Merge master for submodule update

Author: Robert Marsh

change-notes/1.24/analysis-cpp.md

@@ -46,3 +46,5 @@ The following changes in version 1.24 affect C/C++ analysis in all applications.
   the following improvements:
   * The library now models data flow through `strdup` and similar functions.
   * The library now models data flow through formatting functions such as `sprintf`.
+* The security pack taint tracking library (`semmle.code.cpp.security.TaintTracking`) uses a new intermediate representation. This provides a more precise analysis of pointers to stack variables and flow through parameters, improving the results of many security queries.
+* The global value numbering library (`semmle.code.cpp.valuenumbering.GlobalValueNumbering`) uses a new intermediate representation to provide a more precise analysis of heap allocated memory and pointers to stack variables.

change-notes/1.24/analysis-javascript.md

@@ -2,6 +2,8 @@
 
 ## General improvements
 
+* TypeScript 3.8 is now supported.
+
 * Alert suppression can now be done with single-line block comments (`/* ... */`) as well as line comments (`// ...`).
 
 * Imports with the `.js` extension can now be resolved to a TypeScript file,
@@ -13,6 +15,10 @@
 
 * The analysis of sanitizer guards has improved, leading to fewer false-positive results from the security queries.
 
+* The call graph construction has been improved, leading to more results from the security queries:
+  - Calls can now be resolved to indirectly-defined class members in more cases.
+  - Calls through partial invocations such as `.bind` can now be resolved in more cases.
+
 * Support for the following frameworks and libraries has been improved:
   - [Electron](https://electronjs.org/)
   - [Handlebars](https://www.npmjs.com/package/handlebars)

cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll

@@ -1,7 +1,5 @@
 private import cpp
 
-Function viableImpl(Call call) { result = viableCallable(call) }
-
 /**
  * Gets a function that might be called by `call`.
  */