On ISO 29119 Feb 3, 2023 ISO 29119 is a standard on software testing that was published in 2012/13 in 5 parts, and today has 8 published parts (the most recent being Part 13 - standards bodies are weird). The standard attempts to codify the practice of all testing, as applies to all software. It defines vocabulary, processes, governance, management, techniques, and a lot of documents. Having reviewed the supporting and opposing opinions from leaders in the industry (since I’m not actually gonna pay the £150-300 per chapter to read this in full), I have come to the conclusion that I do not support this standard, and stand firmly opposed to its usefulness, its applicability to software testing, and ideally its existence whatsoever. ...
Is it a bug? Jan 13, 2023 What counts as a bug? Heads-up: This post won’t get into IEEE discussions of Fault vs Failure, neither will it look at ISTQB, ISO, or any other body’s definition of words that may or may not apply within a given context. If a bug is a breakage of some kind that we want to fix, where is the line? What makes it a bug? Or, what makes something not a bug? ...
Can you automate a tester? Dec 2, 2022 This post heavily inspired, interpreted, somewhat plagiarised (badly) from James Bach’s keynote talk at CAST 2014, and mixed in with a conversation with Nastya Miskovych about what we’d just seen. “I want to reach 100% automated testing” — Many people in many orgs, many times Wanting additional confidence from your builds is good. Wanting to not waste people’s time with repetitive activity is good. Can you, though, reduce your future salary bill by replacing a tester with code and with pipelines? ...
The Iceberg of Inferred Acceptance Criteria Nov 25, 2022 When refining a ticket at Peppy (and likely lots of other places) we come up with Acceptance Criteria, deemed to be “The stuff that needs to be done in order to ship”. A piece of work must meet these criteria in order to ship. They’re inherently incomplete. They can’t possibly list everything. If a piece of software met the acceptance criteria, but damaged a user’s device while doing it, we wouldn’t ship it. ...
Security Testing: Everything but the pentest May 11, 2021 When most think of a security test, it conjures images of Hollywood-style hacking. For those who work in the software industry, it still conjures images of an employee or contractor attempting to hack “for good” so that the flaws can be fixed before a bad actor finds them. I want to talk about the other stuff. The rest of the work that goes into testing for security that isn’t a tool-assisted investigation of a live (or live-like) deployment of the software. ...
Celebrating the Heterogeneity of Engineering May 3, 2021 Alternative titles I considered: “The Argument Against Knowledge Sharing”, and “Yet Another Post About Story Points”. I was reading an excellent introductory article about collective computing recently, where it talked through the modes and advantages, about how it learned and adapted and so on. One of the key parts was about how a highly successful network was not one of identical nodes with identical sensors and capabilities, but one where individual nodes had different capabilities and could bring those to bear on different tasks, improving the overall achievement of the network. ...
Remote Work & The Pandemic Mar 24, 2021 Yeah, I know, another blog post about how someone sits at home on a laptop because everyone is scared of other humans. But wait! I was at home already. Surevine (my employer) is and always has been a Remote First company. There is no office, no building or door with our logo on it (which is frankly a shame, because the logo is awesome - we were doing green back when blue logos were still all the rage). ...
From automation to learning, and back again Nov 4, 2020 In May 2019, I was sat at my desk, filling in a timesheet, wondering yet again if I’d actually done the correct number of hours. My company runs a flexible working policy, where, whilst a day is 7½ hours and there’s 5 days in a regular week, that doesn’t mean that you have fixed working patterns or need to stick to a fixed number of hours in a day, so long as it remains compatible with your team and you get all of your hours done eventually. ...
Three Things I Learned This Week - 29th Feb 2020 Feb 29, 2020 To see why I write these, see my first post in this series. This week: Two weeks ago, Kristin Jackovny wrote about why she like Cypress. This week it was followed up by a more in-depth look at using HTTP requests in UI tests in Cypress. Whilst the article doesn’t explicitly call it out, this interestingly blurs the testing pyramid between UI and API tests - where the UI tests isn’t specifically focussed on authentication, this could save a considerable amount of time cumulatively across a suite of tests. ...
Three Things I Learned This Week - 22nd Feb 2020 Feb 22, 2020 To see why I write these, see my first post in this series. This week: iOS Network Extensions look like an awesome way to achieve some things that are easier on Android, but still not often used (like starting a VPN, or creating a proxy server). Whether it’s hard or easy, rarer used technologies are harder to search for on Stack Overflow. Amazon have launched “multi-attach” for EBS volumes. That means you can attach a disk to sixteen computers at the same time. ...