🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

jest-feishu-reporter

Package Overview
Dependencies
Maintainers
1
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jest-feishu-reporter

将 Jest 的测试错误发送到飞书

latest
Source
npmnpm
Version
1.3.0
Version published
Maintainers
1
Created
Source

jest-feishu-reporter

ci npm Size

将 Jest 的测试错误发送到飞书。

飞书自定义机器人使用说明: 如何在群组中使用机器人?

加群

安装

npm install -D jest-feishu-reporter
# 或者
yarn add -D jest-feishu-reporter

使用

jest.config.js 中配置:

module.exports = {
  reporters: [
    "default",
    // ... other reporters
    [
      "jest-feishu-reporter",
      {
        "token": "xxxxxx-xxxxxxx-xxxx-xxxx",
        "secret": "xxxxxxx",
      },
    ],
  ],
};

或者在 package.json 配置:

"jest": {
  "reporters": [
    "default",
    [
      "jest-feishu-reporter",
      {
        "token": "xxxxxx-xxxxxxx-xxxx-xxxx",
        "secret": "xxxxxxx"
      }
    ] 
  ]
}

package.json 中还可以单独配置:

"jest-feishu": {
  "token": "xxxxxx-xxxxxxx-xxxx-xxxx",
  "secret": "xxxxxxx"
}

配置说明

token

如何在群组中使用机器人?第二步可以获取机器人的 webhook 地址,格式如下:

​https://open.feishu.cn/open-apis/bot/v2/hook/xxxxxxxxxxxxxxxxx​
                                             ^^^^^^^^^^^^^^^^^
                                                   token

token 就是 url 最后面的部分。

secret

飞书有 3 种安全模式,如果使用签名校验,则需要设置 secret

注意事项

对于公有仓库,还可以通过设置系统环境变量来进行配置。

  • JEST_FEISHU_TOKEN - 设置 token
  • JEST_FEISHU_SECRET - 设置 secret

使用:

JEST_FEISHU_TOKEN=xxxx-xxxx-xxx npm run test

Github Actions 配置:

- name: Test
  env:
    JEST_FEISHU_TOKEN: ${{ secrets.FEISHU_TOKEN }}
  run: yarn test

License

jest-feishu-reporter is released under the MIT License. See the bundled LICENSE file for details.

Keywords

jest
reporter
feishu
lark
test

FAQs

Package last updated on 16 Jul 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Security News

/

Research

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.

By Kush Pandya  -  Dec 05, 2025