github
diff --git a/‎.github/workflows/csv-coverage-pr-artifacts.yml
Lines changed: 2 additions & 0 deletions b/‎.github/workflows/csv-coverage-pr-artifacts.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎.gitignore
Lines changed: 3 additions & 0 deletions b/‎.gitignore
Lines changed: 3 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎config/identical-files.json
Lines changed: 9 additions & 0 deletions b/‎config/identical-files.json
Lines changed: 9 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-06-10-cleartext-transmission.md
Lines changed: 2 additions & 0 deletions b/‎cpp/change-notes/2021-06-10-cleartext-transmission.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-09-27-command-line-injection.md
Lines changed: 2 additions & 0 deletions b/‎cpp/change-notes/2021-09-27-command-line-injection.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-09-27-overflow-static.md
Lines changed: 3 additions & 0 deletions b/‎cpp/change-notes/2021-09-27-overflow-static.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-10-01-improper-null-termination.md
Lines changed: 2 additions & 0 deletions b/‎cpp/change-notes/2021-10-01-improper-null-termination.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-10-07-extraction-errors.md
Lines changed: 3 additions & 0 deletions b/‎cpp/change-notes/2021-10-07-extraction-errors.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎cpp/ql/lib/semmle/code/cpp/Declaration.qll
Lines changed: 2 additions & 3 deletions b/‎cpp/ql/lib/semmle/code/cpp/Declaration.qll
Lines changed: 2 additions & 3 deletions
@@ -6,6 +6,8 @@ on:
       - '.github/workflows/csv-coverage-pr-comment.yml'
       - '*/ql/src/**/*.ql'
       - '*/ql/src/**/*.qll'
+      - '*/ql/lib/**/*.ql'
+      - '*/ql/lib/**/*.qll'
       - 'misc/scripts/library-coverage/*.py'
       # input data files
       - '*/documentation/library-coverage/cwe-sink.csv'
 
@@ -24,3 +24,6 @@
 /codeql/
 
 csharp/extractor/Semmle.Extraction.CSharp.Driver/Properties/launchSettings.json
+
+# Avoid committing cached package components
+.codeql
@@ -4,8 +4,8 @@ This open source repository contains the standard CodeQL libraries and queries t
 
 ## How do I learn CodeQL and run queries?
 
-There is [extensive documentation](https://help.semmle.com/QL/learn-ql/) on getting started with writing CodeQL.
-You can use the [interactive query console](https://lgtm.com/help/lgtm/using-query-console) on LGTM.com or the [CodeQL for Visual Studio Code](https://help.semmle.com/codeql/codeql-for-vscode.html) extension to try out your queries on any open source project that's currently being analyzed.
+There is [extensive documentation](https://codeql.github.com/docs/) on getting started with writing CodeQL.
+You can use the [interactive query console](https://lgtm.com/help/lgtm/using-query-console) on LGTM.com or the [CodeQL for Visual Studio Code](https://codeql.github.com/docs/codeql-for-visual-studio-code/) extension to try out your queries on any open source project that's currently being analyzed.
 
 ## Contributing
 
 
@@ -373,6 +373,7 @@
   ],
   "Inline Test Expectations": [
     "cpp/ql/test/TestUtilities/InlineExpectationsTest.qll",
+    "csharp/ql/test/TestUtilities/InlineExpectationsTest.qll",
     "java/ql/test/TestUtilities/InlineExpectationsTest.qll",
     "python/ql/test/TestUtilities/InlineExpectationsTest.qll",
     "ruby/ql/test/TestUtilities/InlineExpectationsTest.qll"
@@ -478,5 +479,13 @@
   "TypeTracker": [
     "python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll",
     "ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll"
+  ],
+  "CodeQL Tutorial": [
+    "cpp/ql/lib/tutorial.qll",
+    "csharp/ql/lib/tutorial.qll",
+    "java/ql/lib/tutorial.qll",
+    "javascript/ql/lib/tutorial.qll",
+    "python/ql/lib/tutorial.qll",
+    "ruby/ql/lib/tutorial.qll"
   ]
 }
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* A new query (`cpp/cleartext-transmission`) has been added. This is similar to the `cpp/cleartext-storage-file`, `cpp/cleartext-storage-buffer` and `cpp/cleartext-storage-database` queries but looks for cases where sensitive information is most likely transmitted over a network.
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The "Uncontrolled data used in OS command" (`cpp/command-line-injection`) query has been enhanced to reduce false positive results and its `@precision` increased to `high`
@@ -0,0 +1,3 @@
+lgtm,codescanning
+* Increase precision to high for the "Static buffer overflow" query
+  (`cpp/static-buffer-overflow`). This means the query is run and displayed by default on Code Scanning and LGTM.
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Several improvements made to the `NullTermination.qll` library and the 'Potential improper null termination' (cpp/improper-null-termination). These changes reduce the number of false positive results for this query and related query 'User-controlled data may not be null terminated' (cpp/user-controlled-null-termination-tainted).
@@ -0,0 +1,3 @@
+codescanning
+* Problems with extraction that in most cases won't break the analysis in a significant way are now reported as warnings rather than errors.
+* The failed extractor invocations query now has severity `error`.
@@ -275,9 +275,8 @@ class Declaration extends Locatable, @declaration {
    * `getTemplateArgumentKind(0)`.
    */
   final Locatable getTemplateArgumentKind(int index) {
-    if exists(getTemplateArgumentValue(index))
-    then result = getTemplateArgumentType(index)
-    else none()
+    exists(getTemplateArgumentValue(index)) and
+    result = getTemplateArgumentType(index)
   }
 
   /** Gets the number of template arguments for this declaration. */
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+lgtm,codescanning`
	`2`	+* A new query (`cpp/cleartext-transmission`) has been added. This is similar to the `cpp/cleartext-storage-file`, `cpp/cleartext-storage-buffer` and `cpp/cleartext-storage-database` queries but looks for cases where sensitive information is most likely transmitted over a network.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+lgtm,codescanning`
	`2`	+* The "Uncontrolled data used in OS command" (`cpp/command-line-injection`) query has been enhanced to reduce false positive results and its `@precision` increased to `high`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+lgtm,codescanning`
	`2`	`+* Increase precision to high for the "Static buffer overflow" query`
	`3`	+ (`cpp/static-buffer-overflow`). This means the query is run and displayed by default on Code Scanning and LGTM.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+lgtm,codescanning`
	`2`	+* Several improvements made to the `NullTermination.qll` library and the 'Potential improper null termination' (cpp/improper-null-termination). These changes reduce the number of false positive results for this query and related query 'User-controlled data may not be null terminated' (cpp/user-controlled-null-termination-tainted).
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+codescanning`
	`2`	`+* Problems with extraction that in most cases won't break the analysis in a significant way are now reported as warnings rather than errors.`
	`3`	+* The failed extractor invocations query now has severity `error`.