
Security News
Risky Biz Podcast: Making Reachability Analysis Work in Real-World Codebases
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
= mockumentary
With the happy proliferation of TDD, test suites are getting massive, and developer efficiency is dwindling as we wait for our tests to pass. There is a big tradeoff between making unit test more integration-ish (and therefore more life-like) vs. making them very mocky, unity and fast. Mockumentary is a library for the later. It inspects the ActiveRecord universe and makes a series of AR mockeries that approximate model without hitting the database, or making any assertions. The assertions, they are still part of the developers job in testing.
Mocumentary has two types of AR mock objects:
One is used within the Rails universe, a Mockery. It uses introspection to derive association and field information from its ActiveRecord class. It requires Rails or at least ActiveRecord in the test universe where it is used. These Mockeries can be dumped to YAML and used in an alternate universe of testing....
The second, a Mocksimile, is a non-introspective version built from a Mockery. In fact, Mockery dumps its class descriptions to a YAML file that is loaded by Mocksimile. This static version can be used outside the Rails test universe in a suite faster than the speed of Rails environment load time.
Mocking isn't for everyone, so test-drive responsibly.
Wiki pages available on github. Documentation in code will follow with if people start using it. Questions are always welcome through github too.
For terminology usage 'mock' vs 'stub' please see the Wiki. There is a note at the top of each page.
== Contributing to mockumentary
== Copyright
Copyright (c) 2011 Kane Baccigalupi. See LICENSE.txt for further details.
FAQs
Unknown package
We found that mockumentary demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
Security News
CISA’s 2025 draft SBOM guidance adds new fields like hashes, licenses, and tool metadata to make software inventories more actionable.