Foundry/master test ux#516
Conversation
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
…) (#498) * chore(deps): bump rui314/setup-mold from 725a8794d15fc7563f59595bd9556495c0564878 to 9c9c13bf4c3f1adef0cc596abc155580bcb04444 (foundry-rs#14442) chore(deps): bump rui314/setup-mold Bumps [rui314/setup-mold](https://github.com/rui314/setup-mold) from 725a8794d15fc7563f59595bd9556495c0564878 to 9c9c13bf4c3f1adef0cc596abc155580bcb04444. - [Commits](rui314/setup-mold@725a879...9c9c13b) --- updated-dependencies: - dependency-name: rui314/setup-mold dependency-version: 9c9c13bf4c3f1adef0cc596abc155580bcb04444 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update flake.lock (foundry-rs#14458) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * fix(forge): adjust gas assertion `CounterWithFallback` (foundry-rs#14465) * chore: update latest benchmarks (foundry-rs#14467) * ci: split MPP e2e into its own workflow (foundry-rs#14468) * ci: split MPP e2e into its own workflow Move the MPP e2e step from ci-tempo.yml into a standalone ci-mpp.yml workflow so transient HTTP 402 failures from the MPP RPC do not block the Tempo CI workflow. Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> * ci: rename sanity-check job to tempo-check Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> * ci: rename mpp-e2e job to mpp-check Amp-Thread-ID: https://ampcode.com/threads/T-019dceb8-61e5-734f-b047-17665b4ea7d3 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> * Improve GH actions (foundry-rs#14473) * fix(benches): add repos + extra args support to prevent blocking errors (foundry-rs#14470) * fix(benches): add repos + extra args support to prevent blocking errors * fix(ci): set `inputs.repos` default to empty * fix: remove `--verbose` flags * fix: exclude `uniswap/v4-core` `TickMathTestTest` --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
Sorry @Dargon789, you have reached your weekly rate limit of 500000 diff characters.
Please try again later or upgrade to continue using Sourcery
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces significant updates across the Foundry codebase, including extensive dependency updates, the implementation of several new lint rules such as could-be-immutable, rtlo, and missing-zero-check, the transition of documentation generation and Chisel to use the solar AST, and the addition of new RPC endpoints for block tracing and Tempo-specific state management in Anvil. It also refactors network configuration to use a canonical network field, adds a PostExec transaction type for OP stack, improves script failure reporting, and updates foundryup to fetch the latest release via the GitHub API. Feedback highlights a violation of the JSON-RPC 2.0 specification for empty batch requests, an O(N^2) performance bottleneck in the new block tracing implementation, and opportunities to refine the logic of the could-be-immutable and missing-zero-check lint rules to improve accuracy and coverage.
| if calls.is_empty() { | ||
| return Some(Response::Batch(vec![anvil_rpc::response::RpcResponse::from( | ||
| RpcError::invalid_request(), | ||
| )])); | ||
| } |
There was a problem hiding this comment.
According to the JSON-RPC 2.0 specification, an empty batch request should return a single error response object, not a batch response (array) containing an error. The spec states: "If the Batch rpc call itself fails to be recognized as an valid JSON or as an Array with at least one value, the response from the Server MUST be a single Response object."
if calls.is_empty() {
return Some(Response::error(RpcError::invalid_request()));
}| let mut traces = Vec::new(); | ||
| for tx in &block.body.transactions { | ||
| let tx_hash = tx.hash(); | ||
| match self.debug_trace_transaction(tx_hash, opts.clone()).await { | ||
| Ok(trace) => { | ||
| traces.push(TraceResult::Success { result: trace, tx_hash: Some(tx_hash) }); | ||
| } | ||
| Err(error) => { | ||
| traces.push(TraceResult::Error { | ||
| error: error.to_string(), | ||
| tx_hash: Some(tx_hash), | ||
| }); | ||
| } | ||
| } | ||
| } | ||
| return Ok(traces); |
There was a problem hiding this comment.
This implementation of debug_trace_block_by_hash (and similarly debug_trace_block_by_number) has O(N^2) complexity relative to the number of transactions in the block. This is because debug_trace_transaction re-executes all transactions in the block up to the target index. For a block with many transactions, this will be extremely slow. A more efficient approach would be to execute the entire block once and collect traces for all transactions in a single pass.
| && var.mutability.is_none() | ||
| && match var.ty.kind { | ||
| TypeKind::Elementary(ty) => ty.is_value_type(), | ||
| TypeKind::Custom(hir::ItemId::Contract(_)) => true, |
There was a problem hiding this comment.
Enums and user-defined value types (UDVTs) are also value types in Solidity and can be declared as immutable. The current check only considers elementary value types and contracts. Consider including Enum and Udvt in the candidate types.
| TypeKind::Custom(hir::ItemId::Contract(_)) => true, | |
| TypeKind::Custom(hir::ItemId::Contract(_) | hir::ItemId::Enum(_) | hir::ItemId::Udvt(_)) => true, |
| ExprKind::Ident(reses) => { | ||
| for res in *reses { | ||
| if let Res::Item(ItemId::Variable(vid)) = res | ||
| && let Some(srcs) = self.taint.get(vid) | ||
| { | ||
| if self.guard_depth > 0 { | ||
| self.guarded.extend(srcs.iter().copied()); | ||
| } | ||
| if self.sink_depth > 0 { | ||
| for &src in srcs { | ||
| if !self.guarded.contains(&src) { |
There was a problem hiding this comment.
The current guard detection logic is too broad and will lead to false negatives. It considers a variable "guarded" if it is read anywhere within a guard context (like an if condition), regardless of the actual check performed. For example, if (a == address(0)) { owner = a; } would incorrectly mark a as guarded because it is read in the condition, even though the branch explicitly uses the zero address. A more robust check should verify that the variable is compared against address(0) and that the sink is only reachable when the variable is non-zero.
2 participants
Motivation
Solution
PR Checklist