Merge pull request #21401 from github/release-prep/2.24.3

Release preparation for version 2.24.3

actions/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.29
+
+No user-facing changes.
+
 ## 0.4.28
 
 No user-facing changes.

actions/ql/lib/change-notes/released/0.4.29.md

@@ -0,0 +1,3 @@
+## 0.4.29
+
+No user-facing changes.

actions/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.28
+lastReleaseVersion: 0.4.29

actions/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.29-dev
+version: 0.4.29
 library: true
 warnOnImplicitThis: true
 dependencies:

actions/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.6.21
+
+No user-facing changes.
+
 ## 0.6.20
 
 No user-facing changes.

actions/ql/src/change-notes/released/0.6.21.md

@@ -0,0 +1,3 @@
+## 0.6.21
+
+No user-facing changes.

actions/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.20
+lastReleaseVersion: 0.6.21

actions/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.6.21-dev
+version: 0.6.21
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,18 @@
+## 8.0.0
+
+### Breaking Changes
+
+* CodeQL version 2.24.2 accidentally introduced a syntactical breaking change to `BarrierGuard<...>::getAnIndirectBarrierNode` and `InstructionBarrierGuard<...>::getAnIndirectBarrierNode`. These breaking changes have now been reverted so that the original code compiles again.
+* `MustFlow`, the inter-procedural must-flow data flow analysis library, has been re-worked to use parameterized modules. Like in the case of data flow and taint tracking, instead of extending the `MustFlowConfiguration` class, the user should now implement a module with the `MustFlow::ConfigSig` signature, and instantiate the `MustFlow::Global` parameterized module with the implemented module.
+
+### Minor Analysis Improvements
+
+* Refactored the "Year field changed using an arithmetic operation without checking for leap year" query (`cpp/leap-year/unchecked-after-arithmetic-year-modification`) to address large numbers of false positive results.
+
+### Bug Fixes
+
+* The `allowInterproceduralFlow` predicate of must-flow data flow configurations now correctly handles direct recursion.
+
 ## 7.1.1
 
 ### Minor Analysis Improvements

cpp/ql/lib/change-notes/2026-02-06-UncheckedLeapYearAfterModification_Refactor.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Refactored the "Year field changed using an arithmetic operation without checking for leap year" query (`cpp/leap-year/unchecked-after-arithmetic-year-modification`) to address large numbers of false positive results.

cpp/ql/lib/change-notes/2026-02-14-must-flow-fix.md

@@ -1,4 +0,0 @@
----
-category: fix
----
-* The `allowInterproceduralFlow` predicate of must-flow data flow configurations now correctly handles direct recursion.

cpp/ql/lib/change-notes/2026-02-14-must-flow.md

@@ -1,4 +0,0 @@
----
-category: breaking
----
-* `MustFlow`, the inter-procedural must-flow data flow analysis library, has been re-worked to use parameterized modules. Like in the case of data flow and taint tracking, instead of extending the `MustFlowConfiguration` class, the user should now implement a module with the `MustFlow::ConfigSig` signature, and instantiate the `MustFlow::Global` parameterized module with the implemented module.

cpp/ql/lib/change-notes/2026-02-24-barrier-guards.md

@@ -1,4 +0,0 @@
----
-category: breaking
----
-* CodeQL version 2.24.2 accidentially introduced a syntactical breaking change to `BarrierGuard<...>::getAnIndirectBarrierNode` and `InstructionBarrierGuard<...>::getAnIndirectBarrierNode`. These breaking changes have now been reverted so that the original code compiles again.

cpp/ql/lib/change-notes/released/8.0.0.md

@@ -0,0 +1,14 @@
+## 8.0.0
+
+### Breaking Changes
+
+* CodeQL version 2.24.2 accidentally introduced a syntactical breaking change to `BarrierGuard<...>::getAnIndirectBarrierNode` and `InstructionBarrierGuard<...>::getAnIndirectBarrierNode`. These breaking changes have now been reverted so that the original code compiles again.
+* `MustFlow`, the inter-procedural must-flow data flow analysis library, has been re-worked to use parameterized modules. Like in the case of data flow and taint tracking, instead of extending the `MustFlowConfiguration` class, the user should now implement a module with the `MustFlow::ConfigSig` signature, and instantiate the `MustFlow::Global` parameterized module with the implemented module.
+
+### Minor Analysis Improvements
+
+* Refactored the "Year field changed using an arithmetic operation without checking for leap year" query (`cpp/leap-year/unchecked-after-arithmetic-year-modification`) to address large numbers of false positive results.
+
+### Bug Fixes
+
+* The `allowInterproceduralFlow` predicate of must-flow data flow configurations now correctly handles direct recursion.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.1.1
+lastReleaseVersion: 8.0.0

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 7.1.2-dev
+version: 8.0.0
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.5.12
+
+No user-facing changes.
+
 ## 1.5.11
 
 No user-facing changes.

cpp/ql/src/change-notes/released/1.5.12.md

@@ -0,0 +1,3 @@
+## 1.5.12
+
+No user-facing changes.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.11
+lastReleaseVersion: 1.5.12

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.5.12-dev
+version: 1.5.12
 groups:
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.60
+
+No user-facing changes.
+
 ## 1.7.59
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.60.md

@@ -0,0 +1,3 @@
+## 1.7.60
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.59
+lastReleaseVersion: 1.7.60

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.60-dev
+version: 1.7.60
 groups:
   - csharp
   - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.60
+
+No user-facing changes.
+
 ## 1.7.59
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.60.md

@@ -0,0 +1,3 @@
+## 1.7.60
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.59
+lastReleaseVersion: 1.7.60

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.60-dev
+version: 1.7.60
 groups:
   - csharp
   - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 5.4.8
+
+### Minor Analysis Improvements
+
+* C# 14: Added support for partial events.
+* C# 14: Added support for the `field` keyword in properties.
+
+### Bug Fixes
+
+* Fixed an issue where the body of a partial member could be extracted twice. When both a *defining* and an *implementing* declaration exist, only the *implementing* declaration is now extracted.
+
 ## 5.4.7
 
 ### Minor Analysis Improvements

csharp/ql/lib/change-notes/2026-02-12-field-keyword.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* C# 14: Added support for the `field` keyword in properties.

csharp/ql/lib/change-notes/2026-02-16-partial-events.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* C# 14: Added support for partial events.

csharp/ql/lib/change-notes/released/5.4.8.md

@@ -1,4 +1,10 @@
----
-category: fix
----
+## 5.4.8
+
+### Minor Analysis Improvements
+
+* C# 14: Added support for partial events.
+* C# 14: Added support for the `field` keyword in properties.
+
+### Bug Fixes
+
 * Fixed an issue where the body of a partial member could be extracted twice. When both a *defining* and an *implementing* declaration exist, only the *implementing* declaration is now extracted.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.4.7
+lastReleaseVersion: 5.4.8

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 5.4.8-dev
+version: 5.4.8
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.6.3
+
+No user-facing changes.
+
 ## 1.6.2
 
 ### Bug Fixes

csharp/ql/src/change-notes/released/1.6.3.md

@@ -0,0 +1,3 @@
+## 1.6.3
+
+No user-facing changes.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.2
+lastReleaseVersion: 1.6.3

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.6.3-dev
+version: 1.6.3
 groups:
   - csharp
   - queries

go/ql/consistency-queries/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.0.43
+
+No user-facing changes.
+
 ## 1.0.42
 
 No user-facing changes.

go/ql/consistency-queries/change-notes/released/1.0.43.md

@@ -0,0 +1,3 @@
+## 1.0.43
+
+No user-facing changes.

go/ql/consistency-queries/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.42
+lastReleaseVersion: 1.0.43

go/ql/consistency-queries/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.43-dev
+version: 1.0.43
 groups:
   - go
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 7.0.1
+
+No user-facing changes.
+
 ## 7.0.0
 
 ### Breaking Changes

go/ql/lib/change-notes/released/7.0.1.md

@@ -0,0 +1,3 @@
+## 7.0.1
+
+No user-facing changes.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.0.0
+lastReleaseVersion: 7.0.1

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 7.0.1-dev
+version: 7.0.1
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.5.7
+
+No user-facing changes.
+
 ## 1.5.6
 
 No user-facing changes.

go/ql/src/change-notes/released/1.5.7.md

@@ -0,0 +1,3 @@
+## 1.5.7
+
+No user-facing changes.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.6
+lastReleaseVersion: 1.5.7

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 1.5.7-dev
+version: 1.5.7
 groups:
   - go
   - queries

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 8.1.1
+
+### Minor Analysis Improvements
+
+* Some modelling which previously only worked for Java EE packages beginning with "javax" will now also work for Java EE packages beginning with "jakarta" as well. This may lead to some alert changes.
+
 ## 8.1.0
 
 ### Deprecated APIs

java/ql/lib/change-notes/released/8.1.1.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 8.1.1
+
+### Minor Analysis Improvements
+
 * Some modelling which previously only worked for Java EE packages beginning with "javax" will now also work for Java EE packages beginning with "jakarta" as well. This may lead to some alert changes.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 8.1.0
+lastReleaseVersion: 8.1.1

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 8.1.1-dev
+version: 8.1.1
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 1.10.8
+
+### Minor Analysis Improvements
+
+* The Java extractor and QL libraries now support Java 26.
+* Java analysis now selects the Java version to use informed by Maven POM files across all project modules. It also tries to use Java 17 or higher for all Maven projects if possible, for improved build compatibility.
+
 ## 1.10.7
 
 No user-facing changes.

java/ql/src/change-notes/2026-02-17-support-java-26.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The Java extractor and QL libraries now support Java 26.

java/ql/src/change-notes/released/1.10.8.md

@@ -1,4 +1,6 @@
----
-category: minorAnalysis
----
-* Java analysis now selects the Java version to use informed by Maven POM files across all project modules. It also tries to use Java 17 or higher for all Maven projects if possible, for improved build compatibility.
+## 1.10.8
+
+### Minor Analysis Improvements
+
+* The Java extractor and QL libraries now support Java 26.
+* Java analysis now selects the Java version to use informed by Maven POM files across all project modules. It also tries to use Java 17 or higher for all Maven projects if possible, for improved build compatibility.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.10.7
+lastReleaseVersion: 1.10.8

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 1.10.8-dev
+version: 1.10.8
 groups:
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 2.6.23
+
+### Minor Analysis Improvements
+
+* Added support for React components wrapped by `observer` from `mobx-react` and `mobx-react-lite`.
+
 ## 2.6.22
 
 No user-facing changes.

javascript/ql/lib/change-notes/released/2.6.23.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 2.6.23
+
+### Minor Analysis Improvements
+
 * Added support for React components wrapped by `observer` from `mobx-react` and `mobx-react-lite`.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.6.22
+lastReleaseVersion: 2.6.23

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 2.6.23-dev
+version: 2.6.23
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 2.3.3
+
+No user-facing changes.
+
 ## 2.3.2
 
 No user-facing changes.

javascript/ql/src/change-notes/released/2.3.3.md

@@ -0,0 +1,3 @@
+## 2.3.3
+
+No user-facing changes.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.3.2
+lastReleaseVersion: 2.3.3

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 2.3.3-dev
+version: 2.3.3
 groups:
   - javascript
   - queries

misc/suite-helpers/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.0.43
+
+No user-facing changes.
+
 ## 1.0.42
 
 No user-facing changes.

misc/suite-helpers/change-notes/released/1.0.43.md

@@ -0,0 +1,3 @@
+## 1.0.43
+
+No user-facing changes.

misc/suite-helpers/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.42
+lastReleaseVersion: 1.0.43

misc/suite-helpers/qlpack.yml

@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 1.0.43-dev
+version: 1.0.43
 groups: shared
 warnOnImplicitThis: true

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,18 @@
+## 7.0.0
+
+### Breaking Changes
+
+- The `Metrics` library no longer contains code that depends on the points-to analysis. The removed functionality has instead been moved to the `LegacyPointsTo` module, to classes like `ModuleMetricsWithPointsTo` etc. If you depend on any of these classes, you must now remember to import `LegacyPointsTo`, and use the appropriate types in order to use the points-to-based functionality.
+
+### Major Analysis Improvements
+
+- The CodeQL Python libraries have been updated to be compatible with overlay evaluation. This should result in a significant speedup on analyses for which a base database already exists. Note that it may be necessary to add `overlay[local?] module;` to user-managed libraries that extend classes that are now marked as `overlay[local]`.
+
+### Minor Analysis Improvements
+
+* Added new full SSRF sanitization barrier from the new AntiSSRF library. 
+* When a guard such as `isSafe(x)` is defined, we now also automatically handle `isSafe(x) == true` and `isSafe(x) != false`.
+
 ## 6.1.1
 
 ### Minor Analysis Improvements
@@ -7,7 +22,7 @@
 
 ### Bug Fixes
 
-- Using `=` as a fill character in a format specifier (e.g `f"{x:=^20}"`) now no longer results in a syntax error during parsing.
+- Using `=` as a fill character in a format specifier (e.g. `f"{x:=^20}"`) now no longer results in a syntax error during parsing.
 
 ## 6.1.0
 

python/ql/lib/change-notes/2026-02-08-guards-compared-to-boolean-literals.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* When a guard such as `isSafe(x)` is defined, we now also automatically handle `isSafe(x) == true` and `isSafe(x) != false`.

python/ql/lib/change-notes/2026-02-09-ssrf_test_case_cleanup_and_new_ssrf_barriers.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added new full SSRF sanitization barrier from the new AntiSSRF library. 

python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md

@@ -1,5 +0,0 @@
----
-category: majorAnalysis
----
-
-- The CodeQL Python libraries have been updated to be compatible with overlay evaluation. This should result in a significant speedup on analyses for which a base database already exists. Note that it may be necessary to add `overlay[local?] module;` to user-managed libraries that extend classes that are now marked as `overlay[local]`.

python/ql/lib/change-notes/2026-02-18-remove-points-to-from-metrics.md

@@ -1,5 +0,0 @@
----
-category: breaking
----
-
-- The `Metrics` library no longer contains code that depends on the points-to analysis. The removed functionality has instead been moved to the `LegacyPointsTo` module, to classes like `ModuleMetricsWithPointsTo` etc. If you depend on any of these classes, you must now remember to import `LegacyPointsTo`, and use the appropriate types in order to use the points-to-based functionality.

python/ql/lib/change-notes/released/7.0.0.md

@@ -0,0 +1,14 @@
+## 7.0.0
+
+### Breaking Changes
+
+- The `Metrics` library no longer contains code that depends on the points-to analysis. The removed functionality has instead been moved to the `LegacyPointsTo` module, to classes like `ModuleMetricsWithPointsTo` etc. If you depend on any of these classes, you must now remember to import `LegacyPointsTo`, and use the appropriate types in order to use the points-to-based functionality.
+
+### Major Analysis Improvements
+
+- The CodeQL Python libraries have been updated to be compatible with overlay evaluation. This should result in a significant speedup on analyses for which a base database already exists. Note that it may be necessary to add `overlay[local?] module;` to user-managed libraries that extend classes that are now marked as `overlay[local]`.
+
+### Minor Analysis Improvements
+
+* Added new full SSRF sanitization barrier from the new AntiSSRF library. 
+* When a guard such as `isSafe(x)` is defined, we now also automatically handle `isSafe(x) == true` and `isSafe(x) != false`.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 6.1.1
+lastReleaseVersion: 7.0.0

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 6.1.2-dev
+version: 7.0.0
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.8
+
+No user-facing changes.
+
 ## 1.7.7
 
 No user-facing changes.

python/ql/src/change-notes/released/1.7.8.md

@@ -0,0 +1,3 @@
+## 1.7.8
+
+No user-facing changes.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.7
+lastReleaseVersion: 1.7.8

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 1.7.8-dev
+version: 1.7.8
 groups:
   - python
   - queries

ruby/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 5.1.11
+
+### Minor Analysis Improvements
+
+* We now track taint flow through `Shellwords.escape` and `Shellwords.shellescape` for all queries except command injection, for which they are sanitizers.
+
 ## 5.1.10
 
 No user-facing changes.

ruby/ql/lib/change-notes/released/5.1.11.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 5.1.11
+
+### Minor Analysis Improvements
+
 * We now track taint flow through `Shellwords.escape` and `Shellwords.shellescape` for all queries except command injection, for which they are sanitizers.

ruby/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.1.10
+lastReleaseVersion: 5.1.11

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 5.1.11-dev
+version: 5.1.11
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.5.8
+
+No user-facing changes.
+
 ## 1.5.7
 
 No user-facing changes.

ruby/ql/src/change-notes/released/1.5.8.md

@@ -0,0 +1,3 @@
+## 1.5.8
+
+No user-facing changes.

ruby/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.7
+lastReleaseVersion: 1.5.8

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 1.5.8-dev
+version: 1.5.8
 groups:
   - ruby
   - queries

rust/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.2.7
+
+### Minor Analysis Improvements
+
+* Added support for neutral models (`extensible: neutralModel`) to control where generated source, sink and flow summary models apply.
+
 ## 0.2.6
 
 No user-facing changes.

rust/ql/lib/change-notes/released/0.2.7.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.2.7
+
+### Minor Analysis Improvements
+
 * Added support for neutral models (`extensible: neutralModel`) to control where generated source, sink and flow summary models apply.

rust/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.2.6
+lastReleaseVersion: 0.2.7

rust/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/rust-all
-version: 0.2.7-dev
+version: 0.2.7
 groups: rust
 extractor: rust
 dbscheme: rust.dbscheme

rust/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.1.28
+
+### Minor Analysis Improvements
+
+* The macro resolution metric has been removed from `rust/diagnostic/database-quality`. This metric was found to be an unreliable indicator of database quality in many cases, leading to false alarms on the tool status page.
+
 ## 0.1.27
 
 No user-facing changes.

rust/ql/src/change-notes/released/0.1.28.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.1.28
+
+### Minor Analysis Improvements
+
 * The macro resolution metric has been removed from `rust/diagnostic/database-quality`. This metric was found to be an unreliable indicator of database quality in many cases, leading to false alarms on the tool status page.

rust/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.27
+lastReleaseVersion: 0.1.28

rust/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/rust-queries
-version: 0.1.28-dev
+version: 0.1.28
 groups:
   - rust
   - queries

shared/concepts/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.17
+
+No user-facing changes.
+
 ## 0.0.16
 
 No user-facing changes.