schemathesis 3.25.5__py3-none-any.whl → 3.39.7__py3-none-any.whl

schemathesis/cli/__init__.py

@@ -1,7 +1,6 @@
 from __future__ import annotations
+
 import base64
-import enum
-import io
 import os
 import sys
 import traceback
@@ -10,67 +9,77 @@ from collections import defaultdict
 from dataclasses import dataclass
 from enum import Enum
 from queue import Queue
-from typing import Any, Callable, Generator, Iterable, NoReturn, cast, TYPE_CHECKING
+from typing import TYPE_CHECKING, Any, Callable, Generator, Iterable, Literal, NoReturn, Sequence, Type, cast
 from urllib.parse import urlparse
 
 import click
 
 from .. import checks as checks_module
-from .. import contrib, experimental, generation
+from .. import contrib, experimental, generation, runner, service
 from .. import fixups as _fixups
-from .. import runner, service
 from .. import targets as targets_module
+from .._override import CaseOverride
 from ..code_samples import CodeSampleStyle
-from .constants import HealthCheck, Phase, Verbosity
-from ..generation import DEFAULT_DATA_GENERATION_METHODS, DataGenerationMethod
 from ..constants import (
     API_NAME_ENV_VAR,
     BASE_URL_ENV_VAR,
     DEFAULT_RESPONSE_TIMEOUT,
     DEFAULT_STATEFUL_RECURSION_LIMIT,
+    EXTENSIONS_DOCUMENTATION_URL,
     HOOKS_MODULE_ENV_VAR,
     HYPOTHESIS_IN_MEMORY_DATABASE_IDENTIFIER,
-    WAIT_FOR_SCHEMA_ENV_VAR,
-    EXTENSIONS_DOCUMENTATION_URL,
     ISSUE_TRACKER_URL,
+    WAIT_FOR_SCHEMA_ENV_VAR,
 )
-from ..exceptions import SchemaError, extract_nth_traceback, SchemaErrorType
+from ..exceptions import SchemaError, SchemaErrorType, extract_nth_traceback
+from ..filters import FilterSet, expression_to_filter_function, is_deprecated
 from ..fixups import ALL_FIXUPS
-from ..loaders import load_app, load_yaml
-from .._override import CaseOverride
-from ..transports.auth import get_requests_auth
+from ..generation import DEFAULT_DATA_GENERATION_METHODS, DataGenerationMethod
 from ..hooks import GLOBAL_HOOK_DISPATCHER, HookContext, HookDispatcher, HookScope
-from ..models import Case, CheckFunction
-from ..runner import events, prepare_hypothesis_settings
+from ..internal.checks import CheckConfig
+from ..internal.datetime import current_datetime
+from ..internal.output import OutputConfig
+from ..internal.validation import file_exists
+from ..loaders import load_app, load_yaml
+from ..runner import events, prepare_hypothesis_settings, probes
 from ..specs.graphql import loaders as gql_loaders
 from ..specs.openapi import loaders as oas_loaders
-from ..specs.openapi import formats
 from ..stateful import Stateful
-from ..targets import Target
-from ..types import Filter, PathLike, RequestCert
-from ..internal.datetime import current_datetime
-from ..internal.validation import file_exists
-from . import callbacks, cassettes, output, probes
-from .constants import DEFAULT_WORKERS, MAX_WORKERS, MIN_WORKERS
+from ..transports import RequestConfig
+from ..transports.auth import get_requests_auth
+from . import callbacks, cassettes, output
+from .constants import DEFAULT_WORKERS, MAX_WORKERS, MIN_WORKERS, HealthCheck, Phase, Verbosity
 from .context import ExecutionContext, FileReportContext, ServiceReportContext
 from .debug import DebugOutputHandler
+from .handlers import EventHandler
 from .junitxml import JunitXMLHandler
-from .options import CsvChoice, CsvEnumChoice, CustomHelpMessageChoice, NotSet, OptionalInt
+from .options import CsvChoice, CsvEnumChoice, CsvListChoice, CustomHelpMessageChoice, OptionalInt
 from .sanitization import SanitizationHandler
 
 if TYPE_CHECKING:
+    import io
+
     import hypothesis
     import requests
-    from ..service.client import ServiceClient
+
+    from ..models import Case, CheckFunction
     from ..schemas import BaseSchema
+    from ..service.client import ServiceClient
     from ..specs.graphql.schemas import GraphQLSchema
-    from .handlers import EventHandler
+    from ..targets import Target
+    from ..types import NotSet, PathLike, RequestCert
+
+
+__all__ = [
+    "EventHandler",
+]
 
 
 def _get_callable_names(items: tuple[Callable, ...]) -> tuple[str, ...]:
     return tuple(item.__name__ for item in items)
 
 
+CUSTOM_HANDLERS: list[type[EventHandler]] = []
 CONTEXT_SETTINGS = {"help_option_names": ["-h", "--help"]}
 
 DEFAULT_CHECKS_NAMES = _get_callable_names(checks_module.DEFAULT_CHECKS)
@@ -96,13 +105,6 @@ DEPRECATED_SHOW_ERROR_TRACEBACKS_OPTION_WARNING = (
     "Warning: Option `--show-errors-tracebacks` is deprecated and will be removed in Schemathesis 4.0. "
     "Use `--show-trace` instead"
 )
-DEPRECATED_CONTRIB_UNIQUE_DATA_OPTION_WARNING = (
-    "The `--contrib-unique-data` CLI option and the corresponding `schemathesis.contrib.unique_data` hook "
-    "are **DEPRECATED**. The concept of this feature does not fit the core principles of Hypothesis where "
-    "strategies are configurable on a per-example basis but this feature implies uniqueness across examples. "
-    "This leads to cryptic error messages about external state and flaky test runs, "
-    "therefore it will be removed in Schemathesis 4.0"
-)
 CASSETTES_PATH_INVALID_USAGE_MESSAGE = "Can't use `--store-network-log` and `--cassette-path` simultaneously"
 COLOR_OPTIONS_INVALID_USAGE_MESSAGE = "Can't use `--no-color` and `--force-color` simultaneously"
 PHASES_INVALID_USAGE_MESSAGE = "Can't use `--hypothesis-phases` and `--hypothesis-no-phases` simultaneously"
@@ -112,21 +114,21 @@ def reset_checks() -> None:
     """Get checks list to their default state."""
     # Useful in tests
     checks_module.ALL_CHECKS = checks_module.DEFAULT_CHECKS + checks_module.OPTIONAL_CHECKS
-    CHECKS_TYPE.choices = _get_callable_names(checks_module.ALL_CHECKS) + ("all",)
+    CHECKS_TYPE.choices = (*_get_callable_names(checks_module.ALL_CHECKS), "all")
 
 
 def reset_targets() -> None:
     """Get targets list to their default state."""
     # Useful in tests
     targets_module.ALL_TARGETS = targets_module.DEFAULT_TARGETS + targets_module.OPTIONAL_TARGETS
-    TARGETS_TYPE.choices = _get_callable_names(targets_module.ALL_TARGETS) + ("all",)
+    TARGETS_TYPE.choices = (*_get_callable_names(targets_module.ALL_TARGETS), "all")
 
 
 @click.group(context_settings=CONTEXT_SETTINGS)
-@click.option("--pre-run", help="A module to execute before running the tests.", type=str, hidden=True)
+@click.option("--pre-run", help="[DEPRECATED] A module to execute before running the tests", type=str, hidden=True)
 @click.version_option()
 def schemathesis(pre_run: str | None = None) -> None:
-    """Automated API testing employing fuzzing techniques for OpenAPI and GraphQL."""
+    """Property-based API testing for OpenAPI and GraphQL."""
     # Don't use `envvar=HOOKS_MODULE_ENV_VAR` arg to raise a deprecation warning for hooks
     hooks: str | None
     if pre_run:
@@ -138,76 +140,89 @@ def schemathesis(pre_run: str | None = None) -> None:
         load_hook(hooks)
 
 
-class ParameterGroup(enum.Enum):
-    filtering = "Testing scope", "Customize the scope of the API testing."
-    validation = "Response & Schema validation", "These options specify how API responses and schemas are validated."
-    hypothesis = "Hypothesis engine", "Configuration of the underlying Hypothesis engine."
-    generic = "Generic", None
+GROUPS: list[str] = []
 
 
-class CommandWithCustomHelp(click.Command):
+class CommandWithGroupedOptions(click.Command):
     def format_options(self, ctx: click.Context, formatter: click.HelpFormatter) -> None:
-        # Group options first
         groups = defaultdict(list)
         for param in self.get_params(ctx):
             rv = param.get_help_record(ctx)
             if rv is not None:
+                (option_repr, message) = rv
+                if isinstance(param.type, click.Choice):
+                    message += (
+                        getattr(param.type, "choices_repr", None)
+                        or f" [possible values: {', '.join(param.type.choices)}]"
+                    )
+
                 if isinstance(param, GroupedOption):
                     group = param.group
                 else:
-                    group = ParameterGroup.generic
-                groups[group].append(rv)
-        # Then display groups separately with optional description
-        for group in ParameterGroup:
-            opts = groups[group]
-            title, description = group.value
-            with formatter.section(title):
-                if description:
-                    formatter.write_paragraph()
-                    formatter.write_text(description)
-                    formatter.write_paragraph()
-                formatter.write_dl(opts)
+                    group = "Global options"
+                groups[group].append((option_repr, message))
+        for group in GROUPS:
+            with formatter.section(group or "Options"):
+                formatter.write_dl(groups[group], col_max=40)
 
 
 class GroupedOption(click.Option):
-    def __init__(self, *args: Any, group: ParameterGroup, **kwargs: Any):
+    def __init__(self, *args: Any, group: str | None = None, **kwargs: Any):
         super().__init__(*args, **kwargs)
         self.group = group
 
 
-with_request_proxy = click.option(
+def group(name: str) -> Callable:
+    GROUPS.append(name)
+
+    def _inner(cmd: Callable) -> Callable:
+        for param in reversed(cmd.__click_params__):  # type: ignore[attr-defined]
+            if not isinstance(param, GroupedOption) or param.group is not None:
+                break
+            param.group = name
+        return cmd
+
+    return _inner
+
+
+def grouped_option(*args: Any, **kwargs: Any) -> Callable:
+    kwargs.setdefault("cls", GroupedOption)
+    return click.option(*args, **kwargs)
+
+
+with_request_proxy = grouped_option(
     "--request-proxy",
-    help="Set the proxy for all network requests.",
+    help="Set the proxy for all network requests",
     type=str,
 )
-with_request_tls_verify = click.option(
+with_request_tls_verify = grouped_option(
     "--request-tls-verify",
-    help="Configures TLS certificate verification for server requests. Can specify path to CA_BUNDLE for custom certs.",
+    help="Configures TLS certificate verification for server requests. Can specify path to CA_BUNDLE for custom certs",
     type=str,
     default="true",
     show_default=True,
     callback=callbacks.convert_boolean_string,
 )
-with_request_cert = click.option(
+with_request_cert = grouped_option(
     "--request-cert",
     help="File path of unencrypted client certificate for authentication. "
     "The certificate can be bundled with a private key (e.g. PEM) or the private "
-    "key can be provided with the --request-cert-key argument.",
+    "key can be provided with the --request-cert-key argument",
     type=click.Path(exists=True),
     default=None,
     show_default=False,
 )
-with_request_cert_key = click.option(
+with_request_cert_key = grouped_option(
     "--request-cert-key",
-    help="Specifies the file path of the private key for the client certificate.",
+    help="Specify the file path of the private key for the client certificate",
     type=click.Path(exists=True),
     default=None,
     show_default=False,
     callback=callbacks.validate_request_cert_key,
 )
-with_hosts_file = click.option(
+with_hosts_file = grouped_option(
     "--hosts-file",
-    help="Path to a file to store the Schemathesis.io auth configuration.",
+    help="Path to a file to store the Schemathesis.io auth configuration",
     type=click.Path(dir_okay=False, writable=True),
     default=service.DEFAULT_HOSTS_PATH,
     envvar=service.HOSTS_PATH_ENV_VAR,
@@ -215,6 +230,37 @@ with_hosts_file = click.option(
 )
 
 
+def _with_filter(*, by: str, mode: Literal["include", "exclude"], modifier: Literal["regex"] | None = None) -> Callable:
+    """Generate a CLI option for filtering API operations."""
+    param = f"--{mode}-{by}"
+    action = "include in" if mode == "include" else "exclude from"
+    prop = {
+        "operation-id": "ID",
+        "name": "Operation name",
+    }.get(by, by.capitalize())
+    if modifier:
+        param += f"-{modifier}"
+        prop += " pattern"
+    help_text = f"{prop} to {action} testing."
+    return grouped_option(
+        param,
+        help=help_text,
+        type=str,
+        multiple=modifier is None,
+    )
+
+
+_BY_VALUES = ("operation-id", "tag", "name", "method", "path")
+
+
+def with_filters(command: Callable) -> Callable:
+    for by in _BY_VALUES:
+        for mode in ("exclude", "include"):
+            for modifier in ("regex", None):
+                command = _with_filter(by=by, mode=mode, modifier=modifier)(command)  # type: ignore[arg-type]
+    return command
+
+
 class ReportToService:
     pass
 
@@ -222,502 +268,587 @@ class ReportToService:
 REPORT_TO_SERVICE = ReportToService()
 
