mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Release preparation for version 2.22.1
This commit is contained in:
github-actions[bot]
@@ -1,3 +1,11 @@
|
||||
## 0.4.12
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Fixed performance issues in the parsing of Bash scripts in workflow files,
|
||||
which led to out-of-disk errors when analysing certain workflow files with
|
||||
complex interpolations of shell commands or quoted strings.
|
||||
|
||||
## 0.4.11
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.4.12
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Fixed performance issues in the parsing of Bash scripts in workflow files,
|
||||
which led to out-of-disk errors when analysing certain workflow files with
|
||||
complex interpolations of shell commands or quoted strings.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.4.11
|
||||
lastReleaseVersion: 0.4.12
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-all
|
||||
version: 0.4.12-dev
|
||||
version: 0.4.12
|
||||
library: true
|
||||
warnOnImplicitThis: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.6.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.6.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
actions/ql/src/change-notes/released/0.6.4.md
Normal file
3
actions/ql/src/change-notes/released/0.6.4.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.6.4
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.6.3
|
||||
lastReleaseVersion: 0.6.4
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-queries
|
||||
version: 0.6.4-dev
|
||||
version: 0.6.4
|
||||
library: false
|
||||
warnOnImplicitThis: true
|
||||
groups: [actions, queries]
|
||||
|
||||
@@ -1,3 +1,20 @@
|
||||
## 5.2.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The `ThrowingFunction` class (`semmle.code.cpp.models.interfaces.Throwing`) has been deprecated. Please use the `AlwaysSehThrowingFunction` class instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a predicate `getAnAttribute` to `Namespace` to retrieve a namespace attribute.
|
||||
* The Microsoft-specific `__leave` statement is now supported.
|
||||
* A new class `LeaveStmt` extending `JumpStmt` was added to represent `__leave` statements.
|
||||
* Added a predicate `hasParameterList` to `LambdaExpression` to capture whether a lambda has an explicitly specified parameter list.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* `resolveTypedefs` now properly resolves typedefs for `ArrayType`s.
|
||||
|
||||
## 5.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* The `ThrowingFunction` class (`semmle.code.cpp.models.interfaces.Throwing`) has been deprecated. Please use the `AlwaysSehThrowingFunction` class instead.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a predicate `hasParameterList` to `LambdaExpression` to capture whether a lambda has an explicitly specified parameter list.
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* The Microsoft-specific `__leave` statement is now supported.
|
||||
* A new class `LeaveStmt` extending `JumpStmt` was added to represent `__leave` statements.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a predicate `getAnAttribute` to `Namespace` to retrieve a namespace attribute.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* `resolveTypedefs` now properly resolves typedefs for `ArrayType`s.
|
||||
16
cpp/ql/lib/change-notes/released/5.2.0.md
Normal file
16
cpp/ql/lib/change-notes/released/5.2.0.md
Normal file
@@ -0,0 +1,16 @@
|
||||
## 5.2.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The `ThrowingFunction` class (`semmle.code.cpp.models.interfaces.Throwing`) has been deprecated. Please use the `AlwaysSehThrowingFunction` class instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a predicate `getAnAttribute` to `Namespace` to retrieve a namespace attribute.
|
||||
* The Microsoft-specific `__leave` statement is now supported.
|
||||
* A new class `LeaveStmt` extending `JumpStmt` was added to represent `__leave` statements.
|
||||
* Added a predicate `hasParameterList` to `LambdaExpression` to capture whether a lambda has an explicitly specified parameter list.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* `resolveTypedefs` now properly resolves typedefs for `ArrayType`s.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 5.1.0
|
||||
lastReleaseVersion: 5.2.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 5.1.1-dev
|
||||
version: 5.2.0
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 1.4.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added flow model for the following libraries: `madler/zlib`, `google/brotli`, `libidn/libidn2`, `libssh2/libssh2/`, `nghttp2/nghttp2`, `libuv/libuv/`, and `curl/curl`. This may result in more alerts when running queries on codebases that use these libraries.
|
||||
|
||||
## 1.4.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 1.4.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added flow model for the following libraries: `madler/zlib`, `google/brotli`, `libidn/libidn2`, `libssh2/libssh2/`, `nghttp2/nghttp2`, `libuv/libuv/`, and `curl/curl`. This may result in more alerts when running queries on codebases that use these libraries.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.4.2
|
||||
lastReleaseVersion: 1.4.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 1.4.3-dev
|
||||
version: 1.4.3
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.43
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.42
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.43
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.42
|
||||
lastReleaseVersion: 1.7.43
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.43-dev
|
||||
version: 1.7.43
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.43
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.42
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.43
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.42
|
||||
lastReleaseVersion: 1.7.43
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.43-dev
|
||||
version: 1.7.43
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 5.1.9
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 5.1.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
csharp/ql/lib/change-notes/released/5.1.9.md
Normal file
3
csharp/ql/lib/change-notes/released/5.1.9.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 5.1.9
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 5.1.8
|
||||
lastReleaseVersion: 5.1.9
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 5.1.9-dev
|
||||
version: 5.1.9
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,3 +1,14 @@
|
||||
## 1.3.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* Query metadata tags have been systematically updated for many C# queries. Primary categorization as either `reliability` or `maintainability`, and relevant sub-category tags such as `readability`, `useless-code`, `complexity`, `performance`, `correctness`, `error-handling`, and `concurrency`. Aligns with the established [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags).
|
||||
* Adjusts the `@security-severity` from 9.3 to 7.3 for `cs/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The queries `cs/dereferenced-value-is-always-null` and `cs/dereferenced-value-may-be-null` have been improved to reduce false positives. The queries no longer assume that expressions are dereferenced when passed as the receiver (`this` parameter) to extension methods where that parameter is a nullable type.
|
||||
|
||||
## 1.2.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The queries `cs/dereferenced-value-is-always-null` and `cs/dereferenced-value-may-be-null` have been improved to reduce false positives. The queries no longer assume that expressions are dereferenced when passed as the receiver (`this` parameter) to extension methods where that parameter is a nullable type.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Adjusts the `@security-severity` from 9.3 to 7.3 for `cs/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Query metadata tags have been systematically updated for many C# queries. Primary categorization as either `reliability` or `maintainability`, and relevant sub-category tags such as `readability`, `useless-code`, `complexity`, `performance`, `correctness`, `error-handling`, and `concurrency`. Aligns with the established [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags).
|
||||
10
csharp/ql/src/change-notes/released/1.3.0.md
Normal file
10
csharp/ql/src/change-notes/released/1.3.0.md
Normal file
@@ -0,0 +1,10 @@
|
||||
## 1.3.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* Query metadata tags have been systematically updated for many C# queries. Primary categorization as either `reliability` or `maintainability`, and relevant sub-category tags such as `readability`, `useless-code`, `complexity`, `performance`, `correctness`, `error-handling`, and `concurrency`. Aligns with the established [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags).
|
||||
* Adjusts the `@security-severity` from 9.3 to 7.3 for `cs/uncontrolled-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The queries `cs/dereferenced-value-is-always-null` and `cs/dereferenced-value-may-be-null` have been improved to reduce false positives. The queries no longer assume that expressions are dereferenced when passed as the receiver (`this` parameter) to extension methods where that parameter is a nullable type.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.2.2
|
||||
lastReleaseVersion: 1.3.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 1.2.3-dev
|
||||
version: 1.3.0
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.0.26
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.25
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.0.26
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.25
|
||||
lastReleaseVersion: 1.0.26
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 1.0.26-dev
|
||||
version: 1.0.26
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 4.2.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 4.2.7
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
3
go/ql/lib/change-notes/released/4.2.8.md
Normal file
3
go/ql/lib/change-notes/released/4.2.8.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 4.2.8
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 4.2.7
|
||||
lastReleaseVersion: 4.2.8
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 4.2.8-dev
|
||||
version: 4.2.8
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
## 1.4.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The tag `quality` has been added to multiple Go quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
* The tag `external/cwe/cwe-129` has been added to `go/constant-length-comparison`.
|
||||
* The tag `external/cwe/cwe-193` has been added to `go/index-out-of-bounds`.
|
||||
* The tag `external/cwe/cwe-197` has been added to `go/shift-out-of-range`.
|
||||
* The tag `external/cwe/cwe-248` has been added to `go/redundant-recover`.
|
||||
* The tag `external/cwe/cwe-252` has been added to `go/missing-error-check` and `go/unhandled-writable-file-close`.
|
||||
* The tag `external/cwe/cwe-480` has been added to `go/mistyped-exponentiation`.
|
||||
* The tag `external/cwe/cwe-570` has been added to `go/impossible-interface-nil-check` and `go/comparison-of-identical-expressions`.
|
||||
* The tag `external/cwe/cwe-571` has been added to `go/negative-length-check` and `go/comparison-of-identical-expressions`.
