mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Revert "Release preparation for version 2.20.1"
This commit is contained in:
Dave Bartolomeo
@@ -1,5 +0,0 @@
|
||||
## 0.4.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Initial public preview release
|
||||
@@ -1,5 +1,4 @@
|
||||
## 0.4.0
|
||||
|
||||
### New Queries
|
||||
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Initial public preview release
|
||||
@@ -1,5 +0,0 @@
|
||||
## 0.4.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Initial public preview release
|
||||
@@ -1,2 +0,0 @@
|
||||
---
|
||||
lastReleaseVersion: 0.4.0
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-all
|
||||
version: 0.4.0
|
||||
version: 0.4.0-dev
|
||||
library: true
|
||||
warnOnImplicitThis: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
## 0.4.0
|
||||
|
||||
### New Queries
|
||||
|
||||
---
|
||||
category: newQuery
|
||||
---
|
||||
* Initial public preview release
|
||||
@@ -1,2 +0,0 @@
|
||||
---
|
||||
lastReleaseVersion: 0.4.0
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-queries
|
||||
version: 0.4.0
|
||||
version: 0.4.0-dev
|
||||
library: false
|
||||
warnOnImplicitThis: true
|
||||
groups: [actions, queries]
|
||||
|
||||
@@ -1,22 +1,3 @@
|
||||
## 3.1.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The `TemplateParameter` class, representing C++ type template parameters has been deprecated. Use `TypeTemplateParameter` instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* New classes `SizeofPackExprOperator` and `SizeofPackTypeOperator` were introduced, which represent the C++ `sizeof...` operator taking expressions and type arguments, respectively.
|
||||
* A new class `TemplateTemplateParameterInstantiation` was introduced, which represents instantiations of template template parameters.
|
||||
* A new predicate `getAnInstantiation` was added to the `TemplateTemplateParameter` class, which yields instantiations of template template parameters.
|
||||
* The `getTemplateArgumentType` and `getTemplateArgumentValue` predicates of the `Declaration` class now also yield template arguments of template template parameters.
|
||||
* A new class `NonTypeTemplateParameter` was introduced, which represents C++ non-type template parameters.
|
||||
* A new class `TemplateParameterBase` was introduced, which represents C++ non-type template parameters, type template parameters, and template template parameters.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `Guards` library (`semmle.code.cpp.controlflow.Guards`) has been improved to recognize more guard conditions.
|
||||
|
||||
## 3.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
4
cpp/ql/lib/change-notes/2024-12-04-guard-conditions.md
Normal file
4
cpp/ql/lib/change-notes/2024-12-04-guard-conditions.md
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `Guards` library (`semmle.code.cpp.controlflow.Guards`) has been improved to recognize more guard conditions.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* A new class `TemplateParameterBase` was introduced, which represents C++ non-type template parameters, type template parameters, and template template parameters.
|
||||
4
cpp/ql/lib/change-notes/2024-12-17-template-parameter.md
Normal file
4
cpp/ql/lib/change-notes/2024-12-17-template-parameter.md
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* The `TemplateParameter` class, representing C++ type template parameters has been deprecated. Use `TypeTemplateParameter` instead.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* A new class `NonTypeTemplateParameter` was introduced, which represents C++ non-type template parameters.
|
||||
4
cpp/ql/lib/change-notes/2024-12-20-sizeof-pack.md
Normal file
4
cpp/ql/lib/change-notes/2024-12-20-sizeof-pack.md
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* New classes `SizeofPackExprOperator` and `SizeofPackTypeOperator` were introduced, which represent the C++ `sizeof...` operator taking expressions and type arguments, respectively.
|
||||
@@ -0,0 +1,6 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* A new class `TemplateTemplateParameterInstantiation` was introduced, which represents instantiations of template template parameters.
|
||||
* A new predicate `getAnInstantiation` was added to the `TemplateTemplateParameter` class, which yields instantiations of template template parameters.
|
||||
* The `getTemplateArgumentType` and `getTemplateArgumentValue` predicates of the `Declaration` class now also yield template arguments of template template parameters.
|
||||
@@ -1,18 +0,0 @@
|
||||
## 3.1.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The `TemplateParameter` class, representing C++ type template parameters has been deprecated. Use `TypeTemplateParameter` instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* New classes `SizeofPackExprOperator` and `SizeofPackTypeOperator` were introduced, which represent the C++ `sizeof...` operator taking expressions and type arguments, respectively.
|
||||
* A new class `TemplateTemplateParameterInstantiation` was introduced, which represents instantiations of template template parameters.
