github
diff --git a/‎.github/workflows/compile-queries.yml‎
Lines changed: 10 additions & 8 deletions b/‎.github/workflows/compile-queries.yml‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎cpp/ql/test/library-tests/dataflow/taint-tests/format.cpp‎
Lines changed: 12 additions & 12 deletions b/‎cpp/ql/test/library-tests/dataflow/taint-tests/format.cpp‎
Lines changed: 12 additions & 12 deletions
diff --git a/‎cpp/ql/test/library-tests/dataflow/taint-tests/smart_pointer.cpp‎
Lines changed: 2 additions & 2 deletions b/‎cpp/ql/test/library-tests/dataflow/taint-tests/smart_pointer.cpp‎
Lines changed: 2 additions & 2 deletions
@@ -2,27 +2,25 @@ name: "Compile all queries using the latest stable CodeQL CLI"
 
 on:
   push:
-    branches: [main] # makes sure the cache gets populated
-  pull_request:
-    branches:
+    branches:  # makes sure the cache gets populated - running on the branches people tend to merge into.
       - main
       - "rc/*"
+      - "codeql-cli-*"
+  pull_request:
 
 jobs:
   compile-queries:
     runs-on: ubuntu-latest-xl
 
     steps:
       - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
       # calculate the merge-base with main, in a way that works both on PRs and pushes to main. 
       - name: Calculate merge-base
         if: ${{ github.event_name == 'pull_request' }}
         env:
           BASE_BRANCH: ${{ github.base_ref }}
         run: |
-          MERGE_BASE=$(git merge-base --fork-point origin/$BASE_BRANCH)
+          MERGE_BASE=$(git cat-file commit $GITHUB_SHA | grep '^parent ' | head -1 | cut -f 2 -d " ")
           echo "merge-base=$MERGE_BASE" >> $GITHUB_ENV
       - name: Read CodeQL query compilation - PR
         if: ${{ github.event_name == 'pull_request' }}
@@ -31,14 +29,18 @@ jobs:
           path: '*/ql/src/.cache'
           key: codeql-compile-pr-${{ github.sha }} # deliberately not using the `compile-compile-main` keys here.
           restore-keys: |
-            codeql-compile-main-${{ env.merge-base }}
+            codeql-compile-${{ github.base_ref }}-${{ env.merge-base }}
+            codeql-compile-${{ github.base_ref }}-
             codeql-compile-main-
       - name: Fill CodeQL query compilation cache - main
         if: ${{ github.event_name != 'pull_request' }}
         uses: actions/cache@v3
         with:
           path: '*/ql/src/.cache'
-          key: codeql-compile-main-${{ github.sha }} # just fill on main
+          key: codeql-compile-${{ github.ref_name }}-${{ github.sha }} # just fill on main
+          restore-keys: | # restore from another random commit, to speed up compilation.
+            codeql-compile-${{ github.ref_name }}- 
+            codeql-compile-main-
       - name: Setup CodeQL
         uses: ./.github/actions/fetch-codeql
         with:
 
@@ -54,22 +54,22 @@ void test1()
 	{
 		char buffer[256] = {0};
 		sink(snprintf(buffer, 256, "%s", string::source()));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 	{
 		char buffer[256] = {0};
 		sink(snprintf(buffer, 256, string::source(), "Hello."));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 	{
 		char buffer[256] = {0};
 		sink(snprintf(buffer, 256, "%s %s %s", "a", "b", string::source()));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 	{
 		char buffer[256] = {0};
 		sink(snprintf(buffer, 256, "%.*s", 10, string::source()));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 
 	{
@@ -80,39 +80,39 @@ void test1()
 	{
 		char buffer[256] = {0};
 		sink(snprintf(buffer, 256, "%i", source()));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 	{
 		char buffer[256] = {0};
 		sink(snprintf(buffer, 256, "%.*s", source(), "Hello."));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 
 	{
 		char buffer[256] = {0};
 		sink(snprintf(buffer, 256, "%p", string::source()));
-		sink(buffer); // $ ast MISSING: ir // tainted (debatable)
+		sink(buffer); // $ ast,ir // tainted (debatable)
 	}
 
 	{
 		char buffer[256] = {0};
 		sink(sprintf(buffer, "%s", string::source()));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 	{
 		char buffer[256] = {0};
 		sink(sprintf(buffer, "%ls", wstring::source()));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 	{
 		wchar_t wbuffer[256] = {0};
 		sink(swprintf(wbuffer, 256, L"%s", wstring::source()));
-		sink(wbuffer); // $ ast MISSING: ir
+		sink(wbuffer); // $ ast,ir
 	}
 	{
 		char buffer[256] = {0};
 		sink(mysprintf(buffer, 256, "%s", string::source()));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 
 	{
@@ -133,7 +133,7 @@ void test1()
 	{
 		char buffer[256] = {0};
 		sink(sscanf(string::source(), "%s", &buffer));
-		sink(buffer); // $ ast MISSING: ir
+		sink(buffer); // $ ast,ir
 	}
 }
 
