Hovering over the variable it reports

(undefined) StateVar StandardBounties.bounties

I was expecting

(mapping(uint => Bounty)) StateVar StandardBounties.bounties

I'm seeing this in the VSCode console:

I hope it will be fixed by this: Consensys/surya#142, and updating this repo to use the community parser.

• Call Graph is empty, screenshot:
  

• Clicking the contract interaction graph button does nothing

When I click on 'set color theme':

I get this error message:

TBH I'm not really sure what that button should do.

rework funcsigs and only show sighashes for external/public methods

I now feel sure that we should do this, also in the Marketplace.

If adding something like this wouldn't clutter things too much I'd be happy to work on a pull request.

This is a feature request.

Next to having @audit and @audit-ok, it would be great if there was also @audit-issue.

this command would signify that an issue has been created in github/bitbucket, having a blue marker instead of red/green.

besides this this plugin is already amazing 👍

get a better view on permissions

Hi,

I am on 0.0.22. When I click funcSig, I correctly get the function signature. But when I click ftrace, nothing happens. Here is the top most output from my dev console:

console.ts:137 [Extension Host] stack trace: ReferenceError: opts is not defined
at Object.FunctionCall (/Users/dteiml/.vscode/extensions/tintinweb.solidity-visual-auditor-0.0.22/node_modules/surya/lib/ftrace.js:563:13)

Selecting evm.js from the hover options results in no contract code being returned. Instead, it seems to hang and load indefinitely.

Windows 10.0.18363
VSCode 1.47.2

When generating the graph of a contract, the output options are SVG, and DOT. Having the option to generate a common format such as PNG is useful too.

Version: 0.0.11

It seems that the LineNumber:CharacterNumber is included in the dependency path, which leads to failure to "Jump to Declaration".

e.g.:
When hover on a mapping, this message is shown:
(mapping( bytes32=>Entry )) StateVar HashRegistrar._entries (Declaration: #16)

When clicked on (Declaration: #16) VSCode tries to open a file in the "correct" path but wrong file name: HashRegistrar.sol:133:1

Unable to open 'HashRegistrar.sol:133:1': File not found (file:///PATH_TO_THE_DIRECTORY/node_modules/@ensdomains/ens/contracts/HashRegistrar.sol:133:1).

When I open a Solidity file in one pane and a Javascript file in a pane next to it, I see highlights and annotations in the Javascript file for variables, etc from the Solidity file. It appears to be triggered when I edit and save the Javascript file.

If I switch to a different file and come back, the annotations disappear.

Currently, the extension highlights places where a state variable is shadowed by a local variable. It also would be useful to see when a function parameter is shadowed by a local variable.

Steps to reproduce:

1. See this function has an inline comment
2. Run "List function signatures" for this file
3. Notice how it outputs 1137c1f8 => sendToken(address,address,uint256,bytes32,//) when it should output b9bfabe1 => sendToken(address,address,uint256,bytes32,bytes32)

Function linked above:

function sendToken(
    address _receiver,
    address _tokenAddr,
    uint256 _amount,
    bytes32 _pkx, // ephemeral public key x coordinate
    bytes32 _ciphertext
) external payable {
   ...
}

Unfortunately, vscode decided to suddenly disable proposed api features like the treeviewElement.tooltip property. I've disabled the tooltip feature for now. This only affects the cockpit->settings view. The tooltip will not show up anymore.

Let's re-enable this once they've come to a conclusion that this is added to their main API.

The solarized theme highlights natspec keywords in dark bold which can be quite distracting.

therefore we are planning to make them less distracting by changing the color from black -> greyish

Underlining underscore makes it look weird, kind of like an equal sign!

I get a yellow exclamation mark next to a low-level call. There is no further information when I hover over it nor any problems/warnings logged.

Trigger: it's the parameters in the curly brackets (in my case {gas: req.gas}) that cause the warning. If you remove these arguments, everything disappears.

Does someone have idea how to fix this (the code compiles also w/o any warnings):

Also see: juanfranblanco/vscode-solidity#257 for a smart contract to replicate the warning.

Outline View:
populates VS Code outline view with sourceUnit and contract layout
contracts, stateVars, methods, inherited names
annotates security relevant information (visibility, ...)
calculates complexity rating
annotations functions with information about whether they are accessing stateVars

There is an invalid hash of signature function calculation for uint types.

The next function has a signature provideAccess(address[],uint256[],bytes32,bytes)

function provideAccess(address[] _addresses, uint[] _amounts, bytes32 _key, bytes _info) public {
// ...
}

Then it should have the next hash:

> require("web3-utils").soliditySha3("provideAccess(address[],uint256[],bytes32,bytes)").slice(0, 10)

'0x745ca7ea'

but funcSig command returns like:

> require("web3-utils").soliditySha3("provideAccess(address[],uint[],bytes32,bytes)").slice(0, 10)

'0xb196df14'

Probably it will be better to use truffle-flattener and run flattening command with npx truffle-flattener inputfile > output?

preferrable as text or harvey json

new light theme.

see #59

I can get the diagraph G with meaningful contents in it, however, the Preview tab does not have the desired graph showing up. Actually it is not showing up anything. I have reopenit the editor after installation. Wondering why this is case. Thanks.

The extension appears to be treating comment blocks as code. For example, if I have a block like

/**
@dev An example for this issue
*/

then hovering over the word "for" gives me an annotation about LOOP - check for OOG conditions. Similarly, I get one when hovering over the word "this."

Context

For my current workflow, I usually find the Surya - graph(this) functionality more useful as it is less noisy and helps me to better understand a subset of a large codebase.

However this is only accessible via code lens which I keep disabled most of the time, since it adds clutter.

Request

I would like to have access to the graph(this) function from the command palette.

Hey again @tintinweb—I know in #68 you mentioned the signature extraction is hacky and you don't expect many people use it, but actually it's probably the feature I use most, so here's another related issue 😁

The issue:

• The function selector for this method is 0x9120491c
• But the extension reports 0xe1acd927

In this case the method linked is an array of structs. I think I've also seen regular structs and interfaces (e.g. function someMethod(IERC20 _address)) give the wrong function signature, though I don't have an example handy—I can double-check and confirm this if you need

I have just freshly installed the plugin on Windows 10 VS Code. The codelenses are not showing up for me. I have installed Surya and Graphviz before.

I saw that there is a bug mentioned about codelenses not showing up. So I changed the file and saved it to trigger a reload but it doesn't help. Also uninstalled / reloaded the plugin multiple times. The settings for codelenses are enabled.

I'm not sure what exactly I need to post so you can investigate, just let me know.

It is possible to import contracts using @ which truffle pulls using npm install. However these contracts will be installed in npm-modules which truffle maps to the contract folder.

In this scenario, it is not possible to jump/see the definition of imported functions.

e.g.
import "@ensdomains/ens/contracts/ENS.sol"; in
https://github.com/ensdomains/ethregistrar/blob/master/contracts/BaseRegistrarImplementation.sol

Show value when hovering over constant values that can be resolved directly.

I used the funcSigs and found out there’s a discrepancy between what it shows and what it should be:

function _executeActionsFromFL(Task memory _currTask, bytes32 _flAmount)

Which SVA shows as :
4517bb07 => _executeActionsFromFL(Task,bytes32)

But the actual func signature that calls this function as the callback is: 0xd6741b9e

Apparently, the struct that is in the function argument (abi) should be expanded.

    struct Task {
        string name;
        bytes[][] callData;
        bytes[][] subData;
        bytes32[] actionIds;
        uint8[][] paramMapping;
    }

Something like: "_executeActionsFromFL((address,address,uint256,...),bytes32)"

going to be awesome! but let's release surya graph first ;)

When a constructor visibility is set to public, a warning is shown" Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient
However, explicitly mentioning is needed; else there is an error when trying to compile: SyntaxError: No visibility specified. Did you intend to add "public"?

I'm using Truffle v5.1.40 (core: 5.1.40) and Node v14.8.0

It returns only text file.

I have installed all needed extensions and surya v2.0.11. I use Ubuntu 18.04.

refs solidity-parser/parser#46

You knwo what I mean

Describe the bug
Uml function generate a wrong uml class diagram.
For example, following Solidity contract:

pragma solidity ^0.5.0;

import "openzeppelin-solidity/contracts/math/SafeMath.sol";
import "./Stoppable.sol";

contract StoppableElement is Stoppable {
    using SafeMath for uint256;
    constructor () Stoppable(false) public {
    }
}

where StoppableElement derive from Stoppable class, generate following plantuml script and diagram:

@startuml
' -- for auto-render install: https://marketplace.visualstudio.com/items?itemName=jebbs.plantuml
' -- options --



' -- classes --


class StoppableElement {
    ' -- inheritance --
	{abstract}Stoppable

    ' -- usingFor --
	{abstract}📚SafeMath for [[uint256]]

    ' -- vars --

    ' -- methods --
	+**__constructor__**()

}
' -- inheritance / usingFor --
StoppableElement <|--[#DarkGoldenRod] Stoppable
StoppableElement <|..[#DarkOliveGreen] SafeMath : //for uint256//

@enduml

where inheritance arrow is in wrong direction.

Expected behavior
Inheritance tags should be:

' -- inheritance / usingFor --
Stoppable <|--[#DarkGoldenRod] StoppableElement
SafeMath <|..[#DarkOliveGreen] StoppableElement : //for uint256//

Screenshots

should be:

• use builtin "find top level contracts" command to find all candidates for the big flattening
• flatten the files using flaterra https://github.com/cleanunicorn/flaterra
  • create a popup and ask people to install flaterra (pip3 install --user flaterra) if not available

JS language support has a really nice 'find references' feature, which would be really nice to have here. My use case would be highlighting sensitive state vars so I can review any code that touches it.

A similar feature would be the ability to highlight a state var, with an icon. Much like how arguments are indicated an arrow in the extension.

I'm trying to disable stateVar highlighting but it doesn't seem to work. Did it both globally from the settings and for the current workspace. Also checked the json file and it seems to have both "deco" values set to false. On the other hand I had no problems disabling hilighting function arguments.

"solidity-va.deco.arguments": false, "solidity-va.deco.statevars": false

Not sure if there's something wrong on my end. Maybe a problem with another extension?

Clicking on "report", "graph (this)", "graph", "inheritance", "parse", and "flatten" result in no action. No graph is rendered, no text file is created, and no errors are shown.

Clicking on "funcSigs" does work -- it produces a text file as expected.

I'm running version 0.0.17.

Can we have the "Top-level contracts" sidebar section display the results in alphabetical order? 😊