Merge pull request #20944 from github/release-prep/2.23.7

Release preparation for version 2.23.7
2025-12-16 16:53:25 +01:00 · 2025-12-01 19:34:17 +01:00
parent f1aaefc107 19a13467e0
commit 871d5c9045
174 changed files with 432 additions and 147 deletions
--- a/actions/ql/lib/CHANGELOG.md
+++ b/actions/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.4.22
 No user-facing changes.
 ## 0.4.21
 No user-facing changes.
--- a/actions/ql/lib/change-notes/released/0.4.22.md
+++ b/actions/ql/lib/change-notes/released/0.4.22.md
@@ -0,0 +1,3 @@
 ## 0.4.22
 No user-facing changes.
--- a/actions/ql/lib/codeql-pack.release.yml
+++ b/actions/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.21
+lastReleaseVersion: 0.4.22
--- a/actions/ql/lib/qlpack.yml
+++ b/actions/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.22-dev
+version: 0.4.22
 library: true
 warnOnImplicitThis: true
 dependencies:
--- a/actions/ql/src/CHANGELOG.md
+++ b/actions/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.6.14
 No user-facing changes.
 ## 0.6.13
 No user-facing changes.
--- a/actions/ql/src/change-notes/released/0.6.14.md
+++ b/actions/ql/src/change-notes/released/0.6.14.md
@@ -0,0 +1,3 @@
 ## 0.6.14
 No user-facing changes.
--- a/actions/ql/src/codeql-pack.release.yml
+++ b/actions/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.13
+lastReleaseVersion: 0.6.14
--- a/actions/ql/src/qlpack.yml
+++ b/actions/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.6.14-dev
+version: 0.6.14
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 6.1.1
 ### Minor Analysis Improvements
 * The class `DataFlow::FieldContent` now covers both `union` and `struct`/`class` types. A new predicate `FieldContent.getAField` has been added to access the union members associated with the `FieldContent`. The old `FieldContent` has been renamed to `NonUnionFieldContent`.
 ## 6.1.0
 ### New Features
--- a/cpp/ql/lib/change-notes/2025-11-19-content.md
+++ b/cpp/ql/lib/change-notes/2025-11-19-content.md
@@ -1,4 +1,5 @@
---
+## 6.1.1
-category: minorAnalysis
+
---
+### Minor Analysis Improvements
-* The class `DataFlow::FieldContent` now covers both `union` and `struct`/`class` types. A new predicate `FieldContent.getAField` has been added to access the union members associated with the `FieldContent`. The old `FieldContent` has been renamed to `NonUnionFieldContent`.
+
 * The class `DataFlow::FieldContent` now covers both `union` and `struct`/`class` types. A new predicate `FieldContent.getAField` has been added to access the union members associated with the `FieldContent`. The old `FieldContent` has been renamed to `NonUnionFieldContent`.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 6.1.0
+lastReleaseVersion: 6.1.1
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 6.1.1-dev
+version: 6.1.1
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.5.5
 No user-facing changes.
 ## 1.5.4
 No user-facing changes.
--- a/cpp/ql/src/change-notes/released/1.5.5.md
+++ b/cpp/ql/src/change-notes/released/1.5.5.md
@@ -0,0 +1,3 @@
 ## 1.5.5
 No user-facing changes.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.4
+lastReleaseVersion: 1.5.5
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.5.5-dev
+version: 1.5.5
 groups:
  - cpp
  - queries
--- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.7.53
 No user-facing changes.
 ## 1.7.52
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.53.md
+++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.53.md
@@ -0,0 +1,3 @@
 ## 1.7.53
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.52
+lastReleaseVersion: 1.7.53
--- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.53-dev
+version: 1.7.53
 groups:
  - csharp
  - solorigate
--- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.7.53
 No user-facing changes.
 ## 1.7.52
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.53.md
+++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.53.md
@@ -0,0 +1,3 @@
 ## 1.7.53
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.52
+lastReleaseVersion: 1.7.53
--- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.53-dev
+version: 1.7.53
 groups:
  - csharp
  - solorigate
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@@ -1,3 +1,11 @@
 ## 5.4.1
 ### Minor Analysis Improvements
 * Improved stability when downloading .NET versions by setting appropriate environment variables for `dotnet` commands. The correct architecture-specific version of .NET is now downloaded on ARM runners.
