Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
jest-validate
Advanced tools
Generic configuration validation tool that helps you with warnings, errors and deprecation messages as well as showing users examples of correct configuration.
The jest-validate package is a utility for validating and ensuring that configurations passed to Jest, the JavaScript testing framework, are correct. It checks if the provided configuration object adheres to Jest's expected configurations and provides warnings or errors for any invalid or unknown options. This helps developers to quickly identify issues with their Jest setup.
Validation of configuration objects
This feature allows developers to validate their Jest configuration objects against a schema. It ensures that the configuration provided matches the expected format and values that Jest can work with.
{"validateConfig": require('jest-validate').validateConfig, "config": { "verbose": true }, "exampleConfig": { "verbose": false }}
Customization of validation messages
Developers can provide custom messages for unknown or deprecated options. This helps in guiding the user to correct their configuration with helpful feedback.
{"validateConfig": require('jest-validate').validateConfig, "config": { "unknownOption": true }, "exampleConfig": { "verbose": false }, "options": { "comment": "A custom message for unknownOption" }}
Deprecation warnings
jest-validate can warn users about deprecated configuration options. It provides a mechanism to inform users about the new options they should use instead.
{"validateConfig": require('jest-validate').validateConfig, "config": { "scriptPreprocessor": "<rootDir>/preprocessor.js" }, "exampleConfig": { "transform": {"^.+\\.js$": "<rootDir>/preprocessor.js"} }, "deprecatedConfig": { "scriptPreprocessor": "Please use `transform` instead" }}
Convict is a configuration management library for Node.js that includes schema validation. It is similar to jest-validate in that it validates configuration objects, but it is more general-purpose and not tied to a specific framework like Jest.
Joi is a powerful schema description language and data validator for JavaScript. Unlike jest-validate, which is tailored for Jest configurations, Joi can be used for validating any kind of data structures and is often used for validating API input.
Yup is a JavaScript schema builder for value parsing and validation. Similar to Joi, it defines a schema to validate objects against. It is less verbose and more expressive in some cases compared to Joi and is not specific to Jest configurations.
Generic configuration validation tool that helps you with warnings, errors and deprecation messages as well as showing users examples of correct configuration.
npm install --save jest-validate
import {validate} from 'jest-validate';
validate((config: Object), (options: ValidationOptions)); // => {hasDeprecationWarnings: boolean, isValid: boolean}
Where ValidationOptions
are:
type ValidationOptions = {
blacklist?: Array<string>,
comment?: string,
condition?: (option: any, validOption: any) => boolean,
deprecate?: (
config: Object,
option: string,
deprecatedOptions: Object,
options: ValidationOptions,
) => true,
deprecatedConfig?: {[key: string]: Function},
error?: (
option: string,
received: any,
defaultValue: any,
options: ValidationOptions,
) => void,
exampleConfig: Object,
recursive?: boolean,
title?: Title,
unknown?: (
config: Object,
exampleConfig: Object,
option: string,
options: ValidationOptions,
) => void,
};
type Title = {|
deprecation?: string,
error?: string,
warning?: string,
|};
exampleConfig
is the only option required.
By default jest-validate
will print generic warning and error messages. You can however customize this behavior by providing options: ValidationOptions
object as a second argument:
Almost anything can be overwritten to suite your needs.
recursiveBlacklist
– optional array of string keyPaths that should be excluded from deep (recursive) validation.comment
– optional string to be rendered below error/warning message.condition
– an optional function with validation condition.deprecate
, error
, unknown
– optional functions responsible for displaying warning and error messages.deprecatedConfig
– optional object with deprecated config keys.exampleConfig
– the only required option with configuration against which you'd like to test.recursive
- optional boolean determining whether recursively compare exampleConfig
to config
(default: true
).title
– optional object of titles for errors and messages.You will find examples of condition
, deprecate
, error
, unknown
, and deprecatedConfig
inside source of this repository, named respectively.
Minimal example:
validate(config, {exampleConfig});
Example with slight modifications:
validate(config, {
comment: ' Documentation: http://custom-docs.com',
deprecatedConfig,
exampleConfig,
title: {
deprecation: 'Custom Deprecation',
// leaving 'error' and 'warning' as default
},
});
This will output:
● Validation Warning:
Unknown option transformx with value "<rootDir>/node_modules/babel-jest" was found.
This is either a typing error or a user mistake. Fixing it will remove this message.
Documentation: http://custom-docs.com
● Validation Error:
Option transform must be of type:
object
but instead received:
string
Example:
{
"transform": {
"^.+\\.js$": "<rootDir>/preprocessor.js"
}
}
Documentation: http://custom-docs.com
Based on deprecatedConfig
object with proper deprecation messages. Note custom title:
Custom Deprecation:
Option scriptPreprocessor was replaced by transform, which support multiple preprocessors.
Jest now treats your current configuration as:
{
"transform": {".*": "xxx"}
}
Please update your configuration.
Documentation: http://custom-docs.com
23.6.0
[jest-cli]
Add changedSince
to allowed watch mode configs (#6955)[babel-jest]
Add support for babel.config.js
added in Babel 7.0.0 (#6911)[jest-resolve]
Add support for an experimental mapper
option (Watchman crawler only) that adds virtual files to the Haste map (#6940)[jest-resolve]
Only resolve realpath once in try-catch (#6925)[expect]
Fix TypeError in toBeInstanceOf
on null
or undefined
(#6912)[jest-jasmine2]
Throw a descriptive error if the first argument supplied to a hook was not a function (#6917) and (#6931)[jest-circus]
Throw a descriptive error if the first argument supplied to a hook was not a function (#6917) and (#6931)[expect]
Fix variadic custom asymmetric matchers (#6898)[jest-cli]
Fix incorrect testEnvironmentOptions
warning (#6852)[jest-each]
Prevent done callback being supplied to describe (#6843)[jest-config]
Better error message for a case when a preset module was found, but no jest-preset.js
or jest-preset.json
at the root (#6863)[jest-haste-map]
Catch crawler error when unsuccessfully reading directories (#6761)[docs]
Add custom toMatchSnapshot matcher docs (#6837)[docs]
Improve the documentation regarding preset configuration (#6864)[docs]
Clarify usage of --projects
CLI option (#6872)[docs]
Correct failure-change
notification mode (#6878)[scripts]
Don’t remove node_modules from subdirectories of presets in e2e tests (#6948)[diff-sequences]
Double-check number of differences in tests (#6953)FAQs
Generic configuration validation tool that helps you with warnings, errors and deprecation messages as well as showing users examples of correct configuration.
The npm package jest-validate receives a total of 24,580,065 weekly downloads. As such, jest-validate popularity was classified as popular.
We found that jest-validate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.