slither icon indicating copy to clipboard operation
slither copied to clipboard
verified publisher icon crytic

[Bug-Candidate]: Foundry project with node module dependencies can not be analyzed in github action.

Open Supeeerpower opened this issue 3 months ago • 6 comments

Describe the issue:

Following up the issue - https://github.com/crytic/slither-action/issues/96

CI is continuously failing, seems like dependency issues. Could you please give me full suggestion to add slither ci?

I didn't test it locally. I can't find the way to set ignore-compile true.

Code example to reproduce the issue:

https://github.com/Lay3rLabs/poa-middleware/blob/feat/ci-workflow/.github/workflows/slither.yml

https://github.com/Lay3rLabs/poa-middleware/actions/runs/17736742237/job/50400350044?pr=10

Version:

0.11.3

Relevant log output:

Supeeerpower avatar Sep 15 '25 15:09 Supeeerpower

Hi! You can use --ignore-compile flag on the command line locally to set that.

elopez avatar Sep 15 '25 16:09 elopez

Thank you for letting me know. It's failing in the same way as CI.

Supeeerpower avatar Sep 15 '25 16:09 Supeeerpower

@elopez Could you please help me with this problem? or do I need to change dependencies with gitsubmodule?

Supeeerpower avatar Sep 15 '25 19:09 Supeeerpower

did you try what I suggested here (adding --build-info) https://github.com/crytic/slither-action/issues/96#issuecomment-3292037728 ?

elopez avatar Sep 15 '25 19:09 elopez

Yes, I already did, and I attached failing log

Supeeerpower avatar Sep 15 '25 19:09 Supeeerpower

@Supeeerpower we're looking into it with @smonicas, we suspect it could be related to this foundry issue https://github.com/foundry-rs/compilers/issues/246 as you have source files outside of the foundry project root (namely ../node_modules/...). As a workaround you can try and move your node modules to within the contracts folder and adjust your remappings and foundry config to use the new location, then it seems to work.

elopez avatar Sep 15 '25 20:09 elopez