Hi everyone,
I'd like to know if and how people are making use of CI/CD pipeline tools, like Jenkins, Circle CI, Github Actions etc, on smart contracts projects.
I can figure out some basic steps like: compiling/building, unit testing and deploy on some testnet. Is it reasonable to include stages for running Slither, Manticore, Echidna? How do you handle cases of False Positives? For example, at this moment we have a FP on unprotected-upgradeable-contract detector on Slither 0.8.2: https://github.com/crytic/slither/pull/1046
- Tipically, what steps/stages are being included in a pipeline CI/CD for smart contract projects?
- Should we avoid to run Slither on a CI/CD pipeline in order to avoid breaking pipeline?
Regards,