From 96564b712862e40902820005cbca52761e08d165 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 4 Dec 2024 16:01:14 +0000 Subject: [PATCH] Release preparation for version 2.20.0 --- cpp/ql/lib/CHANGELOG.md | 10 +++++++++ .../2024-11-18-throwing-functions.md | 4 ---- .../ql/lib/change-notes/released/3.0.0.md | 11 +++++++--- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 10 +++++++++ .../2024-11-22-too-few-arguments.md | 4 ---- .../1.3.0.md} | 11 +++++++--- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../lib/change-notes/released/1.7.30.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../src/change-notes/released/1.7.30.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 17 +++++++++++++++ ...26-model-microsoft.jsinterop.ijsruntime.md | 5 ----- ...onmanager.uri-and-uri-parsing-utilities.md | 8 ------- .../2024-12-03-dynamic-field-flow.md | 4 ---- .../2024-12-03-public-protected-reference.md | 4 ---- csharp/ql/lib/change-notes/released/4.0.0.md | 16 ++++++++++++++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ++++++ .../1.0.13.md} | 7 ++++--- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.13.md | 3 +++ .../codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 14 +++++++++++++ ...-promoted-fields-and-methods-name-clash.md | 4 ---- .../2024-11-20-heuristic-logging-sinks.md | 4 ---- go/ql/lib/change-notes/released/3.0.0.md | 13 ++++++++++++ go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 6 ++++++ .../1.1.4.md} | 7 ++++--- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 10 +++++++++ .../2024-11-04-list-of-constants-sanitizer.md | 4 ---- .../ql/lib/change-notes/released/5.0.0.md | 11 +++++++--- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 8 +++++++ java/ql/src/change-notes/2024-11-22-sha3.md | 4 ---- java/ql/src/change-notes/2024-11-24-sha2.md | 4 ---- .../1.1.10.md} | 9 +++++--- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 21 ++++++++++++++++--- .../2024-11-18-ES2022-find-functions.md | 5 ----- ...-20-ES2023-string-protytpe-toWellFormed.md | 4 ---- .../2024-11-20-ES2024-group-functions.md | 4 ---- .../2.2.0.md} | 14 ++++++++++--- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ++++ .../ql/src/change-notes/released/1.2.5.md | 3 +++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.13.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 10 +++++++++ .../2024-11-26-fix-match-cfg-pruning.md | 5 ----- ...-12-03-remove-dataflow-config-class-api.md | 4 ---- python/ql/lib/change-notes/released/3.0.0.md | 9 ++++++++ python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 4 ++++ python/ql/src/change-notes/released/1.3.4.md | 3 +++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 6 ++++++ ...-12-03-remove-dataflow-config-class-api.md | 4 ---- .../ql/lib/change-notes/released/3.0.0.md | 7 ++++--- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++++ ruby/ql/src/change-notes/released/1.1.8.md | 3 +++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.13.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ .../dataflow/change-notes/released/1.1.7.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/1.0.13.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.13.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/1.0.13.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/1.0.13.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.13.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ .../tutorial/change-notes/released/1.0.13.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ++++ .../typeflow/change-notes/released/1.0.13.md | 3 +++ shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.13.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/1.0.13.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 6 ++++++ .../2.0.0.md} | 7 ++++--- shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ++++ shared/xml/change-notes/released/1.0.13.md | 3 +++ shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/1.0.13.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ++++++ ...-12-03-remove-dataflow-config-class-api.md | 4 ---- .../ql/lib/change-notes/released/3.0.0.md | 7 ++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/1.0.13.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 154 files changed, 441 insertions(+), 180 deletions(-) delete mode 100644 cpp/ql/lib/change-notes/2024-11-18-throwing-functions.md rename go/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md => cpp/ql/lib/change-notes/released/3.0.0.md (55%) delete mode 100644 cpp/ql/src/change-notes/2024-11-22-too-few-arguments.md rename cpp/ql/src/change-notes/{2014-11-26-guarded-free.md => released/1.3.0.md} (52%) create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.30.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.30.md delete mode 100644 csharp/ql/lib/change-notes/2024-11-26-model-microsoft.jsinterop.ijsruntime.md delete mode 100644 csharp/ql/lib/change-notes/2024-11-27-navigationmanager.uri-and-uri-parsing-utilities.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-03-dynamic-field-flow.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-03-public-protected-reference.md create mode 100644 csharp/ql/lib/change-notes/released/4.0.0.md rename csharp/ql/src/change-notes/{2024-11-28-db-quality-property-access.md => released/1.0.13.md} (85%) create mode 100644 go/ql/consistency-queries/change-notes/released/1.0.13.md delete mode 100644 go/ql/lib/change-notes/2024-11-17-fix-missing-promoted-fields-and-methods-name-clash.md delete mode 100644 go/ql/lib/change-notes/2024-11-20-heuristic-logging-sinks.md create mode 100644 go/ql/lib/change-notes/released/3.0.0.md rename go/ql/src/change-notes/{2024-11-26-model-slices-package.md => released/1.1.4.md} (70%) delete mode 100644 java/ql/lib/change-notes/2024-11-04-list-of-constants-sanitizer.md rename csharp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md => java/ql/lib/change-notes/released/5.0.0.md (56%) delete mode 100644 java/ql/src/change-notes/2024-11-22-sha3.md delete mode 100644 java/ql/src/change-notes/2024-11-24-sha2.md rename java/ql/src/change-notes/{2024-10-29-weak-crypto-hash.md => released/1.1.10.md} (50%) delete mode 100644 javascript/ql/lib/change-notes/2024-11-18-ES2022-find-functions.md delete mode 100644 javascript/ql/lib/change-notes/2024-11-20-ES2023-string-protytpe-toWellFormed.md delete mode 100644 javascript/ql/lib/change-notes/2024-11-20-ES2024-group-functions.md rename javascript/ql/lib/change-notes/{2024-11-28-regexp-unknown-flags.md => released/2.2.0.md} (52%) create mode 100644 javascript/ql/src/change-notes/released/1.2.5.md create mode 100644 misc/suite-helpers/change-notes/released/1.0.13.md delete mode 100644 python/ql/lib/change-notes/2024-11-26-fix-match-cfg-pruning.md delete mode 100644 python/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md create mode 100644 python/ql/lib/change-notes/released/3.0.0.md create mode 100644 python/ql/src/change-notes/released/1.3.4.md delete mode 100644 ruby/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md rename java/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md => ruby/ql/lib/change-notes/released/3.0.0.md (88%) create mode 100644 ruby/ql/src/change-notes/released/1.1.8.md create mode 100644 shared/controlflow/change-notes/released/1.0.13.md create mode 100644 shared/dataflow/change-notes/released/1.1.7.md create mode 100644 shared/mad/change-notes/released/1.0.13.md create mode 100644 shared/rangeanalysis/change-notes/released/1.0.13.md create mode 100644 shared/regex/change-notes/released/1.0.13.md create mode 100644 shared/ssa/change-notes/released/1.0.13.md create mode 100644 shared/threat-models/change-notes/released/1.0.13.md create mode 100644 shared/tutorial/change-notes/released/1.0.13.md create mode 100644 shared/typeflow/change-notes/released/1.0.13.md create mode 100644 shared/typetracking/change-notes/released/1.0.13.md create mode 100644 shared/typos/change-notes/released/1.0.13.md rename shared/util/change-notes/{2024-12-03-remove-deprected-inline-expecation-test-classes.md => released/2.0.0.md} (77%) create mode 100644 shared/xml/change-notes/released/1.0.13.md create mode 100644 shared/yaml/change-notes/released/1.0.13.md delete mode 100644 swift/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md rename cpp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md => swift/ql/lib/change-notes/released/3.0.0.md (88%) create mode 100644 swift/ql/src/change-notes/released/1.0.13.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index d84fe585fca..4091ef97e4d 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 3.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Deprecated APIs + +* The `NonThrowing` class (`semmle.code.cpp.models.interfaces.NonThrowing`) has been deprecated. Please use the `NonCppThrowingFunction` class instead. + ## 2.1.1 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2024-11-18-throwing-functions.md b/cpp/ql/lib/change-notes/2024-11-18-throwing-functions.md deleted file mode 100644 index 73b358a0e1f..00000000000 --- a/cpp/ql/lib/change-notes/2024-11-18-throwing-functions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The `NonThrowing` class (`semmle.code.cpp.models.interfaces.NonThrowing`) has been deprecated. Please use the `NonCppThrowingFunction` class instead. \ No newline at end of file diff --git a/go/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md b/cpp/ql/lib/change-notes/released/3.0.0.md similarity index 55% rename from go/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md rename to cpp/ql/lib/change-notes/released/3.0.0.md index d09ec528c99..5945c94c566 100644 --- a/go/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md +++ b/cpp/ql/lib/change-notes/released/3.0.0.md @@ -1,4 +1,9 @@ ---- -category: breaking ---- +## 3.0.0 + +### Breaking Changes + * Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Deprecated APIs + +* The `NonThrowing` class (`semmle.code.cpp.models.interfaces.NonThrowing`) has been deprecated. Please use the `NonCppThrowingFunction` class instead. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 576c2ea18d6..33d3a2cd113 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.1 +lastReleaseVersion: 3.0.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 001028daae1..723a2c3544e 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 2.1.2-dev +version: 3.0.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 5bb266bdd64..74781fe0f87 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 1.3.0 + +### New Queries + +* Added a new high-precision quality query, `cpp/guarded-free`, which detects useless NULL pointer checks before calls to `free`. A variation of this query was originally contributed as an [experimental query by @mario-campos](https://github.com/github/codeql/pull/16331). + +### Minor Analysis Improvements + +* The "Call to function with fewer arguments than declared parameters" query (`cpp/too-few-arguments`) query no longer produces results if the function has been implicitly declared. + ## 1.2.7 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2024-11-22-too-few-arguments.md b/cpp/ql/src/change-notes/2024-11-22-too-few-arguments.md deleted file mode 100644 index 116df08838a..00000000000 --- a/cpp/ql/src/change-notes/2024-11-22-too-few-arguments.