Merge branch 'main' into gradio-model

docs/codeql/reusables/supported-platforms.rst

@@ -20,7 +20,11 @@
 
    macOS 12 Monterey
 
-   macOS 13 Ventura","x86-64
+   macOS 13 Ventura
+
+   macOS 14 Sonoma","x86-64
+
+   x86-64, arm64 (Apple Silicon)
 
    x86-64, arm64 (Apple Silicon)
 

docs/codeql/reusables/supported-versions-compilers.rst

@@ -4,11 +4,11 @@
    :stub-columns: 1
 
    Language,Variants,Compilers,Extensions
-   C/C++,"C89, C99, C11, C17, C++98, C++03, C++11, C++14, C++17, C++20 [1]_ [2]_","Clang (including clang-cl [3]_ and armclang) extensions (up to Clang 12.0),
+   C/C++,"C89, C99, C11, C17, C++98, C++03, C++11, C++14, C++17, C++20 [1]_ [2]_","Clang (including clang-cl [3]_ and armclang) extensions (up to Clang 17.0),
 
-   GNU extensions (up to GCC 11.1),
+   GNU extensions (up to GCC 13.2),
 
-   Microsoft extensions (up to VS 2019),
+   Microsoft extensions (up to VS 2022),
 
    Arm Compiler 5 [4]_","``.cpp``, ``.c++``, ``.cxx``, ``.hpp``, ``.hh``, ``.h++``, ``.hxx``, ``.c``, ``.cc``, ``.h``"
    C#,C# up to 12,"Microsoft Visual Studio up to 2019 with .NET up to 4.8,
@@ -24,12 +24,12 @@
    JavaScript,ECMAScript 2022 or lower,Not applicable,"``.js``, ``.jsx``, ``.mjs``, ``.es``, ``.es6``, ``.htm``, ``.html``, ``.xhtm``, ``.xhtml``, ``.vue``, ``.hbs``, ``.ejs``, ``.njk``, ``.json``, ``.yaml``, ``.yml``, ``.raml``, ``.xml`` [8]_"
    Python [9]_,"2.7, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, 3.11, 3.12",Not applicable,``.py``
    Ruby [10]_,"up to 3.3",Not applicable,"``.rb``, ``.erb``, ``.gemspec``, ``Gemfile``"
-   Swift [11]_,"Swift 5.4-5.9.1","Swift compiler","``.swift``"
+   Swift [11]_,"Swift 5.4-5.10","Swift compiler","``.swift``"
    TypeScript [12]_,"2.6-5.4",Standard TypeScript compiler,"``.ts``, ``.tsx``, ``.mts``, ``.cts``"
 
 .. container:: footnote-group
 
-    .. [1] C++20 support is currently in beta. Supported for GCC on Linux only. Modules are *not* supported.
+    .. [1] C++20 support is currently in beta. Modules are *not* supported.
     .. [2] Objective-C, Objective-C++, C++/CLI, and C++/CX are not supported.
     .. [3] Support for the clang-cl compiler is preliminary.
     .. [4] Support for the Arm Compiler (armcc) is preliminary.
@@ -39,5 +39,5 @@
     .. [8] JSX and Flow code, YAML, JSON, HTML, and XML files may also be analyzed with JavaScript files.
     .. [9] The extractor requires Python 3 to run. To analyze Python 2.7 you should install both versions of Python.
     .. [10] Requires glibc 2.17.
-    .. [11] Swift support is currently in beta. Support for the analysis of Swift 5.4-5.8.1 requires macOS or Linux.
+    .. [11] Swift support is currently in beta. Support for the analysis of Swift requires macOS or Linux.
     .. [12] TypeScript analysis is performed by running the JavaScript extractor with TypeScript enabled. This is the default.

docs/codeql/reusables/threat-model-description.rst

@@ -0,0 +1,10 @@
+.. include:: ../reusables/beta-note-threat-models.rst
+
+A threat model is a named class of dataflow sources that can be enabled or disabled independently. Threat models allow you to control the set of dataflow sources that you want to consider unsafe. For example, one codebase may only consider remote HTTP requests to be tainted, whereas another may also consider data from local files to be unsafe. You can use threat models to ensure that the relevant taint sources are used in a CodeQL analysis.
+
+The ``kind`` property of the ``sourceModel`` determines which threat model a source is associated with. There are two main categories:
+
+- ``remote`` which represents requests and responses from the network.
+- ``local`` which represents data from local files (``file``), command-line arguments (``commandargs``), database reads (``database``), and environment variables(``environment``).
+
+When running a CodeQL analysis, the ``remote`` threat model is included by default. You can optionally include other threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see `Analyzing your code with CodeQL queries <https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>`__ and `Customizing your advanced setup for code scanning <https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models>`__.

docs/codeql/reusables/vs-code-basic-instructions/note-store-quick-query.rst

@@ -2,4 +2,4 @@
 
    Note
 
-   If you want to move your experimental query somewhere more permanent, you need to move the whole ``Quick Queries`` directory. The directory is a CodeQL pack with a ``qlpack.yml`` file that defines the content as queries for |language-text| CodeQL databases. For more information about CodeQL packs, see ":ref:`Working with CodeQL packs in Visual Studio Code <working-with-codeql-packs-in-visual-studio-code>`."
+   If you want to move your experimental query somewhere more permanent, you need to move the whole ``Quick Queries`` directory. The directory is a CodeQL pack with a ``qlpack.yml`` file that defines the content as queries for |language-text| CodeQL databases. For more information about CodeQL packs, see "`Managing CodeQL query packs and library packs <https://docs.github.com/en/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/managing-codeql-packs/>`__."

docs/codeql/reusables/vs-code-basic-instructions/setup-to-run-queries.rst

@@ -1 +1 @@
-For information about installing the CodeQL extension for Visual Studio code, see ":ref:`Setting up CodeQL in Visual Studio Code <setting-up-codeql-in-visual-studio-code>`."
+For information about installing the CodeQL extension for Visual Studio code, see "`Installing CodeQL for Visual Studio Code <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/installing-codeql-for-vs-code/>`__."

docs/codeql/reusables/vs-code-deprecation-note.rst

@@ -0,0 +1,5 @@
+.. pull-quote::
+
+    Note
+
+    This documentation `was migrated <https://github.blog/changelog/2024-04-18-codeql-for-visual-studio-code-documentation-is-now-on-docs-github-com/>`__ to ``docs.github.com/en/code-security/codeql-for-vs-code`` on 2024/05/08, and this version is no longer maintained.