Add CI

.github/scripts/comment.js

@@ -0,0 +1,24 @@
+module.exports = async ({ github, context, header, body }) => {
+    const comment = [header, body].join('\n')
+
+    const { data: comments } = await github.rest.issues.listComments({
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+        issue_number: context.payload.number
+    })
+
+    const botComment = comments.find(
+        (comment) =>
+            // github-actions bot user
+            comment.user.id === 41898282 && comment.body.startsWith(header)
+    )
+
+    const commentFn = botComment ? 'updateComment' : 'createComment'
+
+    await github.rest.issues[commentFn]({
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+        body: comment,
+        ...(botComment ? { comment_id: botComment.id } : { issue_number: context.payload.number })
+    })
+}

.github/workflows/PR.yml

@@ -6,11 +6,8 @@ on:
 
 jobs:
   eslint:
-    name: eslint
+    name: ESLint
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -27,3 +24,112 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           reporter: github-pr-check
           filter_mode: nofilter
+  prettier:
+    name: Prettier
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          cache: 'npm'
+      - name: Install dependencies
+        run: npm ci
+      - uses: EPMatt/reviewdog-action-prettier@v1
+        with:
+          github_token: ${{ secrets.github_token }}
+          reporter: github-pr-check
+          filter_mode: nofilter
+          prettier_flags: "**/*.{js,sol,ts,json,jsx,tsx}"
+  solhint:
+    name: Solhint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          cache: 'npm'
+      - name: Install dependencies
+        run: npm ci
+      - name: Setup reviewdog
+        uses: reviewdog/action-setup@v1
+        with:
+          reviewdog_version: latest
+      - name: Run solhint
+        env:
+          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          npx solhint -f sarif 'contracts/**/*.sol' | reviewdog -f=sarif -reporter=github-pr-check -level=error -fail-level=none -filter-mode=nofilter -name=solhint 
+  coverage:
+    name: Coverage
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 1000
+      - name: Fetch base
+        run: git fetch origin ${{ github.event.pull_request.base.ref }} --depth=1000
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          cache: 'npm'
+      - name: Install dependencies
+        run: npm ci
+      - name: Run coverage
+        run: SOLIDITY_COVERAGE=true  npx hardhat coverage
+      - name: Setup LCOV
+        uses: hrishikesh-kadam/setup-lcov@v1
+      - name: Report code coverage
+        uses: zgosalvez/github-actions-report-lcov@v3
+        with:
+          coverage-files: coverage/lcov.info
+          minimum-coverage: 90
+          artifact-name: code-coverage-report
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          working-directory: .
+          update-comment: true
+  slither:
+    name: Slither
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Setup reviewdog
+        uses: reviewdog/action-setup@v1
+        with:
+          reviewdog_version: latest
+      - name: Run Slither
+        uses: crytic/[email protected]
+        id: slither
+        with:
+          node-version: 20
+          sarif: "sarif.json"
+          fail-on: none
+          slither-args: --filter-paths node_modules/ --checklist --markdown-root ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}/
+      - name: Create/update checklist as PR comment
+        uses: actions/github-script@v7
+        if: ${{ (success() || failure()) && github.event_name == 'pull_request' }}
+        env:
+          REPORT: ${{ steps.slither.outputs.stdout }}
+        with:
+          script: |
+            const script = require('.github/scripts/comment')
+            const header = '# Slither report'
+            const body = process.env.REPORT
+            await script({ github, context, header, body })
+      - name: Run reviewdog
+        if: ${{ success() || failure() }}
+        env:
+          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          cat sarif.json
+          cat sarif.json | reviewdog -f=sarif -reporter=github-pr-check -filter-mode=nofilter -level=error -fail-level=none -name=slither 
+        

.github/workflows/ci.yml

@@ -5,7 +5,7 @@ on:
 
 jobs:
   build:
-    name: build
+    name: Build
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -33,7 +33,7 @@ jobs:
         run: |
           echo "❌ Failed" >> $GITHUB_STEP_SUMMARY
   test:
-    name: test
+    name: Test
     runs-on: ubuntu-latest
     needs: [build]
     steps:
@@ -49,22 +49,12 @@ jobs:
       - name: Test contracts
         id: run_tests
         run: |
-          (npm run --silent test >> /tmp/TEST_OUTPUT) || FAILED=1
-          {
-            echo "test_output<<RANDOM_DELIMITER_THAT_MOST_DEFINITELY_WONT_APPEAR_IN_TEXT"
-            cat /tmp/TEST_OUTPUT
-            echo "RANDOM_DELIMITER_THAT_MOST_DEFINITELY_WONT_APPEAR_IN_TEXT"
-          } >> "$GITHUB_OUTPUT"
-          cat /tmp/TEST_OUTPUT
-          if [ ${FAILED:-0} -eq 1 ]
-          then
-            exit 1
-          fi
+          npm run --silent test
       - name: "Add test summary"
         if: ${{ success() || failure() }}
         run: |
           echo "## Tests result" >> $GITHUB_STEP_SUMMARY
-          echo "${{steps.run_tests.outputs.test_output}}" >> $GITHUB_STEP_SUMMARY
+          echo "${{steps.run_tests.outputs.stdout}}" >> $GITHUB_STEP_SUMMARY
       - name: "Add test result (success)"
         if: ${{ success() && steps.run_tests.outcome == 'success' }}
         run: |

.solhint.json

@@ -1,3 +1,6 @@
 {
-    "extends": "solhint:recommended"
-}
+    "extends": "solhint:recommended",
+    "rules": {
+        "func-visibility": ["warn", { "ignoreConstructors": true }]
+    }
+}

.vscode/extensions.json

@@ -1,19 +1,17 @@
 {
-	// See https://go.microsoft.com/fwlink/?LinkId=827846 to learn about workspace recommendations.
-	// Extension identifier format: ${publisher}.${name}. Example: vscode.csharp
+    // See https://go.microsoft.com/fwlink/?LinkId=827846 to learn about workspace recommendations.
+    // Extension identifier format: ${publisher}.${name}. Example: vscode.csharp
 
-	// List of extensions which should be recommended for users of this workspace.
-	"recommendations": [
-		"dbaeumer.vscode-eslint",
-		"hbenl.vscode-mocha-test-adapter",
-		"esbenp.prettier-vscode",
-		"JuanBlanco.solidity",
-		"ms-vscode.test-adapter-converter",
-		"hbenl.vscode-test-explorer",
-		"mhutchie.git-graph"
-	],
-	// List of extensions recommended by VS Code that should not be recommended for users of this workspace.
-	"unwantedRecommendations": [
-		"NomicFoundation.hardhat-solidity"
-	]
-}
+    // List of extensions which should be recommended for users of this workspace.
+    "recommendations": [
+        "dbaeumer.vscode-eslint",
+        "hbenl.vscode-mocha-test-adapter",
+        "esbenp.prettier-vscode",
+        "JuanBlanco.solidity",
+        "ms-vscode.test-adapter-converter",
+        "hbenl.vscode-test-explorer",
+        "mhutchie.git-graph"
+    ],
+    // List of extensions recommended by VS Code that should not be recommended for users of this workspace.
+    "unwantedRecommendations": ["NomicFoundation.hardhat-solidity"]
+}

.vscode/keybindings.json

@@ -1,6 +1,6 @@
 [
     {
-    "key": "f5",
+        "key": "f5",
         "command": "-solidity.compile.active",
         "when": "editorTextFocus && editorLangId == 'solidity'"
     },
@@ -9,4 +9,4 @@
         "command": "-solidity.compile",
         "when": "editorTextFocus && editorLangId == 'solidity'"
     }
-]
+]

