From 57c4f9145be0235a80e24b63b2a6405d12fa027c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 11 Aug 2022 11:12:15 +0000 Subject: [PATCH] Release preparation for version 2.10.3 --- cpp/ql/lib/CHANGELOG.md | 12 ++++++++++++ .../lib/change-notes/2022-06-23-global-var-flow.md | 4 ---- .../2022-07-26-additional-builtin-support.md | 4 ---- .../2022-08-02-must-flow-local-only-flow.md | 4 ---- ...22-08-10-constant-attribute-argument-support.md | 4 ---- cpp/ql/lib/change-notes/released/0.3.3.md | 11 +++++++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 6 ++++++ .../0.3.2.md} | 7 ++++--- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 2 ++ .../Solorigate/lib/change-notes/released/1.2.3.md | 1 + .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 2 ++ .../Solorigate/src/change-notes/released/1.2.3.md | 1 + .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 2 ++ csharp/ql/lib/change-notes/released/0.3.3.md | 1 + csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 2 ++ csharp/ql/src/change-notes/released/0.3.2.md | 1 + csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 2 ++ go/ql/lib/change-notes/released/0.2.3.md | 1 + go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 6 ++++++ .../0.2.3.md} | 7 ++++--- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 7 +++++++ java/ql/lib/change-notes/2022-08-03-properties.md | 4 ---- .../2022-08-05-asynctask-improvements.md | 4 ---- java/ql/lib/change-notes/released/0.3.3.md | 6 ++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 14 ++++++++++++++ ...6-22-improper-webview-certificate-validation.md | 4 ---- .../change-notes/2022-08-03-tainted-path-mad.md | 4 ---- .../change-notes/2022-08-10-sensitive-log-dedup.md | 4 ---- java/ql/src/change-notes/released/0.3.2.md | 13 +++++++++++++ java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 2 ++ javascript/ql/lib/change-notes/released/0.2.3.md | 1 + javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 2 ++ javascript/ql/src/change-notes/released/0.3.2.md | 1 + javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 6 ++++++ .../0.5.3.md} | 7 ++++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 2 ++ python/ql/src/change-notes/released/0.4.1.md | 1 + python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 12 ++++++++++++ .../2022-08-04-active-record-writes.md | 5 ----- ruby/ql/lib/change-notes/2022-08-04-mime-type.md | 5 ----- .../2022-08-05-active-record-associations.md | 6 ------ ruby/ql/lib/change-notes/released/0.3.3.md | 11 +++++++++++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 2 ++ ruby/ql/src/change-notes/released/0.3.2.md | 1 + ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- 76 files changed, 175 insertions(+), 93 deletions(-) delete mode 100644 cpp/ql/lib/change-notes/2022-06-23-global-var-flow.md delete mode 100644 cpp/ql/lib/change-notes/2022-07-26-additional-builtin-support.md delete mode 100644 cpp/ql/lib/change-notes/2022-08-02-must-flow-local-only-flow.md delete mode 100644 cpp/ql/lib/change-notes/2022-08-10-constant-attribute-argument-support.md create mode 100644 cpp/ql/lib/change-notes/released/0.3.3.md rename cpp/ql/src/change-notes/{2021-08-10-use-strcpyfunction-in-bad-strncpy-size.md => released/0.3.2.md} (82%) create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.2.3.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.2.3.md create mode 100644 csharp/ql/lib/change-notes/released/0.3.3.md create mode 100644 csharp/ql/src/change-notes/released/0.3.2.md create mode 100644 go/ql/lib/change-notes/released/0.2.3.md rename go/ql/src/change-notes/{2022-08-02-path-injection-sanitizer.md => released/0.2.3.md} (74%) delete mode 100644 java/ql/lib/change-notes/2022-08-03-properties.md delete mode 100644 java/ql/lib/change-notes/2022-08-05-asynctask-improvements.md create mode 100644 java/ql/lib/change-notes/released/0.3.3.md delete mode 100644 java/ql/src/change-notes/2022-06-22-improper-webview-certificate-validation.md delete mode 100644 java/ql/src/change-notes/2022-08-03-tainted-path-mad.md delete mode 100644 java/ql/src/change-notes/2022-08-10-sensitive-log-dedup.md create mode 100644 java/ql/src/change-notes/released/0.3.2.md create mode 100644 javascript/ql/lib/change-notes/released/0.2.3.md create mode 100644 javascript/ql/src/change-notes/released/0.3.2.md rename python/ql/lib/change-notes/{2022-06-15-class-decorator-api-subclass.md => released/0.5.3.md} (73%) create mode 100644 python/ql/src/change-notes/released/0.4.1.md delete mode 100644 ruby/ql/lib/change-notes/2022-08-04-active-record-writes.md delete mode 100644 ruby/ql/lib/change-notes/2022-08-04-mime-type.md delete mode 100644 ruby/ql/lib/change-notes/2022-08-05-active-record-associations.md create mode 100644 ruby/ql/lib/change-notes/released/0.3.3.md create mode 100644 ruby/ql/src/change-notes/released/0.3.2.