search

crytic / slither-action

GNU Affero General Public License v3.0
127 stars 19 forks source link

Fail-On ignores `slither.db.json` #57

Closed 0xGuybrush closed 1 year ago

0xGuybrush commented 1 year ago

Steps to reproduce

  1. Create a new project within forge init
  2. Run slither . --fail-low. Notice that the command will fail (e.g echo $? returns non-zero).
  3. Run slither . --triage-mode and accept "All" for each warning generated. slither.db.json is created
  4. Re-run slither . --fail-low — it now passes successfull (and echo $? returns 0).
  5. Configure the GH action with fail-on: low.

Current outcome

 Desired outcome

elopez commented 1 year ago

Hi @0xGuybrush! Thanks for the report. Could you provide more info or a link to a repo with a workflow run exhibiting this problem? I tried to reproduce it with your instructions, but it is working fine as far as I can tell:

Sample repo: https://github.com/elopez/slither-action-triage-57 (just forge init plus a simple slither action workflow and the --triage-mode db committed). Workflow run: https://github.com/elopez/slither-action-triage-57/actions/runs/4876725376/jobs/8700569156

Screenshot 2023-05-03 at 18 34 11

Here's some things that you can check in case they're making a difference:

0xGuybrush commented 1 year ago

Hi @elopez,

thanks for the quick reply and sorrying I'm only getting back to you now! Cool, I will indeed. I thought my repo was vanilla enough, but I'll go back & double-check where mine diverged. I reckon it might be the solc version between local & CI.

I'll take a look and if I can reproduce on a clean repro I'll let you know.

Thanks for your help!

0xGuybrush commented 1 year ago

@elopez this was a red herring, I realised from your pointer that I'd created the DB on one solc version but was running with a different one & when I recreated the issue went away.

Thanks again, will close this out now.