Class PreferredStdlibApi

An optional detector that flags the use of advanced functions from the standard library.

Why is it bad?

Auditors should pay extra attention to these functions, as incorrect usage can lead to subtle bugs. Safer stdlib alternatives should be preferred in the code.

Supported functions:

Use send instead of nativeSendMessage
Prefer randomInt instead of nativeRandom

Example

let pkg: Slice = msg.transfer;
let _seqno: Int = pkg.loadInt(32);
let mode: Int = pkg.loadInt(8);
let body: Cell = pkg.loadRef();
// Bad: prefer `send` to avoid low-level manipulation of Slice
nativeSendMessage(body, mode);

Use instead:

// Safer: More explicit definition of the send operation
send(SendParameters{ value: amount,
                     to: self.owner,
                     mode: mode,
                     body: beginCell().endCell() });

Hierarchy (view full)

ASTDetector
- PreferredStdlibApi

Index

Constructors

constructor

new PreferredStdlibApi(ctx): PreferredStdlibApi
Parameters
- ctx: MistiContext
Returns PreferredStdlibApi
Inherited from ASTDetector.constructor
- Defined in src/detectors/detector.ts:36

Properties

`Readonly`ctx

ctx: MistiContext

severity

severity: Severity = Severity.INFO

Gets the severity of the detector.

Accessors

id

get id(): string
Gets the short identifier of the detector, used in analyzer warnings.

Returns string
The unique identifier of the detector.
Inherited from ASTDetector.id
- Defined in src/detectors/detector.ts:42

kind

get kind(): DetectorKind
Gets the kind of the detector.

Returns DetectorKind
Inherited from ASTDetector.kind
- Defined in src/detectors/detector.ts:118

shareImportedWarnings

get shareImportedWarnings(): WarningsBehavior
Defines the behavior of warnings generated by this detector when working with multiple projects within a single Tact configuration.

Here are the available options:
1. "union" Leave this value if you don't care about warnings generated in other projects.
2. "intersect" If the warning is generated for some source location of the imported file, it should be generated by each of the projects. Example: Constants from an imported file should not be reported iff they are unused in all the projects, so you need "intersect".
Returns WarningsBehavior
Inherited from ASTDetector.shareImportedWarnings
- Defined in src/detectors/detector.ts:69

usesSouffle

get usesSouffle(): boolean
Checks whether this detector needs the Soufflé binary to be executed.

Returns boolean
Inherited from ASTDetector.usesSouffle
- Defined in src/detectors/detector.ts:76

Methods

check

check(cu): Promise<MistiTactWarning[]>
Executes the detector's logic to check for issues within the provided compilation unit.
Parameters
- cu: CompilationUnit
  The compilation unit to be analyzed.
Returns Promise<MistiTactWarning[]>
List of warnings has highlighted by this detector.
Overrides ASTDetector.check
- Defined in src/detectors/builtin/preferredStdlibApi.ts:54

`Protected`makeWarning

makeWarning(description, loc, data?): MistiTactWarning
A wrapper method that creates Misti warnings with additional context about the detector generated it.
Parameters
- description: string
- loc: SrcInfo
- data: Partial<{
  extraDescription: string;
  suggestion: string;
  }> = {}
Returns MistiTactWarning
Inherited from ASTDetector.makeWarning
- Defined in src/detectors/detector.ts:99

`Protected`skipUnused

skipUnused(name): boolean
Returns true if the identifier with the given name should not be reported by unused variables detectors.
Parameters
- name: string
Returns boolean
Inherited from ASTDetector.skipUnused
- Defined in src/detectors/detector.ts:91

Class PreferredStdlibApi

Why is it bad?

Example

Hierarchy (view full)

Index

Constructors

Properties

Accessors

Methods

Constructors

constructor

Parameters

Returns PreferredStdlibApi

Properties

`Readonly`ctx

severity

Accessors

id

Returns string

kind

Returns DetectorKind

shareImportedWarnings

Returns WarningsBehavior

usesSouffle

Returns boolean

Methods

check

Parameters

Returns Promise<MistiTactWarning[]>

`Protected`makeWarning

Parameters

Returns MistiTactWarning

`Protected`skipUnused

Parameters

Returns boolean

Settings

On This Page

Class PreferredStdlibApi

Why is it bad?

Example

Hierarchy (view full)

Index

Constructors

Properties

Accessors

Methods

Constructors

constructor

Parameters

Returns PreferredStdlibApi

Properties

Readonlyctx

severity

Accessors

id

Returns string

kind

Returns DetectorKind

shareImportedWarnings

Returns WarningsBehavior

usesSouffle

Returns boolean

Methods

check

Parameters

Returns Promise<MistiTactWarning[]>

ProtectedmakeWarning

Parameters

Returns MistiTactWarning

ProtectedskipUnused

Parameters

Returns boolean

Settings

On This Page

`Readonly`ctx

`Protected`makeWarning

`Protected`skipUnused