solidity-argus 0.2.0 → 0.3.0

package/src/utils/dependency-scanner.ts

@@ -1,45 +1,46 @@
 export interface DependencyRisk {
-  package: string;
-  version: string;
-  risk: "high" | "medium" | "low";
-  category: string;
-  recommendation: string;
+  package: string
+  version: string
+  risk: "high" | "medium" | "low"
+  category: string
+  recommendation: string
 }
 
 interface DependencyInput {
-  dependencies?: Record<string, string>;
-  devDependencies?: Record<string, string>;
+  dependencies?: Record<string, string>
+  devDependencies?: Record<string, string>
 }
 
 function parseVersion(raw: string): [number, number, number] {
-  const cleaned = raw.replace(/^[^0-9]*/, "");
-  const parts = cleaned.split(".");
+  const cleaned = raw.replace(/^[^0-9]*/, "")
+  if (!cleaned) {
+    return [0, 0, 0]
+  }
+  const parts = cleaned.split(".")
+  const major = parseInt(parts[0] ?? "0", 10)
+  const minor = parseInt(parts[1] ?? "0", 10)
+  const patch = parseInt(parts[2] ?? "0", 10)
   return [
-    parseInt(parts[0] ?? "0", 10),
-    parseInt(parts[1] ?? "0", 10),
-    parseInt(parts[2] ?? "0", 10),
-  ];
+    Number.isNaN(major) ? 0 : major,
+    Number.isNaN(minor) ? 0 : minor,
+    Number.isNaN(patch) ? 0 : patch,
+  ]
 }
 
-function versionLt(
-  raw: string,
-  major: number,
-  minor: number,
-  patch = 0
-): boolean {
-  const [a, b, c] = parseVersion(raw);
-  if (a !== major) return a < major;
-  if (b !== minor) return b < minor;
-  return c < patch;
+function versionLt(raw: string, major: number, minor: number, patch = 0): boolean {
+  const [a, b, c] = parseVersion(raw)
+  if (a !== major) return a < major
+  if (b !== minor) return b < minor
+  return c < patch
 }
 
 export function scanDependencyRisks(input: DependencyInput): DependencyRisk[] {
-  const risks: DependencyRisk[] = [];
-  const deps = input.dependencies ?? {};
-  const devDeps = input.devDependencies ?? {};
-  const allDeps = { ...deps, ...devDeps };
+  const risks: DependencyRisk[] = []
+  const deps = input.dependencies ?? {}
+  const devDeps = input.devDependencies ?? {}
+  const allDeps = { ...deps, ...devDeps }
 
-  const ozVersion = deps["@openzeppelin/contracts"];
+  const ozVersion = deps["@openzeppelin/contracts"]
   if (ozVersion) {
     if (versionLt(ozVersion, 4, 9)) {
       risks.push({
@@ -49,7 +50,7 @@ export function scanDependencyRisks(input: DependencyInput): DependencyRisk[] {
         category: "known-vulnerability",
         recommendation:
           "Upgrade to @openzeppelin/contracts >= 4.9.0 — known vulnerabilities in OZ < 4.9",
-      });
+      })
     } else if (versionLt(ozVersion, 5, 0)) {
       risks.push({
         package: "@openzeppelin/contracts",
@@ -58,14 +59,13 @@ export function scanDependencyRisks(input: DependencyInput): DependencyRisk[] {
         category: "upgrade-available",
         recommendation:
           "Consider upgrading to OZ v5 for latest patterns and Solidity 0.8.20+ support",
-      });
+      })
     }
   }
 
-  const ozUpgradeableVersion = deps["@openzeppelin/contracts-upgradeable"];
+  const ozUpgradeableVersion = deps["@openzeppelin/contracts-upgradeable"]
   if (ozUpgradeableVersion) {
-    const hasUpgradeTooling =
-      "@openzeppelin/hardhat-upgrades" in allDeps;
+    const hasUpgradeTooling = "@openzeppelin/hardhat-upgrades" in allDeps
     if (!hasUpgradeTooling) {
       risks.push({
         package: "@openzeppelin/contracts-upgradeable",
@@ -74,11 +74,11 @@ export function scanDependencyRisks(input: DependencyInput): DependencyRisk[] {
         category: "missing-tooling",
         recommendation:
           "Add @openzeppelin/hardhat-upgrades to devDependencies for safe upgrade workflows",
-      });
+      })
     }
   }
 
-  const solmateVersion = deps["solmate"];
+  const solmateVersion = deps.solmate
   if (solmateVersion && versionLt(solmateVersion, 6, 0)) {
     risks.push({
       package: "solmate",
@@ -86,8 +86,8 @@ export function scanDependencyRisks(input: DependencyInput): DependencyRisk[] {
       risk: "medium",
       category: "outdated",
       recommendation: "Upgrade solmate to >= 6.0.0 for latest fixes",
-    });
+    })
   }
 
-  return risks;
+  return risks
 }

package/src/utils/project-detector.ts

@@ -1,25 +1,25 @@
-import { existsSync } from "fs";
-import { join, resolve } from "path";
-import { scanDependencyRisks, type DependencyRisk } from "./dependency-scanner";
+import { existsSync } from "node:fs"
+import { join, resolve } from "node:path"
+import { type DependencyRisk, scanDependencyRisks } from "./dependency-scanner"
 
 export interface ProjectConfig {
-  type: "foundry" | "hardhat" | "mixed" | "unknown";
-  srcDir: string;
-  testDir: string;
-  solcVersion?: string;
-  remappings: string[];
-  viaIr: boolean;
-  rootDir: string;
-  optimizer?: { enabled: boolean; runs?: number };
-  evmVersion?: string;
-  profiles?: string[];
-  hasHardhat: boolean;
-  hasFoundry: boolean;
-  dependencies?: Record<string, string>;
-  devDependencies?: Record<string, string>;
-  isUpgradeable: boolean;
-  outDir?: string;
-  dependencyRisks: DependencyRisk[];
+  type: "foundry" | "hardhat" | "mixed" | "unknown"
+  srcDir: string
+  testDir: string
+  solcVersion?: string
+  remappings: string[]
+  viaIr: boolean
+  rootDir: string
+  optimizer?: { enabled: boolean; runs?: number }
+  evmVersion?: string
+  profiles?: string[]
+  hasHardhat: boolean
+  hasFoundry: boolean
+  dependencies?: Record<string, string>
+  devDependencies?: Record<string, string>
+  isUpgradeable: boolean
+  outDir?: string
+  dependencyRisks: DependencyRisk[]
 }
 
 /**
@@ -28,63 +28,63 @@ export interface ProjectConfig {
  * @returns ProjectConfig with detected framework type and settings
  */
 export async function detectProject(dir: string): Promise<ProjectConfig> {
-  const rootDir = resolve(dir);
-  const foundryTomlPath = join(rootDir, "foundry.toml");
-  const hardhatConfigTsPath = join(rootDir, "hardhat.config.ts");
-  const hardhatConfigJsPath = join(rootDir, "hardhat.config.js");
+  const rootDir = resolve(dir)
+  const foundryTomlPath = join(rootDir, "foundry.toml")
+  const hardhatConfigTsPath = join(rootDir, "hardhat.config.ts")
+  const hardhatConfigJsPath = join(rootDir, "hardhat.config.js")
 
-  const hasFoundry = existsSync(foundryTomlPath);
-  const hasHardhatTs = existsSync(hardhatConfigTsPath);
-  const hasHardhatJs = existsSync(hardhatConfigJsPath);
-  const hasHardhat = hasHardhatTs || hasHardhatJs;
+  const hasFoundry = existsSync(foundryTomlPath)
+  const hasHardhatTs = existsSync(hardhatConfigTsPath)
+  const hasHardhatJs = existsSync(hardhatConfigJsPath)
+  const hasHardhat = hasHardhatTs || hasHardhatJs
 
   // Determine project type
-  let type: "foundry" | "hardhat" | "mixed" | "unknown";
+  let type: "foundry" | "hardhat" | "mixed" | "unknown"
   if (hasFoundry && hasHardhat) {
-    type = "mixed";
+    type = "mixed"
   } else if (hasFoundry) {
-    type = "foundry";
+    type = "foundry"
   } else if (hasHardhat) {
-    type = "hardhat";
+    type = "hardhat"
   } else {
-    type = "unknown";
+    type = "unknown"
   }
 
-  let srcDir = "src";
-  let testDir = "test";
-  let solcVersion: string | undefined;
-  let remappings: string[] = [];
-  let viaIr = false;
-  let optimizer: { enabled: boolean; runs?: number } | undefined;
-  let evmVersion: string | undefined;
-  let profiles: string[] | undefined;
-  let outDir: string | undefined;
+  let srcDir = "src"
+  let testDir = "test"
+  let solcVersion: string | undefined
+  let remappings: string[] = []
+  let viaIr = false
+  let optimizer: { enabled: boolean; runs?: number } | undefined
+  let evmVersion: string | undefined
+  let profiles: string[] | undefined
+  let outDir: string | undefined
 
