LOGIN
התחברות או הרשמה
Avatar
להמשך הרשמה ידנית – לחץ על כפתור ההרשמה, להרשמה/כניסה מהירה בעזרת חשבון רשת חברתית – לחץ על הלוגו בכותרת

אפס סיסמה - שכחתי את שם המשתמש

שם משתמש
סיסמה
זכור אותי

he icon   en icon

RSS מהעולם

  • The Deliberate Tester – Chapter 5: Logged In

    The Deliberate Tester – Chapter 5: Logged In Back in 2011, I approached Rob Lambert at the Software Testing Club on a small series, packed into a narrative format as I wanted to try that out. Rob decided to run that series on the Software Testing Club back then, and I had some fun writing it. Skip forward 11 years, and the Software Testing Club no longer exists, it’s been a while since I have been in touch with Rob, yet I figured, let’s see how this series aged over the years. As a sort of throwback Friday for myself, I will publish the entries on a weekly basis, and read along with you. I think I ended up with eight chapters in the end and might add a reflection overall at the end. In case you want to catch up with the previous parts, I published these ones earlier: Chapter 1: Session-based explorationChapter 2: Facing the Business with AutomationChapter 3: Fallacies and PitfallsChapter 4: The Challenge The Deliberate Tester Chapter 5: Logged In “Ok, April, tell me about the business rules for the login.”“Alright, Peter. Users may log in using a previously created username and a password. The username is given by the system administrator. Any letters or digits shall be allowed. The password has to include at least two letters, at least two digits, and at least one symbol, while being at least 8 characters long.”“So, this is also checked at the login screen?”“Yes. To avoid a security hole storing wrong passwords in the database.”“In that[…]

    30.09.2022 | 9:45 קרא עוד...
  • Selecting dependencies

    Selecting dependencies Open source software is everywhere. Most likely you are using some open source projects either at work and/or in your side projects.Pros and cons of using dependenciesOne of the upsides of using Java as a programming language, is that there are libraries and frameworks available to do many of the things we want to do in our projects, but don’t necessarily want to write ourselves. Using existing libraries and frameworks helps us deliver business value faster.Unfortunately, there are also downsides to using external dependencies. The most dangerous being when security vulnerabilities are found in libraries many of us use, like the Log4Shell vulnerability in the log4j logging library that was disclosed in December 2021 and the Spring4Shell vulnerability in Spring in March 2022. These vulnerabilities were so severe that we had to patch all our services ASAP. Even if the version of a dependency you use does not have any known vulnerabilities, you might need to update them for other reasons.In addition, adding dependencies to your project also has an impact on the size of your binary. For example, Brian Vermeer has created a demo to show the number of lines of code written versus number of lines pulled in by Spring. Granted, he admits that “this was the most useless Rest endpoint you could ever write”, but this demo clearly shows how the code pulled in by dependencies can overshadow to amount of code you write yourself.A balancing actThis means we have to think carefully about which dependencies we want to[…]

    30.09.2022 | 2:37 קרא עוד...
  • Five Blogs – 30 September 2022

    The (best) five blogs we can read today. Check them out. How To Reduce The Scope Of Testing During Testing Written by: Han Toan Lim Schwerpunkt: The Killer Strategic Concept You’ve Never Heard Of (But Really Need To Know!) Written by: Greg Satell The Future of QA in DevOps Written by: Amy Hawman On the Shoulders of 112 Giants Written by: Jesper Ottosen Fake Accounts Are Not Your Friends Written by: Jonathan Care Quote of the day: “People who don’t appreciate your presence, only deserve your absence” -Alexander Auron You can follow this page on Twitter

    30.09.2022 | 12:52 קרא עוד...
  • The Shift That’s Required In Testing, Right Now

    Throwing keywords and calling to Shift – to the left and to the right, towards Software Quality ad infinitum in Software Engineering, have only confused people and has not delivered the results that they have promised, so far. These keywords serve very well for SEO and make great LinkedIn title phrases, but are they being practiced? Let’s take a look at what shift in testing is required at the moment. To find and prevent defects / mismatch as early as possible has always been the endeavor of Software Testers. In an organisation with good culture and best practices, testers get involved right from the requirements, and sometimes even in discussions during conceptualization – to assess product’s suitability to market. I am not sure why ‘Shift-Left’ or ‘Quality Built-In’ or ‘Quality Engineering’ should be new buzzwords for already existing best practices. I suspect that this is happening because of the new generation of app startups which want to develop products (without testing), where the idea to prevent bugs earliest is being sold as old wine in a new bottle. The ultimate goal should be to have a better product. But by making the cycles smaller, the value of having better products seems to be getting lost. Software Engineering and Software Testing are commoditized into 3-months involvement, with engineers moving from domain to domain within a short span, with the only constant being the testing tools that they use. This is especially prevalent in software services. If an engineer shifts their domain[…]

    29.09.2022 | 11:56 קרא עוד...
  • Nine tips on hiring Quality Coaches (can you make it ten?)

    Nine tips on hiring Quality Coaches (can you make it ten?) If you're working in a company that is scaling rapidly and using the quality assistance model, at some point, you'll need to hire a quality coach (or two or three...). It can be tricky hiring a quality coach for several reasons: First, if you are working with a talent advisor (TA), they may not fully understand the role and find it difficult to distinguish between the experienced tester and a quality coach. Some software testers who call themselves quality coaches don't work with multiple teams. Instead, they sit within a team and occasionally coach people on software testing. While there's nothing wrong with that, it's not a quality assistance model where the team is accountable for all software testing. Not all quality coaches have the same level of experience. Therefore, avoid assuming that a quality coach who works at a team level is suitable to drive strategy at a senior level. The pool of quality coaches is not huge, so finding the right skillset will be challenging. The good news is that recently I've been doing a lot of hiring. So I've had an opportunity to learn a few things.

    29.09.2022 | 9:41 קרא עוד...
  • Setting up a new macOS machine

    I’ve recently had to set up a new macOS machine. I don’t trust syncing, so I do it manually. I’ve heard that macOS syncing works great these days from a few people, but I still prefer to set up a new machine manually. It might be just bad experiences from the past. I have two reasons for the manual setup. First, it forces me to keep notes on software I install and configurations I make to the operating system and applications. Secondly, over the years the machine will accumulate a lot of unused software and settings. I like to start fresh every year or two. My notes have the essentials. If I set up a new machine and notice that an application or setting is missing, I update the notes. I’ve mentioned to a coworker that I have notes on macOS setup and she asked if I could make it public. App Store The first thing I install and the only app I download from the App Store is Divvy, a window manager. I know there are others, but I’ve been using this one for more than a decade and it works just fine. Homebrew The next thing I install is Homebrew, a package manager for macOS. I use it to install pretty much everything else. Firefox Then I install my favorite browser, Firefox. brew install firefox Next, a few Firefox addons: DuckDuckGo Privacy Essentials Facebook Container LastPass Password Manager uBlock Origin Croatian and English dictionaries Applications Then I install[…]

    29.09.2022 | 7:00 קרא עוד...
  • Postman’s Knock 3

    [TL:DR – a thorough account of how a trusted organisation prosecuted 900 of its own people for crimes they did not commit, extracted large amounts of money from them and sent a good few to prison. They then covered this up for 15 years. 10% of the revenue from sales goes to the fund to assist Sub-postmasters in their claims. Buy this book!] Regular readers may recollect that I’ve been making a big thing out of the Horizon scandal in the UK Post Office – and rightly so, for it is truly scandalous. I have now read Nick Wallis’ account of his uncovering of the scandal and the fight for justice for the 900 or so people wrongly prosecuted by the Post Office for a failure in software testing, which was magnified many times by a client who accepted at face value a contractor’s assertion that a deployed system was without faults (which any of us would instantly know to be an astonishing claim and almost certainly untrue), but then compounded matters by making strenuous efforts to push that belief to all who queried the integrity of the system. In the course of things, this may well mean that various people perjured themselves and/or may have committed the crime of conspiracy to pervert the course of justice. Nick Wallis’ book is a detailed account of his involvement with the campaign, from his first coming into contact with one case locally, up to August 2021 when the Post Office’s case had[…]

    29.09.2022 | 6:19 קרא עוד...
  • Load Testing Your Web Infrastructure: Please Be Careful. Part 3

    In the Part 2 story, we saw what a load testing tool can do when it is used by someone who doesn’t have the right knowledge and skill about the tool and underlying systems. However, you also need to understand the environment where you would need to use the tool. Creating and using test environments that are optimized for load and performance testing is a must. If you use these tools on a regular network, you will likely disrupt everyone else at the office, causing lost productivity and extra work for IT staff. The last thing you want to do is try them out at home, and end up blacklisted by your ISP (internet service provider). Bye Bye Network! After a while, I was an old hand at load and performance testing. To bolster my hands-on experience, I attended workshops on how to overcome technical restrictions, how to accurately analyze the data and find problems others would miss, how to write reports and describe risk and problems, and I was adept with a handful of tools. I started to get hired for performance and load testing gigs, and under the right circumstances, I had some rewarding and fun projects. I worked with a lot of talented people with vastly different skills, and learned from each of them. Since I had a lot of retail and telco experience, a work friend asked me to come in to help him with a large retail system that was going through an upgrade. One[…]

    29.09.2022 | 4:18 קרא עוד...
  • Load Testing Your Web Infrastructure: Please Be Careful. Part 2

    In the Part 1 story, time, money and effort were wasted. This story is much more serious. Load and performance testing tools can be simple to get started on, but they belie a good deal of complexity. In other words, a little knowledge can be a dangerous thing. While the tool may look simple, and like there isn’t a lot going on, they have a lot of power and can unleash mayhem on a system. To simulate adequate load, the tools are generating a lot of traffic, which can have unintended consequences unless you know what you’re doing. Using record/playback can be handy when someone has skill and understanding of what they are doing, but when used by someone who is unskilled, can unleash absolute misery. Just because you can use a tool and generate load doesn’t mean that you should. A Complete Clusterfuck A year after the Part 1 story, I was brought in to work with some Agile teams that were helping an overwhelmed IT department. Load and performance testing were brought up, but since I had been down that road before, I explained the work and potential pitfalls to stakeholders. They agreed we should treat it as a separate project, and use a cross functional team. However, a high powered consultancy had brought in a team who were desperate to show their mettle. They were skilled, they had a great reputation for turning projects around, but they were extremely arrogant. I was pulled into a meeting with[…]

    29.09.2022 | 4:12 קרא עוד...
  • Load Testing Your Web Infrastructure: Please Be Careful. Part 1

    Now that I am on the product management side of software projects, I don’t deal with testing approaches in my day-to-day work very much. I get info about product quality criteria, quality goals and metrics, information on testing status and quality, or show stoppers that require attention. Unless I want to dig deeper, I don’t hear much about the actual testing work. Once in a while though, something big pops up on to my radar, usually because there is a threat to a product release, or there is a political issue at play. In those moments, my background as a software tester comes in handy. Recently, my testing experience was called into action, because of project controversy about load testing. There were some problems with a retail system in production, and poor performance was blamed. The tech team did not have the expertise or budget for load testing, and were instead pushing the sales team to take responsibility for that testing. The sales team didn’t have any technically minded people on their team, so they approached marketing. The marketing team has people with more technical skills, so a manager decided to take on that responsibility. They asked the team for volunteers to research load testing, try it out, and report back to the technical team. I happened to overhear this, and began waving my arms like the famous robot from Lost in Space who would warn about impending danger by saying: “Danger, Will Robinson!” This is out of character for[…]

    29.09.2022 | 3:46 קרא עוד...
  • New-to-me ideas from Targeting Quality 2022!

    New-to-me ideas from Targeting Quality 2022! I just got back from Targeting Quality 2022, a lovely conference put on by KWSQA in Cambridge, Ontario. This was a great opportunity for me, because the early bird ticket was affordable, and I can drive there! Yes, it takes eight hours, and across the border. I’m from the West, so that’s no distance at all to me. As a huge bonus, I got to carpool part of the way with Fiona Charles (source of the 10+1 Commandments for Ethical Techies in the featured image here, and I’ve shared some notes from her awesome keynote at the bottom of this post!) I have many pages of sketch notes from the sessions I attended. I’m going to share the best ideas and “aha” moments for me. Unlike many of my friends, my drawings and notes are intelligible only to me, so I will use only words here! Day one of the conference was workshops. I’m going to only share about Day two, the track sessions and keynote. The day got off to a wonderful start with KWSQA President Tina Fletcher explaining “Truth and Reconciliation”. She explained that KWSQA’s office is on land that belonged to indigenous people. KWSQA supports afternoon activities for kids with The Healing of the Seven Generations. I never heard anything like this at another conference in North America, I hope more conferences will adopt this. Socializing for Heuristics My first “aha” moment was that Powerpoint does live captions! Hilary Weaver-Robb used them in her session on  “Socializing[…]

    29.09.2022 | 2:30 קרא עוד...
  • NIMA Mastercourse Agile Marketing Transformation

    Together with Marc Nieman, Misha van Hamersveld and Roald Tichelaar and Marielle Roozemond we provide the NIMA Mastercourse Agile Marketing Transformation. How do you give concrete substance to the mindset shift that marketing teams will go through in the coming years to keep their way of work in line with the developments in the organisation and beyond? This week Marc, Misha. Marielle and Roald hosted day one of the masterclass (see photo). Next Tuesday I team up with Marielle to do day 2 of the training. I will host a workshop on continues improvement where the marketeers will move away from campaigns that are designed upfront. We will define risk based experiments (or tests if you like to call them) to learn and validate your approach. Will be fun, I am looking forward to the event.

    29.09.2022 | 7:28 קרא עוד...
  • Five Tips for Effective Teams

    Five Tips for Effective Teams Time after time, whenever I start working in a new team, I find myself gravitating towards the same five practices. I find that once they are in place, our day-to-day work seems to become smoother. Single backlog for all work items One of the first things I do when I start in a new place […]

    29.09.2022 | 5:48 קרא עוד...
  • Five Blogs – 29 September 2022

    The (best) five blogs we can read today. Check them out. Dictator or Liberator Written by: Anne-Marie Charrett Why We Stay in Bad Jobs Too Long Written by: Gregg Vanourek How to Overcome Negativity in Your Life Written by: Frank Sonnenberg The Space Opportunity Written by: Steve Keating WhatsApp “zero-day exploit” news scare – what you need to know Written by: Paul Ducklin Quote of the day: “Isn’t it strange that we talk least about the things we think about most?” -Charles Lindbergh You can follow this page on Twitter

    29.09.2022 | 12:19 קרא עוד...
  • How to reduce the scope of testing during testing

    It is common to reduce the scope of testing before the test. In my test charters I use things like feature to be tested or planned time. For me this is a way to prioritise my tests. Here are some stories about scoping testing in full testing mode. Reported as usual This story happened in … Continue reading How to reduce the scope of testing during testing →

    28.09.2022 | 1:12 קרא עוד...
  • On the Shoulders of 112 Giants

    On the Shoulders of 112 Giants In my book "Goal-Aligned Test Strategies," I draw extensively on the work of others. This is a reference post to further credit my reviewers and to list the 112 references in the book.

