Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
proxay
Advanced tools
Readme
Proxay (pronounced "prokseï") is a proxy server that helps you write faster tests.
Use Proxay as a layer between a client and its backend to record interactions and later replay them on demand.
You can use Proxay to proxy interactions between:
Proxay can operate in several modes:
Proxay is language-agnostic: it's just a server. Your code doesn't need to be written in JavaScript to benefit from using it.
Make sure you have NPM installed, then run:
npm install --global proxay
# or if you're using Yarn
yarn global add proxay
# Record mode (proxies requests)
proxay --mode record --host https://api.website.com --tapes-dir tapes/
# Replay mode (no proxying)
proxay --mode replay --tapes-dir tapes/
# Passthrough mode (proxies requests without persisting)
proxay --mode passthrough --host https://api.website.com
You can also run several instances of Proxay simultaneously on different ports (for example to proxy
multiple backends). Just pick a different port (e.g. --port 3001
).
If you want proxay to accept incoming requests on HTTPS in addition to HTTP, you can provide the HTTPS key and certificate files in PEM format on the --https-key
and --https-cert
arguments respectively. If the HTTPS certificate is self-signed, you probably also want to provide the CA certificate in PEM format on --https-ca
. See the key
, cert
, and ca
arguments to tls.createSecureContext
for what these mean.
If you have several tests, you likely want to save recorded interactions into one tape per test, and replay from the correct tape for each test.
You can do this by sending a POST
request to /__proxay/tape
with the following payload:
{
"tape": "test1/my tape"
}
In record mode, this will create a new file test1/my tape.yml
within your tapes directory.
In replay mode, this same file will be read from your tapes directory.
You can leverage this by picking a tape based on the current test's name in the beforeEach
block of your test suite.
Let's say you're writing tests for your client. You want your tests to run as fast as possible, but your backend is quite slow. Or worse, you have some tests already, but they're flaky because your backend or one of its dependencies isn't completely reliable.
Instead of pointing your client to your backend like you normally would, use Proxay as your backend. Tell Proxay to record requests going to the backend and run your tests once. This will create "tapes" which are records of each request/response between your client and your backend.
Then, run Proxay in replay mode and run your tests again. Your tests should still work, but you'll notice tests run a lot faster. That's because your backend is not used anymore. Instead, Proxay plays back responses from the tapes it had previously recorded.
This will make your tests faster and more stable. However, because you no longer use a real backend, you should still make sure to run your jobs in "record" mode on a regular basis (for example with a cron job on your CI) to test the implicit contract between your client and backend.
node-replay
node-replay
is an inspiration for Proxay.
However, node-replay
isn't a proxy per se: it simply replaces require('http').request
in Node
with its own method. This means that you can only use node-replay
when running tests within Node.
Proxay is more versatile. It's "just a server". You can use it for anything you want, including as part of your test infrastructure for your web or mobile applications.
yakbak
Proxay is very similar to yakbak
. There are a couple of differences:
host
headers so the backend doesn't reject mismatching requests.vcr
VCR is a Ruby gem with a similar approach to node-replay
. Just like node-replay
, it cannot be
used as a general-purpose proxy. It can only be used to test Ruby software.
MockServer
MockServer does a lot more things than Proxay.
If you need something more elaborate than Proxay, for example the ability to mock out specific URL patterns, you may need MockServer.
However, if all you need is a simple record/replay proxy layer, you'll probably find that Proxay is much easier to set up and run.
To release a new version of Proxay, follow the following two steps:
master
version
field in package.json
.Release [version]
).v[version]
(e.g. v2.1.1
). Do not forget the v
, which is required to trigger the NPM publish on CircleCI.Release v[version]
(e.g. Release v2.1.1
)FAQs
[![CircleCI](https://circleci.com/gh/airtasker/proxay.svg?style=svg)](https://circleci.com/gh/airtasker/proxay)
The npm package proxay receives a total of 687 weekly downloads. As such, proxay popularity was classified as not popular.
We found that proxay demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.