Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

schemathesis

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

schemathesis

Property-based testing framework for Open API and GraphQL based apps

  • 3.38.9
  • PyPI
  • Socket score

Maintainers
1

Build Coverage Version Python versions Discord License

Schemathesis

Schemathesis is an API testing tool that automatically finds crashes and validates spec compliance.

Schemathesis Demo

Finding server crashes in the Demo API.

Highlights

🎯 Catches Hard-to-Find Bugs

  • Uncover hidden crashes and edge cases that manual testing might miss
  • Identify spec violations and ensure your API adheres to its contract

Accelerates Testing Cycles

  • Automatically generate a wide range of test cases based on your API schema
  • Save time by reducing the need for manual test case creation

🧩 Integrates Seamlessly

  • Works with popular API formats such as OpenAPI, GraphQL.
  • Easily integrate into your existing CI/CD workflows.

🔧 Customizable and Extendable

  • Tune the testing process using Python extensions.
  • Adjust the testing flow to suit your needs with rich configuration options.

🐞 Simplifies Debugging

  • Get detailed reports to identify and fix issues quickly.
  • Reproduce failing test cases with cURL commands.

🔬 Proven by Research

  • Validated through academic studies on API testing automation
  • Featured in ICSE 2022 paper on semantics-aware fuzzing
  • Recognized in ACM survey as state-of-the-art RESTful API testing tool

Installation

Use Schemathesis via Docker, or install it from PyPI

# Via Docker.
$ docker pull schemathesis/schemathesis:stable

# With pip.
$ pip install schemathesis

Getting Started

Schemathesis works as a standalone CLI:

docker run schemathesis/schemathesis:stable
   run --checks all https://example.schemathesis.io/openapi.json
# Or when installed with pip
schemathesis run --checks all https://example.schemathesis.io/openapi.json

Or a Python library:

import schemathesis

schema = schemathesis.from_uri("https://example.schemathesis.io/openapi.json")


@schema.parametrize()
def test_api(case):
    case.call_and_validate()

See a complete working example project in the /example directory.

Schemathesis can be easily integrated into your CI/CD pipeline using GitHub Actions. Add this block to your GitHub Actions to run Schemathesis against your API:

api-tests:
  runs-on: ubuntu-latest
  steps:
    - uses: schemathesis/action@v1
      with:
        schema: "https://example.schemathesis.io/openapi.json"
        # OPTIONAL. Add Schemathesis.io token for pull request reports
        token: ${{ secrets.SCHEMATHESIS_TOKEN }}

For more details, check out our GitHub Action repository or see our GitHub Tutorial.

For test reports in your pull requests, install the GitHub app:

image

Schemathesis.io

Schemathesis CLI integrates with Schemathesis.io to enhance bug detection by optimizing test case generation. It also provides a user-friendly UI for viewing and analyzing test results. For a quick setup all-in-one solution, we offer a free tier.

Who's Using Schemathesis?

Schemathesis is used by a number of projects and companies, including direct usage or integration into other tools:

Testimonials

"The world needs modern, spec-based API tests, so we can deliver APIs as-designed. Schemathesis is the right tool for that job."

Emmanuel Paraskakis - Level 250

"Schemathesis is the only sane way to thoroughly test an API."

Zdenek Nemec - superface.ai

"The tool is absolutely amazing as it can do the negative scenario testing instead of me and much faster! Before I was doing the same tests in Postman client. But it's much slower and brings maintenance burden."

Luděk Nový - JetBrains

"Schemathesis is the best tool for fuzz testing of REST API on the market. We are at Red Hat use it for examining our applications in functional and integrations testing levels."

Dmitry Misharov - RedHat

"There are different levels of usability and documentation quality among these tools which have been reported, where Schemathesis clearly stands out among the most user-friendly and industry-strength tools."

Testing RESTful APIs: A Survey - a research paper by Golmohammadi, at al

Contributing

We welcome contributions in code and are especially interested in learning about your use cases. Your input is essential for improving Schemathesis and directly influences future updates.

How to Contribute

  1. Discuss ideas and questions through GitHub issues or on our Discord channel.
  2. For code contributions, see our contributing guidelines.
  3. Share your experience and thoughts using this feedback form.

Why Your Input Matters

  • Enables us to develop useful features and fix bugs faster
  • Improves our test suite and documentation

Thank you for contributing to making Schemathesis better! 👍

Commercial support

If you're a large enterprise or startup seeking specialized assistance, we offer commercial support to help you integrate Schemathesis effectively into your workflows. This includes:

  • Quicker response time for your queries.
  • Direct consultation to work closely with your API specification, optimizing the Schemathesis setup for your specific needs.

To discuss a custom support arrangement that best suits your organization, please contact our support team at support@schemathesis.io.

Acknowledgements

Schemathesis is built on top of Hypothesis, a powerful property-based testing library for Python.

License

This project is licensed under the terms of the MIT license.

Keywords

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc