AssertSyscall 0.1.0-preview

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher.
This is a prerelease version of AssertSyscall.
There is a newer prerelease version of this package available.
See the version list below for details. 
dotnet add package AssertSyscall --version 0.1.0-preview
                    


                    

                
NuGet\Install-Package AssertSyscall -Version 0.1.0-preview
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="AssertSyscall" Version="0.1.0-preview" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="AssertSyscall" Version="0.1.0-preview" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="AssertSyscall" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add AssertSyscall --version 0.1.0-preview
                    


                    

                
#r "nuget: AssertSyscall, 0.1.0-preview"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package AssertSyscall@0.1.0-preview
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=AssertSyscall&version=0.1.0-preview&prerelease
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=AssertSyscall&version=0.1.0-preview&prerelease
                    


                            Install as a Cake Tool

AssertSyscall

Verifies calls to the Linux API (syscalls) made by a test case.

Modern apps use a lot of external dependencies. At the same time, in most cases, an app CI/CD pipeline verifies the app code only. Thus we can be sure that the app code is safe, which cannot be said about used external code.

Using this library, you can declare the app/environment contract and be sure that the app complies it. It makes your expectations transparent, eliminates some zero-day vulnerabilities, and minimizes the possible attack surface. And all of this is easy to inject to the existing CI/CD and tests. All you need is to mark existing test cases with the AssertSyscall and define your own rules - the contract between your app and the environment (OS).

Requirements

  • Linux only.
  • The strace must be pre-installed.
apt update && apt install -y strace

Usage example

The next example shows how to check that the tested code writes to the /output directory only.

namespace AssertSyscall.NUnit.Tests;

[TestFixture]
[AssertSyscall] // <1>
class DenyFileWriteTest
{
    [Test]
    [DenyFileWrite(excludePaths: ["/output"])] // <2>
    public void ShouldWriteToOutputDirOnly()
    {
        var dir = "/output";
        var file = Path.Join(dir, "some.txt");
        File.WriteAllText(file, "Some Content");
    }
}
  1. The AssertSyscall attribute marks that the test class verifies syscalls.
  2. The DenyFileWrite attribute defines a rule to verify syscalls made by the test case.

INFO

This example uses the AssertSyscall.NUnit package.

Build

To build the package run:

./build.sh

The bin/publish/ directory will contain nuget-packages.

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

  • net8.0

    • No dependencies.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on AssertSyscall:

Package Downloads
AssertSyscall.NUnit

Verifies syscalls performed during a test execution.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
0.2.0-preview 163 9/11/2025
0.1.0-preview 141 9/9/2025