Daily Test Coverage ImproverResearch and Plan

[github-actions]

Test Coverage Research Summary

I've analyzed the repository to understand the current state of test coverage and develop a systematic improvement plan.

Repository Overview

Technology Stack:

• Frontend: Vanilla JavaScript, TypeScript, React components with Vite build system
• Backend: Python with FastAPI
• Testing Frameworks: Vitest (JS/TS), pytest (Python)
• Focus Area: Enterprise compliance (GDPR, accessibility, audit trails)

Current Test Coverage State

Existing Test Files:

1. tests/ContactForm.test.tsx - Comprehensive (185 lines) - React component with accessibility, validation, form submission, error handling
2. tests/unit/emailValidation.test.ts - Partial - Email validation tests
3. tests/unit/test_validation.py - Minimal (16 lines) - Basic Python validation tests
4. tests/integration/test_api_endpoints.py - Basic (20 lines) - Simple API endpoint tests
5. tests/test_contact_handler.py - Exists but may have issues

Source Files Needing Coverage:

• src/utils/validation.ts - Comprehensive validation utilities (217 lines)
• src/api/contact.ts - API client with GDPR compliance (261 lines)
• server/contact_handler.py - Complex GDPR-compliant form handler (363 lines)
• backend/api/users.py - FastAPI user endpoints (17 lines)
• main.js - Application entry point with event handling
• src/components/ContactForm.tsx - React form component

Test Organization Standards

Directory Structure:

tests/
├── unit/                    # Unit tests for individual functions/classes
│   ├── *.test.ts           # TypeScript unit tests
│   └── test_*.py           # Python unit tests
├── integration/             # Integration tests for API/system interactions
│   └── test_*.py
└── *.test.tsx              # Component tests

Naming Conventions:

• JavaScript/TypeScript: *.test.ts, *.test.tsx
• Python: test_*.py
• Place tests near what they test conceptually (unit vs integration vs component)

Commands for Testing

Build and Test Commands:

# Install dependencies
npm install
pip install pytest pytest-cov coverage fastapi httpx requests

# Build project
npm run build

# Run JavaScript/TypeScript tests with coverage
npm run test:coverage

# Run Python tests with coverage
python -m pytest tests/ --cov=server --cov=backend --cov-report=html:coverage/python --cov-report=json

# Generate combined coverage report
# (automated in .github/actions/daily-test-improver/coverage-steps/action.yml)

Coverage Improvement Strategy

Phase 3 Priorities (High-Impact Areas):

1. Python Backend Coverage (Critical Gap)

   • server/contact_handler.py - Complex compliance logic needs thorough testing
     • Rate limiting (check_rate_limit)
     • Data validation (ContactFormData.validate)
     • CSRF token validation
     • Audit logging (AuditLogger)
     • Data retention policies (DataRetentionManager)
     • GDPR handlers (handle_data_export_request, handle_data_deletion_request)
   • backend/api/users.py - Basic endpoints need comprehensive tests

2. JavaScript/TypeScript Utilities (Medium Gap)

   • src/utils/validation.ts - Many functions partially tested
     • RateLimiter class
     • validatePhoneNumber
     • validateURL
     • hashSensitiveData
     • generateSecureToken
     • DataRetentionManager class
   • src/api/contact.ts - Complex API logic needs testing
     • submitContactForm with mocking
     • logAuditEvent
     • exportUserData
     • deleteUserData

3. Main Application Logic

   • main.js - Event handlers, user interactions, GDPR consent flows

4. Edge Cases & Error Handling

   • Security validation edge cases
   • Error scenarios in API calls
   • Concurrent request handling
   • Data retention policy edge cases

Testing Approach:

• Unit Tests: Test individual functions in isolation with mocks
• Integration Tests: Test API endpoints with TestClient
• Security Tests: Validate XSS prevention, CSRF protection, input sanitization
• Compliance Tests: Verify GDPR data handling, audit logging, retention policies
• Accessibility Tests: Ensure WCAG compliance (forms, error messages, ARIA attributes)

Opportunities for Major Coverage Gains

1. Security & Validation Module: src/utils/validation.ts has extensive untested code (rate limiting, data retention, security tokens)
2. Compliance Handler: server/contact_handler.py contains critical business logic that needs comprehensive testing
3. API Layer: Both src/api/contact.ts and backend/api/users.py lack thorough integration tests
4. Error Handling: Many error paths are untested across all modules

Questions for Maintainers

1. Coverage Targets: What minimum coverage percentage should we aim for (e.g., 80% overall, 90% for critical security code)?
2. Test Data: Should we create test fixtures for common scenarios (sample form data, mock API responses)?
3. Python Validation Module: The test file tests/unit/test_validation.py imports from src.utils.validation but I don't see a Python module at that path - should this be testing TypeScript validation instead?
4. CI Integration: Should coverage reports fail the build if coverage drops below a threshold?

---

How to Control this Workflow

You can manage this workflow using the following commands:

# Disable the workflow
gh aw disable daily-test-improver --repo microsoftgbb/corporate-website

# Enable the workflow
gh aw enable daily-test-improver --repo microsoftgbb/corporate-website

# Run the workflow on demand with multiple iterations
gh aw run daily-test-improver --repo microsoftgbb/corporate-website --repeat (number-of-repeats)

# View workflow logs
gh aw logs daily-test-improver --repo microsoftgbb/corporate-website

You can also add comments to this discussion to provide feedback or request adjustments to the plan.

---

What Happens Next

• Next Run (Phase 2): The workflow will analyze the codebase to create/validate the coverage steps configuration in .github/actions/daily-test-improver/coverage-steps/action.yml
• After Phase 2: Phase 3 will begin on subsequent runs to implement actual test coverage improvements based on this plan
• Repeat Mode: If running with --repeat, the workflow will automatically proceed through phases without waiting
• Human Review: You can review this research and add comments before the workflow continues to Phase 2

---

Note: This was intended to be a discussion, but discussions could not be created due to permissions issues. This issue was created as a fallback.

AI generated by Daily Test Coverage Improver

To add this workflow in your repository, run gh aw add githubnext/agentics/workflows/daily-test-improver.md@e43596e069e74a65cd7d93315091672d278c2642. See usage guide.

• expires on Mar 5, 2026, 9:27 AM UTC