From 6d8dc680dbe6fc97417e9af777021f37b7d7a457 Mon Sep 17 00:00:00 2001 From: igorroncevic <57319163+igorroncevic@users.noreply.github.com> Date: Wed, 6 May 2026 16:04:09 +0200 Subject: [PATCH 1/2] chore: add slither config --- .gitignore | 4 ++++ README.md | 53 ++++++++++++++++++++++++++++++++------------ dev/requirements.txt | 1 + slither.config.json | 5 +++++ 4 files changed, 49 insertions(+), 14 deletions(-) create mode 100644 dev/requirements.txt create mode 100644 slither.config.json diff --git a/.gitignore b/.gitignore index 85198aa..46bbcb2 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,7 @@ docs/ # Dotenv file .env + +# Local development dependencies +dev/node_modules/ +dev/.venv/ diff --git a/README.md b/README.md index 72ce9fd..ccd232b 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,6 @@ This project is meant to be used as a templated during the creation of new Githu It will contain some useful configuration files and scripts, that can be used also with existing projects (manually copied). - ## Usage ### Build @@ -27,6 +26,32 @@ forge test forge fmt ``` +### Local tooling + +Solhint and Slither are pinned as local development dependencies under `dev/`. +Install them with: + +```shell +npm install --prefix dev +python -m venv dev/.venv +dev/.venv/bin/pip install -r dev/requirements.txt +``` + +Use the local binaries when running these tools: + +```shell +dev/node_modules/.bin/solhint --version +dev/.venv/bin/slither --version +``` + +### Slither + +Slither uses the pinned local Python dependency and checks contracts under `src` by default: + +```shell +dev/.venv/bin/slither src --config-file slither.config.json +``` + ### Gas Snapshots ```shell @@ -44,18 +69,18 @@ forge script script/Counter.s.sol:CounterScript --rpc-url --priva The following operations need to be performed after this repository has been created. - [ ] In GitHub repo settings: - - [ ] Add a new ruleset called "Protected branches" and include the following changes: - - Enforcement status: active - - Target branches: Include default branch - - Require linear history - - Require a pull request before merging - - Required approvals: 1 - - Allowed merge methods: Squash - - Block force pushes - - [ ] In General → Features → Pull requests: - - Select "Pull request title and description" in "Default commit message" option - - Unckeck "Allow merge commits" option - - Check "Allow auto-merge" option + - [ ] Add a new ruleset called "Protected branches" and include the following changes: + - Enforcement status: active + - Target branches: Include default branch + - Require linear history + - Require a pull request before merging + - Required approvals: 1 + - Allowed merge methods: Squash + - Block force pushes + - [ ] In General → Features → Pull requests: + - Select "Pull request title and description" in "Default commit message" option + - Unckeck "Allow merge commits" option + - Check "Allow auto-merge" option - [ ] Run `forge install` to install the dependencies. This will create a new `foundry.lock` file which you should commit to the project - [ ] Make sure you use the [latest version of Solidity](https://github.com/argotorg/solidity/releases) by updating the `solc` version in `foundry.toml` -- [ ] Once all entries in this list are checked, delete this section from the readme \ No newline at end of file +- [ ] Once all entries in this list are checked, delete this section from the readme diff --git a/dev/requirements.txt b/dev/requirements.txt new file mode 100644 index 0000000..8cd5ccd --- /dev/null +++ b/dev/requirements.txt @@ -0,0 +1 @@ +slither-analyzer==0.11.5 diff --git a/slither.config.json b/slither.config.json new file mode 100644 index 0000000..904fae7 --- /dev/null +++ b/slither.config.json @@ -0,0 +1,5 @@ +{ + "compile_libraries": false, + "detectors_to_exclude": "solc-version", + "filter_paths": "(lib/|test/|script/)" +} From 7d48122ea0d05d81cd87adbc241d24d1d12b4870 Mon Sep 17 00:00:00 2001 From: igorroncevic <57319163+igorroncevic@users.noreply.github.com> Date: Fri, 8 May 2026 13:42:17 +0200 Subject: [PATCH 2/2] update config --- slither.config.json | 1 - 1 file changed, 1 deletion(-) diff --git a/slither.config.json b/slither.config.json index 904fae7..308ad06 100644 --- a/slither.config.json +++ b/slither.config.json @@ -1,5 +1,4 @@ { - "compile_libraries": false, "detectors_to_exclude": "solc-version", "filter_paths": "(lib/|test/|script/)" }