.vscode/launch.json

@@ -7,31 +7,21 @@
         {
             "name": "Compile (hardhat)",
             "request": "launch",
-            "runtimeArgs": [
-                "hardhat",
-                "compile"
-            ],
+            "runtimeArgs": ["hardhat", "compile"],
             "runtimeExecutable": "npx",
-            "skipFiles": [
-                "<node_internals>/**"
-            ],
+            "skipFiles": ["<node_internals>/**"],
             "type": "node",
             "console": "integratedTerminal"
         },
         {
             "name": "Test (hardhat)",
             "request": "launch",
-            "runtimeArgs": [
-                "hardhat",
-                "test"
-            ],
+            "runtimeArgs": ["hardhat", "test"],
             "runtimeExecutable": "npx",
-            "skipFiles": [
-                "<node_internals>/**"
-            ],
+            "skipFiles": ["<node_internals>/**"],
             "type": "node",
             "console": "integratedTerminal",
             "preLaunchTask": "npm: compile"
         }
     ]
-}
+}

.vscode/settings.json

@@ -6,6 +6,5 @@
     },
     "mochaExplorer.exit": true,
     "editor.formatOnSave": true,
-    "solidity.linter": "solhint",
-    "workspaceKeybindings.myAwesomeTask.enabled": true
-}
+    "solidity.linter": "solhint"
+}

contracts/FundToken.sol

@@ -2,9 +2,9 @@
 // Compatible with OpenZeppelin Contracts ^5.0.0
 pragma solidity ^0.8.22;
 
-import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
-import "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
-import "@openzeppelin/contracts/access/Ownable.sol";
+import { ERC20 } from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
+import { ERC20Burnable } from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
+import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
 
 contract FundToken is ERC20, ERC20Burnable, Ownable {
 	constructor(

contracts/FunnyNft.sol

@@ -2,9 +2,9 @@
 // Compatible with OpenZeppelin Contracts ^5.0.0
 pragma solidity ^0.8.22;
 
-import "@openzeppelin/contracts/token/ERC721/ERC721.sol";
-import "@openzeppelin/contracts/token/ERC721/extensions/ERC721Enumerable.sol";
-import "@openzeppelin/contracts/access/Ownable.sol";
+import { ERC721 } from "@openzeppelin/contracts/token/ERC721/ERC721.sol";
+import { ERC721Enumerable } from "@openzeppelin/contracts/token/ERC721/extensions/ERC721Enumerable.sol";
+import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
 
 contract FunnyNft is ERC721, ERC721Enumerable, Ownable {
 	uint256 private _nextTokenId;

contracts/MallorysMaliciousMisappropriation.sol

@@ -7,13 +7,17 @@ import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
 
 contract MallorysMaliciousMisappropriation is Ownable {
 	NftInvestmentFund public nftInvestmentFund;
-	uint256 tokenCount;
+	uint256 private tokenCount;
+
+	error InvestmentFundNotEnded();
+	error FailedToSendEther();
 
 	constructor(address payable _nftInvestmentFundAddress) Ownable(msg.sender) {
 		nftInvestmentFund = NftInvestmentFund(_nftInvestmentFundAddress);
 	}
 
 	// Receive is called when the contract receives Ether
+	// solhint-disable-next-line no-complex-fallback
 	receive() external payable {
 		// The attack
 		uint256 withdrawAmount = (nftInvestmentFund.balanceAtEnd() / nftInvestmentFund.fundTokensAtEnd()) * tokenCount;
@@ -23,7 +27,7 @@ contract MallorysMaliciousMisappropriation is Ownable {
 	}
 
 	function attack() external onlyOwner {
-		require(nftInvestmentFund.ended());
+		if (!nftInvestmentFund.ended()) revert InvestmentFundNotEnded();
 
 		FundToken fundToken = FundToken(nftInvestmentFund.fundToken());
 		tokenCount = fundToken.balanceOf(address(this));
@@ -34,6 +38,6 @@ contract MallorysMaliciousMisappropriation is Ownable {
 
 	function withdraw() external onlyOwner {
 		(bool sent, ) = payable(msg.sender).call{ value: address(this).balance }("");
-		require(sent);
+		if (!sent) revert FailedToSendEther();
 	}
 }