Bump slither-analyzer from 0.9.6 to 0.10.0 in /scripts

[dependabot]

Bumps slither-analyzer from 0.9.6 to 0.10.0.

Release notes

Sourced from slither-analyzer's releases.

0.10.0 - 2023-10-18

This release adds support for Vyper 0.3.7 (thanks to the funding from VyperLang)! Currently, Vyper frameworks such as Ape are not supported. To run slither on Vyper codebases, target the source directory e.g. run slither ./contracts if the Vyper contracts are in the contracts/ directory.

Additionally, this release includes 5 new detectors, 3 new printers, and several bugs fixes related to recent solidity features. The echidna/medusa integration was sped up and provides more information to the fuzzers.

With the release of crytic-compile 0.3.5, support for foundry projects is significantly improved: Slither can now be run on a single file from a foundry project and detect the necessary imports automatically (ex: run slither contracts/some_file.sol instead of slither . ).

We would like to thank all of our external contributors:

• @​dokzai
• @​kevinclancy
• @​SEJeff
• @​SheldonHolmgren
• @​yisun92
• @​Tiko7454

What's Changed

New Features:

• Vyper support by @​0xalpharush in [PR #2099](crytic/slither#2099)
• 5 new detectors by @​montyly in [PR #2156](crytic/slither#2156)
  • incorrect-return / return-leave / incorrect-exp / tautological-compare / return-bomb
• Printers
  • ck by @​devtooligan in [PR #1895](crytic/slither#1895)
  • halstead by @​devtooligan in [PR #1878](crytic/slither#1878)
  • martin by @​devtooligan in [PR #1889](crytic/slither#1889)

Breaking Changes:

• Improve name resolution of type aliases by @​smonicas in [PR #2061](crytic/slither#2061)
• Change return type to UnaryType instead of UnaryOperationType by @​dokzai in [PR #2124](crytic/slither#2124)

Enhancements:

• Add CustomError as printable output by @​smonicas in [PR #2063](crytic/slither#2063)
• Improve mapping-deletion detector for nested mappings by @​smonicas in [PR #2084](crytic/slither#2084)
• Improve constants extraction of ReferenceVariable by @​smonicas in [PR #2098](crytic/slither#2098)
• Better struct handling in code generation util by @​webthethird in [PR #2068](crytic/slither#2068)
• Add end assembly node in the cfg by @​smonicas in [PR #2078](crytic/slither#2078)
• Use crytic-compile 0.3.5

Bug Fixes:

• Fix CONTRIBUTING.md by @​smonicas in [PR #2052](crytic/slither#2052)
• Fix ternary rewrite test and make assertion more strict by @​0xalpharush in [PR #2067](crytic/slither#2067)
• UnaryOperation: -variable and +variable doesn't make variable an lvalue by @​SheldonHolmgren in [PR #2027](crytic/slither#2027)
• Fix assertion failure in dominator computation for dead code by @​Tiko7454 in [PR #1984](crytic/slither#1984)
• Fix typo in Contract.get_state_variable_from_canonical_name() by @​yisun92 in [PR #1983](crytic/slither#1983)
• Fix divide before multiply detector non deterministic results by @​smonicas in [PR #2114](crytic/slither#2114)
• Detectors: cache_array_length: include source mapping in finding by @​elopez in [PR #2076](crytic/slither#2076)
• Fix a typo in the help text by @​SEJeff in [PR #2155](crytic/slither#2155)

... (truncated)

Commits

• e3dcf1e Merge pull request #2186 from crytic/bump-version
• c422c0d Update setup.py
• 14ed685 Merge pull request #2183 from crytic/dev
• dded959 revert crytic/slither#2105 (#2185)
• c04e860 Update README.md (#2177)
• 46be017 update vyper cfg to include reachability (#2182)
• e3346c0 Merge pull request #2175 from crytic/dependabot/npm_and_yarn/tests/e2e/compil...
• 771d5da Merge pull request #2176 from crytic/dependabot/npm_and_yarn/tests/e2e/compil...
• a433e3b Bump semver in /tests/e2e/compilation/test_data/test_node_modules
• e94c582 Bump @​openzeppelin/contracts
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (16ff939) 95.69% compared to head (24bc311) 95.69%.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop     #406   +/-   ##
========================================
  Coverage    95.69%   95.69%           
========================================
  Files            6        6           
  Lines           93       93           
  Branches        12       12           
========================================
  Hits            89       89           
  Misses           4        4           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.