Gathering detailed insights and metrics for @pact-foundation/pact-core
Gathering detailed insights and metrics for @pact-foundation/pact-core
Gathering detailed insights and metrics for @pact-foundation/pact-core
Gathering detailed insights and metrics for @pact-foundation/pact-core
npm install @pact-foundation/pact-core
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
150 Stars
1,431 Commits
79 Forks
8 Watching
4 Branches
42 Contributors
Updated on 22 Nov 2024
TypeScript (44.28%)
C++ (40.27%)
Shell (8.42%)
C (4.33%)
Python (2.55%)
JavaScript (0.08%)
Ruby (0.08%)
Cumulative downloads
Total Downloads
Last day
-4.5%
24,503
Compared to previous day
Last week
-1.2%
125,273
Compared to previous week
Last month
-2.3%
540,666
Compared to previous month
Last year
71.1%
5,729,546
Compared to previous year
5
52
:information_source: Usage notice |
---|
This is a core library, designed for use in the bowels of another package. Unless you are wanting to develop tools for the pact ecosystem, you almost certainly want to install @pact-foundation/pact instead |
A wrapper for the Pact Reference Core Library.
npm install @pact-foundation/pact-core --save-dev
In order to get better statistics as to who is using Pact, we have an anonymous tracking event that triggers when Pact installs for the first time. To respect your privacy, anyone can turn it off by simply adding a 'do not track' flag within their package.json file:
1{ 2 "name": "some-project", 3 ... 4 "config": { 5 "pact_do_not_track": true 6 }, 7 ... 8}
TL;DR - you almost always want Pact JS.
Purpose | Library | Comments |
---|---|---|
Synchronous / HTTP APIs | Pact JS | |
Asynchronous APIs | Pact JS | |
Node.js | Pact JS | |
Browser testing | Pact Web | You probably still want Pact JS. See Using Pact in non-Node environments * |
Isomorphic testing | Pact Web | You probably still want Pact JS. See Using Pact in non-Node environments * |
Publishing to Pact Broker | Pact CLI |
* The "I need to run it in the browser" question comes up occasionally. The question is this - for your JS code to be able to make a call to another API, is this dependent on browser-specific code? In most cases, people use tools like React/Angular which have libraries that work on the server and client side, in which case, these tests don't need to run in a browser and could instead be executed in a Node.js environment.
1var pact = require("@pact-foundation/pact-core"); 2pact.logLevel("debug");
Read more about Verify Pacts.
1var pact = require('@pact-foundation/pact-core'); 2 3pact.verifyPacts({ 4 ... 5});
Options:
Parameter | Required? | Type | Description |
---|---|---|---|
providerBaseUrl | true | string | Running API provider host endpoint. |
pactBrokerUrl | false | string | Base URL of the Pact Broker from which to retrieve the pacts. Required if pactUrls not given. |
provider | false | string | Name of the provider if fetching from a Broker |
consumerVersionSelectors | false | ConsumerVersionSelector|array | Use Selectors to is a way we specify which pacticipants and versions we want to use when configuring verifications. |
consumerVersionTags | false | string|array | Retrieve the latest pacts with given tag(s) |
providerVersionTags | false | string|array | Tag(s) to apply to the provider application |
includeWipPactsSince | false | string | Includes pact marked as WIP since this date. String in the format %Y-%m-%d or %Y-%m-%dT%H:%M:%S.000%:z |
pactUrls | false | array | Array of local pact file paths or HTTP-based URLs. Required if not using a Pact Broker. |
providerStatesSetupUrl | false | string | URL to send PUT requests to setup a given provider state |
pactBrokerUsername | false | string | Username for Pact Broker basic authentication |
pactBrokerPassword | false | string | Password for Pact Broker basic authentication |
pactBrokerToken | false | string | Bearer token for Pact Broker authentication |
publishVerificationResult | false | boolean | Publish verification result to Broker (NOTE: you should only enable this during CI builds) |
providerVersion | false | string | Provider version, required to publish verification result to Broker. Optional otherwise. |
enablePending | false | boolean | Enable the pending pacts feature. |
timeout | false | number | The duration in ms we should wait to confirm verification process was successful. Defaults to 30000. |
logLevel | false | LogLevel (string) | Log level. One of "TRACE", "DEBUG", "ERROR", "WARN", "INFO", can be set by LOG_LEVEL env var |
The consumer version selector looks like this:
ConsumerVersionSelector {
tag?: string;
latest?: boolean;
consumer?: string;
deployedOrReleased?: boolean;
deployed?: boolean;
released?: boolean;
environment?: string;
fallbackTag?: string;
branch?: string;
mainBranch?: boolean;
matchingBranch?: boolean;
}
See the Pact Broker documentation on selectors for more information.
To develop this project, simply install the dependencies with npm install --ignore-scripts
, and run npm run watch
to for continual development, linting and testing when a source file changes.
Running npm test
will execute the tests that has the *.spec.js
pattern.
Please search for potential answers or post question on our official Pact StackOverflow.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
23 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
Reason
3 existing vulnerabilities detected
Details
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
Reason
Found 3/12 approved changesets -- score normalized to 2
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
project is not fuzzed
Details
Reason
Project has not signed or included provenance with any releases.
Details
Reason
security policy file not detected
Details
Reason
branch protection not enabled on development/release branches
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More