This project it now deprecated as the creators of slither release an official action.
This repo does only exist to that workflows using this action do not break
This action is a wrapper for slither, a static vulnerability tool for Solidity smart contracts.
If you're having errors while running slither please check the official slither repo as this is just a wrapper for the tool
By default the action will run npm install on the source folder. Set this variable as false to disable it Default: true Required: no
Specify slither version to use. It will download it from official github project. Default: "0.8.1" Required: no
Action will fail if the number of High findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Medium findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Low findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Optimization findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Informative findings is equal or bigger then this value (0 to disable) Default: 10 Required: no
The path to the smart contract's project Default: "." Required: no
Extra slither params to be appended. By default the action runnins with: slither --json - .
Required: no
uses: luisfontes19/slither-static-analysis-action@v0.3.4on: [push]
jobs:
main_job:
runs-on: ubuntu-latest
name: Solidity Security
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Slither Static Analysis
uses: luisfontes19/slither-static-analysis-action@v0.3.2
with:
slither-version: '0.6.13'
run-npm-install: true
high-threshold: 1
medium-threshold: 1
low-threshold: 1
optimization-threshold: 1
informative-threshold: 10
projectPath: "."npm install
#do some changes
npm run build
#commit
#push