From eed5f1503fca1b7638347bce7822e70abc1a7b95 Mon Sep 17 00:00:00 2001 From: CJ42 Date: Mon, 9 Sep 2024 10:37:04 +0700 Subject: [PATCH 1/2] ci: add workflow to run slither --- .github/workflows/slither.yml | 55 +++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 .github/workflows/slither.yml diff --git a/.github/workflows/slither.yml b/.github/workflows/slither.yml new file mode 100644 index 00000000..2338f5c3 --- /dev/null +++ b/.github/workflows/slither.yml @@ -0,0 +1,55 @@ +# this workflow run Slither static analysis tool on the Solidity code +# of the Migration Deposit contract and the Migration Universal Profile +name: Slither Analysis + +on: + pull_request: + types: [opened] + + # Run Slither only when editing the Solidity code of the smart contracts + paths: + - "contracts/**/*.sol" + +jobs: + slither: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Use Node.js v20 + uses: actions/setup-node@v4 + with: + node-version: "20.x" + cache: "npm" + + - name: 📦 Install Node Modules + run: npm ci + + - name: 📥 Install Slither + run: | + pip3 install slither-analyzer solc-select + solc-select install 0.8.17 + solc-select use 0.8.17 + + - name: 🐍 Run Slither + id: slither_report + run: | + echo "# 🐍📄 Slither Analysis" > slither_report.md + + slither . \ + --checklist \ + --markdown-root ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}/ \ + --no-fail-pedantic \ + --show-ignored-findings \ + >> slither_report.md + + - name: 📄 Add Slither report in comment + uses: peter-evans/create-or-update-comment@v2 + env: + REPORT: ${{ steps.slither_report.outputs.stdout }} + with: + token: ${{ secrets.GITHUB_TOKEN }} + issue-number: ${{ github.event.pull_request.number }} + body-file: slither_report.md \ No newline at end of file From d7a0a866ccbdaf4c1f84df1c5f8fa48022a99f6f Mon Sep 17 00:00:00 2001 From: CJ42 Date: Mon, 9 Sep 2024 10:41:51 +0700 Subject: [PATCH 2/2] ci: updaten version of all github actions to v4 --- .github/workflows/build-and-test.yml | 13 ++++++------- .github/workflows/npm-release.yml | 8 ++++---- .github/workflows/slither.yml | 6 +++++- .github/workflows/solc_version.yml | 12 +++++------- 4 files changed, 20 insertions(+), 19 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index d3a34f5a..da966c13 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -7,8 +7,7 @@ on: branches: - "develop" pull_request: - branches: - - "*" + branches: ["*"] jobs: build: @@ -18,11 +17,11 @@ jobs: working-directory: implementations steps: - - uses: actions/checkout@v2 - - name: Setup Node.js 16 - uses: actions/setup-node@v2 + - uses: actions/checkout@v4 + - name: Setup Node.js v20 + uses: actions/setup-node@v4 with: - node-version: "16" # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ + node-version: "20.x" # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ cache: "npm" cache-dependency-path: implementations/package-lock.json @@ -42,7 +41,7 @@ jobs: run: npm run test:coverage - name: Upload to Coveralls - uses: coverallsapp/github-action@master + uses: coverallsapp/github-action@v2 with: path-to-lcov: ./implementations/coverage/lcov.info github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/npm-release.yml b/.github/workflows/npm-release.yml index d2ce38ad..41a0bdae 100644 --- a/.github/workflows/npm-release.yml +++ b/.github/workflows/npm-release.yml @@ -25,15 +25,15 @@ jobs: exit 1 # step 1: checkout to the correct branch - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: fetch-depth: 0 # step 2: setup Node.js to version 16 - - name: Setup Node.js 16 - uses: actions/setup-node@v2 + - name: Setup Node.js v20 + uses: actions/setup-node@v4 with: - node-version: "16.x" + node-version: "20.x" registry-url: "https://registry.npmjs.org" cache: "npm" cache-dependency-path: implementations/package-lock.json diff --git a/.github/workflows/slither.yml b/.github/workflows/slither.yml index 2338f5c3..1612c7c6 100644 --- a/.github/workflows/slither.yml +++ b/.github/workflows/slither.yml @@ -4,7 +4,7 @@ name: Slither Analysis on: pull_request: - types: [opened] + branches: ["*"] # Run Slither only when editing the Solidity code of the smart contracts paths: @@ -13,6 +13,9 @@ on: jobs: slither: runs-on: ubuntu-latest + defaults: + run: + working-directory: implementations steps: - name: Checkout repository @@ -23,6 +26,7 @@ jobs: with: node-version: "20.x" cache: "npm" + cache-dependency-path: implementations/package-lock.json - name: 📦 Install Node Modules run: npm ci diff --git a/.github/workflows/solc_version.yml b/.github/workflows/solc_version.yml index e91217f9..e11b0233 100644 --- a/.github/workflows/solc_version.yml +++ b/.github/workflows/solc_version.yml @@ -4,9 +4,7 @@ name: Solidity Compiler Versions on: pull_request: - branches: - - "main" - - "develop" + branches: ["*"] jobs: solc_version: @@ -36,12 +34,12 @@ jobs: "0.8.21" ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - name: Setup Node.js 16 - uses: actions/setup-node@v2 + - name: Setup Node.js v20 + uses: actions/setup-node@v4 with: - node-version: "16" + node-version: "20.x" cache: "npm" cache-dependency-path: implementations/package-lock.json