Log in
TestJS Summit 2021TestJS Summit 2021
talks

Who Guards the Guards? – Finding Bugs in Your Tests

Tibor Blenessy
Tibor Blenessy
SonarSource
Rate this content
Bookmark

Nowadays, testing has become the norm. There are many tools available to write different kinds of tests. While tests keep the guard on the main code of the application, how can you be sure that you don’t have bugs hiding in your test code? Should you write tests for the tests?

In this lighting talk I will show you a different approach on how you can eliminate certain types of issues from your tests using static code analysis tools like SonarLint or SonarQube. We will focus on common issues found in tests using frameworks such as Mocha and Chai.

testing
8 min
18 Nov, 2021

Video Summary and Transcription

The Talk discusses common pitfalls of JavaScript unit testing, including issues with expectations, assertions, and missing assertions. It also highlights the importance of handling exceptions properly and introduces SonarLint as a tool for code analysis and issue fixing. Additionally, it mentions SonarCube and SonarCloud as options for integrating static analysis testing in a continuous integration pipeline.

Available in Español

1. Common Pitfalls of JavaScript Unit Testing

Short description:

Hello everyone, my name is Tibor Blanesy and I work on static analysis as a sonar source. Welcome to this talk which is called Who Guards the Guards? And I would like to show you three common pitfalls of JavaScript unit testing. The first issue I would like to show you is the following one. So imagine you have the following test and you write your expectations there. Do you see the issue? Whatever you do inside the expectation, this test actually never fails. The next issue I would like to show you might be a bit cosmetic. However it often helps to have the clear test to better understand the real issue. So in the following test, when you write your assertion, you always need to provide the actual value which is the result of the test and your expectation. And the order in which these values are provided matters. The third issue I would like to show you in this lightning talk is the following one. Imagine you have a test and this test is going to be always green. Why? Because there is actually no assertion in it. So you are not testing anything.

Hello everyone, my name is Tibor Blanesy and I work on static analysis as a sonar source. Welcome to this talk which is called Who Guards the Guards? And I would like to show you three common pitfalls of JavaScript unit testing.

So the first issue I would like to show you is the following one. So imagine you have the following test and you write your expectations there. Do you see the issue? Whatever you do inside the expectation, this test actually never fails. Because what is missing is the assertion after the expect. So to have any meaningful testing, it has to look like this. You might be surprised how common this issue is. I will just show you two examples. So the first one is in Kibana project and the second one is in Angular.

The next issue I would like to show you might be a bit cosmetic. However it often helps to have the clear test to better understand the real issue. So in the following test, when you write your assertion, you always need to provide the actual value which is the result of the test and your expectation. And the order in which these values are provided matters. So to the expect you should provide the result of the computation and when you invoke some assertion like equal in this case, it should be the expected value. If you swap it around, you will receive such a message as here where expected is two and it's supposed to equal to three which is wrong and it might be confusing. Correctly it should look like this. You should have the addition in the expect call and it should equal to what your expectation is, in this case two, which gives better message where three is expected to equal the two. So the result is what we computed is three and our expectation was two. And here is the actual correct test where you need to correct your computation to have the test to be green. So this is cosmetic but when you are debugging a more complex issue it might be really helpful to have a good error message. So here is the real life project having this problem. You see that in the expectation the test and data is swapped.

The third issue I would like to show you in this lightning talk is the following one. Imagine you have a test and this test is going to be always green. Why? Because there is actually no assertion in it. So you are not testing anything. So to fix this test you should actually assert something. So for example, you want to assert if this string has the value of string. And here is the real life example from ESLink project where you might have this problem.

2. Handling Exceptions and Using SonarLint

Short description:

This often happens when dealing with exceptions. The better way to handle it is to wrap the call in the expectation and assert that either the exception is thrown or no exception is thrown. SonarLint can help you avoid such issues in your code. It's an extension that can be installed in Visual Studio Code. By using SonarLint, you can quickly fix issues in your IDE and your editor will notify you when you have a problem. For integrating static analysis testing in your continuous integration pipeline, you can use SonarCube for on-premise installation or SonarCloud for a cloud solution.

This often happens when you are dealing with exceptions. So the following test will fail if the exception is thrown as the comment suggests, however the message is not going to be very nice. Better way to do it is to wrap your call in the expectation and assert that either the exception is thrown or in this case it would be to assert that no exception is thrown. So this is the documentation from CHI assertion framework on how to do that.

