Release preparation for version 2.15.3

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,17 @@
+## 0.12.0
+
+### Breaking Changes
+
+* The expressions `AssignPointerAddExpr` and `AssignPointerSubExpr` are no longer subtypes of `AssignBitwiseOperation`.
+
+### Minor Analysis Improvements
+
+* The "Returning stack-allocated memory" (`cpp/return-stack-allocated-memory`) query now also detects returning stack-allocated memory allocated by calls to `alloca`, `strdupa`, and `strndupa`.
+* Added models for `strlcpy` and `strlcat`.
+* Added models for the `sprintf` variants from the `StrSafe.h` header.
+* Added SQL API models for `ODBC`.
+* Added taint models for `realloc` and related functions.
+
 ## 0.11.0
 
 ### Breaking Changes

cpp/ql/lib/change-notes/2023-10-30-realloc-flow.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added taint models for `realloc` and related functions.

cpp/ql/lib/change-notes/2023-10-31-assign-pointer-add-sub-expr.md

@@ -1,4 +0,0 @@
----
-category: breaking
----
-* The expressions `AssignPointerAddExpr` and `AssignPointerSubExpr` are no longer subtypes of `AssignBitwiseOperation`.

cpp/ql/lib/change-notes/2023-10-31-odbc-models.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added SQL API models for `ODBC`.

cpp/ql/lib/change-notes/2023-11-08-strsafe-models.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added models for the `sprintf` variants from the `StrSafe.h` header.

cpp/ql/lib/change-notes/2023-11-10-strlcpy-strlcat-models.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added models for `strlcpy` and `strlcat`.

cpp/ql/lib/change-notes/2023-11-15-return-stack-allocated-memory.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Returning stack-allocated memory" (`cpp/return-stack-allocated-memory`) query now also detects returning stack-allocated memory allocated by calls to `alloca`, `strdupa`, and `strndupa`.

cpp/ql/lib/change-notes/released/0.12.0.md

@@ -0,0 +1,13 @@
+## 0.12.0
+
+### Breaking Changes
+
+* The expressions `AssignPointerAddExpr` and `AssignPointerSubExpr` are no longer subtypes of `AssignBitwiseOperation`.
+
+### Minor Analysis Improvements
+
+* The "Returning stack-allocated memory" (`cpp/return-stack-allocated-memory`) query now also detects returning stack-allocated memory allocated by calls to `alloca`, `strdupa`, and `strndupa`.
+* Added models for `strlcpy` and `strlcat`.
+* Added models for the `sprintf` variants from the `StrSafe.h` header.
+* Added SQL API models for `ODBC`.
+* Added taint models for `realloc` and related functions.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.11.0
+lastReleaseVersion: 0.12.0

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.11.1-dev
+version: 0.12.0
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.3
+
+### Minor Analysis Improvements
+
+* The `cpp/uninitialized-local` query has been improved to produce fewer false positives.
+
 ## 0.8.2
 
 No user-facing changes.

cpp/ql/src/change-notes/released/0.8.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.8.3
+
+### Minor Analysis Improvements
+
 * The `cpp/uninitialized-local` query has been improved to produce fewer false positives.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.8.3-dev
+version: 0.8.3
 groups:
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.3
+
+No user-facing changes.
+
 ## 1.7.2
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.3.md

@@ -0,0 +1,3 @@
+## 1.7.3
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.2
+lastReleaseVersion: 1.7.3

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.3-dev
+version: 1.7.3
 groups:
   - csharp
   - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.3
+
+No user-facing changes.
+
 ## 1.7.2
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.3.md

@@ -0,0 +1,3 @@
+## 1.7.3
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.2
+lastReleaseVersion: 1.7.3

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.3-dev
+version: 1.7.3
 groups:
   - csharp
   - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,49 @@
+## 0.8.3
+
+### Minor Analysis Improvements
+
+* The predicate `UnboundGeneric::getName` now prints the number of type parameters as a `` `N`` suffix, instead of a `<,...,>` suffix. For example, the unbound generic type
+`System.Collections.Generic.IList<T>` is printed as ``IList`1`` instead of `IList<>`.
+* The predicates `hasQualifiedName`, `getQualifiedName`, and `getQualifiedNameWithTypes` have been deprecated, and are instead replaced by `hasFullyQualifiedName`, `getFullyQualifiedName`, and `getFullyQualifiedNameWithTypes`, respectively. The new predicates use the same format for unbound generic types as mentioned above.
+* These changes also affect models-as-data rows that refer to a field or a property belonging to a generic type. For example, instead of writing
+```yml
+extensions:
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: summaryModel
+      data:
+        - ["System.Collections.Generic", "Dictionary<TKey,TValue>", False, "Add", "(System.Collections.Generic.KeyValuePair<TKey,TValue>)", "", "Argument[0].Property[System.Collections.Generic.KeyValuePair<,>.Key]", "Argument[this].Element.Property[System.Collections.Generic.KeyValuePair<,>.Key]", "value", "manual"]
+```
+one now writes
+```yml
+extensions:
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: summaryModel
+      data:
+        - ["System.Collections.Generic", "Dictionary<TKey,TValue>", False, "Add", "(System.Collections.Generic.KeyValuePair<TKey,TValue>)", "", "Argument[0].Property[System.Collections.Generic.KeyValuePair`2.Key]", "Argument[this].Element.Property[System.Collections.Generic.KeyValuePair`2.Key]", "value", "manual"]
+```
+* The models-as-data format for types and methods with type parameters has been changed to include the names of the type parameters. For example, instead of writing
+```yml
+extensions:
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: summaryModel
+      data:
+        - ["System.Collections.Generic", "IList<>", True, "Insert", "(System.Int32,T)", "", "Argument[1]", "Argument[this].Element", "value", "manual"]
+        - ["System.Linq", "Enumerable", False, "Select<,>", "(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,System.Int32,TResult>)", "", "Argument[0].Element", "Argument[1].Parameter[0]", "value", "manual"]
+```
+one now writes
+```yml
+extensions:
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: summaryModel
+      data:
+        - ["System.Collections.Generic", "IList<T>", True, "Insert", "(System.Int32,T)", "", "Argument[1]", "Argument[this].Element", "value", "manual"]
+        - ["System.Linq", "Enumerable", False, "Select<TSource,TResult>", "(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,System.Int32,TResult>)", "", "Argument[0].Element", "Argument[1].Parameter[0]", "value", "manual"]
+```
+
 ## 0.8.2
 
 No user-facing changes.

csharp/ql/lib/change-notes/2023-11-09-mad-generics.md

@@ -1,24 +0,0 @@
----
-category: minorAnalysis
----
-
-* The models-as-data format for types and methods with type parameters has been changed to include the names of the type parameters. For example, instead of writing
-```yml
-extensions:
-  - addsTo:
-      pack: codeql/csharp-all
-      extensible: summaryModel
-      data:
-        - ["System.Collections.Generic", "IList<>", True, "Insert", "(System.Int32,T)", "", "Argument[1]", "Argument[this].Element", "value", "manual"]
-        - ["System.Linq", "Enumerable", False, "Select<,>", "(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,System.Int32,TResult>)", "", "Argument[0].Element", "Argument[1].Parameter[0]", "value", "manual"]
-```
-one now writes
-```yml
-extensions:
-  - addsTo:
-      pack: codeql/csharp-all
-      extensible: summaryModel
-      data:
-        - ["System.Collections.Generic", "IList<T>", True, "Insert", "(System.Int32,T)", "", "Argument[1]", "Argument[this].Element", "value", "manual"]
-        - ["System.Linq", "Enumerable", False, "Select<TSource,TResult>", "(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,System.Int32,TResult>)", "", "Argument[0].Element", "Argument[1].Parameter[0]", "value", "manual"]
-```

csharp/ql/lib/change-notes/released/0.8.3.md

@@ -1,6 +1,6 @@
----
-category: minorAnalysis
----
+## 0.8.3
+
+### Minor Analysis Improvements
 
 * The predicate `UnboundGeneric::getName` now prints the number of type parameters as a `` `N`` suffix, instead of a `<,...,>` suffix. For example, the unbound generic type
 `System.Collections.Generic.IList<T>` is printed as ``IList`1`` instead of `IList<>`.
@@ -23,3 +23,23 @@ extensions:
       data:
         - ["System.Collections.Generic", "Dictionary<TKey,TValue>", False, "Add", "(System.Collections.Generic.KeyValuePair<TKey,TValue>)", "", "Argument[0].Property[System.Collections.Generic.KeyValuePair`2.Key]", "Argument[this].Element.Property[System.Collections.Generic.KeyValuePair`2.Key]", "value", "manual"]
 ```
+* The models-as-data format for types and methods with type parameters has been changed to include the names of the type parameters. For example, instead of writing
+```yml
+extensions:
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: summaryModel
+      data:
+        - ["System.Collections.Generic", "IList<>", True, "Insert", "(System.Int32,T)", "", "Argument[1]", "Argument[this].Element", "value", "manual"]
+        - ["System.Linq", "Enumerable", False, "Select<,>", "(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,System.Int32,TResult>)", "", "Argument[0].Element", "Argument[1].Parameter[0]", "value", "manual"]
+```
+one now writes
+```yml
+extensions:
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: summaryModel
+      data:
+        - ["System.Collections.Generic", "IList<T>", True, "Insert", "(System.Int32,T)", "", "Argument[1]", "Argument[this].Element", "value", "manual"]
+        - ["System.Linq", "Enumerable", False, "Select<TSource,TResult>", "(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,System.Int32,TResult>)", "", "Argument[0].Element", "Argument[1].Parameter[0]", "value", "manual"]
+```

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.8.3-dev
+version: 0.8.3
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.3
+
+### Minor Analysis Improvements
+
+* CIL extraction is now disabled by default. It is still possible to turn on CIL extraction by setting the `cil` extractor option to `true` or by setting the environment variable `$CODEQL_EXTRACTOR_CSHARP_OPTION_CIL` to `true`. This is the first step towards sun-setting the CIL extractor entirely.
+
 ## 0.8.2
 
 No user-facing changes.

csharp/ql/src/change-notes/released/0.8.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* CIL extraction is now disabled by default. It is still possible to turn on CIL extraction by setting the `cil` extractor option to `true` or by setting the environment variable `$CODEQL_EXTRACTOR_CSHARP_OPTION_CIL` to `true`. This is the first step towards sun-setting the CIL extractor entirely.
+## 0.8.3
+
+### Minor Analysis Improvements
+
+* CIL extraction is now disabled by default. It is still possible to turn on CIL extraction by setting the `cil` extractor option to `true` or by setting the environment variable `$CODEQL_EXTRACTOR_CSHARP_OPTION_CIL` to `true`. This is the first step towards sun-setting the CIL extractor entirely.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.8.3-dev
+version: 0.8.3
 groups:
   - csharp
   - queries

go/ql/consistency-queries/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.2
+
+No user-facing changes.
+
 ## 0.0.1
 
 No user-facing changes.

go/ql/consistency-queries/change-notes/released/0.0.2.md

@@ -0,0 +1,3 @@
+## 0.0.2
+
+No user-facing changes.

go/ql/consistency-queries/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.1
+lastReleaseVersion: 0.0.2

go/ql/consistency-queries/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 0.0.2-dev
+version: 0.0.2
 groups:
   - go
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 0.7.3
+
+### Minor Analysis Improvements
+
+* Added the [gin cors](https://github.com/gin-contrib/cors) library to the CorsMisconfiguration.ql query
+
+### Bug Fixes
+
+* A bug has been fixed that meant that value flow through an array was not tracked correctly in some circumstances. Taint flow was tracked correctly.
+
 ## 0.7.2
 
 ### Minor Analysis Improvements

go/ql/lib/change-notes/2023-10-31-add-gin-cors-framework.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added the [gin cors](https://github.com/gin-contrib/cors) library to the CorsMisconfiguration.ql query

go/ql/lib/change-notes/2023-11-15-bug-fix-value-flow-in-array.md

@@ -1,4 +0,0 @@
----
-category: fix
----
-* A bug has been fixed that meant that value flow through an array was not tracked correctly in some circumstances. Taint flow was tracked correctly.

go/ql/lib/change-notes/released/0.7.3.md

@@ -0,0 +1,9 @@
+## 0.7.3
+
+### Minor Analysis Improvements
+
+* Added the [gin cors](https://github.com/gin-contrib/cors) library to the CorsMisconfiguration.ql query
+
+### Bug Fixes
+
+* A bug has been fixed that meant that value flow through an array was not tracked correctly in some circumstances. Taint flow was tracked correctly.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.2
