Log in
JavaScript Conferences
TestJS Summit 2021TestJS Summit 2021
EN

Who Guards the Guards? – Finding Bugs in Your Tests

Tibor Blenessy
Tibor Blenessy
SonarSource
Rate this content
Bookmark

Nowadays, testing has become the norm. There are many tools available to write different kinds of tests. While tests keep the guard on the main code of the application, how can you be sure that you don’t have bugs hiding in your test code? Should you write tests for the tests?

In this lighting talk I will show you a different approach on how you can eliminate certain types of issues from your tests using static code analysis tools like SonarLint or SonarQube. We will focus on common issues found in tests using frameworks such as Mocha and Chai.

This talk has been presented at TestJS Summit 2021, check out the latest edition of this JavaScript Conference.

FAQ

A common pitfall in JavaScript unit testing is writing a test where the expectation does not include an assertion. This results in a test that never fails regardless of the input, which means it does not effectively test the code.

The order of values in test assertions is crucial because it affects the clarity of error messages. You should provide the actual test result first and the expected value second to ensure that the error messages are clear and helpful for debugging.

If there is no assertion in a unit test, the test will always pass (be green) regardless of the actual code functionality. This means it does not verify any conditions and is not useful in checking the correctness of the code.

Missing assertions in unit tests can be identified and corrected by using tools like SonarLint, SonarCloud, or SonarQube. These tools integrate static analysis to detect such issues and can guide developers in adding necessary assertions to make the tests effective.

SonarLint is an extension for code editors like Visual Studio Code that helps developers by providing real-time feedback on code quality, including issues in unit tests. It specifically helps in identifying and correcting common testing pitfalls such as missing assertions or incorrect order of assertion arguments.

Yes, SonarLint can be used locally in an IDE for immediate feedback, while SonarQube and SonarCloud are more suited for continuous integration pipelines, providing a comprehensive analysis of code quality including unit tests across the whole project.

Incorrect argument order in assertion messages can lead to confusion when interpreting test results. It is essential to maintain the correct order where the actual result of the computation is provided first followed by the expected value, ensuring clear and accurate failure messages.

testing
Tibor Blenessy
Tibor Blenessy
8 min
18 Nov, 2021

Comments

Sign in or register to post your comment.
Video Summary and Transcription
The Talk discusses common pitfalls of JavaScript unit testing, including issues with expectations, assertions, and missing assertions. It also highlights the importance of handling exceptions properly and introduces SonarLint as a tool for code analysis and issue fixing. Additionally, it mentions SonarCube and SonarCloud as options for integrating static analysis testing in a continuous integration pipeline.
Available in Español: ¿Quién guarda a los guardianes? - Encontrando errores en tus pruebas

1. Common Pitfalls of JavaScript Unit Testing

Short description:

Hello everyone, my name is Tibor Blanesy and I work on static analysis as a sonar source. Welcome to this talk which is called Who Guards the Guards? And I would like to show you three common pitfalls of JavaScript unit testing. The first issue I would like to show you is the following one. So imagine you have the following test and you write your expectations there. Do you see the issue? Whatever you do inside the expectation, this test actually never fails. The next issue I would like to show you might be a bit cosmetic. However it often helps to have the clear test to better understand the real issue. So in the following test, when you write your assertion, you always need to provide the actual value which is the result of the test and your expectation. And the order in which these values are provided matters. The third issue I would like to show you in this lightning talk is the following one. Imagine you have a test and this test is going to be always green. Why? Because there is actually no assertion in it. So you are not testing anything.

Hello everyone, my name is Tibor Blanesy and I work on static analysis as a sonar source. Welcome to this talk which is called Who Guards the Guards? And I would like to show you three common pitfalls of JavaScript unit testing.

So the first issue I would like to show you is the following one. So imagine you have the following test and you write your expectations there. Do you see the issue? Whatever you do inside the expectation, this test actually never fails. Because what is missing is the assertion after the expect. So to have any meaningful testing, it has to look like this. You might be surprised how common this issue is. I will just show you two examples. So the first one is in Kibana project and the second one is in Angular.

