fix: filtering of unused-import,incorrect-solc, pragma (#2472)

pull/2475/head
alpharush 6 months ago committed by GitHub
parent 54432922f6
commit a0afa2573e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
  1. 14
      slither/detectors/attributes/constant_pragma.py
  2. 10
      slither/detectors/attributes/incorrect_solc.py
  3. 22
      slither/detectors/statements/unused_import.py
  4. 4
      tests/e2e/detectors/snapshots/detectors__detector_ConstantPragma_0_4_25_pragma_0_4_25_sol__0.txt
  5. 4
      tests/e2e/detectors/snapshots/detectors__detector_ConstantPragma_0_5_16_pragma_0_5_16_sol__0.txt
  6. 4
      tests/e2e/detectors/snapshots/detectors__detector_ConstantPragma_0_6_11_pragma_0_6_11_sol__0.txt
  7. 4
      tests/e2e/detectors/snapshots/detectors__detector_ConstantPragma_0_7_6_pragma_0_7_6_sol__0.txt
  8. 8
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_4_25_static_sol__0.txt
  9. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_5_14_static_sol__0.txt
  10. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_5_16_dynamic_1_sol__0.txt
  11. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_5_16_dynamic_2_sol__0.txt
  12. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_5_16_static_sol__0.txt
  13. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_6_10_static_sol__0.txt
  14. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_6_11_dynamic_1_sol__0.txt
  15. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_6_11_dynamic_2_sol__0.txt
  16. 4
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_6_11_static_sol__0.txt
  17. 8
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_7_4_static_sol__0.txt
  18. 8
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_7_6_dynamic_1_sol__0.txt
  19. 8
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_7_6_dynamic_2_sol__0.txt
  20. 8
      tests/e2e/detectors/snapshots/detectors__detector_IncorrectSolc_0_7_6_static_sol__0.txt
  21. 6
      tests/e2e/detectors/snapshots/detectors__detector_UnusedImport_0_8_16_C_sol__0.txt

@ -36,21 +36,19 @@ class ConstantPragma(AbstractDetector):
for pragma in self.compilation_unit.pragma_directives: for pragma in self.compilation_unit.pragma_directives:
if pragma.is_solidity_version: if pragma.is_solidity_version:
if pragma.version not in pragma_directives_by_version: if pragma.version not in pragma_directives_by_version:
pragma_directives_by_version[ pragma_directives_by_version[pragma.version] = [pragma]
pragma.version
] = f"\t\t- {str(pragma.source_mapping)}\n"
else: else:
pragma_directives_by_version[ pragma_directives_by_version[pragma.version].append(pragma)
pragma.version
] += f"\t\t- {str(pragma.source_mapping)}\n"
versions = list(pragma_directives_by_version.keys()) versions = list(pragma_directives_by_version.keys())
if len(versions) > 1: if len(versions) > 1:
info: DETECTOR_INFO = [f"{len(versions)} different versions of Solidity are used:\n"] info: DETECTOR_INFO = [f"{len(versions)} different versions of Solidity are used:\n"]
for version in versions: for version in versions:
pragma = pragma_directives_by_version[version] pragmas = pragma_directives_by_version[version]
info += [f"\t- Version constraint {version} is used by:\n {pragma}"] info += [f"\t- Version constraint {version} is used by:\n"]
for pragma in pragmas:
info += ["\t\t-", pragma, "\n"]
res = self.generate_result(info) res = self.generate_result(info)

@ -115,16 +115,18 @@ Consider using the latest version of Solidity for testing."""
continue continue
if p.version in disallowed_pragmas and reason in disallowed_pragmas[p.version]: if p.version in disallowed_pragmas and reason in disallowed_pragmas[p.version]:
disallowed_pragmas[p.version][reason] += f"\t- {str(p.source_mapping)}\n" disallowed_pragmas[p.version][reason].append(p)
else: else:
disallowed_pragmas[p.version] = {reason: f"\t- {str(p.source_mapping)}\n"} disallowed_pragmas[p.version] = {reason: [p]}
# If we found any disallowed pragmas, we output our findings. # If we found any disallowed pragmas, we output our findings.
if len(disallowed_pragmas.keys()): if len(disallowed_pragmas.keys()):
for p, reasons in disallowed_pragmas.items(): for p, reasons in disallowed_pragmas.items():
info: DETECTOR_INFO = [] info: DETECTOR_INFO = []
for r, v in reasons.items(): for r, vers in reasons.items():
info += [f"Version constraint {p} {r}.\n It is used by:\n{v}"] info += [f"Version constraint {p} {r}.\nIt is used by:\n"]
for ver in vers:
info += ["\t- ", ver, "\n"]
json = self.generate_result(info) json = self.generate_result(info)

@ -63,7 +63,7 @@ class UnusedImport(AbstractDetector):
return False return False
return True return True
def _detect(self) -> List[Output]: def _detect(self) -> List[Output]: # pylint: disable=too-many-branches
results: List[Output] = [] results: List[Output] = []
# This is computed lazily and then memoized so we need to trigger the computation. # This is computed lazily and then memoized so we need to trigger the computation.
self.slither._compute_offsets_to_ref_impl_decl() self.slither._compute_offsets_to_ref_impl_decl()
@ -74,7 +74,7 @@ class UnusedImport(AbstractDetector):
if unit.crytic_compile.is_dependency(filename.absolute): if unit.crytic_compile.is_dependency(filename.absolute):
continue continue
unused = [] unused_list = []
for i in current_scope.imports: for i in current_scope.imports:
# `scope.imports` contains all transitive imports so we need to filter out imports not explicitly imported in the file. # `scope.imports` contains all transitive imports so we need to filter out imports not explicitly imported in the file.
# Otherwise, we would recommend removing an import that is used by a leaf contract and cause compilation errors. # Otherwise, we would recommend removing an import that is used by a leaf contract and cause compilation errors.
@ -105,17 +105,15 @@ class UnusedImport(AbstractDetector):
break break
if not use_found: if not use_found:
unused.append(f"{i.source_mapping.content} ({i.source_mapping})") unused_list.append(f"{i.source_mapping.content} ({i.source_mapping})")
if len(unused) > 0: if len(unused_list) > 0:
unused_list = "\n\t-" + "\n\t-".join(unused) info = [
f"The following unused import(s) in {filename.used} should be removed:",
results.append(
self.generate_result(
[
f"The following unused import(s) in {filename.used} should be removed: {unused_list}\n",
] ]
) for unused in unused_list:
) info += ["\n\t-", unused, "\n"]
results.append(self.generate_result(info))
return results return results

@ -1,6 +1,6 @@
2 different versions of Solidity are used: 2 different versions of Solidity are used:
- Version constraint ^0.4.25 is used by: - Version constraint ^0.4.25 is used by:
- tests/e2e/detectors/test_data/pragma/0.4.25/pragma.0.4.25.sol#1 -^0.4.25 (tests/e2e/detectors/test_data/pragma/0.4.25/pragma.0.4.25.sol#1)
- Version constraint ^0.4.24 is used by: - Version constraint ^0.4.24 is used by:
- tests/e2e/detectors/test_data/pragma/0.4.25/pragma.0.4.24.sol#1 -^0.4.24 (tests/e2e/detectors/test_data/pragma/0.4.25/pragma.0.4.24.sol#1)

@ -1,6 +1,6 @@
2 different versions of Solidity are used: 2 different versions of Solidity are used:
- Version constraint ^0.5.16 is used by: - Version constraint ^0.5.16 is used by:
- tests/e2e/detectors/test_data/pragma/0.5.16/pragma.0.5.16.sol#1 -^0.5.16 (tests/e2e/detectors/test_data/pragma/0.5.16/pragma.0.5.16.sol#1)
- Version constraint ^0.5.15 is used by: - Version constraint ^0.5.15 is used by:
- tests/e2e/detectors/test_data/pragma/0.5.16/pragma.0.5.15.sol#1 -^0.5.15 (tests/e2e/detectors/test_data/pragma/0.5.16/pragma.0.5.15.sol#1)

@ -1,6 +1,6 @@
2 different versions of Solidity are used: 2 different versions of Solidity are used:
- Version constraint ^0.6.11 is used by: - Version constraint ^0.6.11 is used by:
- tests/e2e/detectors/test_data/pragma/0.6.11/pragma.0.6.11.sol#1 -^0.6.11 (tests/e2e/detectors/test_data/pragma/0.6.11/pragma.0.6.11.sol#1)
- Version constraint ^0.6.10 is used by: - Version constraint ^0.6.10 is used by:
- tests/e2e/detectors/test_data/pragma/0.6.11/pragma.0.6.10.sol#1 -^0.6.10 (tests/e2e/detectors/test_data/pragma/0.6.11/pragma.0.6.10.sol#1)

@ -1,6 +1,6 @@
2 different versions of Solidity are used: 2 different versions of Solidity are used:
- Version constraint ^0.7.6 is used by: - Version constraint ^0.7.6 is used by:
- tests/e2e/detectors/test_data/pragma/0.7.6/pragma.0.7.6.sol#1 -^0.7.6 (tests/e2e/detectors/test_data/pragma/0.7.6/pragma.0.7.6.sol#1)
- Version constraint ^0.7.5 is used by: - Version constraint ^0.7.5 is used by:
- tests/e2e/detectors/test_data/pragma/0.7.6/pragma.0.7.5.sol#1 -^0.7.5 (tests/e2e/detectors/test_data/pragma/0.7.6/pragma.0.7.5.sol#1)

@ -1,5 +1,3 @@
solc-0.4.25 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.
Version constraint 0.4.25 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html) Version constraint 0.4.25 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- DirtyBytesArrayToStorage - DirtyBytesArrayToStorage
- ABIDecodeTwoDimensionalArrayMemory - ABIDecodeTwoDimensionalArrayMemory
@ -16,6 +14,8 @@ Version constraint 0.4.25 contains known severe issues (https://solidity.readthe
- UninitializedFunctionPointerInConstructor_0.4.x - UninitializedFunctionPointerInConstructor_0.4.x
- IncorrectEventSignatureInLibraries_0.4.x - IncorrectEventSignatureInLibraries_0.4.x
- ABIEncoderV2PackedStorage_0.4.x. - ABIEncoderV2PackedStorage_0.4.x.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.4.25/static.sol#1 - 0.4.25 (tests/e2e/detectors/test_data/solc-version/0.4.25/static.sol#1)
solc-0.4.25 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -13,8 +13,8 @@ Version constraint 0.5.14 contains known severe issues (https://solidity.readthe
- privateCanBeOverridden - privateCanBeOverridden
- YulOptimizerRedundantAssignmentBreakContinue0.5 - YulOptimizerRedundantAssignmentBreakContinue0.5
- ABIEncoderV2LoopYulOptimizer. - ABIEncoderV2LoopYulOptimizer.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.5.14/static.sol#1 - 0.5.14 (tests/e2e/detectors/test_data/solc-version/0.5.14/static.sol#1)
solc-0.5.14 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.5.14 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -12,8 +12,8 @@ Version constraint ^0.5.15 contains known severe issues (https://solidity.readth
- MemoryArrayCreationOverflow - MemoryArrayCreationOverflow
- privateCanBeOverridden - privateCanBeOverridden
- YulOptimizerRedundantAssignmentBreakContinue0.5. - YulOptimizerRedundantAssignmentBreakContinue0.5.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.5.16/dynamic_1.sol#1 - ^0.5.15 (tests/e2e/detectors/test_data/solc-version/0.5.16/dynamic_1.sol#1)
solc-0.5.16 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.5.16 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -14,8 +14,8 @@ Version constraint >=0.5.0<0.6.0 contains known severe issues (https://solidity.
- UninitializedFunctionPointerInConstructor - UninitializedFunctionPointerInConstructor
- IncorrectEventSignatureInLibraries - IncorrectEventSignatureInLibraries
- ABIEncoderV2PackedStorage. - ABIEncoderV2PackedStorage.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.5.16/dynamic_2.sol#1 - >=0.5.0<0.6.0 (tests/e2e/detectors/test_data/solc-version/0.5.16/dynamic_2.sol#1)
solc-0.5.16 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.5.16 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -11,8 +11,8 @@ Version constraint 0.5.16 contains known severe issues (https://solidity.readthe
- TupleAssignmentMultiStackSlotComponents - TupleAssignmentMultiStackSlotComponents
- MemoryArrayCreationOverflow - MemoryArrayCreationOverflow
- privateCanBeOverridden. - privateCanBeOverridden.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.5.16/static.sol#1 - 0.5.16 (tests/e2e/detectors/test_data/solc-version/0.5.16/static.sol#1)
solc-0.5.16 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.5.16 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -12,6 +12,6 @@ Version constraint 0.6.10 contains known severe issues (https://solidity.readthe
- KeccakCaching - KeccakCaching
- EmptyByteArrayCopy - EmptyByteArrayCopy
- DynamicArrayCleanup. - DynamicArrayCleanup.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.6.10/static.sol#1 - 0.6.10 (tests/e2e/detectors/test_data/solc-version/0.6.10/static.sol#1)

