Project Nagual

This is a short post to announce a project that I’ve been working on for a while now. It’s an HTTP simulator called Nagual, that can be used to fake responses from 3rd party services outside of your control. We use it to simulate services that we integrate…

A Tale of Two Bugs

(or why you should optimize for low MTTR) All bugs are not created equal. Ideally, we want to catch them all before releasing software to our customers, but this is a pipe dream. In Toyota Kata, Mike Rother explains the improvement kata, which in essence is an ideal goal (true…

Running Test In Parallel - Optimal Number Of Threads

June this year I presented at expo:QA conference. It was a case study on how we increased the execution time of high level automation tests more than 60 times . Last week I received an email from one of the conference attendees, asking for additional details on two specific topics…

Eliminating a Class of Defects

Imagine the following line of PHP code: $db->GetRow("SELECT * FROM users WHERE id = $user_id"); This line is vulnerable to SQL injection, if an attacker controls $user_id variable. This is the safe version (using parametrized query): $db->GetRow("SELECT * FROM users WHERE id = ?", array(‘$user_id’…

PHP Unlocker

PHP-Unlocker is a static analysis tool that detects potential, unintended DB table locks for PHP applications using ADOdb. It searches your code for improper usage of StartTrans() and CompleteTrans() methods. So why write this tool? It’s to scratch our own need, because we had an application with bad coding…