Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Drop in replacement for mocha to abstract commonly used test setups
Install with npm:
$ npm install --save node-tdd
Drop-in extension for mocha by simply importing describe
as below.
import { expect } from 'chai';
import { describe } from 'node-tdd';
describe('Testing some stuff', /* { ...options }, */ () => {
it('Testing a thing', () => {
expect(3 * 7).to.equal(21);
});
});
Please see tests for further usage examples.
Delay the connection by a certain number of ms.
Delay the response body by a certain number of ms.
Type: string
The tmp directory for this test. Only available when useTmpDir
is set.
Type: object
Can be called to interact with the currently captured logs. Exposes the following functions:
get(level = null)
: Returns array of recorded logs. Can be restricted by passing in the log level.reset()
: Reset currently captured logsverbose(flag: boolean)
: Set verbosity mode of capture (if the original logger function is called)Only available when record
option is used.
Type: function
Utility function that takes a function as an argument, calls it and expects it to raise an error. The raised error is returned. If no error is raised an assertion error is thrown instead.
Type: function
Utility function that can be used to load test fixtures from the fixtureFolder
.
Internally this uses smart-fs to determine how a file extension is loaded.
If the fixture is unique, the file extensions is not required.
Used to heal nock recordings. This is useful when the body of (some) recordings is outdated or the recording order is invalid. Can be used in the following ways:
--nock-heal
: Will try to heal ordering of nock cassette recordings--nock-heal prune
: Will remove unmatched recordings from nock cassette--nock-heal headers
: Will try to heal request headers of nock cassette recordings--nock-heal body
: Will try to heal bodies of nock cassette recordings--nock-heal path
: Will try to heal paths of nock cassette recordings--nock-heal response
: Will try to heal responses--nock-heal record
: Will record the next unmatched request--nock-heal stub
: Will stub the next unmatched request--nock-heal magic
: Shorthand for headers,body,path,response
Notes:
--nock-heal body,path
Type: boolean
Default: false
When set to true, a fresh temporary directory is set up for each test. The directory is cleaned up after the test run has completed.
Type: boolean
Default: false
When set to true, all requests are automatically nocked. The recording files are automatically created relative to the current test file.
Type: string
Default: $FILENAME__cassettes
Used to customize the folder name that contains the nock cassettes. This can be useful when multiple describe in the same file use nock.
Type: object
Default: {}
Used to define modifiers that can be used in cassettes. E.g. can be used to make encoded response bodies more readable. See tests for how to use in detail.
Type: boolean
Default: false
When set to true, all headers are stripped when requests are recorded.
Type: object
Default: {}
Can be used to overwrite reqheaders
in recordings. Cassette files are only updated when changed.
Type: string
Default: $FILENAME__fixtures
Used to customize the folder name that contains the test fixtures.
Fixtures can be loaded by calling fixture(FIXTURE_NAME)
.
Type: string
Default: $FILENAME.env.yml
Used to customize the name of the file that environment variables are loaded from, if it exists.
To allow overwriting of environment variables, prefix the name of the environment variable with ^
.
Type: object
Default: -
Used to declare environment variables per describe. Overwrites environment variables
loaded from envVarsFile
(if allowed).
To allow overwriting of environment variables, prefix the name of the environment variable with ^
.
Type: boolean
Default: true
Known accessed caches will be cleared after test has executed when set to true
.
Type: number|string
Default: -
Set timestamp to freeze time to. Will modify the result of e.g. new Date()
.
Type: object
Default: -
Expects logger (e.g. console
) to be passed in and captures input,
which can be accessed by using recorder
from within the test.
Type: string
Default: -
When set, randomization is overwritten and consistent per test using the provided seed.
Type: boolean
Default: false
When set to true, all random functions are re-seeded. This results in reduced randomness.
Only allowed when cryptoSeed is provided.
Type: number
Default: -
Set the timeout for all tests in the suite.
FAQs
Drop in extension for mocha to abstract commonly used test setups
We found that node-tdd demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.