Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
covet
- 0.1.1
- Rubygems
Covet
What Is It?
It's a regression test selection tool for ruby, an implementation of some ideas by Mr. Tenderlove expressed here.
How Does It Work?
Reading the article will give you a good idea, but here's a short summary:
-
Gather coverage information during test runs, before and after each test method in order to know which test methods ran which files and lines of the tested application code.
-
Change the application code.
-
Covet shows you which tests to run based on the coverage information gathered in step 1, and the fact that
gitknows that you changed certain lines of the application code.
Usage
Add covet to your Gemfile in your test or development :group, or:
$ gem install covet
Coverage Collection:
Run your test suite with coverage collection on. To enable this,
add require 'covet' before any tests run (in a test helper file or similar),
and run your suite with: covet -c $CMD, where $CMD is the command to run your
test suite. Example:
$ covet -c "rake test"
Covet should output a message before any other message:
Collecting coverage information for each test method...
By default, covet hooks into minitest and collects coverage before
and after each method. If you're using rspec, make sure to pass the -t
option:
$ covet -t rspec -c "rake test"
After this, you should have 2 new files: run_log.json, and
run_log_index.json.
Now, by default the covet command will print out which test
files should be run based off the changes in your git repo since
the last commit.
For example:
$ covet
You need to run:
- /home/luke/Desktop/code/rails/activesupport/test/test\_case\_test.rb
To execute the run list, simply:
$ covet -e
Testing Gems
By default, covet removes all standard library and gem files from the run_log, because
it assumes you're testing your own library code. In order to test a gem, you need to add the
--whitelist-gems option. For example:
$ covet -c "rake test" --whitelist-gems "activesupport,rails"
Caveats/Bugs
-
It's not tested thoroughly enough.
-
Don't rely on this library to be correct yet (ie: don't forgo full test suite runs before committing to a repository). It's still early days. Please contribute code, docs, or ideas, though!
FAQs
Unknown package
We found that covet demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 01 Jan 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024