Skip to content

Commit 0f5edd3

Browse files
authored
Merge branch 'main' into lcartey/dead-code-improvements
2 parents e14823a + 021fabb commit 0f5edd3

27 files changed

+85
-40
lines changed

.github/workflows/codeql_unit_tests.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -160,9 +160,16 @@ jobs:
160160

161161
validate-test-results:
162162
name: Validate test results
163+
if: ${{ always() }}
163164
needs: run-test-suites
164165
runs-on: ubuntu-22.04
165166
steps:
167+
- name: Check if run-test-suites job failed to complete, if so fail
168+
if: ${{ needs.run-test-suites.result == 'failure' }}
169+
uses: actions/github-script@v3
170+
with:
171+
script: |
172+
core.setFailed('Test run job failed')
166173
- name: Collect test results
167174
uses: actions/download-artifact@v3
168175

.github/workflows/dispatch-matrix-check.yml

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,11 +20,20 @@ jobs:
2020
with:
2121
minimum-permission: "write"
2222

23+
- name: Generate token
24+
id: generate-token
25+
uses: actions/create-github-app-token@v1
26+
with:
27+
app-id: ${{ vars.AUTOMATION_APP_ID }}
28+
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
29+
owner: ${{ github.repository_owner }}
30+
repositories: "codeql-coding-standards-release-engineering"
31+
2332
- name: Dispatch Matrix Testing Job
2433
if: steps.check-write-permission.outputs.has-permission
2534
uses: peter-evans/repository-dispatch@v2
2635
with:
27-
token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }}
36+
token: ${{ steps.generate-token.outputs.token }}
2837
repository: github/codeql-coding-standards-release-engineering
2938
event-type: matrix-test
3039
client-payload: '{"pr": "${{ github.event.number }}"}'

.github/workflows/dispatch-matrix-test-on-comment.yml

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,20 @@ jobs:
1717
with:
1818
minimum-permission: "write"
1919

20+
- name: Generate token
21+
id: generate-token
22+
uses: actions/create-github-app-token@v1
23+
with:
24+
app-id: ${{ vars.AUTOMATION_APP_ID }}
25+
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
26+
owner: ${{ github.repository_owner }}
27+
repositories: "codeql-coding-standards-release-engineering"
28+
2029
- name: Dispatch Matrix Testing Job
2130
if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }}
2231
uses: peter-evans/repository-dispatch@v2
2332
with:
24-
token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }}
33+
token: ${{ steps.generate-token.outputs.token }}
2534
repository: github/codeql-coding-standards-release-engineering
2635
event-type: matrix-test
2736
client-payload: '{"pr": "${{ github.event.issue.number }}"}'

.github/workflows/dispatch-release-performance-check.yml

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,20 @@ jobs:
1717
with:
1818
minimum-permission: "write"
1919

20+
- name: Generate token
21+
id: generate-token
22+
uses: actions/create-github-app-token@v1
23+
with:
24+
app-id: ${{ vars.AUTOMATION_APP_ID }}
25+
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
26+
owner: ${{ github.repository_owner }}
27+
repositories: "codeql-coding-standards-release-engineering"
28+
2029
- name: Dispatch Performance Testing Job
2130
if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }}
2231
uses: peter-evans/repository-dispatch@v2
2332
with:
24-
token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }}
33+
token: ${{ steps.generate-token.outputs.token }}
2534
repository: github/codeql-coding-standards-release-engineering
2635
event-type: performance-test
2736
client-payload: '{"pr": "${{ github.event.issue.number }}"}'

.github/workflows/finalize-release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -103,7 +103,7 @@ jobs:
103103
- name: Generate token
104104
if: env.HOTFIX_RELEASE == 'false'
105105
id: generate-token
106-
uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e
106+
uses: actions/create-github-app-token@v1
107107
with:
108108
app-id: ${{ vars.AUTOMATION_APP_ID }}
109109
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}

.github/workflows/prepare-release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,7 @@ jobs:
143143
144144
- name: Generate token
145145
id: generate-token
146-
uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e
146+
uses: actions/create-github-app-token@v1
147147
with:
148148
app-id: ${{ vars.AUTOMATION_APP_ID }}
149149
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}

.github/workflows/update-release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ jobs:
4343

4444
- name: Generate token
4545
id: generate-token
46-
uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e
46+
uses: actions/create-github-app-token@v1
4747
with:
4848
app-id: ${{ vars.AUTOMATION_APP_ID }}
4949
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}

.github/workflows/validate-release.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ jobs:
4040
steps:
4141
- name: Generate token
4242
id: generate-token
43-
uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e
43+
uses: actions/create-github-app-token@v1
4444
with:
4545
app-id: ${{ vars.AUTOMATION_APP_ID }}
4646
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
@@ -108,7 +108,7 @@ jobs:
108108
steps:
109109
- name: Generate token
110110
id: generate-token
111-
uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e
111+
uses: actions/create-github-app-token@v1
112112
with:
113113
app-id: ${{ vars.AUTOMATION_APP_ID }}
114114
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}

c/cert/src/qlpack.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
name: codeql/cert-c-coding-standards
2-
version: 2.35.0-dev
2+
version: 2.36.0-dev
33
description: CERT C 2016
44
suites: codeql-suites
55
license: MIT

c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql

Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -21,18 +21,19 @@ import codingstandards.c.Signal
2121
*/
2222
class UnsafeSharedVariableAccess extends VariableAccess {
2323
UnsafeSharedVariableAccess() {
24-
// static or thread local storage duration
25-
(
26-
this.getTarget() instanceof StaticStorageDurationVariable or
27-
this.getTarget().isThreadLocal()
28-
) and
2924
// excluding `volatile sig_atomic_t` type
3025
not this.getType().(SigAtomicType).isVolatile() and
31-
// excluding lock-free atomic objects
32-
not exists(MacroInvocation mi, VariableAccess va |
33-
mi.getMacroName() = "atomic_is_lock_free" and
34-
mi.getExpr().getChild(0) = va.getEnclosingElement*() and
35-
va.getTarget() = this.getTarget()
26+
exists(Variable target | target = this.getTarget() |
27+
// static or thread local storage duration
28+
(
29+
target instanceof StaticStorageDurationVariable or
30+
target.isThreadLocal()
31+
) and
32+
// excluding lock-free atomic objects
33+
not exists(MacroInvocation mi, VariableAccess va | va.getTarget() = target |
34+
mi.getMacroName() = "atomic_is_lock_free" and
35+
mi.getExpr().getChild(0) = va.getEnclosingElement*()
36+
)
3637
)
3738
}
3839
}

0 commit comments

Comments
 (0)