Release preparation for version 2.10.3

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,15 @@
+## 0.3.3
+
+### New Features
+
+* Added a predicate `getValueConstant` to `AttributeArgument` that yields the argument value as an `Expr` when the value is a constant expression.
+* A new class predicate `MustFlowConfiguration::allowInterproceduralFlow` has been added to the `semmle.code.cpp.ir.dataflow.MustFlow` library. The new predicate can be overridden to disable interprocedural flow.
+* Added subclasses of `BuiltInOperations` for `__builtin_bit_cast`, `__builtin_shuffle`, `__has_unique_object_representations`, `__is_aggregate`, and `__is_assignable`.
+
+### Major Analysis Improvements
+
+* The IR dataflow library now includes flow through global variables. This enables new findings in many scenarios.
+
 ## 0.3.2
 
 ### Bug Fixes

cpp/ql/lib/change-notes/2022-06-23-global-var-flow.md

@@ -1,4 +0,0 @@
----
-category: majorAnalysis
----
-* The IR dataflow library now includes flow through global variables. This enables new findings in many scenarios.

cpp/ql/lib/change-notes/2022-07-26-additional-builtin-support.md

@@ -1,4 +0,0 @@
----
-category: feature
----
-* Added subclasses of `BuiltInOperations` for `__builtin_bit_cast`, `__builtin_shuffle`, `__has_unique_object_representations`, `__is_aggregate`, and `__is_assignable`.

cpp/ql/lib/change-notes/2022-08-02-must-flow-local-only-flow.md

@@ -1,4 +0,0 @@
----
-category: feature
----
-* A new class predicate `MustFlowConfiguration::allowInterproceduralFlow` has been added to the `semmle.code.cpp.ir.dataflow.MustFlow` library. The new predicate can be overridden to disable interprocedural flow.

cpp/ql/lib/change-notes/2022-08-10-constant-attribute-argument-support.md

@@ -1,4 +0,0 @@
----
-category: feature
----
-* Added a predicate `getValueConstant` to `AttributeArgument` that yields the argument value as an `Expr` when the value is a constant expression.

cpp/ql/lib/change-notes/released/0.3.3.md

@@ -0,0 +1,11 @@
+## 0.3.3
+
+### New Features
+
+* Added a predicate `getValueConstant` to `AttributeArgument` that yields the argument value as an `Expr` when the value is a constant expression.
+* A new class predicate `MustFlowConfiguration::allowInterproceduralFlow` has been added to the `semmle.code.cpp.ir.dataflow.MustFlow` library. The new predicate can be overridden to disable interprocedural flow.
+* Added subclasses of `BuiltInOperations` for `__builtin_bit_cast`, `__builtin_shuffle`, `__has_unique_object_representations`, `__is_aggregate`, and `__is_assignable`.
+
+### Major Analysis Improvements
+
+* The IR dataflow library now includes flow through global variables. This enables new findings in many scenarios.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.3.3-dev
+version: 0.3.3
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.3.2
+
+### Minor Analysis Improvements
+
+* The query `cpp/bad-strncpy-size` now covers more `strncpy`-like functions than before, including `strxfrm`(`_l`), `wcsxfrm`(`_l`), and `stpncpy`. Users of this query may see an increase in results.
+
 ## 0.3.1
 
 ## 0.3.0

cpp/ql/src/change-notes/released/0.3.2.md

@@ -1,4 +1,5 @@
----
+## 0.3.2
-category: minorAnalysis
+
----
+### Minor Analysis Improvements
+
 * The query `cpp/bad-strncpy-size` now covers more `strncpy`-like functions than before, including `strxfrm`(`_l`), `wcsxfrm`(`_l`), and `stpncpy`. Users of this query may see an increase in results.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.3.2-dev
+version: 0.3.2
 groups: 
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 1.2.3
+
 ## 1.2.2
 
 ## 1.2.1

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.2.3.md

@@ -0,0 +1 @@
+## 1.2.3

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.2.2
+lastReleaseVersion: 1.2.3

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.2.3-dev
+version: 1.2.3
 groups:
     - csharp
     - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 1.2.3
+
 ## 1.2.2
 
 ## 1.2.1

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.2.3.md

@@ -0,0 +1 @@
+## 1.2.3

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.2.2
+lastReleaseVersion: 1.2.3

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.2.3-dev
+version: 1.2.3
 groups:
     - csharp
     - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 0.3.3
+
 ## 0.3.2
 
 ## 0.3.1

csharp/ql/lib/change-notes/released/0.3.3.md

@@ -0,0 +1 @@
+## 0.3.3

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.3.3-dev
+version: 0.3.3
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 0.3.2
+
 ## 0.3.1
 
 ## 0.3.0

csharp/ql/src/change-notes/released/0.3.2.md

@@ -0,0 +1 @@
+## 0.3.2

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.3.2-dev
+version: 0.3.2
 groups: 
   - csharp
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 0.2.3
+
 ## 0.2.2
 
 ## 0.2.1

go/ql/lib/change-notes/released/0.2.3.md

@@ -0,0 +1 @@
+## 0.2.3

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.2.2
+lastReleaseVersion: 0.2.3

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.2.3-dev
+version: 0.2.3
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.2.3
+
+### Minor Analysis Improvements
+
+* The query `go/path-injection` no longer considers user-controlled numeric or boolean-typed data as potentially dangerous.
+
 ## 0.2.2
 
 ## 0.2.1

go/ql/src/change-notes/released/0.2.3.md

@@ -1,4 +1,5 @@
----
+## 0.2.3
-category: minorAnalysis
+
----
+### Minor Analysis Improvements
+
 * The query `go/path-injection` no longer considers user-controlled numeric or boolean-typed data as potentially dangerous.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.2.2
+lastReleaseVersion: 0.2.3

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.2.3-dev
+version: 0.2.3
 groups:
   - go
   - queries

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.3.3
+
+### Minor Analysis Improvements
+
+* Improved analysis of the Android class `AsyncTask` so that data can properly flow through its methods according to the life-cycle steps described here: https://developer.android.com/reference/android/os/AsyncTask#the-4-steps.
+* Added a data-flow model for the `setProperty` method of `java.util.Properties`. Additional results may be found where relevant data is stored in and then retrieved from a `Properties` instance.
+
 ## 0.3.2
 
 ### New Features

java/ql/lib/change-notes/2022-08-03-properties.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added a data-flow model for the `setProperty` method of `java.util.Properties`. Additional results may be found where relevant data is stored in and then retrieved from a `Properties` instance.

java/ql/lib/change-notes/2022-08-05-asynctask-improvements.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Improved analysis of the Android class `AsyncTask` so that data can properly flow through its methods according to the life-cycle steps described here: https://developer.android.com/reference/android/os/AsyncTask#the-4-steps.

java/ql/lib/change-notes/released/0.3.3.md

@@ -0,0 +1,6 @@
+## 0.3.3
+
+### Minor Analysis Improvements
+
+* Improved analysis of the Android class `AsyncTask` so that data can properly flow through its methods according to the life-cycle steps described here: https://developer.android.com/reference/android/os/AsyncTask#the-4-steps.
+* Added a data-flow model for the `setProperty` method of `java.util.Properties`. Additional results may be found where relevant data is stored in and then retrieved from a `Properties` instance.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.3.3-dev
+version: 0.3.3
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,17 @@
+## 0.3.2
+
+### New Queries
+
+* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error.
+
+### Major Analysis Improvements
+
+* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source.
+
+### Minor Analysis Improvements
+
+* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks.
+
 ## 0.3.1
 
 ## 0.3.0

java/ql/src/change-notes/2022-06-22-improper-webview-certificate-validation.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error.

java/ql/src/change-notes/2022-08-03-tainted-path-mad.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks.

java/ql/src/change-notes/2022-08-10-sensitive-log-dedup.md

@@ -1,4 +0,0 @@
----
-category: majorAnalysis
----
-* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source.

java/ql/src/change-notes/released/0.3.2.md

@@ -0,0 +1,13 @@
+## 0.3.2
+
+### New Queries
+
+* A new query "Android `WebView` that accepts all certificates" (`java/improper-webview-certificate-validation`) has been added. This query finds implementations of `WebViewClient`s that accept all certificates in the case of an SSL error.
+
+### Major Analysis Improvements
+
+* The query `java/sensitive-log` has been improved to no longer report results that are effectively duplicates due to one source flowing to another source.
+
+### Minor Analysis Improvements
+
+* The query `java/path-injection` now recognises vulnerable APIs defined using the `SinkModelCsv` class with the `create-file` type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.3.2-dev
+version: 0.3.2
 groups: 
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 0.2.3
+
 ## 0.2.2
 
