generate contextually sensible fuzz tests for servant apps
Go to file
2020-08-08 18:46:09 -04:00
.github/workflows ci tweaking 2020-06-06 11:24:32 -04:00
app autogenerated stuff 2020-06-05 12:01:44 -04:00
scripts tidying up 2020-06-06 10:24:56 -04:00
src cleaned up some type level stuff, added some type level bits 2020-08-08 18:46:09 -04:00
test tidying up 2020-06-06 10:24:56 -04:00
.gitignore cleaned up some type level stuff, added some type level bits 2020-08-08 18:46:09 -04:00
ChangeLog.md autogenerated stuff 2020-06-05 12:01:44 -04:00
LICENSE autogenerated stuff 2020-06-05 12:01:44 -04:00
Makefile tidying up 2020-06-06 10:24:56 -04:00
package.yaml tidying up 2020-06-06 10:24:56 -04:00
README.md write readme 2020-06-06 12:52:57 -04:00
roboservant.cabal todo & cabal 2020-06-06 11:03:26 -04:00
Setup.hs autogenerated stuff 2020-06-05 12:01:44 -04:00
stack.yaml tidying up 2020-06-06 10:24:56 -04:00
TODO.md write readme 2020-06-06 12:52:57 -04:00

roboservant

Automatically fuzz your servant apis in a contextually-aware way.

CI

why?

Servant gives us a lot of information about what a server can do. We use this information to generate arbitrarily long request/response sessions and verify properties that should hold over them.

why not servant-quickcheck?

servant-quickcheck is a great package and I've learned a lot from it. Unfortunately, there's a lot of the state space it can't explore: modern webapps are full of pointer-like structures, whether they're URLs or database keys/uuids. servant-quickcheck demands that you be able to generate these without context via Arbitrary: good luck exploring an API that requires you to generate just the right UUID to hit non-trivial code.

roboservant avoids this by using quickcheck-state-machine, which models the dynamic state in such a way that we can use results of previous calls.