Feature/add dependabt config by gsoares85 · Pull Request #385 · rsksmart/tokenbridge

Check warning on line 31 in bridge/contracts/zeppelin/upgradable/proxy/UpgradeableProxy.sol

Code scanning / Slither

Unused return Medium

UpgradeableProxy.constructor(address,bytes) ignores return value by Address.functionDelegateCall(_logic,_data)

Check warning on line 120 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Unused return Medium

TransparentUpgradeableProxy.upgradeToAndCall(address,bytes) ignores return value by Address.functionDelegateCall(newImplementation,data)

Check notice on line 20 in bridge/contracts/Proxies.sol

Code scanning / Slither

Local variable shadowing Low

FederationProxy.constructor(address,address,bytes)._admin shadows:
- TransparentUpgradeableProxy._admin() (function)

Check notice on line 15 in bridge/contracts/Proxies.sol

Code scanning / Slither

Local variable shadowing Low

AllowTokensProxy.constructor(address,address,bytes)._admin shadows:
- TransparentUpgradeableProxy._admin() (function)

Check notice on line 10 in bridge/contracts/Proxies.sol

Code scanning / Slither

Local variable shadowing Low

BridgeProxy.constructor(address,address,bytes)._admin shadows:
- TransparentUpgradeableProxy._admin() (function)

Check notice on line 60 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Incorrect modifier Low

Modifier TransparentUpgradeableProxy.ifAdmin() does not always execute _; or revert

Check warning on line 78 in bridge/contracts/zeppelin/upgradable/proxy/UpgradeableProxy.sol

Code scanning / Slither

Assembly usage Warning

UpgradeableProxy._setImplementation(address) uses assembly
- INLINE ASM

Check warning on line 143 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Assembly usage Warning

TransparentUpgradeableProxy._setAdmin(address) uses assembly
- INLINE ASM

Check warning on line 42 in bridge/contracts/zeppelin/upgradable/proxy/Proxy.sol

Code scanning / Slither

Assembly usage Warning

Proxy._delegate(address) uses assembly
- INLINE ASM

Check warning on line 131 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Assembly usage Warning

TransparentUpgradeableProxy._admin() uses assembly
- INLINE ASM

Check warning on line 189 in bridge/contracts/zeppelin/utils/Address.sol

Code scanning / Slither

Assembly usage Warning

Address._verifyCallResult(bool,bytes,string) uses assembly
- INLINE ASM

Check warning on line 54 in bridge/contracts/zeppelin/upgradable/proxy/UpgradeableProxy.sol

Code scanning / Slither

Assembly usage Warning

UpgradeableProxy._implementation() uses assembly
- INLINE ASM

Check warning on line 3 in bridge/contracts/Proxies.sol

Code scanning / Slither

Incorrect versions of Solidity Warning

Version constraint ^0.8.0 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- FullInlinerNonExpressionSplitArgumentEvaluationOrder
- MissingSideEffectsOnSelectorAccess
- AbiReencodingHeadOverflowWithStaticArrayCleanup
- DirtyBytesArrayToStorage
- DataLocationChangeInInternalOverride
- NestedCalldataArrayAbiReencodingSizeValidation
- SignedImmutables
- ABIDecodeTwoDimensionalArrayMemory
- KeccakCaching.
It is used by:
- ^0.8.0
- ^0.8.0
- ^0.8.0
- ^0.8.0
- ^0.8.0

Check warning on line 170 in bridge/contracts/zeppelin/utils/Address.sol

Code scanning / Slither

Low-level calls Warning

Low level call in Address.functionDelegateCall(address,bytes,string):
- (success,returndata) = target.delegatecall(data)

Check warning on line 60 in bridge/contracts/zeppelin/utils/Address.sol

Code scanning / Slither

Low-level calls Warning

Low level call in Address.sendValue(address,uint256):
- (success,None) = recipient.call{value: amount}()

Check warning on line 122 in bridge/contracts/zeppelin/utils/Address.sol

Code scanning / Slither

Low-level calls Warning

Low level call in Address.functionCallWithValue(address,bytes,uint256,string):
- (success,returndata) = target.call{value: value}(data)

Check warning on line 146 in bridge/contracts/zeppelin/utils/Address.sol

Code scanning / Slither

Low-level calls Warning

Low level call in Address.functionStaticCall(address,bytes,string):
- (success,returndata) = target.staticcall(data)

Check warning on line 263 in bridge/contracts/MultiSigWallet.sol

Code scanning / Slither

Assembly usage Warning

MultiSigWallet.external_call(address,uint256,uint256,bytes) uses assembly
- INLINE ASM

Check warning on line 3 in bridge/contracts/MultiSigWallet.sol

Code scanning / Slither

Incorrect versions of Solidity Warning

Version constraint ^0.8.0 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- FullInlinerNonExpressionSplitArgumentEvaluationOrder
- MissingSideEffectsOnSelectorAccess
- AbiReencodingHeadOverflowWithStaticArrayCleanup
- DirtyBytesArrayToStorage
- DataLocationChangeInInternalOverride
- NestedCalldataArrayAbiReencodingSizeValidation
- SignedImmutables
- ABIDecodeTwoDimensionalArrayMemory
- KeccakCaching.
It is used by:
- ^0.8.0

Check warning on line 263 in bridge/contracts/MultiSigWallet.sol

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Function MultiSigWallet.external_call(address,uint256,uint256,bytes) is not in mixedCase

Check warning on line 175 in bridge/contracts/MultiSigWallet.sol

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter MultiSigWallet.changeRequirement(uint256)._required is not in mixedCase

Check failure on line 120 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Incorrect return in assembly High

TransparentUpgradeableProxy.upgradeToAndCall(address,bytes) calls TransparentUpgradeableProxy.ifAdmin() which halt the execution return(uint256,uint256)(0,returndatasize()())

Check failure on line 86 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Incorrect return in assembly High

TransparentUpgradeableProxy.implementation() calls TransparentUpgradeableProxy.ifAdmin() which halt the execution return(uint256,uint256)(0,returndatasize()())

Check failure on line 108 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Incorrect return in assembly High

TransparentUpgradeableProxy.upgradeTo(address) calls TransparentUpgradeableProxy.ifAdmin() which halt the execution return(uint256,uint256)(0,returndatasize()())

Check failure on line 73 in bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol

Code scanning / Slither

Incorrect return in assembly High

TransparentUpgradeableProxy.admin() calls TransparentUpgradeableProxy.ifAdmin() which halt the execution return(uint256,uint256)(0,returndatasize()())

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature/add dependabt config #385

Feature/add dependabt config #385

31 new alerts including 6 high severity security vulnerabilities

New alerts in code changed by this pull request

Annotations

Re-running checks...

Feature/add dependabt config #385

Are you sure you want to change the base?

feat: add dependabot configuration to github actions

Feature/add dependabt config #385

31 new alerts including 6 high severity security vulnerabilities

New alerts in code changed by this pull request

Annotations

Re-running checks...