hngopher.com

       [HN Gopher] We need to talk about testing
       ___________________________________________________________________
        
       We need to talk about testing
        
       Author : glenjamin
       Score  : 13 points
       Date   : 2021-07-27 08:32 UTC (14 hours ago)
        
 (HTM) web link (dannorth.net)
 (TXT) w3m dump (dannorth.net)
        
       | geofft wrote:
       | The idea that the tests of TDD are not the same thing as the
       | tests of test coverage is a great insight that I don't think I'd
       | quite realized before. In my experience, that seems in fact
       | accurate - writing a short tool that _uses_ the code you want to
       | write is a good way to break down the problem and also make sure
       | your solution actually works, but it 's different from having
       | confidence in the system.
       | 
       | On the other hand, I'm a little confused at the idea of non-
       | automated tests that provide value. If you're interested in
       | security/compliance/accessibility/etc., those seem like general
       | software quality things, but they don't seem like "tests." To me,
       | a "test" is a thing that either passes or fails, by analogy to
       | tests in education, tests in law, etc. It's definitely valuable
       | to review code for security issues or ensure that you're taking
       | accessibility into account, but unless you're asking a question
       | that can produce a yes or no, then you're not increasing
       | stakeholder confidence _through evidence_ , per the article's
       | formulation (which I agree with). If you think there's value in
       | manual testing because a human will provide you with "insights
       | and feedback," great, but if you do hallway "testing" and
       | everyone successfully completes the task but provides no
       | feedback, is that a failure? If you can't find any security bugs
       | from reading the code, does that mean there are none?
       | 
       | If you want unstructured information from humans as part of
       | inputs to your design, great (and that's a great reason to shift
       | _feedback_ left), but I think that 's a different category from
       | testing.
       | 
       | You can't automate everything but you can automate a whole lot.
       | Static analysis tools, better languages, modeling tools, etc. can
       | find or prevent security problems more reliably than a human.
       | Linters can check for accessibility issues (missing alt tags,
       | missing ARIA attributes, etc.), and you can write integration
       | tests that try to drive your entire product using only
       | accessibility APIs to make sure your workflows are covered.
       | Automated tests can look at emitted logs and metrics and make
       | sure they're emitting what you expect and not emitting what you
       | don't. And so forth.
        
       ___________________________________________________________________
       (page generated 2021-07-27 23:00 UTC)