v4.3.0 🎄

Features:

• print warnings when a detector set in config options is not discovered (both on the CLI and in LSP)
• added new complex-struct-getter and struct-mapping-deletion detectors
• added new c3-linearization printer
• re-run detectors after modifying a loaded detector

Fixes:

• fixed Yul return ignored in the control flow graph
• fixed AssertionError in call traces when running out of gas
• fixed abi-encode-with-signature detector when processing signatures with nested brackets
• fixed detectors were not re-run after changing a detector-specific setting
• bumped abch-tree-sitter minimal version, fixing the language server crashes caused by distutils not being available in Python 3.12

v4.2.0

Features:

• wake open command to open any Github or Etherscan-like project
• wake up alias for wake init
• new unused-function and unused-modifier detectors
• helper functions for working with storage variables now can handle whole arrays and structs
• wake detect and wake print commands now accept --theme options

Changes:

• changed unused-import detections impact from warning to info

Fixes:

• fixed compiler crashes when using SMTChecker

v4.1.2

Fixes:

• solc binaries are automatically re-installed if corrupted
• added --silent mode to fix LSP server crashes on Windows because of unicode

v4.1.1

• fixed script responsible for migration to XDG paths when the global config file already exists
• fixed assertion error in ownable pattern detection, manifested mainly by reentrancy detector crashes

v4.1.0

• added new printers:
  • control-flow-graph
  • imports-graph
  • inheritance-graph
  • inheritance-tree
  • modifiers
  • state-changes
• lsp_range and IR declaration name_location are now used in SARIF export
• implemented SolidityName Click parameter type for Solidity name shell completions
• improved wake detect and wake print help messages
• added a new Command-line interface docs page under the static analysis section
• state changes are now evaluated even for Yul blocks
• fixed crashes caused by YulLiteral.value being unset

v4.0.1

• fixed SARIF export crashing in Github action
• fixed wake detect incorrect exit codes
• fixed exporting ignored detections in SARIF format
• minor changes to the documentation

V4.0.0: Static analysis framework

• reviewed, updated and documented IR model

  • all IR nodes are now documented, generated docs available at https://ackeeblockchain.com/wake/docs/latest/ in API reference
  • added link to SourceUnit from all IR nodes
  • added link to nearest StatementAbc from all expressions
  • added link to declaration (FunctionDefinition/ModifierDefinition) from all statements
  • added link to InlineAssembly from all Yul nodes

• updated control flow graph

  • Yul is now fully supported; InlineAssembly blocks are now decomposed into Yul statemenets
  • successful execution and reverting execution is now distinguished in control flow graph
  • assert/require/revert function calls are now handled (including these calls in conditionals)
  • fixed missing edge for in try/catch statement

• development & testing framework

  • all default accounts (default_tx_account, default_call_account, default_estimate_account, default_access_list_account) are now set by default
  • may_revert and must_revert context managers now re-raise original exception when it does not match one of arguments
  • significantly improved performance when accessing tx.events
  • improved event resolving algorithm
  • added origin field to all events, describing contract Account that emitted event
  • improved forked chain ID detection
  • fuzz command was integrated into test command
  • both single-process and multi-process tests now use pytest
    • running tests without pytest is still supported with --no-pytest flag

• added support for Solidity 0.8.21, 0.8.22 and 0.8.23

• added experimental support for Python 3.12

• rebranded from Woke to Wake

  • implemented automatic migration script for migrating project-specific and global files

