mirror of
https://github.com/github/codeql.git
synced 2026-02-12 05:01:06 +01:00
Merge pull request #21245 from github/release-prep/2.24.1
Release preparation for version 2.24.1
This commit is contained in:
Henry Mercer
@@ -1,3 +1,9 @@
|
||||
## 0.4.27
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed a crash when analysing a `${{ ... }}` expression over around 300 characters in length.
|
||||
|
||||
## 0.4.26
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
## 0.4.27
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed a crash when analysing a `${{ ... }}` expression over around 300 characters in length.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.4.26
|
||||
lastReleaseVersion: 0.4.27
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-all
|
||||
version: 0.4.27-dev
|
||||
version: 0.4.27
|
||||
library: true
|
||||
warnOnImplicitThis: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.6.19
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.6.18
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
actions/ql/src/change-notes/released/0.6.19.md
Normal file
3
actions/ql/src/change-notes/released/0.6.19.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.6.19
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.6.18
|
||||
lastReleaseVersion: 0.6.19
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-queries
|
||||
version: 0.6.19-dev
|
||||
version: 0.6.19
|
||||
library: false
|
||||
warnOnImplicitThis: true
|
||||
groups: [actions, queries]
|
||||
|
||||
@@ -1,3 +1,21 @@
|
||||
## 7.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a subclass `Embed` of `PreprocessorDirective` for C23 and C++26 `#embed` preprocessor directives.
|
||||
* Added modules `DataFlow::ParameterizedBarrierGuard` and `DataFlow::ParameterizedInstructionBarrierGuard`. These modules provide the same features as `DataFlow::BarrierGuard` and `DataFlow::InstructionBarrierGuard`, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases.
|
||||
* Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions.
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed a bug in the `GuardCondition` library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using `GuardCondition` may see improved results.
|
||||
* Fixed a bug which caused `Node.asDefinition()` to not have a result for certain assignments.
|
||||
|
||||
## 7.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a subclass `Embed` of `PreprocessorDirective` for C23 and C++26 `#embed` preprocessor directives.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added modules `DataFlow::ParameterizedBarrierGuard` and `DataFlow::ParameterizedInstructionBarrierGuard`. These modules provide the same features as `DataFlow::BarrierGuard` and `DataFlow::InstructionBarrierGuard`, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed a bug which caused `Node.asDefinition()` to not have a result for certain assignments.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed a bug in the `GuardCondition` library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using `GuardCondition` may see improved results.
|
||||
17
cpp/ql/lib/change-notes/released/7.1.0.md
Normal file
17
cpp/ql/lib/change-notes/released/7.1.0.md
Normal file
@@ -0,0 +1,17 @@
|
||||
## 7.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a subclass `Embed` of `PreprocessorDirective` for C23 and C++26 `#embed` preprocessor directives.
|
||||
* Added modules `DataFlow::ParameterizedBarrierGuard` and `DataFlow::ParameterizedInstructionBarrierGuard`. These modules provide the same features as `DataFlow::BarrierGuard` and `DataFlow::InstructionBarrierGuard`, but allow for an additional parameter to support properly using them in dataflow configurations that uses flow states.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases.
|
||||
* Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions.
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed a bug in the `GuardCondition` library which sometimes prevented binary logical operators from being recognized as guard conditions. As a result, queries using `GuardCondition` may see improved results.
|
||||
* Fixed a bug which caused `Node.asDefinition()` to not have a result for certain assignments.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 7.0.0
|
||||
lastReleaseVersion: 7.1.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 7.0.1-dev
|
||||
version: 7.1.0
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.5.10
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.5.9
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
3
cpp/ql/src/change-notes/released/1.5.10.md
Normal file
3
cpp/ql/src/change-notes/released/1.5.10.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.5.10
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.5.9
|
||||
lastReleaseVersion: 1.5.10
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 1.5.10-dev
|
||||
version: 1.5.10
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.58
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.57
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.58
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.57
|
||||
lastReleaseVersion: 1.7.58
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.58-dev
|
||||
version: 1.7.58
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.58
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.57
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.58
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.57
|
||||
lastReleaseVersion: 1.7.58
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.58-dev
|
||||
version: 1.7.58
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
## 5.4.6
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
* C# 14: Support for null-conditional assignments (such as `c?.Prop = p`). Furthermore, the `MaybeNullExpr` class now takes null-conditional access (such as `?.`) into account when modeling potential null values.
