Release preparation for version 2.20.5

2026-04-26 09:15:12 +02:00 · 2025-02-17 16:55:54 +00:00
parent 7fa41c438f
commit 6f4562f3bd
163 changed files with 450 additions and 159 deletions
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,3 +1,15 @@
+## 1.4.1
+
+### Bug Fixes
+
+* Fixed a recently-introduced bug that prevented taint tracking through `URLSearchParams` objects.
+  The original behaviour has been restored and taint should once again be tracked through such objects.
+* Fixed a rare issue that would occur when a function declaration inside a block statement was referenced before it was declared.
+  Such code is reliant on legacy web semantics, which is non-standard but nevertheless implemented by most engines.
+  CodeQL now takes legacy web semantics into account and resolves references to these functions correctly.
+* Fixed a bug that would cause parse errors in `.jsx` files in rare cases where the file
+  contained syntax that was misinterpreted as Flow syntax.
+
 ## 1.4.0

 ### Major Analysis Improvements
--- a/javascript/ql/src/change-notes/2025-02-04-jsx-parser-first-attempt.md
+++ b/javascript/ql/src/change-notes/2025-02-04-jsx-parser-first-attempt.md
@@ -1,5 +0,0 @@
---
-category: fix
---
-* Fixed a bug that would cause parse errors in `.jsx` files in rare cases where the file
-  contained syntax that was misinterpreted as Flow syntax.
--- a/javascript/ql/src/change-notes/2025-02-06-hoist-in-block.md
+++ b/javascript/ql/src/change-notes/2025-02-06-hoist-in-block.md
@@ -1,6 +0,0 @@
---
-category: fix
---
-* Fixed a rare issue that would occur when a function declaration inside a block statement was referenced before it was declared.
-  Such code is reliant on legacy web semantics, which is non-standard but nevertheless implemented by most engines.
-  CodeQL now takes legacy web semantics into account and resolves references to these functions correctly.
--- a/javascript/ql/src/change-notes/2025-02-13-url-search-params.md
+++ b/javascript/ql/src/change-notes/2025-02-13-url-search-params.md
@@ -1,5 +0,0 @@
---
-category: fix
---
-* Fixed a recently-introduced bug that prevented taint tracking through `URLSearchParams` objects.
-  The original behaviour has been restored and taint should once again be tracked through such objects.
--- a/javascript/ql/src/change-notes/released/1.4.1.md
+++ b/javascript/ql/src/change-notes/released/1.4.1.md
@@ -0,0 +1,11 @@
+## 1.4.1
+
+### Bug Fixes
+
+* Fixed a recently-introduced bug that prevented taint tracking through `URLSearchParams` objects.
+  The original behaviour has been restored and taint should once again be tracked through such objects.
+* Fixed a rare issue that would occur when a function declaration inside a block statement was referenced before it was declared.
+  Such code is reliant on legacy web semantics, which is non-standard but nevertheless implemented by most engines.
+  CodeQL now takes legacy web semantics into account and resolves references to these functions correctly.
+* Fixed a bug that would cause parse errors in `.jsx` files in rare cases where the file
+  contained syntax that was misinterpreted as Flow syntax.
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.0
+lastReleaseVersion: 1.4.1
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 1.4.1-dev
+version: 1.4.1
 groups:
  - javascript
  - queries