Category Archives: CS-443

Test-Driven Development

Test-driven development (TDD) seemed odd to me when I was first introduced to it, much like the majority of others. The idea of writing tests before code felt weird in a way, as you write tests for nothing. However, the more I read about the benefits and how to properly apply TDD, the more obvious it was how useful TTD really is. Jacob Schmitt does a great job explaining TDD along with its benefits and best practices in his blog “Test-driven development (TDD) explained” (https://circleci.com/blog/test-driven-development-tdd/).

What is Test Driven Development?

Test-driven development is a software development approach where tests are written before code. It follows an iterative cycle: write a test, ensure it fails, write code to pass the test, and refactor. This means that a large amount of planning needs to go into the start of a project. Designing tests requires an understanding of what the feature you are adding should accomplish. This includes testing that things should pass when expected and fail when expected.

What Does Writing Tests First Accomplish?

As I mentioned before, it feels counterintuitive to write a test for code that does not exist. That is, until you understand the benefits of having tests. Tests are going to be required for any serious project. Having the tests written first will greatly increase your chances of finding bugs as early as possible. This also ensures that any refactoring does not break any existing functionality. This is great when working with a team, ensuring that everyone is on the same page and that changes made by anyone will be tested. TDD also ensures that all code that is written is tested. This greatly increases the code reliability and ensures functionality aligns with the user expectations.

Benefits of TDD

One of the most impactful benefits of TDD as a developer is the increased confidence that any changes you make in the code will have immediate feedback on if it passed the tests or not. This confidence extends to every developer on the team, as these tests ensure everyone’s code works as intended.

Catching bugs early can save a huge amount of time and money. It makes sense that testing code incrementally as it’s added is better than waiting until it is all developed to test. This also makes sure no code is ever added that isn’t tested. Meaning tests are being rushed near the end of deadlines, and potentially missing some.

From the blog CS@Worcester – CS Learning by kbourassa18 and used with permission of the author. All other rights reserved by the author.

Pytest

As a student of computer science, encountering different tools that streamline coding processes is a cornerstone of my educational journey. One such tool that has caught my attention this semester is pytest, a testing framework for Python that allows for simple unit tests as well as complex functional testing. After a thorough exploration, here’s why I believe every budding software developer should dive into pytest’s documentation.

Why I Chose This Resource

The reason I chose to delve into the pytest documentation is twofold. Firstly, our course has increasingly emphasized the importance of test-driven development (TDD), a method pytest excels at supporting. Secondly, several industry professionals I look up to have recommended pytest for its simplicity and efficacy, making it an essential skill in a developer’s toolkit.

Summary of the Resource

The pytest documentation provides a comprehensive guide to getting started with pytest, from installation to writing your first test. It covers key features like fixtures for a scalable and modular setup, markers for categorizing tests, and plugins to extend pytest’s capabilities. The documentation is well-organized and rich with examples, making it accessible to newcomers and a valuable reference for experienced developers.

Personal Reflection and Application

Reading through the pytest documentation was an enlightening experience. It not only clarified the mechanics of pytest but also underscored the benefits of using such a tool in real-world programming. One of the standout sections was on ‘parametrized testing’, which illustrated how to execute multiple permutations of a test with different input sets, ensuring broader coverage with fewer lines of code.

This resource has profoundly affected my approach to programming. It has instilled a more disciplined mindset towards testing, making me appreciate how early detection of issues can save time and resources in the development cycle. I now plan to integrate pytest into my upcoming projects, confident that it will enhance the quality and reliability of my code.

Future Practice

The knowledge gained from the pytest documentation is something I intend to apply in all my future software development endeavors. I see it as a step towards adopting best practices in testing, which is vital for any aspiring software engineer dedicated to producing robust and fault-tolerant software.

Conclusion

For any student of computer science, understanding the tools at your disposal is as crucial as mastering programming concepts. The pytest documentation is a goldmine of information that promises to elevate your testing skills. I highly recommend it to anyone looking to embrace test-driven development fully.

From the blog CS@Worcester – Abe's Programming Blog by Abraham Passmore and used with permission of the author. All other rights reserved by the author.

How to Become a Game Tester? 

