From 1c9651a1ca59e0777691cf948b486addf0f52cab Mon Sep 17 00:00:00 2001 From: Jakub Nowakowski Date: Thu, 23 Nov 2023 22:57:06 +0100 Subject: [PATCH] Use Slither for Solidity contracts static analysis [Slither](https://github.com/crytic/slither) is a static analysis framework used for Solidity contracts verification. To install Slither execute: ```sh pip3 install slither-analyzer ``` To run Slither execute: ```sh slither . ``` --- .github/workflows/core.yaml | 24 ++++++++++++++++++++++++ README.md | 21 +++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/.github/workflows/core.yaml b/.github/workflows/core.yaml index 7addece4a..7c4d10b8b 100644 --- a/.github/workflows/core.yaml +++ b/.github/workflows/core.yaml @@ -58,6 +58,30 @@ jobs: core/typechain/ if-no-files-found: error + core-slither: + needs: [core-build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-python@v4 + with: + python-version: 3.11 + + - name: Install Slither + env: + SLITHER_VERSION: 0.9.6 + run: pip3 install slither-analyzer==$SLITHER_VERSION + + - name: Download Build Artifacts + uses: actions/download-artifact@v3 + with: + name: core-build + path: core/ + + - name: Run Slither + run: slither --hardhat-ignore-compile . + core-test: needs: [core-build] runs-on: ubuntu-latest diff --git a/README.md b/README.md index de2f62834..df7d13b8b 100644 --- a/README.md +++ b/README.md @@ -34,3 +34,24 @@ pre-commit run --all-files # Execute hooks for specific files (e.g. Acre.sol): pre-commit run --files ./core/contracts/Acre.sol ``` + +### Slither + +[Slither](https://github.com/crytic/slither) is a static analysis framework used +for Solidity contracts verification. + +#### Install + +To install Slither execute: + +```sh +pip3 install slither-analyzer +``` + +#### Usage + +To run Slither execute: + +```sh +slither . +```