Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
The 'should' npm package is an expressive, readable, framework-agnostic assertion library for Node.js and browsers. It extends the 'Object.prototype' with a single non-enumerable getter that allows you to express how your code should behave in a readable way. It can be used for writing tests and supports both BDD (Behavior-Driven Development) and TDD (Test-Driven Development) styles.
Chainable Assertions
Allows chaining multiple assertions together for readability and expressiveness.
should(value).be.exactly(42).and.be.a.Number();
Type Assertions
Provides assertions to check the type of a variable.
should('test').be.a.String();
Number Assertions
Includes assertions specifically for numbers, such as checking if a number is within a range.
should(10).be.above(5).and.below(15);
Property Assertions
Allows asserting the presence and value of an object's property.
should({ name: 'Alice', age: 25 }).have.property('name', 'Alice');
Equality Assertions
Enables asserting deep equality between objects or arrays.
should([1, 2, 3]).eql([1, 2, 3]);
Error Assertions
Provides a way to assert that a function throws an error.
should(function() { throw new Error('fail'); }).throw();
Chai is a BDD / TDD assertion library for node and the browser that can be delightfully paired with any javascript testing framework. It offers similar functionality to 'should' with chainable assertions but has a different syntax and additional interfaces like 'expect' and 'assert'.
Expect.js is a minimalistic BDD-style assertions library that can be used in Node.js or in the browser. It provides a similar API to 'should' but does not extend 'Object.prototype', which can be a desirable feature for some users to avoid potential conflicts.
Assert is a module that provides a simple set of assertion tests that can be used to test invariants. It is built into Node.js and offers a more traditional TDD assertion style, which is different from the BDD style provided by 'should'.
Jest is a delightful JavaScript Testing Framework with a focus on simplicity. It comes with its own assertion library and test runner. While it provides similar assertion capabilities, it is more than just an assertion library as it includes testing utilities and is often used as a complete testing solution.
should is an expressive, readable, framework-agnostic assertion library. The main goals of this library are to be expressive and to be helpful. It keeps your test code clean, and your error messages helpful.
By default (when you require('should')
) should extends the Object.prototype
with a single non-enumerable getter that allows you to express how that object should behave. It also returns itself when required with require
.
It is also possible to use should.js without getter (it will not even try to extend Object.prototype), just require('should/as-function')
. Or if you already use version that auto add getter, you can call .noConflict
function.
Results of (something).should
getter and should(something)
in most situations are the same
Please check wiki page for upgrading instructions.
You can take look in FAQ.
var should = require('should');
var user = {
name: 'tj'
, pets: ['tobi', 'loki', 'jane', 'bandit']
};
user.should.have.property('name', 'tj');
user.should.have.property('pets').with.lengthOf(4);
// If the object was created with Object.create(null)
// then it doesn't inherit `Object.prototype`, so it will not have `.should` getter
// so you can do:
should(user).have.property('name', 'tj');
// also you can test in that way for null's
should(null).not.be.ok();
someAsyncTask(foo, function(err, result){
should.not.exist(err);
should.exist(result);
result.bar.should.equal(foo);
});
Install it:
$ npm install should --save-dev
Require it and use:
var should = require('should');
(5).should.be.exactly(5).and.be.a.Number();
var should = require('should/as-function');
should(10).be.exactly(5).and.be.a.Number();
For TypeScript users:
```js
import * as should from 'should';
(0).should.be.Number();
```
Well, even when browsers by complaints of authors have 100% es5 support, it does not mean it has no bugs. Please see wiki for known bugs.
If you want to use should in browser, use the should.js
file in the root of this repository, or build it yourself. To build a fresh version:
$ npm install
$ npm run browser
The script is exported to window.should
:
should(10).be.exactly(10)
You can easy install it with npm or bower:
npm install should -D
# or
bower install shouldjs/should.js
Actual api docs generated by jsdoc comments and available at http://shouldjs.github.io.
Please look on usage in examples
.not
negates the current assertion.
.any
allow for assertions with multiple parameters to assert any of the parameters (but not all). This is similar to the native JavaScript array.some.
Every assertion will return a should.js
-wrapped Object, so assertions can be chained.
To help chained assertions read more clearly, you can use the following helpers anywhere in your chain: .an
, .of
, .a
, .and
, .be
, .have
, .with
, .is
, .which
. Use them for better readability; they do nothing at all.
For example:
user.should.be.an.instanceOf(Object).and.have.property('name', 'tj');
user.pets.should.be.instanceof(Array).and.have.lengthOf(4);
Almost all assertions return the same object - so you can easy chain them. But some (eg: .length
and .property
) move the assertion object to a property value, so be careful.
Adding own assertion is pretty easy. You need to call should.Assertion.add
function. It accept 2 arguments:
What assertion function should do. It should check only positive case. should
will handle .not
itself.
this
in assertion function will be instance of should.Assertion
and you must define in any way this.params object
in your assertion function call before assertion check happen.
params
object can contain several fields:
operator
- it is string which describe your assertionactual
it is actual value, you can assume it is your own this.obj if you need to define you ownexpected
it is any value that expected to be matched this.objYou can assume its usage in generating AssertionError message like: expected obj
? || this.obj not? operator
expected
?
In should
sources appeared 2 kinds of usage of this method.
First not preferred and used only for shortcuts to other assertions, e.g how .should.be.true()
defined:
Assertion.add('true', function() {
this.is.exactly(true);
});
There you can see that assertion function do not define own this.params
and instead call within the same assertion .exactly
that will fill this.params
. You should use this way very carefully, but you can use it.
Second way preferred and i assume you will use it instead of first.
Assertion.add('true', function() {
this.params = { operator: 'to be true', expected: true };
should(this.obj).be.exactly(true);
});
in this case this.params defined and then used new assertion context (because called .should
). Internally this way does not
create any edge cases as first.
Assertion.add('asset', function() {
this.params = { operator: 'to be asset' };
this.obj.should.have.property('id').which.is.a.Number();
this.obj.should.have.property('path');
})
//then
> ({ id: '10' }).should.be.an.asset();
AssertionError: expected { id: '10' } to be asset
expected '10' to be a number
> ({ id: 10 }).should.be.an.asset();
AssertionError: expected { id: 10 } to be asset
expected { id: 10 } to have property path
should-sinon
- adds additional assertions for sinon.jsshould-immutable
- extends different parts of should.js to make immutable.js first-class citizen in should.jsshould-http
- adds small assertions for assertion on http responses for node onlyshould-jq
- assertions for jq (need maintainer)karma-should
- make more or less easy to work karma with should.jsshould-spies
- small and dirty simple zero dependencies spiesActual list of contributors if you want to show it your friends.
To run the tests for should simply run:
$ npm test
See also CONTRIBUTING.
Yes, yes it does, with a single getter should, and no it won't break your code, because it does this properly with a non-enumerable property.
Also it is possible use it without extension. Just use require('should/as-function')
everywhere.
MIT. See LICENSE for details.
FAQs
test framework agnostic BDD-style assertions
We found that should demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.