Hello everyone,

Today I want to discuss the field of game testing. First of all, I am a gamer. I spend a lot of time playing video games every week. I am very passionate about video games. Every time I play a game, I often encounter some bugs or very unreasonable things. Therefore, when I took the software testing course, I was very interested in the job of game testing AKA game QA. Below is a Podcast I want to share:

How to Become a Game Tester? [Game QA tester]

link:https://www.youtube.com/watch?v=n81GxMaHHmo&list=PLNvmTlrQ-tBUrtqZ7T29KIS7lu8IPdOOG&index=3

by How Real Life Works

First of all, he emphasized an issue that I had never thought about, that is writing ability. I have considered many of the abilities required to enter this field, such as logic, game ability, and game experience, but I have never thought about the ability to write. But Alex explained very well why writing skills are so important.

First of all, he emphasized an issue that I had never thought about, that is, writing ability. I have considered many of the abilities required to enter this field, such as logic, game ability, and game experience, but I have never thought about the ability to write. But Alex explained very well why writing skills are so important. If you cannot explain these issues clearly, there is a high probability that you will not succeed. Alex also gave an example. For example, if you find a bug, after you write a written document, let someone who has never played the game understand the bug. If he can understand the bug from your written document, What causes it and how to fix it. Then your writing ability is passed.

Next, he talked about whether entering the field of game testing requires a corresponding diploma. His summary is not necessary. Because when you enter this field after completing your studies, the technology has been updated. The best way is to work with someone in this field and learn from his experience. My personal understanding is that it is necessary to learn basics and logic through a degree. This will lay a good foundation for us and make learning very efficient.

However, I think game QA is a very interesting job and the threshold is not very high. Of course, you need to have enough enthusiasm for games and high enough logical sensitivity. I think if I want to find this job, I need to improve my writing skills. I can try to write about the relevant content first to exercise this ability.

From the blog CS@Worcester – Ty-Blog by Tianyuan Wang and used with permission of the author. All other rights reserved by the author.

behavior driven testing and what is cucumber

For our final assignment for the course, we are being tasked to create a sort of activity similar to the activities we have been doing in class this semester for my software testing course. In working on this activity, we chose to write an assignment based on behavior driven development, using the Cucumber tool. As such, before we really get into the weeds of the assignment, I thought it would be a good idea to look into the tool myself and what behavior driven development looks like.

For today’s post, I’m looking at a blog post from Moisés Macero on The Practical Developer blog.

Firstly, behavior driven development is built for fostering communication and discussion around systems and how they should properly be working. Typically, the process is in three stages: discuss, capture, and write tests. We want to talk about what the requirements really should be between the product owner and developers, refine what our requirements and targets should be, then move forward to building the software and testing it.

What Cucumber does for this is introducing syntax, called Gherkin, to enhance the readability of tests even for people who don’t know how to read code. The syntax is styled in a format of ‘given’, ‘when’, ‘then’. You mark these test cases with keywords such as feature, scenario or example to accurately describe what the code should be doing and how it is being tested. One of the examples used in the article is the following:

  Scenario: Users solve challenges, they get feedback and their stats.
    Given a new user John
    When he requests a new challenge
    And he sends the correct challenge solution
    Then his stats include 1 correct attempt

Here, you can see that the syntax is (probably) easily readable and understandable even if you don’t have any software development experience. These statements are stored in .feature files, and act as sorts of definitions for tests.

For the actual testing, you apply these definitions by writing Cucumber expressions in a step definitions file. These are essentially files that not only test the code in a step-by-step approach, but also features readable headers for each function. Here’s an example of a couple of functions using Cucumber expressions (taken from this post in the same series):

    @Given("a new user {word} is created")
    public void aNewUser(String user) {
        this.challengeActor = new Challenge(user);
    }

    @When("they request a new challenge")
    public void userRequestsANewChallenge() throws Exception {
        this.challengeActor.askForChallenge();
    }

    @Then("they gets a mid-complexity multiplication to solve")
    public void getsAMidComplexityMultiplicationToSolve() {
        assertThat(this.challengeActor.getCurrentChallenge().getFactorA())
                .isBetween(9, 100);
        assertThat(this.challengeActor.getCurrentChallenge().getFactorB())
                .isBetween(9, 100);
    }

Cucumber supports a variety of different languages, and also supports testing frameworks such as JUnit, which means it is also very versatile and can be used alongside a testing driven development environment as well.

From the blog CS@Worcester – V's CompSCi Blog by V and used with permission of the author. All other rights reserved by the author.

Stochastic and Property Based Testing

During this semester we have learned about many different testing techniques, some being a lot easier than others. One of the testing techniques that we have learned is called Stochastic Testing. Stochastic testing is a type of black box testing method in which random tests are conducted over time. These tests are performed by automated testing tools in order to see if the software can pass a large number of individual tests.

Another type of testing technique that we have talked about is Property-based Testing. Property-based Testing is very similar to Stochastic testing. In this testing technique, the testing is also automated. However, it isn’t just executing the tests that is automated, it is also generating the tests. While researching the topic, I came across an article called “What is Property-based Testing?” by Alex Robert. In this article, Robert states “Property-based testing automates that work for us. Test automation allows us to generate better tests with less work and less code, so that we can focus our effort on the less mechanical work developers excel at. Instead of writing tests with manually created examples, a property-based test defines the types of inputs it needs. In the example above with CommonPrefix, the input would be two strings. The property-based test framework will generate hundreds if not thousands of examples and feed them to your test function.” He talks about how property-based testing can create a ton of different examples for your test function in order to help you test your program.

In this article, Robert also talks about input generators and what they do. A generator is a function that returns an instance of a given type from a source of randomness. These generators are great for randomly creating new inputs for the test function. However, they are only efficient if the generators have a good framework in order to help uncover more issues with the code. Robert gives a list of qualities that he thinks would make a good generator. His qualities include: a generator should be fast, a generator should be deterministic, a generator should not waste randomness, and a generator should cover the code under test. Most of these property-based testing frameworks come with a built-in generator which can be extremely helpful for testers, depending on the type input parameter. I really enjoyed reading this article as looking at all of the examples given by Robert helped my understanding of the topic. I know that if I ever need to use this type of testing technique, I will definitely use this article as a reference.

Link: https://www.mayhem.security/blog/what-is-property-based-testing

From the blog CS@Worcester – One pixel at a time by gizmo10203 and used with permission of the author. All other rights reserved by the author.

Chapter 5 of “Apprenticeship Patterns,” the focus shifts to the idea of “Craft over Art

In Chapter 5 of “Apprenticeship Patterns,” the focus shifts to the idea of “Craft over Art,” stressing the significance of valuing craftsmanship and tangible abilities above the quest for flawlessness or artistic flair in the realm of software development.

The chapter commences by drawing a line between craft and art within software development. While art centers on expression and imaginative flair, craft underscores proficiency, accuracy, and excellence. The authors contend that although artistic elements hold merit, software development predominantly hinges on craftsmanship to produce dependable, sustainable, and efficient solutions.

The pattern advises apprentices to embrace a mentality of continual enhancement and expertise in their field. It underscores the importance of deriving lessons from errors, soliciting input, and refining technical abilities through purposeful rehearsal. Instead of chasing after flawlessness or extravagant solutions, apprentices ought to focus on delivering streamlined, easily maintainable code that fulfills its intended function proficiently.

The pattern underscores the significance of humility as a crucial element. It urges apprentices to acknowledge their boundaries and reach out to seasoned professionals for guidance. Through embracing the ethos of craftsmanship, apprentices can foster a mentality of perpetual learning and advancement, consistently aiming to enhance their abilities and contribute more effectively to their teams and endeavors.

This pattern is intriguing or interesting because it directs attention towards the pragmatic and efficient aspects of software development. It confronts the idealized view of coding as a form of art and instead highlights the significance of practical, outcome-driven methodologies. By favoring craftsmanship over artistic expression, apprentices can establish a robust base of technical competencies and behaviors that will prove beneficial over the course of their professional journeys.

This pattern proves beneficial as it offers apprentices a structured and pragmatic approach to their learning and career progression. By stressing the significance of craftsmanship and tangible skills, it assists apprentices in directing their energies towards the core elements of software development: providing dependable, sustainable solutions that cater to user and stakeholder requirements. Furthermore, by embracing humility and seeking advice from seasoned professionals, apprentices can expedite their learning and advancement, ultimately becoming more proficient and accomplished software developers.

Overall, this pattern encourages a mindset that values craftsmanship, technical excellence, and a commitment to delivering tangible results. It can inspire me to approach my intended profession with a greater sense of purpose, discipline, and dedication to continuous improvement.

From the blog CS@Worcester – THE SOLID by isaacstephencs and used with permission of the author. All other rights reserved by the author.

Good Software Testing Practices

The blog post, “Unit Testing Best Practices: 9 to Ensure You Do It Right” focused on highlighting important habits and practices that testers must utilize to increase efficiency and effectiveness. I chose this blog post because as we continue to learn different software testing strategies in class I think it was important to highlight some important aspects that could be utilized as a tester so we can make sure we incorporate these in the future. I thought that this blog highlighted good practices that were covered in class and even added some more.

The blog presented recommendations and strategies for effective unit testing, catering to developers aiming to streamline their testing workflows.The blog begins by explaining the significance of unit testing in software development, highlighting its role in detecting bugs early, ensuring code reliability, and facilitating code maintainability. It emphasizes the importance of adopting a systematic approach to unit testing to maximize its benefits. The blog advocated for writing clear, concise, and focused tests that target specific functionalities or units of code. Emphasizing readability and maintainability, the blog suggests using descriptive test names and organizing tests into logical groups. The blog also addresses the importance of test automation in modern software development. It advocates for automating unit tests to expedite the testing process and ensure consistent test coverage across code bases. By integrating automated tests into continuous integration pipelines, developers can detect regressions early and maintain code quality throughout the development lifecycle.In addition to automation, the blog stresses the significance of test isolation and dependency management in unit testing. Techniques such as, mocking and dependency injection are recommended to isolate units under test from external dependencies. The blog also touches upon strategies for handling test data effectively, including techniques like parameterized tests and test data factories. By managing test data efficiently, developers can enhance test coverage and minimize test redundancy.

After reading this blog post, I believe that I am now more confident and informed about how a software tester should go about testing strategies. Being able to know good testing practices will be beneficial so I can focus on utilizing the skills within my own work. I found it interesting how most of the practices that were being mentioned in the blog were very simple. This makes it even easier to understand and incorporate these rules as they will be easy to remember and become a standard foundation whenever I have to think about writing tests for a project. 

https://www.testim.io/blog/unit-testing-best-practices

From the blog CS@Worcester – Giovanni Casiano – Software Development by Giovanni Casiano and used with permission of the author. All other rights reserved by the author.

Mastering Automates Testing with Selenium and Java

In the ever evolving world of software development, automated testing has become indispensable. Using tools like Selenium combined with Java, developers can automate their web application testing, improving efficiency and accuracy. This blog post delves into the key takeaways from a helpful Sauce Labs article (https://saucelabs.com/resources/blog/writing-tests-using-selenium-and-java) that outlines how to write testes using Selenium and Java, exploring its relevance to our coursework on software testing methodologies

Summary of the Resource:

The Sauce labs article provides a comprehensive guide on writing automates tests using Selenium, a popular tool for web application testing, and Java, one of the most used programming languages. It covers the basics of setting up Selenium with Java, crafting test scripts, running tests, and interpreting the results. The article emphasizes the importance of Selenium for its ability to simulate user interactions with web elements, which is crucial for verifying the functional integrity and performance of web applications. It also touches on integrating these tests into a CI/CD pipeline, demonstrating how automated testing fits into broader software development practices.

Reason for selection:

I selected this article because it offered a practical introduction to an essential skill in software development. As our course covers various testing frameworks and tools, understanding how to implement and utilize these tools in real-world scenarios is crucial. The articles focus on Selenium with Java is particularly relevant, as many of us are familiar with Java and may soon need to apply these skills in internships or jobs.

Personal Reflection.

The article made me appreciate the power and necessity of automates testing in modern web development. It was enlightening to see how Selenium scripts could mimic actual behavior, such as clicking buttons or entering data, which is critical for testing user interfaces. Reflecting on this, I see the immense value in learning automates testing not only to boost my future job prospects but also to ensure that I can contribute to creating robust, user-friendly software.

Application in future practice:

Armed with the knowledge from this article, I am eager to apply these testing techniques in my upcoming projects. Whether it’s for class assignments or eventually in a professional setting, understanding how to set up, write, and deploy automates tests using Selenium and java will significantly enhance the quality of the software I develop and maintain.

Conclusion:

Automated testing is a key component of software quality assurance. The insights provided by the Sauce Labs article on using Selenium and Java for testing offer both foundational knowledge and practical steps for anyone looking to enhance their testing skills. As software becomes increasingly more complex, the ability to efficiently test and validate software functionality becomes even more critical, making these skills invaluable for any aspiring software developer.

From the blog CS@Worcester – Josies Notes by josielrivas and used with permission of the author. All other rights reserved by the author.

CS@Worcester – Kadriu's Blog 2024-04-29 10:30:03

Effective Security Testing for Java Applications(Week-16)

In an era where cyber threats are increasingly sophisticated, the security of Java applications is more critical than ever. Java’s widespread adoption in various industries makes it a frequent target for attacks, underscoring the need for rigorous security testing. This blog post explores key strategies and best practices for security testing in Java applications, ensuring they remain secure against evolving threats.

