Limited Time Offer!

For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!

Enroll Now

Top 10 Bug/Issue Tracking Tools | List of Best Bug/Issue Tracking Tools

top-10-bug-issue-tracking-tool
Just imagine a situation when you put so much efforts to build a software or application and release it and after that users get error or issues in it on the very first use. That’ it, all your efforts will be useless. So, testing is an important aspect which you can not miss in your “Software Development Life-cycle” (SDLC). But, for that you need some tools or I would say good tools, so that you can make sure you are going to give an error or bug free experience to your application or software end users.
But, there is one big challenge that you will face, How to choose or select best bug tracking tools? Don’t worry, I am going to make this task easy for you. I have done some research and make a list of top ten bug tracking tools which I am going share.
So, without any further delay, let’s check out

1. Bugzilla

 

 Bugzilla

Bugzilla is one of the most popular and trustable bug tracking software serving since 18 long years. It’s belongs to Mozilla Foundation and was released in the year 1998 and written in Perl. Bugzilla is open sourced and free to use.
Key Features
  • Basic and advance search features with save & share options
  • Notifications by Email
  • Scheduled Reports by Email
  • Advanced reporting system
  • Auto Detection of Similar Bugs
  • Patch Viewer which makes code review much easier
  • Excellent Security
  • Localization
  • Move Bugs Between Installations without any manual work
  • Request System where you can ask other users to do something with a particular bug or attachment
  • Optimized database structure for increased performance and scalability

2. Mantis Bug Tracker

Mantis Bug Tracker

 

Mantis or Mantis BT is also an open source bug tracking tool. It’s is written in PHP and serving since 2000 almost for 17 years. It was first developed by “Kenzaburo Ito” and later by few others as a team project.
Key Features
  • Easy to Install & Use
  • No limit on the number of users, issues, or projects
  • Email notifications
  • Functionality can be extended by plugins
  • Flexibility to customize issue fields, notifications and workflow
  • Per project different access level for users
  • Source Control Integration
  • Easy collaboration with team members & clients
  • Built-in Reporting
  • Available in 68 localizations
3. Jira
Jira
Jira is a bug/issue tracking and project management tool which was developed by Atlassian, Inc. almost 15 years ago in the year 2002. It is written in Java. It’s available under commercial license but in few scenarios like official non-profit organizations, charities, academic or religious organizations you can use it for free.
Key Features
  • Code Integration – automatically updating issues when they check in code
  • Keep history of issues from either customers or bugs
  • Multiple Workflows
  • Easy to assign and prioritise the bug issue as per the importance and urgency
  • Comprehensive Issue Reports
  • Customizable Dashboard
  • Bugs can be imported from a CSV file
  • Trigger notifications allow auto informing to the next reviewer
  • Addons availability like Capture for JIRA which allows backlog to release

 

4. Redmine

Redmine

Redmine is an open source bug tracking tool which was developed by Jean Philippe Lang in the year 2006 (almost 10 yrs ago) and it is written in Ruby on rails.
Key Features
  • Define you own statuses and issue types
  • Workflow transitions can be set up for each issue type and role
  • Feeds & email notifications
  • Issue creation via email
  • Multi Language support
  • User self-registration support
  • Time tracking functionality
5. Trac
Trac
Trac is also an bug tracking tool written in python and developed by Edgewall Software 13 years ago in the year 2004. It’s available as open source and as a BSD license product.
Key Features
  • Resolve issues through multiple workflows
  • Ticket Tracking
  • Email notification
  • Plugins support for standard functionality
  • Customizable workflow
  • Unicode Supported
  • Code Integration
  • Custom Fields
  • Integrated wiki
  • Collaboration – Create teams and groups
6. The Bug Genie

The Bug Genie

The bug Genie is an open source bug tracking tools which is developed by Daniel Andre Eikeland and later by there team in the year 2003. This bug tracking software is written in PHP and supports cross platforms. It is said that it is one of the most beautiful tool to use and having a great interface.
Key Features
  • Easy to use
  • Finding issues is simple and fast
  • Customise search results
  • Custom issue fields
  • RSS support
  • Issue-related actions are available with a click
  • Integrated quick search
  • Customizable workflow
7. Fossil

Fossil

Fossil was first released 11 years ago in the year 2006. This is written in C, SQL and developed by D. Richard Hipp. It’s available under BSD license. Fossil also supports cross platforms
Key Features
  • User friendly web interface
  • Auto sync mode
  • Custom Fields
  • SUpports Multiple Projects
  • RSS Notification interface
  • Easy collaboration
  • Ticket Change Artifacts
8. eTraxis

eTraxis

eTraxis is written in PHP and supports multi-database and multi languages. It is an open source bug tracking tool. Let’s check out eTraxis key features
Key Features
Complete customization of the workflow
Extensive permissions management
Allow Commenting
Email notifications
Flexible to set up your own filters & views
Supports attachments in reported issue
You can check out complete history of all events, actions, and changes
9. WebIssues

WebIssues

WebIssues is a multi platform open source issue tracking tool. It is written in PHP and works with MySQL database. It is amongst easy to use issue tracking softwares with some good features.
Key Features
  • Tracking new and modified issues
  • Filtering and searching issues
  • Easy installation and setup
  • Reports can be exported as HTML and PDF documents
  • Issues can also be exported in CSV format
  • Email notifications
  • Periodic reports can be sent
  • Security and rights management
  • supports team collaboration
  • Easy to Customize
10. HP ALM/ Quality Center

HP ALM/ Quality Center

HP Quality center is written in .NET & Java which is developed by Hewlett-Packard (formerly Mercury Interactive). It was first released in the year 1995. It is a quality management tool with integrated bug tracking system. It’s available under commercial license but you can use free trial for few days.
Key features
  • Test Planning integration
  • Customizable workflow
  • Custom Fields
  • Plug Ins Availability
  • Supports Multiple Projects
  • Web, GUI & Rest input interface
  • Email Notifications
  • Reporting and graphing
  • Collaboration – supports working in common integrated development environments

So, That’s it. These are most popular bug tracking tools used in software industry these days. Hope my efforts will help while choosing the bug/issue tracking tool. But, now it’s your turn. If you think any other tool should be listed here instead of this than please share with us in the comment section below.

Tagged : / / / / / / / / / / / / / / / / / / / / / / / /

Top 5 Code Coverage Tools | Best Test Coverage Tools

Today we will talk about code coverage tools which are used by developers for measuring the quality of the software testing. There are so many different types of code coverage tools, some are basics and others that are exceptionally thorough.
But before going further on tools let’s first see what is Code Coverage?
Code Coverage is a methodology, which is performed to measure and describe how much the source code of a program is executed when a specific test suite runs. It gives a percentage score to a program which defines as a high code coverage and low code coverage. If it gets high percentage of code coverage during testings which means it has a minimal chance of containing undiscovered software bugs in the comparison of a program which scored low percentage of code coverage while testing. In simple words , code coverage is performed to check whether your tests are really analyzing your code or not. With code coverage, one can tell the amount of your code is being tested by running the test.
Where to use ?
Code coverage tools can be performed on .NET, Java, Visual C/C++ and Visual Basic applications.
Benefits of Code Coverage
Dead Code Identification – The first and the major benefits of code coverage is that after running this test you will get the outputs that shows those functions which are not called, after detecting that you can identify whether the code is untouched as no required use case exists or code is dead code (i.e. not required).
Missing test Identification – It can be beneficial in identifying the extra tests (exceptional cases), which are missed out earlier after running the test suites analysis report.
Quality Assurance – Quality of a product or application is one of the major concern in software world and this can be done by measuring the report after running the code coverage. Higher the amount of coverage better will be the quality of product or application and lesser is the chance to have defects.
Now the next question here is which code coverage tools to choose ?
This is the real challenge to choose which code coverage tools to use for application testing. I also thought about it and after few hours research on the internet and with the help of google trend I shortlisted my results and pick top 5 code coverage tools.
1. Cobertura –
code-coverage-tool-cobertura
Cobertura is one of the most used and best code coverage tools. This is a free Java tool that calculates the percentage of code accessed by tests. It can be used to identify which parts of your Java program are lacking test coverage. It is based on jcoverage. It is easy to use and can measure coverage without having the source code. It’s represents reports in HTML or XML format, It has capacity to test lines and branches of class and method.
2. JaCoCo –
code-coverage-tool-jacoco
JaCoCo is also an open source free code coverage tools for Java, which has been made by the EclEmma group in view of the lessons gained from utilizing and joining existing libraries for a long time. JaCoCo offers instructions, line and branch coverage. It can instrument off-line and on-the-fly and It fully supports Java 7 and Java 8. It also has capacity to test lines and branches of class and method. It also provide very nice and easy to navigate HTML or XML report.
3. Clover –
code-coverage-tool-clover
Clover is also a Java Code Coverage tools bought and further developed by Atlassian. It is also an open source tool. Clover provide very helpful configurable HTML reports demonstrating code scope as well as high level risks and so on, per-test code coverage and test enhancement, dispersed per-test coverage and many instrument integration; it is by and large effectively created and supported.
4. NCover-
code-coverage-tool-ncover
NCover is a code coverage tool for .Net programs and applications. It supports statement coverage and branch coverage. It is also very easy to use and fast tool which is available on open source and as well as on commercial license. This tool can perform manual as well as automated code coverage tests and it provides nice and attractive multiple testing environments.
5. Testwell CTC++ –
code-coverage-tool-testwell-ctc++
Testwell CTC++ is a code coverage tool for  C and C++ but it also can be used for Java and C#. The development of this tool is belongs to Testwell which lately acquired by Verifysoft Technology GmbH for C and C++. This tool can check Statement Coverage, Function Coverage, Decision Coverage, Multi Condition Coverage, Modified Condition/Decision Coverage (MC/DC), Condition Coverage. This is also in the category of user-friendly and fast tools. It finds missing test cases smoothly. It provide reports on XML format.
So, This is my list of top code coverage tools, I hope this list will help you in your testings. But, if you think this list should contain any other tools instead these than feel free to share with us in comment box below.
Tagged : / / / / / / / / / / / / / / /

Top 10 Static Code Analysis Tool | Best Static Code Analysis Tools List

top-10-static-code-analysis-tool
Software security is a very important concern for todays Software market and for that you need to do code analysis in the development lifecycle. Now we can not imagine ourselves to sit back and do manual reading each line of codes and find issues and bugs. Those days of manual review in the software development lifecycle to find the flaws in the codes are over now.
Now the mindsets has changed and developing quality & secure code from the beginning is on rise. This is the time of automation and developers & programmers are now shifting towards the adoption of tools which auto detects the flaws as soon as possible in the software development lifecycle.
As the process shifting towards the automation, static code analysis (SCA) has become an important part of creating quality code. Now the question here is, What is Static Code Analysis?

Static Code Analysis is a technique which quickly and automatically scan the code line by line to find security flaws and issues that might be missed in the development process before the software or application is released. It functions by reviewing the code without actually executing the code.

There are three main benefits of Static analysis tools
1. Automation —  Automation can save your time and energy which ultimately means you can invest your time and energy in some other aspects of development lifecycle, which will help you to release your software faster.
2. Security — Security is also one of the major concern and by adopting Static analysis you can cut the doubt of security vulnerabilities in your application, which will ensure that you are delivering a secure and reliable software.
3. Implementation — Static analysis can be implemented as early in the software development lifecycle (SDLC) as you have code to scan, it will give more time to fix the issues discovered by the tool. The best thing of static analysis is that it can detect the exact line of code that’s been found to be problematic.
There are so many Static code analysis tools are available to ease our work but to choose good tools among them is really a challenging task. I have done some research and providing you the list of top 10 static code analysis tools:-

1. VisualCodeGrepper

static-code-analysis-tool-visualcodegrepper
Visualcodegreeper is an open source automated code security review tool which works with C++, C#, VB, PHP, Java and PL/SQL to track the insecurities and different issues in the code. This tool rapidly review and depicts in detail the issues it discovers, offering a simple to use interface. It allows custom configurations of queries and it’s updated regularly since its creation (2012).
2. Coverity

static-code-analysis-tool-coverity

Coverity is also an open source static code analysis tool which supports C, C++, C#, Objective-C, Java, Javascript, node.JS, Ruby, PHP & Python. It is an excellent static analysis product with support of 100 compilers & detailed and clear description of the code issues you can use it in your desktop environment to quickly find and resolve the errors before checking in the code.

3. Veracode

static-code-analysis-tool-veracode

Veracode is also one of the best static code analysis tool which can find security flaws in application binary code – compiled or “byte” code even when the consideration of source code is not available. Veracode supports multi-languages which includes .NET (C#, ASP.NET, VB.NET), Java (Java SE, Java EE, JSP), C/C++, JavaScript (including AngularJS, Node.js, and jQuery), Python, PHP, Ruby on Rails, ColdFusion, Classic ASP, including mobile applications on the iOS and Android platforms and written in JavaScript cross platform frameworks.

4. YASCA

static-code-analysis-tool-yasca

“Yet Another Source Code Analyzer (YASCA)” is an open source stactic code analysis tool which supports HTML, Java, JavaScript, .NET, COBOL, PHP, ColdFusion, ASP, C/C++ and some other languages. It is an easy to extend and a flexible tool which can integrate with variety of other tools which includes CppCheck, Pixy, RATS, PHPLint, JavaScript Lint, JLint, FindBugs and various others.
5. Cppcheck

static-code-analysis-tool-cppcheck

Cppcheck is an open source static code analysis tool for C/C++. Cppcheck basically identifies the sorts of bugs that the compilers regularly don’t recognize. The objective is to identify just genuine mistakes in the code. It provides both interface command line mode and graphical user interface (GUI) mode and has possiblitites for environment integration. Some of them are Eclipse, Hudson, Jenkins, Visual Studio.

6. Clang

 

static-code-analysis-tool-clang
Clang is also one of the best static code analysis tool for C, C++ and objective-C. This analyzer can be run either as standalone tool or within Xcode. It is an open source tool and a part of the clang project. It utilizes the clank library, hence forming a reusable component and can be utilized by multiple clients.

7. RIPS

 

static-code-analysis-tool-rips
RIPS is a static code analyzer tool to detect different types for security vulnerabilities in PHP codes. RIPS also provide integrated code audit framework for manual analysis. It is an open source tool too and can be controlled via web interface.
8. Flawfinder
static-code-analysis-tool-flawfinder
Flawfinder is also one of the best static analysis tool for C/C++. This tool is easy to use and wel designed. It reports possible security vulnerabilities sorted by risk level. It is an open source tool written in python and use command line interface.
9. DevBug
static-code-analysis-tool-devbug
DevBug is an online PHP static code analyser which is very easy to use and written on Javascript. It was intended to make essential PHP Static Code Analysis accessible on the web, to raise security mindfulness and to incorporate SCA into the development procedure. This analyser tool is also available in open source.

10. SonarQube

 

static-code-analysis-tool-devbug
SonarQube is one of the best and well known open source web based static code analysis tool, it can scan projects written in many different programming languages including  ABAP, Android (Java), C, C++, CSS, Objective-C, COBOL, C#, Flex, Forms, Groovy, Java, JavaScript, Natural, PHP, PL/SQL, Swift, Visual Basic 6, Web, XML, Python and also allows a number of plug ins. What makes SonarQube really stand out is that It provides metrics about your code which will to help you to take the right decision and translates these non-descript values to real business values such as risk and technical debt.
So, above we mentioned top selective static code analysis tools which can be helpful, but if you think this lists should contain some other tools than feel free to share in comment box.
Tagged : / / / / / / / / / / / / / /

QA Roles and Levels in Continuous Delivery Model | Software Testing

qa-roles-and-levels

0 – Manual compilation, no unit tests, manual testing by QA
Before we all recoil in horror it’s worth recalling the pure horror of how things used to be with an enormous gulf between developers and QA. Thankfully this approach is lost in the mist of time for almost everyone but if has not, you have my deepest sympathies.

1 – Automated compilation, some unit tests by dev, manual testing by QA
We start to see the process become more agile. Build scripts have made their appearance. Life is a bit easier for developers with the introduction of Continuous Integration but not much different to QA who are left out in the cold.

2 – Automated compilation, high standard unit tests by dev, automation of manual testing by QA
Build frameworks that allow failing a build process that successfully compiled but did not pass the unit tests are now used. QA are using tools which theoretically allow them to sign off individual user stories while still being able to quickly regression test the entire application to ensure that no new errors have been introduced. However, the separation of dev and QA ensures that almost every change by developers results in failing QA tests. The only way to get all the tests to pass is to either stop development or to fork the codebase so that the QA’s can work on stable code. Bugs are fed back into the development code branch and promoted to the QA branch. Congratulations for reinventing waterfall and for ensuring that the ratio between developers and QA remains 1:1.

3 – Automated compilation, high standard unit tests by dev, integration tests by dev, automated testing by QA using better tools
Some of the QA workload is taken over by developers who automate obvious integration points with the rest of the system. Some more load is taken off the QA who can re-use tests with tools like Fitnesse but the phrase “dev complete” is still heard. Developers may provide QA with test utilities and abstractions like Stubs and Fakes to make testing easier and more deterministic. It’s almost inevitable that every team’s story board will have 3 or 4 times as many stories waiting for QA than are either “In Development” or “Undergoing QA”. You can do Continuous Delivery at this stage but everyone wonders why it’s so painful and costs so much in time and effort.

What do we really need?

For us to ship reliable quality code, we have to change not just the tooling but how the delivery organisation is structured. When manual testing was the norm, a separate QA organisation existed because it was more efficient and more effective to have non-developers test the code. With the levels of automation now available a separate QA organisation is an anachronism which should no longer exist. So what do we really need?

4 – Automated compilation, high standard unit tests by dev, integration tests by dev, agile testing by dev, sign-off by QA
The role of the QA has mutated to that of QABA (aka ‘a bloody good BA’) – domain experts that represent the business in the delivery team but who are also responsible for creating the acceptance criteria for user stories where the acceptance criteria are expressed as scenarios that can be easily converted into actual test code. Developers write the application code and the code that tests it, including creating any tooling. The QABA can then sign off the story on completion without having to go back to the business. Business still see new features and capabilities at weekly demos and show’n’tells but are rarely involved with the delivery team on a regular basis. If you are B2C, even better is where new code is released into production without being signed off but hidden behind feature throttles that stop the new functionality from being seen outside of the company network. That way the entire company gets to do UAT on new functionality before it hits the customers.
A fundamental pillar of continuous delivery is that all* your tests must be automated. To achieve this the QA organisation should be in the business of writing the test scenarios that the code needs to be evaluated against and for signing off that the code does this. Test code should be a first class citizen of the application and should be written by people who’s primary job is writing code – the developers. I will say it again – QA should not be in the business of writing test code.
Developers are responsible for quality and should act like it. Sometimes that means taking responsibility from the QA organisation that should never should have been given to them. Quality is too important to leave to QA. Developers need to take full responsibility for the quality of their code and they should be in the firing line if something is broken. The role of the QA is to keep the developers on the straight and narrow and the most effective way of doing this is to get them to apply their confrontational mindset to the code via the acceptance criteria used to sign off the new functionality. Those of you familiar with BDD are probably nodding your heads right now but I’m not sure that BDD is the answer. It’s the right approach from the perspective of test case creation but the tooling is currently a zero sum game – the effort you save by having natural language test descriptions run is equivalent to the amount of effort you have to expend in extending your tooling to support your test cases in all bar the most trivial cases.
If you take a look at a company that prioritizes the ability to ship code, e.g. Facebook, you will see the developer taking far more responsibility for QA than is seen in the rest of the industry. It’s time for the rest of us to catch up.

Tagged : / / / / / / / / / / /

What is Code Coverage and Why Code Coverage?

code-coverage

What is Code Coverage
Code Coverage is an important measurement in Software Quality Engineering. While Software testing ensures correctness of the applications, a metric is required to track the What is Code Coverage Code Coverage is an important measurement in Software Quality Engineering. While Software testing ensures correctness of the applications, a metric is required to track the completeness and effectiveness of the testing undertaken. Code Coverage helps achieve reliable quality through identifying untested areas of the application.

Why Code Coverage
Software testing is a challenging function. The testers need to ensure complete functional and non-functional correctness of the product. Considering the complex workflows and use cases of modern day applications, the number of unique cases that the software can be used often run into millions, which is not feasible to be covered under testing exercise. The testers thus need to
– While Planning Tests
o Ensure covering all workflows in terms of decision trees in the code
o Ensure covering all data values – by identifying patterns rather covering millions of values
– While testing
o Ensuring the testing is completely exercising the whole application with planned and exploratory tests.

