I used to skip tests.

Not intentionally. But when AI generates a feature in 10 minutes, spending an hour writing tests feels backwards. The feature works. I tested it manually. Ship it.

Then the bugs started. Edge cases I didn’t think to test. Regressions when I changed something else. The “it worked on my machine” problems that only appeared in production.

Now AI writes my tests too. The same tool that generates the feature generates the tests that verify it. Often AI thinks of edge cases I wouldn’t have considered. Empty arrays. Null values. Unicode characters. Concurrent access.

The trick is knowing how to ask.

Why AI-Generated Tests Are Different

When you write tests manually, you test what you thought about. When AI writes tests, it tests what the code does. These aren’t the same thing.

You might forget to test the empty array case. AI sees the code handles arrays and generates tests for empty, one element, many elements.

You might not think about Unicode. AI sees string handling and tests with emoji, special characters, different alphabets.

The limitation: AI also doesn’t know your business logic. It tests what the code does, not what the code should do. You need to guide it.

The Basic Test Generation Prompt

Here’s the prompt that generates useful tests:

Generate comprehensive tests for this code.

Include:
1. Happy path - normal expected usage
2. Edge cases - boundaries, empty inputs, maximum values
3. Error cases - invalid inputs, missing data, failures
4. Security cases - malicious inputs, injection attempts

For each test:
- Clear name describing what's being tested
- Arrange: Set up the test data
- Act: Call the function/endpoint
- Assert: Verify the result

Use [Jest/Vitest/your framework] with TypeScript.
Match the testing patterns in our codebase.

Code to test:
[paste code]

A Real Example

Here’s a function AI generated:

async function transferCard(
  cardId: string,
  fromUserId: string,
  toUserId: string
): Promise<Card> {
  const card = await db.card.findUnique({
    where: { id: cardId }
  });

  if (!card) {
    throw new NotFoundError('Card not found');
  }

  if (card.ownerId !== fromUserId) {
    throw new ForbiddenError('Not your card');
  }

  const recipient = await db.user.findUnique({
    where: { id: toUserId }
  });

  if (!recipient) {
    throw new NotFoundError('Recipient not found');
  }

  return db.card.update({
    where: { id: cardId },
    data: { ownerId: toUserId }
  });
}

Here’s what AI generated for tests:

describe('transferCard', () => {
  // Happy path
  describe('successful transfer', () => {
    it('transfers card to new owner', async () => {
      const card = await createTestCard({ ownerId: 'user-1' });
      await createTestUser({ id: 'user-2' });

      const result = await transferCard(card.id, 'user-1', 'user-2');

      expect(result.ownerId).toBe('user-2');
    });

    it('returns the updated card', async () => {
      const card = await createTestCard({ ownerId: 'user-1' });
      await createTestUser({ id: 'user-2' });

      const result = await transferCard(card.id, 'user-1', 'user-2');

      expect(result.id).toBe(card.id);
      expect(result.name).toBe(card.name);
    });
  });

  // Error cases
  describe('card not found', () => {
    it('throws NotFoundError for non-existent card', async () => {
      await createTestUser({ id: 'user-1' });
      await createTestUser({ id: 'user-2' });

      await expect(
        transferCard('non-existent-id', 'user-1', 'user-2')
      ).rejects.toThrow(NotFoundError);
    });
  });

  describe('authorization', () => {
    it('throws ForbiddenError when user does not own card', async () => {
      const card = await createTestCard({ ownerId: 'user-1' });
      await createTestUser({ id: 'user-2' });
      await createTestUser({ id: 'user-3' });

      await expect(
        transferCard(card.id, 'user-2', 'user-3')
      ).rejects.toThrow(ForbiddenError);
    });
  });

  describe('recipient not found', () => {
    it('throws NotFoundError for non-existent recipient', async () => {
      const card = await createTestCard({ ownerId: 'user-1' });

      await expect(
        transferCard(card.id, 'user-1', 'non-existent-user')
      ).rejects.toThrow(NotFoundError);
    });
  });

