Hypermark employs a comprehensive testing strategy that ensures privacy, security, and reliability across all components. Our testing infrastructure includes unit tests, integration tests, and security validation.
- Unit/Integration Testing: Vitest with jsdom environment
- Coverage: V8 coverage with 80% minimum thresholds
- Security Testing: Dedicated workflows for cryptographic components
- CI/CD: GitHub Actions with parallel execution and automated reporting
- Component logic and behavior testing
- Service layer validation
- Utility function verification
- 95% coverage required for security-critical components
- Cross-service interaction testing
- Storage and persistence validation
- Cryptographic workflow testing
- Cryptographic operation validation
- Key management testing
- Pairing protocol security verification
- Automated security regression prevention
# Run all unit tests
npm test
# Run tests with coverage
npm run test:coverage
# Run security-focused tests
npm run test:security
# Run tests in watch mode
npm run test:watch
# View test UI
npm run test:uihypermark/
├── docs/testing/ # Testing documentation
├── src/ # Application source
│ ├── **/*.test.js # Unit/integration tests
│ └── test-utils/ # Test utilities
├── vitest.config.js # Vitest configuration
└── .github/workflows/ # CI/CD pipelines
- Global Minimum: 80% for statements, branches, functions, and lines
- Security Components: 95% coverage required
- Critical User Flows: 90% coverage required
Security-critical files requiring 95% coverage:
src/services/crypto.jssrc/services/pairing-code.jssrc/services/key-storage.jssrc/components/pairing/PairingFlow.jsx
-
Main Test Pipeline (
.github/workflows/test.yml)- Runs on every push and PR
- Matrix testing across Node.js 18.x and 20.x
- Coverage reporting and PR comments
-
Security Testing (
.github/workflows/security-tests.yml)- Triggered by changes to security files
- Enforces 95% coverage on critical components
- Notifies security team on failures
-
Performance Testing (
.github/workflows/performance.yml)- Weekly performance benchmarking
- Memory usage monitoring
- Large dataset handling validation
- No real user data in tests
- Cryptographic operations use test keys
- Network communications are mocked or sandboxed
- All cryptographic functions have dedicated tests
- Key generation and storage are thoroughly validated
- Pairing protocols tested against various attack scenarios
- Large dataset handling (1000+ bookmarks)
- Memory usage tracking and leak detection
- Search performance under load
- Sync performance with network conditions
- Multi-device pairing simulation
- Real-time sync validation
- Conflict resolution testing
- Network resilience validation
import { render, screen } from '@testing-library/react';
import userEvent from '@testing-library/user-event';
test('component behavior', async () => {
const user = userEvent.setup();
render(<Component />);
await user.click(screen.getByRole('button'));
expect(screen.getByText('Expected')).toBeInTheDocument();
});import { vi } from 'vitest';
import { cryptoService } from '../services/crypto';
test('service functionality', async () => {
const mockFunction = vi.fn().mockResolvedValue('result');
const result = await cryptoService.operation();
expect(result).toBe('expected');
});See Troubleshooting Guide for common issues and solutions.
See Testing Guidelines for information on writing and maintaining tests.
See Testing Architecture for detailed technical implementation details.