Skip to content

vib-tools/Tester-Zepto-Pro-open-source-code

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Tester Zepto Pro — authorized Razorpay Test Mode invite automation for Windows

Latest release Source CI CodeQL Downloads Python Platform License

Stars Forks Open issues Regression tests Test Mode only

Tester Zepto Pro

Tester Zepto Pro is an open-source Windows desktop QA automation tool for authorized Razorpay Test Mode invite-flow testing. The packaged executable is named Razorpay (Vib.Tools). It uses Python 3.12, CustomTkinter, Playwright, persistent browser sessions, exact-recipient verification, fail-closed Test Mode checks, bounded Send clicks, structured reports, and deterministic Windows x64 portable builds.

Important

This independent project is intended only for authorized testing in Test Mode. It is not affiliated with, endorsed by, or sponsored by Razorpay. Razorpay and other third-party product names and marks belong to their respective owners.

Why this project exists

Manual invite-flow validation becomes repetitive when QA teams must verify login state, Test Mode visibility, recipient accuracy, browser stability, result reporting, and safe interruption across many synthetic test records. Tester Zepto Pro keeps these checks explicit and blocks Send whenever the safety contract is not satisfied.

Core safety guarantees

  • Fail-closed Test Mode: automation stops if the required Test Mode marker is absent or disappears.
  • Authenticated-session verification: the Test Mode marker and Share entry point must both be visible.
  • Exact recipient enforcement: the email field is cleared, filled, re-read, and compared with the selected record before Send.
  • No hidden recipient: application source contains no hardcoded recipient email literal.
  • Bounded sending: default limit is 50 Send clicks per Start run; configurable range is 1–500.
  • Duplicate-risk protection: uncertain post-click results are never retried automatically.
  • Manual challenge handling: CAPTCHA or security challenges pause the same record; the tool does not bypass them.
  • Protected license cache: Windows builds use current-user DPAPI for cached license data.
  • Formula-injection protection: CSV/XLSX exports neutralize spreadsheet formula prefixes.
  • Persistent evidence: reports, logs, failed rows, and unprocessed rows are retained according to settings.

Features

Area Capability
Desktop UI Dark CustomTkinter interface, task tabs, settings, live reports, logs, progress and counters
Browser automation Playwright Chromium/Chrome, persistent browser per task slot, focus/open/close controls
Data import TXT, CSV, XLS and XLSX email extraction with optional duplicate removal
Login verification Automatic idle verification and explicit Verified/Not Verified task status
Test safety Test Mode checks before each Send, exact email re-read, 50 default / 500 absolute cap
Reliability Navigation and selector retries, bounded backoff, context recycling and checkpointing
Runtime control Start, Pause, Resume, Stop and safe close with remaining-data preservation
Evidence Live report table, CSV/XLSX export, daily logs, failed and unprocessed datasets
Licensing HTTPS validation, strict server booleans, expiry checks, DPAPI cache and periodic revalidation
Build Python 3.12 Windows x64 PyInstaller ONEDIR pipeline with bundled Playwright Chromium

Workflow

Tester Zepto Pro authorized Test Mode workflow

Open Browser → Manual Login → Verify Test Mode + Share UI
             → Import synthetic recipients → Verify exact email
             → Reserve bounded Send click → Confirm new result
             → Record report or fail closed and preserve remaining data

Architecture

CustomTkinter UI
  ├─ LicenseManager / SettingsManager
  ├─ TaskSlotFrame × N
  │    └─ AutomationWorker thread × 1
  │         └─ Playwright browser/context/page
  └─ UI event queue → reports, status, logs and counters

Each worker owns its synchronous Playwright objects for the full browser lifetime. Browser objects do not cross worker-thread boundaries. See Architecture and Internal API.

Requirements

Run from source

  • Windows 10/11 x64
  • CPython 3.12 x64
  • Google Chrome or Playwright Chromium
  • Desktop session with user interaction
  • Authorized access to the configured Test Mode target
  • Access to the configured HTTPS license service

Portable release

The ONEDIR ZIP includes Python and Chromium. No separate Python installation is required. Keep the complete extracted directory together and run it from a user-writable location.

