From 08c3603971bbd4ef1ee3e18f5a5a1c6bea74d8cf Mon Sep 17 00:00:00 2001 From: Tilak Madichetti Date: Wed, 12 Feb 2025 15:30:56 +0530 Subject: [PATCH] New Installation and distribution pipeline (#793) --- .github/workflows/cargo.yml | 191 ---------- .github/workflows/python.yml | 93 ----- .github/workflows/release.yml | 467 +++++++++++++++++------- .github/workflows/reports.yml | 121 ++++++ .github/workflows/web.yml | 88 +++++ .gitignore | 4 +- Cargo.lock | 113 +----- Cargo.toml | 6 +- aderyn/Cargo.toml | 4 +- aderyn/oranda.json | 14 + aderyn/src/lib.rs | 2 +- aderyn_core/Cargo.toml | 2 +- aderyn_driver/Cargo.toml | 2 +- aderyn_py/Cargo.toml | 23 -- aderyn_py/pyproject.toml | 7 - aderyn_py/requirements.txt | 2 - aderyn_py/src/lib.rs | 55 --- aderyn_py/tests/test_generate_report.py | 27 -- dist-workspace.toml | 23 ++ reports/report.sarif | 4 +- rust-toolchain.toml | 2 + 21 files changed, 605 insertions(+), 645 deletions(-) delete mode 100644 .github/workflows/python.yml create mode 100644 .github/workflows/reports.yml create mode 100644 .github/workflows/web.yml create mode 100644 aderyn/oranda.json delete mode 100644 aderyn_py/Cargo.toml delete mode 100644 aderyn_py/pyproject.toml delete mode 100644 aderyn_py/requirements.txt delete mode 100644 aderyn_py/src/lib.rs delete mode 100644 aderyn_py/tests/test_generate_report.py create mode 100644 dist-workspace.toml create mode 100644 rust-toolchain.toml diff --git a/.github/workflows/cargo.yml b/.github/workflows/cargo.yml index 36047ca73..351eb0db2 100644 --- a/.github/workflows/cargo.yml +++ b/.github/workflows/cargo.yml @@ -69,197 +69,6 @@ jobs: run: | cargo test -- --nocapture - reports: - name: Check Reports - runs-on: ubuntu-latest - steps: - - name: foundry-toolchain - uses: foundry-rs/foundry-toolchain@v1.2.0 - - - name: Checkout sources - uses: actions/checkout@v4 - - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - override: true - - - uses: Swatinem/rust-cache@v2 - - name: Run cargo build - run: | - cargo build - - - name: Submodule init - run: | - git submodule update --init --recursive - - - uses: actions/checkout@v4 - - - uses: actions/setup-node@v4 - with: - node-version: 20 - cache: 'npm' - - - uses: pnpm/action-setup@v4 - with: - version: 8 - - # Verify report.md - - uses: Swatinem/rust-cache@v2 - - name: Generate report-workflow.m - run: | - cargo run -- -o ./reports/report-workflow.md --src src/ ./tests/contract-playground/ --skip-update-check - - - name: Check report.md vs report-workflow.md - run: | - cat ./reports/report-workflow.md - diff ./reports/report.md ./reports/report-workflow.md - - # Verify uniswap_profile.md - - name: Generate uniswap_profile-workflow.md - env: - FOUNDRY_PROFILE: uniswap - run: | - cargo run -- -o ./reports/uniswap_profile-workflow.md ./tests/contract-playground/ --skip-update-check - - - name: Check uniswap_profile.md vs uniswap_profile-workflow.md - run: | - cat reports/uniswap_profile-workflow.md - diff reports/uniswap_profile.md reports/uniswap_profile-workflow.md - - # Install javascript dependencies - - - uses: bahmutov/npm-install@v1 - with: - useLockFile: false - working-directory: tests/2024-05-Sablier/v2-core - - - uses: bahmutov/npm-install@v1 - with: - useLockFile: false - working-directory: tests/prb-math/ - - # Verify sablier.md - - - - name: Generate sablier.md - env: - FOUNDRY_PROFILE: uniswap - run: | - cargo run -- -o ./reports/sablier.md ./tests/2024-05-Sablier --skip-update-check - - - name: Check sablier.md vs sablier-aderyn-toml-nested-root.md - run: | - cat reports/sablier.md - diff reports/sablier-aderyn-toml-nested-root.md reports/sablier.md - - # Verify adhoc-sol-files-workflow-report.md - - - - name: Generate adhoc-sol-files-workflow-report.md - run: | - cargo run -- -o ./reports/adhoc-sol-files-report-workflow.md ./tests/adhoc-sol-files --skip-update-check - - - name: Check adhoc-sol-files-report.md vs adhoc-sol-files-report-workflow.md - run: | - cat ./reports/adhoc-sol-files-report-workflow.md - diff ./reports/adhoc-sol-files-report.md ./reports/adhoc-sol-files-report-workflow.md - - # Verify foundry-nft-f23.md - - - - name: Generate nft-workflow-report.md - run: | - cargo run -- -o ./reports/nft-workflow-report.md --src src/ ./tests/foundry-nft-f23 --skip-update-check - - - name: Check nft-workflow-report.md vs nft-report.md - run: | - cat ./reports/nft-workflow-report.md - diff ./reports/nft-report.md ./reports/nft-workflow-report.md - - - # Verify ccip-functions-report.md - - - name: Generate ccip-functions-report-workflow.md - run: | - cargo run -- -o reports/ccip-functions-report-workflow.md tests/ccip-contracts/contracts --src src/v0.8/functions/ -x "tests/,test/,mocks/" --skip-update-check - - - name: Check ccip-functions-report-workflow.md vs ccip-functions-report.md - run: | - cat ./reports/ccip-functions-report-workflow.md - diff ./reports/ccip-functions-report.md ./reports/ccip-functions-report-workflow.md - - # Verify hardhat-playground-report - - - name: Generate hardhat-playground-report.md - run: | - cargo run -- tests/hardhat-js-playground -o reports/hardhat-playground-report-workflow.md --skip-update-check - - - name: Check hardhat-playground-report-workflow.md vs hardhat-playground-report.md - run: | - cat ./reports/hardhat-playground-report-workflow.md - diff ./reports/hardhat-playground-report.md ./reports/hardhat-playground-report-workflow.md - - - # Verify prb-math-report.md (new solidity features) - - - name: Generate ccip-functions-report-workflow.md - run: | - cargo run -- ./tests/prb-math -o ./reports/prb-math-report-workflow.md --skip-update-check - - - name: Check prb-math-report.md vs prb-math-report-workflow.md - run: | - cat ./reports/prb-math-report-workflow.md - diff ./reports/prb-math-report.md ./reports/prb-math-report-workflow.md - - - # Verify report.json - - - name: Generate report-workflow.json - run: | - cargo run -- -o ./reports/report-workflow.json -i src/ -x lib/ ./tests/contract-playground/ --skip-update-check - - - name: Check report.json vs report-workflow.json - run: | - cat ./reports/report-workflow.json - diff ./reports/report.json ./reports/report-workflow.json - - # Verify adhoc sol files (Highs Only) report.json - - - - name: Generate report-workflow.json - run: | - cargo run -- -o ./reports/adhoc-sol-files-highs-only-report-workflow.json ./tests/adhoc-sol-files --skip-update-check --highs-only - - - name: Check report.json vs report-workflow.json - run: | - cat ./reports/adhoc-sol-files-highs-only-report-workflow.json - diff ./reports/adhoc-sol-files-highs-only-report.json ./reports/adhoc-sol-files-highs-only-report-workflow.json - - # Verify sarif report - - - name: Generate sarif report - run: | - cargo run -- -o ./reports/ci-report.sarif ./tests/contract-playground/ --skip-update-check - - - name: Check sarif report - run: | - cat ./reports/ci-report.sarif - diff ./reports/report.sarif ./reports/ci-report.sarif - - # Verify empty report when ignored instances - - - name: Verify Empty report - run: | - cargo run -- tests/contract-playground -o reports/empty_report_workflow.md -i IgnoreEverything.sol - - - name: Check empty report - run: | - cat ./reports/empty_report_workflow.md - diff ./reports/empty_report.md ./reports/empty_report_workflow.md - lints: name: Lints runs-on: ubuntu-latest diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml deleted file mode 100644 index ddbd3c6e6..000000000 --- a/.github/workflows/python.yml +++ /dev/null @@ -1,93 +0,0 @@ -on: [push, pull_request, workflow_dispatch] - -name: Aderyn-py - -jobs: - check: - name: Check - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - override: true - - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 - with: - python-version: "3.11" - - - name: Install git submodules - run: | - git submodule update --init --recursive - - - name: Run cargo check - uses: actions-rs/cargo@v1 - with: - command: check - - reports: - name: Check Reports - runs-on: ubuntu-latest - steps: - - name: foundry-toolchain - uses: foundry-rs/foundry-toolchain@v1.2.0 - - - name: Checkout sources - uses: actions/checkout@v4 - - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - override: true - - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 - with: - python-version: "3.11" - cache: "pip" - - - name: Submodule init - run: | - git submodule update --init --recursive - - - uses: actions/checkout@v4 - - - uses: actions/setup-node@v4 - with: - node-version: 20 - cache: "npm" - - - uses: pnpm/action-setup@v4 - with: - version: 8 - - - uses: bahmutov/npm-install@v1 - with: - useLockFile: false - working-directory: tests/2024-05-Sablier/v2-core - - - uses: bahmutov/npm-install@v1 - with: - useLockFile: false - working-directory: tests/prb-math/ - - - name: Setup virtual environment - run: | - python -m venv venv - source venv/bin/activate - pip install -r ./aderyn_py/requirements.txt - - - name: Run tests - run: | - source venv/bin/activate - cd aderyn_py - maturin develop - pytest tests diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2d4a7b86d..2be5f4edf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,159 +1,366 @@ +# This file was autogenerated by dist: https://opensource.axo.dev/cargo-dist/ +# +# Copyright 2022-2024, axodotdev +# SPDX-License-Identifier: MIT or Apache-2.0 +# +# CI that: +# +# * checks for a Git Tag that looks like a release +# * builds artifacts with dist (archives, installers, hashes) +# * uploads those artifacts to temporary workflow zip +# * on success, uploads the artifacts to a GitHub Release +# +# Note that the GitHub Release will be created with a generated +# title/body based on your changelogs. + +name: Release +permissions: + "contents": "write" + +# This task will run whenever you push a git tag that looks like a version +# like "1.0.0", "v0.1.0-prerelease.1", "my-app/0.1.0", "releases/v1.0.0", etc. +# Various formats will be parsed into a VERSION and an optional PACKAGE_NAME, where +# PACKAGE_NAME must be the name of a Cargo package in your workspace, and VERSION +# must be a Cargo-style SemVer Version (must have at least major.minor.patch). +# +# If PACKAGE_NAME is specified, then the announcement will be for that +# package (erroring out if it doesn't have the given version or isn't dist-able). +# +# If PACKAGE_NAME isn't specified, then the announcement will be for all +# (dist-able) packages in the workspace with that version (this mode is +# intended for workspaces with only one dist-able package, or with all dist-able +# packages versioned/released in lockstep). +# +# If you push multiple tags at once, separate instances of this workflow will +# spin up, creating an independent announcement for each one. However, GitHub +# will hard limit this to 3 tags per commit, as it will assume more tags is a +# mistake. +# +# If there's a prerelease-style suffix to the version, then the release(s) +# will be marked as a prerelease. on: + pull_request: push: tags: - - 'v*' - -name: Release + - '**[0-9]+.[0-9]+.[0-9]+*' jobs: - build: - name: Build + # Run 'dist plan' (or host) to determine what tasks we need to do + plan: + runs-on: "ubuntu-20.04" + outputs: + val: ${{ steps.plan.outputs.manifest }} + tag: ${{ !github.event.pull_request && github.ref_name || '' }} + tag-flag: ${{ !github.event.pull_request && format('--tag={0}', github.ref_name) || '' }} + publishing: ${{ !github.event.pull_request }} env: - PROJECT_NAME: aderyn - runs-on: ${{ matrix.runner }} - strategy: - matrix: - include: - - name: linux-amd64 - runner: ubuntu-latest - target: x86_64-unknown-linux-gnu - - name: linux-arm64 - runner: ubuntu-latest - target: aarch64-unknown-linux-gnu - - name: win-amd64 - runner: windows-latest - target: x86_64-pc-windows-msvc - - name: macos-amd64 - runner: macos-latest-large - target: x86_64-apple-darwin - - name: macos-arm64 - runner: macos-latest - target: aarch64-apple-darwin - + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Extract Tag Name - id: extract_tag_name - run: echo "TAG_NAME=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install dist + # we specify bash to get pipefail; it guards against the `curl` command + # failing. otherwise `sh` won't catch that `curl` returned non-0 shell: bash - - - name: Install Rust - uses: dtolnay/rust-toolchain@stable + run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.28.0/cargo-dist-installer.sh | sh" + - name: Cache dist + uses: actions/upload-artifact@v4 with: - targets: "${{ matrix.target }}" - - - name: Setup Cache - uses: Swatinem/rust-cache@v2 - - - name: Install Dependencies - if: matrix.target == 'aarch64-unknown-linux-gnu' + name: cargo-dist-cache + path: ~/.cargo/bin/dist + # sure would be cool if github gave us proper conditionals... + # so here's a doubly-nested ternary-via-truthiness to try to provide the best possible + # functionality based on whether this is a pull_request, and whether it's from a fork. + # (PRs run on the *source* but secrets are usually on the *target* -- that's *good* + # but also really annoying to build CI around when it needs secrets to work right.) + - id: plan run: | - sudo apt-get update && sudo apt-get install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu - mkdir -p .cargo - echo '[target.aarch64-unknown-linux-gnu]' > .cargo/config.toml - echo 'linker = "aarch64-linux-gnu-gcc"' >> .cargo/config.toml - rustup target add ${{ matrix.target }} - - - name: Build Binary - run: cargo build --verbose --locked --release --package aderyn --target ${{ matrix.target }} + dist ${{ (!github.event.pull_request && format('host --steps=create --tag={0}', github.ref_name)) || 'plan' }} --output-format=json > plan-dist-manifest.json + echo "dist ran successfully" + cat plan-dist-manifest.json + echo "manifest=$(jq -c "." plan-dist-manifest.json)" >> "$GITHUB_OUTPUT" + - name: "Upload dist-manifest.json" + uses: actions/upload-artifact@v4 + with: + name: artifacts-plan-dist-manifest + path: plan-dist-manifest.json - - name: Create Binary - shell: bash + # Build and packages all the platform-specific things + build-local-artifacts: + name: build-local-artifacts (${{ join(matrix.targets, ', ') }}) + # Let the initial task tell us to not run (currently very blunt) + needs: + - plan + if: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix.include != null && (needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload') }} + strategy: + fail-fast: false + # Target platforms/runners are computed by dist in create-release. + # Each member of the matrix has the following arguments: + # + # - runner: the github runner + # - dist-args: cli flags to pass to dist + # - install-dist: expression to run to install dist on the runner + # + # Typically there will be: + # - 1 "global" task that builds universal installers + # - N "local" tasks that build each platform's binaries and platform-specific installers + matrix: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix }} + runs-on: ${{ matrix.runner }} + container: ${{ matrix.container && matrix.container.image || null }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BUILD_MANIFEST_NAME: target/distrib/${{ join(matrix.targets, '-') }}-dist-manifest.json + steps: + - name: enable windows longpaths run: | - BIN_SUFFIX="" - if [[ "${{ matrix.runner }}" == "windows-latest" ]]; then - BIN_SUFFIX=".exe" + git config --global core.longpaths true + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install Rust non-interactively if not already installed + if: ${{ matrix.container }} + run: | + if ! command -v cargo > /dev/null 2>&1; then + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + echo "$HOME/.cargo/bin" >> $GITHUB_PATH fi - BIN_OUTPUT="target/${{ matrix.target }}/release/${PROJECT_NAME}${BIN_SUFFIX}" - BIN_RELEASE_VERSIONED="${PROJECT_NAME}-${{ matrix.name }}${BIN_SUFFIX}" - echo "BIN_RELEASE_VERSIONED: $BIN_RELEASE_VERSIONED" - mv "${BIN_OUTPUT}" "./${BIN_RELEASE_VERSIONED}" - echo "BIN_RELEASE_VERSIONED=${BIN_RELEASE_VERSIONED}" >> $GITHUB_ENV - - - name: Compress Binary + - name: Install dist + run: ${{ matrix.install_dist.run }} + # Get the dist-manifest + - name: Fetch local artifacts + uses: actions/download-artifact@v4 + with: + pattern: artifacts-* + path: target/distrib/ + merge-multiple: true + - name: Install dependencies + run: | + ${{ matrix.packages_install }} + - name: Build artifacts + run: | + # Actually do builds and make zips and whatnot + dist build ${{ needs.plan.outputs.tag-flag }} --print=linkage --output-format=json ${{ matrix.dist_args }} > dist-manifest.json + echo "dist ran successfully" + - id: cargo-dist + name: Post-build + # We force bash here just because github makes it really hard to get values up + # to "real" actions without writing to env-vars, and writing to env-vars has + # inconsistent syntax between shell and powershell. shell: bash run: | - mkdir -p compressed - tar -czvf compressed/${{ env.BIN_RELEASE_VERSIONED }}.tar.gz ${{ env.BIN_RELEASE_VERSIONED }} - echo "COMPRESSED_BINARY=compressed/${{ env.BIN_RELEASE_VERSIONED }}.tar.gz" >> $GITHUB_ENV + # Parse out what we just built and upload it to scratch storage + echo "paths<> "$GITHUB_OUTPUT" + dist print-upload-files-from-manifest --manifest dist-manifest.json >> "$GITHUB_OUTPUT" + echo "EOF" >> "$GITHUB_OUTPUT" - - name: Upload Artifact + cp dist-manifest.json "$BUILD_MANIFEST_NAME" + - name: "Upload artifacts" uses: actions/upload-artifact@v4 with: - name: ${{ env.BIN_RELEASE_VERSIONED }}.tar.gz - path: ${{ env.COMPRESSED_BINARY }} + name: artifacts-build-local-${{ join(matrix.targets, '_') }} + path: | + ${{ steps.cargo-dist.outputs.paths }} + ${{ env.BUILD_MANIFEST_NAME }} - outputs: - tag_name: ${{ env.TAG_NAME }} - - create_release: - needs: build - runs-on: ubuntu-latest + # Build and package all the platform-agnostic(ish) things + build-global-artifacts: + needs: + - plan + - build-local-artifacts + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json steps: - - name: Download All Artifacts + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install cached dist uses: actions/download-artifact@v4 with: - path: artifacts/ - - - name: Create Release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + name: cargo-dist-cache + path: ~/.cargo/bin/ + - run: chmod +x ~/.cargo/bin/dist + # Get all the local artifacts for the global tasks to use (for e.g. checksums) + - name: Fetch local artifacts + uses: actions/download-artifact@v4 with: - tag_name: ${{ needs.build.outputs.tag_name }} - release_name: "Release ${{ needs.build.outputs.tag_name }}" - draft: false - prerelease: false + pattern: artifacts-* + path: target/distrib/ + merge-multiple: true + - id: cargo-dist + shell: bash + run: | + dist build ${{ needs.plan.outputs.tag-flag }} --output-format=json "--artifacts=global" > dist-manifest.json + echo "dist ran successfully" - - name: Upload Compressed Linux amd64 Asset - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: artifacts/aderyn-linux-amd64.tar.gz/aderyn-linux-amd64.tar.gz - asset_name: aderyn-linux-amd64.tar.gz - asset_content_type: application/gzip - - - name: Upload Compressed Linux arm64 Asset - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: artifacts/aderyn-linux-arm64.tar.gz/aderyn-linux-arm64.tar.gz - asset_name: aderyn-linux-arm64.tar.gz - asset_content_type: application/gzip - - - name: Upload Compressed Windows amd64 Asset - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: artifacts/aderyn-win-amd64.exe.tar.gz/aderyn-win-amd64.exe.tar.gz - asset_name: aderyn-win-amd64.exe.tar.gz - asset_content_type: application/gzip - - - name: Upload Compressed MacOS amd64 Asset - uses: actions/upload-release-asset@v1 + # Parse out what we just built and upload it to scratch storage + echo "paths<> "$GITHUB_OUTPUT" + jq --raw-output ".upload_files[]" dist-manifest.json >> "$GITHUB_OUTPUT" + echo "EOF" >> "$GITHUB_OUTPUT" + + cp dist-manifest.json "$BUILD_MANIFEST_NAME" + - name: "Upload artifacts" + uses: actions/upload-artifact@v4 + with: + name: artifacts-build-global + path: | + ${{ steps.cargo-dist.outputs.paths }} + ${{ env.BUILD_MANIFEST_NAME }} + # Determines if we should publish/announce + host: + needs: + - plan + - build-local-artifacts + - build-global-artifacts + # Only run if we're "publishing", and only if local and global didn't fail (skipped is fine) + if: ${{ always() && needs.plan.outputs.publishing == 'true' && (needs.build-global-artifacts.result == 'skipped' || needs.build-global-artifacts.result == 'success') && (needs.build-local-artifacts.result == 'skipped' || needs.build-local-artifacts.result == 'success') }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + runs-on: "ubuntu-20.04" + outputs: + val: ${{ steps.host.outputs.manifest }} + steps: + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install cached dist + uses: actions/download-artifact@v4 + with: + name: cargo-dist-cache + path: ~/.cargo/bin/ + - run: chmod +x ~/.cargo/bin/dist + # Fetch artifacts from scratch-storage + - name: Fetch artifacts + uses: actions/download-artifact@v4 + with: + pattern: artifacts-* + path: target/distrib/ + merge-multiple: true + - id: host + shell: bash + run: | + dist host ${{ needs.plan.outputs.tag-flag }} --steps=upload --steps=release --output-format=json > dist-manifest.json + echo "artifacts uploaded and released successfully" + cat dist-manifest.json + echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT" + - name: "Upload dist-manifest.json" + uses: actions/upload-artifact@v4 + with: + # Overwrite the previous copy + name: artifacts-dist-manifest + path: dist-manifest.json + # Create a GitHub Release while uploading all files to it + - name: "Download GitHub Artifacts" + uses: actions/download-artifact@v4 + with: + pattern: artifacts-* + path: artifacts + merge-multiple: true + - name: Cleanup + run: | + # Remove the granular manifests + rm -f artifacts/*-dist-manifest.json + - name: Create GitHub Release env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PRERELEASE_FLAG: "${{ fromJson(steps.host.outputs.manifest).announcement_is_prerelease && '--prerelease' || '' }}" + ANNOUNCEMENT_TITLE: "${{ fromJson(steps.host.outputs.manifest).announcement_title }}" + ANNOUNCEMENT_BODY: "${{ fromJson(steps.host.outputs.manifest).announcement_github_body }}" + RELEASE_COMMIT: "${{ github.sha }}" + run: | + # Write and read notes from a file to avoid quoting breaking things + echo "$ANNOUNCEMENT_BODY" > $RUNNER_TEMP/notes.txt + + gh release create "${{ needs.plan.outputs.tag }}" --target "$RELEASE_COMMIT" $PRERELEASE_FLAG --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" artifacts/* + + publish-homebrew-formula: + needs: + - plan + - host + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PLAN: ${{ needs.plan.outputs.val }} + GITHUB_USER: "axo bot" + GITHUB_EMAIL: "admin+bot@axo.dev" + if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }} + steps: + - uses: actions/checkout@v4 with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: artifacts/aderyn-macos-amd64.tar.gz/aderyn-macos-amd64.tar.gz - asset_name: aderyn-macos-amd64.tar.gz - asset_content_type: application/gzip + repository: "cyfrin/homebrew-tap" + token: ${{ secrets.HOMEBREW_TAP_TOKEN }} + # So we have access to the formula + - name: Fetch homebrew formulae + uses: actions/download-artifact@v4 + with: + pattern: artifacts-* + path: Formula/ + merge-multiple: true + # This is extra complex because you can make your Formula name not match your app name + # so we need to find releases with a *.rb file, and publish with that filename. + - name: Commit formula files + run: | + git config --global user.name "${GITHUB_USER}" + git config --global user.email "${GITHUB_EMAIL}" + + for release in $(echo "$PLAN" | jq --compact-output '.releases[] | select([.artifacts[] | endswith(".rb")] | any)'); do + filename=$(echo "$release" | jq '.artifacts[] | select(endswith(".rb"))' --raw-output) + name=$(echo "$filename" | sed "s/\.rb$//") + version=$(echo "$release" | jq .app_version --raw-output) + + export PATH="/home/linuxbrew/.linuxbrew/bin:$PATH" + brew update + # We avoid reformatting user-provided data such as the app description and homepage. + brew style --except-cops FormulaAudit/Homepage,FormulaAudit/Desc,FormulaAuditStrict --fix "Formula/${filename}" || true - - name: Upload Compressed MacOS arm64 Asset - uses: actions/upload-release-asset@v1 + git add "Formula/${filename}" + git commit -m "${name} ${version}" + done + git push + + publish-npm: + needs: + - plan + - host + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PLAN: ${{ needs.plan.outputs.val }} + if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }} + steps: + - name: Fetch npm packages + uses: actions/download-artifact@v4 + with: + pattern: artifacts-* + path: npm/ + merge-multiple: true + - uses: actions/setup-node@v4 + with: + node-version: '20.x' + registry-url: 'https://registry.npmjs.org' + - run: | + for release in $(echo "$PLAN" | jq --compact-output '.releases[] | select([.artifacts[] | endswith("-npm-package.tar.gz")] | any)'); do + pkg=$(echo "$release" | jq '.artifacts[] | select(endswith("-npm-package.tar.gz"))' --raw-output) + npm publish --access public "./npm/${pkg}" + done env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + announce: + needs: + - plan + - host + - publish-homebrew-formula + - publish-npm + # use "always() && ..." to allow us to wait for all publish jobs while + # still allowing individual publish jobs to skip themselves (for prereleases). + # "host" however must run to completion, no skipping allowed! + if: ${{ always() && needs.host.result == 'success' && (needs.publish-homebrew-formula.result == 'skipped' || needs.publish-homebrew-formula.result == 'success') && (needs.publish-npm.result == 'skipped' || needs.publish-npm.result == 'success') }} + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: artifacts/aderyn-macos-arm64.tar.gz/aderyn-macos-arm64.tar.gz - asset_name: aderyn-macos-arm64.tar.gz - asset_content_type: application/gzip + submodules: recursive diff --git a/.github/workflows/reports.yml b/.github/workflows/reports.yml new file mode 100644 index 000000000..5aa320661 --- /dev/null +++ b/.github/workflows/reports.yml @@ -0,0 +1,121 @@ +on: [push, pull_request, workflow_dispatch] + +name: Reports Workflow + +jobs: + reports-setup: + name: Check Reports + runs-on: ubuntu-latest + outputs: + rust-nightly: nightly-2025-01-01 + + strategy: + matrix: + task: + - report-workflow + - uniswap_profile-workflow + - sablier + - adhoc-sol-files-workflow + - nft-workflow + - ccip-functions-report + - hardhat-playground-report + - prb-math-report + - report-json + - adhoc-sol-files-highs-only-json + - sarif-report + - empty-report + + steps: + - name: Install Foundry Toolchain + uses: foundry-rs/foundry-toolchain@v1.2.0 + + - name: Checkout Sources + uses: actions/checkout@v4 + + - name: Install Rust Nightly (2025-01-01) + uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: nightly-2025-01-01 + override: true + + - name: Cache Rust Dependencies + uses: Swatinem/rust-cache@v2 + + - name: Checkout Submodules + run: git submodule update --init --recursive + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: 20 + cache: 'npm' + + - name: Install pnpm + uses: pnpm/action-setup@v4 + with: + version: 8 + + - name: Install JS Dependencies + run: | + pnpm install --prefix tests/2024-05-Sablier/v2-core + pnpm install --prefix tests/prb-math/ + + - name: Checkout Sources + uses: actions/checkout@v4 + + - name: Restore Rust Cache + uses: Swatinem/rust-cache@v2 + + - name: Generate Report (${{ matrix.task }}) + run: | + case "${{ matrix.task }}" in + report-workflow) + cargo run -- -o ./reports/report-workflow.md --src src/ ./tests/contract-playground/ --skip-update-check + diff ./reports/report.md ./reports/report-workflow.md + ;; + uniswap_profile-workflow) + FOUNDRY_PROFILE=uniswap cargo run -- -o ./reports/uniswap_profile-workflow.md ./tests/contract-playground/ --skip-update-check + diff reports/uniswap_profile.md reports/uniswap_profile-workflow.md + ;; + sablier) + FOUNDRY_PROFILE=uniswap cargo run -- -o ./reports/sablier.md ./tests/2024-05-Sablier --skip-update-check + diff reports/sablier-aderyn-toml-nested-root.md reports/sablier.md + ;; + adhoc-sol-files-workflow) + cargo run -- -o ./reports/adhoc-sol-files-report-workflow.md ./tests/adhoc-sol-files --skip-update-check + diff ./reports/adhoc-sol-files-report.md ./reports/adhoc-sol-files-report-workflow.md + ;; + nft-workflow) + cargo run -- -o ./reports/nft-workflow-report.md --src src/ ./tests/foundry-nft-f23 --skip-update-check + diff ./reports/nft-report.md ./reports/nft-workflow-report.md + ;; + ccip-functions-report) + cargo run -- -o reports/ccip-functions-report-workflow.md tests/ccip-contracts/contracts --src src/v0.8/functions/ -x "tests/,test/,mocks/" --skip-update-check + diff ./reports/ccip-functions-report.md ./reports/ccip-functions-report-workflow.md + ;; + hardhat-playground-report) + cargo run -- tests/hardhat-js-playground -o reports/hardhat-playground-report-workflow.md --skip-update-check + diff ./reports/hardhat-playground-report.md ./reports/hardhat-playground-report-workflow.md + ;; + prb-math-report) + cargo run -- ./tests/prb-math -o ./reports/prb-math-report-workflow.md --skip-update-check + diff ./reports/prb-math-report.md ./reports/prb-math-report-workflow.md + ;; + report-json) + cargo run -- -o ./reports/report-workflow.json -i src/ -x lib/ ./tests/contract-playground/ --skip-update-check + diff ./reports/report.json ./reports/report-workflow.json + ;; + adhoc-sol-files-highs-only-json) + cargo run -- -o ./reports/adhoc-sol-files-highs-only-report-workflow.json ./tests/adhoc-sol-files --skip-update-check --highs-only + diff ./reports/adhoc-sol-files-highs-only-report.json ./reports/adhoc-sol-files-highs-only-report-workflow.json + ;; + sarif-report) + cargo run -- -o ./reports/ci-report.sarif ./tests/contract-playground/ --skip-update-check + diff ./reports/report.sarif ./reports/ci-report.sarif + ;; + empty-report) + cargo run -- tests/contract-playground -o reports/empty_report_workflow.md -i IgnoreEverything.sol + diff ./reports/empty_report.md ./reports/empty_report_workflow.md + ;; + esac diff --git a/.github/workflows/web.yml b/.github/workflows/web.yml new file mode 100644 index 000000000..6d857512d --- /dev/null +++ b/.github/workflows/web.yml @@ -0,0 +1,88 @@ +# Workflow to build your docs with oranda (and mdbook) +# and deploy them to Github Pages +name: Web + +# We're going to push to the gh-pages branch, so we need that permission +permissions: + contents: write + +# What situations do we want to build docs in? +# All of these work independently and can be removed / commented out +# if you don't want oranda/mdbook running in that situation +on: + # Check that a PR didn't break docs! + # + # Note that the "Deploy to Github Pages" step won't run in this mode, + # so this won't have any side-effects. But it will tell you if a PR + # completely broke oranda/mdbook. Sadly we don't provide previews (yet)! + # Whenever something gets pushed to main, update the docs! + # This is great for getting docs changes live without cutting a full release. + # + # Note that if you're using cargo-dist, this will "race" the Release workflow + # that actually builds the Github Release that oranda tries to read (and + # this will almost certainly complete first). As a result you will publish + # docs for the latest commit but the oranda landing page won't know about + # the latest release. The workflow_run trigger below will properly wait for + # cargo-dist, and so this half-published state will only last for ~10 minutes. + # + # If you only want docs to update with releases, disable this, or change it to + # a "release" branch. You can, of course, also manually trigger a workflow run + # when you want the docs to update. + pull_request: + push: + tags: + - '**[0-9]+.[0-9]+.[0-9]+*' + + # Whenever a workflow called "Release" completes, update the docs! + # + # If you're using cargo-dist, this is recommended, as it will ensure that + # oranda always sees the latest release right when it's available. Note + # however that Github's UI is wonky when you use workflow_run, and won't + # show this workflow as part of any commit. You have to go to the "actions" + # tab for your repo to see this one running (the gh-pages deploy will also + # only show up there). + workflow_run: + workflows: [ "Release" ] + types: + - completed + +# Alright, let's do it! +jobs: + web: + name: Build and deploy site and docs + runs-on: ubuntu-latest + steps: + # Setup + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - uses: dtolnay/rust-toolchain@stable + - uses: swatinem/rust-cache@v2 + + # If you use any mdbook plugins, here's the place to install them! + + # Install and run oranda (and mdbook)! + # + # This will write all output to ./public/ (including copying mdbook's output to there). + - name: Install and run oranda + run: | + curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/oranda/releases/latest/download/oranda-installer.sh | sh + oranda build + + # Deploy to our gh-pages branch (creating it if it doesn't exist). + # The "public" dir that oranda made above will become the root dir + # of this branch. + # + # Note that once the gh-pages branch exists, you must + # go into repo's settings > pages and set "deploy from branch: gh-pages". + # The other defaults work fine. + - name: Deploy to Github Pages + uses: JamesIves/github-pages-deploy-action@v4.4.1 + # ONLY if we're on dev (so no PRs or feature branches allowed!) + if: ${{ github.ref == 'refs/heads/dev' }} + with: + branch: gh-pages + # Gotta tell the action where to find oranda's output + folder: public + token: ${{ secrets.GITHUB_TOKEN }} + single-commit: true diff --git a/.gitignore b/.gitignore index 32809187d..824c8a83a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,6 @@ /target .DS_Store .venv -debug/ \ No newline at end of file +debug/ +# Generated by `oranda generate ci` +public/ \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index 9eb38c1b2..ef4137675 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1,6 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 3 +version = 4 [[package]] name = "Inflector" @@ -23,7 +23,7 @@ dependencies = [ [[package]] name = "aderyn" -version = "0.3.3" +version = "0.3.4" dependencies = [ "aderyn_driver", "clap", @@ -44,7 +44,7 @@ dependencies = [ [[package]] name = "aderyn_core" -version = "0.3.3" +version = "0.3.4" dependencies = [ "crossbeam-channel", "cyfrin-foundry-compilers", @@ -70,7 +70,7 @@ dependencies = [ [[package]] name = "aderyn_driver" -version = "0.3.3" +version = "0.3.4" dependencies = [ "aderyn_core", "criterion", @@ -86,15 +86,6 @@ dependencies = [ "tower-lsp", ] -[[package]] -name = "aderyn_py" -version = "0.3.3" -dependencies = [ - "aderyn_driver", - "field_access", - "pyo3", -] - [[package]] name = "adler" version = "1.0.2" @@ -1860,12 +1851,6 @@ dependencies = [ "hashbrown", ] -[[package]] -name = "indoc" -version = "2.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b248f5224d1d606005e02c97f5aa4e88eeb230488bcc03bc9ca4d7991399f2b5" - [[package]] name = "inlinable_string" version = "0.1.15" @@ -2156,15 +2141,6 @@ dependencies = [ "libc", ] -[[package]] -name = "memoffset" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a" -dependencies = [ - "autocfg", -] - [[package]] name = "mime" version = "0.3.17" @@ -2563,12 +2539,6 @@ dependencies = [ "plotters-backend", ] -[[package]] -name = "portable-atomic" -version = "1.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da544ee218f0d287a911e9c99a39a8c9bc8fcad3cb8db5959940044ecfc67265" - [[package]] name = "ppv-lite86" version = "0.2.18" @@ -2670,69 +2640,6 @@ dependencies = [ "unarray", ] -[[package]] -name = "pyo3" -version = "0.22.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "831e8e819a138c36e212f3af3fd9eeffed6bf1510a805af35b0edee5ffa59433" -dependencies = [ - "cfg-if", - "indoc", - "libc", - "memoffset", - "once_cell", - "portable-atomic", - "pyo3-build-config", - "pyo3-ffi", - "pyo3-macros", - "unindent", -] - -[[package]] -name = "pyo3-build-config" -version = "0.22.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e8730e591b14492a8945cdff32f089250b05f5accecf74aeddf9e8272ce1fa8" -dependencies = [ - "once_cell", - "target-lexicon", -] - -[[package]] -name = "pyo3-ffi" -version = "0.22.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e97e919d2df92eb88ca80a037969f44e5e70356559654962cbb3316d00300c6" -dependencies = [ - "libc", - "pyo3-build-config", -] - -[[package]] -name = "pyo3-macros" -version = "0.22.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb57983022ad41f9e683a599f2fd13c3664d7063a3ac5714cae4b7bee7d3f206" -dependencies = [ - "proc-macro2", - "pyo3-macros-backend", - "quote", - "syn 2.0.72", -] - -[[package]] -name = "pyo3-macros-backend" -version = "0.22.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec480c0c51ddec81019531705acac51bcdbeae563557c982aa8263bb96880372" -dependencies = [ - "heck 0.5.0", - "proc-macro2", - "pyo3-build-config", - "quote", - "syn 2.0.72", -] - [[package]] name = "quick-error" version = "1.2.3" @@ -3695,12 +3602,6 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" -[[package]] -name = "target-lexicon" -version = "0.12.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1" - [[package]] name = "tempfile" version = "3.10.1" @@ -4067,12 +3968,6 @@ version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" -[[package]] -name = "unindent" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7de7d73e1754487cb58364ee906a499937a0dfabd86bcb980fa99ec8c8fa2ce" - [[package]] name = "untrusted" version = "0.9.0" diff --git a/Cargo.toml b/Cargo.toml index 668dd16c5..1dd6c43bf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -3,7 +3,6 @@ members = [ "aderyn", "aderyn_core", "aderyn_driver", - "aderyn_py", ] resolver="1" @@ -19,3 +18,8 @@ lto = true [profile.dev.package."*"] opt-level = 3 + +# The profile that 'dist' will build with +[profile.dist] +inherits = "release" +lto = "thin" diff --git a/aderyn/Cargo.toml b/aderyn/Cargo.toml index 340d6c10e..1b446024d 100644 --- a/aderyn/Cargo.toml +++ b/aderyn/Cargo.toml @@ -1,11 +1,13 @@ [package] name = "aderyn" -version = "0.3.3" +version = "0.3.4" edition = "2021" authors = ["Cyfrin "] description = "Rust based Solidity AST analyzer" license = "MIT" default-run = "aderyn" +repository = "https://github.com/cyfrin/aderyn" +homepage = "https://github.com/cyfrin/aderyn" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/aderyn/oranda.json b/aderyn/oranda.json new file mode 100644 index 000000000..e68f71076 --- /dev/null +++ b/aderyn/oranda.json @@ -0,0 +1,14 @@ +{ + "build": { + "path_prefix": "aderyn" + }, + "styles": { + "favicon": "https://www.axo.dev/favicon.ico", + "theme": "axo_dark" + }, + "components": { + "artifacts": { + "cargo_dist": true + } + } +} diff --git a/aderyn/src/lib.rs b/aderyn/src/lib.rs index 2ee753a5b..b7dae0e5c 100644 --- a/aderyn/src/lib.rs +++ b/aderyn/src/lib.rs @@ -97,7 +97,7 @@ pub fn aderyn_is_currently_running_newest_version() -> Option { client.get("https://api.github.com/repos/Cyfrin/aderyn/releases/latest").send().ok()?; let data = latest_version_checker.json::().ok()?; - let version_string = data["tag_name"].as_str()?; + let version_string = data.get("tag_name")?.as_str()?; let newest = Version::parse(version_string.replace('v', "").as_str()).ok()?; let current = Version::parse(env!("CARGO_PKG_VERSION")).expect("Pkg version not available"); diff --git a/aderyn_core/Cargo.toml b/aderyn_core/Cargo.toml index 138034914..f7837ac51 100644 --- a/aderyn_core/Cargo.toml +++ b/aderyn_core/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "aderyn_core" -version = "0.3.3" +version = "0.3.4" edition = "2021" authors = ["Cyfrin "] description = "Rust based Solidity AST analyzer backend" diff --git a/aderyn_driver/Cargo.toml b/aderyn_driver/Cargo.toml index 0e99b2f83..e334ef29e 100644 --- a/aderyn_driver/Cargo.toml +++ b/aderyn_driver/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "aderyn_driver" -version = "0.3.3" +version = "0.3.4" edition = "2021" authors = ["Cyfrin "] description = "Rust based Solidity AST analyzer driver" diff --git a/aderyn_py/Cargo.toml b/aderyn_py/Cargo.toml deleted file mode 100644 index 640b2194a..000000000 --- a/aderyn_py/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "aderyn_py" -version = "0.3.3" -edition = "2021" -authors = ["Cyfrin "] -description = "Rust based Solidity AST analyzer python bindings" -license = "MIT" - -# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html - -[lib] -name = "aderynpy" -# "cdylib" is necessary to produce a shared library for Python to import from. -crate-type = ["cdylib"] - -[dependencies] -aderyn_driver = { path = "../aderyn_driver", version = "0.3.3" } -field_access = "0.1.8" - -[dependencies.pyo3] -version = "0.22.2" -# "abi3-py38" tells pyo3 (and maturin) to build using the stable ABI with minimum Python version 3.8 -features = ["abi3-py38"] diff --git a/aderyn_py/pyproject.toml b/aderyn_py/pyproject.toml deleted file mode 100644 index 4d60e6342..000000000 --- a/aderyn_py/pyproject.toml +++ /dev/null @@ -1,7 +0,0 @@ -[build-system] -requires = ["maturin>=1.0,<2.0"] -build-backend = "maturin" - -[tool.maturin] -# "extension-module" tells pyo3 we want to build an extension module (skips linking against libpython.so) -features = ["pyo3/extension-module"] diff --git a/aderyn_py/requirements.txt b/aderyn_py/requirements.txt deleted file mode 100644 index cb6f7b95b..000000000 --- a/aderyn_py/requirements.txt +++ /dev/null @@ -1,2 +0,0 @@ -pytest==8.3.2 -maturin==1.7.0 \ No newline at end of file diff --git a/aderyn_py/src/lib.rs b/aderyn_py/src/lib.rs deleted file mode 100644 index bcc4b09ec..000000000 --- a/aderyn_py/src/lib.rs +++ /dev/null @@ -1,55 +0,0 @@ -#![allow(unused)] - -use aderyn_driver::driver; -use field_access::{FieldAccess, FieldMut}; - -fn main() { - use pyo3::{ - prelude::*, - types::{PyBool, PyDict}, - }; - - #[pyfunction] - #[pyo3(signature = (root, output, **py_kwargs))] - fn generate_report(root: String, output: String, py_kwargs: Option<&Bound<'_, PyDict>>) { - let mut args = driver::Args { - root, - output, - src: None, - no_snippets: false, - skip_cloc: false, - path_includes: None, - path_excludes: None, - stdout: false, - skip_update_check: false, - auditor_mode: false, - highs_only: false, - lsp: false, - }; - - if let Some(kwargs) = py_kwargs { - kwargs.iter().for_each(|(py_key, py_value)| { - let rust_key: String = py_key.extract().unwrap(); - if py_value.is_instance_of::() { - let rust_value: bool = py_value.extract().unwrap(); - args.field_mut(&rust_key).unwrap().replace(rust_value); - } else { - let rust_value: Vec = py_value.extract().unwrap_or_default(); - args.field_mut(&rust_key).unwrap().replace(Some(rust_value)); - } - }) - } - - driver::drive(args); - } - - /// A Python module implemented in Rust. The name of this function must match - /// the `lib.name` setting in the `Cargo.toml`, else Python will not be able to - /// import the module. - #[pymodule] - fn aderynpy(m: &Bound<'_, PyModule>) -> PyResult<()> { - m.add_function(wrap_pyfunction!(generate_report, m)?)?; - - Ok(()) - } -} diff --git a/aderyn_py/tests/test_generate_report.py b/aderyn_py/tests/test_generate_report.py deleted file mode 100644 index 8d932c9f6..000000000 --- a/aderyn_py/tests/test_generate_report.py +++ /dev/null @@ -1,27 +0,0 @@ -import subprocess -import pytest -from aderynpy import generate_report - -@pytest.mark.parametrize("root, report", [ - ("../tests/contract-playground", "../reports/report.md"), - ("../tests/2024-05-Sablier", "../reports/sablier-aderyn-toml-nested-root.md"), - ("../tests/adhoc-sol-files", "../reports/adhoc-sol-files-report.md"), - ("../tests/foundry-nft-f23", "../reports/nft-report.md"), - ("../tests/prb-math", "../reports/prb-math-report.md"), -]) -def test_generate_report(root, report): - # Define output file path - out_file = f"./{root.split('../')[-1]}-workflow.md" - - # Call the generate_report function - generate_report(root, out_file) - - # Run the diff command to compare the generated report with the original report - result = subprocess.run( - ["diff", str(out_file), report], - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - ) - - # Check if diff command found any differences (result.returncode == 0 means no differences) - assert result.returncode == 1 diff --git a/dist-workspace.toml b/dist-workspace.toml new file mode 100644 index 000000000..525f08b04 --- /dev/null +++ b/dist-workspace.toml @@ -0,0 +1,23 @@ +[workspace] +members = ["cargo:."] + +# Config for 'dist' +[dist] +# The preferred dist version to use in CI (Cargo.toml SemVer syntax) +cargo-dist-version = "0.28.0" +# CI backends to support +ci = "github" +# The installers to generate for each app +installers = ["shell", "npm", "homebrew"] +# A GitHub repo to push Homebrew formulas to +tap = "cyfrin/homebrew-tap" +# Target platforms to build apps for (Rust target-triple syntax) +targets = ["aarch64-apple-darwin", "aarch64-unknown-linux-gnu", "x86_64-apple-darwin", "x86_64-unknown-linux-gnu", "x86_64-unknown-linux-musl"] +# A namespace to use when publishing this package to the npm registry +npm-scope = "@cyfrin" +# Path that installers should place binaries in +install-path = "CARGO_HOME" +# Publish jobs to run in CI +publish-jobs = ["homebrew", "npm"] +# Whether to install an updater program +install-updater = true diff --git a/reports/report.sarif b/reports/report.sarif index 41e8e77b4..eb5cb5951 100644 --- a/reports/report.sarif +++ b/reports/report.sarif @@ -11921,8 +11921,8 @@ "informationUri": "https://github.com/Cyfrin/aderyn", "name": "Aderyn", "organization": "Cyfrin", - "semanticVersion": "0.3.3", - "version": "0.3.3" + "semanticVersion": "0.3.4", + "version": "0.3.4" } } } diff --git a/rust-toolchain.toml b/rust-toolchain.toml new file mode 100644 index 000000000..1995b1f5f --- /dev/null +++ b/rust-toolchain.toml @@ -0,0 +1,2 @@ +[toolchain] +channel = "nightly-2025-01-01"