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Call to function with fewer arguments than declared parameters" query (`cpp/too-few-arguments`) query no longer produces results if the function has been implicitly declared. diff --git a/cpp/ql/src/change-notes/2014-11-26-guarded-free.md b/cpp/ql/src/change-notes/released/1.3.0.md similarity index 52% rename from cpp/ql/src/change-notes/2014-11-26-guarded-free.md rename to cpp/ql/src/change-notes/released/1.3.0.md index 4280025a04f..1443206add8 100644 --- a/cpp/ql/src/change-notes/2014-11-26-guarded-free.md +++ b/cpp/ql/src/change-notes/released/1.3.0.md @@ -1,4 +1,9 @@ ---- -category: newQuery ---- +## 1.3.0 + +### New Queries + * Added a new high-precision quality query, `cpp/guarded-free`, which detects useless NULL pointer checks before calls to `free`. A variation of this query was originally contributed as an [experimental query by @mario-campos](https://github.com/github/codeql/pull/16331). + +### Minor Analysis Improvements + +* The "Call to function with fewer arguments than declared parameters" query (`cpp/too-few-arguments`) query no longer produces results if the function has been implicitly declared. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 950e0645d4a..ec16350ed6f 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.7 +lastReleaseVersion: 1.3.0 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 2fcf45807da..824ee1459aa 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.2.8-dev +version: 1.3.0 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 93e737ae669..a71f93aacd4 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.30 + +No user-facing changes. + ## 1.7.29 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.30.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.30.md new file mode 100644 index 00000000000..8fb79827401 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.30.md @@ -0,0 +1,3 @@ +## 1.7.30 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 34100d3ad64..c0346e526b9 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.29 +lastReleaseVersion: 1.7.30 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 0c8db9920eb..daac6be2fbb 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.30-dev +version: 1.7.30 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 93e737ae669..a71f93aacd4 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.30 + +No user-facing changes. + ## 1.7.29 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.30.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.30.md new file mode 100644 index 00000000000..8fb79827401 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.30.md @@ -0,0 +1,3 @@ +## 1.7.30 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 34100d3ad64..c0346e526b9 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.29 +lastReleaseVersion: 1.7.30 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 3a4343780e4..1b3b911c6f1 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.30-dev +version: 1.7.30 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index c76569e4ab3..86f279365f0 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,20 @@ +## 4.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Minor Analysis Improvements + +* Added support for data-flow through member accesses of objects with `dynamic` types. +* Only extract *public* and *protected* members from reference assemblies. This yields an approximate average speed-up of around 10% for extraction and query execution. Custom MaD rows using `Field`-based summaries may need to be changed to `SyntheticField`-based flows if they reference private fields. +* Added `Microsoft.AspNetCore.Components.NagivationManager::Uri` as a remote flow source, since this value may contain user-specified values. +* Added the following URI-parsing methods as summaries, as they may be tainted with user-specified values: + - `System.Web.HttpUtility::ParseQueryString` + - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseQuery` + - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseNullableQuery` +* Added `js-interop` sinks for the `InvokeAsync` and `InvokeVoidAsync` methods of `Microsoft.JSInterop.IJSRuntime`, which can run arbitrary JavaScript. + ## 3.1.1 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2024-11-26-model-microsoft.jsinterop.ijsruntime.md b/csharp/ql/lib/change-notes/2024-11-26-model-microsoft.jsinterop.ijsruntime.md deleted file mode 100644 index a99f9c8e0fd..00000000000 --- a/csharp/ql/lib/change-notes/2024-11-26-model-microsoft.jsinterop.ijsruntime.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `js-interop` sinks for the `InvokeAsync` and `InvokeVoidAsync` methods of `Microsoft.JSInterop.IJSRuntime`, which can run arbitrary JavaScript. - diff --git a/csharp/ql/lib/change-notes/2024-11-27-navigationmanager.uri-and-uri-parsing-utilities.md b/csharp/ql/lib/change-notes/2024-11-27-navigationmanager.uri-and-uri-parsing-utilities.md deleted file mode 100644 index 2d9866c2e15..00000000000 --- a/csharp/ql/lib/change-notes/2024-11-27-navigationmanager.uri-and-uri-parsing-utilities.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `Microsoft.AspNetCore.Components.NagivationManager::Uri` as a remote flow source, since this value may contain user-specified values. -* Added the following URI-parsing methods as summaries, as they may be tainted with user-specified values: - - `System.Web.HttpUtility::ParseQueryString` - - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseQuery` - - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseNullableQuery` diff --git a/csharp/ql/lib/change-notes/2024-12-03-dynamic-field-flow.md b/csharp/ql/lib/change-notes/2024-12-03-dynamic-field-flow.md deleted file mode 100644 index 4d5f8f9258e..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-03-dynamic-field-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for data-flow through member accesses of objects with `dynamic` types. diff --git a/csharp/ql/lib/change-notes/2024-12-03-public-protected-reference.md b/csharp/ql/lib/change-notes/2024-12-03-public-protected-reference.md deleted file mode 100644 index 7b284df3652..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-03-public-protected-reference.