From 337ce65fe5923cf7742b760f0258fe4cd9b30272 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 30 Nov 2021 20:39:35 +0000 Subject: [PATCH] Release preparation for version 2.7.3 --- ...-01-isFromSystemMacroDefinition.md => CHANGELOG.md} | 8 ++++---- cpp/ql/lib/change-notes/released/0.0.4.md | 7 +++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- .../2021-11-09-use-of-http.md => CHANGELOG.md} | 8 ++++---- cpp/ql/src/change-notes/released/0.0.4.md | 5 +++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- cpp/upgrades/CHANGELOG.md | 1 + cpp/upgrades/change-notes/released/0.0.4.md | 1 + cpp/upgrades/codeql-pack.release.yml | 2 +- cpp/upgrades/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 1 + csharp/ql/lib/change-notes/released/0.0.4.md | 1 + csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 1 + csharp/ql/src/change-notes/released/0.0.4.md | 1 + csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- csharp/upgrades/CHANGELOG.md | 1 + csharp/upgrades/change-notes/released/0.0.4.md | 1 + csharp/upgrades/codeql-pack.release.yml | 2 +- csharp/upgrades/qlpack.yml | 2 +- ...1-11-25-surrogate-char-literals.md => CHANGELOG.md} | 9 +++++---- java/ql/lib/change-notes/2021-11-15-overrides.md | 5 ----- java/ql/lib/change-notes/released/0.0.4.md | 7 +++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 1 + java/ql/src/change-notes/released/0.0.4.md | 1 + java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- java/upgrades/CHANGELOG.md | 1 + java/upgrades/change-notes/released/0.0.4.md | 1 + java/upgrades/codeql-pack.release.yml | 2 +- java/upgrades/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 1 + javascript/ql/lib/change-notes/released/0.0.5.md | 1 + javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 7 +++++++ .../change-notes/2021-11-02-insufficient-key-size.md | 5 ----- .../ql/src/change-notes/2021-11-02-session-fixation.md | 5 ----- .../src/change-notes/2021-11-04-sensitive-get-query.md | 5 ----- javascript/ql/src/change-notes/released/0.0.5.md | 7 +++++++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- javascript/upgrades/CHANGELOG.md | 1 + javascript/upgrades/change-notes/released/0.0.5.md | 1 + javascript/upgrades/codeql-pack.release.yml | 2 +- javascript/upgrades/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 10 ++++++++++ python/ql/lib/change-notes/2021-11-02-flask_admin.md | 5 ----- python/ql/lib/change-notes/2021-11-02-toml.md | 5 ----- python/ql/lib/change-notes/2021-11-09-model-aiopg.md | 5 ----- .../2021-11-15-model-wsgiref-simple-server-app.md | 5 ----- python/ql/lib/change-notes/2021-11-16-os-stat.md | 5 ----- python/ql/lib/change-notes/2021-11-16-posixpath.md | 5 ----- python/ql/lib/change-notes/released/0.0.4.md | 10 ++++++++++ python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- ...2021-11-12-fix-pyhton-query-ids.md => CHANGELOG.md} | 8 ++++---- python/ql/src/change-notes/released/0.0.4.md | 5 +++++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- python/upgrades/CHANGELOG.md | 1 + python/upgrades/change-notes/released/0.0.4.md | 1 + python/upgrades/codeql-pack.release.yml | 2 +- python/upgrades/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 1 + ruby/ql/lib/change-notes/released/0.0.4.md | 1 + ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 10 ++++++++++ .../2021-11-04-csrf-protection-disabled.md | 5 ----- .../2021-11-08-hardcoded-credentials-downgrade.md | 5 ----- ruby/ql/src/change-notes/2021-11-09-request-forgery.md | 5 ----- ruby/ql/src/change-notes/released/0.0.4.md | 10 ++++++++++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- 81 files changed, 149 insertions(+), 115 deletions(-) rename cpp/ql/lib/{change-notes/2021-11-01-isFromSystemMacroDefinition.md => CHANGELOG.md} (79%) create mode 100644 cpp/ql/lib/change-notes/released/0.0.4.md rename cpp/ql/src/{change-notes/2021-11-09-use-of-http.md => CHANGELOG.md} (72%) create mode 100644 cpp/ql/src/change-notes/released/0.0.4.md create mode 100644 cpp/upgrades/CHANGELOG.md create mode 100644 cpp/upgrades/change-notes/released/0.0.4.md create mode 100644 csharp/ql/lib/CHANGELOG.md create mode 100644 csharp/ql/lib/change-notes/released/0.0.4.md create mode 100644 csharp/ql/src/CHANGELOG.md create mode 100644 csharp/ql/src/change-notes/released/0.0.4.md create mode 100644 csharp/upgrades/CHANGELOG.md create mode 100644 csharp/upgrades/change-notes/released/0.0.4.md rename java/ql/lib/{change-notes/2021-11-25-surrogate-char-literals.md => CHANGELOG.md} (54%) delete mode 100644 java/ql/lib/change-notes/2021-11-15-overrides.md create mode 100644 java/ql/lib/change-notes/released/0.0.4.md create mode 100644 java/ql/src/CHANGELOG.md create mode 100644 java/ql/src/change-notes/released/0.0.4.md create mode 100644 java/upgrades/CHANGELOG.md create mode 100644 java/upgrades/change-notes/released/0.0.4.md create mode 100644 javascript/ql/lib/CHANGELOG.md create mode 100644 javascript/ql/lib/change-notes/released/0.0.5.md create mode 100644 javascript/ql/src/CHANGELOG.md delete mode 100644 javascript/ql/src/change-notes/2021-11-02-insufficient-key-size.md delete mode 100644 javascript/ql/src/change-notes/2021-11-02-session-fixation.md delete mode 100644 javascript/ql/src/change-notes/2021-11-04-sensitive-get-query.md create mode 100644 javascript/ql/src/change-notes/released/0.0.5.md create mode 100644 javascript/upgrades/CHANGELOG.md create mode 100644 javascript/upgrades/change-notes/released/0.0.5.md create mode 100644 python/ql/lib/CHANGELOG.md delete mode 100644 python/ql/lib/change-notes/2021-11-02-flask_admin.md delete mode 100644 python/ql/lib/change-notes/2021-11-02-toml.md delete mode 100644 python/ql/lib/change-notes/2021-11-09-model-aiopg.md delete mode 100644 python/ql/lib/change-notes/2021-11-15-model-wsgiref-simple-server-app.md delete mode 100644 python/ql/lib/change-notes/2021-11-16-os-stat.md delete mode 100644 python/ql/lib/change-notes/2021-11-16-posixpath.md create mode 100644 python/ql/lib/change-notes/released/0.0.4.md rename python/ql/src/{change-notes/2021-11-12-fix-pyhton-query-ids.md => CHANGELOG.md} (81%) create mode 100644 python/ql/src/change-notes/released/0.0.4.md create mode 100644 python/upgrades/CHANGELOG.md create mode 100644 python/upgrades/change-notes/released/0.0.4.md create mode 100644 ruby/ql/lib/CHANGELOG.md create mode 100644 ruby/ql/lib/change-notes/released/0.0.4.md create mode 100644 ruby/ql/src/CHANGELOG.md delete mode 100644 ruby/ql/src/change-notes/2021-11-04-csrf-protection-disabled.md delete mode 100644 ruby/ql/src/change-notes/2021-11-08-hardcoded-credentials-downgrade.md delete mode 100644 ruby/ql/src/change-notes/2021-11-09-request-forgery.md create mode 100644 ruby/ql/src/change-notes/released/0.0.4.md diff --git a/cpp/ql/lib/change-notes/2021-11-01-isFromSystemMacroDefinition.md b/cpp/ql/lib/CHANGELOG.md similarity index 79% rename from cpp/ql/lib/change-notes/2021-11-01-isFromSystemMacroDefinition.md rename to cpp/ql/lib/CHANGELOG.md index 75e254fcb14..3b8fc34bb3f 100644 --- a/cpp/ql/lib/change-notes/2021-11-01-isFromSystemMacroDefinition.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,7 +1,7 @@ ---- -category: feature -tags: [lgtm,codescanning] ---- +## 0.0.4 + +### New Features + * The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate `isFromSystemMacroDefinition` for identifying code that originates from a macro outside the project being analyzed. diff --git a/cpp/ql/lib/change-notes/released/0.0.4.md b/cpp/ql/lib/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3b8fc34bb3f --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.0.4.md @@ -0,0 +1,7 @@ +## 0.0.4 + +### New Features + +* The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate + `isFromSystemMacroDefinition` for identifying code that originates from a + macro outside the project being analyzed. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 90168ab1fa4..a4ade2dce4b 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.0.3 +version: 0.0.4 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/change-notes/2021-11-09-use-of-http.md b/cpp/ql/src/CHANGELOG.md similarity index 72% rename from cpp/ql/src/change-notes/2021-11-09-use-of-http.md rename to cpp/ql/src/CHANGELOG.md index e3e847cc464..09ad248a4f9 100644 --- a/cpp/ql/src/change-notes/2021-11-09-use-of-http.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,5 +1,5 @@ ---- -category: newQuery -tags: [lgtm,codescanning] ---- +## 0.0.4 + +### New Queries + * A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`. diff --git a/cpp/ql/src/change-notes/released/0.0.4.md b/cpp/ql/src/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..09ad248a4f9 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.0.4.md @@ -0,0 +1,5 @@ +## 0.0.4 + +### New Queries + +* A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 815e2a49baf..d659f428a00 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.0.3 +version: 0.0.4 groups: cpp dependencies: codeql/cpp-all: "*" diff --git a/cpp/upgrades/CHANGELOG.md b/cpp/upgrades/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/cpp/upgrades/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/cpp/upgrades/change-notes/released/0.0.4.md b/cpp/upgrades/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/cpp/upgrades/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/cpp/upgrades/codeql-pack.release.yml b/cpp/upgrades/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/cpp/upgrades/codeql-pack.release.yml +++ b/cpp/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/cpp/upgrades/qlpack.yml b/cpp/upgrades/qlpack.yml index aa399b91cfe..cff240e3ba5 100644 --- a/cpp/upgrades/qlpack.yml +++ b/cpp/upgrades/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-upgrades groups: cpp upgrades: . -version: 0.0.3 +version: 0.0.4 library: true diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/csharp/ql/lib/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/csharp/ql/lib/change-notes/released/0.0.4.md b/csharp/ql/lib/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index c47bdce4252..9a2d652ec2e 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.0.3 +version: 0.0.4 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/csharp/ql/src/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/csharp/ql/src/change-notes/released/0.0.4.md b/csharp/ql/src/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index bb35e4ca144..915c28ce210 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.0.3 +version: 0.0.4 groups: csharp suites: codeql-suites extractor: csharp diff --git a/csharp/upgrades/CHANGELOG.md b/csharp/upgrades/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/csharp/upgrades/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/csharp/upgrades/change-notes/released/0.0.4.md b/csharp/upgrades/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/csharp/upgrades/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/csharp/upgrades/codeql-pack.release.yml b/csharp/upgrades/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/csharp/upgrades/codeql-pack.release.yml +++ b/csharp/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/csharp/upgrades/qlpack.yml b/csharp/upgrades/qlpack.yml index 0511a076bc6..a03f84e8128 100644 --- a/csharp/upgrades/qlpack.yml +++ b/csharp/upgrades/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-upgrades groups: csharp -version: 0.0.3 +version: 0.0.4 upgrades: . library: true diff --git a/java/ql/lib/change-notes/2021-11-25-surrogate-char-literals.md b/java/ql/lib/CHANGELOG.md similarity index 54% rename from java/ql/lib/change-notes/2021-11-25-surrogate-char-literals.md rename to java/ql/lib/CHANGELOG.md index 90f5bfd5203..5dec32d6688 100644 --- a/java/ql/lib/change-notes/2021-11-25-surrogate-char-literals.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,6 +1,7 @@ ---- -category: fix -tags: [lgtm,codescanning] ---- +## 0.0.4 + +### Bug Fixes + * `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates. * The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals. +* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`. diff --git a/java/ql/lib/change-notes/2021-11-15-overrides.md b/java/ql/lib/change-notes/2021-11-15-overrides.md deleted file mode 100644 index 2ebfbcf70d3..00000000000 --- a/java/ql/lib/change-notes/2021-11-15-overrides.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix -tags: [lgtm,codescanning] ---- -* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`. diff --git a/java/ql/lib/change-notes/released/0.0.4.md b/java/ql/lib/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..5dec32d6688 --- /dev/null +++ b/java/ql/lib/change-notes/released/0.0.4.md @@ -0,0 +1,7 @@ +## 0.0.4 + +### Bug Fixes + +* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates. +* The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals. +* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 1976e4ce835..03e0af38450 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.0.3 +version: 0.0.4 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/java/ql/src/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/java/ql/src/change-notes/released/0.0.4.md b/java/ql/src/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/java/ql/src/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index dd83c5d8a3e..71e7a4dcedc 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.0.3 +version: 0.0.4 groups: java suites: codeql-suites extractor: java diff --git a/java/upgrades/CHANGELOG.md