   if (hasFoundry) {
-    const foundryConfig = await parseFoundryToml(foundryTomlPath);
-    srcDir = foundryConfig.srcDir || srcDir;
-    testDir = foundryConfig.testDir || testDir;
-    solcVersion = foundryConfig.solcVersion;
-    remappings = foundryConfig.remappings;
-    viaIr = foundryConfig.viaIr;
-    optimizer = foundryConfig.optimizer;
-    evmVersion = foundryConfig.evmVersion;
-    profiles = foundryConfig.profiles;
-    outDir = foundryConfig.outDir;
-  }
-
-  const remappingsFromTxt = parseRemappingsTxt(rootDir);
+    const foundryConfig = await parseFoundryToml(foundryTomlPath)
+    srcDir = foundryConfig.srcDir || srcDir
+    testDir = foundryConfig.testDir || testDir
+    solcVersion = foundryConfig.solcVersion
+    remappings = foundryConfig.remappings
+    viaIr = foundryConfig.viaIr
+    optimizer = foundryConfig.optimizer
+    evmVersion = foundryConfig.evmVersion
+    profiles = foundryConfig.profiles
+    outDir = foundryConfig.outDir
+  }
+
+  const remappingsFromTxt = parseRemappingsTxt(rootDir)
   if (remappingsFromTxt.length > 0 && remappings.length === 0) {
-    remappings = remappingsFromTxt;
+    remappings = remappingsFromTxt
   }
 
   if (hasHardhat && !hasFoundry) {
-    srcDir = "contracts";
+    srcDir = "contracts"
   }
 
-  const isUpgradeable = existsSync(join(rootDir, ".openzeppelin"));
+  const isUpgradeable = existsSync(join(rootDir, ".openzeppelin"))
 
-  const { dependencies, devDependencies } = await parsePackageJson(rootDir);
+  const { dependencies, devDependencies } = await parsePackageJson(rootDir)
 
   return {
     type,
@@ -104,26 +104,26 @@ export async function detectProject(dir: string): Promise<ProjectConfig> {
     isUpgradeable,
     outDir,
     dependencyRisks: scanDependencyRisks({ dependencies, devDependencies }),
-  };
+  }
 }
 
 /**
  * Parses foundry.toml file using regex-based parsing
  */
 interface FoundryTomlResult {
-  srcDir?: string;
-  testDir?: string;
-  solcVersion?: string;
-  remappings: string[];
-  viaIr: boolean;
-  optimizer?: { enabled: boolean; runs?: number };
-  evmVersion?: string;
-  profiles?: string[];
-  outDir?: string;
+  srcDir?: string
+  testDir?: string
+  solcVersion?: string
+  remappings: string[]
+  viaIr: boolean
+  optimizer?: { enabled: boolean; runs?: number }
+  evmVersion?: string
+  profiles?: string[]
+  outDir?: string
 }
 
 async function parseFoundryToml(filePath: string): Promise<FoundryTomlResult> {
-  const content = await Bun.file(filePath).text();
+  const content = await Bun.file(filePath).text()
 
   const result: FoundryTomlResult = {
     srcDir: undefined,
@@ -131,117 +131,104 @@ async function parseFoundryToml(filePath: string): Promise<FoundryTomlResult> {
     solcVersion: undefined,
     remappings: [],
     viaIr: false,
-  };
+  }
 
-  const profileNames = Array.from(
-    content.matchAll(/\[profile\.(\w+)\]/g),
-    (m) => m[1]!
-  );
+  const profileNames = Array.from(content.matchAll(/\[profile\.(\w+)\]/g), (m) => m[1]).filter(
+    (name): name is string => Boolean(name),
+  )
   if (profileNames.length > 0) {
-    result.profiles = profileNames;
+    result.profiles = profileNames
   }
 
-  const profileDefaultMatch = content.match(
-    /\[profile\.default\]([\s\S]*?)(?:\n\[|$)/
-  );
+  const profileDefaultMatch = content.match(/\[profile\.default\]([\s\S]*?)(?:\n\[|$)/)
   if (!profileDefaultMatch || !profileDefaultMatch[1]) {
-    return result;
+    return result
   }
 
-  const profileSection = profileDefaultMatch[1];
+  const profileSection = profileDefaultMatch[1]
 
-  const srcMatch = profileSection.match(/^\s*src\s*=\s*["']([^"']+)["']/m);
+  const srcMatch = profileSection.match(/^\s*src\s*=\s*["']([^"']+)["']/m)
   if (srcMatch?.[1]) {
-    result.srcDir = srcMatch[1];
+    result.srcDir = srcMatch[1]
   }
 
-  const testMatch = profileSection.match(/^\s*test\s*=\s*["']([^"']+)["']/m);
+  const testMatch = profileSection.match(/^\s*test\s*=\s*["']([^"']+)["']/m)
   if (testMatch?.[1]) {
-    result.testDir = testMatch[1];
+    result.testDir = testMatch[1]
   }
 
-  const solcMatch = profileSection.match(/^\s*solc\s*=\s*["']([^"']+)["']/m);
+  const solcMatch = profileSection.match(/^\s*solc\s*=\s*["']([^"']+)["']/m)
   if (solcMatch?.[1]) {
-    result.solcVersion = solcMatch[1];
+    result.solcVersion = solcMatch[1]
   }
 
-  const viaIrMatch = profileSection.match(/^\s*via[_-]ir\s*=\s*(true|false)/m);
+  const viaIrMatch = profileSection.match(/^\s*via[_-]ir\s*=\s*(true|false)/m)
   if (viaIrMatch?.[1] === "true") {
-    result.viaIr = true;
+    result.viaIr = true
   }
 
-  const optimizerMatch = profileSection.match(
-    /^\s*optimizer\s*=\s*(true|false)/m
-  );
+  const optimizerMatch = profileSection.match(/^\s*optimizer\s*=\s*(true|false)/m)
   if (optimizerMatch?.[1]) {
-    const enabled = optimizerMatch[1] === "true";
-    const runsMatch = profileSection.match(
-      /^\s*optimizer_runs\s*=\s*(\d+)/m
-    );
+    const enabled = optimizerMatch[1] === "true"
+    const runsMatch = profileSection.match(/^\s*optimizer_runs\s*=\s*(\d+)/m)
     result.optimizer = {
       enabled,
       runs: runsMatch?.[1] ? parseInt(runsMatch[1], 10) : undefined,
-    };
+    }
   }
 
-  const evmMatch = profileSection.match(
-    /^\s*evm_version\s*=\s*["']([^"']+)["']/m
-  );
+  const evmMatch = profileSection.match(/^\s*evm_version\s*=\s*["']([^"']+)["']/m)
   if (evmMatch?.[1]) {
-    result.evmVersion = evmMatch[1];
+    result.evmVersion = evmMatch[1]
   }
 
-  const outMatch = profileSection.match(/^\s*out\s*=\s*["']([^"']+)["']/m);
+  const outMatch = profileSection.match(/^\s*out\s*=\s*["']([^"']+)["']/m)
   if (outMatch?.[1]) {
-    result.outDir = outMatch[1];
+    result.outDir = outMatch[1]
   }
 
-  const remappingsMatch = profileSection.match(
-    /remappings\s*=\s*\[([\s\S]*?)\]/
-  );
+  const remappingsMatch = profileSection.match(/remappings\s*=\s*\[([\s\S]*?)\]/)
   if (remappingsMatch?.[1]) {
-    const remappingMatches = remappingsMatch[1].match(/["']([^"']+)["']/g);
+    const remappingMatches = remappingsMatch[1].match(/["']([^"']+)["']/g)
     if (remappingMatches) {
-      result.remappings = remappingMatches.map((m) => m.slice(1, -1));
+      result.remappings = remappingMatches.map((m) => m.slice(1, -1))
     }
   }
 
-  return result;
+  return result
 }
 
-async function parsePackageJson(
-  rootDir: string
-): Promise<{
-  dependencies?: Record<string, string>;
-  devDependencies?: Record<string, string>;
+async function parsePackageJson(rootDir: string): Promise<{
+  dependencies?: Record<string, string>
+  devDependencies?: Record<string, string>
 }> {
-  const pkgPath = join(rootDir, "package.json");
+  const pkgPath = join(rootDir, "package.json")
   if (!existsSync(pkgPath)) {
-    return {};
+    return {}
   }
   try {
-    const content = JSON.parse(await Bun.file(pkgPath).text());
+    const content = JSON.parse(await Bun.file(pkgPath).text())
     return {
       dependencies: content.dependencies,
       devDependencies: content.devDependencies,
-    };
+    }
   } catch {
-    return {};
+    return {}
   }
 }
 
 function parseRemappingsTxt(rootDir: string): string[] {
-  const remappingsPath = join(rootDir, "remappings.txt");
+  const remappingsPath = join(rootDir, "remappings.txt")
   if (!existsSync(remappingsPath)) {
-    return [];
+    return []
   }
   try {
-    const content = require("fs").readFileSync(remappingsPath, "utf-8");
+    const content = require("node:fs").readFileSync(remappingsPath, "utf-8")
     return content
       .split("\n")
       .map((line: string) => line.trim())
-      .filter((line: string) => line.length > 0);
+      .filter((line: string) => line.length > 0)
   } catch {
-    return [];
+    return []
   }
 }