diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 162ce6d354b..e80332de277 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,18 @@ +## 0.9.0 + +### Breaking Changes + +* The `shouldPrintFunction` predicate from `PrintAstConfiguration` has been replaced by `shouldPrintDeclaration`. Users should now override `shouldPrintDeclaration` if they want to limit the declarations that should be printed. +* The `shouldPrintFunction` predicate from `PrintIRConfiguration` has been replaced by `shouldPrintDeclaration`. Users should now override `shouldPrintDeclaration` if they want to limit the declarations that should be printed. + +### Major Analysis Improvements + +* The `PrintAST` library now also prints global and namespace variables and their initializers. + +### Minor Analysis Improvements + +* The `_Float128x` type is no longer exposed as a builtin type. As this type could not occur any code base, this should only affect queries that explicitly looked at the builtin types. + ## 0.8.1 ### Deprecated APIs diff --git a/cpp/ql/lib/change-notes/2023-07-20-print-global-variables.md b/cpp/ql/lib/change-notes/2023-07-20-print-global-variables.md deleted file mode 100644 index 95a2a396cbb..00000000000 --- a/cpp/ql/lib/change-notes/2023-07-20-print-global-variables.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* The `PrintAST` library now also prints global and namespace variables and their initializers. diff --git a/cpp/ql/lib/change-notes/2023-08-07-removal-of-float128x.md b/cpp/ql/lib/change-notes/2023-08-07-removal-of-float128x.md deleted file mode 100644 index 1b91bb6ff89..00000000000 --- a/cpp/ql/lib/change-notes/2023-08-07-removal-of-float128x.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `_Float128x` type is no longer exposed as a builtin type. As this type could not occur any code base, this should only affect queries that explicitly looked at the builtin types. diff --git a/cpp/ql/lib/change-notes/2023-07-19-rename-should-print-function.md b/cpp/ql/lib/change-notes/released/0.9.0.md similarity index 54% rename from cpp/ql/lib/change-notes/2023-07-19-rename-should-print-function.md rename to cpp/ql/lib/change-notes/released/0.9.0.md index 61ebd0aab34..eaace2d6e2e 100644 --- a/cpp/ql/lib/change-notes/2023-07-19-rename-should-print-function.md +++ b/cpp/ql/lib/change-notes/released/0.9.0.md @@ -1,5 +1,14 @@ ---- -category: breaking ---- +## 0.9.0 + +### Breaking Changes + * The `shouldPrintFunction` predicate from `PrintAstConfiguration` has been replaced by `shouldPrintDeclaration`. Users should now override `shouldPrintDeclaration` if they want to limit the declarations that should be printed. * The `shouldPrintFunction` predicate from `PrintIRConfiguration` has been replaced by `shouldPrintDeclaration`. Users should now override `shouldPrintDeclaration` if they want to limit the declarations that should be printed. + +### Major Analysis Improvements + +* The `PrintAST` library now also prints global and namespace variables and their initializers. + +### Minor Analysis Improvements + +* The `_Float128x` type is no longer exposed as a builtin type. As this type could not occur any code base, this should only affect queries that explicitly looked at the builtin types. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 2f693f95ba6..8b9fc185202 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.1 +lastReleaseVersion: 0.9.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 39c03fb590b..d35cb193197 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.8.2-dev +version: 0.9.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 3527a0fc497..dd21d08e8c7 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.2 + +No user-facing changes. + ## 0.7.1 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/released/0.7.2.md b/cpp/ql/src/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..8693d609ec7 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.7.2.md @@ -0,0 +1,3 @@ +## 0.7.2 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index b2f91a3ac62..518bf7877cc 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.7.2-dev +version: 0.7.2 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 3de1098514d..1eeadc75491 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.6.2.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.6.2.md new file mode 100644 index 00000000000..bbe3747556f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index ef7a789e0cf..5f5beb68311 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 973c0efd969..4848c59ae3b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.6.2-dev +version: 1.6.2 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 3de1098514d..1eeadc75491 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.6.2.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.6.2.md new file mode 100644 index 00000000000..bbe3747556f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index ef7a789e0cf..5f5beb68311 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 3947c215596..836f625253c 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.6.2-dev +version: 1.6.2 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index b2a792d29a9..7806ffed612 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.2 + +No user-facing changes. + ## 0.7.1 ### New Features diff --git a/csharp/ql/lib/change-notes/released/0.7.2.md b/csharp/ql/lib/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..8693d609ec7 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.7.2.md @@ -0,0 +1,3 @@ +## 0.7.2 + +No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index c50ace576ac..3180b6d3f5d 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.7.2-dev +version: 0.7.2 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 74584ff4772..99b5b5e5c3c 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.2 + +No user-facing changes. + ## 0.7.1 No user-facing changes. diff --git a/csharp/ql/src/change-notes/released/0.7.2.md b/csharp/ql/src/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..8693d609ec7 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.7.2.md @@ -0,0 +1,3 @@ +## 0.7.2 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index e24daa4f9ac..c4ee4a2b229 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.7.2-dev +version: 0.7.2 groups: - csharp - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 92bc9a062ad..7477a48f7b2 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Logrus' `WithContext` methods are no longer treated as if they output the values stored in that context to a log message. + ## 0.6.1 ### New Features diff --git a/go/ql/lib/change-notes/2023-07-28-logrus-with-context.md b/go/ql/lib/change-notes/released/0.6.2.md similarity index 74% rename from go/ql/lib/change-notes/2023-07-28-logrus-with-context.md rename to go/ql/lib/change-notes/released/0.6.2.md index 6417ca2e82a..89ba2910d9d 100644 --- a/go/ql/lib/change-notes/2023-07-28-logrus-with-context.md +++ b/go/ql/lib/change-notes/released/0.6.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + * Logrus' `WithContext` methods are no longer treated as if they output the values stored in that context to a log message. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 7447adf77b3..a39d0b28edd 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.6.2-dev +version: 0.6.2 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index aa3b9019d46..4fd67d3e427 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 No user-facing changes. diff --git a/go/ql/src/change-notes/released/0.6.2.md b/go/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/go/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 078d8f2a4bb..8ac7f37e30c 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.6.2-dev +version: 0.6.2 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index b6315cf80e4..d2f6119868f 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,17 @@ +## 0.7.2 + +### New Features + +* A `Diagnostic.getCompilationInfo()` predicate has been added. + +### Minor Analysis Improvements + +* Fixed a typo in the `StdlibRandomSource` class in `RandomDataSource.qll`, which caused the class to improperly model calls to the `nextBytes` method. Queries relying on `StdlibRandomSource` may see an increase in results. +* Improved the precision of virtual dispatch of `java.io.InputStream` methods. Now, calls to these methods will not dispatch to arbitrary implementations of `InputStream` if there is a high-confidence alternative (like a models-as-data summary). +* Added more dataflow steps for `java.io.InputStream`s that wrap other `java.io.InputStream`s. +* Added models for the Struts 2 framework. +* Improved the modeling of Struts 2 sources of untrusted data by tainting the whole object graph of the objects unmarshaled from an HTTP request. + ## 0.7.1 ### New Features diff --git a/java/ql/lib/change-notes/2023-07-12-add-models-for-struts2-framework.md b/java/ql/lib/change-notes/2023-07-12-add-models-for-struts2-framework.md deleted file mode 100644 index 6b7843357dd..00000000000 --- a/java/ql/lib/change-notes/2023-07-12-add-models-for-struts2-framework.