A command line interface for the MythX smart contract security analysis API
Project description
A PythX-driven CLI for MythX
This package aims to provide a simple to use command line interface for the MythX smart contract security analysis API. It’s main purpose is to demonstrate how advanced features can be implemented using the PythX Python language bindings for MythX to simplify API interaction.
What is MythX?
MythX is a security analysis API that allows anyone to create purpose-built security tools for smart contract developers. Tools built on MythX integrate seamlessly into the development environments and continuous integration pipelines used throughout the Ethereum ecosystem.
Usage
$ mythx Usage: mythx [OPTIONS] COMMAND [ARGS]... Your CLI for interacting with https://mythx.io/ Options: --debug Provide additional debug output --api-key TEXT Your MythX API key from the dashboard --username TEXT Your MythX account's username --password TEXT Your MythX account's password --format [simple|json|json-pretty|table] The format to display the results in --ci Return exit code 1 if high-severity issue is found -y, --yes Do not prompt for any confirmations -o, --output TEXT Output file to write the results into -c, --config PATH YAML config file for default parameters --stdout Force printing to stdout --table-sort-key [line|title|severity|description] The column to sort the default table output by --help Show this message and exit. Commands: analysis Get information on running and finished analyses. analyze Analyze the given directory or arguments with MythX. group Create, modify, and view analysis groups. render Render an analysis job or group report as HTML. version Display API version information.
Installation
The MythX CLI runs on Python 3.6+, including 3.8 and pypy3.
To get started, simply run
$ pip3 install mythx-cli
Alternatively, clone the repository and run
$ pip3 install .
Or directly through Python’s setuptools
:
$ python3 setup.py install
- Free software: MIT license
- Documentation: https://mythx-cli.readthedocs.io.
History
0.6.23 (2022-04-07)
- Add compatibility fix for Scribble compilation artifacts processing (prior
eth-scribble@0.3.5
) - Fix
MarkupSafe
to 2.0.1 due to breaking changes (https://github.com/pallets/markupsafe/pull/261)
0.6.22 (2020-10-05)
- Catch AttributeError on faulty Truffle artifact schema
- Update
pytest
to 6.1.1 - Update
isort
to 5.5.4
0.6.21 (2020-09-18)
- Fix bug in render command analysis list pagination query
- Update
isort
to 5.5.2 - Update
pytest
to 6.0.2 - Update :code`coverage` to 5.3
0.6.20 (2020-09-05)
- Add table sort key parameter
- Fix bug where payloads were unnecessarily duplicated before filtering
- Improve custom rendering documentation
- Improve HTML/MD default template styles
- Refactor and speed up template rendering routines
- Add file-indexed formatting/rendering data structures
- Add Scribble middleware to support Solidity and Truffle
- Add Scribble JSON support for Solidity jobs
- Refactor Solidity payload job
- Add truffle payload context generation
- Remove deprecated Sonarqube formatter
- Update
py-solc-x
to 1.0.0 - Update
pytest
to 6.0.1 - Update
pytest-cov
to 2.10.1 - Update
coveralls
to 2.1.2 - Update
coverage
to 5.2.1 - Update
sphinx
to 3.2.1 - Update
isort
to 5.5.1 - Update
tox
to 3.20.0 - Update
watchdog
to 0.10.3 - Update
twine
to 3.2.0
0.6.19 (2020-06-23)
- Add
--stdout
flag to override YAML-definedoutput
0.6.18 (2020-06-16)
- Update
pythx
to 1.6.1 to fix validation errors
0.6.17 (2020-06-16)
- Add experimental Scribble integration for property validation
- Remove bytecode payload option due to lack of usage
- Require users to explicitly consent to analysis submission
- Add feature that allows users to force a certain analysis scenario
- Clean up code into payload-related job objects
- Fix issue where pypy7.1.1-beta0 doesn’t support PathLike in os.chdir
- Slim down Solidity file walking logic
- Refresh payload documentation
- Refactor payload-related tests
- Update
py-solc-x
to 0.9.0 - Update
sphinx
to 3.1.1 - Update
pytest-cov
to 2.10.0 - Update
tox
to 3.15.2
0.6.16 (2020-05-15)
- Whitelist OSX solc installations in
py-solc-x
- Update
bumpversion
to 0.6.0
0.6.15 (2020-05-12)
- Fix bug where payload path prefix trimming was incorrect
- Generate source list from Truffle artifact files
- Improve Solidity file walk performance
- Refactor payloads submodule
- Update
tox
to 3.15.0 - Update
pytest
to 5.4.2 - Update
py-solc-x
to 0.8.2
0.6.14 (2020-04-30)
- Fix bug where location offsets were incorrectly displayed in reports
- Fix bug where whitespace was incorrectly rendered in HTML reports
- Clean up HTML report layout template code
- Update
click
to 7.1.2
0.6.13 (2020-04-27)
- Add property verification flag docs
- Add property checking flag to analyze command
- Update
sphinx
to 3.0.3
0.6.12 (2020-04-20)
- Fix bug where new line characters were incorrectly sent on Windows OS
- Fix bug where group creation from config was not triggered
- Update
sphinx
to 3.0.2 - Update
coverage
to 5.1 - Update
Jinja
to 2.11.2
0.6.11 (2020-04-08)
- Use solc JSON stdin for compilation
- Update
sphinx
to 3.0.0 - Update
coveralls
to 2.0.0
0.6.10 (2020-04-03)
- Add
--api/--self
version command switch - Add explicit yaml config override feature
- Documentation updates
- Update
tox
to 3.14.6 - Update
py-solc-x
to 0.8.1
0.6.9 (2020-03-24)
Fix issue where request source list was malformed
0.6.8 (2020-03-23)
- Add support for
.mythx.yml
config files - Allow pwd definitions in solc import remappings
- Fix bug in Solidity file walking routine
- Add additional tox checks for documentation and formatting
0.6.7 (2020-03-19)
Fix issue where render templates were not correctly added to manifest.
0.6.6 (2020-03-19)
- Refactor commands into dedicated packages
- Fix bug where click commands were not picked up by autodoc
- Fix bug where
render
command log cluttered report stdout - Add support for upper case targets in
render
command - Add more verbose debug logging across package
0.6.5 (2020-03-17)
- Add optional contract name specification for Solidity files
- Revise usage and advanced usage docs for solc compilation
- Add
--remap-import
parameter for solc import remappings - Update
coverage
to 5.0.4
0.6.4 (2020-03-15)
- Add
--include
flag toanalyze
subcommand - Fix minor bug in package description content type definition
- Update
tox
to 3.14.5 - Update
sphinx
to 2.4.4 - Update
py-solc-x
to 0.8.0 - Update
click
to 7.1.1 - Update
pytest
5.4.1
0.6.3 (2020-02-15)
- Update
sphinx
to 2.4.1 - Improved Usage Guide documentation
- Added more verbose descriptions in Advanced Usage guide
- Add improved Python docstrings, enforce formatting
- Add more precise type hints across the code base
- Fix bug where Solidity payloads were truncated
- Add
mythx render --markdown
parameter for md reports - Add
rglob
blacklist to excludenode_modules
during .sol directory walks
0.6.2 (2020-02-08)
- Update
pytest
to 5.3.5 - Add
mythx render
subcommand for HTML report rendering - Various HTML template improvements
- Add
Jinja2
andhtmlmin
dependencies - Add documentation for custom template creation
- Add filtering of Solidity payloads without compiled code (e.g. interfaces)
0.6.0 & 0.6.1 (2020-01-29)
- Add unified reports (e.g.
json
output of multiple reports in a single JSON object) - Add SWC ID whitelist parameter to report filter
- Integrate report filters with
--ci
flag - Add advanced usage guide to documentation
- Improved messaging across CLI
- Update
pytest
to 5.3.4 - Improve test suite assertion diff display
0.5.3 (2020-01-16)
- Bump
py-solc-x
to 0.7.0
0.5.2 (2020-01-16)
- Fix merge release mistake (yeah, sorry.)
0.5.1 (2020-01-16)
- Add support for new modes (quick, standard, deep)
- Fix issue where Truffle address placeholders resulted in invalid bytecode
0.5.0 (2020-01-14)
- Add
--create-group
flag to analyze subcommand - Add privacy feature to truncate paths in submission
- Support Truffle projects as target directories
- Add SonarQube output format option
- Revamp usage documentation
- Update coverage to 5.0.3
- Update package details
0.4.1 (2020-01-03)
- Add batch directory submission feature
- Add a
--yes
flag to skip confirmation messages
0.4.0 (2020-01-02)
- Add
--output
flag to print to file - Refactor test suite
- Update coverage to 5.0.1
- Update Sphinx to 2.3.1
- Update tox to 3.14.3
0.3.0 (2019-12-16)
- Add links to MythX dashboard in formatters
- Add support for analysis groups
- Split up logic in subcommands (analysis and group)
- Add CI flag to return 1 on high-severity issues
- Add parameter to blacklist SWC IDs
- Fix bug where
--solc-version
parameter did not work - Refactor test suite
- Update pytest to 5.3.1
- Update Sphinx to 2.3.0
0.2.1 (2019-10-04)
- Update PythX to 1.3.2
0.2.0 (2019-10-04)
- Update PythX to 1.3.1
- Add tabular format option as new pretty default
- Update pytest to 5.2.0
- Various bugfixes
0.1.8 (2019-09-16)
- Update dependencies to account for new submodules
0.1.7 (2019-09-16)
- Update pythx from 1.2.4 to 1.2.5
- Clean stale imports, fix formatting issues
0.1.6 (2019-09-15)
- Improve CLI docstrings
- Add more formatter-related documentation
0.1.5 (2019-09-15)
- Add autodoc to Sphinx setup
- Add middleware for tool name field
- Enable pypy3 support
- Add more verbose documentation
- Allow username/password login
0.1.4 (2019-09-13)
- Fix Atom’s automatic Python import sorting (broke docs)
0.1.3 (2019-09-13)
- Fix faulty version generated by bumpversion
0.1.2 (2019-09-13)
- Fix bumpversion regex issue
0.1.1 (2019-09-13)
- Initial implementation
- Integrated Travis, PyUp, PyPI upload
0.1.0 (2019-08-31)
- First release on PyPI.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for mythx_cli-0.7.2-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 37632e0ae971b0704c7e0667065f0e8303d02af8cca24356f5087fd88514733a |
|
MD5 | c5c339961074b4c5845f909cafed6a71 |
|
BLAKE2-256 | ada4694a6833590a9dff8de2daf8c2a3205546e0f8cf6d764a8ec3b644b77770 |