Address v2.1.0 evaluation feedback and bump to v2.2.0 (#9)

Fix four issues identified in the v2.1.0 evaluation:

1. Fix symlink false positive in path validation (Critical)
   - Changed os.path.abspath() to os.path.realpath() to resolve symlinks
   - Fixes false path traversal errors on macOS where /tmp -> /private/tmp

2. Fix exclude_paths to match subdirectories (Medium)
   - Added path_matches_exclusion() helper supporting both prefix and component matching
   - exclude_paths=["test/"] now matches both "test/foo.sol" and "src/test/foo.sol"
   - Updated 5 tools: list_contracts, search_contracts, search_functions,
     run_detectors, find_dead_code

3. Add invalid detector name validation (Low)
   - Added invalid_detector_names field to RunDetectorsResponse
   - Validates requested detector names against available detectors
   - Returns list of unrecognized names in response

4. Fix list_function_implementations for inherited functions (Low)
   - Now checks both functions_declared and functions_inherited
   - Updated resolve_function_implementations in types.py

Also:
- Update ruff-pre-commit from v0.8.0 to v0.14.13
- Rename hook id from 'ruff' to 'ruff-check' (new convention)
- Modernize code with pyupgrade rules (set comprehensions, dict.fromkeys)

Tests:
- Added 10 tests for path_matches_exclusion helper
- Added subdirectory exclusion test for list_contracts
- Added 3 tests for invalid detector name validation

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

Author: dguido

.pre-commit-config.yaml

@@ -4,9 +4,9 @@
 
 repos:
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.8.0
+    rev: v0.14.13
     hooks:
-      - id: ruff
+      - id: ruff-check
         args: [--fix]
       - id: ruff-format
 

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "slither-mcp"
-version = "2.1.0"
+version = "2.2.0"
 description = "MCP server for Slither static analysis of Solidity contracts"
 readme = "README.md"
 requires-python = ">=3.11"

slither_mcp/tools/export_call_graph.py

@@ -203,7 +203,7 @@ def export_call_graph(
         truncated = len(nodes) > request.max_nodes
         if truncated:
             # Calculate node degrees (in + out edges) to prioritize connected nodes
-            node_degrees: dict[str, int] = {n: 0 for n in nodes}
+            node_degrees: dict[str, int] = dict.fromkeys(nodes, 0)
             for from_node, to_node, _ in edges:
                 if from_node in node_degrees:
                     node_degrees[from_node] += 1

slither_mcp/tools/find_dead_code.py

@@ -10,7 +10,7 @@
     TEST_FUNCTION_PREFIX,
 )
 from slither_mcp.pagination import PaginatedRequest, apply_pagination
-from slither_mcp.types import ContractKey, FunctionKey, ProjectFacts
+from slither_mcp.types import ContractKey, FunctionKey, ProjectFacts, path_matches_exclusion
 
 
 class DeadCodeFunction(BaseModel):
@@ -185,7 +185,7 @@ def find_dead_code(
 
             # Skip contracts matching exclude_paths
             if request.exclude_paths:
-                if any(contract_key.path.startswith(p) for p in request.exclude_paths):
+                if path_matches_exclusion(contract_key.path, request.exclude_paths):
                     continue
 
             # Check declared functions

slither_mcp/tools/list_contracts.py

@@ -8,6 +8,7 @@
 from slither_mcp.types import (
     ContractKey,
     ProjectFacts,
+    path_matches_exclusion,
 )
 
 
@@ -73,7 +74,7 @@ def list_contracts(
     for key, model in project_facts.contracts.items():
         # Apply exclude_paths filter
         if request.exclude_paths:
-            if any(key.path.startswith(p) for p in request.exclude_paths):
+            if path_matches_exclusion(key.path, request.exclude_paths):
                 continue
 
         # Apply filter_type
@@ -116,9 +117,7 @@ def list_contracts(
             contracts.sort(key=lambda c: c.function_count, reverse=reverse)
 
     # Apply pagination
-    contracts, total_count, has_more = apply_pagination(
-        contracts, request.offset, request.limit
-    )
+    contracts, total_count, has_more = apply_pagination(contracts, request.offset, request.limit)
 
     return ListContractsResponse(
         success=True, contracts=contracts, total_count=total_count, has_more=has_more

slither_mcp/tools/list_function_implementations.py

@@ -105,7 +105,10 @@ def list_function_implementations(
     implementations = []
     for impl_contract in implementing_contracts:
         # Get the function model to extract visibility and modifiers
+        # Check both declared and inherited functions
         func_model = impl_contract.functions_declared.get(request.function_signature)
+        if not func_model:
+            func_model = impl_contract.functions_inherited.get(request.function_signature)
         if func_model:
             implementations.append(
                 ImplementationInfo(

slither_mcp/tools/list_functions.py

@@ -19,9 +19,7 @@ class FunctionInfo(BaseModel):
     visibility: str
     solidity_modifiers: list[str]
     is_declared: bool  # True if declared, False if inherited
-    line_count: Annotated[
-        int, Field(description="Number of lines in the function")
-    ] = 0
+    line_count: Annotated[int, Field(description="Number of lines in the function")] = 0
 
 
 class ListFunctionsRequest(PaginatedRequest):
@@ -90,9 +88,7 @@ def list_functions(
 
             # Apply modifiers filter
             if request.has_modifiers:
-                if not any(
-                    mod in func_model.solidity_modifiers for mod in request.has_modifiers
-                ):
+                if not any(mod in func_model.solidity_modifiers for mod in request.has_modifiers):
                     continue
 
             # Calculate line count
@@ -120,9 +116,7 @@ def list_functions(
 
             # Apply modifiers filter
             if request.has_modifiers:
-                if not any(
-                    mod in func_model.solidity_modifiers for mod in request.has_modifiers
-                ):
+                if not any(mod in func_model.solidity_modifiers for mod in request.has_modifiers):
                     continue
 
             # Calculate line count
@@ -148,9 +142,7 @@ def list_functions(
         # Define visibility order for sorting
         visibility_order = {"external": 0, "public": 1, "internal": 2, "private": 3}
         if request.sort_by == "name":
-            functions.sort(
-                key=lambda f: f.function_key.signature.lower(), reverse=reverse
-            )
+            functions.sort(key=lambda f: f.function_key.signature.lower(), reverse=reverse)
         elif request.sort_by == "visibility":
             functions.sort(
                 key=lambda f: visibility_order.get(f.visibility.lower(), 4),
@@ -160,9 +152,7 @@ def list_functions(
             functions.sort(key=lambda f: f.line_count, reverse=reverse)
 
     # Apply pagination
-    functions, total_count, has_more = apply_pagination(
-        functions, request.offset, request.limit
-    )
+    functions, total_count, has_more = apply_pagination(functions, request.offset, request.limit)
 
     return ListFunctionsResponse(
         success=True, functions=functions, total_count=total_count, has_more=has_more

slither_mcp/tools/run_detectors.py

@@ -8,6 +8,7 @@
 from slither_mcp.types import (
     DetectorResult,
     ProjectFacts,
+    path_matches_exclusion,
 )
 
 
@@ -36,6 +37,10 @@ class RunDetectorsResponse(BaseModel):
     has_more: Annotated[
         bool, Field(description="True if there are more results beyond this page")
     ] = False
+    invalid_detector_names: Annotated[
+        list[str] | None,
+        Field(description="Detector names that were requested but not recognized"),
+    ] = None
     error_message: str | None = None
 
 
@@ -57,6 +62,14 @@ def run_detectors(
     """
     try:
         all_results = []
+        invalid_names: list[str] = []
+
+        # Validate detector names if provided
+        if request.detector_names:
+            available_names = {d.name.lower() for d in project_facts.available_detectors}
+            invalid_names = [
+                name for name in request.detector_names if name.lower() not in available_names
+            ]
 
         # Collect results from all detectors or filtered detectors
         if request.detector_names:
@@ -91,7 +104,7 @@ def run_detectors(
                     filtered_results.append(result)
                     continue
                 has_non_excluded_location = any(
-                    not any(loc.file_path.startswith(p) for p in request.exclude_paths)
+                    not path_matches_exclusion(loc.file_path, request.exclude_paths)
                     for loc in result.source_locations
                 )
                 if has_non_excluded_location:
@@ -104,7 +117,11 @@ def run_detectors(
         )
 
         return RunDetectorsResponse(
-            success=True, results=all_results, total_count=total_count, has_more=has_more
+            success=True,
+            results=all_results,
+            total_count=total_count,
+            has_more=has_more,
+            invalid_detector_names=invalid_names if invalid_names else None,
         )
     except Exception as e:
         return RunDetectorsResponse(

slither_mcp/tools/search_contracts.py

@@ -6,7 +6,12 @@
 
 from slither_mcp.pagination import apply_pagination
 from slither_mcp.search import SearchError, compile_pattern, validate_pattern
-from slither_mcp.types import ContractKey, JSONStringTolerantModel, ProjectFacts
+from slither_mcp.types import (
+    ContractKey,
+    JSONStringTolerantModel,
+    ProjectFacts,
+    path_matches_exclusion,
+)
 
 
 class SearchContractsRequest(JSONStringTolerantModel):
@@ -84,9 +89,7 @@ def search_contracts(
     # Apply exclude_paths filter
     if request.exclude_paths:
         matches = [
-            key
-            for key in matches
-            if not any(key.path.startswith(p) for p in request.exclude_paths)
+            key for key in matches if not path_matches_exclusion(key.path, request.exclude_paths)
         ]
 
     matches, total_count, has_more = apply_pagination(matches, request.offset, request.limit)

slither_mcp/tools/search_functions.py

@@ -6,7 +6,12 @@
 
 from slither_mcp.pagination import apply_pagination
 from slither_mcp.search import SearchError, compile_pattern, validate_pattern
-from slither_mcp.types import FunctionKey, JSONStringTolerantModel, ProjectFacts
+from slither_mcp.types import (
+    FunctionKey,
+    JSONStringTolerantModel,
+    ProjectFacts,
+    path_matches_exclusion,
+)
 
 
 class SearchFunctionsRequest(JSONStringTolerantModel):
@@ -98,7 +103,7 @@ def search_functions(
     for contract_key, contract_model in project_facts.contracts.items():
         # Apply exclude_paths filter
         if request.exclude_paths:
-            if any(contract_key.path.startswith(p) for p in request.exclude_paths):
+            if path_matches_exclusion(contract_key.path, request.exclude_paths):
                 continue
 
         # Search declared functions