-
Notifications
You must be signed in to change notification settings - Fork 986
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filtering #2428
base: dev
Are you sure you want to change the base?
Filtering #2428
Conversation
Important Auto Review SkippedAuto reviews are disabled on base/target branches other than the default branch. Please add the base/target branch pattern to the list of additional branches to be reviewed in the settings. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
Some note : The filtering system improve the overall performances because the printers / detectors are not run on code before being filtered out. However, some properties could be cached to further improve performance. This will be tacked in another PR with a better focus on performance. |
I think for directory/file we may be able to also avoid lowering the AST to SlithIR by filtering out them here: Lines 151 to 170 in fdf54f6
Need to keep in mind the references to other code may necessitate its analysis even if it's filtered |
I tried to solve it in 6c8ee23 but I think it would require a bigger refactoring of the parsing step. Indeed, this fails the step for the |
Yeah, it can't be filtered before |
I think the syntax will be difficult for users. Even the existing use of regex has been confusing for many. Ideally we would have something that is familiar i.e. people picked up how to use it from another common CLI and its intuitive/ easy to debug.
I also don't love the alternative give in #759 but it is simpler in more straightforward:
|
Adds three new options to the Slither CLI to filter results.
This PR adds granularity in the filtering system provided by slither on which files, contracts or function to run.
Help
Implementation details
filter-paths
,include-paths
option to the new system and add a deprecation warningThe previous options are kept for backward compatibility but they are removed from the help output
They are migrated to the new filtering system.
The filtering is done at the
CompilationUnit
level, thecontracts
, andfunctions
method now only return the restricted results instead of the complete results.This way the impact on current detectors and/or printers is kept minimal.
We use a comma separted list of values with this format :
The leading +- can be used for the
filter
option to list positive and negative rules.Each element is compiled as a regex so the following examples work:
.*:A.*
: Matches every contract that contains an A+sub1/,-sub1/sub12
: Matches everything in sub1 that is not in sub2.Of note, the exact regex is:
And the tests were made using here