b/java/upgrades/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/java/upgrades/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/java/upgrades/change-notes/released/0.0.4.md b/java/upgrades/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/java/upgrades/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/java/upgrades/codeql-pack.release.yml b/java/upgrades/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/java/upgrades/codeql-pack.release.yml +++ b/java/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/java/upgrades/qlpack.yml b/java/upgrades/qlpack.yml index 124afe54f86..345863691c9 100644 --- a/java/upgrades/qlpack.yml +++ b/java/upgrades/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/java-upgrades groups: java upgrades: . library: true -version: 0.0.3 +version: 0.0.4 diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md new file mode 100644 index 00000000000..259776640e3 --- /dev/null +++ b/javascript/ql/lib/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.5 diff --git a/javascript/ql/lib/change-notes/released/0.0.5.md b/javascript/ql/lib/change-notes/released/0.0.5.md new file mode 100644 index 00000000000..259776640e3 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.0.5.md @@ -0,0 +1 @@ +## 0.0.5 diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index ec411a674bc..bb45a1ab018 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.0.5 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 0ee2c288409..a0598393d8f 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.0.4 +version: 0.0.5 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md new file mode 100644 index 00000000000..ccd1b78a045 --- /dev/null +++ b/javascript/ql/src/CHANGELOG.md @@ -0,0 +1,7 @@ +## 0.0.5 + +### New Queries + +* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string. +* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size. +* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in. diff --git a/javascript/ql/src/change-notes/2021-11-02-insufficient-key-size.md b/javascript/ql/src/change-notes/2021-11-02-insufficient-key-size.md deleted file mode 100644 index c77e45ef51e..00000000000 --- a/javascript/ql/src/change-notes/2021-11-02-insufficient-key-size.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: newQuery -tags: [lgtm, codescanning] ---- -* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size. diff --git a/javascript/ql/src/change-notes/2021-11-02-session-fixation.md b/javascript/ql/src/change-notes/2021-11-02-session-fixation.md deleted file mode 100644 index 539755a8e2d..00000000000 --- a/javascript/ql/src/change-notes/2021-11-02-session-fixation.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: newQuery -tags: [lgtm, codescanning] ---- -* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in. diff --git a/javascript/ql/src/change-notes/2021-11-04-sensitive-get-query.md b/javascript/ql/src/change-notes/2021-11-04-sensitive-get-query.md deleted file mode 100644 index 4ae76d96d91..00000000000 --- a/javascript/ql/src/change-notes/2021-11-04-sensitive-get-query.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: newQuery -tags: [lgtm, codescanning] ---- -* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string. diff --git a/javascript/ql/src/change-notes/released/0.0.5.md b/javascript/ql/src/change-notes/released/0.0.5.md new file mode 100644 index 00000000000..ccd1b78a045 --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.0.5.md @@ -0,0 +1,7 @@ +## 0.0.5 + +### New Queries + +* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string. +* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size. +* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index ec411a674bc..bb45a1ab018 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.0.5 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 58c6330797c..6fdbcf3432c 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.0.4 +version: 0.0.5 groups: javascript suites: codeql-suites extractor: javascript diff --git a/javascript/upgrades/CHANGELOG.md b/javascript/upgrades/CHANGELOG.md new file mode 100644 index 00000000000..259776640e3 --- /dev/null +++ b/javascript/upgrades/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.5 diff --git a/javascript/upgrades/change-notes/released/0.0.5.md b/javascript/upgrades/change-notes/released/0.0.5.md new file mode 100644 index 00000000000..259776640e3 --- /dev/null +++ b/javascript/upgrades/change-notes/released/0.0.5.md @@ -0,0 +1 @@ +## 0.0.5 diff --git a/javascript/upgrades/codeql-pack.release.yml b/javascript/upgrades/codeql-pack.release.yml index ec411a674bc..bb45a1ab018 100644 --- a/javascript/upgrades/codeql-pack.release.yml +++ b/javascript/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.0.5 diff --git a/javascript/upgrades/qlpack.yml b/javascript/upgrades/qlpack.yml index 274a62a0b5a..35cc49e190a 100644 --- a/javascript/upgrades/qlpack.yml +++ b/javascript/upgrades/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/javascript-upgrades groups: javascript upgrades: . library: true -version: 0.0.4 +version: 0.0.5 diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md new file mode 100644 index 00000000000..a555fec2cae --- /dev/null +++ b/python/ql/lib/CHANGELOG.md @@ -0,0 +1,10 @@ +## 0.0.4 + +### Major Analysis Improvements + +* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query. +* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query. +* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources. +* Added modeling of `aiopg` for sinks executing SQL. +* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources. +* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps. diff --git a/python/ql/lib/change-notes/2021-11-02-flask_admin.md b/python/ql/lib/change-notes/2021-11-02-flask_admin.md deleted file mode 100644 index a9ae33ab460..00000000000 --- a/python/ql/lib/change-notes/2021-11-02-flask_admin.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis -tags: [lgtm, codescanning] ---- -* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources. diff --git a/python/ql/lib/change-notes/2021-11-02-toml.md b/python/ql/lib/change-notes/2021-11-02-toml.md deleted file mode 100644 index aabc7ed758f..00000000000 --- a/python/ql/lib/change-notes/2021-11-02-toml.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis -tags: [lgtm, codescanning] ---- -* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps. diff --git a/python/ql/lib/change-notes/2021-11-09-model-aiopg.md b/python/ql/lib/change-notes/2021-11-09-model-aiopg.md deleted file mode 100644 index 8db72d77868..00000000000 --- a/python/ql/lib/change-notes/2021-11-09-model-aiopg.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis -tags: [lgtm, codescanning] ---- -* Added modeling of `aiopg` for sinks executing SQL. diff --git a/python/ql/lib/change-notes/2021-11-15-model-wsgiref-simple-server-app.md b/python/ql/lib/change-notes/2021-11-15-model-wsgiref-simple-server-app.md deleted file mode 100644 index 3ecd2bb12a3..00000000000 --- a/python/ql/lib/change-notes/2021-11-15-model-wsgiref-simple-server-app.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis -tags: [lgtm,codescanning] ---- -* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources. diff --git a/python/ql/lib/change-notes/2021-11-16-os-stat.md b/python/ql/lib/change-notes/2021-11-16-os-stat.md deleted file mode 100644 index 9010a295018..00000000000 --- a/python/ql/lib/change-notes/2021-11-16-os-stat.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis -tags: [lgtm,codescanning] ---- -* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query. diff --git a/python/ql/lib/change-notes/2021-11-16-posixpath.md b/python/ql/lib/change-notes/2021-11-16-posixpath.md deleted file mode 100644 index f829aee0a12..00000000000 --- a/python/ql/lib/change-notes/2021-11-16-posixpath.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis -tags: [lgtm,codescanning] ---- -* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query. diff --git a/python/ql/lib/change-notes/released/0.0.4.md b/python/ql/lib/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..a555fec2cae --- /dev/null +++ b/python/ql/lib/change-notes/released/0.0.4.md @@ -0,0 +1,10 @@ +## 0.0.4 + +### Major Analysis Improvements + +* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query. +* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query. +* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources. +* Added modeling of `aiopg` for sinks executing SQL. +* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources. +* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 077b1b568b1..7c0c113b949 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.0.3 +version: 0.0.4 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/change-notes/2021-11-12-fix-pyhton-query-ids.md b/python/ql/src/CHANGELOG.md similarity index 81% rename from python/ql/src/change-notes/2021-11-12-fix-pyhton-query-ids.md rename to python/ql/src/CHANGELOG.md index 