Merge pull request #21859 from github/release-prep/2.25.5

Release preparation for version 2.25.5

actions/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.4.36
+
+### Minor Analysis Improvements
+
+* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`.
+
 ## 0.4.35
 
 No user-facing changes.

actions/ql/lib/change-notes/released/0.4.36.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`.
+## 0.4.36
+
+### Minor Analysis Improvements
+
+* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`.

actions/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.35
+lastReleaseVersion: 0.4.36

actions/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.36-dev
+version: 0.4.36
 library: true
 warnOnImplicitThis: true
 dependencies:

actions/ql/src/CHANGELOG.md

@@ -1,3 +1,17 @@
+## 0.6.28
+
+### Query Metadata Changes
+
+* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context.
+
+### Minor Analysis Improvements
+
+* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem.
+
+### Bug Fixes
+
+* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. 
+
 ## 0.6.27
 
 No user-facing changes.

actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-helpfile.md

@@ -1,4 +0,0 @@
----
-category: fix
----
-* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. 

actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-metadata.md

@@ -1,4 +0,0 @@
----
-category: queryMetadata
----
-* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context.

actions/ql/src/change-notes/2026-04-20-unpinned-tag-composite-actions.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem.

actions/ql/src/change-notes/released/0.6.28.md

@@ -0,0 +1,13 @@
+## 0.6.28
+
+### Query Metadata Changes
+
+* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context.
+
+### Minor Analysis Improvements
+
+* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem.
+
+### Bug Fixes
+
+* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. 

actions/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.27
+lastReleaseVersion: 0.6.28

actions/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.6.28-dev
+version: 0.6.28
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 10.1.1
+
+### Minor Analysis Improvements
+
+* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket.
+
 ## 10.1.0
 
 ### New Features

cpp/ql/lib/change-notes/released/10.1.1.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket.
+## 10.1.1
+
+### Minor Analysis Improvements
+
+* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 10.1.0
+lastReleaseVersion: 10.1.1

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 10.1.1-dev
+version: 10.1.1
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 1.6.3
+
+### Minor Analysis Improvements
+
+* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`.
+
 ## 1.6.2
 
 No user-facing changes.

cpp/ql/src/change-notes/released/1.6.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`.
+## 1.6.3
+
+### Minor Analysis Improvements
+
+* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.2
+lastReleaseVersion: 1.6.3

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.6.3-dev
+version: 1.6.3
 groups:
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.67
+
+No user-facing changes.
+
 ## 1.7.66
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.67.md

@@ -0,0 +1,3 @@
+## 1.7.67
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.66
+lastReleaseVersion: 1.7.67

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.67-dev
+version: 1.7.67
 groups:
   - csharp
   - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.67
+
+No user-facing changes.
+
 ## 1.7.66
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.67.md

@@ -0,0 +1,3 @@
+## 1.7.67
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.66
+lastReleaseVersion: 1.7.67

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.67-dev
+version: 1.7.67
 groups:
   - csharp
   - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 6.0.1
+
+No user-facing changes.
+
 ## 6.0.0
 
 ### Breaking Changes

csharp/ql/lib/change-notes/released/6.0.1.md

@@ -0,0 +1,3 @@
+## 6.0.1
+
+No user-facing changes.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 6.0.0
+lastReleaseVersion: 6.0.1

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 6.0.1-dev
+version: 6.0.1
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.3
+
+No user-facing changes.
+
 ## 1.7.2
 
 No user-facing changes.

csharp/ql/src/change-notes/released/1.7.3.md

@@ -0,0 +1,3 @@
+## 1.7.3
+
+No user-facing changes.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.2
+lastReleaseVersion: 1.7.3

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.7.3-dev
+version: 1.7.3
 groups:
   - csharp
   - queries

go/ql/consistency-queries/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.0.50
+
+No user-facing changes.
+
 ## 1.0.49
 
 No user-facing changes.

go/ql/consistency-queries/change-notes/released/1.0.50.md

@@ -0,0 +1,3 @@
+## 1.0.50
+
+No user-facing changes.

