hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.17.4

Browse Source
This commit is contained in:
github-actions[bot]
2024-05-28 15:44:32 +00:00
parent 06d6671c55
commit 33b4ae8bbb
186 changed files with 558 additions and 273 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
python/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,18 @@
## 1.0.0
### Breaking Changes
* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
### New Features
* A Python MaD (Models as Data) row may now contain a dotted path in the `type` column. Like in Ruby, a path to a class will refer to instances of that class. This means that the summary `["foo", "Member[MyClass].Instance.Member[instance_method]", "Argument[0]", "ReturnValue", "value"]` can now be written `["foo.MS_Class", "Member[instance_method]", "Argument[0]", "ReturnValue", "value"]`. To refer to an actual class, one may add a `!` at the end of the path.
### Minor Analysis Improvements
* The `request` parameter of Flask `SessionInterface.open_session` method is now modeled as a remote flow source.
* Additional heuristics for a new sensitive data classification for private information (e.g. credit card numbers) have been added to the shared `SensitiveDataHeuristics.qll` library. This may result in additional results for queries that use sensitive data such as `py/clear-text-storage-sensitive-data` and `py/clear-text-logging-sensitive-data`.
## 0.12.1
### Major Analysis Improvements

4
python/ql/lib/change-notes/2024-05-09-sensitive-heuristics.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Additional heuristics for a new sensitive data classification for private information (e.g. credit card numbers) have been added to the shared `SensitiveDataHeuristics.qll` library. This may result in additional results for queries that use sensitive data such as `py/clear-text-storage-sensitive-data` and `py/clear-text-logging-sensitive-data`.

4
python/ql/lib/change-notes/2024-05-17-maD-rich-type-column.md
View File

@@ -1,4 +0,0 @@
---
category: feature
---
* A Python MaD (Models as Data) row may now contain a dotted path in the `type` column. Like in Ruby, a path to a class will refer to instances of that class. This means that the summary `["foo", "Member[MyClass].Instance.Member[instance_method]", "Argument[0]", "ReturnValue", "value"]` can now be written `["foo.MS_Class", "Member[instance_method]", "Argument[0]", "ReturnValue", "value"]`. To refer to an actual class, one may add a `!` at the end of the path.

4
python/ql/lib/change-notes/2024-05-20-flask-session-interface.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* The `request` parameter of Flask `SessionInterface.open_session` method is now modeled as a remote flow source.

4
python/ql/lib/change-notes/2024-05-23-Version1.md
View File

@@ -1,4 +0,0 @@
---
category: breaking
---
* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

14
python/ql/lib/change-notes/released/1.0.0.md Normal file
View File

@@ -0,0 +1,14 @@
## 1.0.0
### Breaking Changes
* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
### New Features
* A Python MaD (Models as Data) row may now contain a dotted path in the `type` column. Like in Ruby, a path to a class will refer to instances of that class. This means that the summary `["foo", "Member[MyClass].Instance.Member[instance_method]", "Argument[0]", "ReturnValue", "value"]` can now be written `["foo.MS_Class", "Member[instance_method]", "Argument[0]", "ReturnValue", "value"]`. To refer to an actual class, one may add a `!` at the end of the path.
### Minor Analysis Improvements
* The `request` parameter of Flask `SessionInterface.open_session` method is now modeled as a remote flow source.
* Additional heuristics for a new sensitive data classification for private information (e.g. credit card numbers) have been added to the shared `SensitiveDataHeuristics.qll` library. This may result in additional results for queries that use sensitive data such as `py/clear-text-storage-sensitive-data` and `py/clear-text-logging-sensitive-data`.

2
python/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.12.1
lastReleaseVersion: 1.0.0

2
python/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/python-all
version: 1.0.0-dev
version: 1.0.0
groups: python
dbscheme: semmlecode.python.dbscheme
extractor: python

10
python/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,13 @@
## 1.0.0
### Breaking Changes
* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
### Minor Analysis Improvements
* Added models of `gradio` PyPI package.
## 0.9.16
### New Queries

4
python/ql/src/change-notes/2024-04-05-gradio-models.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added models of `gradio` PyPI package.

11
python/ql/src/change-notes/2024-05-23-Version1.md → python/ql/src/change-notes/released/1.0.0.md
View File

@@ -1,4 +1,9 @@
---
category: breaking
---
## 1.0.0
### Breaking Changes
* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
### Minor Analysis Improvements
* Added models of `gradio` PyPI package.

2
python/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.9.16
lastReleaseVersion: 1.0.0

2
python/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/python-queries
version: 1.0.0-dev
version: 1.0.0
groups:
- python
- queries