codeql-coding-standards
codeql-coding-standards copied to clipboard
github
This repository contains CodeQL queries and libraries which support various Coding Standards.
The `update-release-status.yml` workflow is responsible to monitor the overall states of a release and dispatch the `update-status.yml` if all the check-runs successfully concluded. The initial goal was to respond to...
The workflow `update-check-run.yml` is a workaround to enable authorized workflows in a different repository to update a check run using the Check Run API, because PATs are not allowed to...
Our current release (2.24.0 as of the time of writing) does not have the artifact versions embedded into them as was previously the case. This issue is an enhancement issue...
## Description This fixes a minor typo in `A7-2-1` (spurious "_+" in some cases). ## Change request type - [ ] Release or process automation (GitHub workflows, internal scripts) -...
### Affected rules - `A8-5-2` ### Description The rule `A8-5-2` (use braced initialization) conflicts with rule `A8-5-3` (A variable of type auto shall not be initialized using {} or ={}...
## Description This PR adds the Azure Function function that responds to check-run events on refs that have the `release-status` check-run. If a check-run completes, the `update-release-status` workflow is dispatched...
### Affected rules - `A5-2-6` ### Description ~~It's not well defined by the standard, but I think it's reasonable to exclude `->` and `.` when considering whether an operand of...
### Affected rules - `MEM53-CPP` ### Description In https://github.com/github/codeql/pull/14637 we added taint-flow through the indirection of the pointer passed to `realloc` to the indirection of the result. That is, flow...
### Affected rules - `A8-4-9` ### Description We have user reports of this query reporting read and written parameters as "not used". We do not have a reproduction case, but...
### Affected rules - `A13-3-1` ### Description `getAnOverload()` produces incorrect results when files are extracted multiple times in different contexts. To avoid producing false positives, we should exclude cases where...