Skip to content

Implement naming package, new IdentifierIntroduction.qll, unicode funcs.#950

Merged
MichaelRFairhurst merged 8 commits intomainfrom
michaelrfairhurst/implement-naming-package
Feb 6, 2026
Merged

Implement naming package, new IdentifierIntroduction.qll, unicode funcs.#950
MichaelRFairhurst merged 8 commits intomainfrom
michaelrfairhurst/implement-naming-package

Conversation

@MichaelRFairhurst
Copy link
Collaborator

@MichaelRFairhurst MichaelRFairhurst commented Aug 23, 2025
edited by mbaluda
Loading

Description

Implement naming package.

Change request type

  • Release or process automation (GitHub workflows, internal scripts)
  • Internal documentation
  • External documentation
  • Query files (.ql, .qll, .qls or unit tests)
  • External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

  • No rules added
  • Queries have been added for the following rules:
    • RULE 5-10-1
  • Queries have been modified for the following rules:
    • Rules that use macro arguments now treat variadic parameters better

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

  • The structure or layout of the release artifacts.
  • The evaluation performance (memory, execution time) of an existing query.
  • The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

  • Yes
  • No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

  • Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

  • Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

Reviewer

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

@MichaelRFairhurst
Copy link
Collaborator Author

MichaelRFairhurst commented Aug 23, 2025

Note that the unicode data came from advanced-security/codeql-qtil#13

I should definitely finish unicode support in qtil, publish, and then use that here. Likely, that should be done before merge, but not strictly necessary.

@MichaelRFairhurst
Copy link
Collaborator Author

MichaelRFairhurst commented Aug 24, 2025

Relevant qtil pull request: advanced-security/codeql-qtil#13

@mbaluda mbaluda requested review from mbaluda and removed request for lcartey December 11, 2025 19:02
Copilot AI review requested due to automatic review settings December 11, 2025 19:03
Copilot AI reviewed Dec 11, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR implements a comprehensive naming validation package for MISRA C++ RULE-5-10-1, which enforces proper identifier formation in C++ code. The implementation introduces a sophisticated identifier tracking system that validates identifiers against multiple constraints including Unicode normalization, reserved names, namespace restrictions, and macro naming conventions.

Key changes:

  • Introduces the IdentifierIntroduction abstraction that systematically captures all identifier declarations across various C++ constructs (variables, functions, types, macros, namespaces, templates, etc.)
  • Implements Unicode support with UAX#44 compliance checking and NFC normalization validation using extensible predicates with external YAML data
  • Adds MISRA C++ RULE-5-10-1 query to detect poorly formed identifiers including underscore violations, lowercase in macros, reserved names, and reserved namespace usage

Reviewed changes

Copilot reviewed 17 out of 18 changed files in this pull request and generated 11 comments.

Show a summary per file
File Description
cpp/common/src/codingstandards/cpp/Identifiers.qll Introduces comprehensive IdentifierIntroduction class hierarchy that systematically tracks all identifier declarations across various C++ constructs
cpp/common/src/codingstandards/cpp/Unicode.qll Implements Unicode property checking (NFC_QC, XID_Start, XID_Continue) and unicode escape sequence handling for identifier validation
cpp/common/src/codingstandards/cpp/Macro.qll Fixes variadic macro parameter extraction to properly exclude ellipsis and empty parameter names
cpp/misra/src/rules/RULE-5-10-1/PoorlyFormedIdentifier.ql Implements the main query that validates identifiers against MISRA C++ RULE-5-10-1 constraints
cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming2.qll Autogenerated metadata for Naming2 package query registration
cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll Registers Naming2 package in the rule metadata system
rule_packages/cpp/Naming2.json Defines query metadata for RULE-5-10-1 including severity, precision, and tags
cpp/misra/test/rules/RULE-5-10-1/test.cpp Comprehensive test file with 189 lines covering Unicode, normalization, underscores, macros, namespaces, and reserved names
cpp/misra/test/rules/RULE-5-10-1/PoorlyFormedIdentifier.expected Expected query results showing 48 violations across various identifier validation rules
cpp/misra/test/rules/RULE-5-10-1/PoorlyFormedIdentifier.qlref Query reference file for test execution
cpp/common/test/library/codingstandards/cpp/identifiers/* Library test suite with 666 lines testing identifier extraction across all C++ constructs
cpp/common/test/includes/standard-library/utility.h Adds pair and tuple support for structured binding tests
cpp/common/src/qlpack.yml Registers unicode.yml data extension
change_notes/2025-08-22-function-like-macro-param-name-bug-fixes.md Documents bug fixes in function-like macro parameter handling

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

mbaluda
mbaluda requested changes Jan 15, 2026
View reviewed changes
Copy link
Collaborator

@mbaluda mbaluda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One regex fix and a couple of inconsistent test annotations... looks great otherwise!

@MichaelRFairhurst MichaelRFairhurst added this pull request to the merge queue Feb 6, 2026
Merged via the queue into main with commit 4fea942 Feb 6, 2026
27 checks passed
@MichaelRFairhurst MichaelRFairhurst deleted the michaelrfairhurst/implement-naming-package branch February 6, 2026 19:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mbaluda mbaluda mbaluda approved these changes

@jeongsoolee09 jeongsoolee09 Awaiting requested review from jeongsoolee09

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MichaelRFairhurst @mbaluda