From c956b2d834c19bcbac807c784464c244a052d010 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 16:47:42 -0700 Subject: [PATCH 001/183] Add prepare release workflow --- .github/workflows/prepare-release.yml | 61 +++++++++++++++++++++++++++ scripts/release/requirements.txt | 1 + scripts/release/validate-version.py | 20 +++++++++ 3 files changed, 82 insertions(+) create mode 100644 .github/workflows/prepare-release.yml create mode 100644 scripts/release/requirements.txt create mode 100644 scripts/release/validate-version.py diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml new file mode 100644 index 0000000000..bb92fadad0 --- /dev/null +++ b/.github/workflows/prepare-release.yml @@ -0,0 +1,61 @@ +name: "Prepare CodeQL Coding Standards release" + +on: + workflow_dispatch: + inputs: + version: + description: | + The version to release (MUST follow semantic versioning). + required: true + ref: + description: | + The git commit, branch, or tag to release from. + required: true + +env: + RELEASE_VERSION: ${{ github.event.inputs.version }} + +jobs: + prepare-release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + ref: ${{ github.event.inputs.ref }} + + - name: Install Python + uses: actions/setup-python@v2 + with: + python-version: "3.9" + + - name: Install release script dependencies + run: pip install -r scripts/release/requirements.txt + + - name: Validate version + run: | + scripts/release/validate-version.py "$RELEASE_VERSION" + + - name: Create release branch + run: | + git switch -c rc/$RELEASE_VERSION + git push --set-upstream origin rc/$RELEASE_VERSION + + - name: Update user manual version + run: | + find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_$RELEASE_VERSION.csv\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_$RELEASE_VERSION.md\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" + + - name: Create release PR + uses: peter-evans/create-pull-request@v4 + with: + title: "Release $RELEASE_VERSION." + body: "This PR releases codeql-coding-standards version $RELEASE_VERSION." + commit-message: "Release $RELEASE_VERSION." + delete-branch: true + branch: "rc/$RELEASE_VERSION" + + \ No newline at end of file diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt new file mode 100644 index 0000000000..537a1dc317 --- /dev/null +++ b/scripts/release/requirements.txt @@ -0,0 +1 @@ +semantic-version==2.10.0 diff --git a/scripts/release/validate-version.py b/scripts/release/validate-version.py new file mode 100644 index 0000000000..d0bf15fa64 --- /dev/null +++ b/scripts/release/validate-version.py @@ -0,0 +1,20 @@ +import semantic_version # type: ignore +from typing import Literal + +def main(args : list[str]) -> Literal[1, 0]: + if len(args) != 2: + print("Error: incorrect number of arguments", file=sys.stderr) + print(f"Usage: {args[0]} ", file=sys.stderr) + return 1 + + try: + semantic_version.Version.parse(args[1]) # type: ignore + return 0 + except ValueError as e: + print(f"Error: invalid version: {e}", file=sys.stderr) + return 1 + + +if __name__ == '__main__': + import sys + sys.exit(main(sys.argv)) \ No newline at end of file From c0aeff46be9afd54c139e25a86d3575c32a71927 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:05:37 -0700 Subject: [PATCH 002/183] Add push event for testing workflow --- .github/workflows/prepare-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index bb92fadad0..00c2a8f2bd 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,6 +11,9 @@ on: description: | The git commit, branch, or tag to release from. required: true + push: + branches: + - rvermeulen/release-process-improvements env: RELEASE_VERSION: ${{ github.event.inputs.version }} From 12e730fa1de28d53664cb0067f81a27dbf8c8d93 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:12:00 -0700 Subject: [PATCH 003/183] Add comment to remove push trigger --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 00c2a8f2bd..17f5249d76 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,6 +11,7 @@ on: description: | The git commit, branch, or tag to release from. required: true + # The following push event trigger is only used for testing purposes. Should be removed before merging! push: branches: - rvermeulen/release-process-improvements From 6e9ef57690c61a661288dfa530a8a08b8285da1e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:12:19 -0700 Subject: [PATCH 004/183] Remove the checkout ref because our scripts are not in main yet --- .github/workflows/prepare-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 17f5249d76..4e81668484 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -25,8 +25,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v2 - with: - ref: ${{ github.event.inputs.ref }} + #with: + #ref: ${{ github.event.inputs.ref }} - name: Install Python uses: actions/setup-python@v2 From 00e9fac488fc3e2cb976b931b12885073cbff89e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:13:30 -0700 Subject: [PATCH 005/183] Use python interpreter --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 4e81668484..6d098a62ab 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -38,7 +38,7 @@ jobs: - name: Validate version run: | - scripts/release/validate-version.py "$RELEASE_VERSION" + python scripts/release/validate-version.py "$RELEASE_VERSION" - name: Create release branch run: | From a9947780522c4b57a86ed35e7b43d764c7e9e9f9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:19:33 -0700 Subject: [PATCH 006/183] Conditionally execute on workflow dispatch --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 6d098a62ab..991842ddd1 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -21,6 +21,7 @@ env: jobs: prepare-release: + if: github.event_name == "workflow_dispatch" runs-on: ubuntu-latest steps: - name: Checkout From 47a565cf317f35e96040c019a1b901639bf958f7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:19:46 -0700 Subject: [PATCH 007/183] Add workflow name --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 991842ddd1..b12012b006 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -21,6 +21,7 @@ env: jobs: prepare-release: + name: "Prepare release" if: github.event_name == "workflow_dispatch" runs-on: ubuntu-latest steps: From d1060d3a196b857e3f04d978aa22bbf429d8e954 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:23:33 -0700 Subject: [PATCH 008/183] Correct condition --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index b12012b006..537016a4c0 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -22,7 +22,7 @@ env: jobs: prepare-release: name: "Prepare release" - if: github.event_name == "workflow_dispatch" + if: github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - name: Checkout From fff6a78fad2e313a659aea780d6655ea1499e45e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:27:06 -0700 Subject: [PATCH 009/183] Provide version information through expression --- .github/workflows/prepare-release.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 537016a4c0..48b570cd85 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -58,10 +58,10 @@ jobs: - name: Create release PR uses: peter-evans/create-pull-request@v4 with: - title: "Release $RELEASE_VERSION." - body: "This PR releases codeql-coding-standards version $RELEASE_VERSION." - commit-message: "Release $RELEASE_VERSION." + title: "Release ${{ github.event.inputs.version }}." + body: "This PR releases codeql-coding-standards version ${{ github.event.inputs.version }}." + commit-message: "Update user manual for release." delete-branch: true - branch: "rc/$RELEASE_VERSION" + branch: "rc/${{ github.event.inputs.version }}" \ No newline at end of file From 354f34191e812f97e6a5668f8f6a47c3663f7f91 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:31:40 -0700 Subject: [PATCH 010/183] Use feature branch to update user manual --- .github/workflows/prepare-release.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 48b570cd85..c54a2ceec6 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -47,6 +47,11 @@ jobs: git switch -c rc/$RELEASE_VERSION git push --set-upstream origin rc/$RELEASE_VERSION + - name: Create feature branch for PR + run: | + git switch -c feature/update-user-manual-for-$RELEASE_VERSION + git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION + - name: Update user manual version run: | find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" From 3bbd6eb7615e41844fbb4ac5e817d2c6b4e235de Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:34:06 -0700 Subject: [PATCH 011/183] Add version to commit message --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c54a2ceec6..43dbff559a 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -65,7 +65,7 @@ jobs: with: title: "Release ${{ github.event.inputs.version }}." body: "This PR releases codeql-coding-standards version ${{ github.event.inputs.version }}." - commit-message: "Update user manual for release." + commit-message: "Update user manual for release ${{ github.event.inputs.version }}." delete-branch: true branch: "rc/${{ github.event.inputs.version }}" From 8167baebea87ee44611255e4319450f154dd4b9d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 30 Aug 2023 17:29:45 -0700 Subject: [PATCH 012/183] Split coding standard validation into multiple workflows This work simplifies the main workflow and applies optimizations such a matrix strategies to the workflows implementing the various validations. --- .../workflows/validate-coding-standards.yml | 184 ++---------------- .github/workflows/validate-package-files.yml | 64 ++++++ .../workflows/validate-query-formatting.yml | 58 ++++++ .github/workflows/validate-query-help.yml | 42 ++++ .../validate-query-test-case-formatting.yml | 60 ++++++ 5 files changed, 244 insertions(+), 164 deletions(-) create mode 100644 .github/workflows/validate-package-files.yml create mode 100644 .github/workflows/validate-query-formatting.yml create mode 100644 .github/workflows/validate-query-help.yml create mode 100644 .github/workflows/validate-query-test-case-formatting.yml diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index aad7a435b1..bda11df979 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -5,181 +5,37 @@ on: push: branches: - main - - "rc/**" - next pull_request: branches: - main - - "rc/**" - next -env: - XARGS_MAX_PROCS: 4 +permissions: + contents: read + actions: write jobs: validate-package-files: name: Validate Package Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 + uses: ./.github/workflows/validate-package-files.yml + with: + ref: ${{ github.ref }} - - name: Install Python - uses: actions/setup-python@v4 - with: - python-version: "3.9" - - - name: Install CodeQL - run: | - VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" - gh extensions install github/gh-codeql - gh codeql set-version "$VERSION" - gh codeql install-stub - env: - GITHUB_TOKEN: ${{ github.token }} - - - name: Install generate_package_files.py dependencies - run: pip install -r scripts/requirements.txt - - - name: Validate Package Descriptions (CPP) - run: | - python scripts/validate-rule-package.py rule_packages/cpp/*.json - - - name: Validate Package Descriptions (C) - run: | - python scripts/validate-rule-package.py rule_packages/c/*.json - - - name: Validate Package Descriptions consistency (CPP) - run: | - python scripts/verify_rule_package_consistency.py cpp - - - name: Validate Package Descriptions consistency (C) - run: | - python scripts/verify_rule_package_consistency.py c - - - name: Validate Package Files (CPP) - run: | - find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py cpp - git diff - git diff --compact-summary - git diff --quiet - - - name: Validate Package Files (C) - run: | - find rule_packages/c -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py c - git diff - git diff --compact-summary - git diff --quiet - - validate-codeql-format: - name: "Validate CodeQL Format" - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install CodeQL - run: | - VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" - gh extensions install github/gh-codeql - gh codeql set-version "$VERSION" - gh codeql install-stub - env: - GITHUB_TOKEN: ${{ github.token }} - - - name: Validate CodeQL Format (CPP) - run: | - find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - - git diff - git diff --compact-summary - git diff --quiet - - - name: Validate CodeQL Format (C) - run: | - find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - - git diff - git diff --compact-summary - git diff --quiet + validate-codeql-query-formatting: + name: "Validate CodeQL Query Formatting" + uses: ./.github/workflows/validate-query-formatting.yml + with: + ref: ${{ github.ref }} validate-query-help-files: name: Validate Query Help Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Validate CPP Query Help Files - run: | - exit_code=0 - for help_file in `find cpp -name '*.md'` - do - if grep -F -q 'REPLACE THIS' "$help_file" > /dev/null - then - echo "Help file $help_file contains placeholders that are not replaced or removed!" - exit_code=1 - fi - done - - exit $exit_code - - - name: Validate C Query Help Files - run: | - exit_code=0 - for help_file in `find c -name '*.md'` - do - if grep -F -q 'REPLACE THIS' "$help_file" > /dev/null - then - echo "Help file $help_file contains placeholders that are not replaced or removed!" - exit_code=1 - fi - done - - exit $exit_code - - validate-cpp-test-files: - name: Validate C++ Test Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install clang-format - run: | - sudo apt-get install --yes --quiet --no-install-recommends clang-format - echo "::debug::$(clang-format -version)" - - - name: Validate C++ Test Files - run: | - if ! test -f .clang-format; then - echo "Cannot find .clang-format in '$PWD'. Exiting..." - fi - - find cpp/*/test -name \*.cpp -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" clang-format --style=file -i --verbose - git diff - git diff --compact-summary - git diff --quiet - - validate-c-test-files: - name: Validate C Test Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install clang-format - run: | - sudo apt-get install --yes --quiet --no-install-recommends clang-format - echo "::debug::$(clang-format -version)" - - - name: Validate C++ Test Files - run: | - if ! test -f .clang-format; then - echo "Cannot find .clang-format in '$PWD'. Exiting..." - fi - - find c/*/test -name \*.c -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" clang-format --style=file -i --verbose - git diff - git diff --compact-summary - git diff --quiet + uses: ./.github/workflows/validate-query-help.yml + with: + ref: ${{ github.ref }} + + validate-test-case-formatting: + name: Validate Test + uses: ./.github/workflows/validate-query-test-case-formatting.yml + with: + ref: ${{ github.ref }} \ No newline at end of file diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml new file mode 100644 index 0000000000..d698b7e2e5 --- /dev/null +++ b/.github/workflows/validate-package-files.yml @@ -0,0 +1,64 @@ +name: Validate Package Files +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + +jobs: + validate-package-files: + strategy: + matrix: + language: [cpp, c] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install CodeQL + run: | + VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" + gh extensions install github/gh-codeql + gh codeql set-version "$VERSION" + gh codeql install-stub + env: + GITHUB_TOKEN: ${{ github.token }} + + - name: Install generate_package_files.py dependencies + run: pip install -r scripts/requirements.txt + + - name: Validate Package Descriptions + env: + LANGUAGE: ${{ matrix.language }} + run: | + python scripts/validate-rule-package.py rule_packages/$LANGUAGE/*.json + + - name: Validate Package Descriptions consistency + env: + LANGUAGE: ${{ matrix.language }} + run: | + python scripts/verify_rule_package_consistency.py $LANGUAGE + + - name: Validate Current versus Expected Package Files + env: + LANGUAGE: ${{ matrix.language }} + run: | + find rule_packages/$LANGUAGE -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py $LANGUAGE + git diff + git diff --compact-summary + git diff --quiet \ No newline at end of file diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml new file mode 100644 index 0000000000..fc574c65b4 --- /dev/null +++ b/.github/workflows/validate-query-formatting.yml @@ -0,0 +1,58 @@ +name: "Validate Query Formatting" +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + +env: + XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + +jobs: + validate-query-formatting: + strategy: + matrix: + language: [cpp, c] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Install CodeQL + run: | + VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" + gh extensions install github/gh-codeql + gh codeql set-version "$VERSION" + gh codeql install-stub + env: + GITHUB_TOKEN: ${{ github.token }} + + - name: Validate query format + env: + LANGUAGE: ${{ matrix.language }} + run: | + find $LANGUAGE -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + + git diff + git diff --compact-summary + git diff --quiet \ No newline at end of file diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml new file mode 100644 index 0000000000..e22e959d33 --- /dev/null +++ b/.github/workflows/validate-query-help.yml @@ -0,0 +1,42 @@ +name: Validate Query Help Files +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + +jobs: + validate-query-help-files: + strategy: + matrix: + language: [cpp, c] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Validate Query Help Files + env: + LANGUAGE: ${{ matrix.language }} + run: | + exit_code=0 + for help_file in `find $LANGUAGE -name '*.md'` + do + if grep -F -q 'REPLACE THIS' "$help_file" > /dev/null + then + echo "Help file $help_file contains placeholders that are not replaced or removed!" + exit_code=1 + fi + done + + exit $exit_code \ No newline at end of file diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml new file mode 100644 index 0000000000..3fa974e4d9 --- /dev/null +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -0,0 +1,60 @@ +name: Validate Query Test Case Formatting +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + +env: + XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + +jobs: + validate-test-case-files: + runs-on: ubuntu-latest + strategy: + matrix: + language: [cpp, c] + fail-fast: false + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Install clang-format + run: | + sudo apt-get install --yes --quiet --no-install-recommends clang-format + + - name: Validating Current versus Expected Test Case Formatting + env: + LANGUAGE: ${{ matrix.language }} + # IMPORTANT: This step current relies on the fact that a file extension is the same as the language name for simplicity. + run: | + if ! test -f .clang-format; then + echo "Cannot find .clang-format in '$PWD'. Exiting..." + fi + + find $LANGUAGE/*/test -name \*.$LANGUAGE -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" clang-format --style=file -i --verbose + git diff + git diff --compact-summary + git diff --quiet + + \ No newline at end of file From 371a80aa7a937811e75974ebf460a16ed4a36a01 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 31 Aug 2023 10:39:57 -0700 Subject: [PATCH 013/183] Remove push trigger --- .github/workflows/validate-coding-standards.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index bda11df979..c8e66f0625 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -2,10 +2,6 @@ name: Validating Coding Standards on: merge_group: - push: - branches: - - main - - next pull_request: branches: - main From 986535a429202ee5ae8e0091b5f246f25d2628f3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 13:50:20 -0700 Subject: [PATCH 014/183] Update prepare release to include release validation The validation validates the coding standards and invokes a performance test. --- .github/workflows/prepare-release.yml | 31 ++++++---- .github/workflows/validate-release.yml | 78 ++++++++++++++++++++++++++ 2 files changed, 99 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/validate-release.yml diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 43dbff559a..26ecaa0fc6 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -16,8 +16,13 @@ on: branches: - rvermeulen/release-process-improvements +permissions: + contents: write + pull-requests: write + actions: write + env: - RELEASE_VERSION: ${{ github.event.inputs.version }} + RELEASE_VERSION: ${{ inputs.version }} jobs: prepare-release: @@ -26,9 +31,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 - #with: - #ref: ${{ github.event.inputs.ref }} + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} - name: Install Python uses: actions/setup-python@v2 @@ -61,12 +66,18 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - name: Create release PR - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: - title: "Release ${{ github.event.inputs.version }}." - body: "This PR releases codeql-coding-standards version ${{ github.event.inputs.version }}." - commit-message: "Update user manual for release ${{ github.event.inputs.version }}." + title: "Release ${{ inputs.version }}." + body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." + commit-message: "Update user manual for release ${{ inputs.version }}." delete-branch: true - branch: "rc/${{ github.event.inputs.version }}" + branch: "rc/${{ inputs.version }}" - \ No newline at end of file + # Invoke release validation because our PRs created with a GitHub token do not trigger a `pull_request` event. + validate-release: + name: "Validate coding standards release" + needs: prepare-release + uses: .github/workflows/validate-release.yml + with: + version: ${{ inputs.version }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml new file mode 100644 index 0000000000..b9e68d1760 --- /dev/null +++ b/.github/workflows/validate-release.yml @@ -0,0 +1,78 @@ +name: Validate release + +on: + workflow_call: + inputs: + version: + description: | + The version to release (MUST follow semantic versioning). + required: true + type: string + push: + branches: + - rvermeulen/release-process-improvements # The following push event trigger is only used for testing purposes. Should be removed before merging! + pull_request: + branches: + - "rc/*" + +permissions: + contents: read + actions: write + +env: + GITHUB_TOKEN: ${{ github.token }} + +jobs: + + determine-release-version: + runs-on: ubuntu-latest + outputs: + release-version: ${{ steps.set-release-version.outputs.release-version }} + env: + RELEASE_FROM_INPUT: ${{ inputs.version }} + RELEASE_FROM_BRANCH: ${{ github.base_ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-release-version + run: | + if [[ "$EVENT_NAME" == "workflow_dispatch "]]; then + echo "release-version=$RELEASE_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + if [[ "$EVENT_NAME" == "pull_request" ]]; then + release_version=${RELEASE_FROM_BRANCH#"rc/"} + echo "release-version=$release_version" >> "$GITHUB_OUTPUT" + else + echo "Unexpected event name $EVENT_NAME!" + exit 1 + fi + fi + + validate-coding-standards: + needs: determine-release-version + name: "Validate coding standards" + uses: ./.github/workflows/validate-package-files.yml + with: + version: ${{ needs.determine-release-version.outputs.release-version }} + + validate-release-performance: + needs: determine-release-version + runs-on: ubuntu-latest + steps: + - name: Create check run + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="performance-test" \ + --head-sha="$GITHUB_SHA" \ + --jq ".id" \ + https://api.github.com/repos/{owner}/{repo}/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" + - name: Invoke performance test + env: + CHECK_RUN_ID: ${{ env.check-run-id }} + RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} + GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + run: | + echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file From d9669e6d836632f54f56c2fd058acb8f7c8663e8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 13:59:45 -0700 Subject: [PATCH 015/183] Address incorrect workflow call --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 26ecaa0fc6..785a9c0e48 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -78,6 +78,6 @@ jobs: validate-release: name: "Validate coding standards release" needs: prepare-release - uses: .github/workflows/validate-release.yml + uses: ./.github/workflows/validate-release.yml with: version: ${{ inputs.version }} \ No newline at end of file From 435337d3a3b6d38ebe7a2d261503ada6be81bacb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:16:52 -0700 Subject: [PATCH 016/183] Address incorrect workflow call --- .github/workflows/validate-coding-standards.yml | 1 + .github/workflows/validate-release.yml | 5 +---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index c8e66f0625..035468e4f6 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -6,6 +6,7 @@ on: branches: - main - next + workflow_call: permissions: contents: read diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b9e68d1760..c5dad0eea8 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -48,11 +48,8 @@ jobs: fi validate-coding-standards: - needs: determine-release-version name: "Validate coding standards" - uses: ./.github/workflows/validate-package-files.yml - with: - version: ${{ needs.determine-release-version.outputs.release-version }} + uses: ./.github/workflows/validate-coding-standards.yml validate-release-performance: needs: determine-release-version From b04d46374789f613c110b9b8d60bdecfc357a671 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:21:17 -0700 Subject: [PATCH 017/183] Address syntax error --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index c5dad0eea8..0906bc7105 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -35,7 +35,7 @@ jobs: steps: - id: set-release-version run: | - if [[ "$EVENT_NAME" == "workflow_dispatch "]]; then + if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then echo "release-version=$RELEASE_FROM_INPUT" >> "$GITHUB_OUTPUT" else if [[ "$EVENT_NAME" == "pull_request" ]]; then From 1160fe00cf6587bc84a64534db65046ee26dcbd1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:24:30 -0700 Subject: [PATCH 018/183] Upgrade actions/setup-python dep --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 785a9c0e48..cb31ffd21f 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -36,7 +36,7 @@ jobs: ref: ${{ inputs.ref }} - name: Install Python - uses: actions/setup-python@v2 + uses: actions/setup-python@v4 with: python-version: "3.9" From 3b960b84b075bc82d8cbede9e7962f6448c5d7ee Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:27:05 -0700 Subject: [PATCH 019/183] Address incorrect check run create call --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 0906bc7105..fb2cf36488 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -61,7 +61,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --head-sha="$GITHUB_SHA" \ + --field head_sha="$GITHUB_SHA" \ --jq ".id" \ https://api.github.com/repos/{owner}/{repo}/check-runs) From 7af385c3fa851d821fabdeddac9d7c951767e567 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:31:16 -0700 Subject: [PATCH 020/183] Address placeholder issue in check run call --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index fb2cf36488..f173f4385c 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -63,7 +63,7 @@ jobs: --field name="performance-test" \ --field head_sha="$GITHUB_SHA" \ --jq ".id" \ - https://api.github.com/repos/{owner}/{repo}/check-runs) + https://api.github.com/repos/github/codeql-coding-standards/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" - name: Invoke performance test From a315393c95198f05b096188237f72fb73e3bbad6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:35:59 -0700 Subject: [PATCH 021/183] Add missing premission for statuses --- .github/workflows/prepare-release.yml | 1 + .github/workflows/validate-release.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index cb31ffd21f..9a5bc78c7a 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -20,6 +20,7 @@ permissions: contents: write pull-requests: write actions: write + statuses: write env: RELEASE_VERSION: ${{ inputs.version }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f173f4385c..87e57a0787 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -18,6 +18,7 @@ on: permissions: contents: read actions: write + statuses: write env: GITHUB_TOKEN: ${{ github.token }} From 73f8c31dcd1cc3d02ce05b1c45445d7a85dd8f5f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:45:31 -0700 Subject: [PATCH 022/183] Use current github repo to perform check run call --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 87e57a0787..72ca129fdb 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -64,7 +64,7 @@ jobs: --field name="performance-test" \ --field head_sha="$GITHUB_SHA" \ --jq ".id" \ - https://api.github.com/repos/github/codeql-coding-standards/check-runs) + https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" - name: Invoke performance test From ba0ffd658ec7c74d2e907218e03f51250a5d5bbb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:53:24 -0700 Subject: [PATCH 023/183] Use PAT to create check runs --- .github/workflows/prepare-release.yml | 1 - .github/workflows/validate-release.yml | 6 +++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 9a5bc78c7a..cb31ffd21f 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -20,7 +20,6 @@ permissions: contents: write pull-requests: write actions: write - statuses: write env: RELEASE_VERSION: ${{ inputs.version }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 72ca129fdb..44405ca813 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -18,7 +18,6 @@ on: permissions: contents: read actions: write - statuses: write env: GITHUB_TOKEN: ${{ github.token }} @@ -55,9 +54,14 @@ jobs: validate-release-performance: needs: determine-release-version runs-on: ubuntu-latest + env: + GITHUB_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} steps: - name: Create check run run: | + # For debugging purposes + echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs + check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From 325b297f1d52f2041727d6da1d25f1d3f76bef19 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 15:37:07 -0700 Subject: [PATCH 024/183] Use correct gh cli token env var --- .github/workflows/validate-release.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 44405ca813..ba9df943c8 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -19,9 +19,6 @@ permissions: contents: read actions: write -env: - GITHUB_TOKEN: ${{ github.token }} - jobs: determine-release-version: @@ -54,10 +51,10 @@ jobs: validate-release-performance: needs: determine-release-version runs-on: ubuntu-latest - env: - GITHUB_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} steps: - name: Create check run + env: + GH_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -75,6 +72,6 @@ jobs: env: CHECK_RUN_ID: ${{ env.check-run-id }} RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} - GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file From 24ee05bc23a016e48c997c516e8d121a946f8955 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 15:46:39 -0700 Subject: [PATCH 025/183] Dump environment for debugging --- .github/workflows/validate-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index ba9df943c8..2868f7146a 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -58,6 +58,7 @@ jobs: run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs + env check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ From 4b11eb8906cfb4c94dc4e28011f8a6ea950a2539 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 15:57:03 -0700 Subject: [PATCH 026/183] Pass required secrets to reused workflow --- .github/workflows/prepare-release.yml | 5 ++++- .github/workflows/validate-release.yml | 10 ++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index cb31ffd21f..656d754521 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -80,4 +80,7 @@ jobs: needs: prepare-release uses: ./.github/workflows/validate-release.yml with: - version: ${{ inputs.version }} \ No newline at end of file + version: ${{ inputs.version }} + secrets: + check-runs-token: ${{ secrets.CHECK_RUNS_TOKEN }} + release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 2868f7146a..97e59a1fb5 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -8,6 +8,12 @@ on: The version to release (MUST follow semantic versioning). required: true type: string + secrets: + check-runs-token: + required: true + release-engineering-token: + required: true + push: branches: - rvermeulen/release-process-improvements # The following push event trigger is only used for testing purposes. Should be removed before merging! @@ -54,7 +60,7 @@ jobs: steps: - name: Create check run env: - GH_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} + GH_TOKEN: ${{ secrets.check-runs-token }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -73,6 +79,6 @@ jobs: env: CHECK_RUN_ID: ${{ env.check-run-id }} RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} - GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GH_TOKEN: ${{ secrets.release-engineering-token }} run: | echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file From b6389c4af69788b4d25c0999d37341dd2955c21d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 16:13:24 -0700 Subject: [PATCH 027/183] Test with checks permission --- .github/workflows/prepare-release.yml | 2 +- .github/workflows/validate-release.yml | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 656d754521..52203ef8ab 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -20,6 +20,7 @@ permissions: contents: write pull-requests: write actions: write + checks: write env: RELEASE_VERSION: ${{ inputs.version }} @@ -82,5 +83,4 @@ jobs: with: version: ${{ inputs.version }} secrets: - check-runs-token: ${{ secrets.CHECK_RUNS_TOKEN }} release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 97e59a1fb5..beb3c77516 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -9,8 +9,6 @@ on: required: true type: string secrets: - check-runs-token: - required: true release-engineering-token: required: true @@ -24,6 +22,7 @@ on: permissions: contents: read actions: write + checks: write jobs: @@ -60,7 +59,7 @@ jobs: steps: - name: Create check run env: - GH_TOKEN: ${{ secrets.check-runs-token }} + GH_TOKEN: ${{ github.token }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs From f47ec0882a5ea2dfa6d2c8a1fe3849ae16c02b42 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 17:01:51 -0700 Subject: [PATCH 028/183] Address incorrect release performance parameter --- .github/workflows/prepare-release.yml | 2 +- .github/workflows/validate-release.yml | 59 +++++++++++++++++--------- 2 files changed, 40 insertions(+), 21 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 52203ef8ab..346161982e 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -81,6 +81,6 @@ jobs: needs: prepare-release uses: ./.github/workflows/validate-release.yml with: - version: ${{ inputs.version }} + ref: ${{ inputs.ref }} secrets: release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index beb3c77516..a60aee36e7 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -3,18 +3,15 @@ name: Validate release on: workflow_call: inputs: - version: + ref: description: | - The version to release (MUST follow semantic versioning). + The ref that is released required: true type: string secrets: release-engineering-token: required: true - push: - branches: - - rvermeulen/release-process-improvements # The following push event trigger is only used for testing purposes. Should be removed before merging! pull_request: branches: - "rc/*" @@ -26,23 +23,22 @@ permissions: jobs: - determine-release-version: + determine-ref: runs-on: ubuntu-latest outputs: - release-version: ${{ steps.set-release-version.outputs.release-version }} + release-ref: ${{ steps.set-ref.outputs.release-ref }} env: - RELEASE_FROM_INPUT: ${{ inputs.version }} - RELEASE_FROM_BRANCH: ${{ github.base_ref }} + REF_FROM_INPUT: ${{ inputs.ref }} + REF_FROM_PR: ${{ github.base_ref }} EVENT_NAME: ${{ github.event_name }} steps: - - id: set-release-version + - id: set-ref run: | if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "release-version=$RELEASE_FROM_INPUT" >> "$GITHUB_OUTPUT" + echo "release-ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else if [[ "$EVENT_NAME" == "pull_request" ]]; then - release_version=${RELEASE_FROM_BRANCH#"rc/"} - echo "release-version=$release_version" >> "$GITHUB_OUTPUT" + echo "release-ref=$REF_FROM_PR" >> "$GITHUB_OUTPUT" else echo "Unexpected event name $EVENT_NAME!" exit 1 @@ -53,11 +49,13 @@ jobs: name: "Validate coding standards" uses: ./.github/workflows/validate-coding-standards.yml - validate-release-performance: - needs: determine-release-version + init-release-performance: + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} runs-on: ubuntu-latest steps: - name: Create check run + id: create-check-run env: GH_TOKEN: ${{ github.token }} run: | @@ -71,13 +69,34 @@ jobs: --field name="performance-test" \ --field head_sha="$GITHUB_SHA" \ --jq ".id" \ - https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs) + /repos/$GITHUB_REPOSITORY/check-runs) - echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + + validate-release-performance: + needs: [init-release-performance, determine-ref] + runs-on: ubuntu-latest + steps: - name: Invoke performance test env: - CHECK_RUN_ID: ${{ env.check-run-id }} - RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} + RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} + CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | - echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file + echo "{\"ref\": \"$RELEASE_REF\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process + + on-failure-validate-release-performance: + needs: [init-release-performance, validate-release-performance] + if: failure() + runs-on: ubuntu-latest + steps: + - name: Fail check run status + env: + CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + run: | + echo "{\"status\": \"completed\", \"conclusion\": \"failed\"}" | gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --json \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID \ No newline at end of file From 51bfc479e0fd7fa8857a42658402e6a1ec909c84 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 17:20:46 -0700 Subject: [PATCH 029/183] Address incorrect gh cli usage --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a60aee36e7..691d48abd9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -98,5 +98,5 @@ jobs: --method PATCH \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --json \ + --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID \ No newline at end of file From ab31e64295b9cea8c06d1a50691af21b01ceb95e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 10:23:30 -0700 Subject: [PATCH 030/183] Add workflow to update check runs --- .github/workflows/update-check-run.yml | 53 ++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 .github/workflows/update-check-run.yml diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml new file mode 100644 index 0000000000..2c14ec25ce --- /dev/null +++ b/.github/workflows/update-check-run.yml @@ -0,0 +1,53 @@ +name: Update check run + +on: + workflow_dispatch: + id: + description: | + The ID of the check run to update. + type: number + required: true + status: + description: | + The new status of the check run. + type: string + required: true + conclusion: + description: | + The conclusion of the check run when the status is 'completed'. + type: string + details_url: + description: | + The URL of the check run's details page. + type: string + push: + branches: + - "rvermeulen/release-process-improvements" + +permissions: + checks: write + +jobs: + update-check-run: + runs-on: ubuntu-latest + steps: + - name: Update check run + env: + CHECK_RUN_ID: ${{ inputs.id }} + CHECK_RUN_STATUS: ${{ inputs.status }} + CHECK_RUN_CONCLUSION: ${{ inputs.conclusion }} + CHECK_RUN_DETAILS_URL: ${{ inputs.details_url }} + GITHUB_TOKEN: ${{ github.token }} + run: | + CHECK_RUNS_UPDATE=$(jq -n \ + --arg status "$CHECK_RUN_STATUS" \ + --arg conclusion "$CHECK_RUN_CONCLUSION" \ + --arg details_url "$CHECK_RUN_DETAILS_URL" \ + '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries)' + ) + echo "$CHECK_RUNS_UPDATE" | gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/rvermeulen/codeql-coding-standards/check-runs/$CHECK_RUN_ID From 4b7d75fffec36ff626b1016041e7e2a90fd9110d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 12:39:03 -0700 Subject: [PATCH 031/183] Use jq to format workflow dispatch body --- .github/workflows/validate-release.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 691d48abd9..8fe6dbe0c9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -83,7 +83,15 @@ jobs: CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | - echo "{\"ref\": \"$RELEASE_REF\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process + jq -n \ + --arg ref "$RELEASE_REF" \ + --arg check_run_id "$CHECK_RUN_ID" \ + '{ref: $ref, check-run-id: $check_run_id}' \ + | \ + gh workflow run release-performance-testing.yml \ + --json \ + -R github/codeql-coding-standards-release-engineering \ + --ref rvermeulen/release-process on-failure-validate-release-performance: needs: [init-release-performance, validate-release-performance] From 62487911851d38329250f667fb6b269936765ae6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 12:39:28 -0700 Subject: [PATCH 032/183] Add workflow to update check run status We can't install a GitHub App to provided access to the check runs in other repositories. Therefore we use this workflow instead that can be dispatched. --- .github/workflows/update-release-status.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .github/workflows/update-release-status.yml diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml new file mode 100644 index 0000000000..0ac84a1f2c --- /dev/null +++ b/.github/workflows/update-release-status.yml @@ -0,0 +1,14 @@ +name: "Update release status" +on: + issue_comment: + types: [created] + branches: + - "rc/**" + +permissions: + contents: read + issues: write + +jobs: + update-validation-status: + name: "Update validation status" \ No newline at end of file From 84aeab6e8d3ba7c71e5daf16a330d904e54d29db Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 12:59:59 -0700 Subject: [PATCH 033/183] Properly quote key --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 8fe6dbe0c9..7a237ded45 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -86,7 +86,7 @@ jobs: jq -n \ --arg ref "$RELEASE_REF" \ --arg check_run_id "$CHECK_RUN_ID" \ - '{ref: $ref, check-run-id: $check_run_id}' \ + '{ref: $ref, "check-run-id": $check_run_id}' \ | \ gh workflow run release-performance-testing.yml \ --json \ From dcbc84f2a234d0f6b8c965dd8eb2a5ade73fddc6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 13:00:24 -0700 Subject: [PATCH 034/183] Use jq to construct JSON body --- .github/workflows/validate-release.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7a237ded45..a217ff4c87 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -101,8 +101,14 @@ jobs: - name: Fail check run status env: CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} run: | - echo "{\"status\": \"completed\", \"conclusion\": \"failed\"}" | gh api \ + jq -n \ + --arg status "completed" \ + --arg conclusion "failed" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ --method PATCH \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From 3bd024b3ed9878c022457c313bd5d0e5a477b2ef Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 13:27:49 -0700 Subject: [PATCH 035/183] Correctly specify inputs --- .github/workflows/update-check-run.yml | 37 +++++++++++++------------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 2c14ec25ce..f45634e2e4 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -2,24 +2,25 @@ name: Update check run on: workflow_dispatch: - id: - description: | - The ID of the check run to update. - type: number - required: true - status: - description: | - The new status of the check run. - type: string - required: true - conclusion: - description: | - The conclusion of the check run when the status is 'completed'. - type: string - details_url: - description: | - The URL of the check run's details page. - type: string + inputs: + id: + description: | + The ID of the check run to update. + type: number + required: true + status: + description: | + The new status of the check run. + type: string + required: true + conclusion: + description: | + The conclusion of the check run when the status is 'completed'. + type: string + details_url: + description: | + The URL of the check run's details page. + type: string push: branches: - "rvermeulen/release-process-improvements" From a6933ca6e2a5f080cd3f7405dd2bf6236f63ae67 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:05:43 -0700 Subject: [PATCH 036/183] Address incorrect JSON body --- .github/workflows/update-check-run.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index f45634e2e4..12f3c3b5a1 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -40,13 +40,13 @@ jobs: CHECK_RUN_DETAILS_URL: ${{ inputs.details_url }} GITHUB_TOKEN: ${{ github.token }} run: | - CHECK_RUNS_UPDATE=$(jq -n \ + jq -n \ --arg status "$CHECK_RUN_STATUS" \ --arg conclusion "$CHECK_RUN_CONCLUSION" \ --arg details_url "$CHECK_RUN_DETAILS_URL" \ - '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries)' - ) - echo "$CHECK_RUNS_UPDATE" | gh api \ + '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries' \ + | \ + gh api \ --method PATCH \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From ace3379a0daca50d51581c3fd35e10059f8183f8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:06:22 -0700 Subject: [PATCH 037/183] Use the ref of the just created PR to validate --- .github/workflows/prepare-release.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 346161982e..b66f66b390 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -27,6 +27,8 @@ env: jobs: prepare-release: + outputs: + pull-request-head-sha: ${{ steps.create-release-pull-request.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest @@ -67,6 +69,7 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - name: Create release PR + id: create-release-pull-request uses: peter-evans/create-pull-request@v5 with: title: "Release ${{ inputs.version }}." @@ -81,6 +84,6 @@ jobs: needs: prepare-release uses: ./.github/workflows/validate-release.yml with: - ref: ${{ inputs.ref }} + ref: ${{ needs.prepare-release.outputs.pull-request-head-sha }} secrets: release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file From d3ce01038de9f081e1f55de02cb343abd8cdfae5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:07:41 -0700 Subject: [PATCH 038/183] Generalize url --- .github/workflows/update-check-run.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 12f3c3b5a1..7f564ca03f 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -51,4 +51,4 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --input - \ - /repos/rvermeulen/codeql-coding-standards/check-runs/$CHECK_RUN_ID + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID From 8e727aa1c8c305463b352302d26d6e83e1c046af Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:09:32 -0700 Subject: [PATCH 039/183] Remove on push trigger --- .github/workflows/update-check-run.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 7f564ca03f..12f1de5779 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -21,9 +21,6 @@ on: description: | The URL of the check run's details page. type: string - push: - branches: - - "rvermeulen/release-process-improvements" permissions: checks: write From 2b9c33096bf10e8f99c5f4022a2fd8a6985324a4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:18:53 -0700 Subject: [PATCH 040/183] Create check run on input ref --- .github/workflows/validate-release.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a217ff4c87..b3f697333c 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -52,12 +52,14 @@ jobs: init-release-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create check run id: create-check-run env: GH_TOKEN: ${{ github.token }} + RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -67,7 +69,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --field head_sha="$GITHUB_SHA" \ + --field head_sha="$RELEASE_REF" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From b4cc27aed3816f3cfffc25131ccbde4a061de194 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:49:10 -0700 Subject: [PATCH 041/183] Remove push on release and any PR trigger --- .github/workflows/codeql_unit_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 053bea4985..9a5c498102 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -5,11 +5,11 @@ on: push: branches: - main - - "rc/**" - next pull_request: branches: - - "**" + - main + - next workflow_dispatch: jobs: From 9a0f0f1940bbf91311983606d5583247fa00fbf3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:50:02 -0700 Subject: [PATCH 042/183] Handle call and dispath input --- .github/workflows/codeql_unit_tests.yml | 38 +++++++++++++++++++++---- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 9a5c498102..f15b631876 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -11,16 +11,42 @@ on: - main - next workflow_dispatch: + workflow_call: + inputs: + ref: + description: | + The ref to run the tests on. + type: string + required: true jobs: + determine-ref: + runs-on: ubuntu-latest + outputs: + release-ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" + fi + prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix + needs: [determine-ref] runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Export unit test matrix id: export-unit-test-matrix @@ -33,22 +59,24 @@ jobs: run-test-suites: name: Run unit tests - needs: prepare-unit-test-matrix + needs: [prepare-unit-test-matrix, determine-ref] runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-unit-test-matrix.outputs.matrix) }} - + steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Install Python uses: actions/setup-python@v4 with: python-version: "3.9" - + - name: Install Python dependencies run: pip install -r scripts/requirements.txt From 467f37e6fa7571783671472d577f06d2d838d8d0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:50:17 -0700 Subject: [PATCH 043/183] Upgrade used actions --- .github/workflows/codeql_unit_tests.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index f15b631876..fe5e3524af 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -82,7 +82,7 @@ jobs: - name: Cache CodeQL id: cache-codeql - uses: actions/cache@v2.1.3 + uses: actions/cache@v3 with: # A list of files, directories, and wildcard patterns to cache and restore path: ${{github.workspace}}/codeql_home @@ -129,7 +129,7 @@ jobs: def print_error(fmt, *args): print(f"::error::{fmt}", *args) - + def print_error_and_fail(fmt, *args): print_error(fmt, args) sys.exit(1) @@ -176,7 +176,7 @@ jobs: file.close() - name: Upload test results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: ${{ matrix.language }}-test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | @@ -189,7 +189,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Collect test results - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 - name: Validate test results run: | From f8a6b03aa4df322a8b6466ece5d8cdf736fafcf6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:57:15 -0700 Subject: [PATCH 044/183] Remove dispatch trigger --- .github/workflows/codeql_unit_tests.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index fe5e3524af..b11c30cee8 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -10,7 +10,6 @@ on: branches: - main - next - workflow_dispatch: workflow_call: inputs: ref: From 643bea22c4f41a96036b9fcfcd14d92dc9bfae3e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:58:24 -0700 Subject: [PATCH 045/183] Validate the PR --- .../workflows/validate-coding-standards.yml | 41 +++++++++++++++++-- .github/workflows/validate-release.yml | 37 ++++++++--------- 2 files changed, 54 insertions(+), 24 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 035468e4f6..950c7be566 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -7,32 +7,65 @@ on: - main - next workflow_call: + inputs: + ref: + description: | + The ref to validate. + type: string + required: true permissions: contents: read actions: write jobs: + determine-ref: + runs-on: ubuntu-latest + outputs: + release-ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_call" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" + fi + validate-package-files: name: Validate Package Files + needs: [determine-ref] uses: ./.github/workflows/validate-package-files.yml with: - ref: ${{ github.ref }} + ref: ${{ needs.determine-ref.outputs.ref }} validate-codeql-query-formatting: name: "Validate CodeQL Query Formatting" + needs: [determine-ref] uses: ./.github/workflows/validate-query-formatting.yml with: - ref: ${{ github.ref }} + ref: ${{ needs.determine-ref.outputs.ref }} validate-query-help-files: name: Validate Query Help Files + needs: [determine-ref] uses: ./.github/workflows/validate-query-help.yml with: - ref: ${{ github.ref }} + ref: ${{ needs.determine-ref.outputs.ref }} validate-test-case-formatting: name: Validate Test + needs: [determine-ref] uses: ./.github/workflows/validate-query-test-case-formatting.yml with: - ref: ${{ github.ref }} \ No newline at end of file + ref: ${{ needs.determine-ref.outputs.ref }} + + run-codeql-unit-tests: + name: Run CodeQL Unit Tests + needs: [determine-ref] + uses: ./.github/workflows/codeql_unit_tests.yml + with: + ref: ${{ needs.determine-ref.outputs.ref }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b3f697333c..7fa1c33aa9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -24,30 +24,27 @@ permissions: jobs: determine-ref: - runs-on: ubuntu-latest - outputs: - release-ref: ${{ steps.set-ref.outputs.release-ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - REF_FROM_PR: ${{ github.base_ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "release-ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - if [[ "$EVENT_NAME" == "pull_request" ]]; then - echo "release-ref=$REF_FROM_PR" >> "$GITHUB_OUTPUT" + runs-on: ubuntu-latest + outputs: + release-ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_call" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else - echo "Unexpected event name $EVENT_NAME!" - exit 1 + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" fi - fi validate-coding-standards: name: "Validate coding standards" + needs: [determine-ref] uses: ./.github/workflows/validate-coding-standards.yml + with: + ref: ${{ needs.determine-ref.outputs.ref }} init-release-performance: outputs: @@ -59,7 +56,7 @@ jobs: id: create-check-run env: GH_TOKEN: ${{ github.token }} - RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -81,7 +78,7 @@ jobs: steps: - name: Invoke performance test env: - RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | From 6b135901e355c5642818c322461ef255a042c39b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:15:23 -0700 Subject: [PATCH 046/183] Add release status check --- .github/workflows/update-release-status.yml | 82 +++++++++++++++++++-- .github/workflows/validate-release.yml | 23 +++++- 2 files changed, 96 insertions(+), 9 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 0ac84a1f2c..527677d1a9 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -1,14 +1,80 @@ -name: "Update release status" +name: "Update Release Status" on: - issue_comment: - types: [created] + check_run: + types: + - completed + - rerequested branches: - - "rc/**" + - "rc/*" permissions: - contents: read - issues: write + actions: read + checks: write jobs: - update-validation-status: - name: "Update validation status" \ No newline at end of file + validate-check-runs: + runs-on: ubuntu-latest + steps: + - name: Get release status check run + id: get-check-run + if: github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status' + env: + GITHUB_TOKEN: ${{ github.token }} + CHECK_RUN_HEAD_SHA: ${{ github.event.check_run.head_sha }} + run: | + check_run_info=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion' \ + /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) + + check_run_id=$(echo "$check_run_info" | jq -r '.id') + check_run_status=$(echo "$check_run_info" | jq -r '.status') + check_run_conclusion=$(echo "$check_run_info" | jq -r '.conclusion') + + echo "CHECK_RUN_ID=$check_run_id" >> "$GITHUB_ENV" + echo "CHECK_RUN_STATUS=$check_run_status" >> "$GITHUB_ENV" + echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV" + + - name: Reset release status + if: env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + CHECK_RUN_ID=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="release-status" \ + --field head_sha="$REF" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "Created release status check run with id $CHECK_RUN_ID" + + - name: Check all runs completed + if: env.CHECK_RUN_STATUS != 'completed' + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + done=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end \ + /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) + + if [[ "$done" == "true" ]]; then + echo "All check runs completed" + jq -n \ + --arg status "completed" \ + --arg conclusion "success" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + else + echo "Not all check runs completed" + fi \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7fa1c33aa9..677b8db6b7 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -112,4 +112,25 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID \ No newline at end of file + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + + init-release-status: + name: "Initialize release status monitoring" + needs: [determine-ref, validate-release-performance] + runs-on: ubuntu-latest + steps: + - name: Create release status check run + env: + REF: ${{ needs.determine-ref.outputs.ref }} + GITHUB_TOKEN: ${{ github.token }} + run: | + CHECK_RUN_ID=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="release-status" \ + --field head_sha="$REF" \ + --field status="in_progress" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "Created release status check run with id $CHECK_RUN_ID" From 59ed68a10105f6a1d95f1358256b4abde8eec403 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:21:16 -0700 Subject: [PATCH 047/183] Add push trigger to register workflow --- .github/workflows/update-release-status.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 527677d1a9..e963954f0b 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -7,6 +7,10 @@ on: branches: - "rc/*" + push: + branches: + - "rvermeulen/release-process-improvements" + permissions: actions: read checks: write From e6d4e0a438f7dd55b5f7675650016526330f9729 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:21:28 -0700 Subject: [PATCH 048/183] Remove dumping of env --- .github/workflows/validate-release.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 677b8db6b7..d1ed82f5fd 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -58,10 +58,6 @@ jobs: GH_TOKEN: ${{ github.token }} RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | - # For debugging purposes - echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs - env - check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From 179aa10e09d663ea72f5710ba2cb1aef81882d40 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:32:38 -0700 Subject: [PATCH 049/183] Always initialize release status monitoring --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index d1ed82f5fd..a4ab12db4a 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -112,7 +112,7 @@ jobs: init-release-status: name: "Initialize release status monitoring" - needs: [determine-ref, validate-release-performance] + needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create release status check run From 7dfd22a63e38b6e6d52be1a7767b911f6e47c708 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:39:49 -0700 Subject: [PATCH 050/183] Handle dispatch event --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a4ab12db4a..4e47ba684d 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -33,7 +33,7 @@ jobs: steps: - id: set-ref run: | - if [[ "$EVENT_NAME" == "workflow_call" ]]; then + if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" From 4edb82a30b58d69229154cc1d82a7faa4c94c750 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 15:26:50 -0700 Subject: [PATCH 051/183] Replace deprecated set-output --- .github/workflows/codeql_unit_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index b11c30cee8..648b2f990c 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -52,9 +52,9 @@ jobs: run: | echo "Merging Result:" python scripts/create_language_matrix.py - echo "::set-output name=matrix::$( + echo "matrix=$( python scripts/create_language_matrix.py | \ - jq --compact-output 'map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" + jq --compact-output 'map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT run-test-suites: name: Run unit tests From 716c00584d4eb4008e5b3bd4796dafdf8cdaa649 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:05:35 -0700 Subject: [PATCH 052/183] Update determine-ref to include workflow calls --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/validate-coding-standards.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 648b2f990c..1adaae275c 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -29,7 +29,7 @@ jobs: steps: - id: set-ref run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then + if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 950c7be566..41f0d8fb60 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -29,7 +29,7 @@ jobs: steps: - id: set-ref run: | - if [[ "$EVENT_NAME" == "workflow_call" ]]; then + if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" From b273ef12fd8478145c44bfa5cc90834e9af87b18 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:07:50 -0700 Subject: [PATCH 053/183] Use correct output --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/validate-coding-standards.yml | 2 +- .github/workflows/validate-release.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 1adaae275c..da99906d87 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -22,7 +22,7 @@ jobs: determine-ref: runs-on: ubuntu-latest outputs: - release-ref: ${{ steps.set-ref.outputs.ref }} + ref: ${{ steps.set-ref.outputs.ref }} env: REF_FROM_INPUT: ${{ inputs.ref }} EVENT_NAME: ${{ github.event_name }} diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 41f0d8fb60..1895b6828d 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -22,7 +22,7 @@ jobs: determine-ref: runs-on: ubuntu-latest outputs: - release-ref: ${{ steps.set-ref.outputs.ref }} + ref: ${{ steps.set-ref.outputs.ref }} env: REF_FROM_INPUT: ${{ inputs.ref }} EVENT_NAME: ${{ github.event_name }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 4e47ba684d..56a6d73e48 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -26,7 +26,7 @@ jobs: determine-ref: runs-on: ubuntu-latest outputs: - release-ref: ${{ steps.set-ref.outputs.ref }} + ref: ${{ steps.set-ref.outputs.ref }} env: REF_FROM_INPUT: ${{ inputs.ref }} EVENT_NAME: ${{ github.event_name }} From 0acdc8ed67edb4d67d4890b9392d3f97e24f2713 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:10:35 -0700 Subject: [PATCH 054/183] Run on ubuntu latest --- .github/workflows/codeql_unit_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index da99906d87..2048892eee 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -38,7 +38,7 @@ jobs: prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix needs: [determine-ref] - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: @@ -185,7 +185,7 @@ jobs: validate-test-results: name: Validate test results needs: [run-test-suites] - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest steps: - name: Collect test results uses: actions/download-artifact@v3 From d2e3ee0821a77558830001d6f4936ac10372006e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:11:18 -0700 Subject: [PATCH 055/183] REVERT: temporary switch runner os for testing --- .github/workflows/codeql_unit_tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 2048892eee..ce004a9d03 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -54,7 +54,7 @@ jobs: python scripts/create_language_matrix.py echo "matrix=$( python scripts/create_language_matrix.py | \ - jq --compact-output 'map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT + jq --compact-output 'map([.+{os: "ubuntu-latest", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT run-test-suites: name: Run unit tests From 8a9f77a0e1d65b8fe28f734ab3700709114e9d85 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:38:13 -0700 Subject: [PATCH 056/183] Create check run for validate release when not triggered by PR --- .github/workflows/validate-release.yml | 52 ++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 56a6d73e48..35d4026717 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -38,14 +38,60 @@ jobs: else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" fi - + + pre-validate-coding-standards: + needs: [determine-ref] + runs-on: ubuntu-latest + if: github.event_name != 'pull_request' + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} + steps: + - name: Create check run + id: create-check-run + env: + REF: ${{ needs.determine-ref.outputs.ref }} + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="Validating Coding Standards" \ + --field head_sha="$REF" \ + --field status="in_progress" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + validate-coding-standards: name: "Validate coding standards" - needs: [determine-ref] + needs: [determine-ref, pre-validate-coding-standards] + if: needs.pre-validate-coding-standards.result != 'failure' uses: ./.github/workflows/validate-coding-standards.yml with: ref: ${{ needs.determine-ref.outputs.ref }} + post-validate-coding-standards: + needs: [validate-coding-standards] + if: github.event_name != 'pull_request' + runs-on: ubuntu-latest + steps: + - name: Update check run + env: + CHECK_RUN_ID: ${{ needs.validate-coding-standards.outputs.check-run-id }} + CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} + run: | + jq -n \ + --arg status "completed" \ + --arg conclusion "$CHECK_RUN_CONCLUSION" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + init-release-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} @@ -71,7 +117,7 @@ jobs: validate-release-performance: needs: [init-release-performance, determine-ref] runs-on: ubuntu-latest - steps: + steps: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} From 3a5c9458298cec09308094cc39a0fed434b11c53 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:40:37 -0700 Subject: [PATCH 057/183] Rename jobs --- .github/workflows/validate-release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 35d4026717..5d03e2b039 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -92,7 +92,7 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - init-release-performance: + pre-validate-release-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} needs: [determine-ref] @@ -115,13 +115,13 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-release-performance: - needs: [init-release-performance, determine-ref] + needs: [pre-validate-release-performance, determine-ref] runs-on: ubuntu-latest steps: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} - CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ @@ -135,13 +135,13 @@ jobs: --ref rvermeulen/release-process on-failure-validate-release-performance: - needs: [init-release-performance, validate-release-performance] + needs: [pre-validate-release-performance, validate-release-performance] if: failure() runs-on: ubuntu-latest steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ @@ -156,7 +156,7 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - init-release-status: + create-release-status-check-run: name: "Initialize release status monitoring" needs: [determine-ref] runs-on: ubuntu-latest From 876f20febd51505cd48c1fb8660990af6a4e5ee5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 17:09:37 -0700 Subject: [PATCH 058/183] Properly align push trigger --- .github/workflows/update-release-status.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index e963954f0b..f41ecda508 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -7,9 +7,9 @@ on: branches: - "rc/*" - push: - branches: - - "rvermeulen/release-process-improvements" + push: + branches: + - "rvermeulen/release-process-improvements" permissions: actions: read From e05abe16568b66754891ff42565e1d18562d9399 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 17:12:01 -0700 Subject: [PATCH 059/183] Fix unterminated jq query --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index f41ecda508..8f806d7f20 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -63,7 +63,7 @@ jobs: done=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end \ + --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) if [[ "$done" == "true" ]]; then From de2084b549c652a6dc48a242a42ecfac3d32da3a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 17:28:35 -0700 Subject: [PATCH 060/183] Add token to env --- .github/workflows/validate-release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 5d03e2b039..b4c62c3253 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -50,6 +50,7 @@ jobs: id: create-check-run env: REF: ${{ needs.determine-ref.outputs.ref }} + GH_TOKEN: ${{ github.token }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ @@ -79,6 +80,7 @@ jobs: env: CHECK_RUN_ID: ${{ needs.validate-coding-standards.outputs.check-run-id }} CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} + GH_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "completed" \ From 4096a14281ec7c747bd18505bcd48582464a8459 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 10:08:46 -0700 Subject: [PATCH 061/183] Make sure the post job is always executed --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b4c62c3253..8bc6555bf5 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -73,7 +73,7 @@ jobs: post-validate-coding-standards: needs: [validate-coding-standards] - if: github.event_name != 'pull_request' + if: always() && github.event_name != 'pull_request' runs-on: ubuntu-latest steps: - name: Update check run From 24a8a164ea066cbb23e84adf4b3b45d038dab9d1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:15:56 -0700 Subject: [PATCH 062/183] Fast fail unit test for testing workflow --- .github/workflows/validate-coding-standards.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 1895b6828d..0030313061 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -66,6 +66,11 @@ jobs: run-codeql-unit-tests: name: Run CodeQL Unit Tests needs: [determine-ref] - uses: ./.github/workflows/codeql_unit_tests.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} \ No newline at end of file + #uses: ./.github/workflows/codeql_unit_tests.yml + #with: + # ref: ${{ needs.determine-ref.outputs.ref }} + runs-on: ubuntu-latest + steps: + - name: Fail + run: | + exit 1 From 280e2a5b08e7861e2203bd783e5772918462254d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:21:50 -0700 Subject: [PATCH 063/183] Use correct output parameter --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 8bc6555bf5..f186f07ad2 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -72,13 +72,13 @@ jobs: ref: ${{ needs.determine-ref.outputs.ref }} post-validate-coding-standards: - needs: [validate-coding-standards] + needs: [pre-validate-coding-standards, validate-coding-standards] if: always() && github.event_name != 'pull_request' runs-on: ubuntu-latest steps: - name: Update check run env: - CHECK_RUN_ID: ${{ needs.validate-coding-standards.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-coding-standards.outputs.check-run-id }} CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} GH_TOKEN: ${{ github.token }} run: | From 56a1cf3cae37405fac9c0259a56b082db0bff7a7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:44:07 -0700 Subject: [PATCH 064/183] Add workflow dispatch trigger for testing --- .github/workflows/update-release-status.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 8f806d7f20..02b49c25b2 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -7,9 +7,7 @@ on: branches: - "rc/*" - push: - branches: - - "rvermeulen/release-process-improvements" + workflow_dispatch: permissions: actions: read From b0055da38a6c9b6be670c7a3f9d8f97bfefbb6dd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:55:34 -0700 Subject: [PATCH 065/183] Add head sha input --- .github/workflows/update-release-status.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 02b49c25b2..f14fd37696 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -8,6 +8,12 @@ on: - "rc/*" workflow_dispatch: + inputs: + head-sha: + description: | + The head SHA to use. + type: string + required: true permissions: actions: read @@ -53,6 +59,17 @@ jobs: echo "Created release status check run with id $CHECK_RUN_ID" + - name: Determine check run head SHA + env: + HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }} + HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }} + run: | + if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV" + else + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" + fi + - name: Check all runs completed if: env.CHECK_RUN_STATUS != 'completed' env: From 950785beb79b78823f68443204b07a568882a255 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:27:52 -0700 Subject: [PATCH 066/183] Correct check to excluded from count --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index f14fd37696..50b9327693 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -78,7 +78,7 @@ jobs: done=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ + --jq '.check_runs | map(select(.name != "release-status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) if [[ "$done" == "true" ]]; then From 92fc4e2154777abec7980c7dbcc0d498fcdc99c6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:36:21 -0700 Subject: [PATCH 067/183] Properly handle the check run data when dispatched --- .github/workflows/update-release-status.yml | 41 ++++++++++----------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 50b9327693..702f8f1d9a 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -23,12 +23,22 @@ jobs: validate-check-runs: runs-on: ubuntu-latest steps: + - name: Determine check run head SHA + env: + HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }} + HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }} + run: | + if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV" + else + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" + fi + - name: Get release status check run id: get-check-run - if: github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status' + if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status') || github.event_name == 'workflow_dispatch' env: GITHUB_TOKEN: ${{ github.token }} - CHECK_RUN_HEAD_SHA: ${{ github.event.check_run.head_sha }} run: | check_run_info=$(gh api \ --header "Accept: application/vnd.github+json" \ @@ -45,7 +55,7 @@ jobs: echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV" - name: Reset release status - if: env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' + if: github.event_name == 'check_run' && env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' env: GITHUB_TOKEN: ${{ github.token }} run: | @@ -59,17 +69,6 @@ jobs: echo "Created release status check run with id $CHECK_RUN_ID" - - name: Determine check run head SHA - env: - HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }} - HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }} - run: | - if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then - echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV" - else - echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" - fi - - name: Check all runs completed if: env.CHECK_RUN_STATUS != 'completed' env: @@ -87,13 +86,13 @@ jobs: --arg status "completed" \ --arg conclusion "success" \ '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID else echo "Not all check runs completed" fi \ No newline at end of file From c00e89015dbaed788a7e0bc7bbe30796397ce36c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:38:44 -0700 Subject: [PATCH 068/183] Use the gh context to get the workflow name to exclude --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 702f8f1d9a..11c49d316f 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -36,7 +36,7 @@ jobs: - name: Get release status check run id: get-check-run - if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status') || github.event_name == 'workflow_dispatch' + if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != github.workflow) || github.event_name == 'workflow_dispatch' env: GITHUB_TOKEN: ${{ github.token }} run: | From c592e4c223b5859d8cf4c375c7b33a954127871e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:41:18 -0700 Subject: [PATCH 069/183] Restore check run status retrieval --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 11c49d316f..5990a1d79c 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -43,7 +43,7 @@ jobs: check_run_info=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion' \ + --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion}' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) check_run_id=$(echo "$check_run_info" | jq -r '.id') From 5a80a333168ec9a91e531ee3e89bedf4dff3e242 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 15:08:29 -0700 Subject: [PATCH 070/183] Fail release-check if any other check runs failed --- .github/workflows/update-release-status.yml | 22 +++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 5990a1d79c..d517ac34ae 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -74,17 +74,31 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - done=$(gh api \ + check_runs=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs | map(select(.name != "release-status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ + --jq '.check_runs | map(select(.name != "release-status"))' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) - if [[ "$done" == "true" ]]; then + status_stats=$(echo "$check_runs" | jq -r '. | {failed: (map(select(.conclusion == "failure")) | length), pending: (map(select(.status != "completed")) | length) }') + + failed=$(echo "$status_stats" | jq -r '.failed') + pending=$(echo "$status_stats" | jq -r '.pending') + + if [[ "$pending" == "0" ]]; then echo "All check runs completed" + + if [[ "$failed" == "0" ]]; then + echo "All check runs succeeded" + conclusion="success" + else + echo "Some check runs failed" + conclusion="failure" + fi + jq -n \ --arg status "completed" \ - --arg conclusion "success" \ + --arg conclusion "$conclusion" \ '{status: $status, conclusion: $conclusion}' \ | \ gh api \ From afa5b39a4668609677f753a60238f92bcaf215b2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 15:28:23 -0700 Subject: [PATCH 071/183] Update descriptions to match our docs --- .github/workflows/update-check-run.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 12f1de5779..028748f9ad 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -5,21 +5,25 @@ on: inputs: id: description: | - The ID of the check run to update. + The unique identifier of the check run. type: number required: true status: description: | - The new status of the check run. + The current status. + + Can be one of: queued, in_progress, completed type: string required: true conclusion: description: | - The conclusion of the check run when the status is 'completed'. + The final conclusion of the check when completed. + + Can be one of: action_required, cancelled, failure, neutral, success, skipped, stale, timed_out type: string details_url: description: | - The URL of the check run's details page. + The URL of the integrator's site that has the full details of the check. type: string permissions: From 69bfe7dc00c5cc88636d7b318156f2d3eef2b95a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 15:28:42 -0700 Subject: [PATCH 072/183] Add support for external id and output inputs --- .github/workflows/update-check-run.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 028748f9ad..da43d91f54 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -25,6 +25,17 @@ on: description: | The URL of the integrator's site that has the full details of the check. type: string + external_id: + description: | + A reference for the run on the integrator's system. + type: string + output: + description: | + The output object for the check run. + + See https://docs.github.com/en/rest/checks/runs?apiVersion=2022-11-28#update-a-check-run for more information. + type: string + default: '{}' permissions: checks: write @@ -39,13 +50,17 @@ jobs: CHECK_RUN_STATUS: ${{ inputs.status }} CHECK_RUN_CONCLUSION: ${{ inputs.conclusion }} CHECK_RUN_DETAILS_URL: ${{ inputs.details_url }} + CHECK_RUN_EXTERNAL_ID: ${{ inputs.external_id }} + CHECK_RUN_OUTPUT: ${{ inputs.output }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "$CHECK_RUN_STATUS" \ --arg conclusion "$CHECK_RUN_CONCLUSION" \ --arg details_url "$CHECK_RUN_DETAILS_URL" \ - '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries' \ + --arg external_id "$CHECK_RUN_EXTERNAL_ID" \ + --argjson output "$CHECK_RUN_OUTPUT" \ + '{status: $status, conclusion: $conclusion, details_url: $details_url, external_id: $external_id, output: $output} | to_entries | map(select(.value != "" and .value != {})) | from_entries' \ | \ gh api \ --method PATCH \ From 31d17eab2b3e8b97b51486a74275e9e0eedc6f45 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 11 Sep 2023 11:36:25 -0700 Subject: [PATCH 073/183] Create draft release --- .github/workflows/prepare-release.yml | 103 ++++++++++++++++++++++++-- 1 file changed, 96 insertions(+), 7 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index b66f66b390..0149cdf329 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -28,16 +28,59 @@ env: jobs: prepare-release: outputs: - pull-request-head-sha: ${{ steps.create-release-pull-request.outputs.pull-request-head-sha }} + pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + runs-on: ubuntu-latest steps: - - name: Checkout + - name: Checkout uses: actions/checkout@v3 with: ref: ${{ inputs.ref }} + - name: Validate release precondition + env: + RELEASE_VERSION: ${{ inputs.version }} + GITHUB_TOKEN: ${{ github.token }} + run: | + read -r release type < <(gh release list | awk -v release="v$RELEASE_VERSION" '$1 ~ release { print $1,$2; ++n } END { if (n == 0) print "undefined", "undefined" }') + if [[ "$release" == "undefined" ]]; then + echo "Release v$RELEASE_VERSION does not exist. Proceeding" + echo "create_draft_release=true" >> "$GITHUB_ENV" + else + if [[ "$type" != "Draft" ]]; then + echo "Release '$release' already exists and is not a draft, but has release state '$type'. Cannot proceed" + exit 1 + else + echo "Release '$release' already exists and is a draft. Proceeding" + echo "create_draft_release=false" >> "$GITHUB_ENV" + fi + fi + + if [[ -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then + echo "Release branch rc/$RELEASE_VERSION does not exist." + echo "create_release_branch=true" >> "$GITHUB_ENV" + echo "create_release_pr=true" >> "$GITHUB_ENV" + else + echo "Release branch rc/$RELEASE_VERSION already exists." + echo "create_release_branch=false" >> "$GITHUB_ENV" + + pr_state=$(gh pr view rc/$RELEASE_VERSION --json title,state) + pr_title=$(echo "$pr_state" | jq -r '.title') + pr_state=$(echo "$pr_state" | jq -r '.state') + + echo "Found PR '$pr_title' with state '$pr_state'" + + if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" == "OPEN" ]]; then + echo "Release PR for rc/$RELEASE_VERSION already exists and is open." + echo "create_release_pr=false" >> "$GITHUB_ENV" + else + echo "Release PR for rc/$RELEASE_VERSION does not exist or is closed." + echo "create_release_pr=true" >> "$GITHUB_ENV" + fi + + fi + - name: Install Python uses: actions/setup-python@v4 with: @@ -49,17 +92,38 @@ jobs: - name: Validate version run: | python scripts/release/validate-version.py "$RELEASE_VERSION" - + - name: Create release branch + if: env.create_release_branch == 'true' run: | git switch -c rc/$RELEASE_VERSION git push --set-upstream origin rc/$RELEASE_VERSION + - name: Create draft release + if: env.create_draft_release == 'true' + env: + RELEASE_VERSION: ${{ inputs.version }} + GITHUB_TOKEN: ${{ github.token }} + run: | + gh release create \ + -R $GITHUB_REPOSITORY \ + --title "v$RELEASE_VERSION" \ + --draft \ + --target rc/$RELEASE_VERSION \ + $RELEASE_VERSION + - name: Create feature branch for PR + if: env.create_release_pr == 'true' run: | git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION + - name: Get feature branch for PR + if: env.create_release_pr == 'false' + run: | + git switch feature/update-user-manual-for-$RELEASE_VERSION + git pull --rebase + - name: Update user manual version run: | find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" @@ -68,16 +132,41 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" + if git diff --quiet; then + echo "update-release-pr=true" >> "$GITHUB_ENV" + else + echo "update-release-pr=false" >> "$GITHUB_ENV" + fi + + - name: Update feature branch for PR + if: env.update-release-pr == 'true' + run: | + find docs -name 'user_manual.md' -exec git add {} \; + git commit -m "Update user manual for release $RELEASE_VERSION." + git push + - name: Create release PR - id: create-release-pull-request + if: env.create_release_pr == 'true' uses: peter-evans/create-pull-request@v5 with: - title: "Release ${{ inputs.version }}." + title: "Release v${{ inputs.version }}." body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." commit-message: "Update user manual for release ${{ inputs.version }}." delete-branch: true branch: "rc/${{ inputs.version }}" - + + - name: Determine pull request head SHA + id: determine-pr-head-sha + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + read -r pull_request_head_sha pr_state < <(gh pr view rc/$RELEASE_VERSION --json headRefOid,state --jq '.headRefOid + " " + .state') + if [[ "$pr_state" != "OPEN" ]]; then + echo "Release PR for rc/$RELEASE_VERSION is not open, but in state '$pr_state'. Cannot proceed!" + exit 1 + fi + echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" + # Invoke release validation because our PRs created with a GitHub token do not trigger a `pull_request` event. validate-release: name: "Validate coding standards release" From 427b94f152a33bda0054715a12c8df5371c52e64 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:04:20 -0700 Subject: [PATCH 074/183] Change PR title --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 0149cdf329..73026d7779 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -149,7 +149,7 @@ jobs: if: env.create_release_pr == 'true' uses: peter-evans/create-pull-request@v5 with: - title: "Release v${{ inputs.version }}." + title: "Release v${{ inputs.version }}" body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." commit-message: "Update user manual for release ${{ inputs.version }}." delete-branch: true From 2af15d33e7d27c8f4a2115ae1bafe7ae3becb0bc Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:05:09 -0700 Subject: [PATCH 075/183] Dispatch compiler compatibility testing --- .github/workflows/validate-release.yml | 64 ++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f186f07ad2..5a9adffe34 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -158,6 +158,70 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + pre-validate-compiler-compatibility: + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + needs: [determine-ref] + runs-on: ubuntu-latest + steps: + - name: Create check run + id: create-check-run + env: + GH_TOKEN: ${{ github.token }} + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="compiler-compatibility-test" \ + --field head_sha="$RELEASE_REF" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + + validate-compiler-compatibility: + needs: [pre-validate-compiler-compatibility, determine-ref] + runs-on: ubuntu-latest + steps: + - name: Invoke performance test + env: + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + GH_TOKEN: ${{ secrets.release-engineering-token }} + run: | + jq -n \ + --arg ref "$RELEASE_REF" \ + --arg check_run_id "$CHECK_RUN_ID" \ + '{ref: $ref, "check-run-id": $check_run_id}' \ + | \ + gh workflow run release-performance-validation.yml \ + --json \ + -R github/codeql-coding-standards-release-engineering \ + --ref rvermeulen/release-process + + on-failure-validate-compiler-compatibility-dispatch: + needs: [pre-validate-compiler-compatibility, validate-compiler-compatibility] + if: failure() + runs-on: ubuntu-latest + steps: + - name: Fail check run status + env: + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} + run: | + jq -n \ + --arg status "completed" \ + --arg conclusion "failed" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + create-release-status-check-run: name: "Initialize release status monitoring" needs: [determine-ref] From 9d53b04bec22937267f992b2dc6d0bbcc1be0eae Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:06:35 -0700 Subject: [PATCH 076/183] Rename jobs for consistency --- .github/workflows/validate-release.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 5a9adffe34..38f3020e8b 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -94,7 +94,7 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - pre-validate-release-performance: + pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} needs: [determine-ref] @@ -116,14 +116,14 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" - validate-release-performance: - needs: [pre-validate-release-performance, determine-ref] + validate-performance: + needs: [pre-validate-performance, determine-ref] runs-on: ubuntu-latest steps: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ @@ -136,14 +136,14 @@ jobs: -R github/codeql-coding-standards-release-engineering \ --ref rvermeulen/release-process - on-failure-validate-release-performance: - needs: [pre-validate-release-performance, validate-release-performance] + on-failure-validate-performance-dispatch: + needs: [pre-validate-performance, validate-performance] if: failure() runs-on: ubuntu-latest steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ @@ -187,7 +187,7 @@ jobs: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ @@ -207,7 +207,7 @@ jobs: steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ From ddcf8ff42e82394c55fadaee08368b6df411181d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:17:34 -0700 Subject: [PATCH 077/183] Address incorrect retrieval of feature branch --- .github/workflows/prepare-release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 73026d7779..035b7ae770 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -121,8 +121,9 @@ jobs: - name: Get feature branch for PR if: env.create_release_pr == 'false' run: | + git fetch origin feature/update-user-manual-for-$RELEASE_VERSION git switch feature/update-user-manual-for-$RELEASE_VERSION - git pull --rebase + git pull - name: Update user manual version run: | From 62e4e8b02e702ea59626867a8052ed2ef643c571 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:32:13 -0700 Subject: [PATCH 078/183] Invoke correct compiler validation workflow --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 38f3020e8b..ec6f0a64cc 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -184,7 +184,7 @@ jobs: needs: [pre-validate-compiler-compatibility, determine-ref] runs-on: ubuntu-latest steps: - - name: Invoke performance test + - name: Invoke compiler compatibility test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} @@ -195,7 +195,7 @@ jobs: --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ - gh workflow run release-performance-validation.yml \ + gh workflow run release-compiler-validation.yml \ --json \ -R github/codeql-coding-standards-release-engineering \ --ref rvermeulen/release-process From ffb942501f5b7c3bc8a322bf5fc45d4cd508f17c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 13:52:46 -0700 Subject: [PATCH 079/183] Validate we can generate deploy artifacts --- .github/workflows/code-scanning-pack-gen.yml | 43 +++++++++++++--- .github/workflows/validate-release.yml | 54 ++++++++++++++++++++ 2 files changed, 89 insertions(+), 8 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 9cf2b3ebe8..b2c5785fa6 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -5,27 +5,52 @@ on: pull_request: branches: - main - - "rc/**" - next push: branches: - main - - "rc/**" - next + workflow_call: + inputs: + ref: + description: | + The ref to run the tests on. + type: string + required: true + env: XARGS_MAX_PROCS: 4 jobs: + determine-ref: + runs-on: ubuntu-latest + outputs: + ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" + fi + prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix + needs: [determine-ref] runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Export Code Scanning pack matrix id: export-code-scanning-pack-matrix @@ -36,13 +61,15 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack - needs: prepare-code-scanning-pack-matrix + needs: [prepare-code-scanning-pack-matrix, determine-ref] runs-on: ubuntu-20.04-xl strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Cache CodeQL id: cache-codeql @@ -68,15 +95,15 @@ jobs: - name: Checkout external help files continue-on-error: true id: checkout-external-help-files - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }} repository: "github/codeql-coding-standards-help" - ref: ${{ github.head_ref }} + ref: ${{ needs.determine-ref.outputs.ref }} path: external-help-files - name: Include external help files - if: ${{ steps.checkout-external-help-files.outcome == 'success' }} + if: steps.checkout-external-help-files.outcome == 'success' run: | pushd external-help-files find . -name '*.md' -exec rsync -av --relative {} "$GITHUB_WORKSPACE" \; diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index ec6f0a64cc..e636a8ada5 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -222,6 +222,60 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + pre-generate-packs: + needs: [determine-ref] + runs-on: ubuntu-latest + if: github.event_name != 'pull_request' + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} + steps: + - name: Create check run + id: create-check-run + env: + REF: ${{ needs.determine-ref.outputs.ref }} + GH_TOKEN: ${{ github.token }} + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="Code Scanning Query Pack Generation" \ + --field head_sha="$REF" \ + --field status="in_progress" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + + generate-packs: + needs: [determine-ref, pre-generate-packs] + if: needs.pre-generate-packs.result != 'failure' + uses: ./.github/workflows/code-scanning-pack-gen.yml + with: + ref: ${{ needs.determine-ref.outputs.ref }} + + post-generate-packs: + needs: [pre-generate-packs, generate-packs] + if: always() && github.event_name != 'pull_request' + runs-on: ubuntu-latest + steps: + - name: Update check run + env: + CHECK_RUN_ID: ${{ needs.pre-generate-packs.outputs.check-run-id }} + CHECK_RUN_CONCLUSION: ${{ needs.generate-packs.result }} + GH_TOKEN: ${{ github.token }} + run: | + jq -n \ + --arg status "completed" \ + --arg conclusion "$CHECK_RUN_CONCLUSION" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + create-release-status-check-run: name: "Initialize release status monitoring" needs: [determine-ref] From 41a9ad07d160f61522f3fbf216c7798983a3cce3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 14:08:18 -0700 Subject: [PATCH 080/183] Remove push trigger used to register the workflow --- .github/workflows/prepare-release.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 035b7ae770..66650aa3bc 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,10 +11,6 @@ on: description: | The git commit, branch, or tag to release from. required: true - # The following push event trigger is only used for testing purposes. Should be removed before merging! - push: - branches: - - rvermeulen/release-process-improvements permissions: contents: write From 30ee9ea66efdce60224becd6156bd6b1c0d5a21a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 17:07:22 -0700 Subject: [PATCH 081/183] Run on ubuntu latest --- .github/workflows/code-scanning-pack-gen.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index b2c5785fa6..3b7e723032 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -43,7 +43,7 @@ jobs: prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix needs: [determine-ref] - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: @@ -62,7 +62,8 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack needs: [prepare-code-scanning-pack-matrix, determine-ref] - runs-on: ubuntu-20.04-xl + #runs-on: ubuntu-20.04-xl + runs-on: ubuntu-latest strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} From 35d98b1162391114edab03cb5b5a650aff6eac43 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 17:07:36 -0700 Subject: [PATCH 082/183] Replace ::set-output --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 3b7e723032..d5e662ebf7 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -55,9 +55,9 @@ jobs: - name: Export Code Scanning pack matrix id: export-code-scanning-pack-matrix run: | - echo "::set-output name=matrix::$( + echo "matrix=$( jq --compact-output '.supported_environment | {include: .}' supported_codeql_configs.json - )" + )" >> $GITHUB_OUTPUT create-code-scanning-pack: name: Create Code Scanning pack From af1a003710823ffe25a14e11274de636eafa8f31 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 09:31:23 -0700 Subject: [PATCH 083/183] Make release process pull_request driven --- .github/workflows/code-scanning-pack-gen.yml | 33 +--- .github/workflows/codeql_unit_tests.yml | 35 +--- .github/workflows/prepare-release.yml | 31 ++-- .github/workflows/update-release-status.yml | 56 +++--- .../workflows/validate-coding-standards.yml | 76 -------- .github/workflows/validate-package-files.yml | 18 +- .../workflows/validate-query-formatting.yml | 30 +--- .github/workflows/validate-query-help.yml | 18 +- .../validate-query-test-case-formatting.yml | 30 +--- .github/workflows/validate-release.yml | 167 ++---------------- 10 files changed, 91 insertions(+), 403 deletions(-) delete mode 100644 .github/workflows/validate-coding-standards.yml diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index d5e662ebf7..83d22a6765 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -6,52 +6,27 @@ on: branches: - main - next + - "rc/**" push: branches: - main - next - - workflow_call: - inputs: - ref: - description: | - The ref to run the tests on. - type: string - required: true + - "rc/**" env: XARGS_MAX_PROCS: 4 jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix - needs: [determine-ref] runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - name: Export Code Scanning pack matrix id: export-code-scanning-pack-matrix run: | @@ -61,7 +36,7 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack - needs: [prepare-code-scanning-pack-matrix, determine-ref] + needs: prepare-code-scanning-pack-matrix #runs-on: ubuntu-20.04-xl runs-on: ubuntu-latest strategy: @@ -69,8 +44,6 @@ jobs: matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} steps: - uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - name: Cache CodeQL id: cache-codeql diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index ce004a9d03..ebcc90a393 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -6,46 +6,23 @@ on: branches: - main - next + - "rc/**" pull_request: branches: - main - next - workflow_call: - inputs: - ref: - description: | - The ref to run the tests on. - type: string - required: true + - "rc/**" jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi - + prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix - needs: [determine-ref] runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - name: Export unit test matrix id: export-unit-test-matrix @@ -58,7 +35,7 @@ jobs: run-test-suites: name: Run unit tests - needs: [prepare-unit-test-matrix, determine-ref] + needs: prepare-unit-test-matrix runs-on: ${{ matrix.os }} strategy: @@ -68,8 +45,6 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - name: Install Python uses: actions/setup-python@v4 @@ -184,7 +159,7 @@ jobs: validate-test-results: name: Validate test results - needs: [run-test-suites] + needs: run-test-suites runs-on: ubuntu-latest steps: - name: Collect test results diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 66650aa3bc..c34408b9f4 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -143,15 +143,18 @@ jobs: git push - name: Create release PR + env: + GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} if: env.create_release_pr == 'true' - uses: peter-evans/create-pull-request@v5 - with: - title: "Release v${{ inputs.version }}" - body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." - commit-message: "Update user manual for release ${{ inputs.version }}." - delete-branch: true - branch: "rc/${{ inputs.version }}" - + run: | + gh pr create \ + -R $GITHUB_REPOSITORY \ + --title "Release v$RELEASE_VERSION" \ + --body "This PR releases codeql-coding-standards version $RELEASE_VERSION." \ + --base rc/$RELEASE_VERSION \ + --head feature/update-user-manual-for-$RELEASE_VERSION \ + --draft + - name: Determine pull request head SHA id: determine-pr-head-sha env: @@ -162,14 +165,4 @@ jobs: echo "Release PR for rc/$RELEASE_VERSION is not open, but in state '$pr_state'. Cannot proceed!" exit 1 fi - echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" - - # Invoke release validation because our PRs created with a GitHub token do not trigger a `pull_request` event. - validate-release: - name: "Validate coding standards release" - needs: prepare-release - uses: ./.github/workflows/validate-release.yml - with: - ref: ${{ needs.prepare-release.outputs.pull-request-head-sha }} - secrets: - release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file + echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" \ No newline at end of file diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index d517ac34ae..53e9e45c04 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -5,7 +5,7 @@ on: - completed - rerequested branches: - - "rc/*" + - "rc/**" workflow_dispatch: inputs: @@ -85,28 +85,38 @@ jobs: failed=$(echo "$status_stats" | jq -r '.failed') pending=$(echo "$status_stats" | jq -r '.pending') - if [[ "$pending" == "0" ]]; then - echo "All check runs completed" + echo "CHECK_RUNS_FAILED=$failed" >> "$GITHUB_ENV" + echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV - if [[ "$failed" == "0" ]]; then - echo "All check runs succeeded" - conclusion="success" - else - echo "Some check runs failed" - conclusion="failure" - fi + - name: Finalize release + if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' + uses: ./.github/workflows/post-release.yml + with: + ref: ${{ env.CHECK_RUN_HEAD_SHA }} - jq -n \ - --arg status "completed" \ - --arg conclusion "$conclusion" \ - '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + - name: Conclude release status + if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' + env: + GITHUB_TOKEN: ${{ github.token }} + CHECK_RUNS_FAILED: ${{ env.check-runs-failed }} + run: | + if [[ "$CHECK_RUNS_FAILED" == "0" ]]; then + echo "All check runs succeeded" + conclusion="success" else - echo "Not all check runs completed" - fi \ No newline at end of file + echo "Some check runs failed" + conclusion="failure" + fi + + jq -n \ + --arg status "completed" \ + --arg conclusion "$conclusion" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + \ No newline at end of file diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml deleted file mode 100644 index 0030313061..0000000000 --- a/.github/workflows/validate-coding-standards.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: Validating Coding Standards - -on: - merge_group: - pull_request: - branches: - - main - - next - workflow_call: - inputs: - ref: - description: | - The ref to validate. - type: string - required: true - -permissions: - contents: read - actions: write - -jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi - - validate-package-files: - name: Validate Package Files - needs: [determine-ref] - uses: ./.github/workflows/validate-package-files.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - validate-codeql-query-formatting: - name: "Validate CodeQL Query Formatting" - needs: [determine-ref] - uses: ./.github/workflows/validate-query-formatting.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - validate-query-help-files: - name: Validate Query Help Files - needs: [determine-ref] - uses: ./.github/workflows/validate-query-help.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - validate-test-case-formatting: - name: Validate Test - needs: [determine-ref] - uses: ./.github/workflows/validate-query-test-case-formatting.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - run-codeql-unit-tests: - name: Run CodeQL Unit Tests - needs: [determine-ref] - #uses: ./.github/workflows/codeql_unit_tests.yml - #with: - # ref: ${{ needs.determine-ref.outputs.ref }} - runs-on: ubuntu-latest - steps: - - name: Fail - run: | - exit 1 diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index d698b7e2e5..f348903caa 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -1,17 +1,11 @@ name: Validate Package Files on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" jobs: validate-package-files: diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index fc574c65b4..5aeb0b926a 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -1,30 +1,14 @@ name: "Validate Query Formatting" on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" env: - XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + XARGS_MAX_PROCS: 4 jobs: validate-query-formatting: diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index e22e959d33..a035c6be21 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -1,17 +1,11 @@ name: Validate Query Help Files on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" jobs: validate-query-help-files: diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 3fa974e4d9..825ddc2ad5 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -1,30 +1,14 @@ name: Validate Query Test Case Formatting on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" env: - XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + XARGS_MAX_PROCS: 4 jobs: validate-test-case-files: diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index e636a8ada5..e740c0d82e 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -1,20 +1,9 @@ name: Validate release on: - workflow_call: - inputs: - ref: - description: | - The ref that is released - required: true - type: string - secrets: - release-engineering-token: - required: true - pull_request: branches: - - "rc/*" + - "rc/**" permissions: contents: read @@ -23,111 +12,37 @@ permissions: jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi - - pre-validate-coding-standards: - needs: [determine-ref] - runs-on: ubuntu-latest - if: github.event_name != 'pull_request' - outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - steps: - - name: Create check run - id: create-check-run - env: - REF: ${{ needs.determine-ref.outputs.ref }} - GH_TOKEN: ${{ github.token }} - run: | - check_run_id=$(gh api \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --field name="Validating Coding Standards" \ - --field head_sha="$REF" \ - --field status="in_progress" \ - --jq ".id" \ - /repos/$GITHUB_REPOSITORY/check-runs) - - echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" - - validate-coding-standards: - name: "Validate coding standards" - needs: [determine-ref, pre-validate-coding-standards] - if: needs.pre-validate-coding-standards.result != 'failure' - uses: ./.github/workflows/validate-coding-standards.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - post-validate-coding-standards: - needs: [pre-validate-coding-standards, validate-coding-standards] - if: always() && github.event_name != 'pull_request' - runs-on: ubuntu-latest - steps: - - name: Update check run - env: - CHECK_RUN_ID: ${{ needs.pre-validate-coding-standards.outputs.check-run-id }} - CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} - GH_TOKEN: ${{ github.token }} - run: | - jq -n \ - --arg status "completed" \ - --arg conclusion "$CHECK_RUN_CONCLUSION" \ - '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} - needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create check run id: create-check-run env: - GH_TOKEN: ${{ github.token }} - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} + GITHUB_TOKEN: ${{ github.token }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --field head_sha="$RELEASE_REF" \ + --field head_sha="$GITHUB_REF" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-performance: - needs: [pre-validate-performance, determine-ref] + needs: pre-validate-performance runs-on: ubuntu-latest steps: - name: Invoke performance test env: - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GITHUB_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ - --arg ref "$RELEASE_REF" \ + --arg ref "$GITHUB_REF" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -161,37 +76,35 @@ jobs: pre-validate-compiler-compatibility: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} - needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create check run id: create-check-run env: - GH_TOKEN: ${{ github.token }} + GITHUB_TOKEN: ${{ github.token }} RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="compiler-compatibility-test" \ - --field head_sha="$RELEASE_REF" \ + --field head_sha="$GITHUB_REF" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-compiler-compatibility: - needs: [pre-validate-compiler-compatibility, determine-ref] + needs: pre-validate-compiler-compatibility runs-on: ubuntu-latest steps: - name: Invoke compiler compatibility test env: - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GITHUB_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ - --arg ref "$RELEASE_REF" \ + --arg ref "$GITHUB_REF" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -222,75 +135,19 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - pre-generate-packs: - needs: [determine-ref] - runs-on: ubuntu-latest - if: github.event_name != 'pull_request' - outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - steps: - - name: Create check run - id: create-check-run - env: - REF: ${{ needs.determine-ref.outputs.ref }} - GH_TOKEN: ${{ github.token }} - run: | - check_run_id=$(gh api \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --field name="Code Scanning Query Pack Generation" \ - --field head_sha="$REF" \ - --field status="in_progress" \ - --jq ".id" \ - /repos/$GITHUB_REPOSITORY/check-runs) - - echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" - - generate-packs: - needs: [determine-ref, pre-generate-packs] - if: needs.pre-generate-packs.result != 'failure' - uses: ./.github/workflows/code-scanning-pack-gen.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - post-generate-packs: - needs: [pre-generate-packs, generate-packs] - if: always() && github.event_name != 'pull_request' - runs-on: ubuntu-latest - steps: - - name: Update check run - env: - CHECK_RUN_ID: ${{ needs.pre-generate-packs.outputs.check-run-id }} - CHECK_RUN_CONCLUSION: ${{ needs.generate-packs.result }} - GH_TOKEN: ${{ github.token }} - run: | - jq -n \ - --arg status "completed" \ - --arg conclusion "$CHECK_RUN_CONCLUSION" \ - '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - create-release-status-check-run: name: "Initialize release status monitoring" - needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create release status check run env: - REF: ${{ needs.determine-ref.outputs.ref }} GITHUB_TOKEN: ${{ github.token }} run: | CHECK_RUN_ID=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$REF" \ + --field head_sha="$GITHUB_REF" \ --field status="in_progress" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From 1f6f1fc7e61547ce72984fc4bf656011e004ae49 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 10:45:46 -0700 Subject: [PATCH 084/183] Push commits if manual was updated --- .github/workflows/prepare-release.yml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c34408b9f4..f53ba60163 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -130,18 +130,11 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" if git diff --quiet; then - echo "update-release-pr=true" >> "$GITHUB_ENV" - else - echo "update-release-pr=false" >> "$GITHUB_ENV" + git add -u . + git commit -m "Update version" + git push fi - - name: Update feature branch for PR - if: env.update-release-pr == 'true' - run: | - find docs -name 'user_manual.md' -exec git add {} \; - git commit -m "Update user manual for release $RELEASE_VERSION." - git push - - name: Create release PR env: GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} From 43757cf73d4905eee001d24071ee2edb1012d3e6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 10:51:55 -0700 Subject: [PATCH 085/183] Handle feature branch separately from PR --- .github/workflows/prepare-release.yml | 34 ++++++++++++++------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f53ba60163..f41be77706 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -57,10 +57,19 @@ jobs: echo "Release branch rc/$RELEASE_VERSION does not exist." echo "create_release_branch=true" >> "$GITHUB_ENV" echo "create_release_pr=true" >> "$GITHUB_ENV" + echo "create_release_feature_branch=true" >> "$GITHUB_ENV" else echo "Release branch rc/$RELEASE_VERSION already exists." echo "create_release_branch=false" >> "$GITHUB_ENV" + if [[ -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then + echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION does not exist." + echo "create_release_feature_branch=true" >> "$GITHUB_ENV" + else + echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION already exists." + echo "create_release_feature_branch=false" >> "$GITHUB_ENV" + fi + pr_state=$(gh pr view rc/$RELEASE_VERSION --json title,state) pr_title=$(echo "$pr_state" | jq -r '.title') pr_state=$(echo "$pr_state" | jq -r '.state') @@ -77,6 +86,11 @@ jobs: fi + - name: Configure git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Install Python uses: actions/setup-python@v4 with: @@ -109,13 +123,13 @@ jobs: $RELEASE_VERSION - name: Create feature branch for PR - if: env.create_release_pr == 'true' + if: env.create_release_feature_branch == 'true' run: | git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - name: Get feature branch for PR - if: env.create_release_pr == 'false' + if: env.create_release_feature_branch == 'false' run: | git fetch origin feature/update-user-manual-for-$RELEASE_VERSION git switch feature/update-user-manual-for-$RELEASE_VERSION @@ -129,7 +143,7 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - if git diff --quiet; then + if ! git diff --quiet; then git add -u . git commit -m "Update version" git push @@ -146,16 +160,4 @@ jobs: --body "This PR releases codeql-coding-standards version $RELEASE_VERSION." \ --base rc/$RELEASE_VERSION \ --head feature/update-user-manual-for-$RELEASE_VERSION \ - --draft - - - name: Determine pull request head SHA - id: determine-pr-head-sha - env: - GITHUB_TOKEN: ${{ github.token }} - run: | - read -r pull_request_head_sha pr_state < <(gh pr view rc/$RELEASE_VERSION --json headRefOid,state --jq '.headRefOid + " " + .state') - if [[ "$pr_state" != "OPEN" ]]; then - echo "Release PR for rc/$RELEASE_VERSION is not open, but in state '$pr_state'. Cannot proceed!" - exit 1 - fi - echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" \ No newline at end of file + --draft \ No newline at end of file From 1dcbdd511bd9dda44921795c8062cfe6cff43f4b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:18:22 -0700 Subject: [PATCH 086/183] Use correct auth header --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index e740c0d82e..be06a2c9e3 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -39,7 +39,7 @@ jobs: - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GITHUB_TOKEN: ${{ secrets.release-engineering-token }} + GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ --arg ref "$GITHUB_REF" \ @@ -101,7 +101,7 @@ jobs: - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ secrets.release-engineering-token }} + GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ --arg ref "$GITHUB_REF" \ From 3147710bc38ea8d67cdcd21c68216bb824955fa4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:18:38 -0700 Subject: [PATCH 087/183] Use valid conclusion --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index be06a2c9e3..f246ecfee8 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -63,7 +63,7 @@ jobs: run: | jq -n \ --arg status "completed" \ - --arg conclusion "failed" \ + --arg conclusion "failure" \ '{status: $status, conclusion: $conclusion}' \ | \ gh api \ @@ -125,7 +125,7 @@ jobs: run: | jq -n \ --arg status "completed" \ - --arg conclusion "failed" \ + --arg conclusion "failure" \ '{status: $status, conclusion: $conclusion}' \ | \ gh api \ From 896951cd44f9c35d9e69705e0fa249fccbe63965 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:21:16 -0700 Subject: [PATCH 088/183] Use the sha for the check run --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f246ecfee8..653e481761 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -147,7 +147,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$GITHUB_REF" \ + --field head_sha="$GITHUB_SHA" \ --field status="in_progress" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From d0c65e6b4ed388806d4fb8304a2fa41c47d396a9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:34:27 -0700 Subject: [PATCH 089/183] Always restart release if it exists --- .github/workflows/prepare-release.yml | 61 +++++++++------------------ 1 file changed, 20 insertions(+), 41 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f41be77706..3072e33626 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -53,37 +53,30 @@ jobs: fi fi - if [[ -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then - echo "Release branch rc/$RELEASE_VERSION does not exist." - echo "create_release_branch=true" >> "$GITHUB_ENV" - echo "create_release_pr=true" >> "$GITHUB_ENV" - echo "create_release_feature_branch=true" >> "$GITHUB_ENV" - else - echo "Release branch rc/$RELEASE_VERSION already exists." - echo "create_release_branch=false" >> "$GITHUB_ENV" + release_pr=$(gh pr view rc/$RELEASE_VERSION --json title,state,number) - if [[ -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then - echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION does not exist." - echo "create_release_feature_branch=true" >> "$GITHUB_ENV" - else - echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION already exists." - echo "create_release_feature_branch=false" >> "$GITHUB_ENV" - fi + if [[ ! -z "$release_pr" ]]; then - pr_state=$(gh pr view rc/$RELEASE_VERSION --json title,state) - pr_title=$(echo "$pr_state" | jq -r '.title') - pr_state=$(echo "$pr_state" | jq -r '.state') + pr_title=$(echo "$release_pr" | jq -r '.title') + pr_state=$(echo "$release_pr" | jq -r '.state') + pr_number=$(echo "$release_pr" | jq -r '.number') echo "Found PR '$pr_title' with state '$pr_state'" - if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" == "OPEN" ]]; then - echo "Release PR for rc/$RELEASE_VERSION already exists and is open." - echo "create_release_pr=false" >> "$GITHUB_ENV" - else - echo "Release PR for rc/$RELEASE_VERSION does not exist or is closed." - echo "create_release_pr=true" >> "$GITHUB_ENV" + if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" != "CLOSED" ]]; then + echo "Release PR is not closed, deleting it to proceed" + gh pr close --delete-branch $pr_number fi + fi + if [[ ! -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then + echo "Deleting existing release branch" + git push origin --delete rc/$RELEASE_VERSION + fi + + if [[ ! -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then + echo "Deleting existing feature branch" + git push origin --delete feature/update-user-manual-for-$RELEASE_VERSION fi - name: Configure git @@ -104,7 +97,6 @@ jobs: python scripts/release/validate-version.py "$RELEASE_VERSION" - name: Create release branch - if: env.create_release_branch == 'true' run: | git switch -c rc/$RELEASE_VERSION git push --set-upstream origin rc/$RELEASE_VERSION @@ -123,36 +115,23 @@ jobs: $RELEASE_VERSION - name: Create feature branch for PR - if: env.create_release_feature_branch == 'true' run: | git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - - name: Get feature branch for PR - if: env.create_release_feature_branch == 'false' - run: | - git fetch origin feature/update-user-manual-for-$RELEASE_VERSION - git switch feature/update-user-manual-for-$RELEASE_VERSION - git pull - - - name: Update user manual version - run: | find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_$RELEASE_VERSION.csv\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - if ! git diff --quiet; then - git add -u . - git commit -m "Update version" - git push - fi + git add -u . + git commit -m "Update version" + git push - name: Create release PR env: GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} - if: env.create_release_pr == 'true' run: | gh pr create \ -R $GITHUB_REPOSITORY \ From eb8599c516eb235946f07e28c4ef02399290e8b3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:44:53 -0700 Subject: [PATCH 090/183] Use correct secret --- .github/workflows/validate-release.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 653e481761..59a0023462 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -39,7 +39,7 @@ jobs: - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ --arg ref "$GITHUB_REF" \ @@ -82,7 +82,6 @@ jobs: id: create-check-run env: GITHUB_TOKEN: ${{ github.token }} - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ @@ -101,7 +100,7 @@ jobs: - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ --arg ref "$GITHUB_REF" \ From 6f3ce95ecb974dd08f810f70c968371269ad7cbf Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:47:29 -0700 Subject: [PATCH 091/183] Output which SHA we create a checkrun for --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 59a0023462..0e9e6b9b9b 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -151,4 +151,4 @@ jobs: --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) - echo "Created release status check run with id $CHECK_RUN_ID" + echo "Created release status check run with id $CHECK_RUN_ID for $GITHUB_SHA" From 14efbacd28827af6bc43dce568fffbbbd74f4110 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 13:54:25 -0700 Subject: [PATCH 092/183] Use the head sha on the PR for the check runs --- .github/workflows/validate-release.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 0e9e6b9b9b..7fcd45abfd 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -10,6 +10,9 @@ permissions: actions: write checks: write +env: + HEAD_SHA: ${{ github.event.pull_request.head.sha }} + jobs: pre-validate-performance: @@ -26,7 +29,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --field head_sha="$GITHUB_REF" \ + --field head_sha="$HEAD_SHA" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) @@ -42,7 +45,7 @@ jobs: GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ - --arg ref "$GITHUB_REF" \ + --arg ref "$HEAD_SHA" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -87,7 +90,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="compiler-compatibility-test" \ - --field head_sha="$GITHUB_REF" \ + --field head_sha="$HEAD_SHA" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) @@ -103,7 +106,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ - --arg ref "$GITHUB_REF" \ + --arg ref "$HEAD_SHA" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -146,7 +149,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$GITHUB_SHA" \ + --field head_sha="$HEAD_SHA" \ --field status="in_progress" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From bde3c899c51c7371ae6c018ff9172f8680a0bf56 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:09:49 -0700 Subject: [PATCH 093/183] Make indepenent of the current working directory --- scripts/release/create_supported_rules_list.py | 3 --- scripts/release/utils.py | 5 ++++- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/release/create_supported_rules_list.py b/scripts/release/create_supported_rules_list.py index 15a8b5d6b7..e3294ed3b1 100644 --- a/scripts/release/create_supported_rules_list.py +++ b/scripts/release/create_supported_rules_list.py @@ -12,9 +12,6 @@ When run without any arguments, the script iterates through each of the rule package description files stored in the `rule_packages` directory, and identifies which rules are supported by one or more queries. - -This script needs to be run with the codeql-coding-standards git repository as the current working -directory. """ if (len(sys.argv) == 2 and sys.argv[1] == "--help"): diff --git a/scripts/release/utils.py b/scripts/release/utils.py index 4e9bb99dd2..cdb747c076 100644 --- a/scripts/release/utils.py +++ b/scripts/release/utils.py @@ -1,5 +1,6 @@ import re import yaml +from pathlib import Path def get_query_short_names(rule_dict): """Gets a list of the query "short_name" properties for the given rule""" @@ -18,7 +19,9 @@ def split_rule_id(rule_id): def get_standard_version(standard): """Gets the qlpack version for the given standard.""" - qlpack_path = "cpp/" + standard.split("-")[0].lower() + "/src/qlpack.yml" + module_path = Path(__file__) + repo_root = module_path.parent.parent.parent + qlpack_path = repo_root / "cpp" / standard.split("-")[0].lower() /"src" / "qlpack.yml" with open(qlpack_path, 'r') as qlpack_file: try: qlpack = yaml.safe_load(qlpack_file) From 01b06a4d12154f46cc083415df3582b11f66218a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:13:30 -0700 Subject: [PATCH 094/183] Add post release workflow to update the draft release --- .github/workflows/post-release.yml | 48 ++++ scripts/release/release-layout.yml | 20 ++ scripts/release/requirements.txt | 2 + scripts/release/update-release-assets.py | 338 +++++++++++++++++++++++ 4 files changed, 408 insertions(+) create mode 100644 .github/workflows/post-release.yml create mode 100644 scripts/release/release-layout.yml create mode 100644 scripts/release/update-release-assets.py diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml new file mode 100644 index 0000000000..c27045ffc9 --- /dev/null +++ b/.github/workflows/post-release.yml @@ -0,0 +1,48 @@ +name: Finalize Release + +on: + workflow_dispatch: + inputs: + version: + description: | + The version to release (MUST follow semantic versioning). + required: true + ref: + description: | + The git commit, branch, or tag to release from. + required: true + + push: + branches: + - rvermeulen/release-process-improvements + +jobs: + update-release: + name: "Update release" + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ github.event.inputs.ref }} + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install dependencies + run: pip install -f scripts/release/requirements.txt + + - name: Update release assets + env: + RELEASE_VERSION: ${{ inputs.version }} + RELEASE_REF: ${{ inputs.ref }} + GITHUB_TOKEN: ${{ github.token }} + RELEASE_ENGEERING_TOKEN: ${{ secrets.RELEASE_ENGEERING_TOKEN }} + run: | + python scripts/release/update-release-assets.py + --version $RELEASE_VERSION + --layout scripts/release/release-layout.yml + --ref $RELEASE_REF + --repo "$GITHUB_REPOSITORY" + --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" \ No newline at end of file diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml new file mode 100644 index 0000000000..4375f0e21c --- /dev/null +++ b/scripts/release/release-layout.yml @@ -0,0 +1,20 @@ +version: 0.1.0 + +layout: + certification_kit.zip: + - workflow-log: + name: ".*" + - workflow-artifact: + not-name: "Code Scanning Query Pack Generation" + code-scanning-cpp-query-pack.zip: + - workflow-artifact: + name: "Code Scanning Query Pack Generation" + artifact: code-scanning-cpp-query-pack.zip + supported_rules_list.csv: + - shell: | + python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py --csv > supported_rules_list.csv + supported_rules_list.md: + - shell: | + python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py > supported_rules_list.md + user_manual.md: + - file: docs/user_manual.md \ No newline at end of file diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt index 537a1dc317..40339090fb 100644 --- a/scripts/release/requirements.txt +++ b/scripts/release/requirements.txt @@ -1 +1,3 @@ semantic-version==2.10.0 +PyGithub==1.59.1 +PyYAML==6.0.1 \ No newline at end of file diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py new file mode 100644 index 0000000000..15488e98e3 --- /dev/null +++ b/scripts/release/update-release-assets.py @@ -0,0 +1,338 @@ +from __future__ import annotations # This enables postponed evaluation of type annotations. Required for typing.TYPE_CHECKING. See https://peps.python.org/pep-0563/ +from typing import TYPE_CHECKING, List, Union, cast, Dict, Any +import shutil +from tempfile import TemporaryDirectory +import subprocess +import re +from pathlib import Path +import sys +import semantic_version # type: ignore +import requests +import yaml + +if TYPE_CHECKING: + from github import WorkflowRun, Repository + + +script_path = Path(__file__).resolve() +root_path = script_path.parent.parent.parent + +def monkey_patch_github() -> None: + from github import Repository, PaginatedList, CheckRun + + class MyRepository(Repository.Repository): + def get_check_runs(self: Repository.Repository, ref: str, **kwargs: str) -> PaginatedList.PaginatedList[CheckRun.CheckRun]: + assert isinstance(ref, str), ref + + return PaginatedList.PaginatedList( + CheckRun.CheckRun, + self._requester, + f"{self.url}/commits/{ref}/check-runs", + firstParams=None, + list_item="check_runs") + + Repository.Repository = MyRepository + + from github import WorkflowRun, Artifact + class MyWorkflowRun(WorkflowRun.WorkflowRun): + def download_logs(self, path: Path) -> None: + """ + Download the logs for this workflow and store them in the directory specified by path. + + This method tries to minimize the dependency on the internal workings of the class Requester by using + requests directly. Ideally we would like to monkey patch __rawRequest to deal with 302 redirects, but + that didn't work out because it would fail to call other private methods with an AttributeError for an unknown reason. + """ + url = f"{self.url}/logs" + headers = { + "Accept": "application/vnd.github+json", + "X-GitHub-Api-Version": "2022-11-28" + } + if self._requester._Requester__auth is not None: # type: ignore + headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore + headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore + + resp = requests.get(url, headers=headers, allow_redirects=True) + + if resp.status_code != 200: + raise Exception(f"Unable to download logs: {resp.status_code} {resp.reason}") + + with (path / f"{self.name}-{self.head_sha}-{self.run_number}.zip").open("wb") as f: + f.write(resp.content) + + def download_artifacts(self, path: Path) -> None: + for artifact in self.get_artifacts(): # type: ignore + artifact = cast(Artifact.Artifact, artifact) + headers = { + "Accept": "application/vnd.github+json", + "X-GitHub-Api-Version": "2022-11-28" + } + if self._requester._Requester__auth is not None: # type: ignore + headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore + headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore + + resp = requests.get(artifact.archive_download_url, headers=headers, allow_redirects=True) + + if resp.status_code != 200: + raise Exception(f"Unable to download artifact ${artifact.name}. Received status code {resp.status_code} {resp.reason}") + + with (path / f"{artifact.name}.zip").open("wb") as f: + f.write(resp.content) + + def download_artifact(self, name: str, path: Path) -> None: + candidates: List[Artifact.Artifact] = [artifact for artifact in self.get_artifacts() if artifact.name == name] # type: ignore + if len(candidates) == 0: + raise Exception(f"Unable to find artifact {name}") + assert(len(candidates) == 1) + + artifact = candidates[0] + headers = { + "Accept": "application/vnd.github+json", + "X-GitHub-Api-Version": "2022-11-28" + } + if self._requester._Requester__auth is not None: # type: ignore + headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore + headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore + + resp = requests.get(artifact.archive_download_url, headers=headers, allow_redirects=True) + + if resp.status_code != 200: + raise Exception(f"Unable to download artifact ${artifact.name}. Received status code {resp.status_code} {resp.reason}") + + with (path / f"{artifact.name}.zip").open("wb") as f: + f.write(resp.content) + + + WorkflowRun.WorkflowRun = MyWorkflowRun + +class ReleaseLayout: + def __init__(self, specification: Path, skip_checks: bool = False) -> None: + self.specification = specification + self.artifacts = [] + self.skip_checks = skip_checks + + def make(self, directory: Path, workflow_runs: List[WorkflowRun.WorkflowRun]) -> None: + spec = yaml.safe_load(self.specification.read_text()) + artifacts : List[ReleaseArtifact] = [] + for artifact, action_specs in spec["layout"].items(): + actions : List[Union[WorkflowArtifactAction, WorkflowLogAction, ShellAction, FileAction]] = [] + for action_spec in action_specs: + assert(len(action_spec) == 1) + action_type, action_args = action_spec.popitem() + if action_type == "workflow-log": + actions.append(WorkflowLogAction(workflow_runs, **cast(Dict[str, Any], action_args))) + elif action_type == "workflow-artifact": + actions.append(WorkflowArtifactAction(workflow_runs, **cast(Dict[str, Any], action_args))) + elif action_type == "shell": + actions.append(ShellAction(action_args)) + elif action_type == "file": + actions.append(FileAction(action_args)) + else: + raise Exception(f"Unknown action type {action_type}") + + artifacts.append(ReleaseArtifact(artifact, actions, self.skip_checks)) + + for artifact in artifacts: + artifact.make(directory) + +class WorkflowLogAction(): + + def __init__(self, workflow_runs: List[WorkflowRun.WorkflowRun], **kwargs: str) -> None: + self.workflow_runs = workflow_runs + self.kwargs: dict[str, str] = kwargs + self.temp_workdir = TemporaryDirectory() + + def run(self) -> List[Path]: + workflow_runs = self.workflow_runs + if "name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if re.match(self.kwargs["name"], workflow_run.name)] + if "not-name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if not re.match(self.kwargs["not-name"], workflow_run.name)] + print(f"Downloading the logs for {len(workflow_runs)} workflow runs") + for workflow_run in workflow_runs: + print(f"Downloading logs for {workflow_run.name}") + workflow_run.download_logs(Path(self.temp_workdir.name)) # type: ignore + return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) + +class WorkflowArtifactAction(): + + def __init__(self, workflow_runs: List[WorkflowRun.WorkflowRun], **kwargs: str) -> None: + self.workflow_runs = workflow_runs + self.kwargs: dict[str, str] = kwargs + self.temp_workdir = TemporaryDirectory() + + def run(self) -> List[Path]: + workflow_runs = self.workflow_runs + if "name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if re.match(self.kwargs["name"], workflow_run.name)] + if "not-name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if not re.match(self.kwargs["not-name"], workflow_run.name)] + print(f"Downloading the artifacts for {len(workflow_runs)} workflow runs") + for workflow_run in workflow_runs: + print(f"Downloading artifacts for {workflow_run.name} to {self.temp_workdir.name}") + workflow_run.download_artifacts(Path(self.temp_workdir.name)) # type: ignore + return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) + +class ShellAction(): + def __init__(self, command: str) -> None: + self.command = command.strip() + self.temp_workdir = TemporaryDirectory() + + def run(self) -> List[Path]: + concrete_command = re.sub(pattern=r"\${{\s*coding-standards\.root\s*}}", repl=str(root_path), string=self.command) + subprocess.run(concrete_command, cwd=self.temp_workdir.name, check=True, shell=True) + return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) + +class FileAction(): + def __init__(self, path: Path) -> None: + self.path = path + + def