Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
testdouble
Advanced tools
Welcome! Are you writing JavaScript tests and in the market for a mocking library to fake out real things for you? testdouble.js is an opinionated, carefully-designed test double library maintained by, oddly enough, a software agency that's also named Test Double.
If you practice test-driven development, testdouble.js was designed to promote terse, clear, and easy-to-understand tests. There's an awful lot to cover, so please take some time and enjoy our documentation, which itself is designed to show you how to make the most out of test doubles in your tests.
Interested in learning what testdouble.js is, why it exists, and what the API offers? The quickest path is this fast-paced 20-minute talk:
Right now, Sinon.js is the test double incumbent in JavaScript, with over 1.7 million downloads in the last month. If you've got experience with Sinon, check out our side-by-side comparison to see why we wrote testdouble.js and how some of the API translates.
Before diving into our in-depth docs, here is a quick intro of the basic uses:
var td = require('testdouble');
var fetch = td.function();
td.when(fetch(42)).thenReturn('Jane User');
fetch(42); // -> 'Jane User'
var td = require('testdouble');
var save = td.function('.save');
save(41, 'Jane');
td.verify(save(41, 'Jill'));
//
// Error: Unsatisfied verification on test double `.save`.
//
// Wanted:
// - called with `(41, "Jill")`.
//
// But was actually called:
// - called with `(41, "Jane")`.
All of our docs are in the docs/ directory inside this repository and numbered for easy reading in the priority-order we anticipate people needing them. Here's a rough outline:
v3.3.0 (2017-12-26)
Merged pull requests:
FAQs
A minimal test double library for TDD with JavaScript
The npm package testdouble receives a total of 62,155 weekly downloads. As such, testdouble popularity was classified as popular.
We found that testdouble demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.