Nock
HTTP request mocking and intercepting library for Node.js. Intercepts outgoing HTTP/HTTPS requests at the Node.js http/https module level and returns mocked responses without actual network calls. Used in unit/integration tests to mock external API calls. Works with any HTTP client library (axios, node-fetch, got, http.request) since it intercepts at the Node.js core level.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
MIT licensed. Test-only library — never deployed to production. Intercepts at OS level — ensure test isolation with nock.cleanAll().
⚡ Reliability
Best When
You're writing Node.js unit/integration tests and need to mock HTTP API calls for any HTTP client library without test-specific adapter code.
Avoid When
You're testing browser-side code — use msw instead. For integration tests hitting real APIs, nock may over-constrain test fidelity.
Use Cases
- • Mock external API calls in agent unit tests to test agent behavior with controlled responses without network access
- • Record real API responses (nock.recorder) and replay them in tests for reproducible integration testing
- • Test error handling in agent code by mocking specific HTTP error responses (500, 401, timeouts)
- • Test retry logic and backoff behavior in agent HTTP clients by simulating transient failures
- • Mock Stripe, OpenAI, GitHub, or other external APIs in CI pipelines without live API credentials
Not For
- • Browser testing — nock intercepts Node.js http module; use msw (Mock Service Worker) for browser or Playwright's route interception
- • Persistent test doubles across process restarts — nock interceptors exist only in-memory for current test process
- • GraphQL-specific mocking — nock works at HTTP level; use graphql-mocking libraries for schema-aware mocks
Interface
Authentication
Local testing library — no authentication required. MIT licensed.
Pricing
MIT licensed. Zero cost.
Agent Metadata
Known Gotchas
- ⚠ Always call nock.cleanAll() in afterEach/afterAll — stale interceptors affect subsequent tests and cause hard-to-debug test pollution
- ⚠ Nock interceptors are consumed on first match by default — use .persist() for interceptors that handle multiple requests: nock('https://api.example.com').get('/data').reply(200, data).persist()
- ⚠ nock.disableNetConnect() is essential for preventing accidental real network calls in tests — call in global test setup; add allowUnmocked for specific hosts if needed
- ⚠ Request body matching: nock intercepts based on URL+method by default; add .matchHeader() or request body matchers for precise interception
- ⚠ Nock v13+ dropped Node.js < 12 support — ensure test environment compatibility
- ⚠ Nock intercepts http AND https but hostname must match exactly — 'https://api.example.com' does NOT match 'http://api.example.com'; specify correct protocol
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for Nock.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-07.