Skip to content

npm: bump solhint from 5.2.0 to 6.0.0 #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

npm: bump solhint from 5.2.0 to 6.0.0 #65

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 7, 2025

Bumps solhint from 5.2.0 to 6.0.0.

Release notes

Sourced from solhint's releases.

v6.0.0

[6.0.0] - 2025-07-04

BREAKING CHANGE

Some rules were removed from the recommended ruleset and other were promoted. See below: Rules revision - #692

🟥 DEMOTED

  • payable-fallback: Outdated due to the introduction of receive(); rarely needed in modern Solidity.

✅ PROMOTED

  • interface-starts-with-i: Promotes clarity by clearly distinguishing interfaces from contracts.
  • gas-calldata-parameters: Encourages optimal memory usage for external functions.
  • gas-increment-by-one: Suggests using ++i style for gas-efficient increments.
  • gas-indexed-events: Improves event indexing for off-chain systems and reduces gas usage.
  • gas-small-strings: Recommends cheaper encoding using bytes32 for short strings.
  • gas-strict-inequalities: Helps avoid subtle off-by-one bugs in range conditions.
  • gas-struct-packing: Maximizes storage efficiency by suggesting tight struct packing.
  • duplicated-imports: Prevents redundant imports that bloat the AST and confuse code structure.
  • import-path-check: Ensures all imported files exist and resolve correctly, avoiding runtime errors.
  • function-max-lines: Encourages smaller, more readable and maintainable functions.
  • constructor-syntax: Enforces modern constructor syntax for consistency and clarity.
  • use-natspec: Promotes proper documentation with NatSpec for better audits and readability.

Fixed

  • gas-struct-packing false positives - #690
  • gas-increment-by-one backward expression - #691
  • Typo (thanks to @MarkFizz77)

Added

  • use-natspec: Promote the use of natspec and make several checks to enforce it - #689
Changelog

Sourced from solhint's changelog.

[6.0.0] - 2025-07-04

BREAKING CHANGE

Some rules were removed from the recommended ruleset and other were promoted. See below: Rules revision - #692

🟥 DEMOTED

  • payable-fallback: Outdated due to the introduction of receive(); rarely needed in modern Solidity.

✅ PROMOTED

  • interface-starts-with-i: Promotes clarity by clearly distinguishing interfaces from contracts.
  • gas-calldata-parameters: Encourages optimal memory usage for external functions.
  • gas-increment-by-one: Suggests using ++i style for gas-efficient increments.
  • gas-indexed-events: Improves event indexing for off-chain systems and reduces gas usage.
  • gas-small-strings: Recommends cheaper encoding using bytes32 for short strings.
  • gas-strict-inequalities: Helps avoid subtle off-by-one bugs in range conditions.
  • gas-struct-packing: Maximizes storage efficiency by suggesting tight struct packing.
  • duplicated-imports: Prevents redundant imports that bloat the AST and confuse code structure.
  • import-path-check: Ensures all imported files exist and resolve correctly, avoiding runtime errors.
  • function-max-lines: Encourages smaller, more readable and maintainable functions.
  • constructor-syntax: Enforces modern constructor syntax for consistency and clarity.
  • use-natspec: Promotes proper documentation with NatSpec for better audits and readability.

Fixed

  • gas-struct-packing false positives - #690
  • gas-increment-by-one backward expression - #691
  • Typo (thanks to @MarkFizz77)

Added

  • use-natspec: Promote the use of natspec and make several checks to enforce it - #689

Commits
  • 85d66ef Merge pull request #693 from protofire/600-pre-release
  • 03d75d1 pre release 6.0.0
  • 48a866d Merge pull request #692 from protofire/fix-rules-revision
  • cef4e31 rules revision
  • e7c1a17 Merge pull request #691 from protofire/fix-gas-incrementBy1-rule
  • bb2913c fix rule to support backward expression
  • df1f436 fix rule to support backward expression
  • ec78e8b Merge pull request #689 from protofire/feature-use-natspec
  • 14e4c88 Merge branch 'develop' into feature-use-natspec
  • 24a4235 Merge pull request #690 from protofire/fix-gas-struct-packing
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
npm: bump solhint from 5.2.0 to 6.0.0
000d17a 
Bumps [solhint](https://github.com/protofire/solhint) from 5.2.0 to 6.0.0.
- [Release notes](https://github.com/protofire/solhint/releases)
- [Changelog](https://github.com/protofire/solhint/blob/develop/CHANGELOG.md)
- [Commits](protofire/solhint@v5.2.0...v6.0.0)

---
updated-dependencies:
- dependency-name: solhint
  dependency-version: 6.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 7, 2025

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from vanvianen as a code owner July 7, 2025 09:17
@github-actions GitHub Actions
Copy link

This pull request is stale because it has been open for 14 days with no activity.
It will be closed in 7 days unless the stale label is removed.

@github-actions github-actions bot added the stale label Jul 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vanvianen vanvianen Awaiting requested review from vanvianen vanvianen is a code owner

Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants