Add system tests

[wknapik]

We could run tests with the entire (optionally ASANified) browser.

We could use Selenium/Puppeteer/etc. to have the browser access pages, execute actions with the mouse and keyboard, etc. Those pages could include old/new exploits, or have generated content (along with generated events) to fuzz the browser, or just check for expected behavior which shouldn't change.

We could test cases like:

• Crashes on startup, or after some actions
  • Covering at least the most popular combinations of settings
• Correct auto update behavior
• Behavior on SIGKILL (is any data lost? is the session restored on restart?)
• Hardware events (resources running out (e.g. disk space), devices being plugged in/out, etc.)
• Network events (connections/disconnections, vpn changes, etc.)
• UI operations (dragging tabs/tab groups, etc.)
• Correct operation with different containment options (snap, flatpak, etc.)
• Correct functioning of extensions, like Snowflake
• Verification with fingerprinting websites (regular/private/tor), etc.
• Webcompat tests for top X sites

[wknapik]

cc @bsclifton, @kdenhartog, @iefremov, @goodov

Just some ideas. Wdyt?

[kdenhartog]

For me I was thinking more low level, so fuzzing very specific functions like wallet transaction parsers. It seems being able to do this at a higher level could be useful and achievable just as easily with fuzzing the JS APIs rather than particular C++ functions.

[wknapik]

@kdenhartog yeah, we should fuzz at a lower level, for sure. This would just introduce the highest level in addition to whatever else we do. Figured I'd tag you, given your interest in fuzzing.

[bsclifton]

We can use puppeteer for doing this - one example @pes10k and I hashed out a while back:
https://github.com/brave-experiments/brave-twitter-tip-tester