Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding -  Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
pytest-json-ctrf
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 0.3.4
- Maintainers
- 1
CTRF for pytest
Pytest implementation of Common Test Report Format (CTRF) for test results.
Test report will be generated in JSON format.
Test report can be used to prettify the report in GitHub Actions with github-actions-ctrf.
Do not worry if report in GitHub does not appear immediately. It takes some time to process the report.
Features
- Generates JSON report
- Tested to work correctly with and without pytest-xdist
- Tested to get browser name from pytest-playwright
- Parametrized tests are supported and reported as 1 test with multiple retries
Installation
pip install pytest-json-ctrf
Usage
generate report.json file in the root directory of the project. File path is mandatory
pytest --ctrf report.json
Json exampe
More info here: https://ctrf.io/docs/schema/examples
{
"results": {
"tool": {
"name": "jest"
},
"summary": {
"tests": 3,
"passed": 1,
"failed": 1,
"pending": 0,
"skipped": 1,
"other": 0,
"start": 1706644023,
"stop": 1706644043
},
"tests": [
{
"name": "User should be able to login",
"status": "passed",
"duration": 1200
},
{
"name": "User profile information should be correct",
"status": "failed",
"duration": 800
},
{
"name": "User should be able to logout",
"status": "skipped",
"duration": 0
}
]
}
}
Report Example
Technical details
For future me and others who are interested in the technical details of the implementation.
The main idea is to handle xdist plugin because without it collecting report is quite straightforward.
By the example of putest-json-report plugin, I have learned that different plugins can be registered for the controller and workers node.
The pytest_runtest_logreport hook in the controller node is used to collect the test results from all the nodes so other nodes can just add some details to the TestReport object.
Credits
- https://ctrf.io/ -> nice data format
- https://github.com/numirias/pytest-json-report -> Source of inspiration and dealing with xdist sync
- https://github.com/testomatio/pytestomatio -> Source of inspiration for creating pytest plugins
- https://github.com/infopulse/Playwright-course-python -> The report will be used in the demo project as +1 report option
Roadmap
- Add screenshots handling
- Add hooks for the report extension
FAQs
Pytest plugin to generate json report in CTRF (Common Test Report Format)
We found that pytest-json-ctrf demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding -  Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding -  Dec 11, 2025