Everyone loves working on a greenfield project. You’re starting fresh and nothing holds you back. Unfortunately, for most testers, this is a rare occurrence. Chances are you will work on legacy applications. Because these often have no automated tests, developers are afraid to make bold changes. More testers than developers can be assigned to these projects. Changing one line of code may require multiple days of manual testing. Eventually work grinds to a halt. Sound familiar? Emanuil Slavov explains how to deal with this sticky situation without losing your mind. Start small and work outside in. Learn how to combine the best practices of automated acceptance tests, unit tests, static code analysis, continuous integration, and architecture for testability. Discover how to make your automated tests more reliable, easy to support, and a breeze to extend. Emanuil’s presentation is inspired by his real-life experience—working on legacy projects for more than five years.
26. Scenario: Client admin should not be able to
view master’s agencies
Given а master user
And master creates agency
And a client admin
When client admin views master's agency
Then client admin should get an error
63. SQL Injection Detection
(PHP and ADOdb)
$dbConn->GetRow(“SELECT * FROM users WHERE id = $user_id”)
$dbConn->GetRow(“SELECT * FROM users WHERE id = ?”, array(‘$user_id’))
64. Those errors can be caught with code
analysis.
No need to run slow whole application
security scan.
76. Аutomatе the most important functionalities
Continuously improve static code quality
Write unit tests for changed/new code
Expand checks on commit
Enable monitoring