diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 0ca4b539325..4b69a1d5b36 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,18 +1,3 @@ -## 0.12.10 - -### New Features - -* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field. -* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant. -* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant. -* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant. -* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant. -* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement. - -### Minor Analysis Improvements - -* Added destructors for temporary objects with extended lifetimes to the intermediate representation. - ## 0.12.9 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2024-03-15-switches-in-guard-conditions.md b/cpp/ql/lib/change-notes/2024-03-15-switches-in-guard-conditions.md new file mode 100644 index 00000000000..cf0b920e29d --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-03-15-switches-in-guard-conditions.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-03-19-ir-temp-extended-destructors.md b/cpp/ql/lib/change-notes/2024-03-19-ir-temp-extended-destructors.md new file mode 100644 index 00000000000..6def8303336 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-03-19-ir-temp-extended-destructors.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added destructors for temporary objects with extended lifetimes to the intermediate representation. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-03-19-predicates-for-switches-as-guards-2.md b/cpp/ql/lib/change-notes/2024-03-19-predicates-for-switches-as-guards-2.md new file mode 100644 index 00000000000..88b4048f8cd --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-03-19-predicates-for-switches-as-guards-2.md @@ -0,0 +1,5 @@ +--- +category: feature +--- +* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant. +* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-03-19-predicates-for-switches-as-guards.md b/cpp/ql/lib/change-notes/2024-03-19-predicates-for-switches-as-guards.md new file mode 100644 index 00000000000..3dde8805599 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-03-19-predicates-for-switches-as-guards.md @@ -0,0 +1,5 @@ +--- +category: feature +--- +* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant. +* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-03-26-taint-inheriting-content.md b/cpp/ql/lib/change-notes/2024-03-26-taint-inheriting-content.md new file mode 100644 index 00000000000..759386e461f --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-03-26-taint-inheriting-content.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/released/0.12.10.md b/cpp/ql/lib/change-notes/released/0.12.10.md deleted file mode 100644 index 64d91af2118..00000000000 --- a/cpp/ql/lib/change-notes/released/0.12.10.md +++ /dev/null @@ -1,14 +0,0 @@ -## 0.12.10 - -### New Features - -* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field. -* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant. -* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant. -* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant. -* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant. -* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement. - -### Minor Analysis Improvements - -* Added destructors for temporary objects with extended lifetimes to the intermediate representation. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index bd659eb114f..dce1e02b646 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.10 +lastReleaseVersion: 0.12.9 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index f8358ae72df..eebc47c089b 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.10 +version: 0.12.10-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 01ec26e694f..52c46f65267 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,19 +1,3 @@ -## 0.9.9 - -### New Queries - -* Added a new query, `cpp/type-confusion`, to detect casts to invalid types. - -### Query Metadata Changes - -* `@precision medium` metadata was added to the `cpp/boost/tls-settings-misconfiguration` and `cpp/boost/use-of-deprecated-hardcoded-security-protocol` queries, and these queries are now included in the security-extended suite. The `@name` metadata of these queries were also updated. - -### Minor Analysis Improvements - -* The "Missing return-value check for a 'scanf'-like function" query (`cpp/missing-check-scanf`) has been converted to a `path-problem` query. -* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) has been converted to a `path-problem` query. -* Added models for `GLib` allocation and deallocation functions. - ## 0.9.8 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2024-03-05-type-confusion-query.md b/cpp/ql/src/change-notes/2024-03-05-type-confusion-query.md new file mode 100644 index 00000000000..f96a4684b76 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-03-05-type-confusion-query.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `cpp/type-confusion`, to detect casts to invalid types. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2024-03-13-glib-alloc-and-dealloc.md b/cpp/ql/src/change-notes/2024-03-13-glib-alloc-and-dealloc.md new file mode 100644 index 00000000000..bc9082285d4 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-03-13-glib-alloc-and-dealloc.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added models for `GLib` allocation and deallocation functions. diff --git a/cpp/ql/src/change-notes/2024-03-18-uninitialized-local-path-problem.md b/cpp/ql/src/change-notes/2024-03-18-uninitialized-local-path-problem.md new file mode 100644 index 00000000000..14a8c2e7ce7 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-03-18-uninitialized-local-path-problem.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2024-03-20-missing-check-scanf-path-problem.md b/cpp/ql/src/change-notes/2024-03-20-missing-check-scanf-path-problem.md new file mode 100644 index 00000000000..12a185add1e --- /dev/null +++ b/cpp/ql/src/change-notes/2024-03-20-missing-check-scanf-path-problem.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Missing return-value check for a 'scanf'-like function" query (`cpp/missing-check-scanf`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2024-03-22-boost-ssl.md b/cpp/ql/src/change-notes/2024-03-22-boost-ssl.md new file mode 100644 index 00000000000..d4a4e0a7307 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-03-22-boost-ssl.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* `@precision medium` metadata was added to the `cpp/boost/tls-settings-misconfiguration` and `cpp/boost/use-of-deprecated-hardcoded-security-protocol` queries, and these queries are now included in the security-extended suite. The `@name` metadata of these queries were also updated. diff --git a/cpp/ql/src/change-notes/released/0.9.9.md b/cpp/ql/src/change-notes/released/0.9.9.md deleted file mode 100644 index 46f120c28d7..00000000000 --- a/cpp/ql/src/change-notes/released/0.9.9.md +++ /dev/null @@ -1,15 +0,0 @@ -## 0.9.9 - -### New Queries - -* Added a new query, `cpp/type-confusion`, to detect casts to invalid types. - -### Query Metadata Changes - -* `@precision medium` metadata was added to the `cpp/boost/tls-settings-misconfiguration` and `cpp/boost/use-of-deprecated-hardcoded-security-protocol` queries, and these queries are now included in the security-extended suite. The `@name` metadata of these queries were also updated. - -### Minor Analysis Improvements - -* The "Missing return-value check for a 'scanf'-like function" query (`cpp/missing-check-scanf`) has been converted to a `path-problem` query. -* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) has been converted to a `path-problem` query. -* Added models for `GLib` allocation and deallocation functions. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index aabed7c396b..9ca6c6f2678 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.9 +lastReleaseVersion: 0.9.8 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 5d9a5252c00..ce202c1b85d 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.9 +version: 0.9.9-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 50143af24fb..bea6df22685 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.13 - -No user-facing changes. - ## 1.7.12 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.13.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.13.md deleted file mode 100644 index e2656ce672c..00000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.13 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index e5f93542dfc..6d169efe920 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.13 +lastReleaseVersion: 1.7.12 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index f12c8e2c95e..f3bf8992f7d 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.13 +version: 1.7.13-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 50143af24fb..bea6df22685 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.13 - -No user-facing changes. - ## 1.7.12 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.13.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.13.md deleted file mode 100644 index e2656ce672c..00000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.13 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index e5f93542dfc..6d169efe920 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.13 +lastReleaseVersion: 1.7.12 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 74444203f84..a732080cfb4 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.13 +version: 1.7.13-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 27133addc5c..37d2c804be8 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,21 +1,3 @@ -## 0.9.0 - -### Breaking Changes - -* The CIL extractor has been deleted and the corresponding extractor option `cil` has been removed. It is no longer possible to do CIL extraction. -* The QL library C# classes no longer extend their corresponding `DotNet` classes. Furthermore, CIL related data flow functionality has been deleted and all `DotNet` and `CIL` related classes have been deprecated. This effectively means that it no longer has any effect to enable CIL extraction. - -### Minor Analysis Improvements - -* Added new source models for the `Dapper` package. These models can be enabled by enabling the `database` threat model. -* Additional models have been added for `System.IO`. These are primarily source models with the `file` threat model, and summaries related to reading from a file or stream. -* Support for C# 12 / .NET8. -* Added the `windows-registry` source kind and threat model to represent values which come from the registry on Windows. -* The models for `System.Net.Http.HttpRequestMessage` have been modified to better model the flow of tainted URIs. -* The .NET standard libraries APIs for accessing command line arguments and environment variables have been modeled using the `commandargs` and `environment` threat models. -* The `cs/assembly-path-injection` query has been modified so that it's sources rely on `ThreatModelFlowSource`. In order to restore results from command line arguments, you should enable the `commandargs` threat model. -* The models for `System.IO.TextReader` have been modified to better model the flow of tainted text from a `TextReader`. - ## 0.8.12 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/2024-03-04-deprecate-dotnet-and-cil.md b/csharp/ql/lib/change-notes/2024-03-04-deprecate-dotnet-and-cil.md new file mode 100644 index 00000000000..fea31bb8bbb --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-04-deprecate-dotnet-and-cil.md @@ -0,0 +1,4 @@ +--- +category: breaking +--- +* The QL library C# classes no longer extend their corresponding `DotNet` classes. Furthermore, CIL related data flow functionality has been deleted and all `DotNet` and `CIL` related classes have been deprecated. This effectively means that it no longer has any effect to enable CIL extraction. diff --git a/csharp/ql/lib/change-notes/2024-03-04-fixed-system.io.textreader-models.md b/csharp/ql/lib/change-notes/2024-03-04-fixed-system.io.textreader-models.md new file mode 100644 index 00000000000..a32f8a7c22c --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-04-fixed-system.io.textreader-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The models for `System.IO.TextReader` have been modified to better model the flow of tainted text from a `TextReader`. diff --git a/csharp/ql/lib/change-notes/2024-03-05-new-commandargs-and-environment-models.md b/csharp/ql/lib/change-notes/2024-03-05-new-commandargs-and-environment-models.md new file mode 100644 index 00000000000..0bee733157c --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-05-new-commandargs-and-environment-models.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* The .NET standard libraries APIs for accessing command line arguments and environment variables have been modeled using the `commandargs` and `environment` threat models. +* The `cs/assembly-path-injection` query has been modified so that it's sources rely on `ThreatModelFlowSource`. In order to restore results from command line arguments, you should enable the `commandargs` threat model. diff --git a/csharp/ql/lib/change-notes/2024-03-07-remove-cil-extractor.md b/csharp/ql/lib/change-notes/2024-03-07-remove-cil-extractor.md new file mode 100644 index 00000000000..36be2372b4e --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-07-remove-cil-extractor.md @@ -0,0 +1,4 @@ +--- +category: breaking +--- +* The CIL extractor has been deleted and the corresponding extractor option `cil` has been removed. It is no longer possible to do CIL extraction. diff --git a/csharp/ql/lib/change-notes/2024-03-07-update-system.net.http.httprequestmessage-models.md b/csharp/ql/lib/change-notes/2024-03-07-update-system.net.http.httprequestmessage-models.md new file mode 100644 index 00000000000..2ac3a1059c6 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-07-update-system.net.http.httprequestmessage-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The models for `System.Net.Http.HttpRequestMessage` have been modified to better model the flow of tainted URIs. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-03-11-csharp12-dotnet8.md b/csharp/ql/lib/change-notes/2024-03-11-csharp12-dotnet8.md new file mode 100644 index 00000000000..7111e8966d6 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-11-csharp12-dotnet8.