Gathering detailed insights and metrics for cypress-mailosaur
Gathering detailed insights and metrics for cypress-mailosaur
Mailosaur email and SMS testing commands for Cypress
Installations
npm install cypress-mailosaurDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>= v10.0.0
Typescript Support
Yes
Node Version
18.13.0
NPM Version
8.19.3
Statistics
82 Stars
110 Commits
9 Forks
2 Watching
1 Branches
7 Contributors
Updated on 11 Nov 2024
Languages
JavaScript (97.66%)
CSS (1.25%)
HTML (1.09%)
Total Downloads
Cumulative downloads
Total Downloads
10,827,543
Last day
-26.1%
14,591
Compared to previous day
Last week
-15.4%
93,658
Compared to previous week
Last month
2.8%
433,304
Compared to previous month
Last year
33.5%
4,507,322
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
Mailosaur Cypress Commands
Test email and SMS messages with Cypress
Using Cypress and Mailosaur together you can:
- Test email, with unlimited test email addresses
- Test SMS messages
- Capture emails with your very own fake SMTP servers
What is Mailosaur?
Mailosaur is a service that lets you automate email testing (e.g. email verification, password resets, etc.) and SMS testing (e.g. one-time passwords).
Mailosaur also provides dummy SMTP servers to test with; allowing you to catch email in staging environments - preventing email being sent to customers by mistake.
How do I test email with Cypress?
Follow these steps to start testing email with Cypress:
Step 1 - Installation
Install the Mailosaur commands via npm or yarn:
1npm i -D cypress-mailosaur 2# or 3yarn add -D cypress-mailosaur
Once downloaded, add the following line to cypress/support/e2e.js (or cypress/support/index.js in older versions of Cypress) to import the commands into your Cypress project:
1require('cypress-mailosaur');
Step 2 - API Authentication
Mailosaur commands need your Mailosaur API key to work. You can learn about managing API keys here.
Add API key to cypress.config.js
1module.exports = defineConfig({ 2 env: { 3 MAILOSAUR_API_KEY: "your-key-here", 4 }, 5 6 // ... 7}); 8
Alternatively, set API key via a system environment variable
To set the environment variable on your machine, it needs to be prefixed with either CYPRESS_ or cypress_.
1export CYPRESS_MAILOSAUR_API_KEY=your-key-here
Step 3 - Write your email test
For this example, we'll navigate to a password reset page, request a new password link (sent via email), and get that email.
Create a new test spec:
1touch cypress/e2e/password-reset.cy.js
Now edit the file to something like this:
1describe('Password reset', () => { 2 const serverId = 'abcd1234' 3 const serverDomain = 'abcd1234.mailosaur.net' 4 const emailAddress = 'password-reset@' + serverDomain 5 6 it('Makes a Password Reset request', () => { 7 cy.visit('https://github.com/password_reset') 8 cy.title().should('equal', 'Forgot your password?') 9 cy.get('#email_field').type(emailAddress) 10 }) 11 12 it('Gets Password Reset email from Mailosaur', () => { 13 cy.mailosaurGetMessage(serverId, { 14 sentTo: emailAddress 15 }).then(email => { 16 expect(email.subject).to.equal('Reset your password'); 17 passwordResetLink = email.text.links[0].href; 18 }) 19 }) 20 21 it('Follows the link from the email', () => { 22 const validPassword = 'delighted cheese jolly cloud' 23 24 cy.visit(passwordResetLink) 25 cy.title().should('contain', 'Change your password') 26 cy.get('#password').type(validPassword) 27 cy.get('#password_confirmation').type(validPassword) 28 cy.get('form').submit() 29 }) 30})
Step 4 - Write further test cases
You can test pretty much anything with Mailosaur and Cypress, including:
- Test the text content of an email
- Test links within an email
- Working with email attachments
- Handling images and web beacons
- Perform a spam test
For more information, check out the full Mailosaur docs for the most up-to-date guides and troubleshooting tips.
How do I test SMS with Cypress?
Mailosaur Team, Premium, and Ultimate customers can perform SMS tests with Cypress, whilst Trial account users can just ask support to enable this feature to try it out!
SMS testing works in just the same way as email testing above. However rather than dealing with email addresses, you search using phone numbers instead. For example:
1cy.mailosaurGetMessage(serverId, { 2 sentTo: '447555111222' 3}).then(sms => { 4 expect(sms.text.body).to.equal('Your OTP code is: 123456') 5})
Development
Install all development dependencies:
1cd test/react-app 2npm i 3cd ../../ 4npm i
The test suite requires the following environment variables to be set:
1export CYPRESS_MAILOSAUR_API_KEY=your_api_key 2export CYPRESS_MAILOSAUR_SERVER=server_id
Run all tests:
1npm test
Contacting us
You can get us at support@mailosaur.com
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/mailosaur/cypress-mailosaur/publish.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/build.yml:36
- Warn: npmCommand not pinned by hash: .github/workflows/build.yml:65
- Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:21
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
- Info: 1 out of 4 npmCommand dependencies pinned
Reason
Found 1/30 approved changesets -- score normalized to 0
Reason
1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/build.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 1 are checked with a SAST tool
Reason
34 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.8
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More