|
||||
|
||||
## 5.4.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* C# 14: Support for null-conditional assignments (such as `c?.Prop = p`). Furthermore, the `MaybeNullExpr` class now takes null-conditional access (such as `?.`) into account when modeling potential null values.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
6
csharp/ql/lib/change-notes/released/5.4.6.md
Normal file
6
csharp/ql/lib/change-notes/released/5.4.6.md
Normal file
@@ -0,0 +1,6 @@
|
||||
## 5.4.6
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
* C# 14: Support for null-conditional assignments (such as `c?.Prop = p`). Furthermore, the `MaybeNullExpr` class now takes null-conditional access (such as `?.`) into account when modeling potential null values.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 5.4.5
|
||||
lastReleaseVersion: 5.4.6
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 5.4.6-dev
|
||||
version: 5.4.6
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.6.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.6.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
3
csharp/ql/src/change-notes/released/1.6.1.md
Normal file
3
csharp/ql/src/change-notes/released/1.6.1.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.6.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.6.0
|
||||
lastReleaseVersion: 1.6.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 1.6.1-dev
|
||||
version: 1.6.1
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.0.41
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.40
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.0.41
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.40
|
||||
lastReleaseVersion: 1.0.41
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 1.0.41-dev
|
||||
version: 1.0.41
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 6.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
|
||||
## 6.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 6.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 6.0.0
|
||||
lastReleaseVersion: 6.0.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 6.0.1-dev
|
||||
version: 6.0.1
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.5.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.5.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
go/ql/src/change-notes/released/1.5.5.md
Normal file
3
go/ql/src/change-notes/released/1.5.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.5.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.5.4
|
||||
lastReleaseVersion: 1.5.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 1.5.5-dev
|
||||
version: 1.5.5
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,24 @@
|
||||
## 8.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Support for Kotlin 1.6.x and 1.7.x series has been dropped
|
||||
|
||||
### New Features
|
||||
|
||||
* Kotlin versions up to 2.3.0\ *x* are now supported.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added support for Struts 7.x package names in the Struts framework library. The library now recognizes both the legacy `com.opensymphony.xwork2` package names (Struts 2.x-6.x) and the new `org.apache.struts2` package names (Struts 7.x+), maintaining backward compatibility while enabling analysis of code using the latest Struts versions.
|
||||
* The query `java/unreleased-lock` no longer applies to lock types with names ending in "Pool", as these typically manage a collection of resources and the `lock` and `unlock` methods typically only lock one resource at a time. This may lead to a reduction in false positives.
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
* When Maven-compatible private package registries are configured for an organisation for Default Setup, CodeQL will now configure Maven to also use these as plugin repositories. CodeQL previously already configured Maven to use them as regular package repositories. This should now allow Maven plugins to be obtained from private registries.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Kotlin: The Kotlin extractor now registers as the last IR generation extension, ensuring that code generated by other compiler plugins (such as kotlinx.serialization) is correctly captured.
|
||||
|
||||
## 7.8.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Kotlin versions up to 2.3.0\ *x* are now supported.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* Support for Kotlin 1.6.x and 1.7.x series has been dropped
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* When Maven-compatible private package registries are configured for an organisation for Default Setup, CodeQL will now configure Maven to also use these as plugin repositories. CodeQL previously already configured Maven to use them as regular package repositories. This should now allow Maven plugins to be obtained from private registries.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Kotlin: The Kotlin extractor now registers as the last IR generation extension, ensuring that code generated by other compiler plugins (such as kotlinx.serialization) is correctly captured.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added support for Struts 7.x package names in the Struts framework library. The library now recognizes both the legacy `com.opensymphony.xwork2` package names (Struts 2.x-6.x) and the new `org.apache.struts2` package names (Struts 7.x+), maintaining backward compatibility while enabling analysis of code using the latest Struts versions.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The query `java/unreleased-lock` no longer applies to lock types with names ending in "Pool", as these typically manage a collection of resources and the `lock` and `unlock` methods typically only lock one resource at a time. This may lead to a reduction in false positives.
|
||||
20
java/ql/lib/change-notes/released/8.0.0.md
Normal file
20
java/ql/lib/change-notes/released/8.0.0.md
Normal file
@@ -0,0 +1,20 @@
|
||||
## 8.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Support for Kotlin 1.6.x and 1.7.x series has been dropped
|
||||
|
||||
### New Features
|
||||
|
||||
* Kotlin versions up to 2.3.0 are now supported.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added support for Struts 7.x package names in the Struts framework library. The library now recognizes both the legacy `com.opensymphony.xwork2` package names (Struts 2.x-6.x) and the new `org.apache.struts2` package names (Struts 7.x+), maintaining backward compatibility while enabling analysis of code using the latest Struts versions.
|
||||
* The query `java/unreleased-lock` no longer applies to lock types with names ending in "Pool", as these typically manage a collection of resources and the `lock` and `unlock` methods typically only lock one resource at a time. This may lead to a reduction in false positives.