Why Security Testing Matters

Security testing is crucial in identifying vulnerabilities that could be exploited by attackers. It allows developers to address these issues before they lead to data breaches or other security incidents. For Java applications, which are integral to many business operations, security testing verifies that protective measures are effective and that the application behaves as expected under attack conditions.

Comprehensive Approaches to Security Testing in Java

1. Static Application Security Testing (SAST): SAST tools examine Java code without executing it, identifying potential security weaknesses early in the development cycle. Tools like SonarQube and Fortify scan code bases for patterns that indicate security risks, allowing developers to rectify issues before deployment.

2. Dynamic Application Security Testing (DAST): DAST tools assess the application in its running state, simulating attacks to identify vulnerabilities that only appear during execution. OWASP ZAP and Burp Suite are popular choices for conducting these real-time analyses on Java web applications.

3. Penetration Testing: This method involves simulating real-world attacks to see how the application responds under hostile conditions. Penetration testing provides a deep dive into potential security flaws, combining automated tools with manual testing to uncover vulnerabilities that automated scans might miss.

4. Dependency Checks: Many Java applications rely on external libraries that can introduce vulnerabilities. Regularly auditing these dependencies for known security issues is crucial. Tools like OWASP Dependency-Check analyze libraries to detect vulnerabilities, helping developers update or replace risky components.

Best Practices in Security Testing

  • Integrate Security Early: Incorporate security testing early in the software development lifecycle to identify and mitigate risks before they escalate. Integrating tools into CI/CD pipelines ensures continuous security assessment.
  • Educate Developers: Regular training on the latest security threats and best practices helps developers write safer code. Understanding common vulnerabilities in Java applications empowers developers to avoid these pitfalls in their coding.
  • Keep Software Updated: Regular updates and patch management are essential for closing security gaps. Ensuring all parts of the Java application, including third-party libraries, are up-to-date mitigates the risk of exploiting known vulnerabilities.

Conclusion

Security testing is essential for maintaining the integrity and security of Java applications. By implementing strategies such as SAST, DAST, penetration testing, and dependency checks, developers can significantly enhance their application’s security posture. Coupled with best practices like early integration, ongoing education, and proactive updates, these measures create a robust defense against the cyber threats facing Java applications today. This proactive approach ensures that Java applications are not only functional but also secure, protecting both data and end-users.

From the blog CS@Worcester – Kadriu's Blog by Arber Kadriu and used with permission of the author. All other rights reserved by the author.

Stakeholders

With software development, working in teams is typically normal. Being able to work in a team is important. But what is also equally important is interacting with stakeholders. A team does not make a project just because, typically someone comes up to the team and gives an idea and the team gets to work. That is an extremely watered down version of how it happens, but that is how it works. This can be somewhat confusing so let’s break it down. 

In this blog post, they talk about what a stakeholder is, why they are important and then some examples of a stakeholder. The post defines a stakeholder as a group of people or groups affected by a software development project. They are in the best position to offer specific input on needs at their level. Essentially, they are people who know what they want for this project and those whose interests are important for the project. It is important to get their input on the project because they guide the project in a way. They are able to create a list of things that are needed for the project and a way for the developers to figure out what they are working on exactly. You do not want to ignore the advice of stakeholders and neglect them, as that means the developers are just making the wrong thing. But who is considered a stakeholder? End-users are good to consider, as they are the ones to be using it once it is complete. Knowing their input and how it affects them is important. People like managers, project managers, developers, and partners are all important, as they ensure that certain aspects of the project are doable. Certain authorities are also important to consider, such as shareholders or company owners. It is hard to get everyone in for a meeting on the project all at once, so getting representatives is a better alternative. Determining whether or not their input is needed is also important, as to not waste someone’s time. But again, how do you determine that? There are some questions you can ask, such as “who will be affected by this product,” “how will workflows change,” and “are there any people whose support is vital to the project.” 

Understanding who has valuable input and is able to shape the project will be key to you as a developer, as it lays the foundation and blueprint for what you and your team will be doing. It may be difficult to get everything everyone wants, and you may have to cut some things. But knowing when to do so is up to you and the team.

From the blog CS@Worcester – Cao's Thoughts by antcao and used with permission of the author. All other rights reserved by the author.