testing-omega-quality
SKILL.md
Testing Omega Quality
Master comprehensive testing strategies covering all quality dimensions - accuracy, performance, security, and accessibility.
Quick Start
# 1. Define test strategy with 4 dimensions
TestStrategy:
Accuracy: { unit: 80%, integration: 60%, e2e: "critical paths" }
Performance: { p95: "<200ms", concurrent: 50 }
Security: { injection: true, auth: true, xss: true }
Accessibility: { wcag: "2.1 AA", keyboard: true }
# 2. Follow the test pyramid
Pyramid:
Unit: 80% # Fast, isolated, business logic
Component: 70% # UI components with mocks
Integration: 60% # API endpoints, data flow
E2E: "critical" # Happy paths, auth, checkout
# 3. Run quality gates in CI
Gates: ["coverage > 80%", "no-security-issues", "a11y-pass"]
Features
| Feature | Description | Guide |
|---|---|---|
| 4D Testing | Accuracy, Performance, Security, Accessibility | Cover all quality dimensions |
| Test Pyramid | Unit, Component, Integration, E2E layers | More units, fewer E2E |
| Property-Based | Test with generated inputs | Catch edge cases automatically |
| Performance | Response time, load, memory testing | Percentile-based thresholds |
| Security | SQL injection, XSS, auth bypass tests | OWASP-aligned coverage |
| Accessibility | WCAG compliance, keyboard, screen reader | Automated a11y scanning |
| Visual Regression | Screenshot comparison testing | Catch UI regressions |
Common Patterns
The Omega Test Pyramid
/\
/E2E\ <- Critical paths only (slowest)
/─────\
/ Visual \ <- Screenshot comparisons
/───────────\
/ Integration \ <- Service boundaries, APIs
/───────────────\
/ Component \ <- UI components isolated
/───────────────────\
/ Unit \ <- Fast, business logic (most)
/─────────────────────────\
Four Quality Dimensions
interface OmegaTestSuite {
accuracy: {
happyPath: Test[]; // Normal use cases
edgeCases: Test[]; // Boundary conditions
errorCases: Test[]; // Failure handling
};
performance: {
responseTime: Test[]; // p50, p95, p99 latency
throughput: Test[]; // Requests per second
memory: Test[]; // Leak detection
};
security: {
authentication: Test[];
authorization: Test[];
injection: Test[]; // SQL, XSS prevention
};
accessibility: {
wcag: Test[]; // WCAG 2.1 AA
keyboard: Test[]; // Tab navigation
screenReader: Test[]; // ARIA labels
};
}
Unit Testing Patterns
// Arrange-Act-Assert pattern
describe('calculateDiscount', () => {
it('applies 10% discount for orders over $100', () => {
// Arrange
const order = createOrder({ subtotal: 150 });
// Act
const result = calculateDiscount(order);
// Assert
expect(result.discount).toBe(15);
expect(result.total).toBe(135);
});
});
// Parameterized edge cases
it.each([
['missing @', 'userexample.com', false],
['valid format', 'user@example.com', true],
['empty string', '', false],
])('validateEmail %s: %s -> %s', (_desc, email, expected) => {
expect(validateEmail(email)).toBe(expected);
});
// Property-based testing
it('sorted array has same length as input', () => {
fc.assert(fc.property(fc.array(fc.nat()), (arr) => {
return sortArray(arr).length === arr.length;
}));
});
Integration Testing
describe('UserService Integration', () => {
let db: TestDatabase;
beforeAll(async () => { db = await createTestDatabase(); });
afterAll(async () => { await cleanupTestDatabase(db); });
it('persists user to database', async () => {
const user = await userService.createUser({
email: 'test@example.com', name: 'Test'
});
const dbUser = await db.query('SELECT * FROM users WHERE id = $1', [user.id]);
expect(dbUser.email).toBe('test@example.com');
});
it('rolls back transaction on failure', async () => {
vi.spyOn(db, 'commit').mockRejectedValueOnce(new Error('DB error'));
await expect(userService.transfer(from, to, 50)).rejects.toThrow();
// Verify no changes persisted
expect(await userService.getBalance(from)).toBe(originalBalance);
});
});
Performance Testing
