Merge pull request #1586 from crytic/dev

Merge dev into master

.github/workflows/IR.yml

@@ -34,9 +34,14 @@ jobs:
       - name: Install dependencies
         run: |
           pip install ".[dev]"
-          solc-select install all
-          solc-select use 0.8.11
+          solc-select install 0.5.0         
+          solc-select use 0.8.11 --always-install
+
+      - name: Install old solc
+        if: matrix.os == 'ubuntu-latest'
+        run: solc-select install 0.4.0
+
 
       - name: Test with pytest
         run: |
-          pytest tests/test_ssa_generation.py
+          pytest tests/test_ssa_generation.py

.github/workflows/ci.yml

@@ -29,7 +29,7 @@ jobs:
                # "embark",
                "erc",
                # "etherlime",
-               # "etherscan"
+               "etherscan",
                "find_paths",
                "flat",
                "kspec",
@@ -55,8 +55,9 @@ jobs:
       - name: Install dependencies
         run: |
           pip install ".[dev]"
-          solc-select install all
-          solc-select use 0.5.1
+          solc-select use 0.4.25 --always-install
+          solc-select use 0.8.0 --always-install
+          solc-select use 0.5.1 --always-install
           pip install typing_extensions==4.1.1
           pip install importlib_metadata==4.8.3
 

.github/workflows/detectors.yml

@@ -35,8 +35,7 @@ jobs:
         run: |
           pip install ".[dev]"
 
-          solc-select install all
-          solc-select use 0.7.3
+          solc-select use 0.7.3 --always-install
       - name: Test with pytest
         run: |
           pytest tests/test_detectors.py

.github/workflows/doctor.yml

@@ -0,0 +1,87 @@
+---
+name: CI
+
+defaults:
+  run:
+    shell: bash
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths:
+      - 'slither/tools/doctor/**'
+      - '.github/workflows/doctor.yml'
+
+jobs:
+  slither-doctor:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: ["ubuntu-latest", "windows-2022"]
+        python: ["3.8", "3.9", "3.10", "3.11"]
+        exclude:
+          # strange failure
+          - os: windows-2022
+            python: 3.8
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Python ${{ matrix.python }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python }}
+
+      - name: Try system-wide Slither
+        run: |
+          echo "::group::Install slither"
+          pip3 install .
+          echo "::endgroup::"
+
+          # escape cwd so python doesn't pick up local module
+          cd /
+
+          echo "::group::Via module"
+          python3 -m slither.tools.doctor .
+          echo "::endgroup::"
+
+          echo "::group::Via binary"
+          slither-doctor .
+          echo "::endgroup::"
+
+      - name: Try user Slither
+        run: |
+          echo "::group::Install slither"
+          pip3 install --user .
+          echo "::endgroup::"
+
+          # escape cwd so python doesn't pick up local module
+          cd /
+
+          echo "::group::Via module"
+          python3 -m slither.tools.doctor .
+          echo "::endgroup::"
+
+          echo "::group::Via binary"
+          slither-doctor .
+          echo "::endgroup::"
+
+      - name: Try venv Slither
+        run: |
+          echo "::group::Install slither"
+          python3 -m venv venv
+          source venv/bin/activate || source venv/Scripts/activate
+          hash -r
+          pip3 install .
+          echo "::endgroup::"
+
+          # escape cwd so python doesn't pick up local module
+          cd /
+
+          echo "::group::Via module"
+          python3 -m slither.tools.doctor .
+          echo "::endgroup::"
+
+          echo "::group::Via binary"
+          slither-doctor .
+          echo "::endgroup::"

.github/workflows/features.yml

@@ -35,8 +35,7 @@ jobs:
         run: |
           pip install ".[dev]"
 
-          solc-select install all
-          solc-select use 0.8.0
+          solc-select use 0.8.0 --always-install
 
           cd tests/test_node_modules/
           npm install hardhat

.github/workflows/pip-audit.yml

@@ -26,7 +26,7 @@ jobs:
           python -m venv /tmp/pip-audit-env
           source /tmp/pip-audit-env/bin/activate
 
-          python -m pip install --upgrade pip
+          python -m pip install --upgrade pip setuptools wheel
           python -m pip install .
 
       - name: Run pip-audit

CODEOWNERS

@@ -0,0 +1,6 @@
+*                            @montyly @0xalpharush @smonicas
+/slither/tools/read_storage/ @0xalpharush
+/slither/tools/doctor/       @elopez
+/slither/slithir/            @montyly
+/slither/analyses/           @montyly
+/.github/workflows/          @elopez

CONTRIBUTING.md

@@ -64,7 +64,10 @@ For each new detector, at least one regression tests must be present.
   - If updating an existing detector, identify the respective json artifacts and then delete them, or run `python ./tests/test_detectors.py --overwrite` instead.
 - Run `pytest ./tests/test_detectors.py` and check that everything worked.
 
-To see the tests coverage, run `pytest  tests/test_detectors.py  --cov=slither/detectors --cov-branch --cov-report html`
+To see the tests coverage, run `pytest  tests/test_detectors.py  --cov=slither/detectors --cov-branch --cov-report html`.
+To run tests for a specific detector, run `pytest tests/test_detectors.py -k ReentrancyReadBeforeWritten` (the detector's class name is the argument).
+To run tests for a specific version, run `pytest tests/test_detectors.py -k 0.7.6`.
+The IDs of tests can be inspected using `pytest tests/test_detectors.py --collect-only`.
 
 ### Parser tests
 - Create a test in `tests/ast-parsing`
@@ -73,6 +76,10 @@ To see the tests coverage, run `pytest  tests/test_detectors.py  --cov=slither/d
 - Run `pytest ./tests/test_ast_parsing.py` and check that everything worked.
 
 To see the tests coverage, run `pytest  tests/test_ast_parsing.py  --cov=slither/solc_parsing --cov-branch --cov-report html`
+To run tests for a specific test case, run `pytest tests/test_ast_parsing.py -k user_defined_value_type`  (the filename is the argument).
+To run tests for a specific version, run `pytest tests/test_ast_parsing.py -k 0.8.12`.
+To run tests for a specific compiler json format, run `pytest tests/test_ast_parsing.py -k legacy` (can be legacy or compact).
+The IDs of tests can be inspected using ``pytest tests/test_ast_parsing.py --collect-only`.
 
 ### Synchronization with crytic-compile
 By default, `slither` follows either the latest version of crytic-compile in pip, or `crytic-compile@master` (look for dependencies in [`setup.py`](./setup.py). If crytic-compile development comes with breaking changes, the process to update `slither` is:

Dockerfile

@@ -2,14 +2,15 @@
 FROM ubuntu:jammy AS python-wheels
 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
     gcc \
+    git \
     python3-dev \
     python3-pip \
   && rm -rf /var/lib/apt/lists/*
 
 COPY . /slither
 
 RUN cd /slither && \
-    echo pip3 install --no-cache-dir --upgrade pip && \
+    pip3 install --no-cache-dir --upgrade pip && \
     pip3 wheel -w /wheels . solc-select pip setuptools wheel
 
 
@@ -44,7 +45,7 @@ ENV PATH="/home/slither/.local/bin:${PATH}"
 
 # no-index ensures we install the freshly-built wheels
 RUN --mount=type=bind,target=/mnt,source=/wheels,from=python-wheels \
-    pip3 install --user --no-cache-dir --upgrade --no-index --find-links /mnt pip slither-analyzer solc-select
+    pip3 install --user --no-cache-dir --upgrade --no-index --find-links /mnt --no-deps /mnt/*.whl
 
 RUN solc-select install 0.4.25 && solc-select use 0.4.25