Kajal Panwar

So my name is Kajal, and I am working as a software development team lead in Moby Quick in the Gurgaon location. I'm working in this particular organization from the last 2.5 years. I have overall 8 plus years of work experience. So, my previous company was Iris. And prior to that, I have worked in FIS and Cognizant. I have majorly worked in automation testing, using Selenium and Java language. And currently, when we talk about the back end API automation, I have worked with REST Assured and Java-based frameworks. I have good experience in developing a framework from scratch. In my current organization, my roles and responsibilities are to mentor junior team members. Currently, there are 3 QAs who are working under me. And, yeah. So, this is a brief introduction of myself. I'm looking for the opportunity where I can utilize all my skills and enhance my technical skills or maybe from the leadership perspective as well.

What are the key elements you look for in a bug report from a QA perspective, and how do you okay them? Whenever we do testing, we raise bugs and decide on the severity and priority of each bug. If the severity of a bug is very high, it makes my feature blocked due to that issue. If the severity is very high, it's a blocker for me. The priority depends on the situation. If it's high, my priority is also high, and it can be a blocker to send my feature to production. When there's a bug report from the QA perspective, I look for the priority and severity, which are the two key elements of any issue. Based on their severity and priority, we prioritize the bug fixes. If we have critical deliverables and there are blocker issues, we'll prioritize the bug with high priority and severity for the release. This is how we pick the bug fixes.

How would you structure your Python code to ensure reusability and maintainability? To ensure the maintainability and the reusability of the code, we have many ways. Design patterns are one of the ways to achieve this. We have the Page Object Model (POM) pattern, the Page Factory, and many more design patterns. This creates a very structured and organized framework. For example, in POM, we create page objects of the web element in our classes and maintain them in a structured way. If there are UI changes, we don't need to change the complete code; instead, we change only the object of that particular web element. Reusability can be achieved by creating utility files or a utility class. In this utility class, we can create methods for actions we perform on a particular web element, such as click, navigate, or wait. We can reuse these methods throughout the framework, ensuring reusability of code. When it comes to maintenance, we don't need to change all over the automation framework but in a single file.

When constructing test scripts for automation, how do you manage dependencies between test cases to ensure a reliable test execution sequence? How do you manage dependencies between test cases? Okay, so to ensure dependencies between test cases, we use the testNG framework. It provides notations through which we can maintain the dependencies between the test cases. So if you talk about the testNG framework, we have a "depends on method" which we can use with a test. And, let's say if there are test A and test B, if my test B is dependent on test A's execution, I'll just have to write "test" in brackets, "depends on method" and the method name. So whenever my test A passes, then only my test B will execute. So in this order, we can maintain the dependencies between the test cases in our automation framework, and it also ensures a reliable test execution sequence. This is one way to manage dependencies. There is another one, which is priority. If we want to run all of our test cases in a certain order, we can also prioritize, give the priority to each test, and execute in the sequence based on the priority we have given to the test cases.

Discuss a strategy for implementing continuous testing in a DevOps life cycle, and a role of okay in order to implement continuous testing, we can use Jenkins CICD pipelines. So here, what we can do is integrate our automation code with CICD, and schedule the daily execution. There is a configuration that needs to be done in order to create the Jenkins job. In my current project, I have created a Jenkins job to execute my regression suite and sanity tests on a daily basis. I have scheduled it at a particular time. Daily at 4:30, I run my Jenkins job. It automatically triggers the job if it is scheduled for a certain time period. In this way, using the Jenkins CICD, we can implement continuous testing in the DevOps life cycle.

What process do you follow to ensure comprehensive test coverage improvement? To ensure comprehensive test coverage, we first go through the PRD document whenever there is a new requirement from the product. First of all, there is a grooming session. In the grooming session, we discuss the requirement or feature end to end: what, why we are going live with the feature, what is the requirement of the feature, how and when, everything is discussed. After that, we create the test cases. In parallel, development is going on. We work in an agile environment, so development and testing work in parallel. I create all the test scenarios and test cases, along with test data setups. To ensure test coverage and regression, we have an automation regression suite. We make sure that with the new changes, no existing functionality is hampered. We run the regression suite and sanity suite to ensure everything is working fine. The existing code is working fine. We report bugs whenever there is a blocker or bug found in Jira. These are the basic or key points we make sure of whenever we do testing via manual or automation.

I'm not sure about the parameter which we are passing in the display user profile, it is not correct. But again, I'm not sure about it, so I would like to skip this question. Corrected: I'm not sure about the parameter we're passing in the display user profile; it doesn't seem correct. However, I'm not certain, so I'd like to skip this question.

The singleton design pattern in Java is implemented as follows: This segment of Java code aims to apply the singleton design pattern. There seems to be a potential issue that can prevent it from working as a proper singleton container. A database connected private static instance, null private instance variable is Okay. So in this particular code, we have declared a database connected instance variable as private. Since in the singleton design pattern, the concept itself is that we create a single instance of an object and create a global access point in order to access it throughout from anywhere in the framework. So it should be declared as public. I think the private static database connector in the singleton class which is null, it should be declared as public. If it is declared as private, it won't be accessible. So it should be declared as public and the constructor also it should be declared as public. So this is preventing it from working as the proper singleton. So according to me, this should be changed.

When we approach writing transcripts that are adaptable to change in the application, we consider the design pattern we create in the automation framework. We ensure that it follows the design pattern, which I mentioned earlier. So, if there are any changes on the application interface, we just need to update the XPath or the web element we have declared in the page object class. I think using the proper, accurate design pattern, we can manage this kind of situation whenever there are changes in the application UI.

You would apply for the migration testing to ensure critical operations are functional post migration. I think whenever there is a migration, if we are migrating something from one system to another system, so the type of testing needs to be done. Like, we should do performance load testing because we are migrating from one system to another. So all regression and sanity testing needs to be done. So methodology-wise, if you talk about this, it's more like an agile kind of methodology that we can apply.

What is your approach to automating security testing, especially for mobile applications? Security testing is majorly done while logging into any application or if there are any kinds of payment happening, like if we are doing any transaction or we are logging into any system. There should be a mechanism to check, for instance, if there is an app based on a user journey, like MobiQuick or Paytm. We can ensure we can check the device ID for the first time and if the user tries to log in with any other device, it can be a fraudulent activity. We also have OAuth authentication like OAuth 1.0 and OAuth 2.0, and having OAuth 2.0, which is the latest, can help with security testing. Whatever password we apply on a field, it should be alphanumeric and strong enough not to be leaked or hacked. These are the basic things we can do to do security testing for mobile applications.