As I write my Node.js framework, I sometimes open the documentation of other frameworks to see what features they have, and I look at issues on github to see what features users of these frameworks want. This is especially true of NestJS, as it has also adopted many concepts from Angular, as has my framework.
The other day I was writing a module to integrate with the well-known jsonwebtoken library. NestJS also has an integration with this library, so I decided to peek at what tests they write to test something similar.
@nestjs/jwt module is now downloaded 308,000 times a week, which is about a third of all NestJS users, and is responsible for such an important part as setting up security tokens and verifying them.
And what did I see in the tests of this module? - "Horror!" Because of this I opened the corresponding issue on github. Tests are not just written with small inconspicuous mistakes, such as the lack of
expect(), there is generally a hell of a lot, and in almost all tests.
And how do you think the author of NestJS would react? He will say something like: "Wow! Thank you, colleague, for your attention, let's fix it!" - No, he stupidly closed the issue, and even locked it, with the words:
Tests were added via external contribution as part of this commit 9bae007. Feel free to create a follow-up PR to improve them.
I say - Wow! It would not be terrible if the author of an unknown framework reacted in this way. But this framework is downloaded as much as 1 million times a week, and such an indifferent attitude...
Udate: see fix of this bug https://github.com/nestjs/jwt/pull/808
Top comments (1)
Thanks for bringing up your concern, I'll make sure that international open source police and authorities are notified.