Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
unexpected
Advanced tools
Minimalistic BDD assertion toolkit based on [expect.js](https://github.com/LearnBoost/expect.js)
Minimalistic BDD assertion toolkit based on expect.js
expect(window.r, 'to be', undefined);
expect({ a: 'b' }, 'to equal', { a: 'b' });
expect(5, 'to be a', 'number');
expect([], 'to be an', 'array');
expect(window, 'not to be an', Image);
require('unexpected')
).Install it with NPM or add it to your package.json
:
$ npm install unexpected
Then:
var expect = require('unexpected');
Include the unexpected.js
found at the lib directory of this
repository.
<script src="unexpected.js"></script>
this will expose the expect function under the following namespace:
var expect = weknowhow.expect;
Include the library with RequireJS the following way:
define(['unexpected/lib/unexpected.js'], funtion (expect) {
// Your code
});
asserts that the value is truthy
ok / truthy / falsy: asserts that the value is truthy or not
expect(1, 'to be ok');
expect(true, 'to be ok');
expect(true, 'not to be falsy');
expect({}, 'to be truthy');
expect(0, 'not to be ok');
expect(0, 'to be falsy');
expect(null, 'to be falsy');
expect(undefined, 'to be falsy');
be: asserts ===
equality
expect(obj, 'to be', obj);
expect(obj, 'not to be', {});
expect(1, 'to be', 1);
expect(NaN, 'not to be', NaN);
expect(1, 'not to be', true);
expect('1', 'not to be', 1);
expect(null, 'not to be', undefined);
equal: asserts loose equality that works with objects
expect({ a: 'b' }, 'to equal', { a: 'b' });
expect(1, 'to equal', '1');
expect(null, 'not to equal', '1');
var now = new Date();
expect(now, 'to equal', now);
expect(now, 'to equal', new Date(now.getTime()));
expect({ now: now }, 'to equal', { now: now });
a / an: asserts typeof
with support for array
type and instanceof
expect(5, 'to be a', 'number');
expect(5, 'to be a number');
expect([], 'to be an', 'array');
expect([], 'to be an array');
expect([], 'to be an', Array);
expect([], 'to be an', 'object');
expect([], 'to be an object');
expect(null, 'not to be an', 'object');
expect(null, 'not to be an object');
expect(true, 'to be a', 'boolean');
expect(true, 'to be a boolean');
expect("".substring, 'to be a', 'function');
expect("".substring, 'to be a function');
match: asserts String
regular expression match
expect('test', 'to match', /.*st/);
expect('test', 'not to match', /foo/);
expect(null, 'not to match', /foo/);
contain: asserts indexOf for an array or string
expect([1, 2], 'to contain', 1);
expect('hello world', 'to contain', 'world');
expect(null, 'not to contain', 'world');
length: asserts array .length
expect([], 'to have length', 0);
expect([1,2,3], 'to have length', 3);
expect([1,2,3], 'not to have length', 4);
empty: asserts that an array is empty or not
expect([], 'to be empty');
expect('', 'to be empty');
expect({}, 'to be empty');
expect({ length: 0, duck: 'typing' }, 'to be empty');
expect({ my: 'object' }, 'not to be empty');
expect([1,2,3], 'not to be empty');
property: asserts presence of an own property (and value optionally)
expect([1, 2], 'to have property', 'length');
expect([1, 2], 'to have property', 'length', 2);
expect({a: 'b'}, 'to have property', 'a');
expect({a: 'b'}, 'to have property', 'a', 'b');
expect({a: 'b'}, 'to have property', 'toString');
expect({a: 'b'}, 'to have own property', 'a');
expect(Object.create({a: 'b'}), 'not to have own property', 'a');
key / keys: asserts the presence of a key. Supports the only
modifier
expect(null, 'not to have key', 'a');
expect({ a: 'b' }, 'to have key', 'a');
expect({ a: 'b' }, 'not to have key', 'b');
expect({ a: 'b', c: 'd' }, 'to not only have key', 'a');
expect({ a: 'b', c: 'd' }, 'to only have keys', 'a', 'c');
expect({ a: 'b', c: 'd' }, 'to only have keys', ['a', 'c']);
expect({ a: 'b', c: 'd', e: 'f' }, 'to not only have keys', ['a', 'c']);
throw exception / throw error / throw: asserts that the Function
throws or not when called
expect(fn, 'to throw exception');
expect(fn, 'to throw');
expect(fn, 'to throw exception', function (e) { // get the exception object
expect(e, 'to be a', SyntaxError);
});
expect(fn, 'to throw exception', /matches the exception message/);
expect(fn, 'to throw error', 'matches the exact exception message');
expect(fn2, 'not to throw error');
within: asserts a number within a range
expect(0, 'to be within', 0, 4);
expect(1, 'to be within', 0, 4);
expect(4, 'to be within', 0, 4);
expect(-1, 'not to be within', 0, 4);
expect(5, 'not to be within', 0, 4);
greater than / above: asserts >
expect(3, 'to be greater than', 2);
expect(1, 'to be above', 0);
expect(4, 'to be >', 3);
expect(4, '>', 3);
greater than or equal to: asserts >
expect(3, 'to be greater than or equal to', 2);
expect(3, 'to be >=', 3);
expect(3, '>=', 3);
less than / below: asserts <
expect(0, 'to be less than', 4);
expect(0, 'to be below', 1);
expect(3, 'to be <', 4);
expect(3, '<', 4);
less than or equal to: asserts >
expect(0, 'to be less than or equal to', 4);
expect(4, 'to be <=', 4);
expect(3, '<=', 4);
positive: assert that a number is positive
expect(3, 'to be positive');
negative: assert that a number is negative
expect(-1, 'to be negative');
fail: explicitly forces failure.
expect.fail()
expect.fail('Custom failure message')
expect.fail('{0} was expected to be {1}', 0, 'zero');
For example, if you create a test suite with mocha.
Let's say we wanted to test the following program:
math.js
function add (a, b) { return a + b; };
Our test file would look like this:
describe('test suite', function () {
it('should expose a function', function () {
expect(add, 'to be a', 'function');
});
it('should do math', function () {
expect(add(1, 3), 'to be', 4);
});
});
If a certain expectation fails, an exception will be raised which gets captured and shown/processed by the test runner.
Clone the repository and install the developer dependencies:
git clone git://github.com/sunesimonsen/unexpected.git unexpected
cd unexpected && npm install
npm test
(The MIT License)
Copyright (c) 2013 Sune Simonsen <sune@we-knowhow.dk>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Heavily borrows from expect.js by Guillermo Rauch - MIT.
FAQs
Extensible BDD assertion toolkit
The npm package unexpected receives a total of 18,291 weekly downloads. As such, unexpected popularity was classified as popular.
We found that unexpected demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.