Initial skeleton for fuzzing infrastructure

[saulecabrera]

This set of commits introduce the initial skeleton for Javy's fuzzing
infrastructure.

This commit focuses on the json-differential target, to check Javy's
SIMD-based, custom JSON.parse and JSON.stringify implementations.

The implementation aims to take full advantage of libfuzzer's coverage
capabilities and that's the reason why it uses the native version of
QuickJS instead of the Wasm version.

Checklist

• I've updated the relevant CHANGELOG files if necessary. Changes to javy-cli and javy-core do not require updating CHANGELOG files.
• I've updated the relevant crate versions if necessary. Versioning policy for library crates
• I've updated documentation including crate documentation if necessary.

[saulecabrera]

This is intentional. Added it outside of the crates directory, given the infrastructure nature of this crate.

[saulecabrera]

Pinning to the most recent nightly version, and the one that I used locally for testing.

[saulecabrera]

Same here.

[saulecabrera]

Decided to drop clippy lints for fuzz targets in 7d94ba8. Originally I wanted to use clippy + nightly to ensure that fuzz targets are linted correctly, but I was not able to figure out a clean way to have clippy only lint the package and not its dependencies. I don't want to spend too much cycles on this, we can revisit if we think that linting the fuzz targets is crucial. See rust-lang/rust-clippy#3837 (comment) for more details.

[jeffcharles]

Just have the one question but it's pretty minor

[jeffcharles]

What was the reason for putting this and the cargo fuzz version in a file instead of using a top-level env for both? I don't see them referenced outside this file.

[saulecabrera]

The reason is very subjective: I feel that's easier to update the version when it's defined at the root rather than having to modify the action itself.