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Support for C# 12 / .NET8. diff --git a/csharp/ql/lib/change-notes/2024-03-11-registry-sources.md b/csharp/ql/lib/change-notes/2024-03-11-registry-sources.md new file mode 100644 index 00000000000..1d105049185 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-11-registry-sources.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added the `windows-registry` source kind and threat model to represent values which come from the registry on Windows. diff --git a/csharp/ql/lib/change-notes/2024-03-13-system.io-models.md b/csharp/ql/lib/change-notes/2024-03-13-system.io-models.md new file mode 100644 index 00000000000..84db6a663ae --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-13-system.io-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Additional models have been added for `System.IO`. These are primarily source models with the `file` threat model, and summaries related to reading from a file or stream. diff --git a/csharp/ql/lib/change-notes/2024-03-14-dapper-source-models.md b/csharp/ql/lib/change-notes/2024-03-14-dapper-source-models.md new file mode 100644 index 00000000000..204ae7db3ae --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-03-14-dapper-source-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added new source models for the `Dapper` package. These models can be enabled by enabling the `database` threat model. diff --git a/csharp/ql/lib/change-notes/released/0.9.0.md b/csharp/ql/lib/change-notes/released/0.9.0.md deleted file mode 100644 index 32e8e35d76d..00000000000 --- a/csharp/ql/lib/change-notes/released/0.9.0.md +++ /dev/null @@ -1,17 +0,0 @@ -## 0.9.0 - -### Breaking Changes - -* The CIL extractor has been deleted and the corresponding extractor option `cil` has been removed. It is no longer possible to do CIL extraction. -* The QL library C# classes no longer extend their corresponding `DotNet` classes. Furthermore, CIL related data flow functionality has been deleted and all `DotNet` and `CIL` related classes have been deprecated. This effectively means that it no longer has any effect to enable CIL extraction. - -### Minor Analysis Improvements - -* Added new source models for the `Dapper` package. These models can be enabled by enabling the `database` threat model. -* Additional models have been added for `System.IO`. These are primarily source models with the `file` threat model, and summaries related to reading from a file or stream. -* Support for C# 12 / .NET8. -* Added the `windows-registry` source kind and threat model to represent values which come from the registry on Windows. -* The models for `System.Net.Http.HttpRequestMessage` have been modified to better model the flow of tainted URIs. -* The .NET standard libraries APIs for accessing command line arguments and environment variables have been modeled using the `commandargs` and `environment` threat models. -* The `cs/assembly-path-injection` query has been modified so that it's sources rely on `ThreatModelFlowSource`. In order to restore results from command line arguments, you should enable the `commandargs` threat model. -* The models for `System.IO.TextReader` have been modified to better model the flow of tainted text from a `TextReader`. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 8b9fc185202..af4e83c549e 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.0 +lastReleaseVersion: 0.8.12 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index bd9558fa249..7d389b9e560 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.9.0 +version: 0.8.13-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index bbd7f8bc147..df97b469252 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.8.13 - -### Major Analysis Improvements - -* The `Stored` variants of some queries (`cs/stored-command-line-injection`, `cs/web/stored-xss`, `cs/stored-ldap-injection`, `cs/xml/stored-xpath-injection`, `cs/second-order-sql-injection`) have been removed. If you were using these queries, their results can be restored by enabling the `file` and `database` threat models in your threat model configuration. - -### Minor Analysis Improvements - -* The alert message of `cs/wrong-compareto-signature` has been changed to remove unnecessary element references. -* Data flow queries that track flow from *local* flow sources now use the current *threat model* configuration instead. This may lead to changes in the produced alerts if the threat model configuration only uses *remote* flow sources. The changed queries are `cs/code-injection`, `cs/resource-injection`, `cs/sql-injection`, and `cs/uncontrolled-format-string`. - ## 0.8.12 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2024-03-06-remove-default-local-sources.md b/csharp/ql/src/change-notes/2024-03-06-remove-default-local-sources.md new file mode 100644 index 00000000000..19494571ad1 --- /dev/null +++ b/csharp/ql/src/change-notes/2024-03-06-remove-default-local-sources.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Data flow queries that track flow from *local* flow sources now use the current *threat model* configuration instead. This may lead to changes in the produced alerts if the threat model configuration only uses *remote* flow sources. The changed queries are `cs/code-injection`, `cs/resource-injection`, `cs/sql-injection`, and `cs/uncontrolled-format-string`. + diff --git a/csharp/ql/src/change-notes/2024-03-11-remove-stored-query-variants.md b/csharp/ql/src/change-notes/2024-03-11-remove-stored-query-variants.md new file mode 100644 index 00000000000..3ca0b14f7b2 --- /dev/null +++ b/csharp/ql/src/change-notes/2024-03-11-remove-stored-query-variants.md @@ -0,0 +1,5 @@ +--- +category: majorAnalysis +--- +* The `Stored` variants of some queries (`cs/stored-command-line-injection`, `cs/web/stored-xss`, `cs/stored-ldap-injection`, `cs/xml/stored-xpath-injection`, `cs/second-order-sql-injection`) have been removed. If you were using these queries, their results can be restored by enabling the `file` and `database` threat models in your threat model configuration. + diff --git a/csharp/ql/src/change-notes/2024-03-21-change-compareto-signature.md b/csharp/ql/src/change-notes/2024-03-21-change-compareto-signature.md new file mode 100644 index 00000000000..026321ea9af --- /dev/null +++ b/csharp/ql/src/change-notes/2024-03-21-change-compareto-signature.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* The alert message of `cs/wrong-compareto-signature` has been changed to remove unnecessary element references. + diff --git a/csharp/ql/src/change-notes/released/0.8.13.md b/csharp/ql/src/change-notes/released/0.8.13.md deleted file mode 100644 index e534c66fc8e..00000000000 --- a/csharp/ql/src/change-notes/released/0.8.13.md +++ /dev/null @@ -1,10 +0,0 @@ -## 0.8.13 - -### Major Analysis Improvements - -* The `Stored` variants of some queries (`cs/stored-command-line-injection`, `cs/web/stored-xss`, `cs/stored-ldap-injection`, `cs/xml/stored-xpath-injection`, `cs/second-order-sql-injection`) have been removed. If you were using these queries, their results can be restored by enabling the `file` and `database` threat models in your threat model configuration. - -### Minor Analysis Improvements - -* The alert message of `cs/wrong-compareto-signature` has been changed to remove unnecessary element references. -* Data flow queries that track flow from *local* flow sources now use the current *threat model* configuration instead. This may lead to changes in the produced alerts if the threat model configuration only uses *remote* flow sources. The changed queries are `cs/code-injection`, `cs/resource-injection`, `cs/sql-injection`, and `cs/uncontrolled-format-string`. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 0fb6f3d786c..af4e83c549e 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.13 +lastReleaseVersion: 0.8.12 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 609c625fe5a..e9d1d526a81 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.13 +version: 0.8.13-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 83a42fb0551..d9dd6b6f2e2 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.12 - -No user-facing changes. - ## 0.0.11 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.12.md b/go/ql/consistency-queries/change-notes/released/0.0.12.md deleted file mode 100644 index 0e206033bc4..00000000000 --- a/go/ql/consistency-queries/change-notes/released/0.0.12.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.12 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 997fb8da83c..e679dc42092 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.11 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index fbd2978d438..3c398a7cf84 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.12 +version: 0.0.12-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 0fa4dfe0ec8..bc6537af817 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.7.13 - -### Minor Analysis Improvements - -* The `CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO` option, which speeds up retrieval of dependency information, is now on by default. This was originally an external contribution by @xhd2015. -* Added dataflow sources for the package `gopkg.in/macaron.v1`. - ## 0.7.12 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-03-04-macaron-sources.md b/go/ql/lib/change-notes/2024-03-04-macaron-sources.md new file mode 100644 index 00000000000..72ea242510d --- /dev/null +++ b/go/ql/lib/change-notes/2024-03-04-macaron-sources.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added dataflow sources for the package `gopkg.in/macaron.v1`. diff --git a/go/ql/lib/change-notes/released/0.7.13.md b/go/ql/lib/change-notes/2024-03-20-dependecy-retrieval-improvement.md similarity index 63% rename from go/ql/lib/change-notes/released/0.7.13.md rename to go/ql/lib/change-notes/2024-03-20-dependecy-retrieval-improvement.md index c6fab4935a1..42fc258f973 100644 --- a/go/ql/lib/change-notes/released/0.7.13.md +++ b/go/ql/lib/change-notes/2024-03-20-dependecy-retrieval-improvement.md @@ -1,6 +1,4 @@ -## 0.7.13 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * The `CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO` option, which speeds up retrieval of dependency information, is now on by default. This was originally an external contribution by @xhd2015. -* Added dataflow sources for the package `gopkg.in/macaron.v1`. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 8a077216acc..8afa417865a 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.13 +lastReleaseVersion: 0.7.12 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 2c1fbe254fa..8cc40e77dec 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.13 +version: 0.7.13-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 2bee579db9c..497f82e8679 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.7.13 - -### New Queries - -* The query "Slice memory allocation with excessive size value" (`go/uncontrolled-allocation-size`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @Malayke](https://github.com/github/codeql/pull/15130). - -### Minor Analysis Improvements - -* The query `go/hardcoded-credentials` no longer discards string literals based on "weak password" heuristics. -* The query `go/sql-injection` now recognizes more sinks in the package `github.com/Masterminds/squirrel`. - ## 0.7.12 No user-facing changes. diff --git a/go/ql/src/change-notes/2024-03-05-squirrel-sqli-sinks.md b/go/ql/src/change-notes/2024-03-05-squirrel-sqli-sinks.md new file mode 100644 index 00000000000..0b6a78df9f9 --- /dev/null +++ b/go/ql/src/change-notes/2024-03-05-squirrel-sqli-sinks.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The query `go/sql-injection` now recognizes more sinks in the package `github.com/Masterminds/squirrel`. diff --git a/go/ql/src/change-notes/released/0.7.13.md b/go/ql/src/change-notes/2024-03-07-uncontrolled-allocation-size.md similarity index 53% rename from go/ql/src/change-notes/released/0.7.13.md rename to go/ql/src/change-notes/2024-03-07-uncontrolled-allocation-size.md index e11b3986979..663932005eb 100644 --- a/go/ql/src/change-notes/released/0.7.13.md +++ b/go/ql/src/change-notes/2024-03-07-uncontrolled-allocation-size.md @@ -1,10 +1,4 @@ -## 0.7.13 - -### New Queries - +--- +category: newQuery +--- * The query "Slice memory allocation with excessive size value" (`go/uncontrolled-allocation-size`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @Malayke](https://github.com/github/codeql/pull/15130). - -### Minor Analysis Improvements - -* The query `go/hardcoded-credentials` no longer discards string literals based on "weak password" heuristics. -* The query `go/sql-injection` now recognizes more sinks in the package `github.com/Masterminds/squirrel`. diff --git a/go/ql/src/change-notes/2024-03-14-hardcoded-credentials-more-sources.md b/go/ql/src/change-notes/2024-03-14-hardcoded-credentials-more-sources.md new file mode 100644 index 00000000000..ad6f712958e --- /dev/null +++ b/go/ql/src/change-notes/2024-03-14-hardcoded-credentials-more-sources.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The query `go/hardcoded-credentials` no longer discards string literals based on "weak password" heuristics. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 8a077216acc..8afa417865a 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.13 +lastReleaseVersion: 0.7.12 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 2ab9616891b..080d257b8d0 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.13 +version: 0.7.13-dev groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index af83bbb0700..0205da54adf 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.20 - -No user-facing changes. - ## 0.0.19 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.20.md b/java/ql/automodel/src/change-notes/released/0.0.20.md deleted file mode 100644 index 98daf20a59a..00000000000 --- a/java/ql/automodel/src/change-notes/released/0.0.20.