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
* When Maven-compatible private package registries are configured for an organisation for Default Setup, CodeQL will now configure Maven to also use these as plugin repositories. CodeQL previously already configured Maven to use them as regular package repositories. This should now allow Maven plugins to be obtained from private registries.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Kotlin: The Kotlin extractor now registers as the last IR generation extension, ensuring that code generated by other compiler plugins (such as kotlinx.serialization) is correctly captured.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 7.8.4
|
||||
lastReleaseVersion: 8.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 7.8.5-dev
|
||||
version: 8.0.0
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.10.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.10.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
3
java/ql/src/change-notes/released/1.10.6.md
Normal file
3
java/ql/src/change-notes/released/1.10.6.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.10.6
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.10.5
|
||||
lastReleaseVersion: 1.10.6
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 1.10.6-dev
|
||||
version: 1.10.6
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 2.6.21
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
|
||||
## 2.6.20
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 2.6.21
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.6.20
|
||||
lastReleaseVersion: 2.6.21
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 2.6.21-dev
|
||||
version: 2.6.21
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 2.3.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 2.3.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
3
javascript/ql/src/change-notes/released/2.3.1.md
Normal file
3
javascript/ql/src/change-notes/released/2.3.1.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 2.3.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.3.0
|
||||
lastReleaseVersion: 2.3.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 2.3.1-dev
|
||||
version: 2.3.1
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.0.41
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.40
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
misc/suite-helpers/change-notes/released/1.0.41.md
Normal file
3
misc/suite-helpers/change-notes/released/1.0.41.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.0.41
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.40
|
||||
lastReleaseVersion: 1.0.41
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
name: codeql/suite-helpers
|
||||
version: 1.0.41-dev
|
||||
version: 1.0.41
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
||||
@@ -1,3 +1,16 @@
|
||||
## 6.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
* It is now possible to refer to list elements in the Python models-as-data language, via the `ListElement` path.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
* Added experimental query `py/prompt-injection` to detect potential prompt injection vulnerabilities in code using LLMs.
|
||||
* Added taint flow model and type model for `agents` and `openai` modules.
|
||||
* Remote flow sources for the `websockets` package have been modeled.
|
||||
|
||||
## 6.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Remote flow sources for the `websockets` package have been modeled.
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added experimental query `py/prompt-injection` to detect potential prompt injection vulnerabilities in code using LLMs.
|
||||
* Added taint flow model and type model for `agents` and `openai` modules.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* It is now possible to refer to list elements in the Python models-as-data language, via the `ListElement` path.
|
||||
12
python/ql/lib/change-notes/released/6.1.0.md
Normal file
12
python/ql/lib/change-notes/released/6.1.0.md
Normal file
@@ -0,0 +1,12 @@
|
||||
## 6.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
* It is now possible to refer to list elements in the Python models-as-data language, via the `ListElement` path.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
* Added experimental query `py/prompt-injection` to detect potential prompt injection vulnerabilities in code using LLMs.
|
||||
* Added taint flow model and type model for `agents` and `openai` modules.
|
||||
* Remote flow sources for the `websockets` package have been modeled.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 6.0.0
|
||||
lastReleaseVersion: 6.1.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-all
|
||||
version: 6.0.1-dev
|
||||
version: 6.1.0
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
python/ql/src/change-notes/released/1.7.6.md
Normal file
3
python/ql/src/change-notes/released/1.7.6.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.7.6
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.5
|
||||
lastReleaseVersion: 1.7.6
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-queries
|
||||
version: 1.7.6-dev
|
||||
version: 1.7.6
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 5.1.9
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
|
||||
## 5.1.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 5.1.9
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 5.1.8
|
||||
lastReleaseVersion: 5.1.9
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-all
|
||||
version: 5.1.9-dev
|
||||
version: 5.1.9
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.5.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.5.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
ruby/ql/src/change-notes/released/1.5.6.md
Normal file
3
ruby/ql/src/change-notes/released/1.5.6.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.5.6
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.5.5
|
||||
lastReleaseVersion: 1.5.6
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-queries
|
||||
version: 1.5.6-dev
|
||||
version: 1.5.6
|
||||
groups:
|
||||
- ruby
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
## 0.2.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The predicate `SummarizedCallable.propagatesFlow` has been extended with the columns `Provenance p` and `boolean isExact`, and as a consequence the predicates `SummarizedCallable.hasProvenance` and `SummarizedCallable.hasExactModel` have been removed.
|
||||
* Added type inference support for the `FnMut(..) -> ..` and `Fn(..) -> ..` traits. They now work in type parameter bounds and are implemented by closures.
|
||||
|
||||
## 0.2.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
@@ -6,7 +13,7 @@
|
||||
* Renamed the `Adt` class to `TypeItem` and moved common predicates from `Struct`, `Enum`, and `Union` to `TypeItem`.
|
||||
* Added models for the Axum web application framework.
|
||||
* Reading content of a value now carries taint if the value itself is tainted. For instance, if `s` is tainted then `s.field` is also tainted. This generally improves taint flow.
|
||||
* The call graph is now more precise for calls that target a trait function with a default implemention. This reduces the number of false positives for data flow queries.
|
||||
* The call graph is now more precise for calls that target a trait function with a default implementation. This reduces the number of false positives for data flow queries.
|
||||
* Improved type inference for raw pointers (`*const` and `*mut`). This includes type inference for the raw borrow operators (`&raw const` and `&raw mut`) and dereferencing of raw pointers.
|
||||
|
||||
## 0.2.3
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user