1 | <p align="center">
|
2 | <img src="solhint.png">
|
3 | </p>
|
4 | <p align="center">
|
5 | By <a href="https://protofire.io/">Protofire</a>
|
6 | </p>
|
7 |
|
8 | [![Donate with Ethereum](https://en.cryptobadges.io/badge/micro/0xe8cdf02efd8ab0a490d7b2cb13553389c9bc932e)](https://en.cryptobadges.io/donate/0xe8cdf02efd8ab0a490d7b2cb13553389c9bc932e)
|
9 |
|
10 | [![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.svg)](https://gitter.im/solhint/Lobby)
|
11 | [![Build Status](https://travis-ci.org/protofire/solhint.svg?branch=master)](https://travis-ci.org/protofire/solhint)
|
12 | [![NPM version](https://badge.fury.io/js/solhint.svg)](https://npmjs.org/package/solhint)
|
13 | [![Coverage Status](https://coveralls.io/repos/github/protofire/solhint/badge.svg?branch=master)](
|
14 | https://coveralls.io/github/protofire/solhint?branch=master)
|
15 | [![MIT licensed](https://img.shields.io/badge/license-MIT-blue.svg)](https://raw.githubusercontent.com/protofire/solhint/master/LICENSE)
|
16 | [![dependencies Status](https://david-dm.org/protofire/solhint/status.svg)](https://david-dm.org/protofire/solhint)
|
17 | [![devDependencies Status](https://david-dm.org/protofire/solhint/dev-status.svg)](https://david-dm.org/protofire/solhint?type=dev)
|
18 |
|
19 | This is an open source project for linting [Solidity](http://solidity.readthedocs.io/en/develop/) code. This project
|
20 | provides both **Security** and **Style Guide** validations.
|
21 |
|
22 | ## Installation
|
23 |
|
24 | You can install Solhint using **npm**:
|
25 |
|
26 | ```sh
|
27 | npm install -g solhint
|
28 |
|
29 | # verify that it was installed correctly
|
30 | solhint --version
|
31 | ```
|
32 |
|
33 | ## Usage
|
34 |
|
35 | First initialize a configuration file, if you don't have one:
|
36 |
|
37 | ```sh
|
38 | solhint --init
|
39 | ```
|
40 |
|
41 | This will create a `.solhint.json` file with the default rules enabled. Then run Solhint with one or more [Globs](https://en.wikipedia.org/wiki/Glob_(programming)) as arguments. For example, to lint all files inside `contracts` directory, you can do:
|
42 |
|
43 | ```sh
|
44 | solhint "contracts/**/*.sol"
|
45 | ```
|
46 |
|
47 | To lint a single file:
|
48 |
|
49 | ```sh
|
50 | solhint contracts/MyToken.sol
|
51 | ```
|
52 |
|
53 | Run `solhint` without arguments to get more information:
|
54 |
|
55 | ```text
|
56 | Usage: solhint [options] <file> [...other_files]
|
57 |
|
58 | Linter for Solidity programming language
|
59 |
|
60 | Options:
|
61 |
|
62 | -V, --version output the version number
|
63 | -f, --formatter [name] report formatter name (stylish, table, tap, unix)
|
64 | -w, --max-warnings [maxWarningsNumber] number of allowed warnings
|
65 | -c, --config [file_name] file to use as your .solhint.json
|
66 | -q, --quiet report errors only - default: false
|
67 | --ignore-path [file_name] file to use as your .solhintignore
|
68 | --fix automatically fix problems
|
69 | --init create configuration file for solhint
|
70 | -h, --help output usage information
|
71 |
|
72 | Commands:
|
73 |
|
74 | stdin [options] linting of source code data provided to STDIN
|
75 | ```
|
76 |
|
77 | ## Configuration
|
78 |
|
79 | You can use a `.solhint.json` file to configure Solhint for the whole project.
|
80 |
|
81 | To generate a new sample `.solhint.json` file in current folder you can do:
|
82 |
|
83 | ```sh
|
84 | solhint --init
|
85 | ```
|
86 |
|
87 | This file has the following
|
88 | format:
|
89 |
|
90 |
|
91 | ```json
|
92 | {
|
93 | "extends": "solhint:recommended",
|
94 | "plugins": [],
|
95 | "rules": {
|
96 | "avoid-suicide": "error",
|
97 | "avoid-sha3": "warn"
|
98 | }
|
99 | }
|
100 | ```
|
101 | A full list of all supported rules can be found [here](docs/rules.md).
|
102 |
|
103 | To ignore files that do not require validation you can use a `.solhintignore` file. It supports rules in
|
104 | the `.gitignore` format.
|
105 |
|
106 | ```
|
107 | node_modules/
|
108 | additional-tests.sol
|
109 | ```
|
110 |
|
111 | ### Extendable rulesets
|
112 |
|
113 | The default rulesets provided by solhint are the following:
|
114 |
|
115 | + solhint:default
|
116 | + solhint:recommended
|
117 |
|
118 | Use one of these as the value for the "extends" property in your configuration file.
|
119 |
|
120 | ### Configure the linter with comments
|
121 |
|
122 | You can use comments in the source code to configure solhint in a given line or file.
|
123 |
|
124 | For example, to disable all validations in the line following a comment:
|
125 |
|
126 | ```solidity
|
127 | // solhint-disable-next-line
|
128 | uint[] a;
|
129 | ```
|
130 |
|
131 | You can disable specific rules on a given line. For example:
|
132 |
|
133 | ```solidity
|
134 | // solhint-disable-next-line not-rely-on-time, not-rely-on-block-hash
|
135 | uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number))));
|
136 | ```
|
137 |
|
138 | Disable validation on current line:
|
139 |
|
140 | ```solidity
|
141 | uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number)))); // solhint-disable-line
|
142 | ```
|
143 |
|
144 | Disable specific rules on current line:
|
145 |
|
146 | ```solidity
|
147 | uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number)))); // solhint-disable-line not-rely-on-time, not-rely-on-block-hash
|
148 | ```
|
149 |
|
150 | You can disable a rule for a group of lines:
|
151 |
|
152 | ```solidity
|
153 | /* solhint-disable avoid-tx-origin */
|
154 | function transferTo(address to, uint amount) public {
|
155 | require(tx.origin == owner);
|
156 | to.call.value(amount)();
|
157 | }
|
158 | /* solhint-enable avoid-tx-origin */
|
159 | ```
|
160 |
|
161 | Or disable all validations for a group of lines:
|
162 |
|
163 | ```solidity
|
164 | /* solhint-disable */
|
165 | function transferTo(address to, uint amount) public {
|
166 | require(tx.origin == owner);
|
167 | to.call.value(amount)();
|
168 | }
|
169 | /* solhint-enable */
|
170 | ```
|
171 |
|
172 | ## Rules
|
173 | ### Security Rules
|
174 | [Full list with all supported Security Rules](docs/rules.md#security-rules)
|
175 | ### Style Guide Rules
|
176 | [Full list with all supported Style Guide Rules](docs/rules.md#style-guide-rules)
|
177 | ### Best Practices Rules
|
178 | [Full list with all supported Best Practices Rules](docs/rules.md#best-practise-rules)
|
179 |
|
180 | ## Documentation
|
181 |
|
182 | Related documentation you may find [here](https://protofire.github.io/solhint/).
|
183 |
|
184 | ## IDE Integrations
|
185 |
|
186 | - **[Sublime Text 3](https://packagecontrol.io/search/solhint)**
|
187 | - **[Atom](https://atom.io/packages/atom-solidity-linter)**
|
188 | - **[Vim](https://github.com/sohkai/syntastic-local-solhint)**
|
189 | - **[JetBrains IDEA, WebStorm, CLion, etc.](https://plugins.jetbrains.com/plugin/10177-solidity-solhint)**
|
190 | - **[VS Code: Solidity by Juan Blanco](
|
191 | https://marketplace.visualstudio.com/items?itemName=JuanBlanco.solidity)**
|
192 | - **[VS Code: Solidity Language Support by CodeChain.io](
|
193 | https://marketplace.visualstudio.com/items?itemName=kodebox.solidity-language-server)**
|
194 |
|
195 | ## Table of Contents
|
196 |
|
197 | * [Roadmap](ROADMAP.md): The core project's roadmap - what the core team is looking to work on in the near future.
