github
diff --git a/‎.github/touch
Copy file name to clipboardExpand all lines: .github/touch
-1Lines changed: 0 additions & 1 deletion b/‎.github/touch
Copy file name to clipboardExpand all lines: .github/touch
-1Lines changed: 0 additions & 1 deletion
diff --git a/‎.github/workflows/bump-version.yml
Copy file name to clipboardExpand all lines: .github/workflows/bump-version.yml
+1-1Lines changed: 1 addition & 1 deletion b/‎.github/workflows/bump-version.yml
Copy file name to clipboardExpand all lines: .github/workflows/bump-version.yml
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/code-scanning-pack-gen.yml
Copy file name to clipboardExpand all lines: .github/workflows/code-scanning-pack-gen.yml
+2-2Lines changed: 2 additions & 2 deletions b/‎.github/workflows/code-scanning-pack-gen.yml
Copy file name to clipboardExpand all lines: .github/workflows/code-scanning-pack-gen.yml
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/codeql_unit_tests.yml
Copy file name to clipboardExpand all lines: .github/workflows/codeql_unit_tests.yml
+2-2Lines changed: 2 additions & 2 deletions b/‎.github/workflows/codeql_unit_tests.yml
Copy file name to clipboardExpand all lines: .github/workflows/codeql_unit_tests.yml
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/create-draft-release.yml
Copy file name to clipboardExpand all lines: .github/workflows/create-draft-release.yml
+1-1Lines changed: 1 addition & 1 deletion b/‎.github/workflows/create-draft-release.yml
Copy file name to clipboardExpand all lines: .github/workflows/create-draft-release.yml
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/generate-html-docs.yml
Copy file name to clipboardExpand all lines: .github/workflows/generate-html-docs.yml
+1-1Lines changed: 1 addition & 1 deletion b/‎.github/workflows/generate-html-docs.yml
Copy file name to clipboardExpand all lines: .github/workflows/generate-html-docs.yml
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/standard_library_upgrade_tests.yml
Copy file name to clipboardExpand all lines: .github/workflows/standard_library_upgrade_tests.yml
+2-2Lines changed: 2 additions & 2 deletions b/‎.github/workflows/standard_library_upgrade_tests.yml
Copy file name to clipboardExpand all lines: .github/workflows/standard_library_upgrade_tests.yml
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/tooling-unit-tests.yml
Copy file name to clipboard
+91Lines changed: 91 additions & 0 deletions b/‎.github/workflows/tooling-unit-tests.yml
Copy file name to clipboard
+91Lines changed: 91 additions & 0 deletions
diff --git a/‎.github/workflows/upgrade_codeql_dependencies.yml
Copy file name to clipboardExpand all lines: .github/workflows/upgrade_codeql_dependencies.yml
+1-1Lines changed: 1 addition & 1 deletion b/‎.github/workflows/upgrade_codeql_dependencies.yml
Copy file name to clipboardExpand all lines: .github/workflows/upgrade_codeql_dependencies.yml
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/validate-coding-standards.yml
Copy file name to clipboardExpand all lines: .github/workflows/validate-coding-standards.yml
+23-13Lines changed: 23 additions & 13 deletions b/‎.github/workflows/validate-coding-standards.yml
Copy file name to clipboardExpand all lines: .github/workflows/validate-coding-standards.yml
+23-13Lines changed: 23 additions & 13 deletions
diff --git a/‎.github/workflows/validate-rules-csv.yml
Copy file name to clipboard
+28Lines changed: 28 additions & 0 deletions b/‎.github/workflows/validate-rules-csv.yml
Copy file name to clipboard
+28Lines changed: 28 additions & 0 deletions
diff --git a/‎.vscode/tasks.json
Copy file name to clipboardExpand all lines: .vscode/tasks.json
+3Lines changed: 3 additions & 0 deletions b/‎.vscode/tasks.json
Copy file name to clipboardExpand all lines: .vscode/tasks.json
+3Lines changed: 3 additions & 0 deletions
diff --git a/‎c/cert/src/qlpack.yml
Copy file name to clipboard
+1-1Lines changed: 1 addition & 1 deletion b/‎c/cert/src/qlpack.yml
Copy file name to clipboard
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql
Copy file name to clipboardExpand all lines: c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql
+1-1Lines changed: 1 addition & 1 deletion b/‎c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql
Copy file name to clipboardExpand all lines: c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎c/cert/test/qlpack.yml
Copy file name to clipboard
+1-1Lines changed: 1 addition & 1 deletion b/‎c/cert/test/qlpack.yml
Copy file name to clipboard
+1-1Lines changed: 1 addition & 1 deletion
@@ -10,7 +10,7 @@ on:
 jobs:
 
   apply-version-bump:
-    runs-on: ubuntu-latest 
+    runs-on: ubuntu-22.04
     name: Apply Version Bump
     steps:
         - name: Checkout 
 
