TestMachine CLI
The command-line interface to the TestMachine blockchain security system.
Summary
Testmachine is a tool for identitying and reporting vulnerabilities on Solidity smart contracts, with the goal of making code more consistent and avoiding bugs.
About the project
This is an npm project implemented on typescript and it has the following folder structure:
src
utils
List of helpers used to either generate formatted output for the console or generate useful ids
File Description getSpinner.ts Generates a console spinner given a text getUniqueId.ts Generates a unique Id for repositories when no name was specified on creation handleError.ts Format and prints a given error getDirectoryFiles.ts Get the list of files of a directory config
Api and Cli configurations
File Description api.ts Defines and export an object to interact with testmachine api config.ts Set some constants that will be used along the project handlers
Functions to list, get and create object by interacting with the API
File Description analyses.ts Handle interactions with the api to list and get analysis repositories.ts Handle interactions with the api to list and create repositories snapshots.ts Handle interactions with the api to list, create or analyze snapshots
test
Folder where eventually will be tests for the cli
IDE Extensions
Install the following IDE extensions to help lint & format code while writing
- EditorConfig for VS Code
- ESLint
- Prettier
Setup
- Node > 18.0.0
- Npm > 8.6.0
Run $ npm i to install dependencies and $ npm run build to build the project
How To
Access and run cli commands
There are a few ways of running cli commands after built:
- run
$node ./build/index.js --token <token>followed by any available command (requires to rebuild after every change). - run
$tsx ./src/index.ts --token <token>followed by any available command. - run
$npm run execute -- --token <token>followed by any available command.
where <token> is the api token got from the API.
Note: In the following sections, it is assumed that tm is an alias or symbolic link set for the cli.
Create a repository
Run the following command:
tm repo create [--name <name>]
where --name is an optional argument to set a customized name for the repository
List repositories
Run the following command:
tm repo list
List snapshots
Run the following command:
tm snapshot list --repo-id <id>
where --repo-id is the repository which snapshots will be queried
Create a snapshot
Run the following command:
tm snapshot create --repo-id <id> --file <path/to/files-to-upload>
where:
-
--repo-idis the repository for which the snapshot will be created -
--fileis selects a folder or a file to upload to the snapshot source tree
Create a snapshot and analyze it inmediately
Run the following command:
tm snapshot create-analyze --repo-id <id> --file <path/to/files-to-upload>
where:
-
--repo-idis the repository for which the snapshot will be created -
--fileis selects a folder or a file to upload to the snapshot source tree
This command is useful when using the CLI from an automated process where the repository id is fixed/known (like from a Github Action for example)
Analyze a snapshot
Run the following command:
tm snapshot analyze --snapshot-id <id>
where --snapshot-id is the snapshot which source tree will be analyzed
List snapshot's analyses
Run the following command:
tm analyses list --snapshot-id <id>
where --snapshot-id is the snapshot for which analyses will be queried
Get specific snapshot's analysis
Run the following command:
tm analyses list --analysis-id <id>
where --analysis-id is the analysis to be queried
Get report of analysis
Run the following command:
tm analyses report --analysis-id <id> where
--analysis-idis the analysis to be queried