Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

solhint-community

solhint-community9.6kMIT4.0.1

Solidity Code Linter

solidity, linter, security-scanner, ethereum, ast, developer-tools, code-quality, smart-contracts

readme

A community-maintained solhint fork

NPM version MIT licensed

Telegram group badge

This is an open source project for linting Solidity code. This project provides both Security and Style Guide validations.

Why use this fork

This fork was started in mid 2023 to provide the community with an up-to-date linter regardless of protofire's funding allocations, which had proven inconsistent in the past with a big hiatus in development from 2021-2023 and in the middle of 2023.

Currently we're working on a major version change that'll hopefully bring many improvements desired by the community (see issues tagged with v4.0.0), at the cost of some breaking changes.

How to help out

  • If you're a linter user, please consider using the latest release candidate (currently using "^4.0.0-rc00" in your package.json will get you that), where features are first pushed, and report any errors/potential improvements so they don't get to affect most users.
  • If you want to help as a developer, grab some issue tagged with good-first-issue and see contributing.md for a quick start guide. Feel free to create new issues or drop by the telegram group to ask for help!

Installation

You can install solhint-community using npm:

npm install -g solhint-community

# verify that it was installed correctly
solhint --version

Usage

First initialize a configuration file, if you don't have one:

solhint init-config

This will create a .solhint.json file with the recommended rules enabled. Then run Solhint with one or more Globs as arguments. For example, to lint all files inside contracts directory, you can do:

solhint 'contracts/**/*.sol'

To lint a single file:

solhint contracts/MyToken.sol

Run solhint without arguments to get more information:

Usage: solhint [options] <file> [...other_files]

Linter for Solidity programming language

Options:
  -V, --version                           output the version number
  -f, --formatter [name]                  chosen formatter for reports (stylish, table, tap, unix, json, compact)
  -w, --max-warnings [maxWarningsNumber]  number of allowed warnings
  -c, --config [file_name]                extra config file to source, in addition to the defaults
  -q, --quiet                             report errors only. Takes precedence over --max-warnings - default: false
  --ignore-path [file_name]               file to use as your .solhintignore
  --fix                                   automatically fix problems. If used in conjunction with stdin, then fixed file will be printed to stdout and report will be omitted
  -h, --help                              display help for command

Commands:
  stdin [options]                         linting of source code data provided to STDIN
  init-config                             create configuration file for solhint
  list-rules                              display enabled rules of current config, including extensions

Exit codes

  • 0: linted files had no errors
  • 1: linted files had 1 or more errors, or more warnings than --max-warnings
  • 255: provided command-line options were invalid, see stderr for details

Configuration

You can use a .solhint.json file to configure Solhint for the whole project.

To generate a new sample .solhint.json file in current folder you can do:

solhint init-config

This file has the following format:

Default

{
  "extends": "solhint:recommended"
}

Sample

  {
    "extends": "solhint:recommended",
    "plugins": [],
    "rules": {
      "avoid-suicide": "error",
      "avoid-sha3": "warn"
    }
  }

A full list of all supported rules can be found here.

To ignore files that do not require validation you can use a .solhintignore file. It supports rules in the .gitignore format.

node_modules/
additional-tests.sol

Extendable rulesets

The extendable rulesets provided by solhint are the following:

  • solhint:recommended

Use one of these as the value for the "extends" property in your configuration file.

Configure the linter with comments

You can use comments in the source code to configure solhint in a given line or file.

For example, to disable all validations in the line following a comment:

  // solhint-disable-next-line
  uint[] a;

You can disable specific rules on a given line. For example:

  // solhint-disable-next-line not-rely-on-time, not-rely-on-block-hash
  uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number))));

Disable validation on current line:

  uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number)))); // solhint-disable-line

Disable specific rules on current line:

   uint pseudoRand = uint(keccak256(abi.encodePacked(now, blockhash(block.number)))); // solhint-disable-line not-rely-on-time, not-rely-on-block-hash

You can disable a rule for a group of lines:

  /* solhint-disable avoid-tx-origin */
  function transferTo(address to, uint amount) public {
    require(tx.origin == owner);
    to.call.value(amount)();
  }
  /* solhint-enable avoid-tx-origin */

Or disable all validations for a group of lines:

  /* solhint-disable */
  function transferTo(address to, uint amount) public {
    require(tx.origin == owner);
    to.call.value(amount)();
  }
  /* solhint-enable */

Rules

Security Rules

Full list with all supported Security Rules

Style Guide Rules

Full list with all supported Style Guide Rules

Best Practices Rules

Full list with all supported Best Practices Rules

Documentation

Related documentation you may find here.

IDE Integrations

  • Sublime Text 3
  • Atom
  • Vim, neovim
  • JetBrains IDEA, WebStorm, CLion, etc.
  • **[VS Code: Solidity by Juan Blanco](
     https://marketplace.visualstudio.com/items?itemName=JuanBlanco.solidity)**
  • **[VS Code: Solidity Language Support by CodeChain.io](
     https://marketplace.visualstudio.com/items?itemName=kodebox.solidity-language-server)**

Table of Contents

  • Roadmap: The core project's roadmap - what the core team is looking to work on in the near future.
  • Contributing: The core Solhint team :heart: contributions. This describes how you can contribute to the Solhint Project.
  • Shareable configs: How to create and share your own configurations.
  • Writing plugins: How to extend Solhint with your own rules.

Plugins

Who uses Solhint-community?

Sablier Labs PRB-proxy Mean Finance HOPR network

Acknowledgements

The Solidity parser used is @solidity-parser/parser.

Licence

MIT

changelog

[4.0.1] 2025-01-30

Patch release, completely backwards-compatible with 4.0.0 Current latest version.