|
||||
* A new predicate `getAnInstantiation` was added to the `TemplateTemplateParameter` class, which yields instantiations of template template parameters.
|
||||
* The `getTemplateArgumentType` and `getTemplateArgumentValue` predicates of the `Declaration` class now also yield template arguments of template template parameters.
|
||||
* A new class `NonTypeTemplateParameter` was introduced, which represents C++ non-type template parameters.
|
||||
* A new class `TemplateParameterBase` was introduced, which represents C++ non-type template parameters, type template parameters, and template template parameters.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `Guards` library (`semmle.code.cpp.controlflow.Guards`) has been improved to recognize more guard conditions.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 3.1.0
|
||||
lastReleaseVersion: 3.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 3.1.0
|
||||
version: 3.0.1-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -1,13 +1,3 @@
|
||||
## 1.3.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The "Returning stack-allocated memory" query (`cpp/return-stack-allocated-memory`) no longer produces results if there is an extraction error in the returned expression.
|
||||
* The "Badly bounded write" query (`cpp/badly-bounded-write`) no longer produces results if there is an extraction error in the type of the output buffer.
|
||||
* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) no longer produces results if an argument has an extraction error.
|
||||
* The "Wrong type of arguments to formatting function" query (`cpp/wrong-type-format-argument`) no longer produces results when an argument type has an extraction error.
|
||||
* Added dataflow models and flow sources for Microsoft's Active Template Library (ATL).
|
||||
|
||||
## 1.3.0
|
||||
|
||||
### New Queries
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added dataflow models and flow sources for Microsoft's Active Template Library (ATL).
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The "Badly bounded write" query (`cpp/badly-bounded-write`) no longer produces results if there is an extraction error in the type of the output buffer.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) no longer produces results if an argument has an extraction error.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The "Wrong type of arguments to formatting function" query (`cpp/wrong-type-format-argument`) no longer produces results when an argument type has an extraction error.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The "Returning stack-allocated memory" query (`cpp/return-stack-allocated-memory`) no longer produces results if there is an extraction error in the returned expression.
|
||||
@@ -1,9 +0,0 @@
|
||||
## 1.3.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The "Returning stack-allocated memory" query (`cpp/return-stack-allocated-memory`) no longer produces results if there is an extraction error in the returned expression.
|
||||
* The "Badly bounded write" query (`cpp/badly-bounded-write`) no longer produces results if there is an extraction error in the type of the output buffer.
|
||||
* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) no longer produces results if an argument has an extraction error.
|
||||
* The "Wrong type of arguments to formatting function" query (`cpp/wrong-type-format-argument`) no longer produces results when an argument type has an extraction error.
|
||||
* Added dataflow models and flow sources for Microsoft's Active Template Library (ATL).
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.3.1
|
||||
lastReleaseVersion: 1.3.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 1.3.1
|
||||
version: 1.3.1-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 1.7.31
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.30
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 1.7.31
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.31
|
||||
lastReleaseVersion: 1.7.30
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.31
|
||||
version: 1.7.31-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 1.7.31
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.30
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 1.7.31
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.31
|
||||
lastReleaseVersion: 1.7.30
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.31
|
||||
version: 1.7.31-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,16 +1,3 @@
|
||||
## 4.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* C# 13: Added QL library support for *collection* like type `params` parameters.
|
||||
* Added `remote` flow source models for properties of Blazor components annotated with any of the following attributes from `Microsoft.AspNetCore.Components`:
|
||||
- `[SupplyParameterFromForm]`
|
||||
- `[SupplyParameterFromQuery]`
|
||||
* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`.
|
||||
* Added flow summaries for the `Microsoft.AspNetCore.Mvc.Controller::View` method.
|
||||
* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths.
|
||||
* The C# extractor now supports *basic* extraction of .NET 9 projects. There might be limited support for extraction of code using the new C# 13 language features.
|
||||
|
||||
## 4.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths.
|
||||
4
csharp/ql/lib/change-notes/2024-12-04-dotnet9.md
Normal file
4
csharp/ql/lib/change-notes/2024-12-04-dotnet9.md
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The C# extractor now supports *basic* extraction of .NET 9 projects. There might be limited support for extraction of code using the new C# 13 language features.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added flow summaries for the `Microsoft.AspNetCore.Mvc.Controller::View` method.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`.
