Getting started
System Dependencies​
Before you begin, ensure you have the following software installed on your system:
- Node.js version 22 or higher
- (optional) Soufflé – enables more built-in detectors
Alternative: Use TON Web IDE
The TON Web IDE integrates the latest release version of Misti, allowing you to try it out on your project or incorporate it into your development process if you use the IDE. Check it out at: ide.ton.org.
Note: Some features of this Misti version are not available in the Web IDE. To access all functionalities, install it locally or in your CI environment.
Installation​
npm install -g @nowarp/misti
🚧 Using Development Version
The latest development version may be unstable, yet it includes all the recently added detectors and therefore can provide a more comprehensive analysis.
To install the latest development version you should:
- Clone Misti:
git clone https://github.com/nowarp/misti
- Build it:
cd misti && yarn install && yarn gen && yarn build
- Use it in your Tact project:
cd /path/to/tact/project && yarn add file:/path/to/misti
Running the analysis​
Run Misti by specifying a Tact contract, project config, or directory to check:
misti path/to/src/contracts
misti contract.tact
misti tact.config.json
This will highlight any warnings the analyzer found.
You can also add a script to your package.json
to simplify running the linting process:
{
"scripts": {
"lint": "misti path/to/contract"
}
}
Common Usage Scenarios​
Below are a few usage examples for common scenarios when using [the misti
CLI]./cli.md.
Suppressing Warnings​
If you want to suppress some warnings in specific places of source code, you should use the @misti:suppress
annotations in the comment on the previous line, for example:
fun test(): Int {
// @misti:suppress NeverAccessedVariables
let sum: Int = 0; // OK: The warning will be suppressed
return 52;
}
This syntax also enables you to list a few detectors to be suppressed, including the custom ones, for example:
// @misti:suppress NeverAccessedVariables,MyCustomDetector,ReadOnlyVariables
Alternatively, you could run misti
while entirely suppressing specific detectors:
misti --suppress ReadOnlyVariables path/to/tact.config.json
Filtering by Severity​
You could filter out low-severity warnings to provide a quick analysis of only the critical warnings:
misti --min-severity medium path/to/tact.config.json
It is recommended to set the minimum severity level to at least medium
, or you could choose high
.
Enabling All Detectors​
Running misti
with all available built-in detectors enabled:
misti --all-detectors path/to/tact.config.json
It enables more detectors to find subtle bugs and optimization issues. It is recommended to use this only when auditing the project; otherwise, it might be too noisy.
Running in Quiet Mode​
To suppress all output while running misti
getting just a return code:
misti --quiet path/to/tact.config.json
This might be useful in scripts and CI/CD.
Troubleshooting​
If you encounter any issues during the installation process, feel free to create an issue or ask in the Misti Telegram group.