solc-remaps in slither-config does not seem to work with foundry

[entire]

Slither works locally, but slither actions on GitHub Actions cannot seem to find third party libs when working w/ Foundry

here is the .slither.config.json

{
    "solc_remaps": [
        "forge-std=./contracts/lib/forge-std/src",
    ]
}

calling this from my root dir:
slither contracts/src --config-file contracts/.slither.config.json works locally

but when I run it on GitHub actions, it can't find the paths and ends in:

here's my GitHub actions yaml

- name: Slither
  uses: crytic/[email protected]
    with:
      target: "contracts/src"
      slither-config: "contracts/.slither.config.json"

here's the error I encounter. it seems to not be able to find the right path

Error: Source "forge-std/Test.sol" not found: File not found.
 --> contracts/src/SimpleContract.sol:5:1:
  |
5 | import "forge-std/Test.sol";
  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Using

• foundry 0.2.0
• solc 0.8.7
• slither 0.8.3

[elopez]

Hi @entire, thanks for the report. The released version of slither-action has an extra call to crytic-compile that can cause these sorts of issues (eg. #3, #4). We have removed it on the main branch, so you can try that and see if it helps. It should be enough to specify uses: crytic/slither-action@main on your workflow yaml file if you want to try it.

Also, the main branch adds support for building Foundry projects directly, so you could also leverage foundry to do the build instead of relying on solc and manual remaps (I'm assuming "." has the foundry.toml file, add a target: ... option to the folder that contains it if that's not the case):

- name: Slither
  uses: crytic/slither-action@main

[entire]

Great, I will try it out as you've describe. Thanks.

[entire]

Also I'm assuming when you mention master in your comment above, you mean main because I only see the latter on the repo.

[elopez]

Yep, main, sorry 😅 I've edited the message above to correct it.

[entire]

Following up on this. It worked great once I switched over to pulling from the latest main branch as of May 17, 2022 - thanks.

[yohanelly95]

Hi, I've tried to use uses: crytic/slither-action@main but to no avail, it throws a python traceback error. I'll attach the error on the end. This error happens locally as well as on github actions.

my slither action is as follows:

` slither:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v3

  - name: Install Foundry
    uses: foundry-rs/foundry-toolchain@v1
    with:
      version: nightly

  - name: Install foundry deps
    run: forge install

  - name: Install yarn deps
    run: yarn

  - name: Check contract sizes
    run: forge build --sizes

  - name: Run Slither
    uses: crytic/slither-action@main
    continue-on-error: true
    id: slither
    with:
      target: .
      slither-config: "slither.config.json"
      slither-args: "--solc-remaps @openzeppelin=node_modules/@openzeppelin/contracts"`

Is there something I need to change? I am using foundry as well

  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/__main__.py", line 755, in main_impl
    ) = process_all(filename, args, detector_classes, printer_classes)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/__main__.py", line 87, in process_all
    ) = process_single(compilation, args, detector_classes, printer_classes)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/__main__.py", line 70, in process_single
    slither = Slither(target, ast_format=ast, **vars(args))
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/slither.py", line 95, in __init__
    parser.parse_top_level_from_loaded_json(ast, path)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/solc_parsing/slither_compilation_unit_solc.py", line 211, in parse_top_level_from_loaded_json
    contract.set_offset(top_level_data["src"], self._compilation_unit)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/core/source_mapping/source_mapping.py", line 124, in set_offset
    self._source_mapping = self._convert_source_mapping(offset, compilation_unit)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/core/source_mapping/source_mapping.py", line 101, in _convert_source_mapping
    (lines, starting_column, ending_column) = self._compute_line(
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/core/source_mapping/source_mapping.py", line 43, in _compute_line
    end_line, ending_column = compilation_unit.core.crytic_compile.get_line_from_offset(
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 291, in get_line_from_offset
    return lines_delimiters[offset]
KeyError: 566
None
Error in .
Traceback (most recent call last):
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/__main__.py", line 755, in main_impl
    ) = process_all(filename, args, detector_classes, printer_classes)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/__main__.py", line 87, in process_all
    ) = process_single(compilation, args, detector_classes, printer_classes)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/__main__.py", line 70, in process_single
    slither = Slither(target, ast_format=ast, **vars(args))
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/slither.py", line 95, in __init__
    parser.parse_top_level_from_loaded_json(ast, path)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/solc_parsing/slither_compilation_unit_solc.py", line 211, in parse_top_level_from_loaded_json
    contract.set_offset(top_level_data["src"], self._compilation_unit)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/core/source_mapping/source_mapping.py", line 124, in set_offset
    self._source_mapping = self._convert_source_mapping(offset, compilation_unit)
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/core/source_mapping/source_mapping.py", line 101, in _convert_source_mapping
    (lines, starting_column, ending_column) = self._compute_line(
  File "/Library/Python/3.8/site-packages/slither_analyzer-0.8.3-py3.8.egg/slither/core/source_mapping/source_mapping.py", line 43, in _compute_line
    end_line, ending_column = compilation_unit.core.crytic_compile.get_line_from_offset(
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 291, in get_line_from_offset
    return lines_delimiters[offset]
KeyError: 566```