    28.09.2022 | 12:54 קרא עוד...
  • My Arxta-Moment

    My Arxta-Moment Stick around long enough in the consulting business, and you might notice something I will coin the Arxta-Moment in this blog entry. I’m pretty sure, I’m not the first one to notice this, yet, I’m unaware of someone giving it a name. Let’s explore some history, and look for some advice from Jerry. Craftsmanship over Crap Uncle Bob Martin probably had his Arxta-Moment back in 2008. At the Agile conference, he held a keynote with the key message, that they forgot to include a fifth value pair in the Agile manifesto: Craftsmanship over Crap. Eventually, after the conference, he reframed it to really mean Craftsmanship over Execution, and the Software Craftsmanship movement started to form shape later in that year. I did not attend the Agile 2008 conference. Mostly, I read about the keynote at the time from Gojko’s blog. Uncle Bob Martin was among the people at the 2001 Snowbird, Utah meeting where the group ended up writing down the Agile Manifesto. Basically, he organized the event and got the group together. Merely seven years later, Uncle Bob noticed that people became more interested in the latest tools around Agile development rather than trying to incorporate the message at the core of the whole movement. People and Interactions over Processes and Tools over the span of merely seven years had become merely a suggestion you don’t need to follow if you are a tool vendor – or find the excuse to work in a distributed company, potentially with more[…]

    28.09.2022 | 9:45 קרא עוד...
  • Diversifying Heuristics with Social Media part 2

    Yesterday, I was finally able to give my talk “Socializing for Heuristics: How Social Media Made Me a Better Tester (and Human)” at Targeting Quality 2022 in Cambridge, Ontario, Canada. I talked about it in my last post Diversifying Heuristics with Social Media and I’m so glad I was finally able to give the talk! At the end of the talk I shared a link to the resources, including the Diversifying Heuristics Cheatsheet. This is a heuristics cheatsheet that I put together with all of the things covered in the talk. They’re a starting point for when you’re testing, or planning a feature. Things to keep in mind, and ways to approach your application, to help make it more inclusive all around. Not just accessibility, while that’s important, but inclusion. There are more resources available in Github, including the slides: https://github.com/g33klady/DiversifyingHeuristics. One of the talks I reference is Combating Bias with Heuristics of Diversity by Ash Coleman. Ash really lays out how to approach your life using heuristics of diversity and it’s a great basis for my talk where I apply the same principles but to our testing and software that we build. I think seeing Ash’s talk at TestBash Brighton in 2019 planted the seeds for my talk. It’s not hard to be inspired by Ash! I hope to be able to give the talk again, and evolve the talk as I get more examples of ways software can feel excluding (as well as inclusive). The post Diversifying Heuristics with Social Media part 2[…]

    28.09.2022 | 8:28 קרא עוד...
  • Five Blogs – 28 September 2022

    The (best) five blogs we can read today. Check them out. Web API Testing in a Nutshell Written by: Sanjeev Kumar Approaches to contract testing Written by: Bas Dijkstra Test Automation Framework · Reporting & Observability (Part 1) Written by: Damian Moga Metrics for Testing- Guide to Quality Assurance Written by: Aroni Das Hackers are testing a destructive new way to make ransomware attacks more effective Written by: Danny Palmer Quote of the day: “Everything alters me, but nothing changes me.” -Salvador Dalí You can follow this page on Twitter

    28.09.2022 | 1:13 קרא עוד...
  • What Is Moonlighting in IT, Is it ethical? Do I Support It?

    Moonlighting : It means, to have a second job, typically secretly and at night, in addition to one’s regular employment. *Ignore my pronunciation 👉Become a Software Tester even as a Fresher. https://thetestingacademy.com https://www.outlookindia.com/business/what-is-moonlighting-here-s-why-wipro-fired-300-employees-for-doing-it-news-225205 Moonlighting : It means, to have a second job, typically secretly and ... Read more The post What Is Moonlighting in IT, Is it ethical? Do I Support It? appeared first on Software Testing & Automation.

    28.09.2022 | 12:22 קרא עוד...

חדשות מעולם הבדיקות

  • The Deliberate Tester – Chapter 5: Logged In

    The Deliberate Tester – Chapter 5: Logged In Back in 2011, I approached Rob Lambert at the Software Testing Club on a small series, packed into a narrative format as I wanted to try that out. Rob decided to run that series on the Software Testing Club back then, and I had some fun writing it. Skip forward 11 years, and the Software Testing Club no longer exists, it’s been a while since I have been in touch with Rob, yet I figured, let’s see how this series aged over the years. As a sort of throwback Friday for myself, I will publish the entries on a weekly basis, and read along with you. I think I ended up with eight chapters in the end and might add a reflection overall at the end. In case you want to catch up with the previous parts, I published these ones earlier: Chapter 1: Session-based explorationChapter 2: Facing the Business with AutomationChapter 3: Fallacies and PitfallsChapter 4: The Challenge The Deliberate Tester Chapter 5: Logged In “Ok, April, tell me about the business rules for the login.”“Alright, Peter. Users may log in using a previously created username and a password. The username is given by the system administrator. Any letters or digits shall be allowed. The password has to include at least two letters, at least two digits, and at least one symbol, while being at least 8 characters long.”“So, this is also checked at the login screen?”“Yes. To avoid a security hole storing wrong passwords in the database.”“In that[…]

    30.09.2022 | 9:45 קרא עוד...
  • Selecting dependencies

    Selecting dependencies Open source software is everywhere. Most likely you are using some open source projects either at work and/or in your side projects.Pros and cons of using dependenciesOne of the upsides of using Java as a programming language, is that there are libraries and frameworks available to do many of the things we want to do in our projects, but don’t necessarily want to write ourselves. Using existing libraries and frameworks helps us deliver business value faster.Unfortunately, there are also downsides to using external dependencies. The most dangerous being when security vulnerabilities are found in libraries many of us use, like the Log4Shell vulnerability in the log4j logging library that was disclosed in December 2021 and the Spring4Shell vulnerability in Spring in March 2022. These vulnerabilities were so severe that we had to patch all our services ASAP. Even if the version of a dependency you use does not have any known vulnerabilities, you might need to update them for other reasons.In addition, adding dependencies to your project also has an impact on the size of your binary. For example, Brian Vermeer has created a demo to show the number of lines of code written versus number of lines pulled in by Spring. Granted, he admits that “this was the most useless Rest endpoint you could ever write”, but this demo clearly shows how the code pulled in by dependencies can overshadow to amount of code you write yourself.A balancing actThis means we have to think carefully about which dependencies we want to[…]

    30.09.2022 | 2:37 קרא עוד...
  • Five Blogs – 30 September 2022

    The (best) five blogs we can read today. Check them out. How To Reduce The Scope Of Testing During Testing Written by: Han Toan Lim Schwerpunkt: The Killer Strategic Concept You’ve Never Heard Of (But Really Need To Know!) Written by: Greg Satell The Future of QA in DevOps Written by: Amy Hawman On the Shoulders of 112 Giants Written by: Jesper Ottosen Fake Accounts Are Not Your Friends Written by: Jonathan Care Quote of the day: “People who don’t appreciate your presence, only deserve your absence” -Alexander Auron You can follow this page on Twitter

    30.09.2022 | 12:52 קרא עוד...

טיפים

  • הערכות זמנים הינן תהליך חשוב להצלחת הבדיקות
    הערכות זמנים הינן תהליך חשוב להצלחת הבדיקות הערכות זמנים הינן תהליך חשוב להצלחת הבדיקות לא תמיד יעזור להוסיף בודקים  - זכרו "תשע נשים לא יולדות בחודש..." להוספת בודקים יש עלויות נלוות של הכשרה, ניהול ועוד. לעיתים קרובות ניתן לשפר היעדים מבלי לפגום באיכות…
    קרא עוד...
  • בודקים - זכרו כי מדובר באנשים
    בודקים - זכרו כי מדובר באנשים בודקים - זכרו כי מדובר באנשים "זכרו כי מדובר באנשים" (Tony Bruce) – בסופו של יום – כל מוצר ותוכנה מיועד לשרת צרכי אנשים. לעיתים מדובר בקהל אבסטרקטי שאיננו מכירים באופן אישי ואין לנו גישה אליו,…
    קרא עוד...
לרשימה המלאה >>