@lanodan @NonPlayableClown @toiletpaper

> Yeah, just tend to pick infinite fuzzers as a waste of ressources,

Your time can be wasted; the computer's cannot.

> they're effectively bruteforce,

Obviously they're brute-force. That's the point: let the machine crank on the tedious stuff and tell it to tell you if it finds anything interesting. This doesn't stop you from doing anything else: whatever you were going to do, you can still do that while the computer grinds. I mean, the other one, having the tests just spider the site, that catches breakage. It sounds trivial but if you consider how many things a site models and in which states those things can be, it catches more stuff than you might expect. Like that bug in Pleroma a couple of years ago where a deactivated user could still get a password reset link.