Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Nemo provides a simple way to add selenium automation to your NodeJS web projects. Provides plugin architecture to incorporate custom features to your tests.
Nemo works best with a test runner and task runner. But in this README we will only cover setup and architecture of Nemo as a standalone entity.
For a holistic guide to using Nemo as an overall automation solution, please start here
Please see here for more information about setting up a webdriver. Your choice of webdriver will influence some of your settings below.
add the following to package.json devDependencies (assuming mocha is already integrated to your project):
"nemo": "^0.1.0",
Then npm install
In the directory where you've installed Nemo, create a file called "nemoExample.js" with the following content:
var Nemo = require("../");
process.env.nemoData = JSON.stringify({
targetBrowser: "firefox",
targetServer: "localhost",
serverProps: {"port": 4444},
seleniumJar: "/usr/bin/selenium-server-standalone.jar",
targetBaseUrl: "https://www.paypal.com"
});
(new Nemo()).setup().then(function (nemo) {
nemo.driver.get(nemo.props.targetBaseUrl);
nemo.driver.sleep(5000).
then(function () {
console.info("Nemo was successful!!");
nemo.driver.quit();
});
});
You can see this file within the nemo examples directory: https://github.com/paypal/nemo/examples/setup.js
Now, assuming you've set up a driver which matches the above requirements, you can run the following, with the following result:
$ node examples/setup.js
Nemo was successful!!
Nemo will look for an environment variable named nemoData
. nemoData
should be in stringified JSON format. Depending on
the values therein, Nemo will start a variety of webdrivers and test on a variety of targets.
In addition to the Nemo setup using the name/value pairs, the NVPs are also passed along to the nemo object returned after setup,
in the "props" namespace. You also can pass in arbitrary name/values through nemoData
. Sometimes you might find it useful to have
such data passed in and used in your test scripts. Also, some plugins may require certain name/values to be defined here.
Note the use in the example of the arbitrary NVP "targetBaseUrl" and how it is accessed later on in the script as nemo.props.targetBaseUrl
Here are the required variables and their meaning:
Used as a root location for finding 'locator' files in your test suite. Also can be required by other plugins which need to require modules from your test suite.
Browser you wish to automate. Make sure that your chosen webdriver has this browser option available
Webdriver server you wish to use. Set as simply "localhost" if you are using a selenium-standalone driver on your local machine. Leave unset if you are using chrome or phantomjs on your local machine
Additional server properties required of the 'targetServer'. If you are using a selenium-standalone driver on your local machine, you have to minimally specify the port number. Leave unset if you aren't specifying a targetServer.
You can also set args and jvmArgs to the selenium jar process as follows:
'serverProps': {
'port': 4444,
'args': ['-firefoxProfileTemplate','/Users/medelman/Desktop/ffprofiles'],
'jvmArgs': ['-someJvmArg', 'someJvmArgValue']
}
Path to your selenium-standalone server Jar file. Leave unset if you aren't using a local selenium-standalone Jar.
serverCaps would map to the capabilities here: http://selenium.googlecode.com/git/docs/api/javascript/source/lib/webdriver/capabilities.js.src.html
Some webdrivers (for instance ios-driver, or appium) would have additional capabilities which can be set via this variable. As an example, you can connect to saucelabs by adding this serverCaps:
"serverCaps": {
"username": "medelman",
"accessKey": "b38e179e-079a-417d-beb8-xyz" //not my real access key
}
You can author or use plugins to enhance your test suite. Something important to know about plugins is how you register them. Provide JSON like this to the Nemo constructor:
{
"plugins": {
"samplePlugin": {
"module": "./test/plugin/sample-plugin",
"priority": 99
},
"drivex": {
"module": "nemo-drivex",
"register": true
},
"autoRegPlugin": {
"module": "./test/plugin/autoreg-plugin",
"register": true
},
"locatex": {
"module": "nemo-locatex",
"register": true
},
"view": {
"module": "nemo-view"
}
}
}
A priority
value of < 100 will register this plugin BEFORE the selenium driver object is created. This means that such a plugin can modify properties of the driver (such as serverProps
). It also means that any other elements of the Nemo setup will NOT be available to that plugin. Leaving priority
unset will register the plugin after the driver object is created.
Setting register: true
will cause this plugin to register whether or not you supply any accompanying configuration in the Nemo.setup config object.
More on plugin authoring can be found here: https://github.com/paypal/nemo-docs/blob/master/plugins.md
File issues for new plugin creation here: https://github.com/paypal/nemo-plugin-registry/issues
/**
* Represents a Nemo instance
* @constructor
* @param {Object} config - Object which contains any plugin registration
*
*/
/**
*
* Nemo.setup
*@param {Object} config -
* {
* 'view': ['example-login', 'serviceError'] //optional
* ,'locator': ['wallet'] //optional
* ,<plugin config namespace>: <plugin config> //optional, depends on plugin setup
* }
*@returns webdriver.promise - successful fulfillment will return an {Object} as below:
* {
* 'view': {} //view instances if specified in config
* ,'locator': {} //locator instances if specified in config
* ,'driver': {} //driver instance. ALWAYS
* ,'wd': {} //static reference to selenium-webdriver. ALWAYS
* ,<plugin namespace>: <plugin object> //if plugin registers
* }
*/
When you call 'setup' on a Nemo instance, what happens? The answer is important if you plan to write your own plugins or place Nemo in a new context outside of the examples already provided. Here is a plain English description of what happens:
Because we NEed MOre automation testing!
FAQs
Wrapper to run mocha suites with injected selenium-webdriver instance
We found that nemo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.