 
-@schemathesis.command(short_help="Execute automated tests based on API specifications.", cls=CommandWithCustomHelp)
+@schemathesis.command(
+    short_help="Execute automated tests based on API specifications",
+    cls=CommandWithGroupedOptions,
+    context_settings={"terminal_width": output.default.get_terminal_width(), **CONTEXT_SETTINGS},
+)
 @click.argument("schema", type=str)
 @click.argument("api_name", type=str, required=False, envvar=API_NAME_ENV_VAR)
-@click.option(
+@group("Options")
+@grouped_option(
+    "--workers",
+    "-w",
+    "workers_num",
+    help="Number of concurrent workers for testing. Auto-adjusts if 'auto' is specified",
+    type=CustomHelpMessageChoice(
+        ["auto", *list(map(str, range(MIN_WORKERS, MAX_WORKERS + 1)))],
+        choices_repr=f"[auto, {MIN_WORKERS}-{MAX_WORKERS}]",
+    ),
+    default=str(DEFAULT_WORKERS),
+    show_default=True,
+    callback=callbacks.convert_workers,
+    metavar="",
+)
+@grouped_option(
+    "--dry-run",
+    "dry_run",
+    is_flag=True,
+    default=False,
+    help="Simulate test execution without making any actual requests, useful for validating data generation",
+)
+@grouped_option(
+    "--fixups",
+    help="Apply compatibility adjustments",
+    multiple=True,
+    type=click.Choice([*ALL_FIXUPS, "all"]),
+    metavar="",
+)
+@group("Experimental options")
+@grouped_option(
+    "--experimental",
+    "experiments",
+    help="Enable experimental features",
+    type=click.Choice(
+        [
+            experimental.OPEN_API_3_1.name,
+            experimental.SCHEMA_ANALYSIS.name,
+            experimental.STATEFUL_TEST_RUNNER.name,
+            experimental.STATEFUL_ONLY.name,
+            experimental.COVERAGE_PHASE.name,
+            experimental.POSITIVE_DATA_ACCEPTANCE.name,
+        ]
+    ),
+    callback=callbacks.convert_experimental,
+    multiple=True,
+    metavar="",
+)
+@grouped_option(
+    "--experimental-no-failfast",
+    "no_failfast",
+    help="Continue testing an API operation after a failure is found",
+    is_flag=True,
+    default=False,
+    metavar="",
+    envvar="SCHEMATHESIS_EXPERIMENTAL_NO_FAILFAST",
+)
+@grouped_option(
+    "--experimental-missing-required-header-allowed-statuses",
+    "missing_required_header_allowed_statuses",
+    help="Comma-separated list of status codes expected for test cases with a missing required header",
+    type=CsvListChoice(),
+    callback=callbacks.convert_status_codes,
+    metavar="",
+    envvar="SCHEMATHESIS_EXPERIMENTAL_MISSING_REQUIRED_HEADER_ALLOWED_STATUSES",
+)
+@grouped_option(
+    "--experimental-positive-data-acceptance-allowed-statuses",
+    "positive_data_acceptance_allowed_statuses",
+    help="Comma-separated list of status codes considered as successful responses",
+    type=CsvListChoice(),
+    callback=callbacks.convert_status_codes,
+    metavar="",
+    envvar="SCHEMATHESIS_EXPERIMENTAL_POSITIVE_DATA_ACCEPTANCE_ALLOWED_STATUSES",
+)
+@grouped_option(
+    "--experimental-negative-data-rejection-allowed-statuses",
+    "negative_data_rejection_allowed_statuses",
+    help="Comma-separated list of status codes expected for rejected negative data",
+    type=CsvListChoice(),
+    callback=callbacks.convert_status_codes,
+    metavar="",
+    envvar="SCHEMATHESIS_EXPERIMENTAL_NEGATIVE_DATA_REJECTION_ALLOWED_STATUSES",
+)
+@group("API validation options")
+@grouped_option(
     "--checks",
     "-c",
     multiple=True,
-    help="Specifies the validation checks to apply to API responses. "
-    "Provide a comma-separated list of checks such as 'not_a_server_error,status_code_conformance', etc. "
-    f"Default is '{','.join(DEFAULT_CHECKS_NAMES)}'.",
+    help="Comma-separated list of checks to run against API responses",
     type=CHECKS_TYPE,
     default=DEFAULT_CHECKS_NAMES,
-    cls=GroupedOption,
-    group=ParameterGroup.validation,
     callback=callbacks.convert_checks,
     show_default=True,
+    metavar="",
 )
-@click.option(
+@grouped_option(
     "--exclude-checks",
     multiple=True,
-    help="Specifies the validation checks to skip during testing. "
-    "Provide a comma-separated list of checks you wish to bypass.",
+    help="Comma-separated list of checks to skip during testing",
     type=EXCLUDE_CHECKS_TYPE,
     default=[],
-    cls=GroupedOption,
-    group=ParameterGroup.validation,
     callback=callbacks.convert_checks,
     show_default=True,
+    metavar="",
 )
-@click.option(
-    "--data-generation-method",
-    "-D",
-    "data_generation_methods",
-    help="Specifies the approach Schemathesis uses to generate test data. "
-    "Use 'positive' for valid data, 'negative' for invalid data, or 'all' for both. "
-    "Default is 'positive'.",
-    type=DATA_GENERATION_METHOD_TYPE,
-    default=DataGenerationMethod.default().name,
-    callback=callbacks.convert_data_generation_method,
-    show_default=True,
-)
-@click.option(
+@grouped_option(
     "--max-response-time",
-    help="Sets a custom time limit for API response times. "
-    "The test will fail if a response time exceeds this limit. "
-    "Provide the time in milliseconds.",
+    help="Time limit in milliseconds for API response times. "
+    "The test will fail if a response time exceeds this limit. ",
     type=click.IntRange(min=1),
-    cls=GroupedOption,
-    group=ParameterGroup.validation,
-)
-@click.option(
-    "--target",
-    "-t",
-    "targets",
-    multiple=True,
-    help="Guides input generation to values more likely to expose bugs via targeted property-based testing.",
-    type=TARGETS_TYPE,
-    default=DEFAULT_TARGETS_NAMES,
-    show_default=True,
 )
-@click.option(
+@grouped_option(
     "-x",
     "--exitfirst",
     "exit_first",
     is_flag=True,
     default=False,
-    help="Terminates the test suite immediately upon the first failure or error encountered.",
+    help="Terminate the test suite immediately upon the first failure or error encountered",
     show_default=True,
 )
-@click.option(
+@grouped_option(
     "--max-failures",
     "max_failures",
     type=click.IntRange(min=1),
-    help="Terminates the test suite after reaching a specified number of failures or errors.",
+    help="Terminate the test suite after reaching a specified number of failures or errors",
     show_default=True,
 )
-@click.option(
-    "--dry-run",
-    "dry_run",
-    is_flag=True,
+@group("Loader options")
+@grouped_option(
+    "--app",
+    help="Specify the WSGI/ASGI application under test, provided as an importable Python path",
+    type=str,
+    callback=callbacks.validate_app,
+)
+@grouped_option(
+    "--wait-for-schema",
+    help="Maximum duration, in seconds, to wait for the API schema to become available. Disabled by default",
+    type=click.FloatRange(1.0),
+    default=None,
+    envvar=WAIT_FOR_SCHEMA_ENV_VAR,
+)
+@grouped_option(
+    "--validate-schema",
+    help="Validate input API schema. Set to 'true' to enable or 'false' to disable",
+    type=bool,
     default=False,
-    help="Simulates test execution without making any actual requests, useful for validating data generation.",
+    show_default=True,
 )
-@click.option(
+@group("Network requests options")
+@grouped_option(
+    "--base-url",
+    "-b",
+    help="Base URL of the API, required when schema is provided as a file",
+    type=str,
+    callback=callbacks.validate_base_url,
+    envvar=BASE_URL_ENV_VAR,
+)
+@grouped_option(
+    "--request-timeout",
+    help="Timeout limit, in milliseconds, for each network request during tests",
+    type=click.IntRange(1),
+    default=DEFAULT_RESPONSE_TIMEOUT,
+)
+@with_request_proxy
+@with_request_tls_verify
+@with_request_cert
+@with_request_cert_key
+@grouped_option(
+    "--rate-limit",
+    help="Specify a rate limit for test requests in '<limit>/<duration>' format. "
+    "Example - `100/m` for 100 requests per minute",
+    type=str,
+    callback=callbacks.validate_rate_limit,
+)
+@grouped_option(
+    "--header",
+    "-H",
+    "headers",
+    help=r"Add a custom HTTP header to all API requests. Format: 'Header-Name: Value'",
+    multiple=True,
+    type=str,
+    callback=callbacks.validate_headers,
+)
+@grouped_option(
     "--auth",
     "-a",
-    help="Provides the server authentication details in the 'USER:PASSWORD' format.",
+    help="Provide the server authentication details in the 'USER:PASSWORD' format",
     type=str,
     callback=callbacks.validate_auth,
 )
-@click.option(
+@grouped_option(
     "--auth-type",
     "-A",
     type=click.Choice(["basic", "digest"], case_sensitive=False),
     default="basic",
-    help="Specifies the authentication method. Default is 'basic'.",
+    help="Specify the authentication method. For custom authentication methods, see our Authentication documentation: https://schemathesis.readthedocs.io/en/stable/auth.html#custom-auth",
     show_default=True,
+    metavar="",
 )
-@click.option(
-    "--set-query",
-    "set_query",
-    help=r"OpenAPI: Override a specific query parameter by specifying 'parameter=value'",
-    multiple=True,
-    type=str,
-    callback=callbacks.validate_set_query,
-)
-@click.option(
-    "--set-header",
-    "set_header",
-    help=r"OpenAPI: Override a specific header parameter by specifying 'parameter=value'",
-    multiple=True,
-    type=str,
-    callback=callbacks.validate_set_header,
-)
-@click.option(
-    "--set-cookie",
-    "set_cookie",
-    help=r"OpenAPI: Override a specific cookie parameter by specifying 'parameter=value'",
-    multiple=True,
+@group("Filtering options")
+@with_filters
+@grouped_option(
+    "--include-by",
+    "include_by",
     type=str,
-    callback=callbacks.validate_set_cookie,
+    help="Include API operations by expression",
 )
-@click.option(
-    "--set-path",
-    "set_path",
-    help=r"OpenAPI: Override a specific path parameter by specifying 'parameter=value'",
-    multiple=True,
+@grouped_option(
+    "--exclude-by",
+    "exclude_by",
     type=str,
-    callback=callbacks.validate_set_path,
+    help="Exclude API operations by expression",
 )
-@click.option(
-    "--header",
-    "-H",
-    "headers",
-    help=r"Adds a custom HTTP header to all API requests. Format: 'Header-Name: Value'.",
-    multiple=True,
-    type=str,
-    callback=callbacks.validate_headers,
+@grouped_option(
+    "--exclude-deprecated",
+    help="Exclude deprecated API operations from testing",
+    is_flag=True,
+    is_eager=True,
+    default=False,
+    show_default=True,
 )
-@click.option(
+@grouped_option(
     "--endpoint",
     "-E",
     "endpoints",
     type=str,
     multiple=True,
-    help=r"API operation path pattern (e.g., users/\d+).",
+    help=r"[DEPRECATED] API operation path pattern (e.g., users/\d+)",
     callback=callbacks.validate_regex,
-    cls=GroupedOption,
-    group=ParameterGroup.filtering,
+    hidden=True,
 )
-@click.option(
+@grouped_option(
     "--method",
     "-M",
     "methods",
     type=str,
     multiple=True,
-    help="HTTP method (e.g., GET, POST).",
+    help="[DEPRECATED] HTTP method (e.g., GET, POST)",
     callback=callbacks.validate_regex,
-    cls=GroupedOption,