Quick start from source

py -3.12 -m venv .venv
.\.venv\Scripts\python.exe -m pip install --upgrade pip
.\.venv\Scripts\python.exe -m pip install -r requirements.txt
$env:PLAYWRIGHT_BROWSERS_PATH = "0"
.\.venv\Scripts\python.exe -m playwright install chromium
$env:VIB_TOOLS_LICENSE_API_KEY = "YOUR_DEPLOYMENT_API_KEY"
.\.venv\Scripts\python.exe app.py

Never commit a real deployment API key. The deployment API key is different from the end-user license key entered in the application. See License Deployment.

Portable startup

After extracting the Windows release ZIP, either set the deployment environment variable before starting the EXE:

$env:VIB_TOOLS_LICENSE_API_KEY = "YOUR_DEPLOYMENT_API_KEY"
& ".\Razorpay (Vib.Tools).exe"

Or use the included secure prompt launcher:

powershell -ExecutionPolicy Bypass -File ".\Start-TesterZeptoPro.ps1"

The launcher prompts for the deployment key for that process session and does not write it to the repository or portable folder.

Authorized usage

  1. Start the application with the deployment license API key available.
  2. Activate using an authorized end-user license key.
  3. Add a task slot and configure the authorized target URL.
  4. Select Open Browser and complete login manually.
  5. Open the authorized target page in Test Mode.
  6. Wait until the task reports Login Verified.
  7. Load a TXT/CSV/XLS/XLSX file containing synthetic or authorized test recipients.
  8. Confirm Maximum Test Send Limit in Settings.
  9. Start processing and monitor reports and logs.
  10. Export evidence and retain failed/unprocessed records as required.

Build the verified Windows portable package

py -3.12 build.py

The builder creates a clean virtual environment, installs pinned dependencies, runs semantic safety validation and regression tests, installs Chromium, creates the PyInstaller ONEDIR package, smoke-tests the packaged browser and GUI, writes manifests and hashes, and validates the final ZIP CRC. See Build Guide.

Verify the repository

py -3.12 scripts\verify_repository.py

Optional development checks:

py -3.12 -m pip install ruff bandit
ruff check app.py build.py tests scripts
ruff format --check app.py build.py tests scripts
bandit -q -r app.py build.py -ll

Configuration

Runtime settings are stored in AppData/settings.json. Important controls include:

  • authorized_testing_only
  • max_test_send_limit
  • browser/navigation/selector timeouts
  • retry and bounded-backoff controls
  • context recycling thresholds
  • duplicate-row removal
  • failed/unprocessed data retention
  • HTTPS license validation URL and recheck interval

For an alternate writable data location:

$env:VIB_TOOLS_DATA_DIR = "$env:LOCALAPPDATA\VibTools\TesterZeptoPro"

Troubleshooting

Symptom Resolution
HTTP 401: API key is required Provide VIB_TOOLS_LICENSE_API_KEY before starting the application; this is the deployment API key, not the user license key.
Login remains Not Verified Confirm the active page displays both the Test Mode marker and Share entry point.
Automation stops before Send Review the task log for missing Test Mode, email mismatch or run-limit enforcement.
Browser security challenge appears Complete it manually and select Resume; no challenge bypass is implemented.
Reports cannot be written Move the portable folder to a user-writable path or configure VIB_TOOLS_DATA_DIR.
Build fails at host validation Build on Windows x64 with CPython 3.12 x64; cross-compilation is rejected.
SmartScreen shows Unknown Publisher The binary is not code-signed unless the release operator signs it with a trusted certificate.

See Maintenance and Support.

Security

Do not place secrets, credentials, private keys or production recipient data in issues, logs or commits. Use GitHub private vulnerability reporting where available. Read SECURITY.md and Security Model.

Documentation

Release history

Contributing

Read CONTRIBUTING.md, run the full verification gate and preserve backward compatibility. Changes that weaken authorized Test Mode, exact-recipient or bounded-Send controls will not be accepted.

License

Licensed under GNU GPL v3.0 only. See LICENSE and Licensing Analysis.

Official links

Search keywords

Razorpay Test Mode invite tester, Razorpay invite automation, Windows QA automation, Playwright browser automation, Python CustomTkinter desktop app, exact recipient verification, fail-closed automation, PyInstaller portable Windows app, test automation, regression testing.

Acknowledgements

Built with Python, CustomTkinter, Playwright, pandas, Requests, Pillow, psutil, openpyxl, xlrd, defusedxml and PyInstaller.

About

Open-source Windows desktop QA tool for authorized Razorpay Test Mode invite-flow testing with Playwright, exact-recipient verification, fail-closed safety controls, reports, and portable x64 builds.

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

2 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors

Languages