Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
jest-coverage-thresholds-bumper
Advanced tools
jest-coverage-thresholds-bumper
Tool for Jest testing library that automatically bumps up code coverage thresholds as real code coverage improves.
jest-coverage-thresholds-bumper
Tool for Jest testing library that automatically bumps up code coverage thresholds as real code coverage improves. Inspired by https://github.com/Koleok/jest-coverage-ratchet, but I decided to re-implement without Ramda (it looks cool, but readability sucks IMO). I am also adding features I need. My team are using this tool for many months now, and it seems to be stable.
Tool supports jest.config.json, jest.config.js, and jest.config.ts configuration files, as well as jest section in package.json.
Value
Sometimes you may forget to cover some of your new code with tests. Jest helps to detect that - it it compares code coverage against configured thresholds and fails if there are not enough tests (see https://jestjs.io/docs/configuration#coveragethreshold-object). Unfortunately, it only works if your thresholds are always up to date - e.g. if your specified threshold is 90% and your coverage drops from 92% to 91% then Jest will fail to see that.
jest-coverage-thresholds-bumper helps to regularly update configured thresholds, so if your real coverage drops then Jest will report it immediately.
Note that sometimes it could be perfectly normal to decrease configured thresholds (e.g. if you removed a chunk of 100% covered code). In this case, you will have to update threshold values in Jest config and include it into your pull request. This way reviewers will have better visibility on the code coverage impact and why it happens.
Installation
Assuming that you already have Jest installed, call:
npm install -D jest-coverage-thresholds-bumper
Usage
- Make sure that Jest has code coverage enabled and uses
json-summaryreporter. It is needed to produce coverage results for analysis. - Ensure that you have some threshold values specified in Jest config file (you can start with
0).jest-coverage-thresholds-bumperonly updates existing values. Example:
// jest.config.js
...
coverageThreshold: {
global: {
lines: 80,
statements: 80,
branches: 80,
functions: 80,
}
}
...
- Call
jest-coverage-thresholds-bumperafter running tests, for example:
// package.json
...
"scripts": {
"test": "jest",
"posttest": "jest-coverage-thresholds-bumper",
}
...
When the tool is called, it finds coverage information, compares results with stored threshold values, and bumps up threshold values if results are higher. Note that only defined thresholds are bumped up - i.e. if no thresholds exist, nothing will be bumped.
Options
Usage: jest-coverage-thresholds-bumper <command> [options]
Options:
--coverage-summary-path Path to Jest coverage results [string] [default: ./coverage/coverage-summary.json]
--config-path Path to Jest config file [string] [default: Search for jest.config.* files or "jest" section in package.json]
--margin Minimal threshold increase in per cent [number] [default: 0]
--dry-run Do analysis, but don't change any thresholds [boolean] [default: false]
--silent No console output unless something goes wrong [boolean] [default: false]
--help Show help [boolean]
--version Show version number [boolean]
FAQ
Q: How margin parameter works? What is it for?
A: Imagine that both real and expected coverage are at 90 percent and the margin is 1 percent. If you add a tiny test that increases real coverage by only 0.5 percent then this tool won't bump up the expected coverage. If you add more tests and real coverage improves to 91 or mor percent then your threshold will increase. Some people may use margin parameter to ignore little fluctuations in code coverage during active development phase, which could fail builds.
Q: Which NodeJS versions do you support?
A: I am aiming for all currently supported LTS versions. Package might work with older versions, but I am not testing it and won't be fixing issues that happen only with those old versions. Current minimal version is NodeJS v12.
[1.1.0] - 2021-12-24
Added
- New
--config-pathCLI option.
Changed
- Better CLI help.
- Updated dependencies.
Keywords
FAQs
Tool for Jest testing library that automatically bumps up code coverage thresholds as real code coverage improves.
The npm package jest-coverage-thresholds-bumper receives a total of 7,295 weekly downloads. As such, jest-coverage-thresholds-bumper popularity was classified as popular.
We found that jest-coverage-thresholds-bumper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 24 Dec 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024