November 18 - 19, 2021
TestJS Summit
Online

TestJS Summit 2021

Test JavaScript. Test with JavaScript.

TestJS Summit is getting back in 2023 in hybrid format with the first in-person day streamed from the Berlin venue including hybrid networking features and interactive entertainment; and second day, as well as the numerous free workshops, streamed to the global audience online. TestJS Summit is event for QAs and software developers to get up to date with JS testing best practices, sharpen skills and get latest updates from top products core teams. Get a full ticket to participate in workshops, and network with others JS testing folks on December 7-11, 2023.

This edition of the event has finished, the latest updates of this JavaScript Conference are available on the Brand Website.
Network Requests with Cypress
33 min
Network Requests with Cypress
Top Content
Cecilia Martinez, a technical account manager at Cypress, discusses network requests in Cypress and demonstrates commands like cydot request and SCI.INTERCEPT. She also explains dynamic matching and aliasing, network stubbing, and the pros and cons of using real server responses versus stubbing. The talk covers logging request responses, testing front-end and backend API, handling list length and DOM traversal, lazy loading, and provides resources for beginners to learn Cypress.
Testing Pyramid Makes Little Sense, What We Can Use Instead
38 min
Testing Pyramid Makes Little Sense, What We Can Use Instead
Top Content
Video
Gleb Bahmutov
Roman Sandler
2 authors
The testing pyramid - the canonical shape of tests that defined what types of tests we need to write to make sure the app works - is ... obsolete. In this presentation, Roman Sandler and Gleb Bahmutov argue what the testing shape works better for today's web applications.
Test Effective Development
31 min
Test Effective Development
Top Content
This Talk introduces Test Effective Development, a new approach to testing that aims to make companies more cost-effective. The speaker shares their personal journey of improving code quality and reducing bugs through smarter testing strategies. They discuss the importance of finding a balance between testing confidence and efficiency and introduce the concepts of isolated and integrated testing. The speaker also suggests different testing strategies based on the size of the application and emphasizes the need to choose cost-effective testing approaches based on the specific project requirements.
Playwright Test Runner
25 min
Playwright Test Runner
Top Content
The Playwright Test Runner is a cross-browser web testing framework that allows you to write tests using just a few lines of code. It supports features like parallel test execution, device emulation, and different reporters for customized output. Code-Gen is a new feature that generates code to interact with web pages. Playwright Tracing provides a powerful tool for debugging and analyzing test actions, with the ability to explore trace files using TraceViewer. Overall, Playwright Test offers installation, test authoring, debugging, and post-mortem debugging capabilities.
Effective Performance Testing to your Server with Autocannon
36 min
Effective Performance Testing to your Server with Autocannon
Top Content
Tamar is an experienced code writer and architect with expertise in Node.js. Performance testing can be confusing, but understanding terms like throughput and the 99th percentile is crucial. The 99th percentile is important for making commitments and ensuring customer satisfaction. AutoCanon is a powerful tool for simulating requests and analyzing server performance. It can be installed globally or used as a library in Node.js. Autocannon is preferred over Gatling for performance testing and can be integrated with end-to-end tests in Cypress.
Configuring Axe Accessibility Tests
30 min
Configuring Axe Accessibility Tests
Top Content
AXe is an accessibility engine for automated web UI testing that runs a set of rules to test for accessibility problems. It can be configured to disable or enable specific rules and run based on tags. Axe provides various options, but axe linter does not support all options. The importance of investing time and resources in accessibility is emphasized, as it benefits not only those with disabilities but improves the web for everyone. Manual testing is also highlighted as a necessary complement to automated tests for addressing accessibility issues.
Visual Regression with Puppeteer, Playwright and Cypress
9 min
Visual Regression with Puppeteer, Playwright and Cypress
Top Content
Hello, I'm Rainer Haneckamp, a trainer and consultant at Angular Architects. In this talk, we'll explore visual regression testing using tools like Puppeteer, Playwright, and Cypress. We'll learn how to use Storybook and Puppeteer with Jest for visual regression testing. We'll also see how Jest and Playwright can be used together for visual regression testing. Finally, we'll discover how to use Cypress for visual regression testing. Thank you for watching!
Automated accessibility testing with jest-axe and Lighthouse CI
85 min
Automated accessibility testing with jest-axe and Lighthouse CI
Workshop
Bonnie Schulkin
Bonnie Schulkin
Do your automated tests include a11y checks? This workshop will cover how to get started with jest-axe to detect code-based accessibility violations, and Lighthouse CI to validate the accessibility of fully rendered pages. No amount of automated tests can replace manual accessibility testing, but these checks will make sure that your manual testers aren't doing more work than they need to.
Predictive Testing in JavaScript with Machine Learning
18 min
Predictive Testing in JavaScript with Machine Learning
This Talk explores the benefits of introducing machine learning to software testing, including automating test case generation and achieving close to 100% code coverage. AI is being used to automate test generation, improve regression testing, and make predictions in automation testing. Machine learning enables predictive testing by selecting tests that are more likely to uncover issues in code changes. AI-based tools are being used to generate automated tests, improve code coverage, and intelligently select tests. Companies are relying on dedicated testers and using historical code changes and test cases to generate specific test cases for relevant code changes.
It's a (Testing) Trap! - Common Testing Pitfalls and How to Solve Them
20 min
It's a (Testing) Trap! - Common Testing Pitfalls and How to Solve Them
This Talk explores the pain points and best practices in software testing, emphasizing the importance of simplicity and comprehensibility in test design. It discusses techniques such as the three-part rule for test titles, the triple-A pattern for test structure, and the use of clear and descriptive names in tests. The Talk also highlights the traps of testing implementation details and using fixed waiting times. The speaker encourages teamwork and learning from experience to improve testing practices.
E2E Tests for API – Saving Nerves and Hours
8 min
E2E Tests for API – Saving Nerves and Hours
This Talk discusses the use of end-to-end tests for API development, specifically using the Nest.js framework. The process of initializing the Nest API for testing is explained, along with customization options such as overriding authentication guards. The benefits of end-to-end tests are highlighted, including ease of modification and serving as additional documentation for the API. The challenges of writing the initial version of the test and a trick for mocking the date in tests are also mentioned.
Tests That Help you Find Defects Faster
21 min
Tests That Help you Find Defects Faster
This talk covers tests that help find defects faster, focusing on test case assertions, improving test failure context, test code structure, and the dangers of extracting code in tests. It emphasizes the importance of small tests, test isolation, and using TDD. The benefits of TDD and testable automation are discussed, along with setting up an engineering workflow and the use of mocking. Overall, the talk provides valuable insights into writing effective tests and ensuring code quality.
Go Find What We May Have Missed!
27 min
Go Find What We May Have Missed!
Maaret Pyhäjärvi, a principal test engineer at Vaisala, emphasizes the importance of balancing different types of testing to build better teams. Testing the application with different locations reveals potential issues with its behavior. The speaker highlights the significance of testing integrations and dependencies, including libraries and operating systems. They prefer code-oriented tools like Requests and Python for API testing. Exploratory testing is the only type of testing they perform, and they encourage others to participate in it as well.
Designing A Sustainable Freelance Career
110 min
Designing A Sustainable Freelance Career
Video
Alexander Weekes
Rodrigo Donini
2 authors
Would you like to pursue your passions and have more control over your career? Would you like schedule and location flexibility and project variety? Would you like the stability of working full-time and getting paid consistently? Thousands of companies have embraced remote work and realize that they have access to a global talent pool. This is advantageous for anyone who has considered or is currently considering freelance work.

Freelancing is no longer an unstable career choice. This workshop will help you design a sustainable and profitable full-time (or part-time) freelancing career. We will give you tools, tips, best practices, and help you avoid common pitfalls.

>> Submit your interest on becoming a freelance engineer with Toptal and get a call with Talent Acquisition specialist <<

Table of contents:

Module 1: Dispelling common myths about freelancing
Module 2: What does freelancing look like in 2021 and beyond
Module 3: Freelancing choices and what to look for (and what to avoid)
Module 4: Benefits of freelancing from a freelancer + case study
BREAK - SPEED CODING CHALLENGE
Module 6: How to get started freelancing (experience, resume, preparation)
Module 7: Common paths to full-time freelancing
Module 8: Essentials: setting your rate and getting work
Module 9: Next steps: networking with peers, upskilling, changing the world
Module 10: Freelancer AMA
SPEED CODING WINNER ANNOUNCED
Test your UI in the REAL Browser
33 min
Test your UI in the REAL Browser
Storybook is a powerful tool for building UI components and testing them. It allows for easy reuse and compatibility with other tools. Storybook 6.4 introduces interactive stories and live coding, making it easier to create and debug complex components. It also integrates with popular testing libraries like Jest and Testing Library. Storybook aims to bridge the gap between end-to-end testing and unit testing, providing automated testing options for UI components.
Why Tracing is a Lifesaver for E2E Tests of Distributed Systems?
8 min
Why Tracing is a Lifesaver for E2E Tests of Distributed Systems?
Tandra is a company that builds modern tools for developers and QA engineers. Their flagship product, Foresight, helps monitor and debug CI-CD workflows and tests. The Talk discusses the reasons for end-to-end test failures, how to debug them, and the benefits of tracing. End-to-end tests can fail due to time-waiting issues, dependencies between tests, and inter-service communications. Debugging through logs and artifacts is possible, but tracing is more effective in uncovering root causes, especially in microservices.
Flaky Test Management with Cypress
114 min
Flaky Test Management with Cypress
Workshop
Cecelia Martinez
Cecelia Martinez
This workshop is for Cypress users who want to step up their game against flake in their test suites. Leveraging the Cypress Real World App, we’ll cover the most common causes of flake, code through some examples of how to make tests more flake resistant, and review best practices for detecting and mitigating flake to increase confidence and reliability.

Table of contents:
- Cypress Real World App Overview
- What is Flake?
- Causes of Flake
- Managing Network-related Flake (Activity)
- Managing Dom-relate Flake (Activity)
- Flake Detection and Mitigation Best Practices
- Q&A
How Low-Code Enables Continuous Testing in DevOps
31 min
How Low-Code Enables Continuous Testing in DevOps
Today's Talk discusses how Low Code enables continuous testing and DevOps, emphasizing the importance of test automation and the drawbacks of siloed approaches. The next era of quality engineering aims to overcome automation challenges by incorporating machine learning and intelligent automation. The development process involves local testing, pull requests, and comprehensive testing to ensure quality before merging. Low-code tools like Mable help democratize testing and achieve higher test coverage. Mable's coverage report includes performance metrics and test results, making testing easy and accessible for any team member.
Selenium 4 – What's New and How you Can Use it!
32 min
Selenium 4 – What's New and How you Can Use it!
Selenium 4.0 introduces exciting features such as relative locators, new window APIs, event-driven code, and network interception. It aims to make automation easier with improvements in scalability, observability, and handling of windows and tabs. The focus is on improving the quality of the web and incorporating user feedback. Selenium 4.0 also offers better support for mobile testing and cloud services, with ongoing documentation improvements.
How to Catch a11y Defects During Unit and E2E Testing
7 min
How to Catch a11y Defects During Unit and E2E Testing
This Talk provides ways to catch accessibility defects during testing, including adding accessibility testing to a website for Studio Ghibli using React, NX, Jazz, JazzX, Cypress, and CypressX. The importance of unitizing components and conducting end-to-end testing with Cypress and CypressX is emphasized to ensure accessibility. The process of setting up CypressX testing is explained, highlighting the use of typings and the CypressX support file. These tools make it easier for developers to avoid accessibility bugs during development.
JS Do It.....Accurate Security Testing Automation for Developers
10 min
JS Do It.....Accurate Security Testing Automation for Developers
Neuralegions is a dynamic application security testing scanner designed for developers. It allows you to build the scan surface from the first unit tests, seamlessly integrating into your pipelines. With no false positives, you can trust the output to quickly detect and fix security vulnerabilities. Eurolegion provides comprehensive coverage, supporting web apps, internal apps, and APIs. It can handle client-side dynamic content and integrates with existing functional scripts. Scans are fast and can test for business logic vulnerabilities. Authenticated scans are fully supported. The biggest issue with security scanners is accuracy. Developers want to know real issues, not hyperbole. Neuralegion focuses on removing false positives automatically. It validates every finding with a full proof of concept, eliminating the need for manual validation. Full visibility of recurring and new issues is provided, along with developer-friendly remediation guidelines. Neuralegion seamlessly integrates into your pipeline, allowing developers to shift left and scan every commit or pull request.
Who is Testing the Tests?
8 min
Who is Testing the Tests?
Mutation testing is a method to improve test quality by inserting bugs into code to test if tests can detect them. Mutation-testing frameworks like Striker.js allow for various mutations to be performed. Mutation testing provides a mutation score that is a better tool than code coverage for measuring test quality. It can help identify missing tests or bugs in existing tests. Stryker is recommended for JavaScript and TypeScript mutation testing.
Who Guards the Guards? – Finding Bugs in Your Tests
8 min
Who Guards the Guards? – Finding Bugs in Your Tests
The Talk discusses common pitfalls of JavaScript unit testing, including issues with expectations, assertions, and missing assertions. It also highlights the importance of handling exceptions properly and introduces SonarLint as a tool for code analysis and issue fixing. Additionally, it mentions SonarCube and SonarCloud as options for integrating static analysis testing in a continuous integration pipeline.
JS Security Testing Automation for Developers on Every Build
111 min
JS Security Testing Automation for Developers on Every Build
WorkshopFree
Oliver Moradov
Bar Hofesh
2 authors
As a developer, you need to deliver fast, and you simply don't have the time to constantly think about security. Still, if something goes wrong it's your job to fix it, but security testing blocks your automation, creates bottlenecks and just delays releases...but it doesn't have to...

NeuraLegion's developer-first Dynamic Application Security Testing (DAST) scanner enables developers to detect, prioritise and remediate security issues EARLY, on every commit, with NO false positives/alerts, without slowing you down.

Join this workshop to learn different ways developers can access Nexploit & start scanning without leaving the terminal!

We will be going through the set up end-to-end, whilst setting up a pipeline, running security tests and looking at the results.

Table of contents:
- What developer-first DAST (Dynamic Application Security Testing) actually is and how it works
- See where and how a modern, accurate dev-first DAST fits in the CI/CD
- Integrate NeuraLegion's Nexploit scanner with GitHub Actions
- Understand how modern applications, APIs and authentication mechanisms can be tested
- Fork a repo, set up a pipeline, run security tests and look at the results
Are we Forever Doomed to Software Supply Chain Security?
17 min
Are we Forever Doomed to Software Supply Chain Security?
The Talk discusses the importance of software security and the risks associated with open-source software supply chains. It highlights real-world stories of developers' involvement in security incidents and emphasizes the need to trust the software we use. The Talk also addresses the vulnerabilities and targeted attacks that come with the growing dependency on open-source software. It explores the security risks in open-source dependencies, open-source ecosystems, and the future of open source software. Additionally, it provides insights into choosing the best vulnerability scanning software and promoting supply chain security practices.
Automated Application Security Testing
9 min
Automated Application Security Testing
StackHawk is a dynamic application security testing tool that helps you find, understand, and fix security bugs in your running HTTP applications and API endpoints. It runs active security tests using OWASP top 10 best practices and can be integrated into CI/CD workflows. The scanner provides detailed scan results, including findings like SQL injection and cross-site scripting issues, and can be configured using YAML. StackHawk can be used to triage and prioritize security issues, and it can be seamlessly integrated into the development workflow.
Test Time Execution! Why it Can't be Ignored?
10 min
Test Time Execution! Why it Can't be Ignored?
Lambda Test is a cloud-based continuous quality platform that addresses common challenges faced by modern QA and development teams. These challenges include the need to shorten release cycles, the increase in test execution time due to test infrastructure, and the impact of flaky tests on developer feedback and productivity. Lambda Test offers a wide range of features, including live testing for virtual machines and native app testing, automation cloud for running test suites, and integration with various tools. The platform is known for its reliability, scalability, and performance, and can be quickly onboarded and integrated with existing test suites and CI-CD tools.
How to Exploit Real World Vulnerabilities
47 min
How to Exploit Real World Vulnerabilities
WorkshopFree
Noa Moshe
Noa Moshe
This workshop will lead you through installing and exploiting a number of intentionally vulnerable applications. The applications will use real-world packages with know vulnerabilities, including:

- Directory traversal
- Regular expression denial of service (ReDoS)
- Cross site scripting (XSS)
- Remote code execution (RCE)
- Arbitrary file overwrite (Zip Slip)
- These exploits exist in a number of applications, most of which you will need to install either locally or on a cloud instance.

You can do this workshop in 2 different flavours:

- Using the prepared Docker images OR
- Install everything on your local machine.
Learn to defend by learning the hacker mindset
105 min
Learn to defend by learning the hacker mindset
Workshop
Vandana Verma
Vandana Verma
The Application Security Training is a 3 Hour training. This Training is intended for those who are interested in making a career in the Information Security domain. This training involves real world scenarios that every Security Professional must be well versed with. It involves decompiling, real-time analyzing and testing of the applications from a security standpoint.

This training covers understanding the internals of web and mobile web applications, Real-time testing of web applications and android applications and a strategic approach to analyze applications for OWASP Top 10 vulnerabilities (Web) security issues such as Injections, Cross Site Scripting (XSS), CSRF Attacks, Insecure API’s, Insecure logging, Insecure communication, Insufficient cryptography, Insecure authentication and Poor code quality and many more.
Live e2e test debugging for a distributed serverless application
146 min
Live e2e test debugging for a distributed serverless application
WorkshopFree
Serkan Ozal
Oguzhan Ozdemir
2 authors
In this workshop, we will be building a testing environment for a pre-built application, then we will write and automate end-to-end tests for our serverless application. And in the final step, we will demonstrate how easy it is to understand the root cause of an erroneous test using distributed testing and how to debug it in our CI/CD pipeline with Thundra Foresight.

Table of contents:
- How to set up and test your cloud infrastructure
- How to write and automate end-to-end tests for your serverless workloads
- How to debug, trace, and troubleshot test failures with Thundra Foresight in your CI/CD pipelines