awesome-inc / nedifis Goto Github PK

View Code? Open in Web Editor NEW

2.0 2.0 1.0 871 KB

Framework for enhanced testing using NUnit and NSubstitute.

License: MIT License

C# 98.64% Batchfile 1.36%

nedifis's People

Contributors

Stargazers

Watchers

Forkers

gitter-badger

nedifis's Issues

ExcludeFromConventions with Because property

A because property is missing.

TicketAttribute should be typed string

TestedBy-Attribute imposes runtime dependency on NEdifis

When using NEdifis for testing in a custom deployable project or library the TestedBy-Attribute imposes a runtime dependency on NEdifis, i.e. users of my lib need NEdifis as well when instantiating production code.

I don't want to redistribute NEdifis at runtime.

convention implementations are private

it would be useful to make the convention implementations accessble.

TestTraceListener is not public

Well ,the test trace listener should be public!

IVerifyConvention should throw instead of returning bool

The convention interface is designed around returning a bool and evaluating a "Hint on fail"-property. For simple checks this is sufficient. For more complex conventions checking multiple conditions a single hint will not be as much help for a user.

It seems that exceptions are better suited for this. Suggestion is to redesign the contract to void (convention passed) and throw (convention failed)

Inner class not working property

Though it is mentioned in the blog post on aweseome-incremented.blogspot.de it does not seem to work either with R# or with NCrunch

Check for compatibility with nuget 3.0

I seem to have some issues since I use nuget 3 regarding some root element issues during installing nedifis.

missing version number in package file causes problems

The nuspec files has no version numbers of fluentassertions, nsubstitute and nunit defined. with a simple "install-package" it causes the system to install a very old version of the dependencies.

This is a test issue from WhiteSource, it will be closed shortly

Add option `ctx.Use<T>`(string parameterName)`

Right now, there seems to be no option to use a specific instance when constructors have multiple parameters of the same interface, i.e.

public MyClass(IDependency dep1, IDependency dep2, ...) { ... }
ctx.For<IDependency>("dep2");

is possible but not

ctx.Use<IDependency>("dep2", dep2);

a test should resolve or be related to multiple tickets

a test should resolve or be related to multiple tickets. right now, this is not possible

    [Test]
    [Ticket(11144)]
    [Ticket(11690)]
    public void Register_templates()
    {
        _container.ShouldResolve<ITemplateExtender, CoolTemplates>();
    }

CVE-2018-1000210 High Severity Vulnerability detected by WhiteSource

CVE-2018-1000210 - High Severity Vulnerability

Vulnerable Library - gitversiontask.4.0.0.nupkg

Stamps an assembly with git information based on SemVer.

path: /NEdifis/NEdifis/packages.config

Library home page: https://api.nuget.org/packages/gitversiontask.4.0.0.nupkg

Dependency Hierarchy:

❌ gitversiontask.4.0.0.nupkg (Vulnerable Library)

Found in HEAD commit: c0f599f5f8a9b9ece2377253b6da96a9aae81b7a

Vulnerability Details

YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);" and blindly instantiates them. that can result in Code execution in the context of the running process. This attack appear to be exploitable via Victim must parse a specially-crafted YAML file. This vulnerability appears to have been fixed in 5.0.0.

Publish Date: 2018-07-13

URL: CVE-2018-1000210

CVSS 3 Score Details (7.8)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with WhiteSource here

Exclude private generated classes (anonymous types)

nedifis convention checks all classes including classes generated by the compiler for closures and anonymous types. this does not makes sense.

Relation to AutoFixture?

I stumbled upon the PluralSight course on AutoFixture. How does NEdifis relate to AutoFixture

ConventionBase/ should support exclusions or type filters

By now the default conventions (IVerifyConvention) apply on all types. A common scenario would be to exclude Enums or DTOs without logic from "AllClassesNeedATest"-convention. Maybe a default base implementation should support exclude-predicates, injectable on constructor, i.e.

public abstract VerifyConventionBase : IVerifyConvention
{
    protected VerifyConventionBase(Func<Type,bool> typeSelector = null)
    {
      _typeSelector = typeSelector ?? (t => true);
    }

    public bool FulfilsConvention(Type type)
    {
      return _typeSelector(t) && ...
    }
}

Create an attribute to assign a ticket id

it might be useful to add a ticket id to test, especially if it fixes a reported issue.

it would be useful to check if something was traced/debugged

some kind of "trace listener" would be good.

        var traceListener = new TestTraceListener();
        Trace.Listeners.Add(traceListener);
        try
        {
            // now do something cool and awesome with Trace.WriteLine()

            // and we can check for this
            traceListener.MessagesFor(TraceLevel.Warning).Single().Should().StartWith("Could not read CSV");
        }
        finally
        {
            Trace.Listeners.Remove(traceListener);
        }