remix-analyzer

Remix Analyzer

remix-analyzer is a tool to perform static analysis on Solidity smart contracts to check security vulnerabilities and bad development practices. It works underneath Remix IDE plugin "SOLIDITY STATIC ANALYSIS" which is used to run analysis for a compiled contract according to selected modules.

Installation

remix-analyzer is an NPM package and can be installed using NPM as:

npm install remix-analyzer

How to use

remix-analyzer exports below interface:

import { CompilationResult, AnalyzerModule, AnalysisReport } from 'types';
declare type ModuleObj = {
    name: string;
    mod: AnalyzerModule;
};
export default class staticAnalysisRunner {
    /**
     * Run analysis (Used by IDE)
     * @param compilationResult contract compilation result
     * @param toRun module indexes (compiled from remix IDE)
     * @param callback callback
     */
    run(compilationResult: CompilationResult, toRun: number[], callback: ((reports: AnalysisReport[]) => void)): void;
    
    /**
     * Run analysis passing list of modules to run
     * @param compilationResult contract compilation result
     * @param modules analysis module
     * @param callback callback
     */
    runWithModuleList(compilationResult: CompilationResult, modules: ModuleObj[], callback: ((reports: AnalysisReport[]) => void)): void;
    
    /**
     * Get list of all analysis modules
     */
    modules(): any[];
}

One can import the module and use the available methods to run analysis. Related type descriptions can be seen here.

Details of modules are explained in official remix-ide documentation.

Contribute

We are always open to new features or bug reports. Please feel free to open an issue or a pull request.

In case you want to add some code, do have a look to our contribution guidelnes here. Reach us in Gitter in case of any queries.

License

MIT © 2018-20 Remix Team