npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@mcpose/testing

v2.0.3

Published

Compliance testing utilities for mcpose — audit chain assertions, scenario harness

Readme

@mcpose/testing

npm license

Compliance assertions for @mcpose/audit audit chains.

A small set of assertion functions that verify the tamper-evidence guarantees of an mcpose audit trail — chain integrity, Merkle-proof validity, PII redaction, and delegation handling. Each throws a descriptive Error on failure and returns void on success.

Runner-agnostic. These are plain functions with no test-framework dependency — use them with Vitest, Jest, node:test, or any runner.

Not to be confused with mcpose/testing — the subpath export of the core mcpose package, which provides proxy/middleware mocks (createMockBackendClient, runToolMiddleware). This package (@mcpose/testing) is about asserting the audit chain.

Install

npm install --save-dev @mcpose/testing

mcpose and @mcpose/audit are peer dependencies.

Quick start

import { expect, test } from 'vitest'; // or jest, node:test — your choice
import {
  assertAuditChainIntegrity,
  assertReplayManifestValid,
  assertPiiRedacted,
  assertDelegationHonored,
} from '@mcpose/testing';

// Supplied by your test setup:
//   captureAuditEvents — collects the AuditEvents emitted via AuditOptions.onEvent
//   auditHandle        — the handle returned by createAuditMiddleware()

test('transfer flow produces a verifiable audit trail', async () => {
  const events = await captureAuditEvents(/* run your scenario */);
  const manifest = await auditHandle.closeSession('session-123');

  assertAuditChainIntegrity(events);                 // no insert/delete/reorder
  assertReplayManifestValid(events, manifest!);      // every Merkle proof verifies
  assertPiiRedacted(events[0], [/\d{16}/]);          // no card numbers in plaintext
});

API

| Function | What it checks | |---|---| | assertAuditChainIntegrity(events) | Sequential replayManifestPositions, non-empty chainHashes, no duplicates — detects insertion, deletion, or reordering. | | assertReplayManifestValid(events, manifest) | eventCount matches, and every event's Merkle proof verifies against merkleRoot. | | assertPiiRedacted(event, patterns) | No RegExp pattern matches the plaintext input/output fields. High-tier (encrypted) events pass automatically. | | assertDelegationHonored(chain) | The delegation chain is non-empty and every Identity has a sub. |

Re-exports AuditEvent and ReplayManifest types from @mcpose/audit for convenience.

Documentation

License

MIT © Amir Gorji