diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index ae660661eb0..4e92c1043d0 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -76,10 +76,7 @@ jobs: - uses: actions/checkout@v3 - name: Set up environment uses: ./.github/actions/setup - - run: rm foundry.toml - uses: crytic/slither-action@v0.2.0 - with: - slither-version: 0.9.1 codespell: if: github.repository != 'OpenZeppelin/openzeppelin-contracts-upgradeable' diff --git a/contracts/governance/TimelockController.sol b/contracts/governance/TimelockController.sol index da7143499c7..dac55d858bf 100644 --- a/contracts/governance/TimelockController.sol +++ b/contracts/governance/TimelockController.sol @@ -311,6 +311,9 @@ contract TimelockController is AccessControl, IERC721Receiver, IERC1155Receiver * * - the caller must have the 'executor' role. */ + // This function can reenter, but it doesn't pose a risk because _afterCall checks that the proposal is pending, + // thus any modifications to the operation during reentrancy should be caught. + // slither-disable-next-line reentrancy-eth function executeBatch( address[] calldata targets, uint256[] calldata values, diff --git a/slither.config.json b/slither.config.json index e52e3f5d5bd..2b618794aa8 100644 --- a/slither.config.json +++ b/slither.config.json @@ -1,4 +1,5 @@ { "detectors_to_run": "reentrancy-eth,reentrancy-no-eth,reentrancy-unlimited-gas", - "filter_paths": "contracts/mocks" + "filter_paths": "contracts/mocks", + "compile_force_framework": "hardhat" } \ No newline at end of file