go/ql/consistency-queries/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.49
+lastReleaseVersion: 1.0.50

go/ql/consistency-queries/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.50-dev
+version: 1.0.50
 groups:
   - go
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 7.1.1
+
+No user-facing changes.
+
 ## 7.1.0
 
 ### New Features

go/ql/lib/change-notes/released/7.1.1.md

@@ -0,0 +1,3 @@
+## 7.1.1
+
+No user-facing changes.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.1.0
+lastReleaseVersion: 7.1.1

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 7.1.1-dev
+version: 7.1.1
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.6.3
+
+No user-facing changes.
+
 ## 1.6.2
 
 No user-facing changes.

go/ql/src/change-notes/released/1.6.3.md

@@ -0,0 +1,3 @@
+## 1.6.3
+
+No user-facing changes.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.2
+lastReleaseVersion: 1.6.3

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 1.6.3-dev
+version: 1.6.3
 groups:
   - go
   - queries

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 9.1.1
+
+### Minor Analysis Improvements
+
+* Introduced a new sink kind `path-injection[read]` for Models-as-Data rows that only read from a path (such as `ClassLoader.getResource`, `FileInputStream`, `FileReader`, `Files.readAllBytes`, and related APIs). The general `java/path-injection` query continues to consider both `path-injection` and `path-injection[read]` sinks.
+
 ## 9.1.0
 
 ### New Features

java/ql/lib/change-notes/released/9.1.1.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 9.1.1
+
+### Minor Analysis Improvements
+
 * Introduced a new sink kind `path-injection[read]` for Models-as-Data rows that only read from a path (such as `ClassLoader.getResource`, `FileInputStream`, `FileReader`, `Files.readAllBytes`, and related APIs). The general `java/path-injection` query continues to consider both `path-injection` and `path-injection[read]` sinks.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 9.1.0
+lastReleaseVersion: 9.1.1

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 9.1.1-dev
+version: 9.1.1
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 1.11.3
+
+### Minor Analysis Improvements
+
+* The `java/zipslip` query no longer reports archive entry names that flow only to read-only path sinks such as `ClassLoader.getResource`, `FileInputStream`, and `FileReader`. The query now restricts its sinks to the `path-injection` kind and deliberately excludes the new `path-injection[read]` sub-kind, matching the Zip Slip threat model of unsafe archive extraction.
+
 ## 1.11.2
 
 No user-facing changes.

java/ql/src/change-notes/released/1.11.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 1.11.3
+
+### Minor Analysis Improvements
+
 * The `java/zipslip` query no longer reports archive entry names that flow only to read-only path sinks such as `ClassLoader.getResource`, `FileInputStream`, and `FileReader`. The query now restricts its sinks to the `path-injection` kind and deliberately excludes the new `path-injection[read]` sub-kind, matching the Zip Slip threat model of unsafe archive extraction.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.11.2
+lastReleaseVersion: 1.11.3

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 1.11.3-dev
+version: 1.11.3
 groups:
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 2.7.1
+
+No user-facing changes.
+
 ## 2.7.0
 
 ### New Features

javascript/ql/lib/change-notes/released/2.7.1.md

@@ -0,0 +1,3 @@
+## 2.7.1
+
+No user-facing changes.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.7.0
+lastReleaseVersion: 2.7.1

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 2.7.1-dev
+version: 2.7.1
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 2.3.10
+
+No user-facing changes.
+
 ## 2.3.9
 
 No user-facing changes.

javascript/ql/src/change-notes/released/2.3.10.md

@@ -0,0 +1,3 @@
+## 2.3.10
+
+No user-facing changes.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.3.9
+lastReleaseVersion: 2.3.10

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 2.3.10-dev
+version: 2.3.10
 groups:
   - javascript
   - queries

misc/suite-helpers/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.0.50
+
+No user-facing changes.
+
 ## 1.0.49
 
 No user-facing changes.

