在尝试使 slither 与预提交一起使用时,我注意到 slither 需要单个文件或目录作为 CLI 参数,而(我的)pre-commit-config.yaml 提供 slither 包含空格分隔的文件名列表。
安装滑行器后:
python3 -m pip install slither-analyzerslither src
slither .
slither src/some_file.sol
slither src/anotherfile.sol
slither test
slither test/some_test_file
这些都让slither能够成功运行。
但是,以下预提交配置:
- repo: local
hooks:
- id: slither
name: Slither analysis for smart contracts
entry: slither .
language: system
# folder: src
# files: src
# files: ^(src/)
# files: ^(src/DecentralisedInvestmentManager.sol)
产量输出:
...
target can be:
- file.sol // a Solidity file
- project_directory // a project directory. See https://github.com/crytic/crytic-compile/#crytic-compile for the supported platforms
- 0x.. // a contract on mainnet
- NETWORK:0x.. // a contract on a different network. Supported networks: mainet,optim,goerli,sepolia,tobalaba,bsc,testnet.bsc,arbi,testnet.arbi,poly,mumbai,avax,testnet.avax,ftm,goerli.base,base,gno,polyzk,blast
slither: error: unrecognized arguments: .env.example src/DecentralisedInvestmentManager.sol .github/workflows/ci.yml book.toml test/unit/SaasPaymentProcessor.t.sol test/unit/Tier.t.sol
usage: slither target [flag]
target can be:
- file.sol // a Solidity file
- project_directory // a project directory. See https://github.com/crytic/crytic-compile/#crytic-compile for the supported platforms
- 0x.. // a contract on mainnet
- NETWORK:0x.. // a contract on a different network. Supported networks: mainet,optim,goerli,sepolia,tobalaba,bsc,testnet.bsc,arbi,testnet.arbi,poly,mumbai,avax,testnet.avax,ftm,goerli.base,base,gno,polyzk,blast
slither: error: unrecognized arguments: test/integration/MultipleInvestmentTest.sol test/unit/Tier_increaseMultiple_indirect.t.sol test/integration/partialReturn.t.sol branch_coverage .gitpod.yml test/unit/Tier_increaseMultiple_direct.t.sol
usage: slither target [flag]
target can be:
- file.sol // a Solidity file
- project_directory // a project directory. See https://github.com/crytic/crytic-compile/#crytic-compile for the supported platforms
- 0x.. // a contract on mainnet
- NETWORK:0x.. // a contract on a different network. Supported networks: mainet,optim,goerli,sepolia,tobalaba,bsc,testnet.bsc,arbi,testnet.arbi,poly,mumbai,avax,testnet.avax,ftm,goerli.base,base,gno,polyzk,blast
slither: error: unrecognized arguments: classDiagram.svg Images/laser_eyes_4.jpg test/unit/CounterOffer.test.sol test/unit/WorkerGetReward/AddWorkerReward.t.sol foundry.toml test/unit/CustomPaymentSplitter.t.sol
...
因为 slither 需要 1 个文件或一个文件夹,而不是文件/文件夹列表。
以下配置适用于单个文件:
- id: slither
name: Slither analysis for smart contracts
# entry: slither .
entry: slither
language: system
# folder: src
# files: src
# files: ^(src/)
files: ^(src/DecentralisedInvestmentManager.sol)
如何更改我的
pre-commit-config.yamlsrctest基于this问题,我找到了一个可能的解决方法,方法是创建一个bash命令,为每个传入文件运行slither命令。以下配置有效:
- repo: local
hooks:
- id: solhint
name: Solidity style guide compliance.
entry: solhint
language: node
verbose: true
files: ^(contracts/|interfaces/|libraries/|src/|script/|test/)
args:
[
"--fix", # Automatically fix those issues that can be auto-fixed.
"--noPrompt", # Do not ask for backup before fix.
]
# Static code analyzer for solidity (Currently fails to resolve the dependency properly)
- id: slither
name: Slither analysis for smart
entry: bash -c 'for file in "$@"; do slither "$file"; done'
language: system
always_run: true
files: ^(src/|test/)
它并没有赢得优雅奖。另外,基于 this post,预提交似乎不太可能更改为每次运行多次调用钩子,因此可以更改
slither