Fuzzingbook Release Notes

This book and its code use numbered versioning. The version numbers correspond to the version numbers in the Python pip package.

Current Version (in progress)

This is the version we are preparing for the next release (e.g. what you get when you check out the latest version from the GitHub repo). Major changes will show up here as we make them.

  • Fix: Outputting code coverage using Coverage class would prefix covered code with #, rather than uncovered code as should be. This has been fixed.

Version 1.2.1 (released 2023-11-13)

  • Importing book classes from third-party code would accidentally set a fixed random seed, making all further random decisions deterministic (i.e. produce the same result every time). This is now fixed.
  • Minor updates to Python package requirements.

Version 1.2 (released 2023-10-23)

  • For announcements, we now use Mastodon (@TheFuzzingBook@mastodon.social) instead of X. Follow us on Mastodon!
  • We have a new chapter on Fuzzing with Constraints in which we introduce the ISLa constraint language / fuzzer / parser.
  • We have a new chapter on Compiler Testing in which we use grammars to generate, parse, and evolve Python code.
  • We now regularly test our code on various Python versions.

    • Python 3.12: all chapters work, except for Symbolic Fuzzing.
    • Python 3.11: all chapters work.
    • Python 3.10: all chapters work.
    • Python 3.9: all chapters work, except for the two new chapters listed above. (ISLa needs 3.10 or later.)

    For development, we recommend Python 3.10 or 3.11.

  • We fixed several typos throughout the book, using the awesome LTeX grammar/spell checker
  • ProbabilisticGrammarMiner now properly handles empty expansions (Issue #154) - thanks to Martin Eberlein!
  • The chapter on Fuzzing now has a more detailed computation of the probability of deleting your home directory. Thanks to mhamami-abuomar!
  • We no longer support fuzzingbook DockerHub images.

Version 1.1 (released 2022-05-18)

Changes since 1.0:

  • The book has lots of new material (videos, quizzes).
  • The code now has static type annotations (and is type checked).
  • Requirements and install procedures have been reworked.
  • Apart from code fixes, code semantics stays unchanged.

Changes and fixes since 1.0.7:

  • All videos are re-cut – thanks to Aman Roy!
  • Fuzzer.runs() now returns a list comprehension instead of a list (Issue #106)
  • Code using selenium has been updated to the latest version.
  • Fixed a problem in FasterGrammarFuzzer (Issue #130) - thanks to CuriousGeorgiy!

Version 1.0.7 (released 2022-01-25)

  • The WebFuzzer constructor now allows using a subclass of HTMLGrammarMiner.
  • The GUIFuzzer constructor now allows using a subclass of GUIGrammarMiner.
  • Class diagrams are now simplified, as we skip non-public methods defined in other chapters.

Version 1.0.6 (released 2022-01-18)

  • Fixed a major performance bug in grammar fuzzing (Issue #117)
  • We now work with recent versions of z3-solver (Issue #115)
  • In the chapter on configuration fuzzing, the OptionGrammarMiner will now capture args from external Python scripts that are protected by if __name__ == '__main__'
  • Various minor fixes and documentation improvements

Version 1.0.5 (released 2022-01-10)

  • This release increases compatibility with various Z3 versions for concolic fuzzing.
  • In the chapter on symbolic fuzzing, the AdvancedSymbolicFuzzer is now named SymbolicFuzzer plain and simple. (AdvancedSymbolicFuzzer still works as an alias).

Version 1.0.4 (released 2022-01-04)

Happy new year!

Version 1.0.3 (released 2021-12-14)

Version 1.0.2 (released 2021-12-08)

Version 1.0.1 (released 2021-11-23)

  • The code now passes mypy static type checks.
  • The Coverage class now supports function_names() and __repr__() methods. Its __exit__() method is no longer included in coverage.
  • Minor fixes across the board.

Version 1.0 (released 2021-11-04)

  • We now support (but also require) Python 3.9 or later. Earlier versions still required Python 3.6 due to some outdated modules such as astor and enforce we depended upon (and now don't anymore).
  • We added missing dependencies to the fuzzingbook pip package (Issue #44 in debuggingbook) such that pip install fuzzingbook also installs all the packages it depends upon. Thanks to @TheSilvus for reporting this!
  • We fixed a warning '.gitignore is a symbolic link' during git checkout (Issue #43) Thanks to @rjc for reporting this!
  • We identified some chapters that were using numpy.random rather than Python random, resulting in, well, random results every time we'd build the book. This is now fixed, and more consistent.
  • Under the hood, we have adopted several more improvements from our sister project "The Debugging Book". Notably, the build process is much streamlined, and we run continuous integration tests to ensure quality of changes and pull requests.

Version 0.9.5 (released 2021-06-08)

  • Lots of minor fixes in HTML generation, adopting new tools and tests from "The Debugging Book".
  • Code functionality should be unchanged.
  • The bookutils module is now shared with the debuggingbook project; some (hopefully neutral) fixes.
  • Several typos and other minor fixes throughout the book.

Version 0.9.0

  • In the Web version, some not-so-critical details (typically, long implementations and logs) are only shown on demand. This is still work in progress.
  • The fuzzingbook_utils module used by notebooks is now renamed to bookutils. Code and notebooks using fuzzingbook_utils may still work, but will issue a deprecation warning.
  • Several minor fixes to functionality in Parsing and Recombining Inputs, Concolic Fuzzing, Symbolic Fuzzing
  • Better style when printing from browser (colored text, smaller fonts)
  • Avoid tracking in YouTube videos
  • Several typos and other minor fixes throughout the book

Version 0.8.0 (released 2019-05-21)

First numbered fuzzingbook release.

Chapter Releases

Before switching to numbered releases, new chapters were coming out every Tuesday.

  1. Introduction to Software Testing – 2018-10-30
  2. Fuzzing: Breaking Things with Random Inputs – 2018-10-30
  3. Getting Coverage – 2018-11-06
  4. Mutation-Based Fuzzing – 2018-11-06
  5. Fuzzing with Grammars – 2018-11-13
  6. Efficient Grammar Fuzzing – 2018-11-20
  7. Grammar Coverage – 2018-11-27
  8. Testing Configurations – 2018-12-04
  9. Parsing and Recombining Inputs – 2018-12-11
  10. Probabilistic Grammar Fuzzing – 2018-12-18
  11. Fuzzing with Generators – 2019-01-08
  12. Fuzzing APIs – 2019-01-15
  13. Carving Unit Tests – 2019-01-22
  14. Reducing Failure-Inducing Inputs – 2019-01-29
  15. Web Testing – 2019-02-05
  16. GUI Testing – 2019-02-12
  17. Mining Input Grammars – 2019-02-19
  18. Tracking Information Flow – 2019-03-05
  19. Concolic Fuzzing – 2019-03-12
  20. Symbolic Fuzzing – 2019-03-19
  21. Mining Function Specifications – 2019-03-26
  22. Search-Based Fuzzing – 2019-04-02
  23. Evaluating Test Effectiveness with Mutation Analysis – 2019-04-09
  24. Greybox Fuzzing – 2019-04-16
  25. Greybox Fuzzing with Grammars – 2019-04-30
  26. Fuzzing in the Large – 2019-05-07
  27. When to Stop Fuzzing – 2019-05-14
  28. Tours through the Book - 2019-05-21

After all chapters were out, we switched to a release-based schedule, with numbered minor and major releases coming out when they are ready.

Creative Commons License The content of this project is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. The source code that is part of the content, as well as the source code used to format and display that content is licensed under the MIT License. Last change: 2024-01-18 17:27:42+01:00CiteImprint