# Changelog All notable changes to this project will be documented in this file. ## [0.2.0] - 2023-08-29 ### Features - Make maximum test-case count confugurable - **Save only minimal failing test-case** - Print status code and message when resending result - Add option to specify the results directory - Add option to measure request & response time - Save status of the requests alongside the times - Make results and stats dir configurable - Exit with failure if some test case failed ### Bug Fixes - Generate only valid headers - Stop fuzzer if unable to send request ### Documentation - Include instructions for building containers - Added OpenAPI specification version to README.md - State that --spec flag takes a file as an argument ### Refactor - Rename payload to request - Implement json array and object generation - Implement arbitrary for JSON, headers, path and query parameters - Implement fuzzer payload generation using arbitrary types - Remove unused modules - Remove unneeded clones by using `mem::take` - Restructure cli and add resender subcommand - Implement payload generation for one_of schema kind - Implement payload generation for any_of schema kind - Use prop_map_into instead of prop_map + into in json generation - Implement payload generation for all_of schema kind ### Testing - Add test for generating only valid headers ### Building - Update proptest version ### CI - Update checkout action - Use dtolnay action for rust - Add test job - Add Dockerfile - Add jobs for building and publishing container images - Add job to publish openapi-fuzzer to crates.io - Add ci generated by cargo-dist ### Miscellaneous Tasks - Add changelog ## [0.1.3] - 2021-11-16 ### Building - Update openapiv3 and openapi_utils dependencies ## [0.1.2] - 2021-11-16 ### Features - Use native certificates - Send cookies as headers - Create payload for any schema kind - Create payload also for oneOf, anyOf and allOf schema kinds ### Changed - Pretty print response if possible ### Bug Fixes - Make header comparison case insensitive ### Documentation - Add findings section & update readme - Fix links to gitea issues in README ## [0.1.1] - 2021-04-07 ### Miscellaneous Tasks - Add LICENSE - Add metadata and installation option from crates.io ## [0.1.0] - 2021-04-07 ### Features - Resolve references ($ref) to objects thanks to openapi_utils - Fuzz cookies, headers, query & path parameters - Fuzz remaining HTTP methods - Prepare, send and check requests - Add option to ignore status codes - Save findings to files - add finding formated as curl command - Report all 500 status codes as findings if not ignored - Generate unicode instead of alphanumeric values - Add short option for ignored status codes - Add option to specify additional headers (-H) - Randomize the size of the payload for arbitrary - Trim / from the the start of the path - Implements simple statistics for the fuzzer - Add TUI - Make table rows scrollable - Map Home & End keys to move to the first & last row respectively - Color successful findings number in red - Add resender binary to make it easier to replicate the finding ### Bug Fixes - Uppercase methods and set any status (ok on non 200 responses) - Skip non-json bodies - Add trailing slash to url if not present ### Documentation - Add building instructions - Add demo and usage guide to README ### Building - Update ureq to allow responses without status text ### Refactor - Restructure & split project - Create payload module - Generate valid unicode characters right away - Move functions for generating json out of Payload impl - Process all incomming events when rendering - Process events before rendering - Restructure result file