v0.0.24

What's Changed

• Remove openssl dependency from reqwest crate by @TilakMaddy in #337
• bump version to v0.0.24 by @alexroan in #340
• CI Check Reports Debugging by @alexroan in #341
• Add slither acknowledgement by @PatrickAlphaC in #342
• New abstractions: peek_over and peek_under (essential for some detectors) by @TilakMaddy in #338
• Update LICENSE by @PatrickAlphaC in #344
• Updates readme with docs by @Eversmile12 in #347
• Update README.md by @Eversmile12 in #348
• Fix: Remove unused code - ResuableDetectorNamePool by @TilakMaddy in #356
• Non reentrant modifier name detection is more generalized by @TilakMaddy in #351
• Chore: Setting up hackathon demo by @alexroan in #357
• load_multiple_contracts test helper by @alexroan in #365
• New Detector: reverts and requires inside for loops / while loops by @TilakMaddy in #353
• Match readme wording to docs by @alexroan in #367

Release Notes

• Reintroduce update checking but without using OpenSSL in the request crate
• Slither acknowledgment in the Readme
• New AST traversal abstractions: peek_over and peek_under
• Update License to GNU GPL
• https://docs.cyfrin.io/ added to readme
• load_multiple_contracts test helper
• New detector: low, reverts and requires inside loops

Full Changelog: v0.0.23...v0.0.24

v0.0.23

What's Changed

• Remove openSSL dependency by @alexroan in #334
• Bump version v0.0.23 by @alexroan in #336

Full Changelog: v0.0.22...v0.0.23

v0.0.22

What's Changed

• Benchmarks for Aderyn and individual detectors by @TilakMaddy in #290
• Bump version by @alexroan in #329
• Feature peek into node to see the source code as string + TODO Detector by @TilakMaddy in #261
• Remove ENV vars in favour of CLI args by @alexroan in #330
• Notify aderyn users when a new version is released ! by @TilakMaddy in #263
• Reclassify detectors by @alexroan in #331

Release Notes

• Benchmark aderyn and its detectors (not yet included in CI)
• peek() enables detectors to look at the source code of the ASTNode, to run string comparisons against.
• ENV vars moved into CLI args.
• At the end of each run, check if there is a newer version of aderyn available.
• Reclassify detectors to HIGH:
  • avoid_abi_envode_packed
  • unprotected_init_function

Full Changelog: v0.0.21...v0.0.22

v0.0.21

What's Changed

• Staging v0.0.19 by @alexroan in #277
• v0.0.20 Staging by @alexroan in #295
• Merge pull request #295 from Cyfrin/dev by @alexroan in #312
• Update issue templates by @Eversmile12 in #317
• Update CONTRIBUTING.md by @Eversmile12 in #315
• Update CONTRIBUTING.md by @Eversmile12 in #322
• Bump version to 0.0.21 by @alexroan in #323
• Reduce number of severity categories to just High and Low by @alexroan in #324
• small template fixes by @alexroan in #325

Release Notes

• Updates to Contributing and Issue guidelines
• Reduce the number of severity categories to just two: High and Low
  • Highs represent things that should definitely addressed
  • Low represent nice to haves, but not mandatory

Full Changelog: v0.0.20...v0.0.21

v0.0.20

What's Changed

• Bump version to v0.0.20 by @alexroan in #294
• Fix/forge not installed in ci by @TilakMaddy in #292
• New browser module: previous and next sibling by @TilakMaddy in #291
• Docs: Email added to contributing doc by @alexroan in #303
• Detector improvement: Reduce false positives in unsafe ERC721 mint by @alexroan in #304
• Kill nyth by @alexroan in #307
• Detector templates by @alexroan in #308
• Kill Reusable Detectors by @alexroan in #309
• Kill criticals by @alexroan in #311

Release Notes

• Fail aderyn on forge build --ast failure
• get_next_sibling and get_previous_sibling
• Reduce false positives in Unsafe ERC20 mint detector
• Kill nyth
• Kill ReusableDetectors
• Kill Critical severity
• Detector templates in each severity folder

Full Changelog: v0.0.19...v0.0.20

v0.0.19

What's Changed

• v0.0.18 Staging by @alexroan in #236
• Broken history by @alexroan in #276
• Bump version to v0.0.19 by @alexroan in #278
• Accommodate for non default FOUNDRY_PROFILE by @TilakMaddy in #270
• Detector fix/enhancement : Do not catch internal functions used only once that start with _ by @TilakMaddy in #268
• New Detector: Unprotected initialize function by @TilakMaddy in #257
• Browser module for sort_by_line_nos() for an array of ASTNodes + (Hidden Test Fix) by @TilakMaddy in #279
• New detector: Inconsistent type names detector by @TilakMaddy in #258
• Debt: Clean foundry environment by @alexroan in #288
• Enhancement/renaming thread by @TilakMaddy in #289

Release Notes:

• Reduce the amount of Rust code required for AST traversal abstractions (extractor patter, parent(), etc)
• Alter Nyth init flow to build --ast
• Accommodate for non-default FOUNDRY_PROFILE
• sort_by_src_position - with a vector of nodes, this sorts them by their position in the code (useful for things like CEI pattern)
• Rename parents references to ancestors
• Detectors:
  • NEW:
    • Unprotected initialize functions
    • Inconsistent unit(256) and int(256) type declarations within a contract
  • FIX: Internal functions used only once now ignores functions with underscore prefixes

Full Changelog: v0.0.18...v0.0.19

v0.0.18

What's Changed

• v0.0.17 Staging by @alexroan in #226
• Feature/docker by @lukapodlesnik in #233
• Feature/ Implementation of Node interface for ASTNode unlocks the whole Extraction Library by @TilakMaddy in #237
• Detector improvements: centralization & Zero address by @alexroan in #239
• bump version by @alexroan in #240
• New Detector: Modifiers used only once can be shoe-horned into the function itself by @TilakMaddy in #218
• Multiple detector improvements by @alexroan in #244
• Cross compilation in CI by @alexroan in #245
• Speed up cli/reportgen.sh by 10x by @TilakMaddy in #246
• Utility function - immediate children on any Node (or) ASTNode by @TilakMaddy in #247
• Allow to find relative location between ASTNodes (appears_after and appears_before) by @TilakMaddy in #248
• New Detector: Empty blocks of code should be removed by @TilakMaddy in #217
• Chore: Master merge by @alexroan in #251
• Fix for override specifier propagation in modifier by @TilakMaddy in #250

New Contributors

• @lukapodlesnik made their first contribution in #233

Full Changelog:

• Dockerfile
• DevEx improvements:
  • Node interface for ASTNode enabling more abstractions for the Extractor library
  • Extract immediate children from Node or ASTNode
  • appears_before and appears_after in the source code for AST nodes.
  • reportgen speedup
• Detector improvements:
  • #234
  • #235
  • #241
  • #242
  • #243
• New Detectors:
  • NC: modifiers used only once can be inlined
  • NC: Empty code blocks
• CI: Cross-compilation

v0.0.17

• Fixes:
  • Parent corruption in identifiers.
  • CLOC panic when an empty solidity file is input.
• Remove aderyn_nodejs until a better solution is found.
• Output to stdout with --stdout arg. (useful for toolchains)
• ASTNode abstractions:
  • capture! allows for abstracted ASTNode types to be passed in as well as specific node types - Makes capturing cleaner.
  • x.closest_parent_of_type(context, NodeType::Block) where x can be an ASTNode type instead of a specific type.
• New Detectors:
  • NC: Internal functions used only once could be inlined
  • NC: Large literals should be replaced with scientific notation

v0.0.16

• Changed BTreeMap structure to include the exact source location as well as contract path and line number.
• Print the exact src location in the json output for tool usage
• Improvements to the Constants instead of Literals detector
• id() method for AST Nodes
• nyth accepts same flags as aderyn
• AST traversal:
  • .parent() accessor
  • GetParent replaced with new "closest parent of type X"
  • Full parent chain retrieval
• ADERYN_CLOC_SKIP=1 flag to skip line counting
• Better framework error message

v0.0.15

• Detectors run in parallel.
• Readme files in each major crate.
• FunctionCallOptions extractor.
• Nyth - errors when init run on an existing folder.
• Revamped parent node retrieval.
• Alter foundry driver to account for Foundry removing AST from the output by default