From 019ec0caf735dc92ee66f46ffa861564a17f3c27 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 27 Apr 2026 10:01:23 +0000 Subject: [PATCH 1/3] Release preparation for version 2.25.3 --- actions/ql/lib/CHANGELOG.md | 6 ++++++ .../0.4.34.md} | 7 ++++--- actions/ql/lib/codeql-pack.release.yml | 2 +- actions/ql/lib/qlpack.yml | 2 +- actions/ql/src/CHANGELOG.md | 10 ++++++++++ .../ql/src/change-notes/2026-04-02-permissions.md | 4 ---- .../0.6.26.md} | 13 +++++++++---- actions/ql/src/codeql-pack.release.yml | 2 +- actions/ql/src/qlpack.yml | 2 +- cpp/ql/lib/CHANGELOG.md | 11 +++++++++++ cpp/ql/lib/change-notes/2026-04-07-autoconf.md | 4 ---- cpp/ql/lib/change-notes/2026-04-14-throwing.md | 5 ----- cpp/ql/lib/change-notes/released/10.0.0.md | 10 ++++++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 12 ++++++++++++ .../2026-03-23-implicit-function-declaration.md | 4 ---- .../2026-04-02-comparison-with-wider-type.md | 4 ---- .../2026-04-02-implicit-function-declaration.md | 4 ---- ...026-04-02-integer-multiplication-cast-to-long.md | 4 ---- .../2026-04-02-suspicious-add-sizeof.md | 4 ---- .../2026-04-02-wrong-type-format-argument.md | 4 ---- .../2026-04-16-add-model-for-aligned-alloc.md | 4 ---- cpp/ql/src/change-notes/released/1.6.1.md | 11 +++++++++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../Solorigate/lib/change-notes/released/1.7.65.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../Solorigate/src/change-notes/released/1.7.65.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 6 ++++++ .../{2026-04-01-getlrvalue.md => released/5.5.0.md} | 7 ++++--- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 9 +++++++++ .../1.7.1.md} | 7 ++++--- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.48.md | 3 +++ go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 4 ++++ go/ql/lib/change-notes/released/7.0.6.md | 3 +++ go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/1.6.1.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 6 ++++++ .../9.0.4.md} | 7 ++++--- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 4 ++++ java/ql/src/change-notes/released/1.11.1.md | 3 +++ java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ javascript/ql/lib/change-notes/released/2.6.28.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 7 +++++++ .../2.3.8.md} | 7 ++++--- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ misc/suite-helpers/change-notes/released/1.0.48.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 6 ++++++ .../7.0.5.md} | 6 +++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ++++++ .../1.8.1.md} | 6 +++--- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ++++ ruby/ql/lib/change-notes/released/5.1.16.md | 3 +++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++++ ruby/ql/src/change-notes/released/1.6.1.md | 3 +++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- rust/ql/lib/CHANGELOG.md | 4 ++++ rust/ql/lib/change-notes/released/0.2.12.md | 3 +++ rust/ql/lib/codeql-pack.release.yml | 2 +- rust/ql/lib/qlpack.yml | 2 +- rust/ql/src/CHANGELOG.md | 4 ++++ rust/ql/src/change-notes/released/0.1.33.md | 3 +++ rust/ql/src/codeql-pack.release.yml | 2 +- rust/ql/src/qlpack.yml | 2 +- shared/concepts/CHANGELOG.md | 4 ++++ shared/concepts/change-notes/released/0.0.22.md | 3 +++ shared/concepts/codeql-pack.release.yml | 2 +- shared/concepts/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ shared/controlflow/change-notes/released/2.0.32.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ shared/dataflow/change-notes/released/2.1.4.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/1.0.48.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/quantum/CHANGELOG.md | 4 ++++ shared/quantum/change-notes/released/0.0.26.md | 3 +++ shared/quantum/codeql-pack.release.yml | 2 +- shared/quantum/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../rangeanalysis/change-notes/released/1.0.48.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/1.0.48.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/2.0.24.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../threat-models/change-notes/released/1.0.48.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ shared/tutorial/change-notes/released/1.0.48.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ++++ shared/typeflow/change-notes/released/1.0.48.md | 3 +++ shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typeinference/CHANGELOG.md | 4 ++++ .../typeinference/change-notes/released/0.0.29.md | 3 +++ shared/typeinference/codeql-pack.release.yml | 2 +- shared/typeinference/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ shared/typetracking/change-notes/released/2.0.32.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/1.0.48.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/2.0.35.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ++++ shared/xml/change-notes/released/1.0.48.md | 3 +++ shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/1.0.48.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ++++++ .../{2026-04-06-swift-6.3.md => released/6.4.0.md} | 7 ++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/1.3.1.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 174 files changed, 437 insertions(+), 151 deletions(-) rename actions/ql/lib/change-notes/{2026-03-26-remove-false-positive-sinks.md => released/0.4.34.md} (79%) delete mode 100644 actions/ql/src/change-notes/2026-04-02-permissions.md rename actions/ql/src/change-notes/{2026-04-02-alert-msg-poisoning.md => released/0.6.26.md} (64%) delete mode 100644 cpp/ql/lib/change-notes/2026-04-07-autoconf.md delete mode 100644 cpp/ql/lib/change-notes/2026-04-14-throwing.md create mode 100644 cpp/ql/lib/change-notes/released/10.0.0.md delete mode 100644 cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md delete mode 100644 cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md create mode 100644 cpp/ql/src/change-notes/released/1.6.1.md create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md rename csharp/ql/lib/change-notes/{2026-04-01-getlrvalue.md => released/5.5.0.md} (79%) rename csharp/ql/src/change-notes/{2026-04-17-useless-to-string.md => released/1.7.1.md} (84%) create mode 100644 go/ql/consistency-queries/change-notes/released/1.0.48.md create mode 100644 go/ql/lib/change-notes/released/7.0.6.md create mode 100644 go/ql/src/change-notes/released/1.6.1.md rename java/ql/lib/change-notes/{2026-04-16-woodstox-xxe.md => released/9.0.4.md} (88%) create mode 100644 java/ql/src/change-notes/released/1.11.1.md create mode 100644 javascript/ql/lib/change-notes/released/2.6.28.md rename javascript/ql/src/change-notes/{2026-04-13-fastify-per-route-rate-limit.md => released/2.3.8.md} (69%) create mode 100644 misc/suite-helpers/change-notes/released/1.0.48.md rename python/ql/lib/change-notes/{2026-04-10-support-lazy-keyword.md => released/7.0.5.md} (81%) rename python/ql/src/change-notes/{2026-03-26-improve-bind-all-interfaces-query.md => released/1.8.1.md} (86%) create mode 100644 ruby/ql/lib/change-notes/released/5.1.16.md create mode 100644 ruby/ql/src/change-notes/released/1.6.1.md create mode 100644 rust/ql/lib/change-notes/released/0.2.12.md create mode 100644 rust/ql/src/change-notes/released/0.1.33.md create mode 100644 shared/concepts/change-notes/released/0.0.22.md create mode 100644 shared/controlflow/change-notes/released/2.0.32.md create mode 100644 shared/dataflow/change-notes/released/2.1.4.md create mode 100644 shared/mad/change-notes/released/1.0.48.md create mode 100644 shared/quantum/change-notes/released/0.0.26.md create mode 100644 shared/rangeanalysis/change-notes/released/1.0.48.md create mode 100644 shared/regex/change-notes/released/1.0.48.md create mode 100644 shared/ssa/change-notes/released/2.0.24.md create mode 100644 shared/threat-models/change-notes/released/1.0.48.md create mode 100644 shared/tutorial/change-notes/released/1.0.48.md create mode 100644 shared/typeflow/change-notes/released/1.0.48.md create mode 100644 shared/typeinference/change-notes/released/0.0.29.md create mode 100644 shared/typetracking/change-notes/released/2.0.32.md create mode 100644 shared/typos/change-notes/released/1.0.48.md create mode 100644 shared/util/change-notes/released/2.0.35.md create mode 100644 shared/xml/change-notes/released/1.0.48.md create mode 100644 shared/yaml/change-notes/released/1.0.48.md rename swift/ql/lib/change-notes/{2026-04-06-swift-6.3.md => released/6.4.0.md} (50%) create mode 100644 swift/ql/src/change-notes/released/1.3.1.md diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index d625bc6f619..e84ba38d180 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.4.34 + +### Minor Analysis Improvements + +* Removed false positive injection sink models for the `context` input of `docker/build-push-action` and the `allowed-endpoints` input of `step-security/harden-runner`. + ## 0.4.33 No user-facing changes. diff --git a/actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md b/actions/ql/lib/change-notes/released/0.4.34.md similarity index 79% rename from actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md rename to actions/ql/lib/change-notes/released/0.4.34.md index 20ccc6d6c02..23b06db4967 100644 --- a/actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md +++ b/actions/ql/lib/change-notes/released/0.4.34.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.4.34 + +### Minor Analysis Improvements + * Removed false positive injection sink models for the `context` input of `docker/build-push-action` and the `allowed-endpoints` input of `step-security/harden-runner`. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 7581fef2abf..69fb16e4c39 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.33 +lastReleaseVersion: 0.4.34 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index fec27415800..b7acc7a3957 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.34-dev +version: 0.4.34 library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index d991237aca9..9dd234fd483 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.6.26 + +### Major Analysis Improvements + +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. + +### Minor Analysis Improvements + +* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. + ## 0.6.25 No user-facing changes. diff --git a/actions/ql/src/change-notes/2026-04-02-permissions.md b/actions/ql/src/change-notes/2026-04-02-permissions.md deleted file mode 100644 index 2672a30ef87..00000000000 --- a/actions/ql/src/change-notes/2026-04-02-permissions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. \ No newline at end of file diff --git a/actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md b/actions/ql/src/change-notes/released/0.6.26.md similarity index 64% rename from actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md rename to actions/ql/src/change-notes/released/0.6.26.md index e2340f446a7..3147a666cdb 100644 --- a/actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md +++ b/actions/ql/src/change-notes/released/0.6.26.md @@ -1,4 +1,9 @@ ---- -category: majorAnalysis ---- -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. \ No newline at end of file +## 0.6.26 + +### Major Analysis Improvements + +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. + +### Minor Analysis Improvements + +* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index b8288b39222..e83bac0046e 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.25 +lastReleaseVersion: 0.6.26 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index 3216a36f3d0..fc18f8052b2 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.26-dev +version: 0.6.26 library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 5b5bc748c5d..2cd1bcede35 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 10.0.0 + +### Breaking Changes + +* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. +* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. + +### New Features + +* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. + ## 9.