Skip to content

Daily Test Coverage Improver - Research and Plan #11

Open
Open
Daily Test Coverage Improver - Research and Plan#11
@github-actions

Description

@github-actions
github-actions
bot
opened on Feb 22, 2026

Current State of Test Coverage

Existing Test Infrastructure

The repository has a mixed JavaScript/TypeScript and Python codebase with testing infrastructure already in place:

JavaScript/TypeScript Testing:

  • Framework: Vitest with @vitest/coverage-v8
  • Test location: tests/ directory
  • Current tests:
    • tests/ContactForm.test.tsx - Comprehensive React component tests (285 lines)
    • tests/unit/emailValidation.test.ts - Email validation unit tests
  • Testing library: @testing-library/react for component testing
  • Configuration: vitest.config.js exists

Python Testing:

  • Framework: pytest with pytest-cov
  • Test location: tests/ directory
  • Current tests:
    • tests/test_contact_handler.py - Server-side handler tests (currently has import errors)
    • tests/unit/test_validation.py - Validation unit tests (currently has import errors)
    • tests/integration/test_api_endpoints.py - API integration tests
  • Configuration: pytest.ini exists

Current Coverage Status:
The most recent coverage run (from coverage-steps.log) shows:

  • ❌ JavaScript tests failed due to Node.js version compatibility issue (Node 18 vs required 20+)
  • ❌ Python tests failed due to import errors in test files
  • No coverage data was successfully generated yet

Code Structure Analysis

Frontend Code (~1000 lines total):

  • main.js - Main application entry point with form handling
  • src/components/ContactForm.tsx - React contact form component
  • src/api/contact.ts - API client functions
  • src/utils/validation.ts - Validation utilities
  • index.html - Main HTML page

Backend Code (~363 lines total):

  • server/contact_handler.py (363 lines) - Comprehensive GDPR-compliant contact form handler with:
    • ContactFormData dataclass with validation
    • AuditLogger for compliance tracking
    • DataRetentionManager for GDPR retention policies
    • ContactFormHandler with rate limiting
    • GDPR data export/deletion handlers
  • backend/api/users.py - User API endpoints (content not inspected yet)

Test Coverage Improvement Plan

Phase 1: Fix Existing Tests (Prerequisite)

Before improving coverage, we need to fix the existing broken tests:

  1. Fix Python import errors:

    • tests/test_contact_handler.py - Attempting to import non-existent classes from server/contact_handler.py
    • tests/unit/test_validation.py - Attempting to import from non-existent src.utils.validation module

  2. Address Node.js version issue: The build logs show Vite 7 requires Node.js 20+, but the environment is running Node.js 18

Phase 2: Strategy for Systematic Coverage Improvement

High-Priority Areas (Well-Defined, Testable)

1. Backend Python Coverage - server/contact_handler.py

  • Current state: Comprehensive code (363 lines) with minimal test coverage
  • Opportunities:
    • Unit tests for ContactFormData validation edge cases
    • Unit tests for AuditLogger event logging
    • Unit tests for DataRetentionManager policy calculations
    • Unit tests for hash_ip_address, sanitize_user_agent, validate_csrf_token utility functions
    • Integration tests for ContactFormHandler.process_submission with various scenarios
    • Tests for GDPR data export/deletion handlers
  • Estimated coverage gain: 60-80% of backend code

2. Frontend JavaScript - main.js

  • Current state: ~100+ lines with no test coverage
  • Opportunities:
    • Unit tests for form handling functions
    • Tests for GDPR compliance initialization
    • Tests for accessibility initialization
    • Tests for user interaction logging
  • Estimated coverage gain: 50-70% of main.js

3. API Layer - backend/api/users.py

  • Current state: Unknown coverage
  • Opportunities:
    • API endpoint tests
    • Input validation tests
    • Error handling tests
  • Estimated coverage gain: TBD after inspection

4. Utility Functions - src/utils/validation.ts and src/api/contact.ts

  • Current state: Some coverage from ContactForm tests
  • Opportunities:
    • Direct unit tests for all validation functions
    • Edge case testing for email, phone, input sanitization
    • Mock-based tests for API client functions
  • Estimated coverage gain: 80-90% of utility code

Testing Organization

Structure:

  • tests/unit/ - Pure unit tests for individual functions/classes
  • tests/integration/ - Integration tests for APIs and workflows
  • tests/ (root) - Component and feature tests

Naming conventions:

  • JavaScript: *.test.{js,ts,tsx}
  • Python: test_*.py

Phase 3: Advanced Coverage Strategies

  1. Property-based testing - For validation functions, use property-based testing to generate edge cases
  2. Mutation testing - Verify test quality by introducing mutations
  3. Integration test expansion - End-to-end workflows covering multiple components
  4. Error path coverage - Ensure all error handlers and exception paths are tested
  5. Security testing - XSS, injection, CSRF validation tests

Commands to Execute Tests and Coverage

Build the project:

npm run build

Run JavaScript/TypeScript tests:

npm run test              # Run tests
npm run test:coverage     # Run with coverage report

Run Python tests:

pytest tests/                                    # Run all tests
pytest --cov=server --cov=backend tests/         # With coverage
pytest --cov=server --cov=backend --cov-report=html tests/  # HTML report

Generate combined coverage:
The coverage steps action at .github/actions/daily-test-improver/coverage-steps/action.yml automates this process.

Coverage Measurement Approach

  • JavaScript/TypeScript: Coverage reports generated in coverage/js/ with v8 provider
  • Python: Coverage reports generated in coverage/python/ with pytest-cov
  • Combined reporting: Aggregated summary in coverage/combined/summary.md

Expected Challenges

  1. Environment compatibility: Node.js version requirements for Vite
  2. Import path resolution: Python module imports need proper structure
  3. Mocking complexity: React component testing requires proper DOM mocking
  4. GDPR compliance testing: Testing audit logs and data retention without production dependencies
  5. Rate limiting tests: Testing time-based rate limiting requires careful time mocking

Success Metrics

  • Target overall coverage: 70-80% for production code
  • Critical path coverage: 90%+ for security and compliance code
  • Test quality: All tests should be meaningful, not just coverage-seeking
  • Maintainability: Tests should follow existing patterns and be easy to understand

Identified Opportunities for High-Impact Coverage

1. Security and Compliance Testing (Highest Priority)

The server/contact_handler.py file contains critical security features that need comprehensive testing:

  • CSRF validation
  • Rate limiting
  • Input sanitization
  • XSS prevention
  • GDPR data handling

2. Edge Case Coverage

Current tests focus on happy paths. Need systematic edge case testing:

  • Boundary values (empty strings, max length inputs)
  • Invalid formats (malformed emails, dangerous content)
  • Null/undefined handling
  • Concurrent request scenarios

3. Integration Points

Test the seams between components:

  • Frontend → API → Backend flow
  • Form validation → Submission → Audit logging
  • Error handling across layers

Questions for Maintainers

  1. Node.js version: Can we upgrade the CI environment to Node.js 20+ to match Vite 7 requirements?
  2. Python module structure: Should we reorganize imports to use absolute imports with a package structure?
  3. Coverage targets: Are there specific coverage percentage targets for this project?
  4. Test dependencies: Any restrictions on test dependencies or mocking libraries?
  5. CI integration: Should coverage reports be automatically posted to PRs?

How to Control this Workflow

You can manage this workflow using the following commands:

Disable the workflow:

gh aw disable daily-test-improver --repo microsoftgbb/corporate-website

Enable the workflow:

gh aw enable daily-test-improver --repo microsoftgbb/corporate-website

Run the workflow manually:

gh aw run daily-test-improver --repo microsoftgbb/corporate-website --repeat (number-of-repeats)

View workflow logs:

gh aw logs daily-test-improver --repo microsoftgbb/corporate-website

What Happens Next

  • Phase 2 (Next run): The workflow will analyze the codebase to create a coverage steps configuration file at .github/actions/daily-test-improver/coverage-steps/action.yml

    • This configuration will define the exact commands needed to build, test, and generate coverage reports
    • A pull request will be created for review before the configuration is used

  • Phase 3 (Subsequent runs): Once the configuration is merged, the workflow will begin implementing actual test coverage improvements

    • Each run will select an area of low coverage
    • Write meaningful tests to improve that area
    • Create draft pull requests with measurable coverage improvements

  • Repeat mode: If running with --repeat, the workflow will automatically proceed to the next phase without waiting for human review

  • Human review: You can add comments to this discussion at any time to provide feedback, adjust priorities, or clarify requirements. The workflow will read and incorporate your feedback in subsequent runs.

Note: This was intended to be a discussion, but discussions could not be created due to permissions issues. This issue was created as a fallback.

AI generated by Daily Test Coverage Improver

To add this workflow in your repository, run gh aw add githubnext/agentics/workflows/daily-test-improver.md@e43596e069e74a65cd7d93315091672d278c2642. See usage guide.

  • expires on Mar 1, 2026, 9:16 AM UTC

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions