From 23320b6e5eadf5560ca3851b6ab762e716cb73f8 Mon Sep 17 00:00:00 2001 From: Chuan-kai Lin Date: Mon, 22 Jul 2024 13:22:49 -0700 Subject: [PATCH] Revert "Release preparation for version 2.18.1" --- cpp/ql/lib/CHANGELOG.md | 8 ------- .../2024-07-10-newarrayexpr-arraysize.md | 4 ++++ ... 2024-07-11-additional-builtin-support.md} | 9 +++----- .../2024-07-16-alert-provenance.md | 4 ++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 11 ---------- .../2024-07-08-unsafe-strncat-query.md | 4 ++++ ...-11-iterator-to-expired-container-query.md | 4 ++++ ...ed-difference-expression-compared-zero-.md | 4 ++++ cpp/ql/src/change-notes/released/1.1.0.md | 10 --------- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ---- .../lib/change-notes/released/1.7.21.md | 3 --- .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ---- .../src/change-notes/released/1.7.21.md | 3 --- .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 4 ---- csharp/ql/lib/change-notes/released/1.0.4.md | 3 --- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 4 ---- csharp/ql/src/change-notes/released/1.0.4.md | 3 --- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.4.md | 3 --- .../codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 6 ------ ...3.md => 2024-07-08-fix-clear-sanitizer.md} | 7 +++---- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ---- go/ql/src/change-notes/released/1.0.4.md | 3 --- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ---- .../src/change-notes/released/1.0.4.md | 3 --- java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 21 ------------------- .../2024-06-12-isandroid-deprecated.md | 4 ++++ .../change-notes/2024-06-19-kotlin-2.0.20.md | 4 ++++ .../2024-06-25-java-tools-status.md | 4 ++++ .../2024-07-03-env-var-semmle-dist.md | 4 ++++ .../2024-07-11-FilePath-exists-sink.md | 4 ++++ .../lib/change-notes/2024-07-11-kotlin-ga.md | 4 ++++ .../2024-07-11-toByteArray-summary.md | 4 ++++ java/ql/lib/change-notes/released/2.0.0.md | 20 ------------------ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 6 ------ ...-android-application-heuristic-updated.md} | 7 +++---- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ---- .../ql/lib/change-notes/released/1.1.1.md | 3 --- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 14 ------------- .../2024-06-19-insecure-helmet-config.md | 4 ++++ ...08-functionality-from-untrusted-domain.md} | 11 +++------- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.4.md | 3 --- misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 6 ------ .../2024-06-24-cookie-header-writes.md | 4 ++++ python/ql/lib/change-notes/released/1.0.4.md | 5 ----- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 4 ---- python/ql/src/change-notes/released/1.0.4.md | 3 --- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ---- ruby/ql/lib/change-notes/released/1.0.4.md | 3 --- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ---- ruby/ql/src/change-notes/released/1.0.4.md | 3 --- ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.4.md | 3 --- shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ---- .../dataflow/change-notes/released/1.0.4.md | 3 --- shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ---- shared/mad/change-notes/released/1.0.4.md | 3 --- shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.4.md | 3 --- shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ---- shared/regex/change-notes/released/1.0.4.md | 3 --- shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ---- shared/ssa/change-notes/released/1.0.4.md | 3 --- shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.4.md | 3 --- shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ---- .../tutorial/change-notes/released/1.0.4.md | 3 --- shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ---- .../typeflow/change-notes/released/1.0.4.md | 3 --- shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.4.md | 3 --- shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ---- shared/typos/change-notes/released/1.0.4.md | 3 --- shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ---- shared/util/change-notes/released/1.0.4.md | 3 --- shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ---- shared/xml/change-notes/released/1.0.4.md | 3 --- shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ---- shared/yaml/change-notes/released/1.0.4.md | 3 --- shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 10 --------- .../1.1.0.md => 2024-05-23-sensitive-data.md} | 11 +++------- .../lib/change-notes/2024-07-11-swift-ga.md | 4 ++++ swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ---- swift/ql/src/change-notes/released/1.0.4.md | 3 --- swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 155 files changed, 145 insertions(+), 406 deletions(-) create mode 100644 cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md rename cpp/ql/lib/change-notes/{released/1.3.0.md => 2024-07-11-additional-builtin-support.md} (57%) create mode 100644 cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md create mode 100644 cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md create mode 100644 cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md create mode 100644 cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md delete mode 100644 cpp/ql/src/change-notes/released/1.1.0.md delete mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md delete mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md delete mode 100644 csharp/ql/lib/change-notes/released/1.0.4.md delete mode 100644 csharp/ql/src/change-notes/released/1.0.4.md delete mode 100644 go/ql/consistency-queries/change-notes/released/1.0.4.md rename go/ql/lib/change-notes/{released/1.1.3.md => 2024-07-08-fix-clear-sanitizer.md} (81%) delete mode 100644 go/ql/src/change-notes/released/1.0.4.md delete mode 100644 java/ql/automodel/src/change-notes/released/1.0.4.md create mode 100644 java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md create mode 100644 java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md create mode 100644 java/ql/lib/change-notes/2024-06-25-java-tools-status.md create mode 100644 java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md create mode 100644 java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md create mode 100644 java/ql/lib/change-notes/2024-07-11-kotlin-ga.md create mode 100644 java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md delete mode 100644 java/ql/lib/change-notes/released/2.0.0.md rename java/ql/src/change-notes/{released/1.1.1.md => 2024-07-07-android-application-heuristic-updated.md} (88%) delete mode 100644 javascript/ql/lib/change-notes/released/1.1.1.md create mode 100644 javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md rename javascript/ql/src/change-notes/{released/1.1.0.md => 2024-07-08-functionality-from-untrusted-domain.md} (79%) delete mode 100644 misc/suite-helpers/change-notes/released/1.0.4.md create mode 100644 python/ql/lib/change-notes/2024-06-24-cookie-header-writes.md delete mode 100644 python/ql/lib/change-notes/released/1.0.4.md delete mode 100644 python/ql/src/change-notes/released/1.0.4.md delete mode 100644 ruby/ql/lib/change-notes/released/1.0.4.md delete mode 100644 ruby/ql/src/change-notes/released/1.0.4.md delete mode 100644 shared/controlflow/change-notes/released/1.0.4.md delete mode 100644 shared/dataflow/change-notes/released/1.0.4.md delete mode 100644 shared/mad/change-notes/released/1.0.4.md delete mode 100644 shared/rangeanalysis/change-notes/released/1.0.4.md delete mode 100644 shared/regex/change-notes/released/1.0.4.md delete mode 100644 shared/ssa/change-notes/released/1.0.4.md delete mode 100644 shared/threat-models/change-notes/released/1.0.4.md delete mode 100644 shared/tutorial/change-notes/released/1.0.4.md delete mode 100644 shared/typeflow/change-notes/released/1.0.4.md delete mode 100644 shared/typetracking/change-notes/released/1.0.4.md delete mode 100644 shared/typos/change-notes/released/1.0.4.md delete mode 100644 shared/util/change-notes/released/1.0.4.md delete mode 100644 shared/xml/change-notes/released/1.0.4.md delete mode 100644 shared/yaml/change-notes/released/1.0.4.md rename swift/ql/lib/change-notes/{released/1.1.0.md => 2024-05-23-sensitive-data.md} (70%) create mode 100644 swift/ql/lib/change-notes/2024-07-11-swift-ga.md delete mode 100644 swift/ql/src/change-notes/released/1.0.4.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 9f01040830c..61cbcd1318a 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,11 +1,3 @@ -## 1.3.0 - -### New Features - -* Models-as-data alert provenance information has been extended to the C/C++ language. Any qltests that include the edges relation in their output (for example, `.qlref`s that reference path-problem queries) will need to be have their expected output updated accordingly. -* Added subclasses of `BuiltInOperations` for `__builtin_has_attribute`, `__builtin_is_corresponding_member`, `__builtin_is_pointer_interconvertible_with_class`, `__is_assignable_no_precondition_check`, `__is_bounded_array`, `__is_convertible`, `__is_corresponding_member`, `__is_nothrow_convertible`, `__is_pointer_interconvertible_with_class`, `__is_referenceable`, `__is_same_as`, `__is_trivially_copy_assignable`, `__is_unbounded_array`, `__is_valid_winrt_type`, `_is_win_class`, `__is_win_interface`, `__reference_binds_to_temporary`, `__reference_constructs_from_temporary`, and `__reference_converts_from_temporary`. -* The class `NewArrayExpr` adds a predicate `getArraySize()` to allow a more convenient way to access the static size of the array when the extent is missing. - ## 1.2.0 ### New Features diff --git a/cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md b/cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md new file mode 100644 index 00000000000..0a806c93243 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* The class `NewArrayExpr` adds a predicate `getArraySize()` to allow a more convenient way to access the static size of the array when the extent is missing. diff --git a/cpp/ql/lib/change-notes/released/1.3.0.md b/cpp/ql/lib/change-notes/2024-07-11-additional-builtin-support.md similarity index 57% rename from cpp/ql/lib/change-notes/released/1.3.0.md rename to cpp/ql/lib/change-notes/2024-07-11-additional-builtin-support.md index 3c3010da96d..f389283ad1e 100644 --- a/cpp/ql/lib/change-notes/released/1.3.0.md +++ b/cpp/ql/lib/change-notes/2024-07-11-additional-builtin-support.md @@ -1,7 +1,4 @@ -## 1.3.0 - -### New Features - -* Models-as-data alert provenance information has been extended to the C/C++ language. Any qltests that include the edges relation in their output (for example, `.qlref`s that reference path-problem queries) will need to be have their expected output updated accordingly. +--- +category: feature +--- * Added subclasses of `BuiltInOperations` for `__builtin_has_attribute`, `__builtin_is_corresponding_member`, `__builtin_is_pointer_interconvertible_with_class`, `__is_assignable_no_precondition_check`, `__is_bounded_array`, `__is_convertible`, `__is_corresponding_member`, `__is_nothrow_convertible`, `__is_pointer_interconvertible_with_class`, `__is_referenceable`, `__is_same_as`, `__is_trivially_copy_assignable`, `__is_unbounded_array`, `__is_valid_winrt_type`, `_is_win_class`, `__is_win_interface`, `__reference_binds_to_temporary`, `__reference_constructs_from_temporary`, and `__reference_converts_from_temporary`. -* The class `NewArrayExpr` adds a predicate `getArraySize()` to allow a more convenient way to access the static size of the array when the extent is missing. diff --git a/cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md b/cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md new file mode 100644 index 00000000000..3f773028073 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Models-as-data alert provenance information has been extended to the C/C++ language. Any qltests that include the edges relation in their output (for example, `.qlref`s that reference path-problem queries) will need to be have their expected output updated accordingly. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index ec16350ed6f..75430e73d1c 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.0 +lastReleaseVersion: 1.2.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index aee0698f32a..6b3f05d5f7c 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 1.3.0 +version: 1.2.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 9f10be7db90..badaa459be1 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,14 +1,3 @@ -## 1.1.0 - -### Query Metadata Changes - -* The precision of `cpp/iterator-to-expired-container` ("Iterator to expired container") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. -* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. - -### Minor Analysis Improvements - -* The `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") query now produces fewer false positives. - ## 1.0.3 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md b/cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md new file mode 100644 index 00000000000..a85958bc6ba --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. diff --git a/cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md b/cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md new file mode 100644 index 00000000000..37d1f9eda4a --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The precision of `cpp/iterator-to-expired-container` ("Iterator to expired container") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. diff --git a/cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md b/cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md new file mode 100644 index 00000000000..a4fb27acc41 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") query now produces fewer false positives. diff --git a/cpp/ql/src/change-notes/released/1.1.0.md b/cpp/ql/src/change-notes/released/1.1.0.md deleted file mode 100644 index 50e703a5814..00000000000 --- a/cpp/ql/src/change-notes/released/1.1.0.md +++ /dev/null @@ -1,10 +0,0 @@ -## 1.1.0 - -### Query Metadata Changes - -* The precision of `cpp/iterator-to-expired-container` ("Iterator to expired container") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. -* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. - -### Minor Analysis Improvements - -* The `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") query now produces fewer false positives. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 2ac15439f56..06fa75b96cb 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.0.3 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 179bbafe4ac..ec7e9e095ed 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.1.0 +version: 1.0.4-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 503822fbd68..4f04af92303 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.21 - -No user-facing changes. - ## 1.7.20 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md deleted file mode 100644 index bdd54f47083..00000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.21 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 87eff681b88..747131a0b2b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.21 +lastReleaseVersion: 1.7.20 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 593ee8b9125..30856be18e2 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.21 +version: 1.7.21-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 503822fbd68..4f04af92303 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.21 - -No user-facing changes. - ## 1.7.20 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md deleted file mode 100644 index bdd54f47083..00000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.21 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 87eff681b88..747131a0b2b 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.21 +lastReleaseVersion: 1.7.20 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 3182e69d672..434601dad84 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.21 +version: 1.7.21-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index e8db0331951..6abef1b2c04 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/released/1.0.4.md b/csharp/ql/lib/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/csharp/ql/lib/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 97d1ed9a892..28319e6dc99 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 1.0.4 +version: 1.0.4-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 0b2583745f1..5edbf922962 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/csharp/ql/src/change-notes/released/1.0.4.md b/csharp/ql/src/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/csharp/ql/src/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 73aed8329de..1805c054d6b 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.4 +version: 1.0.4-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index bdc66d51322..86a6976ddc7 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.4.md b/go/ql/consistency-queries/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/go/ql/consistency-queries/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index e3561decdf0..66c00f275bd 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.4 +version: 1.0.4-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index ed4e9b3750f..875c2809beb 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.1.3 - -### Minor Analysis Improvements - -* There was a bug which meant that the built-in function `clear` was considered as a sanitizer in some cases when it shouldn't have been. This has now been fixed, which may lead to more alerts. - ## 1.1.2 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/released/1.1.3.md b/go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md similarity index 81% rename from go/ql/lib/change-notes/released/1.1.3.md rename to go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md index d97cd24d93c..711287f6a89 100644 --- a/go/ql/lib/change-notes/released/1.1.3.md +++ b/go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md @@ -1,5 +1,4 @@ -## 1.1.3 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * There was a bug which meant that the built-in function `clear` was considered as a sanitizer in some cases when it shouldn't have been. This has now been fixed, which may lead to more alerts. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 35e710ab1bf..53ab127707f 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.3 +lastReleaseVersion: 1.1.2 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 7e0622a6f07..34fec580e8c 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 1.1.3 +version: 1.1.3-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 7248057e408..f02101176a9 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.0.4.md b/go/ql/src/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/go/ql/src/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 8438e3c589c..27c6eaf86a9 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.0.4 +version: 1.0.4-dev groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 7ef174ca56a..6e2e78d0a63 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/1.0.4.md b/java/ql/automodel/src/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/java/ql/automodel/src/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 096cba6156a..ad247f25bf1 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 1.0.4 +version: 1.0.4-dev groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 07b324f259c..d4ceec95093 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,24 +1,3 @@ -## 2.0.0 - -### Breaking Changes - -* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable. - -### Deprecated APIs - -* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead. - -### New Features - -* Kotlin support is now out of beta, and generally available -* Kotlin versions up to 2.0.2*x* are now supported. - -### Minor Analysis Improvements - -* Added a path-injection sink for `hudson.FilePath.exists()`. -* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`. -* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. - ## 1.1.2 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md b/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md new file mode 100644 index 00000000000..3c1ab0de8e2 --- /dev/null +++ b/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md @@ -0,0 +1,4 @@ +--- +category: deprecated +--- +* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead. diff --git a/java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md b/java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md new file mode 100644 index 00000000000..f9023051191 --- /dev/null +++ b/java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Kotlin versions up to 2.0.2\ *x* are now supported. diff --git a/java/ql/lib/change-notes/2024-06-25-java-tools-status.md b/java/ql/lib/change-notes/2024-06-25-java-tools-status.md new file mode 100644 index 00000000000..67a72a12bb7 --- /dev/null +++ b/java/ql/lib/change-notes/2024-06-25-java-tools-status.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. diff --git a/java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md b/java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md new file mode 100644 index 00000000000..372bed1eb66 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md @@ -0,0 +1,4 @@ +--- +category: breaking +--- +* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable. diff --git a/java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md b/java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md new file mode 100644 index 00000000000..0c8f80cb715 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added a path-injection sink for `hudson.FilePath.exists()`. diff --git a/java/ql/lib/change-notes/2024-07-11-kotlin-ga.md b/java/ql/lib/change-notes/2024-07-11-kotlin-ga.md new file mode 100644 index 00000000000..24d6c5d7d76 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-11-kotlin-ga.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Kotlin support is now out of beta, and generally available diff --git a/java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md b/java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md new file mode 100644 index 00000000000..b24905cb9e7 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`. diff --git a/java/ql/lib/change-notes/released/2.0.0.md b/java/ql/lib/change-notes/released/2.0.0.md deleted file mode 100644 index 3f451d0e5bb..00000000000 --- a/java/ql/lib/change-notes/released/2.0.0.md +++ /dev/null @@ -1,20 +0,0 @@ -## 2.0.0 - -### Breaking Changes - -* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable. - -### Deprecated APIs - -* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead. - -### New Features - -* Kotlin support is now out of beta, and generally available -* Kotlin versions up to 2.0.2*x* are now supported. - -### Minor Analysis Improvements - -* Added a path-injection sink for `hudson.FilePath.exists()`. -* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`. -* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 0abe6ccede0..53ab127707f 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 1.1.2 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index cf98ca82d81..9d64327d6d8 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 2.0.0 +version: 1.1.3-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 687e54f3d9b..30ac37246bb 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.1.1 - -### Minor Analysis Improvements - -* The heuristic to enable certain Android queries has been improved. Now it ignores Android Manifests which don't define an activity, content provider or service. We also only consider files which are under a folder containing such an Android Manifest for these queries. This should remove some false positive alerts. - ## 1.1.0 ### Major Analysis Improvements diff --git a/java/ql/src/change-notes/released/1.1.1.md b/java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md similarity index 88% rename from java/ql/src/change-notes/released/1.1.1.md rename to java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md index e8403c4e15a..fbf24383c19 100644 --- a/java/ql/src/change-notes/released/1.1.1.md +++ b/java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md @@ -1,5 +1,4 @@ -## 1.1.1 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * The heuristic to enable certain Android queries has been improved. Now it ignores Android Manifests which don't define an activity, content provider or service. We also only consider files which are under a folder containing such an Android Manifest for these queries. This should remove some false positive alerts. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 1a19084be3f..2ac15439f56 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.1 +lastReleaseVersion: 1.1.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 66b53f46939..65236db5e55 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.1.1 +version: 1.1.1-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 182f9a9685c..c5df4d5fa27 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.1.1 - -No user-facing changes. - ## 1.1.0 ### Major Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/1.1.1.md b/javascript/ql/lib/change-notes/released/1.1.1.md deleted file mode 100644 index 7fb56d36610..00000000000 --- a/javascript/ql/lib/change-notes/released/1.1.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.1.1 - -No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 1a19084be3f..2ac15439f56 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.1 +lastReleaseVersion: 1.1.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 651f453bced..23b7ec9240a 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 1.1.1 +version: 1.1.1-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 0f30798ecd1..a3d09c1e02b 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,17 +1,3 @@ -## 1.1.0 - -### New Queries - -* Added a new query, `js/insecure-helmet-configuration`, to detect instances where Helmet middleware is configured with important security features disabled. - -### Minor Analysis Improvements - -* Added a new query, `js/functionality-from-untrusted-domain`, which detects uses in HTML and JavaScript scripts from untrusted domains, including the `polyfill.io` content delivery network - * it can be extended to detect other compromised scripts using user-provided data extensions of the `untrustedDomain` predicate, which takes one string argument with the domain to warn on (and will warn on any subdomains too). -* Modified existing query, `js/functionality-from-untrusted-source`, to allow adding this new query, but reusing the same logic - * Added the ability to use data extensions to require SRI on CDN hostnames using the `isCdnDomainWithCheckingRequired` predicate, which takes one string argument of the full hostname to require SRI for. -* Created a new library, `semmle.javascript.security.FunctionalityFromUntrustedSource`, to support both queries. - ## 1.0.3 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md b/javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md new file mode 100644 index 00000000000..bee7ccb8fb9 --- /dev/null +++ b/javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `js/insecure-helmet-configuration`, to detect instances where Helmet middleware is configured with important security features disabled. diff --git a/javascript/ql/src/change-notes/released/1.1.0.md b/javascript/ql/src/change-notes/2024-07-08-functionality-from-untrusted-domain.md similarity index 79% rename from javascript/ql/src/change-notes/released/1.1.0.md rename to javascript/ql/src/change-notes/2024-07-08-functionality-from-untrusted-domain.md index 81883a0d44f..48a524c0d98 100644 --- a/javascript/ql/src/change-notes/released/1.1.0.md +++ b/javascript/ql/src/change-notes/2024-07-08-functionality-from-untrusted-domain.md @@ -1,11 +1,6 @@ -## 1.1.0 - -### New Queries - -* Added a new query, `js/insecure-helmet-configuration`, to