From 9b69e12ddc125371f59230ac6056ec79d4f35f52 Mon Sep 17 00:00:00 2001
From: Luke Cartey <5377966+lcartey@users.noreply.github.com>
Date: Mon, 3 Jul 2023 12:12:55 +0100
Subject: [PATCH 1/5] Remove LGTM references and update query pack name

Remove the LGTM reference from the manual, and correct the query pack name and supported versions list name.
---
 docs/user_manual.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/user_manual.md b/docs/user_manual.md
index f59ecc6287..5bb615abfb 100644
--- a/docs/user_manual.md
+++ b/docs/user_manual.md
@@ -20,16 +20,17 @@
 | 0.12.0  | 2022-10-21 | Luke Cartey     | Updated version to 2.10.0                                                                                               |
 | 0.13.0  | 2022-11-03 | Remco Vermeulen | Add missing deviation analysis report tables to section 'Producing an analysis report'.                                 |
 | 0.14.0  | 2022-11-03 | Remco Vermeulen | Add guideline recategorization plan.                                                                                    |
-| 0.15.0  | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions.                                                                                    |
+| 0.15.0  | 2023-05-24 | Mauro Baluda    | Clarify AUTOSAR C++ supported versions.                                                                                 |
+| 0.16.0  | 2023-07-03 | Luke Cartey     | Remove reference to LGTM, update the name of the query pack                                                             |
 
 ## Release information
 
 This user manual documents release `2.19.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards).
 The release page documents the release notes and contains the following artifacts part of the release:
 
-- `code-scanning-cpp-query-pack-anon-2.19.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_.
+- `code-scanning-cpp-query-pack-2.19.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_.
 - `supported_rules_list_2.19.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule.
-- `upported_rules_list_2.18.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule.
+- `supported_rules_list_2.19.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule.
 - `user_manual_2.19.0-dev.md`: This user manual.
 - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards
 - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards
@@ -426,13 +427,12 @@ and the schema files:
 
 The schema files **must** be available in the same directory as the `recategorize.py` file or in any ancestor directory.
 
-### GitHub Advanced Security and LGTM
+### GitHub Advanced Security
 
 The only use cases that will be certified under ISO 26262 are those listed above. CodeQL Coding Standards is also compatible with, but not certified for, the following use cases:
 
  - Creating databases and running the CodeQL Coding Standards queries with the [CodeQL Action](https://github.com/github/codeql-action) (for GitHub Actions CI/CD system).
  - Uploading the SARIF results files for a CodeQL Coding Standards analysis to the GitHub [Code Scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning) feature.
- - Deployment of the default CodeQL Coding Standards queries as a custom query pack for [LGTM](https://semmle.com/lgtm).
 
 ### Hazard and risk analysis
 

From c0efa2e8b9d603b5bdd1ce9979a25263710f5fcf Mon Sep 17 00:00:00 2001
From: Luke Cartey <lcartey@github.com>
Date: Mon, 14 Aug 2023 11:47:46 +0100
Subject: [PATCH 2/5] Update ISO 26262 breadth of use statement

LGTM.com is no longer used for testing of CodeQL releases.
---
 docs/iso_26262_tool_qualification.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/docs/iso_26262_tool_qualification.md b/docs/iso_26262_tool_qualification.md
index 9240ecefc9..22de2f5a21 100644
--- a/docs/iso_26262_tool_qualification.md
+++ b/docs/iso_26262_tool_qualification.md
@@ -11,6 +11,7 @@
 | 0.3.0   | 2021-09-08 | Luke Cartey     | Update the customer table.                                                               |
 | 0.4.0   | 2021-09-19 | Luke Cartey     | Add more detail on approach to V&V. Update section around increased confidence from use. |
 | 0.5.0   | 2021-11-29 | Remco Vermeulen | Add document management section.                                                         |
+| 0.6.0   | 2023-08-14 | Luke Cartey     | Update use and testing statement after LGTM.com deprecation. |
 
 ## Introduction
 
@@ -100,9 +101,9 @@ The CodeQL CLI and CodeQL Standard Library for C++ are extensively used by both
 
 The versions of the CodeQL CLI and CodeQL Standard Library for C++ are identical to those shipped to both customers and open source users, and the use cases are comparable.
 
-In terms of breadth of use, between the 4th September 2021 and 7th September 2021 11,788 open source C/C++ repositories were successfully analyzed on [LGTM.com](https://lgtm.com), a platform provided by GitHub for performing analysis of open source repositories[^1] using CodeQL. Each version of the CodeQL CLI and CodeQL Standard Library for C++ version will undergo similarly broad testing on LGTM.com before being adopted by the CodeQL Coding Standards.
+In terms of breadth of use, between the 4th September 2021 and 7th September 2021 11,788 open source C/C++ repositories were successfully analyzed on [LGTM.com](https://lgtm.com), a platform provided by GitHub for performing analysis of open source repositories[^1] using CodeQL. In addition, at that time we also analyzed a further 748 C++ repos using CodeQL via the "Code Scanning" feature included in GitHub.com. This includes both private closed source and open source software.
 
-In addition to testing on LGTM.com, we have also analyzed a further 748 C++ repos using CodeQL via the "Code Scanning" feature included in GitHub.com. This includes both private closed source and open source software.
+Each version of the CodeQL CLI and CodeQL Standard Library for C++ version will undergo similarly broad testing on GitHub.com before being adopted by the CodeQL Coding Standards.
 
