This project includes a comprehensive unit test suite built with Jest to ensure the reliability and correctness of the password generator.
Tests for the secureRandomInt() function that generates cryptographically secure random integers.
Test Coverage:
- ✅ Valid inputs (range checking, edge cases)
- ✅ Invalid inputs (error handling)
- ✅ Distribution analysis (randomness verification)
- ✅ Boundary conditions (0x7FFFFFFF max value)
- ✅ Error handling for negative, zero, and out-of-range values
Key Tests:
- Returns values within the specified range [0, maxExclusive)
- Throws "bad range" error for invalid inputs
- Produces reasonably distributed random values
- Handles maximum allowed value (0x7FFFFFFF)
Tests for the estimateEntropyBits() function that calculates password entropy.
Test Coverage:
- ✅ Correct entropy calculations for various character set sizes
- ✅ Edge cases (length 0, characterSetSize 1, etc.)
- ✅ Common password strength scenarios (weak, moderate, strong, very strong)
- ✅ Proper rounding of results
- ✅ Large number handling
Key Tests:
- Calculates entropy using formula: entropy = length × log₂(characterSetSize)
- Returns rounded integer values
- Correctly classifies password strength levels
- Handles edge cases gracefully
Tests for the generatePassword() function that generates secure passwords.
Test Coverage:
- ✅ Password length validation
- ✅ Character inclusion/exclusion (lowercase, uppercase, digits, symbols)
- ✅ Default parameter handling
- ✅ Look-alike character exclusion option
- ✅ Randomness and uniqueness
- ✅ Error handling (no character sets selected)
- ✅ All character set combinations
- ✅ Mixed parameter configurations
Key Tests:
- Generates passwords with correct specified length
- Includes only selected character types
- Excludes unselected character types
- Throws error when no character sets are selected
- Produces unique passwords on successive calls
- Handles default parameters correctly
- Ensures at least one character from each selected set
Install dependencies:
npm installRun all tests:
npm testRun tests in watch mode (re-run on file changes):
npm run test:watchRun tests with coverage report:
npm run test:coverage- Total Test Cases: 80+
- Test Files: 3
- Modules Tested: 3 (cryptoRandom, entropy, generate)
- Coverage Areas: Input validation, edge cases, randomness, error handling, real-world scenarios
secureRandomInt(100) // Returns random value: 0-99
secureRandomInt(1) // Always returns: 0
secureRandomInt(0) // Throws: "bad range"estimateEntropyBits(12, 62) // Returns: 71 bits (moderate)
estimateEntropyBits(32, 94) // Returns: 190+ bits (very strong)generatePassword({
length: 16,
lowerCase: true,
upperCase: true,
digits: true,
symbols: false
})
// Returns: "aB3cDefG7hIjKlMn"
generatePassword({ length: 8 }) // Uses all defaults
// Returns: "AbC1deFg"The test suite follows these principles:
- Comprehensive Coverage - Tests cover normal cases, edge cases, and error conditions
- Randomness Validation - Verifies that random functions produce appropriately distributed outputs
- Security Focus - Ensures no weak implementations or security regressions
- User Scenarios - Includes real-world password strength classifications
- Error Handling - Validates proper error throwing and messages
- Uniqueness - Verifies unique passwords are generated
- Deterministic Validation - Tests that respect cryptographic randomness while validating constraints
These tests are designed to run in CI/CD pipelines. All tests should pass before deploying:
npm test -- --coverage --detectOpenHandlesPotential additional tests:
- Performance benchmarks for password generation
- Unicode character support testing
- Custom character set support
- Batch password generation efficiency
- Memory usage under high volume
For more information about the project, see README.md