Skip to content

Fix: Lower severity for Delegate Call Detector (#772) #4881

Fix: Lower severity for Delegate Call Detector (#772)

Fix: Lower severity for Delegate Call Detector (#772) #4881

Workflow file for this run

on: [push, pull_request, workflow_dispatch]
name: Aderyn
jobs:
check:
name: Check
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v2
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- name: Install git submodules
run: |
git submodule update --init --recursive
- name: Run cargo check
uses: actions-rs/cargo@v1
with:
command: check
test:
name: Tests
runs-on: ubuntu-latest
steps:
- name: foundry-toolchain
uses: foundry-rs/foundry-toolchain@v1.2.0
- name: Checkout sources
uses: actions/checkout@v4
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- uses: Swatinem/rust-cache@v2
- name: Run cargo build
run: |
cargo build
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: 8
run_install: false
- uses: actions/setup-node@v4
with:
node-version: 20
cache: 'npm'
- name: Submodule init
run: |
git submodule update --init --recursive
- uses: Swatinem/rust-cache@v2
- name: Run cargo test
run: |
cargo test -- --nocapture
reports:
name: Check Reports
runs-on: ubuntu-latest
steps:
- name: foundry-toolchain
uses: foundry-rs/foundry-toolchain@v1.2.0
- name: Checkout sources
uses: actions/checkout@v2
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- uses: Swatinem/rust-cache@v2
- name: Run cargo build
run: |
cargo build
- name: Submodule init
run: |
git submodule update --init --recursive
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 20
cache: 'npm'
- uses: pnpm/action-setup@v3
with:
version: 8
# Verify report.md
- uses: Swatinem/rust-cache@v2
- name: Generate report-workflow.m
run: |
cargo run -- -o ./reports/report-workflow.md --src src/ ./tests/contract-playground/ --skip-update-check
- name: Check report.md vs report-workflow.md
run: |
cat ./reports/report-workflow.md
diff ./reports/report.md ./reports/report-workflow.md
# Verify uniswap_profile.md
- name: Generate uniswap_profile-workflow.md
env:
FOUNDRY_PROFILE: uniswap
run: |
cargo run -- -o ./reports/uniswap_profile-workflow.md ./tests/contract-playground/ --skip-update-check
- name: Check uniswap_profile.md vs uniswap_profile-workflow.md
run: |
cat reports/uniswap_profile-workflow.md
diff reports/uniswap_profile.md reports/uniswap_profile-workflow.md
# Install javascript dependencies
- uses: bahmutov/npm-install@v1
with:
useLockFile: false
working-directory: tests/2024-05-Sablier/v2-core
- uses: bahmutov/npm-install@v1
with:
useLockFile: false
working-directory: tests/prb-math/
# Verify sablier.md
- name: Generate sablier.md
env:
FOUNDRY_PROFILE: uniswap
run: |
cargo run -- -o ./reports/sablier.md ./tests/2024-05-Sablier --skip-update-check
- name: Check sablier.md vs sablier-aderyn-toml-nested-root.md
run: |
cat reports/sablier.md
diff reports/sablier-aderyn-toml-nested-root.md reports/sablier.md
# Verify adhoc-sol-files-workflow-report.md
- name: Generate adhoc-sol-files-workflow-report.md
run: |
cargo run -- -o ./reports/adhoc-sol-files-report-workflow.md ./tests/adhoc-sol-files --skip-update-check
- name: Check adhoc-sol-files-report.md vs adhoc-sol-files-report-workflow.md
run: |
cat ./reports/adhoc-sol-files-report-workflow.md
diff ./reports/adhoc-sol-files-report.md ./reports/adhoc-sol-files-report-workflow.md
# Verify foundry-nft-f23.md
- name: Generate nft-workflow-report.md
run: |
cargo run -- -o ./reports/nft-workflow-report.md --src src/ ./tests/foundry-nft-f23 --skip-update-check
- name: Check nft-workflow-report.md vs nft-report.md
run: |
cat ./reports/nft-workflow-report.md
diff ./reports/nft-report.md ./reports/nft-workflow-report.md
# Verify ccip-functions-report.md
- name: Generate ccip-functions-report-workflow.md
run: |
cargo run -- -o reports/ccip-functions-report-workflow.md tests/ccip-contracts/contracts --src src/v0.8/functions/ -x "tests/,test/,mocks/" --skip-update-check
- name: Check ccip-functions-report-workflow.md vs ccip-functions-report.md
run: |
cat ./reports/ccip-functions-report-workflow.md
diff ./reports/ccip-functions-report.md ./reports/ccip-functions-report-workflow.md
# Verify hardhat-playground-report
- name: Generate hardhat-playground-report.md
run: |
cargo run -- tests/hardhat-js-playground -o reports/hardhat-playground-report-workflow.md --skip-update-check
- name: Check hardhat-playground-report-workflow.md vs hardhat-playground-report.md
run: |
cat ./reports/hardhat-playground-report-workflow.md
diff ./reports/hardhat-playground-report.md ./reports/hardhat-playground-report-workflow.md
# Verify prb-math-report.md (new solidity features)
- name: Generate ccip-functions-report-workflow.md
run: |
cargo run -- ./tests/prb-math -o ./reports/prb-math-report-workflow.md --skip-update-check
- name: Check prb-math-report.md vs prb-math-report-workflow.md
run: |
cat ./reports/prb-math-report-workflow.md
diff ./reports/prb-math-report.md ./reports/prb-math-report-workflow.md
# Verify report.json
- name: Generate report-workflow.json
run: |
cargo run -- -o ./reports/report-workflow.json -i src/ -x lib/ ./tests/contract-playground/ --skip-update-check
- name: Check report.json vs report-workflow.json
run: |
cat ./reports/report-workflow.json
diff ./reports/report.json ./reports/report-workflow.json
# Verify adhoc sol files (Highs Only) report.json
- name: Generate report-workflow.json
run: |
cargo run -- -o ./reports/adhoc-sol-files-highs-only-report-workflow.json ./tests/adhoc-sol-files --skip-update-check --highs-only
- name: Check report.json vs report-workflow.json
run: |
cat ./reports/adhoc-sol-files-highs-only-report-workflow.json
diff ./reports/adhoc-sol-files-highs-only-report.json ./reports/adhoc-sol-files-highs-only-report-workflow.json
# Verify sarif report
- name: Generate sarif report
run: |
cargo run -- -o ./reports/ci-report.sarif ./tests/contract-playground/ --skip-update-check
- name: Check sarif report
run: |
cat ./reports/ci-report.sarif
diff ./reports/report.sarif ./reports/ci-report.sarif
# Verify empty report when ignored instances
- name: Verify Empty report
run: |
cargo run -- tests/contract-playground -o reports/empty_report_workflow.md -i IgnoreEverything.sol
- name: Check empty report
run: |
cat ./reports/empty_report_workflow.md
diff ./reports/empty_report.md ./reports/empty_report_workflow.md
lints:
name: Lints
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v2
- name: Install nightly toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: nightly
components: rustfmt
override: true
- name: Run cargo fmt
run: |
cargo +nightly fmt --all --check
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: clippy
override: true
- name: Run cargo clippy
uses: actions-rs/cargo@v1
with:
command: clippy
args: -- -D warnings