Release preparation for version 2.16.3

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.12.6
+
+### New Features
+
+* A `getInitialization` predicate was added to the `RangeBasedForStmt` class that yields the C++20-style initializer of the range-based `for` statement when it exists.
+
 ## 0.12.5
 
 ### New Features

cpp/ql/lib/change-notes/released/0.12.6.md

@@ -1,4 +1,5 @@
----
-category: feature
----
+## 0.12.6
+
+### New Features
+
 * A `getInitialization` predicate was added to the `RangeBasedForStmt` class that yields the C++20-style initializer of the range-based `for` statement when it exists.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.12.5
+lastReleaseVersion: 0.12.6

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.12.6-dev
+version: 0.12.6
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.9.5
+
+### Minor Analysis Improvements
+
+* The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives.
+* Added dataflow models for the `gettext` function variants. 
+
 ## 0.9.4
 
 ### Minor Analysis Improvements

cpp/ql/src/change-notes/2024-02-05-gettext-dataflows.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added dataflow models for the `gettext` function variants. 

cpp/ql/src/change-notes/released/0.9.5.md

@@ -1,4 +1,6 @@
----
-category: minorAnalysis
----
+## 0.9.5
+
+### Minor Analysis Improvements
+
 * The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives.
+* Added dataflow models for the `gettext` function variants. 

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.4
+lastReleaseVersion: 0.9.5

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.9.5-dev
+version: 0.9.5
 groups:
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.9
+
+No user-facing changes.
+
 ## 1.7.8
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.9.md

@@ -0,0 +1,3 @@
+## 1.7.9
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.8
+lastReleaseVersion: 1.7.9

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.9-dev
+version: 1.7.9
 groups:
   - csharp
   - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.9
+
+No user-facing changes.
+
 ## 1.7.8
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.9.md

@@ -0,0 +1,3 @@
+## 1.7.9
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.8
+lastReleaseVersion: 1.7.9

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.9-dev
+version: 1.7.9
 groups:
   - csharp
   - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.8.9
+
+### Minor Analysis Improvements
+
+* C# 12: The QL and data flow library now support primary constructors.
+* Added a new database relation to store key-value pairs corresponding to compilations. The new relation is used in
+buildless mode to surface information related to dependency fetching.
+
 ## 0.8.8
 
 ### Minor Analysis Improvements

csharp/ql/lib/change-notes/2024-02-12-primary-constructors.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* C# 12: The QL and data flow library now support primary constructors.

csharp/ql/lib/change-notes/released/0.8.9.md

@@ -1,6 +1,7 @@
----
-category: minorAnalysis
----
+## 0.8.9
+
+### Minor Analysis Improvements
+
+* C# 12: The QL and data flow library now support primary constructors.
 * Added a new database relation to store key-value pairs corresponding to compilations. The new relation is used in
 buildless mode to surface information related to dependency fetching.
-

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.8.9-dev
+version: 0.8.9
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.9
+
+### Minor Analysis Improvements
+
+* Added sanitizers for relative URLs, `List.Contains()`, and checking the `.Host` property on an URI to the `cs/web/unvalidated-url-redirection` query.
+
 ## 0.8.8
 
 ### Minor Analysis Improvements

csharp/ql/src/change-notes/released/0.8.9.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* Added sanitizers for relative URLs, `List.Contains()`, and checking the `.Host` property on an URI to the `cs/web/unvalidated-url-redirection` query.
+## 0.8.9
+
+### Minor Analysis Improvements
+
+* Added sanitizers for relative URLs, `List.Contains()`, and checking the `.Host` property on an URI to the `cs/web/unvalidated-url-redirection` query.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.8.9-dev
+version: 0.8.9
 groups:
   - csharp
   - queries

go/ql/consistency-queries/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.8
+
+No user-facing changes.
+
 ## 0.0.7
 
 No user-facing changes.

go/ql/consistency-queries/change-notes/released/0.0.8.md

@@ -0,0 +1,3 @@
+## 0.0.8
+
+No user-facing changes.

go/ql/consistency-queries/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.7
+lastReleaseVersion: 0.0.8

go/ql/consistency-queries/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 0.0.8-dev
+version: 0.0.8
 groups:
   - go
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.9
+
+No user-facing changes.
+
 ## 0.7.8
 
 No user-facing changes.

go/ql/lib/change-notes/released/0.7.9.md

@@ -0,0 +1,3 @@
+## 0.7.9
+
+No user-facing changes.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.8
+lastReleaseVersion: 0.7.9

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.7.9-dev
+version: 0.7.9
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 0.7.9
+
+### New Queries
+
+* The query "Missing JWT signature check" (`go/missing-jwt-signature-check`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @am0o0](https://github.com/github/codeql/pull/14075).
+
+### Major Analysis Improvements
+
+* The query "Use of a hardcoded key for signing JWT" (`go/hardcoded-key`) has been promoted from experimental to the main query pack. Its results will now appear by default as part of `go/hardcoded-credentials`. This query was originally [submitted as an experimental query by @porcupineyhairs](https://github.com/github/codeql/pull/9378).
+
 ## 0.7.8
 
 No user-facing changes.

go/ql/src/change-notes/2024-02-06-hardcoded-keys-promotion.md

@@ -1,4 +0,0 @@
----
-category: majorAnalysis
----
-* The query "Use of a hardcoded key for signing JWT" (`go/hardcoded-key`) has been promoted from experimental to the main query pack. Its results will now appear by default as part of `go/hardcoded-credentials`. This query was originally [submitted as an experimental query by @porcupineyhairs](https://github.com/github/codeql/pull/9378).

go/ql/src/change-notes/2024-02-06-missing-jwt-signature-check-promotion.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* The query "Missing JWT signature check" (`go/missing-jwt-signature-check`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @am0o0](https://github.com/github/codeql/pull/14075).

go/ql/src/change-notes/released/0.7.9.md

@@ -0,0 +1,9 @@
+## 0.7.9
+
+### New Queries
+
+* The query "Missing JWT signature check" (`go/missing-jwt-signature-check`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @am0o0](https://github.com/github/codeql/pull/14075).
+
+### Major Analysis Improvements
+
+* The query "Use of a hardcoded key for signing JWT" (`go/hardcoded-key`) has been promoted from experimental to the main query pack. Its results will now appear by default as part of `go/hardcoded-credentials`. This query was originally [submitted as an experimental query by @porcupineyhairs](https://github.com/github/codeql/pull/9378).

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.8
+lastReleaseVersion: 0.7.9

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.7.9-dev
+version: 0.7.9
 groups:
   - go
   - queries

java/ql/automodel/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.16
+
+No user-facing changes.
+
 ## 0.0.15
 
 No user-facing changes.

java/ql/automodel/src/change-notes/released/0.0.16.md

@@ -0,0 +1,3 @@
+## 0.0.16
+
+No user-facing changes.

java/ql/automodel/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.15
+lastReleaseVersion: 0.0.16

java/ql/automodel/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-automodel-queries
-version: 0.0.16-dev
+version: 0.0.16
 groups:
     - java
     - automodel

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,27 @@
+## 0.8.9
+
+### Deprecated APIs
+
+* The `PathCreation` class in `PathCreation.qll` has been deprecated.
+
+### Minor Analysis Improvements
+
+* An extension point for sanitizers of the query `java/unvalidated-url-redirection` has been added.
+* Added models for the following packages:
+
+  * java.io
+  * java.lang
+  * java.net
+  * java.net.http
+  * java.nio.file
+  * java.util.zip
+  * javax.servlet
+  * org.apache.commons.io
+  * org.apache.hadoop.fs
+  * org.apache.hadoop.fs.s3a
+  * org.eclipse.jetty.client
+  * org.gradle.api.file
+
 ## 0.8.8
 
 ### Minor Analysis Improvements

java/ql/lib/change-notes/2024-01-26-deprecated-path-creation.md

@@ -1,4 +0,0 @@
----
-category: deprecated
----
-* The `PathCreation` class in `PathCreation.qll` has been deprecated.

java/ql/lib/change-notes/2024-02-09-url-redirect-sanitizer.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* An extension point for sanitizers of the query `java/unvalidated-url-redirection` has been added.

java/ql/lib/change-notes/released/0.8.9.md

@@ -1,6 +1,12 @@
----
-category: minorAnalysis
----
+## 0.8.9
+
+### Deprecated APIs
+
+* The `PathCreation` class in `PathCreation.qll` has been deprecated.
+
+### Minor Analysis Improvements
+
+* An extension point for sanitizers of the query `java/unvalidated-url-redirection` has been added.
 * Added models for the following packages:
 
   * java.io

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.8.9-dev
+version: 0.8.9
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,22 @@
+## 0.8.9
+
+### New Queries
+
+* Added a new query `java/android/insecure-local-authentication` for finding uses of biometric authentication APIs that do not make use of a `KeyStore`-backed key and thus may be bypassed.
+
+### Query Metadata Changes
+
+* The `security-severity` score of the query `java/relative-path-command` has been reduced to better adjust it to the specific conditions needed for exploitation.
+
+### Major Analysis Improvements
+
+* The sinks of the queries `java/path-injection` and `java/path-injection-local` have been reworked. Path creation sinks have been converted to summaries instead, while sinks now are actual file read/write operations only. This has reduced the false positive ratio of both queries.
+
+### Minor Analysis Improvements
+
+* The sanitizer for the path injection queries has been improved to handle more cases where `equals` is used to check an exact path match.
+* The query `java/unvalidated-url-redirection` now sanitizes results following the same logic as the query `java/ssrf`. URLs the destination of which cannot be externally controlled will not be reported anymore.
+
 ## 0.8.8
 