• all CLI commands now accept --config option for setting local config path

• implemented svm install --all to install all matching solc versions

• renamed ignore_paths config options to exclude_paths

  • automatic migration script performs automatic renaming

• all solc optimizer settings may now be configured

• implemented new wake init config command for initializing only config file

• new detectors & printers API

  • printers are similar to detectors but allow printing (or exporting in other ways) any useful information
  • users may create custom detectors & printers using documented API
  • may be project-specific, global and loaded from plugin packages
  • project-specific detectors/printers must be first confirmed as verified to protect users downloading others (potentially malicious) projects
  • both detectors and printers may accept any number of Click options and arguments that can be set in CLI, ENV variables and TOML files
  • detector results and compiler warnings may be ignored using // wake-disable-* comments
  • loading priorities may be specified for multiple detectors/printers with the same name loaded from multiple plugin packages
  • wake.analysis, wake.ir and networkx are now imported as lazy modules to improve auto-completions speed in CLI
  • detectors cannot crash LSP server or prevent other detectors from executing, errors are reported to LSP clients
  • logging module logger attached to each detector/printer; logging messages are redirected to LSP client when running LSP server
  • detectors are live-reloaded after modifications when running LSP server, no need to restart LSP server to trigger changes
  • added helper CLI and LSP commands for creating new detector/printer from template
  • added more export formats to detectors and printers
  • both detectors and printers may be launched in --watch mode
  • implemented export to SARIF format for detectors
  • detectors may now assign dynamic impact & confidence per-detection

• implemented ready-to-use printers

  • abi for exporting contract ABI
  • storage-layout for printing contract storage layout
  • tokens for finding all ERC-20/ERC-721/ERC-1155 tokens in project

• improved existing detectors

• implemented new detectors

  • abi-encode-with-signature for detecting invalid ABI signatures
  • incorrect-interface for detecting incorrectly implemented ERC-20/ERC-721/ERC-1155 interface
  • unused-import for finding unused imports

v3.6.1

Fixes:

• fixed crashes caused by overloaded functions imported in import directives
• fixed crashes caused by new expressions being top-level expressions in expression statements

v3.6.0

Features:

• implemented get_logic_contract helper function
• implemented read_storage_variable and write_storage_variable helper functions
• implemented mint_erc20 and burn_erc20 helper functions
• added support for the Erigon client
• Account.new now accepts extra_entropy argument
• added Holesky testnet explorer info
• call traces now contain more info (gas, value, sender, return value, error), the output is configurable

Changes:

• ipdb debugger is not attached on an exception with woke --debug (except for woke --debug test)
• private keys are now shared across all account instances with the same address, independent of a chain
• improved random_bytes performance
• Account.new() is now deterministic in woke.testing, improved performance
• Account labels are now applied in call trace arguments

Fixes:

• remappings priority rule if multiple matching, causing compilation errors
• workaround for Anvil constructor revert missing data
• added missing solc compiler error type
• fixed may_revert, must_revert context managers
• fixed non-elementary import cycles causing missing pytypes
• fixed instantiation of cyclically imported symbols in pytypes
• fixed pytypes - $ in Solidity identifiers
• fixed generating pytypes - same file multiple source unit names
• fixed error importing pytypes if __init__.py does not exist in tests or scripts
• fixed collecting coverage before tx mined

v3.5.0

Features:

• implemented get_storage_at and set_storage_at on development chain interfaces
• may_revert and must_revert now accept str and int params directly
• optimized imports in cli module to speedup woke --version and click auto-completions
• implemented chain.set_next_block_timestamp
• implemented chain.mine_many
• implemented --incremental/--no-incremental compilation CLI options

Changes:

• reprlib is no longer used when printing call traces

Fixes:

• fixed multiple different compilation crashes (including incremental compilation & LSP server crashes)
• INVALID opcode is now properly handled when processing debug traces
• fixed woke test crashes caused by library ABI patching
• fixed selectors of library functions in pytypes
• solc error secondary locations are now provided in LSP diagnostics
• address ABI type is now properly handled when using Abi encode & decode functions
• documentation fixes
• fixed woke test auto-completions and passthrough mode for pytest
• fixed fuzzer non-determinism (the same random seed lead to different scenarios executed)
• fixed overflow-calldata-tuple-reencoding-bug detector infinite loop with functions returning functions
• fixed IR Assignment.assigned_variables handle FunctionCall returning assignable objects (structs, memory & storage pointers)
• fixed IR FunctionDefinition.canonical_name was not unique