So you might wonder how you can avoid having such issues in your code and I will show you a small demo how you can do that with SonarLint or SonarCloud or SonarQube. So first I will start with SonarLint. SonarLint is an extension which you can install in Visual Studio Code. So here is the extension, it's already installed and here I have the three examples I was showing you. So the first one here is the incomplete assertion where the expectation contains the comparison between some function and the result value and actually to have this test to make it more meaningful what you should do is to remove the expectation for here and add the assertion like this. And the issues here disappears. The second problem I was showing where you can hover here to over the squiggly line to see the description. So it says that the two arguments in the assertion should be swap and the correct order is the actual value first and then your expectation. So when I exchange the arguments the issue disappears. And the last problem I was throwing was the problem with the missing assertion. So you see here when I hover over the squiggly line I see that at least one assertion should be in this test. So let's add an assertion here. So let's say we expect the string to be empty like this and the issue disappears. So this is how you can quickly fix it in your IDE and your editor will notify you when you have this problem. And also if you want to integrate this sort of static analysis testing for your unit test in your continuous integration pipeline, you can use sonar cube which you install on-premise or if you prefer the cloud solution, there is sonar cloud. So they will both look the same. Here I have the sonar cube and here is the the same file which was analyzed in the continuous integration pipeline. So here you see again the squiggly line where the issues are located.

This is my lightning talk.

Check out more articles and videos

We constantly think of articles and videos that might spark Git people interest / skill us up or help building a stellar career

TestJS Summit 2021TestJS Summit 2021
33 min
Network Requests with Cypress
Top Content
Whether you're testing your UI or API, Cypress gives you all the tools needed to work with and manage network requests. This intermediate-level task demonstrates how to use the cy.request and cy.intercept commands to execute, spy on, and stub network requests while testing your application in the browser. Learn how the commands work as well as use cases for each, including best practices for testing and mocking your network requests.
cypresstesting
TestJS Summit 2021TestJS Summit 2021
38 min
Testing Pyramid Makes Little Sense, What We Can Use Instead
Top Content
Featured Video
The testing pyramid - the canonical shape of tests that defined what types of tests we need to write to make sure the app works - is ... obsolete. In this presentation, Roman Sandler and Gleb Bahmutov argue what the testing shape works better for today's web applications.
testing
TestJS Summit 2022TestJS Summit 2022
27 min
Full-Circle Testing With Cypress
Top Content
Cypress has taken the world by storm by brining an easy to use tool for end to end testing. It’s capabilities have proven to be be useful for creating stable tests for frontend applications. But end to end testing is just a small part of testing efforts. What about your API? What about your components? Well, in my talk I would like to show you how we can start with end-to-end tests, go deeper with component testing and then move up to testing our API, circ
e2e testingcypresstesting
TestJS Summit 2021TestJS Summit 2021
31 min
Test Effective Development
Top Content
Developers want to sleep tight knowing they didn't break production. Companies want to be efficient in order to meet their customer needs faster and to gain competitive advantage sooner. We ALL want to be cost effective... or shall I say... TEST EFFECTIVE!But how do we do that?Are the "unit" and "integration" terminology serves us right?Or is it time for a change? When should we use either strategy to maximize our "test effectiveness"?In this talk I'll show you a brand new way to think about cost effective testing with new strategies and new testing terms!It’s time to go DEEPER!
unit testingtesting
TestJS Summit 2023TestJS Summit 2023
21 min
Everyone Can Easily Write Tests
Let’s take a look at how Playwright can help you get your end to end tests written with tools like Codegen that generate tests on user interaction. Let’s explore UI mode for a better developer experience and then go over some tips to make sure you don’t have flakey tests. Then let’s talk about how to get your tests up and running on CI, debugging on CI and scaling using shards.
e2e testingtesting

Workshops on related topic

React Summit 2023React Summit 2023
151 min
Designing Effective Tests With React Testing Library
Top Content
Featured Workshop
React Testing Library is a great framework for React component tests because there are a lot of questions it answers for you, so you don’t need to worry about those questions. But that doesn’t mean testing is easy. There are still a lot of questions you have to figure out for yourself: How many component tests should you write vs end-to-end tests or lower-level unit tests? How can you test a certain line of code that is tricky to test? And what in the world are you supposed to do about that persistent act() warning?
In this three-hour workshop we’ll introduce React Testing Library along with a mental model for how to think about designing your component tests. This mental model will help you see how to test each bit of logic, whether or not to mock dependencies, and will help improve the design of your components. You’ll walk away with the tools, techniques, and principles you need to implement low-cost, high-value component tests.
Table of contents- The different kinds of React application tests, and where component tests fit in- A mental model for thinking about the inputs and outputs of the components you test- Options for selecting DOM elements to verify and interact with them- The value of mocks and why they shouldn’t be avoided- The challenges with asynchrony in RTL tests and how to handle them
Prerequisites- Familiarity with building applications with React- Basic experience writing automated tests with Jest or another unit testing framework- You do not need any experience with React Testing Library- Machine setup: Node LTS, Yarn
best practicesreacttestingdeep dive
TestJS Summit 2022TestJS Summit 2022
146 min
How to Start With Cypress
Featured WorkshopFree
The web has evolved. Finally, testing has also. Cypress is a modern testing tool that answers the testing needs of modern web applications. It has been gaining a lot of traction in the last couple of years, gaining worldwide popularity. If you have been waiting to learn Cypress, wait no more! Filip Hric will guide you through the first steps on how to start using Cypress and set up a project on your own. The good news is, learning Cypress is incredibly easy. You'll write your first test in no time, and then you'll discover how to write a full end-to-end test for a modern web application. You'll learn the core concepts like retry-ability. Discover how to work and interact with your application and learn how to combine API and UI tests. Throughout this whole workshop, we will write code and do practical exercises. You will leave with a hands-on experience that you can translate to your own project.
cypresstesting
React Summit 2022React Summit 2022
117 min
Detox 101: How to write stable end-to-end tests for your React Native application
Top Content
WorkshopFree
Compared to unit testing, end-to-end testing aims to interact with your application just like a real user. And as we all know it can be pretty challenging. Especially when we talk about Mobile applications.
Tests rely on many conditions and are considered to be slow and flaky. On the other hand - end-to-end tests can give the greatest confidence that your app is working. And if done right - can become an amazing tool for boosting developer velocity.
Detox is a gray-box end-to-end testing framework for mobile apps. Developed by Wix to solve the problem of slowness and flakiness and used by React Native itself as its E2E testing tool.
Join me on this workshop to learn how to make your mobile end-to-end tests with Detox rock.
Prerequisites- iOS/Android: MacOS Catalina or newer- Android only: Linux- Install before the workshop
e2e testingreact nativetestingbeginner friendly
TestJS Summit 2023TestJS Summit 2023
48 min
API Testing with Postman Workshop
Top Content
WorkshopFree
In the ever-evolving landscape of software development, ensuring the reliability and functionality of APIs has become paramount. "API Testing with Postman" is a comprehensive workshop designed to equip participants with the knowledge and skills needed to excel in API testing using Postman, a powerful tool widely adopted by professionals in the field. This workshop delves into the fundamentals of API testing, progresses to advanced testing techniques, and explores automation, performance testing, and multi-protocol support, providing attendees with a holistic understanding of API testing with Postman.
1. Welcome to Postman- Explaining the Postman User Interface (UI)2. Workspace and Collections Collaboration- Understanding Workspaces and their role in collaboration- Exploring the concept of Collections for organizing and executing API requests3. Introduction to API Testing- Covering the basics of API testing and its significance4. Variable Management- Managing environment, global, and collection variables- Utilizing scripting snippets for dynamic data5. Building Testing Workflows- Creating effective testing workflows for comprehensive testing- Utilizing the Collection Runner for test execution- Introduction to Postbot for automated testing6. Advanced Testing- Contract Testing for ensuring API contracts- Using Mock Servers for effective testing- Maximizing productivity with Collection/Workspace templates- Integration Testing and Regression Testing strategies7. Automation with Postman- Leveraging the Postman CLI for automation- Scheduled Runs for regular testing- Integrating Postman into CI/CD pipelines8. Performance Testing- Demonstrating performance testing capabilities (showing the desktop client)- Synchronizing tests with VS Code for streamlined development9. Exploring Advanced Features - Working with Multiple Protocols: GraphQL, gRPC, and more
Join us for this workshop to unlock the full potential of Postman for API testing, streamline your testing processes, and enhance the quality and reliability of your software. Whether you're a beginner or an experienced tester, this workshop will equip you with the skills needed to excel in API testing with Postman.
security testingtesting
TestJS Summit - January, 2021TestJS Summit - January, 2021
173 min
Testing Web Applications Using Cypress
WorkshopFree
This workshop will teach you the basics of writing useful end-to-end tests using Cypress Test Runner.
We will cover writing tests, covering every application feature, structuring tests, intercepting network requests, and setting up the backend data.
Anyone who knows JavaScript programming language and has NPM installed would be able to follow along.
e2e testingjavascriptcypresstesting
TestJS Summit 2023TestJS Summit 2023
148 min
Best Practices for Writing and Debugging Cypress Tests
Workshop
You probably know the story. You’ve created a couple of tests, and since you are using Cypress, you’ve done this pretty quickly. Seems like nothing is stopping you, but then – failed test. It wasn’t the app, wasn’t an error, the test was… flaky? Well yes. Test design is important no matter what tool you will use, Cypress included. The good news is that Cypress has a couple of tools behind its belt that can help you out. Join me on my workshop, where I’ll guide you away from the valley of anti-patterns into the fields of evergreen, stable tests. We’ll talk about common mistakes when writing your test as well as debug and unveil underlying problems. All with the goal of avoiding flakiness, and designing stable test.
cypresstesting