Note: Don't forget to check out preferences → Settings → Solidity Visual Developer
to customize features, look and feel.
- fix: includes parser performance optimizations with [email protected] (🙏 @vquelque)
- update: completely refactored function signature computation - #127
- fix: performance optimizations - #127
- new: command
solidity-va.tools.function.signatures.forWorkspace
to show all function signatures for files in the workspace - #127 - fix:
ftrace
error in cockpit view due to non-existent filepath being passed to surya - #127 - fix: draw.io/plantuml mistakenly named
receive()|fallback()
asconstructor
- #127 - fix: function signature extraction only returns
public|external
interfaces - #127 - fix: external function call list in cockpit view faile to resolve one-liner function declarations - #127
- fix: inheritance hover showing "object" instead of inherited contract name
- update: dependencies (solidity parser / solidity workspace)
- fix: constructor/fallback showing up as 'null' in cockpit
- fix: redecorate editor only if changes were detected (performance)
- fix: abort decoration if content hash not found in cache (keep current decoration if file is unparseable)
- fix: cockpit view for overridden functions (#138)
- fix: debounce onDidChange events (performance while typing)
- fix: find all references not working - #119
- fix: incompatibility with vscode update v1.72.0 - Extension "[...] has provided an invalid tree item." - #114
- new: optionally disable highlighting in the overview ruler - #115
-
fix: more consistent highlighting when clicking on an item in the cockpit ExternalCalls/PublicStatechanging views - #110
- clicking on a function name highlights the first line of the function instead of the full function block in the editor
- clicking on an external call/modifier highlights the invocation in the editor
-
fix: semantic highlighting for supercall and modifier arguments - #112 #117
- new: customize semantic highlighting mode #105 #108
color and symbol
- default (decorate + "arrow")color only
- only decorate identifiers declared in the function argument scopesymbol only
- only show an "arrow" next to an identifier declared in the function argument scope
- fix: uml - fix null-deref when parsing 'using-for *' #106 #107
- update: configurable trailing "arrow" for semantic function argument highlighting #104 #100
-
new: decorate/highlight immutable state vars () - #97 (thanks @RomiRand)
-
update: dependencies ([email protected])
-
new: configuration option to enable the
surya.mdreport
"negative Modifiers" feature, see surya#162- enabling
solidity-va.tools.surya.option.negModifiers
will list all modifiers observed in the file with the ones that are not being used with the listed method beingstriked-through
- enabling
Note that the report can be generated either via the report
codelense or by selecting files in the Solidity Visual Developer View → right-click → Surya: generate report
.
- fix: typos & links to placeholder[.]com - #93 #91 (thanks @almndbtr)
-
fix: type resolving and declaration link for inherited statevars
-
update: move language specific logic to a web compatible extension
- https://github.com/tintinweb/vscode-solidity-language (https://marketplace.visualstudio.com/items?itemName=tintinweb.vscode-solidity-language)
- The language ships with three security centered Color Themes that can be selected from the Solidity Language & Themes (only) extension page or
Code → Preferences → Color Themes
-
update: support for latest solidity parser (extension + surya) #84
-
new: 🥳 major parser refactoring #67 and we published the parser as standalone lib "solidity-workspace"
-
new:
⚠️ annotations for potential external calls (yellow gutter icon)- best effort - might miss some external calls depending on whether it is possible to easily resolve them (e.g. accessing addresses in nested structures/mappings).
-
new: cockpit view that lists external calls in the currently selected contract (click into a contract in the editor for the view to update)
-
new: we can now resolve inherited names (hover: declaration link)
-
new: we now decorate identifiers that are storage references (treating them like state-vars)
-
new: unit-test stub/template for Hardhat/Ethers #70 (
preferences → Settings → Solidity Visual Developer: solidity-va.test.defaultUnittestTemplate
) -
new: (debug) option to enable/disable stacktraces for parser errors (
preferences → Settings → Solidity Visual Developer: solidity-va.debug
) -
new: show codelenses (inline actions) for abstract contracts
-
new: customize which codelenses to show or hide (
preferences → Settings → Solidity Visual Developer: solidity-va.codelens.*
) #76 -
new: expose new command
solidity-va.surya.graphThis
#76 -
new: use internal ("dumb" lexical) flattener by default. Optionally allow to select
truffle-flattener
(preferences → Settings → Solidity Visual Developer: solidity-va.flatten.mode
) -
update: enable
draw.io csv export
codelens by default -
fix: misplaced decoration when document changes
-
fix: function selector is incorrect if there's a comment in the function signature definition #68
-
update: code cleanup; refactored decoration logic and moved it to its own submodule
Maintenance release until v0.1.0 is ready.
- new: graphviz view titles were adjusted
- fix: vscode API adjustments ("crippled" events): "Cannot read property length of 'undefined'"
- fix: check if statevar highlighting is enabled - #73
- update: solidity parser to 0.12.2
Happy new year 👪🌃🥂🎇!
- new: allow to disable the "find references" provider
preferences → Settings → Solidity Visual Developer: solidity-va.findAllReferences.enable
- in case another extension implements a better provider someday :)
- new: experimental draw.io uml export to support your threat modelling needs (you're going to ❤ this!)
- disabled by default
preferences → Settings → Solidity Visual Developer: solidity-va.codelens.drawio.enable
- fix: function signature generation for
AbiEncoderV2
functions that declare custom types- for now this falls back to assume every custom type is an
address
. needs some love if this feature is actually being used.
- for now this falls back to assume every custom type is an
- refactor: modular uml export
- refactor: improved syntax highlighting / decoration performance
- only decorates when needed, avoid double decoration
- should fix or make it unlikely that decorations are being applied to the wrong editor - fixes #12
- update: dependencies
- surya
- solidity parser
- keccak
- new: We've finally implemented support for
Right Click → Find All References
for solidity source files! - update: dependencies surya / solidity parser
- sort top level contracts list by filename
- fix: VSCode-Error: Proposed API is only available when running out of dev or with the following command line switch... #59
-
new: integration with tintinweb.vscode-ethover
- ethereum address hover
- open address in etherscan, fetch bytecode, verified contract
- disassemble or decompile bytecode
- registers
.evmtrace
and.evm
language handlers to decorate disassemblies or bytecode - customizations/ApiKey: see settings
-
update:
surya
to0.4.1-dev.2
- rebirth:
Solidity Visual Auditor
is nowSolidity Visual Developer
🎉 - new: Ethereum Address hover commands. Hover over an ethereum account address to:
open
the account on etherscan.io- show the contract
code
- show the
VerifiedContract
source code decompile
the byte-code. requires vscode-decompiler
- new: support for solidity
0.6.x
via #53 - new:
cockpit → Workspace: Explorer → Surya: Contract interaction graph
akasurya.graphSimple
#49
- updated: surya to 0.4.0 #49
- updated:
solidity-parser-diligence
to community maintained@solidity-parser/parser
#53
- updated: breaking interface with
[email protected]
: the render command was renamed frominteractive-graphviz.preview.beside
tographviz-interactive-preview.preview.beside
- new: Solidity Visual Auditor Cockpit panel additions
- Context: show function call trace when clicking into a contract method in the editor
- Flatfiles: List flat files produced by the extension (matches:
**/flat_*.sol
)
- updated: surya (fixed multiple issues when parsing certain smart contracts with
usingFor
statements)
- new: Update notifications have arrived!
