mirror of
https://github.com/github/codeql.git
synced 2026-04-08 00:24:03 +02:00
Merge pull request #16365 from github/post-release-prep/codeql-cli-2.17.2
Post-release preparation for codeql-cli-2.17.2
This commit is contained in:
Henry Mercer
@@ -1,3 +1,20 @@
|
||||
## 0.13.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `GlobalValueNumberingImpl.qll` implementation.
|
||||
|
||||
### New Features
|
||||
|
||||
* Models-as-Data support has been added for C/C++. This feature allows flow sources, sinks and summaries to be expressed in compact strings as an alternative to modelling each source / sink / summary with explicit QL. See `dataflow/ExternalFlow.qll` for documentation and specification of the model format, and `models/implementations/ZMQ.qll` for a simple example of models. Importing models from `.yml` is not yet supported.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Source models have been added for the standard library function `getc` (and variations).
|
||||
* Source, sink and flow models for the ZeroMQ (ZMQ) networking library have been added.
|
||||
* Parameters of functions without definitions now have `ParameterNode`s.
|
||||
* The alias analysis used internally by various libraries has been improved to answer alias questions more conservatively. As a result, some queries may report fewer false positives.
|
||||
|
||||
## 0.12.11
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The alias analysis used internally by various libraries has been improved to answer alias questions more conservatively. As a result, some queries may report fewer false positives.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Parameters of functions without definitions now have `ParameterNode`s.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* Deleted the deprecated `GlobalValueNumberingImpl.qll` implementation.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Source models have been added for the standard library function `getc` (and variations).
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Models-as-Data support has been added for C/C++. This feature allows flow sources, sinks and summaries to be expressed in compact strings as an alternative to modelling each source / sink / summary with explicit QL. See `dataflow/ExternalFlow.qll` for documentation and specification of the model format, and `models/implementations/ZMQ.qll` for a simple example of models. Importing models from `.yml` is not yet supported.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Source, sink and flow models for the ZeroMQ (ZMQ) networking library have been added.
|
||||
16
cpp/ql/lib/change-notes/released/0.13.0.md
Normal file
16
cpp/ql/lib/change-notes/released/0.13.0.md
Normal file
@@ -0,0 +1,16 @@
|
||||
## 0.13.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `GlobalValueNumberingImpl.qll` implementation.
|
||||
|
||||
### New Features
|
||||
|
||||
* Models-as-Data support has been added for C/C++. This feature allows flow sources, sinks and summaries to be expressed in compact strings as an alternative to modelling each source / sink / summary with explicit QL. See `dataflow/ExternalFlow.qll` for documentation and specification of the model format, and `models/implementations/ZMQ.qll` for a simple example of models. Importing models from `.yml` is not yet supported.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Source models have been added for the standard library function `getc` (and variations).
|
||||
* Source, sink and flow models for the ZeroMQ (ZMQ) networking library have been added.
|
||||
* Parameters of functions without definitions now have `ParameterNode`s.
|
||||
* The alias analysis used internally by various libraries has been improved to answer alias questions more conservatively. As a result, some queries may report fewer false positives.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.12.11
|
||||
lastReleaseVersion: 0.13.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 0.12.12-dev
|
||||
version: 0.13.1-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -1,3 +1,11 @@
|
||||
## 0.9.11
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The "Uncontrolled data used in path expression" query (`cpp/path-injection`) query produces fewer near-duplicate results.
|
||||
* The "Global variable may be used before initialization" query (`cpp/global-use-before-init`) no longer raises an alert on global variables that are initialized when they are declared.
|
||||
* The "Inconsistent null check of pointer" query (`cpp/inconsistent-nullness-testing`) query no longer raises an alert when the guarded check is in a macro expansion.
|
||||
|
||||
## 0.9.10
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The "Uncontrolled data used in path expression" query (`cpp/path-injection`) query produces fewer near-duplicate results.
|
||||
@@ -1,5 +1,7 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.9.11
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The "Uncontrolled data used in path expression" query (`cpp/path-injection`) query produces fewer near-duplicate results.
|
||||
* The "Global variable may be used before initialization" query (`cpp/global-use-before-init`) no longer raises an alert on global variables that are initialized when they are declared.
|
||||
* The "Inconsistent null check of pointer" query (`cpp/inconsistent-nullness-testing`) query no longer raises an alert when the guarded check is in a macro expansion.
