Skip to content

Releases: Endava/cats

7.0.2

16 Jan 18:31
Compare
Choose a tag to compare

Release Notes:

  • Introduce the ability to create refData files using the CustomFuzzer
  • CustomFuzzer and SecurityFuzzer files can be now run using the cats run command
  • Make large Fuzzers skip matching response Schema
  • Add 6 new Emoji Fuzzers for headers
  • Make DELETE request work by caching POST results and matching with DELETE identifiers
  • Fix for strings generated with validateAndSanitize strategy to maintain size
  • Add new ZalgoText Fuzzers
  • Fix issue in native images when parsing Swagger 2.0 specs
  • Improve Scenario text for some Fuzzers
  • Export summary report in JSON format as cats-summary-report.json
  • Add option --output to change the folder where the CATS report is written
  • Disable ANSI formatting when NO_COLOR environment variable is set

7.0.1

18 Dec 19:35
Compare
Choose a tag to compare

Release Notes:

  • Native binaries are now fully working
  • Improve help styling using ANSI codes
  • Introduce alternative string generator for cases when the current one was failing
  • Fix issue when CATS was sending duplicate headers when header present both in contract and headers file
  • You can now use CustomFuzzer to replace variables in a refData template
  • Fix bug when payloads were not generated for each oneOf combination when --useExamnples=false
  • Introduce the ability to supply --contentType which is useful for content negociation
  • replay command now support proxy and additional auth options
  • Fix NPE when tests were not supplied for the replay command
  • Introduce support for response code ranges #20
  • Introduce support for readOnly and writeOnly fields #19

cats-7.0.0

07 Dec 21:35
Compare
Choose a tag to compare

Release Notes:

  • CATS is now migrated to Quarkus. This brings the ability to have native binaries for Linux and Mac OS, so no need for Java to be installed
  • Another benefit from migration to Quarkus is that CATS is now faster
  • With the hep of PicoCli, CATS is more command line friendly and offers the typical functionalities offered by any other command line tool: short arguments, autocomplete in bash and zsh, help, etc.
  • Add the ability to reference environment variables in headers and refData files
  • Add the ability to set the size of strings used by the VeryLargeXXX fuzzers
  • Add new arguments to ignore undocumented response code and response body checks
  • Add --blackbox mode as a shortcut to --ignoreResponseCodes="2xx,4xx"

[Edit]
The native binaries will be available in 7.0.1 as the current versions had some issues caused by the native-image compilation.

Use java -jar cats.jar instead of cats.

v6.1.0

20 Nov 20:31
Compare
Choose a tag to compare

Release Notes:

  • Add connectionTimeout, readTimeout and writeTimeout as arguments
  • Add possibility to refer request fields in customFuzzer files using request#
  • Introduce ability to --dryRun in order to see how many tests will get generated for each path
  • Fix issue caused by oneOf selecting between 2 primitive schemas
  • Change default value for maxReqPerMinute to 10000
  • Make default min 5 when no left boundary provided for String schemas
  • Add a new column in report with the warn/error result reason
  • Include 404 as a special result reason category: CATS will report them as error in order to encourage providing business context
  • Fix for #17
  • Remove --reportingLevel argument as it was redundant and extend --log to pick up multiple packages
  • Add the possibility to ignore specific http response codes using --ignoreResponseCodes. This will ignore WARNs and ERRORs reported when those codes are returned and mark them as successful
  • Restrict printing execution statistics to summary only by default and add --printExecutionStatistics=detailed for details
  • Introduce the possibility to replay specific tests by supplying a json test case output from CATS. Use ./cats.jar replay --tests=...
  • Add the possibility to also supply --help, -h and --version, -v for help and version
  • Make ControlChars, Whitespaces and Emojis fuzzer not being enabled by default. Use --includeEmojis, --includeWhitespaces and --includeControlChars to include them

v6.0.6

21 Oct 17:24
Compare
Choose a tag to compare

Release notes:

  • update to Java 11
  • fix for #16
  • remove config from console out when running helper commands
  • bold fuzzer name and test id in console
  • add CATS version information inside the final report

v6.0.5

30 Aug 06:17
Compare
Choose a tag to compare

Release Notes:

  • Fix for #15
  • Fix for #14
  • Fix for #8
  • Proper implemented #13
  • Introduce ability to limit number of transactions per minute using --maxRequestsPerMinute
  • Add new Fuzzers for multi code point Emojis

v6.0.4

23 Jul 06:08
Compare
Choose a tag to compare

Release Notes:

  • Fix for #10
  • Change default pattern when no pattern supplied to also generate zero-width whitespaces

v6.0.3

21 Jul 13:10
Compare
Choose a tag to compare

Release Notes:

  • Fix NPE reported under #8
  • Add logic to handle cases when maxLength is equal to 2^31-1, reported under #11
  • Print note when fuzzers are skipped due to requests not having any fields

v6.0.2

25 Jun 18:40
Compare
Choose a tag to compare

Release Notes:

  • Add new category of Fuzzers focused on sending single code point Emojis
  • Add a new argument for setting the --sanitizationStrategy. This is used when sending ControlChars and Emojis inside valid values
  • Add a new argument for setting the --httpMethods to be fuzzed. You can exclude methods which you don't want to be fuzzed
  • Enable CATS to also perform Http DELETE operations
  • httpMethod is now mandatory for the CustomFuzzer and SecurityFuzzer
  • Improve documentation

v6.0.1

09 Jun 18:22
Compare
Choose a tag to compare

Release Notes:

  • Fix NonRestHttpMethodsFuzzer that was not running successful for all cases
  • Add possibility to skip specific fields from being fuzzed by Replacement Fuzzers
  • Invisible Chars Fuzzers (Whitespaces and ControChars) are now running also for GET
  • Generate Base64 encoded strings when dealing with byte format