Our great sponsors
-
IIRC there was this [1] issue that some people pushed for a couple of years. Then at some point, this other one [2] became the new one for it (which has Kate Hockman as the issue creator).
It's been a multi-year effort, so congrats to those who've made it happen.
-
People can have different definitions and still communicate usefully, and I think there is not 100% agreement on the exact boundaries between the two.
That said, for me: they are distinct but related, and that distinction is useful.
For example, Hypothesis is a popular property testing framework. The authors have more recently created HypoFuzz, which includes this sentence in the introduction:
“HypoFuzz runs your property-based test suite, using cutting-edge fuzzing techniques and coverage instrumentation to find even the rarest inputs which trigger an error.”
Being able to talk about fuzzing and property testing as distinct things seems useful — saying something like “We added fuzzing techniques to our property testing framework“ is more meaningful than “We added property testing techniques to our property testing framework“ ;-)
My personal hope is there will be more convergence, and work to add first-class fuzzing support in a popular language like Go will hopefully help move the primary use case for fuzzing to be about correctness, with security moving to an important but secondary use case.
-
Sonar
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
-
DeepState [1] is a tool that lets you write Google Test-style unit tests, as well as property tests, in either C or C++, and plug in fuzzers and symbolic executors. That is, DeepState bridges this gap between fuzz testing and property testing.
-
> it shows the limitations of the language that you can't just build this inside the language.
Not sure why you'd make that assumption. https://github.com/dvyukov/go-fuzz
