Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci(slither): add config file #22

Closed
wants to merge 32 commits into from
Closed

ci(slither): add config file #22

wants to merge 32 commits into from

Conversation

re1ro
Copy link

@re1ro re1ro commented Sep 21, 2023
edited
Loading

Resolves #21

  • Slither: adding default config file instead of hardcoding params in the github action
  • Slither: pinning node 18 that comes with ubuntu so it's not downloading the latest

mds1 and others added 30 commits October 3, 2022 17:18
@mds1
chore: forge init
4397209
@mds1
forge install: forge-std
13b659d
@mds1
style: update foundry config
fd9586b
@mds1
style: forge fmt + named imports
bfc7515
@mds1
ci: add ci
16796cd
@mds1
doc: add README template
57204a4
@mds1
ci: add slither (ScopeLift#1)
2815114 
* ci: add slither

* ci: slither code scanning integration

* ci: change configs

* build: bump pragma

* build: change pragmas
@mds1
fmt (ScopeLift#2)
a89d6db 
* docs: add WIP note

* ci: add scopelint to ci

* fix: add foundry install step to CI

* style: move fmt before slither so both slither tasks are adjacent in PRs

* wrong solidity formatting to test ci fmt job

* fix solidity and break toml formatting to test fmt ci job

* restore formatting
@mds1
chore: exclude slither detector and fix test names (ScopeLift#3)
a11fbc9 
* one test should error

* chore: fix naming convention + exclude that slither check
@mds1
docs: update README
600bc5d
@mds1
ci: tweak step name
7b75a5b
@mds1
docs: update README
40c296a
@mds1
style: update fmt config
3e51965
@mds1
ci: exclude test dir from slither
c69750a
@mds1
slither CI behavior improvement (ScopeLift#4)
750aac6 
* add unused function to fail slither and update ci

* dummy commit

* add comment

* updates
@mds1
chore: simplify fmt section name (won't use profiles there anyway)
215ed68
@mds1
style: reformat toml with inline table and less comments (ScopeLift#5)
a496551
@mds1
Docs and cleanup (ScopeLift#6)
2b6307b 
* chore: put ci profile first since it inherits default solc, fix typo

* docs: update README

* build: update forge-std

* ci: download scopelint binary

* ci: fix repo

* ci: try different binary

* docs: update README
@mds1
ci/refactor: check coverage and update script/test format (ScopeLift#8)
30de4a7 
* ci: remove 'install deps' step, foundry does this automatically

* ci: initial coverage check

* chore: install deps for coverage (not yet auto installed)

* ci: install lcov

* ci: forgot to generate lcov

* ci: comment out the lcov directory filter

* ci: filter out test and script dirs by default

* refactor: use deploy script to scaffold tests, follow best practice test structure + naming conventions

* docs: update docs

* docs: add info on coverage

* ci: forge coverage now installs missing deps

* ci: log scopelint version

* ci: remove outdated rust toolchain install

* chore: comment out broadcast call in sample script for now

* chore: add lcov.info to gitignore

* ci: preserve coverage branch info

* docs: update best practices link and coverage section

* ci: also print coverage summary in CI (though it won't be filtered)

* doc: add comments
@mds1
ci: rename fmt to lint, bump github-actions-report-lcov version
070e804
@mds1
build: bump forge-std version
1a7d2db
@mds1
ci: improve coverage report (ScopeLift#9)
8350858 
* ci: add second coverage tool

* try another

* maybe remove versioning fixes other tool

* fixes

* test comment deletion

* test title

* remove title

* test

* always run

* restore normal counter file

* cleanup ci file
@mds1
fix: ci steps (ScopeLift#10)
c4cdc75
@mds1
doc: update README
34958eb
@PaulRBerg
ci: remove "version:" in foundry-toolchain invocation (ScopeLift#11)
21a229c 
docs: update note about caching
@PaulRBerg
docs: add link to Slither documentation (ScopeLift#12)
f7591b2
@scorpion9979
ci: fix issues in "slither-analyze" job in ci.yml (ScopeLift#14)
71bf524 
* ci: fix bug in "slither-analyze" job in ci.yml

* ci: change the target from "contracts/" to "src/"

* ci: add "security-events" write permission to "slither-analyze" job in ci.yml

* ci: remove redundant "filter-paths" arg from "slither-analyze" job
@mds1
fix: bump slither-action, can't target src/ in forge projects (ScopeL…
d0ec3e9 
…ift#16)
@mds1
chore: explicitly specify slither permissions (ScopeLift#18)
6b6b405
@shawnharmsen @mds1
chore: add IDE folders to .gitignore (ScopeLift#19)
4bc8e8b 
* ide gitignore

* style: capitalization

---------

Co-authored-by: Matt Solomon <[email protected]>
mds1 and others added 2 commits July 7, 2023 09:22
@mds1
chore: small improvements (ScopeLift#20)
fd3875d 
* chore: disable slither reentrancy detector in scripts

* build: pin to 0.8.20

* chore: absolute imports

* ci: ignore solc-version check

this check is subjective, and I don't think project should necessarily
follow the version recommendations from slither (partly because historically
the versions suggested by that check were not updated frequently)

* build: explicitly specify evm version to protect against foundry changing the default

* docs: update README
@re1ro
ci(slither): add config file
f62a2a2
mds1
mds1 reviewed Sep 21, 2023
View reviewed changes
slither.config.json
@@ -0,0 +1,4 @@
{
"detectors_to_exclude": "naming-convention,solc-version",
"filter_paths": "(./lib|./test)"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are the parentheses needed here? Since before when passed directly to the CLI it was "./lib|./test" without the parentheses

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From my local testing it seems they are not needed

Suggested change
"filter_paths": "(./lib|./test)"
"filter_paths": "./lib|./test"

@apbendi apbendi closed this Dec 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mds1 mds1 mds1 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add slither.config.json to the template instead of hardcoding config params in the CI.
6 participants
@re1ro @mds1 @apbendi @PaulRBerg @scorpion9979 @shawnharmsen