composer-plugin-qa is a Composer plugin which adds all the most popular PHP quality assurance tools as composer scripts, so that you don’t have to install and set them up one by one. The list of tools includes the following:
Mailtrap is a handy service for any developer or team that needs to test outgoing emails from test and staging environments, without spamming real users. It’s basically a fake SMTP server with some controls of where and how to forward messages, and ways of analyzing, sharing, and testing of HTML rendering.
“Unit Testing – The Big Picture” is a super useful for those of us who need a refresher or an overview of what software testing is in general, and how unit testing relates to other types of testing in particular. It covers a bit of history of testing, different approaches, terminology, and more.
But the above tools are mostly for software developers. With the expansion of our quality assurance efforts, I am looking at some more tools and this time around, those that are aimed more towards QA engineers and testers. One particular area that I am currently very interested in is the tool for test (and requirements) management.
My experience in this area is very limited. I just know that such tools do exist. Most of them are propitiatory and expensive, and are used by large organizations. We are not a large company. Our needs are simpler. And our budget for this is not great yet.
So, here is what I’m looking for:
A web-based tool to manage test cases, test plans, test runs, and test results.
This tool should support git version control.
This tool should integrate well with GitHub and BitBucket.
This tool should integrate well with TravisCI and BitBucket Pipelines.
This tool should integrate well with Redmine.
This tool should integrate well with HipChat.
This tool must support multiple projects.
This tool must support both manual and automated tests.
Preferably, the tool should be Open Source software.
Preferably, the tool should be free (as in money).
Preferably, the tool should be written in PHP, as that’s what where we have a lot of in-house expertise.
If you know of a tool that matches all or most of the above, please let me know.
This article (in Russian) lists a number of useful payloads (and some tools that work with them) for security testing of web applications. Below is the list of handy GitHub repositories for web server path testing, cross-site scripting, SQL injection, and several other common types of vulnerabilities. These payloads are much richer than basic hand-made tests and can help improve the security of the web application a great deal:
With all the hype around the quality assurance and testing tools for PHP, I wonder how did I miss atoum. Atoum is a modern, simple and intuitive unit testing framework for PHP. From a quick look around, it seems to be a lot simpler than PHPUnit and I definitely need to find some time to give it a go.
Also, here’s a blog post that describes how Automattic moved from PHPUnit to atoum, which makes a lot of sense (you know what I’m talking about if you ever tried to write PHPUnit tests for WordPress projects).