Update solc-version recommended versions (fix #570)

pull/577/head
Josselin 4 years ago
parent 1ebf43ce72
commit 799fe16c21
  1. 12
      slither/detectors/attributes/incorrect_solc.py
  2. 6
      tests/expected_json/solc_version_incorrect_05.ast.json.solc-version.json
  3. 2
      tests/expected_json/solc_version_incorrect_05.ast.json.solc-version.txt

@ -33,23 +33,25 @@ class IncorrectSolc(AbstractDetector):
`solc` frequently releases new compiler versions. Using an old version prevents access to new Solidity security checks. `solc` frequently releases new compiler versions. Using an old version prevents access to new Solidity security checks.
We also recommend avoiding complex `pragma` statement.''' We also recommend avoiding complex `pragma` statement.'''
WIKI_RECOMMENDATION = ''' WIKI_RECOMMENDATION = '''
Use Solidity 0.4.25 or 0.5.11. Consider using the latest version of Solidity for testing the compilation, and a trusted version for deploying.''' Use Solidity 0.5.11 - 0.5.13, 0.5.15-0.5.17, or 0.6.8, 0.6.10-0.6.11.
Consider using the latest version of Solidity for testing the compilation, and a trusted version for deploying.'''
COMPLEX_PRAGMA_TXT = "is too complex" COMPLEX_PRAGMA_TXT = "is too complex"
OLD_VERSION_TXT = "allows old versions" OLD_VERSION_TXT = "allows old versions"
LESS_THAN_TXT = "uses lesser than" LESS_THAN_TXT = "uses lesser than"
TOO_RECENT_VERSION_TXT = "necessitates versions too recent to be trusted. Consider deploying with 0.5.11" TOO_RECENT_VERSION_TXT = "necessitates a version too recent to be trusted. Consider deploying with 0.6.11"
BUGGY_VERSION_TXT = "is known to contain severe issue (https://solidity.readthedocs.io/en/v0.5.8/bugs.html)" BUGGY_VERSION_TXT = "is known to contain severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)"
# Indicates the allowed versions. Must be formatted in increasing order. # Indicates the allowed versions. Must be formatted in increasing order.
ALLOWED_VERSIONS = ["0.4.25", "0.4.26", "0.5.11"] ALLOWED_VERSIONS = ["0.5.11", "0.5.12", "0.5.13", "0.5.15", "0.5.16", "0.5.17", "0.6.8", "0.6.10", "0.6.11"]
# Indicates the versions that should not be used. # Indicates the versions that should not be used.
BUGGY_VERSIONS = ["0.4.22", "^0.4.22", BUGGY_VERSIONS = ["0.4.22", "^0.4.22",
"0.5.5", "^0.5.5", "0.5.5", "^0.5.5",
"0.5.6", "^0.5.6", "0.5.6", "^0.5.6",
"0.5.14", "^0.5.14"] "0.5.14", "^0.5.14",
"0.6.9", "^0.6.9"]
def _check_version(self, version): def _check_version(self, version):
op = version[0] op = version[0]

@ -30,9 +30,9 @@
} }
} }
], ],
"description": "Pragma version^0.5.5 (None) is known to contain severe issue (https://solidity.readthedocs.io/en/v0.5.8/bugs.html)\n", "description": "Pragma version^0.5.5 (None) is known to contain severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)\n",
"markdown": "Pragma version[^0.5.5](None) is known to contain severe issue (https://solidity.readthedocs.io/en/v0.5.8/bugs.html)\n", "markdown": "Pragma version[^0.5.5](None) is known to contain severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)\n",
"id": "fa84bcbd40d52d8846dcd54be4cada287e43c5461898c9acbf089ca8a478f6e5", "id": "b27987b5c734b3ac9a18d3aef5c96a20911b71fb0ffd8d222a1052252fea4151",
"check": "solc-version", "check": "solc-version",
"impact": "Informational", "impact": "Informational",
"confidence": "High" "confidence": "High"

@ -1,5 +1,5 @@
 
Pragma version^0.5.5 (None) is known to contain severe issue (https://solidity.readthedocs.io/en/v0.5.8/bugs.html) Pragma version^0.5.5 (None) is known to contain severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
Pragma version0.5.7 (None) allows old versions Pragma version0.5.7 (None) allows old versions
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity
tests/solc_version_incorrect_05.ast.json analyzed (1 contracts with 1 detectors), 2 result(s) found tests/solc_version_incorrect_05.ast.json analyzed (1 contracts with 1 detectors), 2 result(s) found

Loading…
Cancel
Save