 ## 0.2.1

javascript/ql/lib/change-notes/released/0.2.3.md

@@ -0,0 +1 @@
+## 0.2.3

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.2.2
+lastReleaseVersion: 0.2.3

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.2.3-dev
+version: 0.2.3
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 0.3.2
+
 ## 0.3.1
 
 ### New Queries

javascript/ql/src/change-notes/released/0.3.2.md

@@ -0,0 +1 @@
+## 0.3.2

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.3.2-dev
+version: 0.3.2
 groups: 
   - javascript
   - queries

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.5.3
+
+### Minor Analysis Improvements
+
+* Change `.getASubclass()` on `API::Node` so it allows to follow subclasses even if the class has a class decorator.
+
 ## 0.5.2
 
 ## 0.5.1

python/ql/lib/change-notes/released/0.5.3.md

@@ -1,4 +1,5 @@
----
+## 0.5.3
-category: minorAnalysis
+
----
+### Minor Analysis Improvements
+
 * Change `.getASubclass()` on `API::Node` so it allows to follow subclasses even if the class has a class decorator.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.2
+lastReleaseVersion: 0.5.3

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.5.3-dev
+version: 0.5.3
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 0.4.1
+
 ## 0.4.0
 
 ### Breaking Changes

python/ql/src/change-notes/released/0.4.1.md

@@ -0,0 +1 @@
+## 0.4.1

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.0
+lastReleaseVersion: 0.4.1

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.4.1-dev
+version: 0.4.1
 groups: 
   - python
   - queries

ruby/ql/lib/CHANGELOG.md

@@ -1,3 +1,15 @@
+## 0.3.3
+
+### Minor Analysis Improvements
+
+* Calls to methods generated by ActiveRecord associations are now recognised as
+  instantiations of ActiveRecord objects. This increases the sensitivity of
+  queries such as `rb/sql-injection` and `rb/stored-xss`.
+* Calls to `ActiveRecord::Base.create` and `ActiveRecord::Base.update` are now
+  recognised as write accesses.
+* Arguments to `Mime::Type#match?` and `Mime::Type#=~` are now recognised as
+  regular expression sources.
+
 ## 0.3.2
 
 ### Minor Analysis Improvements

ruby/ql/lib/change-notes/2022-08-04-active-record-writes.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* Calls to `ActiveRecord::Base.create` and `ActiveRecord::Base.update` are now
-  recognised as write accesses.

ruby/ql/lib/change-notes/2022-08-04-mime-type.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* Arguments to `Mime::Type#match?` and `Mime::Type#=~` are now recognised as
-  regular expression sources.

ruby/ql/lib/change-notes/2022-08-05-active-record-associations.md

@@ -1,6 +0,0 @@
----
-category: minorAnalysis
----
-* Calls to methods generated by ActiveRecord associations are now recognised as
-  instantiations of ActiveRecord objects. This increases the sensitivity of
-  queries such as `rb/sql-injection` and `rb/stored-xss`.

ruby/ql/lib/change-notes/released/0.3.3.md

@@ -0,0 +1,11 @@
+## 0.3.3
+
+### Minor Analysis Improvements
+
+* Calls to methods generated by ActiveRecord associations are now recognised as
+  instantiations of ActiveRecord objects. This increases the sensitivity of
+  queries such as `rb/sql-injection` and `rb/stored-xss`.
+* Calls to `ActiveRecord::Base.create` and `ActiveRecord::Base.update` are now
+  recognised as write accesses.
+* Arguments to `Mime::Type#match?` and `Mime::Type#=~` are now recognised as
+  regular expression sources.

ruby/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.3.3-dev
+version: 0.3.3
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 0.3.2
+
 ## 0.3.1
 
 ### New Queries

ruby/ql/src/change-notes/released/0.3.2.md

@@ -0,0 +1 @@
+## 0.3.2

ruby/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.3.2-dev
+version: 0.3.2
 groups: 
   - ruby
   - queries