 * Compilation errors are now included in the debug log when using build-mode none.
 * Added a new extractor option to specify a custom directory for dependency downloads in buildless mode. Use `-O buildless_dependency_dir=<path>` to configure the target directory.
 ## 5.4.0
 ### Deprecated APIs
--- a/csharp/ql/lib/change-notes/2025-11-17-compiler-error-debug.md
+++ b/csharp/ql/lib/change-notes/2025-11-17-compiler-error-debug.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Compilation errors are now included in the debug log when using build-mode none.
--- a/csharp/ql/lib/change-notes/2025-11-17-dependencies-directory.md
+++ b/csharp/ql/lib/change-notes/2025-11-17-dependencies-directory.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Added a new extractor option to specify a custom directory for dependency downloads in buildless mode. Use `-O buildless_dependency_dir=<path>` to configure the target directory.
--- a/csharp/ql/lib/change-notes/2025-11-19-autobuilder-stability.md
+++ b/csharp/ql/lib/change-notes/2025-11-19-autobuilder-stability.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Improved stability when downloading .NET versions by setting appropriate environment variables for `dotnet` commands. The correct architecture-specific version of .NET is now downloaded on ARM runners.
--- a/csharp/ql/lib/change-notes/released/5.4.1.md
+++ b/csharp/ql/lib/change-notes/released/5.4.1.md
@@ -0,0 +1,7 @@
 ## 5.4.1
 ### Minor Analysis Improvements
 * Improved stability when downloading .NET versions by setting appropriate environment variables for `dotnet` commands. The correct architecture-specific version of .NET is now downloaded on ARM runners.
 * Compilation errors are now included in the debug log when using build-mode none.
 * Added a new extractor option to specify a custom directory for dependency downloads in buildless mode. Use `-O buildless_dependency_dir=<path>` to configure the target directory.
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.4.0
+lastReleaseVersion: 5.4.1
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 5.4.1-dev
+version: 5.4.1
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.5.1
 No user-facing changes.
 ## 1.5.0
 ### New Queries
@@ -180,7 +184,7 @@ No user-facing changes.
 ### Minor Analysis Improvements
-* C#: The method `string.ReplaceLineEndings(string)` is now considered a sanitizer for the `cs/log-forging` query. 
+* C#: The method `string.ReplaceLineEndings(string)` is now considered a sanitizer for the `cs/log-forging` query.
 ## 1.0.10
--- a/csharp/ql/src/change-notes/released/1.5.1.md
+++ b/csharp/ql/src/change-notes/released/1.5.1.md
@@ -0,0 +1,3 @@
 ## 1.5.1
 No user-facing changes.
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.0
+lastReleaseVersion: 1.5.1
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.5.1-dev
+version: 1.5.1
 groups:
  - csharp
  - queries
--- a/go/ql/consistency-queries/CHANGELOG.md
+++ b/go/ql/consistency-queries/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.0.36
 No user-facing changes.
 ## 1.0.35
 No user-facing changes.
--- a/go/ql/consistency-queries/change-notes/released/1.0.36.md
+++ b/go/ql/consistency-queries/change-notes/released/1.0.36.md
@@ -0,0 +1,3 @@
 ## 1.0.36
 No user-facing changes.
--- a/go/ql/consistency-queries/codeql-pack.release.yml
+++ b/go/ql/consistency-queries/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.35
+lastReleaseVersion: 1.0.36
--- a/go/ql/consistency-queries/qlpack.yml
+++ b/go/ql/consistency-queries/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.36-dev
+version: 1.0.36
 groups:
  - go
  - queries
--- a/go/ql/lib/CHANGELOG.md
+++ b/go/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 5.0.3
 No user-facing changes.
 ## 5.0.2
 ### Bug Fixes
--- a/go/ql/lib/change-notes/released/5.0.3.md
+++ b/go/ql/lib/change-notes/released/5.0.3.md
@@ -0,0 +1,3 @@
 ## 5.0.3
 No user-facing changes.
--- a/go/ql/lib/codeql-pack.release.yml
+++ b/go/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.0.2
+lastReleaseVersion: 5.0.3
--- a/go/ql/lib/qlpack.yml
+++ b/go/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 5.0.3-dev
+version: 5.0.3
 groups: go
 dbscheme: go.dbscheme
 extractor: go
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@@ -1,3 +1,12 @@
 ## 1.5.0
 ### New Queries
 * The `go/cookie-http-only-not-set` query has been promoted from the experimental query pack. This query was originally contributed to the experimental query pack by @edvraa.
 * A new query `go/cookie-secure-not-set` has been added to detect cookies without the `Secure` flag set.
 * Added a new query, `go/weak-crypto-algorithm`, to detect the use of a broken or weak cryptographic algorithm. A very simple version of this query was originally contributed as an [experimental query by @dilanbhalla](https://github.com/github/codeql-go/pull/284).
 * Added a new query, `go/weak-sensitive-data-hashing`, to detect the use of a broken or weak cryptographic hash algorithm on sensitive data.
 ## 1.4.9
 No user-facing changes.
--- a/go/ql/src/change-notes/2025-11-10-insecure-cookie.md
+++ b/go/ql/src/change-notes/2025-11-10-insecure-cookie.md
@@ -1,5 +0,0 @@
 ---
 category: newQuery
 ---
 * The `go/cookie-http-only-not-set` query has been promoted from the experimental query pack. This query was originally contributed to the experimental query pack by @edvraa.
 * A new query `go/cookie-secure-not-set` has been added to detect cookies without the `Secure` flag set.
--- a/go/ql/src/change-notes/2025-10-21-go-weak-crypto-algorithm.md
+++ b/go/ql/src/change-notes/2025-10-21-go-weak-crypto-algorithm.md
@@ -1,5 +1,8 @@
---
+## 1.5.0
-category: newQuery
+
---
+### New Queries
 * The `go/cookie-http-only-not-set` query has been promoted from the experimental query pack. This query was originally contributed to the experimental query pack by @edvraa.
 * A new query `go/cookie-secure-not-set` has been added to detect cookies without the `Secure` flag set.
 * Added a new query, `go/weak-crypto-algorithm`, to detect the use of a broken or weak cryptographic algorithm. A very simple version of this query was originally contributed as an [experimental query by @dilanbhalla](https://github.com/github/codeql-go/pull/284).
 * Added a new query, `go/weak-sensitive-data-hashing`, to detect the use of a broken or weak cryptographic hash algorithm on sensitive data.
--- a/go/ql/src/codeql-pack.release.yml
+++ b/go/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.9
+lastReleaseVersion: 1.5.0
--- a/go/ql/src/qlpack.yml
+++ b/go/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 1.4.10-dev
+version: 1.5.0
 groups:
  - go
  - queries
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 7.8.0
 ### Deprecated APIs
 * The SSA interface has been updated and all classes and several predicates have been renamed. See the qldoc for more specific migration information.
 ## 7.7.4
 No user-facing changes.
--- a/java/ql/lib/change-notes/2025-10-07-ssa-api-updates.md
+++ b/java/ql/lib/change-notes/2025-10-07-ssa-api-updates.md
@@ -1,4 +1,5 @@
---
+## 7.8.0
-category: deprecated
+
---
+### Deprecated APIs
 * The SSA interface has been updated and all classes and several predicates have been renamed. See the qldoc for more specific migration information.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.7.4
+lastReleaseVersion: 7.8.0
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 7.7.5-dev
+version: 7.8.0
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 1.10.1
 ### Minor Analysis Improvements
 * Operations that extract only a fixed-length prefix or suffix of a string (for example, `substring` in Java or `take` in Kotlin), when limited to a length of at most 7 characters, are now treated as sanitizers for the `java/sensitive-log` query.  
 ## 1.10.0
 ### Query Metadata Changes
--- a/java/ql/src/change-notes/2025-11-17-sensitive-logging-new-sanitizers.md
+++ b/java/ql/src/change-notes/2025-11-17-sensitive-logging-new-sanitizers.md
@@ -1,4 +1,5 @@
---
+## 1.10.1
-category: minorAnalysis
+
---
+### Minor Analysis Improvements
-* Operations that extract only a fixed-length prefix or suffix of a string (for example, `substring` in Java or `take` in Kotlin), when limited to a length of at most 7 characters, are now treated as sanitizers for the `java/sensitive-log` query.  
+
 * Operations that extract only a fixed-length prefix or suffix of a string (for example, `substring` in Java or `take` in Kotlin), when limited to a length of at most 7 characters, are now treated as sanitizers for the `java/sensitive-log` query.  
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.10.0
+lastReleaseVersion: 1.10.1
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 1.10.1-dev
+version: 1.10.1
 groups:
  - java
  - queries
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 2.6.16
 ### Minor Analysis Improvements
 - JavaScript `DataFlow::globalVarRef` now recognizes `document.defaultView` as an alias of `window`, allowing flows such as `document.defaultView.history.pushState(...)` to be modeled and found by queries relying on `globalVarRef("history")`.
 ## 2.6.15
 No user-facing changes.
--- a/javascript/ql/lib/change-notes/2025-11-19-default-view.md
+++ b/javascript/ql/lib/change-notes/2025-11-19-default-view.md
@@ -1,5 +1,5 @@
---
+## 2.6.16
-category: minorAnalysis
+
---
+### Minor Analysis Improvements
 - JavaScript `DataFlow::globalVarRef` now recognizes `document.defaultView` as an alias of `window`, allowing flows such as `document.defaultView.history.pushState(...)` to be modeled and found by queries relying on `globalVarRef("history")`.
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.6.15
+lastReleaseVersion: 2.6.16
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 2.6.16-dev
+version: 2.6.16
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 2.2.1
 ### Minor Analysis Improvements
 * Fixed a bug in the Next.js model that would cause the analysis to miss server-side taint sources in the `app/pages` folder.
 ## 2.2.0
 ### Query Metadata Changes
--- a/javascript/ql/src/change-notes/2025-11-25-nextjs-project-layout.md
+++ b/javascript/ql/src/change-notes/2025-11-25-nextjs-project-layout.md
@@ -1,4 +1,5 @@
---
+## 2.2.1
-category: minorAnalysis
+
---
+### Minor Analysis Improvements
 * Fixed a bug in the Next.js model that would cause the analysis to miss server-side taint sources in the `app/pages` folder.
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.2.0
+lastReleaseVersion: 2.2.1
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 2.2.1-dev
+version: 2.2.1
 groups:
  - javascript
  - queries
--- a/misc/suite-helpers/CHANGELOG.md
+++ b/misc/suite-helpers/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.0.36
 No user-facing changes.
 ## 1.0.35
 No user-facing changes.
--- a/misc/suite-helpers/change-notes/released/1.0.36.md
+++ b/misc/suite-helpers/change-notes/released/1.0.36.md
@@ -0,0 +1,3 @@
 ## 1.0.36
 No user-facing changes.
--- a/misc/suite-helpers/codeql-pack.release.yml
+++ b/misc/suite-helpers/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.35
+lastReleaseVersion: 1.0.36
--- a/misc/suite-helpers/qlpack.yml
+++ b/misc/suite-helpers/qlpack.yml
@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 1.0.36-dev
+version: 1.0.36
 groups: shared
 warnOnImplicitThis: true
--- a/python/ql/lib/CHANGELOG.md
+++ b/python/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 5.0.1
 ### Bug Fixes
 - Fixed a bug in the Python extractor's import handling where failing to find an import in `find_module` would cause a `KeyError` to be raised. (Contributed by @akoeplinger.)
 ## 5.0.0
 ### Breaking Changes
--- a/python/ql/lib/change-notes/2025-11-27-fix-keyerror-in-imp-module.md
+++ b/python/ql/lib/change-notes/2025-11-27-fix-keyerror-in-imp-module.md
@@ -1,5 +1,5 @@
---
+## 5.0.1
-category: fix
+
---
+### Bug Fixes
 - Fixed a bug in the Python extractor's import handling where failing to find an import in `find_module` would cause a `KeyError` to be raised. (Contributed by @akoeplinger.)
--- a/python/ql/lib/codeql-pack.release.yml
+++ b/python/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.0.0
+lastReleaseVersion: 5.0.1
--- a/python/ql/lib/qlpack.yml
+++ b/python/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 5.0.1-dev
+version: 5.0.1
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python
--- a/python/ql/src/CHANGELOG.md
+++ b/python/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.7.1
 No user-facing changes.
 ## 1.7.0
 ### Query Metadata Changes
--- a/python/ql/src/change-notes/released/1.7.1.md
+++ b/python/ql/src/change-notes/released/1.7.1.md
@@ -0,0 +1,3 @@
 ## 1.7.1
 No user-facing changes.
--- a/python/ql/src/codeql-pack.release.yml
+++ b/python/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.0
+lastReleaseVersion: 1.7.1
--- a/python/ql/src/qlpack.yml
+++ b/python/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 1.7.1-dev
+version: 1.7.1
 groups:
  - python
  - queries
--- a/ruby/ql/lib/CHANGELOG.md
+++ b/ruby/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 5.1.4
 No user-facing changes.
 ## 5.1.3
 No user-facing changes.
--- a/ruby/ql/lib/change-notes/released/5.1.4.md
+++ b/ruby/ql/lib/change-notes/released/5.1.4.md
@@ -0,0 +1,3 @@
 ## 5.1.4
 No user-facing changes.
--- a/ruby/ql/lib/codeql-pack.release.yml
+++ b/ruby/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.1.3
+lastReleaseVersion: 5.1.4
--- a/ruby/ql/lib/qlpack.yml
+++ b/ruby/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 5.1.4-dev
+version: 5.1.4
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme
--- a/ruby/ql/src/CHANGELOG.md
+++ b/ruby/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.5.1
 No user-facing changes.
 ## 1.5.0
 ### Query Metadata Changes
--- a/ruby/ql/src/change-notes/released/1.5.1.md
+++ b/ruby/ql/src/change-notes/released/1.5.1.md
@@ -0,0 +1,3 @@
 ## 1.5.1
 No user-facing changes.
--- a/ruby/ql/src/codeql-pack.release.yml
+++ b/ruby/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.0
+lastReleaseVersion: 1.5.1
--- a/ruby/ql/src/qlpack.yml
+++ b/ruby/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 1.5.1-dev
+version: 1.5.1
 groups:
  - ruby
  - queries
--- a/rust/ql/lib/CHANGELOG.md
+++ b/rust/ql/lib/CHANGELOG.md
@@ -1,3 +1,13 @@
 ## 0.2.0
 ### Breaking Changes
 * The type `DataFlow::Node` is now based directly on the AST instead of the CFG, which means that predicates like `asExpr()` return AST nodes instead of CFG nodes.
 ### Minor Analysis Improvements
 * Added more detailed models for `std::fs` and `std::path`.
 ## 0.1.20
 ### Minor Analysis Improvements
--- a/rust/ql/lib/change-notes/2025-11-19-dataflow-ast.md
+++ b/rust/ql/lib/change-notes/2025-11-19-dataflow-ast.md
@@ -1,4 +0,0 @@
 ---
 category: breaking
 ---
 * The type `DataFlow::Node` is now based directly on the AST instead of the CFG, which means that predicates like `asExpr()` return AST nodes instead of CFG nodes.
--- a/rust/ql/lib/change-notes/2025-11-21-fs.md
+++ b/rust/ql/lib/change-notes/2025-11-21-fs.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Added more detailed models for `std::fs` and `std::path`.
--- a/rust/ql/lib/change-notes/released/0.2.0.md
+++ b/rust/ql/lib/change-notes/released/0.2.0.md
@@ -0,0 +1,9 @@
 ## 0.2.0
 ### Breaking Changes
 * The type `DataFlow::Node` is now based directly on the AST instead of the CFG, which means that predicates like `asExpr()` return AST nodes instead of CFG nodes.
 ### Minor Analysis Improvements
 * Added more detailed models for `std::fs` and `std::path`.
