-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Contract tests #5
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure what you mean by "build the tests in the background", sorry. Build what exactly? There is also a really helpful --watch
flag that watches for file changes and then re-runs tests for you. I use this a lot when writing tests. See the scripts in oracle-monitor
's package.json for some examples I've used.
I'm not sure about that error either unfortunately. I guess if it's not causing anything to break, then it's probably fine to ignore. It looks like it could be related to many things and is hard to pinpoint. Things like your Node version, the Solidity version, your environment etc. I'll try hop onto this branch shortly and see if I get the same.
"@types/node": "^14.0.12", | ||
"truffle": "^5.1.30", | ||
"ethers": "^4.0.47", | ||
"ethers": "^5.0.2", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we'll probably want to extract common dependencies to the root package.json to avoid having to maintain duplicate entries. That would mean most of the deps here would be moved up. Only things like ganache-core
would remain.
It may even make sense to just move all dependencies to the root package.json. I'm not sure yet
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
extract common dependencies to the root package.json
That sounds good if it's not going to mess with Serverless.
It may even make sense to just move all dependencies to the root package.json
This may cause unused dependencies to float around because it's difficult to tell if they are being used in one of the leaf packages
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think it should mess with serverless, but we'll have to see. lerna is still new to me.
Ok let's keep specific dependencies in the package's package.json
packages/contracts/package.json
Outdated
"lint-staged": "^10.2.9", | ||
"prettier": "^2.0.5", | ||
"truffle": "^5.1.30", | ||
"ts-jest": "^26.1.0", | ||
"typescript": "^3.9.5" | ||
}, | ||
"lint-staged": { | ||
"*.{js,ts}": [ | ||
"npm run prettify", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should add linting and static analysis tools for our solidity contracts.
I know that Chainlink uses solhint. Here is a list I found from a quick google search that looks quite good. I have no idea which tools are still maintained though. They are probably even more tools out there
https://consensys.github.io/smart-contract-best-practices/security_tools/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like to put these kinds of tools on the strictest settings and then disable rules I don't like/agree with as needed. This is just my preference though and I know that quite a lot of people get annoyed by having lots of linting errors getting in their way lol.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right, I'll set that up
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some of these tools look really good.
https://github.com/trailofbits/manticore
https://github.com/crytic/slither
https://github.com/crytic/echidna
https://github.com/ConsenSys/mythril
https://github.com/melonproject/oyente
https://github.com/pventuzelo/octopus
I imagine that there's a lot of overlap between them but I guess that running a few couldn't hurt? I'm especially a fan of fuzz testing tools
I mean the tests are written in TS, but they have no |
I guess that |
I get the same error when running the tests 🤷♂️
|
Set up Jest and wrote an example test (only JS for now). I have some noob questions. Also recommend improvements where you see them.
Does jest (or ts-jest) automatically build the tests for us in the background at the start of each test?
I'm getting
when I run the test but everything seems to work fine. Is this error familiar to you?