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Only extract *public* and *protected* members from reference assemblies. This yields an approximate average speed-up of around 10% for extraction and query execution. Custom MaD rows using `Field`-based summaries may need to be changed to `SyntheticField`-based flows if they reference private fields. diff --git a/csharp/ql/lib/change-notes/released/4.0.0.md b/csharp/ql/lib/change-notes/released/4.0.0.md new file mode 100644 index 00000000000..2a64ac00232 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/4.0.0.md @@ -0,0 +1,16 @@ +## 4.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Minor Analysis Improvements + +* Added support for data-flow through member accesses of objects with `dynamic` types. +* Only extract *public* and *protected* members from reference assemblies. This yields an approximate average speed-up of around 10% for extraction and query execution. Custom MaD rows using `Field`-based summaries may need to be changed to `SyntheticField`-based flows if they reference private fields. +* Added `Microsoft.AspNetCore.Components.NagivationManager::Uri` as a remote flow source, since this value may contain user-specified values. +* Added the following URI-parsing methods as summaries, as they may be tainted with user-specified values: + - `System.Web.HttpUtility::ParseQueryString` + - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseQuery` + - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseNullableQuery` +* Added `js-interop` sinks for the `InvokeAsync` and `InvokeVoidAsync` methods of `Microsoft.JSInterop.IJSRuntime`, which can run arbitrary JavaScript. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index c06beda86a3..49fe3eef697 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.1.1 +lastReleaseVersion: 4.0.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index efc82eedc90..d985d58b112 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 3.1.2-dev +version: 4.0.0 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 99528b54e9e..370a9cf4a6a 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.0.13 + +### Minor Analysis Improvements + +* `csharp/diagnostic/database-quality` has been changed to exclude various property access expressions from database quality evaluation. The excluded property access expressions are expected to have no target callables even in manual or autobuilt databases. + ## 1.0.12 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2024-11-28-db-quality-property-access.md b/csharp/ql/src/change-notes/released/1.0.13.md similarity index 85% rename from csharp/ql/src/change-notes/2024-11-28-db-quality-property-access.md rename to csharp/ql/src/change-notes/released/1.0.13.md index 212c01f24bb..cfce05a8733 100644 --- a/csharp/ql/src/change-notes/2024-11-28-db-quality-property-access.md +++ b/csharp/ql/src/change-notes/released/1.0.13.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.0.13 + +### Minor Analysis Improvements + * `csharp/diagnostic/database-quality` has been changed to exclude various property access expressions from database quality evaluation. The excluded property access expressions are expected to have no target callables even in manual or autobuilt databases. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 569b69021d1..f838d279d87 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.13-dev +version: 1.0.13 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index eeb6b0a262a..3c6fa155a32 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.13.md b/go/ql/consistency-queries/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 60d11115c14..72aeab276d7 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.13-dev +version: 1.0.13 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index b2eb3cbb239..83052b3a1d9 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,17 @@ +## 3.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Minor Analysis Improvements + +* A call to a method whose name starts with "Debug", "Error", "Fatal", "Info", "Log", "Output", "Panic", "Print", "Trace", "Warn" or "With" defined on an interface whose name ends in "logger" or "Logger" is now considered a LoggerCall. In particular, it is a sink for `go/clear-text-logging` and `go/log-injection`. This may lead to some more alerts in those queries. + +### Bug Fixes + +* Fixed a bug which meant that promoted fields and methods were missing when the embedded parent was not promoted due to a name clash. + ## 2.1.3 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/2024-11-17-fix-missing-promoted-fields-and-methods-name-clash.md b/go/ql/lib/change-notes/2024-11-17-fix-missing-promoted-fields-and-methods-name-clash.md deleted file mode 100644 index 8b1ee9b60b2..00000000000 --- a/go/ql/lib/change-notes/2024-11-17-fix-missing-promoted-fields-and-methods-name-clash.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed a bug which meant that promoted fields and methods were missing when the embedded parent was not promoted due to a name clash. diff --git a/go/ql/lib/change-notes/2024-11-20-heuristic-logging-sinks.md b/go/ql/lib/change-notes/2024-11-20-heuristic-logging-sinks.md deleted file mode 100644 index 46f5988b379..00000000000 --- a/go/ql/lib/change-notes/2024-11-20-heuristic-logging-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* A call to a method whose name starts with "Debug", "Error", "Fatal", "Info", "Log", "Output", "Panic", "Print", "Trace", "Warn" or "With" defined on an interface whose name ends in "logger" or "Logger" is now considered a LoggerCall. In particular, it is a sink for `go/clear-text-logging` and `go/log-injection`. This may lead to some more alerts in those queries. diff --git a/go/ql/lib/change-notes/released/3.0.0.md b/go/ql/lib/change-notes/released/3.0.0.md new file mode 100644 index 00000000000..5aafa0c29d1 --- /dev/null +++ b/go/ql/lib/change-notes/released/3.0.0.md @@ -0,0 +1,13 @@ +## 3.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Minor Analysis Improvements + +* A call to a method whose name starts with "Debug", "Error", "Fatal", "Info", "Log", "Output", "Panic", "Print", "Trace", "Warn" or "With" defined on an interface whose name ends in "logger" or "Logger" is now considered a LoggerCall. In particular, it is a sink for `go/clear-text-logging` and `go/log-injection`. This may lead to some more alerts in those queries. + +### Bug Fixes + +* Fixed a bug which meant that promoted fields and methods were missing when the embedded parent was not promoted due to a name clash. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 345fb0c73a4..33d3a2cd113 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.3 +lastReleaseVersion: 3.0.0 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 98e81430897..df0d0e9d5fc 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 2.1.4-dev +version: 3.0.0 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index c529cbffb32..c9044e55cdc 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.4 + +### Minor Analysis Improvements + +* Added value flow models for functions in the `slices` package which do not involve the `iter` package. + ## 1.1.3 No user-facing changes. diff --git a/go/ql/src/change-notes/2024-11-26-model-slices-package.md b/go/ql/src/change-notes/released/1.1.4.md similarity index 70% rename from go/ql/src/change-notes/2024-11-26-model-slices-package.md rename to go/ql/src/change-notes/released/1.1.4.md index 5a3141c8075..0437ebd2bd6 100644 --- a/go/ql/src/change-notes/2024-11-26-model-slices-package.md +++ b/go/ql/src/change-notes/released/1.1.4.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.1.4 + +### Minor Analysis Improvements + * Added value flow models for functions in the `slices` package which do not involve the `iter` package. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 35e710ab1bf..26cbcd3f123 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.3 +lastReleaseVersion: 1.1.4 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 866a0935713..ecd9cbb13f0 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.1.4-dev +version: 1.1.4 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 990fea9ddd7..09ee80087e8 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 5.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Minor Analysis Improvements + +* Calling `coll.contains(x)` is now a taint sanitizer (for any query) for the value `x`, where `coll` is a collection of constants. + ## 4.2.1 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2024-11-04-list-of-constants-sanitizer.md b/java/ql/lib/change-notes/2024-11-04-list-of-constants-sanitizer.md deleted file mode 100644 index dea1e7ff81e..00000000000 --- a/java/ql/lib/change-notes/2024-11-04-list-of-constants-sanitizer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calling `coll.contains(x)` is now a taint sanitizer (for any query) for the value `x`, where `coll` is a collection of constants. diff --git a/csharp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md b/java/ql/lib/change-notes/released/5.0.0.md similarity index 56% rename from csharp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md rename to java/ql/lib/change-notes/released/5.0.0.md index d09ec528c99..9d9e2bc61b5 100644 --- a/csharp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md +++ b/java/ql/lib/change-notes/released/5.0.0.md @@ -1,4 +1,9 @@ ---- -category: breaking ---- +## 5.0.0 + +### Breaking Changes + * Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Minor Analysis Improvements + +* Calling `coll.contains(x)` is now a taint sanitizer (for any query) for the value `x`, where `coll` is a collection of constants. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 38ea9976fcc..c9e54136ca5 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.2.1 +lastReleaseVersion: 5.0.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index a8c1ee2de2b..54f56a24606 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 4.2.2-dev +version: 5.0.0 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index f212b4a8d3d..0bb38874b82 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,11 @@ +## 1.1.10 + +### Minor Analysis Improvements + +* Added SHA-384 to the list of secure hashing algorithms. As a result the `java/potentially-weak-cryptographic-algorithm` query should no longer flag up uses of SHA-384. +* Added SHA3 to the list of secure hashing algorithms. As a result the `java/potentially-weak-cryptographic-algorithm` query should no longer flag up uses of SHA3. +* The `java/weak-cryptographic-algorithm` query has been updated to no longer report uses of hash functions such as `MD5` and `SHA1` even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. The `java/potentially-weak-cryptographic-algorithm` query has been updated to report these uses instead. + ## 1.1.9 No user-facing changes. diff --git a/java/ql/src/change-notes/2024-11-22-sha3.md b/java/ql/src/change-notes/2024-11-22-sha3.md deleted file mode 100644 index 61dbc35162e..00000000000 --- a/java/ql/src/change-notes/2024-11-22-sha3.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added SHA3 to the list of secure hashing algorithms. As a result the `java/potentially-weak-cryptographic-algorithm` query should no longer flag up uses of SHA3. diff --git a/java/ql/src/change-notes/2024-11-24-sha2.md b/java/ql/src/change-notes/2024-11-24-sha2.md deleted file mode 100644 index 395ea04b782..00000000000 --- a/java/ql/src/change-notes/2024-11-24-sha2.