codyze
codyze copied to clipboard
Published
20 hours ago •
Fraunhofer-AISEC
Fraunhofer-AISEC
Update CPG packages to v5 (major)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| de.fraunhofer.aisec:cpg-analysis | 4.6.3 -> 5.0.0 |
||||
| de.fraunhofer.aisec:cpg-core | 4.6.3 -> 5.0.0 |
⚠ Dependency Lookup Warnings ⚠
Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.
Release Notes
Fraunhofer-AISEC/cpg
v5.0.0
What's Changed
- Performance tests and improvements: LLVM and Type updates by @KuechA in https://github.com/Fraunhofer-AISEC/cpg/pull/775
- Bump @types/node from 17.0.8 to 18.0.0 in /cpg-core/src/main/nodejs by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/836
- Bump kotlinx-coroutines-core from 1.6.2 to 1.6.3 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/838
- Added support for
-archclang command in compilation database by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/834 - Futher cleanup of CXXLanguageFrontend by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/831
- Code Cleanup by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/837
- Bump org.eclipse.core.runtime from 3.24.100 to 3.25.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/833
- Bump com.github.node-gradle.node from 3.3.0 to 3.4.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/840
- Bump ki-shell from 0.4.5 to 0.5.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/842
- Moving from master to main by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/843
- Excluding alpha builds from Maven Central by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/844
- Converting first set of graph nodes to Kotlin by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/845
- Extracting typescript into separate module by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/846
- Bump log4j-slf4j18-impl from 2.17.2 to 2.18.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/848
- Bump ki-shell from 0.5.1 to 0.5.2 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/850
- Bump neo4j-ogm-core from 3.2.35 to 3.2.36 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/851
- Bump jvm from 1.7.0 to 1.7.10 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/849
- Bump com.diffplug.spotless from 6.7.2 to 6.8.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/847
- Bump kotlinx-coroutines-core from 1.6.3 to 1.6.4 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/852
- Removing
thisfield and moving all languages into thereceiverlogic by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/835 - Bump terser from 5.7.1 to 5.14.2 in /cpg-language-typescript/src/main/nodejs by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/854
- Using dokka instead of javadoc by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/853
- Bump webpack from 5.73.0 to 5.74.0 in /cpg-language-typescript/src/main/nodejs by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/856
- Bump junit-jupiter-engine from 5.8.2 to 5.9.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/857
- Bump junit-jupiter-params from 5.8.2 to 5.9.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/859
- Order Evaluation: Check for function calls which may affect the results. by @KuechA in https://github.com/Fraunhofer-AISEC/cpg/pull/839
- Bump @types/node from 18.0.0 to 18.6.2 in /cpg-language-typescript/src/main/nodejs by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/860
- Bump com.diffplug.spotless from 6.8.0 to 6.9.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/867
- Bump junit-jupiter-api from 5.8.2 to 5.9.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/858
- Bump javaparser-symbol-solver-core from 3.24.2 to 3.24.4 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/863
- Update tutorial.md by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/868
- Bump @types/node from 18.6.2 to 18.7.1 in /cpg-language-typescript/src/main/nodejs by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/870
- Bump mockito-core from 4.6.1 to 4.7.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/874
- Specify neo4j username and password as optional in console export by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/873
- Add InferenceConfiguration to cpg-neo4j to create inferred nodes by @peckto in https://github.com/Fraunhofer-AISEC/cpg/pull/879
- First attempt to implement bug reasoning logic for Query API by @KuechA in https://github.com/Fraunhofer-AISEC/cpg/pull/765
- Fixed benchmark printing by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/877
- Bump slf4j-api from 1.7.36 to 2.0.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/882
- Bump jul-to-slf4j from 1.7.36 to 2.0.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/883
- Improve test coverage, fix Sonarcloud issues by @KuechA in https://github.com/Fraunhofer-AISEC/cpg/pull/881
- Bump com.diffplug.spotless from 6.9.1 to 6.10.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/885
- Bump typescript from 4.7.2 to 4.8.2 in /cpg-language-typescript/src/main/nodejs by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/886
- Adding additional tests to improve coverage by @KuechA in https://github.com/Fraunhofer-AISEC/cpg/pull/884
- Upgrading go-jni library to newer version by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/887
- Fixed package of
ValueEvaluatorby @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/888 - Various improvements to the Go language frontend by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/893
- Implementing
nilas a literal in the Go language frontend by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/897 - Implement ordering for passes by @maximiliankaul in https://github.com/Fraunhofer-AISEC/cpg/pull/869
- Compilation Database for cpg-console by @maximiliankaul in https://github.com/Fraunhofer-AISEC/cpg/pull/896
- Bump neo4j-ogm-core from 3.2.36 to 3.2.37 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/898
- Bump jackson-module-kotlin from 2.13.3 to 2.13.4 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/901
- Bump mockito-core from 4.7.0 to 4.8.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/903
- Introduction of new query extensions for
Nodeby @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/900 - Bump org.eclipse.core.runtime from 3.25.0 to 3.26.0 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/906
- Rename
cpgsubmodule tocpg-allby @maximilian-galanis in https://github.com/Fraunhofer-AISEC/cpg/pull/907 - Bump slf4j-api from 2.0.0 to 2.0.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/909
- Bump jul-to-slf4j from 2.0.0 to 2.0.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/910
- Moving openCypher implementation to
cpg-contribby @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/911 - Introducing
FunctionTypeas type forFunctionDeclarationby @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/899 - Bump slf4j-api from 2.0.0 to 2.0.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/913
- Bump jul-to-slf4j from 2.0.0 to 2.0.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/912
- Extracting function pointer resolver out of
CallResolverby @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/914 - Starting to extract creation of DFG nodes into separate pass by @KuechA in https://github.com/Fraunhofer-AISEC/cpg/pull/905
- Bump scala-library from 2.12.15 to 2.13.9 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/917
- Bump junit-jupiter-api from 5.9.0 to 5.9.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/918
- Bump junit-jupiter-engine from 5.9.0 to 5.9.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/919
- Bump junit-jupiter-params from 5.9.0 to 5.9.1 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/920
- Bump slf4j-api from 2.0.1 to 2.0.2 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/922
- Bump jul-to-slf4j from 2.0.1 to 2.0.2 by @dependabot in https://github.com/Fraunhofer-AISEC/cpg/pull/921
- Introduction of
calleeinCallExpressionby @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/915 - don't use broken isAnnotationPresent() check by @maximiliankaul in https://github.com/Fraunhofer-AISEC/cpg/pull/924
- Fixed javadoc jar generation with dokka by @oxisto in https://github.com/Fraunhofer-AISEC/cpg/pull/926
New Contributors
- @maximilian-galanis made their first contribution in https://github.com/Fraunhofer-AISEC/cpg/pull/907
Full Changelog: https://github.com/Fraunhofer-AISEC/cpg/compare/v4.6.0...v5.0.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
- [ ] If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by Mend Renovate. View repository job log here.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
@maximilian-galanis should/can we update to CPG v5?
Once you fix all the compile errors ;)
Edited/Blocked Notification
Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above.
⚠ Warning: custom changes will be lost.
Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
No Duplication information
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
Autoclosing Skipped
This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.