RSpec Testing

Config in env vars, not code. Never commit .env. Commit .env.example. Never hardcode secrets.

xUnit preferred (modern, parallel). NUnit also good. Use `[Fact]`/`[Theory]` or `[Test]`/`[TestCase]`.

Passwords: bcrypt. API keys: encrypt. PII: field-level encryption. Never log sensitive data.

Use latest stable versions. Fix breaking changes—don't avoid upgrades. Check official registries.

Small, focused commits. Use: feat/fix/refactor/test/docs/chore. Each commit independently deployable.

Built-in testing package. Table-driven tests. `go test -v ./...`. Use testify for assertions if needed.

JUnit 5 (Jupiter) for all tests. Use `@Test`, `@BeforeEach`, `@ParameterizedTest`. Mockito for mocking.

Pest is Laravel's default testing framework. Expressive syntax. Use arch tests for architecture rules. describe/it blocks.

No excuses: 'pre-existing', 'unrelated', 'tedious', 'for now'. Recognize and continue working.

User and tests define done. Don't redefine scope or declare partial progress as complete.

You wrote every line. No 'pre-existing issues'—only issues you haven't fixed yet.

PHPUnit for all tests. Use data providers for parameterized tests. Pest for simpler syntax if preferred.

unittest for simple cases or legacy code. TestCase classes. setUp/tearDown. Prefer pytest for new projects.

pytest with fixtures and parametrize. Simple asserts, rich plugin ecosystem.

Rails.application.credentials for secrets. `rails credentials:edit`. Environment-specific credentials. Never commit master.key.

Minitest only—no RSpec. Rails default, fast, simple, fixtures-integrated.

`cargo test` for all tests. Doc tests in comments. Integration tests in tests/. `#[cfg(test)]` modules.

Auth: bcrypt/argon2 for passwords, rate limiting, secure sessions/tokens. Authz: check permissions on every request, use policy objects or middleware.

Force SSL, redirect HTTP→HTTPS, secure cookies (Secure/HttpOnly/SameSite), HSTS headers.

Allowlists, not denylists. Validate type/length/format. Sanitize HTML. Parameterized queries only.

Swift Testing (@Test, #expect) for new code. Cleaner syntax than XCTest. Parameterized tests with @Test(arguments:). Parallel by default.

Test real instances. Mocking the class under test hides bugs.

Fix failures immediately. No skipping, no "pre-existing issues." Own the codebase state—a test suite with ignored tests can't be trusted.

Test public interfaces, inputs/outputs. Tests must survive refactoring. Don't test private methods.

1) Write failing test 2) Minimum code to pass 3) Refactor. Every line has a reason.

Jest for unit/integration tests. `describe`/`it` blocks. Mock with jest.mock(). Snapshot testing sparingly.

Vitest for Vite-based projects. Jest-compatible API. Native ESM. Use @testing-library for components.

Cypress for E2E tests. Commands for reusable actions. cy.intercept() for network. Avoid flaky selectors.

Playwright for multi-browser E2E. Auto-wait for elements. Trace viewer for debugging. Parallel execution.

Mock only: external HTTP APIs, time, filesystem side effects, third-party services. Use real implementations for internal services, database, and business logic.

Mocha with Chai assertions. describe/it blocks. Sinon for mocking. async/await in tests.

Integration tests for full request/response cycle. Unit tests for complex logic, edge cases, performance.

Use consistent test data setup: fixtures for stable reference data, factories for dynamic scenarios. Avoid inline object creation scattered throughout tests.

Capybara for system tests. Use semantic selectors. Wait for async. Headless Chrome in CI.

RSpec describe/context/it. let/let! for setup. FactoryBot for data. Avoid excessive mocking.

One logical concept per test. Multiple asserts OK if same concept. Clear test names describing behavior.

Verify changes locally: run app, run tests, check for errors. CI catches environment issues, not basic bugs.

Format → Lint → Test before every commit. Never rely on CI for basic checks.