 
@@ -10,7 +10,7 @@ template<typename T> void sink(std::unique_ptr<T>&);
 void test_make_shared() {
     std::shared_ptr<int> p = std::make_shared<int>(source());
     sink(*p); // $ ast,ir
-    sink(p); // $ ast MISSING: ir
+    sink(p); // $ ast,ir
 }
 
 void test_make_shared_array() {
@@ -22,7 +22,7 @@ void test_make_shared_array() {
 void test_make_unique() {
     std::unique_ptr<int> p = std::make_unique<int>(source());
     sink(*p); // $ ast,ir
-    sink(p); // $ ast MISSING: ir
+    sink(p); // $ ast,ir
 }
 
 void test_make_unique_array() {
Original file line number	Diff line number	Diff line change
`@@ -54,22 +54,22 @@ void test1()`
`54`	`54`	`{`
`55`	`55`	`char buffer[256] = {0};`
`56`	`56`	`sink(snprintf(buffer, 256, "%s", string::source()));`
`57`		`- sink(buffer); // $ ast MISSING: ir`
	`57`	`+ sink(buffer); // $ ast,ir`
`58`	`58`	`}`
`59`	`59`	`{`
`60`	`60`	`char buffer[256] = {0};`
`61`	`61`	`sink(snprintf(buffer, 256, string::source(), "Hello."));`
`62`		`- sink(buffer); // $ ast MISSING: ir`
	`62`	`+ sink(buffer); // $ ast,ir`
`63`	`63`	`}`
`64`	`64`	`{`
`65`	`65`	`char buffer[256] = {0};`
`66`	`66`	`sink(snprintf(buffer, 256, "%s %s %s", "a", "b", string::source()));`
`67`		`- sink(buffer); // $ ast MISSING: ir`
	`67`	`+ sink(buffer); // $ ast,ir`
`68`	`68`	`}`
`69`	`69`	`{`
`70`	`70`	`char buffer[256] = {0};`
`71`	`71`	`sink(snprintf(buffer, 256, "%.*s", 10, string::source()));`
`72`		`- sink(buffer); // $ ast MISSING: ir`
	`72`	`+ sink(buffer); // $ ast,ir`
`73`	`73`	`}`
`74`	`74`
`75`	`75`	`{`
`@@ -80,39 +80,39 @@ void test1()`
`80`	`80`	`{`
`81`	`81`	`char buffer[256] = {0};`
`82`	`82`	`sink(snprintf(buffer, 256, "%i", source()));`
`83`		`- sink(buffer); // $ ast MISSING: ir`
	`83`	`+ sink(buffer); // $ ast,ir`
`84`	`84`	`}`
`85`	`85`	`{`
`86`	`86`	`char buffer[256] = {0};`
`87`	`87`	`sink(snprintf(buffer, 256, "%.*s", source(), "Hello."));`
`88`		`- sink(buffer); // $ ast MISSING: ir`
	`88`	`+ sink(buffer); // $ ast,ir`
`89`	`89`	`}`
`90`	`90`
`91`	`91`	`{`
`92`	`92`	`char buffer[256] = {0};`
`93`	`93`	`sink(snprintf(buffer, 256, "%p", string::source()));`
`94`		`- sink(buffer); // $ ast MISSING: ir // tainted (debatable)`
	`94`	`+ sink(buffer); // $ ast,ir // tainted (debatable)`
`95`	`95`	`}`
`96`	`96`
`97`	`97`	`{`
`98`	`98`	`char buffer[256] = {0};`
`99`	`99`	`sink(sprintf(buffer, "%s", string::source()));`
`100`		`- sink(buffer); // $ ast MISSING: ir`
	`100`	`+ sink(buffer); // $ ast,ir`
`101`	`101`	`}`
`102`	`102`	`{`
`103`	`103`	`char buffer[256] = {0};`
`104`	`104`	`sink(sprintf(buffer, "%ls", wstring::source()));`
`105`		`- sink(buffer); // $ ast MISSING: ir`
	`105`	`+ sink(buffer); // $ ast,ir`
`106`	`106`	`}`
`107`	`107`	`{`
`108`	`108`	`wchar_t wbuffer[256] = {0};`
`109`	`109`	`sink(swprintf(wbuffer, 256, L"%s", wstring::source()));`
`110`		`- sink(wbuffer); // $ ast MISSING: ir`
	`110`	`+ sink(wbuffer); // $ ast,ir`
`111`	`111`	`}`
`112`	`112`	`{`
`113`	`113`	`char buffer[256] = {0};`
`114`	`114`	`sink(mysprintf(buffer, 256, "%s", string::source()));`
`115`		`- sink(buffer); // $ ast MISSING: ir`
	`115`	`+ sink(buffer); // $ ast,ir`
`116`	`116`	`}`
`117`	`117`
`118`	`118`	`{`
`@@ -133,7 +133,7 @@ void test1()`
`133`	`133`	`{`
`134`	`134`	`char buffer[256] = {0};`
`135`	`135`	`sink(sscanf(string::source(), "%s", &buffer));`
`136`		`- sink(buffer); // $ ast MISSING: ir`
	`136`	`+ sink(buffer); // $ ast,ir`
`137`	`137`	`}`
`138`	`138`	`}`
`139`	`139`