 In addition, the following companies have publicly described their use of CodeQL for C++:
 

From c0dca29062afe3da015ae9499dcea4e4f37b0742 Mon Sep 17 00:00:00 2001
From: Luke Cartey <lcartey@github.com>
Date: Mon, 14 Aug 2023 11:52:57 +0100
Subject: [PATCH 3/5] Dev Handbook: remove LGTM references.

---
 docs/development_handbook.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/docs/development_handbook.md b/docs/development_handbook.md
index 897ab59d3b..8aeb1ee5e5 100644
--- a/docs/development_handbook.md
+++ b/docs/development_handbook.md
@@ -34,6 +34,7 @@
 | 0.25.0  | 2022-07-22 | Jeroen Ketema    | Document the existence and purpose of the `next` branch.                                                                                                                                                                                                                                  |
 | 0.26.0  | 2022-08-10 | Remco Vermeulen  | Address incorrect package file generation command. This was missing the required language argument.                                                                                                                                                                                       |
 | 0.27.0  | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project.                                                                                                                                                                                       |
+| 0.28.0  | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product.  |
 
 ## Scope of work
 
@@ -475,7 +476,7 @@ For the purpose of this repository, and any tool qualification, we consider thes
 To (a) clearly specify the supported versions of these external dependencies and to (b) enable automation around them, the repository contains a `supported_codeql_configs.json` which lists the sets of supported configurations. There are four fields:
 
  * `codeql_cli` - this is the plain version number of the supported CodeQL CLI, e.g. `2.6.3`.
- * `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. For an enterprise release compatible with LGTM an `lgtm/v<version-number>` should be chosen. For CodeQL CLI releases which are not tied to an enterprise release we would typically use `codeql-cli/v<version-number>`, although any tag which is compatible is allowed.
+ * `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. This would typically use the `codeql-cli/v<version-number>` tag for the release, although any tag which is compatible is allowed.
  * `codeql_cli_bundle` - (optional) - if present, describes the CodeQL CLI bundle version that is compatible. The bundle should include precisely the CodeQL CLI version and CodeQL Standard Library versions specified in the two mandatory fields.
  * `ghes` - (optional) - if present describes the GitHub Enterprise Server release whose integrated copy of the CodeQL Action points to the CodeQL CLI bundle specified in the `codeql_cli_bundle` field.
 
@@ -497,8 +498,8 @@ To upgrade the CodeQL external dependencies:
   - GHES <ghes>
   - CodeQL CLI Bundle <date_of_bundle>
 
-  <EITHER:This should match the versions of CodeQL deployed with LGTM <version> and GitHub Enterprise Server <ghes>>
-  <OR: This does not match any released version of LGTM or GitHub Enterprise Server.>
+  <EITHER:This should match the versions of CodeQL deployed with GitHub Enterprise Server <ghes>>
+  <OR: This does not match any released version of GitHub Enterprise Server.>
 
   ## CodeQL dependency upgrade checklist:
 
@@ -548,10 +549,9 @@ Ensure that the same release branch is created in the [codeql-coding-standards-h
 
 There is an automated CI/CD job ([Code Scanning Query Pack Generation](../.github/workflows/code-scanning-pack-gen.yml)) provided that generates the following release artifacts for Coding Standards:
 
- - LGTM query pack - generates a query pack that can be deployed to LGTM.
- - Code Scanning query pack - generates a zipped folder that can be used with the CodeQL CLI directly, or with GitHub Advanced Security.
+  - Code Scanning query pack - generates a zipped folder that can be used with the CodeQL CLI directly, or with GitHub Advanced Security.
 
-**Use of LGTM and GitHub Advanced Security is not in scope for ISO 26262 tool qualification. See [user_manual.md#github-advanced-security-and-lgtm](user_manual.md#github-advanced-security-and-lgtm) for more information**.
+**Use of Code Scanning within GitHub Advanced Security is not in scope for ISO 26262 tool qualification. See [user_manual.md#github-advanced-security](user_manual.md#github-advanced-security) for more information**.
 
 These run on every push to `main` and `rc/*`, and on every pull request, and are releasable without modification, assuming all other status checks succeed on the same commit.
 

From b10804772b20f5d062a9e9a65d8bf7e6498bc54b Mon Sep 17 00:00:00 2001
From: Luke Cartey <lcartey@github.com>
Date: Mon, 14 Aug 2023 11:54:19 +0100
Subject: [PATCH 4/5] Update code comment link to CodeQL help

---
 cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll b/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll
index f684b5d954..d83e33147c 100644
--- a/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll
+++ b/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll
@@ -43,7 +43,7 @@ class PreprocessorBlock extends @element {
    * The location spans column `startcolumn` of line `startline` to
    * column `endcolumn` of line `endline` in file `filepath`.
    * For more information, see
-   * [LGTM locations](https://lgtm.com/help/ql/locations).
+   * [CodeQL locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
    */
   predicate hasLocationInfo(
     string filepath, int startline, int startcolumn, int endline, int endcolumn

From 1ba15c3ca75a8ca4501b6b5f4de83c6f4bfaa4ff Mon Sep 17 00:00:00 2001
From: Luke Cartey <lcartey@github.com>
Date: Mon, 14 Aug 2023 11:55:36 +0100
Subject: [PATCH 5/5] Fix bump script to work with non-anon artefact

---
 scripts/bump_version.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh
index 5c4209ac99..27a15b8ab8 100644
--- a/scripts/bump_version.sh
+++ b/scripts/bump_version.sh
@@ -14,7 +14,7 @@ find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | x
 
 # update the documentation. 
 
-find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-anon-.*\.zip\`/code-scanning-cpp-query-pack-anon-${1}.zip\`/"
+find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/"
 find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/"
 find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/upported_rules_list_${1}.md\`/"
 find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/"