npmpackage.info

Gathering detailed insights and metrics for @malloydata/malloy-tests

@malloydata/malloy-tests - 0.0.295 | npmpackage.info

@malloydata/malloy-tests

Malloy is an experimental language for describing data relationships and transformations.

0.0.295

2,184

MIT

TypeScript

76.01 MB

6.5

Installations

npm install @malloydata/malloy-tests

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Min. Node Version

>=20

Node Version

20.19.3

NPM Version

10.8.2 Pull Requests

Open

40

Total

1,746

Closed

195

Merged

1,511

Issues

Open

327

Total

617

Closed

290

Releases

v0.0.214

Updated on Nov 15, 2024

v0.0.207

Updated on Nov 05, 2024

v0.0.206

Updated on Nov 01, 2024

Add MalloySQLParseResults to exports

v0.0.144

Updated on Apr 26, 2024

View All 4 releases

Languages

TypeScript

ANTLR

Thrift

Shell

CSS

JavaScript

Nearley

HTML

PEG.js

MDX

Nix

TypeScript (97.82%)

ANTLR (0.6%)

Thrift (0.39%)

Shell (0.33%)

CSS (0.28%)

JavaScript (0.26%)

Nearley (0.2%)

HTML (0.06%)

PEG.js (0.05%)

MDX (0.02%)

Developer

malloydata

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

2,184 Stars

4,683 Commits

95 Forks

26 Watchers

310 Branches

49 Contributors

Updated on Jul 10, 2025

Maintainers

View All 49 Contributors

Package Meta Information

Latest Version

0.0.295

Package Id

@malloydata/malloy-tests@0.0.295

Unpacked Size

76.01 MB

Size

56.85 MB

File Count

NPM Version

10.8.2

Node Version

20.19.3

Published on

Jul 10, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@jest/globals @malloydata/db-bigquery @malloydata/db-duckdb @malloydata/db-postgres @malloydata/db-snowflake @malloydata/db-trino @malloydata/malloy @malloydata/malloy-tag @malloydata/render events jsdom luxon madge

Dev Dependencies

@types/jsdom @types/luxon

Tests

By default, tests run against BigQuery, Postgres, and DuckDB.

Tests can also be run against a specific database, using the MALLOY_DATABASE or MALLOY_DATABASES environment variable, such as: MALLOY_DATABASES=bigquery,postgres npm run test

Setting up postgres:

Setup for Postgres Test Data

Assumes that postgres has been installed via nix (installs but doesn't configure).

ADD to environment: export PGHOST=localhost

postgres_init.sh - builds a database as the current user in .tmp/data/malloytestdb. Starts server running on localhost:5432 copies the test data in malloytest-postgres.sql.gz into the database.

postgres_start.sh - starts the postgres server, once it has been installed (use after a reboot, for example)

postgres_stop.sh - stops the postgres server

state_fact.sql - example file on how to insert data from json

Setting up DuckDB:

Building test database for duckdb

At top-level, run npx ts-node scripts/build_duckdb_test_database.ts
A file called duckdb_test.db should be created in the test/data/duckdb folder - tests will automatically look there.

Using the custom matcher for running queries

There is now a custom matcher, malloyResultMatches for running queries. The customer matcher makes it easy to write readable tests which need to look at query results, and produces useful output when the test fails to make it easier to develop tests or respond to the output of failing tests.

Check for results in the first row of output

The simplest case is to check for result in the first row of output. You need either a Runtime or a Model that was obtained from runtime.loadModel

1// If the spec file doesn't have the matcher, use this statement. You will have
2// to adjust the path to find REPO/test/util/db-jest-matchers
3import './util/db-jest-matchers';
4
5  const sampleSource = `duckdb.sql("""
6            SELECT 42 as num, 'whynot' as reason
7            UNION ALL SELECT 49, 'because'""")`;
8
9  test('simple', async () => {
10    await expect(`
11      run: ${sampleSource}
12    `).malloyResultMatches(runtimeOrModel, {num: 42, reason: 'whynot'});
13  });

This will check the following things.

There is at least one row of data in the output. So .malloyQueryMatches(rt, {}) will fail if the query returns no rows
There are entries in that row for each key. {} matches any row
The entries are equal, but it will error if the expected data as a number and the returned data is a string.

Accessing nested results

You can specify a nested key in a match using a dotted path to the value. Note this example also shows passing a model instead of a runtime to the matcher.

1  const model = runtime.loadModel(`source: sampleSource is ${sampleSource}`);
2  test('nested', async () => {
3    await expect(`
4        run: sampleSource -> {
5            nest: the_nest is {
6                select: nestNum is num, nestWhy is reasons
7            }
8        }
9    `).malloyResultMatches(model, {
10      'the_nest.nestNum': 42,
11      'theNest.nestWhy': 'whynot',
12    });
13  });

[!WARNING] There is currently a ... feature ... where if the source code of a test contains the characters nest: and the runtime connection does not support nesting, the test passes without actually doing anything. There will better handling of this problem in the future, but if your test is mysteriously passing, this is why.

Queries returning more than one row of data

An array of match rows may can also be used, if the test needs to verify more than the first row of results.

1  test('multiple rows', async () => {
2    await expect(`
3        run: ${sampleSource}
4    `).malloyResultMatches(runtimeOrModel, [
5      {num: 42, reason: 'whynot'},
6      {num: 49, reason: 'because'},
7    ]);
8  });

This will pass if ..

