Reading postmortems

Once in a while a seemingly straightforward article turns into a goldmine of links and resources. This happened to me today with this one – “Reading postmortems“.

Not only this article itself is a very nice roundup of common sources for system failures, but it also links to a couple of awesome references:

  • Simple Testing Can Prevent Most Critical Failures: An Analysis of Production Failures in Distributed Data-Intensive Systems. This is both a talk and a paper.
  • danluu/post-mortems – a GitHub repository with a collection of publicly available postmortems from a variety of organizations, like Google, Amazon, Facebook, NASA, GitHub, and more.

If you still have no idea what postmortem is, Wikipedia explains.

composer-plugin-qa – Composer Plugin for PHP Quality Assurance Tools

composer-plugin-qa is a Composer plugin which adds all the most popular PHP quality assurance tools as composer scripts, so that you don’t have to install and set them up one by one.  The list of tools includes the following:

  • PHPUnit: Testing Framework
  • PHPCOV: CLI frontend for the PHP_CodeCoverage
  • Paratest: Parallel testing for PHPUnit
  • DbUnit: Puts your database into a known state between test runs
  • PHPLOC: A tool for quickly measuring the size of a PHP project
  • PHPCPD: Copy/Paste Detector
  • PHP_Depend: Quality of your design in the terms of extensibility, reusability and maintainability
  • PHPMD: User friendly frontend application for the raw metrics stream measured by PHP Depend
  • PhpMetrics: Static analysis tool, gives metrics about PHP project and classes
  • PHP_CodeSniffer: Detects violations of a defined set of coding standards
  • PHP-CS-Fixer: A tool to automatically fix coding standards issues
  • Security-Checker: Checks if your application uses dependencies with known security vulnerabilities

This list is very similar to the one in my other recent post.

Mailtrap – safe email testing for development teams

Mailtrap is a handy service for any developer or team that needs to test outgoing emails from test and staging environments, without spamming real users.  It’s basically a fake SMTP server with some controls of where and how to forward messages, and ways of analyzing, sharing, and testing of HTML rendering.

Unit Testing – The Big Picture

Unit Testing – The Big Picture” is a super useful for those of us who need a refresher or an overview of what software testing is in general, and how unit testing relates to other types of testing in particular.  It covers a bit of history of testing, different approaches, terminology, and more.

Code quality tools in PHP to check and improve your code

Code quality tools in PHP to check and improve your code” is a list of both some very well known tools and some new kids on the block.  The article covers the following:

Free and Open Source Test Management Software

Quality Assurance is an important part of the software development.  There are many tools available that help with a variety of problems in this domain.  At work, we have already been using quite a few of them – mostly those that deal with automated testing – PHPUnit, PHP CodeSniffer, Nightwatch.js, TravisCI, BitBucket Pipelines, and more.

But the above tools are mostly for software developers.  With the expansion of our quality assurance efforts, I am looking at some more tools and this time around, those that are aimed more towards QA engineers and testers.  One particular area that I am currently very interested in is the tool for test (and requirements) management.

My experience in this area is very limited.  I just know that such tools do exist.  Most of them are propitiatory and expensive, and are used by large organizations.  We are not a large company.  Our needs are simpler.  And our budget for this is not great yet.

So, here is what I’m looking for:

  • A web-based tool to manage test cases, test plans, test runs, and test results.
  • This tool should support git version control.
  • This tool should integrate well with GitHub and BitBucket.
  • This tool should integrate well with TravisCI and BitBucket Pipelines.
  • This tool should integrate well with Redmine.
  • This tool should integrate well with HipChat.
  • This tool must support multiple projects.
  • This tool must support both manual and automated tests.
  • Preferably, the tool should be Open Source software.
  • Preferably, the tool should be free (as in money).
  • Preferably, the tool should be written in PHP, as that’s what where we have a lot of in-house expertise.

If you know of a tool that matches all or most of the above, please let me know.

Continue reading “Free and Open Source Test Management Software”

Useful payloads for security testing of web applications

This article (in Russian) lists a number of useful payloads (and some tools that work with them) for security testing of web applications.  Below is the list of handy GitHub repositories for web server path testing, cross-site scripting, SQL injection, and several other common types of vulnerabilities.  These payloads are much richer than basic hand-made tests and can help improve the security of the web application a great deal:

atoum – modern, simple and intuitive PHP unit testing framework

With all the hype around the quality assurance and testing tools for PHP, I wonder how did I miss atoum.  Atoum is a modern, simple and intuitive unit testing framework for PHP.  From a quick look around, it seems to be a lot simpler than PHPUnit and I definitely need to find some time to give it a go.

Also, here’s a blog post that describes how Automattic moved from PHPUnit to atoum, which makes a lot of sense (you know what I’m talking about if you ever tried to write PHPUnit tests for WordPress projects).

Kitab – documentation rendering and testing tool for PHP

Kitab is a handy tool for PHP developers that helps with two things:

  1. Render static HTML (with added search) from the doc-blocks in source code.
  2. Unit test the examples that are in the doc-blocks.

There are a number of tools that do the first one (phpDocumentor, Doxygen, Sami, etc).  However I don’t remember seeing anything that accomplishes the second task.

Best Automation Testing Tools for 2018 (Top 10 reviews)

best testing tools

Here is a nice review of the top 10 best automation testing tools circa 2018.  It covers the following:

  1. Selenium
  2. Katalon Studio
  3. Unified Functional Testing (UFT)
  4. Watir
  5. IBM Rational Functional Tester (RFT)
  6. TestComplete
  7. TestPlant eggPlant
  8. Tricentis Tosca
  9. Ranorex
  10. Robot framework

If you are just setting up the QA team or department and want to know what’s new and hot, or old and tested in the world of automated testing, have a look at these tools.