|
198 | * [Contributing](docs/contributing.md): The core Solhint team :heart: contributions. This describes how you can contribute to the Solhint Project.
|
199 | * [Shareable configs](docs/shareable-configs.md): How to create and share your own configurations.
|
200 | * [Writing plugins](docs/writing-plugins.md): How to extend Solhint with your own rules.
|
201 |
|
202 | ## Plugins
|
203 |
|
204 | - [solhint-plugin-prettier](https://github.com/fvictorio/solhint-plugin-prettier): Integrate Solhint
|
205 | with the [Solidity plugin for Prettier](https://github.com/prettier-solidity/prettier-plugin-solidity).
|
206 |
|
207 | ## Who uses Solhint?
|
208 | [<img src="https://avatars0.githubusercontent.com/u/20820676?s=200&v=4" width="75px" height="75px" alt="OpenZeppelin" title="OpenZeppelin" style="margin: 20px 20px 0 0" />](https://github.com/OpenZeppelin)
|
209 | [<img src="https://avatars2.githubusercontent.com/u/28943015?s=200&v=4" width="75px" height="75px" alt="POA Network - Public EVM Sidechain" title="POA Network - Public EVM Sidechain" style="margin: 20px 20px 0 0" />](https://github.com/poanetwork) [<img src="https://avatars3.githubusercontent.com/u/24832717?s=200&v=4" width="75px" height="75px" alt="0x" title="0x" style="margin: 20px 20px 0 0" />](https://github.com/0xProject) [<img src="https://avatars1.githubusercontent.com/u/24954468?s=200&v=4" width="75px" height="75px" alt="GNOSIS" title="GNOSIS" style="margin: 20px 20px 0 0"/>](https://github.com/gnosis)
|
210 |
|
211 | ### Projects
|
212 |
|
213 | - OpenZeppelin:
|
214 | - [openzeppelin-contracts](https://github.com/OpenZeppelin/openzeppelin-contracts)
|
215 | - POA Network - Public EVM Sidechain:
|
216 | - [Proof of Physical Address (PoPA)](https://github.com/poanetwork/poa-popa)
|
217 | - [Proof of Bank Account (PoBA)](https://github.com/poanetwork/poa-poba)
|
218 | - [0x](https://github.com/0xProject/0x-monorepo/tree/development/contracts)
|
219 | - Gnosis:
|
220 | - [Gnosis Prediction Market Contracts](https://github.com/gnosis/pm-contracts)
|
221 | - [The DutchX decentralized trading protocol](https://github.com/gnosis/dex-contracts)
|
222 |
|
223 | ## Acknowledgements
|
224 |
|
225 | The Solidity parser used is [`@solidity-parser/parser`](https://github.com/solidity-parser/parser).
|
226 |
|
227 | ## Licence
|
228 |
|
229 | MIT
|
230 |
|
231 | ## Back us
|
232 | Solhint is free to use and open-sourced. If you value our effort and feel like helping us to keep pushing this tool forward, you can send us a small donation. We'll highly appreciate it :)
|
233 |
|
234 | [![Donate with Ethereum](https://en.cryptobadges.io/badge/micro/0xe8cdf02efd8ab0a490d7b2cb13553389c9bc932e)](https://en.cryptobadges.io/donate/0xe8cdf02efd8ab0a490d7b2cb13553389c9bc932e)
|
235 |
|
236 | ## Related projects
|
237 |
|
238 | - [eth-cli](https://github.com/protofire/eth-cli): CLI swiss army knife for Ethereum developers.
|