├── .gitignore ├── .vscode ├── launch.json ├── settings.json └── tasks.json ├── .vscodeignore ├── CHANGELOG.md ├── LICENSE ├── README.md ├── images ├── context-menu.png ├── logo.png └── result.png ├── out ├── extension.js ├── extension.js.map └── test │ ├── extension.test.js │ ├── extension.test.js.map │ ├── index.js │ └── index.js.map ├── package-lock.json ├── package.json ├── solc └── soljson.js ├── src ├── extension.ts └── test │ ├── extension.test.ts │ └── index.ts └── tsconfig.json /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | -------------------------------------------------------------------------------- /.vscode/launch.json: -------------------------------------------------------------------------------- 1 | // A launch configuration that compiles the extension and then opens it inside a new window 2 | // Use IntelliSense to learn about possible attributes. 3 | // Hover to view descriptions of existing attributes. 4 | // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 5 | { 6 | "version": "0.2.0", 7 | "configurations": [ 8 | { 9 | "name": "Extension", 10 | "type": "extensionHost", 11 | "request": "launch", 12 | "runtimeExecutable": "${execPath}", 13 | "args": [ 14 | "--extensionDevelopmentPath=${workspaceFolder}" 15 | ], 16 | "outFiles": [ 17 | "${workspaceFolder}/out/**/*.js" 18 | ], 19 | "preLaunchTask": "npm: watch" 20 | }, 21 | { 22 | "name": "Extension Tests", 23 | "type": "extensionHost", 24 | "request": "launch", 25 | "runtimeExecutable": "${execPath}", 26 | "args": [ 27 | "--extensionDevelopmentPath=${workspaceFolder}", 28 | "--extensionTestsPath=${workspaceFolder}/out/test" 29 | ], 30 | "outFiles": [ 31 | "${workspaceFolder}/out/test/**/*.js" 32 | ], 33 | "preLaunchTask": "npm: watch" 34 | } 35 | ] 36 | } 37 | -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | // Place your settings in this file to overwrite default and user settings. 2 | { 3 | "files.exclude": { 4 | "out": false // set this to true to hide the "out" folder with the compiled JS files 5 | }, 6 | "search.exclude": { 7 | "out": true // set this to false to include "out" folder in search results 8 | }, 9 | // Turn off tsc task auto detection since we have the necessary tasks as npm scripts 10 | "typescript.tsc.autoDetect": "off" 11 | } -------------------------------------------------------------------------------- /.vscode/tasks.json: -------------------------------------------------------------------------------- 1 | // See https://go.microsoft.com/fwlink/?LinkId=733558 2 | // for the documentation about the tasks.json format 3 | { 4 | "version": "2.0.0", 5 | "tasks": [ 6 | { 7 | "type": "npm", 8 | "script": "watch", 9 | "problemMatcher": "$tsc-watch", 10 | "isBackground": true, 11 | "presentation": { 12 | "reveal": "never" 13 | }, 14 | "group": { 15 | "kind": "build", 16 | "isDefault": true 17 | } 18 | } 19 | ] 20 | } -------------------------------------------------------------------------------- /.vscodeignore: -------------------------------------------------------------------------------- 1 | .vscode/** 2 | .vscode-test/** 3 | out/test/** 4 | out/**/*.map 5 | src/** 6 | .gitignore 7 | tsconfig.json 8 | vsc-extension-quickstart.md 9 | tslint.json -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Change Log 2 | All notable changes to the "vscode-secbit-ssae" extension will be documented in this file. 3 | 4 | ## [Unreleased] 5 | - Initial release -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License 2 | 3 | Copyright (c) 2018 SECBIT Labs. https://secbit.io/ 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Visual Studio Code Extension for SECBIT Solidity Static Analysis Extension 2 | 3 | This is an [Visual Studio Code Extension](https://marketplace.visualstudio.com/items?itemName=SECBIT.vscode-secbit-ssae) for running SECBIT 4 | Solidity Static Analysis over Solidity source code. 5 | 6 | ## Features 7 | 8 | This extension is an user interface to the [SECBIT Solidity Static Analysis Extension](https://github.com/sec-bit/adelaide) 9 | which extended the [Solidity compiler](https://github.com/ethereum/solidity) to provide 10 | additional diagnostics on known issues and violations of best practices. 11 | 12 | The main functionality is provided via the context menu command `Run SECBIT Analysis`. 13 | 14 | ![analysis](images/context-menu.png) 15 | 16 | Triggering this command would run the SECBIT-extended `solc` and report diagnostics generated. 17 | 18 | ![result](images/result.png) 19 | 20 | ## Requirements 21 | 22 | This extension does not provide Solidity language support. Some other extension, 23 | such as [solidity-extended](https://github.com/beaugunderson/vscode-solidity-extended), 24 | should be installed for this extension to function properly. 25 | 26 | This extension ships with a copy of the `soljson.js` Solidity compiler with [SECBIT extensions](https://github.com/sec-bit/adelaide). 27 | So no local `solc` binary is required by default. 28 | But `soljson.js` does not support SMT-based checks. 29 | If they are needed, a copy of the `solc` Solidity compiler with [SECBIT extensions](https://github.com/sec-bit/adelaide) built with SMT lib is required. 30 | It would be built from source following the same instruction as building a vanilla `solc`. 31 | 32 | ## Usage 33 | 34 | Copy this repository to `~/.vscode/extensions` and reload the IDE. 35 | 36 | ## Extension Settings 37 | 38 | This extension provides the following settings: 39 | 40 | ```javascript 41 | // Run ERC20-specific checks. 42 | "secbit.asERC20": false, 43 | 44 | // Only enable the checks in this list. Enable all checks when the list contains no valid entry. 45 | "secbit.enables": [], 46 | 47 | // Disable SMT-solver-related checks. This is set to true when using soljson. 48 | "secbit.noSMT": false, 49 | 50 | // Run SECBIT static analysis on file save. 51 | "secbit.onSave": false, 52 | 53 | // Path to the SECBIT-extended solc. Use soljson by default. 54 | "secbit.solc": "" 55 | ``` 56 | 57 | ## Currently Supported Checks 58 | 59 | ### ERC20 Specific 60 | 61 | #### approve-no-event 62 | `Error` 63 | 64 | [SECBIT: no-Approval](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#b7-no-approval) 65 | 66 | #### erc20-mintable 67 | `Warning` 68 | 69 | Contract is mintable (The contract, or any of its base contract, contains a function with the name matching `/^_?mint.*$/`). 70 | 71 | #### erc20-no-decimals 72 | `Error` 73 | 74 | The contract and all of its base contract do not have a `decimals` ABI. 75 | 76 | This error only reports on a contract that is not a base contract of any other contract. 77 | 78 | [SECBIT: no-decimals](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#b4-no-decimals) 79 | 80 | #### erc20-no-name 81 | `Error` 82 | 83 | The contract and all of its base contract do not have a `name` ABI. 84 | 85 | This error only reports on a contract that is not a base contract of any other contract. 86 | 87 | [SECBIT: no-name](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#b5-no-name) 88 | 89 | #### erc20-no-return 90 | `Error` 91 | 92 | [SECBIT: transfer-no-return](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#b1-transfer-no-return) 93 | 94 | [SECBIT: approve-no-return](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#b2-approve-no-return) 95 | 96 | [SECBIT: transferFrom-no-return](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#b3-transferfrom-no-return) 97 | 98 | #### erc20-no-symbol 99 | `Error` 100 | 101 | The contract and all of its base contract do not have a `symbol` ABI. 102 | 103 | This error only reports on a contract that is not a base contract of any other contract. 104 | 105 | [SECBIT: no-symbol](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#b6-no-symbol) 106 | 107 | #### transfer-no-event 108 | `Error` 109 | 110 | ERC20 transfer functions should emit Transfer event in some cases. 111 | 112 | #### transfer-no-revert 113 | `Error` 114 | 115 | ERC20 transfer functions should revert in some cases. 116 | 117 | #### transferfrom-no-allowed-check 118 | `Warning` 119 | 120 | No check on `allowed` within a ERC20 `transferFrom()` function. 121 | 122 | #### approve-with-balance-verify 123 | `Warning` 124 | 125 | [SECBIT: approve-with-balance-verify](https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/ERC20_token_issue_list.md#a19-approve-with-balance-verify) 126 | 127 | #### short-addr 128 | `Error` 129 | 130 | The short-address attack. 131 | 132 | 133 | ### Vulnerabilities 134 | 135 | #### blockhash 136 | `Warning` 137 | 138 | The return value of `blockhash()` could be controlled by miners. 139 | 140 | #### dirty-padding 141 | `Error` 142 | 143 | Be aware of "dirty higher order bits". 144 | 145 | [Solidity: security considerations](https://solidity.readthedocs.io/en/v0.4.24/security-considerations.html?highlight=dirty#minor-details) 146 | 147 | #### int-div 148 | `Warning` 149 | 150 | Integer division. 151 | 152 | #### forced-ether 153 | `Error` 154 | 155 | Conditions on ether balance are not reliable since ether could 156 | be forced into a contract. 157 | 158 | [ConsenSys: forcibly sending ether to a contract](https://consensys.github.io/smart-contract-best-practices/known_attacks/#forcibly-sending-ether-to-a-contract) 159 | 160 | #### pull-vs-push 161 | `Error` 162 | 163 | Avoid DoS by using a [pull payment system](https://consensys.github.io/smart-contract-best-practices/recommendations#favor-pull-over-push-for-external-calls) 164 | 165 | [ConsenSys: DoS with unexpected revert](https://consensys.github.io/smart-contract-best-practices/known_attacks/#dos-with-unexpected-revert) 166 | 167 | #### private-modifier 168 | `Information` 169 | 170 | Data with `private` modifier is still visible. 171 | 172 | #### redundant-fallback 173 | `Warning` 174 | 175 | Fallback function with a single `throw` is redundant. 176 | 177 | #### reentrance 178 | `Error` 179 | 180 | The DAO attack. 181 | 182 | [ConsenSys: avoid state changes after external calls](https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-state-changes-after-external-calls) 183 | 184 | This check uses SMT solver. 185 | 186 | #### send-vs-transfer 187 | `Warning` 188 | 189 | Preferred `transfer()` over `send()` or `call.value()`. 190 | 191 | [ConsenSys: Be aware of the tradeoffs between send(), transfer(), and call.value()](https://consensys.github.io/smart-contract-best-practices/recommendations/#be-aware-of-the-tradeoffs-between-send-transfer-and-callvalue) 192 | 193 | #### timestamp 194 | `Warning` 195 | 196 | `timestamp` could be manipulated by miners. 197 | 198 | [ConsenSys: Timestamp Dependence](https://consensys.github.io/smart-contract-best-practices/known_attacks/#timestamp-dependence) 199 | 200 | #### tx-origin 201 | `Error` 202 | 203 | Avoid using `tx.origin`. 204 | 205 | [ConsenSys: avoid using tx.origin](https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-using-txorigin) 206 | 207 | #### unchecked-math 208 | `Error` 209 | 210 | Integer over/underflows. 211 | 212 | [ConsenSys: integer overflow and underflow](https://consensys.github.io/smart-contract-best-practices/known_attacks/#integer-overflow-and-underflow) 213 | 214 | This check uses SMT solver. 215 | 216 | ### Coding style issues 217 | 218 | #### bad-name 219 | `Information` 220 | 221 | Event names should start with upper cases and function names should 222 | start with lower cases. 223 | 224 | [Solidity: Naming style](http://solidity.readthedocs.io/en/v0.4.24/style-guide.html#event-names) 225 | 226 | #### constant-mutability 227 | `Information` 228 | 229 | Using deprecating `constant`. 230 | 231 | #### delegatecall 232 | `Warning` 233 | 234 | Using `delegatecall`. 235 | 236 | #### fix-version 237 | `Information` 238 | 239 | It is recommended to use a fixed language version. 240 | 241 | #### hardcode-addr 242 | `Warning` 243 | 244 | Hard-coded address in the contract. 245 | 246 | #### implicit-visibility 247 | `Information` 248 | 249 | Visibility is not specified explicitly. 250 | 251 | #### no-return 252 | `Information` 253 | 254 | No return statement in a function that returns value. 255 | 256 | #### pure-function 257 | `Information` 258 | 259 | Could use a more strict state-mutability specification. 260 | 261 | #### revert-vs-require 262 | `Information` 263 | 264 | Use `require` instead of `revert`. 265 | 266 | #### suicide 267 | `Information` 268 | 269 | Using `suicide`. 270 | 271 | #### sha3 272 | `Information` 273 | 274 | Using `sha3`. 275 | 276 | #### throw 277 | `Information` 278 | 279 | Using `throw`. 280 | 281 | #### type-inference 282 | `Information` 283 | 284 | Unsafe type inference. 285 | 286 | #### view-immutable 287 | `Information` 288 | 289 | Could use a more strict state-mutability specification. 290 | 291 | ### Gas optimization 292 | 293 | #### byte-array 294 | `gas` 295 | `Information` 296 | 297 | Reduce gas consumption by replacing `bytes` with `byte[]` when possible. 298 | 299 | ## Known Issues 300 | 301 | Being an static analysis tool, false positives and false negatives are unavoidable. Bug reports are welcomed. 302 | 303 | ## Contact Us 304 | 305 | If you run into any issues or have suggestions for us, feel free to [create issues](https://github.com/sec-bit/vscode-secbit-ssae/issues) and pull requests. 306 | 307 | ## Related Projects 308 | 309 | https://secbit.io 310 | 311 | - [Awesome Buggy ERC20 Tokens](https://github.com/sec-bit/awesome-buggy-erc20-tokens) - A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected 312 | 313 | - [adelaide](https://github.com/sec-bit/adelaide) - The SECBIT Static Analysis Extension to Solidity Compiler 314 | 315 | - [Token Libraries with Proofs](https://github.com/sec-bit/tokenlibs-with-proofs) - Contains correctness proofs of token contracts wrt. given specifications and high-level properties 316 | 317 | ## License 318 | 319 | This extension is open-sourced under the MIT license in the LICENSE file of this repository. -------------------------------------------------------------------------------- /images/context-menu.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sec-bit/vscode-secbit-ssae/661a18e65d4d5901b178e48df99821adebb46a9a/images/context-menu.png -------------------------------------------------------------------------------- /images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sec-bit/vscode-secbit-ssae/661a18e65d4d5901b178e48df99821adebb46a9a/images/logo.png -------------------------------------------------------------------------------- /images/result.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sec-bit/vscode-secbit-ssae/661a18e65d4d5901b178e48df99821adebb46a9a/images/result.png -------------------------------------------------------------------------------- /out/extension.js: -------------------------------------------------------------------------------- 1 | // Copyright SECBIT Labs 2018. 2 | 'use strict'; 3 | Object.defineProperty(exports, "__esModule", { value: true }); 4 | const vscode = require("vscode"); 5 | const fs = require("fs"); 6 | const cp = require("child_process"); 7 | const soljson = require("../solc/soljson.js"); 8 | // Known issues enumeration. 9 | const secbitKnownIssues = { 10 | 'erc20-no-return': { 11 | 'severity': vscode.DiagnosticSeverity.Error, 12 | 'type': 'erc20', 13 | }, 14 | 'erc20-return-false': { 15 | 'severity': vscode.DiagnosticSeverity.Error, 16 | 'type': 'erc20', 17 | }, 18 | 'erc20-no-decimals': { 19 | 'severity': vscode.DiagnosticSeverity.Error, 20 | 'type': 'erc20', 21 | }, 22 | 'erc20-no-name': { 23 | 'severity': vscode.DiagnosticSeverity.Error, 24 | 'type': 'erc20', 25 | }, 26 | 'erc20-no-symbol': { 27 | 'severity': vscode.DiagnosticSeverity.Error, 28 | 'type': 'erc20', 29 | }, 30 | 'erc20-mintable': { 31 | 'severity': vscode.DiagnosticSeverity.Warning, 32 | 'type': 'erc20', 33 | }, 34 | 'transfer-no-revert': { 35 | 'severity': vscode.DiagnosticSeverity.Error, 36 | 'type': 'erc20', 37 | }, 38 | 'transfer-no-event': { 39 | 'severity': vscode.DiagnosticSeverity.Error, 40 | 'type': 'erc20', 41 | }, 42 | 'approve-no-event': { 43 | 'severity': vscode.DiagnosticSeverity.Error, 44 | 'type': 'erc20', 45 | }, 46 | 'hardcode-addr': { 47 | 'severity': vscode.DiagnosticSeverity.Warning, 48 | 'type': 'code' 49 | }, 50 | 'byte-array': { 51 | 'severity': vscode.DiagnosticSeverity.Information, 52 | 'type': 'gas' 53 | }, 54 | 'constant-mutability': { 55 | 'severity': vscode.DiagnosticSeverity.Information, 56 | 'type': 'code' 57 | }, 58 | 'fix-version': { 59 | 'severity': vscode.DiagnosticSeverity.Information, 60 | 'type': 'code' 61 | }, 62 | 'int-div': { 63 | 'severity': vscode.DiagnosticSeverity.Warning, 64 | 'type': 'vulnerability' 65 | }, 66 | 'private-modifier': { 67 | 'severity': vscode.DiagnosticSeverity.Information, 68 | 'type': 'vulnerability' 69 | }, 70 | 'view-immutable': { 71 | 'severity': vscode.DiagnosticSeverity.Information, 72 | 'type': 'code' 73 | }, 74 | 'bad-name': { 75 | 'severity': vscode.DiagnosticSeverity.Information, 76 | 'type': 'code' 77 | }, 78 | 'tx-origin': { 79 | 'severity': vscode.DiagnosticSeverity.Error, 80 | 'type': 'vulnerability' 81 | }, 82 | 'throw': { 83 | 'severity': vscode.DiagnosticSeverity.Information, 84 | 'type': 'code' 85 | }, 86 | 'suicide': { 87 | 'severity': vscode.DiagnosticSeverity.Information, 88 | 'type': 'code' 89 | }, 90 | 'unchecked-math': { 91 | 'severity': vscode.DiagnosticSeverity.Error, 92 | 'type': 'vulnerability' 93 | }, 94 | 'sha3': { 95 | 'severity': vscode.DiagnosticSeverity.Information, 96 | 'type': 'code' 97 | }, 98 | 'timstamp': { 99 | 'severity': vscode.DiagnosticSeverity.Warning, 100 | 'type': 'vulnerability' 101 | }, 102 | 'implicit-visibility': { 103 | 'severity': vscode.DiagnosticSeverity.Information, 104 | 'type': 'code' 105 | }, 106 | 'redundant-fallback': { 107 | 'severity': vscode.DiagnosticSeverity.Warning, 108 | 'type': 'vulnerability' 109 | }, 110 | 'type-inference': { 111 | 'severity': vscode.DiagnosticSeverity.Information, 112 | 'type': 'code' 113 | }, 114 | 'revert-vs-require': { 115 | 'severity': vscode.DiagnosticSeverity.Information, 116 | 'type': 'code' 117 | }, 118 | 'pure-function': { 119 | 'severity': vscode.DiagnosticSeverity.Information, 120 | 'type': 'code' 121 | }, 122 | 'reentrance': { 123 | 'severity': vscode.DiagnosticSeverity.Error, 124 | 'type': 'vulnerability' 125 | }, 126 | 'dirty-padding': { 127 | 'severity': vscode.DiagnosticSeverity.Error, 128 | 'type': 'vulnerability' 129 | }, 130 | 'no-return': { 131 | 'severity': vscode.DiagnosticSeverity.Information, 132 | 'type': 'code' 133 | }, 134 | 'delegatecall': { 135 | 'severity': vscode.DiagnosticSeverity.Warning, 136 | 'type': 'code' 137 | }, 138 | 'send-vs-transfer': { 139 | 'severity': vscode.DiagnosticSeverity.Warning, 140 | 'type': 'vulnerability' 141 | }, 142 | 'forced-ether': { 143 | 'severity': vscode.DiagnosticSeverity.Error, 144 | 'type': 'vulnerability' 145 | }, 146 | 'pull-vs-push': { 147 | 'severity': vscode.DiagnosticSeverity.Error, 148 | 'type': 'vulnerability' 149 | }, 150 | 'blockhash': { 151 | 'severity': vscode.DiagnosticSeverity.Warning, 152 | 'type': 'vulnerability' 153 | }, 154 | 'short-addr': { 155 | 'severity': vscode.DiagnosticSeverity.Error, 156 | 'type': 'erc20' 157 | }, 158 | 'transferfrom-no-allowed-check': { 159 | 'severity': vscode.DiagnosticSeverity.Warning, 160 | 'type': 'erc20' 161 | }, 162 | 'approve-with-balance-verify': { 163 | 'severity': vscode.DiagnosticSeverity.Warning, 164 | 'type': 'erc20' 165 | } 166 | }; 167 | // this method is called when your extension is activated 168 | // your extension is activated the very first time the command is executed 169 | function activate(context) { 170 | console.log('Started SECBIT Solidity Static Analysis Extension'); 171 | var l = ""; 172 | for (let issue in secbitKnownIssues) { 173 | var s = 'Information'; 174 | if (secbitKnownIssues[issue].severity == vscode.DiagnosticSeverity.Warning) { 175 | s = 'Warning'; 176 | } 177 | else if (secbitKnownIssues[issue].severity == vscode.DiagnosticSeverity.Error) { 178 | s = 'Error'; 179 | } 180 | l = l + '* ' + issue + '\n**' + secbitKnownIssues[issue].type + '**\n**' + s + '**\n\n'; 181 | } 182 | let dc = vscode.languages.createDiagnosticCollection('solidity'); 183 | function processErrors(doc, errs) { 184 | dc.clear(); 185 | // Collect diagnostics. 