- updated: solidity parser and surya
- new: 🔥 Solidity Visual Auditor Cockpit panel
- Workspace Explorer
- Quick-access to extension settings
- Find Top Level Contracts
- Keep track of flattened files
- List public state-changing methods from the current contract
- Show the function call trace for the current method
- update: solidity parser, surya (#41 #42)
- fix: linter warnings (#40)
- fix: configuration changes now take effect immediately (#43)
- fix: Support VSCode for Windows (#38, #35)
- fix: UML arrows (#34)
- code cleanup (#39)
- allow extension to run on unsaved files/editors (some functionality will not work on unsaved files, e.g.
surya
calls)
- new: released
@audit-tags
as a general purpose extension named Inline Bookmarks.- obsoletes:
Solidity-va.audit.tags.enable
... enable/disable audit tags
- obsoletes:
- split up extension dependencies in hard and soft requirements
- new: extensionPack - this extension now automatically installs soft dependencies. You can uninstall them at any point in time.
- (optional) Solidity Flattener
- (optional) PlantUML
- (optional) Inline Bookmarks
- updated: extensionDependencies
- (required) Interactive Graphviz
- new: extensionPack - this extension now automatically installs soft dependencies. You can uninstall them at any point in time.
- new: constant values that are not symbols are now shown in hover message
- fix: hover message - jump to declaration now works on MacOS
- fix: function signature output shows 🔥 even though there are no collisions
- new: UML diagrams just arrived 🎉! auto-generate uml for source-units or contracts.
- new: codelense next to functions to generate sighash.
- fix: function signature hashes are now generated for all functions (even internal ones, just ignore them for now :)). Canonicalization of types before calculating hashes #27.
- new: alert on function sighash collision within the same contract.
- new: AST parser now keeps track of
usingFor
's
- new: audit-tags: new
@audit-issue
and@audit-info
to add informational notes or references to files issues (#23) - update: contract flattener changed from
flaterra
totruffle-flattener
(vscode-solidity-flattener) - new: theme - Solidity Visual auditor light - the vscode standard light theme with visual auditor highlighting (#25)
- fix: enable graph rendering by default
- fix: codelenses are sometimes missing (graph)
- update to latest surya release. (known issue: ftrace might fail right now and will be fixed with a subsequent release)
- awesome dark themed call graph.
- awesome interactive graphs vscode-interactive-graphviz
-
feature: 💒🤵👰 vscode-solidity-auditor ⚭ surya by Gonçalo Sá
-
feature: codelens (inline code actions)
-
file
- surya - graph
- surya - generate report
- surya - inheritance
- surya - parse file (show AST)
- flatten sourceUnit using flaterra
- surya - graph
-
contracts
-
functions
-
-
feature: command - suggest top level contracts aka "entrypoint contracts" (most derived)
-
feature: command - flatten current (codelens) or all suggested top level contracts (command)
-
feature: command - list all function signatures (human readable or json format)
-
feature: command - open remix in external browser
-
Note: to enable graphviz dot previews install one of the following vscode extensions: graphviz-preview or vscode-graphviz
-
Note: to enable markdown previews install the following extension markdown-preview-enhanced
-
feature: vscode.command to generate a unittest stub for the current contract (
cmd
+shift
+p
->Solidity Visual Auditor: create Unittest stub for current Contract
)
-
feature: alert when using reserved names as identifiers
-
handle cancellationRequests (avoid piling up analysis runs or having them run in parallel)
-
fix error for functions with anonymous arguments
-
fix highlighting of statevars in modifiers (and detect shadowing)
-
fix class inheritance in outline missing dependencies of dependencies
-
fix hover being applied to comments
-
rework cdili issue import handling (performance improvements)
-
fix cdili issue import only importing one issue per file
-
async functions
- refactored folder structure
- bug: check if source-file is actually a solidity file on-change
- feature: semantic function argument highlighting
- feature: audit tags (
//@audit - potential overflow
,//@audit-ok - potential overflow - false positive
) - feature: automatically import diagnostic issues from external scanners using
cdili-issue.json
format
- proper parsing of imports
- linearization of inheritance
- highlighting of inherited statevars/methods with location
- outline view now shows pragmas/imports and inheritance
- more annotations for outline view
- added solidity parser
- added support for stateVar tracking
- added SymbolProvider to populate outline
- minor style fixes
- added support for inline comments in method heads (e.g. modifier calls). for all the crazy devs out there.
- added light theme
- first alpha