run(self) -> List[Path]: + return [self.path] + +class ReleaseArtifact(): + def __init__(self, name: str, actions: List[Union[WorkflowLogAction, WorkflowArtifactAction, ShellAction, FileAction]], allow_no_files: bool = False) -> None: + self.name = Path(name) + self.actions = actions + self.allow_no_files = allow_no_files + + def make(self, directory: Path) -> Path: + files: list[Path] = [file for action in self.actions for file in action.run()] + if len(files) == 0: + if not self.allow_no_files: + raise Exception(f"Artifact {self.name} has no associated files!") + elif len(files) == 1: + shutil.copy(files[0], directory / self.name) + return directory / self.name + else: + extension = "".join(self.name.suffixes)[1:] + if not extension in ["zip", "tar", "tar.gz", "tar.bz2", "tar.xz"]: + raise Exception(f"Artifact {self.name} is not a support archive file, but has multiple files associated with it!") + + ext_format_map = { + "zip": "zip", + "tar": "tar", + "tar.gz": "gztar", + "tar.bz2": "bztar", + "tar.xz": "xztar" + } + + with TemporaryDirectory() as temp_dir: + temp_dir_path = Path(temp_dir) + for file in files: + shutil.copy(file, temp_dir_path / file.name) + + return Path(shutil.make_archive(str(directory / self.name.with_suffix("")), ext_format_map[extension], root_dir=temp_dir_path)) + +def main(args: 'argparse.Namespace') -> int: + + try: + semantic_version.Version.parse(args.version) # type: ignore + except ValueError as e: + print(f"Error: invalid version: {e}", file=sys.stderr) + return 1 + + monkey_patch_github() + + import github + from github import CheckRun + + repos: Dict[str, Repository.Repository] = {} + if len(args.github_token) == 1: + repos[args.repo] = github.Github(auth=github.Auth.Token(args.github_token[0])).get_repo(args.repo) + else: + for token in args.github_token: + nwo, token = token.split(":") + repos[nwo] = github.Github(auth=github.Auth.Token(token)).get_repo(nwo) + + repo = repos[args.repo] + releases = [release for release in repo.get_releases() if release.title == f"v{args.version}"] + if len(releases) != 1: + print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + return 1 + release = releases[0] + + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.ref] + if len(pull_candidates) != 1: + print(f"Error: expected exactly one PR with head {args.ref}, but found {len(pull_candidates)}", file=sys.stderr) + return 1 + + print(f"Collecting workflow runs for ref {args.ref}") + check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(args.ref) # type: ignore + + action_workflow_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)$" + action_workflow_job_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)/job/(?P\d+)$" + + workflow_runs: List[WorkflowRun.WorkflowRun] = [] + for check_run in check_runs: # type: ignore + check_run = cast(CheckRun.CheckRun, check_run) + if check_run.status != "completed" or check_run.conclusion == "skipped": + continue + job_run_match = re.match(action_workflow_job_run_url_regex, check_run.details_url) + if job_run_match: + workflow_run = repo.get_workflow_run(int(job_run_match.group("run_id"))) + workflow_runs.append(workflow_run) + else: + run_match = re.match(action_workflow_run_url_regex, check_run.external_id) + if run_match: + #print(f"External workflow on {run_match.group('owner')} {run_match.group('repo')} with id {run_match.group('run_id')}") + workflow_run = repos[f"{run_match.group('owner')}/{run_match.group('repo')}"].get_workflow_run(int(run_match.group("run_id"))) + workflow_runs.append(workflow_run) + else: + print(f"Unable to handle checkrun {check_run.name} with id {check_run.id} with {check_run.details_url}") + return 1 + + print("Filtering workflow runs to only include the latest run for each workflow.") + workflow_runs_per_id: Dict[int, WorkflowRun.WorkflowRun] = {} + for workflow_run in workflow_runs: + if not workflow_run.id in workflow_runs_per_id: + workflow_runs_per_id[workflow_run.id] = workflow_run + else: + latest_run = workflow_runs_per_id[workflow_run.id] + if latest_run.run_number < workflow_run.run_number: + workflow_runs_per_id[workflow_run.id] = workflow_run + latests_workflow_runs = list(workflow_runs_per_id.values()) + + if not args.skip_checks: + print(f"Checking that all workflow runs for ref {args.ref} succeeded") + for workflow_run in latests_workflow_runs: + if workflow_run.status != "completed": + print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} is not completed", file=sys.stderr) + return 1 + # Consider success or skipped as success + if workflow_run.conclusion == "failure": + print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} failed", file=sys.stderr) + return 1 + + with TemporaryDirectory() as temp_dir: + print(f"Using temporary directory {temp_dir}") + try: + ReleaseLayout(Path(args.layout), args.skip_checks).make(Path(temp_dir), latests_workflow_runs) + except Exception as e: + print(f"Error: {e}", file=sys.stderr) + return 1 + + print("Deleting existing assets") + for asset in release.assets: + asset.delete_asset() + + print("Uploading new assets from generated release layout") + for file in Path(temp_dir).glob("**/*"): + print(f"Uploading {file}") + release.upload_asset(str(file)) + + return 0 + +if __name__ == '__main__': + import argparse + from sys import exit + + parser = argparse.ArgumentParser() + parser.add_argument('--version', help="The version to release (MUST be a valid semantic version)", required=True) + parser.add_argument('--ref', help="The head sha for the release PR", required=True) + parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") + parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") + parser.add_argument('--layout', help="The layout to use for the release", required=True) + parser.add_argument('--skip-checks', help="Skip the checks that ensure that the workflow runs succeeded", action="store_true") + args = parser.parse_args() + exit(main(args)) \ No newline at end of file From d2305b0024374b38e1dae8efea63a84425ec9007 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:15:05 -0700 Subject: [PATCH 095/183] Update checkout actions --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index c27045ffc9..2ea46fbc73 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.event.inputs.ref }} - name: Install Python From 925392b508f9b26d046689f01f1aef8cb90dbcc0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:15:23 -0700 Subject: [PATCH 096/183] Use inputs context instead of github event context --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 2ea46fbc73..8670312564 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -24,7 +24,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ github.event.inputs.ref }} + ref: ${{ inputs.ref }} - name: Install Python uses: actions/setup-python@v4 with: From 2ff025d324f19d33ab9c3bda2b3a62a7512a7f97 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:15:53 -0700 Subject: [PATCH 097/183] Disable strict checks for testing purposes --- .github/workflows/post-release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 8670312564..4a094b7d92 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -45,4 +45,5 @@ jobs: --layout scripts/release/release-layout.yml --ref $RELEASE_REF --repo "$GITHUB_REPOSITORY" - --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" \ No newline at end of file + --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" + --skip-checks \ No newline at end of file From 43cfb876600e1a254c53a89e6c6db1b28b9f5679 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:19:29 -0700 Subject: [PATCH 098/183] Address incorrect install dependency step --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 4a094b7d92..66362d7382 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -31,7 +31,7 @@ jobs: python-version: "3.9" - name: Install dependencies - run: pip install -f scripts/release/requirements.txt + run: pip install -r scripts/release/requirements.txt - name: Update release assets env: From 56e3b2bf2599cab317696aa23a8979212a98918f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:20:09 -0700 Subject: [PATCH 099/183] Remove push trigger --- .github/workflows/post-release.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 66362d7382..395e429489 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -12,10 +12,6 @@ on: The git commit, branch, or tag to release from. required: true - push: - branches: - - rvermeulen/release-process-improvements - jobs: update-release: name: "Update release" From e06a22d8953c257684a7f35113eafde2e5100602 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:27:18 -0700 Subject: [PATCH 100/183] Address incorrect secret name --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 395e429489..9fc4988d9f 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -34,7 +34,7 @@ jobs: RELEASE_VERSION: ${{ inputs.version }} RELEASE_REF: ${{ inputs.ref }} GITHUB_TOKEN: ${{ github.token }} - RELEASE_ENGEERING_TOKEN: ${{ secrets.RELEASE_ENGEERING_TOKEN }} + RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | python scripts/release/update-release-assets.py --version $RELEASE_VERSION From 2b8c069f208085023dd7840d337831443ea58899 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:27:51 -0700 Subject: [PATCH 101/183] Address incorrect command invocation --- .github/workflows/post-release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 9fc4988d9f..4ee6d61fdc 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -36,10 +36,10 @@ jobs: GITHUB_TOKEN: ${{ github.token }} RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | - python scripts/release/update-release-assets.py - --version $RELEASE_VERSION - --layout scripts/release/release-layout.yml - --ref $RELEASE_REF - --repo "$GITHUB_REPOSITORY" - --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" + python scripts/release/update-release-assets.py \ + --version $RELEASE_VERSION \ + --layout scripts/release/release-layout.yml \ + --ref $RELEASE_REF \ + --repo "$GITHUB_REPOSITORY" \ + --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ --skip-checks \ No newline at end of file From 22e7c3f5e777afb2256ce838b30e29b6fd4292a3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:49:24 -0700 Subject: [PATCH 102/183] Retrieve head sha from PR --- .github/workflows/post-release.yml | 9 +-------- scripts/release/update-release-assets.py | 15 +++++++++------ 2 files changed, 10 insertions(+), 14 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 4ee6d61fdc..a6786e7935 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -7,11 +7,6 @@ on: description: | The version to release (MUST follow semantic versioning). required: true - ref: - description: | - The git commit, branch, or tag to release from. - required: true - jobs: update-release: name: "Update release" @@ -20,7 +15,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ inputs.ref }} + ref: rc/v${{ inputs.version }} - name: Install Python uses: actions/setup-python@v4 with: @@ -32,14 +27,12 @@ jobs: - name: Update release assets env: RELEASE_VERSION: ${{ inputs.version }} - RELEASE_REF: ${{ inputs.ref }} GITHUB_TOKEN: ${{ github.token }} RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | python scripts/release/update-release-assets.py \ --version $RELEASE_VERSION \ --layout scripts/release/release-layout.yml \ - --ref $RELEASE_REF \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ --skip-checks \ No newline at end of file diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 15488e98e3..d1996c7097 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -252,13 +252,17 @@ def main(args: 'argparse.Namespace') -> int: return 1 release = releases[0] - pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.ref] + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.title == f"Release v{args.version}"] if len(pull_candidates) != 1: - print(f"Error: expected exactly one PR with head {args.ref}, but found {len(pull_candidates)}", file=sys.stderr) + print(f"Error: expected exactly one PR for version {args.version}, but found {len(pull_candidates)}", file=sys.stderr) return 1 - print(f"Collecting workflow runs for ref {args.ref}") - check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(args.ref) # type: ignore + pull_request = pull_candidates[0] + + head_sha = pull_request.head.sha + + print(f"Collecting workflow runs for ref {head_sha}") + check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(head_sha) # type: ignore action_workflow_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)$" action_workflow_job_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)/job/(?P\d+)$" @@ -294,7 +298,7 @@ def main(args: 'argparse.Namespace') -> int: latests_workflow_runs = list(workflow_runs_per_id.values()) if not args.skip_checks: - print(f"Checking that all workflow runs for ref {args.ref} succeeded") + print(f"Checking that all workflow runs for ref {head_sha} succeeded") for workflow_run in latests_workflow_runs: if workflow_run.status != "completed": print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} is not completed", file=sys.stderr) @@ -329,7 +333,6 @@ def main(args: 'argparse.Namespace') -> int: parser = argparse.ArgumentParser() parser.add_argument('--version', help="The version to release (MUST be a valid semantic version)", required=True) - parser.add_argument('--ref', help="The head sha for the release PR", required=True) parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) From a3d9be0e54b43ad1fb3a18e2170c61c619bfb340 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:49:38 -0700 Subject: [PATCH 103/183] Add validation the PR is open --- scripts/release/update-release-assets.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index d1996c7097..f7ecc9113f 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -259,6 +259,10 @@ def main(args: 'argparse.Namespace') -> int: pull_request = pull_candidates[0] + if pull_request.state != "open": + print(f"Error: PR for version {args.version} is not open", file=sys.stderr) + return 1 + head_sha = pull_request.head.sha print(f"Collecting workflow runs for ref {head_sha}") From 2943dee7ee6b0059aaef658a636ba03cfa00eceb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 18:08:44 -0700 Subject: [PATCH 104/183] Address incorrect checkout ref --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index a6786e7935..f4173c90bd 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -15,7 +15,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: rc/v${{ inputs.version }} + ref: rc/${{ inputs.version }} - name: Install Python uses: actions/setup-python@v4 with: From 18e4196f824cfda7b8af3143ed31f8038285cd0c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 18:19:14 -0700 Subject: [PATCH 105/183] Checkout PR using gh --- .github/workflows/post-release.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index f4173c90bd..9849963464 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -16,6 +16,15 @@ jobs: uses: actions/checkout@v4 with: ref: rc/${{ inputs.version }} + + - name: Checkout PR + env: + GITHUB_TOKEN: ${{ github.token }} + RELEASE_VERSION: ${{ inputs.version }} + run: | + pr_number=$(gh pr list --json number,title --jq "map(select(.title == \"Release v$RELEASE_VERSION\")) | .[].number") + gh pr checkout $pr_number + - name: Install Python uses: actions/setup-python@v4 with: From d34b51aecdacc9be700d44fff17d181294e2246e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 09:39:30 -0700 Subject: [PATCH 106/183] Integrate post-release workflow witth update-release-status workflow --- .github/workflows/post-release.yml | 28 ++++++++------- scripts/release/update-release-assets.py | 44 ++++++++++++++---------- 2 files changed, 40 insertions(+), 32 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 9849963464..338a5b5ef8 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -3,10 +3,21 @@ name: Finalize Release on: workflow_dispatch: inputs: - version: + head-sha: description: | - The version to release (MUST follow semantic versioning). + The head SHA of the release PR to use for finalizing the release. required: true + workflow_call: + inputs: + head-sha: + type: string + description: | + The head SHA of the release PR to use for finalizing the release. + required: true + +env: + HEAD_SHA: ${{ inputs.head-sha }} + jobs: update-release: name: "Update release" @@ -15,15 +26,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: rc/${{ inputs.version }} - - - name: Checkout PR - env: - GITHUB_TOKEN: ${{ github.token }} - RELEASE_VERSION: ${{ inputs.version }} - run: | - pr_number=$(gh pr list --json number,title --jq "map(select(.title == \"Release v$RELEASE_VERSION\")) | .[].number") - gh pr checkout $pr_number + ref: ${{ inputs.head-sha }} - name: Install Python uses: actions/setup-python@v4 @@ -35,12 +38,11 @@ jobs: - name: Update release assets env: - RELEASE_VERSION: ${{ inputs.version }} GITHUB_TOKEN: ${{ github.token }} RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | python scripts/release/update-release-assets.py \ - --version $RELEASE_VERSION \ + --head-sha $HEAD_SHA \ --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index f7ecc9113f..931631da19 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -225,13 +225,6 @@ def make(self, directory: Path) -> Path: return Path(shutil.make_archive(str(directory / self.name.with_suffix("")), ext_format_map[extension], root_dir=temp_dir_path)) def main(args: 'argparse.Namespace') -> int: - - try: - semantic_version.Version.parse(args.version) # type: ignore - except ValueError as e: - print(f"Error: invalid version: {e}", file=sys.stderr) - return 1 - monkey_patch_github() import github @@ -246,15 +239,10 @@ def main(args: 'argparse.Namespace') -> int: repos[nwo] = github.Github(auth=github.Auth.Token(token)).get_repo(nwo) repo = repos[args.repo] - releases = [release for release in repo.get_releases() if release.title == f"v{args.version}"] - if len(releases) != 1: - print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) - return 1 - release = releases[0] - pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.title == f"Release v{args.version}"] + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.head_sha] if len(pull_candidates) != 1: - print(f"Error: expected exactly one PR for version {args.version}, but found {len(pull_candidates)}", file=sys.stderr) + print(f"Error: expected exactly one PR for SHA {args.head_sha}, but found {len(pull_candidates)}", file=sys.stderr) return 1 pull_request = pull_candidates[0] @@ -262,11 +250,29 @@ def main(args: 'argparse.Namespace') -> int: if pull_request.state != "open": print(f"Error: PR for version {args.version} is not open", file=sys.stderr) return 1 + + rc_branch_regex = r"^rc/(?P.*)$" + rc_branch_match = re.match(rc_branch_regex, pull_request.base.ref) + if not rc_branch_match: + print(f"Error: PR {pull_request.url} is not based on a release candidate branch", file=sys.stderr) + return 1 + + release_version = rc_branch_match.group("version") + + try: + semantic_version.Version.parse(release_version) # type: ignore + except ValueError as e: + print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) + return 1 - head_sha = pull_request.head.sha + releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] + if len(releases) != 1: + print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + return 1 + release = releases[0] - print(f"Collecting workflow runs for ref {head_sha}") - check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(head_sha) # type: ignore + print(f"Collecting workflow runs for ref {args.head_sha}") + check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(args.head_sha) # type: ignore action_workflow_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)$" action_workflow_job_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)/job/(?P\d+)$" @@ -302,7 +308,7 @@ def main(args: 'argparse.Namespace') -> int: latests_workflow_runs = list(workflow_runs_per_id.values()) if not args.skip_checks: - print(f"Checking that all workflow runs for ref {head_sha} succeeded") + print(f"Checking that all workflow runs for ref {args.head_sha} succeeded") for workflow_run in latests_workflow_runs: if workflow_run.status != "completed": print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} is not completed", file=sys.stderr) @@ -336,7 +342,7 @@ def main(args: 'argparse.Namespace') -> int: from sys import exit parser = argparse.ArgumentParser() - parser.add_argument('--version', help="The version to release (MUST be a valid semantic version)", required=True) + parser.add_argument('--head-sha', help="The head SHA of the release PR for which we update it's corresponding release", required=True) parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) From 6685a7267f99ae3fdb305dfd5df6d9b5ee65dd22 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 09:44:08 -0700 Subject: [PATCH 107/183] Address partial shell quoting --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 53e9e45c04..c03d815bdd 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -86,7 +86,7 @@ jobs: pending=$(echo "$status_stats" | jq -r '.pending') echo "CHECK_RUNS_FAILED=$failed" >> "$GITHUB_ENV" - echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV + echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV" - name: Finalize release if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' From 11f554b2abe85ab6b45e87ba33093f230c9fbf96 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 09:45:51 -0700 Subject: [PATCH 108/183] Add missing checkout to make workflow available --- .github/workflows/update-release-status.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index c03d815bdd..3916fa10e0 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -34,6 +34,11 @@ jobs: echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" fi + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.CHECK_RUN_HEAD_SHA }} + - name: Get release status check run id: get-check-run if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != github.workflow) || github.event_name == 'workflow_dispatch' From ec2e3c7fc31aa51889cc49b9fbacebbea1e11caa Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 14:34:28 -0700 Subject: [PATCH 109/183] Update the release notes in post release workflow --- .github/workflows/post-release.yml | 11 +++- scripts/release/requirements.txt | 3 +- scripts/release/update-release-notes.py | 72 +++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 2 deletions(-) create mode 100644 scripts/release/update-release-notes.py diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 338a5b5ef8..f0fd888004 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -46,4 +46,13 @@ jobs: --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ - --skip-checks \ No newline at end of file + --skip-checks + + - name: Update release notes + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + python scripts/release/update-release-notes.py \ + --head-sha $HEAD_SHA \ + --repo "$GITHUB_REPOSITORY" \ + --github-token "$GITHUB_TOKEN" diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt index 40339090fb..79ccbcefbe 100644 --- a/scripts/release/requirements.txt +++ b/scripts/release/requirements.txt @@ -1,3 +1,4 @@ semantic-version==2.10.0 PyGithub==1.59.1 -PyYAML==6.0.1 \ No newline at end of file +PyYAML==6.0.1 +GitPython==3.1.36 \ No newline at end of file diff --git a/scripts/release/update-release-notes.py b/scripts/release/update-release-notes.py new file mode 100644 index 0000000000..5f317ad988 --- /dev/null +++ b/scripts/release/update-release-notes.py @@ -0,0 +1,72 @@ +from __future__ import annotations # This enables postponed evaluation of type annotations. Required for typing.TYPE_CHECKING. See https://peps.python.org/pep-0563/ +from typing import TYPE_CHECKING +import subprocess +from pathlib import Path + +if TYPE_CHECKING: + from argparse import Namespace + +def generate_release_notes() -> str: + script_path = Path(__file__).parent / "generate_release_notes.py" + cp = subprocess.run(["python", str(script_path)], capture_output=True) + + if cp.returncode != 0: + raise Exception(f"Error generating release notes: {cp.stderr.decode('utf-8')}") + + return cp.stdout.decode("utf-8") + +def main(args: Namespace) -> int: + from github import Github, Auth + import semantic_version # type: ignore + import re + import sys + + repo = Github(auth=Auth.Token(args.github_token)).get_repo(args.repo) + + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.head_sha] + if len(pull_candidates) != 1: + print(f"Error: expected exactly one PR for SHA {args.head_sha}, but found {len(pull_candidates)}", file=sys.stderr) + return 1 + + pull_request = pull_candidates[0] + + if pull_request.state != "open": + print(f"Error: PR for version {args.version} is not open", file=sys.stderr) + return 1 + + rc_branch_regex = r"^rc/(?P.*)$" + rc_branch_match = re.match(rc_branch_regex, pull_request.base.ref) + if not rc_branch_match: + print(f"Error: PR {pull_request.url} is not based on a release candidate branch", file=sys.stderr) + return 1 + + release_version = rc_branch_match.group("version") + + try: + semantic_version.Version.parse(release_version) # type: ignore + except ValueError as e: + print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) + return 1 + + releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] + if len(releases) != 1: + print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + return 1 + release = releases[0] + + release_notes = generate_release_notes() + + release.update_release(name=release.title, message=release_notes, draft=release.draft, prerelease=release.prerelease, tag_name=release.tag_name) + + return 0 + +if __name__ == '__main__': + import argparse + from sys import exit + + parser = argparse.ArgumentParser() + parser.add_argument('--head-sha', help="The head SHA of the release PR for which we update it's corresponding release", required=True) + parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") + parser.add_argument('--github-token', help="The GitHub token to use to update the release", required=True) + args = parser.parse_args() + exit(main(args)) \ No newline at end of file From 050d1c4f47e65d9f48b4225616f56654621559be Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:18:09 -0700 Subject: [PATCH 110/183] Implement artifact filter for workflow artifact action --- scripts/release/update-release-assets.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 931631da19..324bcf235f 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -169,8 +169,12 @@ def run(self) -> List[Path]: workflow_runs = [workflow_run for workflow_run in self.workflow_runs if not re.match(self.kwargs["not-name"], workflow_run.name)] print(f"Downloading the artifacts for {len(workflow_runs)} workflow runs") for workflow_run in workflow_runs: - print(f"Downloading artifacts for {workflow_run.name} to {self.temp_workdir.name}") - workflow_run.download_artifacts(Path(self.temp_workdir.name)) # type: ignore + if "artifact" in self.kwargs: + print(f"Downloading artifact {self.kwargs['artifact']} for {workflow_run.name} to {self.temp_workdir.name}") + workflow_run.download_artifact(self.kwargs["artifact"], Path(self.temp_workdir.name)) # type: ignore + else: + print(f"Downloading artifacts for {workflow_run.name} to {self.temp_workdir.name}") + workflow_run.download_artifacts(Path(self.temp_workdir.name)) # type: ignore return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) class ShellAction(): From b2b975a9ac3923c9f79b7201878bf0602dd85ebd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:22:29 -0700 Subject: [PATCH 111/183] Rename workflow post-release to update-release --- .github/workflows/update-release-status.yml | 2 +- .github/workflows/{post-release.yml => update-release.yml} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename .github/workflows/{post-release.yml => update-release.yml} (98%) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 3916fa10e0..058232631b 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -95,7 +95,7 @@ jobs: - name: Finalize release if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' - uses: ./.github/workflows/post-release.yml + uses: ./.github/workflows/update-release.yml with: ref: ${{ env.CHECK_RUN_HEAD_SHA }} diff --git a/.github/workflows/post-release.yml b/.github/workflows/update-release.yml similarity index 98% rename from .github/workflows/post-release.yml rename to .github/workflows/update-release.yml index f0fd888004..ded8013b72 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/update-release.yml @@ -1,4 +1,4 @@ -name: Finalize Release +name: Update Release on: workflow_dispatch: From 1d7bfef2d3d7a6995635af2c3e564e20b5373632 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:43:06 -0700 Subject: [PATCH 112/183] Prefix release tag with v for release not generation script --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 3072e33626..fa3a2647f3 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -112,7 +112,7 @@ jobs: --title "v$RELEASE_VERSION" \ --draft \ --target rc/$RELEASE_VERSION \ - $RELEASE_VERSION + v$RELEASE_VERSION - name: Create feature branch for PR run: | From c453ddc9a10fd38f6845ca8fc7ac493843352dcb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:46:59 -0700 Subject: [PATCH 113/183] Add workflow to finalize release on merge or release PR --- .github/workflows/finalize-release.yml | 41 ++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 .github/workflows/finalize-release.yml diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml new file mode 100644 index 0000000000..b44647f263 --- /dev/null +++ b/.github/workflows/finalize-release.yml @@ -0,0 +1,41 @@ +name: Finalize Release +on: + pull_request: + types: + - closed + branches: + - "rc/**" + +jobs: + finalize-release: + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.merge_commit_sha }} + + - name: Create release tag + env: + BASE_REF: ${{ github.event.pull_request.base.ref }} + run: | + version=${BASE_REF#rc/} + echo "Creating release tag v$version" + + git tag -a v$version -m "Release v$version" + git push origin v$version + + - name: Finalize release + env: + BASE_REF: ${{ github.event.pull_request.base.ref }} + GITHUB_TOKEN: ${{ github.token }} + run: | + version=${BASE_REF#rc/} + echo "Finalizing release v$version" + + gh release edit v$version \ + --draft false \ + --prerelease false \ + --latest \ + --tag v$version \ No newline at end of file From 0ac9343634077eb2edbd5b227167c0e7d9090d09 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:03:33 -0700 Subject: [PATCH 114/183] Add dispatch trigger for testing purposes --- .github/workflows/finalize-release.yml | 29 ++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index b44647f263..84d278fb32 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -5,20 +5,41 @@ on: - closed branches: - "rc/**" + workflow_dispatch: + inputs: + ref: + description: | + The branch for which the finalize the release. + required: true + push: + branches: + - rvermeulen/release-process-improvements jobs: finalize-release: - if: github.event.pull_request.merged == true + if: (github.event.name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: + - name: Determine ref + env: + REF_FROM_INPUT: ${{ inputs.ref }} + REF_FROM_PR: ${{ github.event.pull_request.merge_commit_sha }} + BASE_REF_FROM_PR: ${{ github.event.pull_request.base.ref }} + run: | + if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then + echo "REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" + echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV + else + echo "REF=$REF_FROM_PR" >> "$GITHUB_ENV" + echo "BASE_REF=$BASE_REF_FROM_PR" >> "$GITHUB_ENV" + fi + - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ github.event.pull_request.merge_commit_sha }} + ref: ${{ env.REF }} - name: Create release tag - env: - BASE_REF: ${{ github.event.pull_request.base.ref }} run: | version=${BASE_REF#rc/} echo "Creating release tag v$version" From 4433af9dafd71c329e3ccade8442a2237a6204bb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:06:22 -0700 Subject: [PATCH 115/183] Address incorrect GitHub context event name ref --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 84d278fb32..ccd29bc21c 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -17,7 +17,7 @@ on: jobs: finalize-release: - if: (github.event.name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' + if: (github.event_name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - name: Determine ref From 5140c5b860f1f02b1d3ed3f8fbfb29a4ef10c1fd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:08:08 -0700 Subject: [PATCH 116/183] Address incorrect quotes in conditional expression --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index ccd29bc21c..697754bcc8 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -17,7 +17,7 @@ on: jobs: finalize-release: - if: (github.event_name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' + if: (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - name: Determine ref From 1e6ae21e3456a1965a7912653c8ed7382a0fab5d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:09:11 -0700 Subject: [PATCH 117/183] Remove push trigger since the workflow is registered --- .github/workflows/finalize-release.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 697754bcc8..80ecc689d3 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -11,9 +11,6 @@ on: description: | The branch for which the finalize the release. required: true - push: - branches: - - rvermeulen/release-process-improvements jobs: finalize-release: From 55f7922e6f32ac3935af61ebd0fc7caf2eed3ed2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:11:19 -0700 Subject: [PATCH 118/183] Address incorrect quoting of shell variable --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 80ecc689d3..fcdad0336c 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -25,7 +25,7 @@ jobs: run: | if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then echo "REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" - echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV + echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" else echo "REF=$REF_FROM_PR" >> "$GITHUB_ENV" echo "BASE_REF=$BASE_REF_FROM_PR" >> "$GITHUB_ENV" From 606b964f082a990521cb253bbf6a555252d77c99 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:24:54 -0700 Subject: [PATCH 119/183] Configure git so we can make tags --- .github/workflows/finalize-release.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index fcdad0336c..8f1f0b12be 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -36,6 +36,11 @@ jobs: with: ref: ${{ env.REF }} + - name: Configure git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Create release tag run: | version=${BASE_REF#rc/} From b9c7eafb671c81836eb6ff60cc7344827f206e72 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:27:48 -0700 Subject: [PATCH 120/183] Remove base ref env variable that is already defined --- .github/workflows/finalize-release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 8f1f0b12be..4d3656c936 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -51,7 +51,6 @@ jobs: - name: Finalize release env: - BASE_REF: ${{ github.event.pull_request.base.ref }} GITHUB_TOKEN: ${{ github.token }} run: | version=${BASE_REF#rc/} From 49b1bd7ad450bb63a4aeaa7f65f2e8624dd4e63a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:29:54 -0700 Subject: [PATCH 121/183] Force create tag --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 4d3656c936..cc487886f6 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -47,7 +47,7 @@ jobs: echo "Creating release tag v$version" git tag -a v$version -m "Release v$version" - git push origin v$version + git push -f origin v$version - name: Finalize release env: From 16f7859428a988c10f7a76e994b6520c3f5ba56b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:32:12 -0700 Subject: [PATCH 122/183] Address incorrect quoating of release edit tag --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index cc487886f6..6565d269bf 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,7 +56,7 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit v$version \ + gh release edit "v$version" \ --draft false \ --prerelease false \ --latest \ From 8134acd486f4820584843476bb7d81a949f09083 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:35:49 -0700 Subject: [PATCH 123/183] Address incorrect gh release edit options --- .github/workflows/finalize-release.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 6565d269bf..a53c848a75 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,8 +56,4 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "v$version" \ - --draft false \ - --prerelease false \ - --latest \ - --tag v$version \ No newline at end of file + gh release edit "v$version" --tag v$version \ No newline at end of file From ec75eca2a5aad3ba0ef9e8b56cf1b569c29b02ef Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:36:58 -0700 Subject: [PATCH 124/183] Remove 'v' prefix in release tag --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index a53c848a75..0e2524df96 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,4 +56,4 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "v$version" --tag v$version \ No newline at end of file + gh release edit "$version" --tag v$version \ No newline at end of file From 885c048058a95aa63ca32cfa1253a23eb0de17cd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:42:42 -0700 Subject: [PATCH 125/183] Update release tag and set release to non-draft --- .github/workflows/finalize-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 0e2524df96..df4e3a6656 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -41,7 +41,7 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Create release tag + - name: Update release tag run: | version=${BASE_REF#rc/} echo "Creating release tag v$version" @@ -56,4 +56,4 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "$version" --tag v$version \ No newline at end of file + gh release edit "v$version" --draft=false --tag=v$version \ No newline at end of file From fa814ba3de7d408184539dfb8cb76cfb3124e340 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:12:55 -0700 Subject: [PATCH 126/183] Change workflow permission so we can call reusable workflows --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 058232631b..c8ddab2a00 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -16,7 +16,7 @@ on: required: true permissions: - actions: read + actions: write checks: write jobs: From 3f9ff2020a0e3730b7bbc8abe3b8d462c08a50a2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:34:03 -0700 Subject: [PATCH 127/183] Address incorrect calling of reusable workflow --- .github/workflows/update-release-status.yml | 30 ++++++++++++++++----- .github/workflows/update-release.yml | 6 ++++- 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index c8ddab2a00..36d4602a66 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -22,6 +22,9 @@ permissions: jobs: validate-check-runs: runs-on: ubuntu-latest + outputs: + status: ${{ steps.set-output.outputs.status }} + check-run-head-sha: ${{ steps.set-output.outputs.check-run-head-sha }} steps: - name: Determine check run head SHA env: @@ -93,12 +96,6 @@ jobs: echo "CHECK_RUNS_FAILED=$failed" >> "$GITHUB_ENV" echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV" - - name: Finalize release - if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' - uses: ./.github/workflows/update-release.yml - with: - ref: ${{ env.CHECK_RUN_HEAD_SHA }} - - name: Conclude release status if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' env: @@ -124,4 +121,23 @@ jobs: --header "X-GitHub-Api-Version: 2022-11-28" \ --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - \ No newline at end of file + + - name: Set output + id: set-output + run: | + if [[ "$CHECK_RUNS_PENDING" == "0" ]]; then + echo "status=completed" >> "$GITHUB_OUTPUT" + else + echo "status=in_progress" >> "$GITHUB_OUTPUT" + fi + + echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" + + update-release: + needs: validate-check-runs + if: needs.validate-check-runs.outputs.status == 'completed' + uses: ./.github/workflows/update-release.yml + with: + head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} + secrets: + RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index ded8013b72..fcdd2caaca 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -14,7 +14,11 @@ on: description: | The head SHA of the release PR to use for finalizing the release. required: true - + secrets: + RELEASE_ENGINEERING_TOKEN: + description: | + The token to use for accessing the release engineering repository. + required: true env: HEAD_SHA: ${{ inputs.head-sha }} From d70b51124ab3a21f007ce1faf90f4329223f2018 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:44:04 -0700 Subject: [PATCH 128/183] Allow reset of release-status checkrun with dispatch --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 36d4602a66..57f30a495d 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -63,7 +63,7 @@ jobs: echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV" - name: Reset release status - if: github.event_name == 'check_run' && env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' + if: env.CHECK_RUN_STATUS == 'completed' && ((github.event_name == 'check_run' && github.event.action == 'rerequested') || github.event_name == 'workflow_dispatch') env: GITHUB_TOKEN: ${{ github.token }} run: | From 83b8191be0e5b3bf840a277e458ca4e0bb8eccd0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:45:20 -0700 Subject: [PATCH 129/183] Address inccorect head sha when resetting release-status --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 57f30a495d..78a88be360 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -71,7 +71,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$REF" \ + --field head_sha="$CHECK_RUN_HEAD_SHA" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From 3d42ead409be7fd07c936a2318019fefaeeda242 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:49:24 -0700 Subject: [PATCH 130/183] Address refering non existing attribute --- scripts/release/update-release-assets.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 324bcf235f..5e2d64ebec 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -252,7 +252,7 @@ def main(args: 'argparse.Namespace') -> int: pull_request = pull_candidates[0] if pull_request.state != "open": - print(f"Error: PR for version {args.version} is not open", file=sys.stderr) + print(f"Error: PR {pull_request.url} is not open", file=sys.stderr) return 1 rc_branch_regex = r"^rc/(?P.*)$" @@ -271,7 +271,7 @@ def main(args: 'argparse.Namespace') -> int: releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] if len(releases) != 1: - print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + print(f"Error: expected exactly one release for {release_version}, but found {len(releases)}", file=sys.stderr) return 1 release = releases[0] From 1b58bcceea6714e4ee5c142a88e353f13663405f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:51:22 -0700 Subject: [PATCH 131/183] Print PR information to debug release matching logic --- scripts/release/update-release-assets.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 5e2d64ebec..35bc056f0b 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -255,6 +255,8 @@ def main(args: 'argparse.Namespace') -> int: print(f"Error: PR {pull_request.url} is not open", file=sys.stderr) return 1 + print(f"Found PR {pull_request.url} based on {pull_request.base.ref}") + rc_branch_regex = r"^rc/(?P.*)$" rc_branch_match = re.match(rc_branch_regex, pull_request.base.ref) if not rc_branch_match: From a9e999b81c122d73aacca75a3526b66e3c8f4b9d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:59:01 -0700 Subject: [PATCH 132/183] Find release by tag name instead of title --- scripts/release/update-release-assets.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 35bc056f0b..8946845a15 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -271,7 +271,7 @@ def main(args: 'argparse.Namespace') -> int: print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) return 1 - releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] + releases = [release for release in repo.get_releases() if release.tag_name == f"v{release_version}"] if len(releases) != 1: print(f"Error: expected exactly one release for {release_version}, but found {len(releases)}", file=sys.stderr) return 1 From bd2e3e9177c320c7f2d2847c915587993d759a74 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 10:34:10 -0700 Subject: [PATCH 133/183] Create lightweight tag to reference release --- .github/workflows/prepare-release.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index fa3a2647f3..c5b02fd679 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -107,6 +107,10 @@ jobs: RELEASE_VERSION: ${{ inputs.version }} GITHUB_TOKEN: ${{ github.token }} run: | + # Create lightweight tag to reference release + git tag v$RELEASE_VERSION + git push -f origin v$RELEASE_VERSION + gh release create \ -R $GITHUB_REPOSITORY \ --title "v$RELEASE_VERSION" \ From 0a3c1026a70399337fd39a05c368a26452e8ffb2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 11:35:54 -0700 Subject: [PATCH 134/183] Add debug output for PR release matching --- scripts/release/update-release-assets.