feat(fuzz): add fuzz targets for signature extraction and classify_span_change

- fuzz_signature: parses arbitrary strings as Rust source, extracts signature
- fuzz_classify_span: feeds random diffs with random line ranges to span classifier
- Promote extract_signature and classify_span_change to pub(crate) for fuzz access

Author: Sephyi

fuzz/Cargo.toml

@@ -13,7 +13,7 @@ cargo-fuzz = true
 
 [dependencies]
 libfuzzer-sys = "0.4"
-commitbee = { path = ".." }
+commitbee = { path = "..", features = ["lang-rust"] }
 
 [[bin]]
 name = "fuzz_sanitizer"
@@ -29,3 +29,13 @@ doc = false
 name = "fuzz_diff_parser"
 path = "fuzz_targets/fuzz_diff_parser.rs"
 doc = false
+
+[[bin]]
+name = "fuzz_signature"
+path = "fuzz_targets/fuzz_signature.rs"
+doc = false
+
+[[bin]]
+name = "fuzz_classify_span"
+path = "fuzz_targets/fuzz_classify_span.rs"
+doc = false

fuzz/fuzz_targets/fuzz_classify_span.rs

@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2026 Sephyi <me@sephy.io>
+//
+// SPDX-License-Identifier: PolyForm-Noncommercial-1.0.0
+
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &[u8]| {
+    // classify_diff_span must never panic on any input
+    if data.len() < 16 {
+        return;
+    }
+    // Use first 16 bytes for line range parameters, rest as diff
+    let new_start = u32::from_le_bytes([data[0], data[1], data[2], data[3]]) as usize % 1000;
+    let new_end = u32::from_le_bytes([data[4], data[5], data[6], data[7]]) as usize % 1000;
+    let old_start = u32::from_le_bytes([data[8], data[9], data[10], data[11]]) as usize % 1000;
+    let old_end = u32::from_le_bytes([data[12], data[13], data[14], data[15]]) as usize % 1000;
+    if let Ok(diff) = std::str::from_utf8(&data[16..]) {
+        let _ = commitbee::classify_diff_span(diff, new_start, new_end, old_start, old_end);
+    }
+});

fuzz/fuzz_targets/fuzz_signature.rs

@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2026 Sephyi <me@sephy.io>
+//
+// SPDX-License-Identifier: PolyForm-Noncommercial-1.0.0
+
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+
+fuzz_target!(|data: &str| {
+    // extract_rust_signature must never panic on any input
+    let _ = commitbee::extract_rust_signature(data);
+});

src/lib.rs

@@ -55,3 +55,38 @@ pub fn scan_full_diff_for_secrets(diff: &str) -> Vec<services::safety::SecretMat
 pub fn parse_diff_hunks(diff: &str) -> Vec<services::analyzer::DiffHunk> {
     services::analyzer::DiffHunk::parse_from_diff(diff)
 }
+
+/// Extract signature from Rust source code for fuzz target access.
+///
+/// Parses the source with tree-sitter Rust, finds the first top-level definition,
+/// and extracts its signature. Must never panic on any input.
+#[cfg(feature = "lang-rust")]
+pub fn extract_rust_signature(source: &str) -> Option<String> {
+    use tree_sitter::Parser;
+    let mut parser = Parser::new();
+    if parser
+        .set_language(&tree_sitter_rust::LANGUAGE.into())
+        .is_err()
+    {
+        return None;
+    }
+    let tree = parser.parse(source, None)?;
+    let root = tree.root_node();
+    let first_child = root.child(0)?;
+    services::analyzer::AnalyzerService::extract_signature(first_child, source)
+}
+
+/// Classify whether a diff span contains whitespace-only changes for fuzz target access.
+///
+/// Wrapper around `ContextBuilder::classify_span_change`. Must never panic on any input.
+pub fn classify_diff_span(
+    diff: &str,
+    new_start: usize,
+    new_end: usize,
+    old_start: usize,
+    old_end: usize,
+) -> Option<bool> {
+    services::context::ContextBuilder::classify_span_change(
+        diff, new_start, new_end, old_start, old_end,
+    )
+}

src/services/analyzer.rs

@@ -456,7 +456,7 @@ impl AnalyzerService {
 
     /// Extract the signature from a definition node by taking text before the body.
     /// Two-strategy: child_by_field_name("body") primary, BODY_NODE_KINDS fallback.
-    fn extract_signature(node: tree_sitter::Node, source: &str) -> Option<String> {
+    pub(crate) fn extract_signature(node: tree_sitter::Node, source: &str) -> Option<String> {
         let node_start = node.start_byte();
 
         // Strategy 1: named "body" field (most grammars)

src/services/context.rs

@@ -224,7 +224,7 @@ impl ContextBuilder {
     ///
     /// Returns `None` if no changes in span, `Some(true)` if whitespace-only,
     /// `Some(false)` if semantic changes detected.
-    fn classify_span_change(
+    pub(crate) fn classify_span_change(
         diff: &str,
         new_start: usize,
         new_end: usize,