srcup is Dedaub's utility CLI for uploading your project's code into the Dedaub analysis engine.
NOTE: While pipx is not required, it's highly recommended to use it instead of pip to ensure our
CLI tool is run in an isolated/clean environment.
pipx install git+https://github.com/Dedaub/srcup#egg=srcupsrcup --helpsrcup --install-completionpipx upgrade srcuppip install --upgrade git+https://github.com/Dedaub/srcup#egg=srcupThe following steps assumes you've acquired/generated a Dedaub app API key. This can be done from the Dedaub app profile page (top right corner of the UI, top right button in the header of that page).
To upload the sources of a project:
Go to the project's root directory
Important: Make sure the project dependencies have already been setup. This is typically done by running
npm install, yarn install or similar -- this step can vary from project to project, depending on the package
manager being used.
Run srcup --api-key <api_key> --framework <project_framework> --init --name <project_name> <project location>. (See "Storing the API key" later in this doc,
which will simplify the command in future runs.) Note that, while the framework
parameter is optional, it can help guide the CLI tool. There are cases where multiple build tools/frameworks are
present in a project (e.g., Hardhat for building and Foundry for testing/fuzzing) which can confuse our tool. In
any case, the framework parameter refers to the tool used to build the project. If your project only uses one
framework, srcup should be able to successfully infer the correct framework.
init indicates that this is the initial version of your project: the first time you add the project to Dedaub.name is a name you can freely choose for your projectProjects can be assigned to an organization. The first time you upload a project you can define the name of the organization that should own the project: For example, run
srcup --api-key <api_key> --framework <project_framework> --init --organization Dedaub --name <project_name> <project location> or srcup --api-key <api_key> --framework <project_framework> --init --name Dedaub/<project_name> <project location>
to declare that this project should be owned by the Dedaub organizationEach project can have multiple versions. You can upload another version of the same project using a similar command:
srcup --api-key <api_key> --framework <project_framework> --name <project_name> (note the absence of init). The project
name should be the same as in the initial versionCommit messages can be added too, every time a new version is uploaded:
srcup --api-key <api_key> --framework <project_framework> --comment Message --name <project_name> <project location>Projects can be shared too. If you want to upload a version of a project for which you have WRITE access you can do:
srcup --api-key <api_key> --framework <project_framework> --owner_username <username> --name <project_name> <project location>The CLI tool will compile and upload the artifacts to Dedaub. This might take a while. Upon completion, a Dedaub project URL will be provided.
Right now, srcup assumes that the project to be uploaded has the default file layout of the underlying build system. Until the tool provides the ability to override the default paths,
one might need to momentarily use the default layout of the specified build system for the uploading process to work seamlessly.
hardhat project should be inferred automatically by the tool. This is done via an invocation to hardhat's console (the default output directory is artifacts)foundry project should be out (default directory)truffle project should be build/contracts (default directory)It is possible to store the API key in a file to make future srcup invocations simpler. The API key can be stored
in the following places:
~/.config/dedaub/credentialsIn both cases, the environment variable defintion should be WD_API_KEY=<api_key>.