Stock Price Checker functional tests can easily be faked

Out of curiosity I decided to test how in depth the tests were for the functional tests of the stock price checker project. To do so I simply created five functional tests all aimed at the same endpoint and all calling: assert.isTrue(true, “Testing to see if this works”);
Doing so allowed me to pass the test for “All 5 functional tests passing”

I have a few ideas for possible solutions to this issue:

  1. Have required variable names for the tests
    By requiring the learner to use specific variable names in the functional tests the file could be parsed for the correct tests, this would make it significantly harder for the user to simply fake doing the functional tests.

  2. Duplicate tests on server side
    Implementing the same tests required for the user to develop on the FCC server side would allow the verification to compare what the user’s tests reported to what the server side tests reported. Doing so would allow any mismatches to raise an alarm of some kind.

  3. Continue with current method
    Currently users are required to agree to an Academic Honesty policy. It really wouldn’t be unreasonable to continue with this process and just call out those that do try to pass of faked functional tests as real.

I will leave this version of the project alone in case there is any need to verify how I faked the tests https://replit.com/@MacKeil/boilerplate-project-stockchecker

All in all I just wanted to make sure this was reported at some capacity, and that someone was made aware.

My apologies, it appears I placed this in the wrong thread at first. Thank you @Sky020

No worries about the placement :slightly_smiling_face:

Just to start the conversation:

We are well aware the tests for most/all of the projects can be fooled in the most trivial ways. Whilst we do try to write robust tests, and develop the boilerplates in such a way as to reduce the chance a Camper will do this as their first thought, this is not the aim of the curriculum.

The freeCodeCamp mission is free education. This is accomplished with the freely available resources and tools providing someone with the determination to learn to do just that - learn.

If a Camper goes out of their way to fool a test (cheat), when the instructions/user-stories are clearly against it, then they are likely just shooting themselves in the foot. That is, they are taking a resource given to teach them, and not using it to learn. Personally, I do not care for going out of my way developing content that is cheat-proof - not the point of the content.

As freeCodeCamp is not an accredited institution - the certifications are merely for milestone, and personal gratification - it does not need to provide the assurance to employers and the like that all graduates are qualified for the described position. All we ask is Campers abide by the Academic Honesty Policy they agreed to: https://www.freecodecamp.org/settings/#:~:text=Academic


Lastly, I have not said this to say we will not be bettering the anti-cheatiness of the projects. You are still more than welcome to come up with solutions, and propose them (as you have). Also, feel free to open a PR on the main repo suggesting the changes. Just be aware, that this is in no way a major priority, because all cheaters are doing is cheating themselves.

Hope this clarifies

1 Like

Awesome good to know the stance on this from the Org side. Like I said I just wanted to make sure that this was reported as I have found it’s not uncommon for something to be found but never actually reported. Personally, I think this stance makes sense. There isn’t really a reason to build up too much anti-cheat given the mission of FCC.
Thank you for taking the time to look at what I found!