Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    sunriseup
    @sunriseup
    I tried "security/enforce-loop-bounds":"on", in soliumrc.json, not work
    sunriseup
    @sunriseup
    @duaraghav8
    Raghav Dua
    @duaraghav8
    @sunriseup Please DM me your full .soliumrc.json configuration, the solidity code over which you're running it and the output of solium --version.
    sunriseup
    @sunriseup

    {
    "extends":"cfgsample",
    "plugins": ["security","sample"],
    "rules": {

         "security/no-sha3": "off",
         "security/enforce-loop-bounds":[1],

    }
    }

    pragma solidity ^0.4.11;

    contract check_return_value{
    // bad
    constructor(){
    unit nvalue;
    someAddress.send(nvalue);
    someAddress.call.value(55)(); // this is doubly dangerous, as it will forward all remaining gas and doesn't check for result
    someAddress.call.value(100)(bytes4(sha3("deposit()"))); // if deposit throws an exception, the raw call() will only return false and transaction will NOT be reverted

    // good
    if(!someAddress.send(55)) {
    // Some failure code
    }

    ExternalContract(someAddress).deposit.value(100);
    }
    }

    $ solium -V
    Solium version 1.1.8
    Raghav Dua
    @duaraghav8
    Where in your code are you expecting the enforce-loop-bounds rule to raise an issue? I don't see any loops.
    sunriseup
    @sunriseup
    I am just trying the configuration. it report a fatal error
    ✖ [Fatal error] An invalid .soliumrc.json was provided. C:\Users\Sujing\DApp.soliumrc.json: Unexpected token } in JSON at position 153
    Raghav Dua
    @duaraghav8
    That's because you have a trailing comma after "security/enforce-loop-bounds":[1]. You need to remove it.
    Also, extends only supports 2 values solium:all & solium:recommended. Please read the docs.
    sunriseup
    @sunriseup
    tried again. It is the trailing comma . "security/enforce-loop-bounds":[2] works; but "security/enforce-loop-bounds":"on" did not work
    I suppose it does not have the option of "on"?
    So if I want to explicitly enable a security rule , [1], or [2] should be added ?
    extends doesnot support sharable config now ? I tried a sharable config ,seems ok
    Raghav Dua
    @duaraghav8
    on is not an option. http://solium.readthedocs.io/en/latest/user-guide.html#configuring-the-linter
    Ah, sorry, yes. Extends does support sharable config. My bad
    Just to re-iterate, this doesn't introduce any breaking changes. No builds or integrations will be disrupted.
    Daniel Reigada
    @DReigada
    Hi, is there a way to list all available rules (preferably with their options) when calling Solium?
    Raghav Dua
    @duaraghav8
    @DReigada You should refer to the docs for that http://solium.readthedocs.io/en/latest/user-guide.html#list-of-style-rules.
    Keeping 2 lists (one in CLI and another in docs) in sync is a maintenance nightmare and doesn't seem to have significant gain.
    Maurelian
    @maurelian
    Raghav Dua
    @duaraghav8
    @maurelian Maybe my understanding is wrong, but I think this rule is better suited for a dynamic analyzer. A static one can't determine whether a call is to an external service or another function without significant bookkeeping. Similarly, it can't determine for sure whether a variable is being modified (eg- contract calls increment(myStateVar); for linter, this is just a function call, it can't figure out function's intent)
    Maurelian
    @maurelian
    hmmm, yes. Good points there.
    Would probably need to look at both the source map
    Ian Shipman
    @GambolingPangolin
    Hey everyone! Is solium --fix supposed to fix indentation?
    ... it leaves all my contracts unchanged while complaining about indentation
    Raghav Dua
    @duaraghav8
    @GambolingPangolin solium currently doesn't fix for indentation. Please see docs for which rules apply fixes - https://solium.readthedocs.io/en/latest/user-guide.html#list-of-style-rules
    Ian Shipman
    @GambolingPangolin
    @duaraghav8 ok got it. I found duaraghav8/Solium#94 and it looks stalled. Is that your understanding too?
    Raghav Dua
    @duaraghav8
    yes. I'm not actively working on fix() for indentation rule as of now
    Ian Shipman
    @GambolingPangolin
    It sounds like an interesting problem, so I'm going to take a look. I'll let you know if I think I can tackle some or all of it :)
    Raghav Dua
    @duaraghav8
    That would be great! DM me for any clarifications you need at any point
    Daniel
    @DanielRX
    Wasn't sure if it's a bug or just me, but this snippet gives me errors for qoutes
    function toString(bool x) internal pure returns (string) {
        if (x) {
            return('TRUE');
        }
        return('FALSE'); 
    }
    I get quotes: 'TRUE': String literal must be quoted with single quotes.
    Raghav Dua
    @duaraghav8
    Could you share your .soliumrc.json here @DanielRX
    Daniel
    @DanielRX
    I use vs code and the only relevant setting is quotes: "single"
    Daniel
    @DanielRX

    To make a point, this is fine

    string memory y = 'TRUE';
    return(y);

    It's only when the string is in the return directly

    Raghav Dua
    @duaraghav8

    I was able to reproduce this, thanks for reporting. Will fix it before the next release.

    duaraghav8/Solium#240

    Ian Shipman
    @GambolingPangolin
    @duaraghav8 Are you the duaraghav8 on Keybase?
    Raghav Dua
    @duaraghav8
    @GambolingPangolin yes
    Leo Arias
    @elopio
    hello @duaraghav8! Can you please give us a status of Solidity 0.5? duaraghav8/Ethlint#246
    Bernardo Vieira
    @obernardovieira
    I would love to know too.
    Raghav Dua
    @duaraghav8
    Hi @elopio sorry for the late response, I know this has been disrupting workflows for everyone using 0.5. I haven't been able to squeeze out time to work on compatibility yet due to the another issue. Trying to push it before holidays, else in the first week of Jan.
    Raghav Dua
    @duaraghav8
    v1.2.0 is now out and supports solidity 0.5.
    Please see changelog - https://github.com/duaraghav8/Ethlint/blob/master/CHANGELOG.md#120-2018-12-25-santa
    @/all
    Ankit
    @a4nkit_twitter
    @duaraghav8 I have used solium for some project and now want to move to ethlint?
    Any process you have mentioned in doc ?
    Raghav Dua
    @duaraghav8
    @a4nkit_twitter you don't need to do anything special to move to Ethlint. Just use npm install ethlint instead of npm install solium. Everything else, including the CLI name, remains the same.
    Raghav Dua
    @duaraghav8
    duaraghav8/Ethlint#252
    Issue is open for anyone who'd like to participate in this feature's discussion
    Raghav Dua
    @duaraghav8

    Ethlint is now on Open Collective!
    If the project has made your life easier at some point (or still is), please consider donating :)

    https://opencollective.com/ethlint

    Raghav Dua
    @duaraghav8