Daily Test Coverage ImproverResearch and Plan

[github-actions]

Test Coverage Research Summary

I've analyzed the current state of testing in this repository and identified opportunities for systematic test coverage improvement.

Current Testing Infrastructure

Testing Frameworks:

• JavaScript/TypeScript: Vitest with v8 coverage provider
• Python: pytest with pytest-cov plugin
• Accessibility: axe-core, pa11y, lighthouse-cli

Test Organization:

• tests/ContactForm.test.tsx - React component tests (284 lines)
• tests/unit/emailValidation.test.ts - TDD email validation tests (426 lines)
• tests/unit/test_validation.py - Python validation tests (15 lines)
• tests/integration/test_api_endpoints.py - API integration tests (19 lines)
• tests/test_contact_handler.py - Contact handler tests (333 lines, currently broken)

Commands for Testing:

# JavaScript/TypeScript
npm test                     # Run all JS/TS tests
npm run test:coverage        # Run with coverage report

# Python
pytest                       # Run all Python tests
pytest --cov=backend --cov=server --cov-report=html --cov-report=json  # With coverage

# Combined
npm run test:coverage && pytest --cov  # Run both test suites

Source Code Inventory

JavaScript/TypeScript (673 lines):

• src/api/contact.ts (260 lines) - GDPR-compliant form submission, audit logging
• src/utils/validation.ts (216 lines) - Email validation, sanitization, rate limiting
• src/components/ContactForm.tsx (183 lines) - React form component with accessibility
• frontend/components/Header.tsx (14 lines) - Simple header component

Python (378 lines):

• server/contact_handler.py (362 lines) - Server-side form handling, GDPR compliance
• backend/api/users.py (16 lines) - FastAPI user endpoints

Current Coverage Status

From coverage/combined/summary.md, I can see that combined coverage reports are being generated. However, recent logs show test failures preventing accurate coverage measurement:

Issues blocking coverage:

1. Import errors in tests/test_contact_handler.py (trying to import non-existent ContactHandler class)
2. Module errors in tests/unit/test_validation.py (trying to import from wrong path)

Test Coverage Improvement Plan

Phase 2: Coverage Steps Configuration

Create .github/actions/daily-test-improver/coverage-steps/action.yml with steps to:

1. Install Python dependencies (pytest, pytest-cov)
2. Install Node.js dependencies (vitest, @vitest/coverage-v8)
3. Run Python tests with coverage: pytest --cov=backend --cov=server --cov-report=html:coverage/python --cov-report=json:coverage/python/coverage.json
4. Run JavaScript/TypeScript tests with coverage: npm run test:coverage
5. Generate combined coverage summary
6. Upload coverage artifacts

Phase 3: Systematic Test Coverage Improvement Strategy

Priority Areas (High Value, Low Current Coverage):

1. src/api/contact.ts - GDPR & Security Functions

   • submitContactForm() - Form submission with CSRF protection
   • logAuditEvent() - Compliance audit logging
   • exportUserData() - GDPR Right to Data Portability
   • deleteUserData() - GDPR Right to Erasure
   • Helper functions: getCSRFToken(), getHashedIP(), generateUUID()

2. src/utils/validation.ts - Security & Validation

   • sanitizeInput() - XSS prevention
   • validateEmail() - Email validation (has TDD tests but not implemented yet)
   • validatePhoneNumber() - Phone validation
   • validateURL() - URL validation
   • hashSensitiveData() - Privacy compliance
   • RateLimiter class - Abuse prevention
   • DataRetentionManager class - GDPR compliance

3. server/contact_handler.py - Server-side Processing

   • ContactFormHandler.process_submission() - End-to-end submission
   • ContactFormHandler.check_rate_limit() - Rate limiting logic
   • DataRetentionManager - Retention policy enforcement
   • hash_ip_address() - Privacy protection
   • validate_csrf_token() - Security validation
   • GDPR handlers: handle_data_export_request(), handle_data_deletion_request()

4. backend/api/users.py - API Endpoints

   • get_users() - User listing endpoint
   • create_user() - User creation with validation

5. frontend/components/Header.tsx - React Components

   • Basic rendering and navigation

Testing Approaches:

• Unit Tests: Test individual functions in isolation with mocks
• Integration Tests: Test API endpoints and form submission flows
• Edge Case Tests: Boundary conditions, invalid inputs, security scenarios
• Compliance Tests: Verify GDPR requirements (audit logging, data retention, etc.)
• Security Tests: XSS prevention, injection attacks, CSRF protection

Test Organization Strategy:

• Place unit tests in tests/unit/ matching source structure
• Place integration tests in tests/integration/
• Use descriptive test names: test_(function)_(scenario)_(expected_result)
• Group related tests with describe/class blocks
• Add docstrings explaining test purpose and compliance requirements

Opportunities for Greatly Increasing Coverage

1. Implement TDD Tests: The emailValidation.test.ts file has 426 lines of comprehensive tests but the implementation doesn't exist yet. Creating src/utils/emailValidation.ts based on these tests will immediately add significant coverage.

2. Fix Broken Tests: Repair import errors in existing test files to enable accurate baseline coverage measurement.

3. Add Missing Unit Tests: Many utility functions in validation.ts and contact.ts lack test coverage despite being security-critical.

4. Integration Test Suite: Expand API integration tests to cover error cases, validation failures, and security scenarios.

5. Component Testing: Add comprehensive tests for React components including accessibility and user interaction flows.

Questions for Maintainers

1. TDD Email Validation: Should I implement src/utils/emailValidation.ts based on the existing test suite, or are those tests intended for a different purpose?

2. Test Priorities: Are there specific compliance or security functions that are highest priority for coverage?

3. Coverage Targets: What overall code coverage percentage are you targeting? (Currently unclear due to test failures)

4. Performance Tests: Should I add performance/load testing for rate limiting and form submission?

How to Control this Workflow

You can provide feedback or adjustments to this plan by adding comments to this discussion.

Workflow Control Commands:

# Disable the daily test improvement workflow
gh aw disable daily-test-improver --repo microsoftgbb/corporate-website

# Enable the daily test improvement workflow
gh aw enable daily-test-improver --repo microsoftgbb/corporate-website

# Run the workflow manually with multiple iterations
gh aw run daily-test-improver --repo microsoftgbb/corporate-website --repeat (number-of-repeats)

# View workflow logs
gh aw logs daily-test-improver --repo microsoftgbb/corporate-website

What Happens Next

1. Phase 2 - Coverage Steps Configuration: The next time this workflow runs, I'll analyze the codebase to create a .github/actions/daily-test-improver/coverage-steps/action.yml file with the build and coverage commands. This will be submitted as a pull request for your review.

2. Phase 3 - Test Implementation: After Phase 2 completes and is merged, subsequent runs will systematically implement test coverage improvements based on this plan, targeting the priority areas identified above.

3. Repeat Mode: If running in "repeat" mode, the workflow will automatically progress through phases without waiting for human review between phases.

4. Human Review: You can review this research and add comments with feedback or priorities before the workflow continues to Phase 2.

---

Note: This was intended to be a discussion, but discussions could not be created due to permissions issues. This issue was created as a fallback.

AI generated by Daily Test Coverage Improver

To add this workflow in your repository, run gh aw add githubnext/agentics/workflows/daily-test-improver.md@e43596e069e74a65cd7d93315091672d278c2642. See usage guide.

• expires on Mar 2, 2026, 9:31 AM UTC