Testing is a vital part of the web development process, with Drupal as with any other platform, though it can often be a step that's easily missed or not given enough attention. At Ashday, we have a number of processes in place to make sure that each our sites are well tested, to minimize the number of bugs the site has.
The first step in the testing process, and one which happens in tandem with the main development of the site is peer review. To build a website, we break down the overall project into smaller components, such as building the site header or adding a search page to the site. Whenever one of our developers completes a task, they mark it as being ready for peer review. Then, another developer will test it and possibly review code. It’s important for another person to test because it can be challenging, after building a feature from the ground up, to look at it as though you were a regular visitor to the site. Peer review gets a second pair of eyes on the feature, from someone who doesn't have perfect knowledge of how it was developed.
Peer review can cover a lot of testing during the development process, but equally important is end-to-end testing. This step happens once most of the site is done, and involves multiple people (ideally not just the development team) testing the site as a whole. This can be helpful to find bugs or potential improvements which weren't found during peer review, and it also tests the interaction between the site's various features. End to end testing is essential to making sure that all the individual parts of the site fit together without any problems.
One key piece of end to end testing is to test in multiple ways because different people often use the same website very differently from each other. It is important, as a tester, to put yourself into other peoples' shoes and try to navigate and use the site in a way you might not normally do so yourself. It's also important to test abnormal use cases, oftentimes intentionally doing things which people aren't likely to do. Entering the code into a form on the website is one example; several common website vulnerabilities can stem from code entered on a site, and it is vital to test such things to ensure that the site is secure.
Another step, which often happens alongside end to end testing, is cross-browser testing. Different web browsers, such as Internet Explorer and Google Chrome, can display the same website in different ways. Sometimes this is just a minor visual difference, but other times certain browsers may have large bugs which other browsers don't. Since we primarily develop websites while using the Chrome and Firefox browsers, it is good to test a range of other browsers during the end to end testing process. Mobile web browsers, used on Android and iOS devices, also get tested at this point. Additionally, there are myriad mail clients to consider when we're building software that generates complex emails. We’ve found BrowserStack (for website testing), Email on Acid (for email testing), and similar tools helpful for this.
These days, of course, automated testing is also often a significant aspect of development workflows. Additionally, Drupal (especially Drupal 8) reduces the amount of testing needed compared to a completely built-from-scratch site thanks to the well-tested code we inherit from the open source community. But even with such things, we can't overlook the importance of real people thoroughly and creatively testing the things we build. By putting the systems we develop through such processes, Ashday can minimize the number of bugs and increase security against malicious use.