diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index 53bf9173713..9547b4d4609 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.4.12 + +### Minor Analysis Improvements + +* Fixed performance issues in the parsing of Bash scripts in workflow files, + which led to out-of-disk errors when analysing certain workflow files with + complex interpolations of shell commands or quoted strings. + ## 0.4.11 No user-facing changes. diff --git a/actions/ql/lib/change-notes/2025-06-09-bash-parsing-performance.md b/actions/ql/lib/change-notes/released/0.4.12.md similarity index 59% rename from actions/ql/lib/change-notes/2025-06-09-bash-parsing-performance.md rename to actions/ql/lib/change-notes/released/0.4.12.md index 5ee29557c85..cf36214eae2 100644 --- a/actions/ql/lib/change-notes/2025-06-09-bash-parsing-performance.md +++ b/actions/ql/lib/change-notes/released/0.4.12.md @@ -1,6 +1,7 @@ ---- -category: minorAnalysis ---- +## 0.4.12 + +### Minor Analysis Improvements + * Fixed performance issues in the parsing of Bash scripts in workflow files, which led to out-of-disk errors when analysing certain workflow files with - complex interpolations of shell commands or quoted strings. \ No newline at end of file + complex interpolations of shell commands or quoted strings. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 80a4283b3e4..530dc320490 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.11 +lastReleaseVersion: 0.4.12 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 596bf4a14f0..f5e82a8647a 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.12-dev +version: 0.4.12 library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 3140211bc4a..b2846cd81fc 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.4 + +No user-facing changes. + ## 0.6.3 No user-facing changes. diff --git a/actions/ql/src/change-notes/released/0.6.4.md b/actions/ql/src/change-notes/released/0.6.4.md new file mode 100644 index 00000000000..7e98b0159fc --- /dev/null +++ b/actions/ql/src/change-notes/released/0.6.4.md @@ -0,0 +1,3 @@ +## 0.6.4 + +No user-facing changes. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index b7dafe32c5d..ced8cf94614 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.3 +lastReleaseVersion: 0.6.4 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index 99c4fd8d02c..442839b0dcf 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.4-dev +version: 0.6.4 library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index c46ab004464..392305a6489 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,20 @@ +## 5.2.0 + +### Deprecated APIs + +* The `ThrowingFunction` class (`semmle.code.cpp.models.interfaces.Throwing`) has been deprecated. Please use the `AlwaysSehThrowingFunction` class instead. + +### New Features + +* Added a predicate `getAnAttribute` to `Namespace` to retrieve a namespace attribute. +* The Microsoft-specific `__leave` statement is now supported. +* A new class `LeaveStmt` extending `JumpStmt` was added to represent `__leave` statements. +* Added a predicate `hasParameterList` to `LambdaExpression` to capture whether a lambda has an explicitly specified parameter list. + +### Bug Fixes + +* `resolveTypedefs` now properly resolves typedefs for `ArrayType`s. + ## 5.1.0 ### New Features diff --git a/cpp/ql/lib/change-notes/2014-12-13-deprecate-throwing.md b/cpp/ql/lib/change-notes/2014-12-13-deprecate-throwing.md deleted file mode 100644 index 9a46cc7da8f..00000000000 --- a/cpp/ql/lib/change-notes/2014-12-13-deprecate-throwing.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The `ThrowingFunction` class (`semmle.code.cpp.models.interfaces.Throwing`) has been deprecated. Please use the `AlwaysSehThrowingFunction` class instead. diff --git a/cpp/ql/lib/change-notes/2025-06-06-lambda-parameters.md b/cpp/ql/lib/change-notes/2025-06-06-lambda-parameters.md deleted file mode 100644 index 44f9b12968d..00000000000 --- a/cpp/ql/lib/change-notes/2025-06-06-lambda-parameters.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added a predicate `hasParameterList` to `LambdaExpression` to capture whether a lambda has an explicitly specified parameter list. diff --git a/cpp/ql/lib/change-notes/2025-06-11-leave-stmt.md b/cpp/ql/lib/change-notes/2025-06-11-leave-stmt.md deleted file mode 100644 index d06be5b77a9..00000000000 --- a/cpp/ql/lib/change-notes/2025-06-11-leave-stmt.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: feature ---- -* The Microsoft-specific `__leave` statement is now supported. -* A new class `LeaveStmt` extending `JumpStmt` was added to represent `__leave` statements. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2025-06-16-namespace-attributes.md b/cpp/ql/lib/change-notes/2025-06-16-namespace-attributes.md deleted file mode 100644 index cbed27e109c..00000000000 --- a/cpp/ql/lib/change-notes/2025-06-16-namespace-attributes.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added a predicate `getAnAttribute` to `Namespace` to retrieve a namespace attribute. diff --git a/cpp/ql/lib/change-notes/2025-06-17-arraytype-typedefs.md b/cpp/ql/lib/change-notes/2025-06-17-arraytype-typedefs.md deleted file mode 100644 index 0bc3130e6a3..00000000000 --- a/cpp/ql/lib/change-notes/2025-06-17-arraytype-typedefs.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* `resolveTypedefs` now properly resolves typedefs for `ArrayType`s. diff --git a/cpp/ql/lib/change-notes/released/5.2.0.md b/cpp/ql/lib/change-notes/released/5.2.0.md new file mode 100644 index 00000000000..a55198c1086 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/5.2.0.md @@ -0,0 +1,16 @@ +## 5.2.0 + +### Deprecated APIs + +* The `ThrowingFunction` class (`semmle.code.cpp.models.interfaces.Throwing`) has been deprecated. Please use the `AlwaysSehThrowingFunction` class instead. + +### New Features + +* Added a predicate `getAnAttribute` to `Namespace` to retrieve a namespace attribute. +* The Microsoft-specific `__leave` statement is now supported. +* A new class `LeaveStmt` extending `JumpStmt` was added to represent `__leave` statements. +* Added a predicate `hasParameterList` to `LambdaExpression` to capture whether a lambda has an explicitly specified parameter list. + +### Bug Fixes + +* `resolveTypedefs` now properly resolves typedefs for `ArrayType`s. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index dd8d287d010..9e57a36a7dc 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.0 +lastReleaseVersion: 5.2.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index c0dd5d2ae2a..fd47588712c 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 5.1.1-dev +version: 5.2.