The next issue I would like to show you might be a bit cosmetic. However it often helps to have the clear test to better understand the real issue. So in the following test, when you write your assertion, you always need to provide the actual value which is the result of the test and your expectation. And the order in which these values are provided matters. So to the expect you should provide the result of the computation and when you invoke some assertion like equal in this case, it should be the expected value. If you swap it around, you will receive such a message as here where expected is two and it's supposed to equal to three which is wrong and it might be confusing. Correctly it should look like this. You should have the addition in the expect call and it should equal to what your expectation is, in this case two, which gives better message where three is expected to equal the two. So the result is what we computed is three and our expectation was two. And here is the actual correct test where you need to correct your computation to have the test to be green. So this is cosmetic but when you are debugging a more complex issue it might be really helpful to have a good error message. So here is the real life project having this problem. You see that in the expectation the test and data is swapped.

The third issue I would like to show you in this lightning talk is the following one. Imagine you have a test and this test is going to be always green. Why? Because there is actually no assertion in it. So you are not testing anything. So to fix this test you should actually assert something. So for example, you want to assert if this string has the value of string. And here is the real life example from ESLink project where you might have this problem.

2. Handling Exceptions and Using SonarLint

Short description:

This often happens when dealing with exceptions. The better way to handle it is to wrap the call in the expectation and assert that either the exception is thrown or no exception is thrown. SonarLint can help you avoid such issues in your code. It's an extension that can be installed in Visual Studio Code. By using SonarLint, you can quickly fix issues in your IDE and your editor will notify you when you have a problem. For integrating static analysis testing in your continuous integration pipeline, you can use SonarCube for on-premise installation or SonarCloud for a cloud solution.

This often happens when you are dealing with exceptions. So the following test will fail if the exception is thrown as the comment suggests, however the message is not going to be very nice. Better way to do it is to wrap your call in the expectation and assert that either the exception is thrown or in this case it would be to assert that no exception is thrown. So this is the documentation from CHI assertion framework on how to do that.

So you might wonder how you can avoid having such issues in your code and I will show you a small demo how you can do that with SonarLint or SonarCloud or SonarQube. So first I will start with SonarLint. SonarLint is an extension which you can install in Visual Studio Code. So here is the extension, it's already installed and here I have the three examples I was showing you. So the first one here is the incomplete assertion where the expectation contains the comparison between some function and the result value and actually to have this test to make it more meaningful what you should do is to remove the expectation for here and add the assertion like this. And the issues here disappears. The second problem I was showing where you can hover here to over the squiggly line to see the description. So it says that the two arguments in the assertion should be swap and the correct order is the actual value first and then your expectation. So when I exchange the arguments the issue disappears. And the last problem I was throwing was the problem with the missing assertion. So you see here when I hover over the squiggly line I see that at least one assertion should be in this test. So let's add an assertion here. So let's say we expect the string to be empty like this and the issue disappears. So this is how you can quickly fix it in your IDE and your editor will notify you when you have this problem. And also if you want to integrate this sort of static analysis testing for your unit test in your continuous integration pipeline, you can use sonar cube which you install on-premise or if you prefer the cloud solution, there is sonar cloud. So they will both look the same. Here I have the sonar cube and here is the the same file which was analyzed in the continuous integration pipeline. So here you see again the squiggly line where the issues are located.

This is my lightning talk.

Available in other languages:

Check out more articles and videos

We constantly think of articles and videos that might spark Git people interest / skill us up or help building a stellar career

