Pre-Release Checklist for Regression Testing

[techmore]

Pre-Release Checklist for NmapUI

This checklist covers all major functionalities of the NmapUI application to prevent regressions. Run through this before each release to ensure core features work correctly. Focus on critical user paths and edge cases.

🔍 Core Scanning Features

• Quick Scan: Perform a quick scan (nmap -sn) and verify host discovery results appear in real-time
• ARP Scan: Run ARP scan and confirm MAC addresses and vendor information display correctly
• Deep Scan: Execute comprehensive scan with service detection and CVE lookup
• Scan Cancellation: Start a scan, then cancel it mid-process - verify clean termination
• Invalid Targets: Test scanning with invalid IP ranges/networks - ensure proper error messages
• Real-time Updates: Confirm Socket.IO updates work (progress feedback, result streaming)
• Scan Results Table: Verify table populates with correct data (IP, MAC, Vendor, Hostname, Services, CVEs)

📊 Report Generation & Export

• PDF Report Generation: Generate comprehensive report and verify PDF downloads correctly
• HTML Report: Check HTML report opens in new tab with proper formatting
• XML Output: Ensure XML files are created and contain scan data
• Report History: Access historical scans, filter by customer/date, view/download reports
• Customer Assignment: Verify customer fingerprinting works and reports are tagged correctly

🎨 UI/UX & Accessibility

• Responsive Design: Test on different screen sizes (mobile, tablet, desktop)
• Modal Interactions: Open/close all modals (scan config, history, asset details, update)
• Clickable Assets: Click IP addresses, vendor names, services - verify modals/links work
• CVE Links: Click CVE IDs in table - confirm external links open correctly
• Auto-Monitor: Configure auto-scan times, verify "Save and Run Scan" triggers immediate scan
• Table Interactions: Sort columns, pagination, hover effects
• Keyboard Navigation: Tab through interface, Enter/Space for interactions
• Loading States: Check pulsing indicators during scans, progress bars

🔗 Integrations & External Services

• Google Drive Upload: Authenticate and upload reports to Drive
• Customer Database: Verify network fingerprinting and customer identification
• External Links: CVE database links, vendor search links
• API Endpoints: Test /api/scans, /api/report endpoints manually

⚡ Performance & Reliability

• Memory Usage: Run multiple scans, check for memory leaks
• Concurrent Scans: Start multiple scans simultaneously
• Large Networks: Test with large IP ranges (100+ hosts)
• Long-Running Scans: Verify app stability during extended scans (10+ minutes)
• Browser Compatibility: Test in Chrome, Firefox, Safari

🔒 Security & Data Handling

• Input Validation: Test with malicious inputs (SQL injection, XSS attempts)
• File Permissions: Verify report files have correct permissions
• Data Persistence: Check scan history saves correctly across restarts
• Error Boundaries: Trigger various error conditions, ensure graceful handling

🐛 Edge Cases & Error Handling

• Network Disconnection: Test behavior when internet drops during scan
• Nmap Failures: Simulate nmap command failures
• Empty Results: Handle scans with no discovered hosts
• Browser Refresh: Refresh during active scan, verify state recovery
• Multiple Users: Test concurrent access (if applicable)

📝 Release-Specific Checks

• Version Display: Check app version, nmap version, vulners version display
• Update Mechanism: Test auto-update notifications and download process
• Changelog: Verify release notes are accurate and complete
• Dependencies: Confirm all required system tools (nmap, xsltproc, wkhtmltopdf) are present

🧪 Automated Tests (if applicable)

• Unit Tests: Run pytest suite
• Integration Tests: Test API endpoints
• UI Tests: Run Playwright/automated browser tests

Testing Tips:

• Use a test network with known hosts for consistent results
• Test both authenticated and anonymous user flows
• Check browser console for JavaScript errors
• Monitor server logs for backend errors
• Time critical operations to ensure performance hasn't regressed

This checklist should catch most regressions. Start with core scanning features, then move to UI elements, and finally edge cases. If a check fails, investigate the root cause before proceeding with release.