Skip to content

Advanced usage

Jump to bottom
forefy edited this page Feb 17, 2024 · 15 revisions

eBurger outputs

eburger
tree

.
├── .eburger                                   # Extended outputs directory
│   └── <analysis_name>.json                   # Project's AST in JSON format
│   └── eburger_output_<analysis_name>.json.   # Insights from templates, other metadata
├── eburger-output.<json/sarif/md>             # Insights from templates, only generated if insights were found

Advanced compilation targets

eBurger will try to install the correct solidity version and compile the code for you. If certain framework files are present in the path (like foundry.toml), eburger will try to install and use the native CLI tooling for the project.

Analyze from a JSON AST

If the framework is not yet supported, or the project is written in an exotic way, eburger can still analyze the codebase as long as you can find a way to generate the Solidity AST in a JSON format.

Once you have a JSON AST, eburger will continue to run all the templates as usual.

eburger --ast contract_ast.json

Solc remappings

Usually when the framework is used compiler remappings are already preconfigured. If you encounter stand alone files or an unsupported framework, this will try to compile the solidity files inside ProjectToScan using solc directly, as well as specifying remappings.

eburger -f ../ProjectToScan/src/ -r @openzeppelin/=../ProjectToScan/lib/openzeppelin-contracts/

If you found a contract you couldn't run eburger on, open an issue ‼️ we'll happily try it for you!

Generics

Loading specific templates

Default templates are loaded from the installed python package, but you can load your own templates from anywhere

eburger -t my_templates/ -f MyContract/

Or patterns

eburger -t missing*.yaml -f MyContract/

Or specific files

eburger -t template_1.yaml template_2.yaml -f MyContract/

Filtering noise

There are varying log levels available:

success error warning info debug insights

You can hide certain log levels like so:

eburger --no info warning

The only exception is the "debug", that will only be shown if specified as an argument.

Only count NSLOC

The NSLOC module can print code lines of the contract, excluding empty lines, comments, test/script folders, certain 3rd parties and more.

NSLOC can be found in the eburger-output.json file.

If you want to only print the nsloc and skip the analysis:

eburger -f ../MyContract --nsloc

+------------------------------------------------------+------+------+-------+---------+
|                     Source files                     | Code | Docs | Empty | Strings |
+------------------------------------------------------+------+------+-------+---------+
|   /Users/test/Desktop/MyContract/src/MyToken.sol     |  8   |  1   |   7   |    0    |
| /Users/test/Desktop/MyContract/src/VaultFactory.sol  |  9   |  1   |   6   |    0    |
|    /Users/test/Desktop/MyContract/src/Vault.sol      |  56  |  26  |   32  |    0    |
|                                                      |      |      |       |         |
|                    Total 3 files                     |  73  |  28  |   45  |    0    |
+------------------------------------------------------+------+------+-------+---------+
Clone this wiki locally