A small, extensible Kotlin library to randomly mutate JSON & XML documents, text and binary data. Useful for fuzz testing.
Examples of things you can test by mutating known good data:
- unexpected structures will not make your application code throw unchecked exceptions
- your application code ignores additional properties
- your application code does not throw unchecked exceptions when parsing values from text properties
- your application does not instantiate arbitrary classes named in data (a potential security risk)
- your application copes with invalid Unicode encoding of text
- and much, much more!
See an interactive demonstration.
Add a dependency on Snodge (replace <version> with the version of Snodge you wish to use):
testImplementation 'com.natpryce:snodge:<version>'For the JVM platform, add an implementation of the JSR-374 JSONP API, such as:
testRuntimeOnly 'org.glassfish:javax.json:1.1'Import the library:
import com.natpryce.snodge.mutants
import com.natpryce.snodge.json.defaultJsonMutagensOutput 10 random mutations of the JSON document:
val random = Random()
val originalJson = "{\"x\": \"hello\", \"y\": [1,2,3]}"
random.mutants(defaultJsonMutagens().forStrings(), 10, originalJson)
.forEach(::println)Example output:
{"x":"hello","y":[1,2,3,null]}
{"y":[1,2,3],"x":{}}
{"x":"hello","y":[2,3]}
{"x":"hello","y":[{},2,3]}
{"x":"hello"}
{"x":"hello","y":[1,2,{}]}
{"x":"hello","y":[1,null,3]}
{"y":[1,2,3],"x":"hello"}
{"y":[1,2,3],"x":"a string"}
{"x":"hello","y":[99,2,3]}
On the JVM, Snodge can mutate the JSON object models of the Jackson, GSON & JSR-374 JSONP and Argo APIs, XML DOM, and JSON and XML serialised as text and binary.
On JavaScript, Snodge can mutate XML as DOM Documents, and XML and JSON as text.
For more information, continue reading the documentation.
The Kotlin library is version 3.x.x.x.
Previous versions:
- Version 2.x.x.x (java8 branch) is for Java 8, and uses streams and Java 8 function types
- Version 1.x.x.x (java7 branch) is for Java 7 and depends on Guava