Technology Evaluation - Mocking library
In the work to secure /untrusted-settings endpoint, a node.js mocking library is needed to mock up the responses from GPII cloud.
The requirements of the mocking library is collected at this discussion:
- Must be able to support the mocking of responses for node.js http requests implemented via
- Nice to support the mocking of responses for browser http requests
- Nice to support the mocking of responses for web socket requests
- Nice to support to support for redirects, where an initial request is replied to with a 301 status and the headers indicating the new location, and where a secondary request is presumed to be immediately conducted against the new location.
Note that our immediate requirement is to be able to mockup responses for http requests that are sent and implemented via node.js
http.request. Other requirements might be needed in the future but not for the current work.
|Nock||Yes||No||No||No||No vulnerabilities at time of writing||Reasonably sized community. Frequent releases every 8 days.|
|Sinon||No||Yes||No||No||No vulnerabilities at time of writing||Reasonably sized community. Frequent releases every month.|| Justin's use of its stubs feature in fluid-publish tests: https://github.com/fluid-project/fluid-publish/blob/master/tests/publishTests.js#L185
Although Sinon claims its major features are supported on node.js, the experiment shows it at least doesn't support mocking http responses on node: sinon fake server doesn't respond to http requests sent via http.request() and https.request(). This issue report at sinon github confirms this finding. As a reply and solution to this issue, sinon's author recommends to use Nock for this feature.
|Mock Socket||No||No||Yes||No||No vulnerabilities at time of writing||Reasonably sized community. Young (3 years old). No active development in the past 3 months.|
|mockserver||Yes||No||No||No||Vulnerability is not tracked at snyk.io.||Small and inactive community. No active development in the past 5 months||Can start a mock server via command lines or from within node code.|
Only Nock meets our immediate requirement of mocking up responses for node.js requests.