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 8946845a15..e5392a7577 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -271,7 +271,11 @@ def main(args: 'argparse.Namespace') -> int: print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) return 1 - releases = [release for release in repo.get_releases() if release.tag_name == f"v{release_version}"] + print(f"Looking for release with tag v{release_version} associated with the PR's base ref {pull_request.base.ref}") + all_releases = repo.get_releases() + for release in all_releases: + print(f"Found release {release.title} with tag {release.tag_name}") + releases = [release for release in all_releases if release.tag_name == f"v{release_version}"] if len(releases) != 1: print(f"Error: expected exactly one release for {release_version}, but found {len(releases)}", file=sys.stderr) return 1 From 5e43db17fb3014cda5a91461e0819d5175bd3f6d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 13:23:58 -0700 Subject: [PATCH 135/183] Update the help text to better explain the github token argument --- scripts/release/update-release-assets.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index e5392a7577..7e4e907827 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -354,7 +354,7 @@ def main(args: 'argparse.Namespace') -> int: parser = argparse.ArgumentParser() parser.add_argument('--head-sha', help="The head SHA of the release PR for which we update it's corresponding release", required=True) parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") - parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") + parser.add_argument('--github-token', help="The github token to access repo and the repositories provided as external ids in check runs. When multiple tokens are provided use the format 'owner/repo:token'", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) parser.add_argument('--skip-checks', help="Skip the checks that ensure that the workflow runs succeeded", action="store_true") args = parser.parse_args() From 01b45605aef3161d9343bc7d2c30f96c20f2d4df Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 15:57:03 -0700 Subject: [PATCH 136/183] Remove trailing } from Action expression --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7fcd45abfd..4a2ddbab18 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -17,7 +17,7 @@ jobs: pre-validate-performance: outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} runs-on: ubuntu-latest steps: - name: Create check run @@ -78,7 +78,7 @@ jobs: pre-validate-compiler-compatibility: outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} runs-on: ubuntu-latest steps: - name: Create check run From f1b6571c3d21ff08f642957b27efa76c2eb521c1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 17:31:17 -0700 Subject: [PATCH 137/183] Add permission to read/write releases --- .github/workflows/update-release-status.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 78a88be360..51d95a18ae 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -18,6 +18,7 @@ on: permissions: actions: write checks: write + contents: write jobs: validate-check-runs: From e59c32bf6b6034940cb83d69d105eaa27f9d0e36 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 17:59:14 -0700 Subject: [PATCH 138/183] Don't consider the release-status check-run The releas-status is an overall status of the release without an associated workflow so there are no logs nor artifacts to consider. --- .github/workflows/update-release.yml | 1 + scripts/release/update-release-assets.py | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index fcdd2caaca..d1f8bed2cf 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -50,6 +50,7 @@ jobs: --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ + --skip-checkrun "release-status" \ --skip-checks - name: Update release notes diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 7e4e907827..79b06cbcfe 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -290,7 +290,8 @@ def main(args: 'argparse.Namespace') -> int: workflow_runs: List[WorkflowRun.WorkflowRun] = [] for check_run in check_runs: # type: ignore check_run = cast(CheckRun.CheckRun, check_run) - if check_run.status != "completed" or check_run.conclusion == "skipped": + if check_run.name in args.skip_checkrun: + print(f"Skipping check run {check_run.name} with id {check_run.id} because it is on the skip list.") continue job_run_match = re.match(action_workflow_job_run_url_regex, check_run.details_url) if job_run_match: @@ -356,6 +357,7 @@ def main(args: 'argparse.Namespace') -> int: parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") parser.add_argument('--github-token', help="The github token to access repo and the repositories provided as external ids in check runs. When multiple tokens are provided use the format 'owner/repo:token'", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) + parser.add_argument('--skip-checkrun', help="Name of check run to exclude from consideration. Can be specified multiple times", nargs='+', default=["release-status"]) parser.add_argument('--skip-checks', help="Skip the checks that ensure that the workflow runs succeeded", action="store_true") args = parser.parse_args() exit(main(args)) \ No newline at end of file From ca34c960ca16a8182d03a214b23684a3aac093af Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 22 Sep 2023 10:57:05 -0700 Subject: [PATCH 139/183] Use XL runners for pack generation and unit tests --- .github/workflows/code-scanning-pack-gen.yml | 3 +-- .github/workflows/codeql_unit_tests.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 83d22a6765..abd60b31fc 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -37,8 +37,7 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack needs: prepare-code-scanning-pack-matrix - #runs-on: ubuntu-20.04-xl - runs-on: ubuntu-latest + runs-on: ubuntu-latest-xl strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index ebcc90a393..dc54eb2ca6 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -31,7 +31,7 @@ jobs: python scripts/create_language_matrix.py echo "matrix=$( python scripts/create_language_matrix.py | \ - jq --compact-output 'map([.+{os: "ubuntu-latest", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT + jq --compact-output 'map([.+{os: "ubuntu-latest-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT run-test-suites: name: Run unit tests From 1f0ed0061ff31d8dcc54ed9450b47d547851ff0b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:41:32 -0700 Subject: [PATCH 140/183] Add checksums.txt artifact to release --- scripts/release/release-layout.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 4375f0e21c..3ffc3ba0de 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -17,4 +17,7 @@ layout: - shell: | python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py > supported_rules_list.md user_manual.md: - - file: docs/user_manual.md \ No newline at end of file + - file: docs/user_manual.md + checksums.txt: + - shell: | + sha256sum ./* > checksums.txt \ No newline at end of file From 6c30501e0ab4bf6b02f9cf4c8b4376bcb0c9bd59 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:43:04 -0700 Subject: [PATCH 141/183] Remove create draft script and workflow These are subsumed by the prepare-release.yml and finalize-release.yml workflows. --- .github/workflows/create-draft-release.yml | 56 -------------------- scripts/release/create_draft_release.sh | 60 ---------------------- 2 files changed, 116 deletions(-) delete mode 100644 .github/workflows/create-draft-release.yml delete mode 100755 scripts/release/create_draft_release.sh diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml deleted file mode 100644 index f2818b15ab..0000000000 --- a/.github/workflows/create-draft-release.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: Create draft release - -on: - workflow_dispatch: - inputs: - release_version_tag: - description: | - The tag for the new draft release, e.g. 0.5.1 - do not include the `v`. - required: true - codeql_analysis_threads: - description: | - Number of threads to evaluate queries - required: true - default: 6 - aws_ec2_instance_type: - description: | - Recommended specs: 8+ vCPU 32+ GB RAM (e.g. t2.2xlarge, r5.2xlarge) - required: true - default: r5.2xlarge - -jobs: - create-draft-release: - name: Create draft release - runs-on: ubuntu-22.04 - env: - # AWS CONFIGURATION - AWS_EC2_INSTANCE_TYPE: ${{ github.event.inputs.aws_ec2_instance_type }} - - # CODEQL CONFIGURATION - CODEQL_ANALYSIS_THREADS: ${{ github.event.inputs.codeql_analysis_threads }} - - # INTEGRATION TESTING CONFIGURATION - INTEGRATION_TESTING_ACCESS_TOKEN: ${{ secrets.INTEGRATION_TESTING_ACCESS_TOKEN }} - WORKFLOW_ID: 11846210 - - # RELEASE VERSION TAG - RELEASE_VERSION_TAG: ${{ github.event.inputs.release_version_tag }} - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - name: Install Python - uses: actions/setup-python@v4 - with: - python-version: "3.9" - - - name: Install generate_release_notes.py dependencies - run: pip install -r scripts/requirements.txt - - - name: Create draft release - run: | - scripts/release/create_draft_release.sh ${GITHUB_REF#refs/heads/} "$RELEASE_VERSION_TAG" - env: - GITHUB_TOKEN: ${{ github.token }} diff --git a/scripts/release/create_draft_release.sh b/scripts/release/create_draft_release.sh deleted file mode 100755 index fa3000d450..0000000000 --- a/scripts/release/create_draft_release.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash - -# Script for generating a draft release for the CodeQL Coding Standards repository, for the given branch. - -set -o errexit -set -o nounset - -BRANCH="$1" -VERSION="$2" - -if [[ ! $BRANCH == rc/* ]]; then - echo "$BRANCH is not an rc branch of the form rc/" - exit 1 -fi - -if [ -z "$VERSION" ]; then - VERSION="${BRANCH#rc/}" - echo "Version not set explicitly; auto-detecting $VERSION." -fi - -COMMIT_SHA="$(git rev-parse $BRANCH)" - -echo "Creating draft release for $VERSION from $BRANCH at commit $COMMIT_SHA." - -echo "Identifying code-scanning-pack-gen.yml" -CODE_SCANNING_PACK_GEN_RUN_ID=$(gh api -X GET repos/github/codeql-coding-standards/actions/workflows/code-scanning-pack-gen.yml/runs -F branch="$BRANCH" -F event="push" -F conclusion="success" --jq "first(.workflow_runs.[] | select(.head_sha==\"$COMMIT_SHA\") | .id)") -if [ -z "$CODE_SCANNING_PACK_GEN_RUN_ID" ]; then - echo "No successful run of the code-scanning-pack-gen.yml file for $COMMIT_SHA on branch $BRANCH." - exit 1 -fi - -# Create a temp directory to store the artifacts in -TEMP_DIR="$(mktemp -d)" - -echo "Identified code-scanning-pack-gen.yml run id: $CODE_SCANNING_PACK_GEN_RUN_ID" - -echo "Fetching Code Scanning pack" -CODE_SCANNING_ARTIFACT_NAME="code-scanning-cpp-query-pack.zip" -CODE_SCANNING_VERSIONED_ARTIFACT_NAME="code-scanning-cpp-query-pack-$VERSION.zip" -gh run download $CODE_SCANNING_PACK_GEN_RUN_ID -n "$CODE_SCANNING_ARTIFACT_NAME" -mv "$CODE_SCANNING_ARTIFACT_NAME" "$TEMP_DIR/$CODE_SCANNING_VERSIONED_ARTIFACT_NAME" - -echo "Generating release notes." -python3 scripts/release/generate_release_notes.py > "$TEMP_DIR/release_notes_$VERSION.md" -python3 scripts/release/create_supported_rules_list.py > "$TEMP_DIR/supported_rules_list_$VERSION.md" -python3 scripts/release/create_supported_rules_list.py --csv > "$TEMP_DIR/supported_rules_list_$VERSION.csv" - -echo "Copy Docs to Artifact Directory" -cp docs/user_manual.md "$TEMP_DIR/user_manual_$VERSION.md" - -echo "Generating Checksums" -sha256sum $TEMP_DIR/* > "$TEMP_DIR/checksums.txt" - -gh release create "v$VERSION" -d --target "$BRANCH" -F "$TEMP_DIR/release_notes_$VERSION.md" -t "v$VERSION" "$TEMP_DIR/$CODE_SCANNING_VERSIONED_ARTIFACT_NAME" "$TEMP_DIR/supported_rules_list_$VERSION.md" "$TEMP_DIR/checksums.txt" "$TEMP_DIR/supported_rules_list_$VERSION.csv" "$TEMP_DIR/user_manual_$VERSION.md" - -curl \ - -X POST \ - -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $INTEGRATION_TESTING_ACCESS_TOKEN" \ - https://api.github.com/repos/coding-standards-integration-testing/integration-testing-production/actions/workflows/$WORKFLOW_ID/dispatches \ - -d '{"ref":"refs/heads/main", "inputs": { "release_version_tag":"'"$VERSION"'", "codeql_analysis_threads":"'"$CODEQL_ANALYSIS_THREADS"'", "aws_ec2_instance_type":"'"$AWS_EC2_INSTANCE_TYPE"'" }}' From 083451b2760ec9c9d3502a0117d1f8105275b7d8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:49:38 -0700 Subject: [PATCH 142/183] Standardize on Ubuntu 22.04 By pinning the Action runner OS version we will prevent workflow failures caused by changes in newer versions. --- .github/workflows/code-scanning-pack-gen.yml | 2 +- .github/workflows/codeql_unit_tests.yml | 4 ++-- .github/workflows/dispatch-matrix-check.yml | 2 +- .../workflows/dispatch-matrix-test-on-comment.yml | 2 +- .../dispatch-release-performance-check.yml | 2 +- .github/workflows/finalize-release.yml | 2 +- .github/workflows/prepare-release.yml | 2 +- .github/workflows/tooling-unit-tests.yml | 6 +++--- .github/workflows/update-check-run.yml | 2 +- .github/workflows/update-release-status.yml | 2 +- .github/workflows/update-release.yml | 2 +- .github/workflows/validate-package-files.yml | 2 +- .github/workflows/validate-query-formatting.yml | 2 +- .github/workflows/validate-query-help.yml | 2 +- .../validate-query-test-case-formatting.yml | 2 +- .github/workflows/validate-release.yml | 14 +++++++------- .../verify-standard-library-dependencies.yml | 2 +- 17 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index abd60b31fc..8864b669a6 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -21,7 +21,7 @@ jobs: prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index dc54eb2ca6..51afecc604 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -17,7 +17,7 @@ jobs: prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: @@ -160,7 +160,7 @@ jobs: validate-test-results: name: Validate test results needs: run-test-suites - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Collect test results uses: actions/download-artifact@v3 diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index a1cf8606a1..39ca9d81ed 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -9,7 +9,7 @@ on: jobs: dispatch-matrix-check: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Test Variables diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index bb307864c6..70afaa19ee 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -11,7 +11,7 @@ on: jobs: dispatch-matrix-check: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Test Variables diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index abba5328bd..9b89772223 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -10,7 +10,7 @@ on: jobs: dispatch-matrix-check: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Test Variables diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index df4e3a6656..8fd73707f0 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -15,7 +15,7 @@ on: jobs: finalize-release: if: (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Determine ref env: diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c5b02fd679..c395864019 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -27,7 +27,7 @@ jobs: pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 840e7c5b97..4e9ea4fd3c 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -16,7 +16,7 @@ on: jobs: prepare-supported-codeql-env-matrix: name: Prepare supported CodeQL environment matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-supported-codeql-env-matrix.outputs.matrix }} steps: @@ -33,7 +33,7 @@ jobs: analysis-report-tests: name: Run analysis report tests needs: prepare-supported-codeql-env-matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-supported-codeql-env-matrix.outputs.matrix) }} @@ -79,7 +79,7 @@ jobs: recategorization-tests: name: Run Guideline Recategorization tests - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index da43d91f54..225c81fa24 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -42,7 +42,7 @@ permissions: jobs: update-check-run: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Update check run env: diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 51d95a18ae..c7d62e80a6 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -22,7 +22,7 @@ permissions: jobs: validate-check-runs: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: status: ${{ steps.set-output.outputs.status }} check-run-head-sha: ${{ steps.set-output.outputs.check-run-head-sha }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index d1f8bed2cf..9868b2f397 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -25,7 +25,7 @@ env: jobs: update-release: name: "Update release" - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index f348903caa..d2f5336f9b 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -12,7 +12,7 @@ jobs: strategy: matrix: language: [cpp, c] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index 5aeb0b926a..ec2b4bb292 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -15,7 +15,7 @@ jobs: strategy: matrix: language: [cpp, c] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index a035c6be21..2be631dd95 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -12,7 +12,7 @@ jobs: strategy: matrix: language: [cpp, c] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 825ddc2ad5..65f8f76d65 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -12,7 +12,7 @@ env: jobs: validate-test-case-files: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: matrix: language: [cpp, c] diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 4a2ddbab18..b134f1eb13 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -18,7 +18,7 @@ jobs: pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Create check run id: create-check-run @@ -37,7 +37,7 @@ jobs: validate-performance: needs: pre-validate-performance - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Invoke performance test env: @@ -57,7 +57,7 @@ jobs: on-failure-validate-performance-dispatch: needs: [pre-validate-performance, validate-performance] if: failure() - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Fail check run status env: @@ -79,7 +79,7 @@ jobs: pre-validate-compiler-compatibility: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Create check run id: create-check-run @@ -98,7 +98,7 @@ jobs: validate-compiler-compatibility: needs: pre-validate-compiler-compatibility - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Invoke compiler compatibility test env: @@ -118,7 +118,7 @@ jobs: on-failure-validate-compiler-compatibility-dispatch: needs: [pre-validate-compiler-compatibility, validate-compiler-compatibility] if: failure() - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Fail check run status env: @@ -139,7 +139,7 @@ jobs: create-release-status-check-run: name: "Initialize release status monitoring" - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Create release status check run env: diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index ab78744e4e..3d204d5e0a 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -16,7 +16,7 @@ on: jobs: prepare-matrix: name: Prepare CodeQL configuration matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-matrix.outputs.matrix }} steps: From 39cc389883e16700833caffebfa7ed75284bc392 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:50:30 -0700 Subject: [PATCH 143/183] Remove trailing whitespace --- .github/workflows/dispatch-matrix-check.yml | 2 +- .github/workflows/dispatch-matrix-test-on-comment.yml | 2 +- .github/workflows/dispatch-release-performance-check.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 39ca9d81ed..350f2fb73f 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -14,7 +14,7 @@ jobs: - name: Test Variables shell: pwsh - run: | + run: | Write-Host "Running as: ${{github.actor}}" - name: Dispatch Matrix Testing Job diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 70afaa19ee..bef0ba7232 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -16,7 +16,7 @@ jobs: - name: Test Variables shell: pwsh - run: | + run: | Write-Host "Running as: ${{github.actor}}" $actor = "${{github.actor}}" diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 9b89772223..0858527721 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -15,7 +15,7 @@ jobs: - name: Test Variables shell: pwsh - run: | + run: | Write-Host "Running as: ${{github.actor}}" $actor = "${{github.actor}}" From 7892c39580436bb4db3c21bfeca46b794ee225a1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:52:25 -0700 Subject: [PATCH 144/183] Clarify version requirements --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c395864019..80bb00a378 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -5,7 +5,7 @@ on: inputs: version: description: | - The version to release (MUST follow semantic versioning). + The version to release (MUST follow semantic versioning so NO 'v' prefix). required: true ref: description: | From 77359e2c5b09d38f19479c253c76d2d882f99497 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:55:39 -0700 Subject: [PATCH 145/183] Format both query files and library files --- .github/workflows/validate-query-formatting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index ec2b4bb292..c5e9c806d3 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -35,7 +35,7 @@ jobs: env: LANGUAGE: ${{ matrix.language }} run: | - find $LANGUAGE -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + find $LANGUAGE -name \( \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary From f1e800f9e0339cff3bce4d1a4471116f748fcd3e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 16:09:35 -0700 Subject: [PATCH 146/183] Add change note for release artifacts update --- change_notes/2023-10-10-add-certification-kit.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-10-10-add-certification-kit.md diff --git a/change_notes/2023-10-10-add-certification-kit.md b/change_notes/2023-10-10-add-certification-kit.md new file mode 100644 index 0000000000..d143eaa61b --- /dev/null +++ b/change_notes/2023-10-10-add-certification-kit.md @@ -0,0 +1 @@ +- The release artifacts now include a certification kit used for ISO26262 certification. \ No newline at end of file From 873e341ee6feaf59323858c9ddce86041f48d0d8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:06:54 -0700 Subject: [PATCH 147/183] Address incorrect find expression --- .github/workflows/validate-query-formatting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index c5e9c806d3..27adb5c94f 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -35,7 +35,7 @@ jobs: env: LANGUAGE: ${{ matrix.language }} run: | - find $LANGUAGE -name \( \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + find $LANGUAGE \( -name \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary From 67c55bb5651e17a7dfe05a004d89561ca5bd4214 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:18:06 -0700 Subject: [PATCH 148/183] Address incorrect ref used for external help files --- .github/workflows/code-scanning-pack-gen.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 8864b669a6..4717bab1ea 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -65,6 +65,16 @@ jobs: with: cli_path: ${{ github.workspace }}/codeql_home/codeql + - name: Determine ref for external help files + id: determine-ref + run: | + if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then + echo "EXTERNAL_HELP_REF=$GITHUB_HEAD_REF" >> "$GITHUB_ENV" + else + echo "EXTERNAL_HELP_REF=$GITHUB_REF" >> "$GITHUB_ENV" + fi + echo "Using ref $EXTERNAL_HELP_REF for external help files." + - name: Checkout external help files continue-on-error: true id: checkout-external-help-files @@ -72,7 +82,7 @@ jobs: with: ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }} repository: "github/codeql-coding-standards-help" - ref: ${{ needs.determine-ref.outputs.ref }} + ref: ${{ env.EXTERNAL_HELP_REF }} path: external-help-files - name: Include external help files From 089c5ae6d3ee52024fc3e5acd6a912843d86f629 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:35:29 -0700 Subject: [PATCH 149/183] Use the HEAD ref if we are triggered by a merge group --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 4717bab1ea..ce71d140ea 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -68,7 +68,7 @@ jobs: - name: Determine ref for external help files id: determine-ref run: | - if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then + if [[ $GITHUB_EVENT_NAME == "pull_request" || $GITHUB_EVENT_NAME == "merge_group" ]]; then echo "EXTERNAL_HELP_REF=$GITHUB_HEAD_REF" >> "$GITHUB_ENV" else echo "EXTERNAL_HELP_REF=$GITHUB_REF" >> "$GITHUB_ENV" From 0c6f341b402f63a97f24431bc2deb064e18045be Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:38:44 -0700 Subject: [PATCH 150/183] Specify the type for the merge group --- .github/workflows/code-scanning-pack-gen.yml | 1 + .github/workflows/codeql_unit_tests.yml | 1 + .github/workflows/extra-rule-validation.yml | 1 + .github/workflows/generate-html-docs.yml | 1 + .github/workflows/tooling-unit-tests.yml | 1 + .github/workflows/validate-package-files.yml | 1 + .github/workflows/validate-query-formatting.yml | 1 + .github/workflows/validate-query-help.yml | 1 + .github/workflows/validate-query-test-case-formatting.yml | 1 + .github/workflows/verify-standard-library-dependencies.yml | 1 + 10 files changed, 10 insertions(+) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ce71d140ea..ec665a95d1 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -2,6 +2,7 @@ name: Code Scanning Query Pack Generation on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 51afecc604..62660d973d 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -2,6 +2,7 @@ name: CodeQL Unit Testing on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 1b2c1a3aef..a18f47c65d 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -2,6 +2,7 @@ name: ⚙️ Extra Rule Validation on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/generate-html-docs.yml b/.github/workflows/generate-html-docs.yml index bb12ba8a2b..f8e3d6d30c 100644 --- a/.github/workflows/generate-html-docs.yml +++ b/.github/workflows/generate-html-docs.yml @@ -2,6 +2,7 @@ name: Generate HTML documentation on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 4e9ea4fd3c..333b4ce024 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -2,6 +2,7 @@ name: 🧰 Tooling unit tests on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index d2f5336f9b..0573b00590 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -1,6 +1,7 @@ name: Validate Package Files on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index 27adb5c94f..b1007c47ac 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -1,6 +1,7 @@ name: "Validate Query Formatting" on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index 2be631dd95..d99144fc7f 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -1,6 +1,7 @@ name: Validate Query Help Files on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 65f8f76d65..7b95484376 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -1,6 +1,7 @@ name: Validate Query Test Case Formatting on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index 3d204d5e0a..cd5d35248d 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -3,6 +3,7 @@ name: Verify Standard Library Dependencies # Run this workflow every time the "supported_codeql_configs.json" file or a "qlpack.yml" file is changed on: merge_group: + types: [checks_requested] pull_request: branches: - main From dc3440bb7c128bbe78ba592357f24278cf42a164 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:52:43 -0700 Subject: [PATCH 151/183] Update formatting of queries --- .../CloseFileHandleWhenNoLongerNeededShared.ql | 3 +-- c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 +-- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 +-- .../test/rules/constlikereturnvalue/ConstLikeReturnValue.ql | 3 +-- c/common/test/rules/deadcode/DeadCode.ql | 3 +-- .../DeclaredAReservedIdentifier.ql | 3 +-- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 +-- .../rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql | 3 +-- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +-- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 +-- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 +-- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 +-- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 +-- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 +-- .../FreeMemoryWhenNoLongerNeededShared.ql | 3 +-- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 +-- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 +-- c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 +-- c/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 +-- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 +-- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 +-- .../InformationLeakageAcrossBoundaries.ql | 3 +-- .../InvalidatedEnvStringPointers.ql | 3 +-- .../InvalidatedEnvStringPointersWarn.ql | 3 +-- .../IOFstreamMissingPositioning.ql | 3 +-- .../MacroParameterNotEnclosedInParentheses.ql | 3 +-- .../MemcmpUsedToComparePaddingData.ql | 3 +-- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 +-- c/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 +-- .../NonVoidFunctionDoesNotReturn.ql | 3 +-- .../rules/notdistinctidentifier/NotDistinctIdentifier.ql | 3 +-- .../OnlyFreeMemoryAllocatedDynamicallyShared.ql | 3 +-- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 +-- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 +-- .../PreprocessorIncludesPreceded.ql | 3 +-- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 +-- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 +-- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 +-- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 +-- .../SwitchCasePositionCondition.ql | 3 +-- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 +-- c/common/test/rules/typeomitted/TypeOmitted.ql | 3 +-- .../UncheckedRangeDomainPoleErrors.ql | 3 +-- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 +-- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 +-- c/common/test/rules/unreachablecode/UnreachableCode.ql | 3 +-- c/common/test/rules/unusedparameter/UnusedParameter.ql | 3 +-- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 +-- .../UsageOfAssemblerNotDocumented.ql | 3 +-- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 +-- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 +-- .../AccessOfUndefinedMemberThroughNullPointer.ql | 3 +-- ...cessOfUndefinedMemberThroughUninitializedStaticPointer.ql | 5 +++-- .../BasicStringMayNotBeNullTerminated.ql | 3 +-- .../test/rules/catchblockshadowing/CatchBlockShadowing.ql | 3 +-- .../CatchExceptionsByLvalueReference.ql | 3 +-- cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 +-- .../ConditionVariablePostConditionFailed.ql | 3 +-- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 +-- .../ContainerAccessWithoutRangeCheck.ql | 3 +-- .../DanglingCaptureWhenMovingLambdaObject.ql | 3 +-- .../DanglingCaptureWhenReturningLambdaObject.ql | 3 +-- cpp/common/test/rules/deadcode/DeadCode.ql | 3 +-- .../DeleteOfPointerToIncompleteClass.ql | 3 +-- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 +-- .../DestroyedValueReferencedInDestructorCatchBlock.ql | 3 +-- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +-- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 +-- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 +-- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 +-- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 +-- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 +-- .../DoNotUseSetjmpOrLongjmpShared.ql | 3 +-- .../exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql | 3 +-- .../exceptionsafetyvalidstate/ExceptionSafetyValidState.ql | 3 +-- .../exithandlerthrowsexception/ExitHandlerThrowsException.ql | 3 +-- .../explicitabrupttermination/ExplicitAbruptTermination.ql | 3 +-- .../FunctionNoReturnAttributeCondition.ql | 3 +-- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 +-- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 +-- .../HandleAllExceptionsDuringStartup.ql | 3 +-- cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 +-- cpp/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 +-- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 +-- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 +-- .../InformationLeakageAcrossBoundaries.ql | 3 +-- .../IOFstreamMissingPositioning.ql | 3 +-- .../JoinableThreadCopiedOrDestroyed.ql | 3 +-- .../MacroParameterNotEnclosedInParentheses.ql | 3 +-- .../MemcmpUsedToComparePaddingData.ql | 3 +-- .../MovedFromObjectsUnspecifiedState.ql | 3 +-- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 +-- cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql | 3 +-- .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql | 3 +-- cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 +-- .../NonStandardEntitiesInStandardNamespaces.ql | 3 +-- .../NonVoidFunctionDoesNotReturn.ql | 3 +-- .../ObjectAccessedAfterLifetime.ql | 3 +-- .../ObjectAccessedBeforeLifetime.ql | 3 +-- .../onedefinitionruleviolation/OneDefinitionRuleViolation.ql | 3 +-- .../OperationMayNotNullTerminateCStyleString.ql | 3 +-- .../OperatorDeleteMissingPartner.ql | 3 +-- .../OrderingPredicateMustBeStrictlyWeak.ql | 3 +-- .../OwnedPointerValueStoredInUnrelatedSmartPointer.ql | 3 +-- .../PlacementNewInsufficientStorage.ql | 3 +-- .../PlacementNewNotProperlyAligned.ql | 3 +-- .../PredicateFunctionObjectsShouldNotBeMutable.ql | 3 +-- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 +-- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 +-- .../PreprocessorIncludesPreceded.ql | 3 +-- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 +-- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 +-- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 +-- .../RemoveConstOrVolatileQualification.ql | 3 +-- .../RethrowNestedWithoutCapture.ql | 3 +-- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 +-- .../StringNumberConversionMissingErrorCheck.ql | 3 +-- .../SwitchCasePositionCondition.ql | 3 +-- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 +-- .../ThrowingNoThrowOperatorNewDelete.ql | 3 +-- .../ThrowingOperatorNewReturnsNull.ql | 3 +-- .../ThrowingOperatorNewThrowsInvalidException.ql | 3 +-- .../UncheckedRangeDomainPoleErrors.ql | 3 +-- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 +-- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 +-- cpp/common/test/rules/unreachablecode/UnreachableCode.ql | 3 +-- cpp/common/test/rules/unusedparameter/UnusedParameter.ql | 3 +-- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 +-- .../UsageOfAssemblerNotDocumented.ql | 3 +-- .../UseCanonicalOrderForMemberInit.ql | 3 +-- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 +-- .../ValidContainerElementAccess.ql | 3 +-- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 +-- 133 files changed, 135 insertions(+), 266 deletions(-) diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql index a208410321..9e657b351a 100644 --- a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { -} +class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index b6c91e6eb2..2fe294762e 100644 --- a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { -} +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index b12383aabb..c77ee1c66a 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { -} +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql index c598883031..53c27eb3ce 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue -class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { -} +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql index b38dba26d7..dcd7fce840 100644 --- a/c/common/test/rules/deadcode/DeadCode.ql +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { -} +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql index 707ef3ccbe..f091b0aaaa 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.declaredareservedidentifier.DeclaredAReservedIdentifier -class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { -} +class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index cf9fdf6071..c8dc62e67c 100644 --- a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql index 1087134c19..d3b8b9ea3a 100644 --- a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotaccessaclosedfile.DoNotAccessAClosedFile -class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 9aac0f1c09..ceae7e6a9e 100644 --- a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index b2fdab8eea..96ea58009e 100644 --- a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index cc9cb834e0..374a6fc52b 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index ddaa0399b2..edef2c1127 100644 --- a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index c6e0f0e58a..3ad5626256 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index 647ee40426..bceb46bf63 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql index 8b89cb900c..27683eddfb 100644 --- a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared -class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { -} +class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 2317d5c7db..89768a3022 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { -} +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 4f7709c7dd..a0d83a59a6 100644 --- a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { -} +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index f9f34ef6d9..a61dc7860a 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { -} +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.ql b/c/common/test/rules/identifierhidden/IdentifierHidden.ql index 27a35f8376..ba13b28bd4 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { -} +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d0a494f270..acdd497be7 100644 --- a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { -} +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 8bec76dc05..13b07b4e90 100644 --- a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { -} +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index f51683773f..3393d015c3 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { -} +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql index 777e498dc1..b82c43333a 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers -class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { -} +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql index 9efdbbe048..7a56af210d 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { -} +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index ed1e85b531..c1f22c408a 100644 --- a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { -} +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 8b3c25098c..2ff9477919 100644 --- a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { -} +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 108cf3b8a1..55290047a1 100644 --- a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { -} +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index d57bf78fad..3e0b1f7e8b 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { -} +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql index 71bff7e9c6..25750ae9e5 100644 --- a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { -} +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 775599e10e..bcf99b44e7 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { -} +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql index ba74868838..3b7a8a5f9a 100644 --- a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql +++ b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier -class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { -} +class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql index f8c036c2d2..f7d315554e 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { -} +class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 35bc1586b0..d66babdb6d 100644 --- a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index f12f9663b1..c7652ab4ae 100644 --- a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 44f700604a..43701dbbf9 100644 --- a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 6fd33d601b..009c7f9e26 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { -} +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 9968a80e75..4ca46f15ea 100644 --- a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { -} +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index cec14d6dac..9150d4459d 100644 --- a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { -} +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index 00d24cc943..aacadf0253 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { -} +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index de3d7c5c9c..1b323a652d 100644 --- a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 3669f8739e..75ce3cb1ec 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/typeomitted/TypeOmitted.ql b/c/common/test/rules/typeomitted/TypeOmitted.ql index eaade7faf6..a9cd81118c 100644 --- a/c/common/test/rules/typeomitted/TypeOmitted.ql +++ b/c/common/test/rules/typeomitted/TypeOmitted.