- Ensure all environment variables are set in
.env - Database migrations are up to date
- API server is running:
npm run dev - Frontend is running:
cd apps/web && npm run dev
- Navigate to http://localhost:3000
- Click "Sign Up" and create a new account
- Verify email confirmation works
- Log in with new credentials
- Expected: Redirected to dashboard with user profile visible
- Go to Settings → API Keys
- Create a new API key with description
- Copy the key (shown only once)
- Test the key with curl:
curl -H "X-API-Key: YOUR_KEY" http://localhost:3001/api/v1/health - Expected: Returns health status with authenticated user info
- Navigate to Billing page
- View available plans (Free, Pro, Enterprise)
- Select "Upgrade to Pro"
- Enter test card:
4242 4242 4242 4242 - Expected: Subscription activated, features unlocked
- Perform a code analysis
- Navigate to Usage page
- Expected: See token usage, API calls, and costs
- As a free user, exhaust monthly quota
- Attempt another scan
- Expected: Prompted to pay for single scan
- Complete payment
- Expected: Scan proceeds successfully
- Run the initialization script:
npx ts-node src/test-scripts/initialize-deepwiki-models.ts
- Expected: Models discovered and stored
- Analyze a repository
- Check logs for model selection
- Expected: See "Selected model for repository" with reasoning
- Perform multiple analyses on same repository
- Check second analysis
- Expected: Faster analysis using cached context
- Navigate to PR Analysis page
- Enter a GitHub PR URL (e.g.,
https://github.com/owner/repo/pull/123) - Click "Analyze"
- Expected:
- Progress indicators show each stage
- Analysis completes within 2-3 minutes
- Report shows security, quality, and performance insights
- Use the test endpoint:
curl -X POST http://localhost:3001/api/v1/analysis/mock-pr \ -H "Content-Type: application/json" \ -d '{"prUrl": "https://github.com/test/repo/pull/1"}'
- Expected: Returns mock analysis results immediately
- Complete a PR analysis
- Click "Download Report"
- Expected: Professional HTML report with:
- Executive summary
- Detailed findings by category
- Code snippets with issues highlighted
- Recommendations
- Note the report ID from URL
- Log out and log back in
- Navigate to Reports history
- Expected: Previous reports accessible
- Analyze a complex repository
- Monitor logs for agent interactions
- Expected: See messages like:
- "Security agent found X vulnerabilities"
- "Code Quality agent identified Y issues"
- "Performance agent detected Z bottlenecks"
- Temporarily set invalid API key for primary model
- Run analysis
- Expected: Falls back to secondary model
- Check logs for "Falling back to model X"
- Make 100+ API calls rapidly
- Expected: 429 error with retry-after header
- Try to analyze non-existent repository
- Expected: Clear error message "Repository not found"
- Analyze repository >1GB
- Expected: Warning about size, option to proceed
- Start 3 analyses simultaneously
- Expected: All complete successfully
- Check queue status in monitoring
- Analyze same PR twice
- Expected: Second analysis 50%+ faster
- Try using API key from different IP
- Expected: Works (no IP restriction by default)
- Try repository URL with SQL in it:
https://github.com/test/repo'; DROP TABLE users;-- - Expected: Safely handled, no database errors
- Create PR with
<script>alert('XSS')</script>in title - View in reports
- Expected: Script not executed, displayed as text
npx ts-node src/test-scripts/test-system-health.tsExpected: All components show "PASSED" except known issues
-- Run in Supabase SQL editor
SELECT table_name FROM information_schema.tables
WHERE table_schema = 'public'
ORDER BY table_name;Expected: See all required tables including:
- users
- user_profiles
- user_billing
- organizations
- repositories
- analysis_reports
- analysis_chunks (for vector DB)
-- Run this if deepwiki_configurations table doesn't exist
CREATE TABLE IF NOT EXISTS public.deepwiki_configurations (
id TEXT PRIMARY KEY,
config_type TEXT NOT NULL CHECK (config_type IN ('global', 'repository')),
repository_url TEXT,
primary_model TEXT NOT NULL,
fallback_model TEXT NOT NULL,
config_data JSONB NOT NULL,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
UNIQUE(config_type, repository_url)
);
-- Create index for repository lookups
CREATE INDEX idx_deepwiki_repo_url ON deepwiki_configurations(repository_url)
WHERE config_type = 'repository';- Authentication flow works end-to-end
- API keys can be created and used
- Billing integration processes payments
- Usage tracking accurately records activity
- PR analysis completes successfully
- Reports generate with correct data
- Vector DB stores and retrieves context
- DeepWiki model selection works
- Error handling is user-friendly
- Performance meets expectations
-
"Table does not exist" errors
- Run database migrations
- Check Supabase connection
-
"API key invalid" errors
- Verify OPENROUTER_API_KEY in .env
- Check key hasn't expired
-
"Billing failed" errors
- Ensure Stripe keys are set
- Use test mode keys for testing
-
Slow analysis performance
- Check API rate limits
- Verify model availability
- Monitor token usage
# Run all tests
npm test
# Run specific test suites
npm test -- auth
npm test -- billing
npm test -- vector-db
# Run integration tests
npm run test:integration
# Run E2E tests
npm run test:e2e- API Logs:
tail -f logs/api.log - Database Queries: Enable query logging in Supabase
- Network Traffic: Use browser DevTools
- Performance: Use
npm run monitor
All manual tests should pass with:
- No unhandled errors
- Response times <3s for UI actions
- Analysis completion <5 minutes
- Clear error messages for failures
- Consistent behavior across runs