You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
JSON/TOML contract test suite with fixtures, mocks, and assertions
--source <FILE>
Contract source used for generated tests or coverage
--coverage
Include source coverage summary
--coverage-out <FILE>
Write a dedicated coverage report
--coverage-format html|json|markdown|text
Format for --coverage-out
--coverage-goal <PCT>
Minimum overall coverage percentage
--function-coverage-goal <PCT>
Minimum function coverage percentage
--line-coverage-goal <PCT>
Minimum line coverage percentage
--branch-coverage-goal <PCT>
Minimum branch coverage percentage
--coverage-ci
Fail when configured coverage goals are missed
--coverage-ci-workflow-out <FILE>
Generate a GitHub Actions coverage workflow
--report html|json|junit
Write a test report (junit is available for fixture suites)
--testnet
Validate Soroban testnet integration for the run
--testnet-dry-run
Validate testnet configuration without probing RPC health
starforge test --wasm ./target/contract.wasm \
--fixture ./contract-tests.json --coverage --source ./src/lib.rs --report html
starforge test --wasm ./target/contract.wasm --source ./src/lib.rs \
--coverage --coverage-out coverage.html --coverage-format html \
--coverage-ci --coverage-goal 85 --branch-coverage-goal 70
starforge test --wasm ./target/contract.wasm --source ./src/lib.rs \
--coverage-ci-workflow-out .github/workflows/starforge-coverage.yml
starforge test --wasm ./target/contract.wasm \
--fixture ./contract-tests.toml --testnet --testnet-dry-run
Fixture suites support named storage fixtures, mocked contract calls, and assertions such as state_equals, state_exists, return_equals, event_emitted, fee_at_most, and mock_called.
Coverage analysis tracks Soroban contract functions, line spans, branch paths, uncovered functions, threshold goals, and HTML/JSON/Markdown/text reports.
The artifact profiler reports estimated execution time, memory usage, bottlenecks,
baseline regression detection, comparison deltas, and a dashboard summary.
security
Subcommand
Purpose
audit <PATH>
Run built-in Soroban analysis plus optional Slither/Mythril integrations
audit --format json|html --out <FILE>
Generate machine-readable or HTML audit reports
audit --ci --min-score <N>
Fail when the audit score is below the CI threshold
audit --ci-workflow-out <FILE>
Generate a GitHub Actions workflow for security audits
audit --track
Create remediation tracker items for findings
remediation list
Review tracked audit and pentest remediation items
External tools are optional. StarForge runs built-in Soroban heuristics every time and records whether Slither/Mythril were completed, failed, skipped, or unavailable.
upgrade
Subcommand
Purpose
upgrade prepare
Validate upgrade WASM (--contract-id, --wasm)
upgrade auto compat
Compare old/new WASM ABI and storage layout (--old-wasm, --new-wasm)
upgrade auto plan
Generate compatibility-aware upgrade plan and migration template
upgrade propose
Create governance proposal
upgrade list / status
List pending proposals
upgrade approve
Approve proposal
upgrade execute
Execute approved upgrade
upgrade rollback
Roll back contract version
upgrade history
Show upgrade history
governance
Contract upgrade governance with voting, timelock, audit trail, and emergency upgrades.