describe('API Performance', () => {
it('responds within SLA', async () => {
const times: number[] = [];
for (let i = 0; i < 100; i++) {
const start = performance.now();
await api.get('/users');
times.push(performance.now() - start);
}
expect(percentile(times, 50)).toBeLessThan(50); // p50 < 50ms
expect(percentile(times, 95)).toBeLessThan(100); // p95 < 100ms
expect(percentile(times, 99)).toBeLessThan(200); // p99 < 200ms
});
it('handles concurrent load', async () => {
const requests = Array(50).fill(null).map(() => api.get('/users'));
const responses = await Promise.all(requests);
expect(responses.every(r => r.status === 200)).toBe(true);
});
});
Security Testing
describe('Security Tests', () => {
const sqlPayloads = ["'; DROP TABLE users; --", "' OR '1'='1"];
const xssPayloads = ['<script>alert("xss")</script>', '<img onerror=alert(1)>'];
it.each(sqlPayloads)('prevents SQL injection: %s', async (payload) => {
const response = await api.get(`/users?search=${encodeURIComponent(payload)}`);
expect(response.status).not.toBe(500);
expect(await db.query('SELECT * FROM users')).toBeDefined();
});
it.each(xssPayloads)('escapes XSS payload: %s', async (payload) => {
await api.post('/posts', { content: payload });
const html = (await api.get('/posts')).body.posts[0].content;
expect(html).not.toContain('<script>');
});
it('rate limits login attempts', async () => {
for (let i = 0; i < 10; i++) {
await api.post('/login', { email: 'x', password: 'wrong' });
}
const response = await api.post('/login', { email: 'x', password: 'wrong' });
expect(response.status).toBe(429);
});
});
Accessibility Testing
test.describe('Accessibility', () => {
test('page has no WCAG violations', async ({ page }) => {
await page.goto('/');
const results = await new AxeBuilder({ page })
.withTags(['wcag2a', 'wcag2aa', 'wcag21aa'])
.analyze();
expect(results.violations).toEqual([]);
});
test('keyboard navigation works', async ({ page }) => {
await page.goto('/');
const focusable = 'a, button, input, [tabindex]:not([tabindex="-1"])';
const elements = await page.locator(focusable).all();
for (const _ of elements) {
await page.keyboard.press('Tab');
const focused = await page.evaluate(() => document.activeElement?.tagName);
expect(focused).toBeDefined();
}
});
test('images have alt text', async ({ page }) => {
const images = await page.locator('img').all();
for (const img of images) {
expect(await img.getAttribute('alt')).toBeTruthy();
}
});
});
E2E Critical Path
test('complete purchase flow', async ({ page }) => {
// Login
await loginAsTestUser(page);
// Add to cart
await page.goto('/products/test-product');
await page.click('[data-testid="add-to-cart"]');
// Checkout
await page.click('[data-testid="checkout-button"]');
await page.fill('[data-testid="card-number"]', '4242424242424242');
await page.click('[data-testid="place-order"]');
// Verify
await expect(page).toHaveURL(/\/orders\/[a-z0-9-]+/);
await expect(page.locator('[data-testid="order-status"]'))
.toHaveText('Order Confirmed');
});
Best Practices
| Do | Avoid |
|---|---|
| Test all four quality dimensions | Testing only happy paths |
| Follow the test pyramid (more units) | Relying heavily on E2E tests |
| Use descriptive test names | Testing implementation details |
| Test edge cases systematically | Writing flaky tests |
| Keep tests independent (no shared state) | Using sleep/delays for timing |
| Use factories for test data | Hardcoding test data |
| Mock external dependencies in unit tests | Over-mocking in integration tests |
| Run tests in CI on every commit | Ignoring failing tests |
| Fix flaky tests immediately | Skipping tests without reason |
| Chase meaningful coverage, not 100% | Testing framework code |
Weekly Installs
1
Repository
doanchienthangdev/omgkitGitHub Stars
3
First Seen
6 days ago
Security Audits
Installed on
zencoder1
amp1
cline1
openclaw1
opencode1
cursor1