0.10.1

0.10.1 - 2024-02-29

This is a minor release that adds support for Solidity 0.8.24 and top level events. It includes a new detector, out-of-order-retryable, which detects potential misuse of Arbitrum's retryable transactions. Also, there is a new CLI flag, --include-paths which allows one to only include results from a given path.

We would like to thank all of our external contributors:

• @VIELITE
• @mds1
• @UsmannK
• @ATREAY
• @dokzai

What's Changed

New Features

• Add support top level events by @smonicas in #2219
• Add support Solidity 0.8.24 by @smonicas in #2281
• Add --include-paths option by @smonicas in #2330
  • For example, slither . --include-paths (src/|contracts/) will only include results from files within src or contracts directory. Note, this is uses python-style regex and cannot be used at the same time as --filter-paths.
• Feat: out of order retryable detector by @0xalpharush in #2340

Bug Fixes

• Fix: is_reentrant for internal vyper functions by @0xalpharush in #2211
• Fix: iterative update by @0xalpharush in #2206
• Fix: detect selfdestruct in internal calls by @0xalpharush in #2232
• Fix using for when used with "this" by @smonicas in #2224
• Fix: broken doc links by @mds1 in #2299
• Fix: slither: utils: respect colorization state when printing tables by @elopez in #2310
• Fix: support inheritance resolution when contract name is reused by @0xalpharush in #2332
• Fix: support renaming in base inheritance and base constructor calls by @0xalpharush in #2320
• Fix: immediate inheritance by @Tiko7454 in #2306

Enhancements

• Update README.md by @VIELITE in #2198
• Update installation instrucitons by @0xalpharush in #2189
• Update Dockerfile by @0xalpharush in #2188
• Raise an error when a missing contract is specified to read-storage by @UsmannK in #2235
• Remove unused files by @0xalpharush in #2197
• Substituted the letter z with x in pre-declaration by @ATREAY in #2258
• Upgraded Slither-mutate by @vishnuram1999 in #2278
• Divide-before-multiply: Detect also in modifiers by @smonicas in #2280
• Properties, documentation: correct tool descriptions and usage by @elopez in #2311
• Fix example by @0xalpharush in #2312
• Make triage database path customizable by @elopez in #2298
• Create a variable API that filters out constants and immutables by @dokzai in #2323
• Add regression test for #2313 by @0xalpharush in #2321
• Msg-value-loop: Don't report if msg.value is in a conditional expression by @smonicas in #2239
• Incorrect-shift: Detect only assembly blocks by @smonicas in #2315
• Track storage variables read/written in assembly by @smonicas in #2329

New Contributors

• @VIELITE made their first contribution in #2198
• @UsmannK made their first contribution in #2235
• @ATREAY made their first contribution in #2258
• @vishnuram1999 made their first contribution in #2278

Full Changelog: 0.10.0...0.10.1