  // Edge cases
  describe('edge cases', () => {
    it('handles transfer to self', async () => {
      const card = await createTestCard({ ownerId: 'user-1' });

      const result = await transferCard(card.id, 'user-1', 'user-1');

      expect(result.ownerId).toBe('user-1');
    });

    it('handles cards with special characters in id', async () => {
      const card = await createTestCard({
        id: 'card-with-special-chars-!@#',
        ownerId: 'user-1'
      });
      await createTestUser({ id: 'user-2' });

      const result = await transferCard(card.id, 'user-1', 'user-2');

      expect(result.ownerId).toBe('user-2');
    });
  });

  // Security cases
  describe('security', () => {
    it('prevents SQL injection in cardId', async () => {
      await createTestUser({ id: 'user-1' });
      await createTestUser({ id: 'user-2' });

      await expect(
        transferCard("'; DROP TABLE cards; --", 'user-1', 'user-2')
      ).rejects.toThrow(NotFoundError);
    });

    it('validates user IDs are not empty', async () => {
      const card = await createTestCard({ ownerId: 'user-1' });

      await expect(
        transferCard(card.id, '', 'user-2')
      ).rejects.toThrow();
    });
  });
});

Notice what AI caught: transfer to self, special characters, SQL injection attempts, empty strings. These are edge cases I might not have written manually.

The Edge Case Prompt

When you want AI to dig deeper on edge cases:

For this function, generate edge case tests.

Consider:
- Empty values (null, undefined, '', [], {})
- Boundary values (0, -1, MAX_INT, empty string, very long string)
- Type coercion (string '0' vs number 0)
- Unicode and special characters
- Concurrent access (what if called twice simultaneously?)
- Time-sensitive cases (dates, timeouts, race conditions)
- Resource limits (very large inputs, many iterations)

For each edge case, explain:
1. What condition you're testing
2. Why it might fail
3. The expected behavior

Function:
[paste code]

Integration Test Generation

Unit tests verify functions. Integration tests verify flows:

Generate integration tests for this feature.

The feature: [describe the user flow]

Test the complete flow:
1. Set up: Create necessary data in the database
2. Execute: Call the API endpoints in sequence
3. Verify: Check database state and responses

Include:
- Happy path through the entire flow
- What happens when step 2 fails
- What happens when step 3 fails
- Cleanup between tests

Mock external services, but use real database.

Code:
[paste relevant files]

API Endpoint Tests

For REST APIs, be specific about what to test:

Generate tests for this API endpoint.

Test:
1. Successful response (status code, body shape, data)
2. Authentication (missing token, invalid token, expired token)
3. Authorization (user accessing another user's data)
4. Validation (missing fields, invalid types, out of range)
5. Error responses (proper status codes, error messages)
6. Headers (content-type, CORS, cache-control)

For validation tests, test each field:
- Missing
- Wrong type
- Empty
- Too short/long
- Invalid format

Endpoint:
[paste code]

The Test Pyramid Prompt

Different levels of testing catch different problems:

Create a test plan following the test pyramid:

Unit tests (70%):
- Individual functions in isolation
- Mock all dependencies
- Fast, many of them

Integration tests (20%):
- Multiple components together
- Real database, mocked external services
- Slower, fewer of them

E2E tests (10%):
- Complete user flows
- Real everything
- Slowest, fewest of them

For this feature:
[describe feature]

What should we test at each level?
Generate example tests for each level.

When AI Tests Go Wrong

AI-generated tests have failure modes:

Testing implementation, not behavior:

// Bad: tests that the function calls the database
expect(db.card.findUnique).toHaveBeenCalledWith({ where: { id: '123' } });

// Good: tests that the function returns the right data
expect(result.id).toBe('123');

Tautological tests:

// Bad: test that always passes
it('returns what the function returns', async () => {
  const result = await getCard('123');
  expect(result).toBe(result);
});

Missing assertions:

// Bad: no assertion, test passes even if broken
it('should get card', async () => {
  const result = await getCard('123');
  // no expect!
});

Tell AI to avoid these:

Generate tests that:
- Test behavior, not implementation details
- Have meaningful assertions (not just "toBeDefined")
- Verify the actual result, not just that something was called
- Would fail if the code was broken

Coverage-Focused Generation

When you need to hit coverage targets:

I need 90% test coverage for this file.

Current coverage: [paste coverage report if you have it]

Generate tests that cover:
- All branches (if/else, switch cases, ternary)
- All error paths (catch blocks, throw statements)
- All function parameters used
- All return statements

For each test, comment which lines it covers.

File:
[paste code]

Testing AI Code vs Manual Code

AI code often needs more tests than code you write yourself. Why?

You understand the code you write. You know the edge cases because you thought through them while writing. AI code is a black box. You need tests to understand what it actually does.

My rule: if AI wrote it, it needs twice the test coverage I’d write for my own code.

Test Maintenance

AI generates tests, but you maintain them. Make them maintainable:

Generate tests that are:
- Self-documenting (clear names, obvious purpose)
- Independent (can run in any order)
- Repeatable (same result every time)
- Using test factories for data creation
- Following our existing test patterns

Avoid:
- Shared mutable state between tests
- Sleep/setTimeout for async (use proper async patterns)
- Hardcoded dates (use relative or mocked dates)
- Tests that depend on external services

Existing test pattern example:
[paste an existing test file]

Tomorrow

You’ve generated tests. But who reviews the code? Manual code review is slow. AI can do multiple review passes faster than you can do one.

Tomorrow I’ll show you how to use AI as a code reviewer. Multiple passes, different focuses, comprehensive feedback.

Try This Today

1. Take a function AI generated recently
2. Ask AI to generate tests for it
3. Run the tests
4. See if any fail

Failing tests from AI-generated test suites often reveal bugs in AI-generated code. The same tool that created the bug might write the test that catches it.

That’s not irony. That’s leverage.

Prerequisites

• Cursor installed
• LM Studio installed
• ngrok installed
• A local machine capable of running an LLM

For this guide, we’ll use the model: zai-org/glm-4.6v-flash

Step 1: Install LM Studio

Download and install LM Studio from the official website.
Once installed, launch the application.
https://lmstudio.ai/

Step 2: Download a Model

Inside LM Studio, download the model you want to use.
For this article, we use: zai-org/glm-4.6v-flash
Make sure the download completes successfully before moving on.

Step 3: Install ngrok

Install ngrok on your system.
ngrok allows you to expose your local server to the internet with a public URL.
https://ngrok.com/

If you have Homebrew, you can install ngrok easily

brew install ngrok

Step 4: Set Up ngrok

Complete the ngrok setup by following the instructions on the official ngrok Setup page.
This typically includes:
• Creating an ngrok account
• Authenticating your local installation with an auth token

ngrok config add-authtoken {your_token}

3 Step 5: Start the Local Server in LM Studio

1.Open LM Studio
2.Enable Developer Mode
3.Start the local server

LM Studio will now serve your local LLM using an OpenAI-compatible API.

Step 6: Expose the Local Server with ngrok

Open a terminal and run the following command:

ngrok http 1234

Note: 1234 should match the port used by LM Studio’s local server.
After running the command, ngrok will display a public URL like:
https://yours.ngrok-free.app
Copy this URL — you’ll need it for Cursor.

You'll see something like this

🚪 One gateway for every AI model. Available in early access *now*: https://ngrok.com/r/ai                                                                                                  

Session Status                online                                                                                                                                                        
Account                       your_account (Plan: Free)                                                                                                                         
Version                       3.35.0                                                                                                                                                        
Region                        United States (us)                                                                                                                                            
Latency                       19ms                                                                                                                                                          
Web Interface                 http://127.0.0.1:4040                                                                                                                                         
Forwarding                    https://something.ngrok-free.app -> http://localhost:1234                                                                                                  

Connections                   ttl     opn     rt1     rt5     p50     p90                                                                                                                   
                              7       0       0.00    0.00    6.26    263.91                                                                                                                

HTTP Requests                                                                                                                                                                               
-------------                                                                                                                                                                               

20:10:37.113 EST POST /v1/chat/completions      200 OK                                                                                                                                      
20:06:13.115 EST POST /v1/chat/completions      200 OK                                                                                                                                      
20:04:59.112 EST POST /v1/chat/completions      200 OK                                                                                                                                      
20:04:42.221 EST POST /v1/chat/completions      200 OK                                                                                                                                      
20:03:11.002 EST POST /v1/chat/completions      200 OK                                                                                                                                      
20:03:05.636 EST POST /v1/chat/completions      200 OK                                                                                                                                      
20:02:22.796 EST POST /v1/chat/completions      200 OK   

Step 7: Open Cursor Settings

Launch Cursor and navigate to:

Settings → Models / OpenAI Configuration

Step 8: Configure the OpenAI Base URL

1.Enable OpenAI API Key
2.Enter any placeholder value for the API key
•In this example, we simply use: 1234
3.Paste the ngrok URL into Override OpenAI Base URL
4.Append /v1 to the end of the URL

Your final URL should look like this:

https://yours.ngrok-free.app/v1

Step 9: Add a Custom Model
1. Click Add Custom Model
2. Enter a name for your local LLM Example: GLM4.6-local

⚠️ Windows users:
You must enter the exact model name that LM Studio reports internally.
For this case, zai-org/glm-4.6v-flash

Done! 🎉

That’s it — the setup is complete.

You can now open Cursor Chat, enter a prompt, and send it. Cursor will route the request through ngrok to your local LLM running in LM Studio.

This setup allows you to enjoy Cursor’s powerful coding experience while keeping inference fully local.

Final Thoughts

Using Cursor with a local LLM is a great way to:
• Reduce API costs
• Improve privacy
• Experiment with custom or open-source models

LM Studio and ngrok make the process surprisingly straightforward. Once configured, it feels almost identical to using a hosted OpenAI model — except everything runs on your own machine.

Happy hacking! 🚀

I love people waking up to the importance of APIs. I have to work hard not diminish people’s excitement for each wave of “application” of the value in which APIs deliver. People get very attached to each application wave, because it is what they can see, and it is often what they can see because it is what is being invested in. The web (Facebook). The cloud (AWS). The mobile app (Instagram). The device application (Nest). The artificial Intelligence (Wolfram Alpha/Watson). The bots (Twitter/Slack). The single page app (React). The artificial intelligence (ChatGPT). The agents (Anthropic). People get really excited about the value that APIs bring, and the incremental improvements to the API toolbox (Graphs, Events, Cards, Capabilities, Prompts, etc) that come with wave of investment. For me, I see the pipes behind, and I have been advocating for a balance of the machine-readable and human-readable bits ever since 2010.

There is a lot of excitement about “agents” right now, and without diminishing people’s excitement, I want to point out that “agents” have been part of the web, and the API evolution all along. We all have “user-agents” in our browsers. We spend years doing the work and negotiating around the hypermedia needed to automate agentic activity. We worked to make it easy for “humans” to define the semantics around the data we depend on for automation, to make it easy for the agents to have the information they need around all of our digital resources. I spent a year convincing the top 25 cabinet level agencies to put machine-readable inventory of their public data assets, like Health and Human Services and Commerce–despite having {data.gov](https://data.gov/) for the humans. I’ve had a machine readable index to put into the root of your website or portal for over a decade now—with work to translate your human-readable plans, pricing, rate limits, and licensing into the machine-readable bits that the agents will need to onboard and negotiate with minimal human involvement. I have worked with many SaaS providers on their plans and pricing, only to have their investors deprioritize the automation. This is the API work – to make all of this machine-readable.

Everything we are talking about is out there already. Hypermedia is alive and well and used on numerous platforms. All those “cards” you see on Google search, and all those job postings I am harvesting for Naftiko Signals—those are JSON-LD providing the context needed for bots. Ya’ll are already doing this stuff, but just haven’t prioritized and invested in it across your operations. Mulesoft asked me to craft a API economy market rating system for the bots to understand the quality of images, videos, messages, payments, and other APIs, and they never quite prioritized it, leaving me to just publish it on the blog in search of another investor who had their priorities straight. EVERYTHING being showcased as part of GenAI, RAG, Agents, and the latest hype cycle is already being worked on as part of the existing API economy–they are just A/B testing new vocabulary paradigns. I don’t say this to diminish anyone’s excitement and enthusiasm, I say it to help you see the hype and emotional investment gaslighting that is being pumped into the room around us all. I’m used to it, and I am just looking for new ways to help people see it.

No, API portals weren’t made for humans. They were made for agents and bots. SaaS companies didn’t prioritize REST (real REST), Hypermedia, Semantics, and API design-first—they chose to move fast and break things with the “applications” that are easier to see than the pipes behind the curtain. SaaS providers and investors opted to create walled gardens and not invest in the original vision of the web—because of their investor playbooks. What you are hearing about “agentic” is just the latest wave of financialization of everything around us, creating another set of constructs to bet on and short. When I see folks declare that everything we know in the last financialization construct is rendered meaningless because of the latest finanicalization construct, I know it is true. Because they deem it so, and thus everyone believes. This is why we are investing in agentic at Naftiko, by continuing to do the work on the Web, APIs, and machine and human readable standards across all of the digital resources we’ve all been investing in for years. Because this isn’t a new game, but in a world where everyone is looking for an easy button, and we collectively forget our past, there is a lot of fresh money to be made off each wave of stories and emotion around using new words to describe what already exists.

It all makes phrases like this “Sequoia is telling you the entire distribution layer is being rewritten. The question is whether your product is optimized for human attention or machine parsing. Most are built for the wrong audience.” pretty catchy, and feel like something amazing is afoot. Where for me, this has been business as usually since 2010. It is what Obama brought me to Washington DC in 2013 to do. It is what I do, as described by Tyler Singletary over a decade go, when he wrote - Untangling The Politics of APIs. What Sequoia is doing here with their “agent-led growth” claim, is reshuffling the words we use to describe the technical details as part of the alpha investors shifting the business playbook of the game, which will be dictated by a new set of political rules that are being automated (for good or bad). My goal, as it has always been as the API Evangelist is to make sure I am aware of the interface technology while staying at the edge of the application technology quagmires, staying tuned into the business playbook on the table for the moment, and being as tuned as I can into the politics being played, so that I don’t get played at the technological or business levels like may people do. This is what we are building at Naftiko, to help companies, organizations, institutions, and government agencies sensibly leverage their existing internal and 3rd-party infrastructure to navigate not just this wave, but every future wave confidently–no matter what playbook is on the table.

You can now open Settings > Personalization > Desktop Background, and choose any .webp image as the background. This feature is included in Build 26220.7653 for testers, and it’ll be coming to Windows 11 24H2 or 25H2 machines in the future. It’s not a big deal, but I still find it a nice addition.

.webp, which is typically much smaller than JPG and especially PNG at similar quality, has always been supported on Windows. Windows apps or web browsers can load .webp, but if you pick a background in Settings > Personalization > Background, Windows doesn’t just “show an image.”

Adding WebP here means Windows is now reliably decoding WebP in that wallpaper path, instead of forcing you to convert to PNG/JPG first.

Microsoft has been mulling video formats for your desktop background, but recent builds have no sign of the feature

Microsoft has been internally testing .mp4 or other video formats for Windows 11’s desktop background.

If you set up a video as your wallpaper, it will play automatically in a loop, but it won’t drain your battery as much as third-party apps. For those unaware, there are third-party apps like Lively wallpaper that allow you to achieve the same result as the video below:

Another similar one is WallpaperEngine, which is very popular on Stream, and it simply lets you set a video as a wallpaper. All of these integrations are quite complicated, but Microsoft’s idea seems to be very straightforward, and it will be integrated into Settings > Personalization > Background.

In the above screen, you need Browser photos (yes, it’s not yet renamed), and then you need to choose the video-related file formats, such as .webm, mp4, .m4v, .mov, .wmv, .avi, .mkv, and .webm.

I selected an MP4 file and restarted Explorer.exe, and the video was automatically applied to the desktop.

As you can see in the above demo, Windows plays the short Windows Bloom wallpaper as my desktop background, and it’s in a loop. The Bloom video is not the right video for the background, but if you have something aesthetic with minimal movements, you might really enjoy the video backgrounds.

In our tests, Windows Latest observed that there’s no size limit, so any video could be applied, and we did not notice an increase in resources or power usage, but the catch is that Windows 11’s video wallpaper feature first appeared in preview builds in September, and it’s missing from the recent builds.

Is the Video wallpaper idea canned now? We don’t know, and only time will tell. For now, we’re only getting .webp as a desktop background.

The post Microsoft lets you use .webp images as Windows 11 desktop background, no signs of Video wallpaper yet appeared first on Windows Latest