Testing & QA
How we prove Unphish works — the end-to-end pipeline, parity matrix, UAT, release gates, and RBAC tests.
For QA engineers, release managers, and staff doing UAT — how a change earns the word "tested."
Video uploads in progress
Tutorial recordings are still uploading and transcoding, so the players below are placeholders for now. The outlines are final — videos will appear here automatically once processing completes.
The end-to-end pipeline
6:00Client to threat feed to case to enforcement, run start to finish against the qa_v1_parity seed.
The v1 parity matrix
4:15The 20-epic, 102-row truth table tracking every v1 capability and its v2 disposition, and how signoff works.
Staff UAT process
3:40The user-acceptance test corpus harvested from staff workbooks and mapped onto the parity matrix.
Release gates
3:25What must be green — lint, typecheck, route smoke, build — before a change promotes to staging or production.
RBAC and tenancy matrix
4:00Every org-type by role cell tested with a real seeded principal, and the excluded-client negative control.
Real cookies, not bypasses
3:10Why P0 rows run through a real session cookie instead of DEV_AUTH_BYPASS, and source-state assertions.