
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
react-shallow-renderer
Advanced tools
react-shallow-renderer
When writing unit tests for React, shallow rendering can be helpful. Shallow rendering lets you render a component "one level deep" and assert facts about what its render method returns, without worrying about the behavior of child components, which are not instantiated or rendered. This does not require a DOM.
# npm
npm install react-shallow-renderer --save-dev
# Yarn
yarn add react-shallow-renderer --dev
For example, if you have the following component:
function MyComponent() {
return (
<div>
<span className="heading">Title</span>
<Subcomponent foo="bar" />
</div>
);
}
Then you can assert:
import ShallowRenderer from 'react-shallow-renderer';
// in your test:
const renderer = new ShallowRenderer();
renderer.render(<MyComponent />);
const result = renderer.getRenderOutput();
expect(result.type).toBe('div');
expect(result.props.children).toEqual([
<span className="heading">Title</span>,
<Subcomponent foo="bar" />,
]);
Shallow testing currently has some limitations, namely not supporting refs.
Note:
We also recommend checking out Enzyme's Shallow Rendering API. It provides a nicer higher-level API over the same functionality.
shallowRenderer.render()
You can think of the shallowRenderer as a "place" to render the component you're testing, and from which you can extract the component's output.
shallowRenderer.render()
is similar to ReactDOM.render()
but it doesn't require DOM and only renders a single level deep. This means you can test components isolated from how their children are implemented.
shallowRenderer.getRenderOutput()
After shallowRenderer.render()
has been called, you can use shallowRenderer.getRenderOutput()
to get the shallowly rendered output.
You can then begin to assert facts about the output.
FAQs
React package for shallow rendering.
The npm package react-shallow-renderer receives a total of 3,210,584 weekly downloads. As such, react-shallow-renderer popularity was classified as popular.
We found that react-shallow-renderer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.