Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: make ci ✅ with 💚 and 🥑s #371

Merged
merged 20 commits into from
Feb 19, 2024
Merged

feat: make ci ✅ with 💚 and 🥑s #371

merged 20 commits into from
Feb 19, 2024

Conversation

bowd
Copy link
Contributor

@bowd bowd commented Feb 14, 2024
edited
Loading

Description

  • Split jobs for better readability
  • Make storage checks run only on push to develop (i.e. not for each commit of a work in progress branch) in an attempt to not hit rate limits.
  • removed the slither.db.json and inlined ignores - it's important to actually review these and see if we want to actually fix any of them
  • made slither ignore contracts/common and contracts/legacy . Common will be moved to @celo/contracts npm dependency anyway.
  • fixed echidna compilation issue, yey!

Other changes

  • Moved SortedOracles.sol to common because moving forward that contract will be owned by clabs and we will need to deploy it through their pipeline. So everything in common will move to @celo/contracts, including SortedOracles.

Tested

In progress

Related issues

N/A

Backwards compatibility

N/A

Documentation

N/A

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@openzeppelin-code OpenZeppelin Code
Copy link

openzeppelin-code bot commented Feb 14, 2024
edited
Loading

feat: make ci ✅ with 💚 and 🥑s

Generated at commit: b2efe93a6788e73acb51e9b94b9c527e429b4024

🚨 Report Summary

Severity Level Results
Contracts Critical
High
Medium
Low
Note
Total		 3
3
0
13
38
57
Dependencies Critical
High
Medium
Low
Note
Total		 0
0
0
0
0
0

For more details view the full report in OpenZeppelin Code Inspector

@bowd bowd requested review from baroooo and chapati23 February 14, 2024 10:39
chapati23
chapati23 reviewed Feb 14, 2024
View reviewed changes
Copy link
Contributor

@chapati23 chapati23 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CI is greeeeeeeen 🤩🤩🤩

lgtm, just some questions/suggestions

.github/workflows/echidna.yaml Outdated Show resolved Hide resolved
.github/workflows/lint_test.yaml Outdated Show resolved Hide resolved
.github/workflows/echidna.yaml Outdated Show resolved Hide resolved
.github/workflows/lint_test.yaml Outdated Show resolved Hide resolved
.github/workflows/slither.yaml Outdated Show resolved Hide resolved
.github/workflows/slither.yaml Outdated Show resolved Hide resolved
.github/workflows/storage-layout.yaml Outdated Show resolved Hide resolved
slither.config.json Outdated Show resolved Hide resolved
@bowd
Copy link
Contributor Author

bowd commented Feb 14, 2024

@philipraetsch thanks for the suggestions!
I've updated the foundry version and removed the build steps from slither.
We still need the build step in echidna because they haven't update echidna-action to install Foundry in the docker. They did update slither-action tho' so if anybody wants to be a good samaritan you can open a PR there :)

@bowd bowd changed the title feat: split ci and don't run storage-layout on all PRs feat: make ci ✅ with 💚 and 🥑s Feb 14, 2024
baroooo
baroooo approved these changes Feb 16, 2024
View reviewed changes
Copy link
Contributor

@baroooo baroooo left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe we can disable timestamp matcher at the config level. Because,
1- I don't think we rely on it at a critical level
2- Not sure about specifics of Celo, but it is much harder to exploit in a PoS setup
3- Timestamps are used frequently in our repo

The rest looks good as it is.

contracts/swap/Reserve.sol Outdated Show resolved Hide resolved
@bowd bowd merged commit c443a13 into develop Feb 19, 2024
6 checks passed
@bowd bowd deleted the feat/fix-ci branch February 19, 2024 07:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chapati23 chapati23 chapati23 approved these changes

@baroooo baroooo baroooo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bowd @chapati23 @baroooo