Skip to content

security: address slither findings and add slither CI #95

security: address slither findings and add slither CI

security: address slither findings and add slither CI #95

Workflow file for this run

---
name: Forge CI to build, test and format
on:
pull_request:
push:
branches:
- main
- release/**
tags:
- "*"
jobs:
setup:
uses: ./.github/workflows/foundry-setup.yml
with:
foundry-version: nightly
build:
runs-on: ubuntu-latest
needs: setup
outputs:
installation-dir: ${{ needs.setup.outputs.installation-dir }}
cache-key: ${{ needs.setup.outputs.cache-key }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Restore cached Foundry toolchain
uses: actions/cache/restore@v3
with:
path: ${{ needs.setup.outputs.installation-dir }}
key: ${{ needs.setup.outputs.cache-key }}
- name: Add Foundry to PATH
run: echo "${{ needs.setup.outputs.installation-dir }}" >> $GITHUB_PATH
- name: Build
run: forge build
- name: Add comment for build failure
if: failure()
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'The build has failed. Please check the logs.'
})
- name: Cache build artifacts
uses: actions/cache/save@v3
with:
path: |
./lib
./out
./cache
./broadcast
key: ${{ runner.os }}-build-${{ github.sha }}
test:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
- name: Restore cached Foundry toolchain
uses: actions/cache/restore@v3
with:
path: ${{ needs.build.outputs.installation-dir }}
key: ${{ needs.build.outputs.cache-key }}
- name: Add Foundry to PATH
run: echo "${{ needs.build.outputs.installation-dir }}" >> $GITHUB_PATH
- name: Restore build artifacts
uses: actions/cache/restore@v3
with:
path: |
./lib
./out
./cache
./broadcast
key: ${{ runner.os }}-build-${{ github.sha }}
- name: Run tests
run: forge test -vvv
- name: Run test snapshot
run: NO_COLOR=1 forge snapshot >> $GITHUB_STEP_SUMMARY
- name: Add comment for test failure
if: failure()
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'The tests have failed. Please check the logs.'
})
fmt:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
- name: Restore cached Foundry toolchain
uses: actions/cache/restore@v3
with:
path: ${{ needs.build.outputs.installation-dir }}
key: ${{ needs.build.outputs.cache-key }}
- name: Add Foundry to PATH
run: echo "${{ needs.build.outputs.installation-dir }}" >> $GITHUB_PATH
- name: Restore build artifacts
uses: actions/cache/restore@v3
with:
path: |
./lib
./out
./cache
./broadcast
key: ${{ runner.os }}-build-${{ github.sha }}
- name: Check formatting
run: forge fmt --check
- name: Add comment for format failure
if: failure()
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'The code is not formatted correctly. Please run `forge fmt` and push the changes.'
})