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added SHA-384 to the list of secure hashing algorithms. As a result the `java/potentially-weak-cryptographic-algorithm` query should no longer flag up uses of SHA-384. diff --git a/java/ql/src/change-notes/2024-10-29-weak-crypto-hash.md b/java/ql/src/change-notes/released/1.1.10.md similarity index 50% rename from java/ql/src/change-notes/2024-10-29-weak-crypto-hash.md rename to java/ql/src/change-notes/released/1.1.10.md index b4ac88bcdc6..fef22bdedf5 100644 --- a/java/ql/src/change-notes/2024-10-29-weak-crypto-hash.md +++ b/java/ql/src/change-notes/released/1.1.10.md @@ -1,4 +1,7 @@ ---- -category: minorAnalysis ---- +## 1.1.10 + +### Minor Analysis Improvements + +* Added SHA-384 to the list of secure hashing algorithms. As a result the `java/potentially-weak-cryptographic-algorithm` query should no longer flag up uses of SHA-384. +* Added SHA3 to the list of secure hashing algorithms. As a result the `java/potentially-weak-cryptographic-algorithm` query should no longer flag up uses of SHA3. * The `java/weak-cryptographic-algorithm` query has been updated to no longer report uses of hash functions such as `MD5` and `SHA1` even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. The `java/potentially-weak-cryptographic-algorithm` query has been updated to report these uses instead. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 6f4795f3ea0..4c01918d414 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.9 +lastReleaseVersion: 1.1.10 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 44740683f14..eb757401a84 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.1.10-dev +version: 1.1.10 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 7d8f8dcfc8b..df83ccd9c4d 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,12 +1,27 @@ +## 2.2.0 + +### Major Analysis Improvements + +* The `js/incomplete-sanitization` query now also checks regular expressions constructed using `new RegExp(..)`. Previously it only checked regular expression literals. +* Regular expression-based sanitisers implemented with `new RegExp(..)` are now detected in more cases. +* Regular expression related queries now account for unknown flags. + +### Minor Analysis Improvements + +* Added taint-steps for `String.prototype.toWellFormed`. +* Added taint-steps for `Map.groupBy` and `Object.groupBy`. +* Added taint-steps for `Array.prototype.findLast` +* Added taint-steps for `Array.prototype.findLastIndex` + ## 2.1.1 ### Minor Analysis Improvements -Added taint-steps for `Array.prototype.with`. -Added taint-steps for `Array.prototype.toSpliced` +* Added taint-steps for `Array.prototype.with`. +* Added taint-steps for `Array.prototype.toSpliced` * Added taint-steps for `Array.prototype.toReversed`. * Added taint-steps for `Array.prototype.toSorted`. -Added support for `String.prototype.matchAll`. +* Added support for `String.prototype.matchAll`. * Added taint-steps for `Array.prototype.reverse` ## 2.1.0 diff --git a/javascript/ql/lib/change-notes/2024-11-18-ES2022-find-functions.md b/javascript/ql/lib/change-notes/2024-11-18-ES2022-find-functions.md deleted file mode 100644 index e3fe3b6aef2..00000000000 --- a/javascript/ql/lib/change-notes/2024-11-18-ES2022-find-functions.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint-steps for `Array.prototype.findLast` -* Added taint-steps for `Array.prototype.findLastIndex` diff --git a/javascript/ql/lib/change-notes/2024-11-20-ES2023-string-protytpe-toWellFormed.md b/javascript/ql/lib/change-notes/2024-11-20-ES2023-string-protytpe-toWellFormed.md deleted file mode 100644 index dda4d878760..00000000000 --- a/javascript/ql/lib/change-notes/2024-11-20-ES2023-string-protytpe-toWellFormed.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint-steps for `String.prototype.toWellFormed`. diff --git a/javascript/ql/lib/change-notes/2024-11-20-ES2024-group-functions.md b/javascript/ql/lib/change-notes/2024-11-20-ES2024-group-functions.md deleted file mode 100644 index 8511727f8e7..00000000000 --- a/javascript/ql/lib/change-notes/2024-11-20-ES2024-group-functions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint-steps for `Map.groupBy` and `Object.groupBy`. diff --git a/javascript/ql/lib/change-notes/2024-11-28-regexp-unknown-flags.md b/javascript/ql/lib/change-notes/released/2.2.0.md similarity index 52% rename from javascript/ql/lib/change-notes/2024-11-28-regexp-unknown-flags.md rename to javascript/ql/lib/change-notes/released/2.2.0.md index e1db79e5c86..535acb6ffc1 100644 --- a/javascript/ql/lib/change-notes/2024-11-28-regexp-unknown-flags.md +++ b/javascript/ql/lib/change-notes/released/2.2.0.md @@ -1,6 +1,14 @@ ---- -category: majorAnalysis ---- +## 2.2.0 + +### Major Analysis Improvements + * The `js/incomplete-sanitization` query now also checks regular expressions constructed using `new RegExp(..)`. Previously it only checked regular expression literals. * Regular expression-based sanitisers implemented with `new RegExp(..)` are now detected in more cases. * Regular expression related queries now account for unknown flags. + +### Minor Analysis Improvements + +* Added taint-steps for `String.prototype.toWellFormed`. +* Added taint-steps for `Map.groupBy` and `Object.groupBy`. +* Added taint-steps for `Array.prototype.findLast` +* Added taint-steps for `Array.prototype.findLastIndex` diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 576c2ea18d6..2f308354195 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.1 +lastReleaseVersion: 2.2.