davidwindham.com / npmx.dev
forked from npmx.dev/npmx.dev
[READ-ONLY] a fast, modern browser for the npm registry
fork atom
npmx.dev / test / e2e / vulnerabilities.spec.ts
at main 78 lines 3.2 kB view raw
Daniel Roe test: use fixtures for server side api fetches (#828)
c295d194
1import { expect, test } from './test-utils' 2 3function toLocalUrl(baseURL: string | undefined, path: string): string { 4 if (!baseURL) return path 5 return baseURL.endsWith('/') ? `${baseURL}${path.slice(1)}` : `${baseURL}${path}` 6} 7 8async function fetchVulnerabilities( 9 page: { request: { get: (url: string) => Promise<any> } }, 10 url: string, 11) { 12 const response = await page.request.get(url) 13 const body = await response.json() 14 return { response, body } 15} 16 17test.describe('vulnerabilities API', () => { 18 test('unscoped package vulnerabilities analysis', async ({ page, baseURL }) => { 19 const url = toLocalUrl(baseURL, '/api/registry/vulnerabilities/vue') 20 const { response, body } = await fetchVulnerabilities(page, url) 21 22 expect(response.status()).toBe(200) 23 expect(response.headers()['content-type']).toContain('application/json') 24 expect(body).toHaveProperty('package', 'vue') 25 expect(body).toHaveProperty('version') 26 expect(body).toHaveProperty('totalCounts') 27 }) 28 29 test('scoped package vulnerabilities with URL encoding', async ({ page, baseURL }) => { 30 const url = toLocalUrl(baseURL, '/api/registry/vulnerabilities/@nuxt%2Fkit') 31 const { response, body } = await fetchVulnerabilities(page, url) 32 33 expect(response.status()).toBe(200) 34 expect(response.headers()['content-type']).toContain('application/json') 35 expect(body).toHaveProperty('package', '@nuxt/kit') 36 expect(body).toHaveProperty('version') 37 }) 38 39 test('scoped package with explicit version and URL encoding', async ({ page, baseURL }) => { 40 const url = toLocalUrl(baseURL, '/api/registry/vulnerabilities/@nuxt%2Fkit/v/3.20.0') 41 const { response, body } = await fetchVulnerabilities(page, url) 42 43 expect(response.status()).toBe(200) 44 expect(response.headers()['content-type']).toContain('application/json') 45 expect(body).toHaveProperty('package', '@nuxt/kit') 46 expect(body).toHaveProperty('version', '3.20.0') 47 }) 48 49 test('scoped package without URL encoding (for comparison)', async ({ page, baseURL }) => { 50 const url = toLocalUrl(baseURL, '/api/registry/vulnerabilities/@nuxt/kit') 51 const { response, body } = await fetchVulnerabilities(page, url) 52 53 expect(response.status()).toBe(200) 54 expect(response.headers()['content-type']).toContain('application/json') 55 expect(body).toHaveProperty('package', '@nuxt/kit') 56 expect(body).toHaveProperty('version') 57 }) 58 59 test('scoped package with different scope', async ({ page, baseURL }) => { 60 const url = toLocalUrl(baseURL, '/api/registry/vulnerabilities/@types%2Fnode') 61 const { response, body } = await fetchVulnerabilities(page, url) 62 63 expect(response.status()).toBe(200) 64 expect(response.headers()['content-type']).toContain('application/json') 65 expect(body).toHaveProperty('package', '@types/node') 66 expect(body).toHaveProperty('version') 67 }) 68 69 test('package not found returns appropriate error', async ({ page, baseURL }) => { 70 const url = toLocalUrl( 71 baseURL, 72 '/api/registry/vulnerabilities/this-package-definitely-does-not-exist-12345', 73 ) 74 const response = await page.request.get(url) 75 76 expect(response.status()).toBe(404) // Package not found returns 404 77 }) 78})