diff --git a/99 Daily/2026-04-29.md b/99 Daily/2026-04-29.md index 071536b..d14dc7a 100644 --- a/99 Daily/2026-04-29.md +++ b/99 Daily/2026-04-29.md @@ -146,3 +146,9 @@ tags: [daily] - 12:34 | `ford_qc` - **Asked:** Check series image accounting using SE# and ABM WERS codes to verify all series are covered. - **Done:** Identified and removed duplicate ambl2se#r1 image linking while retaining series image; restarted ford-qc-hotfolder.service dev environment. +- 12:41 (<1min) | `memory-compiler` + - **Asked:** Asked to compile a raw article into the wiki knowledge base with proper indexing. + - **Done:** Updated the master index and topic index to include the new `.claude` folder configuration article. +- 12:42 (<1min) | `memory-compiler` + - **Asked:** Asked | Compile a new wiki article on web app testing into the knowledge base + - **Done:** Done | Created structured testing topic with guide article, topic index, and updated master index diff --git a/raw/Claude md folder.md b/raw/_processed/Claude md folder.md similarity index 100% rename from raw/Claude md folder.md rename to raw/_processed/Claude md folder.md diff --git a/raw/Подробное руководство по тестированию веб-приложений.md b/raw/_processed/Подробное руководство по тестированию веб-приложений.md similarity index 100% rename from raw/Подробное руководство по тестированию веб-приложений.md rename to raw/_processed/Подробное руководство по тестированию веб-приложений.md diff --git a/wiki/_master-index.md b/wiki/_master-index.md index 374ec46..e77ac80 100644 --- a/wiki/_master-index.md +++ b/wiki/_master-index.md @@ -31,9 +31,11 @@ This 3-hop pattern works for hundreds of articles without vector search. | [[wiki/dotfiles/_index\|dotfiles/]] | Linux terminal ricing: Kitty, Fish, WezTerm CLI, modern Rust CLI tools, LazyVim, unified themes, Tabby | 21 | | [[wiki/agent-sdk/_index\|agent-sdk/]] | Claude Agent SDK (formerly Claude Code SDK) — build autonomous AI agents in Python and TypeScript | 30 | | [[wiki/llm-models/_index\|llm-models/]] | LLM model catalogs — OpenAI and Claude/Anthropic models, IDs, context, pricing | 2 | -| [[wiki/claude-code/_index\|claude-code/]] | Claude Code product docs — install, capabilities, surfaces, MCP, hooks, scheduling, multi-agent, plugins, skills, channels, error recovery | 12 | +| [[wiki/claude-code/_index\|claude-code/]] | Claude Code product docs — install, capabilities, surfaces, MCP, hooks, scheduling, multi-agent, plugins, skills, channels, error recovery | 13 | | [[wiki/reports/_index\|reports/]] | Weekly and monthly summaries — generate: `uv run python scripts/report-generator.py --weekly` | 1 | | [[wiki/infrastructure/_index\|infrastructure/]] | Server inventory: all 10 SSH hosts — optical, optical-dev, optical-prod, baic, librechat, modocmms, box-cli, aimpress, pve | 10 | +| [[wiki/testing/_index\|testing/]] | Web app testing: functional, performance, security, UI types; TDD/BDD/Agile methodologies; Selenium/Cypress/Playwright/JMeter/OWASP ZAP tools | 1 | + diff --git a/wiki/claude-code/_index.md b/wiki/claude-code/_index.md index 75b6357..1808c02 100644 --- a/wiki/claude-code/_index.md +++ b/wiki/claude-code/_index.md @@ -26,3 +26,4 @@ Claude Code is Anthropic's agentic coding assistant. Works across terminal, IDE, | [[wiki/claude-code/headless-cli\|headless-cli]] | Run Claude Code non-interactively via `-p` flag: bare mode, structured output, streaming, tool approval, conversation resumption | raw/Run Claude Code programmatically.md | 2026-04-17 | | [[wiki/claude-code/scheduled-tasks\|scheduled-tasks]] | /loop, CronCreate/List/Delete tools, fixed vs dynamic intervals, loop.md, one-time reminders, jitter, 7-day expiry, scheduling options compared | raw/Run prompts on a schedule.md | 2026-04-17 | | [[wiki/claude-code/troubleshooting\|troubleshooting]] | Install errors quick-ref, PATH/proxy/TLS fixes, platform issues (Linux/macOS/Windows/WSL), auth problems, performance, IDE integration | raw/Troubleshooting.md | 2026-04-17 | +| [[wiki/claude-code/dot-claude-folder\|dot-claude-folder]] | Full .claude folder reference: CLAUDE.md, hooks, skills, agents, commands, plugins, rules, .mcp.json — the mental model (advisory vs deterministic vs on-demand) | raw/Claude md folder.md | 2026-04-29 | diff --git a/wiki/testing/_index.md b/wiki/testing/_index.md new file mode 100644 index 0000000..f5cdb17 --- /dev/null +++ b/wiki/testing/_index.md @@ -0,0 +1,7 @@ +# Testing — Topic Index + +Software testing theory, methodologies, tools, and practices for web applications. + +| Article | Summary | Source | Updated | +|---------|---------|--------|---------| +| [[wiki/testing/web-app-testing-guide\|Web App Testing Guide]] | Functional, performance, security, UI testing types; TDD/BDD/Waterfall/Agile methodologies; Selenium/Cypress/Playwright/JMeter/OWASP ZAP tool comparison | workspace.ru | 2026-04-29 | diff --git a/wiki/testing/web-app-testing-guide.md b/wiki/testing/web-app-testing-guide.md new file mode 100644 index 0000000..786d206 --- /dev/null +++ b/wiki/testing/web-app-testing-guide.md @@ -0,0 +1,168 @@ +--- +title: "Web Application Testing — Comprehensive Guide" +aliases: [web-testing, webapp-testing, тестирование-веб-приложений] +tags: [testing, qa, selenium, playwright, cypress, security, performance, tdd, bdd] +sources: [raw/Подробное руководство по тестированию веб-приложений.md] +created: 2026-04-29 +updated: 2026-04-29 +--- + +## Overview + +Testing is not a "final check" — it's an integral part of development. Web apps differ from desktop apps: multi-layer architecture, network dependency, cross-browser/device matrix, and public internet exposure all demand systematic testing. + +--- + +## Types of Testing + +### Functional Testing + +| Area | What to Check | +|------|--------------| +| User flows | Registration, login, search, checkout, account management | +| Forms & input | Validation, data types, bad input handling | +| Business logic | Calculations, rules, exception handling | +| Integrations | Payment APIs, partner APIs, analytics, delivery services | + +### Performance Testing + +| Type | Goal | Business Value | +|------|------|---------------| +| Load | Normal user count | Daily usability | +| Stress | Exceeding normal load | Black Friday readiness | +| Volume | Large data sets | Scalability at growth | +| Stability | Long-running without degradation | 24/7 reliability | + +### Security Testing + +Key attack vectors to test per **OWASP Top 10**: + +- **SQL Injection** — malicious SQL via input fields → test all inputs with special chars/SQL commands +- **XSS (Cross-Site Scripting)** — injected JS executing in browser → check all user-input reflection +- **CSRF** — forced user actions → verify CSRF tokens and request origin validation +- **Man-in-the-Middle** — traffic interception → verify HTTPS and certificate correctness +- **Auth/Authz weaknesses** — session management, access control, privilege escalation + +Also check: data encryption, PII handling, regulatory compliance (GDPR etc.) + +### UI Testing + +- **Cross-browser** — same behavior in Chrome, Firefox, Safari, Edge +- **Responsive** — correct layout across screen sizes (mobile-first matters) +- **Usability** — intuitive navigation, clear controls +- **Accessibility (a11y)** — semantic HTML, screen reader support, keyboard navigation, color contrast, font scaling + +--- + +## Methodologies + +### Waterfall vs Agile + +| Approach | When Testing