Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
mock-socket
Advanced tools
Readme
Javascript mocking library for websockets and socket.io
npm install mock-socket
import { WebSocket, Server } from 'mock-socket';
import test from 'ava';
import { Server } from 'mock-socket';
class ChatApp {
constructor(url) {
this.messages = [];
this.connection = new WebSocket(url);
this.connection.onmessage = event => {
this.messages.push(event.data);
};
}
sendMessage(message) {
this.connection.send(message);
}
}
test.cb('that chat app can be mocked', t => {
const fakeURL = 'ws://localhost:8080';
const mockServer = new Server(fakeURL);
mockServer.on('connection', socket => {
socket.on('message', data => {
t.is(data, 'test message from app', 'we have intercepted the message and can assert on it');
socket.send('test message from mock server');
});
});
const app = new ChatApp(fakeURL);
app.sendMessage('test message from app'); // NOTE: this line creates a micro task
// NOTE: this timeout is for creating another micro task that will happen after the above one
setTimeout(() => {
t.is(app.messages.length, 1);
t.is(app.messages[0], 'test message from mock server', 'we have stubbed our websocket backend');
mockServer.stop(t.done);
}, 100);
});
import { WebSocket, Server } from 'mock-socket';
/*
* By default the global WebSocket object is stubbed out when
* a new Server instance is created and is restored when you stop
* the server.
* However, you can disable this behavior by passing `mock: false`
* to the options and manually mock the socket when you need it.
*/
const server = new Server('ws://localhost:8080', { mock: false });
/*
* If you need to stub something else out you can like so:
*/
window.WebSocket = WebSocket; // Here we stub out the window object
const mockServer = new Server('ws://localhost:8080');
mockServer.on('connection', socket => {
socket.on('message', () => {});
socket.on('close', () => {});
socket.on('error', () => {});
socket.send('message');
socket.close();
});
mockServer.clients(); // array of all connected clients
mockServer.emit('room', 'message');
mockServer.stop(optionalCallback);
A declaration file is included by default. If you notice any issues with the types please create an issue or a PR!
Socket.IO has limited support. Below is a similar example to the one above but modified to show off socket.io support.
import test from 'ava';
import { SocketIO, Server } from 'mock-socket';
class ChatApp {
constructor(url) {
this.messages = [];
this.connection = new io(url);
this.connection.on('chat-message', data => {
this.messages.push(event.data);
});
}
sendMessage(message) {
this.connection.emit('chat-message', message);
}
}
test.cb('that socket.io works', t => {
const fakeURL = 'ws://localhost:8080';
const mockServer = new Server(fakeURL);
window.io = SocketIO;
mockServer.on('connection', socket => {
socket.on('chat-message', data => {
t.is(data, 'test message from app', 'we have intercepted the message and can assert on it');
socket.emit('chat-message', 'test message from mock server');
});
});
const app = new ChatApp(fakeURL);
app.sendMessage('test message from app');
setTimeout(() => {
t.is(app.messages.length, 1);
t.is(app.messages[0], 'test message from mock server', 'we have subbed our websocket backend');
mockServer.stop(t.done);
}, 100);
});
The easiest way to work on the project is to clone the repo down via:
git clone git@github.com:thoov/mock-socket.git
cd mock-socket
yarn install
Then to create a local build via:
yarn build
Then create a local npm link via:
yarn link
At this point you can create other projects / apps locally and reference this local build via:
yarn link mock-socket
from within your other projects folder. Make sure that after any changes you run yarn build
!
This project uses ava.js as its test framework. Tests are located in /tests. To run tests:
yarn test
This project uses eslint and a rules set from airbnb's javascript style guides. To run linting:
yarn lint
This project uses prettier. To run the formatting:
yarn format
Code coverage reports are created in /coverage after all of the tests have successfully passed. To run the coverage:
yarn test:coverage
If you have any feedback, encounter any bugs, or just have a question, please feel free to create a github issue or send me a tweet at @thoov.
FAQs
Javascript mocking library for websockets and socket.io
The npm package mock-socket receives a total of 390,009 weekly downloads. As such, mock-socket popularity was classified as popular.
We found that mock-socket demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.