{"id":25050493,"url":"https://github.com/EricR/solanalyzer","last_synced_at":"2025-10-21T06:31:52.933Z","repository":{"id":57609971,"uuid":"146221958","full_name":"EricR/solanalyzer","owner":"EricR","description":"SolAnalyzer is a static analyzer for the Solidity programming language, with a focus on finding security bugs.","archived":true,"fork":false,"pushed_at":"2018-10-14T15:03:46.000Z","size":11522,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-06-21T00:07:50.864Z","etag":null,"topics":["ethereum","security","solidity","static-analysis"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/EricR.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-08-26T22:46:31.000Z","updated_at":"2023-02-09T02:17:10.000Z","dependencies_parsed_at":"2022-08-27T20:00:47.019Z","dependency_job_id":null,"html_url":"https://github.com/EricR/solanalyzer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EricR%2Fsolanalyzer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EricR%2Fsolanalyzer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EricR%2Fsolanalyzer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EricR%2Fsolanalyzer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/EricR","download_url":"https://codeload.github.com/EricR/solanalyzer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237446277,"owners_count":19311291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ethereum","security","solidity","static-analysis"],"created_at":"2025-02-06T09:03:42.956Z","updated_at":"2025-10-21T06:31:52.928Z","avatar_url":"https://github.com/EricR.png","language":"Go","funding_links":[],"categories":["Static Analysis"],"sub_categories":[],"readme":"# SolAnalyzer\n\nSolAnalyzer is a static analyzer for the Solidity programming language, with a focus on finding security bugs.\n\n**Warning**: This software is in beta and false negatives may be likely. Please keep that in mind when using this tool.\n\n## Compile\n\nCompiling SolAnalyzer requires Go and GoDep. Once those dependencies are satisfied, `make` can be run to compile the source.\n\n## Run\n\nRunning the tool looks like this:\n\n```\n$ solanalyzer --help\nSolAnalyzer is a static analyzer for the Solidity programming language, with a focus on finding security bugs.\n\nUsage:\n solanalyzer path [flags]\n\nFlags:\n -h, --help help for solanalyzer\n -v, --verbose verbose output\n\n$ solanalyzer examples/\n\nSolAnalyzer v0.1-beta\nCopyright 2018 Eric Rafaloff\n\nThis is beta software. Please report issues at https://github.com/EricR/solanalyzer/issues/.\n\n[2018-09-01T09:28:10-04:00] INFO Starting new session\n[2018-09-01T09:28:10-04:00] INFO Parsing sources\n[2018-09-01T09:28:10-04:00] INFO Scanning sources\n[2018-09-01T09:28:10-04:00] INFO Analyzing sources\n[2018-09-01T09:28:10-04:00] INFO Generating report\n\n=== Start SolAnalyzer Report ===\n\nReport Date: Sat Sep 1 9:28 AM 2018\nAnalyzers Run: compiler-version, function-visibility\n\nHigh Severity Issues\n--------------------\nNo issues\n\nMedium Severity Issues\n----------------------\nNo issues\n\nLow Severity Issues\n-------------------\nTitle: Compiler Bug - EventStructWrongData\nDescription: The version pragma, \u003e0.4.22, can be satisfied by a version of the Solidity compiler that contains a known bug. If a struct is used in an event, the address of the struct is logged instead of the actual data. This bug is reported to be fixed in version 0.5.0.\nSource: examples/reentrancy.sol:1:23\nAnalyzer ID: compiler-version\nInstance ID: c4afc52c128cbd79b10ffeee91b937beeac479ecb864752a8dd0dcf787bdebb8\n\nInformational Severity Issues\n-----------------------------\nTitle: Default Function Visibility\nDescription: No visibility is specified for function transfer(address to, uint amount) in contract Vulnerable. The default is public. It should be confirmed that this is desired, and the visibility of the function should be explicitly set.\nSource: examples/reentrancy.sol:6:1\nAnalyzer ID: function-visibility\nInstance ID: 747dbaef6def6d744a1898c482f1325ec704d56ceb1f1fa1b099d7a03008f8e1\n\nTitle: Default Function Visibility\nDescription: No visibility is specified for function withdraw() in contract Vulnerable. The default is public. It should be confirmed that this is desired, and the visibility of the function should be explicitly set.\nSource: examples/reentrancy.sol:13:1\nAnalyzer ID: function-visibility\nInstance ID: 6d6158a6074c6d05639d365b861615cb5648736afd27ae0a78b6633844c2f317\n\n=== End SolAnalyzer Report ===\n```\n\n## Supported Checks\n\nSee [here](https://github.com/EricR/solanalyzer/wiki/Supported-Checks) for a list of issues SolAnalyzer is capable of checking for.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEricR%2Fsolanalyzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FEricR%2Fsolanalyzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEricR%2Fsolanalyzer/lists"}