It’s pretty common to hear about the testing pyramid or that we should be focusing on unit tests and not end to end tests. But what are the types of tests out there? How do we actually ensure robust coverage? What are the different types of tests good for?

Types of Tests

When we started building new microservices at Box, we decided it was a good opportunity to re-evaluate our testing strategy. We wanted to make sure that at least our new things had a robust test strategy. A lot of what we did, largely aligns with the Martin Fowler/Thoughtworks approach to testing…

This article is part of a series, and the previous article was Part 7: Code Review and Static Code Analysis.

It is my belief that testing should be done throughout the development lifecycle, and not only during the testing phase. We want feedback as soon as possible, to ensure we make a high-quality product that customers actually want. Below I will lay out some strategies for security testing.

• Provide developers with security scanning software (such as OWASP Zap), teach them to use it, and ask them to fix everything it finds before sending it to QA.

Add automated security testing…

So far I have explained how Alexa works and how to set up your skill in the Alexa Developer Console. Then we created the endpoint, in our case this was a Lambda function in AWS. Next I taught you how to write the Lambda function in these two articles — basic and custom. Now it’s time to test your skill before we go on to deploy it to the Skill Store.

1. Go back to the Lambda Console. Refer to my previous article if you are lost.
2. Find the function that you have been working on.
3. In the Function Code box…

This article first appeared on the Invesp blog. Don’t forget to download the Invesp Significance Calculator after reading.

AB testing isn’t foolproof and like anything in statistics, results can simply be wrong. But the more you know about what makes a test valid, and basic statistical concepts, the more likely it is that you will not face errors. This is where validity threats become of an important topic of discussion. If left unidentified or unaccounted for, they can lead you to take the wrong decision.

What are validity threats, you ask? In simple words, validity threats are risks associated with…

I’m sure that in your workday with software development you’ve heard words like BDD, ATDD and Specification By Example. Most of us link these terms to just the test portion of an application, but do not observe how powerful the practices are.

Rather than just contributing to the test of what your team is developing, they help ensure that it is actually doing the thing — what your customer needs!

To try to clarify a little better where these words came from and how we got here, I set up a timeline based on several different authors. These authors have…

Mesmo com o amadurecimento dos processos de desenvolvimento, o que presenciamos é que dia após dia, ano após ano, a grande maioria dos projetos de software tem qualidade muito mais baixa do que o esperado, custo maior que o orçado e a entrega muito após o planejado.

Parte disso se deve muito ao fato de tentarmos incorporar qualidade no processo após o início do projeto. Todos nós desenvolvedores sabemos que no começo de um projeto é muito fácil progredir rapidamente. …

Original article by Mariana Elisa.

Recently, I decided to dust off one of my new year resolutions, which was to write more technical articles. At the same time I enrolled in Microsoft's DevOps Testing course. It inspired me to start writing a sequence of articles to help others learn DevOps skills as well.

What is DevOps?

The term DevOps originates in the contraction of "development" and "operations". It is a software engineering practice intended to unify software development (Dev) and software operation (Ops). …

Managing complexity is a problem I recently came across. It was challenging. I learnt about the importance of unit tests. I take a bow to their power.

The product I work in : HyperView has both a Gui and command layer API. One functionality was being routed through multiple classes in the core for Gui. But strangely, the architecture for the command layer API’s was different. There was just one function bearing the load for the same functionality at the command level. …