Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The 'should' npm package is an expressive, readable, framework-agnostic assertion library for Node.js and browsers. It extends the 'Object.prototype' with a single non-enumerable getter that allows you to express how your code should behave in a readable way. It can be used for writing tests and supports both BDD (Behavior-Driven Development) and TDD (Test-Driven Development) styles.
Chainable Assertions
Allows chaining multiple assertions together for readability and expressiveness.
should(value).be.exactly(42).and.be.a.Number();
Type Assertions
Provides assertions to check the type of a variable.
should('test').be.a.String();
Number Assertions
Includes assertions specifically for numbers, such as checking if a number is within a range.
should(10).be.above(5).and.below(15);
Property Assertions
Allows asserting the presence and value of an object's property.
should({ name: 'Alice', age: 25 }).have.property('name', 'Alice');
Equality Assertions
Enables asserting deep equality between objects or arrays.
should([1, 2, 3]).eql([1, 2, 3]);
Error Assertions
Provides a way to assert that a function throws an error.
should(function() { throw new Error('fail'); }).throw();
Chai is a BDD / TDD assertion library for node and the browser that can be delightfully paired with any javascript testing framework. It offers similar functionality to 'should' with chainable assertions but has a different syntax and additional interfaces like 'expect' and 'assert'.
Expect.js is a minimalistic BDD-style assertions library that can be used in Node.js or in the browser. It provides a similar API to 'should' but does not extend 'Object.prototype', which can be a desirable feature for some users to avoid potential conflicts.
Assert is a module that provides a simple set of assertion tests that can be used to test invariants. It is built into Node.js and offers a more traditional TDD assertion style, which is different from the BDD style provided by 'should'.
Jest is a delightful JavaScript Testing Framework with a focus on simplicity. It comes with its own assertion library and test runner. While it provides similar assertion capabilities, it is more than just an assertion library as it includes testing utilities and is often used as a complete testing solution.
should is an expressive, readable, framework-agnostic assertion library. The main goals of this library are to be expressive and to be helpful. It keeps your test code clean, and your error messages helpful.
should extends the Object.prototype
with a single non-enumerable getter that allows you to express how that object should behave. It also returns itself when required with require
. It does not mean that you should use it like getter - it is possible to use it as function call. For this use .noConflict
function.
Please check wiki page for upgrading instructions.
var should = require('should');
var user = {
name: 'tj'
, pets: ['tobi', 'loki', 'jane', 'bandit']
};
user.should.have.property('name', 'tj');
user.should.have.property('pets').with.lengthOf(4);
// If the object was created with Object.create(null)
// then it doesn't inherit `Object.prototype`, so it will not have `.should` getter
// so you can do:
should(user).have.property('name', 'tj');
// also you can test in that way for null's
should(null).not.be.ok;
someAsyncTask(foo, function(err, result){
should.not.exist(err);
should.exist(result);
result.bar.should.equal(foo);
});
Install it:
$ npm install should --save-dev
Require it and use:
var should = require('should');
(5).should.be.exactly(5).and.be.a.Number;
Well, even when browsers by complains of authors has 100% es5 support, it does not mean it has not bugs. Please see wiki for known bugs.
If you want to use should in browser, use the should.js
file in the root of this repository, or build it yourself. To build a fresh version:
$ npm install
$ gulp script
The script is exported to window.Should
. It is the same as using should
statically:
Should(5).be.exactly(5)
Also, in the case of node.js, Object.prototype
is extended with should
(hence the capital S in window.Should
):
window.should.be.exactly(window);
// the same
// window is host object
should.be.exactly(window);
// you should not really care about it
(5).should.be.exactly(5);
You can easy install it with npm or bower:
npm install should --save-dev
# or
bower install shouldjs/should.js
Actual api docs generated by jsdoc comments and available at http://shouldjs.github.io.
Please look on usage in examples
.not
negates the current assertion.
.any
allow for assertions with multiple parameters to assert any of the parameters (but not all). This is similar to the native JavaScript array.some.
Every assertion will return a should.js
-wrapped Object, so assertions can be chained.
To help chained assertions read more clearly, you can use the following helpers anywhere in your chain: .an
, .of
, .a
, .and
, .be
, .have
, .with
, .is
, .which
. Use them for better readability; they do nothing at all.
For example:
user.should.be.an.instanceOf(Object).and.have.property('name', 'tj');
user.pets.should.be.instanceof(Array).and.have.lengthOf(4);
Almost all assertions return the same object - so you can easy chain them. But some (eg: .length
and .property
) move the assertion object to a property value, so be careful.
To add own assertion you need to call should.Assertion.add
function. It accept 3 arguments:
What assertion function should do. It should check only positive case. should
will handle .not
itself.
this
in assertion function will be instance of should.Assertion
and you must define in any way this.params object
in your assertion function call before assertion check happen.
params
object can contain several fields:
operator
- it is string which describe your assertionactual
it is actual value, you can assume it is your own this.obj if you need to define you ownexpected
it is any value that expected to be matched this.objYou can assume its usage in generating AssertionError message like: expected obj
? || this.obj not? operator
expected
?
In should
sources appeared 2 kinds of usage of this method.
First not preferred and used only for shortcuts to other assertions, e.g how .should.be.true
defined:
Assertion.add('true', function() {
this.is.exactly(true);
}, true);
There you can see that assertion function do not define own this.params
and instead call within the same assertion .exactly
that will fill this.params
. You should use this way very carefully, but you can use it.
Second way preferred and i assume you will use it instead of first.
Assertion.add('true', function() {
this.params = { operator: 'to be true', expected: true };
this.obj.should.be.exactly(true);
}, true);
in this case this.params defined and then used new assertion context (because called .should
). Internally this way does not
create any edge cases as first.
Assertion.add('asset', function() {
this.params = { operator: 'to be asset' };
this.obj.should.have.property('id').which.is.a.Number;
this.obj.should.have.property('path');
})
//then
> ({ id: '10' }).should.be.an.asset();
AssertionError: expected { id: '10' } to be asset
expected '10' to be a number
> ({ id: 10 }).should.be.an.asset();
AssertionError: expected { id: 10 } to be asset
expected { id: 10 } to have property path
Actual list of contributors if you want to show it your friends.
To run the tests for should simply run:
$ make test
See also CONTRIBUTING.
Yes, yes it does, with a single getter should, and no it won't break your code, because it does this properly with a non-enumerable property.
Also it is possible use it without extension.
MIT © 2010-2014 TJ Holowaychuk
5.0.1 / 2015-02-21
FAQs
test framework agnostic BDD-style assertions
The npm package should receives a total of 1,220,365 weekly downloads. As such, should popularity was classified as popular.
We found that should demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.