[VEN-2655] chore: Add Slither and remove yarn checksum update #2733

Workflow file for this run

	name: CI
	on:
	push:
	branches: [main, develop]
	pull_request:
	branches: [main, develop]
	workflow_dispatch:

	jobs:
	lint:
	name: Lint
	runs-on: ubuntu-22.04
	steps:
	- name: Check out code
	uses: actions/checkout@v2

	- name: Setup Node.js environment
	uses: actions/setup-node@v2
	with:
	node-version: 18
	cache: "yarn"

	- name: Install dependencies
	run: yarn

	- name: Check linting of solidity and typescript
	run: yarn lint

	test:
	name: Test
	runs-on: ubuntu-22.04
	env:
	NODE_OPTIONS: --max-old-space-size=4096
	steps:
	- name: Check out code
	uses: actions/checkout@v2

	- name: Setup Node.js environment
	uses: actions/setup-node@v2
	with:
	node-version: 18
	cache: "yarn"

	- name: Install dependencies
	run: yarn

	- name: Run hardhat compile and tests coverage
	run: \|
	source .env.example
	yarn hardhat:compile && yarn hardhat:coverage

	- name: Code Coverage Report
	uses: irongut/[email protected]
	with:
	filename: coverage/**/cobertura-coverage.xml
	badge: true
	fail_below_min: false
	format: markdown
	hide_branch_rate: false
	hide_complexity: true
	indicators: true
	output: both
	thresholds: "50 80"

	- name: Add Coverage PR Comment
	uses: marocchino/sticky-pull-request-comment@v2
	if: github.event_name == 'pull_request'
	with:
	recreate: true
	path: code-coverage-results.md
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	contents: read
	security-events: write
	steps:
	- name: Check out code
	uses: actions/checkout@v2

	- name: Setup Node.js environment
	uses: actions/setup-node@v2
	with:
	node-version: 18
	cache: "yarn"

	- name: Install dependencies
	run: yarn

	- name: Build
	run: yarn build

	- name: Set up Python environment
	run: \|
	python3 -m venv .venv
	source .venv/bin/activate
	pip install slither-analyzer

	- name: Set up Solidity Compiler Version
	run: \|
	source .venv/bin/activate
	solc-select install 0.8.25
	solc-select use 0.8.25

	- name: Debug Environment
	run: \|
	source .venv/bin/activate
	echo "Python Version:"
	python3 --version
	echo "Pip Version:"
	pip --version
	echo "Installed Python Packages:"
	pip list
	echo "Node Version:"
	node -v
	echo "Yarn Version:"
	yarn -v
	echo "Solidity Compiler Version:"
	solc --version

	- name: Summary of static analysis
	run: \|
	source .venv/bin/activate
	slither contracts --print human-summary --solc-remaps "@openzeppelin=node_modules/@openzeppelin @venusprotocol=node_modules/@venusprotocol"
	continue-on-error: true

	- name: High/Med/Low issues
	run: \|
	source .venv/bin/activate
	slither contracts --ignore-compile --solc-remaps "@openzeppelin=node_modules/@openzeppelin @venusprotocol=node_modules/@venusprotocol"
	continue-on-error: true

	slither-analysis:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	security-events: write

	steps:
	- name: 📥 Check out code
	uses: actions/checkout@v4

	- name: 🛠️ Set up Node.js environment
	uses: actions/setup-node@v4
	with:
	node-version: 18
	cache: "yarn"

	- name: 📦 Install dependencies
	run: \|
	cd packages/smart-contracts
	yarn install

	- name: 🏗️ Build project
	run: \|
	cd packages/smart-contracts
	yarn build

	- name: 🐍 Set up Python environment
	run: \|
	python3 -m venv .venv
	source .venv/bin/activate
	pip install slither-analyzer

	- name: Set up Solidity Compiler Version
	run: \|
	source .venv/bin/activate
	solc-select install 0.8.25
	solc-select use 0.8.25

	- name: 🔍 Run Solidity Static Analysis
	run: \|
	source .venv/bin/activate
	chmod +x analyze.sh
	bash analyze.sh

	deploy:
	name: Deploy
	runs-on: ubuntu-22.04
	steps:
	- name: Check out code
	uses: actions/checkout@v2

	- name: Setup Node.js environment
	uses: actions/setup-node@v2
	with:
	node-version: 18
	cache: "yarn"

	- name: Install dependencies
	run: yarn

	- name: Build
	run: yarn build

	- name: Verify deployments work
	run: yarn hardhat deploy

	export-deployments:
	name: Export Deployments
	runs-on: ubuntu-latest
	permissions:
	contents: write
	steps:
	- name: Check out code
	uses: actions/checkout@v2

	- name: Setup Node.js environment
	uses: actions/setup-node@v2
	with:
	node-version: 18
	cache: "yarn"

	- name: Install dependencies
	run: yarn

	- name: Export deployments
	run: \|
	for NETWORK in bsctestnet bscmainnet ethereum sepolia opbnbtestnet opbnbmainnet arbitrumsepolia arbitrumone opsepolia opmainnet basesepolia basemainnet unichainsepolia unichainmainnet; do
	EXPORT=true yarn hardhat export --network ${NETWORK} --export ./deployments/${NETWORK}.json
	jq -M '{name, chainId, addresses: .contracts \| map_values(.address)}' ./deployments/${NETWORK}.json > ./deployments/${NETWORK}_addresses.json
	done
	for NETWORK in zksyncsepolia zksyncmainnet; do
	EXPORT=true yarn hardhat export --network ${NETWORK} --export ./deployments/${NETWORK}.json --config hardhat.config.zksync.ts
	jq -M '{name, chainId, addresses: .contracts \| map_values(.address)}' ./deployments/${NETWORK}.json > ./deployments/${NETWORK}_addresses.json
	done
	yarn prettier

	- uses: stefanzweifel/git-auto-commit-action@v5
	with:
	commit_message: "feat: updating deployment files"
	file_pattern: "deployments/*.json"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[VEN-2655] chore: Add Slither and remove yarn checksum update #2733

Workflow file

[VEN-2655] chore: Add Slither and remove yarn checksum update #2733

Jobs

Run details

Workflow file for this run