detect instances where Helmet middleware is configured with important security features disabled. - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Added a new query, `js/functionality-from-untrusted-domain`, which detects uses in HTML and JavaScript scripts from untrusted domains, including the `polyfill.io` content delivery network * it can be extended to detect other compromised scripts using user-provided data extensions of the `untrustedDomain` predicate, which takes one string argument with the domain to warn on (and will warn on any subdomains too). * Modified existing query, `js/functionality-from-untrusted-source`, to allow adding this new query, but reusing the same logic diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 2ac15439f56..06fa75b96cb 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.0.3 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 113e769b9fc..96db5feb0c8 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.1.0 +version: 1.0.4-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 9f92ac20b25..d38834ba2ef 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.4.md b/misc/suite-helpers/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/misc/suite-helpers/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 14e15f3b9a9..a8a38a7cbd3 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.4 +version: 1.0.4-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 382efff551c..65d784e6456 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.0.4 - -### Minor Analysis Improvements - -* Additional modelling to detect direct writes to the `Set-Cookie` header has been added for several web frameworks. - ## 1.0.3 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-06-24-cookie-header-writes.md b/python/ql/lib/change-notes/2024-06-24-cookie-header-writes.md new file mode 100644 index 00000000000..583e0f44c05 --- /dev/null +++ b/python/ql/lib/change-notes/2024-06-24-cookie-header-writes.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Additional modelling has been added to detect cookie writes from direct writes to the `Set-Cookie` header have been added for several web frameworks. \ No newline at end of file diff --git a/python/ql/lib/change-notes/released/1.0.4.md b/python/ql/lib/change-notes/released/1.0.4.md deleted file mode 100644 index 9da90a6cc33..00000000000 --- a/python/ql/lib/change-notes/released/1.0.4.md +++ /dev/null @@ -1,5 +0,0 @@ -## 1.0.4 - -### Minor Analysis Improvements - -* Additional modelling to detect direct writes to the `Set-Cookie` header has been added for several web frameworks. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index fdb646bad17..f72b0c14f5b 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 1.0.4 +version: 1.0.4-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index b386509bd97..1015dd24144 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/released/1.0.4.md b/python/ql/src/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/python/ql/src/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 698c52f9e8f..e12dd987495 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.0.4 +version: 1.0.4-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 865dc997f3a..140cdd2cdba 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/released/1.0.4.md b/ruby/ql/lib/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/ruby/ql/lib/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index bf914c07196..caf4ecc62ec 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 1.0.4 +version: 1.0.4-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index ac5d0c7525c..766deb43582 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.0.4.md b/ruby/ql/src/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/ruby/ql/src/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 3ef18acf231..c6503d479c3 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.0.4 +version: 1.0.4-dev groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 047afa97e51..dab49cbe607 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/1.0.4.md b/shared/controlflow/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/controlflow/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 0b055d4c623..72d92972d09 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ca6c7165b9b..ae88f0beac8 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/1.0.4.md b/shared/dataflow/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/dataflow/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 283e277909d..16e7e9af0d2 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 8680f86e786..1b49bf2fb06 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.4.md b/shared/mad/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/mad/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 8167a79b21b..3f35765b5d4 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index a33a857c905..5093ac17ebd 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.4.md b/shared/rangeanalysis/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/rangeanalysis/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 9490c61761c..27fc3198a4d 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index d78925faba0..bc4c3b902b9 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.4.md b/shared/regex/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/regex/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index b12651a8035..37f37353811 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 1a64a39471c..397322fcfd8 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.4.md