1 minute read
Surely you Jest – now it integrates with Jazzer.js
from SD Times March 2023
by d2emerge
BY S D T I M ES
engine,
Jazzer js is a free, coverage-guided, in-process fuzzer spanning the Node.js platform. It is currently available within JavaScript’s node package manager
With this, developers can use Jest for both functional and security testing without the need to leave their development environment
According to the company, the integration offers developers the ability to run automated security tests that are complementary to their existing unit tests and allows them to test JavaScript applications for hidden bugs
Code Intelligence also stated that it will be bringing the ability to receive specialized bug detectors for critical vulnerabilities to Jazzer js These include remote executions, cross-site-scripting, and injections
“While most JavaScript developers already use Jest for functional testing, to test whether their application behaves as expected, our new Jest integration allows developers to also do negative testing. This is to check their applications for unexpected or strange behaviors It does not only avoid security issues but makes the code more reliable and reduces outages and bad user experience,” said Werner Krahe, product director of Code Intelligence.
The Jest integration enables developers to call Jazzer.js by using the new it fuzz() function in describe() blocks
This function works to call fuzz tests that use coverage feedback to generate several unused and unexpected test inputs that have the ability to trigger security vulnerabilities as well as functional bugs. z