truffle-analyze/lib/trufstuf.js

Add vulnerability and weakness analysis via the MythX

// Truffle related code.
'use strict';

const fs = require('fs');
const path = require('path');
const util = require('util');

const readdir = util.promisify(fs.readdir);


/**
 * Scans Truffle smart contracts build directory and returns 
 * array of paths to smart contract build JSON files.
 * 
 * @param {string} directory - path to truffle smart contracts build directory. {
 * @returns {Array<string>} - list of JSON files.
 */
const getTruffleBuildJsonFiles = async function(directory) {
    const files = await readdir(directory);
    const filteredFiles = files.filter(f => f !== 'Migrations.json');
    const filePaths = filteredFiles.map(f => path.join(directory, f));
    return filePaths;
};


/**
 * Extracts path to solidity file from smart contract build object 
 * found in json files in truffle build directories.
 * 
 * Build objects have property "sourcePath".
 * For simplicity and readabilty build object is destructured and 
 * "sourcePath" property extracted to output directly.
 * 
 * @param {Object} param - Smart contract build object,
 * @returns {String} - Absolute path to solidity file. 
 */
const getSolidityFileFromJson = ({ sourcePath }) => sourcePath;


module.exports = {
    getTruffleBuildJsonFiles,
    getSolidityFileFromJson,
};