tool working. SARIF 1st attempt

.github/actions/slither-action/entrypoint.sh

@@ -252,17 +252,20 @@ URLPREFIX="https://github.com/"
 PROJECTURL="$URLPREFIX$GITHUB_REPOSITORY/"
 
 
-###### TESTING #####
-echo "PROJECTSCOPE is $PROJECTSCOPE"
-echo "CONTRACTSPWD is $CONTRACTSPWD"
-echo "PROJECTURL is $PROJECTURL"
-echo "cat /tmp/scope.txt"
+###### Echo the parameters passed to the tool for debugging #####
+echo "################ START DEBUGGING INFORMATION ################"
+echo "Contracts' PWD is '$CONTRACTSPWD'"
+echo "Project Type is '$PROJECTSCOPE'. ('src' = Foundry | 'contracts' = Hardhat)"
+echo "Project URL is '$PROJECTURL'"
+echo "Contents of our scope.txt file:"
 cat /tmp/scope.txt
-###### TESTING #####
+echo "################ END DEBUGGING INFORMATION ################"
 
 
 ################## Run the tool ##################
 # trap "output_stdout" EXIT # Set a trap to call the output_stdout function when the script exits
 cd $TOOLPWD             # Move to 4naly3er folder (required to run it)
 yarn analyze $CONTRACTSPWD /tmp/scope.txt $PROJECTURL # Finally, run the tool
+echo "4naly3er analysis completed." # Results in report.md and report.sarif.json
+cp report.md report.sarif.json /tmp/ # Copy results to /tmp/ for SARIF ingestion
 exit 0 # Exit success

.github/workflows/slither.yml

@@ -24,13 +24,13 @@ jobs:
         uses: ./.github/actions/slither-action
         id: slither
         with:
-          sarif: results.sarif
+          sarif: /tmp/report.sarif.json
           fail-on: none
 
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: results.sarif
+          sarif_file: /tmp/report.sarif.json
 
 
 # Set GH_TOKEN permissions to be as restricted as possible