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 9726d407e1a..4245aa6e5d3 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.1.2-dev +version: 2.2.0 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 403de6b3323..195298ec89f 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.2.5 + +No user-facing changes. + ## 1.2.4 No user-facing changes. diff --git a/javascript/ql/src/change-notes/released/1.2.5.md b/javascript/ql/src/change-notes/released/1.2.5.md new file mode 100644 index 00000000000..c805dc2cd4c --- /dev/null +++ b/javascript/ql/src/change-notes/released/1.2.5.md @@ -0,0 +1,3 @@ +## 1.2.5 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 172090f46b6..40355f0807f 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.4 +lastReleaseVersion: 1.2.5 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index a1efe30e69d..ba7c502b29f 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.2.5-dev +version: 1.2.5 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 969419cb7b7..5d46c57bf4e 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.13.md b/misc/suite-helpers/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index e2cbd7f3f9d..834362022be 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.13-dev +version: 1.0.13 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 34dc5f1b060..81c7659c4ed 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 3.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Bug Fixes + +- Fixed a problem with the control-flow graph construction, where writing `case True:` or `case False:` would cause parts of the graph to be pruned by mistake. + ## 2.2.0 ### Major Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-11-26-fix-match-cfg-pruning.md b/python/ql/lib/change-notes/2024-11-26-fix-match-cfg-pruning.md deleted file mode 100644 index 3ee1094c13b..00000000000 --- a/python/ql/lib/change-notes/2024-11-26-fix-match-cfg-pruning.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- - -- Fixed a problem with the control-flow graph construction, where writing `case True:` or `case False:` would cause parts of the graph to be pruned by mistake. diff --git a/python/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md b/python/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md deleted file mode 100644 index d09ec528c99..00000000000 --- a/python/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. diff --git a/python/ql/lib/change-notes/released/3.0.0.md b/python/ql/lib/change-notes/released/3.0.0.md new file mode 100644 index 00000000000..d57189465d8 --- /dev/null +++ b/python/ql/lib/change-notes/released/3.0.0.md @@ -0,0 +1,9 @@ +## 3.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + +### Bug Fixes + +- Fixed a problem with the control-flow graph construction, where writing `case True:` or `case False:` would cause parts of the graph to be pruned by mistake. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 2f308354195..33d3a2cd113 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.2.0 +lastReleaseVersion: 3.0.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 290189efa13..978dfd96a83 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 2.2.1-dev +version: 3.0.0 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 5fea597a7a3..c247e217acf 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.4 + +No user-facing changes. + ## 1.3.3 No user-facing changes. diff --git a/python/ql/src/change-notes/released/1.3.4.md b/python/ql/src/change-notes/released/1.3.4.md new file mode 100644 index 00000000000..5073aca7222 --- /dev/null +++ b/python/ql/src/change-notes/released/1.3.4.md @@ -0,0 +1,3 @@ +## 1.3.4 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index eb1f7dabc84..8263ddf2c8b 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.3 +lastReleaseVersion: 1.3.4 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index d84402123dc..bff5afdf817 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.3.4-dev +version: 1.3.4 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 37248cf4960..737903a3232 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 3.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + ## 2.0.4 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md b/ruby/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md deleted file mode 100644 index d09ec528c99..00000000000 --- a/ruby/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. diff --git a/java/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md b/ruby/ql/lib/change-notes/released/3.0.0.md similarity index 88% rename from java/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md rename to ruby/ql/lib/change-notes/released/3.0.0.md index d09ec528c99..82b5c467407 100644 --- a/java/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md +++ b/ruby/ql/lib/change-notes/released/3.0.0.md @@ -1,4 +1,5 @@ ---- -category: breaking ---- +## 3.0.0 + +### Breaking Changes + * Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 0f306f8bd3b..33d3a2cd113 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.4 +lastReleaseVersion: 3.0.0 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 97259f5dd36..41b72629a67 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 2.0.5-dev +version: 3.0.0 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index e159e9fda36..5fe04780136 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.8 + +No user-facing changes. + ## 1.1.7 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.1.8.md b/ruby/ql/src/change-notes/released/1.1.8.md new file mode 100644 index 00000000000..f4fe325b335 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.1.8.md @@ -0,0 +1,3 @@ +## 1.1.8 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 75910556516..64972659c42 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.7 +lastReleaseVersion: 1.1.8 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 26ac8866ae0..7f337d89d6a 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.1.8-dev +version: 1.1.8 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index b6de6379e77..285b39a4359 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/1.0.13.md b/shared/controlflow/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/controlflow/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index da4368217d3..5401179ac96 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 7eec34670dc..df038524d2d 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.7 + +No user-facing changes. + ## 