Skip to content

Commit 2809d5c

Browse files
authored
Update the user manual to reflect 2.10.0
Update the user manual for 2.10.0.
1 parent fad17c3 commit 2809d5c

File tree

1 file changed

+31
-12
lines changed

1 file changed

+31
-12
lines changed

docs/user_manual.md

+31-12
Original file line numberDiff line numberDiff line change
@@ -17,16 +17,17 @@
1717
| 0.9.0 | 2022-02-17 | Remco Vermeulen | Finalize scope deviation records |
1818
| 0.10.0 | 2022-02-28 | Remco Vermeulen | Describe database correctness in the Hazard and Risk Analysis (HARA). |
1919
| 0.11.0 | 2022-02-28 | Remco Vermeulen | Updated version to 1.1.0 |
20+
| 0.11.0 | 2022-10-21 | Luke Cartey | Updated version to 2.10.0 |
2021

2122
## Release information
2223

23-
This user manual documents release `1.1.0 ` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v1.1.0 .
24+
This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 .
2425
The release page documents the release notes and contains the following artifacts part of the release:
2526

26-
- `code-scanning-cpp-query-pack-anon-1.1.0 .zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_.
27-
- `lgtm-cpp-query-pack-anon-v1.1.0.zip`: coding standard queries to be used with GitHub LGTM Enterprise as documented in the section _Operating manual_.
28-
- `supported_rules_list_1.1.0 .csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule.
29-
- `supported_rules_list_1.1.0 .md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule.
27+
- `code-scanning-cpp-query-pack-anon-2.10.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_.
28+
- `lgtm-cpp-query-pack-anon-v2.10.0.zip`: coding standard queries to be used with GitHub LGTM Enterprise as documented in the section _Operating manual_.
29+
- `supported_rules_list_2.10.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule.
30+
- `supported_rules_list_2.10.0 .md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule.
3031
- `user_manual.md`: This user manual.
3132
- `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards
3233
- `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards
@@ -43,10 +44,13 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t
4344

4445
The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying contraventions of rules in the following coding standards:
4546

46-
| Standard | Version | Total rules | Total supportable rules | Status |
47-
| -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------- |
48-
| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented |
49-
| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented |
47+
| Standard | Version | Total rules | Total supportable rules | Status |
48+
| ---------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------- |
49+
| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented |
50+
| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented |
51+
| [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development |
52+
| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development |
53+
5054

5155
Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways:
5256

@@ -74,7 +78,13 @@ From a functional safety perspective, the use of these two components is only va
7478

7579
### Codebase requirements
7680

77-
The codebase under analysis must:
81+
In all scenarios, the codebase must comply with the language, platform and compiler requirements listed on the [CodeQL: Supported languages and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks) in order to be successfully analyzed.
82+
83+
In addition, the machine which performs the analysis must be able to complete a clean build of the codebase.
84+
85+
#### C++
86+
87+
For C++ the codebase under analysis must:
7888
* Comply with C++14
7989
* Use one of the following supported compilers:
8090
- Clang version 10
@@ -85,9 +95,18 @@ Use of the queries outside these scenarios is possible, but not validated for fu
8595
- When language features are used which have a differing interpretation from C++14.
8696
- Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL (e.g. gcc) is not tested or validated for functional safety.
8797

88-
In all scenarios, the codebase must comply with the language, platform and compiler requirements listed on the [CodeQL: Supported languages and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks) in order to be successfully analyzed.
98+
#### C
8999

90-
In addition, the machine which performs the analysis must be able to complete a clean build of the codebase.
100+
For C the codebase under analysis must:
101+
* Comply with C99 or C11.
102+
* Use one of the following supported compilers:
103+
- Clang version 10
104+
105+
Use of the queries outside these scenarios is possible, but not validated for functional safety. In particular:
106+
- Use of the queries against codebases written with more recent versions of C (as supported by CodeQL) are not validated in the following circumstances:
107+
- When new language features are used
108+
- When language features are used which have a differing interpretation from C11.
109+
- Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL (e.g. gcc) is not tested or validated for functional safety.
91110

92111
### Analysis report requirements
93112

0 commit comments

Comments
 (0)