Oxorio Auditor
This extension is a set of tools for Oxorio Solidity auditors. To use some commands, you need to authenticate via GitHub and have access to Oxorio's audits repository.
Configuration
Inline-bookmarks Configuration
Add this configuration for the Inline Bookmarks plugin to your global (not workspace) user settings.json:
"inline-bookmarks.default.words.purple": "",
"inline-bookmarks.default.words.red": "",
"inline-bookmarks.default.words.green": "",
"inline-bookmarks.default.words.blue": "",
"inline-bookmarks.expert.custom.words.mapping": {
"critical": ["@audit-c\\s"],
"major": ["@audit-m\\s"],
"warning": ["@audit-w\\s"],
"info": ["@audit-i\\s"],
"note": ["@audit\\s"],
},
"inline-bookmarks.expert.custom.styles": {
"critical": {
"gutterIconColor": "#F7075D",
"overviewRulerColor": "#F7075D",
"light": {
"color": "#F7075D",
"fontWeight": "bold",
"textDecoration": "underline",
},
"dark": {
"color": "#F7075D",
"fontWeight": "bold",
"textDecoration": "underline",
}
},
"major": {
"gutterIconColor": "#FD991F",
"overviewRulerColor": "#FD991F",
"light": {
"color": "#FD991F",
"fontWeight": "bold",
"textDecoration": "underline",
},
"dark": {
"color": "#FD991F",
"fontWeight": "bold",
"textDecoration": "underline",
}
},
"warning": {
"gutterIconColor": "#AE82F3",
"overviewRulerColor": "#AE82F3",
"light": {
"color": "#AE82F3",
"fontWeight": "bold",
"textDecoration": "underline",
},
"dark": {
"color": "#AE82F3",
"fontWeight": "bold",
"textDecoration": "underline",
}
},
"info": {
"gutterIconColor": "#66D9EF",
"overviewRulerColor": "#66D9EF",
"light": {
"color": "#66D9EF",
"fontWeight": "bold",
"textDecoration": "underline",
},
"dark": {
"color": "#66D9EF",
"fontWeight": "bold",
"textDecoration": "underline",
}
},
"note": {
"gutterIconColor": "#d3d3d3",
"overviewRulerColor": "#d3d3d3",
"light": {
"color": "#d3d3d3",
"fontWeight": "light",
},
"dark": {
"color": "#d3d3d3",
"fontWeight": "light",
}
}
}
Now you can bookmarking issues in a code using comments with a different @audit-X marks depending on the issue's severity level:
| Mark |
Severity |
|
| @audit-c |
CRITICAL |
|
| @audit-m |
MAJOR |
|
| @audit-w |
WARNING |
|
| @audit-i |
INFO |
|
| @audit |
NOTE |
// notes are not included in the report |
Markdown Report Generation
Use the Generate Markdown Audit Report for Workspace command to collect all @audit-X bookmarks in the current workspace and generate a new Markdown report with the identified issues. You will be prompted to input the client's repository link and the hash of the auditing commit.
PDF Report Generation
To generate a PDF audit report, open the markdown report and execute the Generate PDF Audit Report from Markdown command. You will need to choose an existing web report or create a new one. Please note that selecting an existing web report will overwrite it.
The report will be generated and uploaded to the Oxorio Slack workspace.
Updating the Report with Client Responses
To update the audit markdown report and add client responses as well as issue statuses, execute the Import Web Audit Report command and provide the Report ID that was used during the generation of the PDF report for the client.
Troubleshooting
If you encounter any problems, run the Developer: Show logs -> Extension Host commands to view the extension logs.