|
||||
* The "Inconsistent null check of pointer" query (`cpp/inconsistent-nullness-testing`) query no longer raises an alert when the guarded check is in a macro expansion.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.9.10
|
||||
lastReleaseVersion: 0.9.11
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 0.9.11-dev
|
||||
version: 0.9.12-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.14
|
||||
lastReleaseVersion: 1.7.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.15-dev
|
||||
version: 1.7.16-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.14
|
||||
lastReleaseVersion: 1.7.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.15-dev
|
||||
version: 1.7.16-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,15 @@
|
||||
## 0.10.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `getAssemblyName` predicate from the `Operator` class. Use `getFunctionName` instead.
|
||||
* Deleted the deprecated `LShiftOperator`, `RShiftOperator`, `AssignLShiftExpr`, `AssignRShiftExpr`, `LShiftExpr`, and `RShiftExpr` aliases.
|
||||
* Deleted the deprecated `getCallableDescription` predicate from the `ExternalApiDataNode` class. Use `hasQualifiedName` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Generated .NET Runtime models for properties with both getters and setters have been removed as this is now handled by the data flow library.
|
||||
|
||||
## 0.9.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Generated .NET Runtime models for properties with both getters and setters have been removed as this is now handled by the data flow library.
|
||||
@@ -1,6 +1,11 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
## 0.10.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `getAssemblyName` predicate from the `Operator` class. Use `getFunctionName` instead.
|
||||
* Deleted the deprecated `LShiftOperator`, `RShiftOperator`, `AssignLShiftExpr`, `AssignRShiftExpr`, `LShiftExpr`, and `RShiftExpr` aliases.
|
||||
* Deleted the deprecated `getCallableDescription` predicate from the `ExternalApiDataNode` class. Use `hasQualifiedName` instead.
|
||||
* Deleted the deprecated `getCallableDescription` predicate from the `ExternalApiDataNode` class. Use `hasQualifiedName` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Generated .NET Runtime models for properties with both getters and setters have been removed as this is now handled by the data flow library.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.9.1
|
||||
lastReleaseVersion: 0.10.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 0.9.2-dev
|
||||
version: 0.10.1-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.8.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.8.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
csharp/ql/src/change-notes/released/0.8.15.md
Normal file
3
csharp/ql/src/change-notes/released/0.8.15.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.8.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.14
|
||||
lastReleaseVersion: 0.8.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 0.8.15-dev
|
||||
version: 0.8.16-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.0.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.0.13
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 0.0.14
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.0.13
|
||||
lastReleaseVersion: 0.0.14
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 0.0.14-dev
|
||||
version: 0.0.15-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,14 @@
|
||||
## 0.8.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `CsvRemoteSource` alias. Use `MaDRemoteSource` instead.
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* To make Go consistent with other language libraries, the `UntrustedFlowSource` name has been deprecated throughout. Use `RemoteFlowSource` instead, which replaces it.
|
||||
* Where modules have classes named `UntrustedFlowAsSource`, these are also deprecated and the `Source` class in the same module or the `RemoteFlowSource` class should be used instead.
|
||||
|
||||
## 0.7.14
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* Deleted the deprecated `CsvRemoteSource` alias. Use `MaDRemoteSource` instead.
|
||||
@@ -1,5 +1,10 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
## 0.8.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `CsvRemoteSource` alias. Use `MaDRemoteSource` instead.
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* To make Go consistent with other language libraries, the `UntrustedFlowSource` name has been deprecated throughout. Use `RemoteFlowSource` instead, which replaces it.
|
||||
* Where modules have classes named `UntrustedFlowAsSource`, these are also deprecated and the `Source` class in the same module or the `RemoteFlowSource` class should be used instead.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.7.14
|
||||
lastReleaseVersion: 0.8.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 0.7.15-dev
|
||||
version: 0.8.1-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
## 0.7.15
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The query `go/incomplete-hostname-regexp` now recognizes more sources involving concatenation of string literals and also follows flow through string concatenation. This may lead to more alerts.
|
||||
* Added some more barriers to flow for `go/incorrect-integer-conversion` to reduce false positives, especially around type switches.
|
||||
|
||||
## 0.7.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added some more barriers to flow for `go/incorrect-integer-conversion` to reduce false positives, especially around type switches.
|
||||
@@ -1,4 +1,6 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.7.15
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The query `go/incomplete-hostname-regexp` now recognizes more sources involving concatenation of string literals and also follows flow through string concatenation. This may lead to more alerts.
|
||||
* Added some more barriers to flow for `go/incorrect-integer-conversion` to reduce false positives, especially around type switches.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.7.14
|
||||
lastReleaseVersion: 0.7.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 0.7.15-dev
|
||||
version: 0.7.16-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.0.22
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.0.21
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
java/ql/automodel/src/change-notes/released/0.0.22.md
Normal file
3
java/ql/automodel/src/change-notes/released/0.0.22.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.0.22
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.0.21
|
||||
lastReleaseVersion: 0.0.22
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-automodel-queries
|
||||
version: 0.0.22-dev
|
||||
version: 0.0.23-dev
|
||||
groups:
|
||||
- java
|
||||
- automodel
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.10.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `AssignLShiftExpr`, `AssignRShiftExpr`, `AssignURShiftExpr`, `LShiftExpr`, `RShiftExpr`, and `URShiftExpr` aliases.
|
||||
|
||||
## 0.9.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
## 0.10.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `AssignLShiftExpr`, `AssignRShiftExpr`, `AssignURShiftExpr`, `LShiftExpr`, `RShiftExpr`, and `URShiftExpr` aliases.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.9.1
|
||||
lastReleaseVersion: 0.10.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 0.9.2-dev
|
||||
version: 0.10.1-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.8.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.8.14
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
3
java/ql/src/change-notes/released/0.8.15.md
Normal file
3
java/ql/src/change-notes/released/0.8.15.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.8.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.14
|
||||
lastReleaseVersion: 0.8.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 0.8.15-dev
|
||||
version: 0.8.16-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,15 @@
|
||||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `getInput` predicate from the `CryptographicOperation` class. Use `getAnInput` instead.
|
||||
* Deleted the deprecated `RegExpPatterns` module from `Regexp.qll`.
|
||||
* Deleted the deprecated `semmle/javascript/security/BadTagFilterQuery.qll`, `semmle/javascript/security/OverlyLargeRangeQuery.qll`, `semmle/javascript/security/regexp/RegexpMatching.qll`, and `Security/CWE-020/HostnameRegexpShared.qll` files.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Improved detection of whether a file uses CommonJS module system.
|
||||
|
||||
## 0.8.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved detection of whether a file uses CommonJS module system.
|
||||
@@ -1,6 +1,11 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `getInput` predicate from the `CryptographicOperation` class. Use `getAnInput` instead.
|
||||
* Deleted the deprecated `RegExpPatterns` module from `Regexp.qll`.
|
||||
* Deleted the deprecated `semmle/javascript/security/BadTagFilterQuery.qll`, `semmle/javascript/security/OverlyLargeRangeQuery.qll`, `semmle/javascript/security/regexp/RegexpMatching.qll`, and `Security/CWE-020/HostnameRegexpShared.qll` files.
|
||||
* Deleted the deprecated `semmle/javascript/security/BadTagFilterQuery.qll`, `semmle/javascript/security/OverlyLargeRangeQuery.qll`, `semmle/javascript/security/regexp/RegexpMatching.qll`, and `Security/CWE-020/HostnameRegexpShared.qll` files.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Improved detection of whether a file uses CommonJS module system.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.14
|
||||
lastReleaseVersion: 0.9.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 0.8.15-dev
|
||||
version: 0.9.1-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -1,3 +1,12 @@
|
||||
## 0.8.15
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The JavaScript extractor will on longer report syntax errors related to "strict mode".
|
||||
Files containing such errors are now being fully analyzed along with other sources files.
|
||||
This improves our support for source files that technically break the "strict mode" rules,
|
||||
but where a build steps transforms the code such that it ends up working at runtime.
|
||||
|
||||
## 0.8.14
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.8.15
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The JavaScript extractor will on longer report syntax errors related to "strict mode".
|
||||
Files containing such errors are now being fully analyzed along with other sources files.
|
||||
This improves our support for source files that technically break the "strict mode" rules,
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.14
|
||||
lastReleaseVersion: 0.8.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 0.8.15-dev
|
||||
version: 0.8.16-dev
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.7.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.7.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
misc/suite-helpers/change-notes/released/0.7.15.md
Normal file
3
misc/suite-helpers/change-notes/released/0.7.15.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.7.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.7.14
|
||||
lastReleaseVersion: 0.7.15
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
name: codeql/suite-helpers
|
||||
version: 0.7.15-dev
|
||||
version: 0.7.16-dev
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
||||
@@ -1,3 +1,14 @@
|
||||
## 0.12.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `RegExpPatterns` module from `Regexp.qll`.
|
||||
* Deleted the deprecated `Security/CWE-020/HostnameRegexpShared.qll` file.
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
- Renamed the `StrConst` class to `StringLiteral`, for greater consistency with other languages. The `StrConst` and `Str` classes are now deprecated and will be removed in a future release.
|
||||
|
||||
## 0.11.14
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
|
||||
- Renamed the `StrConst` class to `StringLiteral`, for greater consistency with other languages. The `StrConst` and `Str` classes are now deprecated and will be removed in a future release.
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* Deleted the deprecated `RegExpPatterns` module from `Regexp.qll`.
|
||||
* Deleted the deprecated `Security/CWE-020/HostnameRegexpShared.qll` file.
|
||||
10
python/ql/lib/change-notes/released/0.12.0.md
Normal file
10
python/ql/lib/change-notes/released/0.12.0.md
Normal file
@@ -0,0 +1,10 @@
|
||||
## 0.12.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `RegExpPatterns` module from `Regexp.qll`.
|
||||
* Deleted the deprecated `Security/CWE-020/HostnameRegexpShared.qll` file.
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
- Renamed the `StrConst` class to `StringLiteral`, for greater consistency with other languages. The `StrConst` and `Str` classes are now deprecated and will be removed in a future release.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.11.14
|
||||
lastReleaseVersion: 0.12.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-all
|
||||
version: 0.11.15-dev
|
||||
version: 0.12.1-dev
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.9.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.9.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
python/ql/src/change-notes/released/0.9.15.md
Normal file
3
python/ql/src/change-notes/released/0.9.15.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.9.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.9.14
|
||||
lastReleaseVersion: 0.9.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-queries
|
||||
version: 0.9.15-dev
|
||||
version: 0.9.16-dev
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `RegExpPatterns` module from `Regexp.qll`.
|
||||
* Deleted the deprecated `security/cwe-020/HostnameRegexpShared.qll` file.
|
||||
|
||||
## 0.8.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `RegExpPatterns` module from `Regexp.qll`.
|
||||
* Deleted the deprecated `security/cwe-020/HostnameRegexpShared.qll` file.
|
||||
* Deleted the deprecated `security/cwe-020/HostnameRegexpShared.qll` file.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.14
|
||||
lastReleaseVersion: 0.9.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-all
|
||||
version: 0.8.15-dev
|
||||
version: 0.9.1-dev
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.8.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.8.14
|
||||
|
||||
### New Queries
|
||||
|
||||
3
ruby/ql/src/change-notes/released/0.8.15.md
Normal file
3
ruby/ql/src/change-notes/released/0.8.15.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.8.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.14
|
||||
lastReleaseVersion: 0.8.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-queries
|
||||
version: 0.8.15-dev
|
||||
version: 0.8.16-dev
|
||||
groups:
|
||||
- ruby
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.1.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.1.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
shared/controlflow/change-notes/released/0.1.15.md
Normal file
3
shared/controlflow/change-notes/released/0.1.15.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.1.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.1.14
|
||||
lastReleaseVersion: 0.1.15
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/controlflow
|
||||
version: 0.1.15-dev
|
||||
version: 0.1.16-dev
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.2.6
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* The data flow library performs heuristic filtering of code paths that have a high degree of control-flow uncertainty for improved performance in cases that are deemed unlikely to yield true positive flow paths. This filtering can be controlled with the `fieldFlowBranchLimit` predicate in configurations. Two bugs have been fixed in relation to this: Some cases of high uncertainty were not being correctly identified. This fix improves performance in certain scenarios. Another group of cases of low uncertainty were also being misidentified, which led to false negatives. Taken together, we generally expect some additional query results with more true positives and fewer false positives.
|
||||
|
||||
## 0.2.5
|
||||
|
||||
### New Features
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
## 0.2.6
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* The data flow library performs heuristic filtering of code paths that have a high degree of control-flow uncertainty for improved performance in cases that are deemed unlikely to yield true positive flow paths. This filtering can be controlled with the `fieldFlowBranchLimit` predicate in configurations. Two bugs have been fixed in relation to this: Some cases of high uncertainty were not being correctly identified. This fix improves performance in certain scenarios. Another group of cases of low uncertainty were also being misidentified, which led to false negatives. Taken together, we generally expect some additional query results with more true positives and fewer false positives.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.2.5
|
||||
lastReleaseVersion: 0.2.6
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/dataflow
|
||||
version: 0.2.6-dev
|
||||
version: 0.2.7-dev
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.2.15
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.2.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
shared/mad/change-notes/released/0.2.15.md
Normal file
3
shared/mad/change-notes/released/0.2.15.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.2.15
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.2.14
|
||||
lastReleaseVersion: 0.2.15
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user