solidity-argus 0.5.10 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +8 -1
- package/README.md +27 -21
- package/package.json +2 -2
- package/skills/INVENTORY.md +14 -1
- package/skills/README.md +4 -2
- package/skills/references/attack-vector-deck/SKILL.md +62 -0
- package/skills/specialist-profiles/access-control-specialist/SKILL.md +31 -0
- package/skills/specialist-profiles/economic-security/SKILL.md +31 -0
- package/skills/specialist-profiles/execution-trace/SKILL.md +31 -0
- package/skills/specialist-profiles/first-principles/SKILL.md +31 -0
- package/skills/specialist-profiles/invariant/SKILL.md +31 -0
- package/skills/specialist-profiles/math-precision/SKILL.md +31 -0
- package/skills/specialist-profiles/periphery/SKILL.md +31 -0
- package/skills/specialist-profiles/vector-scan/SKILL.md +28 -0
- package/src/agents/argus-prompt.ts +59 -6
- package/src/agents/audit-specialist-prompt.ts +94 -0
- package/src/agents/pythia-prompt.ts +7 -4
- package/src/agents/scribe-prompt.ts +9 -0
- package/src/agents/sentinel-prompt.ts +12 -0
- package/src/agents/themis-prompt.ts +4 -0
- package/src/config/schema.ts +2 -0
- package/src/constants/defaults.ts +1 -0
- package/src/create-hooks.ts +9 -1
- package/src/features/background-agent/background-manager.ts +85 -2
- package/src/features/persistent-state/run-finalizer.ts +37 -3
- package/src/hooks/config-handler.ts +23 -0
- package/src/hooks/system-prompt-hook.ts +72 -2
- package/src/hooks/tool-tracking-hook.ts +50 -6
- package/src/managers/types.ts +21 -0
- package/src/shared/agent-names.ts +1 -0
- package/src/shared/lineage-validator.ts +96 -0
- package/src/shared/report-path-resolver.ts +8 -2
- package/src/state/adapters.ts +1 -1
- package/src/state/projectors.ts +50 -0
- package/src/state/schemas.ts +86 -1
- package/src/state/types.ts +25 -1
- package/src/tools/forge-coverage-tool.ts +41 -5
- package/src/tools/persist-deduped-tool.ts +45 -1
- package/src/tools/read-findings-tool.ts +46 -5
- package/src/tools/record-finding-tool.ts +10 -30
- package/src/tools/report-generator-tool.ts +135 -37
- package/src/tools/slither-tool.ts +62 -2
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
import { createHash } from "node:crypto"
|
|
2
|
-
import {
|
|
2
|
+
import {
|
|
3
|
+
existsSync,
|
|
4
|
+
mkdtempSync,
|
|
5
|
+
readdirSync,
|
|
6
|
+
readFileSync,
|
|
7
|
+
rmSync,
|
|
8
|
+
statSync,
|
|
9
|
+
writeFileSync,
|
|
10
|
+
} from "node:fs"
|
|
3
11
|
import { tmpdir } from "node:os"
|
|
4
12
|
import { dirname, isAbsolute, join, resolve } from "node:path"
|
|
5
13
|
import { type ToolContext, tool } from "@opencode-ai/plugin"
|
|
@@ -63,6 +71,8 @@ export type SlitherAnalyzeResult = {
|
|
|
63
71
|
executionTime: number
|
|
64
72
|
errors: string[]
|
|
65
73
|
error?: string
|
|
74
|
+
hint?: string
|
|
75
|
+
suggested_command?: string
|
|
66
76
|
}
|
|
67
77
|
|
|
68
78
|
function mapSeverity(impact?: string): FindingSeverity {
|
|
@@ -151,6 +161,50 @@ function shouldTryFlattenFallback(errors: string[], stderr: string): boolean {
|
|
|
151
161
|
return FALLBACK_TRIGGERS.some((trigger) => combined.includes(trigger))
|
|
152
162
|
}
|
|
153
163
|
|
|
164
|
+
function isMixedPragmaSlitherFailure(errors: string[], stderr: string): boolean {
|
|
165
|
+
const combined = [...errors, stderr].join(" ")
|
|
166
|
+
return (
|
|
167
|
+
/(CryticCompileError|Slither exited with code 1)/i.test(combined) &&
|
|
168
|
+
/(solc|pragma|requires different compiler version|different compiler version|compiler version)/i.test(
|
|
169
|
+
combined,
|
|
170
|
+
)
|
|
171
|
+
)
|
|
172
|
+
}
|
|
173
|
+
|
|
174
|
+
function containsSolidityFile(dir: string): boolean {
|
|
175
|
+
try {
|
|
176
|
+
for (const entry of readdirSync(dir)) {
|
|
177
|
+
const fullPath = join(dir, entry)
|
|
178
|
+
const stat = statSync(fullPath)
|
|
179
|
+
if (stat.isFile() && entry.endsWith(".sol")) return true
|
|
180
|
+
if (stat.isDirectory() && containsSolidityFile(fullPath)) return true
|
|
181
|
+
}
|
|
182
|
+
} catch {
|
|
183
|
+
return false
|
|
184
|
+
}
|
|
185
|
+
return false
|
|
186
|
+
}
|
|
187
|
+
|
|
188
|
+
function mixedPragmaDiagnostics(
|
|
189
|
+
args: SlitherArgs,
|
|
190
|
+
projectDir: string,
|
|
191
|
+
errors: string[],
|
|
192
|
+
stderr: string,
|
|
193
|
+
): Pick<SlitherAnalyzeResult, "hint" | "suggested_command"> | undefined {
|
|
194
|
+
if (!isMixedPragmaSlitherFailure(errors, stderr)) return undefined
|
|
195
|
+
|
|
196
|
+
const target = resolve(projectDir, args.target)
|
|
197
|
+
const srcCandidate = join(target, "src")
|
|
198
|
+
const suggestion =
|
|
199
|
+
existsSync(srcCandidate) && containsSolidityFile(srcCandidate) ? srcCandidate : undefined
|
|
200
|
+
return {
|
|
201
|
+
hint: "Try narrowing target to a single-pragma subdirectory and check foundry.toml/remappings for mixed compiler or vendored dependency scope issues.",
|
|
202
|
+
suggested_command: suggestion
|
|
203
|
+
? buildCommand({ ...args, target: suggestion }).join(" ")
|
|
204
|
+
: undefined,
|
|
205
|
+
}
|
|
206
|
+
}
|
|
207
|
+
|
|
154
208
|
const parseSolcVersion = parseSolcVersionShared
|
|
155
209
|
const extractContractNames = extractContractNamesShared
|
|
156
210
|
const hasBinary = hasBinaryShared
|
|
@@ -488,7 +542,8 @@ export async function executeSlitherAnalyze(
|
|
|
488
542
|
payload = JSON.parse(runResult.stdout) as SlitherPayload
|
|
489
543
|
} catch (error) {
|
|
490
544
|
const message = error instanceof Error ? error.message : "Unknown parse error"
|
|
491
|
-
|
|
545
|
+
const diagnostics = mixedPragmaDiagnostics(args, projectDir, errors, runResult.stderr)
|
|
546
|
+
if (!diagnostics && (args.via_ir || shouldTryFlattenFallback(errors, runResult.stderr))) {
|
|
492
547
|
const fallbackResult = await flattenFallback(args, context, {
|
|
493
548
|
...getDefaultFlattenDeps(),
|
|
494
549
|
runCommand,
|
|
@@ -503,6 +558,7 @@ export async function executeSlitherAnalyze(
|
|
|
503
558
|
executionTime: Date.now() - startedAt,
|
|
504
559
|
errors,
|
|
505
560
|
error: `Slither output parse error: ${message}`,
|
|
561
|
+
...diagnostics,
|
|
506
562
|
}
|
|
507
563
|
}
|
|
508
564
|
|
|
@@ -513,9 +569,12 @@ export async function executeSlitherAnalyze(
|
|
|
513
569
|
const findings = parseFindings(payload)
|
|
514
570
|
const success = findings.length > 0 || (runResult.exitCode === 0 && payload.success !== false)
|
|
515
571
|
|
|
572
|
+
const diagnostics = mixedPragmaDiagnostics(args, projectDir, errors, runResult.stderr)
|
|
573
|
+
|
|
516
574
|
if (
|
|
517
575
|
!success &&
|
|
518
576
|
findings.length === 0 &&
|
|
577
|
+
!diagnostics &&
|
|
519
578
|
(args.via_ir || shouldTryFlattenFallback(errors, runResult.stderr))
|
|
520
579
|
) {
|
|
521
580
|
const fallbackResult = await flattenFallback(args, context, {
|
|
@@ -532,6 +591,7 @@ export async function executeSlitherAnalyze(
|
|
|
532
591
|
findings,
|
|
533
592
|
executionTime: Date.now() - startedAt,
|
|
534
593
|
errors,
|
|
594
|
+
...diagnostics,
|
|
535
595
|
}
|
|
536
596
|
} catch (error) {
|
|
537
597
|
const message = error instanceof Error ? error.message : "Unknown error"
|