 ### New Queries

java/ql/src/change-notes/2024-01-26-path-injection-precision-improved.md

@@ -1,4 +0,0 @@
----
-category: majorAnalysis
----
-* The sinks of the queries `java/path-injection` and `java/path-injection-local` have been reworked. Path creation sinks have been converted to summaries instead, while sinks now are actual file read/write operations only. This has reduced the false positive ratio of both queries.

java/ql/src/change-notes/2024-02-02-android-insecure-local-auth.md

@@ -1,5 +0,0 @@
-
----
-category: newQuery
----
-* Added a new query `java/android/insecure-local-authentication` for finding uses of biometric authentication APIs that do not make use of a `KeyStore`-backed key and thus may be bypassed.

java/ql/src/change-notes/2024-02-09-url-redirect-sanitizer.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The query `java/unvalidated-url-redirection` now sanitizes results following the same logic as the query `java/ssrf`. URLs the destination of which cannot be externally controlled will not be reported anymore.

java/ql/src/change-notes/2024-02-12-relative-exec-severity.md

@@ -1,4 +0,0 @@
----
-category: queryMetadata
----
-* The `security-severity` score of the query `java/relative-path-command` has been reduced to better adjust it to the specific conditions needed for exploitation.

java/ql/src/change-notes/2024-02-15-path-sanitizer-equals.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The sanitizer for the path injection queries has been improved to handle more cases where `equals` is used to check an exact path match.

java/ql/src/change-notes/released/0.8.9.md

@@ -0,0 +1,18 @@
+## 0.8.9
+
+### New Queries
+
+* Added a new query `java/android/insecure-local-authentication` for finding uses of biometric authentication APIs that do not make use of a `KeyStore`-backed key and thus may be bypassed.
+
+### Query Metadata Changes
+
+* The `security-severity` score of the query `java/relative-path-command` has been reduced to better adjust it to the specific conditions needed for exploitation.
+
+### Major Analysis Improvements
+
+* The sinks of the queries `java/path-injection` and `java/path-injection-local` have been reworked. Path creation sinks have been converted to summaries instead, while sinks now are actual file read/write operations only. This has reduced the false positive ratio of both queries.
+
+### Minor Analysis Improvements
+
+* The sanitizer for the path injection queries has been improved to handle more cases where `equals` is used to check an exact path match.
+* The query `java/unvalidated-url-redirection` now sanitizes results following the same logic as the query `java/ssrf`. URLs the destination of which cannot be externally controlled will not be reported anymore.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.8.9-dev
+version: 0.8.9
 groups:
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.9
+
+### Minor Analysis Improvements
+
+* The name "certification" is no longer seen as possibly being a certificate, and will therefore no longer be flagged in queries like "clear-text-logging" which look for sensitive data.
+
 ## 0.8.8
 
 No user-facing changes.

javascript/ql/lib/change-notes/released/0.8.9.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.8.9
+
+### Minor Analysis Improvements
+
 * The name "certification" is no longer seen as possibly being a certificate, and will therefore no longer be flagged in queries like "clear-text-logging" which look for sensitive data.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.8.9-dev
+version: 0.8.9
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.9
+
+### Bug Fixes
+
+* The left operand of the `&&` operator no longer propagates data flow by default.
+
 ## 0.8.8
 
 No user-facing changes.

javascript/ql/src/change-notes/released/0.8.9.md

@@ -1,4 +1,5 @@
----
-category: fix
----
+## 0.8.9
+
+### Bug Fixes
+
 * The left operand of the `&&` operator no longer propagates data flow by default.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.8.9-dev
+version: 0.8.9
 groups:
   - javascript
   - queries

misc/suite-helpers/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.9
+
+No user-facing changes.
+
 ## 0.7.8
 
 No user-facing changes.

misc/suite-helpers/change-notes/released/0.7.9.md

@@ -0,0 +1,3 @@
+## 0.7.9
+
+No user-facing changes.

misc/suite-helpers/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.8
+lastReleaseVersion: 0.7.9

misc/suite-helpers/qlpack.yml

@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 0.7.9-dev
+version: 0.7.9
 groups: shared
 warnOnImplicitThis: true

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.11.9
+
+### Minor Analysis Improvements
+
+* The name "certification" is no longer seen as possibly being a certificate, and will therefore no longer be flagged in queries like "clear-text-logging" which look for sensitive data.
+* Added modeling of the `psycopg` PyPI package as a SQL database library.
+
 ## 0.11.8
 
