Release preparation for version 2.15.1

2026-04-30 11:15:13 +02:00 · 2023-10-16 17:49:39 +00:00
parent e4e472ee74
commit 3b3c036626
140 changed files with 446 additions and 217 deletions
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@@ -1,3 +1,21 @@
+## 0.8.1
+
+### Minor Analysis Improvements
+
+* The contents of `.jsp` files are now extracted, and any `<script>` tags inside these files will be parsed as JavaScript.
+* [Import attributes](https://github.com/tc39/proposal-import-attributes) are now supported in JavaScript code.
+  Note that import attributes are an evolution of an earlier proposal called "import assertions", which were implemented in TypeScript 4.5.
+  The QL library includes new predicates named `getImportAttributes()` that should be used in favor of the now deprecated `getImportAssertion()`;
+  in addition, the `getImportAttributes()` method of the `DynamicImportExpr` has been renamed to `getImportOptions()`. 
+* Deleted the deprecated `getAnImmediateUse`, `getAUse`, `getARhs`, and `getAValueReachingRhs` predicates from the `API::Node` class.
+* Deleted the deprecated `mayReferToParameter` predicate from `DataFlow::Node`.
+* Deleted the deprecated `getStaticMethod` and `getAStaticMethod` predicates from `DataFlow::ClassNode`.
+* Deleted the deprecated `isLibaryFile` predicate from `ClassifyFiles.qll`, use `isLibraryFile` instead.
+* Deleted many library models that were build on the AST. Use the new models that are build on the dataflow library instead.
+* Deleted the deprecated `semmle.javascript.security.performance` folder, use `semmle.javascript.security.regexp` instead.
+* Tagged template literals have been added to `DataFlow::CallNode`. This allows the analysis to find flow into functions called with a tagged template literal, 
+  and the arguments to a tagged template literal are part of the API-graph in `ApiGraphs.qll`.
+
 ## 0.8.0

 No user-facing changes.
--- a/javascript/ql/lib/change-notes/2023-10-07-tagged-template-litterals.md
+++ b/javascript/ql/lib/change-notes/2023-10-07-tagged-template-litterals.md
@@ -1,5 +0,0 @@
---
-category: minorAnalysis
---
-* Tagged template literals have been added to `DataFlow::CallNode`. This allows the analysis to find flow into functions called with a tagged template literal, 
-  and the arguments to a tagged template literal are part of the API-graph in `ApiGraphs.qll`.
--- a/javascript/ql/lib/change-notes/2023-10-09-outdated-deprecations.md
+++ b/javascript/ql/lib/change-notes/2023-10-09-outdated-deprecations.md
@@ -1,9 +0,0 @@
---
-category: minorAnalysis
---
-* Deleted the deprecated `getAnImmediateUse`, `getAUse`, `getARhs`, and `getAValueReachingRhs` predicates from the `API::Node` class.
-* Deleted the deprecated `mayReferToParameter` predicate from `DataFlow::Node`.
-* Deleted the deprecated `getStaticMethod` and `getAStaticMethod` predicates from `DataFlow::ClassNode`.
-* Deleted the deprecated `isLibaryFile` predicate from `ClassifyFiles.qll`, use `isLibraryFile` instead.
-* Deleted many library models that were build on the AST. Use the new models that are build on the dataflow library instead.
-* Deleted the deprecated `semmle.javascript.security.performance` folder, use `semmle.javascript.security.regexp` instead.
--- a/javascript/ql/lib/change-notes/2023-10-10-import-attributes.md
+++ b/javascript/ql/lib/change-notes/2023-10-10-import-attributes.md
@@ -1,7 +0,0 @@
---
-category: minorAnalysis
---
-* [Import attributes](https://github.com/tc39/proposal-import-attributes) are now supported in JavaScript code.
-  Note that import attributes are an evolution of an earlier proposal called "import assertions", which were implemented in TypeScript 4.5.
-  The QL library includes new predicates named `getImportAttributes()` that should be used in favor of the now deprecated `getImportAssertion()`;
-  in addition, the `getImportAttributes()` method of the `DynamicImportExpr` has been renamed to `getImportOptions()`. 
--- a/javascript/ql/lib/change-notes/2023-10-13-jsp-extraction.md
+++ b/javascript/ql/lib/change-notes/2023-10-13-jsp-extraction.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The contents of `.jsp` files are now extracted, and any `<script>` tags inside these files will be parsed as JavaScript.
--- a/javascript/ql/lib/change-notes/released/0.8.1.md
+++ b/javascript/ql/lib/change-notes/released/0.8.1.md
@@ -0,0 +1,17 @@
+## 0.8.1
+
+### Minor Analysis Improvements
+
+* The contents of `.jsp` files are now extracted, and any `<script>` tags inside these files will be parsed as JavaScript.
+* [Import attributes](https://github.com/tc39/proposal-import-attributes) are now supported in JavaScript code.
+  Note that import attributes are an evolution of an earlier proposal called "import assertions", which were implemented in TypeScript 4.5.
+  The QL library includes new predicates named `getImportAttributes()` that should be used in favor of the now deprecated `getImportAssertion()`;
+  in addition, the `getImportAttributes()` method of the `DynamicImportExpr` has been renamed to `getImportOptions()`. 
+* Deleted the deprecated `getAnImmediateUse`, `getAUse`, `getARhs`, and `getAValueReachingRhs` predicates from the `API::Node` class.
+* Deleted the deprecated `mayReferToParameter` predicate from `DataFlow::Node`.
+* Deleted the deprecated `getStaticMethod` and `getAStaticMethod` predicates from `DataFlow::ClassNode`.
+* Deleted the deprecated `isLibaryFile` predicate from `ClassifyFiles.qll`, use `isLibraryFile` instead.
+* Deleted many library models that were build on the AST. Use the new models that are build on the dataflow library instead.
+* Deleted the deprecated `semmle.javascript.security.performance` folder, use `semmle.javascript.security.regexp` instead.
+* Tagged template literals have been added to `DataFlow::CallNode`. This allows the analysis to find flow into functions called with a tagged template literal, 
+  and the arguments to a tagged template literal are part of the API-graph in `ApiGraphs.qll`.
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.0
+lastReleaseVersion: 0.8.1
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.8.1-dev
+version: 0.8.1
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.8.1
+
+### Minor Analysis Improvements
+
+* Added the `AmdModuleDefinition::Range` class, making it possible to define custom aliases for the AMD `define` function.
+
 ## 0.8.0

 No user-facing changes.
--- a/javascript/ql/src/change-notes/2023-10-05-amd-range.md
+++ b/javascript/ql/src/change-notes/2023-10-05-amd-range.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 0.8.1
+
+### Minor Analysis Improvements
+
 * Added the `AmdModuleDefinition::Range` class, making it possible to define custom aliases for the AMD `define` function.
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.0
+lastReleaseVersion: 0.8.1
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.8.1-dev
+version: 0.8.1
 groups:
  - javascript
  - queries