Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
.. image:: https://github.com/pytest-dev/pytest/raw/main/doc/en/img/pytest_logo_curves.svg :target: https://docs.pytest.org/en/stable/ :align: center :height: 200 :alt: pytest
.. image:: https://img.shields.io/pypi/v/pytest.svg :target: https://pypi.org/project/pytest/
.. image:: https://img.shields.io/conda/vn/conda-forge/pytest.svg :target: https://anaconda.org/conda-forge/pytest
.. image:: https://img.shields.io/pypi/pyversions/pytest.svg :target: https://pypi.org/project/pytest/
.. image:: https://codecov.io/gh/pytest-dev/pytest/branch/main/graph/badge.svg :target: https://codecov.io/gh/pytest-dev/pytest :alt: Code coverage Status
.. image:: https://github.com/pytest-dev/pytest/actions/workflows/test.yml/badge.svg :target: https://github.com/pytest-dev/pytest/actions?query=workflow%3Atest
.. image:: https://results.pre-commit.ci/badge/github/pytest-dev/pytest/main.svg :target: https://results.pre-commit.ci/latest/github/pytest-dev/pytest/main :alt: pre-commit.ci status
.. image:: https://www.codetriage.com/pytest-dev/pytest/badges/users.svg :target: https://www.codetriage.com/pytest-dev/pytest
.. image:: https://readthedocs.org/projects/pytest/badge/?version=latest :target: https://pytest.readthedocs.io/en/latest/?badge=latest :alt: Documentation Status
.. image:: https://img.shields.io/badge/Discord-pytest--dev-blue :target: https://discord.com/invite/pytest-dev :alt: Discord
.. image:: https://img.shields.io/badge/Libera%20chat-%23pytest-orange :target: https://web.libera.chat/#pytest :alt: Libera chat
The pytest
framework makes it easy to write small tests, yet
scales to support complex functional testing for applications and libraries.
An example of a simple test:
.. code-block:: python
# content of test_sample.py
def inc(x):
return x + 1
def test_answer():
assert inc(3) == 5
To execute it::
$ pytest
============================= test session starts =============================
collected 1 items
test_sample.py F
================================== FAILURES ===================================
_________________________________ test_answer _________________________________
def test_answer():
> assert inc(3) == 5
E assert 4 == 5
E + where 4 = inc(3)
test_sample.py:5: AssertionError
========================== 1 failed in 0.04 seconds ===========================
Due to pytest
's detailed assertion introspection, only plain assert
statements are used. See getting-started <https://docs.pytest.org/en/stable/getting-started.html#our-first-test-run>
_ for more examples.
Detailed info on failing assert statements <https://docs.pytest.org/en/stable/how-to/assert.html>
_ (no need to remember self.assert*
names)
Auto-discovery <https://docs.pytest.org/en/stable/explanation/goodpractices.html#python-test-discovery>
_
of test modules and functions
Modular fixtures <https://docs.pytest.org/en/stable/explanation/fixtures.html>
_ for
managing small or parametrized long-lived test resources
Can run unittest <https://docs.pytest.org/en/stable/how-to/unittest.html>
_ (or trial)
test suites out of the box
Python 3.8+ or PyPy3
Rich plugin architecture, with over 1300+ external plugins <https://docs.pytest.org/en/latest/reference/plugin_list.html>
_ and thriving community
For full documentation, including installation, tutorials and PDF documents, please see https://docs.pytest.org/en/stable/.
Please use the GitHub issue tracker <https://github.com/pytest-dev/pytest/issues>
_ to submit bugs or request features.
Consult the Changelog <https://docs.pytest.org/en/stable/changelog.html>
__ page for fixes and enhancements of each version.
Open Collective
_ is an online funding platform for open and transparent communities.
It provides tools to raise money and share your finances in full transparency.
It is the platform of choice for individuals and companies that want to make one-time or monthly donations directly to the project.
See more details in the pytest collective
_.
.. _Open Collective: https://opencollective.com .. _pytest collective: https://opencollective.com/pytest
Available as part of the Tidelift Subscription.
The maintainers of pytest and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use.
Learn more. <https://tidelift.com/subscription/pkg/pypi-pytest?utm_source=pypi-pytest&utm_medium=referral&utm_campaign=enterprise&utm_term=repo>
_
Security ^^^^^^^^
pytest has never been associated with a security vulnerability, but in any case, to report a
security vulnerability please use the Tidelift security contact <https://tidelift.com/security>
_.
Tidelift will coordinate the fix and disclosure.
Copyright Holger Krekel and others, 2004.
Distributed under the terms of the MIT
_ license, pytest is free and open source software.
.. _MIT
: https://github.com/pytest-dev/pytest/blob/main/LICENSE
FAQs
pytest: simple powerful testing with Python
We found that pytest demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.