search

Network-Goods / hypercerts-protocol

MIT License
13 stars 5 forks source link

Slither Setup #86

Closed brossetti1 closed 1 year ago

brossetti1 commented 1 year ago

Description

https://github.com/Network-Goods/hypercerts-protocol/issues/59

slither run on brians-starters - https://github.com/brians-starters/hypercerts-protocol/actions/runs/3896640595/jobs/6653426231

this needs to be ignored for branch to pass: https://github.com/Network-Goods/hypercerts-protocol/pull/86/checks?check_run_id=10590204295

Potential Additions

Follow Up

@bitbeckers hey so I saw https://github.com/Network-Goods/hypercerts-protocol/issues/59 and thought I could pick it up. wondering if you can provider some feedback:

I have a basic report printing in the ci right now, I can adjust it however you see fit.

Code Scanning

Screen Shot 2023-01-11 at 2 40 06 PM Screen Shot 2023-01-11 at 2 40 12 PM
bitbeckers commented 1 year ago

Oh because you closed the other one I started on the same. My thoughts were to have a separate flow and let it report using the SARIF integrations. With pass/fail you mean it would block merging? But if there are high errors, it would be nice to get a failed task.

I'll stop my efforts on Slither and work on the other test things on the list.

Once again thanks for contributing!

brossetti1 commented 1 year ago

@bitbeckers oh hah my bad, i preemptively opened it and closed it. yeah pass/fail would mean it would block merging.

oh man didnt see they have their own action -- ill use that

i can take what youve got and add it to mine (serif integration)

brossetti1 commented 1 year ago

@bitbeckers this one should be ready to check out -- i did notice that the checks block when there is a high slither check caught -- not sure why that works like it does -- might have something to do with the code scanning settings?

UPDATE: actually this is happening on this branch --- https://github.com/Network-Goods/hypercerts-protocol/pull/86/checks?check_run_id=10590204295

anyways, in order to set code scanning up you need to add the default config to the repo -- go to Settings -> Security Analysis -> Code Scanning

Screen Shot 2023-01-11 at 2 44 32 PM

UPDATE: oh looks like you already have this setup :)

bitbeckers commented 1 year ago

Nice! A question, I see that you've added this to the main branch. We're developing mostly under dev at the moment. I this works I can fork you code into dev. But I don't want to steal your thunder, so if possible could you make a PR into dev?

Oh, and you can ping me on Telegram if the job execution is pending because I don't get notifications for those

brossetti1 commented 1 year ago

oh yeah, thanks for that. I moved this branch to base of dev -- feel free to ignore the high severity alert (which is coming from within openzepplin so im assuming this is fine) and merge if your satisfied with the setup. thanks @bitbeckers