From 1414de08d8f629a93ae695629bf46c0fab9321ed Mon Sep 17 00:00:00 2001 From: Feist Josselin Date: Wed, 27 Apr 2022 11:13:50 +0200 Subject: [PATCH 1/7] Document --checklist flag (#1190) Make the --checklist flag public Improve documentation of the related flags --- .github/workflows/IR.yml | 8 +----- .github/workflows/black.yml | 4 +-- .github/workflows/ci.yml | 5 +--- .github/workflows/detectors.yml | 8 +----- .github/workflows/features.yml | 8 +----- .github/workflows/linter.yml | 3 --- .github/workflows/parser.yml | 8 +----- .github/workflows/pylint.yml | 4 +-- .github/workflows/read_storage.yml | 7 ++---- CONTRIBUTING.md | 5 +--- README.md | 7 ++++-- setup.py | 12 +++++++++ slither/__main__.py | 39 +++++++++++++++++++----------- 13 files changed, 54 insertions(+), 64 deletions(-) diff --git a/.github/workflows/IR.yml b/.github/workflows/IR.yml index 7b5d214a9..0471cb876 100644 --- a/.github/workflows/IR.yml +++ b/.github/workflows/IR.yml @@ -33,13 +33,7 @@ jobs: - name: Install dependencies run: | - python setup.py install - pip install deepdiff - pip install pytest==7.0.1 - pip install typing_extensions==4.1.1 - pip install importlib_metadata==4.8.3 - - pip install "solc-select>=v1.0.0b1" + pip install ".[dev]" solc-select install all solc-select use 0.8.11 diff --git a/.github/workflows/black.yml b/.github/workflows/black.yml index c1a999b80..5292c1b57 100644 --- a/.github/workflows/black.yml +++ b/.github/workflows/black.yml @@ -29,8 +29,8 @@ jobs: - name: Install dependencies run: | - pip install . - pip install deepdiff numpy + pip install ".[dev]" + pip install numpy mkdir -p .github/linters cp pyproject.toml .github/linters diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1252e385a..5add68130 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -65,11 +65,8 @@ jobs: - name: Install dependencies run: | - python setup.py install - # Used by ci_test.sh - pip install deepdiff + pip install ".[dev]" - pip install "solc-select>=v1.0.0b1" solc-select install all solc-select use 0.5.1 pip install typing_extensions==4.1.1 diff --git a/.github/workflows/detectors.yml b/.github/workflows/detectors.yml index 4d8109297..0745de802 100644 --- a/.github/workflows/detectors.yml +++ b/.github/workflows/detectors.yml @@ -33,14 +33,8 @@ jobs: - name: Install dependencies run: | + pip install ".[dev]" - python setup.py install - pip install deepdiff - pip install pytest==7.0.1 - pip install typing_extensions==4.1.1 - pip install importlib_metadata==4.8.3 - - pip install "solc-select>=v1.0.0b1" solc-select install all solc-select use 0.7.3 - name: Test with pytest diff --git a/.github/workflows/features.yml b/.github/workflows/features.yml index 3763faca0..d26a68980 100644 --- a/.github/workflows/features.yml +++ b/.github/workflows/features.yml @@ -33,14 +33,8 @@ jobs: - name: Install dependencies run: | + pip install ".[dev]" - python setup.py install - pip install deepdiff - pip install pytest==7.0.1 - pip install typing_extensions==4.1.1 - pip install importlib_metadata==4.8.3 - - pip install "solc-select>=v1.0.0b1" solc-select install all solc-select use 0.8.0 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index c1b31a1c4..f3a66063e 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -29,9 +29,6 @@ jobs: - name: Install dependencies run: | - pip install . - pip install deepdiff numpy - mkdir -p .github/linters cp pyproject.toml .github/linters diff --git a/.github/workflows/parser.yml b/.github/workflows/parser.yml index 4c3566904..d3facfc79 100644 --- a/.github/workflows/parser.yml +++ b/.github/workflows/parser.yml @@ -33,13 +33,7 @@ jobs: - name: Install dependencies run: | - - python setup.py install - pip install deepdiff - pip install pytest==7.0.1 - pip install typing_extensions==4.1.1 - pip install importlib_metadata==4.8.3 - pip install "solc-select>=v1.0.0b1" + pip install ".[dev]" - name: Install solc run: | diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml index 692a981ab..199d1bea4 100644 --- a/.github/workflows/pylint.yml +++ b/.github/workflows/pylint.yml @@ -29,8 +29,8 @@ jobs: - name: Install dependencies run: | - pip install . - pip install deepdiff numpy + pip install ".[dev]" + pip install numpy mkdir -p .github/linters cp pyproject.toml .github/linters diff --git a/.github/workflows/read_storage.yml b/.github/workflows/read_storage.yml index 2ca618a19..b4c1d545d 100644 --- a/.github/workflows/read_storage.yml +++ b/.github/workflows/read_storage.yml @@ -35,11 +35,8 @@ jobs: - name: Install python dependencies run: | - python3 setup.py install - pip install web3 pytest deepdiff solc-select - pip install pytest==7.0.1 - pip install typing_extensions==4.1.1 - pip install importlib_metadata==4.8.3 + pip install ".[dev]" + pip install web3 solc-select install 0.8.1 solc-select install 0.8.10 solc-select use 0.8.1 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e93b2557c..75c470456 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -23,10 +23,7 @@ Some pull request guidelines: ## Development Environment Instructions for installing a development version of Slither can be found in our [wiki](https://github.com/crytic/slither/wiki/Developer-installation). -To run the unit tests, you need -- `deepdiff` installed (`pip install deepdiff`). -- `pycov` installed (`pip install pytest-cov`). -- [`solc-select`](https://github.com/crytic/solc-select) installed. +To run the unit tests, you need clone this repo and run `pip install ".[dev]"`. ### Linters diff --git a/README.md b/README.md index b160cd9be..4010448be 100644 --- a/README.md +++ b/README.md @@ -40,9 +40,12 @@ Run Slither on a single file: slither tests/uninitialized.sol ``` -For GitHub action integration, see [slither-action](https://github.com/marketplace/actions/slither-action). For additional configuration, see the [usage](https://github.com/trailofbits/slither/wiki/Usage) documentation. +### Integration +- For GitHub action integration, use [slither-action](https://github.com/marketplace/actions/slither-action). +- To generate a Markdown report, use `slither [target] --checklist`. +- To generate a Markdown with GitHub source code highlighting, use `slither [target] --checklist --markdown-root https://github.com/ORG/REPO/blob/COMMIT/` (replace `ORG`, `REPO`, `COMMIT`) -Use [solc-select](https://github.com/crytic/solc-select) if your contracts require older versions of solc. +Use [solc-select](https://github.com/crytic/solc-select) if your contracts require older versions of solc. For additional configuration, see the [usage](https://github.com/trailofbits/slither/wiki/Usage) documentation. ### Detectors diff --git a/setup.py b/setup.py index 1069f8aef..5a0548a24 100644 --- a/setup.py +++ b/setup.py @@ -17,6 +17,18 @@ setup( # "crytic-compile>=0.2.3", "crytic-compile", ], + extras_require={ + "dev": [ + "black>=22.3.0", + "pylint>=2.13.4", + "pytest==7.0.1", + "pytest-cov", + "deepdiff", + "typing_extensions==4.1.1", + "importlib_metadata==4.8.3", + "solc-select>=v1.0.0b1", + ] + }, dependency_links=["git+https://github.com/crytic/crytic-compile.git@master#egg=crytic-compile"], license="AGPL-3.0", long_description=long_description, diff --git a/slither/__main__.py b/slither/__main__.py index bc34e7081..dd195b65b 100644 --- a/slither/__main__.py +++ b/slither/__main__.py @@ -299,6 +299,9 @@ def parse_args(detector_classes, printer_classes): # pylint: disable=too-many-s group_detector = parser.add_argument_group("Detectors") group_printer = parser.add_argument_group("Printers") + group_checklist = parser.add_argument_group( + "Checklist (consider using https://github.com/crytic/slither-action)" + ) group_misc = parser.add_argument_group("Additional options") group_detector.add_argument( @@ -392,6 +395,28 @@ def parse_args(detector_classes, printer_classes): # pylint: disable=too-many-s default=defaults_flag_in_config["show_ignored_findings"], ) + group_checklist.add_argument( + "--checklist", + help="Generate a markdown page with the detector results", + action="store_true", + default=False, + ) + + group_checklist.add_argument( + "--checklist-limit", + help="Limite the number of results per detector in the markdown file", + action="store", + default="", + ) + + group_checklist.add_argument( + "--markdown-root", + type=check_and_sanitize_markdown_root, + help="URL for markdown generation", + action="store", + default="", + ) + group_misc.add_argument( "--json", help='Export the results as a JSON file ("--json -" to export to stdout)', @@ -429,14 +454,6 @@ def parse_args(detector_classes, printer_classes): # pylint: disable=too-many-s default=defaults_flag_in_config["zip_type"], ) - group_misc.add_argument( - "--markdown-root", - type=check_and_sanitize_markdown_root, - help="URL for markdown generation", - action="store", - default="", - ) - group_misc.add_argument( "--disable-color", help="Disable output colorization", @@ -487,12 +504,6 @@ def parse_args(detector_classes, printer_classes): # pylint: disable=too-many-s parser.add_argument("--markdown", help=argparse.SUPPRESS, action=OutputMarkdown, default=False) - group_misc.add_argument( - "--checklist", help=argparse.SUPPRESS, action="store_true", default=False - ) - - group_misc.add_argument("--checklist-limit", help=argparse.SUPPRESS, action="store", default="") - parser.add_argument( "--wiki-detectors", help=argparse.SUPPRESS, action=OutputWiki, default=False ) From aca172b6d7a4f397a61f5c7be90b22e3edf2fd39 Mon Sep 17 00:00:00 2001 From: alpharush <0xalpharush@protonmail.com> Date: Thu, 21 Apr 2022 09:18:34 -0500 Subject: [PATCH 2/7] fix language and pin linter versions --- CONTRIBUTING.md | 2 +- setup.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 75c470456..75cf4ecdc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -23,7 +23,7 @@ Some pull request guidelines: ## Development Environment Instructions for installing a development version of Slither can be found in our [wiki](https://github.com/crytic/slither/wiki/Developer-installation). -To run the unit tests, you need clone this repo and run `pip install ".[dev]"`. +To run the unit tests, you need clone this repository and run `pip install ".[dev]"`. ### Linters diff --git a/setup.py b/setup.py index 5a0548a24..d21934d51 100644 --- a/setup.py +++ b/setup.py @@ -19,8 +19,8 @@ setup( ], extras_require={ "dev": [ - "black>=22.3.0", - "pylint>=2.13.4", + "black==22.3.0", + "pylint==2.13.4", "pytest==7.0.1", "pytest-cov", "deepdiff", From 21d5dba4020836dc874534b789ef72cb9abcd1d7 Mon Sep 17 00:00:00 2001 From: alpharush <0xalpharush@protonmail.com> Date: Fri, 29 Apr 2022 00:21:20 -0500 Subject: [PATCH 3/7] remove dependencies in lints --- .github/workflows/black.yml | 3 --- .github/workflows/ci.yml | 2 -- .github/workflows/pylint.yml | 3 --- 3 files changed, 8 deletions(-) diff --git a/.github/workflows/black.yml b/.github/workflows/black.yml index 5292c1b57..94eafffeb 100644 --- a/.github/workflows/black.yml +++ b/.github/workflows/black.yml @@ -29,9 +29,6 @@ jobs: - name: Install dependencies run: | - pip install ".[dev]" - pip install numpy - mkdir -p .github/linters cp pyproject.toml .github/linters diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5add68130..831f205dc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -64,9 +64,7 @@ jobs: python-version: 3.6 - name: Install dependencies run: | - pip install ".[dev]" - solc-select install all solc-select use 0.5.1 pip install typing_extensions==4.1.1 diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml index 199d1bea4..2fe575c79 100644 --- a/.github/workflows/pylint.yml +++ b/.github/workflows/pylint.yml @@ -29,9 +29,6 @@ jobs: - name: Install dependencies run: | - pip install ".[dev]" - pip install numpy - mkdir -p .github/linters cp pyproject.toml .github/linters From d3eea7b64e3cf28d5f1aff3812b6c47d66411177 Mon Sep 17 00:00:00 2001 From: alpharush <0xalpharush@protonmail.com> Date: Wed, 25 May 2022 16:05:27 -0500 Subject: [PATCH 4/7] bump to python 3.8 --- .github/workflows/IR.yml | 4 ++-- .github/workflows/black.yml | 4 ++-- .github/workflows/ci.yml | 4 ++-- .github/workflows/detectors.yml | 4 ++-- .github/workflows/features.yml | 4 ++-- .github/workflows/linter.yml | 4 ++-- .github/workflows/parser.yml | 4 ++-- .github/workflows/pylint.yml | 4 ++-- .github/workflows/read_storage.yml | 4 ++-- README.md | 2 +- plugin_example/setup.py | 2 +- scripts/ci_test_simil.sh | 4 ++-- setup.py | 7 +++---- 13 files changed, 25 insertions(+), 26 deletions(-) diff --git a/.github/workflows/IR.yml b/.github/workflows/IR.yml index 0471cb876..434cef75b 100644 --- a/.github/workflows/IR.yml +++ b/.github/workflows/IR.yml @@ -26,10 +26,10 @@ jobs: - name: Checkout Code uses: actions/checkout@v2 - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | diff --git a/.github/workflows/black.yml b/.github/workflows/black.yml index 94eafffeb..b805c4d9d 100644 --- a/.github/workflows/black.yml +++ b/.github/workflows/black.yml @@ -22,10 +22,10 @@ jobs: - name: Checkout Code uses: actions/checkout@v2 - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 831f205dc..097f83914 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,10 +58,10 @@ jobs: echo 'C:\msys64\mingw64\bin' >> "$GITHUB_PATH" echo 'C:\msys64\usr\bin' >> "$GITHUB_PATH" - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | pip install ".[dev]" diff --git a/.github/workflows/detectors.yml b/.github/workflows/detectors.yml index 0745de802..8f3b45d15 100644 --- a/.github/workflows/detectors.yml +++ b/.github/workflows/detectors.yml @@ -26,10 +26,10 @@ jobs: - name: Checkout Code uses: actions/checkout@v2 - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | diff --git a/.github/workflows/features.yml b/.github/workflows/features.yml index d26a68980..8757d654a 100644 --- a/.github/workflows/features.yml +++ b/.github/workflows/features.yml @@ -26,10 +26,10 @@ jobs: - name: Checkout Code uses: actions/checkout@v2 - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index f3a66063e..5d9ff9017 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -22,10 +22,10 @@ jobs: - name: Checkout Code uses: actions/checkout@v2 - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | diff --git a/.github/workflows/parser.yml b/.github/workflows/parser.yml index d3facfc79..5e11420cf 100644 --- a/.github/workflows/parser.yml +++ b/.github/workflows/parser.yml @@ -26,10 +26,10 @@ jobs: - name: Checkout Code uses: actions/checkout@v2 - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml index 2fe575c79..04334a2d5 100644 --- a/.github/workflows/pylint.yml +++ b/.github/workflows/pylint.yml @@ -22,10 +22,10 @@ jobs: - name: Checkout Code uses: actions/checkout@v2 - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v3 with: - python-version: 3.6 + python-version: 3.8 - name: Install dependencies run: | diff --git a/.github/workflows/read_storage.yml b/.github/workflows/read_storage.yml index b4c1d545d..8a423d6c2 100644 --- a/.github/workflows/read_storage.yml +++ b/.github/workflows/read_storage.yml @@ -28,10 +28,10 @@ jobs: - name: Install ganache run: npm install --global ganache - - name: Set up Python 3.6 + - name: Set up Python 3.8 uses: actions/setup-python@v2 with: - python-version: 3.6 + python-version: 3.8 - name: Install python dependencies run: | diff --git a/README.md b/README.md index 4010448be..a7b30f9ae 100644 --- a/README.md +++ b/README.md @@ -165,7 +165,7 @@ See the [Tool documentation](https://github.com/crytic/slither/wiki/Tool-Documen ## How to install -Slither requires Python 3.6+ and [solc](https://github.com/ethereum/solidity/), the Solidity compiler. +Slither requires Python 3.8+ and [solc](https://github.com/ethereum/solidity/), the Solidity compiler. ### Using Pip diff --git a/plugin_example/setup.py b/plugin_example/setup.py index 9cef2aaf9..1bc065394 100644 --- a/plugin_example/setup.py +++ b/plugin_example/setup.py @@ -7,7 +7,7 @@ setup( author="Trail of Bits", version="0.0", packages=find_packages(), - python_requires=">=3.6", + python_requires=">=3.8", install_requires=["slither-analyzer==0.1"], entry_points={ "slither_analyzer.plugin": "slither my-plugin=slither_my_plugin:make_plugin", diff --git a/scripts/ci_test_simil.sh b/scripts/ci_test_simil.sh index bad5fd067..7ef511759 100755 --- a/scripts/ci_test_simil.sh +++ b/scripts/ci_test_simil.sh @@ -2,8 +2,8 @@ ### Install requisites -pip3.6 install pybind11 -pip3.6 install https://github.com/facebookresearch/fastText/archive/0.2.0.zip +pip3.8 install pybind11 +pip3.8 install https://github.com/facebookresearch/fastText/archive/0.2.0.zip ### Test slither-simil diff --git a/setup.py b/setup.py index d21934d51..993862f03 100644 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ setup( author="Trail of Bits", version="0.8.3", packages=find_packages(), - python_requires=">=3.6", + python_requires=">=3.8", install_requires=[ "prettytable>=0.7.2", "pysha3>=1.0.2", @@ -21,11 +21,10 @@ setup( "dev": [ "black==22.3.0", "pylint==2.13.4", - "pytest==7.0.1", + "pytest", "pytest-cov", "deepdiff", - "typing_extensions==4.1.1", - "importlib_metadata==4.8.3", + "numpy", "solc-select>=v1.0.0b1", ] }, From cc886a2f76ee3ddc2a7e06a925e97412d4e69934 Mon Sep 17 00:00:00 2001 From: alpharush <0xalpharush@protonmail.com> Date: Wed, 25 May 2022 16:19:28 -0500 Subject: [PATCH 5/7] fix sentence --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 75cf4ecdc..35ff46b97 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -23,7 +23,7 @@ Some pull request guidelines: ## Development Environment Instructions for installing a development version of Slither can be found in our [wiki](https://github.com/crytic/slither/wiki/Developer-installation). -To run the unit tests, you need clone this repository and run `pip install ".[dev]"`. +To run the unit tests, you need to clone this repository and run `pip install ".[dev]"`. ### Linters From 61bb6d1dde8581285c5d599e3791b8b90cec2518 Mon Sep 17 00:00:00 2001 From: alpharush <0xalpharush@protonmail.com> Date: Wed, 25 May 2022 17:17:07 -0500 Subject: [PATCH 6/7] set pythonutf8 for windows --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 097f83914..6a6f2f38d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -84,5 +84,6 @@ jobs: env: TEST_TYPE: ${{ matrix.type }} GITHUB_ETHERSCAN: ${{ secrets.GITHUB_ETHERSCAN }} + PYTHONUTF8: 1 run: | bash "scripts/ci_test_${TEST_TYPE}.sh" From d25ebe2acc7306636d1537ff106504341f32f708 Mon Sep 17 00:00:00 2001 From: Feist Josselin Date: Thu, 28 Jul 2022 08:42:25 +0200 Subject: [PATCH 7/7] Update ci.yml --- .github/workflows/ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 87b76a0f2..cc58ab718 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -74,6 +74,5 @@ jobs: PYTHONUTF8: 1 TEST_TYPE: ${{ matrix.type }} GITHUB_ETHERSCAN: ${{ secrets.GITHUB_ETHERSCAN }} - PYTHONUTF8: 1 run: | bash "scripts/ci_test_${TEST_TYPE}.sh"