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 4edd493015a..7fc5b0d92bd 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.4.3 + +### Minor Analysis Improvements + +* Added flow model for the following libraries: `madler/zlib`, `google/brotli`, `libidn/libidn2`, `libssh2/libssh2/`, `nghttp2/nghttp2`, `libuv/libuv/`, and `curl/curl`. This may result in more alerts when running queries on codebases that use these libraries. + ## 1.4.2 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2025-06-13-mad-summaries.md b/cpp/ql/src/change-notes/released/1.4.3.md similarity index 84% rename from cpp/ql/src/change-notes/2025-06-13-mad-summaries.md rename to cpp/ql/src/change-notes/released/1.4.3.md index f70b9037cd4..2280196429b 100644 --- a/cpp/ql/src/change-notes/2025-06-13-mad-summaries.md +++ b/cpp/ql/src/change-notes/released/1.4.3.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Added flow model for the following libraries: `madler/zlib`, `google/brotli`, `libidn/libidn2`, `libssh2/libssh2/`, `nghttp2/nghttp2`, `libuv/libuv/`, and `curl/curl`. This may result in more alerts when running queries on codebases that use these libraries. \ No newline at end of file +## 1.4.3 + +### Minor Analysis Improvements + +* Added flow model for the following libraries: `madler/zlib`, `google/brotli`, `libidn/libidn2`, `libssh2/libssh2/`, `nghttp2/nghttp2`, `libuv/libuv/`, and `curl/curl`. This may result in more alerts when running queries on codebases that use these libraries. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index a76cacdf799..08f88b689fb 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.2 +lastReleaseVersion: 1.4.3 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 290c18cb815..1ea432be220 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.4.3-dev +version: 1.4.3 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 127bb19bbc6..99267b32a40 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.43 + +No user-facing changes. + ## 1.7.42 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.43.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.43.md new file mode 100644 index 00000000000..10a22c6b4be --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.43.md @@ -0,0 +1,3 @@ +## 1.7.43 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 8317cee0ddb..9b37539bf65 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.42 +lastReleaseVersion: 1.7.43 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index a86abb4812b..4eb119b21c1 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.43-dev +version: 1.7.43 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 127bb19bbc6..99267b32a40 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.43 + +No user-facing changes. + ## 1.7.42 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.43.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.43.md new file mode 100644 index 00000000000..10a22c6b4be --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.43.md @@ -0,0 +1,3 @@ +## 1.7.43 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 8317cee0ddb..9b37539bf65 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.42 +lastReleaseVersion: 1.7.43 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index caf1e66033e..7b0b33c02d9 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.43-dev +version: 1.7.43 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 5eeedc6f77b..3124c68b6ab 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 5.1.9 + +No user-facing changes. + ## 5.1.8 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/released/5.1.9.md b/csharp/ql/lib/change-notes/released/5.1.9.md new file mode 100644 index 00000000000..78965f168e0 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/5.1.9.md @@ -0,0 +1,3 @@ +## 5.1.9 + +No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 8ffbb79d224..f9bf2605261 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.8 +lastReleaseVersion: 5.1.9 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 464284c56cb..aed137e4fea 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.1.9-dev +version: 5.1.9 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 4eabf64f6a5..da76eab521c 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,14 @@ +## 1.3.0 + +### Query Metadata Changes + +* Query metadata tags have been systematically updated for many C# queries. Primary categorization as either `reliability` or `maintainability`, and relevant sub-category tags such as `readability`, `useless-code`, `complexity`, `performance`, `correctness`, `error-handling`, and `concurrency`. Aligns with the established [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags). +* Adjusts the `@security-severity` from 9.3 to 7.3 for `cs/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. + +### Minor Analysis Improvements + +* The queries `cs/dereferenced-value-is-always-null` and `cs/dereferenced-value-may-be-null` have been improved to reduce false positives. The queries no longer assume that expressions are dereferenced when passed as the receiver (`this` parameter) to extension methods where that parameter is a nullable type. + ## 1.2.2 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2025-06-03-dereferece-extension-method.md b/csharp/ql/src/change-notes/2025-06-03-dereferece-extension-method.md deleted file mode 100644 index b12ec9768d5..00000000000 --- a/csharp/ql/src/change-notes/2025-06-03-dereferece-extension-method.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The queries `cs/dereferenced-value-is-always-null` and `cs/dereferenced-value-may-be-null` have been improved to reduce false positives. The queries no longer assume that expressions are dereferenced when passed as the receiver (`this` parameter) to extension methods where that parameter is a nullable type. diff --git a/csharp/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md b/csharp/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md deleted file mode 100644 index 60006391ac6..00000000000 --- a/csharp/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Adjusts the `@security-severity` from 9.3 to 7.3 for `cs/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. diff --git a/csharp/ql/src/change-notes/2025-06-16-tagging.md b/csharp/ql/src/change-notes/2025-06-16-tagging.md deleted file mode 100644 index d0b8d2c41ee..00000000000 --- a/csharp/ql/src/change-notes/2025-06-16-tagging.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Query metadata tags have been systematically updated for many C# queries. Primary categorization as either `reliability` or `maintainability`, and relevant sub-category tags such as `readability`, `useless-code`, `complexity`, `performance`, `correctness`, `error-handling`, and `concurrency`. Aligns with the established [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags). diff --git a/csharp/ql/src/change-notes/released/1.3.0.md b/csharp/ql/src/change-notes/released/1.3.0.md new file mode 100644 index 00000000000..91cd3426944 --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.3.0.md @@ -0,0 +1,10 @@ +## 1.3.0 + +### Query Metadata Changes + +* Query metadata tags have been systematically updated for many C# queries. Primary categorization as either `reliability` or `maintainability`, and relevant sub-category tags such as `readability`, `useless-code`, `complexity`, `performance`, `correctness`, `error-handling`, and `concurrency`. Aligns with the established [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags). +* Adjusts the `@security-severity` from 9.3 to 7.3 for `cs/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. + +### Minor Analysis Improvements + +* The queries `cs/dereferenced-value-is-always-null` and `cs/dereferenced-value-may-be-null` have been improved to reduce false positives. The queries no longer assume that expressions are dereferenced when passed as the receiver (`this` parameter) to extension methods where that parameter is a nullable type. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 0a70a9a01a7..ec16350ed6f 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.2 +lastReleaseVersion: 1.3.0 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 6437a730f15..ceb761092b7 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.2.3-dev +version: 1.3.0 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 3fa1fa4c69b..0d814dec385 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.26.md b/go/ql/consistency-queries/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 17730391629..1dc60b72029 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.26-dev +version: 1.0.26 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 879662575e2..c5fac252869 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.2.8 + +No user-facing changes. + ## 4.2.7 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/released/4.2.8.md b/go/ql/lib/change-notes/released/4.2.8.md new file mode 100644 index 00000000000..9b1c8820dc4 --- /dev/null +++ b/go/ql/lib/change-notes/released/4.2.8.md @@ -0,0 +1,3 @@ +## 4.2.8 + +No user-facing changes. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 0c0ee7d4dfd..9b51fbc5ce5 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.2.7 +lastReleaseVersion: 4.2.8 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 9c6a8397bc3..3ec41de9acc 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 4.2.8-dev +version: 4.2.8 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 515fbad7adf..521c1320839 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,27 @@ +## 1.4.0 + +### Query Metadata Changes + +* The tag `quality` has been added to multiple Go quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. +* The tag `external/cwe/cwe-129` has been added to `go/constant-length-comparison`. +* The tag `external/cwe/cwe-193` has been added to `go/index-out-of-bounds`. +* The tag `external/cwe/cwe-197` has been added to `go/shift-out-of-range`. +* The tag `external/cwe/cwe-248` has been added to `go/redundant-recover`. +* The tag `external/cwe/cwe-252` has been added to `go/missing-error-check` and `go/unhandled-writable-file-close`. +* The tag `external/cwe/cwe-480` has been added to `go/mistyped-exponentiation`. +* The tag `external/cwe/cwe-570` has been added to `go/impossible-interface-nil-check` and `go/comparison-of-identical-expressions`. +* The tag `external/cwe/cwe-571` has been added to `go/negative-length-check` and `go/comparison-of-identical-expressions`. +* The tag `external/cwe/cwe-783` has been added to `go/whitespace-contradicts-precedence`. +* The tag `external/cwe/cwe-835` has been added to `go/inconsistent-loop-direction`. +* The tag `error-handling` has been added to `go/missing-error-check`, `go/unhandled-writable-file-close`, and `go/unexpected-nil-value`. +* The tag `useless-code` has been added to `go/useless-assignment-to-field`, `go/useless-assignment-to-local`, `go/useless-expression`, and `go/unreachable-statement`. +* The tag `logic` has been removed from `go/index-out-of-bounds` and `go/unexpected-nil-value`. +* The tags `call` and `defer` have been removed from `go/unhandled-writable-file-close`. +* The tags `correctness` and `quality` have been reordered in `go/missing-error-check` and `go/unhandled-writable-file-close`. +* The tag `maintainability` has been changed to `reliability` for `go/unhandled-writable-file-close`. +* The tag order has been standardized to have `quality` first, followed by the top-level category (`reliability` or `maintainability`), then sub-category tags, and finally CWE tags. +* The description text has been updated in `go/whitespace-contradicts-precedence` to change "may even indicate" to "may indicate". + ## 1.3.0 ### New Queries diff --git a/go/ql/src/change-notes/2025-06-13-add-tags-to-quality-queries.md b/go/ql/src/change-notes/released/1.4.0.md similarity index 98% rename from go/ql/src/change-notes/2025-06-13-add-tags-to-quality-queries.md rename to go/ql/src/change-notes/released/1.4.0.md index 9233cb05e80..e97351b26ed 100644 --- a/go/ql/src/change-notes/2025-06-13-add-tags-to-quality-queries.md +++ b/go/ql/src/change-notes/released/1.4.0.md @@ -1,6 +1,7 @@ ---- -category: queryMetadata ---- +## 1.4.0 + +### Query Metadata Changes + * The tag `quality` has been added to multiple Go quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. * The tag `external/cwe/cwe-129` has been added to `go/constant-length-comparison`. * The tag `external/cwe/cwe-193` has been added to `go/index-out-of-bounds`. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index ec16350ed6f..b8b2e97d508 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.0 +lastReleaseVersion: 1.4.0 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 874d6e093fc..25b99dd292b 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.3.1-dev +version: 1.4.0 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 1e624ba0913..320552a8f14 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 7.3.2 + +### Minor Analysis Improvements + +* Java `assert` statements are now assumed to be executed for the purpose of analysing control flow. This improves precision for a number of queries. + ## 7.3.1 No user-facing changes. diff --git a/java/ql/lib/change-notes/2025-06-12-assert-cfg.md b/java/ql/lib/change-notes/released/7.3.2.md similarity index 77% rename from java/ql/lib/change-notes/2025-06-12-assert-cfg.md rename to java/ql/lib/change-notes/released/7.3.2.md index 69219633166..6e3c0320860 100644 --- a/java/ql/lib/change-notes/2025-06-12-assert-cfg.md +++ b/java/ql/lib/change-notes/released/7.3.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 7.3.2 + +### Minor Analysis Improvements + * Java `assert` statements are now assumed to be executed for the purpose of analysing control flow. This improves precision for a number of queries. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 43cb026b139..cf3deb9367d 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.3.1 +lastReleaseVersion: 7.3.2 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 35f35a391c5..20df8bf32a7 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 7.3.2-dev +version: 7.3.2 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index ca355f5e684..fe2be06be35 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,24 @@ +## 1.6.0 + +### Query Metadata Changes + +* The tag `quality` has been added to multiple Java quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. +* The tag `external/cwe/cwe-571` has been added to `java/equals-on-unrelated-types`. +* The tag `readability` has been added to `java/missing-override-annotation`, `java/deprecated-call`, `java/inconsistent-javadoc-throws`, `java/unknown-javadoc-parameter`, `java/jdk-internal-api-access`, `java/underscore-identifier`, `java/misleading-indentation`, `java/inefficient-empty-string-test`, `java/non-static-nested-class`, `inefficient-string-constructor`, and `java/constants-only-interface`. +* The tag `useless-code` has been added to `java/useless-type-test`, and `java/useless-tostring-call`. +* The tag `complexity` has been added to `java/chained-type-tests`, and `java/abstract-to-concrete-cast`. +* The tag `error-handling` has been added to `java/ignored-error-status-of-call`, and `java/uncaught-number-format-exception`. +* The tag `correctness` has been added to `java/evaluation-to-constant`, `java/whitespace-contradicts-precedence`, `java/empty-container`, `java/string-buffer-char-init`, `java/call-to-object-tostring`, `java/print-array` and `java/internal-representation-exposure`. +* The tag `performance` has been added to `java/input-resource-leak`, `java/database-resource-leak`, `java/output-resource-leak`, `java/inefficient-key-set-iterator`, `java/inefficient-output-stream`, and `java/inefficient-boxed-constructor`. +* The tag `correctness` has been removed from `java/call-to-thread-run`, `java/unsafe-double-checked-locking`, `java/unsafe-double-checked-locking-init-order`, `java/non-sync-override`, `java/sync-on-boxed-types`, `java/unsynchronized-getter`, `java/input-resource-leak`, `java/output-resource-leak`, `java/database-resource-leak`, and `java/ignored-error-status-of-call`. +* The tags `maintainability` has been removed from `java/string-buffer-char-init`, `java/inefficient-key-set-iterator`, `java/inefficient-boxed-constructor`, and `java/internal-representation-exposure`. +* The tags `reliability` has been removed from `java/subtle-inherited-call`, `java/print-array`, and `java/call-to-object-tostring`. +* The tags `maintainability` and `useless-code` have been removed from `java/evaluation-to-constant`. +* The tags `maintainability` and `readability` have been removed from `java/whitespace-contradicts-precedence`. +* The tags `maintainability` and `useless-code` have been removed from `java/empty-container`. +* Adjusts the `@precision` from high to medium for `java/concatenated-command-line` because it is producing false positive alerts when the concatenated strings are hard-coded. +* Adjusts the `@security-severity` from 9.3 to 7.3 for `java/tainted-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. + ## 1.5.2 No user-facing changes. diff --git a/java/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md b/java/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md deleted file mode 100644 index 6ab4beb7290..00000000000 --- a/java/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Adjusts the `@security-severity` from 9.3 to 7.3 for `java/tainted-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. diff --git a/java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md b/java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md deleted file mode 100644 index 392e1965def..00000000000 --- a/java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Adjusts the `@precision` from high to medium for `java/concatenated-command-line` because it is producing false positive alerts when the concatenated strings are hard-coded. diff --git a/java/ql/src/change-notes/2025-06-17-add-tags-to-quality-queries.md b/java/ql/src/change-notes/released/1.6.0.md similarity index 87% rename from java/ql/src/change-notes/2025-06-17-add-tags-to-quality-queries.md rename to java/ql/src/change-notes/released/1.6.0.md index a8c07fb3560..539ce3d0969 100644 --- a/java/ql/src/change-notes/2025-06-17-add-tags-to-quality-queries.md +++ b/java/ql/src/change-notes/released/1.6.0.md @@ -1,6 +1,7 @@ ---- -category: queryMetadata ---- +## 1.6.0 + +### Query Metadata Changes + * The tag `quality` has been added to multiple Java quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. * The tag `external/cwe/cwe-571` has been added to `java/equals-on-unrelated-types`. * The tag `readability` has been added to `java/missing-override-annotation`, `java/deprecated-call`, `java/inconsistent-javadoc-throws`, `java/unknown-javadoc-parameter`, `java/jdk-internal-api-access`, `java/underscore-identifier`, `java/misleading-indentation`, `java/inefficient-empty-string-test`, `java/non-static-nested-class`, `inefficient-string-constructor`, and `java/constants-only-interface`. @@ -15,3 +16,5 @@ category: queryMetadata * The tags `maintainability` and `useless-code` have been removed from `java/evaluation-to-constant`. * The tags `maintainability` and `readability` have been removed from `java/whitespace-contradicts-precedence`. * The tags `maintainability` and `useless-code` have been removed from `java/empty-container`. +* Adjusts the `@precision` from high to medium for `java/concatenated-command-line` because it is producing false positive alerts when the concatenated strings are hard-coded. +* Adjusts the `@security-severity` from 9.3 to 7.3 for `java/tainted-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 7eb901bae56..c4f0b07d533 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.2 +lastReleaseVersion: 1.6.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index a0b518b6876..dc34cd46a86 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.5.3-dev +version: 1.6.0 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 0068a86fb4c..e2d82cba835 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,15 @@ +## 2.6.6 + +### Minor Analysis Improvements + +* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations. +* Improved data flow tracking through middleware to handle default value and similar patterns. +* Added `req._parsedUrl` as a remote input source. +* Improved taint tracking through calls to `serialize-javascript`. +* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery. +* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file. +* Added support for Axios instances in the `axios` module. + ## 2.6.5 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/2025-06-03-axios-instance-support.md b/javascript/ql/lib/change-notes/2025-06-03-axios-instance-support.md deleted file mode 100644 index baaf1611b77..00000000000 --- a/javascript/ql/lib/change-notes/2025-06-03-axios-instance-support.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for Axios instances in the `axios` module. diff --git a/javascript/ql/lib/change-notes/2025-06-05-skip-obviously-generated-files.md b/javascript/ql/lib/change-notes/2025-06-05-skip-obviously-generated-files.md deleted file mode 100644 index 16d81cb4cc3..00000000000 --- a/javascript/ql/lib/change-notes/2025-06-05-skip-obviously-generated-files.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file. diff --git a/javascript/ql/lib/change-notes/2025-06-13-remove-encodeuri.md b/javascript/ql/lib/change-notes/2025-06-13-remove-encodeuri.md deleted file mode 100644 index ab91e9905af..00000000000 --- a/javascript/ql/lib/change-notes/2025-06-13-remove-encodeuri.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery. diff --git a/javascript/ql/lib/change-notes/2025-06-16-middleware-express.md b/javascript/ql/lib/change-notes/2025-06-16-middleware-express.md deleted file mode 100644 index 600aad8bafc..00000000000 --- a/javascript/ql/lib/change-notes/2025-06-16-middleware-express.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved data flow tracking through middleware to handle default value and similar patterns. -* Added `req._parsedUrl` as a remote input source. diff --git a/javascript/ql/lib/change-notes/2025-06-16-serialize-js.md b/javascript/ql/lib/change-notes/2025-06-16-serialize-js.md deleted file mode 100644 index a89e0e19b6f..00000000000 --- a/javascript/ql/lib/change-notes/2025-06-16-serialize-js.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved taint tracking through calls to `serialize-javascript`. diff --git a/javascript/ql/lib/change-notes/2025-06-20-sinon.md b/javascript/ql/lib/change-notes/2025-06-20-sinon.md deleted file mode 100644 index fd8b8e0ad07..00000000000 --- a/javascript/ql/lib/change-notes/2025-06-20-sinon.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations. diff --git a/javascript/ql/lib/change-notes/released/2.6.6.md b/javascript/ql/lib/change-notes/released/2.6.6.md new file mode 100644 index 00000000000..f11e9d42d99 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.6.6.md @@ -0,0 +1,11 @@ +## 2.6.6 + +### Minor Analysis Improvements + +* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations. +* Improved data flow tracking through middleware to handle default value and similar patterns. +* Added `req._parsedUrl` as a remote input source. +* Improved taint tracking through calls to `serialize-javascript`. +* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery. +* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file. +* Added support for Axios instances in the `axios` module. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index b29c290895c..305ff8cbbf2 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.5 +lastReleaseVersion: 2.6.6 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index b367ab88549..e9fe865ca12 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.6-dev +version: 2.6.6 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index b6939ad5ec4..11615030c50 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,18 @@ +## 1.7.0 + +### Query Metadata Changes + +* The `quality` tag has been added to multiple JavaScript quality queries, with tags for `reliability` or `maintainability` categories and their sub-categories. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. +* Added `reliability` tag to the `js/suspicious-method-name-declaration` query. +* Added `reliability` and `language-features` tags to the `js/template-syntax-in-string-literal` query. + +### Minor Analysis Improvements + +* The `js/loop-iteration-skipped-due-to-shifting` query now has the `reliability` tag. +* Fixed false positives in the `js/loop-iteration-skipped-due-to-shifting` query when the return value of `splice` is used to decide whether to adjust the loop counter. +* Fixed false positives in the `js/template-syntax-in-string-literal` query where template syntax in string concatenation and "manual string interpolation" patterns were incorrectly flagged. +* The `js/useless-expression` query now correctly flags only the innermost expressions with no effect, avoiding duplicate alerts on compound expressions. + ## 1.6.2 No user-facing changes. diff --git a/javascript/ql/src/change-notes/2025-05-30-dom-property-access.md b/javascript/ql/src/change-notes/2025-05-30-dom-property-access.md deleted file mode 100644 index 2dcb16a8327..00000000000 --- a/javascript/ql/src/change-notes/2025-05-30-dom-property-access.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `js/useless-expression` query now correctly flags only the innermost expressions with no effect, avoiding duplicate alerts on compound expressions. diff --git a/javascript/ql/src/change-notes/2025-06-12-loop-iteration-fix.md b/javascript/ql/src/change-notes/2025-06-12-loop-iteration-fix.md deleted file mode 100644 index 2716069fb71..00000000000 --- a/javascript/ql/src/change-notes/2025-06-12-loop-iteration-fix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed false positives in the `js/loop-iteration-skipped-due-to-shifting` query when the return value of `splice` is used to decide whether to adjust the loop counter. diff --git a/javascript/ql/src/change-notes/2025-06-12-loop-iteration.md b/javascript/ql/src/change-notes/2025-06-12-loop-iteration.md deleted file mode 100644 index 13b9fcf592a..00000000000 --- a/javascript/ql/src/change-notes/2025-06-12-loop-iteration.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `js/loop-iteration-skipped-due-to-shifting` query now has the `reliability` tag. diff --git a/javascript/ql/src/change-notes/2025-06-12-string-interpolation.md b/javascript/ql/src/change-notes/2025-06-12-string-interpolation.md deleted file mode 100644 index 446ecf0fcb2..00000000000 --- a/javascript/ql/src/change-notes/2025-06-12-string-interpolation.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed false positives in the `js/template-syntax-in-string-literal` query where template syntax in string concatenation and "manual string interpolation" patterns were incorrectly flagged. diff --git a/javascript/ql/src/change-notes/2025-06-12-suspicious-method-name.md b/javascript/ql/src/change-notes/2025-06-12-suspicious-method-name.md deleted file mode 100644 index dfee27ffdd3..00000000000 --- a/javascript/ql/src/change-notes/2025-06-12-suspicious-method-name.