21d43af505c..21fcb7c1ee4 100644 --- a/python/ql/src/change-notes/2021-11-12-fix-pyhton-query-ids.md +++ b/python/ql/src/CHANGELOG.md @@ -1,5 +1,5 @@ ---- -category: queryMetadata -tags: [lgtm,codescanning] ---- +## 0.0.4 + +### Query Metadata Changes + * Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`. diff --git a/python/ql/src/change-notes/released/0.0.4.md b/python/ql/src/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..21fcb7c1ee4 --- /dev/null +++ b/python/ql/src/change-notes/released/0.0.4.md @@ -0,0 +1,5 @@ +## 0.0.4 + +### Query Metadata Changes + +* Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 2f41e9f45e8..68ecd8390b5 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.0.3 +version: 0.0.4 groups: python dependencies: codeql/python-all: "*" diff --git a/python/upgrades/CHANGELOG.md b/python/upgrades/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/python/upgrades/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/python/upgrades/change-notes/released/0.0.4.md b/python/upgrades/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/python/upgrades/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/python/upgrades/codeql-pack.release.yml b/python/upgrades/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/python/upgrades/codeql-pack.release.yml +++ b/python/upgrades/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/python/upgrades/qlpack.yml b/python/upgrades/qlpack.yml index 4a9eff04a7a..1d79be4cb5c 100644 --- a/python/upgrades/qlpack.yml +++ b/python/upgrades/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/python-upgrades groups: python upgrades: . library: true -version: 0.0.3 +version: 0.0.4 diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/ruby/ql/lib/CHANGELOG.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/ruby/ql/lib/change-notes/released/0.0.4.md b/ruby/ql/lib/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..3268fefb272 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.0.4.md @@ -0,0 +1 @@ +## 0.0.4 diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 938ab3b42b3..4befba1963d 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.0.3 +version: 0.0.4 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md new file mode 100644 index 00000000000..e406cd11ae8 --- /dev/null +++ b/ruby/ql/src/CHANGELOG.md @@ -0,0 +1,10 @@ +## 0.0.4 + +### New Queries + +* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs. +* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled. + +### Query Metadata Changes + +* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM. diff --git a/ruby/ql/src/change-notes/2021-11-04-csrf-protection-disabled.md b/ruby/ql/src/change-notes/2021-11-04-csrf-protection-disabled.md deleted file mode 100644 index 66143b0a56e..00000000000 --- a/ruby/ql/src/change-notes/2021-11-04-csrf-protection-disabled.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: newQuery -tags: [lgtm,codescanning] ---- -* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled. diff --git a/ruby/ql/src/change-notes/2021-11-08-hardcoded-credentials-downgrade.md b/ruby/ql/src/change-notes/2021-11-08-hardcoded-credentials-downgrade.md deleted file mode 100644 index d31b2b12dfb..00000000000 --- a/ruby/ql/src/change-notes/2021-11-08-hardcoded-credentials-downgrade.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: queryMetadata -tags: [lgtm, codescanning] ---- -* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM. diff --git a/ruby/ql/src/change-notes/2021-11-09-request-forgery.md b/ruby/ql/src/change-notes/2021-11-09-request-forgery.md deleted file mode 100644 index b27990720ee..00000000000 --- a/ruby/ql/src/change-notes/2021-11-09-request-forgery.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: newQuery -tags: [lgtm,codescanning] ---- -* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs. diff --git a/ruby/ql/src/change-notes/released/0.0.4.md b/ruby/ql/src/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..e406cd11ae8 --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.0.4.md @@ -0,0 +1,10 @@ +## 0.0.4 + +### New Queries + +* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs. +* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled. + +### Query Metadata Changes + +* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 63da6abb3b9..b483f778dc4 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.0.3 +version: 0.0.4 groups: ruby suites: codeql-suites defaultSuiteFile: codeql-suites/ruby-code-scanning.qls