@@ -19,7 +19,7 @@ env:
 jobs:
   prepare-code-scanning-pack-matrix:
     name: Prepare CodeQL Code Scanning pack matrix
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     outputs:
       matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }}
     steps:
@@ -86,7 +86,7 @@ jobs:
           codeql query compile --search-path c --search-path cpp --threads 0 c
 
           cd ..
-          zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports
+          zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas
 
       - name: Upload GHAS Query Pack
         uses: actions/upload-artifact@v2
 
@@ -14,7 +14,7 @@ on:
 jobs:
   prepare-unit-test-matrix:
     name: Prepare CodeQL unit test matrix
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     outputs:
       matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }}
     steps:
@@ -157,7 +157,7 @@ jobs:
   validate-test-results:
     name: Validate test results
     needs: [run-test-suites]
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Collect test results
         uses: actions/download-artifact@v2
 
@@ -21,7 +21,7 @@ on:
 jobs:
   create-draft-release:
     name: Create draft release
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     env:      
       # AWS CONFIGURATION
       AWS_EC2_INSTANCE_TYPE: ${{ github.event.inputs.aws_ec2_instance_type }}
 
@@ -15,7 +15,7 @@ on:
 jobs:
   generate-html-doc:
     name: Generate HTML documentation
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v2
 
@@ -14,7 +14,7 @@ on:
 jobs:
   prepare-unit-test-matrix:
     name: Prepare CodeQL unit test matrix
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     outputs:
       matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }}
     steps:
@@ -154,7 +154,7 @@ jobs:
   validate-test-results:
     name: Validate test results
     needs: [run-test-suites]
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Install Python
         uses: actions/setup-python@v4
 
@@ -0,0 +1,91 @@
+name: 🧰 Tooling unit tests
+
+on:
+  push:
+    branches:
+      - main
+      - "rc/**"
+      - next
+  pull_request:
+    branches:
+      - main
+      - "rc/**"
+      - next
+
+jobs:
+  prepare-supported-codeql-env-matrix:
+    name: Prepare supported CodeQL environment matrix
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.export-supported-codeql-env-matrix.outputs.matrix }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Export supported CodeQL environment matrix
+        id: export-supported-codeql-env-matrix
+        run: |
+          echo "::set-output name=matrix::$(
+            jq --compact-output '.supported_environment | {include: .}' supported_codeql_configs.json
+          )"
+
+  analysis-report-tests:
+    name: Run analysis report tests
+    needs: prepare-supported-codeql-env-matrix
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJSON(needs.prepare-supported-codeql-env-matrix.outputs.matrix) }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Install Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.9"
+
+      - name: Install Python dependencies
+        run: pip install -r scripts/reports/requirements.txt
+
+      - name: Cache CodeQL
+        id: cache-codeql
+        uses: actions/cache@v2.1.3
+        with:
+          path: ${{ github.workspace }}/codeql_home
+          key: codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }}
+
+      - name: Install CodeQL
+        if: steps.cache-codeql.outputs.cache-hit != 'true'
+        uses: ./.github/actions/install-codeql
+        with:
+          codeql-cli-version: ${{ matrix.codeql_cli }}
+          codeql-stdlib-version: ${{ matrix.codeql_standard_library }}
+          codeql-home: ${{ github.workspace }}/codeql_home
+          add-to-path: false
+
+      - name: Run PyTest
+        env:
+          CODEQL_HOME: ${{ github.workspace }}/codeql_home
+        run: |
+          PATH=$PATH:$CODEQL_HOME/codeql
+          pytest scripts/reports/analysis_report_test.py
+
+  recategorization-tests:
+    name: Run Guideline Recategorization tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Install Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.9"
+
+      - name: Install Python dependencies
+        run: pip install -r scripts/guideline_recategorization/requirements.txt
+
+      - name: Run PyTest
+        run: |
+          pytest scripts/guideline_recategorization/recategorize_test.py
@@ -20,7 +20,7 @@ jobs:
     env:
       CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }}
       CODEQL_LIB_COMMIT: ${{ github.event.inputs.codeql_standard_library_commit }}
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v2
 
