Maven

Dependencies

Ubuntu / Debian
Arch
macOS
Windows

sudo apt install default-jdk maven

sudo pacman -S jdk-openjdk maven

brew install openjdk maven

choco install microsoft-openjdk maven

Version requirements

Java JDK >= 8 (1.8)
- e.g. OpenJDK or Zulu
Maven >= 3.3.1

Initialize a project

Initialize CI Fuzz in the root directory of your Maven project with the following command:

cifuzz init

Enable CI Repository access

To use CI Fuzz and its dependencies, you have to configure access to the CI repository. Your username and private token are available on your CI Download Portal Configuration page.

`settings.xml`

Add the following code to your ~/.m2/settings.xml:

~/.m2/settings.xml
<?xml version="1.0" encoding="UTF-8"?>
    <settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 http://maven.apache.org/xsd/settings-1.2.0.xsd" xmlns="http://maven.apache.org/SETTINGS/1.2.0"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <servers>
            <server>
                <id>code-intelligence</id>
                <username><!--YOUR_USERNAME--></username>
                <password><!--YOUR_TOKEN--></password>
            </server>
        </servers>
    </settings>

`pom.xml`

To use the CI repository in your project, add it to your projects pom.xml:

pom.xml
<repositories>
    <repository>
        <id>code-intelligence</id>
        <url>https://gitlab.code-intelligence.com/api/v4/projects/89/packages/maven</url>
    </repository>
</repositories>
<pluginRepositories>
    <pluginRepository>
        <id>code-intelligence</id>
        <url>https://gitlab.code-intelligence.com/api/v4/projects/89/packages/maven</url>
    </pluginRepository>
</pluginRepositories>

Add Maven Extension

To enable fuzz testing in your project, add our CI Fuzz Maven extension to your projects pom.xml:

pom.xml
<build>
    <extensions>
        <extension>
            <groupId>com.code-intelligence</groupId>
            <artifactId>cifuzz-maven-extension</artifactId>
            <version>1.5.0</version>
        </extension>
    </extensions>
</build>

Multi-project setup

Currently we support multi-project setups with Maven by initializing cifuzz in the subprojects instead of the root project. Additionally, you should mark the subproject that contains the Fuzz Tests by setting the cifuzz.fuzztests property in the subproject's pom.xml:

pom.xml
<properties>
    <cifuzz.fuzztests>true</cifuzz.fuzztests>
</properties>

JUnit

Fuzz tests are executed with JUnit 5. If it is not already set up, the plugin will automatically add the required dependencies and configuration to your project. If you are using JUnit 4, please be aware that you will need to use the JUnit Vintage engine to be able to run both JUnit 4 and Junit 5 tests in one project. See the official JUnit documentation for more information.

Dependencies​

Version requirements​

Initialize a project​

Enable CI Repository access​

settings.xml​

pom.xml​

Add Maven Extension​

Multi-project setup​

JUnit​

Example Projects​