mirror of
https://github.com/github/codeql.git
synced 2026-04-21 06:55:31 +02:00
Merge pull request #17041 from github/post-release-prep/codeql-cli-2.18.1
Post-release preparation for codeql-cli-2.18.1
This commit is contained in:
@@ -1,3 +1,7 @@
|
||||
## 1.0.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
java/ql/automodel/src/change-notes/released/1.0.4.md
Normal file
3
java/ql/automodel/src/change-notes/released/1.0.4.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.0.4
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.3
|
||||
lastReleaseVersion: 1.0.4
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-automodel-queries
|
||||
version: 1.0.4-dev
|
||||
version: 1.0.5-dev
|
||||
groups:
|
||||
- java
|
||||
- automodel
|
||||
|
||||
@@ -1,3 +1,24 @@
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable.
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* Kotlin support is now out of beta, and generally available
|
||||
* Kotlin versions up to 2.0.2*x* are now supported.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added a path-injection sink for `hudson.FilePath.exists()`.
|
||||
* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`.
|
||||
* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.
|
||||
|
||||
## 1.1.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Kotlin versions up to 2.0.2\ *x* are now supported.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a path-injection sink for `hudson.FilePath.exists()`.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Kotlin support is now out of beta, and generally available
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`.
|
||||
20
java/ql/lib/change-notes/released/2.0.0.md
Normal file
20
java/ql/lib/change-notes/released/2.0.0.md
Normal file
@@ -0,0 +1,20 @@
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable.
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* Kotlin support is now out of beta, and generally available
|
||||
* Kotlin versions up to 2.0.2*x* are now supported.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added a path-injection sink for `hudson.FilePath.exists()`.
|
||||
* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`.
|
||||
* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.1.2
|
||||
lastReleaseVersion: 2.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 1.1.3-dev
|
||||
version: 2.0.1-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 1.1.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The heuristic to enable certain Android queries has been improved. Now it ignores Android Manifests which don't define an activity, content provider or service. We also only consider files which are under a folder containing such an Android Manifest for these queries. This should remove some false positive alerts.
|
||||
|
||||
## 1.1.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 1.1.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The heuristic to enable certain Android queries has been improved. Now it ignores Android Manifests which don't define an activity, content provider or service. We also only consider files which are under a folder containing such an Android Manifest for these queries. This should remove some false positive alerts.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.1.0
|
||||
lastReleaseVersion: 1.1.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 1.1.1-dev
|
||||
version: 1.1.2-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
Reference in New Issue
Block a user