moq
mockery
Our great sponsors
moq | mockery | |
---|---|---|
20 | 20 | |
5,678 | 5,599 | |
1.4% | 2.4% | |
7.5 | 8.8 | |
7 days ago | 2 days ago | |
C# | Go | |
GNU General Public License v3.0 or later | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
moq
- Warum wird so wenig Open-Source-Software in Unternehmen genutzt?
- The release notes for Moq 4.20.2 seem to suggest, that this version does not contain this dubious mechanism [obfuscated DLL collecting commit emails], although it may be temporary, as the reason is that it breaks builds on MacOS.
-
.NET developers alert: Moq NuGET package exfiltrates user emails from git
Moq’s prior version, 4.18.4, free of the exfiltration behavior, accounts for 6,765,006 downloads in the past six weeks, demonstrating the potential blast radius of privacy breach if a developer hadn’t noticed the issue and raised it with the community.
-
Ask HN: Benefits to Keeping Packages Updated?
In light of the Moq issue yesterday[0] I'm interested to understand why the consensus seems to be so in favor of keeping packages up-to-date in software.
The common explanation I see is it "keeps you up to date with security and bug fixes".
But in practice this seems to just involve most orgs mandating Dependabot and mindlessly updating every dependency when a new version becomes available. (Yes in an ideal world you code review every change in every dependency, but... I mean, let's be real here. Just take the update frequency of the AWS SDK packages in isolation, very few orgs are actually doing this)
As a maintainer of an open source library I know most releases are a crapshoot, they're just as likely to contain new bugs and flaws as they are to fix old ones.
So staying up-to-date seems to open up codebases to far greater risks than outdated dependencies:
1) Zero days, a new package launches with some critical security flaw that isn't going to get noticed for some time.
2) Supply chain attacks, old packages are generally immutable. Therefore most supply chains attacks seem to involve take-overs of existing package (name)s by disgruntled or new hostile 'maintainers'. The new versions are far more at risk.
3) New bugs, the dirty truth of OSS is most work is done by unpaid people with little time or ability to focus. Most software isn't formally verified. New updates are a risk.
In addition the old version is a known quantity. Unless you know absolutely the version you are running is compromised (log4j, OpenSSL) what benefits does updating actually bring? The default presumption that version number goes up is better seems like yet more security/compliance cargo cult behavior.
What am I missing here?
[0] https://github.com/moq/moq/issues/1374
- Moq: Warnings with Latest Version from SponsorLink
- Moq SponsorLink and supporting OSS more broadly
-
Popular open source project Moq criticized for quietly collecting data
NSubstitute is good, I used it at a previous job.
I've favored Moq in the past because I think there are a couple of things it makes a bit easier or is a bit less opinionated about, but NSub is perfectly cromulent as well.
Someone posted a quick guide to migrating a bunch of it easily in one of the issues in the Moq repo discussing this whole mess: https://github.com/moq/moq/issues/1374#issuecomment-16712411...
-
The Moq-gate: You Either Die a Hero...
Moq was is a popular .NET mocking library that has accumulated over 475.7 million downloads as of now.
-
Does Moq extract and send my email to the cloud via SponsorLink?
Going by reports in the releated Github issue Moq does not let users opt out of this privacy-invading data collection: https://github.com/moq/moq/issues/1372
This is sad. Moq was my favorite mocking framework in .net. I will not be using it moving forward and if I had any projects using it I'd rip it out ASAP.
- Moq – Privacy issues with SponsorLink, starting from version 4.20
mockery
-
I Write Tests in Go
I'm far too lazy to write mocks by hand in go. You can generate a mock for a given interface with mockery https://github.com/vektra/mockery
-
go-ecommerce-microservices: A practical e-commerce microservices, built with cqrs, event sourcing, vertical slice architecture, event-driven architecture.
Some of the features: - ✅ Using Vertical Slice Architecture as a high level architecture - ✅ Using Event Driven Architecture on top of RabbitMQ Message Broker with a custom [Event Bus](pkg/messaging/bus/) - ✅ Using Event Sourcing in Audit Based services like [Orders Service](services/orders/) - ✅ Using CQRS Pattern and Mediator Patternon top of Go-MediatR library - ✅ Using Dependency Injection and Inversion of Controlon top of uber-go/fx library - ✅ Using RESTFul api with Echo framework and using swagger with swaggo/swag library - ✅ Using Postgres and EventStoreDB to write databases with fully supports transactions(ACID) - ✅ Using MongoDB and Elastic Search for read databases (NOSQL) - ✅ Using OpenTelemetry for collection Distributed Tracing with using Jaeger and Zipkin - ✅ Using OpenTelemetry for collection Metrics with using Prometheus and Grafana - ✅ Using Unit Test for testing small units with mocking dependent classes and using Mockery for mocking dependencies - ✅ Using End2End Test and Integration Test for testing features with all of their real dependeinces using docker containers (cleanup tests) and testcontainers-go library
- Direction of mockery: absorb different styles of mocks into this project · vektra mockery · Discussion #671
-
Go: Write Mock Test cases using Mockery and
Read mockery documentation: https://vektra.github.io/mockery/
-
Mocking unexported interfaces?
https://github.com/vektra/mockery is the better mocking framework in my biased opinion. The Google maintainers for gomock seem to have neglected the project.
-
I want to contribute to open source but don't know where to start
There are some one liner changes you can implement in https://github.com/vektra/mockery
-
Is gomock still maintained and recommended?
When there's just one heavyweight dependency you're interacting with, perhaps a one-off stub/fake is simpler, but I would posit that auto-generated mocks via things like mockery + go:generate leave less test code to maintain vs. perhaps many stubs across the project.
-
vektra/mockery: v2.21.0 includes "packages" config section, allowing 5x faster mock generation and more fine-grained control over mocks
Please take a look at the documentation linked here, and the related discussion topic that spawned this.
-
Issue implementing interface method that returns another interface
As you can see, the package has a chained method Logical().Write() . Since I want to create tests for PublicFunctionIWantToTest, I want to pass down all the functionality as interface so that I can use https://vektra.github.io/mockery/ to create mocks for it.
- FEEDBACK REQUESTED: Deprecation of automatic interface discovery · Discussion #549 · vektra/mockery
What are some alternatives?
gomock - GoMock is a mocking framework for the Go programming language.
NSubstitute - A friendly substitute for .NET mocking libraries.
counterfeiter - A tool for generating self-contained, type-safe test doubles in go
Fluent Assertions - A very extensive set of extension methods that allow you to more naturally specify the expected outcome of a TDD or BDD-style unit tests. Targets .NET Framework 4.7, as well as .NET Core 2.1, .NET Core 3.0, .NET 6, .NET Standard 2.0 and 2.1. Supports the unit test frameworks MSTest2, NUnit3, XUnit2, MSpec, and NSpec3.
minimock - Powerful mock generation tool for Go programming language
AutoFixture - AutoFixture is an open source library for .NET designed to minimize the 'Arrange' phase of your unit tests in order to maximize maintainability. Its primary goal is to allow developers to focus on what is being tested rather than how to setup the test scenario, by making it easier to create object graphs containing test data.
go-sqlmock - Sql mock driver for golang to test database interactions
cell-cms - CMS leve, self-contained e prático de utilizar! Feito por desenvolvedores e para desenvolvedores!
hoverfly - Lightweight service virtualization/ API simulation / API mocking tool for developers and testers
Entity Framework - EF Core is a modern object-database mapper for .NET. It supports LINQ queries, change tracking, updates, and schema migrations.
moq - Interface mocking tool for go generate