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Added `reliability` tag to the `js/suspicious-method-name-declaration` query. diff --git a/javascript/ql/src/change-notes/2025-06-12-template-syntax-metadata.md b/javascript/ql/src/change-notes/2025-06-12-template-syntax-metadata.md deleted file mode 100644 index f29f602095d..00000000000 --- a/javascript/ql/src/change-notes/2025-06-12-template-syntax-metadata.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Added `reliability` and `language-features` tags to the `js/template-syntax-in-string-literal` query. diff --git a/javascript/ql/src/change-notes/2025-06-16-mass-promotion.md b/javascript/ql/src/change-notes/2025-06-16-mass-promotion.md deleted file mode 100644 index dedaba09d1d..00000000000 --- a/javascript/ql/src/change-notes/2025-06-16-mass-promotion.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* The `quality` tag has been added to multiple JavaScript quality queries, with tags for `reliability` or `maintainability` categories and their sub-categories. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. diff --git a/javascript/ql/src/change-notes/released/1.7.0.md b/javascript/ql/src/change-notes/released/1.7.0.md new file mode 100644 index 00000000000..682a8b5d0c6 --- /dev/null +++ b/javascript/ql/src/change-notes/released/1.7.0.md @@ -0,0 +1,14 @@ +## 1.7.0 + +### Query Metadata Changes + +* The `quality` tag has been added to multiple JavaScript quality queries, with tags for `reliability` or `maintainability` categories and their sub-categories. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. +* Added `reliability` tag to the `js/suspicious-method-name-declaration` query. +* Added `reliability` and `language-features` tags to the `js/template-syntax-in-string-literal` query. + +### Minor Analysis Improvements + +* The `js/loop-iteration-skipped-due-to-shifting` query now has the `reliability` tag. +* Fixed false positives in the `js/loop-iteration-skipped-due-to-shifting` query when the return value of `splice` is used to decide whether to adjust the loop counter. +* Fixed false positives in the `js/template-syntax-in-string-literal` query where template syntax in string concatenation and "manual string interpolation" patterns were incorrectly flagged. +* The `js/useless-expression` query now correctly flags only the innermost expressions with no effect, avoiding duplicate alerts on compound expressions. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 5f5beb68311..d1184cc6750 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.2 +lastReleaseVersion: 1.7.0 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 0bfacd0c21e..546308a70c7 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.6.3-dev +version: 1.7.0 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 534af566852..c7c1d20c642 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.26.md b/misc/suite-helpers/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 848e808db34..1cfed45557b 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.26-dev +version: 1.0.26 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 09dc9d983a8..9f915e24edc 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.0.10 + +No user-facing changes. + ## 4.0.9 No user-facing changes. diff --git a/python/ql/lib/change-notes/released/4.0.10.md b/python/ql/lib/change-notes/released/4.0.10.md new file mode 100644 index 00000000000..5dd008b9fa1 --- /dev/null +++ b/python/ql/lib/change-notes/released/4.0.10.md @@ -0,0 +1,3 @@ +## 4.0.10 + +No user-facing changes. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 25b75788f99..df9695089ca 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.9 +lastReleaseVersion: 4.0.10 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index ffd394c2544..23e252fdf3d 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 4.0.10-dev +version: 4.0.10 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 292fda17c90..4a77f1a1d6d 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 1.6.0 + +### Query Metadata Changes + +* The tag `quality` has been added to multiple Python quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. + +### Minor Analysis Improvements + +* The `py/iter-returns-non-self` query has been modernized, and no longer alerts for certain cases where an equivalent iterator is returned. + ## 1.5.2 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/2025-05-23-iter-not-return-self.md b/python/ql/src/change-notes/2025-05-23-iter-not-return-self.md deleted file mode 100644 index 80b8313a72b..00000000000 --- a/python/ql/src/change-notes/2025-05-23-iter-not-return-self.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `py/iter-returns-non-self` query has been modernized, and no longer alerts for certain cases where an equivalent iterator is returned. \ No newline at end of file diff --git a/python/ql/src/change-notes/2025-06-18-quality-query-metadata.md b/python/ql/src/change-notes/released/1.6.0.md similarity index 59% rename from python/ql/src/change-notes/2025-06-18-quality-query-metadata.md rename to python/ql/src/change-notes/released/1.6.0.md index 92533f7df75..72dd1bf2002 100644 --- a/python/ql/src/change-notes/2025-06-18-quality-query-metadata.md +++ b/python/ql/src/change-notes/released/1.6.0.md @@ -1,5 +1,9 @@ +## 1.6.0 ---- -category: queryMetadata ---- -* The tag `quality` has been added to multiple Python quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. \ No newline at end of file +### Query Metadata Changes + +* The tag `quality` has been added to multiple Python quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories. + +### Minor Analysis Improvements + +* The `py/iter-returns-non-self` query has been modernized, and no longer alerts for certain cases where an equivalent iterator is returned. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 7eb901bae56..c4f0b07d533 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.2 +lastReleaseVersion: 1.6.