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/2026-04-07-autoconf.md b/cpp/ql/lib/change-notes/2026-04-07-autoconf.md deleted file mode 100644 index 9f04417b8e2..00000000000 --- a/cpp/ql/lib/change-notes/2026-04-07-autoconf.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. diff --git a/cpp/ql/lib/change-notes/2026-04-14-throwing.md b/cpp/ql/lib/change-notes/2026-04-14-throwing.md deleted file mode 100644 index 6a15437e126..00000000000 --- a/cpp/ql/lib/change-notes/2026-04-14-throwing.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: breaking ---- -* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. -* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. diff --git a/cpp/ql/lib/change-notes/released/10.0.0.md b/cpp/ql/lib/change-notes/released/10.0.0.md new file mode 100644 index 00000000000..af591bd1a0a --- /dev/null +++ b/cpp/ql/lib/change-notes/released/10.0.0.md @@ -0,0 +1,10 @@ +## 10.0.0 + +### Breaking Changes + +* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. +* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. + +### New Features + +* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index fd5f4a48b3c..28758256b94 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.0 +lastReleaseVersion: 10.0.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index dbf57d2b869..4bcb59885fa 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 9.0.1-dev +version: 10.0.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index a3f9d1836ad..aca22062e9f 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,15 @@ +## 1.6.1 + +### Minor Analysis Improvements + +* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. +* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. +* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. + ## 1.6.0 ### Query Metadata Changes diff --git a/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md b/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md deleted file mode 100644 index 8c2c431ec24..00000000000 --- a/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. diff --git a/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md b/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md deleted file mode 100644 index c84e1dba404..00000000000 --- a/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md b/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md deleted file mode 100644 index dd0dbd4bc7d..00000000000 --- a/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. diff --git a/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md b/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md deleted file mode 100644 index cd6796b408f..00000000000 --- a/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md b/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md deleted file mode 100644 index 040e89c1347..00000000000 --- a/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md b/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md deleted file mode 100644 index f8b9085dacc..00000000000 --- a/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md b/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md deleted file mode 100644 index af97cee7f9e..00000000000 --- a/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. diff --git a/cpp/ql/src/change-notes/released/1.6.1.md b/cpp/ql/src/change-notes/released/1.6.1.md new file mode 100644 index 00000000000..4cba7e508bd --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.6.1.md @@ -0,0 +1,11 @@ +## 1.6.1 + +### Minor Analysis Improvements + +* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. +* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. +* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index c4f0b07d533..ef7a789e0cf 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.0 +lastReleaseVersion: 1.6.1 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4648951796c..8ec81ab6135 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.1-dev +version: 1.6.1 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index f7107d18c01..166a94bd88d 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.65 + +No user-facing changes. + ## 1.7.64 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md new file mode 100644 index 00000000000..12bf5dad4b0 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md @@ -0,0 +1,3 @@ +## 1.7.65 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index f41e954c9ae..bf581427d29 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.64 +lastReleaseVersion: 1.7.65 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 006ef851567..d50eb024972 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.65-dev +version: 1.7.65 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index f7107d18c01..166a94bd88d 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.65 + +No user-facing changes. + ## 1.7.64 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md new file mode 100644 index 00000000000..12bf5dad4b0 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md @@ -0,0 +1,3 @@ +## 1.7.65 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index f41e954c9ae..bf581427d29 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.64 +lastReleaseVersion: 1.7.65 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index af5fd98f58a..bd70b1664ac 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.65-dev +version: 1.7.65 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 57d99a41480..32cd8f33c65 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 5.5.0 + +### Deprecated APIs + +* The predicates `get[L|R]Value` in the class `Assignment` have been deprecated. Use `get[Left|Right]Operand` instead. + ## 5.4.12 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md b/csharp/ql/lib/change-notes/released/5.5.0.md similarity index 79% rename from csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md rename to csharp/ql/lib/change-notes/released/5.5.0.md index da1a3d62148..b497d8ea51b 100644 --- a/csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md +++ b/csharp/ql/lib/change-notes/released/5.5.0.md @@ -1,4 +1,5 @@ ---- -category: deprecated ---- +## 5.5.0 + +### Deprecated APIs + * The predicates `get[L|R]Value` in the class `Assignment` have been deprecated. Use `get[Left|Right]Operand` instead. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 43db6e52c98..4b8cf9533c1 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.4.12 +lastReleaseVersion: 5.5.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 02c1ccd0d33..f90aa010b89 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.4.13-dev +version: 5.5.0 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index fc0f8c58d79..cdab7134185 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,12 @@ +## 1.7.1 + +### Minor Analysis Improvements + +* The query `cs/useless-tostring-call` has been updated to avoid false + positive results in calls to `StringBuilder.AppendLine` and calls of + the form `base.ToString()`. Moreover, the alert message has been + made more precise. + ## 1.7.0 ### Query Metadata Changes diff --git a/csharp/ql/src/change-notes/2026-04-17-useless-to-string.md b/csharp/ql/src/change-notes/released/1.7.1.md similarity index 84% rename from csharp/ql/src/change-notes/2026-04-17-useless-to-string.md rename to csharp/ql/src/change-notes/released/1.7.1.md index 9b4c81378c9..0b5df9629c6 100644 --- a/csharp/ql/src/change-notes/2026-04-17-useless-to-string.md +++ b/csharp/ql/src/change-notes/released/1.7.1.md @@ -1,6 +1,7 @@ ---- -category: minorAnalysis ---- +## 1.7.1 + +### Minor Analysis Improvements + * The query `cs/useless-tostring-call` has been updated to avoid false positive results in calls to `StringBuilder.AppendLine` and calls of the form `base.ToString()`. Moreover, the alert message has been diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index d1184cc6750..7bdec0d85c7 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.0 +lastReleaseVersion: 1.7.1 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 9ea341d1b38..c7d8eace296 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.1-dev +version: 1.7.1 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 34ae2fd2277..a3aa00d4872 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.48.md b/go/ql/consistency-queries/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index c9dda4765dd..2a03af96152 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.48-dev +version: 1.0.48 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 441d15a0d0e..737d08654b8 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 7.0.6 + +No user-facing changes. + ## 7.0.5 No user-facing changes. diff --git a/go/ql/lib/change-notes/released/7.0.6.md b/go/ql/lib/change-notes/released/7.0.6.md new file mode 100644 index 00000000000..ca9a73aa64c --- /dev/null +++ b/go/ql/lib/change-notes/released/7.0.6.md @@ -0,0 +1,3 @@ +## 7.0.6 + +No user-facing changes. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 2cff21d59fe..c7cff8c5378 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.5 +lastReleaseVersion: 7.0.6 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 2d7338a020d..71a8c1c50f0 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.0.6-dev +version: 7.0.6 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 2bc95cc1922..971d478d56e 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.1 + +No user-facing changes. + ## 1.6.0 ### Query Metadata Changes diff --git a/go/ql/src/change-notes/released/1.6.1.md b/go/ql/src/change-notes/released/1.6.1.md new file mode 100644 index 00000000000..898f6201ed7 --- /dev/null +++ b/go/ql/src/change-notes/released/1.6.1.md @@ -0,0 +1,3 @@ +## 1.6.1 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index c4f0b07d533..ef7a789e0cf 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.0 +lastReleaseVersion: 1.6.1 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index de4e5e06d38..3f3d4e7cc2a 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.1-dev +version: 1.6.1 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index caa1eaecb94..2d34c791c92 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 9.0.4 + +### Minor Analysis Improvements + +* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the Woodstox StAX library when `com.ctc.wstx.stax.WstxInputFactory` or `org.codehaus.stax2.XMLInputFactory2` are used directly. + ## 9.0.3 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md b/java/ql/lib/change-notes/released/9.0.4.md similarity index 88% rename from java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md rename to java/ql/lib/change-notes/released/9.0.4.md index 891fc489e46..a5499634951 100644 --- a/java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md +++ b/java/ql/lib/change-notes/released/9.0.4.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 9.0.4 + +### Minor Analysis Improvements + * The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the Woodstox StAX library when `com.ctc.wstx.stax.WstxInputFactory` or `org.codehaus.stax2.XMLInputFactory2` are used directly. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 175658aaf53..4bbe4f75b58 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.3 +lastReleaseVersion: 9.0.4 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 7f058cfb8d6..0a842a96b34 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.0.4-dev +version: 9.0.4 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 2a2f8052092..1b5d2bdad8a 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.11.1 + +No user-facing changes. + ## 1.11.0 ### Query Metadata Changes diff --git a/java/ql/src/change-notes/released/1.11.1.md b/java/ql/src/change-notes/released/1.11.1.md new file mode 100644 index 00000000000..f5047685223 --- /dev/null +++ b/java/ql/src/change-notes/released/1.11.1.md @@ -0,0 +1,3 @@ +## 1.11.1 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 276088d81dc..4ae123153bf 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.11.0 +lastReleaseVersion: 1.11.1 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 72b4a5f94e6..49c552ec02a 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.1-dev +version: 1.11.1 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index fedb0b9b587..77837f46c5e 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.6.28 + +No user-facing changes. + ## 2.6.27 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/2.6.28.md b/javascript/ql/lib/change-notes/released/2.6.28.md new file mode 100644 index 00000000000..9c30dddcc0a --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.6.28.md @@ -0,0 +1,3 @@ +## 2.6.28 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2ce86b10a85..2456457874e 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.27 +lastReleaseVersion: 2.6.28 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index e0834c056d1..dabbc8bd755 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.28-dev +version: 2.6.28 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 29e6c8e8da3..9b122364ffa 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.3.8 + +### Minor Analysis Improvements + +* The query `js/missing-rate-limiting` now takes Fastify per-route + rate limiting into account. + ## 2.3.7 No user-facing changes. diff --git a/javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md b/javascript/ql/src/change-notes/released/2.3.8.md similarity index 69% rename from javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md rename to javascript/ql/src/change-notes/released/2.3.8.md index 56d52388524..5ce5cbe2f24 100644 --- a/javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md +++ b/javascript/ql/src/change-notes/released/2.3.8.md @@ -1,5 +1,6 @@ ---- -category: minorAnalysis ---- +## 2.3.8 + +### Minor Analysis Improvements + * The query `js/missing-rate-limiting` now takes Fastify per-route rate limiting into account. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 914cded08b3..c68b70cb8be 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.3.7 +lastReleaseVersion: 2.3.8 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 117fae183e9..dd4f7c255a8 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.8-dev +version: 2.3.8 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 4b73639b1f7..897533f6450 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.48.md b/misc/suite-helpers/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 1d853802342..c18ab2bb10e 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.48-dev +version: 1.0.48 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index a6833ea8db3..69fa60a6675 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 7.0.5 + +### Minor Analysis Improvements + +- The Python extractor now supports the new `lazy import ...` and `lazy from ... import ...` (as defined in [PEP-810](https://peps.python.org/pep-0810/)) that will be part of Python 3.15. + ## 7.0.4 ### Bug Fixes diff --git a/python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md b/python/ql/lib/change-notes/released/7.0.5.md similarity index 81% rename from python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md rename to python/ql/lib/change-notes/released/7.0.5.md index 67de168ff47..e205660dfde 100644 --- a/python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md +++ b/python/ql/lib/change-notes/released/7.0.5.md @@ -1,5 +1,5 @@ ---- -category: minorAnalysis ---- +## 7.0.5 + +### Minor Analysis Improvements - The Python extractor now supports the new `lazy import ...` and `lazy from ... import ...` (as defined in [PEP-810](https://peps.python.org/pep-0810/)) that will be part of Python 3.15. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 6630ee1984a..2cff21d59fe 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.4 +lastReleaseVersion: 7.0.5 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index fe87c5761cf..4dc63a6f9cb 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.0.5-dev +version: 7.0.5 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index d5f5269c61d..38018f09856 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.8.1 + +### Minor Analysis Improvements + +- The `py/bind-socket-all-network-interfaces` query now uses the global data-flow library, leading to better precision and more results. Also, wrappers of `socket.socket` in the `eventlet` and `gevent` libraries are now also recognized as socket binding operations. + ## 1.8.0 ### Query Metadata Changes diff --git a/python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md b/python/ql/src/change-notes/released/1.8.1.md similarity index 86% rename from python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md rename to python/ql/src/change-notes/released/1.8.1.md index bc78b2b6f77..cafb58c11c9 100644 --- a/python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md +++ b/python/ql/src/change-notes/released/1.8.1.md @@ -1,5 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.8.1 + +### Minor Analysis Improvements - The `py/bind-socket-all-network-interfaces` query now uses the global data-flow library, leading to better precision and more results. Also, wrappers of `socket.socket` in the `eventlet` and `gevent` libraries are now also recognized as socket binding operations. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index dc8a37cc443..28a7c123ae8 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.8.0 +lastReleaseVersion: 1.8.1 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index aa2a2364854..b7d90a618e9 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.1-dev +version: 1.8.1 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 40cb88d396f..8315b641369 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 5.1.16 + +No user-facing changes. + ## 5.1.15 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/5.1.16.md b/ruby/ql/lib/change-notes/released/5.1.16.md new file mode 100644 index 00000000000..42c9934011a --- /dev/null +++ b/ruby/ql/lib/change-notes/released/5.1.16.md @@ -0,0 +1,3 @@ +## 5.1.16 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 840348ed924..735f742e9af 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.15 +lastReleaseVersion: 5.1.16 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index bbf4de40909..ef68525f982 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.16-dev +version: 5.1.16 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index cb4c0ae7874..5266fc1d5d9 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.1 + +No user-facing changes. + ## 1.6.0 ### Query Metadata Changes diff --git a/ruby/ql/src/change-notes/released/1.6.1.md b/ruby/ql/src/change-notes/released/1.6.1.md new file mode 100644 index 00000000000..898f6201ed7 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.6.1.md @@ -0,0 +1,3 @@ +## 1.6.1 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index c4f0b07d533..ef7a789e0cf 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.0 +lastReleaseVersion: 1.6.1 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 191689565de..8964f6e51ac 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.1-dev +version: 1.6.1 groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index eea5bd6e89d..8e515660f29 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.12 + +No user-facing changes. + ## 0.2.11 No user-facing changes. diff --git a/rust/ql/lib/change-notes/released/0.2.12.md b/rust/ql/lib/change-notes/released/0.2.12.md new file mode 100644 index 00000000000..590eb0cedd1 --- /dev/null +++ b/rust/ql/lib/change-notes/released/0.2.12.md @@ -0,0 +1,3 @@ +## 0.2.12 + +No user-facing changes. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index 2ee635b9937..da1cea93393 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.11 +lastReleaseVersion: 0.2.12 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index f5031020037..569930438ab 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.12-dev +version: 0.2.12 groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index eab921bcbd6..14034c9877d 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.33 + +No user-facing changes. + ## 0.1.32 ### Query Metadata Changes diff --git a/rust/ql/src/change-notes/released/0.1.33.md b/rust/ql/src/change-notes/released/0.1.33.md new file mode 100644 index 00000000000..5bd982edadd --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.33.md @@ -0,0 +1,3 @@ +## 0.1.33 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index 21bbd752f27..d9c9e819daa 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.32 +lastReleaseVersion: 0.1.33 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index f78504db76e..0eefe2f3932 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.33-dev +version: 0.1.33 groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index 704ea3e8e01..e8b920847e9 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.22 + +No user-facing changes. + ## 0.0.21 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.22.md b/shared/concepts/change-notes/released/0.0.22.md new file mode 100644 index 00000000000..00226747438 --- /dev/null +++ b/shared/concepts/change-notes/released/0.0.22.md @@ -0,0 +1,3 @@ +## 0.0.22 + +No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index 0c15c351db4..11aaa2243f5 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.21 +lastReleaseVersion: 0.0.22 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index bf6e8b6018c..2ce2978829e 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.22-dev +version: 0.0.22 groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index baca729ddda..df00c6146d8 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.32 + +No user-facing changes. + ## 2.0.31 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.32.md b/shared/controlflow/change-notes/released/2.0.32.md new file mode 100644 index 00000000000..0930bb07f8c --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.32.md @@ -0,0 +1,3 @@ +## 2.0.32 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 783d47207cd..483a0d5db8e 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.31 +lastReleaseVersion: 2.0.32 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 5573548794d..b293853c73b 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.32-dev +version: 2.0.32 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 52c893f78e2..ed60239f3de 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.1.4 + +No user-facing changes. + ## 2.1.3 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.1.4.md b/shared/dataflow/change-notes/released/2.1.4.md new file mode 100644 index 00000000000..a1035c6b05b --- /dev/null +++ b/shared/dataflow/change-notes/released/2.1.4.md @@ -0,0 +1,3 @@ +## 2.1.4 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 345fb0c73a4..896b46fda9b 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.3 +lastReleaseVersion: 2.1.4 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 3b917def33d..e7778805c50 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.4-dev +version: 2.1.4 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 1bffb976cf8..ff868403d0c 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.48.md b/shared/mad/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/mad/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index b5583f8c55a..920ffe10267 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index 8d524a11a09..eccc65c6041 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.26 + +No user-facing changes. + ## 0.0.25 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.26.md b/shared/quantum/change-notes/released/0.0.26.md new file mode 100644 index 00000000000..e6dc680cc11 --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.26.md @@ -0,0 +1,3 @@ +## 0.0.26 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index 6d0e80a50c3..c576d2d7db2 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.25 +lastReleaseVersion: 0.0.26 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index a19e99ef7ea..52c78c5f963 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.26-dev +version: 0.0.26 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 0ab7487192c..9afb612f18a 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.48.md b/shared/rangeanalysis/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index d493350749e..274a6160372 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index dd6f0c4cad6..2375b7b56ab 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.48.md b/shared/regex/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/regex/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 7b953dcff1c..abe561fb37c 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 3573140fc41..dd21ba6d38b 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.24 + +No user-facing changes. + ## 2.0.23 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.24.md b/shared/ssa/change-notes/released/2.0.24.md new file mode 100644 index 00000000000..6547901c334 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.24.md @@ -0,0 +1,3 @@ +## 2.0.24 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 1bd7e296a34..1460df314d5 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.23 +lastReleaseVersion: 2.0.24 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index a8fa9a11424..16d312b77ae 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.24-dev +version: 2.0.24 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 34ae2fd2277..a3aa00d4872 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.48.md b/shared/threat-models/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index a4a367a990b..2cf364fa332 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.48-dev +version: 1.0.48 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index cf8f60d1d46..9350e8a04eb 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.48.md b/shared/tutorial/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index f961ccdc0eb..5c9c6cdc47c 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 8c5ee5e9486..035c2aa456e 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.48.md b/shared/typeflow/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index f7e111d28fd..c9d4ec97a92 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index 7153b9314b1..c8b656e4f35 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.29 + +No user-facing changes. + ## 0.0.28 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.29.md b/shared/typeinference/change-notes/released/0.0.29.md new file mode 100644 index 00000000000..4428927c79d --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.29.md @@ -0,0 +1,3 @@ +## 0.0.29 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index 3462db7d348..c81f1813120 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.28 +lastReleaseVersion: 0.0.29 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 97c8df36895..57ed4da1080 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.29-dev +version: 0.0.29 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index f779002267a..75d8938e6a1 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.32 + +No user-facing changes. + ## 2.0.31 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.32.md b/shared/typetracking/change-notes/released/2.0.32.md new file mode 100644 index 00000000000..0930bb07f8c --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.32.md @@ -0,0 +1,3 @@ +## 2.0.32 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 783d47207cd..483a0d5db8e 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.31 +lastReleaseVersion: 2.0.32 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index aa029687531..7d506ee6807 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.32-dev +version: 2.0.32 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index b49f756fef0..35825098a63 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.48.md b/shared/typos/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/typos/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 37fc79bb1df..5ba6ce2b43d 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index cb3ac7bbe79..d1becc8ba2c 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.35 + +No user-facing changes. + ## 2.0.34 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.35.md b/shared/util/change-notes/released/2.0.35.md new file mode 100644 index 00000000000..526e1fc9f4c --- /dev/null +++ b/shared/util/change-notes/released/2.0.35.md @@ -0,0 +1,3 @@ +## 2.0.35 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 339a3ce7c57..27eb8ef8ece 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.34 +lastReleaseVersion: 2.0.35 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 02e6241dccb..1e765b5e42e 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.35-dev +version: 2.0.35 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 98702251320..131bf7afd2a 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.48.md b/shared/xml/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/xml/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 0d75859bdb9..45ddcffaee7 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 4a41f8ee9df..1c420b31355 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.48.md b/shared/yaml/change-notes/released/1.0.48.md new file mode 100644 index 00000000000..c484c6e8d6e --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index dcec0f6405a..6db79f2c397 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index cfea54e0b5b..461f97ac4db 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 3967689b933..e2cb45f9769 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 6.4.0 + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3. + ## 6.3.3 No user-facing changes. diff --git a/swift/ql/lib/change-notes/2026-04-06-swift-6.3.md b/swift/ql/lib/change-notes/released/6.4.0.md similarity index 50% rename from swift/ql/lib/change-notes/2026-04-06-swift-6.3.md rename to swift/ql/lib/change-notes/released/6.4.0.md index 512cb613984..e4b68cd2c9b 100644 --- a/swift/ql/lib/change-notes/2026-04-06-swift-6.3.md +++ b/swift/ql/lib/change-notes/released/6.4.0.md @@ -1,4 +1,5 @@ ---- -category: majorAnalysis ---- +## 6.4.0 + +### Major Analysis Improvements + * Upgraded to allow analysis of Swift 6.3. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 83b98dcdbc3..3098c5db6c3 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.3.3 +lastReleaseVersion: 6.4.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 32c6458ddea..c8cc7f97a2b 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.3.4-dev +version: 6.4.0 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index f880dc3366f..af70cebc1e4 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.1 + +No user-facing changes. + ## 1.3.0 ### Query Metadata Changes diff --git a/swift/ql/src/change-notes/released/1.3.1.md b/swift/ql/src/change-notes/released/1.3.1.md new file mode 100644 index 00000000000..8dd9964197c --- /dev/null +++ b/swift/ql/src/change-notes/released/1.3.1.md @@ -0,0 +1,3 @@ +## 1.3.1 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index ec16350ed6f..e71b6d081f1 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.0 +lastReleaseVersion: 1.3.1 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 5b6c7a6977a..2bde0f317c7 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.1-dev +version: 1.3.1 groups: - swift - queries From 03c3b3f4c4aec8214ded9c5c0e6ca7a3c2b94bbe Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 20 Apr 2026 11:40:32 +0200 Subject: [PATCH 2/3] Improve wording of `actions` note --- actions/ql/src/CHANGELOG.md | 4 ++-- actions/ql/src/change-notes/released/0.6.26.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 9dd234fd483..96f8d266206 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -2,7 +2,7 @@ ### Major Analysis Improvements -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also improved the wording to make it clearer that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Finally, changed the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. ### Minor Analysis Improvements @@ -173,7 +173,7 @@ No user-facing changes. * `actions/if-expression-always-true/critical` * `actions/if-expression-always-true/high` * `actions/unnecessary-use-of-advanced-config` - + * The following query has been moved from the `code-scanning` suite to the `security-extended` suite. Any existing alerts for this query will be closed automatically unless the analysis is configured to use the `security-extended` suite. diff --git a/actions/ql/src/change-notes/released/0.6.26.md b/actions/ql/src/change-notes/released/0.6.26.md index 3147a666cdb..8bf43e63907 100644 --- a/actions/ql/src/change-notes/released/0.6.26.md +++ b/actions/ql/src/change-notes/released/0.6.26.md @@ -2,7 +2,7 @@ ### Major Analysis Improvements -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also improved the wording to make it clearer that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Finally, changed the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. ### Minor Analysis Improvements From f817bd4924665099296dec89614c62ebe401f32b Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 20 Apr 2026 12:24:05 +0200 Subject: [PATCH 3/3] Merge changelog entries for `cpp/implicit-function-declaration` --- cpp/ql/src/CHANGELOG.md | 5 ++--- cpp/ql/src/change-notes/released/1.6.1.md | 3 +-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index aca22062e9f..80b9ad0e475 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -4,11 +4,10 @@ * Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. * The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. * The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. However, for `build mode: none` databases, it no longer produces any results. The results in this mode were found to be very noisy and fundamentally imprecise. ## 1.6.0 @@ -367,7 +366,7 @@ No user-facing changes. ### Minor Analysis Improvements * The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives. -* Added dataflow models for the `gettext` function variants. +* Added dataflow models for the `gettext` function variants. ## 0.9.4 diff --git a/cpp/ql/src/change-notes/released/1.6.1.md b/cpp/ql/src/change-notes/released/1.6.1.md index 4cba7e508bd..83781b87c58 100644 --- a/cpp/ql/src/change-notes/released/1.6.1.md +++ b/cpp/ql/src/change-notes/released/1.6.1.md @@ -4,8 +4,7 @@ * Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. * The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. * The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. However, for `build mode: none` databases, it no longer produces any results. The results in this mode were found to be very noisy and fundamentally imprecise.