-    group=ParameterGroup.filtering,
+    hidden=True,
 )
-@click.option(
+@grouped_option(
     "--tag",
     "-T",
     "tags",
     type=str,
     multiple=True,
-    help="Schema tag pattern.",
+    help="[DEPRECATED] Schema tag pattern",
     callback=callbacks.validate_regex,
-    cls=GroupedOption,
-    group=ParameterGroup.filtering,
+    hidden=True,
 )
-@click.option(
+@grouped_option(
     "--operation-id",
     "-O",
     "operation_ids",
     type=str,
     multiple=True,
-    help="OpenAPI operationId pattern.",
+    help="[DEPRECATED] OpenAPI operationId pattern",
     callback=callbacks.validate_regex,
-    cls=GroupedOption,
-    group=ParameterGroup.filtering,
-)
-@click.option(
-    "--workers",
-    "-w",
-    "workers_num",
-    help="Sets the number of concurrent workers for testing. Auto-adjusts if 'auto' is specified.",
-    type=CustomHelpMessageChoice(
-        ["auto"] + list(map(str, range(MIN_WORKERS, MAX_WORKERS + 1))),
-        choices_repr=f"[auto|{MIN_WORKERS}-{MAX_WORKERS}]",
-    ),
-    default=str(DEFAULT_WORKERS),
-    show_default=True,
-    callback=callbacks.convert_workers,
-)
-@click.option(
-    "--base-url",
-    "-b",
-    help="Provides the base URL of the API, required when schema is provided as a file.",
-    type=str,
-    callback=callbacks.validate_base_url,
-    envvar=BASE_URL_ENV_VAR,
-)
-@click.option(
-    "--app",
-    help="Specifies the WSGI/ASGI application under test, provided as an importable Python path.",
-    type=str,
-    callback=callbacks.validate_app,
-)
-@click.option(
-    "--wait-for-schema",
-    help="Maximum duration, in seconds, to wait for the API schema to become available.",
-    type=click.FloatRange(1.0),
-    default=None,
-    envvar=WAIT_FOR_SCHEMA_ENV_VAR,
-)
-@click.option(
-    "--request-timeout",
-    help="Sets a timeout limit, in milliseconds, for each network request during tests.",
-    type=click.IntRange(1),
-    default=DEFAULT_RESPONSE_TIMEOUT,
-)
-@with_request_proxy
-@with_request_tls_verify
-@with_request_cert
-@with_request_cert_key
-@click.option(
-    "--validate-schema",
-    help="Toggles validation of incoming payloads against the defined API schema. "
-    "Set to 'True' to enable or 'False' to disable. "
-    "Default is 'False'.",
-    type=bool,
-    default=False,
-    show_default=True,
-    cls=GroupedOption,
-    group=ParameterGroup.validation,
+    hidden=True,
 )
-@click.option(
+@grouped_option(
     "--skip-deprecated-operations",
-    help="Exclude deprecated API operations from testing.",
+    help="[DEPRECATED] Exclude deprecated API operations from testing",
     is_flag=True,
     is_eager=True,
     default=False,
     show_default=True,
-    cls=GroupedOption,
-    group=ParameterGroup.filtering,
+    hidden=True,
 )
-@click.option(
+@group("Output options")
+@grouped_option(
     "--junit-xml",
-    help="Outputs a JUnit-XML style report at the specified file path.",
+    help="Output a JUnit-XML style report at the specified file path",
     type=click.File("w", encoding="utf-8"),
 )
-@click.option(
-    "--report",
-    "report_value",
-    help="""Specifies how the generated report should be handled.
-If used without an argument, the report data will automatically be uploaded to Schemathesis.io.
-If a file name is provided, the report will be stored in that file.
-The report data, consisting of a tar gz file with multiple JSON files, is subject to change.""",
-    is_flag=False,
-    flag_value="",
-    envvar=service.REPORT_ENV_VAR,
-    callback=callbacks.convert_report,  # type: ignore
-)
-@click.option(
-    "--debug-output-file",
-    help="Saves debugging information in a JSONL format at the specified file path.",
+@grouped_option(
+    "--cassette-path",
+    help="Save the test outcomes in a VCR-compatible format",
     type=click.File("w", encoding="utf-8"),
-)
-@click.option(
-    "--show-errors-tracebacks",
-    help="Displays complete traceback information for internal errors.",
-    is_flag=True,
     is_eager=True,
-    default=False,
-    hidden=True,
-    show_default=True,
 )
-@click.option(
-    "--show-trace",
-    help="Displays complete traceback information for internal errors.",
+@grouped_option(
+    "--cassette-format",
+    help="Format of the saved cassettes",
+    type=click.Choice([item.name.lower() for item in cassettes.CassetteFormat]),
+    default=cassettes.CassetteFormat.VCR.name.lower(),
+    callback=callbacks.convert_cassette_format,
+    metavar="",
+)
+@grouped_option(
+    "--cassette-preserve-exact-body-bytes",
+    help="Retain exact byte sequence of payloads in cassettes, encoded as base64",
     is_flag=True,
-    is_eager=True,
-    default=False,
-    show_default=True,
+    callback=callbacks.validate_preserve_exact_body_bytes,
 )
-@click.option(
+@grouped_option(
     "--code-sample-style",
-    help="Selects the code sample style for reproducing failures.",
+    help="Code sample style for reproducing failures",
     type=click.Choice([item.name for item in CodeSampleStyle]),
     default=CodeSampleStyle.default().name,
     callback=callbacks.convert_code_sample_style,
+    metavar="",
 )
-@click.option(
-    "--cassette-path",
-    help="Saves the test outcomes in a VCR-compatible format.",
-    type=click.File("w", encoding="utf-8"),
-    is_eager=True,
+@grouped_option(
+    "--sanitize-output",
+    type=bool,
+    default=True,
+    show_default=True,
+    help="Enable or disable automatic output sanitization to obscure sensitive data",
 )
-@click.option(
-    "--cassette-preserve-exact-body-bytes",
-    help="Retains exact byte sequence of payloads in cassettes, encoded as base64.",
+@grouped_option(
+    "--output-truncate",
+    help="Truncate schemas and responses in error messages",
+    type=str,
+    default="true",
+    show_default=True,
+    callback=callbacks.convert_boolean_string,
+)
+@grouped_option(
+    "--show-trace",
+    help="Display complete traceback information for internal errors",
     is_flag=True,
-    callback=callbacks.validate_preserve_exact_body_bytes,
+    is_eager=True,
+    default=False,
+    show_default=True,
 )
-@click.option(
+@grouped_option(
+    "--debug-output-file",
+    help="Save debugging information in a JSONL format at the specified file path",
+    type=click.File("w", encoding="utf-8"),
+)
+@grouped_option(
     "--store-network-log",
-    help="Saves the test outcomes in a VCR-compatible format.",
+    help="[DEPRECATED] Save the test outcomes in a VCR-compatible format",
     type=click.File("w", encoding="utf-8"),
     hidden=True,
 )
-@click.option(
-    "--fixups",
-    help="Applies compatibility adjustments like 'fast_api', 'utf8_bom'.",
-    multiple=True,
-    type=click.Choice(list(ALL_FIXUPS) + ["all"]),
+@grouped_option(
+    "--show-errors-tracebacks",
+    help="[DEPRECATED] Display complete traceback information for internal errors",
+    is_flag=True,
+    is_eager=True,
+    default=False,
+    hidden=True,
+    show_default=True,
 )
-@click.option(
-    "--rate-limit",
-    help="Specifies a rate limit for test requests in '<limit>/<duration>' format. "
-    "Example - `100/m` for 100 requests per minute.",
-    type=str,
-    callback=callbacks.validate_rate_limit,
+@group("Data generation options")
+@grouped_option(
+    "--data-generation-method",
+    "-D",
+    "data_generation_methods",
+    help="Specify the approach Schemathesis uses to generate test data. "
+    "Use 'positive' for valid data, 'negative' for invalid data, or 'all' for both",
+    type=DATA_GENERATION_METHOD_TYPE,
+    default=DataGenerationMethod.default().name,
+    callback=callbacks.convert_data_generation_method,
+    show_default=True,
+    metavar="",
 )
-@click.option(
+@grouped_option(
     "--stateful",
-    help="Enables or disables stateful testing features.",
+    help="Enable or disable stateful testing",
     type=click.Choice([item.name for item in Stateful]),
     default=Stateful.links.name,
     callback=callbacks.convert_stateful,
+    metavar="",
 )
-@click.option(
+@grouped_option(
     "--stateful-recursion-limit",
-    help="Sets the recursion depth limit for stateful testing.",
+    help="Recursion depth limit for stateful testing",
     default=DEFAULT_STATEFUL_RECURSION_LIMIT,
     show_default=True,
     type=click.IntRange(1, 100),
     hidden=True,
 )
-@click.option(
-    "--force-schema-version",
-    help="Forces the schema to be interpreted as a particular OpenAPI version.",
-    type=click.Choice(["20", "30"]),
+@grouped_option(
+    "--generation-allow-x00",
+    help="Whether to allow the generation of `\x00` bytes within strings",
+    type=str,
+    default="true",
+    show_default=True,
+    callback=callbacks.convert_boolean_string,
 )
-@click.option(
-    "--sanitize-output",
-    type=bool,
-    default=True,
+@grouped_option(
+    "--generation-codec",
+    help="The codec used for generating strings",
+    type=str,
+    default="utf-8",
+    callback=callbacks.validate_generation_codec,
+)
+@grouped_option(
+    "--generation-with-security-parameters",
+    help="Whether to generate security parameters",
+    type=str,
+    default="true",
     show_default=True,
-    help="Enable or disable automatic output sanitization to obscure sensitive data.",
+    callback=callbacks.convert_boolean_string,
 )
-@click.option(
+@grouped_option(
+    "--generation-graphql-allow-null",
+    help="Whether to use `null` values for optional arguments in GraphQL queries",
+    type=str,
+    default="true",
+    show_default=True,
+    callback=callbacks.convert_boolean_string,
+)
+@grouped_option(
     "--contrib-unique-data",
     "contrib_unique_data",
-    help="Forces the generation of unique test cases.",
+    help="Force the generation of unique test cases",
     is_flag=True,
     default=False,
     show_default=True,
 )
-@click.option(
+@grouped_option(
     "--contrib-openapi-formats-uuid",
     "contrib_openapi_formats_uuid",
-    help="Enables support for the 'uuid' string format in OpenAPI.",
+    help="Enable support for the 'uuid' string format in OpenAPI",
     is_flag=True,
     default=False,
     show_default=True,
 )
-@click.option(
+@grouped_option(
     "--contrib-openapi-fill-missing-examples",
     "contrib_openapi_fill_missing_examples",
-    help="Enables generation of random examples for API operations that do not have explicit examples defined.",
+    help="Enable generation of random examples for API operations that do not have explicit examples",
     is_flag=True,
     default=False,
     show_default=True,
 )
-@click.option(
+@grouped_option(
+    "--target",
+    "-t",
+    "targets",
+    multiple=True,
+    help="Guide input generation to values more likely to expose bugs via targeted property-based testing",
+    type=TARGETS_TYPE,
+    default=DEFAULT_TARGETS_NAMES,
+    show_default=True,
+    metavar="",
+)
+@group("Open API options")
+@grouped_option(
+    "--force-schema-version",
+    help="Force the schema to be interpreted as a particular OpenAPI version",
+    type=click.Choice(["20", "30"]),
+    metavar="",
+)
+@grouped_option(
+    "--set-query",
+    "set_query",
+    help=r"OpenAPI: Override a specific query parameter by specifying 'parameter=value'",
+    multiple=True,
+    type=str,
+    callback=callbacks.validate_set_query,
+)
+@grouped_option(
+    "--set-header",
+    "set_header",
+    help=r"OpenAPI: Override a specific header parameter by specifying 'parameter=value'",
+    multiple=True,
+    type=str,
+    callback=callbacks.validate_set_header,
+)
+@grouped_option(
+    "--set-cookie",
+    "set_cookie",
+    help=r"OpenAPI: Override a specific cookie parameter by specifying 'parameter=value'",
+    multiple=True,
+    type=str,
+    callback=callbacks.validate_set_cookie,
+)
+@grouped_option(
+    "--set-path",
+    "set_path",
+    help=r"OpenAPI: Override a specific path parameter by specifying 'parameter=value'",
+    multiple=True,
+    type=str,
+    callback=callbacks.validate_set_path,
+)
+@group("Hypothesis engine options")
+@grouped_option(
     "--hypothesis-database",
-    help="Configures storage for examples discovered by Hypothesis. "
+    help="Storage for examples discovered by Hypothesis. "
     f"Use 'none' to disable, '{HYPOTHESIS_IN_MEMORY_DATABASE_IDENTIFIER}' for temporary storage, "
-    f"or specify a file path for persistent storage.",
+    f"or specify a file path for persistent storage",
     type=str,
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
     callback=callbacks.validate_hypothesis_database,
 )
-@click.option(
+@grouped_option(
     "--hypothesis-deadline",
-    help="Sets a time limit for each test case generated by Hypothesis, in milliseconds. "
-    "Exceeding this limit will cause the test to fail.",
-    # max value to avoid overflow. It is the maximum amount of days in milliseconds
-    type=OptionalInt(1, 999999999 * 24 * 3600 * 1000),
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
+    help="Time limit for each test case generated by Hypothesis, in milliseconds. "
+    "Exceeding this limit will cause the test to fail",
+    type=OptionalInt(1, 5 * 60 * 1000),
 )
-@click.option(
+@grouped_option(
     "--hypothesis-derandomize",
-    help="Enables deterministic mode in Hypothesis, which eliminates random variation between test runs.",
+    help="Enables deterministic mode in Hypothesis, which eliminates random variation between tests",
     is_flag=True,
     is_eager=True,
     default=None,
     show_default=True,
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
 )
-@click.option(
+@grouped_option(
     "--hypothesis-max-examples",
-    help="Sets the cap on the number of examples generated by Hypothesis for each API method/path pair.",
+    help="The cap on the number of examples generated by Hypothesis for each API operation",
     type=click.IntRange(1),
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
 )
-@click.option(
+@grouped_option(
     "--hypothesis-phases",
-    help="Specifies which testing phases to execute.",
+    help="Testing phases to execute",
     type=CsvEnumChoice(Phase),
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
+    metavar="",
 )
-@click.option(
+@grouped_option(
     "--hypothesis-no-phases",
-    help="Specifies which testing phases to exclude from execution.",
+    help="Testing phases to exclude from execution",
     type=CsvEnumChoice(Phase),
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
+    metavar="",
 )
-@click.option(
+@grouped_option(
     "--hypothesis-report-multiple-bugs",
-    help="If set, only the most easily reproducible exception will be reported when multiple issues are found.",
+    help="Report only the most easily reproducible error when multiple issues are found",
     type=bool,
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
 )
-@click.option(
+@grouped_option(
     "--hypothesis-seed",
-    help="Sets a seed value for Hypothesis, ensuring reproducibility across test runs.",
+    help="Seed value for Hypothesis, ensuring reproducibility across test runs",
     type=int,
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
 )
-@click.option(
+@grouped_option(
     "--hypothesis-suppress-health-check",
-    help="Disables specified health checks from Hypothesis like 'data_too_large', 'filter_too_much', etc. "
-    "Provide a comma-separated list",
+    help="A comma-separated list of Hypothesis health checks to disable",
     type=CsvEnumChoice(HealthCheck),
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
+    metavar="",
 )
-@click.option(
+@grouped_option(
     "--hypothesis-verbosity",
-    help="Controls the verbosity level of Hypothesis output.",
+    help="Verbosity level of Hypothesis output",
     type=click.Choice([item.name for item in Verbosity]),
     callback=callbacks.convert_verbosity,
-    cls=GroupedOption,
-    group=ParameterGroup.hypothesis,
-)
-@click.option("--no-color", help="Disable ANSI color escape codes.", type=bool, is_flag=True)
-@click.option("--force-color", help="Explicitly tells to enable ANSI color escape codes.", type=bool, is_flag=True)
-@click.option(
-    "--experimental",
-    help="Enable experimental support for specific features.",
-    type=click.Choice([experimental.OPEN_API_3_1.name]),
-    callback=callbacks.convert_experimental,
-    multiple=True,
-)
-@click.option(
-    "--generation-allow-x00",
-    help="Determines whether to allow the generation of `\x00` bytes within strings.",
-    type=str,
-    default="true",
-    show_default=True,
-    callback=callbacks.convert_boolean_string,
+    metavar="",
 )
-@click.option(
-    "--generation-codec",
-    help="Specifies the codec used for generating strings.",
-    type=str,
-    default="utf-8",
-    callback=callbacks.validate_generation_codec,
+@group("Schemathesis.io options")
+@grouped_option(
+    "--report",
+    "report_value",
+    help="""Specify how the generated report should be handled.
+If used without an argument, the report data will automatically be uploaded to Schemathesis.io.
+If a file name is provided, the report will be stored in that file.
+The report data, consisting of a tar gz file with multiple JSON files, is subject to change""",
+    is_flag=False,
+    flag_value="",
+    envvar=service.REPORT_ENV_VAR,
+    callback=callbacks.convert_report,  # type: ignore
 )
-@click.option(
+@grouped_option(
     "--schemathesis-io-token",
-    help="Schemathesis.io authentication token.",
+    help="Schemathesis.io authentication token",
     type=str,
     envvar=service.TOKEN_ENV_VAR,
 )
-@click.option(
+@grouped_option(
     "--schemathesis-io-url",
-    help="Schemathesis.io base URL.",
+    help="Schemathesis.io base URL",
     default=service.DEFAULT_URL,
     type=str,
     envvar=service.URL_ENV_VAR,
 )
-@click.option(
+@grouped_option(
     "--schemathesis-io-telemetry",
-    help="Controls whether you send anonymized CLI usage data to Schemathesis.io along with your report.",
+    help="Whether to send anonymized usage data to Schemathesis.io along with your report",
     type=str,
     default="true",
     show_default=True,
@@ -725,7 +856,10 @@ The report data, consisting of a tar gz file with multiple JSON files, is subjec
     envvar=service.TELEMETRY_ENV_VAR,
 )
 @with_hosts_file
-@click.option("--verbosity", "-v", help="Increase verbosity of the output.", count=True)
+@group("Global options")
+@grouped_option("--verbosity", "-v", help="Increase verbosity of the output", count=True)
+@grouped_option("--no-color", help="Disable ANSI color escape codes", type=bool, is_flag=True)
+@grouped_option("--force-color", help="Explicitly tells to enable ANSI color escape codes", type=bool, is_flag=True)
 @click.pass_context
 def run(
     ctx: click.Context,
@@ -738,7 +872,11 @@ def run(
     set_header: dict[str, str],
     set_cookie: dict[str, str],
     set_path: dict[str, str],
-    experimental: list,
+    experiments: list,
+    no_failfast: bool,
+    missing_required_header_allowed_statuses: list[str],
+    positive_data_acceptance_allowed_statuses: list[str],
+    negative_data_rejection_allowed_statuses: list[str],
     checks: Iterable[str] = DEFAULT_CHECKS_NAMES,
     exclude_checks: Iterable[str] = (),
     data_generation_methods: tuple[DataGenerationMethod, ...] = DEFAULT_DATA_GENERATION_METHODS,
@@ -747,10 +885,33 @@ def run(
     exit_first: bool = False,
     max_failures: int | None = None,
     dry_run: bool = False,
-    endpoints: Filter | None = None,
-    methods: Filter | None = None,
-    tags: Filter | None = None,
-    operation_ids: Filter | None = None,
+    include_path: Sequence[str] = (),
+    include_path_regex: str | None = None,
+    include_method: Sequence[str] = (),
+    include_method_regex: str | None = None,
+    include_name: Sequence[str] = (),
+    include_name_regex: str | None = None,
+    include_tag: Sequence[str] = (),
+    include_tag_regex: str | None = None,
+    include_operation_id: Sequence[str] = (),
+    include_operation_id_regex: str | None = None,
+    exclude_path: Sequence[str] = (),
+    exclude_path_regex: str | None = None,
+    exclude_method: Sequence[str] = (),
+    exclude_method_regex: str | None = None,
+    exclude_name: Sequence[str] = (),
+    exclude_name_regex: str | None = None,
+    exclude_tag: Sequence[str] = (),
+    exclude_tag_regex: str | None = None,
+    exclude_operation_id: Sequence[str] = (),
+    exclude_operation_id_regex: str | None = None,
+    include_by: str | None = None,
+    exclude_by: str | None = None,
+    exclude_deprecated: bool = False,
+    endpoints: tuple[str, ...] = (),
+    methods: tuple[str, ...] = (),
+    tags: tuple[str, ...] = (),
+    operation_ids: tuple[str, ...] = (),
     workers_num: int = DEFAULT_WORKERS,
     base_url: str | None = None,
     app: str | None = None,
@@ -767,6 +928,7 @@ def run(
     show_trace: bool = False,
     code_sample_style: CodeSampleStyle = CodeSampleStyle.default(),
     cassette_path: click.utils.LazyFile | None = None,
+    cassette_format: cassettes.CassetteFormat = cassettes.CassetteFormat.VCR,
     cassette_preserve_exact_body_bytes: bool = False,
     store_network_log: click.utils.LazyFile | None = None,
     wait_for_schema: float | None = None,
@@ -776,6 +938,7 @@ def run(
     stateful_recursion_limit: int = DEFAULT_STATEFUL_RECURSION_LIMIT,
     force_schema_version: str | None = None,
     sanitize_output: bool = True,
+    output_truncate: bool = True,
     contrib_unique_data: bool = False,
     contrib_openapi_formats_uuid: bool = False,
     contrib_openapi_fill_missing_examples: bool = False,
@@ -793,18 +956,21 @@ def run(
     no_color: bool = False,
     report_value: str | None = None,
     generation_allow_x00: bool = True,
+    generation_graphql_allow_null: bool = True,
+    generation_with_security_parameters: bool = True,
     generation_codec: str = "utf-8",
     schemathesis_io_token: str | None = None,
     schemathesis_io_url: str = service.DEFAULT_URL,
     schemathesis_io_telemetry: bool = True,
     hosts_file: PathLike = service.DEFAULT_HOSTS_PATH,
     force_color: bool = False,
+    **__kwargs,
 ) -> None:
     """Run tests against an API using a specified SCHEMA.
 
