Releases: Endava/cats
Releases · Endava/cats
7.0.2
Release Notes:
- Introduce the ability to create
refData
files using theCustomFuzzer
CustomFuzzer
andSecurityFuzzer
files can be now run using thecats run
command- Make large
Fuzzers
skip matching response Schema - Add 6 new Emoji
Fuzzers
for headers - Make DELETE request work by caching POST results and matching with DELETE identifiers
- Fix for strings generated with
validateAndSanitize
strategy to maintain size - Add new ZalgoText
Fuzzers
- Fix issue in native images when parsing Swagger 2.0 specs
- Improve Scenario text for some
Fuzzers
- Export summary report in JSON format as
cats-summary-report.json
- Add option
--output
to change the folder where the CATS report is written - Disable ANSI formatting when
NO_COLOR
environment variable is set
7.0.1
Release Notes:
- Native binaries are now fully working
- Improve help styling using ANSI codes
- Introduce alternative string generator for cases when the current one was failing
- Fix issue when CATS was sending duplicate headers when header present both in contract and headers file
- You can now use CustomFuzzer to replace variables in a refData template
- Fix bug when payloads were not generated for each oneOf combination when --useExamnples=false
- Introduce the ability to supply
--contentType
which is useful for content negociation replay
command now support proxy and additional auth options- Fix NPE when tests were not supplied for the
replay
command - Introduce support for response code ranges #20
- Introduce support for readOnly and writeOnly fields #19
cats-7.0.0
Release Notes:
CATS
is now migrated toQuarkus
. This brings the ability to have native binaries for Linux and Mac OS, so no need for Java to be installed- Another benefit from migration to
Quarkus
is thatCATS
is now faster - With the hep of
PicoCli
,CATS
is more command line friendly and offers the typical functionalities offered by any other command line tool: short arguments, autocomplete in bash and zsh, help, etc. - Add the ability to reference environment variables in headers and refData files
- Add the ability to set the size of strings used by the
VeryLargeXXX
fuzzers - Add new arguments to ignore undocumented response code and response body checks
- Add
--blackbox
mode as a shortcut to--ignoreResponseCodes="2xx,4xx"
[Edit]
The native binaries will be available in 7.0.1 as the current versions had some issues caused by the native-image compilation.
Use java -jar cats.jar
instead of cats
.
v6.1.0
Release Notes:
- Add
connectionTimeout, readTimeout and writeTimeout
as arguments - Add possibility to refer request fields in customFuzzer files using
request#
- Introduce ability to
--dryRun
in order to see how many tests will get generated for each path - Fix issue caused by oneOf selecting between 2 primitive schemas
- Change default value for
maxReqPerMinute
to 10000 - Make default min 5 when no left boundary provided for String schemas
- Add a new column in report with the warn/error result reason
- Include 404 as a special result reason category: CATS will report them as
error
in order to encourage providing business context - Fix for #17
- Remove
--reportingLevel
argument as it was redundant and extend--log
to pick up multiple packages - Add the possibility to ignore specific http response codes using
--ignoreResponseCodes
. This will ignore WARNs and ERRORs reported when those codes are returned and mark them as successful - Restrict printing execution statistics to summary only by default and add
--printExecutionStatistics=detailed
for details - Introduce the possibility to replay specific tests by supplying a json test case output from CATS. Use
./cats.jar replay --tests=...
- Add the possibility to also supply
--help
,-h
and--version
,-v
for help and version - Make ControlChars, Whitespaces and Emojis fuzzer not being enabled by default. Use
--includeEmojis
,--includeWhitespaces
and--includeControlChars
to include them
v6.0.6
v6.0.5
v6.0.4
v6.0.3
v6.0.2
Release Notes:
- Add new category of Fuzzers focused on sending single code point Emojis
- Add a new argument for setting the
--sanitizationStrategy
. This is used when sending ControlChars and Emojis inside valid values - Add a new argument for setting the
--httpMethods
to be fuzzed. You can exclude methods which you don't want to be fuzzed - Enable CATS to also perform Http DELETE operations
httpMethod
is now mandatory for theCustomFuzzer
andSecurityFuzzer
- Improve documentation
v6.0.1
Release Notes:
- Fix
NonRestHttpMethodsFuzzer
that was not running successful for all cases - Add possibility to skip specific fields from being fuzzed by Replacement Fuzzers
- Invisible Chars Fuzzers (Whitespaces and ControChars) are now running also for
GET
- Generate Base64 encoded strings when dealing with
byte
format