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added models for the Struts 2 framework. - diff --git a/java/ql/lib/change-notes/2023-07-12-improve-sources-for-the-struts2-framework.md b/java/ql/lib/change-notes/2023-07-12-improve-sources-for-the-struts2-framework.md deleted file mode 100644 index 6e81383751f..00000000000 --- a/java/ql/lib/change-notes/2023-07-12-improve-sources-for-the-struts2-framework.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved the modeling of Struts 2 sources of untrusted data by tainting the whole object graph of the objects unmarshaled from an HTTP request. - diff --git a/java/ql/lib/change-notes/2023-07-14-getCompilationInfo.md b/java/ql/lib/change-notes/2023-07-14-getCompilationInfo.md deleted file mode 100644 index bb86f479b3d..00000000000 --- a/java/ql/lib/change-notes/2023-07-14-getCompilationInfo.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A `Diagnostic.getCompilationInfo()` predicate has been added. diff --git a/java/ql/lib/change-notes/2023-07-19-inputstream-dispatch.md b/java/ql/lib/change-notes/2023-07-19-inputstream-dispatch.md deleted file mode 100644 index d093c771d51..00000000000 --- a/java/ql/lib/change-notes/2023-07-19-inputstream-dispatch.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved the precision of virtual dispatch of `java.io.InputStream` methods. Now, calls to these methods will not dispatch to arbitrary implementations of `InputStream` if there is a high-confidence alternative (like a models-as-data summary). - \ No newline at end of file diff --git a/java/ql/lib/change-notes/2023-07-19-inputstream-wrapper-steps.md b/java/ql/lib/change-notes/2023-07-19-inputstream-wrapper-steps.md deleted file mode 100644 index aaeacf93e34..00000000000 --- a/java/ql/lib/change-notes/2023-07-19-inputstream-wrapper-steps.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added more dataflow steps for `java.io.InputStream`s that wrap other `java.io.InputStream`s. diff --git a/java/ql/lib/change-notes/2023-08-07-randomdatasource-typo-fix.md b/java/ql/lib/change-notes/2023-08-07-randomdatasource-typo-fix.md deleted file mode 100644 index 199cd8c1238..00000000000 --- a/java/ql/lib/change-notes/2023-08-07-randomdatasource-typo-fix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed a typo in the `StdlibRandomSource` class in `RandomDataSource.qll`, which caused the class to improperly model calls to the `nextBytes` method. Queries relying on `StdlibRandomSource` may see an increase in results. diff --git a/java/ql/lib/change-notes/released/0.7.2.md b/java/ql/lib/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..1a19854d503 --- /dev/null +++ b/java/ql/lib/change-notes/released/0.7.2.md @@ -0,0 +1,13 @@ +## 0.7.2 + +### New Features + +* A `Diagnostic.getCompilationInfo()` predicate has been added. + +### Minor Analysis Improvements + +* Fixed a typo in the `StdlibRandomSource` class in `RandomDataSource.qll`, which caused the class to improperly model calls to the `nextBytes` method. Queries relying on `StdlibRandomSource` may see an increase in results. +* Improved the precision of virtual dispatch of `java.io.InputStream` methods. Now, calls to these methods will not dispatch to arbitrary implementations of `InputStream` if there is a high-confidence alternative (like a models-as-data summary). +* Added more dataflow steps for `java.io.InputStream`s that wrap other `java.io.InputStream`s. +* Added models for the Struts 2 framework. +* Improved the modeling of Struts 2 sources of untrusted data by tainting the whole object graph of the objects unmarshaled from an HTTP request. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 8b5bd6697c2..666a6240d47 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.7.2-dev +version: 0.7.2 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index d2517609d01..9f6f4717c1f 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.7.2 + +### Minor Analysis Improvements + +* The sanitizer in `java/potentially-weak-cryptographic-algorithm` has been improved, so the query may yield additional results. + ## 0.7.1 ### Minor Analysis Improvements diff --git a/java/ql/src/change-notes/2023-08-01-maybebrokencrypto-barrier.md b/java/ql/src/change-notes/released/0.7.2.md similarity index 75% rename from java/ql/src/change-notes/2023-08-01-maybebrokencrypto-barrier.md rename to java/ql/src/change-notes/released/0.7.2.md index ac24d88d359..98e5f74f27d 100644 --- a/java/ql/src/change-notes/2023-08-01-maybebrokencrypto-barrier.md +++ b/java/ql/src/change-notes/released/0.7.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.7.2 + +### Minor Analysis Improvements + * The sanitizer in `java/potentially-weak-cryptographic-algorithm` has been improved, so the query may yield additional results. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 76f4fcc7797..9eb6c56e6bd 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.7.2-dev +version: 0.7.2 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index ed2b926666e..fcd73315764 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.7.2 + +### Minor Analysis Improvements + +* Added `log-injection` as a customizable sink kind for log injection. + ## 0.7.1 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/2023-07-28-mad-log-injection.md b/javascript/ql/lib/change-notes/released/0.7.2.md similarity index 56% rename from javascript/ql/lib/change-notes/2023-07-28-mad-log-injection.md rename to javascript/ql/lib/change-notes/released/0.7.2.md index 63dba2e4539..3d9ca6e6141 100644 --- a/javascript/ql/lib/change-notes/2023-07-28-mad-log-injection.md +++ b/javascript/ql/lib/change-notes/released/0.7.2.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Added `log-injection` as a customizable sink kind for log injection. \ No newline at end of file +## 0.7.2 + +### Minor Analysis Improvements + +* Added `log-injection` as a customizable sink kind for log injection. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 64ceca80726..16b02fb7423 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.7.2-dev +version: 0.7.2 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 05fd164a7f1..5d62761a097 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.2 + +No user-facing changes. + ## 0.7.1 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/released/0.7.2.md b/javascript/ql/src/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..8693d609ec7 --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.7.2.md @@ -0,0 +1,3 @@ +## 0.7.2 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 52a16265fa7..a521b4b0aef 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.7.2-dev +version: 0.7.2 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index d1c4b5782a9..052852d7899 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.6.2.md b/misc/suite-helpers/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index c59cb02091c..544a95a4dee 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.6.2-dev +version: 0.6.2 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 6c74cee16c1..09e3fb6aa19 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.10.2 + +No user-facing changes. + ## 0.10.1 ### New Features diff --git a/python/ql/lib/change-notes/released/0.10.2.md b/python/ql/lib/change-notes/released/0.10.2.md new file mode 100644 index 00000000000..7d66e65b13a --- /dev/null +++ b/python/ql/lib/change-notes/released/0.10.2.md @@ -0,0 +1,3 @@ +## 0.10.2 + +No user-facing changes. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index af7510b3cd6..f0e1af76699 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.10.1 +lastReleaseVersion: 0.10.2 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 8d8f85f53ac..0c3fb609a22 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.10.2-dev +version: 0.10.2 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 0d2fc2b6968..e09c8527f53 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.2 + +No user-facing changes. + ## 0.8.1 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/released/0.8.2.md b/python/ql/src/change-notes/released/0.8.2.md new file mode 100644 index 00000000000..11c1f6119a5 --- /dev/null +++ b/python/ql/src/change-notes/released/0.8.2.md @@ -0,0 +1,3 @@ +## 0.8.2 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 2f693f95ba6..404110129dc 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.1 +lastReleaseVersion: 0.8.2 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index f54d0ebb998..09b83118847 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.8.2-dev +version: 0.8.2 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 47221ac14e3..0a5357f8df1 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.2 + +No user-facing changes. + ## 0.7.1 ### New Features diff --git a/ruby/ql/lib/change-notes/released/0.7.2.md b/ruby/ql/lib/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..8693d609ec7 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.7.2.md @@ -0,0 +1,3 @@ +## 0.7.2 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 35b4d48f9da..6f6a06a1f31 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.7.2-dev +version: 0.7.2 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index f7af0802f0a..4d7100e2c1d 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.7.2 + +### New Queries + +* Added a new experimental query, `rb/ldap-injection`, to detect cases where user input is incorporated into LDAP queries without proper validation or sanitization, potentially leading to LDAP injection vulnerabilities. + ## 0.7.1 ### New Queries diff --git a/ruby/ql/src/change-notes/2023-05-28-ldap-injection-query.md b/ruby/ql/src/change-notes/released/0.7.2.md similarity index 77% rename from ruby/ql/src/change-notes/2023-05-28-ldap-injection-query.md rename to ruby/ql/src/change-notes/released/0.7.2.md index 1fb43a09fda..8741b19d2c5 100644 --- a/ruby/ql/src/change-notes/2023-05-28-ldap-injection-query.md +++ b/ruby/ql/src/change-notes/released/0.7.2.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- -* Added a new experimental query, `rb/ldap-injection`, to detect cases where user input is incorporated into LDAP queries without proper validation or sanitization, potentially leading to LDAP injection vulnerabilities. \ No newline at end of file +## 0.7.2 + +### New Queries + +* Added a new experimental query, `rb/ldap-injection`, to detect cases where user input is incorporated into LDAP queries without proper validation or sanitization, potentially leading to LDAP injection vulnerabilities. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index ffd639564b5..0f5c23a39da 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.7.2-dev +version: 0.7.2 groups: - ruby - queries diff --git a/shared/controlflow/change-notes/2023-06-27-initial-version.md b/shared/controlflow/CHANGELOG.md similarity index 61% rename from shared/controlflow/change-notes/2023-06-27-initial-version.md rename to shared/controlflow/CHANGELOG.md index cd1e9b5c3d1..21f862198c9 100644 --- a/shared/controlflow/change-notes/2023-06-27-initial-version.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,4 +1,5 @@ ---- -category: majorAnalysis ---- +## 0.0.1 + +### Major Analysis Improvements + * Initial release. Adds a shared library for control flow analyses. diff --git a/shared/controlflow/change-notes/released/0.0.1.md b/shared/controlflow/change-notes/released/0.0.1.md new file mode 100644 index 00000000000..21f862198c9 --- /dev/null +++ b/shared/controlflow/change-notes/released/0.0.1.md @@ -0,0 +1,5 @@ +## 0.0.1 + +### Major Analysis Improvements + +* Initial release. Adds a shared library for control flow analyses. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml new file mode 100644 index 00000000000..c6933410b71 --- /dev/null +++ b/shared/controlflow/codeql-pack.release.yml @@ -0,0 +1,2 @@ +--- +lastReleaseVersion: 0.0.1 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 24308d7d0cf..ce3dd39e158 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.0.1-dev +version: 0.0.1 groups: shared library: true dependencies: diff --git a/shared/dataflow/change-notes/2023-08-02-dataflow-isSink.md b/shared/dataflow/CHANGELOG.md similarity index 50% rename from shared/dataflow/change-notes/2023-08-02-dataflow-isSink.md rename to shared/dataflow/CHANGELOG.md index 6c2c0fc1225..8510e78ec2c 100644 --- a/shared/dataflow/change-notes/2023-08-02-dataflow-isSink.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,4 +1,9 @@ ---- -category: feature ---- -* The `StateConfigSig` signature now supports a unary `isSink` predicate that does not specify the `FlowState` for which the given node is a sink. Instead, any `FlowState` is considered a valid `FlowState` for such a sink. \ No newline at end of file +## 0.0.1 + +### New Features + +* The `StateConfigSig` signature now supports a unary `isSink` predicate that does not specify the `FlowState` for which the given node is a sink. Instead, any `FlowState` is considered a valid `FlowState` for such a sink. + +### Minor Analysis Improvements + +* Initial release. Moves the shared inter-procedural data-flow library into its own qlpack. diff --git a/shared/dataflow/change-notes/2023-08-02-dataflow-initial.md b/shared/dataflow/change-notes/2023-08-02-dataflow-initial.md deleted file mode 100644 index 7e3a51cba8f..00000000000 --- a/shared/dataflow/change-notes/2023-08-02-dataflow-initial.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Initial release. Moves the shared inter-procedural data-flow library into its own qlpack. diff --git a/shared/dataflow/change-notes/released/0.0.1.md b/shared/dataflow/change-notes/released/0.0.1.md new file mode 100644 index 00000000000..8510e78ec2c --- /dev/null +++ b/shared/dataflow/change-notes/released/0.0.1.md @@ -0,0 +1,9 @@ +## 0.0.1 + +### New Features + +* The `StateConfigSig` signature now supports a unary `isSink` predicate that does not specify the `FlowState` for which the given node is a sink. Instead, any `FlowState` is considered a valid `FlowState` for such a sink. + +### Minor Analysis Improvements + +* Initial release. Moves the shared inter-procedural data-flow library into its own qlpack. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml new file mode 100644 index 00000000000..c6933410b71 --- /dev/null +++ b/shared/dataflow/codeql-pack.release.yml @@ -0,0 +1,2 @@ +--- +lastReleaseVersion: 0.0.1 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 5ed99b579c9..f8c2322f6a1 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.0.1-dev +version: 0.0.1 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 5712c750565..ea8b30ac3fe 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.1.2.md b/shared/mad/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/mad/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index df4e00b59fc..09aa43faace 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 932a90a2b80..f81edeca8d2 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.1.2.md b/shared/regex/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/regex/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 7af709c09df..0e13edaa72f 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index df49982f4bd..f4d3b9239cb 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.1.2.md b/shared/ssa/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/ssa/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index db8deef4bbb..b3fe99ea4d4 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 01dff93e6be..77ce73b6acc 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.1.2.md b/shared/tutorial/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/tutorial/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index ac12902a7f4..6f28eac2fd6 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 84420295d07..e5bed327a86 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.1.2.md b/shared/typetracking/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/typetracking/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 94e654c4d37..a8b6c849241 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index da65658ea76..66d8aacf9d8 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.1.2.md b/shared/typos/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/typos/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 6f3076ec2d9..2ffa8ea0a02 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index e90bdd0f977..3faa7e80d47 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 ### Deprecated APIs diff --git a/shared/util/change-notes/released/0.1.2.md b/shared/util/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/util/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 0fa6d93943c..df2c69035f6 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 84397a7f5ef..96f1fbefd02 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.2 + +No user-facing changes. + ## 0.1.1 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.1.2.md b/shared/yaml/change-notes/released/0.1.2.md new file mode 100644 index 00000000000..9b0e2e7d717 --- /dev/null +++ b/shared/yaml/change-notes/released/0.1.2.md @@ -0,0 +1,3 @@ +## 0.1.2 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 92d1505475f..6abd14b1ef8 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.1 +lastReleaseVersion: 0.1.2 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index f6550d5ac1d..6a0bdf13d9c 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.1.2-dev +version: 0.1.2 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 433d053b3ab..1f8dabee28d 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,15 @@ +## 0.2.2 + +### Major Analysis Improvements + +* Added `DataFlow::ArrayContent`, which will provide more accurate flow through arrays. + +### Minor Analysis Improvements + +* Flow through forced optional unwrapping (`!`) is modelled more accurately. +* Added flow models for `Sequence.withContiguousStorageIfAvailable`. +* Added taint flow for `NSUserActivity.referrerURL`. + ## 0.2.1 ### New Features diff --git a/swift/ql/lib/change-notes/2023-07-17-nsuseractivity-referrer-url.md b/swift/ql/lib/change-notes/2023-07-17-nsuseractivity-referrer-url.md deleted file mode 100644 index 03e90b39c05..00000000000 --- a/swift/ql/lib/change-notes/2023-07-17-nsuseractivity-referrer-url.