0.6.7 - 2019-10-04

This release introduces slither-format, a tool that automatically generates patches for discovered vulnerabilities, and slither-flat, which flattens the codebase. Thanks to crytic-compile, slither-flat enables contract flattening for nearly all available smart contract development frameworks.

If you like Slither, consider subscribing to crytic.io for access to additional private detectors and GitHub integrations. Follow @CryticCI for more information.

Added

• slither-format: automatic patch generation. Features:
  • Supports issues discovered by the unused-state, solc-version, pragma, naming-convention, external-function, constable-states, and constant-function detectors.
  • Generates git patches
  • JSON integration
• slither-flat: flatten a codebase. Features:
  • --contract contract_name: outputs only the contracts necessary to compile contract_name
  • --convert-external: converts an external function to public. This is meant to help developers use Echidna.
• Echidna printer: Displays information useful for guiding fuzzing.
• IR conversion for constant variables declaration (#333, #338)

Changed:

• Update to crytic-compile 0.1.4 (which adds support for Brownie)
• CLI: print the number of detectors run (#322)
• Dapp test: use cache to seep up travis (#339)
• External function detectors: merge shadowed functions (#334)
• Add optimization detection to human summary printer (#330)
• Silence reports about _echidna or _crytic properties in the naming convention detector (#317)

Fixed

• Incorrect parsing of infinite loops (#329)
• Incorrect inheritance order
• Incorrect abi.decode parsing (#332)