Main config forge

[Dargon789]

Motivation

Solution

PR Checklist

• Added Tests
• Added Documentation
• Breaking changes

Summary by Sourcery

Add documentation enhancements, refine provider and gas estimation logic, unify comparison methods, update dependencies and CI workflows, and scaffold a new counter example project with tests and issue templates

New Features:

• Enable rendering of enum "Variants" tables in documentation with custom variant comment filtering
• Provide a From<Vec> implementation for the Comments collection

Enhancements:

• Simplify VerificationProviderType selection logic and enforce Etherscan API key requirement
• Streamline gas estimation output by always labeling amounts as ETH and remove external token symbol lookup
• Replace total_cmp with partial_cmp (with fallback) for sorting and percentage calculations
• Update derive_more dependency to v1.0 and improve configuration error messaging

CI:

• Downgrade actions/setup-python to v4 and standardize Vyper installation in nextest workflow
• Add CI workflows for CodeQL analysis, APIsec scanning, and CircleCI hello job

Documentation:

• Introduce GitHub issue templates and add a counter example project README and Foundry configuration

Tests:

• Extend test-utils redaction patterns to match ETH and include remix test libraries
• Add solidity tests and scripts for the counter example project

[sourcery-ai]

Reviewer's Guide

This PR extends the main configuration by adding variant table support to the documentation writer, refactors the verification provider selection logic, standardizes comparison routines across modules, updates CI/workflow configurations and dependency versions, refines error messages, and scaffolds a new Counter example project with tests and scripts.

Class diagram for BufWriter and new variant table support

classDiagram
    class BufWriter {
        +try_write_variant_table(params: EnumDefinition, comments: Comments): fmt::Result
        +try_write_properties_table(params, comments, heading)
        +try_write_events_table(params, comments)
        +write_bold(text)
        +writeln()
        +write_piped(text)
    }
    class EnumDefinition {
        +values: Vec<EnumValue>
    }
    class Comments {
        +include_tags(tags)
    }
    BufWriter --> EnumDefinition
    BufWriter --> Comments

Loading

Class diagram for VerificationProviderType refactor

classDiagram
    class VerificationProviderType {
        +client(key: Option<&str>): Result<Box<dyn VerificationProvider>>
    }
    class VerificationProvider {
    }
    class EtherscanVerificationProvider {
    }
    VerificationProviderType --> VerificationProvider
    VerificationProviderType --> EtherscanVerificationProvider

Loading

File-Level Changes

Change	Details	Files
Add variant table rendering in documentation	Define VARIANTS_TABLE_HEADERS and VARIANTS_TABLE_SEPARATOR constants Implement try_write_variant_table in BufWriter Invoke variant table in AsDoc and filter comments by custom tag Provide From<Vec> for Comments conversion	crates/doc/src/writer/buf_writer.rs crates/doc/src/writer/as_doc.rs crates/doc/src/parser/comment.rs
Refactor provider selection in VerificationProviderType	Use matches! macro for Sourcify/Etherscan branches Remove is_sourcify and is_etherscan helper methods Enforce API key requirement inline for Etherscan	crates/verify/src/provider.rs
Standardize comparison and sorting logic	Replace total_cmp with partial_cmp+unwrap in snapshot sorting Switch to partial_cmp in suggestion ranking and contract selection Use partial_cmp for percentage formatting comparisons	crates/forge/src/cmd/snapshot.rs crates/cli/src/utils/suggestions.rs crates/common/src/contracts.rs crates/test-utils/src/util.rs
Update CI/workflow configurations and dependencies	Bump actions/setup-python to v4 and pin Vyper install Add CodeQL advanced workflow under .github/workflows/codeql.yml Adjust derive_more version in Cargo.toml Add APIsec and CircleCI config files	.github/workflows/nextest.yml .github/workflows/codeql.yml Cargo.toml .github/workflows/apisec-scan.yml .circleci/config.yml
Fix gas redaction regex for snapshots	Restrict ESTIMATED_AMOUNT_REQUIRED redaction to ETH only	crates/test-utils/src/util.rs
Refine configuration error message	Improve RestrictionsError::BothExactAndRelative text to guide user	crates/config/src/compilation.rs
Scaffold Counter example project	Add README, Foundry config, solidity contract, script, and tests Include .sol scripts for remix and project workflows	counter/README.md counter/foundry.toml counter/src/Counter.sol counter/script/Counter.s.sol counter/test/Counter.t.sol counter/.github/workflows/test.yml .deps/remix-tests/remix_tests.sol .deps/remix-tests/remix_accounts.sol

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Code Security	0	0	0	0	0 issues
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[gemini-code-assist]

Summary of Changes

Hello @Dargon789, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request establishes a foundational structure for a new Foundry project, encompassing essential configuration files, CI/CD pipelines, and development environment settings. It also includes minor but important adjustments to the Rust codebase, focusing on numerical comparison safety, improved error reporting, and streamlined external service integration for contract verification and script simulation outputs.

Highlights

• Foundry Project Setup: Introduced a complete boilerplate for a Foundry project, including a basic Counter contract, its deployment script, and tests. This setup integrates with Git submodules for forge-std and openzeppelin-contracts.
• CI/CD and Development Environment: Added GitHub Actions workflow (test.yml) for continuous integration, covering build, format, and test steps for Foundry projects. Also included .codesandbox/tasks.json and a .gitignore tailored for Foundry artifacts.
• Documentation and Issue Templates: Provided standard GitHub issue templates for bug reports, feature requests, and a custom template. Additionally, Solidity documentation generation logic was enhanced to better handle enum variants.
• Rust Code Refinements: Several Rust files were updated to use partial_cmp instead of total_cmp for floating-point comparisons, improving robustness. Error messages for compilation restrictions were also made more descriptive.
• Script Simulation and Verification Provider Logic: The script simulation output now consistently uses 'ETH' for estimated amounts, and the verification provider selection logic has been simplified for clarity and maintainability.

Ignored Files

• Ignored by pattern: .github/workflows/** (3)
  • .github/workflows/apisec-scan.yml
  • .github/workflows/codeql.yml
  • .github/workflows/nextest.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

Blocking issues:

• An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. (link)

General comments:

• The new try_write_variant_table duplicates logic from the other table writers—consider extracting a shared helper to avoid code repetition and keep table rendering consistent.
• Hardcoding "ETH" for the estimated amount in simulate assumes Ethereum; you may want to reuse the dynamic chain symbol lookup or make the token symbol configurable for other chains.
• Several comparisons use partial_cmp().unwrap() (and unwrap_or for missing names) which can panic on None; prefer total_cmp for floats or explicitly handle the None case to ensure stable ordering and avoid runtime panics.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The new try_write_variant_table duplicates logic from the other table writers—consider extracting a shared helper to avoid code repetition and keep table rendering consistent.
- Hardcoding "ETH" for the estimated amount in simulate assumes Ethereum; you may want to reuse the dynamic chain symbol lookup or make the token symbol configurable for other chains.
- Several comparisons use partial_cmp().unwrap() (and unwrap_or for missing names) which can panic on None; prefer total_cmp for floats or explicitly handle the None case to ensure stable ordering and avoid runtime panics.

## Individual Comments

### Comment 1
<location> `crates/doc/src/writer/buf_writer.rs:189-198` </location>
<code_context>
+    pub fn try_write_variant_table(
</code_context>

<issue_to_address>
**suggestion:** Consider handling cases where param_name is None more robustly.

If '<none>' is used as a placeholder, confirm that downstream code can process it correctly, or consider skipping these rows or adding more context.

Suggested implementation:

```rust
        // There is nothing to write.
        if comments.is_empty() {
            return Ok(());
        }

        // Prepare rows for the variant table, handling None param_name robustly.
        let mut rows = Vec::new();
        for (param_name, comment) in comments.iter() {
            match param_name {
                Some(name) => {
                    rows.push((name.clone(), comment.clone()));
                }
                None => {
                    // Use "<none>" as a placeholder, or skip, or add more context.
                    // Here, we use "<none>" and add a note to the comment.
                    rows.push((
                        "<none>".to_string(),
                        format!("(No parameter name) {}", comment),
                    ));
                }
            }
        }

        // If no rows, nothing to write.
        if rows.is_empty() {
            return Ok(());
        }

        // Write the table using the prepared rows.
        self.write_variant_table_rows(&rows)

```

You will need to implement or adjust the `write_variant_table_rows` method to accept the new `rows` format (`Vec<(String, String)>`). If you already have a method for writing the table, update it to use the new `rows` variable instead of iterating directly over `comments`.
</issue_to_address>

### Comment 2
<location> `crates/doc/src/writer/buf_writer.rs:187` </location>
<code_context>
         self.try_write_table(CommentTag::Param, params, comments, "Properties")
     }

+    /// Tries to write the variant table to the buffer.
+    /// Doesn't write anything if either params or comments are empty.
+    pub fn try_write_variant_table(
</code_context>

<issue_to_address>
**issue (complexity):** Consider refactoring both table-writing methods into a single, configurable renderer to avoid duplicated code and logic.

You can collapse both tables into one renderer by giving it a title, a list of headers, and a list of tags to include rather than duplicating the loop/boilerplate. e.g.:

```rust
// 1) Change `try_write_table` to accept `tags` and `headers`:
pub fn try_write_table(
    &mut self,
    tags: &[CommentTag],
    params: &EnumDefinition,
    comments: &Comments,
    title: &str,
    headers: &[&str],
) -> fmt::Result {
    let comments = comments.include_tags(tags);
    if comments.is_empty() {
        return Ok(());
    }

    self.write_bold(title)?;
    self.writeln()?;

    // Header row
    self.write_piped(&headers.join("|"))?;
    // Separator row (same count as headers)
    let sep = std::iter::repeat("---").take(headers.len()).join("|");
    self.write_piped(&sep)?;

    for value in &params.values {
        let name = value.as_ref().map(|v| v.name.clone());
        let comment = name.as_ref().and_then(|n| {
            comments.iter().find_map(|c| c.match_first_word(n))
        });
        let row = [
            Markdown::Code(&name.unwrap_or_default()).as_doc()?,
            comment.unwrap_or_default().replace('\n', " "),
        ];
        self.write_piped(&row.join("|"))?;
    }
    self.writeln()
}
```

```rust
// 2) Now both callers become one-liners:
// Properties table (existing)
self.try_write_table(
    &[CommentTag::Param],
    params,
    comments,
    "Properties",
    &["Name", "Type", "Description"],
)?;

// Variants table (new)
self.try_write_table(
    &[CommentTag::Param, CommentTag::Custom("variant".into())],
    params,
    comments,
    "Variants",
    &["Variant", "Description"],
)?;
```

This removes the bespoke `try_write_variant_table`, keeps all functionality, and shares the same simple renderer.
</issue_to_address>

### Comment 3
<location> `counter/.github/workflows/test.yml:24` </location>
<code_context>
        uses: foundry-rs/foundry-toolchain@v1
</code_context>

<issue_to_address>
**security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha):** An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

*Source: opengrep*
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[gemini-code-assist]

Code Review

This pull request introduces a significant amount of configuration and template files, likely for a new forge project setup. It also includes several refactorings in the Rust codebase, such as improving error messages and changing float comparison logic. My review focuses on a critical issue in the float comparison change that could lead to a panic, and some improvements for the new Solidity test utility files to enhance readability and adhere to best practices.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
next	Canceled		Comment	Oct 13, 2025 8:19pm
react	Building	Preview	Comment	Oct 13, 2025 8:19pm

[vercel]

Deployment failed with the following error:

Creating the Deployment Timed Out.