Merge pull request #9052 from github/post-release-prep/codeql-cli-2.9.1

Post-release preparation for codeql-cli-2.9.1
2026-05-03 04:39:29 +02:00 · 2022-05-06 13:15:17 +01:00
parent ca2959cf37 1a25457178
commit 176e40f139
71 changed files with 182 additions and 100 deletions
--- a/ruby/ql/lib/CHANGELOG.md
+++ b/ruby/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.2.0
+
+### Breaking Changes
+
+* The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTracking::Configuration` has changed from `allowImplicitRead(DataFlow::Node node, DataFlow::Content c)` to `allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c)`.
+
 ## 0.1.0

 ### Breaking Changes
@@ -11,8 +17,8 @@

 ### Minor Analysis Improvements

-*  Whereas `ConstantValue::getString()` previously returned both string and regular-expression values, it now returns only string values. The same applies to `ConstantValue::isString(value)`.
-*  Regular-expression values can now be accessed with the new predicates `ConstantValue::getRegExp()`, `ConstantValue::isRegExp(value)`, and `ConstantValue::isRegExpWithFlags(value, flags)`.
+* Whereas `ConstantValue::getString()` previously returned both string and regular-expression values, it now returns only string values. The same applies to `ConstantValue::isString(value)`.
+* Regular-expression values can now be accessed with the new predicates `ConstantValue::getRegExp()`, `ConstantValue::isRegExp(value)`, and `ConstantValue::isRegExpWithFlags(value, flags)`.
 * The `ParseRegExp` and `RegExpTreeView` modules are now "internal" modules. Users should use `codeql.ruby.Regexp` instead.

 ## 0.0.13
--- a/ruby/ql/lib/change-notes/2022-04-25-allow-implicit-read-signature.md
+++ b/ruby/ql/lib/change-notes/2022-04-25-allow-implicit-read-signature.md
@@ -1,4 +0,0 @@
---
-category: breaking
---
-The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTracking::Configuration` has changed from `allowImplicitRead(DataFlow::Node node, DataFlow::Content c)` to `allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c)`.
--- a/ruby/ql/lib/change-notes/released/0.2.0.md
+++ b/ruby/ql/lib/change-notes/released/0.2.0.md
@@ -0,0 +1,5 @@
+## 0.2.0
+
+### Breaking Changes
+
+* The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTracking::Configuration` has changed from `allowImplicitRead(DataFlow::Node node, DataFlow::Content c)` to `allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c)`.
--- a/ruby/ql/lib/codeql-pack.release.yml
+++ b/ruby/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.0
+lastReleaseVersion: 0.2.0
--- a/ruby/ql/lib/qlpack.yml
+++ b/ruby/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.1.1-dev
+version: 0.2.1-dev
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme
--- a/ruby/ql/src/CHANGELOG.md
+++ b/ruby/ql/src/CHANGELOG.md
@@ -1,3 +1,11 @@
+## 0.1.1
+
+### New Queries
+
+* Added a new query, `rb/insecure-download`. The query finds cases where executables and other sensitive files are downloaded over an insecure connection, which may allow for man-in-the-middle attacks.
+* Added a new query, `rb/regex/missing-regexp-anchor`, which finds regular expressions which are improperly anchored. Validations using such expressions are at risk of being bypassed.
+* Added a new query, `rb/incomplete-sanitization`. The query finds string transformations that do not replace or escape all occurrences of a meta-character.
+
 ## 0.1.0

 ### New Queries
--- a/ruby/ql/src/change-notes/2022-04-13-incomplete-sanitization.md
+++ b/ruby/ql/src/change-notes/2022-04-13-incomplete-sanitization.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query, `rb/incomplete-sanitization`. The query finds string transformations that do not replace or escape all occurrences of a meta-character.
--- a/ruby/ql/src/change-notes/2022-04-14-rb-insecure-download.md
+++ b/ruby/ql/src/change-notes/2022-04-14-rb-insecure-download.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query, `rb/insecure-download`. The query finds cases where executables and other sensitive files are downloaded over an insecure connection, which may allow for man-in-the-middle attacks.
--- a/ruby/ql/src/change-notes/2022-04-14-rb-missing-regexp-anchor.md
+++ b/ruby/ql/src/change-notes/2022-04-14-rb-missing-regexp-anchor.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query, `rb/regex/missing-regexp-anchor`, which finds regular expressions which are improperly anchored. Validations using such expressions are at risk of being bypassed.
--- a/ruby/ql/src/change-notes/released/0.1.1.md
+++ b/ruby/ql/src/change-notes/released/0.1.1.md
@@ -0,0 +1,7 @@
+## 0.1.1
+
+### New Queries
+
+* Added a new query, `rb/insecure-download`. The query finds cases where executables and other sensitive files are downloaded over an insecure connection, which may allow for man-in-the-middle attacks.
+* Added a new query, `rb/regex/missing-regexp-anchor`, which finds regular expressions which are improperly anchored. Validations using such expressions are at risk of being bypassed.
+* Added a new query, `rb/incomplete-sanitization`. The query finds string transformations that do not replace or escape all occurrences of a meta-character.
--- a/ruby/ql/src/codeql-pack.release.yml
+++ b/ruby/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.0
+lastReleaseVersion: 0.1.1
--- a/ruby/ql/src/qlpack.yml
+++ b/ruby/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.1.1-dev
+version: 0.1.2-dev
 groups: 
  - ruby
  - queries