-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #47 from ConsenSys/fix/replace-pythx-cli
Replace PythX entry, add new CLI and Brownie
- Loading branch information
Showing
10 changed files
with
228 additions
and
203 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
.. _tools.brownie: | ||
|
||
Brownie | ||
======= | ||
|
||
Brownie is a Python framework for Ethereum smart contract testing, | ||
interaction and deployment. | ||
|
||
* **Testing**: Unit test your project with ``pytest``, and evaluate test | ||
coverage through stack trace analysis. We make *no promises*. | ||
* **Debugging**: Get detailed information when a transaction reverts, to | ||
help you locate and solve the issue quickly. | ||
* **Interaction**: Write scripts or use the console to interact with your | ||
contracts on the main-net, or for quick testing in a local environment. | ||
* **Deployment**: Automate the deployment of many contracts onto the | ||
blockchain, and any transactions needed to initialize or integrate the | ||
contracts. | ||
|
||
|
||
Scanning for Security Vulnerabilities | ||
------------------------------------- | ||
|
||
To prevent vulnerabilities from being introduced to the code base, Brownie | ||
includes a plugin that integrates automated security scans using the MythX | ||
analysis API. Simply run :code:`brownie analyze` on your compiled project | ||
directory. This will send the compiled build artifacts to MythX for | ||
analysis. By default no login is required and the analysis is going to be | ||
executed as a trial user. To access more vulnerability information, register | ||
for free on the MythX website and pass your login data via environment | ||
variables or command line arguments. | ||
|
||
.. code-block:: | ||
Brownie v1.0.0b12 - Python development framework for Ethereum | ||
Usage: brownie analyze [options] [--async | --interval=<sec>] | ||
Options: | ||
--gui Launch the Brownie GUI after analysis | ||
--full Perform a full scan (MythX Pro required) | ||
--interval=<sec> Result polling interval in seconds [default: 3] | ||
--async Do not poll for results, print job IDs and exit | ||
--access-token The JWT access token from the MythX dashboard | ||
--eth-address The address of your MythX account | ||
--password The password of your MythX account | ||
--help -h Display this message | ||
Use the analyze command to submit your project to the MythX API for smart | ||
contract security analysis. | ||
To authenticate with the MythX API, it is recommended that you provide | ||
the MythX JWT access token. It can be obtained on the MythX dashboard | ||
site in the profile section. They should be passed through the environment | ||
variable "MYTHX_ACCESS_TOKEN". If that is not possible, it can also be | ||
passed explicitly with the respective command line option. | ||
Alternatively, you have to provide a username/password combination. It | ||
is recommended to pass them through the environment variables as | ||
"MYTHX_ETH_ADDRESS" and "MYTHX_PASSWORD". | ||
You can also choose to not authenticate and submit your analyses as a free | ||
trial user. No registration required! To see your past analyses, get access | ||
to deeper vulnerability detection, and a neat dashboard, register at | ||
https://mythx.io/. Any questions? Hit up dominik.muhs@consensys.net or contact | ||
us on the website! | ||
Once the analysis is done, the vulnerabilities are stored in the | ||
:code:`reports/` directory. With :code:`brownie analyze --gui` the GUI can | ||
be started automatically once the analysis has finished. | ||
|
||
.. image:: gui.png | ||
:alt: Security Report GUI | ||
|
||
.. note:: | ||
Head to the `Brownie documentation <https://eth-brownie.readthedocs.io/>`_ | ||
to get more information on how to use it in your smart contract | ||
development workflow! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
.. _tools.mythx-cli: | ||
|
||
========= | ||
MythX CLI | ||
========= | ||
|
||
The `MythX CLI <https://github.com/dmuhs/mythx-cli/>`_ Python package aims to | ||
provide a simple to use command line interface for the MythX API. It's main | ||
purpose is to demonstrate how advanced features can be implemented using the | ||
`PythX <https://github.com/dmuhs/pythx/>`_ Python language bindings for MythX | ||
to simplify API interaction. | ||
|
||
|
||
Usage | ||
----- | ||
|
||
.. code-block:: console | ||
$ mythx | ||
Usage: mythx [OPTIONS] COMMAND [ARGS]... | ||
Your CLI for interacting with https://mythx.io/ | ||
Options: | ||
--debug / --no-debug Provide additional debug output | ||
--access-token TEXT Your access token generated from the MythX | ||
dashboard | ||
--eth-address TEXT Your MythX account's Ethereum address | ||
--password TEXT Your MythX account's password as set in the | ||
dashboard | ||
--format [simple|json|json-pretty] | ||
The format to display the results in | ||
--help Show this message and exit. | ||
Commands: | ||
analyze Analyze the given directory or arguments with MythX. | ||
list Get a list of submitted analyses. | ||
report Fetch the report for a single or multiple job UUIDs. | ||
status Get the status of an already submitted analysis. | ||
version Display API version information. | ||
Installation | ||
------------ | ||
|
||
The MythX CLI runs on Python 3.6+, including 3.8-dev and pypy. | ||
|
||
To get started, simply run | ||
|
||
.. code-block:: console | ||
$ pip install mythx-cli | ||
Advanced Usage | ||
-------------- | ||
|
||
For in-depth details on how to use the MythX CLI, alternative ways to install | ||
it, as well as helpful documentation about authentication, analyzing complex | ||
projects and more, head over to the | ||
`MythX CLI documentation <https://mythx-cli.readthedocs.io>`_. | ||
|
||
|
||
The MythX CLI project is MIT-licensed and contributions are always welcome! | ||
For more information on how to get involved, check out our | ||
`Contribution guidelines <https://mythx-cli.readthedocs.io/en/latest/contributing.html>`_. | ||
|
||
|
||
Useful Links | ||
------------ | ||
|
||
.. list-table:: | ||
|
||
* - Github repository | ||
- https://github.com/dmuhs/mythx-cli/ | ||
* - Documentation | ||
- https://mythx-cli.readthedocs.io/ | ||
* - Python Package Index | ||
- https://pypi.org/project/mythx-cli/ | ||
* - Current CI builds | ||
- https://travis-ci.org/dmuhs/mythx-cli/ | ||
* - Test coverage | ||
- https://coveralls.io/github/dmuhs/mythx-cli |
Oops, something went wrong.