cklin
diff --git a/‎.github/workflows/csv-coverage-pr-artifacts.yml
Lines changed: 2 additions & 0 deletions b/‎.github/workflows/csv-coverage-pr-artifacts.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎.gitignore
Lines changed: 3 additions & 0 deletions b/‎.gitignore
Lines changed: 3 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎cpp/change-notes/2021-06-10-cleartext-transmission.md
Lines changed: 2 additions & 0 deletions b/‎cpp/change-notes/2021-06-10-cleartext-transmission.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-06-22-sql-tainted.md
Lines changed: 2 additions & 0 deletions b/‎cpp/change-notes/2021-06-22-sql-tainted.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-09-27-command-line-injection.md
Lines changed: 2 additions & 0 deletions b/‎cpp/change-notes/2021-09-27-command-line-injection.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎cpp/change-notes/2021-09-27-overflow-static.md
Lines changed: 3 additions & 0 deletions b/‎cpp/change-notes/2021-09-27-overflow-static.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎cpp/ql/lib/semmle/code/cpp/File.qll
Lines changed: 1 addition & 1 deletion b/‎cpp/ql/lib/semmle/code/cpp/File.qll
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/ql/lib/semmle/code/cpp/Location.qll
Lines changed: 1 addition & 1 deletion b/‎cpp/ql/lib/semmle/code/cpp/Location.qll
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/ql/lib/semmle/code/cpp/XML.qll
Lines changed: 1 addition & 1 deletion b/‎cpp/ql/lib/semmle/code/cpp/XML.qll
Lines changed: 1 addition & 1 deletion
@@ -6,6 +6,8 @@ on:
       - '.github/workflows/csv-coverage-pr-comment.yml'
       - '*/ql/src/**/*.ql'
       - '*/ql/src/**/*.qll'
+      - '*/ql/lib/**/*.ql'
+      - '*/ql/lib/**/*.qll'
       - 'misc/scripts/library-coverage/*.py'
       # input data files
       - '*/documentation/library-coverage/cwe-sink.csv'
 
@@ -24,3 +24,6 @@
 /codeql/
 
 csharp/extractor/Semmle.Extraction.CSharp.Driver/Properties/launchSettings.json
+
+# Avoid committing cached package components
+.codeql
@@ -4,8 +4,8 @@ This open source repository contains the standard CodeQL libraries and queries t
 
 ## How do I learn CodeQL and run queries?
 
-There is [extensive documentation](https://help.semmle.com/QL/learn-ql/) on getting started with writing CodeQL.
-You can use the [interactive query console](https://lgtm.com/help/lgtm/using-query-console) on LGTM.com or the [CodeQL for Visual Studio Code](https://help.semmle.com/codeql/codeql-for-vscode.html) extension to try out your queries on any open source project that's currently being analyzed.
+There is [extensive documentation](https://codeql.github.com/docs/) on getting started with writing CodeQL.
+You can use the [interactive query console](https://lgtm.com/help/lgtm/using-query-console) on LGTM.com or the [CodeQL for Visual Studio Code](https://codeql.github.com/docs/codeql-for-visual-studio-code/) extension to try out your queries on any open source project that's currently being analyzed.
 
 ## Contributing
 
 
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* A new query (`cpp/cleartext-transmission`) has been added. This is similar to the `cpp/cleartext-storage-file`, `cpp/cleartext-storage-buffer` and `cpp/cleartext-storage-database` queries but looks for cases where sensitive information is most likely transmitted over a network.
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The 'Uncontrolled data in SQL query' (cpp/sql-injection) query now supports the `libpqxx` library.
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The "Uncontrolled data used in OS command" (`cpp/command-line-injection`) query has been enhanced to reduce false positive results and its `@precision` increased to `high`
@@ -0,0 +1,3 @@
+lgtm,codescanning
+* Increase precision to high for the "Static buffer overflow" query
+  (`cpp/static-buffer-overflow`). This means the query is run and displayed by default on Code Scanning and LGTM.
@@ -38,7 +38,7 @@ class Container extends Locatable, @container {
    * DEPRECATED: Use `getLocation` instead.
    * Gets a URL representing the location of this container.
    *
-   * For more information see [Providing URLs](https://help.semmle.com/QL/learn-ql/ql/locations.html#providing-urls).
+   * For more information see [Providing URLs](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/#providing-urls).
    */
   deprecated string getURL() { none() } // overridden by subclasses
 
 
@@ -61,7 +61,7 @@ class Location extends @location {
    * The location spans column `startcolumn` of line `startline` to
    * column `endcolumn` of line `endline` in file `filepath`.
    * For more information, see
-   * [Locations](https://help.semmle.com/QL/learn-ql/ql/locations.html).
+   * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
    */
   predicate hasLocationInfo(
     string filepath, int startline, int startcolumn, int endline, int endcolumn
 
@@ -24,7 +24,7 @@ class XMLLocatable extends @xmllocatable, TXMLLocatable {
    * The location spans column `startcolumn` of line `startline` to
    * column `endcolumn` of line `endline` in file `filepath`.
    * For more information, see
-   * [Locations](https://help.semmle.com/QL/learn-ql/ql/locations.html).
+   * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
    */
   predicate hasLocationInfo(
     string filepath, int startline, int startcolumn, int endline, int endcolumn
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+lgtm,codescanning`
	`2`	+* A new query (`cpp/cleartext-transmission`) has been added. This is similar to the `cpp/cleartext-storage-file`, `cpp/cleartext-storage-buffer` and `cpp/cleartext-storage-database` queries but looks for cases where sensitive information is most likely transmitted over a network.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+lgtm,codescanning`
	`2`	+* The 'Uncontrolled data in SQL query' (cpp/sql-injection) query now supports the `libpqxx` library.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+lgtm,codescanning`
	`2`	+* The "Uncontrolled data used in OS command" (`cpp/command-line-injection`) query has been enhanced to reduce false positive results and its `@precision` increased to `high`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+lgtm,codescanning`
	`2`	`+* Increase precision to high for the "Static buffer overflow" query`
	`3`	+ (`cpp/static-buffer-overflow`). This means the query is run and displayed by default on Code Scanning and LGTM.
Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ class Container extends Locatable, @container {`
`38`	`38`	* DEPRECATED: Use `getLocation` instead.
`39`	`39`	`* Gets a URL representing the location of this container.`
`40`	`40`	`*`
`41`		`- * For more information see [Providing URLs](https://help.semmle.com/QL/learn-ql/ql/locations.html#providing-urls).`
	`41`	`+ * For more information see [Providing URLs](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/#providing-urls).`
`42`	`42`	`*/`
`43`	`43`	`deprecated string getURL() { none() } // overridden by subclasses`
`44`	`44`