fix finding 41 - modules can prevent from uninstalling themselves #721
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Unified CI Workflow | |
| on: pull_request | |
| permissions: write-all | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| cache-key: ${{ steps.cache-keys.outputs.cache-key }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/[email protected] | |
| - name: Get cache key | |
| id: cache-keys | |
| run: echo "::set-output name=cache-key::$(echo ${{ runner.os }}-node-$(cat yarn.lock | sha256sum | cut -d' ' -f1))" | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| **/node_modules | |
| key: ${{ steps.cache-keys.outputs.cache-key }} | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| lint: | |
| name: Lint sources | |
| runs-on: ubuntu-latest | |
| needs: setup | |
| steps: | |
| - name: Checkout | |
| uses: actions/[email protected] | |
| - name: Install Foundry | |
| uses: foundry-rs/[email protected] | |
| with: | |
| version: nightly | |
| cache: true | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| **/node_modules | |
| key: ${{ needs.setup.outputs.cache-key }} | |
| cache: true | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| **/node_modules | |
| key: ${{ needs.setup.outputs.cache-key }} | |
| - name: Lint sources | |
| run: yarn lint:sol | |
| unit_test: | |
| name: Unit tests | |
| runs-on: ubuntu-latest | |
| needs: setup | |
| steps: | |
| - name: Checkout | |
| uses: actions/[email protected] | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| **/node_modules | |
| key: ${{ needs.setup.outputs.cache-key }} | |
| - name: Install Foundry | |
| uses: foundry-rs/[email protected] | |
| with: | |
| version: nightly | |
| cache: true | |
| - name: Install foundry dependencies | |
| run: forge install | |
| - name: Build Typechain and Foundry | |
| run: yarn build | |
| - name: Run Forge and Hardhat Tests | |
| run: yarn test | |
| env: | |
| ARBITRUM_RPC_URL: ${{ secrets.ARBITRUM_RPC_URL }} | |
| BASE_RPC_URL: ${{ secrets.BASE_RPC_URL }} | |
| coverage: | |
| needs: setup | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Cache node modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| **/node_modules | |
| key: ${{ needs.setup.outputs.cache-key }} | |
| - name: Install lcov (for genhtml) | |
| run: sudo apt-get update && sudo apt-get install -y lcov | |
| - name: Install Foundry | |
| uses: foundry-rs/[email protected] | |
| with: | |
| version: nightly | |
| cache: true | |
| - name: Generate Hardhat & Foundry Coverage Report | |
| run: yarn coverage:report | |
| env: | |
| ARBITRUM_RPC_URL: ${{ secrets.ARBITRUM_RPC_URL }} | |
| BASE_RPC_URL: ${{ secrets.BASE_RPC_URL }} | |
| - name: Upload Foundry Coverage Report to Codecov | |
| uses: codecov/[email protected] | |
| with: | |
| directory: coverage/foundry | |
| file: coverage/foundry/forge-pruned-lcov.info | |
| flags: foundry | |
| fail_ci_if_error: true | |
| verbose: true | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Upload Hardhat Coverage Report to Codecov | |
| uses: codecov/[email protected] | |
| with: | |
| directory: coverage | |
| file: lcov.info | |
| flags: hardhat | |
| fail_ci_if_error: true | |
| verbose: true | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| analyze: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Run Slither | |
| uses: crytic/[email protected] | |
| id: slither | |
| with: | |
| slither-version: "0.10.0" | |
| node-version: "20" | |
| fail-on: "none" | |
| slither-args: '--exclude "assembly|solc-version|low-level-calls|naming-convention|controlled-delegatecall|write-after-write|divide-before-multiply|incorrect-shift" --exclude-informational --exclude-low --filter-paths "contracts/mock|node_modules" --checklist --markdown-root ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}/contracts/' | |
| - name: Check if Slither report is empty | |
| id: check_report | |
| run: | | |
| if [ -z "${{ steps.slither.outputs.stdout }}" ]; then | |
| echo "report_empty=true" >> $GITHUB_ENV | |
| else | |
| echo "report_empty=false" >> $GITHUB_ENV | |
| fi | |
| - name: Create/update checklist as PR comment | |
| if: env.report_empty == 'false' | |
| uses: actions/[email protected] | |
| env: | |
| REPORT: ${{ steps.slither.outputs.stdout }} | |
| with: | |
| script: | | |
| const script = require('.github/scripts/comment') | |
| const header = '# Slither report' | |
| const body = process.env.REPORT.trim() | |
| if (!body) { | |
| console.log("Slither report is empty. No comment will be posted."); | |
| return; | |
| } | |
| await script({ github, context, header, body }) |