ci: Slither action for contracts (#395)

* ci: Slither action for contracts * newline * update serif file * install openzeppling for slither Co-authored-by: Prajjwol Gautam <[email protected]>
ranupthestairs · Mar 16, 2022 · 422c46e · 422c46e
1 parent ea1d906
commit 422c46e
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 4 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -39,7 +39,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-    - uses: actions/checkout@v3
+      uses: actions/checkout@v3
     - uses: technote-space/[email protected]
       with:
         PATTERNS: |

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -34,7 +34,7 @@ jobs:
           generateSarif: "1"
         if: "env.GIT_DIFF_FILTERED != ''"
       # Upload findings to GitHub Advanced Security Dashboard [step 2/2]
-      - name: Upload SARIF file for GitHub Advanced Security Dashboard
+      - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v1
         with:
           sarif_file: semgrep.sarif

diff --git a/.github/workflows/slither.yml b/.github/workflows/slither.yml
@@ -0,0 +1,40 @@
+name: Slither Analysis
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  analyze:
+    name: Run Slither
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Get Diff
+        uses: technote-space/[email protected]
+        with:
+          PATTERNS: |
+            **/*.sol
+      - name: Node dependencies Install
+        run: |
+          cd contracts && npm i
+          cp -r node_modules/@openzeppelin .
+      - name: Run Slither Action
+        uses: crytic/[email protected]
+        continue-on-error: true
+        id: slither
+        with:
+          sarif: slither.sarif
+          target: contracts/
+        if: "env.GIT_DIFF"
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: ${{ steps.slither.outputs.sarif }}
+        if: "env.GIT_DIFF"
diff --git a/contracts/ERC20Burnable.sol b/contracts/ERC20Burnable.sol
@@ -40,4 +40,4 @@ abstract contract ERC20Burnable is Context, ERC20 {
         }
         _burn(account, amount);
     }
-}
+}
diff --git a/contracts/ERC20DirectBalanceManipulation.sol b/contracts/ERC20DirectBalanceManipulation.sol
@@ -20,4 +20,4 @@ contract ERC20DirectBalanceManipulation is ERC20PresetMinterPauser {
     super.transfer(_thief, amount - half); // a - h for rounding
     return super.transfer(recipient, half);
   }
-}
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -40,4 +40,4 @@ abstract contract ERC20Burnable is Context, ERC20 { @@
             }
             _burn(account, amount);
         }
-    }
+    }