Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
jest-validate
Advanced tools
Generic configuration validation tool that helps you with warnings, errors and deprecation messages as well as showing users examples of correct configuration.
The jest-validate package is a utility for validating and ensuring that configurations passed to Jest, the JavaScript testing framework, are correct. It checks if the provided configuration object adheres to Jest's expected configurations and provides warnings or errors for any invalid or unknown options. This helps developers to quickly identify issues with their Jest setup.
Validation of configuration objects
This feature allows developers to validate their Jest configuration objects against a schema. It ensures that the configuration provided matches the expected format and values that Jest can work with.
{"validateConfig": require('jest-validate').validateConfig, "config": { "verbose": true }, "exampleConfig": { "verbose": false }}
Customization of validation messages
Developers can provide custom messages for unknown or deprecated options. This helps in guiding the user to correct their configuration with helpful feedback.
{"validateConfig": require('jest-validate').validateConfig, "config": { "unknownOption": true }, "exampleConfig": { "verbose": false }, "options": { "comment": "A custom message for unknownOption" }}
Deprecation warnings
jest-validate can warn users about deprecated configuration options. It provides a mechanism to inform users about the new options they should use instead.
{"validateConfig": require('jest-validate').validateConfig, "config": { "scriptPreprocessor": "<rootDir>/preprocessor.js" }, "exampleConfig": { "transform": {"^.+\\.js$": "<rootDir>/preprocessor.js"} }, "deprecatedConfig": { "scriptPreprocessor": "Please use `transform` instead" }}
Convict is a configuration management library for Node.js that includes schema validation. It is similar to jest-validate in that it validates configuration objects, but it is more general-purpose and not tied to a specific framework like Jest.
Joi is a powerful schema description language and data validator for JavaScript. Unlike jest-validate, which is tailored for Jest configurations, Joi can be used for validating any kind of data structures and is often used for validating API input.
Yup is a JavaScript schema builder for value parsing and validation. Similar to Joi, it defines a schema to validate objects against. It is less verbose and more expressive in some cases compared to Joi and is not specific to Jest configurations.
Generic configuration validation tool that helps you with warnings, errors and deprecation messages as well as showing users examples of correct configuration.
npm install --save jest-validate
import {validate} from 'jest-validate';
validate(
config: Object,
options: ValidationOptions,
); // => {hasDeprecationWarnings: boolean, isValid: boolean}
Where ValidationOptions
are:
type ValidationOptions = {
comment?: string,
condition?: (option: any, validOption: any) => boolean,
deprecate?: (
config: Object,
option: string,
deprecatedOptions: Object,
options: ValidationOptions
) => true,
deprecatedConfig?: {[key: string]: Function},
error?: (
option: string,
received: any,
defaultValue: any,
options: ValidationOptions,
) => void,
exampleConfig: Object,
title?: Title,
unknown?: (
config: Object,
exampleConfig: Object,
option: string,
options: ValidationOptions
) => void,
}
type Title = {|
deprecation?: string,
error?: string,
warning?: string,
|}
exampleConfig
is the only option required.
By default jest-validate
will print generic warning and error messages. You can however customize this behavior by providing options: ValidationOptions
object as a second argument:
Almost anything can be overwritten to suite your needs.
comment
– optional string to be rendered bellow error/warning message.condition
– an optional function with validation condition.deprecate
, error
, unknown
– optional functions responsible for displaying warning and error messages.deprecatedConfig
– optional object with deprecated config keys.exampleConfig
– the only required option with configuration against which you'd like to test.title
– optional object of titles for errors and messages.You will find examples of condition
, deprecate
, error
, unknown
, and deprecatedConfig
inside source of this repository, named respectively.
Minimal example:
validate(config, {exampleConfig});
Example with slight modifications:
validate(config, {
comment: ' Documentation: http://custom-docs.com',
exampleConfig,
deprecatedConfig,
title: {
deprecation: 'Custom Deprecation',
// leaving 'error' and 'warning' as default
}
});
This will output:
● Validation Warning:
Unknown option transformx with value "<rootDir>/node_modules/babel-jest" was found.
This is either a typing error or a user mistake. Fixing it will remove this message.
Documentation: http://custom-docs.com
● Validation Error:
Option transform must be of type:
object
but instead received:
string
Example:
{
"transform": {"^.+\\.js$": "<rootDir>/preprocessor.js"}
}
Documentation: http://custom-docs.com
Based on deprecatedConfig
object with proper deprecation messages. Note custom title:
Custom Deprecation:
Option scriptPreprocessor was replaced by transform, which support multiple preprocessors.
Jest now treats your current configuration as:
{
"transform": {".*": "xxx"}
}
Please update your configuration.
Documentation: http://custom-docs.com
FAQs
Generic configuration validation tool that helps you with warnings, errors and deprecation messages as well as showing users examples of correct configuration.
The npm package jest-validate receives a total of 21,466,935 weekly downloads. As such, jest-validate popularity was classified as popular.
We found that jest-validate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.