Slither
(Supported since Remix IDE v0.15.0 and Remixd v0.5.0)
Remixd and Slither
Note: If you have not used remixd
before, read more about it here
When remixd NPM module is installed, it also installs Slither and solc-select and latest version of solc.
Python3.6+ (pip3)
needs to already be installed on the System. In case of any discrepancy, Slither can also be installed along with other dependencies using command remixd -i slither
(This packaging of Slither with the remixd module is supported since Remixd v0.6.3
)
when remixd
is running locally on your device, an additional websocket plugin will be listening on port 65523
which will be dedicated for Slither integration. (Supported since Remixd v0.5.0
)
The remixd Slither listener is a websocket plugin similar to remixd and is used to perform Slither analysis with Remix IDE.
Enable Slither Analysis
Prerequisites
To use Slither analysis with Remix IDE efficiently, following tools should be installed locally on the system:
Solc: https://docs.soliditylang.org/en/latest/installing-solidity.html
Solc-select: https://github.com/crytic/solc-select#quickstart
There are setup with remixd installation or can be done using remixd -i slither
command.
How to use
If a project is shared through remixd and localhost
workspace is loaded in Remix IDE, there will be an extra checkbox shown in Solidity Static Analysis
plugin with the label Enable Slither Analysis
.
There is an info icon on the right side of the label which redirects to a specific section of Remix official documentation that explains how to use Slither Analysis and prerequisites for it.
One can check the Enable Slither Analysis
box to run the analysis using Slither along with the Remix’s analysis library.
Latest report of Slither analysis will be stored locally on project root with a file named as remix-slither-report.json
.
Slither Analysis report will also be displayed on the Remix IDE side after the Remix analysis report for better user readability.
The result of the analysis will be shown in the Remix IDE terminal
and also in the remixd console.
To only run Slither Analysis, deselect Select all
checkbox and click on Run
. Now it will show only the Slither Analysis report.
By default, it doesn’t show the warnings for external libraries like remix-tests.sol, hardhat/console.sol etc. To have a look at them, check the box with label Show warnings for external libraries
.
More Details
Analysis for Slither is run using the version set in Solidity Compiler
plugin on Remix IDE. Slither is a CLI tool and requires solc
to run the analysis. Before running the analysis, Slither websocket plugin checks if current version of solc is same as the version set in Remix IDE.
If the compiler version set in Solidity Compiler is different from current version of solc installed locally, the Slither websocket plugin will update the solc
to be the same as the required version solc-select
.
For example, if current solc
version on the system is 0.8.4 and on the Remix IDE 0.8.6 is set, remixd
logs explain remote solc version selection
After successful analysis run: