mythx_cli package

Subpackages

• mythx_cli.formatter package
  • mythx_cli.formatter.base
  • mythx_cli.formatter.json
  • mythx_cli.formatter.simple_stdout
  • mythx_cli.formatter.tabular
  • mythx_cli.formatter.util
• mythx_cli.payload package
  • mythx_cli.payload.bytecode
  • mythx_cli.payload.solidity
  • mythx_cli.payload.truffle

mythx_cli.cli

The main runtime of the MythX CLI.

class mythx_cli.cli.APIErrorCatcherGroup(name=None, commands=None, **attrs)

Bases: click.core.Group

A custom click group to catch API-related errors.

This custom Group implementation catches MythXAPIError exceptions, which get raised when the API returns a non-200 status code. It is used to notify the user about the error that happened instead of triggering an uncaught exception traceback.

It is given to the main CLI entrypoint and propagated to all subcommands.

mythx_cli.cli.find_solidity_files(project_dir: str) → Optional[List[str]]

Return all Solidity files in the given directory.

This will match all files with the .sol extension.

Parameters:project_dir – The directory to search in Returns:Solidity files in project_dir or None

mythx_cli.cli.find_truffle_artifacts(project_dir: Union[str, pathlib.Path]) → Optional[List[str]]

Look for a Truffle build folder and return all relevant JSON artifacts.

This function will skip the Migrations.json file and return all other files under <project-dir>/build/contracts/. If no files were found, None is returned.

Parameters:project_dir – The base directory of the Truffle project Returns:Files under <project-dir>/build/contracts/ or None

mythx_cli.cli.get_analysis_info(client, uuid: str, min_severity: Optional[str], swc_blacklist: Optional[List[str]], swc_whitelist: Optional[List[str]]) → Tuple[mythx_models.response.analysis_status.AnalysisStatusResponse, mythx_models.response.detected_issues.DetectedIssuesResponse, mythx_models.response.analysis_input.AnalysisInputResponse]

Fetch information related to the specified analysis job UUID.

Given a UUID, this function will query the MythX API for the analysis status, the analysis’ input data, and the issue report. Furthermore, filtering parameters can be passed to remove certain SWCs or severities from the returned report.

mythx_cli.cli.is_valid_job(job) → bool

Detect interface contracts.

This utility function is used to detect interface contracts in solc and Truffle artifacts. This is done by checking whether any bytecode or source maps are to be found in the speficied job. This check is performed after the payload has been assembled to cover Truffle and Solidity analysis jobs.

Parameters:job – The payload to perform the check on Returns:True if the submitted job is for an interface, False otherwise

mythx_cli.cli.sanitize_paths(job: Dict) → Dict

Remove the common prefix from paths.

This method takes a job payload, iterates through all paths, and removes all their common prefixes. This is an effort to only submit information on a need-to-know basis to MythX. Unless it’s to distinguish between files, the API does not need to know the absolute path of a file. This may even leak user information and should be removed.

If a common prefix cannot be found (e.g. if there is just one element in the source list), the relative path from the current working directory will be returned.

This concerns the following fields: - sources - AST absolute path - legacy AST absolute path - source list - main source

Parameters:job – The payload to sanitize Returns:The sanitized job

mythx_cli.cli.walk_solidity_files(ctx, solc_version: str, base_path: Optional[str] = None, remappings: Tuple[str] = None) → List[Dict]

Aggregate all Solidity files in the given base path.

Given a base path, this function will recursively walk through the filesystem and aggregate all Solidity files it comes across. The resulting job list will contain all the Solidity payloads (optionally compiled), ready for submission.

Parameters:

• ctx –
  param ctx:Click context holding group-level parameters
• solc_version – The solc version to use for Solidity compilation
• base_path – The base path to walk through from
• remappings – Import remappings to pass to solcx

Returns:

mythx_cli.cli.write_or_print(ctx, data: str, mode='a+') → None

Depending on the context, write the given content to stdout or a given file.

Parameters:

• ctx – Click context holding group-level parameters
• data – The data to print or write to a file
• mode – The mode to open the file in (if file output enabled)

Returns: