Skip to main content

Bug Automation

In many of my clients, more effort is spent on 'test automation' than on other forms of testing or quality assurance. That can be the right choice, for example, I worked on a Data Warehousing project where we needed to write some test automation before we could test the data and its processing.

Many other projects in different technology areas also spend a lot of time on their test automation. To be precise, they spend an increasing amount of time fixing & maintaining old 'tests' and 'frameworks'.

There are great tools around to help us write these automated checks quickly. But as with many software systems: maintenance, in the long term, is where the time and money goes. That is why I'm surprised we don't use short term automation more. We have the skills.

One good example of short term automation is Bug Automation. A simple script / executable that recreates or demonstrates a bug. This isn't a new idea, I've been doing it for years and I know other people have to.

Its common on open source projects to report an issue with example code, to clarify the exact issue you are reporting. Its a quick way to demonstrate the issue.

I'm not referring here to the idea of building a regression test suite from 'tests' (checks) from each bug fix. You can do that if you want, It can be very useful, but you are back to maintenance overhead.

By Bug Automation I'm referring to a disposable script that proves the system is broken. We can falsify the assumption that we have 'working' software. We can't prove the system is bug-free with our automation, but we can show its broken. 

The automation isn't there to indicate when we have fixed the issue - but to highlight that we, as a team, have created one.

In many situations a quick chat, screen-shot or URL is enough to help a developer fix a bug. But not always. For example, A tool like BlueBerry Test Assistant could help demonstrate a bug quicker than I can explain it. But in some contexts the best tool is code.

For example: I discovered a security flaw in an open source Content Management System used by several large media corporations, including my client at the time.  I could have described the issue to people, but that would have been a poor substitute to an actual demonstration.

Its hard to persuade someone that their 'secure' random token generator isn’t random - its easier to show them.  So I wrote some Bug Automation, and sent this along with a summary of the issue. (And together we figured out a more secure solution)

Another simple example: Google has a minor bug whereby if you enter Hebrew or Arabic text (with white-space) the full stop on the 'Press Enter...' message is placed at the wrong end of the sentence.


While the issue isn't hard to describe, or screen grab (see above). Recreating the issue might not be so easy. Therefore we can create some simple Bug Automation, like this.

Other members of your team can run this script and see the issue on their own PC. They don't have figure out how to type Right To Left languages or battle an OS or bug tracking system that doesn’t like you to copy and paste such things. Used purely as a communication aid, It also doesn’t have the maintenance overhead of trying to maintain a 'proof' of a fix long term.

Bug Automation is already a multimillion dollar industry, its called the Zero Day Exploit industry. Unfortunately that automation is often used for nefarious purposes. But as an example of positive deviance, it might be wise to pick-up on the clever things other developers & testers are doing, and use them for ourselves and for good.

Comments

Popular posts from this blog

Can Gen-AI understand Payments?

When it comes to rolling out updates to large complex banking systems, things can get messy quickly. Of course, the holy grail is to have each subsystem work well independently and to do some form of Pact or contract testing – reducing the complex and painful integration work. But nonetheless – at some point you are going to need to see if the dog and the pony can do their show together – and its generally better to do that in a way that doesn’t make millions of pounds of transactions fail – in a highly public manner, in production.  (This post is based on my recent lightning talk at  PyData London ) For the last few years, I’ve worked in the world of high value, real time and cross border payments, And one of the sticking points in bank [software] integration is message generation. A lot of time is spent dreaming up and creating those messages, then maintaining what you have just built. The world of payments runs on messages, these days they are often XML messages – and they ...

Don't be a Vogon, make it easy to access your test data!

 The beginning of the hitch-hikers guide to the galaxy leads with an alien ship about to destroy the Earth, and the aliens saying we (mankind) should have been more prepared – as a notice had been on display quite clearly – on Alpha Centauri the nearby star system, for 50 years. Seriously, people - what are you moaning about – get with the program?  The book then continues with the theme of bureaucratic rigidity and shallow interpretations of limited data. E.g. The titular guide’s description of the entire Earth is one word: “Harmless”, but after extensive review the new edition will state: “Mostly harmless”. Arthur Dent argues with the Vogons about poor data access This rings true for many software testing work, especially those with externally developed software, be that external to the team or external to the company. The same approaches that teams use to develop their locally developed usually don’t work well. This leads to a large suite of shallow tests that are usually h...

Can 'reasoning' LLMs help with recs data creation?

  A nervous tourist, glances back and forth between their phone and the street sign. They then rotate their phone 180 degrees, pauses, blink and frown. The lost traveller, flags a nearby ‘local’ (the passer-by has a dog on a lead.   “Excuse me…” she squeaks, “How may I get to Tower Hill?” “Well, that’ s a good one” ponders the dog walker, “You know…” “Yes?” queries the tourist hopefully. “Yeah…” A long pause ensues then, “Well I wouldn’t start from here” He states confidently. The tourist almost visibly deflates and starts looking for an exit. That’s often how we start off in software testing. Despite the flood of methodologies, tips on pairing, power of three-ing, backlog grooming, automating, refining and all the other … ings ) We often find ourselves having to figure out and therefore ‘test’ a piece of software by us ing it. And that’s good. Its powerful, and effective if done right. But, like our dog walker, we can sometimes find ourselves somewhere unfamiliar...