Merge branch 'master' into js/invalid-entity-transcoding

Author: Max Schaefer

change-notes/1.20/analysis-javascript.md

@@ -6,8 +6,8 @@
 
 | **Query**                                     | **Tags**                                             | **Purpose**                                                                                                                                                                 |
 |-----------------------------------------------|------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Double escaping or unescaping (`js/double-escaping') | correctness, security, external/cwe/cwe-116 | Highlights potential double escaping or unescaping of special characters, indicating a possible violation of [CWE-116](https://cwe.mitre.org/data/definitions/116.html). Results are shown on LGTM by default. |
-
+| Double escaping or unescaping (`js/double-escaping`) | correctness, security, external/cwe/cwe-116 | Highlights potential double escaping or unescaping of special characters, indicating a possible violation of [CWE-116](https://cwe.mitre.org/data/definitions/116.html). Results are shown on LGTM by default. |
+| Useless comparison test (`js/useless-comparison-test`) | correctness | Highlights code that is unreachable due to a numeric comparison that is always true or always false. |
 
 ## Changes to existing queries
 

cpp/ql/src/JPL_C/LOC-2/Rule 03/ExitNonterminatingLoop.ql

@@ -4,6 +4,8 @@
  * @kind problem
  * @id cpp/jpl-c/exit-nonterminating-loop
  * @problem.severity warning
+ * @tags correctness
+ *       external/jpl
  */
 
 import cpp

cpp/ql/src/JPL_C/LOC-2/Rule 03/LoopBounds.ql

@@ -5,6 +5,8 @@
  * @kind problem
  * @id cpp/jpl-c/loop-bounds
  * @problem.severity warning
+ * @tags correctness
+ *       external/jpl
  */
 
 import cpp

cpp/ql/src/JPL_C/LOC-2/Rule 04/Recursion.ql

@@ -4,6 +4,10 @@
  * @kind problem
  * @id cpp/jpl-c/recursion
  * @problem.severity warning
+ * @tags maintainability
+ *       readability
+ *       testability
+ *       external/jpl
  */
 
 import cpp

cpp/ql/src/JPL_C/LOC-2/Rule 05/HeapMemory.ql

@@ -3,7 +3,9 @@
  * @description Dynamic memory allocation (using malloc() or calloc()) should be confined to the initialization routines of a program.
  * @kind problem
  * @id cpp/jpl-c/heap-memory
- * @problem.severity warning
+ * @problem.severity recommendation
+ * @tags resources
+ *       external/jpl
  */
 
 import cpp

cpp/ql/src/JPL_C/LOC-2/Rule 07/ThreadSafety.ql

@@ -4,6 +4,9 @@
  * @kind problem
  * @id cpp/jpl-c/thread-safety
  * @problem.severity warning
+ * @tags correctness
+ *       concurrency
+ *       external/jpl
  */
 
 import cpp

cpp/ql/src/JPL_C/LOC-2/Rule 09/AvoidNestedSemaphores.ql

@@ -4,6 +4,9 @@
  * @kind problem
  * @id cpp/jpl-c/avoid-nested-semaphores
  * @problem.severity warning
+ * @tags correctness
+ *       concurrency
+ *       external/jpl
  */
 
 import Semaphores

cpp/ql/src/JPL_C/LOC-2/Rule 09/AvoidSemaphores.ql

@@ -3,7 +3,9 @@
  * @description The use of semaphores or locks to access shared data should be avoided.
  * @kind problem
  * @id cpp/jpl-c/avoid-semaphores
- * @problem.severity warning
+ * @problem.severity recommendation
+ * @tags concurrency
+ *       external/jpl
  */
 
 import Semaphores

cpp/ql/src/JPL_C/LOC-2/Rule 09/OutOfOrderLocks.ql

@@ -4,6 +4,9 @@
  * @kind problem
  * @id cpp/jpl-c/out-of-order-locks
  * @problem.severity warning
+ * @tags correctness
+ *       concurrency
+ *       external/jpl
  */
 
 import Semaphores

cpp/ql/src/JPL_C/LOC-2/Rule 09/ReleaseLocksWhenAcquired.ql

@@ -4,6 +4,9 @@
  * @kind problem
  * @id cpp/jpl-c/release-locks-when-acquired
  * @problem.severity warning
+ * @tags correctness
+ *       concurrency
+ *       external/jpl
  */
 
 import Semaphores