mirror of
https://github.com/github/codeql.git
synced 2026-02-12 05:01:06 +01:00
Release preparation for version 2.24.0
This commit is contained in:
github-actions[bot]
@@ -1,3 +1,7 @@
|
||||
## 1.7.57
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.56
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.57
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.56
|
||||
lastReleaseVersion: 1.7.57
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.57-dev
|
||||
version: 1.7.57
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.57
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.56
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.57
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.56
|
||||
lastReleaseVersion: 1.7.57
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.57-dev
|
||||
version: 1.7.57
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,22 @@
|
||||
## 5.4.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* When a code-scanning configuration specifies the `paths:` and/or `paths-ignore:` settings, these are now taken into account by the C# extractor's search for `.config`, `.props`, XML and project files.
|
||||
* Updated the generated .NET “models as data” runtime models to cover .NET 10.
|
||||
* C# 14: Support for *implicit* span conversions in the QL library.
|
||||
* Basic extractor support for .NET 10 is now available. Extraction is supported for .NET 10 projects in both traced mode and `build mode: none`. However, code that uses language features new to C# 14 is not yet fully supported for extraction and analysis.
|
||||
* Added autobuilder and `build-mode: none` support for `.slnx` solution files.
|
||||
* In `build mode: none`, .NET 10 is now used by default unless a specific .NET version is specified elsewhere.
|
||||
* Added implicit reads of `System.Collections.Generic.KeyValuePair.Value` at taint-tracking sinks and at inputs to additional taint steps. As a result, taint-tracking queries will now produce more results when a container is tainted.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed two issues affecting build mode `none`:
|
||||
* Corrected version sorting logic when detecting the newest .NET framework to use.
|
||||
* Improved stability for .NET 10 compatibility.
|
||||
* Fixed an issue where compiler-generated files were not being extracted. The extractor now runs after compilation completes to ensure all generated files are properly analyzed.
|
||||
|
||||
## 5.4.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added implicit reads of `System.Collections.Generic.KeyValuePair.Value` at taint-tracking sinks and at inputs to additional taint steps. As a result, taint-tracking queries will now produce more results when a container is tainted.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed an issue where compiler-generated files were not being extracted. The extractor now runs after compilation completes to ensure all generated files are properly analyzed.
|
||||
@@ -1,6 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed two issues affecting build mode `none`:
|
||||
* Corrected version sorting logic when detecting the newest .NET framework to use.
|
||||
* Improved stability for .NET 10 compatibility.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* In `build mode: none`, .NET 10 is now used by default unless a specific .NET version is specified elsewhere.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Basic extractor support for .NET 10 is now available. Extraction is supported for .NET 10 projects in both traced mode and `build mode: none`. However, code that uses language features new to C# 14 is not yet fully supported for extraction and analysis.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added autobuilder and `build-mode: none` support for `.slnx` solution files.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* C# 14: Support for *implicit* span conversions in the QL library.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Updated the generated .NET “models as data” runtime models to cover .NET 10.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* When a code-scanning configuration specifies the `paths:` and/or `paths-ignore:` settings, these are now taken into account by the C# extractor's search for `.config`, `.props`, XML and project files.
|
||||
18
csharp/ql/lib/change-notes/released/5.4.5.md
Normal file
18
csharp/ql/lib/change-notes/released/5.4.5.md
Normal file
@@ -0,0 +1,18 @@
|
||||
## 5.4.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* When a code-scanning configuration specifies the `paths:` and/or `paths-ignore:` settings, these are now taken into account by the C# extractor's search for `.config`, `.props`, XML and project files.
|
||||
* Updated the generated .NET “models as data” runtime models to cover .NET 10.
|
||||
* C# 14: Support for *implicit* span conversions in the QL library.
|
||||
* Basic extractor support for .NET 10 is now available. Extraction is supported for .NET 10 projects in both traced mode and `build mode: none`. However, code that uses language features new to C# 14 is not yet fully supported for extraction and analysis.
|
||||
* Added autobuilder and `build-mode: none` support for `.slnx` solution files.
|
||||
* In `build mode: none`, .NET 10 is now used by default unless a specific .NET version is specified elsewhere.
|
||||
* Added implicit reads of `System.Collections.Generic.KeyValuePair.Value` at taint-tracking sinks and at inputs to additional taint steps. As a result, taint-tracking queries will now produce more results when a container is tainted.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed two issues affecting build mode `none`:
|
||||
* Corrected version sorting logic when detecting the newest .NET framework to use.
|
||||
* Improved stability for .NET 10 compatibility.
|
||||
* Fixed an issue where compiler-generated files were not being extracted. The extractor now runs after compilation completes to ensure all generated files are properly analyzed.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 5.4.4
|
||||
lastReleaseVersion: 5.4.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 5.4.5-dev
|
||||
version: 5.4.5
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,3 +1,14 @@
|
||||
## 1.6.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* Updated the `name`, `description`, and alert message of `cs/path-combine` to have more details about why it's a problem.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added `NHibernate.ISession.CreateSQLQuery`, `NHibernate.IStatelessSession.CreateSQLQuery` and `NHibernate.Impl.AbstractSessionImpl.CreateSQLQuery` as SQL injection sinks.
|
||||
* The `Missing cross-site request forgery token validation` query was extended to support ASP.NET Core.
|
||||
|
||||
## 1.5.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `Missing cross-site request forgery token validation` query was extended to support ASP.NET Core.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added `NHibernate.ISession.CreateSQLQuery`, `NHibernate.IStatelessSession.CreateSQLQuery` and `NHibernate.Impl.AbstractSessionImpl.CreateSQLQuery` as SQL injection sinks.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Updated the `name`, `description`, and alert message of `cs/path-combine` to have more details about why it's a problem.
|
||||
10
csharp/ql/src/change-notes/released/1.6.0.md
Normal file
10
csharp/ql/src/change-notes/released/1.6.0.md
Normal file
@@ -0,0 +1,10 @@
|
||||
## 1.6.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* Updated the `name`, `description`, and alert message of `cs/path-combine` to have more details about why it's a problem.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added `NHibernate.ISession.CreateSQLQuery`, `NHibernate.IStatelessSession.CreateSQLQuery` and `NHibernate.Impl.AbstractSessionImpl.CreateSQLQuery` as SQL injection sinks.
|
||||
* The `Missing cross-site request forgery token validation` query was extended to support ASP.NET Core.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.5.4
|
||||
lastReleaseVersion: 1.6.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 1.5.5-dev
|
||||
version: 1.6.0
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
Reference in New Issue
Block a user