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Added taint flow for `NSUserActivity.referrerURL`. diff --git a/swift/ql/lib/change-notes/2023-07-18-array-content.md b/swift/ql/lib/change-notes/2023-07-18-array-content.md deleted file mode 100644 index 6b4e081e93f..00000000000 --- a/swift/ql/lib/change-notes/2023-07-18-array-content.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Added `DataFlow::ArrayContent`, which will provide more accurate flow through arrays. \ No newline at end of file diff --git a/swift/ql/lib/change-notes/2023-07-24-forced-unwrap.md b/swift/ql/lib/change-notes/2023-07-24-forced-unwrap.md deleted file mode 100644 index 37d785cd68a..00000000000 --- a/swift/ql/lib/change-notes/2023-07-24-forced-unwrap.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Flow through forced optional unwrapping (`!`) is modelled more accurately. diff --git a/swift/ql/lib/change-notes/2023-07-24-with-contiguous-storage.md b/swift/ql/lib/change-notes/2023-07-24-with-contiguous-storage.md deleted file mode 100644 index 01326fba6b9..00000000000 --- a/swift/ql/lib/change-notes/2023-07-24-with-contiguous-storage.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Added flow models for `Sequence.withContiguousStorageIfAvailable`. diff --git a/swift/ql/lib/change-notes/released/0.2.2.md b/swift/ql/lib/change-notes/released/0.2.2.md new file mode 100644 index 00000000000..9ffc9a4d3e8 --- /dev/null +++ b/swift/ql/lib/change-notes/released/0.2.2.md @@ -0,0 +1,11 @@ +## 0.2.2 + +### Major Analysis Improvements + +* Added `DataFlow::ArrayContent`, which will provide more accurate flow through arrays. + +### Minor Analysis Improvements + +* Flow through forced optional unwrapping (`!`) is modelled more accurately. +* Added flow models for `Sequence.withContiguousStorageIfAvailable`. +* Added taint flow for `NSUserActivity.referrerURL`. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index df29a726bcc..16a06790aa8 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.1 +lastReleaseVersion: 0.2.2 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index a81fc7d2c5c..1cc6baf95c8 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.2.2-dev +version: 0.2.2 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 00033599985..115a2266f1e 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.2.2 + +### New Queries + +* Added new query "Command injection" (`swift/command-line-injection`). The query finds places where user input is used to execute system commands without proper escaping. +* Added new query "Bad HTML filtering regexp" (`swift/bad-tag-filter`). This query finds regular expressions that match HTML tags in a way that is not robust and can easily lead to security issues. + ## 0.2.1 ### New Queries diff --git a/swift/ql/src/change-notes/2023-06-23-bad-tag-filter-query.md b/swift/ql/src/change-notes/2023-06-23-bad-tag-filter-query.md deleted file mode 100644 index 9498212d4fd..00000000000 --- a/swift/ql/src/change-notes/2023-06-23-bad-tag-filter-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added new query "Bad HTML filtering regexp" (`swift/bad-tag-filter`). This query finds regular expressions that match HTML tags in a way that is not robust and can easily lead to security issues. diff --git a/swift/ql/src/change-notes/2023-07-12-command-injection.md b/swift/ql/src/change-notes/2023-07-12-command-injection.md deleted file mode 100644 index 2befc7592b9..00000000000 --- a/swift/ql/src/change-notes/2023-07-12-command-injection.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added new query "Command injection" (`swift/command-line-injection`). The query finds places where user input is used to execute system commands without proper escaping. \ No newline at end of file diff --git a/swift/ql/src/change-notes/released/0.2.2.md b/swift/ql/src/change-notes/released/0.2.2.md new file mode 100644 index 00000000000..7735974176e --- /dev/null +++ b/swift/ql/src/change-notes/released/0.2.2.md @@ -0,0 +1,6 @@ +## 0.2.2 + +### New Queries + +* Added new query "Command injection" (`swift/command-line-injection`). The query finds places where user input is used to execute system commands without proper escaping. +* Added new query "Bad HTML filtering regexp" (`swift/bad-tag-filter`). This query finds regular expressions that match HTML tags in a way that is not robust and can easily lead to security issues. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index df29a726bcc..16a06790aa8 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.1 +lastReleaseVersion: 0.2.2 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 1c417508d2f..05152677233 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.2.2-dev +version: 0.2.2 groups: - swift - queries