hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.7.3

Browse Source
This commit is contained in:
github-actions[bot]
2021-11-30 20:39:35 +00:00
parent 9f6c0991cf
commit 337ce65fe5
81 changed files with 149 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cpp/ql/lib/change-notes/2021-11-01-isFromSystemMacroDefinition.md → cpp/ql/lib/CHANGELOG.md
View File

@@ -1,7 +1,7 @@
---
category: feature
tags: [lgtm,codescanning]
---
## 0.0.4
### New Features
* The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate
`isFromSystemMacroDefinition` for identifying code that originates from a
macro outside the project being analyzed.

7
cpp/ql/lib/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1,7 @@
## 0.0.4
### New Features
* The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate
`isFromSystemMacroDefinition` for identifying code that originates from a
macro outside the project being analyzed.

2
cpp/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
cpp/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/cpp-all
version: 0.0.3
version: 0.0.4
groups: cpp
dbscheme: semmlecode.cpp.dbscheme
extractor: cpp

8
cpp/ql/src/change-notes/2021-11-09-use-of-http.md → cpp/ql/src/CHANGELOG.md
View File

@@ -1,5 +1,5 @@
---
category: newQuery
tags: [lgtm,codescanning]
---
## 0.0.4
### New Queries
* A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`.

5
cpp/ql/src/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1,5 @@
## 0.0.4
### New Queries
* A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`.

2
cpp/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
cpp/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/cpp-queries
version: 0.0.3
version: 0.0.4
groups: cpp
dependencies:
codeql/cpp-all: "*"

1
cpp/upgrades/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
cpp/upgrades/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
cpp/upgrades/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
cpp/upgrades/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/cpp-upgrades
groups: cpp
upgrades: .
version: 0.0.3
version: 0.0.4
library: true

1
csharp/ql/lib/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
csharp/ql/lib/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
csharp/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
csharp/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/csharp-all
version: 0.0.3
version: 0.0.4
groups: csharp
dbscheme: semmlecode.csharp.dbscheme
extractor: csharp

1
csharp/ql/src/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
csharp/ql/src/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
csharp/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
csharp/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/csharp-queries
version: 0.0.3
version: 0.0.4
groups: csharp
suites: codeql-suites
extractor: csharp

1
csharp/upgrades/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
csharp/upgrades/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
csharp/upgrades/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
csharp/upgrades/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/csharp-upgrades
groups: csharp
version: 0.0.3
version: 0.0.4
upgrades: .
library: true

9
java/ql/lib/change-notes/2021-11-25-surrogate-char-literals.md → java/ql/lib/CHANGELOG.md
View File

@@ -1,6 +1,7 @@
---
category: fix
tags: [lgtm,codescanning]
---
## 0.0.4
### Bug Fixes
* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
* The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals.
* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`.

5
java/ql/lib/change-notes/2021-11-15-overrides.md
View File

@@ -1,5 +0,0 @@
---
category: fix
tags: [lgtm,codescanning]
---
* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`.

7
java/ql/lib/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1,7 @@
## 0.0.4
### Bug Fixes
* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
* The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals.
* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`.

2
java/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
java/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/java-all
version: 0.0.3
version: 0.0.4
groups: java
dbscheme: config/semmlecode.dbscheme
extractor: java

1
java/ql/src/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
java/ql/src/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
java/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
java/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/java-queries
version: 0.0.3
version: 0.0.4
groups: java
suites: codeql-suites
extractor: java

1
java/upgrades/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
java/upgrades/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
java/upgrades/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
java/upgrades/qlpack.yml
View File

@@ -2,4 +2,4 @@ name: codeql/java-upgrades
groups: java
upgrades: .
library: true
version: 0.0.3
version: 0.0.4

1
javascript/ql/lib/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.5

1
javascript/ql/lib/change-notes/released/0.0.5.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.5

2
javascript/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.4
lastReleaseVersion: 0.0.5

2
javascript/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/javascript-all
version: 0.0.4
version: 0.0.5
groups: javascript
dbscheme: semmlecode.javascript.dbscheme
extractor: javascript

7
javascript/ql/src/CHANGELOG.md Normal file
View File

@@ -0,0 +1,7 @@
## 0.0.5
### New Queries
* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string.
* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size.
* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in.

5
javascript/ql/src/change-notes/2021-11-02-insufficient-key-size.md
View File

@@ -1,5 +0,0 @@
---
category: newQuery
tags: [lgtm, codescanning]
---
* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size.

5
javascript/ql/src/change-notes/2021-11-02-session-fixation.md
View File

@@ -1,5 +0,0 @@
---
category: newQuery
tags: [lgtm, codescanning]
---
* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in.

5
javascript/ql/src/change-notes/2021-11-04-sensitive-get-query.md
View File

@@ -1,5 +0,0 @@
---
category: newQuery
tags: [lgtm, codescanning]
---
* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string.

7
javascript/ql/src/change-notes/released/0.0.5.md Normal file
View File

@@ -0,0 +1,7 @@
## 0.0.5
### New Queries
* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string.
* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size.
* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in.

2
javascript/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.4
lastReleaseVersion: 0.0.5

2
javascript/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/javascript-queries
version: 0.0.4
version: 0.0.5
groups: javascript
suites: codeql-suites
extractor: javascript

1
javascript/upgrades/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.5

1
javascript/upgrades/change-notes/released/0.0.5.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.5

2
javascript/upgrades/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.4
lastReleaseVersion: 0.0.5

2
javascript/upgrades/qlpack.yml
View File

@@ -2,4 +2,4 @@ name: codeql/javascript-upgrades
groups: javascript
upgrades: .
library: true
version: 0.0.4
version: 0.0.5

10
python/ql/lib/CHANGELOG.md Normal file
View File

@@ -0,0 +1,10 @@
## 0.0.4
### Major Analysis Improvements
* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
* Added modeling of `aiopg` for sinks executing SQL.
* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources.
* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.

5
python/ql/lib/change-notes/2021-11-02-flask_admin.md
View File

@@ -1,5 +0,0 @@
---
category: majorAnalysis
tags: [lgtm, codescanning]
---
* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources.

5
python/ql/lib/change-notes/2021-11-02-toml.md
View File

@@ -1,5 +0,0 @@
---
category: majorAnalysis
tags: [lgtm, codescanning]
---
* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.

5
python/ql/lib/change-notes/2021-11-09-model-aiopg.md
View File

@@ -1,5 +0,0 @@
---
category: majorAnalysis
tags: [lgtm, codescanning]
---
* Added modeling of `aiopg` for sinks executing SQL.

5
python/ql/lib/change-notes/2021-11-15-model-wsgiref-simple-server-app.md
View File

@@ -1,5 +0,0 @@
---
category: majorAnalysis
tags: [lgtm,codescanning]
---
* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.

5
python/ql/lib/change-notes/2021-11-16-os-stat.md
View File

@@ -1,5 +0,0 @@
---
category: majorAnalysis
tags: [lgtm,codescanning]
---
* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.

5
python/ql/lib/change-notes/2021-11-16-posixpath.md
View File

@@ -1,5 +0,0 @@
---
category: majorAnalysis
tags: [lgtm,codescanning]
---
* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.

10
python/ql/lib/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1,10 @@
## 0.0.4
### Major Analysis Improvements
* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
* Added modeling of `aiopg` for sinks executing SQL.
* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources.
* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.

2
python/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
python/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/python-all
version: 0.0.3
version: 0.0.4
groups: python
dbscheme: semmlecode.python.dbscheme
extractor: python

8
python/ql/src/change-notes/2021-11-12-fix-pyhton-query-ids.md → python/ql/src/CHANGELOG.md
View File

@@ -1,5 +1,5 @@
---
category: queryMetadata
tags: [lgtm,codescanning]
---
## 0.0.4
### Query Metadata Changes
* Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`.

5
python/ql/src/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1,5 @@
## 0.0.4
### Query Metadata Changes
* Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`.

2
python/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
python/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/python-queries
version: 0.0.3
version: 0.0.4
groups: python
dependencies:
codeql/python-all: "*"

1
python/upgrades/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
python/upgrades/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
python/upgrades/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
python/upgrades/qlpack.yml
View File

@@ -2,4 +2,4 @@ name: codeql/python-upgrades
groups: python
upgrades: .
library: true
version: 0.0.3
version: 0.0.4

1
ruby/ql/lib/CHANGELOG.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

1
ruby/ql/lib/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1 @@
## 0.0.4

2
ruby/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
ruby/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/ruby-all
version: 0.0.3
version: 0.0.4
groups: ruby
extractor: ruby
dbscheme: ruby.dbscheme

10
ruby/ql/src/CHANGELOG.md Normal file
View File

@@ -0,0 +1,10 @@
## 0.0.4
### New Queries
* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.
* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled.
### Query Metadata Changes
* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM.

5
ruby/ql/src/change-notes/2021-11-04-csrf-protection-disabled.md
View File

@@ -1,5 +0,0 @@
---
category: newQuery
tags: [lgtm,codescanning]
---
* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled.

5
ruby/ql/src/change-notes/2021-11-08-hardcoded-credentials-downgrade.md
View File

@@ -1,5 +0,0 @@
---
category: queryMetadata
tags: [lgtm, codescanning]
---
* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM.

5
ruby/ql/src/change-notes/2021-11-09-request-forgery.md
View File

@@ -1,5 +0,0 @@
---
category: newQuery
tags: [lgtm,codescanning]
---
* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.

10
ruby/ql/src/change-notes/released/0.0.4.md Normal file
View File

@@ -0,0 +1,10 @@
## 0.0.4
### New Queries
* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.
* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled.
### Query Metadata Changes
* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM.

2
ruby/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.3
lastReleaseVersion: 0.0.4

2
ruby/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/ruby-queries
version: 0.0.3
version: 0.0.4
groups: ruby
suites: codeql-suites
defaultSuiteFile: codeql-suites/ruby-code-scanning.qls