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 2fa2d2204b9..0c32f4f2093 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.5.3-dev +version: 1.6.0 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index cdd84b3aeeb..2a4d6f21375 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.1.9 + +No user-facing changes. + ## 4.1.8 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/4.1.9.md b/ruby/ql/lib/change-notes/released/4.1.9.md new file mode 100644 index 00000000000..94eac40d6e3 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/4.1.9.md @@ -0,0 +1,3 @@ +## 4.1.9 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 8636017292c..4a8b9706277 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.1.8 +lastReleaseVersion: 4.1.9 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index ab4215ced20..40bb9be3252 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 4.1.9-dev +version: 4.1.9 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index fcee47275f5..ef903e8d144 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 1.4.0 + +### Query Metadata Changes + +* Update query metadata tags for `rb/database-query-in-loop` and `rb/useless-assignment-to-local` to align with the established +[Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags). + ## 1.3.2 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2025-06-17-tagging.md b/ruby/ql/src/change-notes/released/1.4.0.md similarity index 88% rename from ruby/ql/src/change-notes/2025-06-17-tagging.md rename to ruby/ql/src/change-notes/released/1.4.0.md index 757e1c55577..2c71d9748b4 100644 --- a/ruby/ql/src/change-notes/2025-06-17-tagging.md +++ b/ruby/ql/src/change-notes/released/1.4.0.md @@ -1,5 +1,6 @@ ---- -category: queryMetadata ---- +## 1.4.0 + +### Query Metadata Changes + * Update query metadata tags for `rb/database-query-in-loop` and `rb/useless-assignment-to-local` to align with the established [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags). diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 86a9cb32d86..b8b2e97d508 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.2 +lastReleaseVersion: 1.4.0 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index b6053c7a9ef..d5c59e42e0a 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.3.3-dev +version: 1.4.0 groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 85c29db05c1..aaaa73ae07e 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.1.11 + +### New Features + +* Initial public preview release. + ## 0.1.10 No user-facing changes. diff --git a/rust/ql/src/change-notes/2025-06-13-public-preview.md b/rust/ql/lib/change-notes/released/0.1.11.md similarity index 53% rename from rust/ql/src/change-notes/2025-06-13-public-preview.md rename to rust/ql/lib/change-notes/released/0.1.11.md index ab2250e3b58..58740d0b024 100644 --- a/rust/ql/src/change-notes/2025-06-13-public-preview.md +++ b/rust/ql/lib/change-notes/released/0.1.11.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- +## 0.1.11 + +### New Features + * Initial public preview release. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index 30f5ca88be0..1d1688e8d61 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.10 +lastReleaseVersion: 0.1.11 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index e20992cbb0b..a559ad4266e 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.1.11-dev +version: 0.1.11 groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 1459910b5ee..ad73b7174f9 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.1.11 + +### New Queries + +* Initial public preview release. + ## 0.1.10 No user-facing changes. diff --git a/rust/ql/lib/change-notes/2025-06-13-public-preview.md b/rust/ql/src/change-notes/released/0.1.11.md similarity index 54% rename from rust/ql/lib/change-notes/2025-06-13-public-preview.md rename to rust/ql/src/change-notes/released/0.1.11.md index d60dc3315b8..04115f54f4c 100644 --- a/rust/ql/lib/change-notes/2025-06-13-public-preview.md +++ b/rust/ql/src/change-notes/released/0.1.11.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 0.1.11 + +### New Queries + * Initial public preview release. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index 30f5ca88be0..1d1688e8d61 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.10 +lastReleaseVersion: 0.1.11 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index 9f1b7148e38..03403d6aaf4 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.11-dev +version: 0.1.11 groups: - rust - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index a9641b2d087..0109a7bd5a7 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.10 + +No user-facing changes. + ## 2.0.9 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.10.md b/shared/controlflow/change-notes/released/2.0.10.md new file mode 100644 index 00000000000..37310f107aa --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.10.md @@ -0,0 +1,3 @@ +## 2.0.10 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index ce305265e33..96ea0220a69 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.9 +lastReleaseVersion: 2.0.10 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 6325acc4c5b..e4a5a845477 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.10-dev +version: 2.0.10 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 10cb758f6ea..128d8ccd0d4 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.10 + +No user-facing changes. + ## 2.0.9 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.0.10.md b/shared/dataflow/change-notes/released/2.0.10.md new file mode 100644 index 00000000000..37310f107aa --- /dev/null +++ b/shared/dataflow/change-notes/released/2.0.10.md @@ -0,0 +1,3 @@ +## 2.0.10 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index ce305265e33..96ea0220a69 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.9 +lastReleaseVersion: 2.0.10 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 1e1736c81f6..146b0bcdc38 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.0.10-dev +version: 2.0.10 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index ac6be6596f7..01f4051da30 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.26.md b/shared/mad/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 0e8adfc89c2..c1c0f892106 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index d7831747b12..4ffbff1e0c4 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.4 + +No user-facing changes. + ## 0.0.3 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.4.md b/shared/quantum/change-notes/released/0.0.4.md new file mode 100644 index 00000000000..eefe286a4d8 --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.4.md @@ -0,0 +1,3 @@ +## 0.0.4 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index a24b693d1e7..ec411a674bc 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index d3b36828ade..6d08eb0c2b8 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.4-dev +version: 0.0.4 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index c06e99c5f7f..e0f22e5bc3a 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.26.md b/shared/rangeanalysis/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 059cf59c2bf..05741c7ad61 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 1a63aa6e43a..aced064cc7a 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.26.md b/shared/regex/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index a98c2f6003b..f6b25b571c3 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index fff1d5b89e2..2359940bf9a 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.2 + +No user-facing changes. + ## 2.0.1 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.2.md b/shared/ssa/change-notes/released/2.0.2.md new file mode 100644 index 00000000000..862ef0e9df7 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.2.md @@ -0,0 +1,3 @@ +## 2.0.2 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index fe974a4dbf3..81c7f1dbc13 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.1 +lastReleaseVersion: 2.0.2 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 4c73efe3912..2880b7ada2a 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.2-dev +version: 2.0.2 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 3fa1fa4c69b..0d814dec385 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.26.md b/shared/threat-models/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index fda94a8f4ff..0427de7fde8 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.26-dev +version: 1.0.26 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index a5290f62bb3..92ac100d5c8 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.26.md b/shared/tutorial/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 2ecf5730d21..62664382a22 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 2283f741ca7..7fa72fbd343 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.26.md b/shared/typeflow/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 119a36067be..b3793d6d29e 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index ad2e63eb470..8f58f5145db 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.7 + +No user-facing changes. + ## 0.0.6 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.7.md b/shared/typeinference/change-notes/released/0.0.7.md new file mode 100644 index 00000000000..84da6f18c42 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.7.md @@ -0,0 +1,3 @@ +## 0.0.7 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index cf398ce02aa..a2a5484910b 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.6 +lastReleaseVersion: 0.0.7 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 32fd6de02e8..24d2c4a200a 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.7-dev +version: 0.0.7 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 6e434da1f77..58e9c8119af 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.10 + +No user-facing changes. + ## 2.0.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.10.md b/shared/typetracking/change-notes/released/2.0.10.md new file mode 100644 index 00000000000..37310f107aa --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.10.md @@ -0,0 +1,3 @@ +## 2.0.10 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index ce305265e33..96ea0220a69 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.9 +lastReleaseVersion: 2.0.10 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 193e743290e..23c2d2f5995 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.10-dev +version: 2.0.10 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 62be8d62137..47359494704 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.26.md b/shared/typos/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 205c84402c0..0af8ef23422 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index e9eb55238ef..c8832ace022 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.13 + +No user-facing changes. + ## 2.0.12 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.13.md b/shared/util/change-notes/released/2.0.13.md new file mode 100644 index 00000000000..39a24682b50 --- /dev/null +++ b/shared/util/change-notes/released/2.0.13.md @@ -0,0 +1,3 @@ +## 2.0.13 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index b856d9a13f2..30d169d6eb8 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.12 +lastReleaseVersion: 2.0.13 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 5ed3783fded..19c7e5b61dd 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.13-dev +version: 2.0.13 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 1af448dd16d..a201e0d013f 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.26.md b/shared/xml/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 3c979618613..9e6cdf57613 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 7944d8a4a2f..74fcb889c9c 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.26 + +No user-facing changes. + ## 1.0.25 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.26.md b/shared/yaml/change-notes/released/1.0.26.md new file mode 100644 index 00000000000..4920e2b2435 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.26.md @@ -0,0 +1,3 @@ +## 1.0.26 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index a5a44030e85..125d169e44f 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.25 +lastReleaseVersion: 1.0.26 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 4dad8cfd7f9..08e295a1b69 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.26-dev +version: 1.0.26 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index bc63ecb86b4..627463a2cac 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 5.0.2 + +No user-facing changes. + ## 5.0.1 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/released/5.0.2.md b/swift/ql/lib/change-notes/released/5.0.2.md new file mode 100644 index 00000000000..3f921f9ca8b --- /dev/null +++ b/swift/ql/lib/change-notes/released/5.0.2.md @@ -0,0 +1,3 @@ +## 5.0.2 + +No user-facing changes. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index ae7df5e18b7..3940dee0f32 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.0.1 +lastReleaseVersion: 5.0.2 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 68ce7d4f490..639dcd6ec40 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 5.0.2-dev +version: 5.0.2 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 54ed582d8d9..5f5f43bafae 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.2.0 + +### Query Metadata Changes + +* Adjusts the `@security-severity` from 9.3 to 7.3 for `swift/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. + ## 1.1.5 No user-facing changes. diff --git a/swift/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md b/swift/ql/src/change-notes/released/1.2.0.md similarity index 59% rename from swift/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md rename to swift/ql/src/change-notes/released/1.2.0.md index 43be14dc8eb..fddc229c985 100644 --- a/swift/ql/src/change-notes/2025-06-06-reduce-CWE-134-for-memory-safe-languages.md +++ b/swift/ql/src/change-notes/released/1.2.0.md @@ -1,4 +1,5 @@ ---- -category: queryMetadata ---- -* Adjusts the `@security-severity` from 9.3 to 7.3 for `swift/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. \ No newline at end of file +## 1.2.0 + +### Query Metadata Changes + +* Adjusts the `@security-severity` from 9.3 to 7.3 for `swift/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index df39a9de059..75430e73d1c 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.5 +lastReleaseVersion: 1.2.0 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index b5bf65254e8..562310fcbe3 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.1.6-dev +version: 1.2.0 groups: - swift - queries