Release preparation for version 2.10.3

2025-12-20 10:46:30 +01:00 · 2022-08-11 11:12:15 +00:00
parent a5c0fa24d7
commit 57c4f9145b
76 changed files with 175 additions and 93 deletions
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,3 +1,17 @@
+## 0.3.2
+
+### New Queries
+
+* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error.
+
+### Major Analysis Improvements
+
+* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source.
+
+### Minor Analysis Improvements
+
+* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks.
+
 ## 0.3.1

 ## 0.3.0
--- a/java/ql/src/change-notes/2022-06-22-improper-webview-certificate-validation.md
+++ b/java/ql/src/change-notes/2022-06-22-improper-webview-certificate-validation.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error.
--- a/java/ql/src/change-notes/2022-08-03-tainted-path-mad.md
+++ b/java/ql/src/change-notes/2022-08-03-tainted-path-mad.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks.
--- a/java/ql/src/change-notes/2022-08-10-sensitive-log-dedup.md
+++ b/java/ql/src/change-notes/2022-08-10-sensitive-log-dedup.md
@@ -1,4 +0,0 @@
---
-category: majorAnalysis
---
-* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source.
--- a/java/ql/src/change-notes/released/0.3.2.md
+++ b/java/ql/src/change-notes/released/0.3.2.md
@@ -0,0 +1,13 @@
+## 0.3.2
+
+### New Queries
+
+* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error.
+
+### Major Analysis Improvements
+
+* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source.
+
+### Minor Analysis Improvements
+
+* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks.
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.3.2-dev
+version: 0.3.2
 groups: 
  - java
  - queries