Skip to main content

Testing and release

References: patient-portal-requirements-doc.md §7, TRACEABILITY_MATRIX.md, ARCHITECTURE_BASELINE.md testing hooks if applicable.

1. Test pyramid

LayerScope
UnitPure validators, formatters, i18n helpers, URL builders
IntegrationAPI client with mocked fetch; auth token injection
E2EMaestro, Detox, or Appium: login (mock IdP in CI), book flow, RTL snapshot

2. Critical E2E paths

Mirror patient-portal-requirements-doc.md §7:

  • Search → provider → book (happy path + 409 conflict).
  • Results list → detail; emit or verify client-side analytics only if non-PHI.
  • Demographics update pending state.
  • RTL layout smoke on one screen per locale.
  • Push tap → correct screen (mock).

3. Security and regression

  • IDOR: automated tests MUST NOT access other patients’ data with swapped IDs—align with TRACEABILITY_MATRIX.md negative tests.
  • Token refresh: force access token expiry in tests.

4. Store release checklist (high level)

  • Privacy policy URL and support contact in store listing.
  • Data collection disclosure matches actual SDKs (analytics, crash).
  • Screenshots for LTR and RTL locales where stores allow.
  • No PHI in store metadata or screenshots.

5. CI

  • Lint + typecheck on every PR; E2E on main or nightly if too slow.
  • Align coverage thresholds with repo TESTING_STANDARDS.md when the app package exists.