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 9b4761ec2ce..6f20ab41c69 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,15 @@ +## 0.3.3 + +### New Features + +* Added a predicate `getValueConstant` to `AttributeArgument` that yields the argument value as an `Expr` when the value is a constant expression. +* A new class predicate `MustFlowConfiguration::allowInterproceduralFlow` has been added to the `semmle.code.cpp.ir.dataflow.MustFlow` library. The new predicate can be overridden to disable interprocedural flow. +* Added subclasses of `BuiltInOperations` for `__builtin_bit_cast`, `__builtin_shuffle`, `__has_unique_object_representations`, `__is_aggregate`, and `__is_assignable`. + +### Major Analysis Improvements + +* The IR dataflow library now includes flow through global variables. This enables new findings in many scenarios. + ## 0.3.2 ### Bug Fixes diff --git a/cpp/ql/lib/change-notes/2022-06-23-global-var-flow.md b/cpp/ql/lib/change-notes/2022-06-23-global-var-flow.md deleted file mode 100644 index ce931ef8de0..00000000000 --- a/cpp/ql/lib/change-notes/2022-06-23-global-var-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* The IR dataflow library now includes flow through global variables. This enables new findings in many scenarios. diff --git a/cpp/ql/lib/change-notes/2022-07-26-additional-builtin-support.md b/cpp/ql/lib/change-notes/2022-07-26-additional-builtin-support.md deleted file mode 100644 index 2e4d7db69a5..00000000000 --- a/cpp/ql/lib/change-notes/2022-07-26-additional-builtin-support.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added subclasses of `BuiltInOperations` for `__builtin_bit_cast`, `__builtin_shuffle`, `__has_unique_object_representations`, `__is_aggregate`, and `__is_assignable`. diff --git a/cpp/ql/lib/change-notes/2022-08-02-must-flow-local-only-flow.md b/cpp/ql/lib/change-notes/2022-08-02-must-flow-local-only-flow.md deleted file mode 100644 index 820822a5396..00000000000 --- a/cpp/ql/lib/change-notes/2022-08-02-must-flow-local-only-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new class predicate `MustFlowConfiguration::allowInterproceduralFlow` has been added to the `semmle.code.cpp.ir.dataflow.MustFlow` library. The new predicate can be overridden to disable interprocedural flow. diff --git a/cpp/ql/lib/change-notes/2022-08-10-constant-attribute-argument-support.md b/cpp/ql/lib/change-notes/2022-08-10-constant-attribute-argument-support.md deleted file mode 100644 index 056190026a8..00000000000 --- a/cpp/ql/lib/change-notes/2022-08-10-constant-attribute-argument-support.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added a predicate `getValueConstant` to `AttributeArgument` that yields the argument value as an `Expr` when the value is a constant expression. diff --git a/cpp/ql/lib/change-notes/released/0.3.3.md b/cpp/ql/lib/change-notes/released/0.3.3.md new file mode 100644 index 00000000000..9a459eb7f3b --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.3.3.md @@ -0,0 +1,11 @@ +## 0.3.3 + +### New Features + +* Added a predicate `getValueConstant` to `AttributeArgument` that yields the argument value as an `Expr` when the value is a constant expression. +* A new class predicate `MustFlowConfiguration::allowInterproceduralFlow` has been added to the `semmle.code.cpp.ir.dataflow.MustFlow` library. The new predicate can be overridden to disable interprocedural flow. +* Added subclasses of `BuiltInOperations` for `__builtin_bit_cast`, `__builtin_shuffle`, `__has_unique_object_representations`, `__is_aggregate`, and `__is_assignable`. + +### Major Analysis Improvements + +* The IR dataflow library now includes flow through global variables. This enables new findings in many scenarios. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 18c64250f42..9da182d3394 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.2 +lastReleaseVersion: 0.3.3 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 06e68dba48c..656023c0b12 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.3.3-dev +version: 0.3.3 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index ae7e4f7151b..773bb1be347 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.3.2 + +### Minor Analysis Improvements + +* The query `cpp/bad-strncpy-size` now covers more `strncpy`-like functions than before, including `strxfrm`(`_l`), `wcsxfrm`(`_l`), and `stpncpy`. Users of this query may see an increase in results. + ## 0.3.1 ## 0.3.0 diff --git a/cpp/ql/src/change-notes/2021-08-10-use-strcpyfunction-in-bad-strncpy-size.md b/cpp/ql/src/change-notes/released/0.3.2.md similarity index 82% rename from cpp/ql/src/change-notes/2021-08-10-use-strcpyfunction-in-bad-strncpy-size.md rename to cpp/ql/src/change-notes/released/0.3.2.md index 3468fec4c8d..1b02e1445e3 100644 --- a/cpp/ql/src/change-notes/2021-08-10-use-strcpyfunction-in-bad-strncpy-size.md +++ b/cpp/ql/src/change-notes/released/0.3.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.3.2 + +### Minor Analysis Improvements + * The query `cpp/bad-strncpy-size` now covers more `strncpy`-like functions than before, including `strxfrm`(`_l`), `wcsxfrm`(`_l`), and `stpncpy`. Users of this query may see an increase in results. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index bb106b1cb63..18c64250f42 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.1 +lastReleaseVersion: 0.3.2 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 03b90cb3668..c907b87c8b9 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.3.2-dev +version: 0.3.2 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 0efa6239b0f..e6a2f6edefc 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 1.2.3 + ## 1.2.2 ## 1.2.1 diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.2.3.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.2.3.md new file mode 100644 index 00000000000..dec11cbd564 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.2.3.md @@ -0,0 +1 @@ +## 1.2.3 diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 0a70a9a01a7..09a7400b594 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.2 +lastReleaseVersion: 1.2.3 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 78cc75ede63..6ede4a3d983 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.2.3-dev +version: 1.2.3 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 0efa6239b0f..e6a2f6edefc 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 1.2.3 + ## 1.2.2 ## 1.2.1 diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.2.3.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.2.3.md new file mode 100644 index 00000000000..dec11cbd564 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.2.3.md @@ -0,0 +1 @@ +## 1.2.3 diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 0a70a9a01a7..09a7400b594 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.2 +lastReleaseVersion: 1.2.3 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index fced50b6ef4..5e6dc3d4ff0 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.2.3-dev +version: 1.2.3 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 5ea16d73e48..ba78aa63788 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.3.3 + ## 0.3.2 ## 0.3.1 diff --git a/csharp/ql/lib/change-notes/released/0.3.3.md b/csharp/ql/lib/change-notes/released/0.3.3.md new file mode 100644 index 00000000000..4574a88b38c --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.3.3.md @@ -0,0 +1 @@ +## 0.3.3 diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 18c64250f42..9da182d3394 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.2 +lastReleaseVersion: 0.3.3 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 8f932e28c7a..961e5db75fe 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.3.3-dev +version: 0.3.3 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index bb530ba1727..e1592a7124e 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.3.2 + ## 0.3.1 ## 0.3.0 diff --git a/csharp/ql/src/change-notes/released/0.3.2.md b/csharp/ql/src/change-notes/released/0.3.2.md new file mode 100644 index 00000000000..8309e697333 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.3.2.md @@ -0,0 +1 @@ +## 0.3.2 diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index bb106b1cb63..18c64250f42 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.1 +lastReleaseVersion: 0.3.2 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 9f59ceafaf5..9538cd7aa03 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.3.2-dev +version: 0.3.2 groups: - csharp - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index a4ead0ef794..50c3ba0c65a 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.2.3 + ## 0.2.2 ## 0.2.1 diff --git a/go/ql/lib/change-notes/released/0.2.3.md b/go/ql/lib/change-notes/released/0.2.3.md new file mode 100644 index 00000000000..b92596ffef1 --- /dev/null +++ b/go/ql/lib/change-notes/released/0.2.3.md @@ -0,0 +1 @@ +## 0.2.3 diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 16a06790aa8..0b605901b42 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.2 +lastReleaseVersion: 0.2.3 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 789f504c667..f1d2fd68248 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.2.3-dev +version: 0.2.3 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index c981e074fad..e35b76d2763 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.2.3 + +### Minor Analysis Improvements + +* The query `go/path-injection` no longer considers user-controlled numeric or boolean-typed data as potentially dangerous. + ## 0.2.2 ## 0.2.1 diff --git a/go/ql/src/change-notes/2022-08-02-path-injection-sanitizer.md b/go/ql/src/change-notes/released/0.2.3.md similarity index 74% rename from go/ql/src/change-notes/2022-08-02-path-injection-sanitizer.md rename to go/ql/src/change-notes/released/0.2.3.md index 1c45e8d14e5..11ae5a2a35e 100644 --- a/go/ql/src/change-notes/2022-08-02-path-injection-sanitizer.md +++ b/go/ql/src/change-notes/released/0.2.3.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.2.3 + +### Minor Analysis Improvements + * The query `go/path-injection` no longer considers user-controlled numeric or boolean-typed data as potentially dangerous. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 16a06790aa8..0b605901b42 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.2 +lastReleaseVersion: 0.2.3 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index b19c723b9c7..5adb9c6ff46 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.2.3-dev +version: 0.2.3 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 150a12f68fe..fbe6733c38f 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.3.3 + +### Minor Analysis Improvements + +* Improved analysis of the Android class `AsyncTask` so that data can properly flow through its methods according to the life-cycle steps described here: https://developer.android.com/reference/android/os/AsyncTask#the-4-steps. +* Added a data-flow model for the `setProperty` method of `java.util.Properties`. Additional results may be found where relevant data is stored in and then retrieved from a `Properties` instance. + ## 0.3.2 ### New Features diff --git a/java/ql/lib/change-notes/2022-08-03-properties.md b/java/ql/lib/change-notes/2022-08-03-properties.md deleted file mode 100644 index c9626ba2bf9..00000000000 --- a/java/ql/lib/change-notes/2022-08-03-properties.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a data-flow model for the `setProperty` method of `java.util.Properties`. Additional results may be found where relevant data is stored in and then retrieved from a `Properties` instance. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2022-08-05-asynctask-improvements.md b/java/ql/lib/change-notes/2022-08-05-asynctask-improvements.md deleted file mode 100644 index 95c8438b324..00000000000 --- a/java/ql/lib/change-notes/2022-08-05-asynctask-improvements.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved analysis of the Android class `AsyncTask` so that data can properly flow through its methods according to the life-cycle steps described here: https://developer.android.com/reference/android/os/AsyncTask#the-4-steps. \ No newline at end of file diff --git a/java/ql/lib/change-notes/released/0.3.3.md b/java/ql/lib/change-notes/released/0.3.3.md new file mode 100644 index 00000000000..ec467c367d6 --- /dev/null +++ b/java/ql/lib/change-notes/released/0.3.3.md @@ -0,0 +1,6 @@ +## 0.3.3 + +### Minor Analysis Improvements + +* Improved analysis of the Android class `AsyncTask` so that data can properly flow through its methods according to the life-cycle steps described here: https://developer.android.com/reference/android/os/AsyncTask#the-4-steps. +* Added a data-flow model for the `setProperty` method of `java.util.Properties`. Additional results may be found where relevant data is stored in and then retrieved from a `Properties` instance. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 18c64250f42..9da182d3394 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.2 +lastReleaseVersion: 0.3.3 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 5fe704a4f35..b84086bfb00 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.3.3-dev +version: 0.3.3 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 33ae45fbb9f..1132417ac27 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,17 @@ +## 0.3.2 + +### New Queries + +* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error. + +### Major Analysis Improvements + +* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source. + +### Minor Analysis Improvements + +* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks. + ## 0.3.1 ## 0.3.0 diff --git a/java/ql/src/change-notes/2022-06-22-improper-webview-certificate-validation.md b/java/ql/src/change-notes/2022-06-22-improper-webview-certificate-validation.md deleted file mode 100644 index 3e80487d772..00000000000 --- a/java/ql/src/change-notes/2022-06-22-improper-webview-certificate-validation.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error. \ No newline at end of file diff --git a/java/ql/src/change-notes/2022-08-03-tainted-path-mad.md b/java/ql/src/change-notes/2022-08-03-tainted-path-mad.md deleted file mode 100644 index 6f70a8f69e1..00000000000 --- a/java/ql/src/change-notes/2022-08-03-tainted-path-mad.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks. diff --git a/java/ql/src/change-notes/2022-08-10-sensitive-log-dedup.md b/java/ql/src/change-notes/2022-08-10-sensitive-log-dedup.md deleted file mode 100644 index b8fe317f98d..00000000000 --- a/java/ql/src/change-notes/2022-08-10-sensitive-log-dedup.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source. diff --git a/java/ql/src/change-notes/released/0.3.2.md b/java/ql/src/change-notes/released/0.3.2.md new file mode 100644 index 00000000000..3e2fc491a1d --- /dev/null +++ b/java/ql/src/change-notes/released/0.3.2.md @@ -0,0 +1,13 @@ +## 0.3.2 + +### New Queries + +* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error. + +### Major Analysis Improvements + +* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source. + +### Minor Analysis Improvements + +* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index bb106b1cb63..18c64250f42 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.1 +lastReleaseVersion: 0.3.2 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 8c0538014c1..7702f0d5391 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.3.2-dev +version: 0.3.2 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 6f359e0ac85..77feb5a9851 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.2.3 + ## 0.2.2 ## 0.2.1 diff --git a/javascript/ql/lib/change-notes/released/0.2.3.md b/javascript/ql/lib/change-notes/released/0.2.3.md new file mode 100644 index 00000000000..b92596ffef1 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.2.3.md @@ -0,0 +1 @@ +## 0.2.3 diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 16a06790aa8..0b605901b42 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.2 +lastReleaseVersion: 0.2.3 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index e559e82a56a..b66aff31f3b 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.2.3-dev +version: 0.2.3 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 00016a45458..440bbc9357f 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.3.2 + ## 0.3.1 ### New Queries diff --git a/javascript/ql/src/change-notes/released/0.3.2.md b/javascript/ql/src/change-notes/released/0.3.2.md new file mode 100644 index 00000000000..8309e697333 --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.3.2.md @@ -0,0 +1 @@ +## 0.3.2 diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index bb106b1cb63..18c64250f42 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.1 +lastReleaseVersion: 0.3.2 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 9852441a368..89ed52a7109 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.3.2-dev +version: 0.3.2 groups: - javascript - queries diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index b57f612b336..d02b6c0dd19 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.5.3 + +### Minor Analysis Improvements + +* Change `.getASubclass()` on `API::Node` so it allows to follow subclasses even if the class has a class decorator. + ## 0.5.2 ## 0.5.1 diff --git a/python/ql/lib/change-notes/2022-06-15-class-decorator-api-subclass.md b/python/ql/lib/change-notes/released/0.5.3.md similarity index 73% rename from python/ql/lib/change-notes/2022-06-15-class-decorator-api-subclass.md rename to python/ql/lib/change-notes/released/0.5.3.md index 04beefb14b6..c5387780d5c 100644 --- a/python/ql/lib/change-notes/2022-06-15-class-decorator-api-subclass.md +++ b/python/ql/lib/change-notes/released/0.5.3.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.5.3 + +### Minor Analysis Improvements + * Change `.getASubclass()` on `API::Node` so it allows to follow subclasses even if the class has a class decorator. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 2d9d3f587f8..2164e038a5d 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 20d79f44e49..6f181ad34a8 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.5.3-dev +version: 0.5.3 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 8fdacb47f64..7aa1b67b230 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.4.1 + ## 0.4.0 ### Breaking Changes diff --git a/python/ql/src/change-notes/released/0.4.1.md b/python/ql/src/change-notes/released/0.4.1.md new file mode 100644 index 00000000000..8c948e67f6d --- /dev/null +++ b/python/ql/src/change-notes/released/0.4.1.md @@ -0,0 +1 @@ +## 0.4.1 diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 75227225c64..9e45d5f1001 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.4.1-dev +version: 0.4.1 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 09d016efb49..681976087cd 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,15 @@ +## 0.3.3 + +### Minor Analysis Improvements + +* Calls to methods generated by ActiveRecord associations are now recognised as + instantiations of ActiveRecord objects. This increases the sensitivity of + queries such as `rb/sql-injection` and `rb/stored-xss`. +* Calls to `ActiveRecord::Base.create` and `ActiveRecord::Base.update` are now + recognised as write accesses. +* Arguments to `Mime::Type#match?` and `Mime::Type#=~` are now recognised as + regular expression sources. + ## 0.3.2 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2022-08-04-active-record-writes.md b/ruby/ql/lib/change-notes/2022-08-04-active-record-writes.md deleted file mode 100644 index b2b4d0bc2ad..00000000000 --- a/ruby/ql/lib/change-notes/2022-08-04-active-record-writes.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `ActiveRecord::Base.create` and `ActiveRecord::Base.update` are now - recognised as write accesses. diff --git a/ruby/ql/lib/change-notes/2022-08-04-mime-type.md b/ruby/ql/lib/change-notes/2022-08-04-mime-type.md deleted file mode 100644 index 033e8ed626c..00000000000 --- a/ruby/ql/lib/change-notes/2022-08-04-mime-type.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Arguments to `Mime::Type#match?` and `Mime::Type#=~` are now recognised as - regular expression sources. diff --git a/ruby/ql/lib/change-notes/2022-08-05-active-record-associations.md b/ruby/ql/lib/change-notes/2022-08-05-active-record-associations.md deleted file mode 100644 index 9fa4d0a6cd5..00000000000 --- a/ruby/ql/lib/change-notes/2022-08-05-active-record-associations.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to methods generated by ActiveRecord associations are now recognised as - instantiations of ActiveRecord objects. This increases the sensitivity of - queries such as `rb/sql-injection` and `rb/stored-xss`. diff --git a/ruby/ql/lib/change-notes/released/0.3.3.md b/ruby/ql/lib/change-notes/released/0.3.3.md new file mode 100644 index 00000000000..163a2bfdadc --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.3.3.md @@ -0,0 +1,11 @@ +## 0.3.3 + +### Minor Analysis Improvements + +* Calls to methods generated by ActiveRecord associations are now recognised as + instantiations of ActiveRecord objects. This increases the sensitivity of + queries such as `rb/sql-injection` and `rb/stored-xss`. +* Calls to `ActiveRecord::Base.create` and `ActiveRecord::Base.update` are now + recognised as write accesses. +* Arguments to `Mime::Type#match?` and `Mime::Type#=~` are now recognised as + regular expression sources. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 18c64250f42..9da182d3394 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.2 +lastReleaseVersion: 0.3.3 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 5a763d9c3dd..e2373ffff74 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.3.3-dev +version: 0.3.3 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 9aeec45dc3f..6dc30a08e3d 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,5 @@ +## 0.3.2 + ## 0.3.1 ### New Queries diff --git a/ruby/ql/src/change-notes/released/0.3.2.md b/ruby/ql/src/change-notes/released/0.3.2.md new file mode 100644 index 00000000000..8309e697333 --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.3.2.md @@ -0,0 +1 @@ +## 0.3.2 diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index bb106b1cb63..18c64250f42 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.1 +lastReleaseVersion: 0.3.2 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index b713a6c49e3..c8f7fdc64f4 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.3.2-dev +version: 0.3.2 groups: - ruby - queries