Merge pull request #217 from Ithil-protocol/audit-fix-l3 #133
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Static Analysis" | |
| env: | |
| FOUNDRY_PROFILE: "ci" | |
| on: | |
| push: | |
| branches: [master] | |
| workflow_dispatch: | |
| jobs: | |
| ci: | |
| runs-on: "ubuntu-latest" | |
| steps: | |
| - name: "Check out the repo" | |
| uses: "actions/checkout@v3" | |
| with: | |
| submodules: "recursive" | |
| - name: "Install Foundry" | |
| uses: "foundry-rs/foundry-toolchain@v1" | |
| with: | |
| version: "nightly" | |
| - name: Coverage | |
| run: | | |
| forge coverage --report summary | |
| env: | |
| ARBITRUM_RPC_URL: ${{ secrets.ARBITRUM_RPC_URL }} | |
| - name: "Add coverage report" | |
| run: | | |
| echo "## Code Coverage" >> $GITHUB_STEP_SUMMARY | |
| echo "Results" >> $GITHUB_STEP_SUMMARY | |
| - name: "Install Node.js" | |
| uses: "actions/setup-node@v3" | |
| with: | |
| cache: "yarn" | |
| node-version: "lts/*" | |
| - name: "Install the Node.js dependencies" | |
| run: "yarn install --immutable" | |
| - name: "Run Slither" | |
| uses: "crytic/slither-action@v0.1.1" | |
| continue-on-error: true | |
| id: "slither" | |
| with: | |
| node-version: "lts/*" | |
| ignore-compile: true | |
| fail-on: "high" | |
| sarif: "results.sarif" | |
| - name: "Add static analysis summary" | |
| run: | | |
| echo "## Static analysis" >> $GITHUB_STEP_SUMMARY | |
| echo "✅ Passed" >> $GITHUB_STEP_SUMMARY | |
| # - name: "Upload SARIF file" | |
| # uses: "github/codeql-action/upload-sarif@v2" | |
| # with: | |
| # sarif_file: ${{ steps.slither.outputs.sarif }} | |
| - name: Set up Python 3.8 | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: 3.8 | |
| - name: Install pip3 | |
| run: python -m pip install --upgrade pip | |
| - name: Install mythril | |
| run: pip3 install mythril | |
| - name: Analyse | |
| run: myth analyze src/*.sol --solc-json mythril.config.json --execution-timeout 90 |