feat(ci): create report for slither analysis

.github/workflows/slither.yml

@@ -1,43 +1,30 @@
-# name: Slither Analysis
-
-# on:
-#   push: {}
-#   workflow_dispatch: {}
-
-# jobs:
-#   analyze:
-#     runs-on: ubuntu-latest
-#     steps:
-#       - uses: actions/checkout@v4
-#         with:
-#           submodules: recursive
-
-#       - name: Install Foundry
-#         uses: foundry-rs/foundry-toolchain@v1
-#         with:
-#           version: nightly
-
-#       - name: Install Solc-Select
-#         run: |
-#           pip3 install solc-select
-#         id: install
-
-#       - name: Install Slither
-#         run: |
-#           pip3 install slither-analyzer
-#           solc-select use 0.8.18 --always-install
-#         id: setup
-
-#       - name: Run Slither
-#         run: |
-#           slither .
-#         id: Analyze
-
 name: Slither Analysis
+
 on: [push]
+
 jobs:
   analyze:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: crytic/slither-action@v0.3.1
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Run Slither
+        uses: crytic/slither-action@v0.3.1
+        id: slither
+        with:
+          node-version: 16
+          fail-on: medium
+          slither-args: --checklist --markdown-root ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}/
+
+      - name: Create/update checklist as PR comment
+        uses: actions/github-script@v7
+        if: github.event_name == 'pull_request'
+        env:
+          REPORT: ${{ steps.slither.outputs.stdout }}
+        with:
+          script: |
+            const script = require('.github/scripts/comment')
+            const header = '# Slither report'
+            const body = process.env.REPORT
+            await script({ github, context, header, body })