diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index a3bde634d39..9547b4d4609 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.4.13 - -### Bug Fixes - -* The `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` queries now exclude artifacts downloaded to `$[{ runner.temp }}` in addition to `/tmp`. - ## 0.4.12 ### Minor Analysis Improvements diff --git a/actions/ql/lib/change-notes/2025-07-11-artifact-poisoning.md b/actions/ql/lib/change-notes/2025-07-11-artifact-poisoning.md new file mode 100644 index 00000000000..893a695a22c --- /dev/null +++ b/actions/ql/lib/change-notes/2025-07-11-artifact-poisoning.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* The `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` queries now exclude artifacts downloaded to `$[{ runner.temp }}` in addition to `/tmp`. diff --git a/actions/ql/lib/change-notes/released/0.4.13.md b/actions/ql/lib/change-notes/released/0.4.13.md deleted file mode 100644 index 1c7fa59a356..00000000000 --- a/actions/ql/lib/change-notes/released/0.4.13.md +++ /dev/null @@ -1,5 +0,0 @@ -## 0.4.13 - -### Bug Fixes - -* The `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` queries now exclude artifacts downloaded to `$[{ runner.temp }}` in addition to `/tmp`. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 88ad5ab8f22..530dc320490 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.13 +lastReleaseVersion: 0.4.12 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index f67a9ff9142..c6a0df46cfc 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.13 +version: 0.4.13-dev library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index d0db2aff304..b2846cd81fc 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.6.5 - -No user-facing changes. - ## 0.6.4 No user-facing changes. diff --git a/actions/ql/src/change-notes/released/0.6.5.md b/actions/ql/src/change-notes/released/0.6.5.md deleted file mode 100644 index b2bc387588d..00000000000 --- a/actions/ql/src/change-notes/released/0.6.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.6.5 - -No user-facing changes. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index 86780fb6148..ced8cf94614 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.5 +lastReleaseVersion: 0.6.4 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index 7addbb8de91..4a4bdde8147 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.5 +version: 0.6.5-dev library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 1b9acfd9e53..392305a6489 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,20 +1,3 @@ -## 5.3.0 - -### Deprecated APIs - -* The `UnknownDefaultLocation`, `UnknownExprLocation`, and `UnknownStmtLocation` classes have been deprecated. Use `UnknownLocation` instead. - -### New Features - -* Added a `isFinalValueOfParameter` predicate to `DataFlow::Node` which holds when a dataflow node represents the final value of an output parameter of a function. - -### Minor Analysis Improvements - -* The `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) no longer considers calls through function pointers as wrapper functions. -* The analysis of C/C++ code targeting 64-bit Arm platforms has been improved. This includes support for the Arm-specific builtin functions, support for the `arm_neon.h` header and Neon vector types, and support for the `fp8` scalar type. The `arm_sve.h` header and scalable vectors are only partially supported at this point. -* Added support for `__fp16 _Complex` and `__bf16 _Complex` types -* Added `sql-injection` sink models for the Oracle Call Interface (OCI) database library functions `OCIStmtPrepare` and `OCIStmtPrepare2`. - ## 5.2.0 ### Deprecated APIs diff --git a/cpp/ql/lib/change-notes/2025-06-20-oracle-oci-models.md b/cpp/ql/lib/change-notes/2025-06-20-oracle-oci-models.md new file mode 100644 index 00000000000..09661e61938 --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-06-20-oracle-oci-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added `sql-injection` sink models for the Oracle Call Interface (OCI) database library functions `OCIStmtPrepare` and `OCIStmtPrepare2`. diff --git a/cpp/ql/lib/change-notes/2025-06-24-arm64.md b/cpp/ql/lib/change-notes/2025-06-24-arm64.md new file mode 100644 index 00000000000..0e88694e116 --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-06-24-arm64.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The analysis of C/C++ code targeting 64-bit Arm platforms has been improved. This includes support for the Arm-specific builtin functions, support for the `arm_neon.h` header and Neon vector types, and support for the `fp8` scalar type. The `arm_sve.h` header and scalable vectors are only partially supported at this point. diff --git a/cpp/ql/lib/change-notes/2025-06-24-float16.md b/cpp/ql/lib/change-notes/2025-06-24-float16.md new file mode 100644 index 00000000000..24737d2b406 --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-06-24-float16.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added support for `__fp16 _Complex` and `__bf16 _Complex` types diff --git a/cpp/ql/lib/change-notes/2025-06-27-locations.md b/cpp/ql/lib/change-notes/2025-06-27-locations.md new file mode 100644 index 00000000000..55acf55ee87 --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-06-27-locations.md @@ -0,0 +1,4 @@ +--- +category: deprecated +--- +* The `UnknownDefaultLocation`, `UnknownExprLocation`, and `UnknownStmtLocation` classes have been deprecated. Use `UnknownLocation` instead. diff --git a/cpp/ql/lib/change-notes/2025-07-10-final.md b/cpp/ql/lib/change-notes/2025-07-10-final.md new file mode 100644 index 00000000000..8e6b3dba266 --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-07-10-final.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Added a `isFinalValueOfParameter` predicate to DataFlow::Node which holds when a dataflow node represents the final value of an output parameter of a function. diff --git a/cpp/ql/lib/change-notes/2025-07-16-FunctionWithWrappers.md b/cpp/ql/lib/change-notes/2025-07-16-FunctionWithWrappers.md new file mode 100644 index 00000000000..80b70a8c80f --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-07-16-FunctionWithWrappers.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) no longer considers calls through function pointers as wrapper functions. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/released/5.3.0.md b/cpp/ql/lib/change-notes/released/5.3.0.md deleted file mode 100644 index a7ea151fcf3..00000000000 --- a/cpp/ql/lib/change-notes/released/5.3.0.md +++ /dev/null @@ -1,16 +0,0 @@ -## 5.3.0 - -### Deprecated APIs - -* The `UnknownDefaultLocation`, `UnknownExprLocation`, and `UnknownStmtLocation` classes have been deprecated. Use `UnknownLocation` instead. - -### New Features - -* Added a `isFinalValueOfParameter` predicate to `DataFlow::Node` which holds when a dataflow node represents the final value of an output parameter of a function. - -### Minor Analysis Improvements - -* The `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) no longer considers calls through function pointers as wrapper functions. -* The analysis of C/C++ code targeting 64-bit Arm platforms has been improved. This includes support for the Arm-specific builtin functions, support for the `arm_neon.h` header and Neon vector types, and support for the `fp8` scalar type. The `arm_sve.h` header and scalable vectors are only partially supported at this point. -* Added support for `__fp16 _Complex` and `__bf16 _Complex` types -* Added `sql-injection` sink models for the Oracle Call Interface (OCI) database library functions `OCIStmtPrepare` and `OCIStmtPrepare2`. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index b0a1c83e5bc..9e57a36a7dc 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.3.0 +lastReleaseVersion: 5.2.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 3d9c75672cb..e826864ae64 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 5.3.0 +version: 5.2.