Security News
JavaScript Leaders Demand Oracle Release the JavaScript Trademark
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
Sinon is a testing utility that provides functions for spies, stubs, and mocks, which are essential for behavior-driven development and testing in JavaScript. It works with any unit testing framework and is widely used for its versatile API and comprehensive feature set.
Spies
Spies are functions that record their usage, such as how many times they were called, with what arguments, and what was returned. They can be used to wrap existing functions to add this tracking ability.
const sinon = require('sinon');
const myFunction = sinon.spy();
myFunction('Hello', 'World');
console.log(myFunction.calledOnce); // true
Stubs
Stubs are like spies, but they can replace the target function's behavior, either by returning a specific value or by throwing an exception. They are useful for controlling a function's behavior in a test.
const sinon = require('sinon');
const myObj = { myMethod: () => 'original' };
const stub = sinon.stub(myObj, 'myMethod').returns('stubbed');
console.log(myObj.myMethod()); // 'stubbed'
Mocks
Mocks are fake methods (like stubs) with pre-programmed behavior and expectations. They are used to assert that certain methods are called in certain ways.
const sinon = require('sinon');
const myObj = { myMethod: () => 'original' };
const mock = sinon.mock(myObj);
mock.expects('myMethod').once().returns('mocked');
console.log(myObj.myMethod()); // 'mocked'
mock.verify();
Jest is a complete testing framework that comes with spies, mocks, and stubs built-in. It is often compared to Sinon for its mocking capabilities, but Jest provides a more integrated experience with a test runner and assertion library included.
Testdouble.js (npm package 'testdouble') is a minimalistic testing library that provides a similar API to Sinon for creating test doubles like stubs, mocks, and spies. It focuses on providing a more user-friendly experience with better error messages and simpler APIs.
Chai-spies is a plugin for the Chai assertion library that adds spy capabilities. While it doesn't offer as comprehensive a set of features as Sinon, it integrates well with Chai for developers who prefer that assertion style.
Standalone and test framework agnostic JavaScript test spies, stubs and mocks.
via npm (node package manager)
$ sudo npm install sinon
or install via git by cloning the repository and including sinon.js in your project, as you would any other third party library.
See the sinon project homepage
Check out todo.org in the project repository
I've added a rudimentary setup for running the tests on Rhino with env.js (as this is a fairly common test setup, Sinon should support it). The files are located in test/rhino, but there are currently quite a few test failures. I believe these are not all bugs - many are probably problems with the tests running in Rhino. Run tests from the project root (load paths depend on it):
$ java -jar js.jar -opt -1 test/rhino/run.js
1.3.0
Support using bare functions as fake server response handlers (< 1.3.0 required URL and/or method matcher too)
Log some internal errors to sinon.log (defaults to noop). Set sinon.log to your logging utility of choice for better feedback when.
White-list fake XHRs: Allows some fake requests and some that fall through to the backend server (Tim Ruffles)
Decide Date.now support at fake-time. Makes it possible to load something that polyfills Date.now after Sinon loaded and still have Date.now on fake Dates.
Mirror properties on replaced function properties
New methods: spy.yield(), spy.yieldTo(), spy.callArg() and spy.callArgWith() can be used to invoke callbacks passed to spies (while avoiding the mock-like upfront yields() and friends). invokeCallback is available as an alias for yield for people working with strict mode. (Maximilian Antoni)
New properties: spy.firstCall, spy.secondCall, spy.thirdCall and spy.lastCall. (Maximilian Antoni)
New method: stub.returnsArg(), causes stub to return one of its arguments. (Gavin Huang)
Stubs now work for inherited methods. This was previously prohibited to avoid stubbing not-yet-implemented methods. (Felix Geisendörfer)
server.respond() can now accept the same arguments as server.respondWith() for quick-and-dirty respondWith+respond. (Gavin Huang)
Format objects with buster-format in the default bundle. Default to util.inspect on node unless buster-format is available (not a hard dependency, more like a 'preference').
Bug fix: Make sure XHRs can complete even if onreadystatechange handler fails
Bug fix: Mirror entire Date.prototype, including toUTCString when faking
Bug fix: Default this object to global in exposed asserts
Bug fix: sinon.test: use try/finally instead of catch and throw - preserves stack traces (Kevin Turner)
Bug fix: Fake setTimeout
now returns ids greater than 0. (Domenic Denicola)
Bug fix: NPM install warning (Felix Geisendörfer)
Bug fix: Fake timers no longer swallows exceptions (Felix Geisendörfer)
Bug fix: Properly expose all needed asserts for node
Bug fix: wrapMethod on window property (i.e. when stubbing/spying on global functions)
Bug fix: Quote "yield" (Ben Hockey)
Bug fix: callOrder works correctly when spies have been called multiple times
FAQs
JavaScript test spies, stubs and mocks.
The npm package sinon receives a total of 4,681,464 weekly downloads. As such, sinon popularity was classified as popular.
We found that sinon demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.