How to Test Apps Built with Bolt.new

Bolt.new just built you a full-stack app in 20 minutes. It looks right. The preview works. You're about to share the URL.

Before you do: have you actually tested it?

Not "does it load" — that's not a test. Have you verified that the critical paths work, that your data persists correctly, that the forms validate what they should, that the user flows your product depends on are reliable?

Bolt generates functional code quickly. It does not generate tested code. Those are different things.

What Bolt.new Gets Right (and Doesn't)

Bolt's live preview is impressive — it's your actual running app, not a static mockup. You can click around, submit forms, and see real behavior as you build.

But Bolt's preview is manual exploration, not testing. It has no memory between sessions. It doesn't run your critical flows automatically. It doesn't tell you when something that worked yesterday broke today.

Known failure patterns in Bolt-generated apps:

Inconsistent validation. Bolt adds form validation when you ask for it explicitly. If you didn't ask, the form submits whatever the user types — including empty required fields, invalid emails, negative prices.

Silent state bugs. Actions that should update state — "add item to cart", "mark task complete", "increment counter" — sometimes appear to work in the preview but don't persist. The state change shows in the UI, then disappears on refresh.

Authentication gaps. Bolt-generated auth flows often protect the routes it knows about. Routes added in later prompts sometimes skip the auth check.

Design drift causing functional breakage. When you use late-stage prompts to fix styling, Bolt sometimes rewrites component files in ways that break the logic those components contained.

None of these show up as errors. The app still loads. You have to actually exercise the path to find out it's broken.

Step 1: Map Your Critical Paths

Before writing any tests, write down the 5-10 things your app must do correctly. These are your critical paths.

For a simple SaaS app built with Bolt:

• User can sign up with email and password
• User can log in and reach their dashboard
• User can create a [core resource — task, project, record, etc.]
• Created resource persists and appears in the list
• User can edit the resource
• User can delete the resource
• User can log out and is no longer authenticated

Don't test everything. Test the paths that would break your product if they failed.

Step 2: Manual Verification (Do This First)

Walk through each critical path manually, as a new user would.

Don't use your existing test account — it may have state that masks issues. Create a new account each time:

1. Open the app in an incognito window
2. Sign up with a new email
3. Perform each critical action in sequence
4. Note what breaks, what behaves unexpectedly, what's missing

This takes 15-20 minutes. It will find issues. Bolt's token-based generation often gets the happy path right and skips edge cases entirely.

Common issues to look for:

• Required fields that accept empty values
• Error states that don't give the user actionable feedback
• Actions that appear to succeed but don't (no confirmation, state doesn't update)
• Pages that are accessible without auth when they shouldn't be

Step 3: Automated Tests for Critical Paths

Manual verification is a snapshot. Automated tests protect you going forward.

You can write Playwright tests against your Bolt app. Bolt generates standard React/Next.js apps — Playwright works normally against them:

import { test, expect } from '@playwright/test';

test('user can create and see a task', async ({ page }) => {
  // Sign in
  await page.goto('/login');
  await page.fill('[name="email"]', 'test@example.com');
  await page.fill('[name="password"]', 'testpass123');
  await page.click('button[type="submit"]');
  
  // Wait for dashboard
  await page.waitForURL('/dashboard');
  
  // Create task
  await page.click('button:has-text("New Task")');
  await page.fill('[placeholder*="task"]', 'Test task from Playwright');
  await page.click('button:has-text("Create")');
  
  // Verify it appears in list
  await expect(page.locator('text=Test task from Playwright')).toBeVisible();
  
  // Reload and verify persistence
  await page.reload();
  await expect(page.locator('text=Test task from Playwright')).toBeVisible();
});

The persistence check (reload and verify) is the one Bolt apps most commonly fail.

Step 4: Test What Bolt Is Likely to Have Missed

Based on patterns in Bolt-generated apps, pay specific attention to:

Auth boundaries. Test that protected routes actually require auth:

test('dashboard requires authentication', async ({ page }) => {
  // Don't log in
  await page.goto('/dashboard');
  // Should redirect to login
  await expect(page).toHaveURL('/login');
});

test('api routes require authentication', async ({ request }) => {
  const response = await request.get('/api/tasks');
  expect(response.status()).toBe(401);
});

Form validation. Test that invalid inputs are rejected:

test('rejects empty required fields', async ({ page }) => {
  await page.goto('/create');
  // Submit without filling required fields
  await page.click('button[type="submit"]');
  // Should show validation error, not succeed
  await expect(page.locator('.error, [aria-invalid="true"]')).toBeVisible();
  await expect(page).not.toHaveURL('/success');
});

Data persistence. Test that mutations actually persist:

test('deleted item does not reappear', async ({ page }) => {
  // Create item
  await createItem(page, 'Item to delete');
  // Delete it
  await page.click('button[aria-label*="delete"]');
  await page.click('button:has-text("Confirm")');
  // Reload
  await page.reload();
  // Should be gone
  await expect(page.locator('text=Item to delete')).not.toBeVisible();
});

Step 5: Ongoing Monitoring

Bolt apps change. You prompt Bolt to add a feature, it rewrites a component, and something that was working breaks.

Set up monitoring so you know when a critical path breaks — before a user tells you.

HelpMeTest runs your tests on a schedule and alerts you when something fails. Write tests in plain English:

Test: user can create a task
Go to app URL
Log in as test user
Click "New Task"
Fill in task title
Click Create
Verify task appears in list
Reload page
Verify task still appears

Tests run every hour. When Bolt's latest changes break your create flow, you get an alert instead of a user complaint.

Free tier covers 10 tests — enough for all your critical paths. Try HelpMeTest →

The Bolt.new Testing Checklist

After building with Bolt, before sharing the URL:

• Manual walkthrough of all critical paths as a new user (incognito)
• Verify form validation rejects invalid/empty inputs
• Verify all mutations persist after page reload
• Verify auth-protected routes reject unauthenticated requests
• Verify the user can complete the core value flow end-to-end
• Set up automated tests for the top 5 critical paths
• Set up monitoring so you know when future Bolt changes break existing behavior

Bolt built it fast. You're responsible for whether it works.