{"id":37063038,"url":"https://github.com/testsmt/yinyang","last_synced_at":"2026-01-14T07:01:46.900Z","repository":{"id":41850151,"uuid":"308573793","full_name":"testsmt/yinyang","owner":"testsmt","description":"A fuzzing framework for SMT solvers","archived":false,"fork":false,"pushed_at":"2023-07-27T06:49:08.000Z","size":3176,"stargazers_count":193,"open_issues_count":14,"forks_count":24,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-09-19T16:21:00.402Z","etag":null,"topics":["cvc4","fuzzing","smt","smt-lib","smt-solver","testing","z3"],"latest_commit_sha":null,"homepage":"https://testsmt.github.io/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/testsmt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-10-30T08:50:04.000Z","updated_at":"2025-09-13T02:01:36.000Z","dependencies_parsed_at":"2023-02-19T02:15:46.042Z","dependency_job_id":null,"html_url":"https://github.com/testsmt/yinyang","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/testsmt/yinyang","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/testsmt%2Fyinyang","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/testsmt%2Fyinyang/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/testsmt%2Fyinyang/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/testsmt%2Fyinyang/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/testsmt","download_url":"https://codeload.github.com/testsmt/yinyang/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/testsmt%2Fyinyang/sbom","scorecard":{"id":875251,"data":{"date":"2025-08-11","repo":{"name":"github.com/testsmt/yinyang","commit":"f38bb10ab603408fd4c0415a7d63a9c8b5b13d03"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.7,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: yinyang/src/parsing/antlr-4.9.2-complete.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/testsmt/yinyang/main.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/testsmt/yinyang/main.yml/master?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:19","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:20","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:21","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:22","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:23","Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned","Info: 0 out of 5 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T05:43:31.521Z","repository_id":41850151,"created_at":"2025-08-24T05:43:31.521Z","updated_at":"2025-08-24T05:43:31.521Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28412482,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T05:26:33.345Z","status":"ssl_error","status_checked_at":"2026-01-14T05:21:57.251Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cvc4","fuzzing","smt","smt-lib","smt-solver","testing","z3"],"created_at":"2026-01-14T07:01:46.307Z","updated_at":"2026-01-14T07:01:46.885Z","avatar_url":"https://github.com/testsmt.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\u003ca\u003e\u003cimg width=\"160\" alt=\"portfolio_view\" align=\"center\" src=\"https://testsmt.github.io/img/tool_logo_with_name.png\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e\n\u003cp align=\"center\"\u003e\n \u003ca href=\"https://github.com/testsmt/yinyang/actions\" alt=\"Build status\"\u003e\n \u003cimg src=\"https://github.com/testsmt/yinyang/workflows/ci/badge.svg\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://readthedocs.org/projects/yinyang/badge/?version=latest\" alt=\"Documentation\"\u003e\n \u003cimg src=\"https://readthedocs.org/projects/yinyang/badge/?version=latest\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://opensource.org/licenses/MIT\" alt=\"License\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/License-MIT-yellow.svg\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://twitter.com/testsmtsolvers\" alt=\"Social\"\u003e\n \u003cimg src=\"https://img.shields.io/twitter/url?label=%40testsmtsolvers\u0026style=social\u0026url=https%3A%2F%2Ftwitter.com%2Ftestsmtsolvers\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\n\nyinyang\n------------\nA fuzzing framework for SMT solvers. Given a set of seed SMT formulas, yinyang generates mutant formulas to stress-test SMT solvers. yinyang can be used to robustify SMT solvers. It already found **1,500+** bugs in the two state-of-the-art SMT solvers Z3 and CVC4.\n\n\n\nInstallation\n------------\nTo install a stable version of yinyang use: \n\n```\npip3 install yinyang\n```\n\nTo install the most recent version, check out the repository: \n\n``` bash \ngit clone https://github.com/testsmt/yinyang.git \npip3 install antlr4-python3-runtime==4.9.2 ffg \n``` \n\nNote that you may want to add `yinyang/bin` to your PATH, for running yinyang conveniently without prefix. \n\nUsage\n-------------\n1. **Get SMT-LIB 2 benchmarks**. Edit `scripts/SMT-LIB-clone.sh` to select the logics for testing. Run `./scripts/SMT-LIB-clone.sh`\nto download the corresponding SMT-LIB 2 benchmarks. Alternatively, you can download benchmarks directly from the [SMT-LIB website](http://smtlib.cs.uiowa.edu/benchmarks.shtml) or supply your own benchmarks. \n\n2. **Get and build SMT solvers** for testing. Install two or more [SMT solvers](http://smtlib.cs.uiowa.edu/solvers.shtml) that support the SMT-LIB 2 format. You may find it convenient to add them to your PATH. \n\n3. **Run yinyang** on the benchmarks e.g. with Z3 and CVC4. \n```bash\ntypefuzz \"z3 model_validate=true;cvc4 --check-models -m -i -q\" benchmarks \n```\n\nyinyang will by default randomly select formulas from the folder `./benchmarks` and generate 300 mutants per seed formula. If a bug has been found, the bug trigger is stored in `./bugs`. yinyang will run in an infinite loop. You can use the shortcut CTRL+C to terminate yinyang manually.\n\nšŸ“˜ [Documentation](https://yinyang.readthedocs.io/en/latest/)\n\nFeedback\n---------\nFor bugs/issues/questions/feature requests please file an issue. We are always happy to receive your feedback or help you adjust yinyang to the needs of your custom solver, help you build on yinyang, etc.\n \nšŸ“¬ [Contact us](https://yinyang.readthedocs.io/en/latest/building_on.html#contact)\n\nAdditional Resources\n----------\n- [Citing yinyang](https://yinyang.readthedocs.io/en/latest/building_on.html#citing-yinyang)\n- [Project website](https://testsmt.github.io/) with bug statistics, talk videos, etc.\n- [Google Open Source Peer Bonus](https://opensource.googleblog.com/2021/04/announcing-first-group-of-google-open-source-peer-bonus-winners.html#:~:text=The%20Google%20Open%20Source%20Peer,exceptional%20contributions%20to%20open%20source.) šŸ†\n- [Amazon Research Awards](https://www.amazon.science/research-awards/recipients/zhendong-su-fall-2021) šŸ†\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftestsmt%2Fyinyang","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftestsmt%2Fyinyang","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftestsmt%2Fyinyang/lists"}