v0.6.15
0.6.15 - 2020-12-07
This release adds several performance optimizations to Slither. From our limited benchmark on codebases where Slither takes more than 1 minute to run, the optimizations lead to 2x improvements on average and up to x14 in certain cases. We also fixed an indeterministic detector output issue that could interact poorly with CIs and improved legacy AST support. Finally, we made improvements to slither-prop
.
Thanks to @elenadimitrova for helping us debug the indeterministic detector output issue.
If you want access to additional detectors, try Crytic. It has 96 total vulnerabilities detectors.
Addded
- Hidden
--perf
flag (debug) (#701)
Changed
- Optimizations
- Use of
get_line_from_offset
from crytic-compile (see crytic-compile@0.1.11 release note). It impacts codebase with a large number of files - Memoization for properties that are frequently used (#703). It impacts all the codebases
- Rewrote the immediate dominator (#705). It impacts functions with complex cfg
- Rewrote the fixpoint on the data dependencies (#707). It impacts functions for which the fixpoint is difficult to reach
- Use of
- Use of crytic-compile@0.1.11. Among others, this improves hardhat and dapp support.
- Multiple improvements to
slither-prop
(#693, #713)
Fixed
- Removed recursion in
divide-before-multiply
(#706) - Indeterministic output for multiple detectors (#486). This might lead previously triaged results to appear again (the finding IDs can have been affected)
- Parsing of comments in legacy ast for Solidity 0.6.3 - 0.6.10 (#720). This mostly impacts
dapp
codebases.