Skip to content

v2.11.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 17 Nov 18:53
v2.11.0
b1074c6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release summary

  • New queries added for the following rule packages: Contracts2, Contracts4, Banned, Pointers1, Preprocessor2, Syntax
  • The following changes have been made for this release:
    • A5-2-2 - TraditionalCStyleCastsUsed.ql
      • Reduced false positives by excluding casts generated by library macros (i.e. macros defined outside the source location)
      • Improved the message to cite the macro which generated the c-style cast, if any.
      • Improved the message to cite the type being casted to, to aid with identification and remediation.
    • M0-1-4 - SingleUseMemberPODVariable.ql
      • Reduce false positives by excluding any constexpr variable whose constant value is used as an argument to a template.
  • The following rules have been renamed:
    • RULE-4-4 has been renamed to DIR-4-4 to reflect correct naming as per
      MISRA C:2012 standard.
    • RULE-4-8 has been renamed to DIR-4-8 to reflect correct naming as per
      MISRA C:2012 standard.
    • RULE-4-10 has been renamed to DIR-4-10 to reflect correct naming as per
      MISRA C:2012 standard.
    • RULE-4-12 has been renamed to DIR-4-12 to reflect correct naming as per
      MISRA C:2012 standard.

Supported versions

  • The LGTM pack is not supported on any released version of LGTM without support from GitHub Professional Services.
  • The Code Scanning pack is supported when:
    • Using the CodeQL CLI version 2.9.4 in conjunction with a copy of the CodeQL standard library for C++ (github/codeql) set to the tag codeql-cli/v2.9.4.
    • Using the CodeQL Action or CodeQL runner with the codeql-bundle-20220615.

Appendix: MISRA-C-2012 new queries

New queries added to cover the following rules:

  • DIR-4-4 - SectionsOfCodeShallNotBeCommentedOut.ql
  • DIR-4-8 - ObjectWithNoPointerDereferenceShouldBeOpaque.ql
  • DIR-4-10 - PrecautionIncludeGuardsNotProvided.ql
  • DIR-4-12 - StdLibDynamicMemoryAllocationUsed.ql
  • RULE-21-19 - ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql
  • RULE-21-20 - CallToSetlocaleInvalidatesOldPointers.ql, CallToSetlocaleInvalidatesOldPointersWarn.ql

Appendix: CERT-C new queries

New queries added to cover the following rules:

  • ENV32-C - ExitHandlersMustReturnNormally.ql
  • ENV34-C - DoNotStorePointersReturnedByEnvFunctions.ql, DoNotStorePointersReturnedByEnvironmentFunWarn.ql
  • ERR30-C - SetlocaleMightSetErrno.ql, ErrnoReadBeforeReturn.ql, FunctionCallBeforeErrnoCheck.ql, ErrnoNotSetToZero.ql
Assets 7
Loading