186 | var diags = []; 187 | for (let err of errs) { 188 | console.log('Processing [' + err.tag + ']'); 189 | var severity = vscode.DiagnosticSeverity.Information; 190 | if (!!secbitKnownIssues[err.tag]) { 191 | severity = secbitKnownIssues[err.tag].severity; 192 | } 193 | const diag = new vscode.Diagnostic(new vscode.Range(Number(err.startline) - 1, Number(err.startcolumn) - 1, Number(err.endline) - 1, Number(err.endcolumn) - 1), '[secbit:' + err.tag + '] ' + err.desc, severity); 194 | diags.push(diag); 195 | } 196 | dc.set(doc.uri, diags); 197 | } 198 | function updateDiags(doc) { 199 | if (doc.languageId != 'solidity') { 200 | return; 201 | } 202 | console.log('Started SECBIT analysis...'); 203 | // Invoke solc with secbit args. 204 | let config = vscode.workspace.getConfiguration('secbit'); 205 | var tags = []; 206 | if (!!config.enables) { 207 | for (let tag of config.enables) { 208 | if (!!secbitKnownIssues[tag]) { 209 | tags.push(tag); 210 | } 211 | else { 212 | vscode.window.showInformationMessage('Unknown check: ' + tag); 213 | } 214 | } 215 | } 216 | if (!!config.solc && config.solc != "") { 217 | // Use the given solc. 218 | var args = ['-o', '/', '--overwrite']; 219 | if (!!config.noSMT && config.noSMT == true) { 220 | args.push('--no-smt'); 221 | } 222 | for (let tag of tags) { 223 | args.push('--secbit-tag'); 224 | args.push(tag); 225 | } 226 | if (config.asERC20 === true) { 227 | args.push('--erc20'); 228 | } 229 | // Use active editor as input file. 230 | let input = doc.uri.fsPath; 231 | // Error output. 232 | let output = input + ".err"; 233 | args.push('--secbit-warnings'); 234 | args.push(output); 235 | args.push(input); 236 | const solc = cp.spawn(config.solc, args); 237 | console.log("Running " + args.join(' ')); 238 | // Show error info. 239 | solc.on('error', (err) => { 240 | vscode.window.showInformationMessage('Failed to start ' + config.solc); 241 | }); 242 | solc.stderr.on('data', (data) => { 243 | vscode.window.showInformationMessage('Analysis failed:\n' + data); 244 | }); 245 | // On finish, update diagnostics. 246 | solc.on('close', (code) => { 247 | console.log(`solc exited with code ${code}`); 248 | if (code != 0) { 249 | if (fs.statSync(output)) { 250 | fs.unlinkSync(output); 251 | } 252 | return; 253 | } 254 | // Read errors from output file. 255 | var errs = []; 256 | try { 257 | var errFileContent = fs.readFileSync(output, 'utf8'); 258 | errs = JSON.parse(errFileContent)['secbit-warnings']; 259 | } 260 | catch (e) { 261 | console.log(e); 262 | } 263 | if (fs.statSync(output)) { 264 | fs.unlinkSync(output); 265 | } 266 | processErrors(doc, errs); 267 | console.log('Finished processing solc output.'); 268 | }); 269 | } 270 | else { 271 | // Use soljson. 272 | const compileJSON = soljson.cwrap('compileJSON', 'string', [ 273 | 'string', 274 | 'number', 275 | 'number', 276 | 'number', 277 | 'number', 278 | 'string' //_tags 279 | ]); 280 | const result = compileJSON( 281 | /*_input*/ vscode.window.activeTextEditor.document.getText(), 282 | /*_optimize*/ 1, 283 | /*_isSECBIT*/ 1, 284 | /*_noSMT*/ 1, 285 | /*_asERC20*/ config.asERC20 === true ? 1 : 0, 286 | /*_tags*/ tags.join(',')); 287 | const output = JSON.parse(result); 288 | try { 289 | processErrors(doc, output['errors']); 290 | } 291 | catch (e) { 292 | console.log(e); 293 | } 294 | } 295 | } 296 | context.subscriptions.push(vscode.commands.registerCommand('secbit.analyze', () => { 297 | let ae = vscode.window.activeTextEditor; 298 | if (ae) { 299 | updateDiags(ae.document); 300 | } 301 | })); 302 | vscode.workspace.onDidSaveTextDocument(document => { 303 | let config = vscode.workspace.getConfiguration('secbit'); 304 | if (!!config.onSave && config.onSave) { 305 | updateDiags(document); 306 | } 307 | }); 308 | } 309 | exports.activate = activate; 310 | // this method is called when your extension is deactivated 311 | function deactivate() { 312 | console.log('SECBIT Solidity Static Analysis Extension deactivated.'); 313 | } 314 | exports.deactivate = deactivate; 315 | //# sourceMappingURL=extension.js.map -------------------------------------------------------------------------------- /out/extension.js.map: -------------------------------------------------------------------------------- 1 | {"version":3,"file":"extension.js","sourceRoot":"","sources":["../src/extension.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAE9B,YAAY,CAAC;;AAEb,iCAAiC;AACjC,yBAA0B;AAC1B,oCAAqC;AACrC,8CAA+C;AAE/C,4BAA4B;AAC5B,MAAM,iBAAiB,GAAG;IACtB,iBAAiB,EAAG;QAChB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,oBAAoB,EAAG;QACnB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,mBAAmB,EAAG;QAClB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,eAAe,EAAG;QACd,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,iBAAiB,EAAG;QAChB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,gBAAgB,EAAG;QACf,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,OAAO;KACnB;IACD,oBAAoB,EAAG;QACnB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,mBAAmB,EAAG;QAClB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,kBAAkB,EAAG;QACjB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,eAAe,EAAG;QACd,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,MAAM;KAClB;IACD,YAAY,EAAG;QACX,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,KAAK;KACjB;IACD,qBAAqB,EAAG;QACpB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,aAAa,EAAG;QACZ,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,SAAS,EAAG;QACR,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,eAAe;KAC3B;IACD,kBAAkB,EAAG;QACjB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,eAAe;KAC3B;IACD,gBAAgB,EAAG;QACf,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,UAAU,EAAG;QACT,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,WAAW,EAAG;QACV,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,eAAe;KAC3B;IACD,OAAO,EAAG;QACN,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,SAAS,EAAG;QACR,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,gBAAgB,EAAG;QACf,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,eAAe;KAC3B;IACD,MAAM,EAAG;QACL,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,UAAU,EAAG;QACT,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,eAAe;KAC3B;IACD,qBAAqB,EAAG;QACpB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,oBAAoB,EAAG;QACnB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,eAAe;KAC3B;IACD,gBAAgB,EAAG;QACf,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,mBAAmB,EAAG;QAClB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,eAAe,EAAG;QACd,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,YAAY,EAAG;QACX,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,eAAe;KAC3B;IACD,eAAe,EAAG;QACd,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,eAAe;KAC3B;IACD,WAAW,EAAG;QACV,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW;QAClD,MAAM,EAAG,MAAM;KAClB;IACD,cAAc,EAAG;QACb,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,MAAM;KAClB;IACD,kBAAkB,EAAG;QACjB,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,eAAe;KAC3B;IACD,cAAc,EAAG;QACb,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,eAAe;KAC3B;IACD,cAAc,EAAG;QACb,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,eAAe;KAC3B;IACD,WAAW,EAAG;QACV,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,eAAe;KAC3B;IACD,YAAY,EAAG;QACX,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,KAAK;QAC5C,MAAM,EAAG,OAAO;KACnB;IACD,+BAA+B,EAAG;QAC9B,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,OAAO;KACnB;IACD,6BAA6B,EAAG;QAC5B,UAAU,EAAG,MAAM,CAAC,kBAAkB,CAAC,OAAO;QAC9C,MAAM,EAAG,OAAO;KACnB;CACJ,CAAC;AAEF,yDAAyD;AACzD,0EAA0E;AAC1E,kBAAyB,OAAgC;IAErD,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IAEjE,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAI,IAAI,KAAK,IAAI,iBAAiB,EAAE;QAChC,IAAI,CAAC,GAAG,aAAa,CAAC;QACtB,IAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,QAAQ,IAAI,MAAM,CAAC,kBAAkB,CAAC,OAAO,EAAE;YACvE,CAAC,GAAG,SAAS,CAAC;SACjB;aAAM,IAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,QAAQ,IAAI,MAAM,CAAC,kBAAkB,CAAC,KAAK,EAAE;YAC5E,CAAC,GAAG,OAAO,CAAC;SACf;QACD,CAAC,GAAG,CAAC,GAAG,IAAI,GAAC,KAAK,GAAC,MAAM,GAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,IAAI,GAAC,QAAQ,GAAC,CAAC,GAAC,QAAQ,CAAC;KAC/E;IAED,IAAI,EAAE,GAAgC,MAAM,CAAC,SAAS,CAAC,0BAA0B,CAAC,UAAU,CAAC,CAAC;IAE9F,uBAAuB,GAAyB,EAAE,IAAI;QAClD,EAAE,CAAC,KAAK,EAAE,CAAC;QACX,uBAAuB;QACvB,IAAI,KAAK,GAAyB,EAAE,CAAC;QACrC,KAAI,IAAI,GAAG,IAAI,IAAI,EAAE;YACjB,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;YAC5C,IAAI,QAAQ,GAAG,MAAM,CAAC,kBAAkB,CAAC,WAAW,CAAC;YACrD,IAAG,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;gBAC7B