+lastReleaseVersion: 0.7.3

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.7.3-dev
+version: 0.7.3
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.3
+
+No user-facing changes.
+
 ## 0.7.2
 
 ### Minor Analysis Improvements

go/ql/src/change-notes/released/0.7.3.md

@@ -0,0 +1,3 @@
+## 0.7.3
+
+No user-facing changes.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.2
+lastReleaseVersion: 0.7.3

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.7.3-dev
+version: 0.7.3
 groups:
   - go
   - queries

java/ql/automodel/src/CHANGELOG.md

@@ -1,7 +1,10 @@
-## 0.0.7
+## 0.0.8
 
 No user-facing changes.
 
+## 0.0.7
+
+Support for extracting source candidates.
 ## 0.0.6
 
 No user-facing changes.

java/ql/automodel/src/change-notes/released/0.0.8.md

@@ -0,0 +1,3 @@
+## 0.0.8
+
+No user-facing changes.

java/ql/automodel/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.7
+lastReleaseVersion: 0.0.8

java/ql/automodel/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-automodel-queries
-version: 0.0.8-dev
+version: 0.0.8
 groups:
     - java
     - automodel

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 0.8.3
+
+### Deprecated APIs
+
+* In `SensitiveApi.qll`, `javaApiCallablePasswordParam`, `javaApiCallableUsernameParam`, `javaApiCallableCryptoKeyParam`, and `otherApiCallableCredentialParam` predicates have been deprecated. They have been replaced with a new class `CredentialsSinkNode` and its child classes `PasswordSink`, `UsernameSink`, and `CryptoKeySink`. The predicates have been changed to using the new classes, so there may be minor changes in results relying on these predicates.
+
+### Minor Analysis Improvements
+
+* The types `java.util.SequencedCollection`, `SequencedSet` and `SequencedMap`, as well as the related `Collections.unmodifiableSequenced*` methods are now modelled. This means alerts may be raised relating to data flow through these types and methods.
+
 ## 0.8.2
 
 ### Minor Analysis Improvements

java/ql/lib/change-notes/2023-11-06-jdk21-models.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The types `java.util.SequencedCollection`, `SequencedSet` and `SequencedMap`, as well as the related `Collections.unmodifiableSequenced*` methods are now modelled. This means alerts may be raised relating to data flow through these types and methods.

java/ql/lib/change-notes/released/0.8.3.md

@@ -1,4 +1,9 @@
----
-category: deprecated
----
+## 0.8.3
+
+### Deprecated APIs
+
 * In `SensitiveApi.qll`, `javaApiCallablePasswordParam`, `javaApiCallableUsernameParam`, `javaApiCallableCryptoKeyParam`, and `otherApiCallableCredentialParam` predicates have been deprecated. They have been replaced with a new class `CredentialsSinkNode` and its child classes `PasswordSink`, `UsernameSink`, and `CryptoKeySink`. The predicates have been changed to using the new classes, so there may be minor changes in results relying on these predicates.
+
+### Minor Analysis Improvements
+
+* The types `java.util.SequencedCollection`, `SequencedSet` and `SequencedMap`, as well as the related `Collections.unmodifiableSequenced*` methods are now modelled. This means alerts may be raised relating to data flow through these types and methods.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.8.3-dev
+version: 0.8.3
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.3
+
+### Minor Analysis Improvements
+
+* The query `java/unsafe-deserialization` has been improved to detect insecure calls to `ObjectMessage.getObject` in JMS.
+
 ## 0.8.2
 
 ### Minor Analysis Improvements

java/ql/src/change-notes/released/0.8.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.8.3
+
+### Minor Analysis Improvements
+
 * The query `java/unsafe-deserialization` has been improved to detect insecure calls to `ObjectMessage.getObject` in JMS.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.8.3-dev
+version: 0.8.3
 groups:
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.8.3
+
+No user-facing changes.
+
 ## 0.8.2
 
 No user-facing changes.

javascript/ql/lib/change-notes/released/0.8.3.md

@@ -0,0 +1,3 @@
+## 0.8.3
+
+No user-facing changes.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.8.3-dev
+version: 0.8.3
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.8.3
+
+### Query Metadata Changes
+
+* Lower the severity of log-injection to medium.
+* Increase the severity of XSS to high.
+
 ## 0.8.2
 
 ### Minor Analysis Improvements

javascript/ql/src/change-notes/2023-10-09-adjust-xss-and-log-injection-severity.md

@@ -1,6 +0,0 @@
----
-category: queryMetadata
----
-
-* Lower the severity of log-injection to medium.
-* Increase the severity of XSS to high.

javascript/ql/src/change-notes/released/0.8.3.md

@@ -0,0 +1,6 @@
+## 0.8.3
+
+### Query Metadata Changes
+
+* Lower the severity of log-injection to medium.
