Fix nil pointer dereferences in assertion functions and add fuzz tests

[Copilot]

Several assertion functions panic with a nil pointer dereference when passed nil values, due to unchecked reflect.TypeOf() calls (which returns nil for untyped nil).

Nil-safety fixes

• isList() — reflect.TypeOf(list).Kind() panics on nil list
• Positive() / Negative() — reflect.Zero(reflect.TypeOf(e)) panics on nil value
• isStrictlyOrdered() — same reflect.TypeOf(object).Kind() pattern
• Implements() / NotImplements() — reflect.TypeOf(interfaceObject).Elem() panics on nil

All fixed by adding a nil check before dereferencing, returning a clear failure message instead of panicking:

// Before
objKind := reflect.TypeOf(object).Kind() // panics if object == nil

// After
objType := reflect.TypeOf(object)
if objType == nil {
    return nil, false, fmt.Errorf("object <nil> is not an ordered collection")
}
objKind := objType.Kind()

Fuzz tests

Added internal/testintegration/assertions/ with property-based tests (pgregory.net/rapid) and a Go native fuzz target exercising assertion functions with arbitrary values including nil, nil pointers, typed nils, and diverse container types. These tests discovered all four bugs above.

[fredbi]

Linter is complaining

Error: /home/runner/work/testify/testify/internal/assertions/order.go:325:22: error-format: fmt.Errorf can be replaced with errors.New (perfsprint)
return nil, false, fmt.Errorf("object is not an ordered collection")

[Copilot]

Linter is complaining

Error: /home/runner/work/testify/testify/internal/assertions/order.go:325:22: error-format: fmt.Errorf can be replaced with errors.New (perfsprint)...

Fixed — replaced fmt.Errorf with errors.New since there are no format verbs in that string.

[codecov]

Codecov Report

❌ Patch coverage is 84.00000% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 91.67%. Comparing base (8244b25) to head (e48b8bd).
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
internal/assertions/type.go	50.00%	2 Missing and 2 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #126      +/-   ##
==========================================
- Coverage   91.69%   91.67%   -0.02%     
==========================================
  Files          97       97              
  Lines       12601    12620      +19     
==========================================
+ Hits        11555    11570      +15     
- Misses        825      827       +2     
- Partials      221      223       +2     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

[fredbi]

Integration test is failing.

this job is failing on data races in the rapid/property tests under internal/testintegration/v2/assertions, not on assertion mismatches.

From the logs:

testing.go:1712: race detected during execution of test
Multiple tests fail with that same race signal:
TestNilSafetyUnary
TestNilSafetyBinary
TestNilSafetyCollections
TestNilSafetyComparison
TestNilSafetyType
TestNilSafetyExportedValues
The “fail file is no longer valid” lines are secondary (rapid replay artifact invalidation), not the primary breakage.

What to fix

The tests likely call assertion helpers that mutate shared/global state (or shared buffers/formatters) while rapid runs many generated cases. Under -race, this trips immediately.

Target file

Workflow: .github/workflows/go-test.yml (from job metadata)
Failing tests: internal/testintegration/v2/assertions/assertions_test.go (per stack lines in logs)

[Copilot]

Integration test is failing.

this job is failing on data races in the rapid/property tests under internal/testintegration/v2/assertions, not on assertion mismatches....

The race was caused by a package-level var sink bool written concurrently from parallel test functions. Removed it and switched to _ = assignments instead. Tests now pass with -race.