From a37bd5e9cdea5a82b0b5dc69d5575b2ad28cecf0 Mon Sep 17 00:00:00 2001
From: Ahmed Ali <imahmedalibhatti@gmail.com>
Date: Sun, 3 Sep 2023 18:21:42 +0500
Subject: [PATCH] ci: add slither pipeline

---
 .github/workflows/slither.yml | 40 +++++++++++++++++++++++++++++++++++
 slither.config.json           |  4 ++++
 2 files changed, 44 insertions(+)
 create mode 100644 .github/workflows/slither.yml
 create mode 100644 slither.config.json

diff --git a/.github/workflows/slither.yml b/.github/workflows/slither.yml
new file mode 100644
index 0000000..5cf9dcc
--- /dev/null
+++ b/.github/workflows/slither.yml
@@ -0,0 +1,40 @@
+name: "Slither Analysis"
+
+on:
+  workflow_dispatch:
+  pull_request:
+  push:
+    branches:
+      - "main"
+
+jobs:
+  analyze:
+    runs-on: "ubuntu-latest"
+    permissions:
+      actions: "read"
+      contents: "read"
+      security-events: "write"
+    steps:
+      - name: "Check out the repo"
+        uses: "actions/checkout@v3"
+        with:
+          submodules: "recursive"
+
+      - name: "Run Slither analysis"
+        uses: "crytic/slither-action@v0.3.0"
+        id: "slither" # Required to reference this step in the next step.
+        with:
+          fail-on: "none" # Required to avoid failing the CI run regardless of findings.
+          node-version: 16
+          sarif: "results.sarif"
+          solc-version: "0.8.19"
+
+      - name: "Upload SARIF file to GitHub code scanning"
+        uses: "github/codeql-action/upload-sarif@v2"
+        with:
+          sarif_file: ${{ steps.slither.outputs.sarif }}
+
+      - name: "Add Slither summary"
+        run: |
+          echo "## Slither result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Uploaded to GitHub code scanning" >> $GITHUB_STEP_SUMMARY
diff --git a/slither.config.json b/slither.config.json
new file mode 100644
index 0000000..03c5ad9
--- /dev/null
+++ b/slither.config.json
@@ -0,0 +1,4 @@
+{
+  "detectors_to_exclude": "naming-convention,solc-version",
+  "filter_paths": "(lib|test|scripts)"
+}