Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The nise npm package is a library for creating fake servers, responses, and timers in JavaScript tests. It allows developers to simulate server responses and time-based behavior without the need for an actual server or waiting for real time to pass. This is particularly useful in unit testing, where tests need to be both fast and deterministic.
Fake XMLHttpRequest and server
This feature allows you to create a fake server that can respond to XMLHttpRequests. You can specify the HTTP method, URL, and response details. This is useful for testing AJAX requests without needing to hit a real server.
var fakeServer = nise.fakeServer.create();
fakeServer.respondWith('GET', '/some/article', [200, { 'Content-Type': 'application/json' }, '{ "id": 12, "comment": "Hey there" }']);
fakeServer.respondImmediately = true;
Fake timers
With fake timers, you can simulate the passage of time in tests. This is useful for functions that rely on setTimeout, setInterval, or Date objects. It allows you to test time-dependent code without real time delays.
var clock = nise.useFakeTimers();
clock.tick(1000); // Simulate the passage of 1 second
Sinon is a popular testing library that includes functionalities similar to nise, such as spies, stubs, mocks, and fake servers. While nise focuses on network requests and timers, Sinon provides a broader range of testing utilities, making it a more comprehensive solution for many testing scenarios.
Nock is a powerful HTTP server mocking and expectations library for Node.js. Unlike nise, which provides both fake servers and timers, nock focuses exclusively on intercepting and mocking HTTP requests. It allows for a more detailed and flexible setup of request interception, making it a strong choice for testing HTTP interactions.
fake XHR and Server
Documentation: http://sinonjs.github.io/nise/
Support us with a monthly donation and help us continue our activities. [Become a backer]
Become a sponsor and get your logo on our README on GitHub with a link to your site. [Become a sponsor]
nise was released under BSD-3
FAQs
Fake XHR and server
We found that nise demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.