--- a/rust/ql/lib/codeql-pack.release.yml
+++ b/rust/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.20
+lastReleaseVersion: 0.2.0
--- a/rust/ql/lib/qlpack.yml
+++ b/rust/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/rust-all
-version: 0.1.21-dev
+version: 0.2.0
 groups: rust
 extractor: rust
 dbscheme: rust.dbscheme
--- a/rust/ql/src/CHANGELOG.md
+++ b/rust/ql/src/CHANGELOG.md
@@ -1,3 +1,15 @@
 ## 0.1.21
 ### New Queries
 * Added a new query `rust/xss`, to detect cross-site scripting security vulnerabilities.
 * Added a new query `rust/disabled-certificate-check`, to detect disabled TLS certificate checks.
 * Added three example queries (`rust/examples/empty-if`, `rust/examples/simple-sql-injection` and `rust/examples/simple-constant-password`) to help developers learn to write CodeQL queries for Rust.
 ### Minor Analysis Improvements
 * The `rust/access-invalid-pointer` query has been improved with new flow sources and barriers.
 ## 0.1.20
 ### Minor Analysis Improvements
--- a/rust/ql/src/change-notes/2025-11-07-example-queries.md
+++ b/rust/ql/src/change-notes/2025-11-07-example-queries.md
@@ -1,4 +0,0 @@
 ---
 category: newQuery
 ---
 * Added three example queries (`rust/examples/empty-if`, `rust/examples/simple-sql-injection` and `rust/examples/simple-constant-password`) to help developers learn to write CodeQL queries for Rust.
--- a/rust/ql/src/change-notes/2025-11-12-disabled-certificate-check.md
+++ b/rust/ql/src/change-notes/2025-11-12-disabled-certificate-check.md
@@ -1,4 +0,0 @@
 ---
 category: newQuery
 ---
 * Added a new query `rust/disabled-certificate-check`, to detect disabled TLS certificate checks.
--- a/rust/ql/src/change-notes/2025-11-17-access-invalid-pointer.md
+++ b/rust/ql/src/change-notes/2025-11-17-access-invalid-pointer.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * The `rust/access-invalid-pointer` query has been improved with new flow sources and barriers.
--- a/rust/ql/src/change-notes/2025-11-24-xss-query.md
+++ b/rust/ql/src/change-notes/2025-11-24-xss-query.md
@@ -1,4 +0,0 @@
 ---
 category: newQuery
 ---
 * Added a new query `rust/xss`, to detect cross-site scripting security vulnerabilities.
--- a/rust/ql/src/change-notes/released/0.1.21.md
+++ b/rust/ql/src/change-notes/released/0.1.21.md
@@ -0,0 +1,11 @@
 ## 0.1.21
 ### New Queries
 * Added a new query `rust/xss`, to detect cross-site scripting security vulnerabilities.
 * Added a new query `rust/disabled-certificate-check`, to detect disabled TLS certificate checks.
 * Added three example queries (`rust/examples/empty-if`, `rust/examples/simple-sql-injection` and `rust/examples/simple-constant-password`) to help developers learn to write CodeQL queries for Rust.
 ### Minor Analysis Improvements
 * The `rust/access-invalid-pointer` query has been improved with new flow sources and barriers.
--- a/rust/ql/src/codeql-pack.release.yml
+++ b/rust/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.20
+lastReleaseVersion: 0.1.21
--- a/rust/ql/src/qlpack.yml
+++ b/rust/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/rust-queries
-version: 0.1.21-dev
+version: 0.1.21
 groups:
  - rust
  - queries
--- a/shared/concepts/CHANGELOG.md
+++ b/shared/concepts/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.0.10
 No user-facing changes.
 ## 0.0.9
 No user-facing changes.
--- a/shared/concepts/change-notes/released/0.0.10.md
+++ b/shared/concepts/change-notes/released/0.0.10.md
@@ -0,0 +1,3 @@
 ## 0.0.10
 No user-facing changes.
--- a/Show More
+++ b/Show More
`@@ -1,2 +1,2 @@`
	`---`	`---`
	`lastReleaseVersion: 0.4.21`	`lastReleaseVersion: 0.4.22`