 ### Minor Analysis Improvements

python/ql/lib/change-notes/2024-01-29-psycopg-modeling.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added modeling of the `psycopg` PyPI package as a SQL database library.

python/ql/lib/change-notes/released/0.11.9.md

@@ -1,4 +1,6 @@
----
-category: minorAnalysis
----
+## 0.11.9
+
+### Minor Analysis Improvements
+
 * The name "certification" is no longer seen as possibly being a certificate, and will therefore no longer be flagged in queries like "clear-text-logging" which look for sensitive data.
+* Added modeling of the `psycopg` PyPI package as a SQL database library.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.11.8
+lastReleaseVersion: 0.11.9

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.11.9-dev
+version: 0.11.9
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.9.9
+
+No user-facing changes.
+
 ## 0.9.8
 
 No user-facing changes.

python/ql/src/change-notes/released/0.9.9.md

@@ -0,0 +1,3 @@
+## 0.9.9
+
+No user-facing changes.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.8
+lastReleaseVersion: 0.9.9

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.9.9-dev
+version: 0.9.9
 groups:
   - python
   - queries

ruby/ql/lib/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.8.9
+
+### Minor Analysis Improvements
+
+* Raw output ERB tags of the form `<%== ... %>` are now recognised as cross-site scripting sinks.
+* The name "certification" is no longer seen as possibly being a certificate, and will therefore no longer be flagged in queries like "clear-text-logging" which look for sensitive data.
+
 ## 0.8.8
 
 ### Minor Analysis Improvements

ruby/ql/lib/change-notes/2024-02-12-raw-erb-output.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Raw output ERB tags of the form `<%== ... %>` are now recognised as cross-site scripting sinks.

ruby/ql/lib/change-notes/released/0.8.9.md

@@ -1,4 +1,6 @@
----
-category: minorAnalysis
----
+## 0.8.9
+
+### Minor Analysis Improvements
+
+* Raw output ERB tags of the form `<%== ... %>` are now recognised as cross-site scripting sinks.
 * The name "certification" is no longer seen as possibly being a certificate, and will therefore no longer be flagged in queries like "clear-text-logging" which look for sensitive data.

ruby/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.8.9-dev
+version: 0.8.9
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.8.9
+
+No user-facing changes.
+
 ## 0.8.8
 
 ### New Queries

ruby/ql/src/change-notes/released/0.8.9.md

@@ -0,0 +1,3 @@
+## 0.8.9
+
+No user-facing changes.

ruby/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.8
+lastReleaseVersion: 0.8.9

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.8.9-dev
+version: 0.8.9
 groups:
   - ruby
   - queries

shared/controlflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.1.9
+
+No user-facing changes.
+
 ## 0.1.8
 
 No user-facing changes.

shared/controlflow/change-notes/released/0.1.9.md

@@ -0,0 +1,3 @@
+## 0.1.9
+
+No user-facing changes.

shared/controlflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.8
+lastReleaseVersion: 0.1.9

shared/controlflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/controlflow
-version: 0.1.9-dev
+version: 0.1.9
 groups: shared
 library: true
 dependencies:

shared/dataflow/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.2.0
+
+### Breaking Changes
+
+* The `edges` predicate contained in `PathGraph` now contains two additional columns for propagating model provenance information. This is primarily an internal change without any impact on any APIs, except for specialised queries making use of `MergePathGraph` in conjunction with custom `PathGraph` implementations. Such queries will need to be updated to reference the two new columns. This is expected to be very rare, as `MergePathGraph` is an advanced feature, but it is a breaking change for any such affected queries.
+
 ## 0.1.8
 
 No user-facing changes.

shared/dataflow/change-notes/released/0.2.0.md

@@ -1,4 +1,5 @@
----
-category: breaking
----
+## 0.2.0
+
+### Breaking Changes
+
 * The `edges` predicate contained in `PathGraph` now contains two additional columns for propagating model provenance information. This is primarily an internal change without any impact on any APIs, except for specialised queries making use of `MergePathGraph` in conjunction with custom `PathGraph` implementations. Such queries will need to be updated to reference the two new columns. This is expected to be very rare, as `MergePathGraph` is an advanced feature, but it is a breaking change for any such affected queries.

shared/dataflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.8
+lastReleaseVersion: 0.2.0

shared/dataflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/dataflow
-version: 0.1.9-dev
+version: 0.2.0
 groups: shared
 library: true
 dependencies:

shared/mad/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.2.9
+
+No user-facing changes.
+
 ## 0.2.8
 
 No user-facing changes.

shared/mad/change-notes/released/0.2.9.md

@@ -0,0 +1,3 @@
+## 0.2.9
+
+No user-facing changes.

shared/mad/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.2.8
+lastReleaseVersion: 0.2.9