The codeql/cpp-queries pack used in CodeQlQueries.qls was versioned
1.1.0 for the CodeQL CLI v2.18.1 release currently used.
https://github.com/github/codeql/blob/codeql-cli/v2.18.1/cpp/ql/src/qlpack.yml
This change pins that pack version to prevent the CodeQL CLI and
pack from getting out of sync until explicitly updated.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
This fixes an issue where the CodeQL queries currently fetched in the
pipeline are incompatible with the current executable used.
Update to pick up functional and security fixes. See the following
comparison for detailed differences:
https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Joey Vagedes <joey.vagedes@gmail.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Updates CodeQL to work with the latest queries. Includes functional
and security fixes within the CodeQL CLI binary.
For more information on release details see:
https://github.com/github/codeql-cli-binaries/releases
For changes between the previous version (2.14.5) and 2.16.1 see:
https://github.com/github/codeql-cli-binaries/compare/v2.14.5...v2.16.1
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Joey Vagedes <joey.vagedes@gmail.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Joey Vagedes <joey.vagedes@gmail.com>
Adds a CodeQL plugin that supports CodeQL in the build system.
1. CodeQlBuildPlugin - Generates a CodeQL database for a given build.
2. CodeQlAnalyzePlugin - Analyzes a CodeQL database and interprets
results.
3. External dependencies - Assist with downloading the CodeQL CLI and
making it available to the CodeQL plugins.
4. CodeQlQueries.qls - A C/C++ CodeQL query set run against the code.
5. Readme.md - A comprehensive readme file to help:
- Platform integrators understand how to configure the plugin
- Developers understand how to modify the plugin
- Users understand how to use the plugin
Read Readme.md for additional details.
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Yuwei Chen <yuwei.chen@intel.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
Michael Kubacki