.---. ,--. ,-- ,----. ,--. ,--. ,-. .----. ,------.,------,
/ . | | \ | | | ._. \ | | `\ . '.' /\_.-, || .---'| /`. '
/ /| | | . '| | | |_| | | | \ / |_ <(| '--. | |_.' |
/ '-' ||| |\ | | .-. |(| '_ / /) .-. \ || .--' | . .'
`---| |'| | \ | | | | | | | / /` \ `-' /| `---.| |\ \
`--' `--' `--' `--' `--' `-----' `--' `---'' `------'`--' '--'
-- Upgraded by @LowK3v
yarn analyze BASE_PATH -t <TARGET_FILE> -r <TARGET_RULE> -o <OUTPUT:[sarif|file|-]> -s <SCOPE_FILE> -l <GITHUB_URL>
# Example
yarn analyze contracts
yarn analyze -t example.sol
yarn analyze -t example.sol -r "zero.*transfer"
yarn analyze contracts -o sarif
yarn analyze contracts -l github.com/xyz/contracts
BASE_PATH
is a relative path to the folder containing the smart contracts.TARGET_FILE
is a relative path to the file of the smart contracts.TARGET_RULE
is a specific rule to analyze. It can be a regular expression. Default is.*
.OUTPUT
is a format of the output. It can besarif
,file
or-
for stdout. Default is-
.SCOPE_FILE
is an optional file containing a specific smart contracts scope (see scope.example.txt)GITHUB_URL
is an optional url to generate links to the GitHub in the report- For remappings, add
remappings.txt
toBASE_PATH
. - The output will be saved in a
report.md
file.
Repository | Report |
---|---|
Holograph | Report |
3xcalibur | Report |
Inverse Finance | Report |
Paladin | Report |
zkSync | Report |
You'll need Node.js and Yarn. Then clone the repo and run:
yarn
You're all set!
You're more than welcome to contribute! For help you can check CONTRIBUTING.md