Schemathesis

:rocket: Added

- **EXPERIMENTAL**: New stateful test runner in CLI. 864
- The `--experimental=stateful-only` CLI flag to run only stateful tests if the new test runner is enabled. Note that this feature is experimental and may change in future releases without notice.
- Ability to extract values from headers, path, and query parameters using regular expressions in OpenAPI links.
- The `negative_data_rejection` check. It ensures that the API rejects negative data as specified in the schema.
- The `use_after_free` check. It ensures that the API returns a 404 response after a successful DELETE operation on an object. At the moment, it is only available in state-machine-based stateful testing.
- Support for building dynamic payloads via OpenAPI links. This allows for building objects or arrays where nested items are not hardcoded but dynamically evaluated.
- `APIStateMachine.format_rules` method to format transition rules in a human-readable format.


POST /user
└── 201
├── GET /users/{ids}
└── DELETE /user/{id}

GET /users/{ids}
└── 200
└── PATCH /user

DELETE /user/{id}
└── 204
└── DELETE /user/{id}

:wrench: Changed

- Enforce the `minLength` keyword on string path parameters to avoid the rejection of empty values later on.
This improves the performance of data generation.
- Rework building state machines for stateful testing to improve performance.
- Improve error messages on `MaxRetryError`. 2234
- Migrate to new-style `pytest` hooks. 2181
- Filter out Hypothesis' warning about resetting the recursion limit in multi-worker tests.
- Show sub-schema location in `response_schema_conformance` failure messages. 2270
- Avoid collecting data for stateful tests in CLI when they are explicitly disabled.

:bug: Fixed

- Internal error during OpenAPI link resolution if the needed parameter is missing in the response.
- Improper output when a JSON pointer can't be resolved during OpenAPI link resolution.
- Generating invalid examples created by wrapping a named example value into another object. 2238
- Distinguish more failures in stateful testing.
- Generate different functions for state machine transitions to properly use swarm testing.
- `RuntimeError` caused by a race condition when initializing Hypothesis' PRNG in multiple workers.
- Missing body in `Case` if it is mutated after the `make_case` call. 2208
- Internal error when a rate limiter hits its limit. 2254
- Internal error during reference resolving when using relative file paths.
- Ignoring property examples defined under the `example` key in Open API 2.0 schemas. 2277

:fire: Removed

- Support for `pytest<6.0`.

:racing_car: Performance

- Improve performance of copying schemas.

:bug: Fixed

- Remove temporary `print` calls.

:bug: Fixed

- Inlining too much in stateful testing.

:wrench: Changed:

- **INTERNAL**: Remove the ability to mutate components used in `schema["/path"]["METHOD"]` access patterns.

:bug: Fixed

- Not serializing shared parameters for an API operation.
- `OperationNotFound` raised in `schema.get_operation_by_id` if the relevant path item is behind a reference.
- Missing parameters shared under the same path in stateful testing if the path is behind a reference.
- `KeyError` instead of `OperationNotFound` when the operation ID is not found in Open API 3.1 without path entries.
- Not respecting `allow_x00=False` in headers and cookies. 2220
- Internal error when building an error message for some network-related issues. 2219

:racing_car: Performance

- Optimize `schema["/path"]["METHOD"]` access patterns and reduce memory usage.
- Optimize `get_operation_by_id` method performance and reduce memory usage.
- Optimize `get_operation_by_reference` method performance.
- Less copying during schema traversal.

:bug: Fixed

- Internal error on unresolvable Open API links during stateful testing.
- Internal error when media type definition has only `example` or `examples` keys.

:racing_car: Performance

- Improve performance of `add_link` by avoiding unnecessary reference resolving.

I am happy to announce Schemathesis 3.28 :tada:

It does not include a lot of new features but instead clarifies error messages and makes Schemathesis work with more recursive references than before.

:rocket: Added

- `Request.deserialize_body` and `Response.deserialize_body` helper methods to deserialize payloads to bytes from Base 64.
- Support for `multipart/mixed` media type.

:wrench: Changed

- Do not show suggestions to show a traceback on Hypothesis' `Unsatisfiable` error.
- Clarify error message on unsupported recursive references.
- Report more details on some internal errors instead of "Unknown Schema Error".
- Update error message on why Schemathesis can't generate test cases for some API operations.

:bug: Fixed

- Internal error on Windows when the CLI output is redirected to a file and code samples contain non-CP1252 characters.
- Properly check for nested recursive references inside combinators. This makes Schemathesis work with more schemas with recursive references.