v0.0.17

• Fixes:
  • Parent corruption in identifiers.
  • CLOC panic when an empty solidity file is input.
• Remove aderyn_nodejs until a better solution is found.
• Output to stdout with --stdout arg. (useful for toolchains)
• ASTNode abstractions:
  • capture! allows for abstracted ASTNode types to be passed in as well as specific node types - Makes capturing cleaner.
  • x.closest_parent_of_type(context, NodeType::Block) where x can be an ASTNode type instead of a specific type.
• New Detectors:
  • NC: Internal functions used only once could be inlined
  • NC: Large literals should be replaced with scientific notation

v0.0.16

• Changed BTreeMap structure to include the exact source location as well as contract path and line number.
• Print the exact src location in the json output for tool usage
• Improvements to the Constants instead of Literals detector
• id() method for AST Nodes
• nyth accepts same flags as aderyn
• AST traversal:
  • .parent() accessor
  • GetParent replaced with new "closest parent of type X"
  • Full parent chain retrieval
• ADERYN_CLOC_SKIP=1 flag to skip line counting
• Better framework error message

v0.0.15

• Detectors run in parallel.
• Readme files in each major crate.
• FunctionCallOptions extractor.
• Nyth - errors when init run on an existing folder.
• Revamped parent node retrieval.
• Alter foundry driver to account for Foundry removing AST from the output by default

v0.0.14

• NEW: judgeops - a tool for judging the effectiveness of detectors
• Fix: Handle instances in Foundry where two contracts are in different directories but have the same name. (fixes #169 )
• Tech Debt: Naming fixes to delineate between Issue and Reusable Detectors
• Reintroduce getters in WorkspaceContext

v0.0.13

aderyn:

• FIX: Windows contract path issue (#153 )
• DevEx:
  • More readable detector imports.
  • Name change: ContextLoader -> WorkspaceContext.
• New Features:
  • aderyn.config.json.
  • default ROOT option is now ., so aderyn can be run by itself without args.
  • Detectors are split into two types: IssueDetectors and ReusableDetectors.

nyth:

• FIX: Extractors now available in nyth projects.
• Commands:
  • nyth init to create a new nyth bot
  • nyth new <DETECTOR_TYPE> <DETECTOR_NAME> to create a detector.
    • DETECTOR_TYPE options: issue and reusable
    • DETECTOR_NAME no longer needs the path, it only needs the name.
    • This command must be run from inside the bot now.

v0.0.12

Fixes:

• Length of a TypeName can be any Expression - fixing #104
• Line number issues - fixing #118

New Features:

• capture macro to make detectors more readable
• Ability to run external detectors
• Detector development framework (nyth)

v0.0.11

• UX Features:
  • --no-snippets flag to prevent code snippets being printed in the report.
  • --scope option to only include paths that contain any of the input strings.
  • --exclude option to exclude paths that contain any of the input strings.
  • Remove different_storage_conditionals detector due to non-determinism.
• DevEx Features:
  • Extractor Pattern - Enable detectors to extract any node type at any depth from a node. For example, extract all VariableDeclarations inside a ContractDefinition. This will extract every instance of VariableDefinition, whether defined as state variables, local function variables, parameter definitions, and in any other location.
  • GetParent Pattern - Enables detectors to find the parent SourceUnit, ContractDefinition, FunctionDefinition and ModifierDefinition of any node. This makes traversing up the tree possible (albeit not as feature-complete as the Extractor pattern.
  • capture macro reduces the cognitive load to writing detectors by providing a simple issue-capturing function.
• Bug Fixes:
  • AST TypeName length can be an Expression.
  • Incorrect line numbers and snippets when non-ASCII chars are present in the source file.

v0.0.10

• New ContextBrowser, injected into the detect function, makes building detectors easier.
• Detectors:
  • New Detector: Arbitrary from passed to transferFrom
  • Fix push0 Solidity version detector accuracy on ranges.
• Yul visitor support
• Bug fixes:
  • Read all available foundry output files when more than a single compiler is used
  • Correct nSLOC count on contracts with unconventional comment structures

v0.0.9

Detectors:

• New: Arbitrary from passed to transferFrom Detector.
• Fix: Overzealous solmate detector now only catches the import directives.
• Fix: push0 opcode for versions 0.8.20 and above fixed to be more precise in various pragma formats.

v0.0.8

• Python bindings generator.
• JSON report file when -o <FILE_NAME> has a .json suffix.
• Markdown report features:
  • Code snippets in the report, display the code that is detected by a detector.
  • ctrl+click links in the report to open up the exact file and line where the issue occurs.
• Bug fix: Handle multiple build-info files in hardhat mode.
• Detector: Low: Solc v0.8.20 introduces PUSH0 opcode, which not all EVM chains support.