b/shared/ssa/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/ssa/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index efdee4d845a..ed7467eebf4 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index bdc66d51322..86a6976ddc7 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.4.md b/shared/threat-models/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/threat-models/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index fc944afcd9c..1f80ebd4983 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.4 +version: 1.0.4-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index ad8f62a4e9d..6212f4cebc7 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.4.md b/shared/tutorial/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/tutorial/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index eb3fbc4b6f6..86c983bb080 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index b9366dadb5c..4cf16f9cb1e 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.4.md b/shared/typeflow/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/typeflow/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 4f43727f40d..a7590994015 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index d17f150b27b..7a288c03bd9 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/1.0.4.md b/shared/typetracking/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/typetracking/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 14b58f18a55..b83dc559057 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index d323c0974fe..27be8dccdaa 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.4.md b/shared/typos/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/typos/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 353c40e472e..459e9b92621 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 6042620d77c..b098bee611b 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/util/change-notes/released/1.0.4.md b/shared/util/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/util/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index a4fcfad3f4b..4df8f4c4e46 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 1323436e6b2..36b6e75f803 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.4.md b/shared/xml/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/xml/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index f2303124741..832ce27a19c 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index cd2c2e92ddf..49b8a5aeb8c 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.4.md b/shared/yaml/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/shared/yaml/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 6135b64ec83..57b7890f9bb 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.4 +version: 1.0.4-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 21e8b74bb02..0630a303d73 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,13 +1,3 @@ -## 1.1.0 - -### New Features - -* Swift support is now out of beta, and generally available. - -### Minor Analysis Improvements - -* Additional heuristics for sensitive private information have been added to the `SensitiveExprs.qll` library, improving coverage for credit card and social security numbers. This may result in additional results for queries that use sensitive data such as `swift/cleartext-transmission`. - ## 1.0.3 No user-facing changes. diff --git a/swift/ql/lib/change-notes/released/1.1.0.md b/swift/ql/lib/change-notes/2024-05-23-sensitive-data.md similarity index 70% rename from swift/ql/lib/change-notes/released/1.1.0.md rename to swift/ql/lib/change-notes/2024-05-23-sensitive-data.md index fd8955658fc..f42901c4589 100644 --- a/swift/ql/lib/change-notes/released/1.1.0.md +++ b/swift/ql/lib/change-notes/2024-05-23-sensitive-data.md @@ -1,9 +1,4 @@ -## 1.1.0 - -### New Features - -* Swift support is now out of beta, and generally available. - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Additional heuristics for sensitive private information have been added to the `SensitiveExprs.qll` library, improving coverage for credit card and social security numbers. This may result in additional results for queries that use sensitive data such as `swift/cleartext-transmission`. diff --git a/swift/ql/lib/change-notes/2024-07-11-swift-ga.md b/swift/ql/lib/change-notes/2024-07-11-swift-ga.md new file mode 100644 index 00000000000..e50a3074157 --- /dev/null +++ b/swift/ql/lib/change-notes/2024-07-11-swift-ga.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Swift support is now out of beta, and generally available. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 2ac15439f56..06fa75b96cb 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.0.3 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index cbb2fa19bf5..c6bd37e6215 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 1.1.0 +version: 1.0.4-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index ca26ff94f22..f08ae688531 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.4 - -No user-facing changes. - ## 1.0.3 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.0.4.md b/swift/ql/src/change-notes/released/1.0.4.md deleted file mode 100644 index d0255e750ff..00000000000 --- a/swift/ql/src/change-notes/released/1.0.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.4 - -No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 03f7ea71b58..06fa75b96cb 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.4 +lastReleaseVersion: 1.0.3 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index bcd1861583a..62409f64983 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.4 +version: 1.0.4-dev groups: - swift - queries