Skip to content

Commit ae69327

Browse files
committed
Release v2.0.0
1 parent c0b2e7d commit ae69327

File tree

676 files changed

+56275
-8502
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

676 files changed

+56275
-8502
lines changed

.codeqlmanifest.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{ "provide": [ "codeql_modules/*/.codeqlmanifest.json", "cpp/.codeqlmanifest.json"] }
1+
{ "provide": [ "codeql_modules/*/.codeqlmanifest.json", "cpp/.codeqlmanifest.json", "c/.codeqlmanifest.json"] }

.github/actions/install-codeql/action.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ runs:
9090
9191
if [ "$CODEQL_STDLIB_VERSION" != "latest" ]
9292
then
93-
pushd codeql-stdlib
93+
push codeql-stdlib
9494
echo "::debug::Switching to revision $CODEQL_STDLIB_VERSION"
9595
git checkout $CODEQL_STDLIB_VERSION
9696
popd

.github/workflows/code-scanning-pack-gen.yml

+76-16
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ on:
55
branches:
66
- main
77
- "rc/**"
8+
89
push:
910
branches:
1011
- main
@@ -69,14 +70,17 @@ jobs:
6970
run: |
7071
PATH=$PATH:$CODEQL_HOME/codeql
7172
pip install -r scripts/requirements.txt
72-
find rule_packages/ -name '*.json' -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python3 scripts/generate_rules/generate_package_files.py -a
73+
find rule_packages/cpp -name '*.json' -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python3 scripts/generate_rules/generate_package_files.py -a cpp
74+
find rule_packages/c -name '*.json' -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python3 scripts/generate_rules/generate_package_files.py -a c
7375
7476
echo "Generating help markdown file for cert"
7577
$CODEQL_LATEST_HOME/codeql/codeql generate query-help -vvv --format=markdown -o cpp/cert/src/ cpp/cert/src/rules
78+
$CODEQL_LATEST_HOME/codeql/codeql generate query-help -vvv --format=markdown -o c/cert/src/ c/cert/src/rules
7679
7780
codeql query compile --search-path cpp --threads 0 cpp
81+
codeql query compile --search-path c --search-path cpp --threads 0 c
7882
cd ..
79-
zip -r codeql-coding-standards/code-scanning-cpp-query-pack-anon.zip codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports
83+
zip -r codeql-coding-standards/code-scanning-cpp-query-pack-anon.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports
8084
8185
- name: Upload GHAS Query Pack
8286
uses: actions/upload-artifact@v2
@@ -91,10 +95,10 @@ jobs:
9195
PATH=$PATH:$CODEQL_HOME/codeql
9296
mkdir -p lgtm-cpp-query-pack
9397
function copy_queries_for_pack {
94-
for q in $(codeql resolve queries cpp/$1/src/codeql-suites/$1-default.qls)
98+
for q in $(codeql resolve queries $2/$1/src/codeql-suites/$1-default.qls)
9599
do
96100
copy_from_root_name="${q%.*}"
97-
copy_to_root_name=$(realpath --relative-to "./cpp/$1/src/" "$copy_from_root_name")
101+
copy_to_root_name=$(realpath --relative-to "./$2/$1/src/" "$copy_from_root_name")
98102
query_dir=$(dirname "lgtm-cpp-query-pack/$copy_to_root_name")
99103
mkdir -p "$query_dir"
100104
# Copy each selected ql file, plus the related files (qhelp, qhelp implementation)
@@ -103,10 +107,18 @@ jobs:
103107
cp "$copy_from_root_name.qhelp" "lgtm-cpp-query-pack/$copy_to_root_name.qhelp"
104108
done
105109
}
106-
echo "Copying autosar-default queries"
107-
copy_queries_for_pack "autosar"
108-
echo "Copying cert-default queries"
109-
copy_queries_for_pack "cert"
110+
111+
echo "Copying autosar-default queries (CPP)"
112+
copy_queries_for_pack "autosar" "cpp"
113+
echo "Copying cert-default queries (CPP)"
114+
copy_queries_for_pack "cert" "cpp"
115+
116+
echo "Copying misra-default queries (C)"
117+
copy_queries_for_pack "misra" "c"
118+
echo "Copying cert-default queries (C)"
119+
copy_queries_for_pack "cert" "c"
120+
121+
110122
# Now copy all the .qll files
111123
lgtm_pack_dir=$(realpath lgtm-cpp-query-pack)
112124
for query_pack in autosar cert common
@@ -122,6 +134,22 @@ jobs:
122134
done
123135
popd
124136
done
137+
138+
139+
for query_pack in misra cert common
140+
do
141+
echo "Copying $query_pack qll files"
142+
pushd c/$query_pack/src
143+
for query_library in $(find . -name \*.qll)
144+
do
145+
qll_dir=$(dirname "$lgtm_pack_dir/$query_library")
146+
echo "Making $qll_dir"
147+
mkdir -p "$qll_dir"
148+
cp "$query_library" "$lgtm_pack_dir/$query_library"
149+
done
150+
popd
151+
done
152+
125153
cd lgtm-cpp-query-pack
126154
zip -9 -r ../lgtm-cpp-query-pack-anon.zip *
127155
@@ -174,9 +202,19 @@ jobs:
174202
echo "Generating help markdown file for $s"
175203
$CODEQL_LATEST_HOME/codeql/codeql generate query-help -vvv --format=markdown -o cpp/$s/src/ cpp/$s/src/rules
176204
done
205+
206+
for s in "misra" "cert"
207+
do
208+
echo "Generating help markdown file for $s"
209+
$CODEQL_LATEST_HOME/codeql/codeql generate query-help -vvv --format=markdown -o c/$s/src/ c/$s/src/rules
210+
done
211+
212+
177213
codeql query compile --search-path cpp --threads 0 cpp
214+
codeql query compile --search-path c --search-path cpp --threads 0 c
215+
178216
cd ..
179-
zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports
217+
zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports
180218
181219
- name: Upload GHAS Query Pack
182220
uses: actions/upload-artifact@v2
@@ -191,18 +229,25 @@ jobs:
191229
PATH=$PATH:$CODEQL_HOME/codeql
192230
mkdir -p lgtm-cpp-query-pack
193231
function copy_queries_for_pack {
194-
for rule_dir in $(codeql resolve queries cpp/$1/src/codeql-suites/$1-default.qls | xargs -L1 dirname | uniq)
232+
for rule_dir in $(codeql resolve queries $2/$1/src/codeql-suites/$1-default.qls | xargs -L1 dirname | uniq)
195233
do
196-
copy_to_root="lgtm-cpp-query-pack/$(realpath --relative-to "./cpp/$1/src/" "$rule_dir")"
234+
copy_to_root="lgtm-cpp-query-pack/$(realpath --relative-to "./$2/$1/src/" "$rule_dir")"
197235
mkdir -p "$copy_to_root"
198236
# Copy each selected ql file, plus the related files (qhelp, qhelp implementation)
199-
find "$rule_dir" -name '*.ql' -o -name '*.qhelp' -o -name '*.cpp' -o -name '*.png' -exec cp -n {} "$copy_to_root" \;
237+
find "$rule_dir" -name '*.ql' -o -name '*.qhelp' -o -name '*.c' -name '*.cpp' -o -name '*.png' -exec cp -n {} "$copy_to_root" \;
200238
done
201239
}
202-
echo "Copying autosar-default queries"
203-
copy_queries_for_pack "autosar"
204-
echo "Copying cert-default queries"
205-
copy_queries_for_pack "cert"
240+
echo "Copying autosar-default queries (CPP)"
241+
copy_queries_for_pack "autosar" "cpp"
242+
echo "Copying cert-default queries (CPP)"
243+
copy_queries_for_pack "cert" "cpp"
244+
245+
echo "Copying misra-default queries (C)"
246+
copy_queries_for_pack "misra" "c"
247+
echo "Copying cert-default queries (C)"
248+
copy_queries_for_pack "cert" "c"
249+
250+
206251
# Now copy all the .qll files
207252
lgtm_pack_dir=$(realpath lgtm-cpp-query-pack)
208253
for query_pack in autosar cert common
@@ -218,6 +263,21 @@ jobs:
218263
done
219264
popd
220265
done
266+
267+
for query_pack in misra cert common
268+
do
269+
echo "Copying $query_pack qll files"
270+
pushd c/$query_pack/src
271+
for query_library in $(find . -name \*.qll)
272+
do
273+
qll_dir=$(dirname "$lgtm_pack_dir/$query_library")
274+
echo "Making $qll_dir"
275+
mkdir -p "$qll_dir"
276+
cp "$query_library" "$lgtm_pack_dir/$query_library"
277+
done
278+
popd
279+
done
280+
221281
cd lgtm-cpp-query-pack
222282
zip -9 -r ../lgtm-cpp-query-pack.zip *
223283

