Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit8374019

Browse files
authored
Merge branch 'main' into jsinglet/matrix-testing
2 parents10c3d66 +e5fdac4 commit8374019

File tree

485 files changed

+14808
-1920
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

485 files changed

+14808
-1920
lines changed

‎.github/pull_request_template.md‎

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,12 @@ _**Author:**_ Is a change note required?
3232
-[ ] Yes
3333
-[ ] No
3434

35+
🚨🚨🚨
36+
_**Reviewer:**_ Confirm that format of*shared* queries (not the .qll file, the
37+
.ql file that imports it) is valid by running them within VS Code.
38+
-[ ] Confirmed
39+
40+
3541
_**Reviewer:**_ Confirm that either a change note is not required or the change note is required and has been added.
3642
-[ ] Confirmed
3743

‎.github/touch‎

Lines changed: 0 additions & 1 deletion
This file was deleted.

‎.github/workflows/code-scanning-pack-gen.yml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@ jobs:
8686
codeql query compile --search-path c --search-path cpp --threads 0 c
8787
8888
cd ..
89-
zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports
89+
zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas
9090
9191
-name:Upload GHAS Query Pack
9292
uses:actions/upload-artifact@v2
Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
name:⚙️ Extra Rule Validation
2+
3+
on:
4+
push:
5+
branches:
6+
-main
7+
-"rc/**"
8+
-next
9+
pull_request:
10+
branches:
11+
-main
12+
-"rc/**"
13+
-next
14+
15+
16+
jobs:
17+
validate-rules-csv:
18+
name:Validate Rules CSV
19+
runs-on:ubuntu-22.04
20+
steps:
21+
-name:Checkout
22+
uses:actions/checkout@v2
23+
24+
-name:Check Rules
25+
shell:pwsh
26+
run:scripts/util/Get-DuplicateRules.ps1 -Language 'all' -CIMode
27+
28+
29+
validate-shared-rules-test-structure:
30+
name:Validate Rules Test Structure
31+
runs-on:ubuntu-22.04
32+
steps:
33+
-name:Checkout
34+
uses:actions/checkout@v2
35+
36+
-name:Ensure CPP Shared Rules Have Valid Structure
37+
shell:pwsh
38+
run:scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language cpp -CIMode
39+
40+
-name:Ensure C Shared Rules Have Valid Structure
41+
shell:pwsh
42+
run:scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language c -CIMode
43+
44+
45+
-uses:actions/upload-artifact@v3
46+
if:failure()
47+
with:
48+
name:missing-test-report.csv
49+
path:MissingTestReport*.csv
50+
51+
-uses:actions/upload-artifact@v3
52+
if:failure()
53+
with:
54+
name:test-report.csv
55+
path:TestReport*.csv
56+
if-no-files-found:error
57+
58+
Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
name:🧰 Tooling unit tests
2+
3+
on:
4+
push:
5+
branches:
6+
-main
7+
-"rc/**"
8+
-next
9+
pull_request:
10+
branches:
11+
-main
12+
-"rc/**"
13+
-next
14+
15+
jobs:
16+
prepare-supported-codeql-env-matrix:
17+
name:Prepare supported CodeQL environment matrix
18+
runs-on:ubuntu-latest
19+
outputs:
20+
matrix:${{ steps.export-supported-codeql-env-matrix.outputs.matrix }}
21+
steps:
22+
-name:Checkout repository
23+
uses:actions/checkout@v2
24+
25+
-name:Export supported CodeQL environment matrix
26+
id:export-supported-codeql-env-matrix
27+
run:|
28+
echo "::set-output name=matrix::$(
29+
jq --compact-output '.supported_environment | {include: .}' supported_codeql_configs.json
30+
)"
31+
32+
analysis-report-tests:
33+
name:Run analysis report tests
34+
needs:prepare-supported-codeql-env-matrix
35+
runs-on:ubuntu-latest
36+
strategy:
37+
fail-fast:false
38+
matrix:${{ fromJSON(needs.prepare-supported-codeql-env-matrix.outputs.matrix) }}
39+
steps:
40+
-name:Checkout
41+
uses:actions/checkout@v2
42+
43+
-name:Install Python
44+
uses:actions/setup-python@v4
45+
with:
46+
python-version:"3.9"
47+
48+
-name:Install Python dependencies
49+
run:pip install -r scripts/reports/requirements.txt
50+
51+
-name:Cache CodeQL
52+
id:cache-codeql
53+
uses:actions/cache@v2.1.3
54+
with:
55+
path:${{ github.workspace }}/codeql_home
56+
key:codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }}
57+
58+
-name:Install CodeQL
59+
if:steps.cache-codeql.outputs.cache-hit != 'true'
60+
uses:./.github/actions/install-codeql
61+
with:
62+
codeql-cli-version:${{ matrix.codeql_cli }}
63+
codeql-stdlib-version:${{ matrix.codeql_standard_library }}
64+
codeql-home:${{ github.workspace }}/codeql_home
65+
add-to-path:false
66+
67+
-name:Run PyTest
68+
env:
69+
CODEQL_HOME:${{ github.workspace }}/codeql_home
70+
run:|
71+
PATH=$PATH:$CODEQL_HOME/codeql
72+
pytest scripts/reports/analysis_report_test.py
73+
74+
recategorization-tests:
75+
name:Run Guideline Recategorization tests
76+
runs-on:ubuntu-latest
77+
steps:
78+
-name:Checkout
79+
uses:actions/checkout@v2
80+
81+
-name:Install Python
82+
uses:actions/setup-python@v4
83+
with:
84+
python-version:"3.9"
85+
86+
-name:Install Python dependencies
87+
run:pip install -r scripts/guideline_recategorization/requirements.txt
88+
89+
-name:Run PyTest
90+
run:|
91+
pytest scripts/guideline_recategorization/recategorize_test.py

‎.github/workflows/validate-coding-standards.yml‎

Lines changed: 18 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,15 @@ jobs:
2828
with:
2929
python-version:"3.9"
3030

31+
-name:Install CodeQL
32+
run:|
33+
VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)"
34+
gh extensions install github/gh-codeql
35+
gh codeql set-version "$VERSION"
36+
gh codeql install-stub
37+
env:
38+
GITHUB_TOKEN:${{ github.token }}
39+
3140
-name:Install generate_package_files.py dependencies
3241
run:pip install -r scripts/requirements.txt
3342

@@ -49,14 +58,14 @@ jobs:
4958
5059
-name:Validate Package Files (CPP)
5160
run:|
52-
find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs--max-procs "$XARGS_MAX_PROCS" --max-args 1python scripts/generate_rules/generate_package_files.py cpp
61+
find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py cpp
5362
git diff
5463
git diff --compact-summary
5564
git diff --quiet
5665
5766
-name:Validate Package Files (C)
5867
run:|
59-
find rule_packages/c -name \*.json -exec basename {} .json \; | xargs--max-procs "$XARGS_MAX_PROCS" --max-args 1python scripts/generate_rules/generate_package_files.py c
68+
find rule_packages/c -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py c
6069
git diff
6170
git diff --compact-summary
6271
git diff --quiet
@@ -68,25 +77,26 @@ jobs:
6877
-name:Checkout
6978
uses:actions/checkout@v2
7079

71-
-name:Fetch CodeQL
80+
-name:Install CodeQL
7281
run:|
73-
TAG="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)"
74-
gh release download $TAG --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip
75-
unzip -q codeql-linux64.zip
82+
VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)"
83+
gh extensions install github/gh-codeql
84+
gh codeql set-version "$VERSION"
85+
gh codeql install-stub
7686
env:
7787
GITHUB_TOKEN:${{ github.token }}
7888

