests for any new or changed functionality. Lint and test your code using Grunt.
Released 6 September 2013
Released 25 August 2013
Released 1 August 2013
Released 31 July 2013
FAQs
Headless Blanket.js code coverage and Mocha testing via PhantomJS
The npm package grunt-blanket-mocha receives a total of 34 weekly downloads. As such, grunt-blanket-mocha popularity was classified as not popular.
We found that grunt-blanket-mocha demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.