Skip to content

Slither Analysis

Slither Analysis #426

Workflow file for this run

name: slither
run-name: Slither Analysis
on:
pull_request:
push:
branches:
- "master"
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
analyze:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
with:
# This is a workaround for the fact that the latest version of crytic-compile
# does not respect the `target` argument for foundry compiles. Instead of
# telling slither to look inside `core`, we need to copy `core` to the root.
#
# Should be fixed after: https://github.com/crytic/crytic-compile/pull/515
submodules: recursive
# workaround (continued)
- name: Copy core to root
run: |
rm -rf docs periphery foundry.toml package.json remappings.txt yarn.lock
git mv core/lib lib
cp -r ./core/* ./
rm -rf core
- name: Run Slither
uses: crytic/[email protected]
id: run-slither
with:
# target: './core/'
fail-on: none
# slither-args: --config-file core/slither.config.json
sarif: slither.results.sarif
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.run-slither.outputs.sarif }}