-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e49beaa
commit b104f31
Showing
10 changed files
with
84 additions
and
42 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -50,38 +50,81 @@ jobs: | |
| with: | ||
| version: nightly | ||
|
|
||
| # - name: Install scopelint | ||
| # uses: engineerd/[email protected] | ||
| # with: | ||
| # name: scopelint | ||
| # repo: ScopeLift/scopelint | ||
| # fromGitHubReleases: true | ||
| # version: latest | ||
| # pathInArchive: scopelint-x86_64-linux/scopelint | ||
| # urlTemplate: https://github.com/ScopeLift/scopelint/releases/download/{{version}}/scopelint-x86_64-linux.tar.xz | ||
| # token: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Install scopelint | ||
| uses: engineerd/[email protected] | ||
| with: | ||
| name: scopelint | ||
| repo: ScopeLift/scopelint | ||
| fromGitHubReleases: true | ||
| version: latest | ||
| pathInArchive: scopelint-x86_64-linux/scopelint | ||
| urlTemplate: https://github.com/ScopeLift/scopelint/releases/download/{{version}}/scopelint-x86_64-linux.tar.xz | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Check formatting | ||
| run: forge fmt --check | ||
| # run: | | ||
| # scopelint --version | ||
| # scopelint check | ||
|
|
||
| # TODO figure out why this is failing and uncomment | ||
| # slither-analyze: | ||
| # runs-on: ubuntu-latest | ||
| # steps: | ||
| # - uses: actions/checkout@v3 | ||
| # | ||
| # - name: Run Slither | ||
| # uses: crytic/[email protected] | ||
| # id: slither # Required to reference this step in the next step. | ||
| # with: | ||
| # fail-on: none # Required to avoid failing the CI run regardless of findings. | ||
| # sarif: results.sarif | ||
| # slither-args: --filter-paths "./lib|./test" --exclude naming-convention | ||
| # | ||
| # - name: Upload SARIF file | ||
| # uses: github/codeql-action/upload-sarif@v2 | ||
| # with: | ||
| # sarif_file: ${{ steps.slither.outputs.sarif }} | ||
| run: | | ||
| scopelint --version | ||
| scopelint check | ||
| coverage: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
|
|
||
| - name: Install Foundry | ||
| uses: foundry-rs/foundry-toolchain@v1 | ||
|
|
||
| - name: Run coverage | ||
| run: forge coverage --report summary --report lcov | ||
|
|
||
| # To ignore coverage for certain directories modify the paths in this step as needed. The | ||
| # below default ignores coverage results for the test and script directories. Alternatively, | ||
| # to include coverage in all directories, comment out this step. Note that because this | ||
| # filtering applies to the lcov file, the summary table generated in the previous step will | ||
| # still include all files and directories. | ||
| # The `--rc lcov_branch_coverage=1` part keeps branch info in the filtered report, since lcov | ||
| # defaults to removing branch info. | ||
| - name: Filter directories | ||
| run: | | ||
| sudo apt update && sudo apt install -y lcov | ||
| lcov --remove lcov.info 'test/*' 'script/*' --output-file lcov.info --rc lcov_branch_coverage=1 | ||
| # This step posts a detailed coverage report as a comment and deletes previous comments on | ||
| # each push. The below step is used to fail coverage if the specified coverage threshold is | ||
| # not met. The below step can post a comment (when it's `github-token` is specified) but it's | ||
| # not as useful, and this action cannot fail CI based on a minimum coverage threshold, which | ||
| # is why we use both in this way. | ||
| - name: Post coverage report | ||
| if: github.event_name == 'pull_request' # This action fails when ran outside of a pull request. | ||
| uses: romeovs/[email protected] | ||
| with: | ||
| delete-old-comments: true | ||
| lcov-file: ./lcov.info | ||
| github-token: ${{ secrets.GITHUB_TOKEN }} # Adds a coverage summary comment to the PR. | ||
|
|
||
| - name: Verify minimum coverage | ||
| uses: zgosalvez/github-actions-report-lcov@v2 | ||
| with: | ||
| coverage-files: ./lcov.info | ||
| minimum-coverage: 70 # Set coverage threshold. | ||
|
|
||
| slither-analyze: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| security-events: write | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
|
|
||
| - name: Run Slither | ||
| uses: crytic/[email protected] | ||
| id: slither # Required to reference this step in the next step. | ||
| with: | ||
| fail-on: none # Required to avoid failing the CI run regardless of findings. | ||
| sarif: results.sarif | ||
| slither-args: --filter-paths "./lib|./test" --exclude naming-convention,solc-version | ||
|
|
||
| - name: Upload SARIF file | ||
| uses: github/codeql-action/upload-sarif@v2 | ||
| with: | ||
| sarif_file: ${{ steps.slither.outputs.sarif }} | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters