Workflow

Hypothesis

Latest version: v6.122.3

Safety actively analyzes 688578 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 162 of 210

3.66.2

Not secure
-------------------

This release improves the shrinker's ability to handle situations where there
is an additive constraint between two values.

For example, consider the following test:


.. code-block:: python

import hypothesis.strategies as st
from hypothesis import given


given(st.integers(), st.integers())
def test_does_not_exceed_100(m, n):
assert m + n < 100

Previously this could have failed with almost any pair ``(m, n)`` with
``0 <= m <= n`` and ``m + n == 100``. Now it should almost always fail with
``m=0, n=100``.

This is a relatively niche specialisation, but can be useful in situations
where e.g. a bug is triggered by an integer overflow.

3.66.1

Not secure
-------------------

This patch fixes a rare bug where an incorrect percentage drawtime
could be displayed for a test, when the system clock was changed during
a test running under Python 2 (we use :func:`python:time.monotonic`
where it is available to avoid such problems). It also fixes a possible
zero-division error that can occur when the underlying C library
double-rounds an intermediate value in :func:`python:math.fsum` and
gets the least significant bit wrong.

3.66.0

Not secure
-------------------

This release improves validation of the ``alphabet`` argument to the
:func:`~hypothesis.strategies.text` strategy. The following misuses
are now deprecated, and will be an error in a future version:

- passing an unordered collection (such as ``set('abc')``), which
violates invariants about shrinking and reproducibility
- passing an alphabet sequence with elements that are not strings
- passing an alphabet sequence with elements that are not of length one,
which violates any size constraints that may apply

Thanks to Sushobhit for adding these warnings (:issue:`1329`).

3.65.3

Not secure
-------------------

This release fixes a mostly theoretical bug where certain usage of the internal
API could trigger an assertion error inside Hypothesis. It is unlikely that
this problem is even possible to trigger through the public API.

3.65.2

Not secure
-------------------

This release fixes dependency information for coverage. Previously Hypothesis
would allow installing :pypi:`coverage` with any version, but it only works
with coverage 4.0 or later.

We now specify the correct metadata in our ``setup.py``, so Hypothesis will
only allow installation with compatible versions of coverage.

3.65.1

Not secure
-------------------

This patch ensures that :doc:`stateful tests <stateful>` which raise an
error from a :pypi:`pytest` helper still print the sequence of steps
taken to reach that point (:issue:`1372`). This reporting was previously
broken because the helpers inherit directly from :class:`python:BaseException`, and
therefore require special handling to catch without breaking e.g. the use
of ctrl-C to quit the test.

Page 162 of 210

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.