Fixed

[4.0.0] - 2024-04-10

Stable release.

Includes lots of breaking changes such as removing rules or changing their semantics, while also adding some long-awaited features, such as:

  • parsing multiple config files from subdirectories
  • better handling of exit codes
  • saner defaults, such as using solhint:recommended ruleset when run without a config file present instead of erroring out
  • clumped all style guide casing constranints into a single rule
  • re-defined the recommended ruleset

For a comprehensive list of changes, see the changelog for 4.0.0-rc0{0-4}, listed below:

[4.0.0-rc04] - 2024-04-10

Breaking

[4.0.0-rc03] - 2024-03-27

Breaking

[4.0.0-rc02] - 2024-02-20

Breaking

  • use solhint:recommended when no config is available, instead of exiting with an error https://github.com/solhint-community/solhint-community/pull/135
  • exit with a different code when linter is configured incorrectly (255) vs when errors are found in linted files (1) https://github.com/solhint-community/solhint-community/pull/134
    • also exit eagerly when a misconfiguration is detected, to help the programmer realize of their mistake sooner
  • created style-guide-casing rule to enforce all mixedCase, CapWords and SNAKE_CASE requirements from the style guide in one place, removing the following rules:
    • const-name-snakecase
    • definition-name-capwords
    • func-name-mixedcase
    • modifier-name-mixedcase
    • var-name-mixedcase
    • immutable-name-snakecase

Added

[4.0.0-rc01] - 2024-01-28

Breaking

Added

Updated

Added

Fixed

[4.0.0-rc00] - 2023-12-29

Added

Breaking

Updated

[3.7.0] - 2023-12-05

Includes all changes for 3.7.0-rc0{0-4}, listed below.

[3.7.0-rc04] - 2023-12-04

Added

Added

Improved

[3.7.0-rc03] - 2023-11-27

Added

Fixed

[3.7.0-rc02] - 2023-10-16

Added

Fixed

[3.7.0-rc01] - 2023-07-23

Updated

[3.6.1] - 2023-07-31

Fixed

false positives in no-unused-imports with nested mappings: https://github.com/solhint-community/solhint-community/pull/37

[3.6.0] - 2023-07-13

Updated

Fixed

Added

[3.5.2] - 2023-07-4

Fixed

[3.5.1] - 2023-06-14

Updated

Fixed

[3.5.0] - 2023-05-30

Updated

Added

Fixed



[3.4.1] - 2023-03-06

Updated

  • Updated solidity parser to 0.16.0 #420

Added

  • Added github workflow to execute unit tests on each PR #412
  • Added macOS and windows into E2E github workflow #422

Fixed

  • False positive on for-loop Yul #400
  • Ordering-rule support for Top Level statements #393
  • Fix no-global-import to accept named global imports #416
  • Fix named-parameters-mapping to not enforce on nested mappings #421



[3.4.0] - 2023-02-17

Updated

  • Solhint dependencies to support newer versions #380
  • Linter fixed to get clearer source code #381
  • E2E, added formatters into repo, updated CI #385
  • Solhint dependencies to support newer versions #403

Added

  • New Rule: For banning "console.sol" and "import hardhat or foundry console.sol" #372
  • New Rule: No global imports #390
  • New Rule: Named parameters in v0.8.18 solidity version #403

Fixed

  • TypeError: cannot read property 'errorCount' of undefined #351
  • Directories with .sol in the name path treated as files #352
  • Doc generator and added a CI step to avoid crashing #389
  • Rule for banning "console.sol" and "import hardhat or foundry console.sol #391
  • Option –quiet works now with all files #392
  • Transfers with .call excluded from warning as low level code #394
  • Made func-visibility skip free functions #396
  • False positive on no-unused-vars for payable arguments without name #399



[3.3.8] - 2023-01-17

Fixed Docs and Typos

Updated



TIME GAP

[2.1.0] - 2019-05-30

Added

  • New compiler-version rule (see PR #112)

Fixed

  • Several fixes for the mark-callable-contracts rule (PRs #115, #117 and #119)

[2.0.0] - 2019-02-15

Stable release

[2.0.0-beta.1] - 2019-01-31

Fixed

  • Fix linter errors

[2.0.0-alpha.3] - 2019-01-23

Changed

  • Update config initializer #103

[2.0.0-alpha.2] - 2019-01-08

Changed

  • Remove prettier from rule

[2.0.0-alpha.1] - 2019-01-08

Fixed

  • Package version

[2.0.0-alpha.0] - 2019-01-08

Added

  • Add rulesets #73
  • Add plugins support #99
  • Update docs

[1.5.0] - 2018-12-26

Added

  • Add not-rely-on-time to rules documentation #88
  • Have --max-warnings better reflect its name #89
  • Added disable-previous-line #91
  • Snake case now allows for a (single) leading underscore #93

Fixed

  • Fixed some comment directive tests #92

[1.4.1] - 2018-12-10

Added

  • Allow to specify the path to the config file #78
  • Roadmap and changelog #81

Changed

  • Upgrade grammar #79

[1.4.0] - 2018-10-10

Added

  • Support prettier-solidity #72

[1.3.0] - 2018-09-25

Added

  • Add "Projects that use solhint" to README.md file #64
  • Add prettier and airbnb #59
  • Add new feature --ignore-path option #58
  • Add contribution formatter parameter validation #54
  • Add --max-warnings [int] option #56
  • Add --quiet option #55

Changed

  • Move rules sections out from README.md #65
  • Complete docs and readme #61

Fixed

  • Unable to satisfy indentation rules for functions with multiple return values #49