
Security News
Feross on Risky Business Weekly Podcast: npm’s Ongoing Supply Chain Attacks
Socket CEO Feross Aboukhadijeh joins Risky Business Weekly to unpack recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
mithril-query
Advanced tools
Query mithril virtual dom for testing purposes
npm install mithril-query --save-dev
In order to run tests in mithril 2.x we need to do some setup. That is to mock the dom for the mithril render and request modules. This can be done by requiring a 'setup' file in your 'mocha' tests with the following contents.
global.window = Object.assign(
require('mithril/test-utils/domMock.js')(),
require('mithril/test-utils/pushStateMock')()
)
global.requestAnimationFrame = callback =>
global.setTimeout(callback, 1000 / 60)
... is gone, since mithril
does not provide a way to access it
... are now rendered as empty strings, like mithril does, because, well, mithril renders
... are now fully supported, including synthetic DOM elements 🎉
... are now returning DOM elements instead of vdom nodes.
... aren't supported anymore. Feel free to file a ticket, if you want them back.
You can run this tests server side or use browserify and run them in browsers.
const m = require('mithril')
module.exports = {
view: function() {
return m('div', [
m('span', 'spanContent'),
m('#fooId', 'fooContent'),
m('.barClass', 'barContent'),
])
},
}
/* eslint-env mocha */
global.window = Object.assign(
require('mithril/test-utils/domMock.js')(),
require('mithril/test-utils/pushStateMock')()
)
global.requestAnimationFrame = callback =>
global.setTimeout(callback, 1000 / 60)
const simpleModule = require('./simple')
const mq = require('../')
describe('simple module', function() {
it('should generate appropriate output', function() {
var output = mq(simpleModule)
output.should.have('span')
output.should.have('div > span')
output.should.have('#fooId')
output.should.have('.barClass')
output.should.have(':contains(barContent)')
output.should.contain('barContent')
})
})
Run the test with
mocha simple.test.js
First call mithril-query
with either a vnode or a component. You can call it
with one extra argument which will be used as attrs
in the component case.
var mq = require('mithril-query')
// plain vnode
var out = mq(m('div'))
// object component
var myComponent = {
view: function ({ attrs }) {
return m('div', attrs.text)
}
}
var out = mq(myComponent, { text: 'huhu' })
// closure component
function myComponent() {
return {
view: function ({ attrs }) {
return m('div', attrs.text)
}
}
}
var out = mq(myComponent, { text: 'huhu' })
As you can see mq
returns an out
-Object which has the following test-API.
out.first(selector)
– Returns the first element that matches the selector (think document.querySelector
).out.find(selector)
– Returns all elements that match the selector (think document.querySelectorAll
).out.has(selector)
– Returns true
if any element in tree matches the selector, otherwise false
.out.contains(string)
– Returns true
if any element in tree contains the string, otherwise false
.out.log(selector, [logFN])
– Small helper function to log out what was selected. Mainly for debugging
purposes. You can give an optional function which is called with the result.
It defaults to HTML-Pretty-Printer (pretty-html-log] that logs the HTML-representation to stdout
.You can use these nice assertions. They throw errors if they're not fulfilled. See the example in the example folder.
out.should.have([count], selector)
Throws if no element is found with selector. If count
is given, it throws if
count does not match.
out.should.not.have(selector)
– Throws if an element is found with selector.out.should.have.at.least(count, selector)
– Throws if there a fewer than count
elements matching the selectorout.should.have([selector0, selector1, selector2])
– Throws there aren't at least one element for each selector.out.should.contain(string)
– Throws if no element contains string
.out.should.not.contain(string)
- Throws if any element contains string
.It is also possible to trigger element events like onfocus
and onclick
and set values on <input>
-fields. This allows you to write "integration tests" that run also on server side.
Attention: Currently there is no event bubbling supported.
out.click(selector, [eventData])
– Runs onclick
for first element that matches selector. Optional eventData
is given
as to the event constructor. eventData.redraw = false
is respected.out.setValue(selector, string, [eventData])
– Runs oninput
and onchange
for first element that matches selector.out.trigger(selector, eventname, [eventData])
– General purpose event triggerer. Calls eventname
on first matching element.It also supports key events
out.keydown(selector, keycode, [eventData])
– calls onkeydown
with keycode
out.keydown(selector, keyname, [eventData])
– calls onkeydown
with keycode mapped from name. Mapping is done with this lib.keyup
, keypress
are supported as well.
Since mithril-query
uses mithril
on a fake DOM, auto rendering works as expected.
Example:
// module code
const component = {
visible: true
oninit({ state }) {
state.toggleMe = () => (state.visible = !state.visible)
},
view({ state }) {
return m(
state.visible ? '.visible' : '.hidden',
{ onclick: state.toggleMe},
'Test'
)
},
}
// actual test
out = mq(component)
out.should.have('.visible')
out.click('.visible')
out.should.not.have('.visible')
out.should.have('.hidden')
out.click('.hidden', { redraw: false })
out.should.have('.hidden')
As you can see, you can prevent auto redraw by providing a redraw: false
as last
argument to click
method.
You can also manually trigger redraw:
var out = mq(module)
out.should.have('.visible')
out.redraw()
If you need to access the rendered root element you can simply access it with
out.rootEl
onremove
handlingTo trigger onremove
-handlers of all initialized components, just call out.onremove()
FAQs
Query mithril virtual dom for testing purposes
The npm package mithril-query receives a total of 483 weekly downloads. As such, mithril-query popularity was classified as not popular.
We found that mithril-query demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CEO Feross Aboukhadijeh joins Risky Business Weekly to unpack recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
Product
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.