This action is a wrapper for slither, a static vulnerability tool for Solidity smart contracts.
If you're having errors while running slither please check the official slither repo as this is just a wrapper for the tool
By default the action will run npm install on the source folder. Set this variable as false to disable it Default: true Required: no
Specify slither version to use. It will download it from official github project. Default: "0.8.1" Required: no
Action will fail if the number of High findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Medium findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Low findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Optimization findings is equal or bigger then this value (0 to disable) Default: 1 Required: no
Action will fail if the number of Informative findings is equal or bigger then this value (0 to disable) Default: 10 Required: no
The path to the smart contract's project Default: "." Required: no
Extra slither params to be appended. By default the action runnins with: slither --json - .
Required: no
uses: luisfontes19/slither-static-analysis-action@v0.3.4on: [push]
jobs:
main_job:
runs-on: ubuntu-latest
name: Solidity Security
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Slither Static Analysis
uses: luisfontes19/slither-static-analysis-action@v0.3.2
with:
slither-version: '0.6.13'
run-npm-install: true
high-threshold: 1
medium-threshold: 1
low-threshold: 1
optimization-threshold: 1
informative-threshold: 10
projectPath: "."npm install
#do some changes
npm run build
#commit
#push