diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index b61316a853d..6c65ce3e9ec 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/cpp/ql/lib/change-notes/released/0.0.6.md b/cpp/ql/lib/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index aea7c0c875f..40a264716b4 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.0.6-dev +version: 0.0.6 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index f56b07d8086..53aa8f1fec4 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ### New Queries diff --git a/cpp/ql/src/change-notes/released/0.0.6.md b/cpp/ql/src/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index ad680689af7..8b3c78fbce5 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.0.6-dev +version: 0.0.6 groups: cpp dependencies: codeql/cpp-all: "*" diff --git a/cpp/upgrades/CHANGELOG.md b/cpp/upgrades/CHANGELOG.md index 05dbc9d5f4e..faf83f2f2c2 100644 --- a/cpp/upgrades/CHANGELOG.md +++ b/cpp/upgrades/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/cpp/upgrades/change-notes/released/0.0.6.md b/cpp/upgrades/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/cpp/upgrades/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/cpp/upgrades/codeql-pack.release.yml b/cpp/upgrades/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/cpp/upgrades/codeql-pack.release.yml +++ b/cpp/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/cpp/upgrades/qlpack.yml b/cpp/upgrades/qlpack.yml index 7ee852547d2..ea5cdd79d3e 100644 --- a/cpp/upgrades/qlpack.yml +++ b/cpp/upgrades/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-upgrades groups: cpp upgrades: . -version: 0.0.6-dev +version: 0.0.6 library: true diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 05dbc9d5f4e..faf83f2f2c2 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/csharp/ql/lib/change-notes/released/0.0.6.md b/csharp/ql/lib/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 5ec9cd49b76..fea6395ff07 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.0.6-dev +version: 0.0.6 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 05dbc9d5f4e..faf83f2f2c2 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/csharp/ql/src/change-notes/released/0.0.6.md b/csharp/ql/src/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index a6a9e038f4e..46311cabbec 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.0.6-dev +version: 0.0.6 groups: csharp suites: codeql-suites extractor: csharp diff --git a/csharp/upgrades/CHANGELOG.md b/csharp/upgrades/CHANGELOG.md index 05dbc9d5f4e..faf83f2f2c2 100644 --- a/csharp/upgrades/CHANGELOG.md +++ b/csharp/upgrades/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/csharp/upgrades/change-notes/released/0.0.6.md b/csharp/upgrades/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/csharp/upgrades/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/csharp/upgrades/codeql-pack.release.yml b/csharp/upgrades/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/csharp/upgrades/codeql-pack.release.yml +++ b/csharp/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/csharp/upgrades/qlpack.yml b/csharp/upgrades/qlpack.yml index 1c200ce647c..577d48dc42d 100644 --- a/csharp/upgrades/qlpack.yml +++ b/csharp/upgrades/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-upgrades groups: csharp -version: 0.0.6-dev +version: 0.0.6 upgrades: . library: true diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 054184eb7e5..5d573967cc2 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.0.6 + +### Major Analysis Improvements + +* Data flow now propagates taint from remote source `Parameter` types to read steps of their fields (e.g. `tainted.publicField` or `tainted.getField()`). This also applies to their subtypes and the types of their fields, recursively. + ## 0.0.5 ### Bug Fixes diff --git a/java/ql/lib/change-notes/2021-12-15-tainted-field-read-step-on-entrypoint-types.md b/java/ql/lib/change-notes/released/0.0.6.md similarity index 84% rename from java/ql/lib/change-notes/2021-12-15-tainted-field-read-step-on-entrypoint-types.md rename to java/ql/lib/change-notes/released/0.0.6.md index f0f2ae110b3..feea1df191e 100644 --- a/java/ql/lib/change-notes/2021-12-15-tainted-field-read-step-on-entrypoint-types.md +++ b/java/ql/lib/change-notes/released/0.0.6.md @@ -1,4 +1,5 @@ ---- -category: majorAnalysis ---- +## 0.0.6 + +### Major Analysis Improvements + * Data flow now propagates taint from remote source `Parameter` types to read steps of their fields (e.g. `tainted.publicField` or `tainted.getField()`). This also applies to their subtypes and the types of their fields, recursively. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 13bd8b93fe9..f20bf980198 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.0.6-dev +version: 0.0.6 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index f6dd930d629..fa80a7e578b 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ### Minor Analysis Improvements diff --git a/java/ql/src/change-notes/released/0.0.6.md b/java/ql/src/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/java/ql/src/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 4362018759a..8d72897ca09 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.0.6-dev +version: 0.0.6 groups: java suites: codeql-suites extractor: java diff --git a/java/upgrades/CHANGELOG.md b/java/upgrades/CHANGELOG.md index 05dbc9d5f4e..faf83f2f2c2 100644 --- a/java/upgrades/CHANGELOG.md +++ b/java/upgrades/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/java/upgrades/change-notes/released/0.0.6.md b/java/upgrades/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/java/upgrades/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/java/upgrades/codeql-pack.release.yml b/java/upgrades/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/java/upgrades/codeql-pack.release.yml +++ b/java/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/java/upgrades/qlpack.yml b/java/upgrades/qlpack.yml index ab52a2d7488..d8c1c1f8a60 100644 --- a/java/upgrades/qlpack.yml +++ b/java/upgrades/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/java-upgrades groups: java upgrades: . library: true -version: 0.0.6-dev +version: 0.0.6 diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 894fb54ef75..176f6d0224b 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.7 + ## 0.0.6 ### New Features diff --git a/javascript/ql/lib/change-notes/released/0.0.7.md b/javascript/ql/lib/change-notes/released/0.0.7.md new file mode 100644 index 00000000000..cea0f79d95b --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.0.7.md @@ -0,0 +1 @@ +## 0.0.7 diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index cf398ce02aa..a2a5484910b 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.6 +lastReleaseVersion: 0.0.7 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index ad2e8f16464..25a2025a049 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.0.7-dev +version: 0.0.7 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index de6fd0ef3a0..a0ca236a44c 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.0.7 + +### Minor Analysis Improvements + +* Support for handlebars templates has improved. Raw interpolation tags of the form `{{& ... }}` are now recognized, + as well as whitespace-trimming tags like `{{~ ... }}`. +* Data flow is now tracked across middleware functions in more cases, leading to more security results in general. Affected packages are `express` and `fastify`. +* `js/missing-token-validation` has been made more precise, yielding both fewer false positives and more true positives. + ## 0.0.6 ### Major Analysis Improvements diff --git a/javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md b/javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md deleted file mode 100644 index e72b4adc2a6..00000000000 --- a/javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Support for handlebars templates has improved. Raw interpolation tags of the form `{{& ... }}` are now recognized, - as well as whitespace-trimming tags like `{{~ ... }}`. diff --git a/javascript/ql/src/change-notes/2021-11-08-routing-trees.md b/javascript/ql/src/change-notes/released/0.0.7.md similarity index 56% rename from javascript/ql/src/change-notes/2021-11-08-routing-trees.md rename to javascript/ql/src/change-notes/released/0.0.7.md index e51ce23f70f..75d565cd786 100644 --- a/javascript/ql/src/change-notes/2021-11-08-routing-trees.md +++ b/javascript/ql/src/change-notes/released/0.0.7.md @@ -1,5 +1,8 @@ ---- -category: minorAnalysis ---- +## 0.0.7 + +### Minor Analysis Improvements + +* Support for handlebars templates has improved. Raw interpolation tags of the form `{{& ... }}` are now recognized, + as well as whitespace-trimming tags like `{{~ ... }}`. * Data flow is now tracked across middleware functions in more cases, leading to more security results in general. Affected packages are `express` and `fastify`. * `js/missing-token-validation` has been made more precise, yielding both fewer false positives and more true positives. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index cf398ce02aa..a2a5484910b 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.6 +lastReleaseVersion: 0.0.7 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 7d03e6f372d..ec99d0ea2a3 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.0.7-dev +version: 0.0.7 groups: javascript suites: codeql-suites extractor: javascript diff --git a/javascript/upgrades/CHANGELOG.md b/javascript/upgrades/CHANGELOG.md index 21e20e1bd27..cf8c2bfa532 100644 --- a/javascript/upgrades/CHANGELOG.md +++ b/javascript/upgrades/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.7 + ## 0.0.6 ## 0.0.5 diff --git a/javascript/upgrades/change-notes/released/0.0.7.md b/javascript/upgrades/change-notes/released/0.0.7.md new file mode 100644 index 00000000000..cea0f79d95b --- /dev/null +++ b/javascript/upgrades/change-notes/released/0.0.7.md @@ -0,0 +1 @@ +## 0.0.7 diff --git a/javascript/upgrades/codeql-pack.release.yml b/javascript/upgrades/codeql-pack.release.yml index cf398ce02aa..a2a5484910b 100644 --- a/javascript/upgrades/codeql-pack.release.yml +++ b/javascript/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.6 +lastReleaseVersion: 0.0.7 diff --git a/javascript/upgrades/qlpack.yml b/javascript/upgrades/qlpack.yml index 970854465c7..f0adf231e43 100644 --- a/javascript/upgrades/qlpack.yml +++ b/javascript/upgrades/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/javascript-upgrades groups: javascript upgrades: . library: true -version: 0.0.7-dev +version: 0.0.7 diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index fe8deb57f81..6864a5d1ee8 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/released/0.0.6.md b/python/ql/lib/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/python/ql/lib/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index a95190890fa..7fdfd0273da 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.0.6-dev +version: 0.0.6 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 35f7b59a781..f3940c04a53 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.0.6 + +### New Queries + +* Two new queries have been added for detecting Server-side request forgery (SSRF). _Full server-side request forgery_ (`py/full-ssrf`) will only alert when the URL is fully user-controlled, and _Partial server-side request forgery_ (`py/partial-ssrf`) will alert when any part of the URL is user-controlled. Only `py/full-ssrf` will be run by default. + +### Minor Analysis Improvements + +* To support the new SSRF queries, the PyPI package `requests` has been modeled, along with `http.client.HTTP[S]Connection` from the standard library. + ## 0.0.5 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md b/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md deleted file mode 100644 index adbd961c1ff..00000000000 --- a/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* To support the new SSRF queries, the PyPI package `requests` has been modeled, along with `http.client.HTTP[S]Connection` from the standard library. diff --git a/python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md b/python/ql/src/change-notes/released/0.0.6.md similarity index 62% rename from python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md rename to python/ql/src/change-notes/released/0.0.6.md index aec0df66aa0..8ac74318b3d 100644 --- a/python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md +++ b/python/ql/src/change-notes/released/0.0.6.md @@ -1,4 +1,9 @@ ---- -category: newQuery ---- +## 0.0.6 + +### New Queries + * Two new queries have been added for detecting Server-side request forgery (SSRF). _Full server-side request forgery_ (`py/full-ssrf`) will only alert when the URL is fully user-controlled, and _Partial server-side request forgery_ (`py/partial-ssrf`) will alert when any part of the URL is user-controlled. Only `py/full-ssrf` will be run by default. + +### Minor Analysis Improvements + +* To support the new SSRF queries, the PyPI package `requests` has been modeled, along with `http.client.HTTP[S]Connection` from the standard library. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index cd47a35e967..595fc148f10 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.0.6-dev +version: 0.0.6 groups: python dependencies: codeql/python-all: "*" diff --git a/python/upgrades/CHANGELOG.md b/python/upgrades/CHANGELOG.md index 05dbc9d5f4e..faf83f2f2c2 100644 --- a/python/upgrades/CHANGELOG.md +++ b/python/upgrades/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/python/upgrades/change-notes/released/0.0.6.md b/python/upgrades/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/python/upgrades/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/python/upgrades/codeql-pack.release.yml b/python/upgrades/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/python/upgrades/codeql-pack.release.yml +++ b/python/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/python/upgrades/qlpack.yml b/python/upgrades/qlpack.yml index c2cb763786e..fd706b0a74b 100644 --- a/python/upgrades/qlpack.yml +++ b/python/upgrades/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/python-upgrades groups: python upgrades: . library: true -version: 0.0.6-dev +version: 0.0.6 diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 1c670691d2b..780108cbeb4 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.0.6 + +### Deprecated APIs + +* `ConstantWriteAccess.getQualifiedName()` has been deprecated in favor of `getAQualifiedName()` which can return multiple possible qualified names for a given constant write access. + ## 0.0.5 ### New Features diff --git a/ruby/ql/lib/change-notes/2021-12-21-constants.md b/ruby/ql/lib/change-notes/released/0.0.6.md similarity index 85% rename from ruby/ql/lib/change-notes/2021-12-21-constants.md rename to ruby/ql/lib/change-notes/released/0.0.6.md index 331078917e9..47eb039ef00 100644 --- a/ruby/ql/lib/change-notes/2021-12-21-constants.md +++ b/ruby/ql/lib/change-notes/released/0.0.6.md @@ -1,4 +1,5 @@ ---- -category: deprecated ---- +## 0.0.6 + +### Deprecated APIs + * `ConstantWriteAccess.getQualifiedName()` has been deprecated in favor of `getAQualifiedName()` which can return multiple possible qualified names for a given constant write access. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 78a396f3910..51d03abd9f7 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.0.6-dev +version: 0.0.6 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 6946f97e5a9..741191f3118 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.0.6 + ## 0.0.5 ## 0.0.4 diff --git a/ruby/ql/src/change-notes/released/0.0.6.md b/ruby/ql/src/change-notes/released/0.0.6.md new file mode 100644 index 00000000000..7cad4d986e5 --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.0.6.md @@ -0,0 +1 @@ +## 0.0.6 diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index bb45a1ab018..cf398ce02aa 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.6 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 052787da6da..349f8db58ad 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.0.6-dev +version: 0.0.6 groups: ruby suites: codeql-suites defaultSuiteFile: codeql-suites/ruby-code-scanning.qls