npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

solhint-community

v4.0.0

Published

Solidity Code Linter

Downloads

7,276

Readme

A community-maintained solhint fork

NPM
version MIT licensed

Telegram group badge

This is an open source project for linting Solidity code. This project provides both Security and Style Guide validations.

Why use this fork

This fork was started in mid 2023 to provide the community with an up-to-date linter regardless of protofire's funding allocations, which had proven inconsistent in the past with a big hiatus in development from 2021-2023 and in the middle of 2023.

Currently we're working on a major version change that'll hopefully bring many improvements desired by the community (see issues tagged with v4.0.0), at the cost of some breaking changes.

How to help out

  • If you're a linter user, please consider using the latest release candidate (currently using "^4.0.0-rc00" in your package.json will get you that), where features are first pushed, and report any errors/potential improvements so they don't get to affect most users.
  • If you want to help as a developer, grab some issue tagged with good-first-issue and see contributing.md for a quick start guide. Feel free to create new issues or drop by the telegram group to ask for help!

Installation

You can install solhint-community using npm:

npm install -g solhint-community

# verify that it was installed correctly
solhint --version

Usage

First initialize a configuration file, if you don't have one:

solhint init-config

This will create a .solhint.json file with the recommended rules enabled. Then run Solhint with one or more Globs as arguments. For example, to lint all files inside contracts directory, you can do:

solhint 'contracts/**/*.sol'

To lint a single file:

solhint contracts/MyToken.sol

Run solhint without arguments to get more information:

Usage: solhint [options] <file> [...other_files]

Linter for Solidity programming language

Options:
  -V, --version                           output the version number
  -f, --formatter [name]                  chosen formatter for reports (stylish, table, tap, unix, json, compact)
  -w, --max-warnings [maxWarningsNumber]  number of allowed warnings
  -c, --config [file_name]                extra config file to source, in addition to the defaults
  -q, --quiet                             report errors only. Takes precedence over --max-warnings - default: false
  --ignore-path [file_name]               file to use as your .solhintignore
  --fix                                   automatically fix problems. If used in conjunction with stdin, then fixed file will be printed to stdout and report will be omitted
  -h, --help                              display help for command

Commands:
  stdin [options]                         linting of source code data provided to STDIN
  init-config                             create configuration file for solhint
  list-rules                              display enabled rules of current config, including extensions

Exit codes

  • 0: linted files had no errors
  • 1: linted files had 1 or more errors, or more warnings than --max-warnings
  • 255: provided command-line options were invalid, see stderr for details

Configuration

You can use a .solhint.json file to configure Solhint for the whole project.

To generate a new sample .solhint.json file in current folder you can do:

solhint init-config

This file has the following format:

Default

{
  "extends": "solhint:recommended"
}

Sample

  {
    "extends": "solhint:recommended",
    "plugins": [],
    "rules": {
      "avoid-suicide": "error",
      "avoid-sha3": "warn"
    }
  }

A full list of all supported rules can be found here.

To ignore files that do not require validation you can use a .solhintignore file. It supports rules in the .gitignore format.

node_modules/
additional-tests.sol

Extendable rulesets

The extendable rulesets provided by solhint are the following:

  • solhint:recommended

Use one of these as the value for the "extends" property in your configuration file.

Configure the linter with comments

You can use comments in the source code to configure solhint in a given line or file.

For example, to disable all validations in the line following a comment:

  // solhint-disable-next-line
  uint[] a;

You can disable specific rules on a given line. For example:

  // solhint-disable-next-line not-rely-on-time, not-rely-on-block-hash
  uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number))));

Disable validation on current line:

  uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number)))); // solhint-disable-line

Disable specific rules on current line:

   uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number)))); // solhint-disable-line not-rely-on-time, not-rely-on-block-hash

You can disable a rule for a group of lines:

  /* solhint-disable avoid-tx-origin */
  function transferTo(address to, uint amount) public {
    require(tx.origin == owner);
    to.call.value(amount)();
  }
  /* solhint-enable avoid-tx-origin */

Or disable all validations for a group of lines:

  /* solhint-disable */
  function transferTo(address to, uint amount) public {
    require(tx.origin == owner);
    to.call.value(amount)();
  }
  /* solhint-enable */

Rules

Security Rules

Full list with all supported Security Rules

Style Guide Rules

Full list with all supported Style Guide Rules

Best Practices Rules

Full list with all supported Best Practices Rules

Documentation

Related documentation you may find here.

IDE Integrations

Table of Contents

  • Roadmap: The core project's roadmap - what the core team is looking to work on in the near future.
  • Contributing: The core Solhint team :heart: contributions. This describes how you can contribute to the Solhint Project.
  • Shareable configs: How to create and share your own configurations.
  • Writing plugins: How to extend Solhint with your own rules.

Plugins

Who uses Solhint-community?

Acknowledgements

The Solidity parser used is @solidity-parser/parser.

Licence

MIT