Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
jest-circus
Advanced tools
[type-definitions]: https://github.com/jestjs/jest/blob/main/packages/jest-types/src/Circus.ts
The jest-circus package is a test runner for Jest that aims to be a foundation for building testing frameworks. It provides a feature-rich API for defining tests, handling test execution, and setting up and tearing down test environments. It's designed to be more extensible and maintainable than Jest's default test runner.
Defining Tests
This feature allows you to define individual test cases using the `test` function. The code sample demonstrates a simple test that checks if the addition of 1 and 2 equals 3.
test('adds 1 + 2 to equal 3', () => {
expect(1 + 2).toBe(3);
});
Setup and Teardown
Jest-circus provides lifecycle methods like `beforeEach` and `afterEach` for setting up and tearing down your test environment before and after each test, respectively.
beforeEach(() => {
initializeCityDatabase();
});
afterEach(() => {
clearCityDatabase();
});
Test Suites
Organize tests into test suites using the `describe` block. This allows grouping of related tests, making tests easier to manage and understand.
describe('matching cities to foods', () => {
test('Vienna <3 sausage', () => {
expect(matchCityToFood('Vienna')).toBe('sausage');
});
});
Asynchronous Testing
Support for testing asynchronous code using async/await syntax or promises, allowing for straightforward testing of asynchronous operations.
test('the data is peanut butter', async () => {
await expect(fetchData()).resolves.toBe('peanut butter');
});
Mocha is a feature-rich JavaScript test framework running on Node.js and in the browser, making asynchronous testing simple. It's similar to jest-circus in providing a flexible and extensible testing framework, but differs in its execution model and default assertion library integration.
Jasmine is a behavior-driven development framework for testing JavaScript code. It does not require a DOM, and it has a clean, obvious syntax so that you can easily write tests. Jasmine is similar to jest-circus in its syntax and approach to defining tests but operates independently of Jest and has its own assertion library.
AVA is a test runner for Node.js with a concise API, detailed error output, and process isolation that lets you develop with confidence. It's similar to jest-circus in its focus on modern JavaScript features and concurrency but differs in its minimalistic approach and focus on speed.
jest-circus
The next-gen test runner for Jest
Circus is a flux-based test runner for Jest that is fast, maintainable, and simple to extend.
Circus allows you to bind to events via an optional event handler on any custom environment. See the type definitions for more information on the events and state data currently available.
import {Event, State} from 'jest-circus';
import {TestEnvironment as NodeEnvironment} from 'jest-environment-node';
class MyCustomEnvironment extends NodeEnvironment {
//...
async handleTestEvent(event: Event, state: State) {
if (event.name === 'test_start') {
// ...
}
}
}
Mutating event or state data is currently unsupported and may cause unexpected behavior or break in a future release without warning. New events, event data, and/or state data will not be considered a breaking change and may be added in any minor release.
Note, that jest-circus
test runner would pause until a promise returned from handleTestEvent
gets fulfilled. However, there are a few events that do not conform to this rule, namely: start_describe_definition
, finish_describe_definition
, add_hook
, add_test
or error
(for the up-to-date list you can look at SyncEvent type in the types definitions). That is caused by backward compatibility reasons and process.on('unhandledRejection', callback)
signature, but that usually should not be a problem for most of the use cases.
Note: As of Jest 27,
jest-circus
is the default test runner, so you do not have to install it to use it.
Install jest-circus
using yarn:
yarn add --dev jest-circus
Or via npm:
npm install --save-dev jest-circus
Configure Jest to use jest-circus
via the testRunner
option:
{
"testRunner": "jest-circus/runner"
}
Or via CLI:
jest --testRunner='jest-circus/runner'
29.7.0
[create-jest]
Add npm init
/ yarn create
initialiser for Jest projects (#14465)[jest-validate]
Allow deprecation warnings for unknown options (#14499)[jest-resolver]
Replace unmatched capture groups in moduleNameMapper
with empty string instead of undefined
(#14507)[jest-snapshot]
Allow for strings as well as template literals in inline snapshots (#14465)[@jest/test-sequencer]
Calculate test runtime if perStats.duration
is missing (#14473)[@jest/create-cache-key-function]
Cache access of NODE_ENV
and BABEL_ENV
(#14455)[jest-cli]
Move internal config initialisation logic to the create-jest
package (#14465)FAQs
[type-definitions]: https://github.com/jestjs/jest/blob/main/packages/jest-types/src/Circus.ts
The npm package jest-circus receives a total of 20,290,992 weekly downloads. As such, jest-circus popularity was classified as popular.
We found that jest-circus demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.