misc/suite-helpers/change-notes/released/1.0.50.md

@@ -0,0 +1,3 @@
+## 1.0.50
+
+No user-facing changes.

misc/suite-helpers/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.49
+lastReleaseVersion: 1.0.50

misc/suite-helpers/qlpack.yml

@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 1.0.50-dev
+version: 1.0.50
 groups: shared
 warnOnImplicitThis: true

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 7.1.1
+
+No user-facing changes.
+
 ## 7.1.0
 
 ### New Features

python/ql/lib/change-notes/released/7.1.1.md

@@ -0,0 +1,3 @@
+## 7.1.1
+
+No user-facing changes.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.1.0
+lastReleaseVersion: 7.1.1

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 7.1.1-dev
+version: 7.1.1
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.8.3
+
+No user-facing changes.
+
 ## 1.8.2
 
 No user-facing changes.

python/ql/src/change-notes/released/1.8.3.md

@@ -0,0 +1,3 @@
+## 1.8.3
+
+No user-facing changes.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.8.2
+lastReleaseVersion: 1.8.3

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 1.8.3-dev
+version: 1.8.3
 groups:
   - python
   - queries

ruby/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 5.2.1
+
+No user-facing changes.
+
 ## 5.2.0
 
 ### New Features

ruby/ql/lib/change-notes/released/5.2.1.md

@@ -0,0 +1,3 @@
+## 5.2.1
+
+No user-facing changes.

ruby/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.2.0
+lastReleaseVersion: 5.2.1

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 5.2.1-dev
+version: 5.2.1
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.6.3
+
+No user-facing changes.
+
 ## 1.6.2
 
 No user-facing changes.

ruby/ql/src/change-notes/released/1.6.3.md

@@ -0,0 +1,3 @@
+## 1.6.3
+
+No user-facing changes.

ruby/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.2
+lastReleaseVersion: 1.6.3

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 1.6.3-dev
+version: 1.6.3
 groups:
   - ruby
   - queries

rust/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.2.14
+
+No user-facing changes.
+
 ## 0.2.13
 
 ### New Features

rust/ql/lib/change-notes/released/0.2.14.md

@@ -0,0 +1,3 @@
+## 0.2.14
+
+No user-facing changes.

rust/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.2.13
+lastReleaseVersion: 0.2.14

rust/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/rust-all
-version: 0.2.14-dev
+version: 0.2.14
 groups: rust
 extractor: rust
 dbscheme: rust.dbscheme

rust/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.1.35
+
+No user-facing changes.
+
 ## 0.1.34
 
 No user-facing changes.

rust/ql/src/change-notes/released/0.1.35.md

@@ -0,0 +1,3 @@
+## 0.1.35
+
+No user-facing changes.

rust/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.34
+lastReleaseVersion: 0.1.35

rust/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/rust-queries
-version: 0.1.35-dev
+version: 0.1.35
 groups:
   - rust
   - queries

shared/concepts/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.24
+
+No user-facing changes.
+
 ## 0.0.23
 
 No user-facing changes.

shared/concepts/change-notes/released/0.0.24.md

@@ -0,0 +1,3 @@
+## 0.0.24
+
+No user-facing changes.

shared/concepts/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.23
+lastReleaseVersion: 0.0.24

shared/concepts/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/concepts
-version: 0.0.24-dev
+version: 0.0.24
 groups: shared
 library: true
 dependencies:

shared/controlflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 2.0.34
+
+No user-facing changes.
+
 ## 2.0.33
 
 No user-facing changes.

shared/controlflow/change-notes/released/2.0.34.md

@@ -0,0 +1,3 @@
+## 2.0.34
+
+No user-facing changes.

shared/controlflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.0.33
+lastReleaseVersion: 2.0.34

shared/controlflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/controlflow
-version: 2.0.34-dev
+version: 2.0.34
 groups: shared
 library: true
 dependencies:

shared/dataflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 2.1.6
+
+No user-facing changes.
+
 ## 2.1.5
 
 No user-facing changes.