If you want to test your python code for bugs and possible security issues, one way is mutant testing using mutmut: https://pypi.org/project/mutmut/
Test automation is very important but most of the times only positive test cases are tested, not the negative ones, which might break the programms logic or the python code. This is used by attackers in order to find possible holes, bypasses or in order to break your application.
Idea behind mutation testing
The idea behind mutation testing is: A programm should describe a path to the correct result. If the programms code is changed at any position a bug should be produced. If the programm still comes to the result "OK", then the programm is not testing the input/parameters or operations enough. This is called a mutant.
Mutation testing means to make the programm so resilient, that no mutants are created. Another great article about mutation testing can be found here: https://hackernoon.com/mutmut-a-python-mutation-testing-system-9b9639356c78
Getting started
pip install mutmut
mutmut run
This will by default run pytest on tests in the “tests” or “test” folder and it will try to figure out where the code to mutate lies. Run
mutmut --help for help. More can be found here: https://pypi.org/project/mutmut/
No comments:
Post a Comment