name: static-analysis on: # Triggers the workflow on pull request against main pull_request: branches: [main] paths: - 'solidity/**' jobs: slither: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: recursive - name: yarn-cache uses: actions/cache@v3 with: path: | **/node_modules .yarn/cache key: ${{ runner.os }}-yarn-cache-${{ hashFiles('./yarn.lock') }} - run: yarn workspaces focus @hyperlane-xyz/core - name: Static analysis uses: crytic/slither-action@v0.3.0 id: slither with: target: 'solidity/' slither-config: 'solidity/slither.config.json' sarif: results.sarif fail-on: none - name: Upload SARIF file uses: github/codeql-action/upload-sarif@v2 with: sarif_file: ${{ steps.slither.outputs.sarif }}