These are chat archives for Behat/Behat

28th
Oct 2018
Christian Sciberras
@uuf6429
Oct 28 2018 01:37
Hi! Maybe someone might find this useful: https://github.com/uuf6429/behat-breakpoint
Raaghav Srinivasan
@raags90_twitter
Oct 28 2018 23:21

Hi ! I am new to Behat, trying to understand if Behat can be used to write evil stories (https://www.owasp.org/index.php/Agile_Software_Development:_Don%27t_Forget_EVIL_User_Stories) .... has anyone seen this being used to perform security testing ?

Also are there any lessons learned/gotchas you can share as part of getting Behat setup within the SDLC of your organization ? any resource would be helpful. Thanks in advance!

Christian Sciberras
@uuf6429
Oct 28 2018 23:23
They look like regular stories to me. You just need a different set of step definitions.
Raaghav Srinivasan
@raags90_twitter
Oct 28 2018 23:29
thanks ! fair point, was curious to see if anyone has taken this approach for security and has come across any issues/challenges... does integrating behat into the sdlc involve any code level changes on the application code base in order to support the tests ? or is it something which can be done standalone ?
Christian Sciberras
@uuf6429
Oct 28 2018 23:31
If someone develops a context to provide your steps, then you don't need any code. But this is unlikely, especially in this case.
Behat doesn't provide navigation, for example. It's provided by mink instead.
Raaghav Srinivasan
@raags90_twitter
Oct 28 2018 23:44

I am not sure what you meant by "if someone develops a context" , if I understand correctly - with Behat, looks like that the functions need to annotated with the patterns ( @when etc..)... so is it fair to say that before I can start using behat, I need to manually annotate the existing functions in my code base which I tend to use as part of my scenario ?

Behat uses php-doc annotations to bind patterns to FeatureContext methods: