Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
node-consumer-pact-validation
Advanced tools
This is a spike at the verification portion of the [version 2 Pact] (https://github.com/pact-foundation/pact-specification/tree/version-2) specification.
The library should work with standard testing frameworks such as mocha
and should behave as a standard assertion library. It should throw an AssertionError
in the event of
failure.
This library is still in alpha/early stages of development and does not yet fully conform to the v2 specification. At the time of time of writing, the intention is to implement this once it is clearer how to do so.
** Implemented **
** Not implemented **
Essentially this the verification section only, use it in place of chai.expect/assert
. It's unlikely this will be what you are looking for with standard pact verification. To verify a standard consumer, use it with the interceptor to catch the outgoing http requests and assert they meet the pact spec.
FAQs
A consumer pact generator written for pure nodeJS
The npm package node-consumer-pact-validation receives a total of 0 weekly downloads. As such, node-consumer-pact-validation popularity was classified as not popular.
We found that node-consumer-pact-validation demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.