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 7750db55e66..82bfa75c55d 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,16 +1,3 @@ -## 1.4.4 - -### Minor Analysis Improvements - -* Due to changes in the `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) the primary alert location generated by the queries `cpp/path-injection`, `cpp/sql-injection`, `cpp/tainted-format-string`, and `cpp/command-line-injection` may have changed. -* Added flow models for the Win32 API functions `CreateThread`, `CreateRemoteThread`, and `CreateRemoteThreadEx`. -* Improved support for dataflow through function objects and lambda expressions. -* Added flow models for `pthread_create` and `std::thread`. -* The `cpp/incorrect-string-type-conversion` query no longer alerts on incorrect type conversions that occur in unreachable code. -* Added flow models for the GNU C Library. -* Fixed a number of false positives and false negatives in `cpp/global-use-before-init`. Note that this query is not part of any of the default query suites. -* The query `cpp/sql-injection` now can be extended using the `sql-injection` Models as Data (MaD) sink kind. - ## 1.4.3 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/2025-06-20-sql-injection-models.md b/cpp/ql/src/change-notes/2025-06-20-sql-injection-models.md new file mode 100644 index 00000000000..ebb517d0a39 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-06-20-sql-injection-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The query `cpp/sql-injection` now can be extended using the `sql-injection` Models as Data (MaD) sink kind. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2025-07-01-global-vars-ubi-query-fixes.md.md b/cpp/ql/src/change-notes/2025-07-01-global-vars-ubi-query-fixes.md.md new file mode 100644 index 00000000000..b5ab2362bf4 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-07-01-global-vars-ubi-query-fixes.md.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Fixed a number of false positives and false negatives in `cpp/global-use-before-init`. Note that this query is not part of any of the default query suites. diff --git a/cpp/ql/src/change-notes/2025-07-04-create-thread.md b/cpp/ql/src/change-notes/2025-07-04-create-thread.md new file mode 100644 index 00000000000..c7664b8e31e --- /dev/null +++ b/cpp/ql/src/change-notes/2025-07-04-create-thread.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added flow models for the GNU C Library. diff --git a/cpp/ql/src/change-notes/2025-07-10-pthread-and-std-thread.md b/cpp/ql/src/change-notes/2025-07-10-pthread-and-std-thread.md new file mode 100644 index 00000000000..8e8d0659fa6 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-07-10-pthread-and-std-thread.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added flow models for `pthread_create` and `std::thread`. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2025-07-10-wchar-fp.md b/cpp/ql/src/change-notes/2025-07-10-wchar-fp.md new file mode 100644 index 00000000000..db940f18286 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-07-10-wchar-fp.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `cpp/incorrect-string-type-conversion` query no longer alerts on incorrect type conversions that occur in unreachable code. diff --git a/cpp/ql/src/change-notes/2025-07-11-function-objects.md b/cpp/ql/src/change-notes/2025-07-11-function-objects.md new file mode 100644 index 00000000000..48bc71f27ca --- /dev/null +++ b/cpp/ql/src/change-notes/2025-07-11-function-objects.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Improved support for dataflow through function objects and lambda expressions. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2025-07-12-create-thread.md b/cpp/ql/src/change-notes/2025-07-12-create-thread.md new file mode 100644 index 00000000000..f95b046fef9 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-07-12-create-thread.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added flow models for the Win32 API functions `CreateThread`, `CreateRemoteThread`, and `CreateRemoteThreadEx`. diff --git a/cpp/ql/src/change-notes/2025-07-16-FunctionWithWrappers.md b/cpp/ql/src/change-notes/2025-07-16-FunctionWithWrappers.md new file mode 100644 index 00000000000..0c3db774fa4 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-07-16-FunctionWithWrappers.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Due to changes in the `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) the primary alert location generated by the queries `cpp/path-injection`, `cpp/sql-injection`, `cpp/tainted-format-string`, and `cpp/command-line-injection` may have changed. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/released/1.4.4.md b/cpp/ql/src/change-notes/released/1.4.4.md deleted file mode 100644 index 87e1b909fbb..00000000000 --- a/cpp/ql/src/change-notes/released/1.4.4.md +++ /dev/null @@ -1,12 +0,0 @@ -## 1.4.4 - -### Minor Analysis Improvements - -* Due to changes in the `FunctionWithWrappers` library (`semmle.code.cpp.security.FunctionWithWrappers`) the primary alert location generated by the queries `cpp/path-injection`, `cpp/sql-injection`, `cpp/tainted-format-string`, and `cpp/command-line-injection` may have changed. -* Added flow models for the Win32 API functions `CreateThread`, `CreateRemoteThread`, and `CreateRemoteThreadEx`. -* Improved support for dataflow through function objects and lambda expressions. -* Added flow models for `pthread_create` and `std::thread`. -* The `cpp/incorrect-string-type-conversion` query no longer alerts on incorrect type conversions that occur in unreachable code. -* Added flow models for the GNU C Library. -* Fixed a number of false positives and false negatives in `cpp/global-use-before-init`. Note that this query is not part of any of the default query suites. -* The query `cpp/sql-injection` now can be extended using the `sql-injection` Models as Data (MaD) sink kind. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 1dfca6daa3b..08f88b689fb 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.4 +lastReleaseVersion: 1.4.3 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index c77f630faad..ade2daeb369 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.4.4 +version: 1.4.4-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index f46a19790d6..99267b32a40 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.44 - -No user-facing changes. - ## 1.7.43 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.44.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.44.md deleted file mode 100644 index f25e48c0720..00000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.44.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.44 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index a392bdc2592..9b37539bf65 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.44 +lastReleaseVersion: 1.7.43 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 4da11e525e6..b9e0c245b85 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.44 +version: 1.7.44-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index f46a19790d6..99267b32a40 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.44 - -No user-facing changes. - ## 1.7.43 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.44.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.44.md deleted file mode 100644 index f25e48c0720..00000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.44.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.44 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index a392bdc2592..9b37539bf65 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.44 +lastReleaseVersion: 1.7.43 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index b59805aa902..7cf7f04a63a 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.44 +version: 1.7.44-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index e8540d22ba8..3124c68b6ab 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 5.2.0 - -### New Features - -* Added a new predicate, `getASuperType()`, to get a direct supertype of this type. - ## 5.1.9 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/released/5.2.0.md b/csharp/ql/lib/change-notes/2025-06-10-getasupertype.md similarity index 75% rename from csharp/ql/lib/change-notes/released/5.2.0.md rename to csharp/ql/lib/change-notes/2025-06-10-getasupertype.md index 5408c0d44bd..14b086a9409 100644 --- a/csharp/ql/lib/change-notes/released/5.2.0.md +++ b/csharp/ql/lib/change-notes/2025-06-10-getasupertype.md @@ -1,5 +1,4 @@ -## 5.2.0 - -### New Features - +--- +category: feature +--- * Added a new predicate, `getASuperType()`, to get a direct supertype of this type. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 9e57a36a7dc..f9bf2605261 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.2.0 +lastReleaseVersion: 5.1.9 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index d425970a314..faa7e5e7198 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.2.0 +version: 5.1.10-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 888800c5021..da76eab521c 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,14 +1,3 @@ -## 1.3.1 - -### Minor Analysis Improvements - -* Explicitly added summary models for all overloads of `System.Xml.XmlDictionaryReader.CreateBinaryReader`. Added models for some of the methods and properties in `System.Runtime.Serialization.SerializationInfo` and `System.Runtime.Serialization.SerializationInfoEnumerator`. Updated models for `System.Text.Encoding.GetBytes`, `System.Text.Encoding.GetChars` and the constructor for `System.IO.MemoryStream`. This generally improves the library modelling and thus reduces the number of false negatives. -* Added explicit SQL injection Models as Data models for `Microsoft.Data.SqlClient.SqlCommand` and `Microsoft.Data.SqlClient.SqlDataAdapter`. This reduces false negatives for the query `cs/sql-injection`. - -### Bug Fixes - -* `web.config` and `web.release.config` files are now recognized regardless of case. This means queries `cs/web/debug-binary` and `cs/web/missing-x-frame-options` may produce more results than before. - ## 1.3.0 ### Query Metadata Changes diff --git a/csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md b/csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md new file mode 100644 index 00000000000..8d800aa7580 --- /dev/null +++ b/csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added explicit SQL injection Models as Data models for `Microsoft.Data.SqlClient.SqlCommand` and `Microsoft.Data.SqlClient.SqlDataAdapter`. This reduces false negatives for the query `cs/sql-injection`. diff --git a/csharp/ql/src/change-notes/released/1.3.1.md b/csharp/ql/src/change-notes/2025-07-01-improve-summary-models.md similarity index 52% rename from csharp/ql/src/change-notes/released/1.3.1.md rename to csharp/ql/src/change-notes/2025-07-01-improve-summary-models.md index 4576c811687..f2c8fd82bae 100644 --- a/csharp/ql/src/change-notes/released/1.3.1.md +++ b/csharp/ql/src/change-notes/2025-07-01-improve-summary-models.md @@ -1,10 +1,4 @@ -## 1.3.1 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Explicitly added summary models for all overloads of `System.Xml.XmlDictionaryReader.CreateBinaryReader`. Added models for some of the methods and properties in `System.Runtime.Serialization.SerializationInfo` and `System.Runtime.Serialization.SerializationInfoEnumerator`. Updated models for `System.Text.Encoding.GetBytes`, `System.Text.Encoding.GetChars` and the constructor for `System.IO.MemoryStream`. This generally improves the library modelling and thus reduces the number of false negatives. -* Added explicit SQL injection Models as Data models for `Microsoft.Data.SqlClient.SqlCommand` and `Microsoft.Data.SqlClient.SqlDataAdapter`. This reduces false negatives for the query `cs/sql-injection`. - -### Bug Fixes - -* `web.config` and `web.release.config` files are now recognized regardless of case. This means queries `cs/web/debug-binary` and `cs/web/missing-x-frame-options` may produce more results than before. diff --git a/csharp/ql/src/change-notes/2025-07-16-web-config.md b/csharp/ql/src/change-notes/2025-07-16-web-config.md new file mode 100644 index 00000000000..238f6438663 --- /dev/null +++ b/csharp/ql/src/change-notes/2025-07-16-web-config.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* `web.config` and `web.release.config` files are now recognised regardless of case. This means queries `cs/web/debug-binary` and `cs/web/missing-x-frame-options` may produce more results than before. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index e71b6d081f1..ec16350ed6f 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.1 +lastReleaseVersion: 1.3.0 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index c3963f711e6..b6307e4210a 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.3.1 +version: 1.3.1-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 7b90353d01a..0d814dec385 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.27.md b/go/ql/consistency-queries/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/go/ql/consistency-queries/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index fd4932f54ad..e964007a13d 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.27 +version: 1.0.27-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 3181c613e09..c5fac252869 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,15 +1,3 @@ -## 4.3.0 - -### Deprecated APIs - -* The class `BuiltinType` is now deprecated. Use the new replacement `BuiltinTypeEntity` instead. -* The class `DeclaredType` is now deprecated. Use the new replacement `DeclaredTypeEntity` instead. - -### Minor Analysis Improvements - -* Added models for the `Head` function and the `Client.Head` method, from the `net/http` package, to the `Http::ClientRequest` class. This means that they will be recognized as sinks for the query `go/request-forgery` and the experimental query `go/ssrf`. -* Previously, `DefinedType.getBaseType` gave the underlying type. It now gives the right hand side of the type declaration, as the documentation indicated that it should. - ## 4.2.8 No user-facing changes. diff --git a/go/ql/lib/change-notes/2025-06-03-fix-definedtype-getbasetype.md b/go/ql/lib/change-notes/2025-06-03-fix-definedtype-getbasetype.md new file mode 100644 index 00000000000..b58ebf64f09 --- /dev/null +++ b/go/ql/lib/change-notes/2025-06-03-fix-definedtype-getbasetype.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Previously, `DefinedType.getBaseType` gave the underlying type. It now gives the right hand side of the type declaration, as the documentation indicated that it should. diff --git a/go/ql/lib/change-notes/2025-06-05-deprecate-DeclaredType-BuiltinType.md b/go/ql/lib/change-notes/2025-06-05-deprecate-DeclaredType-BuiltinType.md new file mode 100644 index 00000000000..6744743ea27 --- /dev/null +++ b/go/ql/lib/change-notes/2025-06-05-deprecate-DeclaredType-BuiltinType.md @@ -0,0 +1,5 @@ +--- +category: deprecated +--- +* The class `BuiltinType` is now deprecated. Use the new replacement `BuiltinTypeEntity` instead. +* The class `DeclaredType` is now deprecated. Use the new replacement `DeclaredTypeEntity` instead. diff --git a/go/ql/lib/change-notes/2025-07-08-request-forgery-sinks.md b/go/ql/lib/change-notes/2025-07-08-request-forgery-sinks.md new file mode 100644 index 00000000000..6204749d9d6 --- /dev/null +++ b/go/ql/lib/change-notes/2025-07-08-request-forgery-sinks.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added models for the `Head` function and the `Client.Head` method, from the `net/http` package, to the `Http::ClientRequest` class. This means that they will be recognized as sinks for the query `go/request-forgery` and the experimental query `go/ssrf`. diff --git a/go/ql/lib/change-notes/released/4.3.0.md b/go/ql/lib/change-notes/released/4.3.0.md deleted file mode 100644 index 2b2369b2d69..00000000000 --- a/go/ql/lib/change-notes/released/4.3.0.md +++ /dev/null @@ -1,11 +0,0 @@ -## 4.3.0 - -### Deprecated APIs - -* The class `BuiltinType` is now deprecated. Use the new replacement `BuiltinTypeEntity` instead. -* The class `DeclaredType` is now deprecated. Use the new replacement `DeclaredTypeEntity` instead. - -### Minor Analysis Improvements - -* Added models for the `Head` function and the `Client.Head` method, from the `net/http` package, to the `Http::ClientRequest` class. This means that they will be recognized as sinks for the query `go/request-forgery` and the experimental query `go/ssrf`. -* Previously, `DefinedType.getBaseType` gave the underlying type. It now gives the right hand side of the type declaration, as the documentation indicated that it should. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index c46c103a0bd..9b51fbc5ce5 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.3.0 +lastReleaseVersion: 4.2.8 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 61e78a5eb55..44d63e64e3b 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 4.3.0 +version: 4.2.9-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 288315dedc6..521c1320839 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.4.1 - -### Minor Analysis Improvements - -* `filepath.IsLocal` is now recognized as a sanitizer against path-traversal and related vulnerabilities. - ## 1.4.0 ### Query Metadata Changes diff --git a/go/ql/src/change-notes/2025-07-15-islocal-sanitizer.md b/go/ql/src/change-notes/2025-07-15-islocal-sanitizer.md new file mode 100644 index 00000000000..35f04aacb58 --- /dev/null +++ b/go/ql/src/change-notes/2025-07-15-islocal-sanitizer.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* `filepath.IsLocal` is now recognised as a sanitizer against path-traversal and related vulnerabilities. diff --git a/go/ql/src/change-notes/released/1.4.1.md b/go/ql/src/change-notes/released/1.4.1.md deleted file mode 100644 index 8d054d1eb68..00000000000 --- a/go/ql/src/change-notes/released/1.4.1.md +++ /dev/null @@ -1,5 +0,0 @@ -## 1.4.1 - -### Minor Analysis Improvements - -* `filepath.IsLocal` is now recognized as a sanitizer against path-traversal and related vulnerabilities. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 43ccf4467be..b8b2e97d508 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.1 +lastReleaseVersion: 1.4.0 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 67b9ff12d46..ad2712943a3 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.4.1 +version: 1.4.1-dev groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index d48e225f5a0..320552a8f14 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,21 +1,3 @@ -## 7.4.0 - -### Deprecated APIs - -* The module `semmle.code.java.frameworks.Castor` has been deprecated and will be removed in a future release. -* The module `semmle.code.java.frameworks.JYaml` has been deprecated and will be removed in a future release. -* The classes `UnsafeHessianInputReadObjectMethod` and `BurlapInputReadObjectMethod` in the module `semmle.code.java.frameworks.HessianBurlap` have been deprecated and will be removed in a future release. -* The class `YamlBeansReaderReadMethod` in the module `semmle.code.java.frameworks.YamlBeans` has been deprecated and will be removed in a future release. -* The class `MethodApacheSerializationUtilsDeserialize` in the module `semmle.code.java.frameworks.apache.Lang` has been deprecated and will be removed in a future release. - -### New Features - -* You can now add sinks for the query "Deserialization of user-controlled data" (`java/unsafe-deserialization`) using [data extensions](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/#extensible-predicates-used-to-create-custom-models-in-java-and-kotlin) by extending `sinkModel` and using the kind "unsafe-deserialization". The existing sinks which do not require extra logic to determine if they are unsafe are now defined in this way. - -### Minor Analysis Improvements - -* The qualifiers of a calls to `readObject` on any classes that implement `java.io.ObjectInput` are now recognised as sinks for `java/unsafe-deserialization`. Previously this was only the case for classes which extend `java.io.ObjectInputStream`. - ## 7.3.2 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2025-07-11-unsafe-deserialization-extra-sink.md b/java/ql/lib/change-notes/2025-07-11-unsafe-deserialization-extra-sink.md new file mode 100644 index 00000000000..26f745a2bb7 --- /dev/null +++ b/java/ql/lib/change-notes/2025-07-11-unsafe-deserialization-extra-sink.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The qualifiers of a calls to `readObject` on any classes that implement `java.io.ObjectInput` are now recognised as sinks for `java/unsafe-deserialization`. Previously this was only the case for classes which extend `java.io.ObjectInputStream`. diff --git a/java/ql/lib/change-notes/2025-07-16-models-as-data-unsafe-deserialization-sinks.md b/java/ql/lib/change-notes/2025-07-16-models-as-data-unsafe-deserialization-sinks.md new file mode 100644 index 00000000000..91485615962 --- /dev/null +++ b/java/ql/lib/change-notes/2025-07-16-models-as-data-unsafe-deserialization-sinks.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* You can now add sinks for the query "Deserialization of user-controlled data" (`java/unsafe-deserialization`) using [data extensions](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/#extensible-predicates-used-to-create-custom-models-in-java-and-kotlin) by extending `sinkModel` and using the kind "unsafe-deserialization". The existing sinks which do not require extra logic to determine if they are unsafe are now defined in this way. diff --git a/java/ql/lib/change-notes/2025-07-16-unsafe-deserialization-sinks-deprecation.md b/java/ql/lib/change-notes/2025-07-16-unsafe-deserialization-sinks-deprecation.md new file mode 100644 index 00000000000..7e7e607c18b --- /dev/null +++ b/java/ql/lib/change-notes/2025-07-16-unsafe-deserialization-sinks-deprecation.md @@ -0,0 +1,8 @@ +--- +category: deprecated +--- +* The module `semmle.code.java.frameworks.Castor` has been deprecated and will be removed in a future release. +* The module `semmle.code.java.frameworks.JYaml` has been deprecated and will be removed in a future release. +* The classes `UnsafeHessianInputReadObjectMethod` and `BurlapInputReadObjectMethod` in the module `semmle.code.java.frameworks.HessianBurlap` have been deprecated and will be removed in a future release. +* The class `YamlBeansReaderReadMethod` in the module `semmle.code.java.frameworks.YamlBeans` has been deprecated and will be removed in a future release. +* The class `MethodApacheSerializationUtilsDeserialize` in the module `semmle.code.java.frameworks.apache.Lang` has been deprecated and will be removed in a future release. diff --git a/java/ql/lib/change-notes/released/7.4.0.md b/java/ql/lib/change-notes/released/7.4.0.md deleted file mode 100644 index 103b19767a0..00000000000 --- a/java/ql/lib/change-notes/released/7.4.0.md +++ /dev/null @@ -1,17 +0,0 @@ -## 7.4.0 - -### Deprecated APIs - -* The module `semmle.code.java.frameworks.Castor` has been deprecated and will be removed in a future release. -* The module `semmle.code.java.frameworks.JYaml` has been deprecated and will be removed in a future release. -* The classes `UnsafeHessianInputReadObjectMethod` and `BurlapInputReadObjectMethod` in the module `semmle.code.java.frameworks.HessianBurlap` have been deprecated and will be removed in a future release. -* The class `YamlBeansReaderReadMethod` in the module `semmle.code.java.frameworks.YamlBeans` has been deprecated and will be removed in a future release. -* The class `MethodApacheSerializationUtilsDeserialize` in the module `semmle.code.java.frameworks.apache.Lang` has been deprecated and will be removed in a future release. - -### New Features - -* You can now add sinks for the query "Deserialization of user-controlled data" (`java/unsafe-deserialization`) using [data extensions](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/#extensible-predicates-used-to-create-custom-models-in-java-and-kotlin) by extending `sinkModel` and using the kind "unsafe-deserialization". The existing sinks that do not require extra logic to determine if they are unsafe are now defined in this way. - -### Minor Analysis Improvements - -* The qualifiers of a calls to `readObject` on any classes that implement `java.io.ObjectInput` are now recognised as sinks for `java/unsafe-deserialization`. Previously this was only the case for classes which extend `java.io.ObjectInputStream`. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index be55351642c..cf3deb9367d 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.4.0 +lastReleaseVersion: 7.3.2 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 6bbd17fda1d..f29904e14c5 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 7.4.0 +version: 7.3.3-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 50afa2ea9bf..fe2be06be35 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.6.1 - -### Minor Analysis Improvements - -* Java analysis of guards has been switched to use the new and improved shared guards library. This improves precision of a number of queries, in particular `java/dereferenced-value-may-be-null`, which now has fewer false positives, and `java/useless-null-check` and `java/constant-comparison`, which gain additional true positives. - ## 1.6.0 ### Query Metadata Changes diff --git a/java/ql/src/change-notes/released/1.6.1.md b/java/ql/src/change-notes/2025-06-17-improved-guards.md similarity index 88% rename from java/ql/src/change-notes/released/1.6.1.md rename to java/ql/src/change-notes/2025-06-17-improved-guards.md index 0add62e535b..b49710460f1 100644 --- a/java/ql/src/change-notes/released/1.6.1.md +++ b/java/ql/src/change-notes/2025-06-17-improved-guards.md @@ -1,5 +1,4 @@ -## 1.6.1 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Java analysis of guards has been switched to use the new and improved shared guards library. This improves precision of a number of queries, in particular `java/dereferenced-value-may-be-null`, which now has fewer false positives, and `java/useless-null-check` and `java/constant-comparison`, which gain additional true positives. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index ef7a789e0cf..c4f0b07d533 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 5e5e73ab721..aaeb2c86ac1 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.6.1 +version: 1.6.1-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index ab12beb5698..e2d82cba835 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,13 +1,3 @@ -## 2.6.7 - -### Minor Analysis Improvements - -* Enhanced modeling for the `execa` library, adding support for command execution methods `execaCommand`, `execaCommandSync`, `$`, and `$.sync`, as well as file system operations through `inputFile`, `pipeStdout`, `pipeAll`, and `pipeStderr`. - -### Bug Fixes - -* The JavaScript extractor no longer ignores source files specified in the `tsconfig.json` compiler options `outDir` if doing so would result in excluding all source code. - ## 2.6.6 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/2.6.7.md b/javascript/ql/lib/change-notes/2025-06-20-execa.md similarity index 51% rename from javascript/ql/lib/change-notes/released/2.6.7.md rename to javascript/ql/lib/change-notes/2025-06-20-execa.md index 530da25c5dc..b22afe593f8 100644 --- a/javascript/ql/lib/change-notes/released/2.6.7.md +++ b/javascript/ql/lib/change-notes/2025-06-20-execa.md @@ -1,9 +1,4 @@ -## 2.6.7 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Enhanced modeling for the `execa` library, adding support for command execution methods `execaCommand`, `execaCommandSync`, `$`, and `$.sync`, as well as file system operations through `inputFile`, `pipeStdout`, `pipeAll`, and `pipeStderr`. - -### Bug Fixes - -* The JavaScript extractor no longer ignores source files specified in the `tsconfig.json` compiler options `outDir` if doing so would result in excluding all source code. diff --git a/javascript/ql/lib/change-notes/2025-07-11-ignore-outdirs-that-would-exclude-everything.md b/javascript/ql/lib/change-notes/2025-07-11-ignore-outdirs-that-would-exclude-everything.md new file mode 100644 index 00000000000..aeffaebb477 --- /dev/null +++ b/javascript/ql/lib/change-notes/2025-07-11-ignore-outdirs-that-would-exclude-everything.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* The JavaScript extractor no longer ignores source files specified in the `tsconfig.json` compiler options `outDir` if doing so would result in excluding all source code. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 7be0a0fdb3c..305ff8cbbf2 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.7 +lastReleaseVersion: 2.6.6 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 03a691f02f5..482612a821d 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.7 +version: 2.6.7-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index e2d35e74bb9..11615030c50 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,29 +1,3 @@ -## 2.0.0 - -### Breaking Changes - -* The `Type` and `Symbol` classes have been deprecated and will be empty in newly extracted databases, since the TypeScript extractor no longer populates them. - This is a breaking change for custom queries that explicitly relied on these classes. - Such queries will still compile, but with deprecation warnings, and may have different query results due to type information no longer being available. - We expect most custom queries will not be affected, however. If a custom query has no deprecation warnings, it should not be affected by this change. - Uses of `getType()` should be rewritten to use the new `getTypeBinding()` or `getNameBinding()` APIs instead. - If the new API is not sufficient, please consider opening an issue in `github/codeql` describing your use-case. - -### Major Analysis Improvements - -* The TypeScript extractor no longer relies on the TypeScript compiler for extracting type information. - Instead, the information we need from types is now derived by an algorithm written in QL. - This results in more robust extraction with faster extraction times, in some cases significantly faster. -* Taint is now tracked through the React `use` function. -* Parameters of React server functions, marked with the `"use server"` directive, are now seen as taint sources. - -### Minor Analysis Improvements - -* Removed three queries from the JS qlpack, which have been superseded by newer queries that are part of the Actions qlpack: - * `js/actions/pull-request-target` has been superseded by `actions/untrusted-checkout/{medium,high,critical}` - * `js/actions/actions-artifact-leak` has been superseded by `actions/secrets-in-artifacts` - * `js/actions/command-injection` has been superseded by `actions/command-injection/{medium,critical}` - ## 1.7.0 ### Query Metadata Changes diff --git a/javascript/ql/src/change-notes/2025-06-23-react-use-server.md b/javascript/ql/src/change-notes/2025-06-23-react-use-server.md new file mode 100644 index 00000000000..b3d3088b640 --- /dev/null +++ b/javascript/ql/src/change-notes/2025-06-23-react-use-server.md @@ -0,0 +1,5 @@ +--- +category: majorAnalysis +--- +* Taint is now tracked through the React `use` function. +* Parameters of React server functions, marked with the `"use server"` directive, are now seen as taint sources. diff --git a/javascript/ql/src/change-notes/2025-06-23-remove-legacy-actions-queries.md b/javascript/ql/src/change-notes/2025-06-23-remove-legacy-actions-queries.md new file mode 100644 index 00000000000..628ad8b083b --- /dev/null +++ b/javascript/ql/src/change-notes/2025-06-23-remove-legacy-actions-queries.md @@ -0,0 +1,7 @@ +--- +category: minorAnalysis +--- +* Removed three queries from the JS qlpack, which have been superseded by newer queries that are part of the Actions qlpack: + * `js/actions/pull-request-target` has been superseded by `actions/untrusted-checkout/{medium,high,critical}` + * `js/actions/actions-artifact-leak` has been superseded by `actions/secrets-in-artifacts` + * `js/actions/command-injection` has been superseded by `actions/command-injection/{medium,critical}` diff --git a/javascript/ql/src/change-notes/2025-06-24-no-type-extraction-breaking.md b/javascript/ql/src/change-notes/2025-06-24-no-type-extraction-breaking.md new file mode 100644 index 00000000000..313b06bc366 --- /dev/null +++ b/javascript/ql/src/change-notes/2025-06-24-no-type-extraction-breaking.md @@ -0,0 +1,9 @@ +--- +category: breaking +--- +* The `Type` and `Symbol` classes have been deprecated and will be empty in newly extracted databases, since the TypeScript extractor no longer populates them. + This is a breaking change for custom queries that explicitly relied on these classes. + Such queries will still compile, but with deprecation warnings, and may have different query results due to type information no longer being available. + We expect most custom queries will not be affected, however. If a custom query has no deprecation warnings, it should not be affected by this change. + Uses of `getType()` should be rewritten to use the new `getTypeBinding()` or `getNameBinding()` APIs instead. + If the new API is not sufficient, please consider opening an issue in `github/codeql` describing your use-case. diff --git a/javascript/ql/src/change-notes/2025-06-24-no-type-extraction.md b/javascript/ql/src/change-notes/2025-06-24-no-type-extraction.md new file mode 100644 index 00000000000..516e167636a --- /dev/null +++ b/javascript/ql/src/change-notes/2025-06-24-no-type-extraction.md @@ -0,0 +1,6 @@ +--- +category: majorAnalysis +--- +* The TypeScript extractor no longer relies on the TypeScript compiler for extracting type information. + Instead, the information we need from types is now derived by an algorithm written in QL. + This results in more robust extraction with faster extraction times, in some cases significantly faster. diff --git a/javascript/ql/src/change-notes/released/2.0.0.md b/javascript/ql/src/change-notes/released/2.0.0.md deleted file mode 100644 index a0f57f06db1..00000000000 --- a/javascript/ql/src/change-notes/released/2.0.0.md +++ /dev/null @@ -1,25 +0,0 @@ -## 2.0.0 - -### Breaking Changes - -* The `Type` and `Symbol` classes have been deprecated and will be empty in newly extracted databases, since the TypeScript extractor no longer populates them. - This is a breaking change for custom queries that explicitly relied on these classes. - Such queries will still compile, but with deprecation warnings, and may have different query results due to type