|
||||
@@ -0,0 +1,6 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added `remote` flow source models for properties of Blazor components annotated with any of the following attributes from `Microsoft.AspNetCore.Components`:
|
||||
- `[SupplyParameterFromForm]`
|
||||
- `[SupplyParameterFromQuery]`
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* C# 13: Added QL library support for *collection* like type `params` parameters.
|
||||
@@ -1,12 +0,0 @@
|
||||
## 4.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* C# 13: Added QL library support for *collection* like type `params` parameters.
|
||||
* Added `remote` flow source models for properties of Blazor components annotated with any of the following attributes from `Microsoft.AspNetCore.Components`:
|
||||
- `[SupplyParameterFromForm]`
|
||||
- `[SupplyParameterFromQuery]`
|
||||
* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`.
|
||||
* Added flow summaries for the `Microsoft.AspNetCore.Mvc.Controller::View` method.
|
||||
* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths.
|
||||
* The C# extractor now supports *basic* extraction of .NET 9 projects. There might be limited support for extraction of code using the new C# 13 language features.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 4.0.1
|
||||
lastReleaseVersion: 4.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 4.0.1
|
||||
version: 4.0.1-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,9 +1,3 @@
|
||||
## 1.0.14
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `ExternalApi` and `TestLibrary` modules have been moved to the library pack.
|
||||
|
||||
## 1.0.13
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
## 1.0.14
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `ExternalApi` and `TestLibrary` modules have been moved to the library pack.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.14
|
||||
lastReleaseVersion: 1.0.13
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 1.0.14
|
||||
version: 1.0.14-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 1.0.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.13
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 1.0.14
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.14
|
||||
lastReleaseVersion: 1.0.13
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 1.0.14
|
||||
version: 1.0.14-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,11 +1,3 @@
|
||||
## 3.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added a `commandargs` local source model for the `os.Args` variable.
|
||||
* Source models defined using models-as-data now work for variadic parameters.
|
||||
* Data flow out of variadic parameters now works in more situations. Summary models defined using models-as-data work. Source models defined using models-as-data do not work yet.
|
||||
|
||||
## 3.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Data flow out of variadic parameters now works in more situations. Summary models defined using models-as-data work. Source models defined using models-as-data do not work yet.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Source models defined using models-as-data now work for variadic parameters.
|
||||
5
go/ql/lib/change-notes/2024-12-13-os-args-model.md
Normal file
5
go/ql/lib/change-notes/2024-12-13-os-args-model.md
Normal file
@@ -0,0 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a `commandargs` local source model for the `os.Args` variable.
|
||||
|
||||
@@ -1,7 +0,0 @@
|
||||
## 3.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added a `commandargs` local source model for the `os.Args` variable.
|
||||
* Source models defined using models-as-data now work for variadic parameters.
|
||||
* Data flow out of variadic parameters now works in more situations. Summary models defined using models-as-data work. Source models defined using models-as-data do not work yet.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 3.0.1
|
||||
lastReleaseVersion: 3.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 3.0.1
|
||||
version: 3.0.1-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 1.1.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 1.1.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.1.5
|
||||
lastReleaseVersion: 1.1.4
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 1.1.5
|
||||
version: 1.1.5-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,24 +1,3 @@
|
||||
## 6.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* The class `ControlFlowNode` (and by extension `BasicBlock`) is no longer
|
||||
directly equatable to `Expr` and `Stmt`. Any queries that have been
|
||||
exploiting these equalities, for example by using casts, will need minor
|
||||
updates in order to fix any compilation errors. Conversions can be inserted
|
||||
in either direction depending on what is most convenient. Available
|
||||
conversions include `Expr.getControlFlowNode()`, `Stmt.getControlFlowNode()`,
|
||||
`ControlFlowNode.asExpr()`, `ControlFlowNode.asStmt()`, and
|
||||
`ControlFlowNode.asCall()`. Exit nodes were until now modelled as a
|
||||
`ControlFlowNode` equal to its enclosing `Callable`; these are now instead
|
||||
modelled by the class `ControlFlow::ExitNode`.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added `java.io.File.getName()` as a path injection sanitizer.
|
||||
* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths.
|
||||
* Added a sink for "Server-side request forgery" (`java/ssrf`) for the third parameter to org.springframework.web.client.RestTemplate.getForObject, when we cannot statically determine that it does not affect the host in the URL.
|
||||
|
||||
## 5.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
## 6.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* The class `ControlFlowNode` (and by extension `BasicBlock`) is no longer
|
||||
directly equatable to `Expr` and `Stmt`. Any queries that have been
|
||||
exploiting these equalities, for example by using casts, will need minor
|
||||
@@ -12,9 +11,3 @@
|
||||
`ControlFlowNode.asCall()`. Exit nodes were until now modelled as a
|
||||
`ControlFlowNode` equal to its enclosing `Callable`; these are now instead
|
||||
modelled by the class `ControlFlow::ExitNode`.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added `java.io.File.getName()` as a path injection sanitizer.
|
||||
* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths.
|
||||
* Added a sink for "Server-side request forgery" (`java/ssrf`) for the third parameter to org.springframework.web.client.RestTemplate.getForObject, when we cannot statically determine that it does not affect the host in the URL.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a sink for "Server-side request forgery" (`java/ssrf`) for the third parameter to org.springframework.web.client.RestTemplate.getForObject, when we cannot statically determine that it does not affect the host in the URL.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths.
|
||||
4
java/ql/lib/change-notes/2024-12-06-file-getname.md
Normal file
4
java/ql/lib/change-notes/2024-12-06-file-getname.md
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added `java.io.File.getName()` as a path injection sanitizer.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 6.0.0
|
||||
lastReleaseVersion: 5.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 6.0.0
|
||||
version: 5.0.1-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 1.1.11
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.10
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 1.1.11
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.1.11
|
||||
lastReleaseVersion: 1.1.10
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 1.1.11
|
||||
version: 1.1.11-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 2.2.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 2.2.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 2.2.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.2.1
|
||||
lastReleaseVersion: 2.2.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 2.2.1
|
||||
version: 2.2.1-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 1.2.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.2.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 1.2.6
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.2.6
|
||||
lastReleaseVersion: 1.2.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 1.2.6
|
||||
version: 1.2.6-dev
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 1.0.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.13
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 1.0.14
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.14
|
||||
lastReleaseVersion: 1.0.13
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
name: codeql/suite-helpers
|
||||
version: 1.0.14
|
||||
version: 1.0.14-dev
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
||||
@@ -1,14 +1,3 @@
|
||||
## 3.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Added support for parameter annotations in API graphs. This means that in a function definition such as `def foo(x: Bar): ...`, you can now use the `getInstanceFromAnnotation()` method to step from `Bar` to `x`. In addition to this, the `getAnInstance` method now also includes instances arising from parameter annotations.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added modeling of `fastapi.Request` and `starlette.requests.Request` as sources of untrusted input,
|
||||
and modeling of tainted data flow out of these request objects.
|
||||
|
||||
## 3.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,10 +1,5 @@
|
||||
## 3.1.0
|
||||
|
||||
### New Features
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
|
||||
- Added support for parameter annotations in API graphs. This means that in a function definition such as `def foo(x: Bar): ...`, you can now use the `getInstanceFromAnnotation()` method to step from `Bar` to `x`. In addition to this, the `getAnInstance` method now also includes instances arising from parameter annotations.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added modeling of `fastapi.Request` and `starlette.requests.Request` as sources of untrusted input,
|
||||
and modeling of tainted data flow out of these request objects.
|
||||
@@ -0,0 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added modeling of `fastapi.Request` and `starlette.requests.Request` as sources of untrusted input,
|
||||
and modeling of tainted data flow out of these request objects.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 3.1.0
|
||||
lastReleaseVersion: 3.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-all
|
||||
version: 3.1.0
|
||||
version: 3.0.1-dev
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
||||
@@ -1,9 +1,3 @@
|
||||
## 1.4.0
|
||||
|
||||
### New Queries
|
||||
|
||||
* The Server Side Template Injection query (`py/template-injection`), originally contributed to the experimental query pack by @porcupineyhairs, has been promoted to the main query suite. This query finds instances of templates for a template engine such as Jinja being constructed with user input.
|
||||
|
||||
## 1.3.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
## 1.4.0
|
||||
|
||||
### New Queries
|
||||
|
||||
---
|
||||
category: newQuery
|
||||
---
|
||||
* The Server Side Template Injection query (`py/template-injection`), originally contributed to the experimental query pack by @porcupineyhairs, has been promoted to the main query suite. This query finds instances of templates for a template engine such as Jinja being constructed with user input.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.4.0
|
||||
lastReleaseVersion: 1.3.4
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-queries
|
||||
version: 1.4.0
|
||||
version: 1.3.5-dev
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
## 3.0.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 3.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## 3.0.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 3.0.1
|
||||
lastReleaseVersion: 3.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-all
|
||||
version: 3.0.1
|
||||
version: 3.0.1-dev
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user