At the end of testing, the decision to stop testing and release the product still remains subjective, based on the presence or absence of bugs, inflow of new bugs, success rate of each test cycle, confidence rating of the testers or users, etc. Whereas the definitive metric of quantifying how much of the application was really tested, is missed.

Code Coverage is measured as quantification of application code exercised by the testing activities. Code Coverage can be measured at various levels – in terms of programming language constructs – Packages, Classes, Methods, Branches or in terms of physical artifacts – Folders, Files and Lines. For Eg. A Line Coverage metric of 67% means the testing exercised 67% of all executable statements of the application. A Code Coverage metric usually is accompanied by Code Coverage Analysis Report – which helps identify the un-tested part of the application code, thereby giving the testers early inputs for complete testing.

Benefits of Code Coverage

  • Objective Indicator of Test Coverage of application code
  • Pointers to uncovered Packages / Classes / Methods / Branches
  • Pointers to uncovered Folders / Files / Lines
  • Drill down to untested part of source code and devise new tests
  • Early Indicator for Testing Quality and Fixing it by adding new tests.
  • Remove redundancy in testing
  • Increased Confidence for Releases

Test Your Test

Typical Emotional Storyboard

  • Write Some code! Happy!
  • Does it work? Sad!
  • Write some test! Happy!
  • Do they really test the code? Sad!
  • Measure the Code Coverage! Happy!

Coverage Measurement

  1. Shows Which line of code are executed
  2. How much of your code is covered by your tests?
  3. Your tests test your product
  4. Coverage testing tests your tests

Goal

  • 100%
  • Coverage Ideal
  • Not Always possible
  • Can be expensive to achieve
  • Design for testability

Good: Write more tests
Only way to truly increase code coverage

Bad
Excluding Code to boost Coverage

Types of Coverage

  1. Statement Coverage
  2. Branch Coverage
  3. Path Coverage
  4. Loop Path Coverage
  5. Data – driven Code
  6. Complex Conditionals
  7. Hidden Branches

How; – Coverage Tools

  1. Clover
  2. Cobertura
  3. Emma
Tagged : / / / / / / / / / / / / /

Hybrid testing introduction, What is Hybrid testing?

hybrid-testing

Hybrid testing definition. testing. A combination of top-down testing with bottom-up testing of prioritized or available components

 

According to Wiki:

Hybrid testing is what most frameworks evolve into over time and multiple projects. The most successful automation frameworks generally accommodate both grammar and spelling as well as information input. This allows information given to be cross checked against existing and confirmed information. This helps to prevent false or misleading information being posted. It still however allows others to post new and relevant information to existing posts and so increases the usefulness and relevance of the site. This said, no system is perfect and it may not perform to this standard on all subjects all of the time but will improve with increasing input and increasing use.

According to Tutorialspoint:

We know that Integration Testing is a phase in software testing in which standalone modules are combined and tested as a single entity. During that phase, the interface and the communication between each one of those modules are tested. There are two popular approaches for Integration testing which is Top down Integration Testing and Bottom up Integration Testing.

In Hybrid Integration Testing, we exploit the advantages of Top-down and Bottom-up approaches. As the name suggests, we make use of both the Integration techniques.

Reference/Content Source: –

https://en.wikipedia.org/wiki/Hybrid_testing

https://www.tutorialspoint.com/software_testing_dictionary/hybrid_integration_testing.htm

Tagged : / / / / / / / / / /

Apache Maven 3.0-RC1 | Pre – Release Testing

apache-maven-3

Hi,

in preparation for the release of Apache Maven 3.0, the Maven team is seeking your help to discover regressions since Maven 2.x. Everybody interested in taking a preview of the upcoming release for a test drive can get source and binary bundles from there portal.

Before reporting any issues found during testing, please be sure to have a close look at the compatibility notes for Maven 3.x:

https://cwiki.apache.org/confluence/display/MAVEN/Maven+3.x+Compatibility+Notes

If you encounter unexpected build issues, please fill a report in JIRA that provides sufficient information to reproduce and analyze the issue:

The fixes contained in this release candidate since the 3.0-beta-3 release can also be seen in JIRA:

Thanks,

-The Maven team

Tagged : / / / / / / / / / / /