information no longer being available. - We expect most custom queries will not be affected, however. If a custom query has no deprecation warnings, it should not be affected by this change. - Uses of `getType()` should be rewritten to use the new `getTypeBinding()` or `getNameBinding()` APIs instead. - If the new API is not sufficient, please consider opening an issue in `github/codeql` describing your use-case. - -### Major Analysis Improvements - -* The TypeScript extractor no longer relies on the TypeScript compiler for extracting type information. - Instead, the information we need from types is now derived by an algorithm written in QL. - This results in more robust extraction with faster extraction times, in some cases significantly faster. -* Taint is now tracked through the React `use` function. -* Parameters of React server functions, marked with the `"use server"` directive, are now seen as taint sources. - -### Minor Analysis Improvements - -* Removed three queries from the JS qlpack, which have been superseded by newer queries that are part of the Actions qlpack: - * `js/actions/pull-request-target` has been superseded by `actions/untrusted-checkout/{medium,high,critical}` - * `js/actions/actions-artifact-leak` has been superseded by `actions/secrets-in-artifacts` - * `js/actions/command-injection` has been superseded by `actions/command-injection/{medium,critical}` diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 0abe6ccede0..d1184cc6750 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 1.7.0 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 55256002d7c..59f83e85aef 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.0.0 +version: 1.7.1-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index c772b9266a7..c7c1d20c642 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.27.md b/misc/suite-helpers/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/misc/suite-helpers/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index a3c75c970cb..77f627a1900 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.27 +version: 1.0.27-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 774058d3556..9f915e24edc 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,13 +1,3 @@ -## 4.0.11 - -### Minor Analysis Improvements - -* Type annotations such as `foo : Bar` are now treated by the call graph as an indication that `foo` may be an instance of `Bar`. - -### Bug Fixes - -- The Python parser is now able to correctly parse expressions such as `match[1]` and `match()` where `match` is not used as a keyword. - ## 4.0.10 No user-facing changes. diff --git a/python/ql/lib/change-notes/2025-06-04-call-graph-type-annotations.md b/python/ql/lib/change-notes/2025-06-04-call-graph-type-annotations.md new file mode 100644 index 00000000000..2aa17e57632 --- /dev/null +++ b/python/ql/lib/change-notes/2025-06-04-call-graph-type-annotations.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Type annotations such as `foo : Bar` are now treated by the call graph as an indication that `foo` may be an instance of `Bar`. diff --git a/python/ql/lib/change-notes/2025-06-26-fix-match-as-identifier.md b/python/ql/lib/change-notes/2025-06-26-fix-match-as-identifier.md new file mode 100644 index 00000000000..47d18a533d5 --- /dev/null +++ b/python/ql/lib/change-notes/2025-06-26-fix-match-as-identifier.md @@ -0,0 +1,5 @@ +--- +category: fix +--- + +- The Python parser is now able to correctly parse expressions such as `match[1]` and `match()` where `match` is not used as a keyword. diff --git a/python/ql/lib/change-notes/released/4.0.11.md b/python/ql/lib/change-notes/released/4.0.11.md deleted file mode 100644 index 3fc572c00f9..00000000000 --- a/python/ql/lib/change-notes/released/4.0.11.md +++ /dev/null @@ -1,9 +0,0 @@ -## 4.0.11 - -### Minor Analysis Improvements - -* Type annotations such as `foo : Bar` are now treated by the call graph as an indication that `foo` may be an instance of `Bar`. - -### Bug Fixes - -- The Python parser is now able to correctly parse expressions such as `match[1]` and `match()` where `match` is not used as a keyword. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 8b957dfd68f..df9695089ca 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.11 +lastReleaseVersion: 4.0.10 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index b05393b63eb..dbf5d1cddbd 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 4.0.11 +version: 4.0.11-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index b5107c506b5..4a77f1a1d6d 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.6.1 - -No user-facing changes. - ## 1.6.0 ### Query Metadata Changes diff --git a/python/ql/src/change-notes/released/1.6.1.md b/python/ql/src/change-notes/released/1.6.1.md deleted file mode 100644 index 898f6201ed7..00000000000 --- a/python/ql/src/change-notes/released/1.6.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.6.1 - -No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index ef7a789e0cf..c4f0b07d533 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 6c42ff81487..ff38476458f 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.6.1 +version: 1.6.1-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index d5af247f476..2a4d6f21375 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 5.0.0 - -### Breaking Changes - -* Most classes and predicates in the AST, SSA, and control-flow-graph libraries are now annotated with `overlay[local]`, in preparation for incremental analysis. This could result in compiler errors for custom queries if they extend these classes. To mitigate such errors, look for ways to restructure custom QL code so it doesn't depend on changing the behavior of standard-library classes. - ## 4.1.9 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/5.0.0.md b/ruby/ql/lib/change-notes/2025-07-09-overlay-local.md similarity index 92% rename from ruby/ql/lib/change-notes/released/5.0.0.md rename to ruby/ql/lib/change-notes/2025-07-09-overlay-local.md index 9f54450e95a..f1c7fe83a26 100644 --- a/ruby/ql/lib/change-notes/released/5.0.0.md +++ b/ruby/ql/lib/change-notes/2025-07-09-overlay-local.md @@ -1,5 +1,4 @@ -## 5.0.0 - -### Breaking Changes - +--- +category: breaking +--- * Most classes and predicates in the AST, SSA, and control-flow-graph libraries are now annotated with `overlay[local]`, in preparation for incremental analysis. This could result in compiler errors for custom queries if they extend these classes. To mitigate such errors, look for ways to restructure custom QL code so it doesn't depend on changing the behavior of standard-library classes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index c9e54136ca5..4a8b9706277 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.0.0 +lastReleaseVersion: 4.1.9 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 374453b8bc2..2ecf065d494 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.0.0 +version: 4.1.10-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 133810657ff..ef903e8d144 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.4.1 - -No user-facing changes. - ## 1.4.0 ### Query Metadata Changes diff --git a/ruby/ql/src/change-notes/released/1.4.1.md b/ruby/ql/src/change-notes/released/1.4.1.md deleted file mode 100644 index 38987aa49cd..00000000000 --- a/ruby/ql/src/change-notes/released/1.4.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.4.1 - -No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 43ccf4467be..b8b2e97d508 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.1 +lastReleaseVersion: 1.4.0 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 56ea51fdc46..f5e2a6997b6 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.4.1 +version: 1.4.1-dev groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 4a7a2f34655..aaaa73ae07e 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.1.12 - -### Minor Analysis Improvements - -* Type inference has been extended to support pattern matching. -* Call resolution for calls to associated functions has been improved, so it now disambiguates the targets based on type information at the call sites (either type information about the arguments or about the expected return types). -* Type inference has been improved for `for` loops and range expressions, which improves call resolution and may ultimately lead to more query results. -* Implemented support for data flow through trait functions. For the purpose of data flow, calls to trait functions dispatch to all possible implementations. -* `AssocItem` and `ExternItem` are now proper subclasses of `Item`. -* Added type inference for `for` loops and array expressions. - ## 0.1.11 ### New Features diff --git a/rust/ql/lib/change-notes/2025-06-24-type-inference.md b/rust/ql/lib/change-notes/2025-06-24-type-inference.md new file mode 100644 index 00000000000..5e3fd6fc53d --- /dev/null +++ b/rust/ql/lib/change-notes/2025-06-24-type-inference.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added type inference for `for` loops and array expressions. diff --git a/rust/ql/lib/change-notes/2025-06-25-item-reorg.md.md b/rust/ql/lib/change-notes/2025-06-25-item-reorg.md.md new file mode 100644 index 00000000000..842dc3b1e31 --- /dev/null +++ b/rust/ql/lib/change-notes/2025-06-25-item-reorg.md.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* `AssocItem` and `ExternItem` are now proper subclasses of `Item`. diff --git a/rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md b/rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md new file mode 100644 index 00000000000..c3513958ccd --- /dev/null +++ b/rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Implemented support for data flow through trait functions. For the purpose of data flow, calls to trait functions dispatch to all possible implementations. diff --git a/rust/ql/lib/change-notes/2025-07-07-type-inference-for-loops.md b/rust/ql/lib/change-notes/2025-07-07-type-inference-for-loops.md new file mode 100644 index 00000000000..eb65df0b9c5 --- /dev/null +++ b/rust/ql/lib/change-notes/2025-07-07-type-inference-for-loops.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Type inference has been improved for `for` loops and range expressions, which improves call resolution and may ultimately lead to more query results. diff --git a/rust/ql/lib/change-notes/2025-07-10-assoc-func-disambiguation.md b/rust/ql/lib/change-notes/2025-07-10-assoc-func-disambiguation.md new file mode 100644 index 00000000000..af3587612e8 --- /dev/null +++ b/rust/ql/lib/change-notes/2025-07-10-assoc-func-disambiguation.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Call resolution for calls to associated functions has been improved, so it now disambiguates the targets based on type information at the call sites (either type information about the arguments or about the expected return types). \ No newline at end of file diff --git a/rust/ql/lib/change-notes/2025-07-11-type-inference-patterns.md b/rust/ql/lib/change-notes/2025-07-11-type-inference-patterns.md new file mode 100644 index 00000000000..d1d586fc71a --- /dev/null +++ b/rust/ql/lib/change-notes/2025-07-11-type-inference-patterns.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Type inference has been extended to support pattern matching. \ No newline at end of file diff --git a/rust/ql/lib/change-notes/released/0.1.12.md b/rust/ql/lib/change-notes/released/0.1.12.md deleted file mode 100644 index c168c740892..00000000000 --- a/rust/ql/lib/change-notes/released/0.1.12.md +++ /dev/null @@ -1,10 +0,0 @@ -## 0.1.12 - -### Minor Analysis Improvements - -* Type inference has been extended to support pattern matching. -* Call resolution for calls to associated functions has been improved, so it now disambiguates the targets based on type information at the call sites (either type information about the arguments or about the expected return types). -* Type inference has been improved for `for` loops and range expressions, which improves call resolution and may ultimately lead to more query results. -* Implemented support for data flow through trait functions. For the purpose of data flow, calls to trait functions dispatch to all possible implementations. -* `AssocItem` and `ExternItem` are now proper subclasses of `Item`. -* Added type inference for `for` loops and array expressions. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index bfd6e903641..1d1688e8d61 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.12 +lastReleaseVersion: 0.1.11 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 59a9e86f27e..9b9398839ba 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.1.12 +version: 0.1.12-dev groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 7865b480cca..ad73b7174f9 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.1.12 - -### New Queries - -* Added a new query, `rust/access-after-lifetime-ended`, for detecting pointer dereferences after the lifetime of the pointed-to object has ended. - ## 0.1.11 ### New Queries diff --git a/rust/ql/src/change-notes/released/0.1.12.md b/rust/ql/src/change-notes/2025-06-24-access-after-lifetime-ended.md similarity index 84% rename from rust/ql/src/change-notes/released/0.1.12.md rename to rust/ql/src/change-notes/2025-06-24-access-after-lifetime-ended.md index 4b28a684e7d..7b92a3de78b 100644 --- a/rust/ql/src/change-notes/released/0.1.12.md +++ b/rust/ql/src/change-notes/2025-06-24-access-after-lifetime-ended.md @@ -1,5 +1,4 @@ -## 0.1.12 - -### New Queries - +--- +category: newQuery +--- * Added a new query, `rust/access-after-lifetime-ended`, for detecting pointer dereferences after the lifetime of the pointed-to object has ended. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index bfd6e903641..1d1688e8d61 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.12 +lastReleaseVersion: 0.1.11 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index fe091c5f249..478c7139d5a 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.12 +version: 0.1.12-dev groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/change-notes/2025-07-16-initial-shared-concepts.md similarity index 63% rename from shared/concepts/CHANGELOG.md rename to shared/concepts/change-notes/2025-07-16-initial-shared-concepts.md index f0aa669c670..bc80c6d6a0d 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/change-notes/2025-07-16-initial-shared-concepts.md @@ -1,5 +1,4 @@ -## 0.0.1 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Initial release. Moves the shared concepts library into its own qlpack. diff --git a/shared/concepts/change-notes/released/0.0.1.md b/shared/concepts/change-notes/released/0.0.1.md deleted file mode 100644 index f0aa669c670..00000000000 --- a/shared/concepts/change-notes/released/0.0.1.md +++ /dev/null @@ -1,5 +0,0 @@ -## 0.0.1 - -### Minor Analysis Improvements - -* Initial release. Moves the shared concepts library into its own qlpack. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml deleted file mode 100644 index c6933410b71..00000000000 --- a/shared/concepts/codeql-pack.release.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -lastReleaseVersion: 0.0.1 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index bafa51fc16b..2b8a40fc79a 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.1 +version: 0.0.0-dev groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index a1299428531..0109a7bd5a7 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.11 - -No user-facing changes. - ## 2.0.10 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.11.md b/shared/controlflow/change-notes/released/2.0.11.md deleted file mode 100644 index b3d110bcba5..00000000000 --- a/shared/controlflow/change-notes/released/2.0.11.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.11 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 3cbe73b4cad..96ea0220a69 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.11 +lastReleaseVersion: 2.0.10 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index fcb5d94146c..a1020700a1a 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.11 +version: 2.0.11-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ef723958db5..128d8ccd0d4 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.11 - -No user-facing changes. - ## 2.0.10 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.0.11.md b/shared/dataflow/change-notes/released/2.0.11.md deleted file mode 100644 index b3d110bcba5..00000000000 --- a/shared/dataflow/change-notes/released/2.0.11.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.11 - -No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 3cbe73b4cad..96ea0220a69 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.11 +lastReleaseVersion: 2.0.10 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index e7c5f56daca..2064efe3b6b 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.0.11 +version: 2.0.11-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 7d61f9eb4c9..01f4051da30 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.27.md b/shared/mad/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/mad/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index e2634ea47f6..6a57f272569 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index 9b269441c00..4ffbff1e0c4 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.5 - -No user-facing changes. - ## 0.0.4 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.5.md b/shared/quantum/change-notes/released/0.0.5.md deleted file mode 100644 index 766ec2723b5..00000000000 --- a/shared/quantum/change-notes/released/0.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.5 - -No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index bb45a1ab018..ec411a674bc 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.5 +lastReleaseVersion: 0.0.4 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index 38c9dea58a1..f95d9c773b1 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.5 +version: 0.0.5-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 4dbae4dbdad..e0f22e5bc3a 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.27.md b/shared/rangeanalysis/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/rangeanalysis/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 50e266b707f..b2b9dabb75a 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 1220229c9d4..aced064cc7a 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.27.md b/shared/regex/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/regex/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 29d0dc736a9..3c478e25f9d 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 742b8645ac8..2359940bf9a 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.3 - -No user-facing changes. - ## 2.0.2 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.3.md b/shared/ssa/change-notes/released/2.0.3.md deleted file mode 100644 index 7bd669821d5..00000000000 --- a/shared/ssa/change-notes/released/2.0.3.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.3 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index fabf1e86596..81c7f1dbc13 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.3 +lastReleaseVersion: 2.0.2 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index c6081b2778d..9a9f8759539 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.3 +version: 2.0.3-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 7b90353d01a..0d814dec385 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.27.md b/shared/threat-models/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/threat-models/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index e3a22139036..b514f75bb94 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.27 +version: 1.0.27-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index e15c2f135c3..92ac100d5c8 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.27.md b/shared/tutorial/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/tutorial/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index c255232db8c..017db79a823 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index a7b0ce51066..7fa72fbd343 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.27.md b/shared/typeflow/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/typeflow/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index bf29738975a..74b59ee1f74 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index fba2a870356..8f58f5145db 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.8 - -No user-facing changes. - ## 0.0.7 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.8.md b/shared/typeinference/change-notes/released/0.0.8.md deleted file mode 100644 index 6af2d954c09..00000000000 --- a/shared/typeinference/change-notes/released/0.0.8.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.8 - -No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index 58fdc6b45de..a2a5484910b 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.7 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 2d79f4ac9fd..2b9a8d3ee2d 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.8 +version: 0.0.8-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index cab09405aed..58e9c8119af 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.11 - -No user-facing changes. - ## 2.0.10 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.11.md b/shared/typetracking/change-notes/released/2.0.11.md deleted file mode 100644 index b3d110bcba5..00000000000 --- a/shared/typetracking/change-notes/released/2.0.11.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.11 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 3cbe73b4cad..96ea0220a69 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.11 +lastReleaseVersion: 2.0.10 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index c1c1b77a43f..a0fbd70f893 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.11 +version: 2.0.11-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index f41328bb4a9..47359494704 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.27.md b/shared/typos/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/typos/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index c75852372a1..2abd1968562 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index e3b58791ecb..c8832ace022 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.14 - -No user-facing changes. - ## 2.0.13 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.14.md b/shared/util/change-notes/released/2.0.14.md deleted file mode 100644 index 13190ad53e3..00000000000 --- a/shared/util/change-notes/released/2.0.14.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.14 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 23aa0864b29..30d169d6eb8 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.14 +lastReleaseVersion: 2.0.13 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index a1c7402743a..6bebbd01336 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.14 +version: 2.0.14-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 431918d41a2..a201e0d013f 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.27.md b/shared/xml/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/xml/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 38fb409547c..d0e1fc1af1f 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 91e1186bfc3..74fcb889c9c 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.27 - -No user-facing changes. - ## 1.0.26 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.27.md b/shared/yaml/change-notes/released/1.0.27.md deleted file mode 100644 index a16f9fe5eeb..00000000000 --- a/shared/yaml/change-notes/released/1.0.27.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.27 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 1d6c59bacdb..125d169e44f 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.27 +lastReleaseVersion: 1.0.26 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 3d582f626bd..258719e3193 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.27 +version: 1.0.27-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index c859d867038..627463a2cac 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 5.0.3 - -No user-facing changes. - ## 5.0.2 No user-facing changes. diff --git a/swift/ql/lib/change-notes/released/5.0.3.md b/swift/ql/lib/change-notes/released/5.0.3.md deleted file mode 100644 index 57074925279..00000000000 --- a/swift/ql/lib/change-notes/released/5.0.3.md +++ /dev/null @@ -1,3 +0,0 @@ -## 5.0.3 - -No user-facing changes. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 6997554f6dd..3940dee0f32 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.0.3 +lastReleaseVersion: 5.0.2 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index cac8368f24f..ea03d8d389d 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 5.0.3 +version: 5.0.3-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 766d279a217..5f5f43bafae 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.2.1 - -No user-facing changes. - ## 1.2.0 ### Query Metadata Changes diff --git a/swift/ql/src/change-notes/released/1.2.1.md b/swift/ql/src/change-notes/released/1.2.1.md deleted file mode 100644 index 67aaa1465fd..00000000000 --- a/swift/ql/src/change-notes/released/1.2.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.2.1 - -No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 73dd403938c..75430e73d1c 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.1 +lastReleaseVersion: 1.2.0 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 52a1a84984c..b24d4fbd5a7 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.2.1 +version: 1.2.1-dev groups: - swift - queries