Quality and Safety

Vorliq Testing

Vorliq uses layered testing so blockchain rules, backend APIs, frontend behavior, mobile export readiness, SDK calls, deployment scripts, and real browser routes are checked from different angles.

Test Layers

Read-Only Production E2E

The Playwright suite intentionally does not claim faucet funds, mine production blocks, create posts, submit peer community requests, create proposals, spend treasury funds, or use a real admin token. It checks public routes, layout, navigation, non-destructive page states, and safe API responses only.

Run Locally

cd blockchain
python -m pytest tests/ -v

cd ../backend
npm test

cd ../frontend
npm test -- --watchAll=false
npm run build

cd ../sdk
npm run build

cd ../e2e
npm install
npx playwright install chromium
npm run e2e
npm run e2e:ci

node ../tools/check_readiness.js https://vorliq.org --allow-warning

Set E2E_BASE_URL to test another deployed environment. The default is https://vorliq.org.

Linux/macOS developers can run the same core checks from the repository root after making the scripts executable:

chmod +x scripts/*.sh
./scripts/test-blockchain.sh
./scripts/test-backend.sh
./scripts/test-frontend.sh
./scripts/build-frontend.sh
./scripts/check-readiness.sh

The readiness wrapper checks the local backend by default. These wrappers are local-development tools and do not deploy or mutate production services. Windows developers can continue using the underlying commands shown above.

Readiness Gate

The public readiness endpoint at /api/readiness returns a score from 0 to 100 and an overall status of pass, warning, or fail. A critical failure forces fail. High failures heavily reduce the score. The CLI exits with 0 on pass, 1 on warning unless --allow-warning is supplied, and 2 on fail.

The readiness report is public-safe. It should never include private keys, admin tokens, raw logs, raw user agents, IP addresses, full server paths, or environment dumps.

Playwright Coverage

The browser suite covers public web routes, mobile and desktop overflow checks, mobile drawer behavior, desktop More menu behavior, footer social icon buttons, top logo visibility, Dashboard background guardrails, onboarding skip, theme toggle, wallet safety copy, faucet/mine read-only states, invalid transaction and block detail routes, forum search safety, registry summary, health sections, and safe API smoke endpoints.

Failure screenshots, traces, and the HTML report are generated as artifacts and are not committed to the repository.

CI

GitHub Actions runs blockchain, backend, frontend, and read-only Playwright E2E checks. Deployment only proceeds after the CI workflow succeeds. The production deployment workflow performs server-side health, backup, incident, heartbeat, deployment checks, then runs the public readiness gate with warnings allowed but failures blocked.