Gathering detailed insights and metrics for @anatine/zod-mock
Installations
npm install @anatine/zod-mockDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
18.20.5
NPM Version
10.8.2
Score
99.6
Supply Chain
80.1
Quality
82.7
Maintenance
100
Vulnerability
100
License
Releases
69
zod-mock-3.13.5
zod-mock-3.13.5
Published on 20 Jan 2025
zod-nestjs-2.0.10
zod-nestjs-2.0.10
Published on 20 Jan 2025
zod-openapi-2.2.7
zod-openapi-2.2.7
Published on 20 Jan 2025
zod-nestjs-2.0.9
zod-nestjs-2.0.9
Published on 21 Jun 2024
zod-openapi-2.2.6
zod-openapi-2.2.6
Published on 21 Jun 2024
zod-nestjs-2.0.8
zod-nestjs-2.0.8
Published on 29 Mar 2024
Contributors
49
Languages
2
TypeScript
JavaScript
TypeScript (99.51%)
JavaScript (0.49%)
Developer
anatine
Download Statistics
Total Downloads
7,332,869
Last Day
42,087
Last Week
193,577
Last Month
790,163
Last Year
5,579,041
GitHub Statistics
692 Stars
508 Commits
96 Forks
7 Watching
12 Branches
49 Contributors
Maintainers
1
Package Meta Information
Latest Version
3.13.5
Package Id
@anatine/zod-mock@3.13.5
Unpacked Size
54.47 kB
Size
14.22 kB
File Count
13
NPM Version
10.8.2
Node Version
18.20.5
Publised On
20 Jan 2025
Total Downloads
Cumulative downloads
Total Downloads
7,332,869
Last day
16.4%
42,087
Compared to previous day
Last week
-10.7%
193,577
Compared to previous week
Last month
28.5%
790,163
Compared to previous month
Last year
248.3%
5,579,041
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Peer Dependencies
2
Versions
@anatine/zod-mock
Generates a mock data object using faker.js from a Zod schema.
Installation
@faker-js/faker is a peer dependency of @anatine/zod-mock and is used for mock data generation.
1npm install zod @faker-js/faker @anatine/zod-mock
Usage
Take any Zod schema and create mock data
1import { generateMock } from '@anatine/zod-mock'; 2const schema = z.object({ 3 uid: z.string().nonempty(), 4 theme: z.enum([`light`, `dark`]), 5 email: z.string().email().optional(), 6 phoneNumber: z.string().min(10).optional(), 7 avatar: z.string().url().optional(), 8 jobTitle: z.string().optional(), 9 otherUserEmails: z.array(z.string().email()), 10 stringArrays: z.array(z.string()), 11 stringLength: z.string().transform((val) => val.length), 12 numberCount: z.number().transform((item) => `total value = ${item}`), 13 age: z.number().min(18).max(120), 14 }); 15const mockData = generateMock(schema); 16// ...
This will generate mock data similar to:
1{ 2 "uid": "3f46b40e-95ed-43d0-9165-0b8730de8d14", 3 "theme": "light", 4 "email": "Alexandre99@hotmail.com", 5 "phoneNumber": "1-665-405-2226", 6 "avatar": "https://cdn.fakercloud.com/avatars/olaolusoga_128.jpg", 7 "jobTitle": "Lead Brand Facilitator", 8 "otherUserEmails": [ 9 "Wyman58@example.net", 10 "Ignacio_Nader@example.org", 11 "Jorge_Bradtke@example.org", 12 "Elena.Torphy33@example.org", 13 "Kelli_Bartoletti@example.com" 14 ], 15 "stringArrays": [ 16 "quisquam", 17 "corrupti", 18 "atque", 19 "sunt", 20 "voluptatem" 21 ], 22 "stringLength": 4, 23 "numberCount": "total value = 25430", 24 "age": 110 25}
Overriding string mocks
Sometimes there might be a reason to have a more specific mock for a string value.
You can supply an options field to generate specific mock data that will be triggered by the matching key.
1const schema = z.object({ 2 locked: z.string(), 3 email: z.string().email(), 4 primaryColor: z.string(), 5}); 6const mockData = generateMock(schema, { 7 stringMap: { 8 locked: () => `this return set to the locked value`, 9 email: () => `not a email anymore`, 10 primaryColor: () => faker.internet.color(), 11 }, 12});
Adding a seed generator
For consistent testing, you can also add in a seed or seed array.
1const schema = z.object({ 2 name: z.string(), 3 age: z.number(), 4}); 5const seed = 123; 6const first = generateMock(schema, { seed }); 7const second = generateMock(schema, { seed }); 8expect(first).toEqual(second);
Adding a custom mock mapper
Once drilled down to deliver a string, number, boolean, or other primitive value a function with a matching name is searched for in faker.
You can add your own key/fn mapper in the options.
1 2export function mockeryMapper( 3 keyName: string, 4 fakerInstance: Faker 5): FakerFunction | undefined { 6 const keyToFnMap: Record<string, FakerFunction> = { 7 image: fakerInstance.image.url, 8 imageurl: fakerInstance.image.url, 9 number: fakerInstance.number.int, 10 float: fakerInstance.number.float, 11 hexadecimal: fakerInstance.number.hex, 12 uuid: fakerInstance.string.uuid, 13 boolean: fakerInstance.datatype.boolean, 14 // Email more guaranteed to be random for testing 15 email: () => fakerInstance.database.mongodbObjectId() + '@example.com' 16 }; 17 return keyName && keyName.toLowerCase() in keyToFnMap 18 ? keyToFnMap[keyName.toLowerCase() as never] 19 : undefined; 20} 21 22const schema = z.object({ 23 locked: z.string(), 24 email: z.string().email(), 25 primaryColor: z.string(), 26}); 27 28const result = generateMock(schema, { mockeryMapper }); 29
Behind the Scenes
zod-mock tries to generate mock data from two sources.
-
Object key name ie(
{ firstName: z.string() })This will check the string name of the key against all the available
fakerfunction names. Upon a match, it uses that function to generate a mock value. -
Zodtype ie(
const something = z.string())In the case there is no key name (the schema doesn't contain an object) or there is no key name match,
zod-mockwill use the primitive type provided byzod.Some zod filter types (email, uuid, url, min, max, length) will also modify the results.
If
zod-mockdoes not yet support a Zod type used in your schema, you may provide a backup mock function to use for that particular type.1const schema = z.object({ 2 anyVal: z.any() 3}); 4const mockData = generateMock(schema, { 5 backupMocks: { 6 ZodAny: () => 'a value' 7 } 8});
Missing Features
- No pattern for passing options into
faker, such as setting phone number formatting - Does not handle the following Zod types:
- ZodAny
- ZodDefault
- ZodFunction
- ZodIntersection
- ZodMap
- ZodPromise
- ZodSet
- ZodTuple
- ZodUnion
- ZodUnknown
Credits
-
express-zod-api
A great lib that provided some insights on dealing with various zod types.
This library is part of a nx monorepo @anatine/zod-plugins.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
15 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
Found 10/18 approved changesets -- score normalized to 5
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/pr_on_master.yml:1
- Warn: no topLevel permission defined: .github/workflows/pre-publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_on_master.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/anatine/zod-plugins/pr_on_master.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_on_master.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/anatine/zod-plugins/pr_on_master.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-publish.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/anatine/zod-plugins/pre-publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-publish.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/anatine/zod-plugins/pre-publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/anatine/zod-plugins/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/anatine/zod-plugins/publish.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/pr_on_master.yml:44
- Warn: npmCommand not pinned by hash: .github/workflows/pre-publish.yml:46
- Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:46
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 22 are checked with a SAST tool
Reason
40 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
- Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-f6v4-cf5j-vf3w
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-9pv7-vfvm-6vr7
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-5r9g-qh6m-jxff
- Warn: Project is vulnerable to: GHSA-r6ch-mqf9-qc9w
- Warn: Project is vulnerable to: GHSA-wqq4-5wpv-mx2g
- Warn: Project is vulnerable to: GHSA-3787-6prv-h9w3
- Warn: Project is vulnerable to: GHSA-9qxr-qj54-h672
- Warn: Project is vulnerable to: GHSA-m4v8-wqvr-p9f7
- Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
4
/10
Last Scanned on 2025-02-03
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More