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.20 - -No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index d2e86745bca..f406319f372 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.20 +lastReleaseVersion: 0.0.19 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index c4b5940f928..1c22e00eb0e 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.20 +version: 0.0.20-dev groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 36c5ca2a6a6..5f8d993294a 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,16 +1,3 @@ -## 0.9.0 - -### Breaking Changes - -* The Java extractor no longer supports the `ODASA_SNAPSHOT` legacy environment variable. - -### Minor Analysis Improvements - -* Increased the precision of some dataflow models of the class `java.net.URL` by distinguishing the parts of a URL. -* The Java extractor and QL libraries now support Java 22, including support for anonymous variables, lambda parameters and patterns. -* Pattern cases with multiple patterns and that fall through to or from other pattern cases are now supported. The `PatternCase` class gains the new `getPatternAtIndex` and `getAPattern` predicates, and deprecates `getPattern`. -* Added a `path-injection` sink for the `open` methods of the `android.os.ParcelFileDescriptor` class. - ## 0.8.12 No user-facing changes. diff --git a/java/ql/lib/change-notes/2024-03-11-add-parcelfiledescriptor-open-model.md b/java/ql/lib/change-notes/2024-03-11-add-parcelfiledescriptor-open-model.md new file mode 100644 index 00000000000..31f76712828 --- /dev/null +++ b/java/ql/lib/change-notes/2024-03-11-add-parcelfiledescriptor-open-model.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added a `path-injection` sink for the `open` methods of the `android.os.ParcelFileDescriptor` class. diff --git a/java/ql/lib/change-notes/2024-03-21-env-vars.md b/java/ql/lib/change-notes/2024-03-21-env-vars.md new file mode 100644 index 00000000000..9306a814a7c --- /dev/null +++ b/java/ql/lib/change-notes/2024-03-21-env-vars.md @@ -0,0 +1,4 @@ +--- +category: breaking +--- +* The Java extractor no longer supports the `ODASA_SNAPSHOT` legacy environment variable. diff --git a/java/ql/lib/change-notes/2024-03-22-anonymous-variables.md b/java/ql/lib/change-notes/2024-03-22-anonymous-variables.md new file mode 100644 index 00000000000..029d3dfbff4 --- /dev/null +++ b/java/ql/lib/change-notes/2024-03-22-anonymous-variables.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* The Java extractor and QL libraries now support Java 22, including support for anonymous variables, lambda parameters and patterns. +* Pattern cases with multiple patterns and that fall through to or from other pattern cases are now supported. The `PatternCase` class gains the new `getPatternAtIndex` and `getAPattern` predicates, and deprecates `getPattern`. diff --git a/java/ql/lib/change-notes/2024-03-26-url-models-precision.md b/java/ql/lib/change-notes/2024-03-26-url-models-precision.md new file mode 100644 index 00000000000..d6fb561e725 --- /dev/null +++ b/java/ql/lib/change-notes/2024-03-26-url-models-precision.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Increased the precision of some dataflow models of the class `java.net.URL` by distinguishing the parts of a URL. diff --git a/java/ql/lib/change-notes/released/0.9.0.md b/java/ql/lib/change-notes/released/0.9.0.md deleted file mode 100644 index ad20fb98cbf..00000000000 --- a/java/ql/lib/change-notes/released/0.9.0.md +++ /dev/null @@ -1,12 +0,0 @@ -## 0.9.0 - -### Breaking Changes - -* The Java extractor no longer supports the `ODASA_SNAPSHOT` legacy environment variable. - -### Minor Analysis Improvements - -* Increased the precision of some dataflow models of the class `java.net.URL` by distinguishing the parts of a URL. -* The Java extractor and QL libraries now support Java 22, including support for anonymous variables, lambda parameters and patterns. -* Pattern cases with multiple patterns and that fall through to or from other pattern cases are now supported. The `PatternCase` class gains the new `getPatternAtIndex` and `getAPattern` predicates, and deprecates `getPattern`. -* Added a `path-injection` sink for the `open` methods of the `android.os.ParcelFileDescriptor` class. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 8b9fc185202..af4e83c549e 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.0 +lastReleaseVersion: 0.8.12 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 768e57ad9c6..c3a0a9476bb 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.9.0 +version: 0.8.13-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 4b758396b91..73ab2688c98 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,18 +1,3 @@ -## 0.8.13 - -### New Queries - -* The query `java/unsafe-url-forward-dispatch-load` has been promoted from experimental to the main query pack as `java/unvalidated-url-forward`. Its results will now appear by default. This query was originally submitted as an experimental query [by @haby0](https://github.com/github/codeql/pull/6240) and [by @luchua-bc](https://github.com/github/codeql/pull/7286). - -### Major Analysis Improvements - -* The `java/missing-case-in-switch` query now gives only a single alert for each switch statement, giving some examples of the missing cases as well as a count of how many are missing. - -### Minor Analysis Improvements - -* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts. -* Added sanitizers for relative URLs, `List.contains()`, and checking the host of a URI to the `java/ssrf` and `java/unvalidated-url-redirection` queries. - ## 0.8.12 No user-facing changes. diff --git a/java/ql/src/change-notes/2024-03-06-url-forward-query.md b/java/ql/src/change-notes/2024-03-06-url-forward-query.md new file mode 100644 index 00000000000..46028bda4f2 --- /dev/null +++ b/java/ql/src/change-notes/2024-03-06-url-forward-query.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* The query `java/unsafe-url-forward-dispatch-load` has been promoted from experimental to the main query pack as `java/unvalidated-url-forward`. Its results will now appear by default. This query was originally submitted as an experimental query [by @haby0](https://github.com/github/codeql/pull/6240) and [by @luchua-bc](https://github.com/github/codeql/pull/7286). diff --git a/java/ql/src/change-notes/2024-03-12-request-sanitizers.md b/java/ql/src/change-notes/2024-03-12-request-sanitizers.md new file mode 100644 index 00000000000..08229d6d7d0 --- /dev/null +++ b/java/ql/src/change-notes/2024-03-12-request-sanitizers.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added sanitizers for relative URLs, `List.contains()`, and checking the host of a URI to the `java/ssrf` and `java/unvalidated-url-redirection` queries. \ No newline at end of file diff --git a/java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md b/java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md new file mode 100644 index 00000000000..017e5abd7ee --- /dev/null +++ b/java/ql/src/change-notes/2024-03-24-sensitive-log-whitelist-tokenimage.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts. diff --git a/java/ql/src/change-notes/2024-03-27-MissingEnumInSwitch.md b/java/ql/src/change-notes/2024-03-27-MissingEnumInSwitch.md new file mode 100644 index 00000000000..b1531dab655 --- /dev/null +++ b/java/ql/src/change-notes/2024-03-27-MissingEnumInSwitch.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* The `java/missing-case-in-switch` query now gives only a single alert for each switch statement, giving some examples of the missing cases as well as a count of how many are missing. diff --git a/java/ql/src/change-notes/released/0.8.13.md b/java/ql/src/change-notes/released/0.8.13.md deleted file mode 100644 index 22dba4fa4fa..00000000000 --- a/java/ql/src/change-notes/released/0.8.13.md +++ /dev/null @@ -1,14 +0,0 @@ -## 0.8.13 - -### New Queries - -* The query `java/unsafe-url-forward-dispatch-load` has been promoted from experimental to the main query pack as `java/unvalidated-url-forward`. Its results will now appear by default. This query was originally submitted as an experimental query [by @haby0](https://github.com/github/codeql/pull/6240) and [by @luchua-bc](https://github.com/github/codeql/pull/7286). - -### Major Analysis Improvements - -* The `java/missing-case-in-switch` query now gives only a single alert for each switch statement, giving some examples of the missing cases as well as a count of how many are missing. - -### Minor Analysis Improvements - -* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts. -* Added sanitizers for relative URLs, `List.contains()`, and checking the host of a URI to the `java/ssrf` and `java/unvalidated-url-redirection` queries. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 0fb6f3d786c..af4e83c549e 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.13 +lastReleaseVersion: 0.8.12 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index d67193843be..ab853297ba9 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.13 +version: 0.8.13-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 4d66cfc9f6c..2bdc2e4152a 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.8.13 - -### Major Analysis Improvements - -* Added support for TypeScript 5.4. - ## 0.8.12 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/2024-02-02-typescript-5-4.md b/javascript/ql/lib/change-notes/2024-02-02-typescript-5-4.md new file mode 100644 index 00000000000..836719b5d6b --- /dev/null +++ b/javascript/ql/lib/change-notes/2024-02-02-typescript-5-4.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* Added support for TypeScript 5.4. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/released/0.8.13.md b/javascript/ql/lib/change-notes/released/0.8.13.md deleted file mode 100644 index bfa4a62d5ae..00000000000 --- a/javascript/ql/lib/change-notes/released/0.8.13.md +++ /dev/null @@ -1,5 +0,0 @@ -## 0.8.13 - -### Major Analysis Improvements - -* Added support for TypeScript 5.4. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 0fb6f3d786c..af4e83c549e 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.13 +lastReleaseVersion: 0.8.12 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 1ed74009ef0..fd7d5476402 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.13 +version: 0.8.13-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 2ae12bca484..43cbc8facf8 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,13 +1,3 @@ -## 0.8.13 - -### Query Metadata Changes - -* The `@precision` of the `js/unsafe-external-link` has been reduced to `low` to reflect the fact that modern browsers do not expose the opening window for such links. This mitigates the potential security risk of having a link with `target="_blank"`. - -### Minor Analysis Improvements - -* The call graph has been improved, leading to more alerts for data flow based queries. - ## 0.8.12 No user-facing changes. diff --git a/javascript/ql/src/change-notes/2024-03-07-lift-cg-restriction.md b/javascript/ql/src/change-notes/2024-03-07-lift-cg-restriction.md new file mode 100644 index 00000000000..4d591aaf9a2 --- /dev/null +++ b/javascript/ql/src/change-notes/2024-03-07-lift-cg-restriction.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The call graph has been improved, leading to more alerts for data flow based queries. diff --git a/javascript/ql/src/change-notes/2024-03-21-target-blank-precision.md b/javascript/ql/src/change-notes/2024-03-21-target-blank-precision.md new file mode 100644 index 00000000000..5bcb0ba7463 --- /dev/null +++ b/javascript/ql/src/change-notes/2024-03-21-target-blank-precision.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The `@precision` of the `js/unsafe-external-link` has been reduced to `low` to reflect the fact that modern browsers do not expose the opening window for such links. This mitigates the potential security risk of having a link with `target="_blank"`. \ No newline at end of file diff --git a/javascript/ql/src/change-notes/released/0.8.13.md b/javascript/ql/src/change-notes/released/0.8.13.md deleted file mode 100644 index 282e759a49e..00000000000 --- a/javascript/ql/src/change-notes/released/0.8.13.md +++ /dev/null @@ -1,9 +0,0 @@ -## 0.8.13 - -### Query Metadata Changes - -* The `@precision` of the `js/unsafe-external-link` has been reduced to `low` to reflect the fact that modern browsers do not expose the opening window for such links. This mitigates the potential security risk of having a link with `target="_blank"`. - -### Minor Analysis Improvements - -* The call graph has been improved, leading to more alerts for data flow based queries. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 0fb6f3d786c..af4e83c549e 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.13 +lastReleaseVersion: 0.8.12 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 49576a207cd..6967bcbff04 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.13 +version: 0.8.13-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 3b1863cfbf1..c61f0b26d00 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.7.13 - -No user-facing changes. - ## 0.7.12 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.13.md b/misc/suite-helpers/change-notes/released/0.7.13.md deleted file mode 100644 index fac5f02103f..00000000000 --- a/misc/suite-helpers/change-notes/released/0.7.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.7.13 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 8a077216acc..8afa417865a 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.13 +lastReleaseVersion: 0.7.12 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 94ac367a755..c366cba2c91 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.13 +version: 0.7.13-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 645b686ac8c..966356feed2 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.11.13 - -No user-facing changes. - ## 0.11.12 No user-facing changes. diff --git a/python/ql/lib/change-notes/released/0.11.13.md b/python/ql/lib/change-notes/released/0.11.13.md deleted file mode 100644 index e8bde4caf9f..00000000000 --- a/python/ql/lib/change-notes/released/0.11.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.11.13 - -No user-facing changes. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 387883efdfb..28f7725cf85 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.13 +lastReleaseVersion: 0.11.12 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index c150a37790c..f2357da6c2c 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.13 +version: 0.11.13-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 53ed161fecb..d8737a310b3 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.9.13 - -No user-facing changes. - ## 0.9.12 No user-facing changes. diff --git a/python/ql/src/change-notes/released/0.9.13.md b/python/ql/src/change-notes/released/0.9.13.md deleted file mode 100644 index e188021618c..00000000000 --- a/python/ql/src/change-notes/released/0.9.