Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
nightwatch
Advanced tools
Nightwatch is an end-to-end testing framework for web applications and websites, written in Node.js. It uses the W3C WebDriver API to perform commands and assertions on DOM elements. Nightwatch is designed to be easy to set up and use, and it provides a powerful and flexible API for writing tests.
End-to-End Testing
Nightwatch allows you to perform end-to-end testing by automating browser interactions. This example initializes the browser, navigates to a URL, waits for the body element to be visible, asserts the page title, and then ends the session.
const { client } = require('nightwatch');
client.init()
.url('http://example.com')
.waitForElementVisible('body', 1000)
.assert.title('Example Domain')
.end();
Page Object Model
Nightwatch supports the Page Object Model, which helps in organizing your test code by separating the page-specific selectors and actions from the test logic. This example shows how to define a page object and use it in a test.
module.exports = {
url: 'http://example.com',
elements: {
body: 'body',
title: 'title'
}
};
// In your test file
const examplePage = client.page.example();
examplePage.navigate()
.waitForElementVisible('@body', 1000)
.assert.title('Example Domain');
Assertions
Nightwatch provides a variety of built-in assertions to validate the state of your application. This example demonstrates how to assert that the body element contains specific text.
client.init()
.url('http://example.com')
.waitForElementVisible('body', 1000)
.assert.containsText('body', 'Example Domain')
.end();
Selenium WebDriver is a popular tool for automating web applications for testing purposes. It provides a more low-level API compared to Nightwatch, which can offer more flexibility but requires more setup and boilerplate code.
Cypress is a modern end-to-end testing framework that aims to make testing fast, easy, and reliable. Unlike Nightwatch, Cypress runs in the same run-loop as your application, which allows for more consistent and reliable tests. However, it currently only supports JavaScript.
WebdriverIO is a test automation framework that allows you to run tests based on the WebDriver protocol and Appium. It offers a more extensive plugin system compared to Nightwatch, allowing for greater customization and integration with other tools.
UI automated testing framework powered by Node.js. It uses the Selenium WebDriver API.
Nightwatch works with the Selenium standalone server so the first thing you need to do is download the selenium server jar file selenium-server-standalone-2.x.x.jar
from the Selenium releases page:
http://selenium-release.storage.googleapis.com/index.html
Install Node.js and then:
$ git clone git@github.com:beatfactor/nightwatch.git
$ cd nightwatch
$ npm install
The tests for nightwatch are written using nodeunit as the test framework. To run the nodeunit tests do:
$ npm test
In addition to Twitter, the Mailing List/Google Group is also available for Nightwatch related discussions.
Browser specific setup and usage guides along with debugging instructions can be found on the Wiki.
FAQs
Easy to use Node.js based end-to-end testing solution for web applications using the W3C WebDriver API.
The npm package nightwatch receives a total of 122,284 weekly downloads. As such, nightwatch popularity was classified as popular.
We found that nightwatch demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.