-    [Required] SCHEMA: Path to an OpenAPI (`.json`, `.yml`) or GraphQL SDL file, or a URL pointing to such specifications.
+    [Required] SCHEMA: Path to an OpenAPI (`.json`, `.yml`) or GraphQL SDL file, or a URL pointing to such specifications
 
-    [Optional] API_NAME: Identifier for uploading test data to Schemathesis.io.
+    [Optional] API_NAME: Identifier for uploading test data to Schemathesis.io
     """
     _hypothesis_phases: list[hypothesis.Phase] | None = None
     if hypothesis_phases is not None:
@@ -816,23 +982,25 @@ def run(
     _hypothesis_suppress_health_check: list[hypothesis.HealthCheck] | None = None
     if hypothesis_suppress_health_check is not None:
         _hypothesis_suppress_health_check = [
-            health_check.as_hypothesis() for health_check in hypothesis_suppress_health_check
+            entry for health_check in hypothesis_suppress_health_check for entry in health_check.as_hypothesis()
         ]
 
-    if contrib_unique_data:
-        click.secho(DEPRECATED_CONTRIB_UNIQUE_DATA_OPTION_WARNING, fg="yellow")
-
     if show_errors_tracebacks:
         click.secho(DEPRECATED_SHOW_ERROR_TRACEBACKS_OPTION_WARNING, fg="yellow")
         show_trace = show_errors_tracebacks
 
     # Enable selected experiments
-    for experiment in experimental:
+    for experiment in experiments:
         experiment.enable()
 
     override = CaseOverride(query=set_query, headers=set_header, cookies=set_cookie, path_parameters=set_path)
 
-    generation_config = generation.GenerationConfig(allow_x00=generation_allow_x00, codec=generation_codec)
+    generation_config = generation.GenerationConfig(
+        allow_x00=generation_allow_x00,
+        graphql_allow_null=generation_graphql_allow_null,
+        codec=generation_codec,
+        with_security_parameters=generation_with_security_parameters,
+    )
 
     report: ReportToService | click.utils.LazyFile | None
     if report_value is None:
@@ -856,6 +1024,109 @@ def run(
         click.secho(DEPRECATED_CASSETTE_PATH_OPTION_WARNING, fg="yellow")
         cassette_path = store_network_log
 
+    output_config = OutputConfig(truncate=output_truncate)
+
+    deprecated_filters = {
+        "--method": "--include-method",
+        "--endpoint": "--include-path",
+        "--tag": "--include-tag",
+        "--operation-id": "--include-operation-id",
+    }
+    for values, arg_name in (
+        (include_path, "--include-path"),
+        (include_method, "--include-method"),
+        (include_name, "--include-name"),
+        (include_tag, "--include-tag"),
+        (include_operation_id, "--include-operation-id"),
+        (exclude_path, "--exclude-path"),
+        (exclude_method, "--exclude-method"),
+        (exclude_name, "--exclude-name"),
+        (exclude_tag, "--exclude-tag"),
+        (exclude_operation_id, "--exclude-operation-id"),
+        (methods, "--method"),
+        (endpoints, "--endpoint"),
+        (tags, "--tag"),
+        (operation_ids, "--operation-id"),
+    ):
+        if values and arg_name in deprecated_filters:
+            replacement = deprecated_filters[arg_name]
+            click.secho(
+                f"Warning: Option `{arg_name}` is deprecated and will be removed in Schemathesis 4.0. "
+                f"Use `{replacement}` instead",
+                fg="yellow",
+            )
+        _ensure_unique_filter(values, arg_name)
+    include_by_function = _filter_by_expression_to_func(include_by, "--include-by")
+    exclude_by_function = _filter_by_expression_to_func(exclude_by, "--exclude-by")
+
+    filter_set = FilterSet()
+    if include_by_function:
+        filter_set.include(include_by_function)
+    for name_ in include_name:
+        filter_set.include(name=name_)
+    for method in include_method:
+        filter_set.include(method=method)
+    if methods:
+        for method in methods:
+            filter_set.include(method_regex=method)
+    for path in include_path:
+        filter_set.include(path=path)
+    if endpoints:
+        for endpoint in endpoints:
+            filter_set.include(path_regex=endpoint)
+    for tag in include_tag:
+        filter_set.include(tag=tag)
+    if tags:
+        for tag in tags:
+            filter_set.include(tag_regex=tag)
+    for operation_id in include_operation_id:
+        filter_set.include(operation_id=operation_id)
+    if operation_ids:
+        for operation_id in operation_ids:
+            filter_set.include(operation_id_regex=operation_id)
+    if (
+        include_name_regex
+        or include_method_regex
+        or include_path_regex
+        or include_tag_regex
+        or include_operation_id_regex
+    ):
+        filter_set.include(
+            name_regex=include_name_regex,
+            method_regex=include_method_regex,
+            path_regex=include_path_regex,
+            tag_regex=include_tag_regex,
+            operation_id_regex=include_operation_id_regex,
+        )
+    if exclude_by_function:
+        filter_set.exclude(exclude_by_function)
+    for name_ in exclude_name:
+        filter_set.exclude(name=name_)
+    for method in exclude_method:
+        filter_set.exclude(method=method)
+    for path in exclude_path:
+        filter_set.exclude(path=path)
+    for tag in exclude_tag:
+        filter_set.exclude(tag=tag)
+    for operation_id in exclude_operation_id:
+        filter_set.exclude(operation_id=operation_id)
+    if (
+        exclude_name_regex
+        or exclude_method_regex
+        or exclude_path_regex
+        or exclude_tag_regex
+        or exclude_operation_id_regex
+    ):
+        filter_set.exclude(
+            name_regex=exclude_name_regex,
+            method_regex=exclude_method_regex,
+            path_regex=exclude_path_regex,
+            tag_regex=exclude_tag_regex,
+            operation_id_regex=exclude_operation_id_regex,
+        )
+    if exclude_deprecated or skip_deprecated_operations:
+        filter_set.exclude(is_deprecated)
+
     schemathesis_io_hostname = urlparse(schemathesis_io_url).netloc
     token = schemathesis_io_token or service.hosts.get_token(hostname=schemathesis_io_hostname, hosts_file=hosts_file)
     schema_kind = callbacks.parse_schema_kind(schema, app)
@@ -902,6 +1173,10 @@ def run(
         from ..service.client import ServiceClient
 
         # Upload without connecting data to a certain API
+        client = ServiceClient(base_url=schemathesis_io_url, token=token)
+    if experimental.SCHEMA_ANALYSIS.is_enabled and not client:
+        from ..service.client import ServiceClient
+
         client = ServiceClient(base_url=schemathesis_io_url, token=token)
     host_data = service.hosts.HostData(schemathesis_io_hostname, hosts_file)
 
@@ -910,6 +1185,25 @@ def run(
     else:
         selected_checks = tuple(check for check in checks_module.ALL_CHECKS if check.__name__ in checks)
 
+    checks_config = CheckConfig()
+    if experimental.POSITIVE_DATA_ACCEPTANCE.is_enabled:
+        from ..specs.openapi.checks import positive_data_acceptance
+
+        selected_checks += (positive_data_acceptance,)
+        if positive_data_acceptance_allowed_statuses:
+            checks_config.positive_data_acceptance.allowed_statuses = positive_data_acceptance_allowed_statuses
+    if missing_required_header_allowed_statuses:
+        from ..specs.openapi.checks import missing_required_header
+
+        selected_checks += (missing_required_header,)
+        checks_config.missing_required_header.allowed_statuses = missing_required_header_allowed_statuses
+    if negative_data_rejection_allowed_statuses:
+        checks_config.negative_data_rejection.allowed_statuses = negative_data_rejection_allowed_statuses
+    if experimental.COVERAGE_PHASE.is_enabled:
+        from ..specs.openapi.checks import unsupported_method
+
+        selected_checks += (unsupported_method,)
+
     selected_checks = tuple(check for check in selected_checks if check.__name__ not in exclude_checks)
 
     if fixups:
@@ -918,8 +1212,6 @@ def run(
         else:
             _fixups.install(fixups)
 
-    if contrib_unique_data:
-        contrib.unique_data.install()
     if contrib_openapi_formats_uuid:
         contrib.openapi.formats.uuid.install()
     if contrib_openapi_fill_missing_examples:
@@ -941,7 +1233,6 @@ def run(
         base_url=base_url,
         started_at=started_at,
         validate_schema=validate_schema,
-        skip_deprecated_operations=skip_deprecated_operations,
         data_generation_methods=data_generation_methods,
         force_schema_version=force_schema_version,
         request_tls_verify=request_tls_verify,
@@ -952,14 +1243,12 @@ def run(
         auth_type=auth_type,
         override=override,
         headers=headers,
-        endpoint=endpoints or None,
-        method=methods or None,
-        tag=tags or None,
-        operation_id=operation_ids or None,
         request_timeout=request_timeout,
         seed=hypothesis_seed,
         exit_first=exit_first,
+        no_failfast=no_failfast,
         max_failures=max_failures,
+        unique_data=contrib_unique_data,
         dry_run=dry_run,
         store_interactions=cassette_path is not None,
         checks=selected_checks,
@@ -971,9 +1260,14 @@ def run(
         stateful_recursion_limit=stateful_recursion_limit,
         hypothesis_settings=hypothesis_settings,
         generation_config=generation_config,
+        checks_config=checks_config,
+        output_config=output_config,
+        service_client=client,
+        filter_set=filter_set,
     )
     execute(
         event_stream,
+        ctx=ctx,
         hypothesis_settings=hypothesis_settings,
         workers_num=workers_num,
         rate_limit=rate_limit,
@@ -981,6 +1275,7 @@ def run(
         wait_for_schema=wait_for_schema,
         validate_schema=validate_schema,
         cassette_path=cassette_path,
+        cassette_format=cassette_format,
         cassette_preserve_exact_body_bytes=cassette_preserve_exact_body_bytes,
         junit_xml=junit_xml,
         verbosity=verbosity,
@@ -996,9 +1291,25 @@ def run(
         location=schema,
         base_url=base_url,
         started_at=started_at,
+        output_config=output_config,
     )
 
 
+def _ensure_unique_filter(values: Sequence[str], arg_name: str) -> None:
+    if len(values) != len(set(values)):
+        duplicates = ",".join(sorted({value for value in values if values.count(value) > 1}))
+        raise click.UsageError(f"Duplicate values are not allowed for `{arg_name}`: {duplicates}")
+
+
+def _filter_by_expression_to_func(value: str | None, arg_name: str) -> Callable | None:
+    if value:
+        try:
+            return expression_to_filter_function(value)
+        except ValueError:
+            raise click.UsageError(f"Invalid expression for {arg_name}: {value}") from None
+    return None
+
+
 def prepare_request_cert(cert: str | None, key: str | None) -> RequestCert | None:
     if cert is not None and key is not None:
         return cert, key
@@ -1016,7 +1327,6 @@ class LoaderConfig:
     app: Any
     base_url: str | None
     validate_schema: bool
-    skip_deprecated_operations: bool
     data_generation_methods: tuple[DataGenerationMethod, ...]
     force_schema_version: str | None
     request_tls_verify: bool | str
@@ -1024,15 +1334,12 @@ class LoaderConfig:
     request_cert: RequestCert | None
     wait_for_schema: float | None
     rate_limit: str | None
+    output_config: OutputConfig
+    generation_config: generation.GenerationConfig
     # Network request parameters
     auth: tuple[str, str] | None
     auth_type: str | None
     headers: dict[str, str] | None
-    # Schema filters
-    endpoint: Filter | None
-    method: Filter | None
-    tag: Filter | None
-    operation_id: Filter | None
 
 
 def into_event_stream(
@@ -1042,7 +1349,6 @@ def into_event_stream(
     base_url: str | None,
     started_at: str,
     validate_schema: bool,
-    skip_deprecated_operations: bool,
     data_generation_methods: tuple[DataGenerationMethod, ...],
     force_schema_version: str | None,
     request_tls_verify: bool | str,
@@ -1055,26 +1361,27 @@ def into_event_stream(
     headers: dict[str, str] | None,
     request_timeout: int | None,
     wait_for_schema: float | None,
-    # Schema filters
-    endpoint: Filter | None,
-    method: Filter | None,
-    tag: Filter | None,
-    operation_id: Filter | None,
+    filter_set: FilterSet,
     # Runtime behavior
     checks: Iterable[CheckFunction],
+    checks_config: CheckConfig,
     max_response_time: int | None,
     targets: Iterable[Target],
     workers_num: int,
     hypothesis_settings: hypothesis.settings | None,
     generation_config: generation.GenerationConfig,
+    output_config: OutputConfig,
     seed: int | None,
     exit_first: bool,
+    no_failfast: bool,
     max_failures: int | None,
     rate_limit: str | None,
+    unique_data: bool,
     dry_run: bool,
     store_interactions: bool,
     stateful: Stateful | None,
     stateful_recursion_limit: int,
+    service_client: ServiceClient | None,
 ) -> Generator[events.ExecutionEvent, None, None]:
     try:
         if app is not None:
@@ -1084,7 +1391,6 @@ def into_event_stream(
             app=app,
             base_url=base_url,
             validate_schema=validate_schema,
-            skip_deprecated_operations=skip_deprecated_operations,
             data_generation_methods=data_generation_methods,
             force_schema_version=force_schema_version,
             request_proxy=request_proxy,
@@ -1095,15 +1401,13 @@ def into_event_stream(
             auth=auth,
             auth_type=auth_type,
             headers=headers,
-            endpoint=endpoint or None,
-            method=method or None,
-            tag=tag or None,
-            operation_id=operation_id or None,
+            output_config=output_config,
+            generation_config=generation_config,
         )
-        loaded_schema = load_schema(config)
-        run_probes(loaded_schema, config)
+        schema = load_schema(config)
+        schema.filter_set = filter_set
         yield from runner.from_schema(
-            loaded_schema,
+            schema,
             auth=auth,
             auth_type=auth_type,
             override=override,
@@ -1114,11 +1418,14 @@ def into_event_stream(
             request_cert=request_cert,
             seed=seed,
             exit_first=exit_first,
+            no_failfast=no_failfast,
             max_failures=max_failures,
             started_at=started_at,
+            unique_data=unique_data,
             dry_run=dry_run,
             store_interactions=store_interactions,
             checks=checks,
+            checks_config=checks_config,
             max_response_time=max_response_time,
             targets=targets,
             workers_num=workers_num,
@@ -1126,6 +1433,19 @@ def into_event_stream(
             stateful_recursion_limit=stateful_recursion_limit,
             hypothesis_settings=hypothesis_settings,
             generation_config=generation_config,
+            probe_config=probes.ProbeConfig(
+                base_url=config.base_url,
+                request=RequestConfig(
+                    timeout=request_timeout,
+                    tls_verify=config.request_tls_verify,
+                    proxy=config.request_proxy,
+                    cert=config.request_cert,
+                ),
+                auth=config.auth,
+                auth_type=config.auth_type,
+                headers=config.headers,
+            ),
+            service_client=service_client,
         ).execute()
     except SchemaError as error:
         yield events.InternalError.from_schema_error(error)
@@ -1133,19 +1453,6 @@ def into_event_stream(
         yield events.InternalError.from_exc(exc)
 
 
-def run_probes(schema: BaseSchema, config: LoaderConfig) -> None:
-    """Discover capabilities of the tested app."""
-    probe_results = probes.run(schema, config)
-    for result in probe_results:
-        if isinstance(result.probe, probes.NullByteInHeader) and result.is_failure:
-            from ..specs.openapi._hypothesis import HEADER_FORMAT, header_values
-
-            formats.register(
-                HEADER_FORMAT,
-                header_values(blacklist_characters="\n\r\x00").map(str.lstrip),
-            )
-
-
 def load_schema(config: LoaderConfig) -> BaseSchema:
     """Automatically load API schema."""
     first: Callable[[LoaderConfig], BaseSchema]
@@ -1239,15 +1546,12 @@ def get_loader_kwargs(loader: Callable, config: LoaderConfig) -> dict[str, Any]:
     kwargs = {
         "app": config.app,
         "base_url": config.base_url,
-        "method": config.method,
-        "endpoint": config.endpoint,
-        "tag": config.tag,
-        "operation_id": config.operation_id,
-        "skip_deprecated_operations": config.skip_deprecated_operations,
         "validate_schema": config.validate_schema,
         "force_schema_version": config.force_schema_version,
         "data_generation_methods": config.data_generation_methods,
         "rate_limit": config.rate_limit,
+        "output_config": config.output_config,
+        "generation_config": config.generation_config,
     }
     if loader not in (oas_loaders.from_path, oas_loaders.from_dict):
         kwargs["headers"] = config.headers
@@ -1353,6 +1657,7 @@ class OutputStyle(Enum):
 def execute(
     event_stream: Generator[events.ExecutionEvent, None, None],
     *,
+    ctx: click.Context,
     hypothesis_settings: hypothesis.settings,
     workers_num: int,
     rate_limit: str | None,
@@ -1360,6 +1665,7 @@ def execute(
     wait_for_schema: float | None,
     validate_schema: bool,
     cassette_path: click.utils.LazyFile | None,
+    cassette_format: cassettes.CassetteFormat,
     cassette_preserve_exact_body_bytes: bool,
     junit_xml: click.utils.LazyFile | None,
     verbosity: int,
@@ -1375,6 +1681,7 @@ def execute(
     location: str,
     base_url: str | None,
     started_at: str,
+    output_config: OutputConfig,
 ) -> None:
     """Execute a prepared runner by drawing events from it and passing to a proper handler."""
     handlers: list[EventHandler] = []
@@ -1421,8 +1728,12 @@ def execute(
         # This handler should be first to have logs writing completed when the output handler will display statistic
         _open_file(cassette_path)
         handlers.append(
-            cassettes.CassetteWriter(cassette_path, preserve_exact_body_bytes=cassette_preserve_exact_body_bytes)
+            cassettes.CassetteWriter(
+                cassette_path, format=cassette_format, preserve_exact_body_bytes=cassette_preserve_exact_body_bytes
+            )
         )
+    for custom_handler in CUSTOM_HANDLERS:
+        handlers.append(custom_handler(*ctx.args, **ctx.params))
     handlers.append(get_output_handler(workers_num))
     if sanitize_output:
         handlers.insert(0, SanitizationHandler())
@@ -1438,6 +1749,7 @@ def execute(
         verbosity=verbosity,
         code_sample_style=code_sample_style,
         report=report_context,
+        output_config=output_config,
     )
 
     def shutdown() -> None:
@@ -1551,13 +1863,13 @@ def get_exit_code(event: events.ExecutionEvent) -> int:
 
 @schemathesis.command(short_help="Replay requests from a saved cassette.")
 @click.argument("cassette_path", type=click.Path(exists=True))
-@click.option("--id", "id_", help="ID of interaction to replay.", type=str)
-@click.option("--status", help="Status of interactions to replay.", type=str)
-@click.option("--uri", help="A regexp that filters interactions by their request URI.", type=str)
-@click.option("--method", help="A regexp that filters interactions by their request method.", type=str)
-@click.option("--no-color", help="Disable ANSI color escape codes.", type=bool, is_flag=True)
-@click.option("--force-color", help="Explicitly tells to enable ANSI color escape codes.", type=bool, is_flag=True)
-@click.option("--verbosity", "-v", help="Increase verbosity of the output.", count=True)
+@click.option("--id", "id_", help="ID of interaction to replay", type=str)
+@click.option("--status", help="Status of interactions to replay", type=str)
+@click.option("--uri", help="A regexp that filters interactions by their request URI", type=str)
+@click.option("--method", help="A regexp that filters interactions by their request method", type=str)
+@click.option("--no-color", help="Disable ANSI color escape codes", type=bool, is_flag=True)
+@click.option("--force-color", help="Explicitly tells to enable ANSI color escape codes", type=bool, is_flag=True)
+@click.option("--verbosity", "-v", help="Increase verbosity of the output", count=True)
 @with_request_tls_verify
 @with_request_proxy
 @with_request_cert
@@ -1625,13 +1937,13 @@ def replay(
 @click.argument("report", type=click.File(mode="rb"))
 @click.option(
     "--schemathesis-io-token",
-    help="Schemathesis.io authentication token.",
+    help="Schemathesis.io authentication token",
     type=str,
     envvar=service.TOKEN_ENV_VAR,
 )
 @click.option(
     "--schemathesis-io-url",
-    help="Schemathesis.io base URL.",
+    help="Schemathesis.io base URL",
     default=service.DEFAULT_URL,
     type=str,
     envvar=service.URL_ENV_VAR,
@@ -1753,6 +2065,39 @@ def decide_color_output(ctx: click.Context, no_color: bool, force_color: bool) -
         ctx.color = False
 
 
+def add_option(*args: Any, cls: type = click.Option, **kwargs: Any) -> None:
+    """Add a new CLI option to `st run`."""
+    run.params.append(cls(args, **kwargs))
+
+
+@dataclass
+class Group:
+    name: str
+
+    def add_option(self, *args: Any, **kwargs: Any) -> None:
+        kwargs["cls"] = GroupedOption
+        kwargs["group"] = self.name
+        add_option(*args, **kwargs)
+
+
+def add_group(name: str, *, index: int | None = None) -> Group:
+    """Add a custom options group to `st run`."""
+    if index is not None:
+        GROUPS.insert(index, name)
+    else:
+        GROUPS.append(name)
+    return Group(name)
+
+
+def handler() -> Callable[[type], None]:
+    """Register a new CLI event handler."""
+
+    def _wrapper(cls: type) -> None:
+        CUSTOM_HANDLERS.append(cls)
+
+    return _wrapper
+
+
 @HookDispatcher.register_spec([HookScope.GLOBAL])
 def after_init_cli_run_handlers(
     context: HookContext, handlers: list[EventHandler], execution_context: ExecutionContext
@@ -1767,6 +2112,6 @@ def after_init_cli_run_handlers(
 def process_call_kwargs(context: HookContext, case: Case, kwargs: dict[str, Any]) -> None:
     """Called before every network call in CLI tests.
 
-    Aims to modify the argument passed to `case.call` / `case.call_wsgi` / `case.call_asgi`.
+    Aims to modify the argument passed to `case.call`.
     Note that you need to modify `kwargs` in-place.
     """