Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/contractshark/pipeline-slither

GitHub Actions Slither Workflow
https://github.com/contractshark/pipeline-slither

actions ethereum slither smart-contracts solidity static-analysis workflow

Last synced: about 3 hours ago
JSON representation

GitHub Actions Slither Workflow

Host: GitHub
URL: https://github.com/contractshark/pipeline-slither
Owner: contractshark
Created: 2021-01-25T22:08:27.000Z (almost 4 years ago)
Default Branch: master
Last Pushed: 2021-10-09T00:17:09.000Z (about 3 years ago)
Last Synced: 2024-04-22T10:14:49.257Z (7 months ago)
Topics: actions, ethereum, slither, smart-contracts, solidity, static-analysis, workflow
Language: Python
Homepage:
Size: 21.5 KB
Stars: 1
Watchers: 4
Forks: 3
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        ---

title: GitHub Workflow Template for Crytic Slither

description: Slither CI Pipeline workflow

version: v.1.0.0

---

# Slither scripts | Functions by modifier

Detect functions in any set of Solidity smart contract that are labeled with a given modifier, using [Slither](https://github.com/trailofbits/slither).

This script is based on [Slither's `contract-summary` printer](https://github.com/trailofbits/slither/blob/ff280c2b6f35f8df4efff92903700da7d04fb415/slither/printers/summary/contract.py#L13).

## Usage

`python modifier.py  `

Example:

~~~

$ python modifier.py test/TestContract.sol firstModifier

== Functions with firstModifier modifier ==

+ Contract ParentContract

+ Contract TestContract

  - From TestContract

    - withTwoModifiers(address) (public)

    - withOneModifier() (internal)

~~~

## Limitations

Currently, the script does not look for modifiers in internal calls.

For instance, in the following code snippet, `foo` will not be listed as having the `onlyOwner` modifier, even though it actually is restricted by that modifier due to the internal call to `bar()`.

~~~solidity

contract Test {

    modifier onlyOwner() { ... }

    function foo() public {

        bar();

    }

    

    function bar() public onlyOwner { ... }

}

~~~

## Slither GitHub Actions Workflow

> Static Analysis Tool for Ethereum Smart Contracts

### Supported tags

#{range $_, $v := .Versions}

#### #{\$v.Version}

`#{3.6.5-3.8, $b := $v.Builds}`

- `#{$b.Tag}`#{range \$3.6.5-3.8}, `#{$t}`#{end}

  #{end}#{end}

## API

Note: unlike `realpath(1)`, these functions take no options; **do not** use `--` to escape any arguments

| Function                       | Description                                        |

| ------------------------------ | -------------------------------------------------- |

| 
{{ slither-flat }}  | { flatten source file: ['MostDerived' 'OneFile'] } |

|  slither \$PWD      | run `slither-analysis`                             |

| solc-select 
        | solidity version manager                           |

### License

AGPL