Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@nomicfoundation/solidity-analyzer

Package Overview
Dependencies
Maintainers
2
Versions
6
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@nomicfoundation/solidity-analyzer

`@nomicfoundation/solidity-analyzer` is an N-API library built in Rust, which exposes a single function, which takes the contents of a Solidity source file and returns its imports and version pragmas.

  • 0.0.4
  • Source
  • npm
  • Socket score

Version published
Maintainers
2
Created
Source

@nomicfoundation/solidity-analyzer

@nomicfoundation/solidity-analyzer is an N-API library built in Rust, which exposes a single function, which takes the contents of a Solidity source file and returns its imports and version pragmas.

Installation

npm install @nomicfoundation/solidity-analyzer

API

export interface AnalysisResult {
  versionPragmas: Array<string>;
  imports: Array<string>;
}

export function analyze(input: string): AnalysisResult;

Example

analyze(`
  pragma solidity ^0.8.0;

  import "./file.sol";
`);

// { versionPragmas: [ '^0.8.0' ], imports: [ './file.sol' ] }

Goals

This library has two different goals:

  1. Being fast
  2. Being error-tolerant

Both are achieved by not parsing the Solidity source but just tokenizing it instead. This allows us to create a simple state machine that only recognizes imports and pragmas, ignoring everything else, and recovering from malformed tokens or expressions.

Browser support

This library doesn't work in a browser.

Testing

This project has some JavaScript unit tests in __test__, and it's also tested using the entire smart-contract-sanctuary.

You can find the scripts to test with the sanctuary in test-with-sanctuary/.

Regenerating index.js and index.d.ts

These files have to be committed because of our current Github Actions, yet, they are autogenerated.

You can run cargo clean, yarn clean, and yarn build to recreate them.

FAQs

Package last updated on 15 Sep 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc