Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Website / Report Issue / Source Code ( )
Bang! Bang! is a BRASS compliant assertions
framework with a very clever design that translates any bang call, e.g. #foo!
into an assertion based on the corresponding query call if it exists, e.g. #foo?
.
In practice the framework is similar to MiniTest's spec methods,
e.g. #must_equal
, but the dynamic nature of Bang! Bang! makes it much more
flexible, as it is not limited to a finite set of assertion methods.
It's also pretty interesting idea that bang methods would be assertion methods.
In general practice bang methods are usually used for methods that change the
state of an object in-place. But this isn't particularly necessary and
is just as well handled by non-bang methods, e.g. #update
vs #merge!
.
Usage is pretty straight forward.
require 'bang'
"This string".equals!("That string") #=> raises Bang::Assertion
To use Bang! Bang! most effectively with common test frameworks, you may need to load an adapter to ensure the framework recognizes the assertions as such rather than as ordinary errors.
For MiniTest use:
require 'bang/minitest'`
For TestUnit use:
require 'bang/testunit'
An RSpec adapter is in the works.
Cucumber does not require an adapter as it does not differentiate errors from assertions.
Note, these adapters simply require the brass/adapters/minitest
and
brass/adapters/testunit
respectively along with bang
. So that's another
way to do it too.
Bang! Bang! works via a set of core extensions. There may be some concern about this approach for a test framework. I can assure you that the fear of the inaptly named "monkey patch" is very much overwrought.
Even though Bang! Bang! adds a #method_missing
call to the Object class, it is
almost always okay to use because it does not get called if an object already has
a bang method defined for it's own use. And when it does get called it only applies
if a corresponding query (e.g. foo?
) method exists.
The other core extensions it adds are simply convenience methods that make testing easier. Because these are only additions and not overrides, it is perfectly safe to use in all but the most esoteric cases (such a heavy meta-programming). In fact, if a program doesn't work because of these core extensions, that's usually a good indication that something isn't being done right in the program itself.
Bang Bang is copyrighted open source software.
Copyright (c) 2012 Rubyworks
You can redistribute it in accordance to the BSD-2-Clause license.
See the included LICENSE.txt file for details.
FAQs
Unknown package
We found that bang demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.