Jazzer has the following dependencies when being built from source:
.bazelversion
--repo_env=CC=gcc
, but is not tested)It is recommended to use Bazelisk to automatically download and install Bazel. Simply download the release binary for your OS and architecture and ensure that it is available in the PATH
. The instructions below will assume that this binary is called bazel
- Bazelisk is a thin wrapper around the actual Bazel binary and can be used interchangeably.
Assuming the dependencies are installed, build Jazzer from source and run it as follows:
$ git clone https://github.com/CodeIntelligenceTesting/jazzer $ cd jazzer # Note the double dash used to pass <arguments> to Jazzer rather than Bazel. $ bazel run //:jazzer -- <arguments>
You can also build your own version of the release binaries:
$ bazel build //:jazzer_release ... INFO: Found 1 target... Target //:jazzer_release up-to-date: bazel-bin/jazzer_release.tar.gz ...
To run the tests, execute the following command:
$ bazel test //...
Run ./format.sh
to format all source files in the way enforced by the “Check formatting” CI job. See check-formatting.yml for how to obtain the particular versions of the required formatting tools.
Requires an account on Sonatype with access to the com.code-intelligence
group as well as a YubiKey with the signing key.
sudo apt-get install gnupg2 gnupg-agent scdaemon pcscd
.mkdir -p ~/.gnupg && echo use-agent >> ~/.gnupg/gpg.conf
to enable GPG's smart card support.cat deploy/maven.pub | gpg --import
to import the public key used for Maven signaturesgpg --card-status
to generate a key stub. If you see a No such device
error, retry after executing killall gpg-agent; killall pcscd
to remove existing locks on the YubiKey.Update JAZZER_VERSION
in maven.bzl
.
Create a release, using the auto-generated changelog as a base for the release notes.
Trigger the “Release” GitHub Actions workflow for the tag. This builds release archives for GitHub as well as the multi-architecture jar for the com.code-intelligence:jazzer
Maven artifact.
Create a GitHub release and upload the contents of the jazzer_releases
artifact from the workflow run.
Check out the tag locally and, with the YubiKey plugged in, run bazel run //deploy
with the following environment variables to upload the Maven artifacts:
JAZZER_JAR_PATH
: local path of the multi-architecture jazzer.jar
contained in the jazzer
artifact of the “Release” workflowMAVEN_USER
: username on https://oss.sonatype.orgMAVEN_PASSWORD
: password on https://oss.sonatype.orgThe YubiKey blinks repeatedly and needs a touch to confirm each individual signature.
Log into https://oss.sonatype.org, select both staging repositories and “Close” them. Wait and refresh, then select them again and “Release” them.
Locally, with Docker credentials available, run docker/push_all.sh
to build and push the cifuzz/jazzer
and cifuzz/jazzer-autofuzz
Docker images.
Javadocs are hosted at https://codeintelligencetesting.github.io/jazzer-docs, which is populated from https://github.com/CodeIntelligenceTesting/jazzer-docs.
To update the docs after a release with API changes, follow these steps to get properly linked cross-references:
jazzer-docs
.bazel build --//deploy:linked_javadoc //deploy:jazzer-api-docs
and unpack the jar into the jazzer-api
subdirectory of jazzer-docs
.bazel build --//deploy:linked_javadoc //deploy:jazzer-docs
and unpack the jar into the jazzer
subdirectory of jazzer-docs
.bazel build --//deploy:linked_javadoc //deploy:jazzer-junit-docs
and unpack the jar into the jazzer-junit
subdirectory of jazzer-docs
.