Slither Analysis #423
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: slither | |
| run-name: Slither Analysis | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - "master" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| analyze: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| # This is a workaround for the fact that the latest version of crytic-compile | |
| # does not respect the `target` argument for foundry compiles. Instead of | |
| # telling slither to look inside `core`, we need to copy `core` to the root. | |
| # | |
| # Should be fixed after: https://github.com/crytic/crytic-compile/pull/515 | |
| submodules: recursive | |
| # workaround (continued) | |
| - name: Copy core to root | |
| run: | | |
| rm -rf docs periphery foundry.toml package.json remappings.txt yarn.lock | |
| git mv core/lib lib | |
| cp -r ./core/* ./ | |
| rm -rf core | |
| - name: Run Slither | |
| uses: crytic/[email protected] | |
| id: run-slither | |
| with: | |
| # target: './core/' | |
| fail-on: none | |
| # slither-args: --config-file core/slither.config.json | |
| sarif: slither.results.sarif | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| sarif_file: ${{ steps.run-slither.outputs.sarif }} |