Blog

#bugs.

16 articles tagged "bugs".

AllTutorialsDeep divesOpinionsComparisonsCareerField notesCase studiesQA trends
Tutorials·13 June 2026 · 9 min read

The 12 API bugs I check for first

A high-value checklist: the twelve API bugs that surface most often, from wrong status codes to idempotency failures.

api-testingchecklistbugs
Tutorials·13 June 2026 · 8 min read

API pagination, filtering, and sorting bugs

The specific bugs that hide in paginated, filtered, and sorted endpoints — off-by-one pages, unstable sorts, and filter leaks.

api-testingpaginationbugs
Tutorials·13 June 2026 · 8 min read

The password reset bugs I always test for

Password reset is a deceptively risky flow — token reuse, expiry, enumeration, and session handling all hide here.

security-testingauthbugs
Deep dives·13 June 2026 · 8 min read

IDOR explained for QA engineers

The most common serious web vulnerability is also the easiest for QA to catch: the app serves a record by ID without checking it is yours. Two accounts and a changed number find it.

security-testingauthidorbugs
Tutorials·13 June 2026 · 8 min read

How to test session expiry properly

A session that lives too long is a hole, one that survives logout defeats the point. Here is the session-expiry pass — idle, absolute, logout, reset, remember-me, and fixation.

security-testingauthsessionsbugs
Tutorials·13 June 2026 · 8 min read

Push notification testing: what usually goes wrong

Notifications behave differently foregrounded, backgrounded, and killed — and deep-link to the wrong place when they arrive. The killed-app cold start is where it breaks.

mobile-testingnotificationsbugs
Tutorials·13 June 2026 · 8 min read

Offline mode bugs every mobile tester should check

The interesting offline bugs are in the transitions, not the offline state: double-submits on reconnect, in-flight requests that die, optimistic UI that never rolls back.

mobile-testingofflinebugs
Case studies·13 June 2026 · 7 min read

The checkout bug that passed every happy-path test

Every checkout test was green, but combining two discounts and a gift card drove the total negative — and issued credit. A case study in testing invariants, not just features.

case-studytest-designe-commercebugs
Case studies·13 June 2026 · 8 min read

The API pagination bug that looked like a frontend issue

Items vanished and duplicated on scroll; the frontend took the blame for two sprints. The cause was an unstable API sort over a non-unique key. Follow the symptom down the stack.

case-studyapi-testingdebuggingbugs
Case studies·13 June 2026 · 7 min read

How a missing negative test caused a production incident

A negative quantity on a "remove stock" action inflated inventory and caused overselling. The feature worked; the absent negative test did not. Test the negative space at the endpoint.

case-studytest-designnegative-testingbugs
Case studies·13 June 2026 · 7 min read

The accessibility issue nobody noticed with a mouse

A custom dropdown worked for everyone who tested it — because everyone used a mouse. Keyboard users hit a dead end on a required field. The cheapest check would have caught it.

case-studyaccessibilitya11ybugs
Case studies·13 June 2026 · 8 min read

The mobile bug we missed because we only tested on Wi-Fi

On office Wi-Fi the payment flow was flawless; on cellular it double-charged. A client timeout shorter than real latency plus no idempotency, hidden by never testing a slow network.

case-studymobile-testingnetworkbugs
Field notes·13 June 2026 · 7 min read

Performance bugs that look like functional bugs

Dead buttons, random logouts, missing data — often timing problems in disguise. The tell is intermittent and worse under load; check latency before debugging logic.

performance-testingbugsdebuggingfield-note