Network Requests with Cypress
TestJS Summit 2021TestJS Summit 2021
33 min
Network Requests with Cypress
Top Content
Cecelia Martinez
Cecelia Martinez
Ionic
Cecilia Martinez, a technical account manager at Cypress, discusses network requests in Cypress and demonstrates commands like cydot request and SCI.INTERCEPT. She also explains dynamic matching and aliasing, network stubbing, and the pros and cons of using real server responses versus stubbing. The talk covers logging request responses, testing front-end and backend API, handling list length and DOM traversal, lazy loading, and provides resources for beginners to learn Cypress.
testingcypress
Testing Pyramid Makes Little Sense, What We Can Use Instead
TestJS Summit 2021TestJS Summit 2021
38 min
Testing Pyramid Makes Little Sense, What We Can Use Instead
Top Content
Featured Video
Gleb Bahmutov
Roman Sandler
2 authors
The testing pyramid - the canonical shape of tests that defined what types of tests we need to write to make sure the app works - is ... obsolete. In this presentation, Roman Sandler and Gleb Bahmutov argue what the testing shape works better for today's web applications.
testing
Full-Circle Testing With Cypress
TestJS Summit 2022TestJS Summit 2022
27 min
Full-Circle Testing With Cypress
Top Content
Filip Hric
Filip Hric
Replay.io
Cypress is a powerful tool for end-to-end testing and API testing. It provides instant feedback on test errors and allows tests to be run inside the browser. Cypress enables testing at both the application and network layers, making it easier to reach different edge cases. With features like AppActions and component testing, Cypress allows for comprehensive testing of individual components and the entire application. Join the workshops to learn more about full circle testing with Cypress.
testingcypresse2e testing
Test Effective Development
TestJS Summit 2021TestJS Summit 2021
31 min
Test Effective Development
Top Content
Shai Reznik
Shai Reznik
HiRez.io
This Talk introduces Test Effective Development, a new approach to testing that aims to make companies more cost-effective. The speaker shares their personal journey of improving code quality and reducing bugs through smarter testing strategies. They discuss the importance of finding a balance between testing confidence and efficiency and introduce the concepts of isolated and integrated testing. The speaker also suggests different testing strategies based on the size of the application and emphasizes the need to choose cost-effective testing approaches based on the specific project requirements.
testingunit testing
Playwright Test Runner
TestJS Summit 2021TestJS Summit 2021
25 min
Playwright Test Runner
Top Content
Andrey Lushnikov
Andrey Lushnikov
Microsoft
The Playwright Test Runner is a cross-browser web testing framework that allows you to write tests using just a few lines of code. It supports features like parallel test execution, device emulation, and different reporters for customized output. Code-Gen is a new feature that generates code to interact with web pages. Playwright Tracing provides a powerful tool for debugging and analyzing test actions, with the ability to explore trace files using TraceViewer. Overall, Playwright Test offers installation, test authoring, debugging, and post-mortem debugging capabilities.
testing
Everyone Can Easily Write Tests
TestJS Summit 2023TestJS Summit 2023
21 min
Everyone Can Easily Write Tests
Debbie O'Brien
Debbie O'Brien
Senior Program Manager @ Microsoft, working with Playwright.
Playwright is a reliable end-to-end testing tool for modern web apps that provides one API, full isolation, fast execution, and supports multiple languages. It offers features like auto-weighting, retrying assertions, seamless testing of iframes and shadow DOM, test isolation, parallelism, and scalability. Playwright provides tools like VS Code extension, UiMode, and Trace Viewer for writing, debugging, and running tests. Effective tests prioritize user-facing attributes, use playwright locators and assertions, and avoid testing third-party dependencies. Playwright simplifies testing by generating tests, providing code generation and UI mode, and allows for easy running and debugging of tests. It helps in fixing failed tests and analyzing DOM changes, fixing locator mismatches, and scaling tests. Playwright is open source, free, and continuously growing.
testinge2e testing

Workshops on related topic

Designing Effective Tests With React Testing Library
React Summit 2023React Summit 2023
151 min
Designing Effective Tests With React Testing Library
Top Content
Featured Workshop
Josh Justice
Josh Justice
React Testing Library is a great framework for React component tests because there are a lot of questions it answers for you, so you don’t need to worry about those questions. But that doesn’t mean testing is easy. There are still a lot of questions you have to figure out for yourself: How many component tests should you write vs end-to-end tests or lower-level unit tests? How can you test a certain line of code that is tricky to test? And what in the world are you supposed to do about that persistent act() warning?
In this three-hour workshop we’ll introduce React Testing Library along with a mental model for how to think about designing your component tests. This mental model will help you see how to test each bit of logic, whether or not to mock dependencies, and will help improve the design of your components. You’ll walk away with the tools, techniques, and principles you need to implement low-cost, high-value component tests.
Table of contents- The different kinds of React application tests, and where component tests fit in- A mental model for thinking about the inputs and outputs of the components you test- Options for selecting DOM elements to verify and interact with them- The value of mocks and why they shouldn’t be avoided- The challenges with asynchrony in RTL tests and how to handle them
Prerequisites- Familiarity with building applications with React- Basic experience writing automated tests with Jest or another unit testing framework- You do not need any experience with React Testing Library- Machine setup: Node LTS, Yarn
reacttestingbest practicesdeep divereact testingreact testing librarytest driven development react
How to Start With Cypress
TestJS Summit 2022TestJS Summit 2022
146 min
How to Start With Cypress
Featured WorkshopFree
Filip Hric
Filip Hric
The web has evolved. Finally, testing has also. Cypress is a modern testing tool that answers the testing needs of modern web applications. It has been gaining a lot of traction in the last couple of years, gaining worldwide popularity. If you have been waiting to learn Cypress, wait no more! Filip Hric will guide you through the first steps on how to start using Cypress and set up a project on your own. The good news is, learning Cypress is incredibly easy. You'll write your first test in no time, and then you'll discover how to write a full end-to-end test for a modern web application. You'll learn the core concepts like retry-ability. Discover how to work and interact with your application and learn how to combine API and UI tests. Throughout this whole workshop, we will write code and do practical exercises. You will leave with a hands-on experience that you can translate to your own project.
testingcypress
Detox 101: How to write stable end-to-end tests for your React Native application
React Summit 2022React Summit 2022
117 min
Detox 101: How to write stable end-to-end tests for your React Native application
Top Content
WorkshopFree
Yevheniia Hlovatska
Yevheniia Hlovatska
Compared to unit testing, end-to-end testing aims to interact with your application just like a real user. And as we all know it can be pretty challenging. Especially when we talk about Mobile applications.
Tests rely on many conditions and are considered to be slow and flaky. On the other hand - end-to-end tests can give the greatest confidence that your app is working. And if done right - can become an amazing tool for boosting developer velocity.
Detox is a gray-box end-to-end testing framework for mobile apps. Developed by Wix to solve the problem of slowness and flakiness and used by React Native itself as its E2E testing tool.
Join me on this workshop to learn how to make your mobile end-to-end tests with Detox rock.
Prerequisites- iOS/Android: MacOS Catalina or newer- Android only: Linux- Install before the workshop
testingreact nativee2e testingbeginner friendlyreact native accessibilityreact native detoxreact native test automationreact native testing
API Testing with Postman Workshop
TestJS Summit 2023TestJS Summit 2023
48 min
API Testing with Postman Workshop
Top Content
WorkshopFree
Pooja Mistry
Pooja Mistry
In the ever-evolving landscape of software development, ensuring the reliability and functionality of APIs has become paramount. "API Testing with Postman" is a comprehensive workshop designed to equip participants with the knowledge and skills needed to excel in API testing using Postman, a powerful tool widely adopted by professionals in the field. This workshop delves into the fundamentals of API testing, progresses to advanced testing techniques, and explores automation, performance testing, and multi-protocol support, providing attendees with a holistic understanding of API testing with Postman.
1. Welcome to Postman- Explaining the Postman User Interface (UI)2. Workspace and Collections Collaboration- Understanding Workspaces and their role in collaboration- Exploring the concept of Collections for organizing and executing API requests3. Introduction to API Testing- Covering the basics of API testing and its significance4. Variable Management- Managing environment, global, and collection variables- Utilizing scripting snippets for dynamic data5. Building Testing Workflows- Creating effective testing workflows for comprehensive testing- Utilizing the Collection Runner for test execution- Introduction to Postbot for automated testing6. Advanced Testing- Contract Testing for ensuring API contracts- Using Mock Servers for effective testing- Maximizing productivity with Collection/Workspace templates- Integration Testing and Regression Testing strategies7. Automation with Postman- Leveraging the Postman CLI for automation- Scheduled Runs for regular testing- Integrating Postman into CI/CD pipelines8. Performance Testing- Demonstrating performance testing capabilities (showing the desktop client)- Synchronizing tests with VS Code for streamlined development9. Exploring Advanced Features - Working with Multiple Protocols: GraphQL, gRPC, and more
Join us for this workshop to unlock the full potential of Postman for API testing, streamline your testing processes, and enhance the quality and reliability of your software. Whether you're a beginner or an experienced tester, this workshop will equip you with the skills needed to excel in API testing with Postman.
testingsecurity testing
Monitoring 101 for React Developers
React Summit US 2023React Summit US 2023
107 min
Monitoring 101 for React Developers
Top Content
WorkshopFree
Lazar Nikolov
Sarah Guthals
2 authors
If finding errors in your frontend project is like searching for a needle in a code haystack, then Sentry error monitoring can be your metal detector. Learn the basics of error monitoring with Sentry. Whether you are running a React, Angular, Vue, or just “vanilla” JavaScript, see how Sentry can help you find the who, what, when and where behind errors in your frontend project. 
Workshop level: Intermediate
reacttestingangularvue
Testing Web Applications Using Cypress
TestJS Summit - January, 2021TestJS Summit - January, 2021
173 min
Testing Web Applications Using Cypress
WorkshopFree
Gleb Bahmutov
Gleb Bahmutov
This workshop will teach you the basics of writing useful end-to-end tests using Cypress Test Runner.
We will cover writing tests, covering every application feature, structuring tests, intercepting network requests, and setting up the backend data.
Anyone who knows JavaScript programming language and has NPM installed would be able to follow along.
testingjavascriptcypresse2e testing