🔒 Finetune Slither Configurations

pcaversaccio / createx

Factory smart contract to make easier and safer usage of the `CREATE` and `CREATE2` EVM opcodes as well as of `CREATE3`-based (i.e. without an initcode factor) contract creations.

https://createx.rocks

GNU Affero General Public License v3.0

304 stars 18 forks source link

🔒 Finetune Slither Configurations #21

Closed pcaversaccio closed 11 months ago

pcaversaccio commented 11 months ago

🕓 Changelog

This PR finetunes the Slither configuration file slither.config.json in a way that it excludes the detectors that are false positives for CreateX (for comparison see the warnings here). Furthermore, I add an additional step in the CI that uploads the SARIF file. Note that fail_on: none is required to let the SARIF upload step run if Slither finds issues.

🐶 Cute Animal Picture

github-advanced-security[bot] commented 11 months ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.