Skip to content

0.8.0

Compare
Choose a tag to compare
@cgewecke cgewecke released this 05 Sep 20:10
· 81 commits to master since this release

Hi!

⚠️ This version requires Hardhat >= 2.11.0 (Ethereum Merge)

New Features

A central focus of the 0.8.0 release is improving the coverage tool's branch detection.

Beginning with this version the following syntax is measured as a branch:

OR conditions

When a logical expression is composed with the || operator, both sides can be considered branches. To test the entire expression

if (a == 1 || a == 2)

... a must equal 1, 2 and neither of those values. (Thanks to Gnosis engineer @rmeissner for proposing this in #175)

Screen Shot 2021-01-12 at 9 41 09 PM

Ternary Conditionals

Long ago, when Solidity was 0.4, solidity-coverage treated ternary conditionals like regular if/else statements. Some language improvements v0.5 subsequently made this impossible. Now it's back...

Screen Shot 2021-01-12 at 9 47 43 PM

Modifier Invocations

Solidity-coverage already covers the code within modifier definitions. However, each modifier invocation at the function level should really be considered its own branch. Some of the most critical logic in Solidity contracts is handled this way (ex: onlyOwner). Testing the pass/fail cases for each occurrence of these gates protects you from accidentally removing them during a refactor.

Because it's possible to write a modifier which performs a preparatory task and never reverts, there's a new option (modifierWhitelist) which allows you to exclude specific modifiers from branch measurement.

And if you don't like modifier invocation coverage you can turn it off by setting the option measureModifierCoverage to false.

(Many thanks to OpenZeppelin engineer @nventuro for proposing this improvement in #286 and helping to design it.)

Screen Shot 2021-01-12 at 10 07 13 PM

Test Matrix

The hardhat and truffle plugins support a new cli flag: --matrix. (Short for "test matrix".)

This flag generates a JSON object that maps which tests in your suite hit which lines of code. (An example can be seen at docs/matrix.md. More info can be found in the advanced docs, here.)

This data is useful for many advanced testing applications - Security researcher @JoranHonig has written two that are worth checking out.

Coverage is often a core component of fuzzing and generative test strategies because it helps narrow the range of inputs required to traverse every path in the code. If you're working on applications like this and have ideas for how solidity-coverage might serve your ends, please feel free to open an issue.

Note to Truffle users

solidity-coverage for Truffle is moving to its own repository and published under a different name (details soon...).