Sync Upstream Tags #19342
Closed
Sync Upstream Tags #19342
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ition Brodes/open source query transition
…ifications to the shared dataflow library files.
Shared: Refactor `DataFlowStack`
Java/C#: Add missing files from #157
Java: Update file that was forgotten in #157
…cation-labels TEMPORARY: Remove JavaScript Deprecation Labels
Add Microsoft-Public Namespace to Query IDs
…after-2.20.4 PS: Fixup CFG library in preparation for 2.20.4
Compatible with the latest released version of the CodeQL CLI
…-tests Include Tests for Microsoft Open Source Queries
Microsoft Public Namespace Fix
Powershell Command Injection query updates
…t existed when Mathias joined Microsoft
…ade-scripts PS: Add missing downgrade and upgrade scripts
…c-read PS: Fix `toString` on unknown static field access
github-actions
bot
added
C#
JS
C++
documentation
Java
Python
Ruby
Rust
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR introduces several automation changes to keep the codebase in sync with upstream changes, including upstream commits and tags. Key changes include:
- Adding an example file for leap year checking logic.
- Updating change notes and security documentation.
- Adding new GitHub workflows for syncing the main branch, tags, and running a PowerShell PR check.
Reviewed Changes
Copilot reviewed 1837 out of 1849 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| cpp/ql/src/Likely Bugs/Leap Year/examples/LeapYearConditionalLogicBad.c | Adds sample leap year logic demonstrating conditional paths. |
| cpp/ql/lib/change-notes/2023-10-12-additional-call-targets.md | Documents the addition of a new class for specifying additional call targets. |
| SECURITY.md | Introduces updated security guidelines and reporting instructions. |
| README.md | Minor documentation updates in the tasks section. |
| .github/workflows/sync-main.yml | Automates syncing of upstream changes into the main branch, including PR creation. |
| .github/workflows/sync-main-tags.yml | Automates syncing of upstream tags upon merging a PR. |
| .github/workflows/powershell-pr-check.yml | Adds a workflow to compile PowerShell queries on pull requests. |
Files not reviewed (12)
- cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll: Language not supported
- cpp/ql/lib/semmle/code/cpp/models/implementations/Iterator.qll: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/Adding365DaysPerYear.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/AntiPattern5InvalidLeapYearCheck.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/LeapYearConditionalLogic.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/LeapYearConditionalLogic.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.ql: Language not supported
|
|
||
|
|
||
| // Checking specifically for the leap day | ||
| if (month == 2 && day == 29) // (or 1 with a tm_mon value) |
There was a problem hiding this comment.
Clarify the comment to explicitly state whether the literal '2' represents the calendar month or if the alternate value '1' is used when working with tm_mon (which is typically 0-indexed), to avoid confusion.
| shell: bash | ||
| run: | | ||
| echo "::group::Sync with main branch" | ||
| git pull origin auto/sync-main-pr; exitCode=$?; if [ $exitCode -ne 0 ]; then exitCode=0; fi |
There was a problem hiding this comment.
[nitpick] Consider replacing the custom exit code handling with a more standard approach (such as appending '|| true' to the git pull command) to improve readability and maintainability.
Suggested change
| git pull origin auto/sync-main-pr; exitCode=$?; if [ $exitCode -ne 0 ]; then exitCode=0; fi | |
| git pull origin auto/sync-main-pr || true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Upon completion of auto/sync-main-pr pull request (syncs upstream commits), this workflow runs and also syncs upstream tags.