Skip to content

Feature/second round audit review #124

Feature/second round audit review

Feature/second round audit review #124

Workflow file for this run

name: Code Analysis
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
slither:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup node.js version
uses: actions/setup-node@v3
with:
node-version: 16.x
cache: "npm"
- name: Install node deps
run: npm ci
- uses: actions/setup-python@v4
with:
python-version: "3.10.6"
- name: Install poetry requirements
run: >
curl -sSL https://install.python-poetry.org | python - &&
poetry install --no-root
- name: Run slither
run: >
poetry run slither . --sarif results.sarif || true
- name: Check results.sarif presence
id: results
if: always()
shell: bash
run: >
test -f results.sarif &&
echo 'value=present' >> $GITHUB_OUTPUT ||
echo 'value=not' >> $GITHUB_OUTPUT
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
if: ${{ always() && steps.results.outputs.value == 'present' }}
with:
sarif_file: results.sarif
solhint:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup node.js version
uses: actions/setup-node@v3
with:
node-version: 16.x
- name: Install solhint
run: >
npm install solhint solhint-plugin-lido
- name: Run solhint
run: >
npx solhint 'contracts/**/*.sol'