scout-soroban Turn detections on/off feature

Turn detections on/off feature

Open matiascabello opened this issue 6 months ago • 0 comments

Users should be able to turn detections on/off. This gives them the possibility to mark a detection as false positive, thus keeping it from being included in the report.

Cases

// Case 1 -  Triggers detection:
fn add_candidate(new_candidate: str) {
    storage().get("candidates").push_back(new_candidate);       
}

// Case 2 - Detection does not trigger:
#pragma: disable: set-contract-storage
fn add_candidate(new_candidate: str) {
    storage().get("candidates").push_back(new_candidate);       
}

// Case 3 - Scout should warn the user that an instruction to turn a detection off is implemented on code where the detection is not triggered.
#pragma: disable: set-contract-storage
fn add_candidate(new_candidate: str) {
    sender.require_auth();
    storage().get("candidates").push_back(new_candidate);       
}

Severity: minor

Scope of detection on/off:

Function
Line
File/crate
Loop
Struct

Jul 31 '24 19:07 matiascabello

scout-soroban scout-soroban copied to clipboard

Turn detections on/off feature

scout-soroban
scout-soroban copied to clipboard