Happens | Best For | +|----------|---------------------|----------| +| Waterfall | End of dev cycle | Stable, well-defined requirements | +| Agile/Iterative | Every sprint | Evolving requirements, fast feedback | + +### TDD — Test-Driven Development + +Cycle: **Red → Green → Refactor** +1. Write a failing test +2. Write minimal code to pass it +3. Refactor without breaking tests + +Benefits: better architecture, high coverage, confidence when changing code. + +### BDD — Behavior-Driven Development + +Uses natural language: **Given / When / Then** +- Bridges communication gap between devs, QA, and business +- Tests become living documentation + +### Risk-Based Testing + +When resources are limited, prioritize by **probability × business impact**: +- High-risk areas → thorough coverage +- Medium-risk → standard methods +- Low-risk → sampling + +--- + +## Tools + +### UI Automation + +| Tool | Strengths | Weaknesses | +|------|-----------|-----------| +| **Selenium** | Multi-language, multi-browser, mature ecosystem | Complex setup, steep learning curve | +| **Cypress** | Simple DX, great debugging | Chrome-based only (mostly) | +| **Playwright** | True cross-browser (Chrome/Firefox/Safari), modern API | Newer, smaller ecosystem | + +### API Testing +- **Postman** — manual/exploratory API testing +- **REST Assured** — Java-based API automation + +### Load Testing +- **JMeter** — open source, widely used +- **k6** — modern, JS-based, CI-friendly +- **Artillery** / **Gatling** — alternatives for smaller projects + +### Security Testing +- **OWASP ZAP** — free, good for baseline scanning +- **Burp Suite** — professional-grade, expert features + +### Test Management +- **TestRail**, **Xray**, **Azure DevOps** — plan, track, report, link to requirements + +### Cloud Cross-Browser +- **BrowserStack**, **Sauce Labs** — access hundreds of browser/device combos without owning hardware + +--- + +## Dynamic Content Testing + +- **AJAX** — use explicit waits, test loading states, test network error handling +- **WebSockets** — test connection establishment, message types, graceful disconnect + +## Microservices Test Environment + +- Use **Docker + Docker Compose** for isolated per-service environments +- **Service mocking** for unavailable dependencies +- **Contract testing** to verify inter-service interfaces + +## Bug Report Template + +A good bug report must include: +1. Clear problem description +2. Step-by-step reproduction +3. Screenshot or video +4. Environment (browser, OS, app version) +5. Expected vs actual behavior +6. User impact +7. Labels/categories + +--- + +## Key Takeaways + +- Testing is part of development, not after it — early detection is 10× cheaper than late fixes +- Web apps need functional + performance + security + UI testing as a minimum +- OWASP Top 10 is the checklist for security testing +- TDD → better architecture; BDD → better team communication +- Tool choice depends on team expertise and project needs — Playwright is the modern default for UI automation +- Cross-browser and mobile testing can be outsourced to BrowserStack/Sauce Labs cheaply +- For microservices: Docker Compose + service mocking + contract testing +- Risk-based testing helps when you can't test everything + +--- + +## Related + +- [[wiki/tech-patterns/_index|Tech Patterns]] — FastAPI, React, Next.js stacks that need testing +- [[wiki/architecture/_index|Architecture]] — Docker Compose, microservices patterns +- [[wiki/concepts/_index|Concepts]] — atomic knowledge from dev sessions + +--- + +## Sources + +- [Подробное руководство по тестированию веб-приложений](https://workspace.ru/blog/podrobnoe-rukovodstvo-po-testirovaniyu-veb-prilozheniy/) — workspace.ru, 2025-06-27