There are exactly two rows of output. If there are not exactly two the matcher will fail. If the query makes more than two rows, you will need to add a limit: 2 to allow the matcher to pass.
Each row is matches the matching criteria, again {} means "pass if there is a row"

Reading failure output

Mis-matched data

When the data return is incorrect, the matcher will always show you the generated SQL before showing you the failed match. This is useful when you are debugging a dialect want to know exactly what SQL ran to produce the non matching result.

1  test('wrong data', async () => {
2    await expect(`
3      run: ${sampleSource}
4    `).malloyResultMatches(runtimeOrModel, {num: 24, reason: 'i said so'});
5  });

  ● malloyResultMatches › wrong data

    SQL Generated:
      SELECT
         base."num" as "num",
         base."reason" as "reason"
      FROM (
                SELECT 42 as num, 'whynot' as reason
                UNION ALL SELECT 49, 'because') as base

    Expected {num: 24} Got: 42
    Expected {reason: "i said so"} Got: "whynot"

      120 |     await expect(`
      121 |       run: ${sampleSource}
    > 122 |     `).malloyResultMatches(runtimeOrModel, {num: 24, reason: 'i said so'});
          |        ^
      123 |   });
      124 | });
      125 | afterAll(async () => await runtime.connection.close());

      at Object.<anonymous> (test/src/jestMatcher.spec.ts:122:8)

Bad Malloy Code

If the Malloy code in your test is in error, the matcher tries to make a it clear where the error is. Because many tests construct the query at runtime, the matcher will print the entire text of the query in the failure message. Look for the line starting with !!!!! to find your code error.

1  test('malloyResultMatches with an error', async () => {
2    await expect(`
3        rug: ${sampleSource}
4    `).malloyResultMatches(runtime, [
5      {num: 42, reason: 'whynot'},
6      {num: 49, reason: 'because'},
7    ]);
8  });

  ● jestMatcher › malloyResultMatches with an error

    Error in query compilation
        |
        |         rug: duckdb.sql("""
    !!!!!         ^ no viable alternative at input 'rug'
        |           SELECT 42 as num, 'whynot' as reason
        |           UNION ALL SELECT 49, 'because'
        |         """)
        |

      77 |           UNION ALL SELECT 49, 'because'
      78 |         """)
    > 79 |     `).malloyResultMatches(runtime, [
         |        ^
      80 |       {num: 42, reason: 'whynot'},
      81 |       {num: 49, reason: 'because'},
      82 |     ]);

      at Object.<anonymous> (test/src/jestMatcher.spec.ts:79:8)

Wrong Data Size

If an array is passed to malloyResultMatches each row will be matched, and an additional test will be added to make sure the that rows in the match set equals the rows in the result.

If you specify match data, that will also be tested for rows which exist in both the match set and the result set.

1  test('failing exactly one row', async () => {
2    await expect(`
3      run: ${sampleSource}
4    `).malloyResultMatches(runtimeOrModel, [{}]);
5  });

  ● malloyResultMatches › failing exactly one row

    SQL Generated:
      SELECT
         base."num" as "num",
         base."reason" as "reason"
      FROM (
                SELECT 42 as num, 'whynot' as reason
                UNION ALL SELECT 49, 'because') as base

    Expected result.rows=1  Got: 2

      126 |     await expect(`
      127 |       run: ${sampleSource}
    > 128 |     `).malloyResultMatches(runtimeOrModel, [{}]);
          |        ^
      129 |   });
      130 | });
      131 | afterAll(async () => await runtime.connection.close());

      at Object.<anonymous> (test/src/api.spec.ts:128:8)``

What it doesn't do

The old template for a test looked something like

1    const result = await runtime.loadQuery(`QUERYTEXT`);
2    expect(result ....).toBeCorrectSomehow();
3    expect(result ....).toBeCorrectADifferentWay();
4    expect(result ....).toBeCorrectThisWayToo();

The actual matcher for a result is limited to an equality test, in the old pattern you would have written something using an existing matcher for a data value

1    expect(result.data.patch(0, 'numThings').value).toBeGreaterThan(7);

and if this is desirable, more work on the custom matcher would be needed to allow expressions like this to be written.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

9

SAST

Determines if the project uses static code analysis.

6

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 6

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-bigquery.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-bigquery.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-bigquery.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-bigquery.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/db-bigquery.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-bigquery.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-duckdb-wasm.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-duckdb-wasm.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-duckdb-wasm.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-duckdb-wasm.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-duckdb.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-duckdb.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-duckdb.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-duckdb.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-motherduck.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-motherduck.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-motherduck.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-motherduck.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-mysql.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-mysql.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-mysql.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-mysql.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-postgres.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-postgres.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-postgres.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-postgres.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-presto.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-presto.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-presto.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-presto.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-publisher.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-publisher.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-publisher.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-publisher.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-snowflake.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-snowflake.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-snowflake.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-snowflake.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-trino.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-trino.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/db-trino.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/db-trino.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/main.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/main.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/main.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/prerelease.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/prerelease.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-tests.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/malloydata/malloy/run-tests.yaml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/release.yaml:67
Info: 0 out of 26 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 3 third-party GitHubAction dependencies pinned
Info: 13 out of 14 npmCommand dependencies pinned

5

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

Score

6.5

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More