7989
-name:Validate CodeQL Format (CPP)
8090
run:|
81-
find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql/codeql query format --in-place
91+
find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place
8292
8393
git diff
8494
git diff --compact-summary
8595
git diff --quiet
8696
8797
-name:Validate CodeQL Format (C)
8898
run:|
89-
find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql/codeql query format --in-place
99+
find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place
90100
91101
git diff
92102
git diff --compact-summary

‎.vscode/tasks.json‎

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -185,6 +185,7 @@
185185
"type":"pickString",
186186
"options": [
187187
"Allocations",
188+
"Banned",
188189
"BannedFunctions",
189190
"BannedLibraries",
190191
"BannedSyntax",
@@ -205,6 +206,10 @@
205206
"Declarations",
206207
"Declarations1",
207208
"Declarations2",
209+
"Declarations3",
210+
"Declarations4",
211+
"Declarations5",
212+
"Declarations6",
208213
"Exceptions1",
209214
"Exceptions2",
210215
"Expressions",
@@ -221,6 +226,7 @@
221226
"Iterators",
222227
"Lambdas",
223228
"Language1",
229+
"Language2",
224230
"Literals",
225231
"Loops",
226232
"Macros",
@@ -252,6 +258,7 @@
252258
"Preprocessor3",
253259
"Preprocessor4",
254260
"Preprocessor5",
261+
"Preprocessor6",
255262
"IntegerConversion",
256263
"Expressions",
257264
"DeadCode",

‎c/cert/src/qlpack.yml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
name:cert-c-coding-standards
2-
version:2.11.0-dev
2+
version:2.13.0-dev
33
suites:codeql-suites
44
libraryPathDependencies:common-c-coding-standards

‎c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql‎

Lines changed: 2 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -15,29 +15,12 @@
1515

1616
import cpp
1717
import codingstandards.c.cert
18-
19-
/**
20-
* A member with the type array that is last in a struct
21-
* includes any sized array (either specified or not)
22-
*/
23-
classFlexibleArrayMemberextendsMemberVariable{
24-
Structs;
25-
26-
FlexibleArrayMember(){
27-
this.getType()instanceofArrayTypeand
28-
this.getDeclaringType()=sand
29-
notexists(inti,intj|
30-
s.getAMember(i)=thisand
31-
exists(s.getAMember(j))and
32-
j>i
33-
)
34-
}
35-
}
18+
import codingstandards.c.Variable
3619

3720
fromVariableDeclarationEntrym,ArrayTypea
3821
where
3922
notisExcluded(m, Declarations2Package::declaringAFlexibleArrayMemberQuery())and
4023
m.getType()=aand
41-
m.getVariable()instanceofFlexibleArrayMemberand
24+
m.getVariable()instanceofFlexibleArrayMemberCandidateand
4225
a.getArraySize()=1
4326
selectm,"Incorrect syntax used for declaring this flexible array member."

‎c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql‎

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -23,14 +23,6 @@ class ErrnoSettingFunctionCall extends FunctionCall {
2323
ErrnoSettingFunctionCall(){this.getTarget()instanceofInBandErrnoSettingFunction}
2424
}
2525

26-
classErrnoCheckextendsExpr{
27-
ErrnoCheck(){
28-
this=any(MacroInvocationma|ma.getMacroName()="errno").getAnExpandedElement()
29-
or
30-
this.(FunctionCall).getTarget().hasName(["perror","strerror"])
31-
}
32-
}
33-
3426
/**
3527
* A successor of an ErrnoSettingFunctionCall appearing
3628
* before a check of errno
@@ -42,7 +34,7 @@ ControlFlowNode errnoNotCheckedAfter(ErrnoSettingFunctionCall errnoSet) {
4234
result=mid.getASuccessor()and
4335
mid=errnoNotCheckedAfter(errnoSet)and
4436
// stop recursion on an error check
45-
notresultinstanceofErrnoCheck
37+
notresultinstanceofErrnoRead
4638
)
4739
}
4840

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp