cats-10.3.0

Release notes:

• Make cats stats customizable so that you can filter certain information
• Add more generated body names to naming linters
• Fix scenario name for QueryParamsCaseLinterFuzzer as it wasn't taking into consideration the naming name
• Remove path name from versions fuzzer as it runs globally
• When operationId is null return path + http method
• Fix reporting issue for global linters when running with --verbosity summary
• Fix reporting issue for FunctionalFuzzer in --verbosity summary
• Fix issue for oneOf/anyOf usage when one of the possibilities was actually nullable
• Add possibility to filter paths based on tag when using cats list --paths
• Add possibility to include/skip tags
• Introduce an additional regex generator library to accommodate additional weird regexes

cats-10.2.0

Release Notes:

• add new --maskHeaders argument to mask sensitive headers in report files
• CATS is now testing response content type and will report a warning if it doesn't match the contract; you can use --ignoreResponseContentTypeCheck to ignore this check
• add new fuzzers for random resources checking and response http headers checking
• VersionsLinterFuzzer will now check for versions in paths, servers definition and content type headers
• NamingsLinterFuzzer is now split into more granular linters
• 501 is now on the response code ignore list when running in --blackbox mode
• improve reporting for error scenarios
• add new cats stats sub-command to display some statistics about OpenAPI contracts
• add new argument to list info for a single path using the cats list sub-command

cats-10.1.0

Release notes:

• Add argument to skip deprecated operations
• Add argument to send application/merge-patch+json for PATCH operations
• Filter blank lines and commented lines from string files #84
• Add 6 new http fuzzers
• Add checkFalse and checkTrue to be used instead of checkBoolean in verify section
• Add possibility to replace entire request body with custom payload with SecurityFuzzer
• Fix for #85
• Add cats info sub-command to display details about OS and CATS version
• Fix for #86
• Fix progress issue for FunctionalFuzzer with --verbosity summary
• Make sure exceptions are displayed in --verbosity summary if CATS cannot run at all

cats-10.0.0

Release notes:

• Don't include request/response details in linters report file
• Fix issue with fields naming conventions being reported multiple times
• Add new argument to set max response time and fail tests if it's exceeded
• Make CATS banner be displayed only when printing help command
• Add 2 new arguments to filter based on field type and field format
• Fix issue for matching Cache-Control header when having multiple values
• Introduce new argument to control number of random headers sent by the random headers fuzzers
• Add argument to be able to filter anyOf and oneOf selection if only one is valid
• Add 8 new fuzzers that are sending non-json request with different values
• Display separator between tests considering the console columns

Changed behaviour:

• Make response json parser more relaxed and use rfc4627
• Preserve Of in the Fuzzers naming
• Make Payload default to be displayed when opening individual test cases
• Introduce --verbosity argument to allow a more compact output in console which default to summary and reduced CATS logging to less verbose output
• Don't attempt to run fuzzer if field is not part of the payload

cats-9.0.5

Release notes:

• Add new argument to disable ANSI codes for output: --no-color
• Add 2 new HTTP fuzzers that send null and empty bodies
• Add 3 new HTTP header fuzzers that send invalid values in Content-Length and Transfer-Encoding headers
• Add new argument to set the User-Agent header
• Display old/new status code and response body in cats replay command
• Refactor security headers fuzzer to allow X-XSS-Protection to either not be present or have value set as zero
• Add more details to the cats list --paths subcommand
• Improve logging and reporting when tests are ignore based on --ignoreXXX arguments
• Logging doesn't include label now, only icons

cats-9.0.4

Release notes:

• hot fix for Quarkus issue that removed subcommands from final binary caused them to fail

cats-9.0.3

Release notes:

• Fix issue when root json was array - CATS was generating a simple object instead of array
• Remove dependency on github packages #76

cats-9.0.2

Release notes:

• Fix for #75
• Add configuration to release to maven central #76
• Fix for #80
• Fix issue with Linters not properly running
• Fix corner case for oneOf definitions when there are multiple arrays nested

cats-9.0.1

Release notes:

• Fix for #74
• Fix for #73
• Fix styling issues for dark mode

cats-9.0.0

Release notes:

• Brand new logo
• New reporting design with more cleaner UI and omni-search in summary page
• Fix out of bounds issue with pattern containing length
• Add new fuzzer to replace primitive values with objects
• Add new Fuzzer to replace objects with arrays
• Change the value for almost valid UUID values
• Add fuzzers to replace arrays with primitives or objects
• Add new Fuzzer to overflow array size
• Switch skip message to debug to avoid too much logging
• Add new Fuzzer to overflow map sizes
• Ignore empty_body when checking naming conventions
• Don't escape query params when writing the full request path
• When searching for the fuzzedField in validation error response accomodate for snake-case and kebab_case
• Add possibility to skip fuzzers when running lint command
• Add possibility to include/exclude more granular log levels
• Add 2 new arguments to ignore reporting for success and warning
• #72 Add possibility to ignore fields in FunctionalFuzzer
• Renamed ContractInfo Fuzzers to LintFuzzers
• Add update check functionality to display new version if available