See 1.0.0-rc1 and 1.0.0-rc2 for changes since 0.4.7, which was the last main
line release.
1.0.0-rc2
Released 2021-02-09.
Added
The Arbitrary trait is now implemented for &[u8]. #67
Changed
Rename Unstructured#get_bytes to Unstructured#bytes. #70
Passing an empty slice of choices to Unstructured#choose returns an error. Previously it would panic. 71
1.0.0-rc1
Released 2020-11-25.
Added
The Arbitrary trait is now implemented for &str. #63
Changed
The Arbitrary trait now has a lifetime parameter, allowing Arbitrary implementations that borrow from the raw input (e.g. the new &str implementaton). The derive(Arbitrary) macro also supports deriving Arbitrary on types with lifetimes now. #63
Removed
The shrink method on the Arbitrary trait has been removed.
We have found that, in practice, using internal reduction via approaches like cargo fuzz tmin, where the raw input bytes are reduced rather than the T: Arbitrary type constructed from those raw bytes, has the best efficiency-to-maintenance ratio. To the best of our knowledge, no one is relying on or using the Arbitrary::shrink method. If you are using and relying on the Arbitrary::shrink method, please reach out by dropping a comment here and explaining how you're using it and what your use case is. We'll figure out what the best solution is, including potentially adding shrinking functionality back to the arbitrary crate.
0.4.7
Released 2020-10-14.
Added
... (truncated)
Commits
83b852c Merge pull request #72 from rust-fuzz/1.0-release
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot will not automatically merge this PR because this dependency is pre-1.0.0.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Updates the requirements on arbitrary to permit the latest version.
Changelog
Sourced from arbitrary's changelog.
... (truncated)
Commits
83b852cMerge pull request #72 from rust-fuzz/1.0-release6c8dd97Fix release day of 1.0.0 release9f54b0adocs: use version 1.0 in example Cargo.toml snippet0f793c5readme: use version 1.0 in the example Cargo.toml snippet7cb6cccBump versions to 1.0.0.a1e4e72Remove empty sections from CHANGELOGf3ae31aAdd release date for 1.0.0-rc25084a0dMake a 1.0.0-rc2 release436e3f0Empty Unstructured::choose param should return Err, not panic. (#71)fe306c8Implement Arbitrary for &[u8].Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot will not automatically merge this PR because this dependency is pre-1.0.0.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)