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.9.13 - -No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 74bee36d150..12f1a311eca 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.13 +lastReleaseVersion: 0.9.12 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index b24b25bd821..c6d2ef63f29 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.13 +version: 0.9.13-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index a3305576053..9b2503120f9 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,13 +1,3 @@ -## 0.8.13 - -### Minor Analysis Improvements - -* Data flow is now tracked through `ActiveRecord` scopes. -* Modeled instances of `ActionDispatch::Http::UploadedFile` that can be obtained from element reads of `ActionController::Parameters`, with calls to `original_filename`, `content_type`, and `read` now propagating taint from their receiver. -* The second argument, `subquery_name`, of the `ActiveRecord::QueryMethods::from` method, is now recognized as an sql injection sink. -* Calls to `Typhoeus::Request.new` are now considered as instances of the `Http::Client::Request` concept, with the response body being treated as a remote flow source. -* New command injection sinks have been added, including `Process.spawn`, `Process.exec`, `Terrapin::CommandLine` and the `open4` gem. - ## 0.8.12 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2024-02-27-process-spawn.md b/ruby/ql/lib/change-notes/2024-02-27-process-spawn.md new file mode 100644 index 00000000000..9c20f05d865 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-27-process-spawn.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* New command injection sinks have been added, including `Process.spawn`, `Process.exec`, `Terrapin::CommandLine` and the `open4` gem. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-03-01-typhoeus-request.md b/ruby/ql/lib/change-notes/2024-03-01-typhoeus-request.md new file mode 100644 index 00000000000..f008869fbcd --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-03-01-typhoeus-request.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to `Typhoeus::Request.new` are now considered as instances of the `Http::Client::Request` concept, with the response body being treated as a remote flow source. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-03-08-activerecord-from.md b/ruby/ql/lib/change-notes/2024-03-08-activerecord-from.md new file mode 100644 index 00000000000..704a4f27a61 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-03-08-activerecord-from.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The second argument, `subquery_name`, of the `ActiveRecord::QueryMethods::from` method, is now recognized as an sql injection sink. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-03-14-actiondispatch-uploadedfile.md b/ruby/ql/lib/change-notes/2024-03-14-actiondispatch-uploadedfile.md new file mode 100644 index 00000000000..a02ca0d00a2 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-03-14-actiondispatch-uploadedfile.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Modeled instances of `ActionDispatch::Http::UploadedFile` that can be obtained from element reads of `ActionController::Parameters`, with calls to `original_filename`, `content_type`, and `read` now propagating taint from their receiver. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-03-19-activerecord-scopes.md b/ruby/ql/lib/change-notes/2024-03-19-activerecord-scopes.md new file mode 100644 index 00000000000..963479568a0 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-03-19-activerecord-scopes.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Data flow is now tracked through `ActiveRecord` scopes. diff --git a/ruby/ql/lib/change-notes/released/0.8.13.md b/ruby/ql/lib/change-notes/released/0.8.13.md deleted file mode 100644 index cc844ffc764..00000000000 --- a/ruby/ql/lib/change-notes/released/0.8.13.md +++ /dev/null @@ -1,9 +0,0 @@ -## 0.8.13 - -### Minor Analysis Improvements - -* Data flow is now tracked through `ActiveRecord` scopes. -* Modeled instances of `ActionDispatch::Http::UploadedFile` that can be obtained from element reads of `ActionController::Parameters`, with calls to `original_filename`, `content_type`, and `read` now propagating taint from their receiver. -* The second argument, `subquery_name`, of the `ActiveRecord::QueryMethods::from` method, is now recognized as an sql injection sink. -* Calls to `Typhoeus::Request.new` are now considered as instances of the `Http::Client::Request` concept, with the response body being treated as a remote flow source. -* New command injection sinks have been added, including `Process.spawn`, `Process.exec`, `Terrapin::CommandLine` and the `open4` gem. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 0fb6f3d786c..af4e83c549e 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.13 +lastReleaseVersion: 0.8.12 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 1d8218b6fa0..bc8a4aa2813 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.13 +version: 0.8.13-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 508fa71de4a..3810951acb5 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.8.13 - -No user-facing changes. - ## 0.8.12 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/0.8.13.md b/ruby/ql/src/change-notes/released/0.8.13.md deleted file mode 100644 index 4f7ef70cec5..00000000000 --- a/ruby/ql/src/change-notes/released/0.8.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.8.13 - -No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 0fb6f3d786c..af4e83c549e 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.13 +lastReleaseVersion: 0.8.12 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 029e052108f..b1821390958 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.13 +version: 0.8.13-dev groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index aaebbbb4318..fc8378ff3b9 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.1.13 - -No user-facing changes. - ## 0.1.12 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.13.md b/shared/controlflow/change-notes/released/0.1.13.md deleted file mode 100644 index 827f5e3ec44..00000000000 --- a/shared/controlflow/change-notes/released/0.1.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.1.13 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index f43379f8196..bfd6e903641 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.13 +lastReleaseVersion: 0.1.12 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index cb04f661c85..3a6d1131f86 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.13 +version: 0.1.13-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index b5267b6d9b0..458cde63603 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.2.4 - -### Minor Analysis Improvements - -* Path explanations now include flow that goes through callbacks passed into library functions. For example, if `map` is a library function, then in `result = map(xs, x => x + 1)` we will now include the step from `x` to `x + 1` in the path explanation, instead of going directly from `xs` to `result`. Note that this change does not affect actual query results, but only how path explanations are computed. - ## 0.2.3 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/0.2.4.md b/shared/dataflow/change-notes/2024-02-28-hidden-subpaths.md similarity index 90% rename from shared/dataflow/change-notes/released/0.2.4.md rename to shared/dataflow/change-notes/2024-02-28-hidden-subpaths.md index 075802f2b5d..05a48eb8050 100644 --- a/shared/dataflow/change-notes/released/0.2.4.md +++ b/shared/dataflow/change-notes/2024-02-28-hidden-subpaths.md @@ -1,5 +1,4 @@ -## 0.2.4 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Path explanations now include flow that goes through callbacks passed into library functions. For example, if `map` is a library function, then in `result = map(xs, x => x + 1)` we will now include the step from `x` to `x + 1` in the path explanation, instead of going directly from `xs` to `result`. Note that this change does not affect actual query results, but only how path explanations are computed. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 7f1e3841dcd..0b605901b42 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.4 +lastReleaseVersion: 0.2.3 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 9c0976ca109..386290bde29 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.4 +version: 0.2.4-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index afeee789487..df97cb97717 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.13.md b/shared/mad/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/mad/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 77a69168fe9..a5ea1168b92 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 465ab789d4a..7f284f0bfb8 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.12 - -No user-facing changes. - ## 0.0.11 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.12.md b/shared/rangeanalysis/change-notes/released/0.0.12.md deleted file mode 100644 index 0e206033bc4..00000000000 --- a/shared/rangeanalysis/change-notes/released/0.0.12.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.12 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 997fb8da83c..e679dc42092 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.11 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index df8fbd5e837..4d8f0196bec 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.12 +version: 0.0.12-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 6b0950887f9..2b955eaf376 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.13.md b/shared/regex/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/regex/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index e47715dd322..607c548a2a3 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 7b073dbfe7b..7e74b25e47e 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.13.md b/shared/ssa/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/ssa/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 3877a1a98f9..5c773a56a66 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 83a42fb0551..d9dd6b6f2e2 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.12 - -No user-facing changes. - ## 0.0.11 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.12.md b/shared/threat-models/change-notes/released/0.0.12.md deleted file mode 100644 index 0e206033bc4..00000000000 --- a/shared/threat-models/change-notes/released/0.0.12.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.12 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 997fb8da83c..e679dc42092 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.11 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 1d8b017f798..08e2ae0c330 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.12 +version: 0.0.12-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 32d42cbeb39..01fdf65587a 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.13.md b/shared/tutorial/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/tutorial/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index ee00cd14490..cf4f16583a3 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 18024e28981..242657d19d8 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.13.md b/shared/typetracking/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/typetracking/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 7f1ce51b4df..166a7c170cd 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index dbf4204fcad..26e1c3ae546 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.13.md b/shared/typos/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/typos/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 36250357dae..47bc18e8902 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 1c0c715c928..b8ae5cf523d 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.13.md b/shared/util/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/util/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index e4c8f9b2166..7862cb35d81 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 67d1e732a0f..9a5910ec374 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.13 - -No user-facing changes. - ## 0.2.12 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.13.md b/shared/yaml/change-notes/released/0.2.13.md deleted file mode 100644 index 42f11678bd3..00000000000 --- a/shared/yaml/change-notes/released/0.2.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.13 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 979eb20092e..da1cea93393 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.12 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index f12c77ef671..9813c6fb57c 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.13 +version: 0.2.13-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 4bc92a92c82..5a35f47aa89 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.3.13 - -### Major Analysis Improvements - -* Upgraded to Swift 5.10 -* New AST node is extracted: `ThenStmt` - ## 0.3.12 No user-facing changes. diff --git a/swift/ql/lib/change-notes/released/0.3.13.md b/swift/ql/lib/change-notes/2024-03-28-swift-5.10.md similarity index 59% rename from swift/ql/lib/change-notes/released/0.3.13.md rename to swift/ql/lib/change-notes/2024-03-28-swift-5.10.md index c1639172fd4..bfc371a89e9 100644 --- a/swift/ql/lib/change-notes/released/0.3.13.md +++ b/swift/ql/lib/change-notes/2024-03-28-swift-5.10.md @@ -1,6 +1,5 @@ -## 0.3.13 - -### Major Analysis Improvements - +--- +category: majorAnalysis +--- * Upgraded to Swift 5.10 * New AST node is extracted: `ThenStmt` diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 8791b4867d1..3e6664ee4b6 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.13 +lastReleaseVersion: 0.3.12 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index f4143f29340..d06a216db89 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.13 +version: 0.3.13-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 2b745bd7bb1..4ae49cfbfea 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.3.13 - -No user-facing changes. - ## 0.3.12 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/0.3.13.md b/swift/ql/src/change-notes/released/0.3.13.md deleted file mode 100644 index 890ab1e3e3f..00000000000 --- a/swift/ql/src/change-notes/released/0.3.13.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.3.13 - -No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 8791b4867d1..3e6664ee4b6 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.13 +lastReleaseVersion: 0.3.12 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 21fae0156ea..1dace3146de 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.13 +version: 0.3.13-dev groups: - swift - queries