Merge branch 'main' into dependabot/pip/scripts/release/gitpython-3.1.37

Author: lcartey

.github/workflows/tooling-unit-tests.yml

@@ -96,3 +96,22 @@ jobs:
       - name: Run PyTest
         run: |
           pytest scripts/guideline_recategorization/recategorize_test.py
+
+  release-tests:
+    name: Run release tests
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Install Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.9"
+
+      - name: Install Python dependencies
+        run: pip install -r scripts/release/requirements.txt
+
+      - name: Run PyTest
+        run: |
+          pytest scripts/release/update_release_assets_test.py

.github/workflows/update-release-status.yml

@@ -1,12 +1,5 @@
 name: "Update Release Status"
 on:
-  check_run:
-    types:
-      - completed
-      - rerequested
-    branches:
-      - "rc/**"
-
   workflow_dispatch:
     inputs:
       head-sha:
@@ -20,40 +13,36 @@ permissions:
   checks: write
   contents: write
 
+env:
+  HEAD_SHA: ${{ inputs.head-sha }}
+
 jobs:
   validate-check-runs:
     runs-on: ubuntu-22.04
     outputs:
       status: ${{ steps.set-output.outputs.status }}
-      check-run-head-sha: ${{ steps.set-output.outputs.check-run-head-sha }}
+      conclusion: ${{ steps.set-output.outputs.conclusion }}
     steps:
-      - name: Determine check run head SHA
-        env:
-          HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }}
-          HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }}
-        run: |
-          if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then
-            echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV"
-          else
-            echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV"
-          fi
-
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          ref: ${{ env.CHECK_RUN_HEAD_SHA }}
+          ref: ${{ inputs.head-sha }}
 
       - name: Get release status check run
         id: get-check-run
-        if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != github.workflow) || github.event_name == 'workflow_dispatch'
         env:
           GITHUB_TOKEN: ${{ github.token }}
         run: |
           check_run_info=$(gh api \
           --header "Accept: application/vnd.github+json" \
           --header "X-GitHub-Api-Version: 2022-11-28" \
           --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion}' \
-          /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs)
+          /repos/$GITHUB_REPOSITORY/commits/$HEAD_SHA/check-runs)
+
+          if [[ -z "$check_run_info" ]]; then
+            echo "No release status check run found"
+            exit 1
+          fi
 
           check_run_id=$(echo "$check_run_info" | jq -r '.id')
           check_run_status=$(echo "$check_run_info" | jq -r '.status')
@@ -64,19 +53,22 @@ jobs:
           echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV"
 
       - name: Reset release status
-        if: env.CHECK_RUN_STATUS == 'completed' && ((github.event_name == 'check_run' && github.event.action == 'rerequested') || github.event_name == 'workflow_dispatch')
+        if: env.CHECK_RUN_STATUS == 'completed'
         env:
           GITHUB_TOKEN: ${{ github.token }}
         run: |
-          CHECK_RUN_ID=$(gh api \
+          check_run_id=$(gh api \
           --header "Accept: application/vnd.github+json" \
           --header "X-GitHub-Api-Version: 2022-11-28" \
           --field name="release-status" \
-          --field head_sha="$CHECK_RUN_HEAD_SHA" \
+          --field head_sha="$HEAD_SHA" \
           --jq ".id" \
           /repos/$GITHUB_REPOSITORY/check-runs)
 
-          echo "Created release status check run with id $CHECK_RUN_ID"
+          echo "Created release status check run with id $check_run_id"
+          # Reset the status to in progress.
+          echo "CHECK_RUN_STATUS=in_progress" >> "$GITHUB_ENV"
+          echo "CHECK_RUN_ID=$check_run_id" >> "$GITHUB_ENV"
 
       - name: Check all runs completed
         if: env.CHECK_RUN_STATUS != 'completed'
@@ -87,10 +79,12 @@ jobs:
           --header "Accept: application/vnd.github+json" \
           --header "X-GitHub-Api-Version: 2022-11-28" \
           --jq '.check_runs | map(select(.name != "release-status"))' \
-          /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs)
+          /repos/$GITHUB_REPOSITORY/commits/$HEAD_SHA/check-runs)
 
           status_stats=$(echo "$check_runs" | jq -r '. | {failed: (map(select(.conclusion == "failure")) | length), pending: (map(select(.status != "completed")) | length) }')
 
+          echo "status_stats=$status_stats"
+
           failed=$(echo "$status_stats" | jq -r '.failed')
           pending=$(echo "$status_stats" | jq -r '.pending')
 
@@ -101,7 +95,6 @@ jobs:
         if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed'
         env:
           GITHUB_TOKEN: ${{ github.token }}
-          CHECK_RUNS_FAILED: ${{ env.check-runs-failed }}
         run: |
           if [[ "$CHECK_RUNS_FAILED" == "0" ]]; then
             echo "All check runs succeeded"
@@ -123,22 +116,23 @@ jobs:
             --input - \
             /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID
 
+          echo "RELEASE_STATUS_CONCLUSION=$conclusion" >> "$GITHUB_ENV"
+
       - name: Set output
         id: set-output
         run: |
+          echo "conclusion=$RELEASE_STATUS_CONCLUSION" >> "$GITHUB_OUTPUT"
           if [[ "$CHECK_RUNS_PENDING" == "0" ]]; then
             echo "status=completed" >> "$GITHUB_OUTPUT"
           else
             echo "status=in_progress" >> "$GITHUB_OUTPUT"
           fi
 
-          echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT"
-
   update-release:
     needs: validate-check-runs
-    if: needs.validate-check-runs.outputs.status == 'completed'
+    if: needs.validate-check-runs.outputs.status == 'completed' && needs.validate-check-runs.outputs.conclusion == 'success'
     uses: ./.github/workflows/update-release.yml
     with:
-      head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }}
+      head-sha: ${{ inputs.head-sha }}
     secrets:
       AUTOMATION_PRIVATE_KEY: ${{ secrets.AUTOMATION_PRIVATE_KEY }}

.github/workflows/update-release.yml

@@ -30,7 +30,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          ref: ${{ inputs.head-sha }}
+          fetch-depth: 0 # We need the full history to compute the changelog
 
       - name: Install Python
         uses: actions/setup-python@v4
@@ -54,13 +54,12 @@ jobs:
           GITHUB_TOKEN: ${{ github.token }}
           RELEASE_ENGINEERING_TOKEN: ${{ steps.generate-token.outputs.token }}
         run: |
-          python scripts/release/update-release-assets.py \
+          python scripts/release/update_release_assets.py \
             --head-sha $HEAD_SHA \
             --layout scripts/release/release-layout.yml \
             --repo "$GITHUB_REPOSITORY" \
             --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \
-            --skip-checkrun "release-status" \
-            --skip-checks
+            --skip-checkrun "release-status"
 
       - name: Update release notes
         env:

c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql

@@ -45,7 +45,7 @@ where
     msg = "Function " + f + " declares parameter that is unnamed."
     or
     hasZeroParamDecl(f) and
-    msg = "Function " + f + " does not specifiy void for no parameters present."
+    msg = "Function " + f + " does not specify void for no parameters present."
     or
     //parameters declared in declaration list (not in function signature)
     //have placeholder file location associated only

c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected

@@ -1,4 +1,4 @@
 | test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. |
-| test.c:4:6:4:7 | f2 | Function f2 does not specifiy void for no parameters present. |
-| test.c:5:6:5:7 | f3 | Function f3 does not specifiy void for no parameters present. |
+| test.c:4:6:4:7 | f2 | Function f2 does not specify void for no parameters present. |
+| test.c:5:6:5:7 | f3 | Function f3 does not specify void for no parameters present. |
 | test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. |

c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang

@@ -1,3 +1,3 @@
 | test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. |
-| test.c:4:6:4:7 | f2 | Function f2 does not specifiy void for no parameters present. |
+| test.c:4:6:4:7 | f2 | Function f2 does not specify void for no parameters present. |
 | test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. |

change_notes/2023-10-24-a7-1-5-non-fundamental.md

@@ -0,0 +1,8 @@
+ * `A7-1-5` - exclude auto variables initialized with an expression of non-fundamental type. Typically this occurs when using range based for loops with arrays of non-fundamental types. For example:
+   ```
+   void iterate(Foo values[]) {
+      for (auto value : values) { // COMPLIANT (previously false positive)
+         // ...
+      }
+   }
+   ```

change_notes/2023-10-25-a0-1-1.md

@@ -0,0 +1,4 @@
+ * `A0-1-1` - address a number of false positive issues:
+   * Exclude compiler-generated variables, such as those generated for range-based for loops.
+   * Exclude variables in uninstantiated templates, for which we have no precise data on uses.
+   * Deviations should now be applied to the useless assignment instead of the variable itself.

change_notes/2023-10-26-a15-4-4-noexcept.md

@@ -0,0 +1 @@
+ * `A15-4-4`: remove false positives reported on uninsantiated templates.

cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql

@@ -20,6 +20,6 @@ import codingstandards.cpp.deadcode.UselessAssignments
 
 from SsaDefinition ultimateDef, InterestingStackVariable v
 where
-  not isExcluded(v, DeadCodePackage::uselessAssignmentQuery()) and
+  not isExcluded(ultimateDef, DeadCodePackage::uselessAssignmentQuery()) and
   isUselessSsaDefinition(ultimateDef, v)
 select ultimateDef, "Definition of $@ is unused.", v, v.getName()

cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql

@@ -33,5 +33,7 @@ where
   // The function is defined in this database
   f.hasDefinition() and
   // This function is not an overriden call operator of a lambda expression
-  not exists(LambdaExpression lambda | lambda.getLambdaFunction() = f)
-select f, "Function " + f.getName() + " could be declared noexcept(true)."
+  not exists(LambdaExpression lambda | lambda.getLambdaFunction() = f) and
+  // Exclude results from uinstantiated templates
+  not f.isFromUninstantiatedTemplate(_)
+select f, "Function " + f.getQualifiedName() + " could be declared noexcept(true)."

cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql

@@ -19,6 +19,10 @@
 import cpp
 import codingstandards.cpp.autosar
 
+class FundamentalType extends BuiltInType {
+  FundamentalType() { not this instanceof ErroneousType and not this instanceof UnknownType }
+}
+
 from Variable v
 where
   not isExcluded(v,
@@ -28,12 +32,14 @@ where
   // exclude uninstantiated templates and rely on the instantiated templates, because an uninstantiated template may not contain the information required to determine if the usage is allowed.
   not v.isFromUninstantiatedTemplate(_) and
   not (
-    // find ones where
+    // Initialized by function call
     v.getInitializer().getExpr() instanceof FunctionCall
     or
+    // Initialized by lambda expression
     v.getInitializer().getExpr() instanceof LambdaExpression
     or
-    v.getInitializer().getExpr() instanceof ClassAggregateLiteral
+    // Initialized by non-fundamental type
+    not v.getInitializer().getExpr().getType() instanceof FundamentalType
   ) and
   // Exclude compiler generated variables
   not v.isCompilerGenerated()

cpp/autosar/test/rules/A0-1-1/test.cpp

@@ -112,4 +112,15 @@ int test_useless_assignment(int &x, int p) {
   return y;
 }
 
-int main() { return 0; }
+int main() { return 0; }
+
+#include <vector>
+template <typename T> void test_range_based_for_loop_template() {
+  std::vector<A> values_;
+  for (auto &elem : values_) { // COMPLIANT - should not report either elem or
+                               //             the compiler generated (__range)
+                               //             variable in the uninstantiated
+                               //             template
+    elem;
+  }
+}

cpp/autosar/test/rules/A15-4-4/test.cpp

@@ -30,4 +30,17 @@ class A {
 void lambda_example() noexcept {
   auto with_capture = [=]() {};
   auto empty_capture = []() {};
+}
+
+#include <utility>
+template <typename TypeA, typename TypeB>
+void swap_wrapper(TypeA lhs,
+                  TypeB rhs) noexcept(noexcept(std::swap(*lhs, *rhs))) {
+  std::swap(*lhs, *rhs);
+}
+
+void test_swap_wrapper() noexcept {
+  int a = 0;
+  int b = 1;
+  swap_wrapper(&a, &b);
 }

cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected

@@ -4,4 +4,4 @@
 | test.cpp:27:8:27:8 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. |
 | test.cpp:28:8:28:8 | b | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. |
 | test.cpp:81:10:81:10 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. |
-| test.cpp:111:19:111:19 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. |
+| test.cpp:111:13:111:13 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. |

cpp/autosar/test/rules/A7-1-5/test.cpp

@@ -106,9 +106,30 @@ void instantiate() {
   t381.test_381_1();
   t381.test_381_2();
 }
-
+class Foo {};
 void test_loop() {
-  for (const auto a : {8, 9, 10}) {
+  for (auto a : {8, 9, 10}) { // NON_COMPLIANT - a is initialized with a
+                              //                 non-constant initializer
+    a;
+  }
+
+  std::vector<int> v = {1, 2, 3};
+  for (auto &a : v) { // COMPLIANT - a is intialized with a function call
+    a;
+  }
+
+  Foo f1;
+  Foo f2;
+  for (auto &a : {f1, f2}) { // COMPLIANT - initialized with a non-fundamental
+                             //             type
     a;
   }
-}
+}
+
+template <typename T> void test_template(std::vector<T> v2) {
+  for (auto &a : v2) { // COMPLIANT - a is intialized with a function call
+    a;
+  }
+}
+
+void test_template_instantiation() { test_template<int>({1, 2, 3}); }

cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll

@@ -43,7 +43,11 @@ class InterestingStackVariable extends StackVariable {
     // A reference parameter can have an affect outside the enclosing function
     not mayEscape(this) and
     // Not a loop control variable, explicitly excluded
-    not this instanceof LoopControlVariable
+    not this instanceof LoopControlVariable and
+    // Ignore variables in uninstantiated templates
+    not this.isFromUninstantiatedTemplate(_) and
+    // Ignore compiler generated variables, such as those generated for range based for loops
+    not this.isCompilerGenerated()
   }
 }
 

scripts/release/release-layout.yml

@@ -20,4 +20,6 @@ layout:
     - file: docs/user_manual.md
   checksums.txt:
     - shell: |
-        sha256sum ./* > checksums.txt
+        sha256sum ${{ layout.root }}/* > checksums.txt
+        # Remove the layout root from the paths in checksums.txt
+        sed -i -e "s|${{ layout.root }}/||g" checksums.txt

scripts/release/requirements.txt

@@ -1,4 +1,5 @@
 semantic-version==2.10.0
 PyGithub==1.59.1
 PyYAML==6.0.1
-GitPython==3.1.37
+GitPython==3.1.37
+pytest==7.4.3