Slitherin

Minor Updates and Optimization
Updates
1. Added steps on how to install Slitherin via pipx. Issue 177 and fix 172. **Thx vile**.
2. `pess-vyper-version-reentrancy` detector. New name for the `pess-curve-vyper-reentrancy` detector.
Optimizations
1. `pess-unprotected-initialize` detector. Now has more advanced search of modifiers protecting the function. **Thx Yhtiyar**.
2. `pess-dubious-typecast` detector. Whitelisted libs **SafeCastUpgradeable** and **SignedMathUpgradeable**. **Thx Yhtiyar**.

Major Updates
Reworks and additions
1. Added a new flag `--obsolete` to the Slitherin CLI. Allows to launch detectors that are currently considered irrelevant and removed from general Slitherin detectors set. **Thx Yhtiyar**
2. `pess-call-forward-to-protected` detector. Removed. Now is in the obsolete detectors set. **Thx Yhtiyar**
3. `pess-readonly-reentrancy` detector. Removed. Now is in the obsolete detectors set. **Thx Yhtiyar**

Minor Updates and Optimization
Minor Fixes
1. Fixed PYPI-package publish action.
2. `pess-event-setter` detector. Optimization. Enhanced by ignoring libraries when searching. **Thx Yhtiyar**
3. `pess-magic-number` detector. Optimization. Enhance with a whitelist of **SafeCast** and **Math** libraries. **Thx Yhtiyar**
4. `pess-dubious-typecast` detector. Optimization. Enhanced with a whitelist of **SafeCast** and **SignedMath** libraries. **Thx Yhtiyar**
5. `pess-strange-setter` detector. Optimization. Enhanced with filtering libraries and do not detect parameters used in internal calls. **Thx Yhtiyar** and **Thx VuKhuongDuy for the 158**
6. [Benchmark](https://github.com/pessimistic-io/slitherin-benchmark/tree/main) updates. Details of detections are added to the results tables. **Thx nikolay19**.

Major Updates
Reworks and additions
1. `pess-arb-chainlink-price-feed`. New detector. [Details](https://github.com/pessimistic-io/slitherin/blob/2d386c8805a84dc7f5ecd85e5decf3d734152e1e/docs/arb_chainlink_price_feed.md). **Thx Yhtiyar**.
2. `pess-balancer-readonly-reentrancy`. New detector. [Details](https://github.com/pessimistic-io/slitherin/blob/2d386c8805a84dc7f5ecd85e5decf3d734152e1e/docs/balancer/readonly_reentrancy.md). **Thx Yhtiyar**.
3. `pess-curve-readonly-reentrancy`. New detector. [Details](https://github.com/pessimistic-io/slitherin/blob/2d386c8805a84dc7f5ecd85e5decf3d734152e1e/docs/curve_readonly_reentrancy.md). **Thx Yhtiyar**
4. `pess-curve-vyper-reentrancy`. New detector. [Details](https://github.com/pessimistic-io/slitherin/blob/2d386c8805a84dc7f5ecd85e5decf3d734152e1e/docs/curve_vyper_reentrancy.md). **Thx olegggatttor**.
5. `pess-price-manipulation`. New detector. [Details](https://github.com/pessimistic-io/slitherin/blob/2d386c8805a84dc7f5ecd85e5decf3d734152e1e/docs/price_manipulation.md). **Thx olegggatttor**.

Crucial Fixes
1. `pess-strange-setter` detector. Bug fix. Thx **olegggatttor**.
2. `pess-potential-arithmetic-overflow` detector. Bug fix. Thx **shortdoom**.


Minor Updates and Optimization
Minor Fixes
1. `pess-nft-approve-warning` detector. Optimization. Thx **olegggatttor**.
2. ConsenSys Napalm Integration. Slitherin now can be installed via [Napalm](https://github.com/ConsenSysDiligence/napalm). **Thx JoranHonig**.
3. [Benchmark](https://github.com/pessimistic-io/slitherin-benchmark/tree/main) fixes. **Thx nikolay19**.

Major Updates
Crucial Fixes
1. `pess-arb-solidity-version`: Removed detector. `PUSH0` opcode is now [supported](https://docs.arbitrum.io/for-devs/concepts/differences-between-arbitrum-ethereum/solidity-support) in ArbitrumOS. Thx **Yhtiyar**, **0xalpharush** and **0xEVom**.

Minor Updates and Optimization
Minor Fixes
1. Removed a redundant directory.

Major Updates
Reworks and additions
1. Slitherin Arbitrum: New Slitherin custom plugin (`--arbitrum`) which includes 3 Arbitrum-specific security detectors. Thx **Yhtiyar** and **olegggatttor**.
2. `pess-arb-solidity-version` detector: New Arbitrum-specific detector which spots usage of `block.number` and `block.timestamp`.
3. `pess-arb-prevrandao-difficulty` detector: New Arbitrum-specific detector which spots usage of prevRandao/difficulty.
4. `pess-arb-solidity-version` detector: New Arbitrum-specific detector which spots usage of solidity version `>= 0.8.20`.
5. `pess-potential-arithmetic-overflow` detector: New detector. The detector sees if there are assignments/returns that calculate some arithmetic expressions and if some intermediate calculations contain a type that is lower than the expected result. Thx **olegggatttor**.
6. `pess-aave-flashloan-callback` detector: Improvement. Now detector also spots the callback cases of Uniswap V3. Thx **Yhtiyar**.
7. Slitherin-benchmark. We created a benchmark with database of contracts on which we run our detectors and measure the FP rates. **Thx nikolay19**

Crucial Fixes
1. `pess-ecrecover` detector: Bug fix. Handles solidity types properly. Thx **olegggatttor**.
2. Slitherin CLI: Improvement. Now handles errors properly. Thx **Yhtiyar**.


Minor Updates and Optimization
Minor Fixes
1. `pess-strange-setter` detector. Optimization. Less FP. Thx **olegggatttor**.
2. `pess-unprotected-initialize` detector. Optimization. Less FP. Thx **olegggatttor**.
3. `pess-call-forward-to-protected` detector. Optimization. Less FP. Skips standard libraries (OZ/Uniswap/Balancer). Thx **olegggatttor**.
4. `pess-public-vs-external` detector. Optimization. Less FP. Skips `constructor` functions. Thx **olegggatttor**.

Major Updates
Reworks and additions
1. Slitherin CLI: Now, Slitherin and Slither detectors can be run separately. More information on CLI usage can be found [here](https://github.com/pessimistic-io/slitherin#slitherin-cli-recommended). Thx **Yhtiyar**
2. `pess-arbitrary-call` detector: Got divided into several detectors. Each detector has its own confidence and severity level. Descriptions of detectors can be found [here](https://github.com/pessimistic-io/slitherin/blob/master/docs/arbitrary_call.md). Thx **Yhtiyar**
3. `pess-aave-callback` detector: New detector. Checks if the callback executeOperation has initiator and msg.sender validation. Thx **Yhtiyar**

Crucial Fixes
1. `pess-only-eoa-check` detector: Had an IndexError in one of the cases, which has been fixed. Thx YanhuiJessica
2. `pess-arbitrary-call` detector: Had a bug in which the variable was read before declaration. This has now been fixed.


Minor Updates and Optimization
Minor Fixes
1. General. We changed the repo structure. Some files had paths to redundant files. Fixed. Thx Yhtiyar and YanhuiJessica