|
||||
* The tag `external/cwe/cwe-783` has been added to `go/whitespace-contradicts-precedence`.
|
||||
* The tag `external/cwe/cwe-835` has been added to `go/inconsistent-loop-direction`.
|
||||
* The tag `error-handling` has been added to `go/missing-error-check`, `go/unhandled-writable-file-close`, and `go/unexpected-nil-value`.
|
||||
* The tag `useless-code` has been added to `go/useless-assignment-to-field`, `go/useless-assignment-to-local`, `go/useless-expression`, and `go/unreachable-statement`.
|
||||
* The tag `logic` has been removed from `go/index-out-of-bounds` and `go/unexpected-nil-value`.
|
||||
* The tags `call` and `defer` have been removed from `go/unhandled-writable-file-close`.
|
||||
* The tags `correctness` and `quality` have been reordered in `go/missing-error-check` and `go/unhandled-writable-file-close`.
|
||||
* The tag `maintainability` has been changed to `reliability` for `go/unhandled-writable-file-close`.
|
||||
* The tag order has been standardized to have `quality` first, followed by the top-level category (`reliability` or `maintainability`), then sub-category tags, and finally CWE tags.
|
||||
* The description text has been updated in `go/whitespace-contradicts-precedence` to change "may even indicate" to "may indicate".
|
||||
|
||||
## 1.3.0
|
||||
|
||||
### New Queries
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
## 1.4.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The tag `quality` has been added to multiple Go quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
* The tag `external/cwe/cwe-129` has been added to `go/constant-length-comparison`.
|
||||
* The tag `external/cwe/cwe-193` has been added to `go/index-out-of-bounds`.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.3.0
|
||||
lastReleaseVersion: 1.4.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 1.3.1-dev
|
||||
version: 1.4.0
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 7.3.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Java `assert` statements are now assumed to be executed for the purpose of analysing control flow. This improves precision for a number of queries.
|
||||
|
||||
## 7.3.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 7.3.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Java `assert` statements are now assumed to be executed for the purpose of analysing control flow. This improves precision for a number of queries.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 7.3.1
|
||||
lastReleaseVersion: 7.3.2
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 7.3.2-dev
|
||||
version: 7.3.2
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -1,3 +1,24 @@
|
||||
## 1.6.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The tag `quality` has been added to multiple Java quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
* The tag `external/cwe/cwe-571` has been added to `java/equals-on-unrelated-types`.
|
||||
* The tag `readability` has been added to `java/missing-override-annotation`, `java/deprecated-call`, `java/inconsistent-javadoc-throws`, `java/unknown-javadoc-parameter`, `java/jdk-internal-api-access`, `java/underscore-identifier`, `java/misleading-indentation`, `java/inefficient-empty-string-test`, `java/non-static-nested-class`, `inefficient-string-constructor`, and `java/constants-only-interface`.
|
||||
* The tag `useless-code` has been added to `java/useless-type-test`, and `java/useless-tostring-call`.
|
||||
* The tag `complexity` has been added to `java/chained-type-tests`, and `java/abstract-to-concrete-cast`.
|
||||
* The tag `error-handling` has been added to `java/ignored-error-status-of-call`, and `java/uncaught-number-format-exception`.
|
||||
* The tag `correctness` has been added to `java/evaluation-to-constant`, `java/whitespace-contradicts-precedence`, `java/empty-container`, `java/string-buffer-char-init`, `java/call-to-object-tostring`, `java/print-array` and `java/internal-representation-exposure`.
|
||||
* The tag `performance` has been added to `java/input-resource-leak`, `java/database-resource-leak`, `java/output-resource-leak`, `java/inefficient-key-set-iterator`, `java/inefficient-output-stream`, and `java/inefficient-boxed-constructor`.
|
||||
* The tag `correctness` has been removed from `java/call-to-thread-run`, `java/unsafe-double-checked-locking`, `java/unsafe-double-checked-locking-init-order`, `java/non-sync-override`, `java/sync-on-boxed-types`, `java/unsynchronized-getter`, `java/input-resource-leak`, `java/output-resource-leak`, `java/database-resource-leak`, and `java/ignored-error-status-of-call`.
|
||||
* The tags `maintainability` has been removed from `java/string-buffer-char-init`, `java/inefficient-key-set-iterator`, `java/inefficient-boxed-constructor`, and `java/internal-representation-exposure`.
|
||||
* The tags `reliability` has been removed from `java/subtle-inherited-call`, `java/print-array`, and `java/call-to-object-tostring`.
|
||||
* The tags `maintainability` and `useless-code` have been removed from `java/evaluation-to-constant`.
|
||||
* The tags `maintainability` and `readability` have been removed from `java/whitespace-contradicts-precedence`.
|
||||
* The tags `maintainability` and `useless-code` have been removed from `java/empty-container`.
|
||||
* Adjusts the `@precision` from high to medium for `java/concatenated-command-line` because it is producing false positive alerts when the concatenated strings are hard-coded.
|
||||
* Adjusts the `@security-severity` from 9.3 to 7.3 for `java/tainted-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact.
|
||||
|
||||
## 1.5.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Adjusts the `@security-severity` from 9.3 to 7.3 for `java/tainted-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Adjusts the `@precision` from high to medium for `java/concatenated-command-line` because it is producing false positive alerts when the concatenated strings are hard-coded.
|
||||
@@ -1,6 +1,7 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
## 1.6.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The tag `quality` has been added to multiple Java quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
* The tag `external/cwe/cwe-571` has been added to `java/equals-on-unrelated-types`.
|
||||
* The tag `readability` has been added to `java/missing-override-annotation`, `java/deprecated-call`, `java/inconsistent-javadoc-throws`, `java/unknown-javadoc-parameter`, `java/jdk-internal-api-access`, `java/underscore-identifier`, `java/misleading-indentation`, `java/inefficient-empty-string-test`, `java/non-static-nested-class`, `inefficient-string-constructor`, and `java/constants-only-interface`.
|
||||
@@ -15,3 +16,5 @@ category: queryMetadata
|
||||
* The tags `maintainability` and `useless-code` have been removed from `java/evaluation-to-constant`.
|
||||
* The tags `maintainability` and `readability` have been removed from `java/whitespace-contradicts-precedence`.
|
||||
* The tags `maintainability` and `useless-code` have been removed from `java/empty-container`.
|
||||
* Adjusts the `@precision` from high to medium for `java/concatenated-command-line` because it is producing false positive alerts when the concatenated strings are hard-coded.
|
||||
* Adjusts the `@security-severity` from 9.3 to 7.3 for `java/tainted-format-string` to align `CWE-134` severity for memory safe languages to better reflect their impact.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.5.2
|
||||
lastReleaseVersion: 1.6.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 1.5.3-dev
|
||||
version: 1.6.0
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,15 @@
|
||||
## 2.6.6
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations.
|
||||
* Improved data flow tracking through middleware to handle default value and similar patterns.
|
||||
* Added `req._parsedUrl` as a remote input source.
|
||||
* Improved taint tracking through calls to `serialize-javascript`.
|
||||
* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery.
|
||||
* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file.
|
||||
* Added support for Axios instances in the `axios` module.
|
||||
|
||||
## 2.6.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added support for Axios instances in the `axios` module.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery.
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved data flow tracking through middleware to handle default value and similar patterns.
|
||||
* Added `req._parsedUrl` as a remote input source.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved taint tracking through calls to `serialize-javascript`.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations.
|
||||
11
javascript/ql/lib/change-notes/released/2.6.6.md
Normal file
11
javascript/ql/lib/change-notes/released/2.6.6.md
Normal file
@@ -0,0 +1,11 @@
|
||||
## 2.6.6
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations.
|
||||
* Improved data flow tracking through middleware to handle default value and similar patterns.
|
||||
* Added `req._parsedUrl` as a remote input source.
|
||||
* Improved taint tracking through calls to `serialize-javascript`.
|
||||
* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery.
|
||||
* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file.
|
||||
* Added support for Axios instances in the `axios` module.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.6.5
|
||||
lastReleaseVersion: 2.6.6
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 2.6.6-dev
|
||||
version: 2.6.6
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -1,3 +1,18 @@
|
||||
## 1.7.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The `quality` tag has been added to multiple JavaScript quality queries, with tags for `reliability` or `maintainability` categories and their sub-categories. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
* Added `reliability` tag to the `js/suspicious-method-name-declaration` query.
|
||||
* Added `reliability` and `language-features` tags to the `js/template-syntax-in-string-literal` query.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `js/loop-iteration-skipped-due-to-shifting` query now has the `reliability` tag.
|
||||
* Fixed false positives in the `js/loop-iteration-skipped-due-to-shifting` query when the return value of `splice` is used to decide whether to adjust the loop counter.
|
||||
* Fixed false positives in the `js/template-syntax-in-string-literal` query where template syntax in string concatenation and "manual string interpolation" patterns were incorrectly flagged.
|
||||
* The `js/useless-expression` query now correctly flags only the innermost expressions with no effect, avoiding duplicate alerts on compound expressions.
|
||||
|
||||
## 1.6.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `js/useless-expression` query now correctly flags only the innermost expressions with no effect, avoiding duplicate alerts on compound expressions.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Fixed false positives in the `js/loop-iteration-skipped-due-to-shifting` query when the return value of `splice` is used to decide whether to adjust the loop counter.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `js/loop-iteration-skipped-due-to-shifting` query now has the `reliability` tag.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Fixed false positives in the `js/template-syntax-in-string-literal` query where template syntax in string concatenation and "manual string interpolation" patterns were incorrectly flagged.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Added `reliability` tag to the `js/suspicious-method-name-declaration` query.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Added `reliability` and `language-features` tags to the `js/template-syntax-in-string-literal` query.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* The `quality` tag has been added to multiple JavaScript quality queries, with tags for `reliability` or `maintainability` categories and their sub-categories. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
14
javascript/ql/src/change-notes/released/1.7.0.md
Normal file
14
javascript/ql/src/change-notes/released/1.7.0.md
Normal file
@@ -0,0 +1,14 @@
|
||||
## 1.7.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The `quality` tag has been added to multiple JavaScript quality queries, with tags for `reliability` or `maintainability` categories and their sub-categories. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
* Added `reliability` tag to the `js/suspicious-method-name-declaration` query.
|
||||
* Added `reliability` and `language-features` tags to the `js/template-syntax-in-string-literal` query.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `js/loop-iteration-skipped-due-to-shifting` query now has the `reliability` tag.
|
||||
* Fixed false positives in the `js/loop-iteration-skipped-due-to-shifting` query when the return value of `splice` is used to decide whether to adjust the loop counter.
|
||||
* Fixed false positives in the `js/template-syntax-in-string-literal` query where template syntax in string concatenation and "manual string interpolation" patterns were incorrectly flagged.
|
||||
* The `js/useless-expression` query now correctly flags only the innermost expressions with no effect, avoiding duplicate alerts on compound expressions.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.6.2
|
||||
lastReleaseVersion: 1.7.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 1.6.3-dev
|
||||
version: 1.7.0
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.0.26
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.25
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
misc/suite-helpers/change-notes/released/1.0.26.md
Normal file
3
misc/suite-helpers/change-notes/released/1.0.26.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.0.26
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.25
|
||||
lastReleaseVersion: 1.0.26
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
name: codeql/suite-helpers
|
||||
version: 1.0.26-dev
|
||||
version: 1.0.26
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 4.0.10
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 4.0.9
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
python/ql/lib/change-notes/released/4.0.10.md
Normal file
3
python/ql/lib/change-notes/released/4.0.10.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 4.0.10
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 4.0.9
|
||||
lastReleaseVersion: 4.0.10
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-all
|
||||
version: 4.0.10-dev
|
||||
version: 4.0.10
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
||||
@@ -1,3 +1,13 @@
|
||||
## 1.6.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The tag `quality` has been added to multiple Python quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `py/iter-returns-non-self` query has been modernized, and no longer alerts for certain cases where an equivalent iterator is returned.
|
||||
|
||||
## 1.5.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `py/iter-returns-non-self` query has been modernized, and no longer alerts for certain cases where an equivalent iterator is returned.
|
||||
@@ -1,5 +1,9 @@
|
||||
## 1.6.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* The tag `quality` has been added to multiple Python quality queries for consistency. They have all been given a tag for one of the two top-level categories `reliability` or `maintainability`, and a tag for a sub-category. See [Query file metadata and alert message style guide](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#quality-query-sub-category-tags) for more information about these categories.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `py/iter-returns-non-self` query has been modernized, and no longer alerts for certain cases where an equivalent iterator is returned.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.5.2
|
||||
lastReleaseVersion: 1.6.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-queries
|
||||
version: 1.5.3-dev
|
||||
version: 1.6.0
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 4.1.9
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 4.1.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
ruby/ql/lib/change-notes/released/4.1.9.md
Normal file
3
ruby/ql/lib/change-notes/released/4.1.9.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 4.1.9
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 4.1.8
|
||||
lastReleaseVersion: 4.1.9
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-all
|
||||
version: 4.1.9-dev
|
||||
version: 4.1.9
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user