DEV Community: Rahul Gehlot The latest articles on DEV Community by Rahul Gehlot (@rahulgehlot). https://dev.to/rahulgehlot https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3343440%2Ff6766fa3-6f0f-47e0-b523-69a57bba960b.jpg DEV Community: Rahul Gehlot https://dev.to/rahulgehlot en Why I Wrote 475 Tests for a Desktop Accounting App Rahul Gehlot Sun, 24 May 2026 08:46:13 +0000 https://dev.to/rahulgehlot/why-i-wrote-475-tests-for-a-desktop-accounting-app-4laj https://dev.to/rahulgehlot/why-i-wrote-475-tests-for-a-desktop-accounting-app-4laj <blockquote> <p><em>When the books are wrong, the app doesn't crash. It just lies to you. That's what makes testing financial software different.</em></p> </blockquote> <h2> The Hook: Silent Bugs </h2> <p>Most bugs make noise. The app crashes. The button doesn't work. The text is misaligned. You <em>know</em> something is wrong.</p> <p>Financial bugs don't make noise. They whisper.</p> <p>A sale disappears from the UI. The customer balance still shows ₹500. The shop owner shrugs — "probably a display glitch." Months later, the books don't reconcile. The auditor asks questions. Trust erodes.</p> <p>This is the nightmare that keeps me up at night. And it's why <strong>Hisaab Pro</strong> — a desktop accounting app for small Indian businesses — has 475 tests.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3uiu1tqi3pfnrrx3adxl.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3uiu1tqi3pfnrrx3adxl.png" alt=" " width="800" height="418"></a><br> <em>SCREENSHOT 1 — Hisaab Pro Dashboard</em></p> <h2> The App — Three Lines </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Layer</th> <th>Technology</th> </tr> </thead> <tbody> <tr> <td><strong>Runtime</strong></td> <td>Node.js + Express</td> </tr> <tr> <td><strong>Database</strong></td> <td>SQLite (AES-256 encrypted, one file per financial year)</td> </tr> <tr> <td><strong>Frontend</strong></td> <td>Vanilla JavaScript — no frameworks</td> </tr> <tr> <td><strong>Deployment</strong></td> <td>USB stick. Double-click <code>start.bat</code>. No installation, no cloud, no internet.</td> </tr> </tbody> </table></div> <p>Ramesh runs a hardware store in Jaipur. He's 54. He doesn't know what a database is. His nephew set this up on a USB drive — he plugs it in, clicks a button, and expects the ₹50,000 in his cash account to be exactly what his customers have actually paid him.</p> <p>He shouldn't need to know that SQLite transactions exist. He shouldn't need to audit his own books. He should be able to delete a mistaken sale and trust the balance updates correctly.</p> <p>The tests are the invisible guarantee between Ramesh and his money.</p> <p>If the power goes out, the database needs to survive. If someone yanks the USB mid-write, the books must still balance. No excuses. No "we'll fix it in the next release."</p> <h2> The Bug That Made Me Paranoid </h2> <h3> Ghost Balances After Deletion </h3> <p>Here's what used to happen:</p> <p>A shop owner creates a sale for a customer — ₹5,000 on credit. The system records it: debit the customer account, credit the sales account. Double-entry. Balanced. Correct.</p> <p>A week later, the customer returns the goods. The shop owner deletes the sale. The sale disappears from the UI.</p> <p>But the customer's balance still shows ₹5,000.</p> <p>Here's the entire delete function:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// File: server/modules/sales/sales.service.js (original, line ~186)</span> <span class="kd">function</span> <span class="nf">deleteSale</span><span class="p">(</span><span class="nx">id</span><span class="p">,</span> <span class="nx">isDecoy</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">stmt</span> <span class="o">=</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">UPDATE sales SET is_deleted = 1, updated_at = datetime(</span><span class="se">\'</span><span class="s1">now</span><span class="se">\'</span><span class="s1">, </span><span class="se">\'</span><span class="s1">localtime</span><span class="se">\'</span><span class="s1">) WHERE id = ? AND is_decoy = ?</span><span class="dl">'</span><span class="p">);</span> <span class="nx">stmt</span><span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="nx">id</span><span class="p">,</span> <span class="nx">isDecoy</span> <span class="p">?</span> <span class="mi">1</span> <span class="p">:</span> <span class="mi">0</span><span class="p">);</span> <span class="nx">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Sales</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Sale deleted: ID </span><span class="dl">'</span> <span class="o">+</span> <span class="nx">id</span> <span class="o">+</span> <span class="p">(</span><span class="nx">isDecoy</span> <span class="p">?</span> <span class="dl">'</span><span class="s1"> [DECOY]</span><span class="dl">'</span> <span class="p">:</span> <span class="dl">''</span><span class="p">));</span> <span class="k">return</span> <span class="kc">true</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p><em>CODE SNIPPET 1 — The buggy delete (before fix)</em></p> <p>One line. The sale was "deleted" — but the customer's account balance was never rolled back. The associated ledger entries were still active. The cash account was still inflated.</p> <p>The sale looked gone. The money trail was still there. Phantom data.</p> <p>Here's the fix:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// File: server/modules/sales/sales.service.js (lines 441–487)</span> <span class="kd">function</span> <span class="nf">deleteSale</span><span class="p">(</span><span class="nx">id</span><span class="p">,</span> <span class="nx">isDecoy</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">sale</span> <span class="o">=</span> <span class="nf">getSaleById</span><span class="p">(</span><span class="nx">id</span><span class="p">,</span> <span class="nx">isDecoy</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">sale</span><span class="p">)</span> <span class="k">return</span> <span class="kc">false</span><span class="p">;</span> <span class="kd">var</span> <span class="nx">transaction</span> <span class="o">=</span> <span class="nx">db</span><span class="p">.</span><span class="nf">transaction</span><span class="p">(</span><span class="kd">function</span><span class="p">()</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">deletedInvoiceNo</span> <span class="o">=</span> <span class="nx">sale</span><span class="p">.</span><span class="nx">invoice_no</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">-DEL-</span><span class="dl">'</span> <span class="o">+</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">UPDATE sales SET is_deleted = 1, invoice_no = ?, updated_at = datetime(</span><span class="se">\'</span><span class="s1">now</span><span class="se">\'</span><span class="s1">, </span><span class="se">\'</span><span class="s1">localtime</span><span class="se">\'</span><span class="s1">) WHERE id = ?</span><span class="dl">'</span><span class="p">)</span> <span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="nx">deletedInvoiceNo</span><span class="p">,</span> <span class="nx">id</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">sale</span><span class="p">.</span><span class="nx">customer_account_id</span><span class="p">)</span> <span class="p">{</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">UPDATE accounts SET current_balance = current_balance - ?, updated_at = datetime(</span><span class="se">\'</span><span class="s1">now</span><span class="se">\'</span><span class="s1">, </span><span class="se">\'</span><span class="s1">localtime</span><span class="se">\'</span><span class="s1">) WHERE id = ?</span><span class="dl">'</span><span class="p">)</span> <span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="nx">sale</span><span class="p">.</span><span class="nx">total</span><span class="p">,</span> <span class="nx">sale</span><span class="p">.</span><span class="nx">customer_account_id</span><span class="p">);</span> <span class="p">}</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">UPDATE transactions SET is_deleted = 1 WHERE linked_sale_id = ?</span><span class="dl">'</span><span class="p">).</span><span class="nf">run</span><span class="p">(</span><span class="nx">id</span><span class="p">);</span> <span class="kd">var</span> <span class="nx">payments</span> <span class="o">=</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">SELECT * FROM payments WHERE sale_id = ? AND is_decoy = ? AND is_deleted = 0</span><span class="dl">'</span><span class="p">).</span><span class="nf">all</span><span class="p">(</span><span class="nx">id</span><span class="p">,</span> <span class="nx">isDecoy</span> <span class="p">?</span> <span class="mi">1</span> <span class="p">:</span> <span class="mi">0</span><span class="p">);</span> <span class="nx">payments</span><span class="p">.</span><span class="nf">forEach</span><span class="p">(</span><span class="kd">function</span><span class="p">(</span><span class="nx">payment</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">assetAccount</span> <span class="o">=</span> <span class="nx">payment</span><span class="p">.</span><span class="nx">mode</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">cash</span><span class="dl">'</span> <span class="p">?</span> <span class="nx">accountsService</span><span class="p">.</span><span class="nf">getDefaultCashAccount</span><span class="p">(</span><span class="nx">isDecoy</span><span class="p">)</span> <span class="p">:</span> <span class="nx">accountsService</span><span class="p">.</span><span class="nf">getDefaultBankAccount</span><span class="p">(</span><span class="nx">isDecoy</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">assetAccount</span><span class="p">)</span> <span class="p">{</span> <span class="kd">var</span> <span class="nx">assetRevert</span> <span class="o">=</span> <span class="nx">payment</span><span class="p">.</span><span class="nx">type</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">in</span><span class="dl">'</span> <span class="p">?</span> <span class="o">-</span><span class="nx">payment</span><span class="p">.</span><span class="nx">amount</span> <span class="p">:</span> <span class="nx">payment</span><span class="p">.</span><span class="nx">amount</span><span class="p">;</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">UPDATE accounts SET current_balance = current_balance + ?, updated_at = datetime(</span><span class="se">\'</span><span class="s1">now</span><span class="se">\'</span><span class="s1">, </span><span class="se">\'</span><span class="s1">localtime</span><span class="se">\'</span><span class="s1">) WHERE id = ?</span><span class="dl">'</span><span class="p">)</span> <span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="nx">assetRevert</span><span class="p">,</span> <span class="nx">assetAccount</span><span class="p">.</span><span class="nx">id</span><span class="p">);</span> <span class="p">}</span> <span class="k">if </span><span class="p">(</span><span class="nx">payment</span><span class="p">.</span><span class="nx">type</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">in</span><span class="dl">'</span> <span class="o">&amp;&amp;</span> <span class="nx">sale</span><span class="p">.</span><span class="nx">id</span><span class="p">)</span> <span class="p">{</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">UPDATE sales SET amount_paid = amount_paid - ?, updated_at = datetime(</span><span class="se">\'</span><span class="s1">now</span><span class="se">\'</span><span class="s1">, </span><span class="se">\'</span><span class="s1">localtime</span><span class="se">\'</span><span class="s1">) WHERE id = ?</span><span class="dl">'</span><span class="p">)</span> <span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="nx">payment</span><span class="p">.</span><span class="nx">amount</span><span class="p">,</span> <span class="nx">sale</span><span class="p">.</span><span class="nx">id</span><span class="p">);</span> <span class="p">}</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">UPDATE payments SET is_deleted = 1 WHERE id = ?</span><span class="dl">'</span><span class="p">).</span><span class="nf">run</span><span class="p">(</span><span class="nx">payment</span><span class="p">.</span><span class="nx">id</span><span class="p">);</span> <span class="p">});</span> <span class="k">return</span> <span class="kc">true</span><span class="p">;</span> <span class="p">});</span> <span class="nf">transaction</span><span class="p">();</span> <span class="nx">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Sales</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Sale deleted: ID </span><span class="dl">'</span> <span class="o">+</span> <span class="nx">id</span> <span class="o">+</span> <span class="p">(</span><span class="nx">isDecoy</span> <span class="p">?</span> <span class="dl">'</span><span class="s1"> [DECOY]</span><span class="dl">'</span> <span class="p">:</span> <span class="dl">''</span><span class="p">));</span> <span class="k">return</span> <span class="kc">true</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p><em>CODE SNIPPET 2 — The full delete with rollback (after fix)</em></p> <p><em>In the old buggy code, querying the account balance after deleting a sale would still show the old amount — the sale was gone from the UI but the money trail persisted in the database. In the current fixed code, the balance correctly rolls back and the ledger shows no trace of the deleted sale.</em></p> <p>This bug lived undetected for weeks. It was invisible — the UI showed nothing wrong. A schema migration had to be written to retroactively fix corrupted data:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="k">UPDATE</span> <span class="n">transactions</span> <span class="k">SET</span> <span class="n">is_deleted</span> <span class="o">=</span> <span class="mi">1</span> <span class="k">WHERE</span> <span class="n">linked_sale_id</span> <span class="k">IN</span> <span class="p">(</span><span class="k">SELECT</span> <span class="n">id</span> <span class="k">FROM</span> <span class="n">sales</span> <span class="k">WHERE</span> <span class="n">is_deleted</span> <span class="o">=</span> <span class="mi">1</span><span class="p">);</span> </code></pre> </div> <p>A single <code>WHERE</code> clause running against production databases. Hoping we found all the ghosts.</p> <h2> The Test That Caught The Next One </h2> <p>After the ghost balance incident, I got paranoid. I wrote this test:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// File: tests/double-entry.test.js (lines 830–887)</span> <span class="c1">// Arrange — create a valid sale first to establish baseline</span> <span class="kd">const</span> <span class="nx">saleResponse</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">request</span><span class="p">(</span><span class="nx">app</span><span class="p">)</span> <span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/v1/sales</span><span class="dl">'</span><span class="p">)</span> <span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">Cookie</span><span class="dl">'</span><span class="p">,</span> <span class="nx">cookies</span><span class="p">)</span> <span class="p">.</span><span class="nf">send</span><span class="p">({</span> <span class="na">customer_account_id</span><span class="p">:</span> <span class="nx">testCustomerId</span><span class="p">,</span> <span class="na">total</span><span class="p">:</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">amount_paid</span><span class="p">:</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">date</span><span class="p">:</span> <span class="dl">'</span><span class="s1">2026-04-29</span><span class="dl">'</span> <span class="p">});</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">saleResponse</span><span class="p">.</span><span class="nx">status</span><span class="p">).</span><span class="nf">toBe</span><span class="p">(</span><span class="mi">201</span><span class="p">);</span> <span class="c1">// Count transactions before the bad operation</span> <span class="kd">const</span> <span class="nx">db</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Database</span><span class="p">(</span><span class="nx">TEST_DB_PATH</span><span class="p">);</span> <span class="nx">db</span><span class="p">.</span><span class="nf">pragma</span><span class="p">(</span><span class="s2">`key = '</span><span class="p">${</span><span class="nx">TEST_DB_KEY</span><span class="p">}</span><span class="s2">'`</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">countBefore</span> <span class="o">=</span> <span class="nx">db</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span> <span class="dl">'</span><span class="s1">SELECT COUNT(*) as count FROM transactions WHERE is_deleted = 0</span><span class="dl">'</span> <span class="p">).</span><span class="nf">get</span><span class="p">().</span><span class="nx">count</span><span class="p">;</span> <span class="nx">db</span><span class="p">.</span><span class="nf">close</span><span class="p">();</span> <span class="c1">// Act — try to create a sale with a NEGATIVE amount</span> <span class="c1">// The API should reject this, but will it leave ghost entries?</span> <span class="kd">const</span> <span class="nx">invalidSaleData</span> <span class="o">=</span> <span class="p">{</span> <span class="na">customer_account_id</span><span class="p">:</span> <span class="nx">testCustomerId</span><span class="p">,</span> <span class="na">total</span><span class="p">:</span> <span class="o">-</span><span class="mi">500</span><span class="p">,</span> <span class="na">amount_paid</span><span class="p">:</span> <span class="o">-</span><span class="mi">500</span><span class="p">,</span> <span class="na">date</span><span class="p">:</span> <span class="dl">'</span><span class="s1">2026-04-29</span><span class="dl">'</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">failResponse</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">request</span><span class="p">(</span><span class="nx">app</span><span class="p">)</span> <span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/v1/sales</span><span class="dl">'</span><span class="p">)</span> <span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">Cookie</span><span class="dl">'</span><span class="p">,</span> <span class="nx">cookies</span><span class="p">)</span> <span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="nx">invalidSaleData</span><span class="p">);</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">failResponse</span><span class="p">.</span><span class="nx">status</span><span class="p">).</span><span class="nf">toBe</span><span class="p">(</span><span class="mi">400</span><span class="p">);</span> <span class="c1">// Assert — verify the transaction count is EXACTLY the same</span> <span class="c1">// If even ONE extra row exists, the books are now corrupted</span> <span class="kd">const</span> <span class="nx">db2</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Database</span><span class="p">(</span><span class="nx">TEST_DB_PATH</span><span class="p">);</span> <span class="nx">db2</span><span class="p">.</span><span class="nf">pragma</span><span class="p">(</span><span class="s2">`key = '</span><span class="p">${</span><span class="nx">TEST_DB_KEY</span><span class="p">}</span><span class="s2">'`</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">countAfter</span> <span class="o">=</span> <span class="nx">db2</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span> <span class="dl">'</span><span class="s1">SELECT COUNT(*) as count FROM transactions WHERE is_deleted = 0</span><span class="dl">'</span> <span class="p">).</span><span class="nf">get</span><span class="p">().</span><span class="nx">count</span><span class="p">;</span> <span class="nx">db2</span><span class="p">.</span><span class="nf">close</span><span class="p">();</span> <span class="c1">// THIS is the assertion that matters</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">countAfter</span><span class="p">).</span><span class="nf">toBe</span><span class="p">(</span><span class="nx">countBefore</span><span class="p">);</span> </code></pre> </div> <p><em>CODE SNIPPET 3 — The partial commit test (centerpiece)</em></p> <p>Notice what this test does differently. It doesn't just check the HTTP response (status 400). It opens a <strong>separate database connection</strong> and queries the raw transaction count.</p> <p>Why? Because the API could return an error while still having committed partial data. And that's exactly what was happening.</p> <p>The test caught it on the first run: <code>countAfter</code> was <code>countBefore + 1</code>. The <code>sales</code> table insert was rolled back, but the <code>transactions</code> insert had already executed. The books were silently off by one orphaned row.</p> <p><em>The test runner would show <code>expected 5, received 6</code> in red on <code>expect(countAfter).toBe(countBefore)</code> — the moment of discovery. Six words revealing a corrupted database that the API considered "successful."</em></p> <p>Six words are the difference between "everything is fine" and "your books are wrong":<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nf">expect</span><span class="p">(</span><span class="nx">countAfter</span><span class="p">).</span><span class="nf">toBe</span><span class="p">(</span><span class="nx">countBefore</span><span class="p">);</span> </code></pre> </div> <h2> The Bug You Can't Manually Reproduce </h2> <h3> Crash-While-Writing (The SIGKILL Bug) </h3> <p>A power outage mid-sale. The user yanks the USB. <code>taskkill /F</code> on the wrong process.</p> <p>Without WAL (Write-Ahead Logging) mode + explicit transactions, the first database write persists but the second doesn't. Partial data. Corrupted books.</p> <p>You can't manually reproduce this — you'd need to SIGKILL at the exact nanosecond between two INSERTs. The test does it deterministically:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// File: tests/crash-simulation.test.js (lines 228–258)</span> <span class="nf">test</span><span class="p">(</span><span class="dl">'</span><span class="s1">partial writes should not persist after crash</span><span class="dl">'</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">let</span> <span class="nx">writeCount</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">mockStmt</span> <span class="o">=</span> <span class="p">{</span> <span class="na">run</span><span class="p">:</span> <span class="nx">jest</span><span class="p">.</span><span class="nf">fn</span><span class="p">().</span><span class="nf">mockImplementation</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">writeCount</span><span class="o">++</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="nx">writeCount</span> <span class="o">===</span> <span class="mi">2</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">SIGKILL: Process terminated during second write</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="p">{</span> <span class="na">changes</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="na">lastInsertRowid</span><span class="p">:</span> <span class="nx">writeCount</span> <span class="p">};</span> <span class="p">})</span> <span class="p">};</span> <span class="nx">mockDb</span><span class="p">.</span><span class="nx">prepare</span><span class="p">.</span><span class="nf">mockReturnValue</span><span class="p">(</span><span class="nx">mockStmt</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">transactionFn</span> <span class="o">=</span> <span class="nx">mockDb</span><span class="p">.</span><span class="nf">transaction</span><span class="p">(</span><span class="kd">function</span><span class="p">()</span> <span class="p">{</span> <span class="nx">mockDb</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">INSERT INTO sales (total) VALUES (?)</span><span class="dl">'</span><span class="p">).</span><span class="nf">run</span><span class="p">(</span><span class="mi">1000</span><span class="p">);</span> <span class="nx">mockDb</span><span class="p">.</span><span class="nf">prepare</span><span class="p">(</span><span class="dl">'</span><span class="s1">INSERT INTO transactions (amount) VALUES (?)</span><span class="dl">'</span><span class="p">).</span><span class="nf">run</span><span class="p">(</span><span class="mi">1000</span><span class="p">);</span> <span class="p">});</span> <span class="nf">expect</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">transactionFn</span><span class="p">();</span> <span class="p">}).</span><span class="nf">toThrow</span><span class="p">(</span><span class="dl">'</span><span class="s1">SIGKILL: Process terminated during second write</span><span class="dl">'</span><span class="p">);</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">writeCount</span><span class="p">).</span><span class="nf">toBe</span><span class="p">(</span><span class="mi">2</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p><em>CODE SNIPPET 4 — Crash simulation test</em></p> <p>Every connection now enforces <code>PRAGMA journal_mode = WAL</code>. Every multi-step operation wraps in <code>db.transaction()</code>. If the process dies mid-write, the database is unmodified.</p> <p>This is the kind of bug that only exists in theory until it happens to a real user at 2 AM during a thunderstorm. You can't test it by clicking around. You can only test it by writing code that simulates the impossible.</p> <h3> A Dozen More — Other Things Tests Caught </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Bug</th> <th>What was wrong</th> </tr> </thead> <tbody> <tr> <td><strong>Invoice number reuse</strong></td> <td>Deleting INV-05 freed its number; the next sale reused it. Audit trail had gaps — a tax auditor's red flag. Fix: rename deleted invoices to <code>INV-05-DEL-{timestamp}</code> </td> </tr> <tr> <td><strong>Silent 500s</strong></td> <td>Half the API endpoints returned empty <code>{}</code> on error. Users saw blank screens. Some endpoints even leaked SQL syntax and column names in error messages.</td> </tr> <tr> <td><strong>Hardcoded encryption key</strong></td> <td>If <code>config.json</code> was missing the <code>database_key</code>, the app silently used <code>'hisaab-pro-default-key-2026'</code> — a string in public source code. Anyone could decrypt any database.</td> </tr> <tr> <td><strong>Duplicate payroll</strong></td> <td>Calling <code>generatePayroll()</code> twice for the same staff+month created two salary payments. Cash debited twice. No error.</td> </tr> <tr> <td><strong>Account balance drift</strong></td> <td>Updating a sale amount only changed the <code>sales</code> table. The customer's <code>current_balance</code> wasn't re-synced. Balances drifted over time.</td> </tr> </tbody> </table></div> <p>Every single one of these was invisible in the UI. Every single one would have corrupted real financial data. Every single one was caught by a test before a user ever saw it.</p> <h2> How 475 Tests Are Organized </h2> <p><em>Purpose: The payoff. Scannable proof of the headline number.</em></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fksepgphu22wjxulh1plv.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fksepgphu22wjxulh1plv.png" alt=" " width="441" height="103"></a><br> <em>SCREENSHOT 2 — Terminal: "Tests: 2 skipped, 473 passed, 475 total" in green</em></p> <p>I test in layers, not categories:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Layer</th> <th>Tests</th> <th>What They Verify</th> </tr> </thead> <tbody> <tr> <td><strong>Accounting integrity</strong></td> <td>~130</td> <td>Double-entry (debit = credit), ledger balance, trial balance = 0</td> </tr> <tr> <td><strong>Data safety</strong></td> <td>~110</td> <td>WAL mode, atomic rollback, crash recovery, backup/restore</td> </tr> <tr> <td><strong>Business constraints</strong></td> <td>~55</td> <td>No duplicate payroll, FK enforcement, no negative amounts</td> </tr> <tr> <td><strong>Input validation</strong></td> <td>~55</td> <td>Zod schemas — bad dates, negative values, XSS attempts</td> </tr> <tr> <td><strong>USB reliability</strong></td> <td>~85</td> <td>Cross-PC compatibility, drive letter changes, unsafe removal</td> </tr> <tr> <td><strong>Error handling</strong></td> <td>~45</td> <td>No silent failures, no empty errors, sanitized messages</td> </tr> </tbody> </table></div> <p>Every test file begins with the same block:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// File: tests/double-entry.test.js (lines 1–22)</span> <span class="cm">/** * Double-Entry Enforcement Tests — Hisaab Pro * * Acceptance Criteria: * 1. Every transaction MUST create balanced journal entries (debit = credit) * 2. Failed transactions must not create partial ledger entries * 3. Updated transactions must maintain balance (old deleted, new balanced) * 4. Multiple transactions each maintain independent double-entry * * Following AAA Pattern: Arrange → Act → Assert */</span> </code></pre> </div> <p><em>CODE SNIPPET 5 — Acceptance criteria header from test files</em></p> <p>This header forces me to articulate <em>why</em> the test exists before I write a single line of code. It's not about coverage percentages. It's about guarantees.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9dzx4m2f1vqzlxospoqc.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9dzx4m2f1vqzlxospoqc.png" alt=" " width="782" height="711"></a><br> <em>SCREENSHOT 3 — VS Code test explorer showing all 20 test files with their describe blocks</em></p> <h2> What Surprised Me </h2> <h3> 1. The test taught me how the system worked — not the other way around </h3> <p>I assumed I'd write the code first, then write tests to verify it. Instead, I'd write a test for a scenario I <em>thought</em> was handled, watch it fail, and discover behavior I didn't know existed. The partial commit bug was uncovered this way — I wrote the test expecting the API to reject negative amounts cleanly. The test showed me the API <em>did</em> reject it, but the database was already corrupted. The test knew the system better than I did.</p> <p>Now I write the test first whenever I touch financial logic. Not for TDD purity — because the test reveals assumptions I didn't know I was making.</p> <h3> 2. The most dangerous code is the simplest code </h3> <p>The one-line <code>UPDATE sales SET is_deleted = 1</code> that caused the ghost balance bug? It looked correct. It <em>was</em> correct — at doing the one thing it said. The problem was everything it <em>didn't</em> say. It didn't mention customer balances. It didn't mention linked transactions. It didn't mention payments. The code was simple because it was incomplete.</p> <p>I've started reading simple functions with suspicion now. Simple often means "doesn't account for the other five things that need to happen."</p> <h3> 3. You can't audit your way to confidence </h3> <p>Before the test suite, I audited. I'd manually check a few records after a change. "Looks good." But manual audit is sampling — you check five records and assume the other thousand are fine. The ghost balance bug affected <em>every</em> deleted sale going back weeks. A manual audit might have caught it on the third check, or the thirtieth, or never.</p> <p>The test doesn't sample. The test checks every transaction, every time, in 0.3 seconds.</p> <h3> 4. Normal testing assumptions don't apply here </h3> <p>A typical web app test asks: <em>"Does the button render?"</em> or <em>"Does the API return 200?"</em> These are questions about features.</p> <p>Financial software needs a different set of questions:</p> <ul> <li><em>"If the database write succeeds halfway through and fails halfway through, what state is the data in?"</em></li> <li><em>"If the user deletes a record they shouldn't have been able to delete, what else breaks?"</em></li> <li><em>"If the process is killed at exactly the wrong moment, does the recovery path work?"</em></li> <li><em>"If everything goes right but the output is quietly wrong, will anyone notice?"</em></li> </ul> <p>The first set is about functionality. The second set is about trust. An accounting app can survive a missing feature. It cannot survive broken trust.</p> <h2> The Numbers </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Metric</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>Test files</td> <td>20</td> </tr> <tr> <td>Total tests (<code>test()</code> + <code>it()</code> blocks)</td> <td>475</td> </tr> <tr> <td>Lines of test code</td> <td>~13,800</td> </tr> <tr> <td>Lines of application code</td> <td>~15,000</td> </tr> <tr> <td>Test-to-code ratio</td> <td>~0.9:1</td> </tr> <tr> <td>Real data-corruption bugs caught before production</td> <td>4</td> </tr> <tr> <td>Production data corruption incidents since tests</td> <td>0</td> </tr> </tbody> </table></div> <h2> Closing: Tests Are a Product Feature </h2> <p>I don't write tests because I have to. I write them because an accounting app without tests is just a very elaborate way to corrupt financial data with style.</p> <p>Every time I think "this is too simple to break," I think of Ramesh. He doesn't know what a transaction rollback is. He doesn't know what WAL mode does. He plugged in a USB drive and trusted it with his livelihood.</p> <p>The one-line <code>UPDATE</code> would have failed him. The SIGKILL bug would have failed him. The partial commit would have failed him. The duplicate payroll would have failed him.</p> <p>475 tests. 0 data corruption incidents since.</p> <p>He doesn't know the tests exist. That's the point. He doesn't need to.</p> <p><em>Hisaab Pro is open source at <a href="https://github.com/SolarisXD/hisaab-pro" rel="noopener noreferrer">github.com/spelldrake/hisaab-pro</a>. The test suite lives at <code>tests/</code>. 475 tests. Zero bugs in production. That's the point.</em></p> productivity smallbusiness javascript jest