Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Nemo provides a simple way to add selenium automation to your NodeJS web projects. Provides plugin architecture to incorporate custom features to your tests.
Nemo works best with a test runner and task runner. But in this README we will only cover setup and architecture of Nemo as a standalone entity.
For a holistic guide to using Nemo as an overall automation solution, please start here
Please see here for more information about setting up a webdriver. Your choice of webdriver will influence some of your settings below.
add the following to package.json devDependencies (assuming mocha is already integrated to your project):
"nemo": "git://github.com/paypal/nemo.git#master",
Then npm install
In the directory where you've installed Nemo, create a file called "nemoExample.js" with the following content:
var Nemo = require("../");
process.env.nemoData = JSON.stringify({
targetBrowser: "firefox",
targetServer: "localhost",
serverProps: {"port": 4444},
seleniumJar: "/usr/bin/selenium-server-standalone.jar",
targetBaseUrl: "https://www.paypal.com"
});
(new Nemo()).setup().then(function (nemo) {
nemo.driver.get(nemo.props.targetBaseUrl);
nemo.driver.sleep(5000).
then(function () {
console.info("Nemo was successful!!");
nemo.driver.quit();
});
});
You can see this file within the nemo examples directory: https://github.com/paypal/nemo/examples/setup.js
Now, assuming you've set up a driver which matches the above requirements, you can run the following, with the following result:
$ node examples/setup.js
Nemo was successful!!
Nemo will look for an environment variable named nemoData
. nemoData
should be in stringified JSON format. Depending on
the values therein, Nemo will start a variety of webdrivers and test on a variety of targets.
In addition to the Nemo setup using the name/value pairs, the NVPs are also passed along to the nemo object returned after setup,
in the "props" namespace. You also can pass in arbitrary name/values through nemoData
. Sometimes you might find it useful to have
such data passed in and used in your test scripts. Also, some plugins may require certain name/values to be defined here.
Note the use in the example of the arbitrary NVP "targetBaseUrl" and how it is accessed later on in the script as nemo.props.targetBaseUrl
Here are the required variables and their meaning:
Used as a root location for finding 'locator' files in your test suite. Also can be required by other plugins which need to require modules from your test suite.
Browser you wish to automate. Make sure that your chosen webdriver has this browser option available
Webdriver server you wish to use. Set as simply "localhost" if you are using a selenium-standalone driver on your local machine. Leave unset if you are using chrome or phantomjs on your local machine
Additional server properties required of the 'targetServer'. If you are using a selenium-standalone driver on your local machine, you have to minimally specify the port number. Leave unset if you aren't specifying a targetServer.
Path to your selenium-standalone server Jar file. Leave unset if you aren't using a local selenium-standalone Jar.
Because we NEed MOre automation testing!
FAQs
Wrapper to run mocha suites with injected selenium-webdriver instance
The npm package nemo receives a total of 72 weekly downloads. As such, nemo popularity was classified as not popular.
We found that nemo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.