.github/workflows/codeql_unit_tests.yml

+10-10
Original file line numberDiff line numberDiff line change
@@ -23,11 +23,11 @@ jobs:
2323
- name: Export unit test matrix
2424
id: export-unit-test-matrix
2525
run: |
26+
echo "Merging Result:"
27+
python scripts/create_language_matrix.py
2628
echo "::set-output name=matrix::$(
27-
jq --compact-output \
28-
'.supported_environment | map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}' \
29-
supported_codeql_configs.json
30-
)"
29+
python scripts/create_language_matrix.py | \
30+
jq --compact-output 'map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')"
3131
3232
run-test-suites:
3333
name: Run unit tests
@@ -37,7 +37,7 @@ jobs:
3737
strategy:
3838
fail-fast: false
3939
matrix: ${{ fromJSON(needs.prepare-unit-test-matrix.outputs.matrix) }}
40-
40+
4141
steps:
4242
- name: Checkout repository
4343
uses: actions/checkout@v2
@@ -99,8 +99,8 @@ jobs:
9999
codeql_home = os.environ['CODEQL_HOME']
100100
codeql_bin = os.path.join(codeql_home, 'codeql', 'codeql')
101101
102-
cpp_root = Path(workspace, 'cpp')
103-
test_roots = list(map(str, cpp_root.glob('*/test')))
102+
language_root = Path(workspace, '${{ matrix.language }}')
103+
test_roots = list(map(str, language_root.glob('*/test')))
104104
for test_root in test_roots:
105105
print(f"Executing tests found (recursively) in the directory '{test_root}'")
106106
files_to_close = []
@@ -109,11 +109,11 @@ jobs:
109109
num_slices = 8
110110
procs = []
111111
for slice in range(1, num_slices+1):
112-
test_report_path = os.path.join(runner_temp, f"test_report_{runner_os}_{cli_version}_{stdlib_ref_ident}_slice_{slice}_of_{num_slices}.json")
112+
test_report_path = os.path.join(runner_temp, "${{ matrix.language }}", f"test_report_{runner_os}_{cli_version}_{stdlib_ref_ident}_slice_{slice}_of_{num_slices}.json")
113113
os.makedirs(os.path.dirname(test_report_path), exist_ok=True)
114114
test_report_file = open(test_report_path, 'w')
115115
files_to_close.append(test_report_file)
116-
procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={cpp_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE))
116+
procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE))
117117
for p in procs:
118118
p.wait()
119119
if p.returncode != 0:
@@ -135,7 +135,7 @@ jobs:
135135
with:
136136
name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }}
137137
path: |
138-
${{ runner.temp }}/test_report_${{ runner.os }}_${{ matrix.codeql_cli }}_${{ matrix.codeql_standard_library_ident }}_slice_*.json
138+
${{ runner.temp }}/${{ matrix.language }}/test_report_${{ runner.os }}_${{ matrix.codeql_cli }}_${{ matrix.codeql_standard_library_ident }}_slice_*.json
139139
if-no-files-found: error
140140

141141
validate-test-results:

.github/workflows/create-compiler-validation-report-x86.yml

-53
This file was deleted.

.github/workflows/create-draft-release.yml

+2-8
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,8 @@ on:
55
inputs:
66
release_version_tag:
77
description: |
8-
The tag for the new draft release, e.g. v0.5.1 (exact string, including the v).
8+
The tag for the new draft release, e.g. v0.5.1.
99
required: true
10-
11-
previous_release_version_tag:
12-
description: |
13-
The tag preceding this release, e.g. v0.5.0 (exact string, including the v).
14-
required: true
15-
1610
codeql_analysis_threads:
1711
description: |
1812
Number of threads to evaluate queries
@@ -52,6 +46,6 @@ jobs:
5246

5347
- name: Create draft release
5448
run: |
55-
scripts/release/create_draft_release.sh ${GITHUB_REF#refs/heads/} "$RELEASE_VERSION_TAG" "$PREVIOUS_RELEASE_VERSION_TAG"
49+
scripts/release/create_draft_release.sh ${GITHUB_REF#refs/heads/} "$RELEASE_VERSION_TAG"
5650
env:
5751
GITHUB_TOKEN: ${{ github.token }}

.github/workflows/upgrade_codeql_dependencies.yml

+3-1
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,9 @@ jobs:
4242
unzip -q codeql-linux64.zip
4343
4444
- name: Update CodeQL formatting based on new CLI version
45-
run: find cpp -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 codeql/codeql query format --in-place
45+
run: |
46+
find cpp -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 codeql/codeql query format --in-place
47+
find c -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 codeql/codeql query format --in-place
4648
4749
- name: Create Pull Request
4850
uses: peter-evans/create-pull-request@v3

0 commit comments

Comments
 (0)