[elopez]

Hi @yohanelly95, if you are working on a foundry project and using and the slither-action@main, you do not need to install foundry on the workflow or run forge install anymore. The action also installs npm/yarn deps for you, as long as you have a package.json and a lockfile. You also don't need to specify remaps, as foundry takes care of that.

Try something like this:

(...)
steps:
  - uses: actions/checkout@v3

  - name: Run Slither
    uses: crytic/slither-action@main
    continue-on-error: true
    id: slither

You mentioned this also happens when running locally, if that is the case please fill an issue on the
slither github repo, preferably with an example repository where you can reproduce the problem.

[yohanelly95]

Okay sure I will try this, but I did notice slither . runs npx hardhat compile --force when it should run the foundry/forge command. Where do I specify the forge build command to be used?

[elopez]

it should use forge automatically as long as there is a foundry.toml file in the target directory (.), unless you have both foundry and hardhat (hardhat.config.js or .ts files) in your project? In either case, you can force foundry by passing the --compile-force-framework foundry argument or adding "compile_force_framework": "foundry" in the slither config file.

[yohanelly95]

Yes thats the catch, I have both hardhat.config.ts as well as a foundry.toml. Will try passing this flag thank you.

[yohanelly95]

Getting this error when using foundry compilation, tried using src as the target but I get an error that says NotADirectoryError: [Errno 20] Not a directory: 'src/Tss.sol'.

My directory looks something like this -

slither .                                                         
'forge build --extra-output abi --extra-output userdoc --extra-output devdoc --extra-output evm.methodIdentifiers --force' running
Compiling 23 files with 0.8.15
Solc 0.8.15 finished in 2.65s
Compiler run successful

Traceback (most recent call last):
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/slither/__main__.py", line 744, in main_impl
    ) = process_all(filename, args, detector_classes, printer_classes)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/slither/__main__.py", line 76, in process_all
    compilations = compile_all(target, **vars(args))
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 637, in compile_all
    compilations.append(CryticCompile(target, **kwargs))
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 117, in __init__
    self._compile(**kwargs)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 548, in _compile
    self._platform.compile(self, **kwargs)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/platform/foundry.py", line 150, in compile
    version, optimized, runs = _get_config_info(self._target)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/platform/foundry.py", line 235, in _get_config_info
    items_artifact = list(item["artifacts"].values())
AttributeError: 'list' object has no attribute 'values'
None
Error in .
Traceback (most recent call last):
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/slither/__main__.py", line 744, in main_impl
    ) = process_all(filename, args, detector_classes, printer_classes)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/slither/__main__.py", line 76, in process_all
    compilations = compile_all(target, **vars(args))
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 637, in compile_all
    compilations.append(CryticCompile(target, **kwargs))
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 117, in __init__
    self._compile(**kwargs)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/crytic_compile.py", line 548, in _compile
    self._platform.compile(self, **kwargs)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/platform/foundry.py", line 150, in compile
    version, optimized, runs = _get_config_info(self._target)
  File "/Users/yohan/Library/Python/3.8/lib/python/site-packages/crytic_compile/platform/foundry.py", line 235, in _get_config_info
    items_artifact = list(item["artifacts"].values())
AttributeError: 'list' object has no attribute 'values'

[elopez]

That looks like an issue on Slither itself and not the action, please file a new issue on the Slither repo, preferably with a link to the project to help reproduce it: https://github.com/crytic/slither/issues/new/choose

[elopez]

Closing, as this should be fixed and ready for the next release