Update to public release

.github/workflows/black.yaml

@@ -0,0 +1,55 @@
+---
+    name: Run black
+
+    defaults:
+      run:
+        # To load bashrc
+        shell: bash -ieo pipefail {0}
+
+    on:
+      pull_request:
+        branches: [main, dev]
+        paths:
+          - "**/*.py"
+      schedule:
+        # run CI every day even if no PRs/merges occur
+        - cron: '0 12 * * *'
+
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true
+
+    jobs:
+      build:
+        name: Black 
+        runs-on: ubuntu-latest
+
+        steps:
+          - name: Checkout Code
+            uses: actions/checkout@v4
+            with:
+              # Full git history is needed to get a proper list of changed files within `super-linter`
+              fetch-depth: 0
+
+          - name: Set up Python 3.10
+            uses: actions/setup-python@v5
+            with:
+              python-version: '3.10'
+
+          - name: Install dependencies
+            run: |
+              mkdir -p .github/linters
+              cp pyproject.toml .github/linters
+
+          - name: Black
+            uses: super-linter/super-linter/[email protected]
+            if: always()
+            env:
+              # run linter on everything to catch preexisting problems
+              VALIDATE_ALL_CODEBASE: true
+              DEFAULT_BRANCH: master
+              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              # Run only black
+              VALIDATE_PYTHON_BLACK: true
+              PYTHON_BLACK_CONFIG_FILE: pyproject.toml
+              FILTER_REGEX_EXCLUDE: .*tests/.*.(json|zip|sol)

.github/workflows/matchers/pylint.json

@@ -0,0 +1,32 @@
+{
+    "problemMatcher": [
+      {
+        "owner": "pylint-error",
+        "severity": "error",
+        "pattern": [
+          {
+            "regexp": "^(.+):(\\d+):(\\d+):\\s(([EF]\\d{4}):\\s.+)$",
+            "file": 1,
+            "line": 2,
+            "column": 3,
+            "message": 4,
+            "code": 5
+          }
+        ]
+      },
+      {
+        "owner": "pylint-warning",
+        "severity": "warning",
+        "pattern": [
+          {
+            "regexp": "^(.+):(\\d+):(\\d+):\\s(([CRW]\\d{4}):\\s.+)$",
+            "file": 1,
+            "line": 2,
+            "column": 3,
+            "message": 4,
+            "code": 5
+          }
+        ]
+      }
+    ]
+}

.github/workflows/pip-audit.yaml

@@ -0,0 +1,39 @@
+---
+    name: pip-audit
+
+    on:
+      push:
+        branches: [ dev, main ]
+      pull_request:
+        branches: [ dev, main ]
+      schedule: [ cron: "0 7 * * 2" ]
+
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true
+
+    jobs:
+      audit:
+        runs-on: ubuntu-latest
+
+        steps:
+          - name: Checkout repository
+            uses: actions/checkout@v4
+
+          - name: Install Python
+            uses: actions/setup-python@v5
+            with:
+              python-version: "3.10"
+
+          - name: Install Slither
+            run: |
+              python -m venv /tmp/pip-audit-env
+              source /tmp/pip-audit-env/bin/activate
+
+              python -m pip install --upgrade pip setuptools wheel
+              python -m pip install .
+
+          - name: Run pip-audit
+            uses: pypa/[email protected]
+            with:
+              virtual-environment: /tmp/pip-audit-env

.github/workflows/publish.yaml

@@ -0,0 +1,53 @@
+name: Publish to PyPI
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  build-release:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+
+      - name: Build distributions
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install build
+          python -m build
+      - name: Upload distributions
+        uses: actions/upload-artifact@v4
+        with:
+          name: slither-lsp-dists
+          path: dist/
+
+  publish:
+    runs-on: ubuntu-latest
+    environment: release
+    permissions:
+      id-token: write  # For trusted publishing + codesigning.
+      contents: write  # For attaching signing artifacts to the release.
+    needs:
+      - build-release
+    steps:
+      - name: fetch dists
+        uses: actions/download-artifact@v4
+        with:
+          name: slither-lsp-dists
+          path: dist/
+
+      - name: publish
+        uses: pypa/[email protected]
+
+      - name: sign
+        uses: sigstore/[email protected]
+        with:
+          inputs: ./dist/*.tar.gz ./dist/*.whl
+          release-signing-artifacts: true

.github/workflows/pylint.yaml

@@ -0,0 +1,60 @@
+---
+    name: Run pylint
+
+    defaults:
+      run:
+        # To load bashrc
+        shell: bash -ieo pipefail {0}
+
+    on:
+      pull_request:
+        branches: [main, dev]
+        paths:
+          - "**/*.py"
+
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true
+
+    jobs:
+      build:
+        name: Lint Code Base
+        runs-on: ubuntu-latest
+
+        steps:
+          - name: Checkout Code
+            uses: actions/checkout@v4
+            with:
+              # Full git history is needed to get a proper list of changed files within `super-linter`
+              fetch-depth: 0
+
+          - name: Set up Python 3.10
+            uses: actions/setup-python@v5
+            with:
+              python-version: '3.10'
+
+          - name: Install dependencies
+            run: |
+              mkdir -p .github/linters
+              cp pyproject.toml .github/linters
+              pip install .
+
+          - name: Register pylint problem matcher
+            run: |
+              echo "::add-matcher::.github/workflows/matchers/pylint.json"
+
+          - name: Pylint
+            uses: super-linter/super-linter/[email protected]
+            if: always()
+            env:
+              # Run linters only on new files for pylint to speed up the CI
+              VALIDATE_ALL_CODEBASE: false
+              # Compare against the base branch
+              # This is only accessible on PR
+              DEFAULT_BRANCH: ${{ github.base_ref }}
+              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              # Run only pylint
+              VALIDATE_PYTHON: true
+              VALIDATE_PYTHON_PYLINT: true
+              PYTHON_PYLINT_CONFIG_FILE: pyproject.toml
+              FILTER_REGEX_EXCLUDE: .*tests/.*.(json|zip|sol)

README.md

@@ -1,4 +1,25 @@
-# Slither Language Server Protocol
+# Slither Language Server
+
+## How to install
+
+Run the following command from the project root directory (preferably inside a Python virtual environment):
+
+    python -m pip install .
 
 ## Features
-* TODO
+
+* Go to implementations/definitions
+* Find all references
+* Show call hierarchy
+* Show type hierarchy
+* View and filter detector results
+
+## Adding new features
+
+New request handlers should be registered in the [constructor of `SlitherServer`](https://github.com/crytic/slither-lsp/blob/4e951da5244b15b69a5cbf4ce2444f205a0d0417/slither_lsp/app/slither_server.py#L120). Please note that in order to keep the conceptual load to a minimum, handlers should not be declared directly in the `SlitherServer` class itself. Instead, related handlers should be declared in a separate module. See [`goto_def_impl_refs.py`](https://github.com/crytic/slither-lsp/blob/c914576b74f748f69738a0a7a38ee6d53bfd1614/slither_lsp/app/request_handlers/goto_def_impl_refs.py) as an example.
+
+The Slither Language Server uses [`pygls`](https://pygls.readthedocs.io/en/latest/index.html) as the LSP implementation, and you should refer to its documentation when writing new handlers.
+
+If you're adding an handler for a standard LSP feature, there will be no need to do anything on the VSCode extension side: VSCode will automatically hook its commands to use the provided feature.
+
+If, on the other hand, the feature you're trying to add does not map to a standard LSP feature, you will need to register a custom handler. See [`$/slither/analyze`](https://github.com/crytic/slither-lsp/blob/4e951da5244b15b69a5cbf4ce2444f205a0d0417/slither_lsp/app/slither_server.py#L117) as an example: note how each request name is prefixed with `$/slither/`. You will need to manually send request from the VSCode extension in order to trigger these handlers.

pyproject.toml

@@ -1,12 +1,61 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "slither-lsp"
+description = "Language Server powered by the Slither static analyzer"
+version = "0.0.1"
+readme = "README.md"
+dependencies = [
+    "slither-analyzer>=0.10.2",
+    "semantic-version>=2.10.0",
+    "pygls>=1.3.0"
+]
+classifiers = [
+    "License :: OSI Approved :: GNU Affero General Public License v3",
+    "Intended Audience :: Developers",
+    "Programming Language :: Python :: 3 :: Only",
+    "Topic :: Security",
+]
+requires-python = ">=3.10"
+
+[[project.authors]]
+name = "Trail of Bits"
+email = "[email protected]"
+
+[project.license]
+file = "LICENSE"
+
+[project.urls]
+Repository = "https://github.com/crytic/slither-lsp"
+Issues = "https://github.com/crytic/slither-lsp/issues"
+
+[project.scripts]
+slither-lsp = "slither_lsp.__main__:main"
 
 # Pylint settings
 
 [tool.pylint.messages_control]
 max-line-length = 120
 
 disable = """
-import-outside-toplevel,
 missing-module-docstring,
-useless-return,
-duplicate-code
+missing-class-docstring,
+missing-function-docstring,
+unnecessary-lambda,
+cyclic-import,
+line-too-long,
+invalid-name,
+fixme,
+too-many-return-statements,
+too-many-ancestors,
+logging-fstring-interpolation,
+logging-not-lazy,
+duplicate-code,
+import-error,
+unsubscriptable-object,
+unnecessary-lambda-assignment,
+too-few-public-methods,
+too-many-instance-attributes
 """