Tutorials·13 June 2026 · 7 min read
How to write test cases developers actually read
Test cases that get read are short, scannable, and written for the person who has to act on them. Here is the format I use.
manual-qatest-casesdocumentation
Blog
Tutorials.
First-person walkthroughs of solving one specific problem — what we tried, what worked, what didn't. The blog version: dated, narrative, ours. For structured lessons in chapters, see Learn.
Tutorials·13 June 2026 · 9 min read
The 12 API bugs I check for first
A high-value checklist: the twelve API bugs that surface most often, from wrong status codes to idempotency failures.
api-testingchecklistbugs
Tutorials·13 June 2026 · 8 min read
My practical accessibility smoke test before release
A ten-minute accessibility pass any QA can run before release — keyboard, focus, contrast, and the obvious screen-reader checks.
accessibilitya11ychecklist
Tutorials·13 June 2026 · 9 min read
Auth bugs QA can catch without being a pentester
The auth and session bugs that show up in normal functional testing — no exploit tooling required.
security-testingauthbugs
Tutorials·13 June 2026 · 8 min read
A release sign-off checklist that doesn't waste everyone's time
A sign-off checklist short enough that people actually use it — and specific enough to catch the things that block releases.
test-managementchecklistrelease
Tutorials·13 June 2026 · 9 min read
How I evaluate an AI chatbot before release
A practical evaluation pass for AI chat features: hallucinations, refusals, prompt injection, and the cases with no single right answer.
ai-testingllmevaluation
Tutorials·13 June 2026 · 8 min read
API pagination, filtering, and sorting bugs
The specific bugs that hide in paginated, filtered, and sorted endpoints — off-by-one pages, unstable sorts, and filter leaks.
api-testingpaginationbugs
Tutorials·13 June 2026 · 6 min read
Keyboard testing: the fastest accessibility check QA can run
Tab through the page. That single habit catches more accessibility bugs than most automated scans.
accessibilitykeyboarda11y
Tutorials·13 June 2026 · 8 min read
The password reset bugs I always test for
Password reset is a deceptively risky flow — token reuse, expiry, enumeration, and session handling all hide here.
security-testingauthbugs
Tutorials·13 June 2026 · 7 min read
My mobile smoke test before every release
A short, device-real smoke pass: permissions, offline, rotation, interruptions, and the update path.
mobile-testingchecklistrelease
Tutorials·13 June 2026 · 9 min read
How to review AI-written Playwright tests
AI writes plausible Playwright tests that pass for the wrong reasons. Here is the review checklist that catches them.
ai-testingplaywrightreview
Tutorials·13 June 2026 · 8 min read
How to prepare for a QA take-home assignment
What take-home reviewers actually score, and how to spend your limited time on the parts that count.
careerinterviewstake-home
Tutorials·13 June 2026 · 8 min read
Regression testing without wasting two days
How to scope a regression pass to the change in front of you instead of re-running the entire suite by hand.
manual-qaregressionprocess
Tutorials·13 June 2026 · 8 min read
How to test session expiry properly
A session that lives too long is a hole, one that survives logout defeats the point. Here is the session-expiry pass — idle, absolute, logout, reset, remember-me, and fixation.
security-testingauthsessionsbugs
Tutorials·13 June 2026 · 8 min read
Push notification testing: what usually goes wrong
Notifications behave differently foregrounded, backgrounded, and killed — and deep-link to the wrong place when they arrive. The killed-app cold start is where it breaks.
mobile-testingnotificationsbugs
Tutorials·13 June 2026 · 8 min read
Offline mode bugs every mobile tester should check
The interesting offline bugs are in the transitions, not the offline state: double-submits on reconnect, in-flight requests that die, optimistic UI that never rolls back.
mobile-testingofflinebugs
Tutorials·13 June 2026 · 7 min read
How to report bugs developers can fix quickly
A bug report exists to get the bug fixed. Specific title, minimal repro steps, explicit expected-vs-actual, evidence, and environment — the format that prevents "can't reproduce".
manual-qabug-reportsdocumentation
Tutorials·13 June 2026 · 8 min read
Screen reader testing without pretending to be an expert
Catch the blatant screen-reader failures in fifteen minutes with the reader already on your machine — meaningful names, sensible images, labelled fields, announced changes.
accessibilityscreen-readera11y
Tutorials·13 June 2026 · 8 min read
How to test forms for accessibility
Forms break accessibility hardest — labels, required state, announced errors, focus management, and keyboard-operable custom widgets. The form-specific pass.
accessibilityformsa11y
Tutorials·13 June 2026 · 8 min read
How to write a test strategy people actually use
A test strategy is a short set of project-specific decisions, not a generic thirty-page document. Scope, risk, levels, automation split, data, ownership, and what "done" means.
test-managementstrategyprocess
Tutorials·13 June 2026 · 8 min read
What QA should log when testing AI features
A screenshot isn't a repro when outputs vary. Capture the full assembled prompt, retrieved context, model version, and parameters so an AI bug is actually reproducible.
ai-testingobservabilityllm
Tutorials·13 June 2026 · 7 min read
A one-hour exploratory test session template
A charter-driven, time-boxed template for exploratory testing: 5 minutes to charter, 35 to test, 10 to debrief — and notes someone can read.
manual-testingexploratory-testingtemplatetest-charter
Tutorials·13 June 2026 · 8 min read
MFA testing checklist for QA teams
The full multi-factor auth test surface: bypass, wrong/expired/reused codes, brute-force lockout, recovery, and the usability cases most teams skip.
security-testingmfaauthenticationchecklist
Tutorials·13 June 2026 · 8 min read
Mobile permissions testing: camera, location, photos, notifications
Permission bugs live in deny, revoke, and 'ask every time' — not the grant happy path. The per-permission, per-platform matrix that catches them.
mobile-testingpermissionsiosandroid
Tutorials·13 June 2026 · 8 min read
The performance smoke test I'd run before release
Not a full load test — a fast, fixed, repeatable check on a few critical endpoints, compared to baseline, that catches gross regressions before sign-off.
performance-testingsmoke-testreleasechecklist
Tutorials·13 June 2026 · 9 min read
The hallucination test cases I run on AI features
Concrete test cases for AI hallucination — unanswerable questions, false premises, invented entities, citations — and how to judge answers with no 'correct' value.
ai-testingllmhallucinationtest-cases
Tutorials·13 June 2026 · 8 min read
How to test rate limits without annoying everyone
Test the full rate-limit contract — enforcement, 429, Retry-After headers, recovery, scope — with a low configurable limit and a dedicated key, not by flooding shared staging.
api-testingrate-limitinghttptutorial
Tutorials·13 June 2026 · 9 min read
How to review Swagger/OpenAPI as a QA engineer
An OpenAPI spec is a ready-made test plan — every param and status code is a case — and its gaps (missing errors, unbounded fields, drift) predict the bugs.
api-testingopenapiswaggercontract
Tutorials·13 June 2026 · 9 min read
Accessibility test cases for login & checkout flows
Concrete, reusable accessibility cases for the two highest-consequence flows — keyboard completion, labels, announced errors, focus management — where a barrier blocks a core task.
accessibilitya11ytest-casesforms
Tutorials·13 June 2026 · 8 min read
API token bugs that show up in everyday testing
Treat the auth token as an input: test that it expires, dies on logout, can't cross scope or user, doesn't leak, and rejects tampering — all with your normal API client.
security-testingapi-testingtokensauth
Tutorials·13 June 2026 · 7 min read
How to write safe security bug reports
A security report has extra duties: private channel, impact over exploit, test data only, redacted evidence, clear severity — getting it fixed without making it worse.
security-testingbug-reportsprocessdisclosure
Tutorials·13 June 2026 · 8 min read
How to read a k6 result without guessing
Which k6 metrics matter and which mislead: check the error rate first, read p95/p99 not the average, confirm the load profile, and compare to a baseline.
performance-testingk6metricstutorial
Tutorials·13 June 2026 · 6 min read
The QA weekly status report I'd actually send
A short, risk-first status format: lead with a one-line risk verdict, then what's at risk, key findings, light coverage numbers, and explicit asks — built to drive a decision.
test-managementreportingcommunicationtemplate
Tutorials·13 June 2026 · 6 min read
What good QA handover notes look like
Write an operating manual for the arriver, not a diary: current state, setup, known issues with status, gotchas, and pointers — so someone can take over without asking you.
test-managementdocumentationhandovertemplate
Tutorials·13 June 2026 · 8 min read
How to use Claude Code for QA without breaking your repo
Get the speed of an AI agent on your test repo without the mess: work on a branch, review every change like a junior's PR, and make tests fail first to catch assert-nothing tests.
ai-testingclaude-codeai-toolsautomation
Tutorials·10 May 2026 · 7 min read
Custom Cypress commands that actually pay off
Most teams over-abstract too early. Four custom commands are worth writing on every Cypress project — login, seed, intercept, visit. The rest can wait.
cypresstypescriptpatterns
Tutorials·24 February 2026 · 8 min read
cy.intercept the right way: aliases, stubs, and the bug it usually catches
cy.intercept is the most powerful command in Cypress and the one teams most often misuse. Here's the playbook: when to alias, when to stub, when to spy, and the race-condition-shaped bug that intercepts usually catch.
cypresstypescriptapi-testing
Tutorials·17 February 2026 · 9 min read
Playwright fixtures, explained without the React metaphors
Most explanations of Playwright fixtures lean on React-hook metaphors that miss the point. Fixtures are scoped factories. Here's what to do with them and the three every project should have.
playwrighttypescriptfixtures
Tutorials·30 December 2025 · 10 min read
Using Claude and Copilot for test writing: a practical playbook
The practical playbook for AI-assisted test writing in 2026. The prompts that work, the prompts that don't, and the human-in-the-loop checkpoints that keep AI from writing tests that pass for the wrong reasons.
aiclaudecopilotworkflow
Tutorials·23 December 2025 · 9 min read
Adding accessibility tests with axe — a practical walkthrough
axe-core is the engine behind most accessibility testing in 2026 — and it's surprisingly approachable. Here's a practical walkthrough of integrating axe with Playwright, what it catches, and what it misses.
accessibilityaxeplaywrighta11y