Skip to content

Commit

Permalink
🚧 Update Slither workflow to include Foundry installation and contrac…
Browse files Browse the repository at this point in the history
…t building
  • Loading branch information
Aboudjem committed Feb 20, 2024
1 parent e53ea31 commit bfccbe0
Showing 1 changed file with 11 additions and 7 deletions.
18 changes: 11 additions & 7 deletions .github/workflows/slither.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,6 @@
name: Slither Analysis
on: [push]

permissions:
contents: read
security-events: write

jobs:
analyze:
runs-on: ubuntu-latest
Expand All @@ -23,12 +19,20 @@ jobs:
- name: Install JavaScript Dependencies
run: yarn install --frozen-lockfile

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: Install Foundry Dependencies
run: forge install

- name: Build Contracts
run: yarn build

# Run Slither static analyzer
- name: Run Slither
uses: crytic/[email protected]
with:
ignore-compile: true # Assume pre-compilation or custom compilation steps
fail-on: "medium" # Action will fail if issues of medium severity or higher are found
solc-version: "0.8.24" # Use a specific Solidity compiler version
target: "contracts/" # Specify the target directory for analysis
sarif: "slither-results.sarif" # Generate a SARIF report for Code Scanning integration

0 comments on commit bfccbe0

Please sign in to comment.