QR Code Generator’s test suite is built on Vitest 4 and runs entirely in a Node.js environment — no browser or HTTP server required. Tests cover the two Astro API route handlers (Documentation Index
Fetch the complete documentation index at: https://mintlify.com/dadu0699/qr-code/llms.txt
Use this file to discover all available pages before exploring further.
/api/qr/generate and /api/health-check.json) and the shared CORS utility in src/lib/http.ts. Endpoint handlers are imported directly and called with a minimal APIContext mock, keeping tests fast and dependency-free.
Running Tests
Run all tests
Execute the full test suite once and print the results to the terminal:vitest run, which exits after all tests complete — suitable for CI and pre-commit checks.
Generate a coverage report
Run the suite with V8 instrumentation and produce a coverage report:src/lib/** and src/pages/api/**. After the run, Vitest writes the report to the coverage/ directory (excluded from TypeScript compilation and ESLint).
Test Structure
The test files live undertest/ and are organised to mirror the source tree:
test/api/generate.test.ts
Tests the POST /api/qr/generate endpoint and its OPTIONS preflight handler across three describe blocks:
- Validation (9 cases) — Verifies that the handler returns
400for a non-JSON body, a non-object body, a missingurl, a URL over the maximum length (~2 050 characters), a malformed URL, a non-http(s)protocol (ftp://), a non-objectcolorvalue, an invaliddarkhex color, and an invalidlighthex color. - Success (3 cases) — Confirms that a valid request returns a
200response withContent-Type: image/svg+xmland SVG markup, that the default palette includes#000000, and that valid custom hex colors (e.g.#123) are accepted. - OPTIONS preflight (1 case) — Asserts that the preflight responds with
204and setsAccess-Control-Allow-Methods: POST, OPTIONS.
test/api/health-check.test.ts
Tests the health-check endpoint (src/pages/api/health-check.json) with two cases inside a single describe block:
- GET — Expects a
200response withContent-Type: application/jsonand the body{ "response": "Service running smoothly" }. - OPTIONS — Expects a
204preflight response withAccess-Control-Allow-Methods: GET, OPTIONS.
test/lib/http.test.ts
Tests the two exported functions from src/lib/http.ts:
buildCorsHeaders(5 cases) — Checks that the function always setsAccess-Control-Allow-Methods,Access-Control-Allow-Headers,Access-Control-Max-Age, andVary; omitsAccess-Control-Allow-Originfor same-origin requests (noOriginheader); reflects theOriginwhen it appears in theALLOWED_ORIGINSallowlist; omitsAccess-Control-Allow-Originwhen the origin is not allowed; and trims whitespace and ignores empty entries in the allowlist.preflightResponse(1 case) — Asserts that the function returns aResponsewith status204and correctly copies the supplied headers.
Example Test
The snippet below is the core success test fromtest/api/generate.test.ts. It imports the handler directly, builds a minimal APIContext with a real Request object, and asserts on the returned Response — no live server needed:
Cloudflare Workers Stub
Thecloudflare:workers virtual module is provided by the Wrangler runtime at deploy time and exposes the env object that holds bindings such as ALLOWED_ORIGINS. Because Vitest runs in Node.js — where the virtual module does not exist — the import is redirected to a hand-written stub:
resolve.alias config maps the cloudflare:workers specifier to this file:
env object is mutable, individual tests in http.test.ts can set any ALLOWED_ORIGINS value they need without any additional mocking infrastructure.
Coverage
Coverage is collected with the@vitest/coverage-v8 provider, which uses Node.js’s built-in V8 coverage instrumentation — no Babel transforms required. The scope is intentionally limited to application code:
Tests import endpoint handlers directly and invoke them as plain async
functions. The
APIContext argument is satisfied by a minimal cast —
({ request }) as unknown as APIContext — because the handlers only read
context.request. This pattern means there is no HTTP server to start or
shut down, and each test case is fully isolated from the others.