1 minute read

Surely you Jest – now it integrates with Jazzer.js

BY S D T I M ES

engine,

Jazzer js is a free, coverage-guided, in-process fuzzer spanning the Node.js platform. It is currently available within JavaScript’s node package manager

With this, developers can use Jest for both functional and security testing without the need to leave their development environment

According to the company, the integration offers developers the ability to run automated security tests that are complementary to their existing unit tests and allows them to test JavaScript applications for hidden bugs

Code Intelligence also stated that it will be bringing the ability to receive specialized bug detectors for critical vulnerabilities to Jazzer js These include remote executions, cross-site-scripting, and injections

“While most JavaScript developers already use Jest for functional testing, to test whether their application behaves as expected, our new Jest integration allows developers to also do negative testing. This is to check their applications for unexpected or strange behaviors It does not only avoid security issues but makes the code more reliable and reduces outages and bad user experience,” said Werner Krahe, product director of Code Intelligence.

The Jest integration enables developers to call Jazzer.js by using the new it fuzz() function in describe() blocks

This function works to call fuzz tests that use coverage feedback to generate several unused and unexpected test inputs that have the ability to trigger security vulnerabilities as well as functional bugs. z

This article is from: