Appium Inspector, Test Tool Vulnerabilities & More TGNS28

By Test Guild
  • Share:
Join the Guild for FREE
TestGuild News Show Feature Image

About This Episode:

Have you seen the new Appium Inspector? Do you Like BBQ and Performance Testing? Are your using projects such as Cucumber, WebdriverIO, Karma, Cypress? Do you know what security vulnerability they all might have in common that put you at risk? Find out the answers to these and other end-to-end full pipeline DevOps, automation, performance, and security testing in this episode of the test guild news show for the week of Jan 9.

Exclusive Sponsor

This episode of the TestGuild News Show is sponsored by the folks at Applitools. Applitools is a next-generation test automation platform powered by Visual AI. Increase quality, accelerate delivery, and reduce cost with the world’s most intelligent test automation platform. Seeing is believing, so create your free account now!

Links to News Mentioned in this Episode

0:28 Applitools FREE Acount:
1:00 LambdaTest hyperTest:
1:30 Cypress Concourse CI:
2:08 Python Top Language:
2:25 Top Automation Testing Prediction for 2022
3:31 Appium-inspector
4:33 Monkey Testing
5:33 PerfTour
6:28 Selenium-3 vs Selenium-4
6:59 Color.JS Vunerability
8:12 Mobile App Breaches:
8:45 Snyk Open Source:


[00:00:58] First up, automation news. [00:01:00][1.1]

[00:01:00] So the first thing I was alerted to this week was that Lambda Test just launched a hyper test feature that lets you run and end the Selenium test faster. So according to this press release, Hyper Test actually unifies all the components of a Selenium grid type of implementation into a single execution environment that eliminates the need for network hops, which in turn cuts down on the test execution time so never used it myself. But if this is something that sounds interesting, to you can always check it out in the link down below. [00:01:30][29.4]

[00:01:30] So recent article that also caught my attention this week was how to run Cypress Test and Docker on Concourse Dot CI. So if you don't know, Concourse is a open source tool for automating your software delivery pipelines. It's similar to GitLab, which uses declarative pipelines using YAML files. But the difference is concourse is stateless, and this article goes over some key benefits of why that matters. It just seems like a really nice good step by step guide on getting started using concourse and adding Cypress to your CI pipelines. So if using Cypress, if you're using concourse, if you never use both together, definitely a good must read. [00:02:08][37.3]

[00:02:08] I actually just saw an article that mentioned that Python actually NAbs programing language of the year honors, and for the second year in the row, there's an index that actually tracks the popularity of languages, and Python has been identified as the most popular programing language. [00:02:25][16.2]

[00:02:25] I actually mentioned Python in my latest updated post on the top on automation testing trends and predictions for 2022, where I identified Python as being a critical skill for testers going into the New Year. And not only that, I correlated between popular programing languages and development in general and how it actually works for testers or if you're a tester, if that actually applies to testing jobs. So I took the top 20 job openings I could find in testing software automation engineers. I put them all into a word cloud in. As you could see, Python is actually one of the skills that popped up as one of the top skills that these type of positions are looking for for a test automation engineer. So if you don't know it already, I definitely highly recommend getting more familiar with Python for sure to help you with your career. And a lot of new developments to test automation are coming out around Python, so it's definitely something to know and be aware of and definitely check out all my other predictions on the top testing trends you need to know for 2022 in the links down in the first comment below. [00:03:30][64.5]

[00:03:31] So another trend I mentioned was the increase in mobile testing. So this next article is how Appium just released Appium inspector, which is a standalone application that you should definitely should know about. If you're doing anything to do with Appium and some cool features of Appium inspector is you can easily define Appium server connection details and set up capabilities. You could save server details and capabilities for future sessions. Connect to a variety of cloud Appium platforms. You can select elements via clicking on them in a screenshot and a bunch of other cool things. So definitely, if you're Appium automation engineer, I think it's a must-have are a must check out for sure. Also, Jonathan Lipp's, who is the main contributor to Appium, recently posted that actually looking for people to help them maintain Appium Inspector and a bunch of other features, and you can get paid for it as well. Not only will you be contributing to the community and learning you also will get paid for your efforts also. So definitely check that out and have a link for that. Also in the links. The first comment is down below. [00:04:32][61.1]

[00:04:33] So one thing I like about Cypress is over the past year or so, I've been seeing a lot of people really utilize of all kinds of and testing. I know Marie Drake has used it to help her with front-end performance testing. I've seen other folks use it to help them with accessibility testing I think Marie drake has also has the demo on that as well. But another one that I never knew about until recently when I saw it on LinkedIn was something called monkey test, and I've known about monkey testing. I didn't know that you can actually use it with something called Gremlin.js And Cypress Node i o. If you do any sort of end-to-end testing using Cypress, just another reason why I think Cypress is really gaining popularity. And this from Gary Parker, who's written a short article on monkey testing, how you can use it using Gremlin.js And give some good reasons why you should do this, how to get started, how to integrate with Cypress. So this stuff is something I'm going to check out and find. If it interests me I figure, Hey it might interst you as well? So definitely check it out. Also. [00:05:29][56.8]

[00:05:30] Next up, Performance and site reliability news. [00:05:32][1.9]

[00:05:33] First thing Scott Moore has just announced his PerTour season two. If you don't know anything about the perf tour and you're like barbecue, especially, you definitely need to check this out. Yeah, and how Scott got this official press release? I need to ask him. But press release announced that the 2022 perftour coming up goes over the topics that he'll cover, and another reason why I highly recommend you check it out is I'm actually going to be featured as one of the speakers that he visited in season two in the very first episode, so definitely check out how socially awkward I really am in the real world, as Scott probably can tell you. But yeah, we had a great time. Great discussion. I always get freaked out watching myself on camera when I'm not in charge of editing, but hey, it is what it is. So hopefully you get some value out of it and definitely give Scott more follow and definitely check out all his perf tour videos. Come and go for season two, so thank you, Scott, for all you do for the performance community. [00:06:27][54.1]

[00:06:28] So another article that caught my attention that I never really thought about was the performance comparisons between Selenium three and Selenium four. Does it matter? Is that a difference? How does it help you as an automation engineer? So this article goes over the architectural upgrades to Selenium 4 what's new in Selenium four. And then they did some comparisons against Selenium three and four to see which one performed the best with a conclusion. So if you want to know which one did the best, definitely check that out in the link down below. [00:06:56][27.9]

[00:06:57] Next up, security news. [00:06:58][0.9]

[00:06:59] All right. So not often you see security news that actually relates directly to eautomation testing tools as well. But I just saw this LinkedIn post right before I recorded this video this morning from Jan on how malicious code introduced in colors.js also affects projects like Cucumber, WebDriver, Io, Karma, Cypress and some others. So definitely to be aware of so Jan recommends if you're using JavaScript or Node, how to pin you dependencies on colors to 1.4.0 to avoid this. He also is the main contributor to Serenity.js And has upgraded his fix. For this, I believe you don't have to worry about it, but definitely check this out, and you can actually learn more about what this vulnerability is caused by in Jan post. Also,. So some craziness going on in security the past few weeks, but this is definitely something that can impact you, especially if you have anything to do with automation testing. Using any of these tools, it looks like a lot of them are taking care of it, but just something to be aware of that all these open source projects consume other libraries, and some of these libraries could be vulnerabilities as well. Doesn't have to doesn't necessarily have anything to do with automation tools. It's any type of software out there nowadays they need to be aware of, especially when it comes to security as a tester. [00:08:11][72.6]

[00:08:12] So I found this article on the top mobile application security risk breaches for 2021, though you definitely should check out in the article goes over time, with over 200 billion downloads in 2020, mobile applications present a complex attack surface in that one in four companies surveyed suffered a mobile or Internet of Things data breach. And this goes over some of the top breaches for 2021, really an eye-opener and just something to educate yourself with and become more familiar. What I think is really critical as we head into the New Year so check that out as well in the link down below. [00:08:44][32.3]

[00:08:45] And one vulnerability you probably heard a lot about is Log4J. Snyk has actually upped their test limits on their free plan. They think it's going to help you. So this means that any developer, no matter the company or the project, can now use the sneak open to find and fix log for Shell because it's now doubled the number of free tests it allows. So just great resource to know about. So definitely once again, check it out. [00:09:08][22.8]

[00:09:09] For leaks of everything of value we covered in this news episode. Head on over to the links and the first comment down below. And why are you there? Make sure to check out our awesome sponsor Applitools if you've never used them. This is a great time to get on board in 2022 to learn how visual validation particular testing to a whole nother level using a free account that they offer. Leveraging visual AI. So definitely check that out by creating a free account now in that link down below. It really helps the show as well. [00:09:37][28.3]

[00:09:37] So that's it. For this episode of the Test Guild new show, I'm Joe and my Mission to help you succeed in creating e2e full-stack pipeline automation awesomeness. As always, test everything and keep the good – Cheers! [00:09:37][0.0]


Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
A person is speaking into a microphone on the "TestGuild News Show" with topics including weekly DevOps, automation, performance, and security testing. "Breaking News" is highlighted at the bottom.

AI for Test Coverage, Why Playwright is Slow, Crowdstrike and more! TGNS129

Posted on 07/22/2024

About This Episode: Do you know how much of real production usage your ...

Mark Creamer TestGuild Automation Feature

AI’s Role in Test Automation and Collaboration with Mark Creamer

Posted on 07/21/2024

About This Episode: In this episode, host Joe Colantonio sits down with Mark ...

Javier Alejandro Re TestGuild DevOps Toolchain

Building a Real World DevOps Pipeline with Javier Alejandro Re

Posted on 07/17/2024

About this DevOps Toolchain Episode: Today, we have a special treat for all ...