+* Increase the severity of XSS to high.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.8.3-dev
+version: 0.8.3
 groups:
   - javascript
   - queries

misc/suite-helpers/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.3
+
+No user-facing changes.
+
 ## 0.7.2
 
 No user-facing changes.

misc/suite-helpers/change-notes/released/0.7.3.md

@@ -0,0 +1,3 @@
+## 0.7.3
+
+No user-facing changes.

misc/suite-helpers/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.2
+lastReleaseVersion: 0.7.3

misc/suite-helpers/qlpack.yml

@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 0.7.3-dev
+version: 0.7.3
 groups: shared
 warnOnImplicitThis: true

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.11.3
+
+### Minor Analysis Improvements
+
+* Added basic flow for attributes defined on classes, when the attribute lookup is on a direct reference to that class (so not instance, cls parameter, or self parameter). Example: class definition `class Foo: my_tuples = (dangerous, safe)` and usage `SINK(Foo.my_tuples[0])`.
+
 ## 0.11.2
 
 ### Minor Analysis Improvements

python/ql/lib/change-notes/released/0.11.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.11.3
+
+### Minor Analysis Improvements
+
 * Added basic flow for attributes defined on classes, when the attribute lookup is on a direct reference to that class (so not instance, cls parameter, or self parameter). Example: class definition `class Foo: my_tuples = (dangerous, safe)` and usage `SINK(Foo.my_tuples[0])`.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.11.2
+lastReleaseVersion: 0.11.3

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.11.3-dev
+version: 0.11.3
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.9.3
+
+### Minor Analysis Improvements
+
+* Added modeling of more `FileSystemAccess` in packages `cherrypy`, `aiofile`, `aiofiles`, `anyio`, `sanic`, `starlette`, `baize`, and `io`. This will mainly affect the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+
 ## 0.9.2
 
 No user-facing changes.

python/ql/src/change-notes/released/0.9.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.9.3
+
+### Minor Analysis Improvements
+
 * Added modeling of more `FileSystemAccess` in packages `cherrypy`, `aiofile`, `aiofiles`, `anyio`, `sanic`, `starlette`, `baize`, and `io`. This will mainly affect the _Uncontrolled data used in path expression_ (`py/path-injection`) query.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.2
+lastReleaseVersion: 0.9.3

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.9.3-dev
+version: 0.9.3
 groups:
   - python
   - queries

ruby/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.8.3
+
+No user-facing changes.
+
 ## 0.8.2
 
 No user-facing changes.

ruby/ql/lib/change-notes/released/0.8.3.md

@@ -0,0 +1,3 @@
+## 0.8.3
+
+No user-facing changes.

ruby/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.8.3-dev
+version: 0.8.3
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.8.3
+
+No user-facing changes.
+
 ## 0.8.2
 
 No user-facing changes.

ruby/ql/src/change-notes/released/0.8.3.md

@@ -0,0 +1,3 @@
+## 0.8.3
+
+No user-facing changes.

ruby/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.2
+lastReleaseVersion: 0.8.3

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.8.3-dev
+version: 0.8.3
 groups:
   - ruby
   - queries

shared/controlflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.1.3
+
+No user-facing changes.
+
 ## 0.1.2
 
 No user-facing changes.

shared/controlflow/change-notes/released/0.1.3.md

@@ -0,0 +1,3 @@
+## 0.1.3
+
+No user-facing changes.

shared/controlflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.2
+lastReleaseVersion: 0.1.3

shared/controlflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/controlflow
-version: 0.1.3-dev
+version: 0.1.3
 groups: shared
 library: true
 dependencies:

shared/dataflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.1.3
+
+No user-facing changes.
+
 ## 0.1.2
 
 ### Bug Fixes

shared/dataflow/change-notes/released/0.1.3.md

@@ -0,0 +1,3 @@
+## 0.1.3
+
+No user-facing changes.

shared/dataflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.2
+lastReleaseVersion: 0.1.3

shared/dataflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/dataflow
-version: 0.1.3-dev
+version: 0.1.3
 groups: shared
 library: true
 dependencies:

shared/mad/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.2.3
+
+No user-facing changes.
+
 ## 0.2.2
 
 No user-facing changes.

shared/mad/change-notes/released/0.2.3.md

@@ -0,0 +1,3 @@
+## 0.2.3
+
+No user-facing changes.

shared/mad/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.2.2
+lastReleaseVersion: 0.2.3

shared/mad/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/mad
-version: 0.2.3-dev
+version: 0.2.3
 groups: shared
 library: true
 dependencies: null

shared/rangeanalysis/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.2
+
+No user-facing changes.
+
 ## 0.0.1
 
 ### Minor Analysis Improvements