Ignore reentrancy inexecuteBatch and update Slither config (#3955)

0xalpharush · frangio · frangio · commit ab9cc4c4dbdd · 2023-03-02T19:56:45.000-03:00
Co-authored-by: Francisco <fg@frang.io> (cherry picked from commit a5af0ad)
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
@@ -76,7 +76,7 @@ jobs:
       - uses: actions/checkout@v3
       - name: Set up environment
         uses: ./.github/actions/setup
-      - uses: crytic/slither-action@v0.1.1
+      - uses: crytic/slither-action@v0.2.0
 
   codespell:
     if: github.repository != 'OpenZeppelin/openzeppelin-contracts-upgradeable'
diff --git a/contracts/governance/TimelockController.sol b/contracts/governance/TimelockController.sol
@@ -316,6 +316,9 @@ contract TimelockController is AccessControl, IERC721Receiver, IERC1155Receiver
      *
      * - the caller must have the 'executor' role.
      */
+    // This function can reenter, but it doesn't pose a risk because _afterCall checks that the proposal is pending,
+    // thus any modifications to the operation during reentrancy should be caught.
+    // slither-disable-next-line reentrancy-eth
     function executeBatch(
         address[] calldata targets,
         uint256[] calldata values,
diff --git a/slither.config.json b/slither.config.json
@@ -1,4 +1,5 @@
 {
     "detectors_to_run": "reentrancy-eth,reentrancy-no-eth,reentrancy-unlimited-gas",
-    "filter_paths": "contracts/mocks"
+    "filter_paths": "contracts/mocks",
+    "compile_force_framework": "hardhat"
 }

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`{`
`2`	`2`	`"detectors_to_run": "reentrancy-eth,reentrancy-no-eth,reentrancy-unlimited-gas",`
`3`		`- "filter_paths": "contracts/mocks"`
	`3`	`+ "filter_paths": "contracts/mocks",`
	`4`	`+ "compile_force_framework": "hardhat"`
`4`	`5`	`}`