Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Testix is a Mocking framework for Python, meant to be used with pytest.
Testix is special because it allows you to specify what your mock objects do, and it then enforces your specifications automatically. It also reduces (albeit not entirely) mock setup. Other frameworks usually have a flow like this:
Testix flow is a bit different
sock
in the following example)Read the full docs at readthedocs
Here's a small example:
# create your object under test, pass in some mock objects
# in production, Chatbot will receive and actual socket object
# here we want to test what it does with the socket it receives
# and we do not want it to actually communicate with anyone
# to both those ends, we pass a mock, or fake, object.
self.tested = chatbot.Chatbot(Fake('sock')) # Fake('sock') is a mock object named "sock"
# create a Scenario context
# inside, you specify exactly what the unit should do with the objects its handed
with Scenario() as s:
# we can refer here to s.sock, because there is a mock named `sock`
s.sock.recv(4096) >> 'request text' # unit must call sock.recv(4096).
# this call will return 'request text'
s.sock.send('response text')
# call your unit's code
self.tested.go()
# Scenario context ends, and verifies everything happened exactly as specified
# No more, no less
Note that you do not have to setup sock.recv
or sock.send
- once sock
is
set up, it will generate other mock objects automatically as you go along with
it. Only "top level" mock objects need to be setup explicitly.
Continue reading for further examples.
With pip
:
$ pip install testix
Testix works with Python 3. It will not work with legacy python.
Testix started as a re-implementation of ideas from the Voodoo-Mock unit-testing framework. Since then it has evolved some different traits though.
This software is available under the MIT License, see the LICENSE
file.
FAQs
Mocking framework Python with *exact* Scenarios
We found that testix demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.