Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: add slither static analyzer #225

Merged
merged 9 commits into from
Oct 17, 2023
Merged

ci: add slither static analyzer #225

merged 9 commits into from
Oct 17, 2023

Conversation

rach-id
Copy link
Member

@rach-id rach-id commented Oct 12, 2023

Overview

Checklist

  • New and updated code has appropriate documentation
  • New and updated code has new and/or updated testing
  • Required CI checks are passing
  • Visual proof for any user facing features like CLI or documentation updates
  • Linked issues closed with keywords

@rach-id rach-id added the github_actions Pull requests that update Github_actions code label Oct 12, 2023
@rach-id rach-id requested a review from evan-forbes October 12, 2023 09:08
@rach-id rach-id self-assigned this Oct 12, 2023
@rach-id rach-id requested a review from adlerjohn as a code owner October 12, 2023 09:08
@rach-id rach-id marked this pull request as draft October 12, 2023 09:08
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@mergify mergify bot mentioned this pull request Oct 12, 2023
Closed
5 tasks
@rach-id rach-id marked this pull request as ready for review October 12, 2023 10:10
@rach-id rach-id linked an issue Oct 12, 2023 that may be closed by this pull request
Investigate static code analysis #176
Closed
adlerjohn
adlerjohn reviewed Oct 13, 2023
View reviewed changes
.github/workflows/code-analysis.yml
pull_request:
branches: [ master ]

jobs:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of a separate file that also requires downloading foundry etc. why not just fold this into the primary ci workflow?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The primary CI workflow is building also the test files (for tests) and the libraries and all. If we run slither on that it gives +200 vulnerability related to our tests and the libraries we're using.
However, in this separate workflow, it is only building the src contracts and no test files and running the code analysis only against them. So we don't have to go through 200 vulnerability and trying to find ones related to our source code.
If we want to use the primary CI workflow, that would mean we would need to delete the built files then rebuild the project different and that gets messy. I think this way is cleaner

@rach-id rach-id requested a review from adlerjohn October 16, 2023 09:06
@rach-id rach-id merged commit 9baa95f into celestiaorg:master Oct 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adlerjohn adlerjohn adlerjohn approved these changes

@evan-forbes evan-forbes Awaiting requested review from evan-forbes

Assignees

@rach-id rach-id

Labels
github_actions Pull requests that update Github_actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Investigate static code analysis
2 participants
@rach-id @adlerjohn