Skip to content

v2.19.0

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 31 May 02:11
v2.19.0
ce58a53
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Release summary

  • No new queries were added for this release
  • The following changes have been made for this release:
    • A16-0-1 - reduce unneeded results related to #pragma, as it's already reported by A16-7-1.
    • DCL51-CPP - reduce false positives related to use of __func__
    • A2-10-1 - reduce false positives for identifiers in same scope and relating to template variables
    • RULE-5-3- reduce false positives for identifiers in same scope
    • A5-1-1 - reduce false positives by omitting literals written into file streams and wrappers around log and stream calls
    • A14-7-2 - alert messages have been slightly adjusted to refer only to the base name of a file, not the full relative path.
    • DCL56-CPP - performance has been improved for databases with complex initializers.
    • Exclude the use of __func__ from certain queries, as it is the proscribed way to return the name of the current function:
      • A27-0-4 - Use of the value returned by __func__ is no longer flagged as a use of C-style strings.
      • A18-1-1 - __func__ is no longer flagged as a declaration of a variable using C-style arrays.
    • DCL51-CPP - cpp/cert/use-of-single-underscore-reserved-prefix - remove false positives which were compiler generated, such as the function _FUN generated by the compiler for lambdas converted to function pointers.
      Fix issues emerged running the test suite when compiled with qcc:
  • Fix False Negatives issues
    • A1-1-1: restrict alerts to mentioned types
    • A5-2-5: get type for value_type
    • A18-1-2 A18-1-3 A18-9-1: support std inline namespaces (std::__1)
    • A23-0-1 A23-0-2: functions in std might be defined in inline namespaces
    • M0-1-4: removed test case
    • M6-5-2: equality operator alternative implementations
    • M17-0-5: longjmp might be a macro
    • CTR51-CPP CTR53-CPP ERR50-CPP ERR52-CPP STR52-CPP: fixed by library changes
    • MSC51-CPP: time can be in the global scope
    • STR51-CPP: String constructor might have 1 parameter.
  • Fix False Positives issues
    • STR53-CPP: compute initial container size for copy constructor
    • A0-4-1: numeric limits might be defined in __libcpp_numeric_limits
    • A0-4-3: the rule now only checks the last -std compilation flag
  • Fix exclusion criteria using the isExcluded() predicate
    • A2-13-3 A8-4-4

Supported versions

  • The LGTM pack is not supported on any released version of LGTM without support from GitHub Professional Services.
  • The Code Scanning pack is supported when:
    • Using the CodeQL CLI version 2.10.5 in conjunction with a copy of the CodeQL standard library for C++ (github/codeql) set to the tag codeql-cli/v2.10.5.
    • Using the CodeQL Action or CodeQL runner with the codeql-bundle-20220908.
Assets 7
Loading