Autonomous API QA agent — define actions and invariants, explore every state path automatically.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for NamanAg from gravatar.com NamanAg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Naman Agarwal
  • Maintainer: Naman Agarwal
  • Tags api-testing , branch-exploration , checkpoint , e2e-testing , end-to-end , graphql-testing , http-testing , integration-testing , journey-testing , qa , rest-api , state-management , stateful-testing , test-automation , testing
  • Requires: Python >=3.10
  • Provides-Extra: all , dev , docker , docs , graphql , postgres , redis , s3
Classifiers
Report project as malware

Project description

VenomQA

Autonomous QA agent that exhaustively explores APIs — define actions and invariants, let VenomQA find every bug sequence your linear tests miss.

PyPI version Python 3.10+ License: MIT

Install

pip install venomqa

How It Works

Instead of writing linear test scripts, you give VenomQA:

  1. Actions — things that can happen (create issue, close issue, create refund…)
  2. Invariants — rules that must always hold (open issues never contain closed ones, refund ≤ payment)

VenomQA explores every reachable state sequence using BFS, checkpointing and rolling back state between branches so each path starts clean.

Quickstart (v1 API)

from venomqa.v1 import Action, Invariant, Agent, World, BFS, Severity
from venomqa.v1.adapters.http import HttpClient

# 1. Define actions
def create_todo(ctx, api):
    resp = api.post("/todos", json={"title": "Test"})
    ctx["todo_id"] = resp.json()["id"]
    return resp

def delete_todo(ctx, api):
    return api.delete(f"/todos/{ctx['todo_id']}")

def list_todos(ctx, api):
    resp = api.get("/todos")
    ctx["todos"] = resp.json()
    return resp

# 2. Define invariants (rules that must always be true)
def count_matches(state, ctx):
    api_count = len(ctx.get("todos", []))
    db_count = state.get_observation("db").data.get("count", 0)
    return api_count == db_count

invariant = Invariant(
    name="count_matches_db",
    check=count_matches,
    description="API list count must match DB",
    severity=Severity.CRITICAL,
)

# 3. Explore
api = HttpClient("http://localhost:8000")
world = World(api=api)

agent = Agent(
    world=world,
    actions=[
        Action(name="create_todo", execute=create_todo),
        Action(name="delete_todo", execute=delete_todo),
        Action(name="list_todos",  execute=list_todos),
    ],
    invariants=[invariant],
    strategy=BFS(),
    max_steps=200,
)

result = agent.explore()
print(f"States: {result.states_visited}, Violations: {len(result.violations)}")
for v in result.violations:
    print(f"  [{v.severity.value.upper()}] {v.invariant_name}: {v.message}")

Core Concepts

Concept What it is
Action A callable that mutates or reads API state
Invariant A rule checked after every action
World Sandbox that owns HTTP client + rollbackable systems (DB, Redis, queues)
Agent Orchestrates exploration using a strategy (BFS, DFS, Random…)
Violation A recorded invariant failure with severity + context

Rollback / Branching

VenomQA checkpoints and rolls back state between paths. Adapters that support rollback:

System Mechanism
PostgreSQL SAVEPOINT / ROLLBACK TO SAVEPOINT
Redis DUMP + FLUSHALL + RESTORE
In-memory (queue, mail, storage) Copy + restore
Custom Subclass MockHTTPServer (3-method interface) 
from venomqa.v1.adapters.postgres import PostgresAdapter
from venomqa.v1.adapters.redis import RedisAdapter

world = World(
    api=HttpClient("http://localhost:8000"),
    systems={
        "db":    PostgresAdapter("postgresql://localhost/mydb"),
        "cache": RedisAdapter("redis://localhost:6379"),
    },
)

Exploration Strategies

from venomqa.v1 import BFS, DFS, Random, CoverageGuided, Weighted

agent = Agent(..., strategy=BFS())           # breadth-first (default, best for bug finding)
agent = Agent(..., strategy=DFS())           # depth-first
agent = Agent(..., strategy=CoverageGuided()) # maximize state coverage

Reporters

from venomqa.v1 import ConsoleReporter, HTMLTraceReporter, JSONReporter

reporter = ConsoleReporter()
reporter.report(result)

html = HTMLTraceReporter()
html.report(result, path="trace.html")   # D3 force-graph of the state space

Working Example

examples/github_stripe_qa/ contains a full multi-API example with two deliberately planted bugs that VenomQA catches automatically:

cd examples/github_stripe_qa
python main.py

Development Setup

git clone https://github.com/namanagarwal/venomQA
cd venomQA
pip install -e ".[dev]"

make test          # all unit tests
make lint          # ruff
make typecheck     # mypy --strict
make ci            # lint + typecheck + coverage

CLI

venomqa run        # run explorations
venomqa doctor     # system diagnostics
venomqa record     # record HTTP traffic → generate test code
venomqa --help

License

MIT — built by Naman Agarwal

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for NamanAg from gravatar.com NamanAg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Naman Agarwal
  • Maintainer: Naman Agarwal
  • Tags api-testing , branch-exploration , checkpoint , e2e-testing , end-to-end , graphql-testing , http-testing , integration-testing , journey-testing , qa , rest-api , state-management , stateful-testing , test-automation , testing
  • Requires: Python >=3.10
  • Provides-Extra: all , dev , docker , docs , graphql , postgres , redis , s3
Classifiers

Release history Release notifications | RSS feed

0.6.4

0.6.3

0.6.2

0.6.1

0.5.0

0.4.7

0.4.6

0.4.5

0.4.4

0.4.3

0.4.2

0.4.1

0.4.0

0.3.0

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

This version

0.2.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

venomqa-0.2.1.tar.gz (2.3 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

venomqa-0.2.1-py3-none-any.whl (996.2 kB view details)

Uploaded Python 3

File details

Details for the file venomqa-0.2.1.tar.gz.

File metadata

  • Download URL: venomqa-0.2.1.tar.gz
  • Upload date:
  • Size: 2.3 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for venomqa-0.2.1.tar.gz
Algorithm Hash digest
SHA256 2f3add96b0a511ef5384343d3dcf0d185745916824dac6922880e0c6204c5d76
MD5 5e5471fb4780e7f45c8dd0bd26f744bc
BLAKE2b-256 faaab1fdc3133496a23fc8b69845e13558a043e04e79c218baf091f6662f7b85

See more details on using hashes here.

Provenance

The following attestation bundles were made for venomqa-0.2.1.tar.gz:

Publisher: publish.yml on namanag97/venomqa

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file venomqa-0.2.1-py3-none-any.whl.

File metadata

  • Download URL: venomqa-0.2.1-py3-none-any.whl
  • Upload date:
  • Size: 996.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for venomqa-0.2.1-py3-none-any.whl
Algorithm Hash digest
SHA256 908050298d7e616b2f547cab4cb98b4d91d81ff68802ae97d73e94206de3d1ef
MD5 1741fd567c8ce839827020eb6cd79b8f
BLAKE2b-256 9299b0b271d315628458ef8c2236f4e3846f61fab8d302d90427bb75417adcf2

See more details on using hashes here.

Provenance

The following attestation bundles were made for venomqa-0.2.1-py3-none-any.whl:

Publisher: publish.yml on namanag97/venomqa

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page