Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
jest-util
Advanced tools
The jest-util package provides utility functions for Jest, a popular JavaScript testing framework. It includes a variety of helpers and tools that are used internally by Jest but can also be useful for developers working with or extending Jest tests.
Console Replacement
This feature allows for the creation of a custom console that buffers all logs. This is useful for controlling and testing console output during test runs.
const { BufferedConsole } = require('jest-util');
const customConsole = new BufferedConsole();
customConsole.log('Hello, this is a buffered log.');
Error Formatting
This function formats execution errors for display in Jest's output, providing a standardized view of test errors, including stack traces.
const { formatExecError } = require('jest-util');
const error = new Error('Test error');
const config = {rootDir: '/path/to/project', testMatch: []};
console.log(formatExecError(error, config, {noStackTrace: false}, undefined, true));
Test Path Normalization
This utility normalizes file paths for glob matching, which is particularly useful on Windows where path separators differ.
const { replacePathSepForGlob } = require('jest-util');
const path = 'path\to\test\file.js';
console.log(replacePathSepForGlob(path));
Chai is an assertion library similar to jest-util in that it is used to help with testing JavaScript applications. Unlike jest-util, Chai focuses more on providing a rich set of assertions rather than utilities for managing Jest environments or outputs.
Mocha is a test framework that, like Jest, can utilize utility packages for enhanced testing capabilities. While jest-util specifically supports Jest, Mocha has its own set of utilities and plugins that serve a similar purpose but are tailored to Mocha's ecosystem.
Sinon provides standalone test spies, stubs, and mocks for JavaScript. It complements jest-util by offering more focused functionalities for creating and managing test doubles, which can be used alongside or independently of Jest.
26.6.2
[jest-core]
Add findRelatedTests
and nonFlagArgs
in allowed config options for updateConfigAndRun
in watch plugins (#10659)[babel-plugin-jest-hoist]
Preserve order of hoisted mock nodes within containing block (#10536)[babel-plugin-jest-hoist]
Hoist pure constants to support experimental JSX transform in hoisted mocks (#10723)[babel-preset-jest]
Update babel-preset-current-node-syntax
to support top level await (#10747)[expect]
Revert "Fix objectContaining
to work recursively into sub-objects (#10508)" (#10766)[jest-circus, jest-jasmine2]
fix: don't assume stack
is always a string (#10697)[jest-config]
Fix bug introduced in watch mode by PR #10678 (#10692)[jest-config]
Throw correct error for missing preset modules (#10737)[jest-resolve-dependencies]
Resolve mocks as dependencies (#10713)[jest-runtime]
Handle file URLs in dynamic imports (#10744)[jest-runtime, babel-jest]
Pass more ESM options to @jest/transform
(#10752)[jest-runtime]
Properly inject extraGlobals
into the runtime (#10758)[jest-transform]
Link to ESM docs on syntax errors (#10748)[docs]
Add docs for using mocks in TypeScript (#10415)[eslint-config-fb-strict]
Move package from this repo to fbjs
repo (#10739)[examples]
Update TypeScript example to show use of newer Jest types (#10399)[jest-cli]
chore: standardize files and folder names (#10698)[jest-config]
Switch ts-node Register
type to Service
due to deprecation (#11210)FAQs
This packages is a collection of utilities and helper functions
We found that jest-util demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.