Skip to content

dependabot(gomod): bump golang.org/x/crypto from 0.23.0 to 0.24.0 #3

dependabot(gomod): bump golang.org/x/crypto from 0.23.0 to 0.24.0

dependabot(gomod): bump golang.org/x/crypto from 0.23.0 to 0.24.0 #3

Workflow file for this run

name: 'Slither Analysis'
on:
workflow_dispatch:
pull_request:
push:
branches:
- develop
jobs:
slither-analyze:
runs-on: ubuntu-latest
container:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/ci-builder:v0.49.0
steps:
- uses: actions/checkout@v4
# Workaround to prevent slither-action from trying to install JS deps.
# Without this step, it detects the `package.json`, and since there is no
# lockfile it defaults `npm install` which fails due to the preinstall
# script to enforce pnpm. https://github.com/crytic/slither-action/issues/44#issuecomment-1338183656
- name: Remove package.json
run: rm packages/contracts-bedrock/package.json
- name: Run Slither
uses: crytic/slither-action@v0.4.0
id: slither
with:
target: packages/contracts-bedrock
slither-config: packages/contracts-bedrock/slither.config.json
fail-on: config
sarif: results.sarif
slither-args: --triage-database packages/contracts-bedrock/slither.db.json
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: ${{ steps.slither.outputs.sarif }}