v0.8.2

0.8.2 - 2021-12-10

This release adds two new detectors that catch recent vulnerabilities in SushiSwap and Opyn vulnerabilities, and significantly improves Solidity 0.8 support (including top-level functions, custom errors, and immutable variables). Additionally, the code objects have now scope-file information, which improves Slither on codebases where contract or structure name are repeated.

For their contributions, we would like to thank:

• @htadashi,
• @bearpebble,
• @jesus-eff,
• and @axic for his numerous bugs reports.

Added

• Two new detectors
  • delegatecall inside a loop (#992) (SushiSwap vuln)
  • msg.value inside a loop (#991) (Opyn vuln)
• Support for top-level functions (#945, #949, #987)
• Support for immutable variables (#946)
• Support for custom errors (#947)
• Info on how synchronize with crytic-compile in the contributing guidelines (#994)

Changed

• Improve calls-loop detector (#925)
• Improve costly-loop detector (#926)
• Improve support for units and globally available variables (#985)
• Improve strict-equality detector (#952)
• Add a function_language property to the function to determine if its a Solidity or Yul function (#987)
• Validate inputs of --markdown-root flag (#988)
• Refactor the core objects to contain a file scope (#990). This contains breaking changes
• Update Solidity version recommendations (#999)

Fixed

• Docker build (#967)
• call-graph printer output (#973)
• slither-flat --convert-external and --convert-private flags (#964)
• Broken wiki link (#986)
• Multiple minor fixes (#996, #997)