Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
- Version
- 0.1.1
- Maintainers
- 1
AssertionChain
An AssertionChain is a wrapper for a group of commands that must happen in sequence.
Installation:
pip install assertionchain
Features:
- Control order of execution of a group of functions
- Terminate execution of the rest of the chain if certain conditions are not met
Simple example:
AssertionChain()\
.do(lambda: 1 + 1, 'Add two numbers together') \
.expect(3, message='Step "{step}" did not result in expected value {expected}, value was: {actual}') \
.perform()
This is roughly equivalent to:
val = 1 + 1
assert val == 3
The above example is certainly more readable, so why use an AssertionChain at all? For starters, the chain encourages the user to provide line-by-line detail about each step being executed. So if you want to understand why the above assertion failed, you would have to construct a detailed error message indicating the actual and expected value along with the step that produced the actual value. That's not particularly hard:
expected = 3
val = 1 + 1
message = 'Adding 1 + 1 did not result in expected value {expected}, value was: {actual}'.format(
expected=expected,
actual=val
)
assert val == expected, message
But having to repeat this every time you run a command can become very, very tedious. AssertionChain provides this API for performing incremental checks on each operation being executed in the chain, reducing the overhead of having to type all of this out.
It is a simple utility for grouping related actions and ensuring each step succeeds. For instance, assume we have a suite of functions that interact with files (get_contents, write_contents, delete_file). Their contract stipulates that each function will return True, False, or a value depending on whether or not they were successful. We can use an AssertionChain to make sure each step was successful:
filename = '/tmp/sd9x0c2'
new_contents = 'myfile'
# Write the file, retrieve the contents
contents = AssertionChain()\
.do(lambda: get_contents(filename), 'Retrieve file contents').expect(False, operator='is not')\
.do(lambda: write_contents(filename, new_contents), 'Write file content').expect(True, operator='is')\
.do(lambda: write_contents(filename, ''), 'Write empty file content').expect(True, operator='is')\
.perform()
# Delete the file
AssertionChain().do(lambda: delete_file(filename), 'Delete file').expect(True, operator='is').perform()
FAQs
Utility for chaining commands and incrementally checking the results
We found that assertionchain demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025