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.typeomitted.TypeOmitted -class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { -} +class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 6ae007bd39..11720fb8da 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { -} +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 168b3a0b2e..316565cab7 100644 --- a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { -} +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3b1e4b7c56..3baad901da 100644 --- a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql index 61554593fd..c394bfba3e 100644 --- a/c/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { -} +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql index 4dc2000dbb..e990a7dcf3 100644 --- a/c/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 76ccfec0f2..f1c09524d5 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index c8b9f229f4..f9997627b4 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { -} +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 7edd86ecab..55554bee07 100644 --- a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { -} +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index af84dd07c1..44947bf85a 100644 --- a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { -} +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql index 4607c4f48c..a94e11dbf6 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index 489c4a23f4..90d192e3d8 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,5 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { -} +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, + TestQuery +{ } diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql index 21f00547fc..c2c4fe7906 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated -class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { -} +class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql index 81b37d3aa5..76b7123d99 100644 --- a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql +++ b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchblockshadowing.CatchBlockShadowing -class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { -} +class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql index 0931cc9ca8..30d6d30c47 100644 --- a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql +++ b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { -} +class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index b6c91e6eb2..2fe294762e 100644 --- a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { -} +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql index 9192ea6c24..e990e23e2e 100644 --- a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql +++ b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { -} +class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index b12383aabb..c77ee1c66a 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { -} +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql index 90f2624e6b..be54f5a31c 100644 --- a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql +++ b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck -class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { -} +class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql index 3e1929e5c3..ba1f1efc2f 100644 --- a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { -} +class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql index 6880b797fc..d95ba912fd 100644 --- a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { -} +class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql index b38dba26d7..dcd7fce840 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.ql +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { -} +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql index 54ae2a773b..a589ae988e 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass -class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { -} +class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index cf9fdf6071..c8dc62e67c 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql index a2418fe0e6..90c4ed602a 100644 --- a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { -} +class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 9aac0f1c09..ceae7e6a9e 100644 --- a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index b2fdab8eea..96ea58009e 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index cc9cb834e0..374a6fc52b 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index ddaa0399b2..edef2c1127 100644 --- a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index c6e0f0e58a..3ad5626256 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index 647ee40426..bceb46bf63 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql index bb9245942d..e0026467ff 100644 --- a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql index 2d09d10250..bfa4a88318 100644 --- a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql +++ b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyguarantees.ExceptionSafetyGuarantees -class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { -} +class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql index e2d2107580..aa18543c36 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyvalidstate.ExceptionSafetyValidState -class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { -} +class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql index 4552e1d6e5..c61992b8b0 100644 --- a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql +++ b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exithandlerthrowsexception.ExitHandlerThrowsException -class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { -} +class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql index cd11b45494..d7df643551 100644 --- a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql +++ b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.explicitabrupttermination.ExplicitAbruptTermination -class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { -} +class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql index 6526233b4c..4af4aeceaf 100644 --- a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql +++ b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { -} +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 2317d5c7db..89768a3022 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { -} +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 4f7709c7dd..a0d83a59a6 100644 --- a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { -} +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql index 4a4ae60b84..d366b0eb79 100644 --- a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql +++ b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup -class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { -} +class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index f9f34ef6d9..a61dc7860a 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { -} +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql index 27a35f8376..ba13b28bd4 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { -} +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d0a494f270..acdd497be7 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { -} +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 8bec76dc05..13b07b4e90 100644 --- a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { -} +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index f51683773f..3393d015c3 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { -} +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index ed1e85b531..c1f22c408a 100644 --- a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { -} +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql index 394425a83b..affaeef13d 100644 --- a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql +++ b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed -class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { -} +class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 8b3c25098c..2ff9477919 100644 --- a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { -} +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 108cf3b8a1..55290047a1 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { -} +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql index f7510b8b24..3f818cc3e2 100644 --- a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql +++ b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { -} +class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index d57bf78fad..3e0b1f7e8b 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { -} +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql index d1956d4b71..2e27365953 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt -class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { -} +class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql index 3cd92aa294..46c2d4c3bb 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt -class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { -} +class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql index 71bff7e9c6..25750ae9e5 100644 --- a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { -} +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql index 19990c3d2f..3b10c31026 100644 --- a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { -} +class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 775599e10e..bcf99b44e7 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { -} +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql index a6dd5f0ddb..fbf2270fb9 100644 --- a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql +++ b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime -class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { -} +class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql index c7e11a4489..aa88f954dc 100644 --- a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql +++ b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime -class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { -} +class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql index 8b818c9f65..0f01e0b871 100644 --- a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql +++ b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation -class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { -} +class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql index 191a71c62d..88637e5fb8 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { -} +class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql index 2239471465..df5ed195c3 100644 --- a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql +++ b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operatordeletemissingpartner.OperatorDeleteMissingPartner -class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { -} +class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql index a546ac7dee..765e11c79e 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.orderingpredicatemustbestrictlyweak.OrderingPredicateMustBeStrictlyWeak -class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { -} +class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql index 06ce668f27..efdcb47a16 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { -} +class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql index 7b30c736d3..d63da2dc8d 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage -class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { -} +class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql index 5f4fd81927..913b1c9c66 100644 --- a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql +++ b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewnotproperlyaligned.PlacementNewNotProperlyAligned -class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { -} +class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql index 0d4dec003f..1c9c73fb3d 100644 --- a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { -} +class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 35bc1586b0..d66babdb6d 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index f12f9663b1..c7652ab4ae 100644 --- a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 44f700604a..43701dbbf9 100644 --- a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 6fd33d601b..009c7f9e26 100644 --- a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { -} +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 9968a80e75..4ca46f15ea 100644 --- a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { -} +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index cec14d6dac..9150d4459d 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { -} +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql index 137fc2edf1..61865cccab 100644 --- a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql +++ b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { -} +class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql index e3cc2a62fb..ab45ada710 100644 --- a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql +++ b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.rethrownestedwithoutcapture.RethrowNestedWithoutCapture -class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { -} +class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index 00d24cc943..aacadf0253 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { -} +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql index 9e35a26b6d..7fae4b8b9a 100644 --- a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { -} +class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index de3d7c5c9c..1b323a652d 100644 --- a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 3669f8739e..75ce3cb1ec 100644 --- a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql index 039db1c5c3..0135c410f4 100644 --- a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql +++ b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete -class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql index b034de0a67..c0fc6c8619 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewreturnsnull.ThrowingOperatorNewReturnsNull -class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql index e4917831e5..072a5c7027 100644 --- a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql +++ b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 6ae007bd39..11720fb8da 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { -} +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 168b3a0b2e..316565cab7 100644 --- a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { -} +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3b1e4b7c56..3baad901da 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql index 61554593fd..c394bfba3e 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { -} +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql index 4dc2000dbb..e990a7dcf3 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 76ccfec0f2..f1c09524d5 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index c8b9f229f4..f9997627b4 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { -} +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql index 6cee3d153d..c703151f75 100644 --- a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql +++ b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usecanonicalorderformemberinit.UseCanonicalOrderForMemberInit -class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { -} +class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 7edd86ecab..55554bee07 100644 --- a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { -} +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql index 64e86b2ba5..5f61b8a2a9 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.validcontainerelementaccess.ValidContainerElementAccess -class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { -} +class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index af84dd07c1..44947bf85a 100644 --- a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { -} +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } From 2f851295e06b037bf129b4bf2907469c5f33f6af Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 14:38:27 -0700 Subject: [PATCH 152/183] Upgrade PyYaml dependency This in response to https://github.com/yaml/pyyaml/issues/601 on MacOS. --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 976c6a46b4..f02a35c7c9 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -10,7 +10,7 @@ requests==2.31.0 smmap==3.0.5 soupsieve==2.0.1 urllib3==1.26.5 -pyyaml==5.4 +pyyaml==6.0.1 wheel==0.38.1 jsonschema==4.9.1 marko==1.2.1 \ No newline at end of file From c13560ee9883356b49f7af0895e9c1187b048a7f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 14:39:13 -0700 Subject: [PATCH 153/183] Apply new formatting to generated code --- .../CloseFileHandleWhenNoLongerNeededShared.ql | 3 ++- c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 ++- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 ++- .../test/rules/constlikereturnvalue/ConstLikeReturnValue.ql | 3 ++- c/common/test/rules/deadcode/DeadCode.ql | 3 ++- .../DeclaredAReservedIdentifier.ql | 3 ++- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 ++- .../rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql | 3 ++- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 ++- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 ++- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 ++- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 ++- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 ++- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 ++- .../FreeMemoryWhenNoLongerNeededShared.ql | 3 ++- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 ++- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 ++- c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 ++- c/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 ++- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 ++- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 ++- .../InformationLeakageAcrossBoundaries.ql | 3 ++- .../InvalidatedEnvStringPointers.ql | 3 ++- .../InvalidatedEnvStringPointersWarn.ql | 3 ++- .../IOFstreamMissingPositioning.ql | 3 ++- .../MacroParameterNotEnclosedInParentheses.ql | 3 ++- .../MemcmpUsedToComparePaddingData.ql | 3 ++- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 ++- c/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 ++- .../NonVoidFunctionDoesNotReturn.ql | 3 ++- .../rules/notdistinctidentifier/NotDistinctIdentifier.ql | 3 ++- .../OnlyFreeMemoryAllocatedDynamicallyShared.ql | 3 ++- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 ++- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 ++- .../PreprocessorIncludesPreceded.ql | 3 ++- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 ++- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 ++- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 ++- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 ++- .../SwitchCasePositionCondition.ql | 3 ++- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 ++- c/common/test/rules/typeomitted/TypeOmitted.ql | 3 ++- .../UncheckedRangeDomainPoleErrors.ql | 3 ++- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 ++- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 ++- c/common/test/rules/unreachablecode/UnreachableCode.ql | 3 ++- c/common/test/rules/unusedparameter/UnusedParameter.ql | 3 ++- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 ++- .../UsageOfAssemblerNotDocumented.ql | 3 ++- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 ++- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 ++- .../AccessOfUndefinedMemberThroughNullPointer.ql | 3 ++- ...cessOfUndefinedMemberThroughUninitializedStaticPointer.ql | 5 ++--- .../BasicStringMayNotBeNullTerminated.ql | 3 ++- .../test/rules/catchblockshadowing/CatchBlockShadowing.ql | 3 ++- .../CatchExceptionsByLvalueReference.ql | 3 ++- cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 ++- .../ConditionVariablePostConditionFailed.ql | 3 ++- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 ++- .../ContainerAccessWithoutRangeCheck.ql | 3 ++- .../DanglingCaptureWhenMovingLambdaObject.ql | 3 ++- .../DanglingCaptureWhenReturningLambdaObject.ql | 3 ++- cpp/common/test/rules/deadcode/DeadCode.ql | 3 ++- .../DeleteOfPointerToIncompleteClass.ql | 3 ++- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 ++- .../DestroyedValueReferencedInDestructorCatchBlock.ql | 3 ++- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 ++- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 ++- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 ++- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 ++- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 ++- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 ++- .../DoNotUseSetjmpOrLongjmpShared.ql | 3 ++- .../exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql | 3 ++- .../exceptionsafetyvalidstate/ExceptionSafetyValidState.ql | 3 ++- .../exithandlerthrowsexception/ExitHandlerThrowsException.ql | 3 ++- .../explicitabrupttermination/ExplicitAbruptTermination.ql | 3 ++- .../FunctionNoReturnAttributeCondition.ql | 3 ++- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 ++- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 ++- .../HandleAllExceptionsDuringStartup.ql | 3 ++- cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 ++- cpp/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 ++- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 ++- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 ++- .../InformationLeakageAcrossBoundaries.ql | 3 ++- .../IOFstreamMissingPositioning.ql | 3 ++- .../JoinableThreadCopiedOrDestroyed.ql | 3 ++- .../MacroParameterNotEnclosedInParentheses.ql | 3 ++- .../MemcmpUsedToComparePaddingData.ql | 3 ++- .../MovedFromObjectsUnspecifiedState.ql | 3 ++- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 ++- cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql | 3 ++- .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql | 3 ++- cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 ++- .../NonStandardEntitiesInStandardNamespaces.ql | 3 ++- .../NonVoidFunctionDoesNotReturn.ql | 3 ++- .../ObjectAccessedAfterLifetime.ql | 3 ++- .../ObjectAccessedBeforeLifetime.ql | 3 ++- .../onedefinitionruleviolation/OneDefinitionRuleViolation.ql | 3 ++- .../OperationMayNotNullTerminateCStyleString.ql | 3 ++- .../OperatorDeleteMissingPartner.ql | 3 ++- .../OrderingPredicateMustBeStrictlyWeak.ql | 3 ++- .../OwnedPointerValueStoredInUnrelatedSmartPointer.ql | 3 ++- .../PlacementNewInsufficientStorage.ql | 3 ++- .../PlacementNewNotProperlyAligned.ql | 3 ++- .../PredicateFunctionObjectsShouldNotBeMutable.ql | 3 ++- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 ++- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 ++- .../PreprocessorIncludesPreceded.ql | 3 ++- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 ++- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 ++- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 ++- .../RemoveConstOrVolatileQualification.ql | 3 ++- .../RethrowNestedWithoutCapture.ql | 3 ++- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 ++- .../StringNumberConversionMissingErrorCheck.ql | 3 ++- .../SwitchCasePositionCondition.ql | 3 ++- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 ++- .../ThrowingNoThrowOperatorNewDelete.ql | 3 ++- .../ThrowingOperatorNewReturnsNull.ql | 3 ++- .../ThrowingOperatorNewThrowsInvalidException.ql | 3 ++- .../UncheckedRangeDomainPoleErrors.ql | 3 ++- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 ++- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 ++- cpp/common/test/rules/unreachablecode/UnreachableCode.ql | 3 ++- cpp/common/test/rules/unusedparameter/UnusedParameter.ql | 3 ++- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 ++- .../UsageOfAssemblerNotDocumented.ql | 3 ++- .../UseCanonicalOrderForMemberInit.ql | 3 ++- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 ++- .../ValidContainerElementAccess.ql | 3 ++- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 ++- 133 files changed, 266 insertions(+), 135 deletions(-) diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql index 9e657b351a..a208410321 100644 --- a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { } +class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 2fe294762e..b6c91e6eb2 100644 --- a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index c77ee1c66a..b12383aabb 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql index 53c27eb3ce..c598883031 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue -class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql index dcd7fce840..b38dba26d7 100644 --- a/c/common/test/rules/deadcode/DeadCode.ql +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql index f091b0aaaa..707ef3ccbe 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.declaredareservedidentifier.DeclaredAReservedIdentifier -class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { } +class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index c8dc62e67c..cf9fdf6071 100644 --- a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql index d3b8b9ea3a..1087134c19 100644 --- a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotaccessaclosedfile.DoNotAccessAClosedFile -class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index ceae7e6a9e..9aac0f1c09 100644 --- a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index 96ea58009e..b2fdab8eea 100644 --- a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index 374a6fc52b..cc9cb834e0 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index edef2c1127..ddaa0399b2 100644 --- a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 3ad5626256..c6e0f0e58a 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index bceb46bf63..647ee40426 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql index 27683eddfb..8b89cb900c 100644 --- a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared -class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { } +class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 89768a3022..2317d5c7db 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index a0d83a59a6..4f7709c7dd 100644 --- a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index a61dc7860a..f9f34ef6d9 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.ql b/c/common/test/rules/identifierhidden/IdentifierHidden.ql index ba13b28bd4..27a35f8376 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index acdd497be7..d0a494f270 100644 --- a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 13b07b4e90..8bec76dc05 100644 --- a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 3393d015c3..f51683773f 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql index b82c43333a..777e498dc1 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers -class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql index 7a56af210d..9efdbbe048 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index c1f22c408a..ed1e85b531 100644 --- a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 2ff9477919..8b3c25098c 100644 --- a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 55290047a1..108cf3b8a1 100644 --- a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index 3e0b1f7e8b..d57bf78fad 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql index 25750ae9e5..71bff7e9c6 100644 --- a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index bcf99b44e7..775599e10e 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql index 3b7a8a5f9a..ba74868838 100644 --- a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql +++ b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier -class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { } +class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql index f7d315554e..f8c036c2d2 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { } +class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index d66babdb6d..35bc1586b0 100644 --- a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index c7652ab4ae..f12f9663b1 100644 --- a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 43701dbbf9..44f700604a 100644 --- a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 009c7f9e26..6fd33d601b 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 4ca46f15ea..9968a80e75 100644 --- a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 9150d4459d..cec14d6dac 100644 --- a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { +} diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index aacadf0253..00d24cc943 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 1b323a652d..de3d7c5c9c 100644 --- a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 75ce3cb1ec..3669f8739e 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/typeomitted/TypeOmitted.ql b/c/common/test/rules/typeomitted/TypeOmitted.ql index a9cd81118c..eaade7faf6 100644 --- a/c/common/test/rules/typeomitted/TypeOmitted.ql +++ b/c/common/test/rules/typeomitted/TypeOmitted.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.typeomitted.TypeOmitted -class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { } +class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 11720fb8da..6ae007bd39 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 316565cab7..168b3a0b2e 100644 --- a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3baad901da..3b1e4b7c56 100644 --- a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql index c394bfba3e..61554593fd 100644 --- a/c/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql index e990a7dcf3..4dc2000dbb 100644 --- a/c/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index f1c09524d5..76ccfec0f2 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index f9997627b4..c8b9f229f4 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 55554bee07..7edd86ecab 100644 --- a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 44947bf85a..af84dd07c1 100644 --- a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql index a94e11dbf6..4607c4f48c 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index 90d192e3d8..489c4a23f4 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, - TestQuery -{ } +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql index c2c4fe7906..21f00547fc 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated -class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { } +class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql index 76b7123d99..81b37d3aa5 100644 --- a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql +++ b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchblockshadowing.CatchBlockShadowing -class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { } +class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql index 30d6d30c47..0931cc9ca8 100644 --- a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql +++ b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { } +class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 2fe294762e..b6c91e6eb2 100644 --- a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql index e990e23e2e..9192ea6c24 100644 --- a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql +++ b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { } +class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index c77ee1c66a..b12383aabb 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql index be54f5a31c..90f2624e6b 100644 --- a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql +++ b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck -class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { } +class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql index ba1f1efc2f..3e1929e5c3 100644 --- a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { } +class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql index d95ba912fd..6880b797fc 100644 --- a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { } +class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql index dcd7fce840..b38dba26d7 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.ql +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql index a589ae988e..54ae2a773b 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass -class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { } +class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index c8dc62e67c..cf9fdf6071 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql index 90c4ed602a..a2418fe0e6 100644 --- a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { } +class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index ceae7e6a9e..9aac0f1c09 100644 --- a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index 96ea58009e..b2fdab8eea 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index 374a6fc52b..cc9cb834e0 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index edef2c1127..ddaa0399b2 100644 --- a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 3ad5626256..c6e0f0e58a 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index bceb46bf63..647ee40426 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql index e0026467ff..bb9245942d 100644 --- a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql index bfa4a88318..2d09d10250 100644 --- a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql +++ b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyguarantees.ExceptionSafetyGuarantees -class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { } +class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql index aa18543c36..e2d2107580 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyvalidstate.ExceptionSafetyValidState -class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { } +class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql index c61992b8b0..4552e1d6e5 100644 --- a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql +++ b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exithandlerthrowsexception.ExitHandlerThrowsException -class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { } +class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql index d7df643551..cd11b45494 100644 --- a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql +++ b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.explicitabrupttermination.ExplicitAbruptTermination -class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { } +class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql index 4af4aeceaf..6526233b4c 100644 --- a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql +++ b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 89768a3022..2317d5c7db 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index a0d83a59a6..4f7709c7dd 100644 --- a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql index d366b0eb79..4a4ae60b84 100644 --- a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql +++ b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup -class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { } +class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index a61dc7860a..f9f34ef6d9 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql index ba13b28bd4..27a35f8376 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index acdd497be7..d0a494f270 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 13b07b4e90..8bec76dc05 100644 --- a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 3393d015c3..f51683773f 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index c1f22c408a..ed1e85b531 100644 --- a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql index affaeef13d..394425a83b 100644 --- a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql +++ b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed -class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { } +class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 2ff9477919..8b3c25098c 100644 --- a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 55290047a1..108cf3b8a1 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql index 3f818cc3e2..f7510b8b24 100644 --- a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql +++ b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { } +class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index 3e0b1f7e8b..d57bf78fad 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql index 2e27365953..d1956d4b71 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt -class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { } +class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql index 46c2d4c3bb..3cd92aa294 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt -class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { } +class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql index 25750ae9e5..71bff7e9c6 100644 --- a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql index 3b10c31026..19990c3d2f 100644 --- a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { } +class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index bcf99b44e7..775599e10e 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql index fbf2270fb9..a6dd5f0ddb 100644 --- a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql +++ b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime -class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { } +class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql index aa88f954dc..c7e11a4489 100644 --- a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql +++ b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime -class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { } +class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql index 0f01e0b871..8b818c9f65 100644 --- a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql +++ b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation -class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { } +class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql index 88637e5fb8..191a71c62d 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { } +class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql index df5ed195c3..2239471465 100644 --- a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql +++ b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operatordeletemissingpartner.OperatorDeleteMissingPartner -class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { } +class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql index 765e11c79e..a546ac7dee 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.orderingpredicatemustbestrictlyweak.OrderingPredicateMustBeStrictlyWeak -class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { } +class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql index efdcb47a16..06ce668f27 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { } +class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql index d63da2dc8d..7b30c736d3 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage -class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { } +class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql index 913b1c9c66..5f4fd81927 100644 --- a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql +++ b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewnotproperlyaligned.PlacementNewNotProperlyAligned -class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { } +class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql index 1c9c73fb3d..0d4dec003f 100644 --- a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { } +class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index d66babdb6d..35bc1586b0 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index c7652ab4ae..f12f9663b1 100644 --- a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 43701dbbf9..44f700604a 100644 --- a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 009c7f9e26..6fd33d601b 100644 --- a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 4ca46f15ea..9968a80e75 100644 --- a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 9150d4459d..cec14d6dac 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql index 61865cccab..137fc2edf1 100644 --- a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql +++ b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { } +class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql index ab45ada710..e3cc2a62fb 100644 --- a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql +++ b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.rethrownestedwithoutcapture.RethrowNestedWithoutCapture -class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { } +class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index aacadf0253..00d24cc943 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql index 7fae4b8b9a..9e35a26b6d 100644 --- a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { } +class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 1b323a652d..de3d7c5c9c 100644 --- a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 75ce3cb1ec..3669f8739e 100644 --- a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql index 0135c410f4..039db1c5c3 100644 --- a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql +++ b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete -class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql index c0fc6c8619..b034de0a67 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewreturnsnull.ThrowingOperatorNewReturnsNull -class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql index 072a5c7027..e4917831e5 100644 --- a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql +++ b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 11720fb8da..6ae007bd39 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 316565cab7..168b3a0b2e 100644 --- a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3baad901da..3b1e4b7c56 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql index c394bfba3e..61554593fd 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql index e990a7dcf3..4dc2000dbb 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index f1c09524d5..76ccfec0f2 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index f9997627b4..c8b9f229f4 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql index c703151f75..6cee3d153d 100644 --- a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql +++ b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usecanonicalorderformemberinit.UseCanonicalOrderForMemberInit -class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { } +class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 55554bee07..7edd86ecab 100644 --- a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql index 5f61b8a2a9..64e86b2ba5 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.validcontainerelementaccess.ValidContainerElementAccess -class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { } +class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 44947bf85a..af84dd07c1 100644 --- a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { +} From dc3659cb9f4a88a33a1f470133f26ba63e67afab Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 14:45:38 -0700 Subject: [PATCH 154/183] Update the release process section --- docs/development_handbook.md | 88 ++++++++++++++++++++---------------- 1 file changed, 49 insertions(+), 39 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 8aeb1ee5e5..ad66d09652 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -35,6 +35,7 @@ | 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. | | 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | | 0.28.0 | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product. | +| 0.29.0 | 2023-10-11 | Remco Vermeulen | Update release process. | ## Scope of work @@ -515,9 +516,29 @@ To upgrade the CodeQL external dependencies: ### Release process -#### Version Numbering +The release process is a combination of release specific Action workflows and validation Action workflows executed on each PR. +The flowchart below provides an overview of the release process and how the release specific Action workflows are related. + +```mermaid +flowchart TD; + prepare-release["Prepare release (prepare-release.yml)"] + validate-release["Validate release (validate-release.yml)"] + compiler-validation["Compiler tests (release-engineering/release-compiler-validation.yml.)"] + performance-testing["Performance testing (release-engineering/release-performance-testing.yml)"] + existing-checks["Existing checks run on each PR"] + update-release["Update release (update-release.yml)"] + finalize-release["Finalize release (finalize-release.yml)"] + + prepare-release-->validate-release + validate-release-->compiler-validation-->update-release + validate-release-->performance-testing-->update-release + prepare-release-->existing-checks-->update-release + update-release-->finalize-release +``` + +#### Version Numbering -Version numbers follow semantic versioning and adhere to the following guidelines specific to Coding Standards. +Version numbers follow semantic versioning and adhere to the following guidelines specific to Coding Standards. Given the version `..`: @@ -531,57 +552,46 @@ We use the "Releases" feature in GitHub to manage and track our releases. This p To simplify the process of generating the release information, the repository contains a number of scripts and Action workflows: - - [`generate_release_notes.py`](../scripts/release/generate_release_notes.py) - a script for generating release notes based on the contents of the repository in comparison to the previous release. - - [`create_draft_release.sh`](../scripts/release/create_draft_release.sh) - a script for creating a release by: - 1. Downloading the appropriate artifacts - 2. Generating the release notes by calling `generate_release_notes.py` with appropriate parameters - 3. Generating the list of supported rules - 4. Creating a draft release on GitHub containing the artifacts from the previous steps - 5. Triggering integration testing on the new release. - - [`create-draft-release.yml`](../.github/workflows/create-draft-release.yml) - a GitHub Actions workflow for running the `create_draft_release.sh` on demand within the CI/CD environment. +- [prepare-release.yml](./github/workflows/prepare-release.yml): The entry point for starting a new release. When provided with a version and a Git reference this workflow will + - Create a release branch. + - Create a release PR that will contain all the changes required for a release and will validate the release using checks. + - Create a draft release that will be updated during various stages of the release. +- [update-release.yml](./github/workflows/update-release.yml): This workflow will update the draft release when all checks have passed successfully on the release PR. The draft release is updated to: + - Have the most recent release notes as generated by the [update-release-notes.py](scripts/release/update-release-notes.py) script. + - Have the most recent release assets as generated by the [update-release-assets.py](scripts/release/update-release-assets.py). +- [finalize-release.yml](.github/workflows/finalize-release.yml): This will update the release tag and mark the release public when the release PR is merged to successfully conclude the release. +- [update-release-status.yml](.github/workflows/update-release-status.yml): This workflow will update the status on the release by monitoring the status of individual validation steps. When all succeeded this will invoke the `update-release.yml` workflow. +- [update-check-run.yml](.github/workflows/update-check-run.yml): Utility workflow that allow authorized external workflows (i.e., workflows in other repositories) to update the status of check runs in the coding standards repository. +- [validate-release.yml](.github/workflows/validate-release.yml): Utility workflow that will start the performance and compiler compatibility testing that are orchestrated from the codeql-coding-standards-release-engineering repository. #### Branching workflow -Each new major or minor release should have a dedicated release branch, with the name `rc/.`. A new patch version should re-use the existing release branch for the release that is being patched. +Each release should have a dedicated release branch, with the name `rc/..`. A new patch version should branch from the existing release branch for the release that is being patched. Ensure that the same release branch is created in the [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) repository. -#### Artifact creation +#### Release assets -There is an automated CI/CD job ([Code Scanning Query Pack Generation](../.github/workflows/code-scanning-pack-gen.yml)) provided that generates the following release artifacts for Coding Standards: +There is an automated CI/CD job ([Update Release](../.github/workflows/update-release.yml)) that will automatically generate the release assets according to the [release layout specification](scripts/release/release-layout.yml). +Among the assets are: - - Code Scanning query pack - generates a zipped folder that can be used with the CodeQL CLI directly, or with GitHub Advanced Security. +- Certification kit containing the proof obligations for ISO26262 certification. +- Code Scanning query packs that can be used with the CodeQL CLI directly, or with GitHub Advanced Security. **Use of Code Scanning within GitHub Advanced Security is not in scope for ISO 26262 tool qualification. See [user_manual.md#github-advanced-security](user_manual.md#github-advanced-security) for more information**. -These run on every push to `main` and `rc/*`, and on every pull request, and are releasable without modification, assuming all other status checks succeed on the same commit. - #### Creating a release To create a new release: - 1. Create an internal "release checklist" issue. - 2. Determine the appropriate release version. Version numbers are generated + + 1. Determine the appropriate release version. Version numbers are generated according to the guidelines in the section "Version Numbering." - 3. If a new `MAJOR` version is necessary, create a new `rc/.0` branch off of `main`. Otherwise, reuse the existing `rc` branch and merge work from `main` into the `rc` branch you have selected. - 4. Ensure the same `rc` branch exists in the [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) repository. This branch will be used to include external help files. - 5. Submit a PR to update the `qlpack.yml` version numbers on the `main` branch to the next anticipated release. - 6. Submit a PR to update the `qlpack.yml` version numbers on the release branch to the new version. - 7. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Create draft release](../.github/workflows/create-draft-release.yml) workflow, specifying the release branch. The output of this workflow should report a link to the draft release and a link to the integration testing workflow triggered for this release. - - In the event the workflow is unusable, the [`create_draft_release.sh`](../scripts/release/create_draft_release.sh) script can be run directly on a local machine. - 8. Run the following workflows with the new version number, e.g., `v2.0.0`: - - [Test Linux/x86_64](https://github.com/github/codeql-coding-standards-release-engineering/actions/workflows/test-release-performance-linux-x86_64.yml) - - [Test Windows/x86_64](https://github.com/github/codeql-coding-standards-release-engineering/actions/workflows/test-release-performance-windows-x86_64.yml) - - [Regenerate Performance Views](https://github.com/github/codeql-coding-standards-release-engineering/actions/workflows/regenerate-performance-views.yml) - 9. Confirm the integration testing workflow completes successfully, and that the execution time is comparable to previous releases, taking into account that the execution time is expected to increase proportionally as more queries are added for each release. Results may be viewed on the release engineering repo: https://github.com/github/codeql-coding-standards-release-engineering - 10. For release 1.0.0 and above, the integration testing results must be verified. For each "integration testing codebase": - - Download the SARIF result file - - Compare the results against the previously computed set of results for that integration testing codebase, and, for any new or changed results, spot check to confirm validity. - - For false positives and false negatives identified during this process issues should be opened on this repository to track the problems identified. - - For each issue opened, assess whether they are "significant" i.e. whether they are likely to cause problems in practice with customers. If so, consider Step 7. failed. - 11. If the release fails steps 7. or 8. (if applicable), retain the draft release, and rename it to `vminor.major.patch-rc`. Address the release blocking issues on the `rc/.` branch, and restart the release process at Step 7. - 12. If steps 7. and 8. (if applicable) succeeded, then the release can be marked as "published". - 13. Release artifacts can now be distributed to customers. - 14. Create an internal "release retrospective" issue, and document any pain points or other issues. - 15. Create a PR that merges the release candidate branch into `main`. + 2. Determine the appropriate [Git reference](https://git-scm.com/book/en/v2/Git-Internals-Git-References) to base the new release on. For new major or minor releases, this will be `main`. For patch releases this will be the release branch that is patched. + 3. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) workflow, specifying the release version for the input `version` and the Git reference for the input `ref`. + 4. Merge the PR that is created for the release, named `Release v..` where ``, ``, and `` match with the input `version` of the workflow [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) triggered in the previous step. + +The release automation consists of many test and validation steps that can fail. These can be addressed and the release can be restarted from step 3. +A restart of a release **WILL RECREATE THE EXISTING RELEASE BRANCH AND RELEASE PR**. Any additional changes added to the PR **MUST** be reapplied. +If a release has been marked public, the release can no longer be restarted or re-released without removing the release manually. ## False Positive Triage Rubric From 6b98895f0b6536b07ec60e94724f7da0059bdadf Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 15:01:16 -0700 Subject: [PATCH 155/183] Address Markdown linter problems --- docs/development_handbook.md | 344 +++++++++++++++++++---------------- 1 file changed, 184 insertions(+), 160 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index ad66d09652..3a9471df59 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -36,10 +36,11 @@ | 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | | 0.28.0 | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product. | | 0.29.0 | 2023-10-11 | Remco Vermeulen | Update release process. | +| 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | ## Scope of work -A _coding standard_ is a set of rules or guidelines which restrict or prohibit the use of certain dangerous or confusing coding patterns or language features. This repository contains CodeQL queries (and supporting processes) which implement a number of different coding standards. The currently supported standards are: +A *coding standard* is a set of rules or guidelines which restrict or prohibit the use of certain dangerous or confusing coding patterns or language features. This repository contains CodeQL queries (and supporting processes) which implement a number of different coding standards. The currently supported standards are: | Standard | Version | Total rules | Total supportable rules | Status | Notes | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | @@ -48,8 +49,7 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t | [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | - -Each coding standard consists of a list of "guidelines", however not all the guidelines in all the standards will be amenable to automated static analysis. The AUTOSAR C++ standard categorizes the guidelines according to enforcement by static analysis tools in section _5.1.3 Rule classification according to enforcement by static analysis_ of the standard. The CERT-C++ standard does not provide such categorization, but frequently has a [documented](https://wiki.sei.cmu.edu/confluence/display/cplusplus/How+this+Coding+Standard+Is+Organized#HowthisCodingStandardIsOrganized-AutomatedDetection) automated detection section for guidelines that documents tools, including their limitations, that can verify the guidelines in question. We have therefore carefully reviewed each supported standard. For each guidelines that is not categorized as automatic enforceable we have determined,in conjunction with end users, what parts of the guideline can be supported in which capacity with CodeQL. +Each coding standard consists of a list of "guidelines", however not all the guidelines in all the standards will be amenable to automated static analysis. The AUTOSAR C++ standard categorizes the guidelines according to enforcement by static analysis tools in section *5.1.3 Rule classification according to enforcement by static analysis* of the standard. The CERT-C++ standard does not provide such categorization, but frequently has a [documented](https://wiki.sei.cmu.edu/confluence/display/cplusplus/How+this+Coding+Standard+Is+Organized#HowthisCodingStandardIsOrganized-AutomatedDetection) automated detection section for guidelines that documents tools, including their limitations, that can verify the guidelines in question. We have therefore carefully reviewed each supported standard. For each guidelines that is not categorized as automatic enforceable we have determined,in conjunction with end users, what parts of the guideline can be supported in which capacity with CodeQL. For some of the rules which are not amenable to static analysis, we may opt to provide a query which aids with "auditing" the rules. For example, AUTOSAR includes a rule (A10-0-1) "Public inheritance shall be used to implement 'is-a' relationship.". This is not directly amenable to static analysis, because it requires external context around the concept being modeled. However, we can provide an "audit" rule which reports all the public and private inheritance relationships in the program, so they can be manually verified. @@ -63,8 +63,8 @@ A common use case for the coding standards specified above is to to help in the To support the functional safety use case, the scope of work for this project also includes: - - _Analysis reporting_ - producing reports for functional safety purposes that summarize the findings and highlight any issues during analysis that could compromise the integrity of those findings. - - _Deviations_ - a process for suppressing valid results, and maintaining metadata +- *Analysis reporting* - producing reports for functional safety purposes that summarize the findings and highlight any issues during analysis that could compromise the integrity of those findings. +- *Deviations* - a process for suppressing valid results, and maintaining metadata The requirements for these additional components are taken from the [MISRA Compliance 2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) document. Further details of these use cases can be found in the [user manual](user_manual.md). @@ -72,30 +72,34 @@ The requirements for these additional components are taken from the [MISRA Compl ### Overview - * For each selected rule we will write one or more CodeQL queries that implement the rule (see section _Splitting a rule into multiple queries_). - * Queries will be grouped into CodeQL packs, according to the coding standard the rule comes from. - * To ensure consistency and increase the speed of development, we generate outline query files from the `rules.csv` specification file. - * Where a rule is duplicated across different standards, we will still create separate queries for each standard, but the implementation may be shared between the standards. This allows each version to provide different metadata, and to be enabled/disabled individually. - +- For each selected rule we will write one or more CodeQL queries that implement the rule (see section *Splitting a rule into multiple queries*). +- Queries will be grouped into CodeQL packs, according to the coding standard the rule comes from. +- To ensure consistency and increase the speed of development, we generate outline query files from the `rules.csv` specification file. +- Where a rule is duplicated across different standards, we will still create separate queries for each standard, but the implementation may be shared between the standards. This allows each version to provide different metadata, and to be enabled/disabled individually. + ### Architecture For each supported coding standard we will provide: + 1. A CodeQL query pack containing the queries that implement the designated rules. 2. A CodeQL query pack containing the unit tests ("qltests") for each of the queries. These packs will be organized by supported language. The current supported languages are: + - C++14 standardized by [ISO/IEC 14882:2014](https://www.iso.org/standard/64029.html) located in the directory `cpp`. - [C99] standardized by [ISO/IEC 9899:1999](https://www.iso.org/standard/29237.html) and C11 standardized by [ISO/IEC 9899:2011](https://www.iso.org/standard/57853.html). All are located in the directory `c`. For each language, we will also include: + 1. A CodeQL query pack containing "common" libraries, which provide support. 2. A CodeQL query pack containing tests for the "common" libraries. The standards packs will depend on the "common" pack for the given language. This will allow the different standards to share implementation libraries. In the repository, this will be organized as follows: -``` + +```text / / src/ @@ -142,9 +146,10 @@ The decision to split a rule into multiple queries should be driven by the follo In order to speed up rule development and ensure implementation consistency we have created a series of scripts that generate templated rule files based on the `rules.csv` rule specification file. This generation process works on a per-rule package basis, and is driven by the creation of a "rule package description file", describing the mapping from rules to queries which will implement those rules. For this, there is a three step process: - 1. Generate a rule package description file for a given rule package. - 2. Review each entry in the rule package description file, updating the names and properties of the queries that will be written to implement these rules. - 3. Generate rule files from the rule package description file for a given rule package. + +1. Generate a rule package description file for a given rule package. +2. Review each entry in the rule package description file, updating the names and properties of the queries that will be written to implement these rules. +3. Generate rule files from the rule package description file for a given rule package. After these scripts have been run each query specified in the rule package description file will have: @@ -177,7 +182,7 @@ pip install -r scripts/requirements.txt To generate the rule package description file, run the following script from the root of the repository: -``` +```bash python3.9 scripts/generate_rules/generate_package_description.py ``` @@ -186,23 +191,24 @@ This will produce a `.json` file in the `rule_packages` directory with the name #### Step 2: Review and update the rule package description file The rule package description file produced in previous step is a `json` file which has the following structure: - - * A rule package object, with properties for each coding standard. - * A coding standard object, with properties for each implemented rule. - * A rule object, with: - * A `properties` property specifying some key-value pairs describing properties of the rule. - * A `title`s property specifying the rule title (also known as the rule "headline"). - * A `queries` property, specifying an array of query objects - * A query object, with: - * A `description` property, which will be used to populate the `@description` query metadata property value for this query. - * A `kind` property, which will be used to populate the `@kind` query metadata property value for this query. - * A `name` property, which will be used to populate the `@name` query metadata property value for this query. - * A `precision` property, which will be used to populate the `@precision` query metadata property value for this query. - * A `severity` property, which will be used to populate the `@severity` query metadata property value for this query. - * A `short_name` property, which will be used in the filenames for each file generated for this query, most notable as the name of the generated `.ql` query file, as well as the query id. - * A `tags` property, which will be used to populate the `@tags` query metadata property value for this query. + +- A rule package object, with properties for each coding standard. +- A coding standard object, with properties for each implemented rule. +- A rule object, with: + - A `properties` property specifying some key-value pairs describing properties of the rule. + - A `title`s property specifying the rule title (also known as the rule "headline"). + - A `queries` property, specifying an array of query objects +- A query object, with: + - A `description` property, which will be used to populate the `@description` query metadata property value for this query. + - A `kind` property, which will be used to populate the `@kind` query metadata property value for this query. + - A `name` property, which will be used to populate the `@name` query metadata property value for this query. + - A `precision` property, which will be used to populate the `@precision` query metadata property value for this query. + - A `severity` property, which will be used to populate the `@severity` query metadata property value for this query. + - A `short_name` property, which will be used in the filenames for each file generated for this query, most notable as the name of the generated `.ql` query file, as well as the query id. + - A `tags` property, which will be used to populate the `@tags` query metadata property value for this query. For example, this is the first part of the `Exceptions2.json` package file: + ```json { "AUTOSAR": { @@ -237,70 +243,74 @@ The query metadata instructs the CodeQL how to handle the query and display its The `generate_package_description.py` script provides a "best-effort" approach to setting each of the properties. For that reason, the rule package description file must be reviewed and updated. For each rule: - - Review the rule text in the relevant standard, and determine the number of queries - - For each `query` object review and update the following properties: - - `description` - **_must not be empty and end with a full stop_** - will be blank, unless the rule headline was too long to fit in the `name` property, in which case it will contain the rule headline. If the `description` is blank, fill it in explaining _why_ this could be a problem by explaining the consequences (see the CodeQL [metadata descriptions](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#query-descriptions-description) documentation for more details). - - `kind` - pre-populated to `problem`. Modify to `path-problem` if this query is likely to use path explanations - for example, to explain data flow path. - - `name` - will be pre-populated the first 100 characters of the rule headline text, truncated at a sensible point. This should be a single sentence, and **_must not end in a full stop_**. - - `precision` - pre-populated based on a "difficulty" column present in the `rules.csv`. Set according to the definition specified in the CodeQL [metadata properties](https://codeql.github.com/docs/writing-codeql-queries/metadata-for-codeql-queries/#metadata-properties) documentation. - - `severity` - will be pre-populated to `error`, but should be adjusted based on the query. The criteria is that if the query does report a true positive - - `error` - if the reported issue is either directly a security vulnerability, or directly causes a bug or crash in the program. - - `warning` - if the reported issue is not an error, but could indirectly lead to a security vulnerability or a bug or crash in the program. - - `recommendation` - if the reported issue is primarily a stylistic or maintainability issue. - - `short_name` - must be a PascalCase string without spaces, which will be used for the name of the query file and to generate a query id. Pre-populated heuristically from from the rule headline text. Make adjustments as appropriate: - - The short name must not exceed 50 characters. - - Consider whether the query can be described more succinctly. For example `OnlyInstancesOfTypesDerivedFromExceptionShouldBeThrown` can be summarized more clearly as `OnlyThrowStdExceptionDerivedTypes`. - - `tags` - Apply at least one tag from the possible values listed below. If you want to use a query that is not listed a new tag can be added through a PR that modifies the possible tag values in the `query` sub-schema located in `schemas/rule-package.schema.json` and updates the list of possible values described below. - - `correctness` - if the query identifies incorrect program behavior. - - `security` - if the query identifies a potential security vulnerability. - - `readability` - if the query identifies an issue which makes the code harder to read. - - `maintainability` - if the query identifies an issue which makes the code harder to maintain. - - `performance` - if the query identifies an issue which has a negative impact on the performance of the code. - - `concurrency` - if the query identifies a concurrency issue. - - Validate the rule package description file using the `validate-rule-package.py` script that validates the rule package descriptions against the schema `rule-package.schema.json` located in the `schemas` directory. - - `python3 scripts/validate-rule-package.py ` - -#### Step 3: +- Review the rule text in the relevant standard, and determine the number of queries +- For each `query` object review and update the following properties: + - `description` - ***must not be empty and end with a full stop*** - will be blank, unless the rule headline was too long to fit in the `name` property, in which case it will contain the rule headline. If the `description` is blank, fill it in explaining *why* this could be a problem by explaining the consequences (see the CodeQL [metadata descriptions](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#query-descriptions-description) documentation for more details). + - `kind` - pre-populated to `problem`. Modify to `path-problem` if this query is likely to use path explanations - for example, to explain data flow path. + - `name` - will be pre-populated the first 100 characters of the rule headline text, truncated at a sensible point. This should be a single sentence, and ***must not end in a full stop***. + - `precision` - pre-populated based on a "difficulty" column present in the `rules.csv`. Set according to the definition specified in the CodeQL [metadata properties](https://codeql.github.com/docs/writing-codeql-queries/metadata-for-codeql-queries/#metadata-properties) documentation. + - `severity` - will be pre-populated to `error`, but should be adjusted based on the query. The criteria is that if the query does report a true positive + - `error` - if the reported issue is either directly a security vulnerability, or directly causes a bug or crash in the program. + - `warning` - if the reported issue is not an error, but could indirectly lead to a security vulnerability or a bug or crash in the program. + - `recommendation` - if the reported issue is primarily a stylistic or maintainability issue. + - `short_name` - must be a PascalCase string without spaces, which will be used for the name of the query file and to generate a query id. Pre-populated heuristically from from the rule headline text. Make adjustments as appropriate: + - The short name must not exceed 50 characters. + - Consider whether the query can be described more succinctly. For example `OnlyInstancesOfTypesDerivedFromExceptionShouldBeThrown` can be summarized more clearly as `OnlyThrowStdExceptionDerivedTypes`. + - `tags` - Apply at least one tag from the possible values listed below. If you want to use a query that is not listed a new tag can be added through a PR that modifies the possible tag values in the `query` sub-schema located in `schemas/rule-package.schema.json` and updates the list of possible values described below. + - `correctness` - if the query identifies incorrect program behavior. + - `security` - if the query identifies a potential security vulnerability. + - `readability` - if the query identifies an issue which makes the code harder to read. + - `maintainability` - if the query identifies an issue which makes the code harder to maintain. + - `performance` - if the query identifies an issue which has a negative impact on the performance of the code. + - `concurrency` - if the query identifies a concurrency issue. + - Validate the rule package description file using the `validate-rule-package.py` script that validates the rule package descriptions against the schema `rule-package.schema.json` located in the `schemas` directory. + - `python3 scripts/validate-rule-package.py ` + +#### Step 3 Ensure that the repository [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) cloned as a sibling of the [codeql-coding-standards](https://github.com/github/codeql-coding-standards) repository switched to a branch that matches the branch your are working on. To generate the rule package files, run the following script from the root of the repository: -``` +```bash python3.9 scripts/generate_rules/generate_package_files.py ``` If the repository [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) is not cloned as a sibling, then run the script as follows: -``` +```bash python3.9 scripts/generate_rules/generate_package_files.py --external-help-dir ``` After running this script, the following files will be generated in the `//src/rules//` directory: - - A `.ql` query file with the query metadata pre-populated, and the standard imports included. - - A `.md` query help file with some boilerplate text describing the purpose of the query. + +- A `.ql` query file with the query metadata pre-populated, and the standard imports included. +- A `.md` query help file with some boilerplate text describing the purpose of the query. For the standards AUTOSAR and MISRA the help files will generated in the `//src/rules/` directory of the cloned [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) repository if available, otherwise the help file generation is skipped. In addition, the following files will be generated in the `//test/rules//` directory: - - An empty `test.cpp` or `test.c` file. - - A `.qlref` file, which refers to the generated query file. - - A `.expected` file, which contains some boiler plate text. This ensures that when qltest is run, it will not succeed, but it will allow the "Compare results" option in the CodeQL VS Code extension (which is only usually available with an `.expected` results file). + +- An empty `test.cpp` or `test.c` file. +- A `.qlref` file, which refers to the generated query file. +- A `.expected` file, which contains some boiler plate text. This ensures that when qltest is run, it will not succeed, but it will allow the "Compare results" option in the CodeQL VS Code extension (which is only usually available with an `.expected` results file). The script can be safely re-run, except in a few notable cases listed below. Re-running the script has the following effect: - - Overwrites`.qlref` file. - - Updates the autogenerated sections of the `.md` file. - - Touches the `test.cpp`, `test.c`, and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. - - Updates the `.ql` query by overwriting the query metadata block only. The QL portion of the file is left untouched. + +- Overwrites`.qlref` file. +- Updates the autogenerated sections of the `.md` file. +- Touches the `test.cpp`, `test.c`, and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. +- Updates the `.ql` query by overwriting the query metadata block only. The QL portion of the file is left untouched. The notable exceptions are: - - If a `query` object is deleted from the rule package description file, it will not be deleted on disk. - - If a `query` object has the `short_name` property modified in the rule package description file, query files will be created under the new name, but the query files for the old name will not be deleted. + +- If a `query` object is deleted from the rule package description file, it will not be deleted on disk. +- If a `query` object has the `short_name` property modified in the rule package description file, query files will be created under the new name, but the query files for the old name will not be deleted. ### Updating the query from the rule specification Updates to the rule specification require an update of the generated queries files. -As described in _step 3_ of the section _Generation of query templates from rule specifications_ the script `scripts/generate_rules/generate_package_files.py` can be safely re-run with the documented exceptions. +As described in *step 3* of the section *Generation of query templates from rule specifications* the script `scripts/generate_rules/generate_package_files.py` can be safely re-run with the documented exceptions. Each property of a query in the rule specification can be changed and the generated query files can be updated by rerunning the script `scripts/generate_rules/generate_package_files.py` with exception of the property `query.shortname`. Updating the `query.shortname` property is discussed in the next section. @@ -309,30 +319,31 @@ Each property of a query in the rule specification can be changed and the genera Changing the `query.shortname` property requires a manual update process with the following steps. 1. Determine the query who's `query.shortname` property needs to be updated. -2. Change the `query.shortname` value and generate the query files as described in _step 3_ of the section _Generation of query templates from rule specifications_. +2. Change the `query.shortname` value and generate the query files as described in *step 3* of the section *Generation of query templates from rule specifications*. 3. Migrate the query definition (excluding the query meta-data) from the previous query file to the new query file identified with the updated shortname. 4. Migrate the relevant sections from query help file from the previous query help file to the new help query file identified with the updated shortname. 5. Migrate the test case expected file identified by old `.expected` to the update `.expected` name. -6. Validate that the new test case passes by following the procedure described in the section _Running unit tests_. +6. Validate that the new test case passes by following the procedure described in the section *Running unit tests*. 7. Remove the following files with `git rm ` where `query.shortname` reflects the old shortname in the directory `//src/rules//`: - `.ql` - `.md` ### Query style guide -The following list describes the required style guides for a query that **must** be validated during the code-review process described in section _Code review and automated checks_. +The following list describes the required style guides for a query that **must** be validated during the code-review process described in section *Code review and automated checks*. A query **must** include: - - A use of the `isExcluded` predicate on the element reported as the primary location. This predicate ensures that we have a central mechanism for excluding results. This predicate may also be used on other elements relevant to the alert, but only if a suppression on that element should also cause alerts on the current element to be suppressed. - - A well formatted alert message: - - The message should be a complete standalone sentence, with punctuation and a full stop. - - The message should refer to this particular instance of the problem, rather than repeating the generic rule. e.g. "Call to banned function x." instead of "Do not use function x." - - Code elements should be placed in 'single quotes', unless they are formatted as links. - - Avoid value judgments such as "dubious" and "suspicious", and focus on factual statements about the problem. - - If possible, avoid constant alert messages. Either add placeholders and links (using $@), or concatenate element names to the alert message. Non-constant messages make it easier to find particular results, and links to other program elements can help provide additional context to help a developer understand the results. Examples: - - Instead of `Call to banned function.` prefer `Call to banned function foobar.`. - - Instead of `Return value from call is unused.` prefer `Return value from call to function [x] is unused.`, where `[x]` is a link to the function itself. - - Do not try to explain the solution in the message; instead that should be provided in the help for the query. + +- A use of the `isExcluded` predicate on the element reported as the primary location. This predicate ensures that we have a central mechanism for excluding results. This predicate may also be used on other elements relevant to the alert, but only if a suppression on that element should also cause alerts on the current element to be suppressed. +- A well formatted alert message: + - The message should be a complete standalone sentence, with punctuation and a full stop. + - The message should refer to this particular instance of the problem, rather than repeating the generic rule. e.g. "Call to banned function x." instead of "Do not use function x." + - Code elements should be placed in 'single quotes', unless they are formatted as links. + - Avoid value judgments such as "dubious" and "suspicious", and focus on factual statements about the problem. + - If possible, avoid constant alert messages. Either add placeholders and links (using $@), or concatenate element names to the alert message. Non-constant messages make it easier to find particular results, and links to other program elements can help provide additional context to help a developer understand the results. Examples: + - Instead of `Call to banned function.` prefer `Call to banned function foobar.`. + - Instead of `Return value from call is unused.` prefer `Return value from call to function [x] is unused.`, where `[x]` is a link to the function itself. + - Do not try to explain the solution in the message; instead that should be provided in the help for the query. All public predicates, classes, modules and files should be documented with QLDoc. All QLDoc should follow the [QLDoc style guide](https://github.com/github/codeql/blob/main/docs/qldoc-style-guide.md). @@ -345,21 +356,23 @@ Because the downloaded packs are cached, it is only necessary to run `install-pa ### Unit testing Every query which implements a rule **must** include: -- One or more unit tests. -- One or more unit tests for every non-trivial library. -- For each unit test both "compliant" and "non-compliant" test cases, and should exercise each different logical condition uniquely provided in the query, where possible within the testing framework. The scope of each test should be those conditions specific to this query. In particular, functionality provided by the CodeQL Standard Library for C++ does not need to be tested. + +- One or more unit tests. +- One or more unit tests for every non-trivial library. +- For each unit test both "compliant" and "non-compliant" test cases, and should exercise each different logical condition uniquely provided in the query, where possible within the testing framework. The scope of each test should be those conditions specific to this query. In particular, functionality provided by the CodeQL Standard Library for C++ does not need to be tested. #### Running unit tests During query development in VS Code, the unit tests can be run using the [testing features](https://codeql.github.com/docs/codeql-for-visual-studio-code/testing-codeql-queries-in-visual-studio-code/) in the CodeQL extension. Unit tests can also be run on the command line using the CodeQL CLI. With an appropriate CodeQL CLI (as specified in the `supported_codeql_configs.json` at the root of the repository), you can run the following from the root of the repository: -``` + +```bash codeql test run --show-extractor-output path/to/test/directory ``` -* `--show-extractor-output` - this shows the output from the extractor. It is most useful when the test fails because the file is not valid C++, where the extractor output will include the compilation failure. This is not shown in VS Code. -* `path/to/test/directory` - this can be a qlref file (like `cpp/autosar/test/rules/A15-2-2/`), a rule directory (`cpp/autosar/test/rules/A15-2-2/`) or a test qlpack (`cpp/autosar/test/`). +- `--show-extractor-output` - this shows the output from the extractor. It is most useful when the test fails because the file is not valid C++, where the extractor output will include the compilation failure. This is not shown in VS Code. +- `path/to/test/directory` - this can be a qlref file (like `cpp/autosar/test/rules/A15-2-2/`), a rule directory (`cpp/autosar/test/rules/A15-2-2/`) or a test qlpack (`cpp/autosar/test/`). For more details on running unit tests with the CodeQL CLI see the [Testing custom queries](https://codeql.github.com/docs/codeql-cli/testing-custom-queries/) help topic. @@ -367,27 +380,31 @@ For more details on running unit tests with the CodeQL CLI see the [Testing cust The C++ test cases **must** be formatted with `clang_format`. - - Test functions should be called `test_`, where `` is a brief description of this test case. +- Test functions should be called `test_`, where `` is a brief description of this test case. If possible, use meaningful names for elements in test cases. Where arbitrary names are required, you may use the following: - - Local variables should be named `l`, with i incremented for each new variable. - - Global variables should be named `g`, with i incremented for each new variable. - - Functions should be named `f`, with i incremented for each new variable. - - Member variables should be named `m`, with i incremented for each new variable. +- Local variables should be named `l`, with i incremented for each new variable. +- Global variables should be named `g`, with i incremented for each new variable. +- Functions should be named `f`, with i incremented for each new variable. +- Member variables should be named `m`, with i incremented for each new variable. Test cases **must** be annotated with a line-ending comment in this format: -``` + +```regexp (COMPLIANT(\[FALSE_POSITIVE\])?|NON_COMPLIANT(\[FALSE_NEGATIVE\])?)( - .*)? ``` + Where: - - `COMPLIANT` is added if the line represents a "compliant" test case - - The annotation `[FALSE_POSITIVE]` is added if the query currently reports this result. - - `NON_COMPLIANT` is chosen if the line represents a non-compliant test case - - The annotation `[FALSE_NEGATIVE]` is added if the query currently does not report this result. + +- `COMPLIANT` is added if the line represents a "compliant" test case + - The annotation `[FALSE_POSITIVE]` is added if the query currently reports this result. +- `NON_COMPLIANT` is chosen if the line represents a non-compliant test case + - The annotation `[FALSE_NEGATIVE]` is added if the query currently does not report this result. For example: -``` + +```cpp "\s"; // NON_COMPLIANT[FALSE_NEGATIVE] "\n"; // COMPLIANT "\U00000024"; // COMPLIANT[FALSE_POSITIVE] @@ -396,11 +413,12 @@ For example: #### Copying test code Like the `github/codeql` repository, the contents of our test files should not be copied from external sources (third-party code, personal projects, standard libraries). The only exceptions to this rule are the copying of declarations from: - - [ISO/IEC Programming languages - C](https://www.iso.org/standard/74528.html) (all versions) - - [ISO/IEC Programming languages - C++](https://www.iso.org/standard/68564.html) (all versions) - - Code from existing queries and tests in the `github/codeql` repository. - - Code from existing queries and tests in this repository. - - Code in the public domain + +- [ISO/IEC Programming languages - C](https://www.iso.org/standard/74528.html) (all versions) +- [ISO/IEC Programming languages - C++](https://www.iso.org/standard/68564.html) (all versions) +- Code from existing queries and tests in the `github/codeql` repository. +- Code from existing queries and tests in this repository. +- Code in the public domain This policy is based on the public policy for `github/codeql` as specified at [github/codeql: C++ Unit Tests - Copying code](https://github.com/github/codeql/blob/main/cpp/ql/test/README.md#copying-code). @@ -416,8 +434,8 @@ We have therefore implemented a partial "stub" standard library in the `cpp/comm Each proposed changed to `main` or a release branch is required to go through a code review process. This involves: - - A review and explicit approval by at least one other team member with "Write" access to the repository. - - Running automated checks that validate and verify the change and ensuring they pass. +- A review and explicit approval by at least one other team member with "Write" access to the repository. +- Running automated checks that validate and verify the change and ensuring they pass. This is implemented by requiring that proposed changes are submitted as pull requests to the GitHub repository hosting the queries, and is enforced by enabling GitHub [branch protection](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches) policies on the `main` and the release branches. @@ -427,10 +445,10 @@ An approving review and a "passing" state from every "Required" automated check The following automated checks are run on every push and pull request to `main` and to the release branches: - * Running the CodeQL Coding Standard unit tests against supported CodeQL CLIs and CodeQL Standard Libraries for C++. - * Validating that release artifacts can be created for that branch. - * Validating style rules for queries and test files. - * Confirming that the query help files are valid. +- Running the CodeQL Coding Standard unit tests against supported CodeQL CLIs and CodeQL Standard Libraries for C++. +- Validating that release artifacts can be created for that branch. +- Validating style rules for queries and test files. +- Confirming that the query help files are valid. These automated checks should pass before the pull request is merged. @@ -447,18 +465,22 @@ For proposed changes that modify the released artifacts an entry must be include For proposed changes which only add new queries or support for new rules, this process is fully automated, by reviewing differences in rule package metadata files between releases. For proposed changes which change: - - The structure or layout of the release artifacts. - - The evaluation performance (memory, execution time) of an existing query. - - The results of an existing query. -A _change note_ must be added to the `change_notes` directory. The format of the change notes is to create a file with a name matching the following pattern: -``` +- The structure or layout of the release artifacts. +- The evaluation performance (memory, execution time) of an existing query. +- The results of an existing query. + +A *change note* must be added to the `change_notes` directory. The format of the change notes is to create a file with a name matching the following pattern: + +```bash YYYY-MM-DD-short-name-for-issue.md ``` + For example `2021-06-29-remove-incompatibility-codeql-cli-2.5.6.md`. The contents of the file should be a markdown list (using `-`) with a user facing message specifying the nature of the change. If the changes relate to specific queries, then the top-level entry should specify the rule and query, and should provide a nested list of the changes. For example: -``` + +```md - `A12-8-6` - `CopyAndMoveNotDeclaredProtected.ql`: - Fixed issue #174 - a result is now only reported when the declaring class is either used as a base class in the database, or where the class is abstract. - Fixed a bug where exclusions did not apply to invalid assignment operators. @@ -469,50 +491,53 @@ The contents of the file should be a markdown list (using `-`) with a user facin ### External dependencies There are two external dependencies required for running the coding standards queries: - 1. The CodeQL CLI, the command line tool for building CodeQL databases and running queries over those databases. - 2. The CodeQL Standard Library + +1. The CodeQL CLI, the command line tool for building CodeQL databases and running queries over those databases. +2. The CodeQL Standard Library For the purpose of this repository, and any tool qualification, we consider these external dependencies to be "black boxes" which require verification when upgrading. To (a) clearly specify the supported versions of these external dependencies and to (b) enable automation around them, the repository contains a `supported_codeql_configs.json` which lists the sets of supported configurations. There are four fields: - * `codeql_cli` - this is the plain version number of the supported CodeQL CLI, e.g. `2.6.3`. - * `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. This would typically use the `codeql-cli/v` tag for the release, although any tag which is compatible is allowed. - * `codeql_cli_bundle` - (optional) - if present, describes the CodeQL CLI bundle version that is compatible. The bundle should include precisely the CodeQL CLI version and CodeQL Standard Library versions specified in the two mandatory fields. - * `ghes` - (optional) - if present describes the GitHub Enterprise Server release whose integrated copy of the CodeQL Action points to the CodeQL CLI bundle specified in the `codeql_cli_bundle` field. +- `codeql_cli` - this is the plain version number of the supported CodeQL CLI, e.g. `2.6.3`. +- `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. This would typically use the `codeql-cli/v` tag for the release, although any tag which is compatible is allowed. +- `codeql_cli_bundle` - (optional) - if present, describes the CodeQL CLI bundle version that is compatible. The bundle should include precisely the CodeQL CLI version and CodeQL Standard Library versions specified in the two mandatory fields. +- `ghes` - (optional) - if present describes the GitHub Enterprise Server release whose integrated copy of the CodeQL Action points to the CodeQL CLI bundle specified in the `codeql_cli_bundle` field. #### Upgrading external dependencies To upgrade the CodeQL external dependencies: - 1. Determine appropriate versions of the CodeQL CLI and `github/codeql` repository, according to the release schedule and customer demands. - 2. Determine if there is a compatible CodeQL CLI bundle version by looking at the releases specified at https://github.com/github/codeql-action/releases. The bundle always includes the standard library at the version specified by the `codeql-cli/v` tag in the `github/codeql` repository. - 3. If you find a compatible CodeQL CLI bundle, determine whether that bundle was released in a GitHub Enterprise server release, by inspecting the `defaults.json` file at https://github.com/github/codeql-action/blob/main/lib/defaults.json#L2 for the CodeQL Action submitted with - 4. Populated the `supported_codeql_configs.json` file with the given values, ensuring to delete the optional fields if they are not populated. - 5. Update the `codeql_modules/codeql` submodule pointer to the `codeql_standard_library` tag identified. - 6. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : - ``` - This PR updates the `supported_codeql_configs.json` file to target: - - - CodeQL CLI - - CodeQL Standard Library - - GHES - - CodeQL CLI Bundle - - > - - - ## CodeQL dependency upgrade checklist: - - - [ ] Reformat our CodeQL using the latest version (if required) - - [ ] Identify any CodeQL compiler warnings and errors, and update queries as required. - - [ ] Validate that the `github/codeql` test cases succeed. - - [ ] Address any CodeQL test failures in the `github/codeql-coding-standards` repository. - - [ ] Validate performance vs pre-upgrade - ``` - 7. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. - 8. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. - 9. An internal notification should be shared with the development team. +1. Determine appropriate versions of the CodeQL CLI and `github/codeql` repository, according to the release schedule and customer demands. +2. Determine if there is a compatible CodeQL CLI bundle version by looking at the releases specified at [CodeQL Action releases](https://github.com/github/codeql-action/releases). The bundle always includes the standard library at the version specified by the `codeql-cli/v` tag in the `github/codeql` repository. +3. If you find a compatible CodeQL CLI bundle, determine whether that bundle was released in a GitHub Enterprise server release, by inspecting the `defaults.json` file at https://github.com/github/codeql-action/blob/main/lib/defaults.json#L2 for the CodeQL Action submitted with +4. Populated the `supported_codeql_configs.json` file with the given values, ensuring to delete the optional fields if they are not populated. +5. Update the `codeql_modules/codeql` submodule pointer to the `codeql_standard_library` tag identified. +6. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : + + ```md + This PR updates the `supported_codeql_configs.json` file to target: + + - CodeQL CLI + - CodeQL Standard Library + - GHES + - CodeQL CLI Bundle + + > + + + ## CodeQL dependency upgrade checklist: + + - [ ] Reformat our CodeQL using the latest version (if required) + - [ ] Identify any CodeQL compiler warnings and errors, and update queries as required. + - [ ] Validate that the `github/codeql` test cases succeed. + - [ ] Address any CodeQL test failures in the `github/codeql-coding-standards` repository. + - [ ] Validate performance vs pre-upgrade + ``` + +7. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. +8. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. +9. An internal notification should be shared with the development team. ### Release process @@ -543,7 +568,7 @@ Version numbers follow semantic versioning and adhere to the following guideline Given the version `..`: 1. If the release only fixes bugs, increment the `PATCH` number only. -2. If a release contains additional queries, increment the `MINOR` version number and set the `PATCH` number to 0. Note this may also contain fixes in addition to new queries. +2. If a release contains additional queries, increment the `MINOR` version number and set the `PATCH` number to 0. Note this may also contain fixes in addition to new queries. 3. Otherwise, if the release contains breaking changes such as removing queries, increment the `MAJOR` version number and set `MINOR` and `PATCH` to zero. #### Release management @@ -595,9 +620,9 @@ If a release has been marked public, the release can no longer be restarted or r ## False Positive Triage Rubric -When triaging issues in Coding Standards, please refer to the following rubric for making classifications. +When triaging issues in Coding Standards, please refer to the following rubric for making classifications. -**Impact** +### Impact | Level | Definition | | ------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | @@ -605,7 +630,7 @@ When triaging issues in Coding Standards, please refer to the following rubric f | Impact-Medium | Issue occurs in production code bases with relatively low to moderate frequency. Issue may or may not be considered disruptive to customer. | | Impact-Low | Issue may not occur in production code bases and may require hand crafted examples to surface. If the issue occurs in production code bases it occurs either infrequently or impacts only a few codebases. | -**Difficulty** +### Difficulty | Level | Definition | | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | @@ -626,20 +651,19 @@ Requirements and project planning are maintained separately within an internal r ### Purpose ot the `next` branch -This git repository also has a [`next` branch](https://github.com/github/codeql-coding-standards/tree/next). The purpose of this branch is to track changes that that will become necessary when upgrading the CodeQL external dependencies as described in section _Upgrading external dependencies_. The changes on the `next` branch will undergo only light reviewing. As such, a full review as described in section _Code review and automated checks_ is required when merging these changes into `main`; no releases should be made from the `next` branch. We aim to ensure that the changes on the `next` branch are as complete as possible so that merging into `main` will be straightforward. +This git repository also has a [`next` branch](https://github.com/github/codeql-coding-standards/tree/next). The purpose of this branch is to track changes that that will become necessary when upgrading the CodeQL external dependencies as described in section *Upgrading external dependencies*. The changes on the `next` branch will undergo only light reviewing. As such, a full review as described in section *Code review and automated checks* is required when merging these changes into `main`; no releases should be made from the `next` branch. We aim to ensure that the changes on the `next` branch are as complete as possible so that merging into `main` will be straightforward. ## Task Automation -In the `.vscode` directory this repository comes with a `tasks.json` file which automates some of the tasks described in this document. To access them, in VSCode use `Ctrl+Shift+P` and select `Run Task`. +In the `.vscode` directory this repository comes with a `tasks.json` file which automates some of the tasks described in this document. To access them, in VSCode use `Ctrl+Shift+P` and select `Run Task`. Available Tasks: 1. 🔥 Standards Automation: Initialize: Sets up your Python environment. -2. 📏 Standards Automation: Generate Rule Description File: Generates the rule description file for a package. -3. 📦 Standards Automation: Generate Package Files: Re/generates the files for a package. This command will remember your last arguments so you can just do `Rerun Last Task` in vscode unless you wish to change the arguments. +2. 📏 Standards Automation: Generate Rule Description File: Generates the rule description file for a package. +3. 📦 Standards Automation: Generate Package Files: Re/generates the files for a package. This command will remember your last arguments so you can just do `Rerun Last Task` in vscode unless you wish to change the arguments. 4. 📝 Standards Automation: Format CodeQL: Formats the current file with the codeql formatter. -5. ⚡ Standards Automation: Generated Expected Output: Generates the expected output from the current `.qlref` file in your `tests/` directory. - +5. ⚡ Standards Automation: Generated Expected Output: Generates the expected output from the current `.qlref` file in your `tests/` directory. ## Cookbook @@ -714,7 +738,7 @@ codeql test accept \ ### Troubleshooting: Unrecoverable mismatch between extractor and library dbschemes -The following error could be indicative of the Git submodule _codeql-coding-standards/github_modules_ being out-of-date: +The following error could be indicative of the Git submodule *codeql-coding-standards/github_modules* being out-of-date: >Could not upgrade the dataset in /path/to/codeql-coding-standards/cpp/autosar/test/rules/...: Unrecoverable mismatch between extractor and library dbschemes. From 354af3b5751125fb09be7bc4f05e142804176ef1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 15:19:28 -0700 Subject: [PATCH 156/183] Update the query generate to the new format --- scripts/generate_rules/generate_package_files.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index 98bc1b5595..cebd9aadab 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -182,8 +182,7 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ + "\n" ) f.write("\n"); - f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery {\n") - f.write("}\n") + f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From 14291c80aa09d86857974d8cf1550086ed67f295 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 16 Oct 2023 09:58:42 -0700 Subject: [PATCH 157/183] Update formatting of generated shared tests --- scripts/generate_rules/generate_package_files.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index cebd9aadab..98bc1b5595 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -182,7 +182,8 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ + "\n" ) f.write("\n"); - f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }") + f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery {\n") + f.write("}\n") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From e1935fabd7ae9f58863ae7280b97e089043d53bf Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 16 Oct 2023 14:09:55 -0700 Subject: [PATCH 158/183] Print CodeQL version for debugging purposes --- .github/workflows/validate-query-formatting.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index b1007c47ac..e4c6871ad5 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -36,6 +36,7 @@ jobs: env: LANGUAGE: ${{ matrix.language }} run: | + codeql version find $LANGUAGE \( -name \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff From 627ed6e7f1c911735b7f4ea3cb62e087b131d038 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 14:33:25 -0800 Subject: [PATCH 159/183] Reuse bump version script --- .github/workflows/prepare-release.yml | 6 +----- scripts/bump_version.sh | 0 2 files changed, 1 insertion(+), 5 deletions(-) mode change 100644 => 100755 scripts/bump_version.sh diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 80bb00a378..7de658c7d8 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -123,11 +123,7 @@ jobs: git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_$RELEASE_VERSION.csv\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_$RELEASE_VERSION.md\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" + scripts/bump_version.sh "$RELEASE_VERSION" git add -u . git commit -m "Update version" diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh old mode 100644 new mode 100755 From ffcaf315662c87ea26c69382c37062df3dc30075 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 14:37:34 -0800 Subject: [PATCH 160/183] Ensure we can dealt with all filenames --- scripts/bump_version.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index bc3e7495e3..cdeb16d4a9 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -14,10 +14,10 @@ find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | x # update the documentation. -find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_${1}.md\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`${1}\` of/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_${1}.md\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`${1}\` of/" echo "Done." \ No newline at end of file From 00a4a3beda12c38faa2283cf86d5bc83f2986985 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 15:50:01 -0800 Subject: [PATCH 161/183] Add extra validation for hotfix releases --- .github/workflows/prepare-release.yml | 30 +++++++++------- scripts/release/validate-version.py | 49 +++++++++++++++++++++------ 2 files changed, 56 insertions(+), 23 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 7de658c7d8..10679db6a8 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,6 +11,11 @@ on: description: | The git commit, branch, or tag to release from. required: true + hotfix: + description: | + Whether this is a hotfix release. + required: false + default: false permissions: contents: write @@ -20,6 +25,7 @@ permissions: env: RELEASE_VERSION: ${{ inputs.version }} + HOTFIX_RELEASE: ${{ inputs.hotfix }} jobs: prepare-release: @@ -34,6 +40,18 @@ jobs: with: ref: ${{ inputs.ref }} + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install release script dependencies + run: pip install -r scripts/release/requirements.txt + + - name: Validate version + run: | + python scripts/release/validate-version.py "$RELEASE_VERSION" + - name: Validate release precondition env: RELEASE_VERSION: ${{ inputs.version }} @@ -84,18 +102,6 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Install Python - uses: actions/setup-python@v4 - with: - python-version: "3.9" - - - name: Install release script dependencies - run: pip install -r scripts/release/requirements.txt - - - name: Validate version - run: | - python scripts/release/validate-version.py "$RELEASE_VERSION" - - name: Create release branch run: | git switch -c rc/$RELEASE_VERSION diff --git a/scripts/release/validate-version.py b/scripts/release/validate-version.py index d0bf15fa64..3e8168d5b1 100644 --- a/scripts/release/validate-version.py +++ b/scripts/release/validate-version.py @@ -1,20 +1,47 @@ import semantic_version # type: ignore -from typing import Literal +from typing import Literal, TYPE_CHECKING +from subprocess import run -def main(args : list[str]) -> Literal[1, 0]: - if len(args) != 2: - print("Error: incorrect number of arguments", file=sys.stderr) - print(f"Usage: {args[0]} ", file=sys.stderr) - return 1 +if TYPE_CHECKING: + from argparse import Namespace + +def get_release_version_of_ref() -> semantic_version.Version: + cp = run(["git", "rev-parse", "--abbrev-ref", "HEAD"], capture_output=True, text=True) + if cp.returncode != 0: + raise RuntimeError("Failed to get current branch name") + branch_name = cp.stdout.strip() + ns, version_str = branch_name.split("/") + if ns != "rc": + raise RuntimeError("Not on a release branch!") + + try: + return semantic_version.Version(version_str) # type: ignore + except ValueError as e: + raise RuntimeError(f"Invalid version string: {e}") +def main(args :'Namespace') -> Literal[1, 0]: try: - semantic_version.Version.parse(args[1]) # type: ignore + release_version = semantic_version.Version(args.version) # type: ignore + if args.hotfix: + branch_release_version = get_release_version_of_ref() + expected_version = branch_release_version.next_patch() + if release_version != expected_version: + print(f"Error: Hotfix version `{release_version}` does not iterate on {branch_release_version}. Expected `{expected_version}`. ", file=stderr) + return 1 return 0 except ValueError as e: - print(f"Error: invalid version: {e}", file=sys.stderr) + print(f"Error: invalid version: {e}", file=stderr) + return 1 + except RuntimeError as e: + print(f"Error: {e}", file=stderr) return 1 - if __name__ == '__main__': - import sys - sys.exit(main(sys.argv)) \ No newline at end of file + from sys import stderr, exit + import argparse + + parser = argparse.ArgumentParser(description="Validate a version string") + parser.add_argument("version", help="The version string to validate") + parser.add_argument('--hotfix', action='store_true', help="Whether the release is to hotfix an existing release.") + + exit(main(parser.parse_args())) \ No newline at end of file From d1374aeea74e9a3ea80b8b75a7372295ac5e91a8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 15:50:24 -0800 Subject: [PATCH 162/183] Split up validation into multiple steps --- .github/workflows/prepare-release.yml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 10679db6a8..f5949d73c0 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -50,11 +50,14 @@ jobs: - name: Validate version run: | - python scripts/release/validate-version.py "$RELEASE_VERSION" + if [[ "$HOTFIX_RELEASE" == "true" ]]; then + python scripts/release/validate-version.py --hotfix "$RELEASE_VERSION" + else + python scripts/release/validate-version.py "$RELEASE_VERSION" + fi - - name: Validate release precondition + - name: Check if release exists env: - RELEASE_VERSION: ${{ inputs.version }} GITHUB_TOKEN: ${{ github.token }} run: | read -r release type < <(gh release list | awk -v release="v$RELEASE_VERSION" '$1 ~ release { print $1,$2; ++n } END { if (n == 0) print "undefined", "undefined" }') @@ -71,27 +74,31 @@ jobs: fi fi + - name: Check if release PR exists + env: + GITHUB_TOKEN: ${{ github.token }} + run: | release_pr=$(gh pr view rc/$RELEASE_VERSION --json title,state,number) - if [[ ! -z "$release_pr" ]]; then - pr_title=$(echo "$release_pr" | jq -r '.title') pr_state=$(echo "$release_pr" | jq -r '.state') pr_number=$(echo "$release_pr" | jq -r '.number') - echo "Found PR '$pr_title' with state '$pr_state'" - if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" != "CLOSED" ]]; then echo "Release PR is not closed, deleting it to proceed" gh pr close --delete-branch $pr_number fi fi + - name: Delete existing release branch + run: | if [[ ! -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then echo "Deleting existing release branch" git push origin --delete rc/$RELEASE_VERSION fi + - name: Delete existing feature branch + run: | if [[ ! -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then echo "Deleting existing feature branch" git push origin --delete feature/update-user-manual-for-$RELEASE_VERSION From 0760b21c46084d342e707093b28fe372b901e323 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 15:54:10 -0800 Subject: [PATCH 163/183] Simplify release validation using `gh release view` --- .github/workflows/prepare-release.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f5949d73c0..7231dcbcdb 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -60,16 +60,17 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - read -r release type < <(gh release list | awk -v release="v$RELEASE_VERSION" '$1 ~ release { print $1,$2; ++n } END { if (n == 0) print "undefined", "undefined" }') - if [[ "$release" == "undefined" ]]; then + release=$(gh release view v$RELEASE_VERSION --json name,isDraft) + if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" echo "create_draft_release=true" >> "$GITHUB_ENV" else - if [[ "$type" != "Draft" ]]; then - echo "Release '$release' already exists and is not a draft, but has release state '$type'. Cannot proceed" + isDraft=$(echo "$release" | jq -r '.isDraft') + if [[ "$isDraft" != "true" ]]; then + echo "Release 'v$RELEASE_VERSION' already exists and is not a draft. Cannot proceed" exit 1 else - echo "Release '$release' already exists and is a draft. Proceeding" + echo "Release 'v$RELEASE_VERSION' already exists and is a draft. Proceeding" echo "create_draft_release=false" >> "$GITHUB_ENV" fi fi From e67b6d810af1d89fa99103b336fe13e218648ffa Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 16:03:14 -0800 Subject: [PATCH 164/183] Reword input description --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 8fd73707f0..2cdfc6c95e 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -9,7 +9,7 @@ on: inputs: ref: description: | - The branch for which the finalize the release. + The release branch to finalize. required: true jobs: From 5b5082584ce112e067d3eecedcf7d11a257e3bd4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 16:58:08 -0800 Subject: [PATCH 165/183] Add PR to bump version after finalizing release --- .github/workflows/finalize-release.yml | 27 ++++++++++++- scripts/release/is-hotfix-release.py | 56 ++++++++++++++++++++++++++ 2 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 scripts/release/is-hotfix-release.py diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 2cdfc6c95e..5a70b979e3 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,4 +56,29 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "v$version" --draft=false --tag=v$version \ No newline at end of file + gh release edit "v$version" --draft=false --tag=v$version + + - name: Determine if release was a hotfix release + run: | + version=${BASE_REF#rc/} + echo "HOTFIX_RELEASE=$(python scripts/release/is-hotfix.py $version)" >> "$GITHUB_ENV" + + - name: Bump main version + if: env.HOTFIX_RELEASE == 'false' + run: | + version=${BASE_REF#rc/} + next_version="$version-dev" + echo "Bumping main version to $next_version" + + git switch main + git pull --ff-only origin main + + git switch -c release-automation/bump-version + + python scripts/bump_version.sh "$next_version" + + git add -u . + git commit -m "Bump version to $next_version" + git push --set-upstream origin release-automation/bump-version + + gh pr create --repo $GITHUB_REPOSITORY --base main --head release-automation/bump-version --body "Bump the version of main to the dev label of the just released version $next_version" --title "Bump version to $next_version" diff --git a/scripts/release/is-hotfix-release.py b/scripts/release/is-hotfix-release.py new file mode 100644 index 0000000000..a496b63c27 --- /dev/null +++ b/scripts/release/is-hotfix-release.py @@ -0,0 +1,56 @@ +from semantic_version import Version # type: ignore +from subprocess import run +from typing import List, Literal, TYPE_CHECKING +from sys import stderr + +if TYPE_CHECKING: + from argparse import Namespace + +def get_merge_base_of_ref() -> str: + cp = run(["git", "merge-base", "HEAD", "origin/main"], capture_output=True, text=True) + if cp.returncode != 0: + raise RuntimeError("Failed to get merge base") + return cp.stdout.strip() + +def get_release_branches_containing(commit: str) -> List[Version]: + cp = run(["git", "branch", "--list", "rc/*", "--contains", commit], capture_output=True, text=True) + if cp.returncode != 0: + raise RuntimeError("Failed to get branches containing commit") + release_versions: List[Version] = [] + for version in [b.strip() for b in cp.stdout.splitlines()]: + try: + if version.startswith("rc/"): + version = version[3:] + release_versions.append(Version(version)) + except ValueError: + print(f"Warning: Skipping invalid version string: {version}", file=stderr) + + return release_versions + +def main(args: 'Namespace') -> Literal[0,1]: + try: + merge_base = get_merge_base_of_ref() + release_versions = get_release_branches_containing(merge_base) + if len(release_versions) == 0: + print(f"Info: No release branches found containing merge base {merge_base}", file=stderr) + print("false") + return 0 + + for version in release_versions: + if version.next_patch() == Version(args.version): + print("true") + return 0 + + print("false") + return 0 + except RuntimeError as e: + print(f"Error: {e}", file=stderr) + return 1 + +if __name__ == '__main__': + from sys import stderr, exit + import argparse + + parser = argparse.ArgumentParser(description="Check if a version is a hotfix release") + parser.add_argument("version", help="The version string to compare against the base branches") + exit(main(parser.parse_args())) \ No newline at end of file From ada60e1f289bdc3b7c1e25108fe8a73747a2ddb5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 17:03:03 -0800 Subject: [PATCH 166/183] Move bump version script to release directory --- .github/workflows/bump-version.yml | 4 +++- .github/workflows/finalize-release.yml | 2 +- .github/workflows/prepare-release.yml | 2 +- scripts/{bump_version.sh => release/bump-version.sh} | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) rename scripts/{bump_version.sh => release/bump-version.sh} (95%) diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index 51de9d8b40..712dbfe283 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -18,8 +18,10 @@ jobs: - name: Apply Bump shell: bash + env: + NEW_VERSION: ${{ inputs.new_version }} run: | - bash ./scripts/bump_version.sh ${{ github.event.inputs.new_version }} + bash ./scripts/release/bump-version.sh "$NEW_VERSION" - name: Create Pull Request uses: peter-evans/create-pull-request@v4 diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 5a70b979e3..d8a8c8b5bb 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -75,7 +75,7 @@ jobs: git switch -c release-automation/bump-version - python scripts/bump_version.sh "$next_version" + python scripts/release/bump-version.sh "$next_version" git add -u . git commit -m "Bump version to $next_version" diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 7231dcbcdb..e2b69149fc 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -137,7 +137,7 @@ jobs: git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - scripts/bump_version.sh "$RELEASE_VERSION" + scripts/release/bump-version.sh "$RELEASE_VERSION" git add -u . git commit -m "Update version" diff --git a/scripts/bump_version.sh b/scripts/release/bump-version.sh similarity index 95% rename from scripts/bump_version.sh rename to scripts/release/bump-version.sh index cdeb16d4a9..fd5ab5ea0d 100755 --- a/scripts/bump_version.sh +++ b/scripts/release/bump-version.sh @@ -3,7 +3,7 @@ if [[ -z $1 ]]; then - echo "Usage: bump_version.sh " + echo "Usage: bump-version.sh " exit fi From d074ffcf1397f7e6e43db34f230ce227d0ad8789 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 17:03:36 -0800 Subject: [PATCH 167/183] Address incorrect invocation of bump version script --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index d8a8c8b5bb..f79e7aeaed 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -75,7 +75,7 @@ jobs: git switch -c release-automation/bump-version - python scripts/release/bump-version.sh "$next_version" + ./scripts/release/bump-version.sh "$next_version" git add -u . git commit -m "Bump version to $next_version" From b5abcfd5596cfc9f4e9b403fe7820645d25aa73e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 17:04:09 -0800 Subject: [PATCH 168/183] Make GitHub token available to create PR --- .github/workflows/finalize-release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index f79e7aeaed..fbadfdb836 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -65,6 +65,8 @@ jobs: - name: Bump main version if: env.HOTFIX_RELEASE == 'false' + env: + GH_TOKEN: ${{ github.token }} run: | version=${BASE_REF#rc/} next_version="$version-dev" From 6563d95e058ea96090565c92e27363284edde977 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 14 Nov 2023 09:46:05 -0800 Subject: [PATCH 169/183] Clarify release steps for hotfix release --- docs/development_handbook.md | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 3a9471df59..2168e1fc56 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -37,6 +37,7 @@ | 0.28.0 | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product. | | 0.29.0 | 2023-10-11 | Remco Vermeulen | Update release process. | | 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | +| 0.30.0 | 2023-11-14 | Remco Vermeulen | Clarify release steps in case of a hotfix release. | ## Scope of work @@ -606,16 +607,22 @@ Among the assets are: #### Creating a release +**NOTE**: If this is a hotfix release, make sure to invoke `prepare-release.yml` with `hotfix` set to `true`. + To create a new release: 1. Determine the appropriate release version. Version numbers are generated according to the guidelines in the section "Version Numbering." 2. Determine the appropriate [Git reference](https://git-scm.com/book/en/v2/Git-Internals-Git-References) to base the new release on. For new major or minor releases, this will be `main`. For patch releases this will be the release branch that is patched. - 3. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) workflow, specifying the release version for the input `version` and the Git reference for the input `ref`. - 4. Merge the PR that is created for the release, named `Release v..` where ``, ``, and `` match with the input `version` of the workflow [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) triggered in the previous step. + 3. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) workflow, specifying the release version for the input `version` and the Git reference for the input `ref`, and `hotfix` with the value `true` **if** it is a hotfix release. + 4. Validate the compiler and performance results linked from their respective check runs in the PR's checks overview. + 1. Validate the performance results by ensuring the release performance doesn't regresses from the previous release by more than a factor of 2 without a good reason. + 2. Validate the compiler results by ensuring there is an acceptable number of compatibility issues. + 5. Merge the PR that is created for the release, named `Release v..` where ``, ``, and `` match with the input `version` of the workflow [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) triggered in the previous step. + 6. Merge the PRs for the performance and compiler validation results on the release engineering repository. The release automation consists of many test and validation steps that can fail. These can be addressed and the release can be restarted from step 3. -A restart of a release **WILL RECREATE THE EXISTING RELEASE BRANCH AND RELEASE PR**. Any additional changes added to the PR **MUST** be reapplied. +A restart of a release (i.e., calling `prepare-release.yml`) **WILL RECREATE THE EXISTING RELEASE BRANCH AND RELEASE PR**. Any additional changes added to the PR **MUST** be reapplied. If a release has been marked public, the release can no longer be restarted or re-released without removing the release manually. ## False Positive Triage Rubric From e5d4dcd3f5bb72ee92eb2f7208615416adc03416 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 16 Nov 2023 09:56:42 -0800 Subject: [PATCH 170/183] Replace PAT with GitHub App generated token in release workflows --- .github/workflows/update-release-status.yml | 16 ++++++++++++++-- .github/workflows/update-release.yml | 16 +++++++++++++++- .github/workflows/validate-release.yml | 19 +++++++++++++++---- 3 files changed, 44 insertions(+), 7 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index c7d62e80a6..707b8d9e0e 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -134,11 +134,23 @@ jobs: echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + update-release: - needs: validate-check-runs + needs: [validate-check-runs, generate-token] if: needs.validate-check-runs.outputs.status == 'completed' uses: ./.github/workflows/update-release.yml with: head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} secrets: - RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file + RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} \ No newline at end of file diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 9868b2f397..3cb0900ca4 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -23,8 +23,22 @@ env: HEAD_SHA: ${{ inputs.head-sha }} jobs: + + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + update-release: name: "Update release" + needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -43,7 +57,7 @@ jobs: - name: Update release assets env: GITHUB_TOKEN: ${{ github.token }} - RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} run: | python scripts/release/update-release-assets.py \ --head-sha $HEAD_SHA \ diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b134f1eb13..7b6435dfa9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -14,6 +14,17 @@ env: HEAD_SHA: ${{ github.event.pull_request.head.sha }} jobs: + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} pre-validate-performance: outputs: @@ -36,13 +47,13 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-performance: - needs: pre-validate-performance + needs: [pre-validate-performance, generate-token] runs-on: ubuntu-22.04 steps: - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GH_TOKEN: ${{ generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ @@ -97,13 +108,13 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-compiler-compatibility: - needs: pre-validate-compiler-compatibility + needs: [pre-validate-compiler-compatibility, generate-token] runs-on: ubuntu-22.04 steps: - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GITHUB_TOKEN: ${{ generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ From 171a83778234e2d96195d50755e7cc6db19d6ca3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 16 Nov 2023 09:58:27 -0800 Subject: [PATCH 171/183] Format workflows --- .github/workflows/update-release-status.yml | 24 ++++++++-------- .github/workflows/update-release.yml | 21 +++++++------- .github/workflows/validate-release.yml | 31 +++++++++++---------- 3 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 707b8d9e0e..0f0587a355 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -135,22 +135,22 @@ jobs: echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} update-release: needs: [validate-check-runs, generate-token] if: needs.validate-check-runs.outputs.status == 'completed' uses: ./.github/workflows/update-release.yml with: - head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} + head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} secrets: - RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} \ No newline at end of file + RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 3cb0900ca4..f3541e0571 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -23,18 +23,17 @@ env: HEAD_SHA: ${{ inputs.head-sha }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} update-release: name: "Update release" diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7b6435dfa9..4a11c2790e 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -15,16 +15,16 @@ env: jobs: generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} pre-validate-performance: outputs: @@ -72,8 +72,8 @@ jobs: steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GITHUB_TOKEN: ${{ github.token }} + CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "completed" \ @@ -127,14 +127,15 @@ jobs: --ref rvermeulen/release-process on-failure-validate-compiler-compatibility-dispatch: - needs: [pre-validate-compiler-compatibility, validate-compiler-compatibility] + needs: + [pre-validate-compiler-compatibility, validate-compiler-compatibility] if: failure() runs-on: ubuntu-22.04 steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ github.token }} + CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "completed" \ From 59032d27a1b1b4c627bba12aff4fc536900ff539 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 16 Nov 2023 13:30:03 -0800 Subject: [PATCH 172/183] Address failing step if release is new --- .github/workflows/prepare-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index e2b69149fc..50573cbaaf 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -60,6 +60,9 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | + # Don't fail the step if gh fails to find the release + set +e + release=$(gh release view v$RELEASE_VERSION --json name,isDraft) if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" From 84facd2e5169a667a64692a559083490efc49abe Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 12:48:50 -0800 Subject: [PATCH 173/183] Switch input type hotfix to boolean --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index e2b69149fc..a47a127fec 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -16,6 +16,7 @@ on: Whether this is a hotfix release. required: false default: false + type: boolean permissions: contents: write From f3881b23ee63b07eefdb107860f03706490562a3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 14:06:02 -0800 Subject: [PATCH 174/183] Use a subshell to wrap the gh command --- .github/workflows/prepare-release.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index d256e3e4b5..16826366da 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -61,10 +61,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - # Don't fail the step if gh fails to find the release - set +e - - release=$(gh release view v$RELEASE_VERSION --json name,isDraft) + release=$( { gh release view v$RELEASE_VERSION --json name,isDraft; } || echo "" ) if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" echo "create_draft_release=true" >> "$GITHUB_ENV" From 579e42578e2fa28a9e54f424ea6db8ba6fd9cb66 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 14:18:04 -0800 Subject: [PATCH 175/183] Prevent globbing and word splitting --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 16826366da..cca4edb838 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -61,7 +61,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - release=$( { gh release view v$RELEASE_VERSION --json name,isDraft; } || echo "" ) + release=$( { gh release view "v$RELEASE_VERSION" --json name,isDraft; } || echo "" ) if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" echo "create_draft_release=true" >> "$GITHUB_ENV" From ff877964b36c7b12b4af79dbcdfc71520aa90a4d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 15:39:21 -0800 Subject: [PATCH 176/183] Use a subshell to wrap the gh command --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index cca4edb838..7ead5aabc1 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -80,7 +80,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - release_pr=$(gh pr view rc/$RELEASE_VERSION --json title,state,number) + release_pr=$( { gh pr view rc/$RELEASE_VERSION --json title,state,number; } || echo "") if [[ ! -z "$release_pr" ]]; then pr_title=$(echo "$release_pr" | jq -r '.title') pr_state=$(echo "$release_pr" | jq -r '.state') From 901a97e69666d0221fd4ae709ada778a9ffe0b30 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 15:39:40 -0800 Subject: [PATCH 177/183] Prevent globbing and word splitting --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 7ead5aabc1..ac223c6051 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -80,7 +80,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - release_pr=$( { gh pr view rc/$RELEASE_VERSION --json title,state,number; } || echo "") + release_pr=$( { gh pr view "rc/$RELEASE_VERSION" --json title,state,number; } || echo "") if [[ ! -z "$release_pr" ]]; then pr_title=$(echo "$release_pr" | jq -r '.title') pr_state=$(echo "$release_pr" | jq -r '.state') From 72a99074977b60d281b730c802b705f26b365b23 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 15:41:11 -0800 Subject: [PATCH 178/183] Reduce the description that is part of the UI --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index ac223c6051..4b29141e7c 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -13,7 +13,7 @@ on: required: true hotfix: description: | - Whether this is a hotfix release. + Hotfix release. required: false default: false type: boolean From 6c1674cc5a0784faea5362a39df45ede767819a8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 10:02:56 -0800 Subject: [PATCH 179/183] Address missing GitHub App token --- .github/workflows/prepare-release.yml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 4b29141e7c..f8ef4ed042 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -29,11 +29,24 @@ env: HOTFIX_RELEASE: ${{ inputs.hotfix }} jobs: + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + prepare-release: outputs: pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' + needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -146,7 +159,7 @@ jobs: - name: Create release PR env: - GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} + GITHUB_TOKEN: ${{ needs.generate-token.outputs.token }} run: | gh pr create \ -R $GITHUB_REPOSITORY \ From 72ca9ebf39694e18c56099f1b45255aadc9784c3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:00:35 -0800 Subject: [PATCH 180/183] Generate tokens in a step The initial job setup doesn't work to communicate a token so this change: - Integrate the token generation as a step in a job. - Scopes the token to the repository it is used against. --- .github/workflows/prepare-release.yml | 27 +++++++--------- .github/workflows/update-release-status.yml | 16 ++------- .github/workflows/update-release.yml | 26 +++++++-------- .github/workflows/validate-release.yml | 36 ++++++++++++--------- 4 files changed, 44 insertions(+), 61 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f8ef4ed042..fee9201265 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -29,24 +29,10 @@ env: HOTFIX_RELEASE: ${{ inputs.hotfix }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - prepare-release: outputs: pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" - if: github.event_name == 'workflow_dispatch' - needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -157,9 +143,18 @@ jobs: git commit -m "Update version" git push + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards" + - name: Create release PR env: - GITHUB_TOKEN: ${{ needs.generate-token.outputs.token }} + GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} run: | gh pr create \ -R $GITHUB_REPOSITORY \ @@ -167,4 +162,4 @@ jobs: --body "This PR releases codeql-coding-standards version $RELEASE_VERSION." \ --base rc/$RELEASE_VERSION \ --head feature/update-user-manual-for-$RELEASE_VERSION \ - --draft \ No newline at end of file + --draft diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 0f0587a355..15e212f369 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -134,23 +134,11 @@ jobs: echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - update-release: - needs: [validate-check-runs, generate-token] + needs: validate-check-runs if: needs.validate-check-runs.outputs.status == 'completed' uses: ./.github/workflows/update-release.yml with: head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} secrets: - RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} + AUTOMATION_PRIVATE_KEY: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index f3541e0571..bb2a712c20 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -15,7 +15,7 @@ on: The head SHA of the release PR to use for finalizing the release. required: true secrets: - RELEASE_ENGINEERING_TOKEN: + AUTOMATION_PRIVATE_KEY: description: | The token to use for accessing the release engineering repository. required: true @@ -23,21 +23,8 @@ env: HEAD_SHA: ${{ inputs.head-sha }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - update-release: name: "Update release" - needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -53,10 +40,19 @@ jobs: - name: Install dependencies run: pip install -r scripts/release/requirements.txt + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards-release-engineering" + - name: Update release assets env: GITHUB_TOKEN: ${{ github.token }} - RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} + RELEASE_ENGINEERING_TOKEN: ${{ steps.generate-token.outputs.token }} run: | python scripts/release/update-release-assets.py \ --head-sha $HEAD_SHA \ diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 4a11c2790e..f04e30207b 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -14,18 +14,6 @@ env: HEAD_SHA: ${{ github.event.pull_request.head.sha }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} @@ -47,13 +35,21 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-performance: - needs: [pre-validate-performance, generate-token] + needs: pre-validate-performance runs-on: ubuntu-22.04 steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards-release-engineering" - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ generate-token.outputs.token }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ @@ -108,13 +104,21 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-compiler-compatibility: - needs: [pre-validate-compiler-compatibility, generate-token] + needs: pre-validate-compiler-compatibility runs-on: ubuntu-22.04 steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards-release-engineering" - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ generate-token.outputs.token }} + GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ From e97cd143c9c514cc244ba38baeb103b9c01fc219 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:02:45 -0800 Subject: [PATCH 181/183] Remove remnant output parameter --- .github/workflows/prepare-release.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index fee9201265..e21eddb119 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -30,8 +30,6 @@ env: jobs: prepare-release: - outputs: - pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" runs-on: ubuntu-22.04 steps: From 4771d4a9fcf4543a4ef75114e4f27b7455f74d0c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:05:54 -0800 Subject: [PATCH 182/183] Add clarifying comment for using different token --- .github/workflows/prepare-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index e21eddb119..6b1f28b4dd 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -152,6 +152,9 @@ jobs: - name: Create release PR env: + # Use the token from the `generate-token` step because we can't use the default workflow token + # to create a PR and generate PR events to trigger the next workflow because of recursive workflow + # trigger protection. GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} run: | gh pr create \ From 528720831a537197c0109c77675674eaa3d58b79 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:09:37 -0800 Subject: [PATCH 183/183] Correct the secret input description --- .github/workflows/update-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index bb2a712c20..1a5f3fcfc4 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -17,7 +17,7 @@ on: secrets: AUTOMATION_PRIVATE_KEY: description: | - The token to use for accessing the release engineering repository. + The private key to use to generate a token for accessing the release engineering repository. required: true env: HEAD_SHA: ${{ inputs.head-sha }}