mythx-cli 0.6.8

A command line interface for the MythX smart contract security analysis API

A PythX-driven CLI for MythX

This package aims to provide a simple to use command line interface for the MythX smart contract security analysis API. It’s main purpose is to demonstrate how advanced features can be implemented using the PythX Python language bindings for MythX to simplify API interaction.

What is MythX?

MythX is a security analysis API that allows anyone to create purpose-built security tools for smart contract developers. Tools built on MythX integrate seamlessly into the development environments and continuous integration pipelines used throughout the Ethereum ecosystem.

Usage

$ mythx
Usage: mythx [OPTIONS] COMMAND [ARGS]...

  Your CLI for interacting with https://mythx.io/

Options:
  --debug                         Provide additional debug output
  --api-key TEXT                  Your MythX API key from the dashboard
  --username TEXT                 Your MythX account's username
  --password TEXT                 Your MythX account's password
  --format [simple|json|json-pretty|table]
                                  The format to display the results in
                                  [default: table]
  --ci                            Return exit code 1 if high-severity issue is
                                  found
  -y, --yes                       Do not prompt for any confirmations
  -o, --output TEXT               Output file to write the results into
  --help                          Show this message and exit.

Commands:
  analysis  Get information on running and finished analyses.
  analyze   Analyze the given directory or arguments with MythX.
  group     Create, modify, and view analysis groups.
  render    Render an analysis job or group report as HTML.
  version   Display API version information.

Installation

The MythX CLI runs on Python 3.6+, including 3.8 and pypy3.

To get started, simply run

$ pip3 install mythx-cli

Alternatively, clone the repository and run

$ pip3 install .

Or directly through Python’s setuptools:

$ python3 setup.py install

• Free software: MIT license

• Documentation: https://mythx-cli.readthedocs.io.

History

0.6.7 (2020-03-19)

Fix issue where render templates were not correctly added to manifest.

0.6.6 (2020-03-19)

• Refactor commands into dedicated packages

• Fix bug where click commands were not picked up by autodoc

• Fix bug where render command log cluttered report stdout

• Add support for upper case targets in render command

• Add more verbose debug logging across package

0.6.5 (2020-03-17)

• Add optional contract name specification for Solidity files

• Revise usage and advanced usage docs for solc compilation

• Add --remap-import parameter for solc import remappings

• Update coverage to 5.0.4

0.6.4 (2020-03-15)

• Add --include flag to analyze subcommand

• Fix minor bug in package description content type definition

• Update tox to 3.14.5

• Update sphinx to 2.4.4

• Update py-solc-x to 0.8.0

• Update click to 7.1.1

• Update pytest 5.4.1

0.6.3 (2020-02-15)

• Update sphinx to 2.4.1

• Improved Usage Guide documentation

• Added more verbose descriptions in Advanced Usage guide

• Add improved Python docstrings, enforce formatting

• Add more precise type hints across the code base

• Fix bug where Solidity payloads were truncated

• Add mythx render --markdown parameter for md reports

• Add rglob blacklist to exclude node_modules during .sol directory walks

0.6.2 (2020-02-08)

• Update pytest to 5.3.5

• Add mythx render subcommand for HTML report rendering

• Various HTML template improvements

• Add Jinja2 and htmlmin dependencies

• Add documentation for custom template creation

• Add filtering of Solidity payloads without compiled code (e.g. interfaces)

0.6.0 & 0.6.1 (2020-01-29)

• Add unified reports (e.g. json output of multiple reports in a single JSON object)

• Add SWC ID whitelist parameter to report filter

• Integrate report filters with --ci flag

• Add advanced usage guide to documentation

• Improved messaging across CLI

• Update pytest to 5.3.4

• Improve test suite assertion diff display

0.5.3 (2020-01-16)

• Bump py-solc-x to 0.7.0

0.5.2 (2020-01-16)

• Fix merge release mistake (yeah, sorry.)

0.5.1 (2020-01-16)

• Add support for new modes (quick, standard, deep)

• Fix issue where Truffle address placeholders resulted in invalid bytecode

0.5.0 (2020-01-14)

• Add --create-group flag to analyze subcommand

• Add privacy feature to truncate paths in submission

• Support Truffle projects as target directories

• Add SonarQube output format option

• Revamp usage documentation

• Update coverage to 5.0.3

• Update package details

0.4.1 (2020-01-03)

• Add batch directory submission feature

• Add a --yes flag to skip confirmation messages

0.4.0 (2020-01-02)

• Add --output flag to print to file

• Refactor test suite

• Update coverage to 5.0.1

• Update Sphinx to 2.3.1

• Update tox to 3.14.3

0.3.0 (2019-12-16)

• Add links to MythX dashboard in formatters

• Add support for analysis groups

• Split up logic in subcommands (analysis and group)

• Add CI flag to return 1 on high-severity issues

• Add parameter to blacklist SWC IDs

• Fix bug where --solc-version parameter did not work

• Refactor test suite

• Update pytest to 5.3.1

• Update Sphinx to 2.3.0

0.2.1 (2019-10-04)

• Update PythX to 1.3.2

0.2.0 (2019-10-04)

• Update PythX to 1.3.1

• Add tabular format option as new pretty default

• Update pytest to 5.2.0

• Various bugfixes

0.1.8 (2019-09-16)

• Update dependencies to account for new submodules

0.1.7 (2019-09-16)

• Update pythx from 1.2.4 to 1.2.5

• Clean stale imports, fix formatting issues

0.1.6 (2019-09-15)

• Improve CLI docstrings

• Add more formatter-related documentation

0.1.5 (2019-09-15)

• Add autodoc to Sphinx setup

• Add middleware for tool name field

• Enable pypy3 support

• Add more verbose documentation

• Allow username/password login

0.1.4 (2019-09-13)

• Fix Atom’s automatic Python import sorting (broke docs)

0.1.3 (2019-09-13)

• Fix faulty version generated by bumpversion

0.1.2 (2019-09-13)

• Fix bumpversion regex issue

0.1.1 (2019-09-13)

• Initial implementation

• Integrated Travis, PyUp, PyPI upload

0.1.0 (2019-08-31)

• First release on PyPI.