,QAAQ,GAAG,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;aAClD;YACD,MAAM,IAAI,GAAG,IAAI,MAAM,CAAC,UAAU,CAC9B,IAAI,MAAM,CAAC,KAAK,CACZ,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,GAAC,CAAC,EACvB,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,GAAC,CAAC,EACzB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAC,CAAC,EACrB,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,GAAC,CAAC,CAC1B,EACD,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG,IAAI,GAAG,GAAG,CAAC,IAAI,EACtC,QAAQ,CACX,CAAC;YACF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;SACpB;QACD,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;IAED,qBAAqB,GAAyB;QAC1C,IAAG,GAAG,CAAC,UAAU,IAAI,UAAU,EAAE;YAC7B,OAAO;SACV;QACD,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAE1C,gCAAgC;QAChC,IAAI,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAEzD,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,IAAG,CAAC,CAAC,MAAM,CAAC,OAAO,EAAE;YACjB,KAAI,IAAI,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE;gBAC3B,IAAG,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,EAAE;oBACzB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;iBAClB;qBAAM;oBACH,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,iBAAiB,GAAG,GAAG,CAAC,CAAC;iBACjE;aACJ;SACJ;QAED,IAAG,CAAC,CAAC,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,IAAI,IAAI,EAAE,EAAE;YACnC,sBAAsB;YACtB,IAAI,IAAI,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,aAAa,CAAC,CAAC;YAEtC,IAAG,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,KAAK,IAAI,IAAI,EAAE;gBACvC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;aACzB;YACD,KAAI,IAAI,GAAG,IAAI,IAAI,EAAE;gBACjB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;gBAC1B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;aAClB;YACD,IAAG,MAAM,CAAC,OAAO,KAAK,IAAI,EAAE;gBACxB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;aACxB;YACD,mCAAmC;YACnC,IAAI,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC;YAC3B,gBAAgB;YAChB,IAAI,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;YAC5B,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEjB,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACzC,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzC,mBAAmB;YACnB,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACrB,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;YAC3E,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC5B,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;YACtE,CAAC,CAAC,CAAC;YACH,iCAAiC;YACjC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACtB,OAAO,CAAC,GAAG,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;gBAC7C,IAAG,IAAI,IAAI,CAAC,EAAE;oBACV,IAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAC;wBACnB,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;qBACzB;oBACD,OAAO;iBACV;gBAED,gCAAgC;gBAChC,IAAI,IAAI,GAAG,EAAE,CAAC;gBACd,IAAI;oBACA,IAAI,cAAc,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,EAAC,MAAM,CAAC,CAAC;oBACpD,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,iBAAiB,CAAC,CAAC;iBACxD;gBAAC,OAAM,CAAC,EAAE;oBACP,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;iBAClB;gBACD,IAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAC;oBACnB,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;iBACzB;gBACD,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBACzB,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC;SACN;aAAM;YACH,eAAe;YACf,MAAM,WAAW,GACjB,OAAO,CAAC,KAAK,CACT,aAAa,EACb,QAAQ,EACR;gBACI,QAAQ;gBACR,QAAQ;gBACR,QAAQ;gBACR,QAAQ;gBACR,QAAQ;gBACR,QAAQ,CAAE,OAAO;aACpB,CACJ,CAAC;YAEF,MAAM,MAAM,GACR,WAAW;YACP,UAAU,CAAA,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,OAAO,EAAE;YAC3D,aAAa,CAAA,CAAC;YACd,aAAa,CAAA,CAAC;YACd,UAAU,CAAA,CAAC;YACX,YAAY,CAAA,MAAM,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,SAAS,CAAA,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAC1B,CAAC;YAEN,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAClC,IAAI;gBACA,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;aACxC;YAAC,OAAM,CAAC,EAAE;gBACP,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;aAClB;SACJ;IACL,CAAC;IAED,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9E,IAAI,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC;QACxC,IAAG,EAAE,EAAE;YACH,WAAW,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;SAC5B;IACL,CAAC,CAAC,CAAC,CAAC;IAEJ,MAAM,CAAC,SAAS,CAAC,qBAAqB,CAAC,QAAQ,CAAC,EAAE;QAC9C,IAAI,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzD,IAAG,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,EAAE;YACjC,WAAW,CAAC,QAAQ,CAAC,CAAC;SACzB;IACL,CAAC,CAAC,CAAA;AACN,CAAC;AArKD,4BAqKC;AAED,2DAA2D;AAC3D;IACI,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;AAC1E,CAAC;AAFD,gCAEC"} -------------------------------------------------------------------------------- /out/test/extension.test.js: -------------------------------------------------------------------------------- 1 | "use strict"; 2 | // 3 | // Note: This example test is leveraging the Mocha test framework. 4 | // Please refer to their documentation on https://mochajs.org/ for help. 5 | // 6 | Object.defineProperty(exports, "__esModule", { value: true }); 7 | // The module 'assert' provides assertion methods from node 8 | const assert = require("assert"); 9 | // You can import and use all API from the 'vscode' module 10 | // as well as import your extension to test it 11 | // import * as vscode from 'vscode'; 12 | // import * as myExtension from '../extension'; 13 | // Defines a Mocha test suite to group tests of similar kind together 14 | suite("Extension Tests", function () { 15 | // Defines a Mocha unit test 16 | test("Something 1", function () { 17 | assert.equal(-1, [1, 2, 3].indexOf(5)); 18 | assert.equal(-1, [1, 2, 3].indexOf(0)); 19 | }); 20 | }); 21 | //# sourceMappingURL=extension.test.js.map -------------------------------------------------------------------------------- /out/test/extension.test.js.map: -------------------------------------------------------------------------------- 1 | {"version":3,"file":"extension.test.js","sourceRoot":"","sources":["../../src/test/extension.test.ts"],"names":[],"mappings":";AAAA,EAAE;AACF,kEAAkE;AAClE,wEAAwE;AACxE,EAAE;;AAEF,2DAA2D;AAC3D,iCAAiC;AAEjC,0DAA0D;AAC1D,8CAA8C;AAC9C,oCAAoC;AACpC,+CAA+C;AAE/C,qEAAqE;AACrE,KAAK,CAAC,iBAAiB,EAAE;IAErB,4BAA4B;IAC5B,IAAI,CAAC,aAAa,EAAE;QAChB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC"} -------------------------------------------------------------------------------- /out/test/index.js: -------------------------------------------------------------------------------- 1 | "use strict"; 2 | // 3 | // PLEASE DO NOT MODIFY / DELETE UNLESS YOU KNOW WHAT YOU ARE DOING 4 | // 5 | // This file is providing the test runner to use when running extension tests. 6 | // By default the test runner in use is Mocha based. 7 | // 8 | // You can provide your own test runner if you want to override it by exporting 9 | // a function run(testRoot: string, clb: (error:Error) => void) that the extension 10 | // host can call to run the tests. The test runner is expected to use console.log 11 | // to report the results back to the caller. When the tests are finished, return 12 | // a possible error to the callback or null if none. 13 | Object.defineProperty(exports, "__esModule", { value: true }); 14 | const testRunner = require("vscode/lib/testrunner"); 15 | // You can directly control Mocha options by uncommenting the following lines 16 | // See https://github.com/mochajs/mocha/wiki/Using-mocha-programmatically#set-options for more info 17 | testRunner.configure({ 18 | ui: 'tdd', 19 | useColors: true // colored output from test results 20 | }); 21 | module.exports = testRunner; 22 | //# sourceMappingURL=index.js.map -------------------------------------------------------------------------------- /out/test/index.js.map: -------------------------------------------------------------------------------- 1 | {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/test/index.ts"],"names":[],"mappings":";AAAA,EAAE;AACF,mEAAmE;AACnE,EAAE;AACF,8EAA8E;AAC9E,oDAAoD;AACpD,EAAE;AACF,+EAA+E;AAC/E,kFAAkF;AAClF,iFAAiF;AACjF,gFAAgF;AAChF,oDAAoD;;AAEpD,oDAAoD;AAEpD,6EAA6E;AAC7E,mGAAmG;AACnG,UAAU,CAAC,SAAS,CAAC;IACjB,EAAE,EAAE,KAAK;IACT,SAAS,EAAE,IAAI,CAAC,mCAAmC;CACtD,CAAC,CAAC;AAEH,MAAM,CAAC,OAAO,GAAG,UAAU,CAAC"} -------------------------------------------------------------------------------- /package-lock.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "vscode-secbit-ssae", 3 | "version": "0.1.1", 4 | "lockfileVersion": 1, 5 | "requires": true, 6 | "dependencies": { 7 | "@types/mocha": { 8 | "version": "2.2.48", 9 | "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-2.2.48.tgz", 10 | "integrity": "sha512-nlK/iyETgafGli8Zh9zJVCTicvU3iajSkRwOh3Hhiva598CMqNJ4NcVCGMTGKpGpTYj/9R8RLzS9NAykSSCqGw==", 11 | "dev": true 12 | }, 13 | "@types/node": { 14 | "version": "7.10.5", 15 | "resolved": "https://registry.npmjs.org/@types/node/-/node-7.10.5.tgz", 16 | "integrity": "sha512-RYkagUUbxQBss46ElbEa+j4q4X3GR12QwB7a/PM5hmVuVkYoW1jENT1+taspKUv8ibwW8cw+kRFbOaTc/Key3w==", 17 | "dev": true 18 | }, 19 | "agent-base": { 20 | "version": "4.2.1", 21 | "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-4.2.1.tgz", 22 | "integrity": "sha512-JVwXMr9nHYTUXsBFKUqhJwvlcYU/blreOEUkhNR2eXZIvwd+c+o5V4MgDPKWnMS/56awN3TRzIP+KoPn+roQtg==", 23 | "dev": true, 24 | "requires": { 25 | "es6-promisify": "^5.0.0" 26 | } 27 | }, 28 | "ajv": { 29 | "version": "6.10.0", 30 | "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.0.tgz", 31 | "integrity": "sha512-nffhOpkymDECQyR0mnsUtoCE8RlX38G0rYP+wgLWFyZuUyuuojSSvi/+euOiQBIn63whYwYVIIH1TvE3tu4OEg==", 32 | "dev": true, 33 | "requires": { 34 | "fast-deep-equal": "^2.0.1", 35 | "fast-json-stable-stringify": "^2.0.0", 36 | "json-schema-traverse": "^0.4.1", 37 | "uri-js": "^4.2.2" 38 | } 39 | }, 40 | "asn1": { 41 | "version": "0.2.4", 42 | "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", 43 | "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", 44 | "dev": true, 45 | "requires": { 46 | "safer-buffer": "~2.1.0" 47 | } 48 | }, 49 | "assert-plus": { 50 | "version": "1.0.0", 51 | "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", 52 | "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", 53 | "dev": true 54 | }, 55 | "asynckit": { 56 | "version": "0.4.0", 57 | "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", 58 | "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", 59 | "dev": true 60 | }, 61 | "aws-sign2": { 62 | "version": "0.7.0", 63 | "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", 64 | "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", 65 | "dev": true 66 | }, 67 | "aws4": { 68 | "version": "1.8.0", 69 | "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz", 70 | "integrity": "sha512-ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ==", 71 | "dev": true 72 | }, 73 | "balanced-match": { 74 | "version": "1.0.0", 75 | "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", 76 | "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=", 77 | "dev": true 78 | }, 79 | "bcrypt-pbkdf": { 80 | "version": "1.0.2", 81 | "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", 82 | "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", 83 | "dev": true, 84 | "requires": { 85 | "tweetnacl": "^0.14.3" 86 | } 87 | }, 88 | "brace-expansion": { 89 | "version": "1.1.11", 90 | "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", 91 | "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", 92 | "dev": true, 93 | "requires": { 94 | "balanced-match": "^1.0.0", 95 | "concat-map": "0.0.1" 96 | } 97 | }, 98 | "browser-stdout": { 99 | "version": "1.3.0", 100 | "resolved": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.0.tgz", 101 | "integrity": "sha1-81HTKWnTL6XXpVZxVCY9korjvR8=", 102 | "dev": true 103 | }, 104 | "buffer-from": { 105 | "version": "1.1.1", 106 | "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", 107 | "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", 108 | "dev": true 109 | }, 110 | "caseless": { 111 | "version": "0.12.0", 112 | "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", 113 | "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", 114 | "dev": true 115 | }, 116 | "combined-stream": { 117 | "version": "1.0.7", 118 | "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.7.tgz", 119 | "integrity": "sha512-brWl9y6vOB1xYPZcpZde3N9zDByXTosAeMDo4p1wzo6UMOX4vumB+TP1RZ76sfE6Md68Q0NJSrE/gbezd4Ul+w==", 120 | "dev": true, 121 | "requires": { 122 | "delayed-stream": "~1.0.0" 123 | } 124 | }, 125 | "commander": { 126 | "version": "2.11.0", 127 | "resolved": "https://registry.npmjs.org/commander/-/commander-2.11.0.tgz", 128 | "integrity": "sha512-b0553uYA5YAEGgyYIGYROzKQ7X5RAqedkfjiZxwi0kL1g3bOaBNNZfYkzt/CL0umgD5wc9Jec2FbB98CjkMRvQ==", 129 | "dev": true 130 | }, 131 | "concat-map": { 132 | "version": "0.0.1", 133 | "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", 134 | "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", 135 | "dev": true 136 | }, 137 | "core-util-is": { 138 | "version": "1.0.2", 139 | "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", 140 | "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", 141 | "dev": true 142 | }, 143 | "dashdash": { 144 | "version": "1.14.1", 145 | "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", 146 | "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", 147 | "dev": true, 148 | "requires": { 149 | "assert-plus": "^1.0.0" 150 | } 151 | }, 152 | "debug": { 153 | "version": "3.1.0", 154 | "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", 155 | "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", 156 | "dev": true, 157 | "requires": { 158 | "ms": "2.0.0" 159 | } 160 | }, 161 | "delayed-stream": { 162 | "version": "1.0.0", 163 | "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", 164 | "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", 165 | "dev": true 166 | }, 167 | "diff": { 168 | "version": "3.3.1", 169 | "resolved": "https://registry.npmjs.org/diff/-/diff-3.3.1.tgz", 170 | "integrity": "sha512-MKPHZDMB0o6yHyDryUOScqZibp914ksXwAMYMTHj6KO8UeKsRYNJD3oNCKjTqZon+V488P7N/HzXF8t7ZR95ww==", 171 | "dev": true 172 | }, 173 | "ecc-jsbn": { 174 | "version": "0.1.2", 175 | "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", 176 | "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", 177 | "dev": true, 178 | "requires": { 179 | "jsbn": "~0.1.0", 180 | "safer-buffer": "^2.1.0" 181 | } 182 | }, 183 | "es6-promise": { 184 | "version": "4.2.6", 185 | "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.6.tgz", 186 | "integrity": "sha512-aRVgGdnmW2OiySVPUC9e6m+plolMAJKjZnQlCwNSuK5yQ0JN61DZSO1X1Ufd1foqWRAlig0rhduTCHe7sVtK5Q==", 187 | "dev": true 188 | }, 189 | "es6-promisify": { 190 | "version": "5.0.0", 191 | "resolved": "https://registry.npmjs.org/es6-promisify/-/es6-promisify-5.0.0.tgz", 192 | "integrity": "sha1-UQnWLz5W6pZ8S2NQWu8IKRyKUgM=", 193 | "dev": true, 194 | "requires": { 195 | "es6-promise": "^4.0.3" 196 | } 197 | }, 198 | "escape-string-regexp": { 199 | "version": "1.0.5", 200 | "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", 201 | "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", 202 | "dev": true 203 | }, 204 | "extend": { 205 | "version": "3.0.2", 206 | "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", 207 | "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", 208 | "dev": true 209 | }, 210 | "extsprintf": { 211 | "version": "1.3.0", 212 | "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", 213 | "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", 214 | "dev": true 215 | }, 216 | "fast-deep-equal": { 217 | "version": "2.0.1", 218 | "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz", 219 | "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=", 220 | "dev": true 221 | }, 222 | "fast-json-stable-stringify": { 223 | "version": "2.0.0", 224 | "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz", 225 | "integrity": "sha1-1RQsDK7msRifh9OnYREGT4bIu/I=", 226 | "dev": true 227 | }, 228 | "forever-agent": { 229 | "version": "0.6.1", 230 | "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", 231 | "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", 232 | "dev": true 233 | }, 234 | "form-data": { 235 | "version": "2.3.3", 236 | "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", 237 | "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", 238 | "dev": true, 239 | "requires": { 240 | "asynckit": "^0.4.0", 241 | "combined-stream": "^1.0.6", 242 | "mime-types": "^2.1.12" 243 | } 244 | }, 245 | "fs.realpath": { 246 | "version": "1.0.0", 247 | "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", 248 | "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", 249 | "dev": true 250 | }, 251 | "getpass": { 252 | "version": "0.1.7", 253 | "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", 254 | "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", 255 | "dev": true, 256 | "requires": { 257 | "assert-plus": "^1.0.0" 258 | } 259 | }, 260 | "glob": { 261 | "version": "7.1.3", 262 | "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz", 263 | "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==", 264 | "dev": true, 265 | "requires": { 266 | "fs.realpath": "^1.0.0", 267 | "inflight": "^1.0.4", 268 | "inherits": "2", 269 | "minimatch": "^3.0.4", 270 | "once": "^1.3.0", 271 | "path-is-absolute": "^1.0.0" 272 | } 273 | }, 274 | "growl": { 275 | "version": "1.10.3", 276 | "resolved": "https://registry.npmjs.org/growl/-/growl-1.10.3.tgz", 277 | "integrity": "sha512-hKlsbA5Vu3xsh1Cg3J7jSmX/WaW6A5oBeqzM88oNbCRQFz+zUaXm6yxS4RVytp1scBoJzSYl4YAEOQIt6O8V1Q==", 278 | "dev": true 279 | }, 280 | "har-schema": { 281 | "version": "2.0.0", 282 | "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", 283 | "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", 284 | "dev": true 285 | }, 286 | "har-validator": { 287 | "version": "5.1.3", 288 | "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", 289 | "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", 290 | "dev": true, 291 | "requires": { 292 | "ajv": "^6.5.5", 293 | "har-schema": "^2.0.0" 294 | } 295 | }, 296 | "has-flag": { 297 | "version": "2.0.0", 298 | "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-2.0.0.tgz", 299 | "integrity": "sha1-6CB68cx7MNRGzHC3NLXovhj4jVE=", 300 | "dev": true 301 | }, 302 | "he": { 303 | "version": "1.1.1", 304 | "resolved": "https://registry.npmjs.org/he/-/he-1.1.1.tgz", 305 | "integrity": "sha1-k0EP0hsAlzUVH4howvJx80J+I/0=", 306 | "dev": true 307 | }, 308 | "http-proxy-agent": { 309 | "version": "2.1.0", 310 | "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-2.1.0.tgz", 311 | "integrity": "sha512-qwHbBLV7WviBl0rQsOzH6o5lwyOIvwp/BdFnvVxXORldu5TmjFfjzBcWUWS5kWAZhmv+JtiDhSuQCp4sBfbIgg==", 312 | "dev": true, 313 | "requires": { 314 | "agent-base": "4", 315 | "debug": "3.1.0" 316 | } 317 | }, 318 | "http-signature": { 319 | "version": "1.2.0", 320 | "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", 321 | "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", 322 | "dev": true, 323 | "requires": { 324 | "assert-plus": "^1.0.0", 325 | "jsprim": "^1.2.2", 326 | "sshpk": "^1.7.0" 327 | } 328 | }, 329 | "https-proxy-agent": { 330 | "version": "2.2.1", 331 | "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-2.2.1.tgz", 332 | "integrity": "sha512-HPCTS1LW51bcyMYbxUIOO4HEOlQ1/1qRaFWcyxvwaqUS9TY88aoEuHUY33kuAh1YhVVaDQhLZsnPd+XNARWZlQ==", 333 | "dev": true, 334 | "requires": { 335 | "agent-base": "^4.1.0", 336 | "debug": "^3.1.0" 337 | } 338 | }, 339 | "inflight": { 340 | "version": "1.0.6", 341 | "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", 342 | "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", 343 | "dev": true, 344 | "requires": { 345 | "once": "^1.3.0", 346 | "wrappy": "1" 347 | } 348 | }, 349 | "inherits": { 350 | "version": "2.0.3", 351 | "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", 352 | "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=", 353 | "dev": true 354 | }, 355 | "is-typedarray": { 356 | "version": "1.0.0", 357 | "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", 358 | "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", 359 | "dev": true 360 | }, 361 | "isstream": { 362 | "version": "0.1.2", 363 | "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", 364 | "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", 365 | "dev": true 366 | }, 367 | "jsbn": { 368 | "version": "0.1.1", 369 | "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", 370 | "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", 371 | "dev": true 372 | }, 373 | "json-schema": { 374 | "version": "0.2.3", 375 | "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", 376 | "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=", 377 | "dev": true 378 | }, 379 | "json-schema-traverse": { 380 | "version": "0.4.1", 381 | "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", 382 | "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", 383 | "dev": true 384 | }, 385 | "json-stringify-safe": { 386 | "version": "5.0.1", 387 | "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", 388 | "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", 389 | "dev": true 390 | }, 391 | "jsprim": { 392 | "version": "1.4.1", 393 | "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", 394 | "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", 395 | "dev": true, 396 | "requires": { 397 | "assert-plus": "1.0.0", 398 | "extsprintf": "1.3.0", 399 | "json-schema": "0.2.3", 400 | "verror": "1.10.0" 401 | } 402 | }, 403 | "mime-db": { 404 | "version": "1.38.0", 405 | "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.38.0.tgz", 406 | "integrity": "sha512-bqVioMFFzc2awcdJZIzR3HjZFX20QhilVS7hytkKrv7xFAn8bM1gzc/FOX2awLISvWe0PV8ptFKcon+wZ5qYkg==", 407 | "dev": true 408 | }, 409 | "mime-types": { 410 | "version": "2.1.22", 411 | "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.22.tgz", 412 | "integrity": "sha512-aGl6TZGnhm/li6F7yx82bJiBZwgiEa4Hf6CNr8YO+r5UHr53tSTYZb102zyU50DOWWKeOv0uQLRL0/9EiKWCog==", 413 | "dev": true, 414 | "requires": { 415 | "mime-db": "~1.38.0" 416 | } 417 | }, 418 | "minimatch": { 419 | "version": "3.0.4", 420 | "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", 421 | "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", 422 | "dev": true, 423 | "requires": { 424 | "brace-expansion": "^1.1.7" 425 | } 426 | }, 427 | "minimist": { 428 | "version": "0.0.8", 429 | "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", 430 | "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=", 431 | "dev": true 432 | }, 433 | "mkdirp": { 434 | "version": "0.5.1", 435 | "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz", 436 | "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=", 437 | "dev": true, 438 | "requires": { 439 | "minimist": "0.0.8" 440 | } 441 | }, 442 | "mocha": { 443 | "version": "4.1.0", 444 | "resolved": "https://registry.npmjs.org/mocha/-/mocha-4.1.0.tgz", 445 | "integrity": "sha512-0RVnjg1HJsXY2YFDoTNzcc1NKhYuXKRrBAG2gDygmJJA136Cs2QlRliZG1mA0ap7cuaT30mw16luAeln+4RiNA==", 446 | "dev": true, 447 | "requires": { 448 | "browser-stdout": "1.3.0", 449 | "commander": "2.11.0", 450 | "debug": "3.1.0", 451 | "diff": "3.3.1", 452 | "escape-string-regexp": "1.0.5", 453 | "glob": "7.1.2", 454 | "growl": "1.10.3", 455 | "he": "1.1.1", 456 | "mkdirp": "0.5.1", 457 | "supports-color": "4.4.0" 458 | }, 459 | "dependencies": { 460 | "glob": { 461 | "version": "7.1.2", 462 | "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz", 463 | "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==", 464 | "dev": true, 465 | "requires": { 466 | "fs.realpath": "^1.0.0", 467 | "inflight": "^1.0.4", 468 | "inherits": "2", 469 | "minimatch": "^3.0.4", 470 | "once": "^1.3.0", 471 | "path-is-absolute": "^1.0.0" 472 | } 473 | } 474 | } 475 | }, 476 | "ms": { 477 | "version": "2.0.0", 478 | "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", 479 | "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", 480 | "dev": true 481 | }, 482 | "oauth-sign": { 483 | "version": "0.9.0", 484 | "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", 485 | "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", 486 | "dev": true 487 | }, 488 | "once": { 489 | "version": "1.4.0", 490 | "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", 491 | "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", 492 | "dev": true, 493 | "requires": { 494 | "wrappy": "1" 495 | } 496 | }, 497 | "path-is-absolute": { 498 | "version": "1.0.1", 499 | "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", 500 | "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", 501 | "dev": true 502 | }, 503 | "performance-now": { 504 | "version": "2.1.0", 505 | "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", 506 | "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", 507 | "dev": true 508 | }, 509 | "psl": { 510 | "version": "1.1.31", 511 | "resolved": "https://registry.npmjs.org/psl/-/psl-1.1.31.tgz", 512 | "integrity": "sha512-/6pt4+C+T+wZUieKR620OpzN/LlnNKuWjy1iFLQ/UG35JqHlR/89MP1d96dUfkf6Dne3TuLQzOYEYshJ+Hx8mw==", 513 | "dev": true 514 | }, 515 | "punycode": { 516 | "version": "2.1.1", 517 | "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", 518 | "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", 519 | "dev": true 520 | }, 521 | "qs": { 522 | "version": "6.5.2", 523 | "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", 524 | "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==", 525 | "dev": true 526 | }, 527 | "querystringify": { 528 | "version": "2.1.1", 529 | "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.1.1.tgz", 530 | "integrity": "sha512-w7fLxIRCRT7U8Qu53jQnJyPkYZIaR4n5151KMfcJlO/A9397Wxb1amJvROTK6TOnp7PfoAmg/qXiNHI+08jRfA==" 531 | }, 532 | "request": { 533 | "version": "2.88.0", 534 | "resolved": "https://registry.npmjs.org/request/-/request-2.88.0.tgz", 535 | "integrity": "sha512-NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==", 536 | "dev": true, 537 | "requires": { 538 | "aws-sign2": "~0.7.0", 539 | "aws4": "^1.8.0", 540 | "caseless": "~0.12.0", 541 | "combined-stream": "~1.0.6", 542 | "extend": "~3.0.2", 543 | "forever-agent": "~0.6.1", 544 | "form-data": "~2.3.2", 545 | "har-validator": "~5.1.0", 546 | "http-signature": "~1.2.0", 547 | "is-typedarray": "~1.0.0", 548 | "isstream": "~0.1.2", 549 | "json-stringify-safe": "~5.0.1", 550 | "mime-types": "~2.1.19", 551 | "oauth-sign": "~0.9.0", 552 | "performance-now": "^2.1.0", 553 | "qs": "~6.5.2", 554 | "safe-buffer": "^5.1.2", 555 | "tough-cookie": "~2.4.3", 556 | "tunnel-agent": "^0.6.0", 557 | "uuid": "^3.3.2" 558 | } 559 | }, 560 | "requires-port": { 561 | "version": "1.0.0", 562 | "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz", 563 | "integrity": "sha1-kl0mAdOaxIXgkc8NpcbmlNw9yv8=" 564 | }, 565 | "safe-buffer": { 566 | "version": "5.1.2", 567 | "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", 568 | "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", 569 | "dev": true 570 | }, 571 | "safer-buffer": { 572 | "version": "2.1.2", 573 | "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", 574 | "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", 575 | "dev": true 576 | }, 577 | "semver": { 578 | "version": "5.7.0", 579 | "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.0.tgz", 580 | "integrity": "sha512-Ya52jSX2u7QKghxeoFGpLwCtGlt7j0oY9DYb5apt9nPlJ42ID+ulTXESnt/qAQcoSERyZ5sl3LDIOw0nAn/5DA==", 581 | "dev": true 582 | }, 583 | "source-map": { 584 | "version": "0.6.1", 585 | "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", 586 | "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", 587 | "dev": true 588 | }, 589 | "source-map-support": { 590 | "version": "0.5.11", 591 | "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.11.tgz", 592 | "integrity": "sha512-//sajEx/fGL3iw6fltKMdPvy8kL3kJ2O3iuYlRoT3k9Kb4BjOoZ+BZzaNHeuaruSt+Kf3Zk9tnfAQg9/AJqUVQ==", 593 | "dev": true, 594 | "requires": { 595 | "buffer-from": "^1.0.0", 596 | "source-map": "^0.6.0" 597 | } 598 | }, 599 | "sshpk": { 600 | "version": "1.16.1", 601 | "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", 602 | "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", 603 | "dev": true, 604 | "requires": { 605 | "asn1": "~0.2.3", 606 | "assert-plus": "^1.0.0", 607 | "bcrypt-pbkdf": "^1.0.0", 608 | "dashdash": "^1.12.0", 609 | "ecc-jsbn": "~0.1.1", 610 | "getpass": "^0.1.1", 611 | "jsbn": "~0.1.0", 612 | "safer-buffer": "^2.0.2", 613 | "tweetnacl": "~0.14.0" 614 | } 615 | }, 616 | "supports-color": { 617 | "version": "4.4.0", 618 | "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-4.4.0.tgz", 619 | "integrity": "sha512-rKC3+DyXWgK0ZLKwmRsrkyHVZAjNkfzeehuFWdGGcqGDTZFH73+RH6S/RDAAxl9GusSjZSUWYLmT9N5pzXFOXQ==", 620 | "dev": true, 621 | "requires": { 622 | "has-flag": "^2.0.0" 623 | } 624 | }, 625 | "tough-cookie": { 626 | "version": "2.4.3", 627 | "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz", 628 | "integrity": "sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==", 629 | "dev": true, 630 | "requires": { 631 | "psl": "^1.1.24", 632 | "punycode": "^1.4.1" 633 | }, 634 | "dependencies": { 635 | "punycode": { 636 | "version": "1.4.1", 637 | "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz", 638 | "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4=", 639 | "dev": true 640 | } 641 | } 642 | }, 643 | "tunnel-agent": { 644 | "version": "0.6.0", 645 | "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", 646 | "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", 647 | "dev": true, 648 | "requires": { 649 | "safe-buffer": "^5.0.1" 650 | } 651 | }, 652 | "tweetnacl": { 653 | "version": "0.14.5", 654 | "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", 655 | "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", 656 | "dev": true 657 | }, 658 | "typescript": { 659 | "version": "2.9.2", 660 | "resolved": "https://registry.npmjs.org/typescript/-/typescript-2.9.2.tgz", 661 | "integrity": "sha512-Gr4p6nFNaoufRIY4NMdpQRNmgxVIGMs4Fcu/ujdYk3nAZqk7supzBE9idmvfZIlH/Cuj//dvi+019qEue9lV0w==", 662 | "dev": true 663 | }, 664 | "uri-js": { 665 | "version": "4.2.2", 666 | "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", 667 | "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", 668 | "dev": true, 669 | "requires": { 670 | "punycode": "^2.1.0" 671 | } 672 | }, 673 | "url-parse": { 674 | "version": "1.4.4", 675 | "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.4.4.tgz", 676 | "integrity": "sha512-/92DTTorg4JjktLNLe6GPS2/RvAd/RGr6LuktmWSMLEOa6rjnlrFXNgSbSmkNvCoL2T028A0a1JaJLzRMlFoHg==", 677 | "requires": { 678 | "querystringify": "^2.0.0", 679 | "requires-port": "^1.0.0" 680 | } 681 | }, 682 | "uuid": { 683 | "version": "3.3.2", 684 | "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", 685 | "integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA==", 686 | "dev": true 687 | }, 688 | "verror": { 689 | "version": "1.10.0", 690 | "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", 691 | "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", 692 | "dev": true, 693 | "requires": { 694 | "assert-plus": "^1.0.0", 695 | "core-util-is": "1.0.2", 696 | "extsprintf": "^1.2.0" 697 | } 698 | }, 699 | "vscode": { 700 | "version": "1.1.33", 701 | "resolved": "https://registry.npmjs.org/vscode/-/vscode-1.1.33.tgz", 702 | "integrity": "sha512-sXedp2oF6y4ZvqrrFiZpeMzaCLSWV+PpYkIxjG/iYquNZ9KrLL2LujltGxPLvzn49xu2sZkyC+avVNFgcJD1Iw==", 703 | "dev": true, 704 | "requires": { 705 | "glob": "^7.1.2", 706 | "mocha": "^4.0.1", 707 | "request": "^2.88.0", 708 | "semver": "^5.4.1", 709 | "source-map-support": "^0.5.0", 710 | "url-parse": "^1.4.4", 711 | "vscode-test": "^0.1.4" 712 | } 713 | }, 714 | "vscode-test": { 715 | "version": "0.1.5", 716 | "resolved": "https://registry.npmjs.org/vscode-test/-/vscode-test-0.1.5.tgz", 717 | "integrity": "sha512-s+lbF1Dtasc0yXVB9iQTexBe2JK6HJAUJe3fWezHKIjq+xRw5ZwCMEMBaonFIPy7s95qg2HPTRDR5W4h4kbxGw==", 718 | "dev": true, 719 | "requires": { 720 | "http-proxy-agent": "^2.1.0", 721 | "https-proxy-agent": "^2.2.1" 722 | } 723 | }, 724 | "wrappy": { 725 | "version": "1.0.2", 726 | "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", 727 | "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", 728 | "dev": true 729 | } 730 | } 731 | } 732 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "vscode-secbit-ssae", 3 | "displayName": "vscode-secbit-ssae", 4 | "description": "SECBIT Solidity Static Analysis Extension", 5 | "version": "0.1.1", 6 | "publisher": "SECBIT", 7 | "repository": { 8 | "type": "git", 9 | "url": "https://github.com/sec-bit/vscode-secbit-ssae" 10 | }, 11 | "engines": { 12 | "vscode": "^1.25.0" 13 | }, 14 | "icon": "images/logo.png", 15 | "categories": [ 16 | "Programming Languages", 17 | "Linters" 18 | ], 19 | "keywords": [ 20 | "solidity", 21 | "ethereum", 22 | "blockchain", 23 | "compiler", 24 | "smart contract" 25 | ], 26 | "activationEvents": [ 27 | "onLanguage:solidity" 28 | ], 29 | "main": "./out/extension", 30 | "contributes": { 31 | "configuration": { 32 | "type": "object", 33 | "title": "SECBIT configuration", 34 | "properties": { 35 | "secbit.asERC20": { 36 | "type": "boolean", 37 | "default": false, 38 | "description": "Run ERC20-specific checks." 39 | }, 40 | "secbit.noSMT": { 41 | "type": "boolean", 42 | "default": false, 43 | "description": "Disable SMT-solver-related checks. This is set to true when using soljson." 44 | }, 45 | "secbit.enables": { 46 | "type": "array", 47 | "default": [], 48 | "description": "Only enable the checks in this list. Enable all checks when the list contains no valid entry." 49 | }, 50 | "secbit.solc": { 51 | "type": "string", 52 | "default": "", 53 | "description": "Path to the SECBIT-extended solc. Use soljson by default." 54 | }, 55 | "secbit.onSave": { 56 | "type": "boolean", 57 | "default": false, 58 | "description": "Run SECBIT static analysis on file save." 59 | } 60 | } 61 | }, 62 | "commands": [ 63 | { 64 | "command": "secbit.analyze", 65 | "title": "Run SECBIT Analysis" 66 | } 67 | ], 68 | "keybindings": [ 69 | { 70 | "command": "secbit.analyze", 71 | "key": "ctrl+f1", 72 | "mac": "cmd+f1", 73 | "when": "editorTextFocus && resourceExtname == .sol" 74 | } 75 | ], 76 | "menus": { 77 | "editor/context": [ 78 | { 79 | "when": "editorTextFocus && resourceExtname == .sol", 80 | "command": "secbit.analyze", 81 | "group": "3_preview" 82 | } 83 | ] 84 | } 85 | }, 86 | "scripts": { 87 | "vscode:prepublish": "npm run compile", 88 | "compile": "tsc -p ./", 89 | "watch": "tsc -watch -p ./", 90 | "postinstall": "node ./node_modules/vscode/bin/install", 91 | "test": "npm run compile && node ./node_modules/vscode/bin/test" 92 | }, 93 | "devDependencies": { 94 | "@types/mocha": "^2.2.42", 95 | "@types/node": "^7.10.5", 96 | "typescript": "^2.6.1", 97 | "vscode": "^1.1.33" 98 | }, 99 | "dependencies": { 100 | "url-parse": "^1.4.3" 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /src/extension.ts: -------------------------------------------------------------------------------- 1 | // Copyright SECBIT Labs 2018. 2 | 3 | 'use strict'; 4 | 5 | import * as vscode from 'vscode'; 6 | import fs = require('fs'); 7 | import cp = require('child_process'); 8 | import soljson = require('../solc/soljson.js'); 9 | 10 | // Known issues enumeration. 11 | const secbitKnownIssues = { 12 | 'erc20-no-return' : { 13 | 'severity' : vscode.DiagnosticSeverity.Error, 14 | 'type' : 'erc20', 15 | }, 16 | 'erc20-return-false' : { 17 | 'severity' : vscode.DiagnosticSeverity.Error, 18 | 'type' : 'erc20', 19 | }, 20 | 'erc20-no-decimals' : { 21 | 'severity' : vscode.DiagnosticSeverity.Error, 22 | 'type' : 'erc20', 23 | }, 24 | 'erc20-no-name' : { 25 | 'severity' : vscode.DiagnosticSeverity.Error, 26 | 'type' : 'erc20', 27 | }, 28 | 'erc20-no-symbol' : { 29 | 'severity' : vscode.DiagnosticSeverity.Error, 30 | 'type' : 'erc20', 31 | }, 32 | 'erc20-mintable' : { 33 | 'severity' : vscode.DiagnosticSeverity.Warning, 34 | 'type' : 'erc20', 35 | }, 36 | 'transfer-no-revert' : { 37 | 'severity' : vscode.DiagnosticSeverity.Error, 38 | 'type' : 'erc20', 39 | }, 40 | 'transfer-no-event' : { 41 | 'severity' : vscode.DiagnosticSeverity.Error, 42 | 'type' : 'erc20', 43 | }, 44 | 'approve-no-event' : { 45 | 'severity' : vscode.DiagnosticSeverity.Error, 46 | 'type' : 'erc20', 47 | }, 48 | 'hardcode-addr' : { 49 | 'severity' : vscode.DiagnosticSeverity.Warning, 50 | 'type' : 'code' 51 | }, 52 | 'byte-array' : { 53 | 'severity' : vscode.DiagnosticSeverity.Information, 54 | 'type' : 'gas' 55 | }, 56 | 'constant-mutability' : { 57 | 'severity' : vscode.DiagnosticSeverity.Information, 58 | 'type' : 'code' 59 | }, 60 | 'fix-version' : { 61 | 'severity' : vscode.DiagnosticSeverity.Information, 62 | 'type' : 'code' 63 | }, 64 | 'int-div' : { 65 | 'severity' : vscode.DiagnosticSeverity.Warning, 66 | 'type' : 'vulnerability' 67 | }, 68 | 'private-modifier' : { 69 | 'severity' : vscode.DiagnosticSeverity.Information, 70 | 'type' : 'vulnerability' 71 | }, 72 | 'view-immutable' : { 73 | 'severity' : vscode.DiagnosticSeverity.Information, 74 | 'type' : 'code' 75 | }, 76 | 'bad-name' : { 77 | 'severity' : vscode.DiagnosticSeverity.Information, 78 | 'type' : 'code' 79 | }, 80 | 'tx-origin' : { 81 | 'severity' : vscode.DiagnosticSeverity.Error, 82 | 'type' : 'vulnerability' 83 | }, 84 | 'throw' : { 85 | 'severity' : vscode.DiagnosticSeverity.Information, 86 | 'type' : 'code' 87 | }, 88 | 'suicide' : { 89 | 'severity' : vscode.DiagnosticSeverity.Information, 90 | 'type' : 'code' 91 | }, 92 | 'unchecked-math' : { 93 | 'severity' : vscode.DiagnosticSeverity.Error, 94 | 'type' : 'vulnerability' 95 | }, 96 | 'sha3' : { 97 | 'severity' : vscode.DiagnosticSeverity.Information, 98 | 'type' : 'code' 99 | }, 100 | 'timstamp' : { 101 | 'severity' : vscode.DiagnosticSeverity.Warning, 102 | 'type' : 'vulnerability' 103 | }, 104 | 'implicit-visibility' : { 105 | 'severity' : vscode.DiagnosticSeverity.Information, 106 | 'type' : 'code' 107 | }, 108 | 'redundant-fallback' : { 109 | 'severity' : vscode.DiagnosticSeverity.Warning, 110 | 'type' : 'vulnerability' 111 | }, 112 | 'type-inference' : { 113 | 'severity' : vscode.DiagnosticSeverity.Information, 114 | 'type' : 'code' 115 | }, 116 | 'revert-vs-require' : { 117 | 'severity' : vscode.DiagnosticSeverity.Information, 118 | 'type' : 'code' 119 | }, 120 | 'pure-function' : { 121 | 'severity' : vscode.DiagnosticSeverity.Information, 122 | 'type' : 'code' 123 | }, 124 | 'reentrance' : { 125 | 'severity' : vscode.DiagnosticSeverity.Error, 126 | 'type' : 'vulnerability' 127 | }, 128 | 'dirty-padding' : { 129 | 'severity' : vscode.DiagnosticSeverity.Error, 130 | 'type' : 'vulnerability' 131 | }, 132 | 'no-return' : { 133 | 'severity' : vscode.DiagnosticSeverity.Information, 134 | 'type' : 'code' 135 | }, 136 | 'delegatecall' : { 137 | 'severity' : vscode.DiagnosticSeverity.Warning, 138 | 'type' : 'code' 139 | }, 140 | 'send-vs-transfer' : { 141 | 'severity' : vscode.DiagnosticSeverity.Warning, 142 | 'type' : 'vulnerability' 143 | }, 144 | 'forced-ether' : { 145 | 'severity' : vscode.DiagnosticSeverity.Error, 146 | 'type' : 'vulnerability' 147 | }, 148 | 'pull-vs-push' : { 149 | 'severity' : vscode.DiagnosticSeverity.Error, 150 | 'type' : 'vulnerability' 151 | }, 152 | 'blockhash' : { 153 | 'severity' : vscode.DiagnosticSeverity.Warning, 154 | 'type' : 'vulnerability' 155 | }, 156 | 'short-addr' : { 157 | 'severity' : vscode.DiagnosticSeverity.Error, 158 | 'type' : 'erc20' 159 | }, 160 | 'transferfrom-no-allowed-check' : { 161 | 'severity' : vscode.DiagnosticSeverity.Warning, 162 | 'type' : 'erc20' 163 | }, 164 | 'approve-with-balance-verify' : { 165 | 'severity' : vscode.DiagnosticSeverity.Warning, 166 | 'type' : 'erc20' 167 | } 168 | }; 169 | 170 | // this method is called when your extension is activated 171 | // your extension is activated the very first time the command is executed 172 | export function activate(context: vscode.ExtensionContext) { 173 | 174 | console.log('Started SECBIT Solidity Static Analysis Extension'); 175 | 176 | var l = ""; 177 | for(let issue in secbitKnownIssues) { 178 | var s = 'Information'; 179 | if(secbitKnownIssues[issue].severity == vscode.DiagnosticSeverity.Warning) { 180 | s = 'Warning'; 181 | } else if(secbitKnownIssues[issue].severity == vscode.DiagnosticSeverity.Error) { 182 | s = 'Error'; 183 | } 184 | l = l + '* '+issue+'\n**'+secbitKnownIssues[issue].type+'**\n**'+s+'**\n\n'; 185 | } 186 | 187 | let dc: vscode.DiagnosticCollection = vscode.languages.createDiagnosticCollection('solidity'); 188 | 189 | function processErrors(doc : vscode.TextDocument, errs) { 190 | dc.clear(); 191 | // Collect diagnostics. 192 | var diags : vscode.Diagnostic[] = []; 193 | for(let err of errs) { 194 | console.log('Processing [' + err.tag + ']'); 195 | var severity = vscode.DiagnosticSeverity.Information; 196 | if(!!secbitKnownIssues[err.tag]) { 197 | severity = secbitKnownIssues[err.tag].severity; 198 | } 199 | const diag = new vscode.Diagnostic( 200 | new vscode.Range( 201 | Number(err.startline)-1, 202 | Number(err.startcolumn)-1, 203 | Number(err.endline)-1, 204 | Number(err.endcolumn)-1 205 | ), 206 | '[secbit:' + err.tag + '] ' + err.desc, 207 | severity 208 | ); 209 | diags.push(diag); 210 | } 211 | dc.set(doc.uri, diags); 212 | } 213 | 214 | function updateDiags(doc : vscode.TextDocument) { 215 | if(doc.languageId != 'solidity') { 216 | return; 217 | } 218 | console.log('Started SECBIT analysis...'); 219 | 220 | // Invoke solc with secbit args. 221 | let config = vscode.workspace.getConfiguration('secbit'); 222 | 223 | var tags = []; 224 | if(!!config.enables) { 225 | for(let tag of config.enables) { 226 | if(!!secbitKnownIssues[tag]) { 227 | tags.push(tag); 228 | } else { 229 | vscode.window.showInformationMessage('Unknown check: ' + tag); 230 | } 231 | } 232 | } 233 | 234 | if(!!config.solc && config.solc != "") { 235 | // Use the given solc. 236 | var args = ['-o', '/', '--overwrite']; 237 | 238 | if(!!config.noSMT && config.noSMT == true) { 239 | args.push('--no-smt'); 240 | } 241 | for(let tag of tags) { 242 | args.push('--secbit-tag'); 243 | args.push(tag); 244 | } 245 | if(config.asERC20 === true) { 246 | args.push('--erc20'); 247 | } 248 | // Use active editor as input file. 249 | let input = doc.uri.fsPath; 250 | // Error output. 251 | let output = input + ".err"; 252 | args.push('--secbit-warnings'); 253 | args.push(output); 254 | args.push(input); 255 | 256 | const solc = cp.spawn(config.solc, args); 257 | console.log("Running " + args.join(' ')); 258 | // Show error info. 259 | solc.on('error', (err) => { 260 | vscode.window.showInformationMessage('Failed to start ' + config.solc); 261 | }); 262 | solc.stderr.on('data', (data) => { 263 | vscode.window.showInformationMessage('Analysis failed:\n' + data); 264 | }); 265 | // On finish, update diagnostics. 266 | solc.on('close', (code) => { 267 | console.log(`solc exited with code ${code}`); 268 | if(code != 0) { 269 | if(fs.statSync(output)){ 270 | fs.unlinkSync(output); 271 | } 272 | return; 273 | } 274 | 275 | // Read errors from output file. 276 | var errs = []; 277 | try { 278 | var errFileContent = fs.readFileSync(output,'utf8'); 279 | errs = JSON.parse(errFileContent)['secbit-warnings']; 280 | } catch(e) { 281 | console.log(e); 282 | } 283 | if(fs.statSync(output)){ 284 | fs.unlinkSync(output); 285 | } 286 | processErrors(doc, errs); 287 | console.log('Finished processing solc output.'); 288 | }); 289 | } else { 290 | // Use soljson. 291 | const compileJSON = 292 | soljson.cwrap( 293 | 'compileJSON', 294 | 'string', 295 | [ 296 | 'string', //_input 297 | 'number', //_optimize 298 | 'number', //_isSECBIT 299 | 'number', //_noSMT 300 | 'number', //_asERC20 301 | 'string' //_tags 302 | ] 303 | ); 304 | 305 | const result = 306 | compileJSON( 307 | /*_input*/vscode.window.activeTextEditor.document.getText(), 308 | /*_optimize*/1, 309 | /*_isSECBIT*/1, 310 | /*_noSMT*/1, 311 | /*_asERC20*/config.asERC20 === true ? 1 : 0, 312 | /*_tags*/tags.join(',') 313 | ); 314 | 315 | const output = JSON.parse(result); 316 | try { 317 | processErrors(doc, output['errors']); 318 | } catch(e) { 319 | console.log(e); 320 | } 321 | } 322 | } 323 | 324 | context.subscriptions.push(vscode.commands.registerCommand('secbit.analyze', () => { 325 | let ae = vscode.window.activeTextEditor; 326 | if(ae) { 327 | updateDiags(ae.document); 328 | } 329 | })); 330 | 331 | vscode.workspace.onDidSaveTextDocument(document => { 332 | let config = vscode.workspace.getConfiguration('secbit'); 333 | if(!!config.onSave && config.onSave) { 334 | updateDiags(document); 335 | } 336 | }) 337 | } 338 | 339 | // this method is called when your extension is deactivated 340 | export function deactivate() { 341 | console.log('SECBIT Solidity Static Analysis Extension deactivated.'); 342 | } -------------------------------------------------------------------------------- /src/test/extension.test.ts: -------------------------------------------------------------------------------- 1 | // 2 | // Note: This example test is leveraging the Mocha test framework. 3 | // Please refer to their documentation on https://mochajs.org/ for help. 4 | // 5 | 6 | // The module 'assert' provides assertion methods from node 7 | import * as assert from 'assert'; 8 | 9 | // You can import and use all API from the 'vscode' module 10 | // as well as import your extension to test it 11 | // import * as vscode from 'vscode'; 12 | // import * as myExtension from '../extension'; 13 | 14 | // Defines a Mocha test suite to group tests of similar kind together 15 | suite("Extension Tests", function () { 16 | 17 | // Defines a Mocha unit test 18 | test("Something 1", function() { 19 | assert.equal(-1, [1, 2, 3].indexOf(5)); 20 | assert.equal(-1, [1, 2, 3].indexOf(0)); 21 | }); 22 | }); -------------------------------------------------------------------------------- /src/test/index.ts: -------------------------------------------------------------------------------- 1 | // 2 | // PLEASE DO NOT MODIFY / DELETE UNLESS YOU KNOW WHAT YOU ARE DOING 3 | // 4 | // This file is providing the test runner to use when running extension tests. 5 | // By default the test runner in use is Mocha based. 6 | // 7 | // You can provide your own test runner if you want to override it by exporting 8 | // a function run(testRoot: string, clb: (error:Error) => void) that the extension 9 | // host can call to run the tests. The test runner is expected to use console.log 10 | // to report the results back to the caller. When the tests are finished, return 11 | // a possible error to the callback or null if none. 12 | 13 | import * as testRunner from 'vscode/lib/testrunner'; 14 | 15 | // You can directly control Mocha options by uncommenting the following lines 16 | // See https://github.com/mochajs/mocha/wiki/Using-mocha-programmatically#set-options for more info 17 | testRunner.configure({ 18 | ui: 'tdd', // the TDD UI is being used in extension.test.ts (suite, test, etc.) 19 | useColors: true // colored output from test results 20 | }); 21 | 22 | module.exports = testRunner; -------------------------------------------------------------------------------- /tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "module": "commonjs", 4 | "target": "es6", 5 | "outDir": "out", 6 | "lib": [ 7 | "es6" 8 | ], 9 | "sourceMap": true, 10 | "rootDir": "src", 11 | /* Strict Type-Checking Option */ 12 | "strict": false, /* enable all strict type-checking options */ 13 | /* Additional Checks */ 14 | "noUnusedLocals": false /* Report errors on unused locals. */ 15 | // "noImplicitReturns": true, /* Report error when not all code paths in function return a value. */ 16 | // "noFallthroughCasesInSwitch": true, /* Report errors for fallthrough cases in switch statement. */ 17 | // "noUnusedParameters": true, /* Report errors on unused parameters. */ 18 | }, 19 | "exclude": [ 20 | "node_modules", 21 | ".vscode-test" 22 | ] 23 | } --------------------------------------------------------------------------------