scout-soroban
scout-soroban copied to clipboard
CoinFabrik
Scout is an extensible open-source tool intended to assist Stellar Soroban smart contract developers and auditors detect common security issues and deviations from best practices.
Add documentation for inadequate instance storage documentation. - Update README file to include the new detector in the dectors list. - Write detector documentation. Reference: https://github.com/CoinFabrik/scout-soroban/issues/287
Users should be able to turn detections on/off. This gives them the possibility to mark a detection as false positive, thus keeping it from being included in the report. **Cases**...
Avoid using external packages to generate PDF and sarif reports.
Addressing a user request: https://github.com/CoinFabrik/scout-soroban/issues/239 Reports should include a list of the detectors that were executed on the targeted project. By including this list, users can see the list of...
The Scout report shown in GitHub pull requests has errors in its links. 1- Summary section ⚠ The list of packages and issues will be replaced by the summary table...
This issue involves a poor implementation of the allowance function in the Token SEP-041 interface. While the `approve` function in SEP-041 allows passing an `expiration_ledger`: ```rust fn approve(e: Env, from:...
**Problem** A developer may implement a contract that does not emit any event. **Detector** Trigger: Emit a warning when a contract does not include any events. Severity: Enhancement.
The detector should be triggered when a part of the codebase is not covered by the tests.
**Use case** When a package fails to compile. **Expected behavior** - List the name of the packages that failed to compile. - Do not output in the report any issue...
Metadata
Owner
Metadata
Scout is an extensible open-source tool intended to assist Stellar Soroban smart contract developers and auditors detect common security issues and deviations from best practices.