— intelligent edge cases
Tests your team forgot to write
Null inputs, injection payloads, oversized bodies, race conditions, Unicode chaos — generated and ready to drop in.
Null & Undefined
Jest
createInvoice handles null line items
test('createInvoice rejects null lineItems', async () => {
await expect(createInvoice({ lineItems: null }))
.rejects.toThrow(/lineItems must be an array/);
});Injection
Jest
Login resists SQL injection in email field
test("login is safe against SQLi payloads", async () => {
const res = await api.post('/login', {
email: "' OR 1=1 --",
password: 'x',
});
expect(res.status).toBe(401);
});Oversized Payload
Pytest
Upload rejects > 25MB body
def test_upload_rejects_oversized(client):
big = b"a" * (26 * 1024 * 1024)
r = client.post("/upload", data=big)
assert r.status_code == 413Unicode
Jest
Username accepts emoji & RTL combining marks
test('username supports emoji + RTL', () => {
expect(validateUsername('شيرين🌸')).toBe(true);
expect(validateUsername('a\u0301'.repeat(50))).toBe(false);
});Race Condition
Jest
Concurrent charge attempts settle once
test('double-submit charges only once', async () => {
const [a, b] = await Promise.all([
charge(order), charge(order),
]);
expect([a.ok, b.ok].filter(Boolean)).toHaveLength(1);
});Auth
Postman
Expired JWT is rejected
pm.test("expired token -> 401", () => {
pm.response.to.have.status(401);
pm.expect(pm.response.json().error).to.eql("token_expired");
});Malformed JSON
Pytest
Webhook returns 400 on broken JSON
def test_webhook_bad_json(client):
r = client.post("/webhook", data="{not json", headers={"Content-Type":"application/json"})
assert r.status_code == 400XSS
Jest
Cart escapes <script> in product name
test('cart escapes script tags', () => {
document.body.innerHTML = render({ name: '<script>x</script>' });
expect(document.querySelector('script')).toBeNull();
});