Release preparation for version 2.24.1

2026-02-11 20:51:06 +01:00 · 2026-02-02 12:09:09 +00:00
parent 4a04f7b66f
commit 0db542e9f0
186 changed files with 477 additions and 187 deletions
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,21 @@
+## 7.1.0
+
+### New Features
+
+* Added a subclass `Embed` of `PreprocessorDirective` for C23 and C++26 `#embed` preprocessor directives.
+* Added modules `DataFlow::ParameterizedBarrierGuard` and `DataFlow::ParameterizedInstructionBarrierGuard`. These modules provide the same features as `DataFlow::BarrierGuard` and `DataFlow::InstructionBarrierGuard`, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.
+
+### Minor Analysis Improvements
+
+* The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases.
+* Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions.
+* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
+
+### Bug Fixes
+
+* Fixed a bug in the `GuardCondition` library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using `GuardCondition` may see improved results.
+* Fixed a bug which caused `Node.asDefinition()` to not have a result for certain assignments.
+
 ## 7.0.0

 ### Breaking Changes
--- a/cpp/ql/lib/change-notes/2026-01-16-summarized-callable.md
+++ b/cpp/ql/lib/change-notes/2026-01-16-summarized-callable.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
--- a/cpp/ql/lib/change-notes/2026-01-19-embed.md
+++ b/cpp/ql/lib/change-notes/2026-01-19-embed.md
@@ -1,4 +0,0 @@
---
-category: feature
---
-* Added a subclass `Embed` of `PreprocessorDirective` for C23 and C++26 `#embed` preprocessor directives.
--- a/cpp/ql/lib/change-notes/2026-01-19-parameterized-barrier-guard.md
+++ b/cpp/ql/lib/change-notes/2026-01-19-parameterized-barrier-guard.md
@@ -1,4 +0,0 @@
---
-category: feature
---
-* Added modules `DataFlow::ParameterizedBarrierGuard` and `DataFlow::ParameterizedInstructionBarrierGuard`. These modules provide the same features as `DataFlow::BarrierGuard` and `DataFlow::InstructionBarrierGuard`, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.
--- a/cpp/ql/lib/change-notes/2026-01-23-as-definition.md
+++ b/cpp/ql/lib/change-notes/2026-01-23-as-definition.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* Fixed a bug which caused `Node.asDefinition()` to not have a result for certain assignments.
--- a/cpp/ql/lib/change-notes/2026-01-23-mysql.md
+++ b/cpp/ql/lib/change-notes/2026-01-23-mysql.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions.
--- a/cpp/ql/lib/change-notes/2026-01-26-buffer-overflow-fps.md
+++ b/cpp/ql/lib/change-notes/2026-01-26-buffer-overflow-fps.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases.
--- a/cpp/ql/lib/change-notes/2026-01-30-guard-condition-logical-operators.md
+++ b/cpp/ql/lib/change-notes/2026-01-30-guard-condition-logical-operators.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* Fixed a bug in the `GuardCondition` library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using `GuardCondition` may see improved results.
--- a/cpp/ql/lib/change-notes/released/7.1.0.md
+++ b/cpp/ql/lib/change-notes/released/7.1.0.md
@@ -0,0 +1,17 @@
+## 7.1.0
+
+### New Features
+
+* Added a subclass `Embed` of `PreprocessorDirective` for C23 and C++26 `#embed` preprocessor directives.
+* Added modules `DataFlow::ParameterizedBarrierGuard` and `DataFlow::ParameterizedInstructionBarrierGuard`. These modules provide the same features as `DataFlow::BarrierGuard` and `DataFlow::InstructionBarrierGuard`, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.
+
+### Minor Analysis Improvements
+
+* The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases.
+* Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions.
+* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
+
+### Bug Fixes
+
+* Fixed a bug in the `GuardCondition` library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using `GuardCondition` may see improved results.
+* Fixed a bug which caused `Node.asDefinition()` to not have a result for certain assignments.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.0.0
+lastReleaseVersion: 7.1.0
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 7.0.1-dev
+version: 7.1.0
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.5.10
+
+No user-facing changes.
+
 ## 1.5.9

 ### Minor Analysis Improvements
--- a/cpp/ql/src/change-notes/released/1.5.10.md
+++ b/cpp/ql/src/change-notes/released/1.5.10.md
@@ -0,0 +1,3 @@
+## 1.5.10
+
+No user-facing changes.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.9
+lastReleaseVersion: 1.5.10
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.5.10-dev
+version: 1.5.10
 groups:
  - cpp
  - queries