@@ -18,7 +18,7 @@ env:
 jobs:
   validate-package-files:
     name: Validate Package Files
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v2
@@ -28,6 +28,15 @@ jobs:
         with:
           python-version: "3.9"
 
+      - name: Install CodeQL
+        run: |
+          VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)"
+          gh extensions install github/gh-codeql
+          gh codeql set-version "$VERSION"
+          gh codeql install-stub
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+
       - name: Install generate_package_files.py dependencies
         run: pip install -r scripts/requirements.txt
 
@@ -49,52 +58,53 @@ jobs:
 
       - name: Validate Package Files (CPP)
         run: |
-          find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python scripts/generate_rules/generate_package_files.py cpp
+          find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py cpp
           git diff
           git diff --compact-summary
           git diff --quiet
 
       - name: Validate Package Files (C)
         run: |
-          find rule_packages/c -name \*.json -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python scripts/generate_rules/generate_package_files.py c
+          find rule_packages/c -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py c
           git diff
           git diff --compact-summary
           git diff --quiet
 
   validate-codeql-format:
     name: "Validate CodeQL Format"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v2
 
-      - name: Fetch CodeQL
+      - name: Install CodeQL
         run: |
-          TAG="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)"
-          gh release download $TAG --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip
-          unzip -q codeql-linux64.zip
+          VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)"
+          gh extensions install github/gh-codeql
+          gh codeql set-version "$VERSION"
+          gh codeql install-stub
         env:
           GITHUB_TOKEN: ${{ github.token }}
 
       - name: Validate CodeQL Format (CPP)
         run: |
-          find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql/codeql query format --in-place
+          find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place
 
           git diff
           git diff --compact-summary
           git diff --quiet
 
       - name: Validate CodeQL Format (C)
         run: |
-          find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql/codeql query format --in-place
+          find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place
 
           git diff
           git diff --compact-summary
           git diff --quiet
 
   validate-query-help-files:
     name: Validate Query Help Files
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v2
@@ -129,7 +139,7 @@ jobs:
 
   validate-cpp-test-files:
     name: Validate C++ Test Files
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v2
@@ -152,7 +162,7 @@ jobs:
 
   validate-c-test-files:
     name: Validate C Test Files
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v2
 
@@ -0,0 +1,28 @@
+name: ⚙️ Validate Rules CSV
+
+on:
+  push:
+    branches:
+      - main
+      - "rc/**"
+      - next
+  pull_request:
+    branches:
+      - main
+      - "rc/**"
+      - next
+
+
+jobs:
+  validate-rules-csv:
+    name: Validate Rules CSV 
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Check Rules 
+        shell: pwsh
+        run: scripts/util/Get-DuplicateRules.ps1 -Language 'all' -CIMode
+
+      
@@ -185,6 +185,7 @@
             "type": "pickString",
             "options": [
                 "Allocations",
+                "Banned",
                 "BannedFunctions",
                 "BannedLibraries",
                 "BannedSyntax",
@@ -221,6 +222,7 @@
                 "Iterators",
                 "Lambdas",
                 "Language1",
+                "Language2",
                 "Literals",
                 "Loops",
                 "Macros",
@@ -252,6 +254,7 @@
                 "Preprocessor3",
                 "Preprocessor4",
                 "Preprocessor5",
+                "Preprocessor6",
                 "IntegerConversion",
                 "Expressions",
                 "DeadCode",
 
@@ -1,4 +1,4 @@
 name: cert-c-coding-standards
-version: 2.9.0
+version: 2.12.0-dev
 suites: codeql-suites
 libraryPathDependencies: common-c-coding-standards
@@ -16,7 +16,7 @@ import codingstandards.c.cert
 import codingstandards.cpp.SideEffect
 import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.dataflow.TaintTracking
-import semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl
+import semmle.code.cpp.valuenumbering.GlobalValueNumbering
 
 /** Holds if the function's return value is derived from the `AliasParamter` p. */
 predicate returnValueDependsOnAliasParameter(AliasParameter p) {
 
@@ -1,4 +1,4 @@
 name: cert-c-coding-standards-tests
-version: 2.9.0
+version: 2.12.0-dev
 libraryPathDependencies: cert-c-coding-standards
 extractor: cpp