@ -10,8 +10,8 @@ Version constraint ^0.6.10 contains known severe issues (https://solidity.readth
- KeccakCaching - KeccakCaching
- EmptyByteArrayCopy - EmptyByteArrayCopy
- DynamicArrayCleanup. - DynamicArrayCleanup.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.6.11/dynamic_1.sol#1 - ^0.6.10 (tests/e2e/detectors/test_data/solc-version/0.6.11/dynamic_1.sol#1)
solc-0.6.11 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.6.11 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -12,8 +12,8 @@ Version constraint >=0.6.0<0.7.0 contains known severe issues (https://solidity.
- TupleAssignmentMultiStackSlotComponents - TupleAssignmentMultiStackSlotComponents
- MemoryArrayCreationOverflow - MemoryArrayCreationOverflow
- YulOptimizerRedundantAssignmentBreakContinue. - YulOptimizerRedundantAssignmentBreakContinue.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.6.11/dynamic_2.sol#1 - >=0.6.0<0.7.0 (tests/e2e/detectors/test_data/solc-version/0.6.11/dynamic_2.sol#1)
solc-0.6.11 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.6.11 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -10,8 +10,8 @@ Version constraint 0.6.11 contains known severe issues (https://solidity.readthe
- KeccakCaching - KeccakCaching
- EmptyByteArrayCopy - EmptyByteArrayCopy
- DynamicArrayCleanup. - DynamicArrayCleanup.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.6.11/static.sol#1 - 0.6.11 (tests/e2e/detectors/test_data/solc-version/0.6.11/static.sol#1)
solc-0.6.11 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.6.11 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -1,3 +1,5 @@
solc-0.7.4 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.
Version constraint 0.7.4 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html) Version constraint 0.7.4 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- FullInlinerNonExpressionSplitArgumentEvaluationOrder - FullInlinerNonExpressionSplitArgumentEvaluationOrder
- MissingSideEffectsOnSelectorAccess - MissingSideEffectsOnSelectorAccess
@ -8,8 +10,6 @@ Version constraint 0.7.4 contains known severe issues (https://solidity.readthed
- SignedImmutables - SignedImmutables
- ABIDecodeTwoDimensionalArrayMemory - ABIDecodeTwoDimensionalArrayMemory
- KeccakCaching. - KeccakCaching.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.7.4/static.sol#1 - 0.7.4 (tests/e2e/detectors/test_data/solc-version/0.7.4/static.sol#1)
solc-0.7.4 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -1,5 +1,3 @@
solc-0.7.6 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.
Version constraint ^0.7.4 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html) Version constraint ^0.7.4 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- FullInlinerNonExpressionSplitArgumentEvaluationOrder - FullInlinerNonExpressionSplitArgumentEvaluationOrder
- MissingSideEffectsOnSelectorAccess - MissingSideEffectsOnSelectorAccess
@ -10,6 +8,8 @@ Version constraint ^0.7.4 contains known severe issues (https://solidity.readthe
- SignedImmutables - SignedImmutables
- ABIDecodeTwoDimensionalArrayMemory - ABIDecodeTwoDimensionalArrayMemory
- KeccakCaching. - KeccakCaching.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.7.6/dynamic_1.sol#1 - ^0.7.4 (tests/e2e/detectors/test_data/solc-version/0.7.6/dynamic_1.sol#1)
solc-0.7.6 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -1,6 +1,6 @@
Version constraint >=0.7.0<=0.7.6 is too complex.
It is used by:
- tests/e2e/detectors/test_data/solc-version/0.7.6/dynamic_2.sol#1
solc-0.7.6 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. solc-0.7.6 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.
Version constraint >=0.7.0<=0.7.6 is too complex.
It is used by:
- >=0.7.0<=0.7.6 (tests/e2e/detectors/test_data/solc-version/0.7.6/dynamic_2.sol#1)

@ -1,5 +1,3 @@
solc-0.7.6 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.
Version constraint 0.7.6 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html) Version constraint 0.7.6 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- FullInlinerNonExpressionSplitArgumentEvaluationOrder - FullInlinerNonExpressionSplitArgumentEvaluationOrder
- MissingSideEffectsOnSelectorAccess - MissingSideEffectsOnSelectorAccess
@ -10,6 +8,8 @@ Version constraint 0.7.6 contains known severe issues (https://solidity.readthed
- SignedImmutables - SignedImmutables
- ABIDecodeTwoDimensionalArrayMemory - ABIDecodeTwoDimensionalArrayMemory
- KeccakCaching. - KeccakCaching.
It is used by: It is used by:
- tests/e2e/detectors/test_data/solc-version/0.7.6/static.sol#1 - 0.7.6 (tests/e2e/detectors/test_data/solc-version/0.7.6/static.sol#1)
solc-0.7.6 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible.

@ -1,6 +1,6 @@
The following unused import(s) in tests/e2e/detectors/test_data/unused-imports/0.8.16/B.sol should be removed:
-import "./A.sol"; (tests/e2e/detectors/test_data/unused-imports/0.8.16/B.sol#4)
The following unused import(s) in tests/e2e/detectors/test_data/unused-imports/0.8.16/C.sol should be removed: The following unused import(s) in tests/e2e/detectors/test_data/unused-imports/0.8.16/C.sol should be removed:
-import "./B.sol"; (tests/e2e/detectors/test_data/unused-imports/0.8.16/C.sol#4) -import "./B.sol"; (tests/e2e/detectors/test_data/unused-imports/0.8.16/C.sol#4)
The following unused import(s) in tests/e2e/detectors/test_data/unused-imports/0.8.16/B.sol should be removed:
-import "./A.sol"; (tests/e2e/detectors/test_data/unused-imports/0.8.16/B.sol#4)

Loading…
Cancel
Save