1.1.6 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/1.1.7.md b/shared/dataflow/change-notes/released/1.1.7.md new file mode 100644 index 00000000000..81505c0507a --- /dev/null +++ b/shared/dataflow/change-notes/released/1.1.7.md @@ -0,0 +1,3 @@ +## 1.1.7 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 9e712a00a21..75910556516 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.6 +lastReleaseVersion: 1.1.7 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 15f77aa0a3a..55eb216cc54 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 1.1.7-dev +version: 1.1.7 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 8eb5e03400a..93a528a4f3c 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.13.md b/shared/mad/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/mad/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 8ce60ad0cc9..5c37e609029 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index cedd38e3e30..6b25d16e0f7 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.13.md b/shared/rangeanalysis/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index ee5954cae0b..bd33c35fe53 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 3e8a99103fe..54c3ed2b307 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.13.md b/shared/regex/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/regex/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 34aa1065398..07d9f87eb8c 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index b98345f361c..01c19388c92 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.13.md b/shared/ssa/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/ssa/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 145cd9e2192..9a2027d0706 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index eeb6b0a262a..3c6fa155a32 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.13.md b/shared/threat-models/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 16ca1fe3a88..d29bd36dd83 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.13-dev +version: 1.0.13 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index da467b3de30..1f4e7ad4ed3 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.13.md b/shared/tutorial/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 14cbbbdc067..e618abb068b 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index cae361ea7e7..dd8fb7a60b2 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.13.md b/shared/typeflow/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 5a659a4559d..e9d46c074e8 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 96110cb10a2..0ab05873af4 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/1.0.13.md b/shared/typetracking/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/typetracking/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 216cc8696d9..9e4717670a7 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 83fb2dfb4cc..c0c3cea3948 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.13.md b/shared/typos/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/typos/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 8c1a93efe5e..b3ed91c0926 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 15c3b8c6225..e03d990b747 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,9 @@ +## 2.0.0 + +### Breaking Changes + +* Deleted the old deprecated inline expectation test API that was based on the `InlineExpectationsTest` class. + ## 1.0.12 No user-facing changes. diff --git a/shared/util/change-notes/2024-12-03-remove-deprected-inline-expecation-test-classes.md b/shared/util/change-notes/released/2.0.0.md similarity index 77% rename from shared/util/change-notes/2024-12-03-remove-deprected-inline-expecation-test-classes.md rename to shared/util/change-notes/released/2.0.0.md index 6126e37b619..513290e952b 100644 --- a/shared/util/change-notes/2024-12-03-remove-deprected-inline-expecation-test-classes.md +++ b/shared/util/change-notes/released/2.0.0.md @@ -1,4 +1,5 @@ ---- -category: breaking ---- +## 2.0.0 + +### Breaking Changes + * Deleted the old deprecated inline expectation test API that was based on the `InlineExpectationsTest` class. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 2036690b201..0abe6ccede0 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 2.0.0 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 83284f19cc3..4b66bd8ad92 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 1.0.13-dev +version: 2.0.0 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index c8213742dc9..c3ebc31994b 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.13.md b/shared/xml/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/xml/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index f48f41ef3ff..8d8b1b8ee54 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 2cc2ec62057..28fcbceec8e 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.13.md b/shared/yaml/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 54880a8cf2f..998a94f4bbf 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.13-dev +version: 1.0.13 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 898a3282bb5..ba76b51c80e 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 3.0.0 + +### Breaking Changes + +* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. + ## 2.0.4 No user-facing changes. diff --git a/swift/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md b/swift/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md deleted file mode 100644 index d09ec528c99..00000000000 --- a/swift/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. diff --git a/cpp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md b/swift/ql/lib/change-notes/released/3.0.0.md similarity index 88% rename from cpp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md rename to swift/ql/lib/change-notes/released/3.0.0.md index d09ec528c99..82b5c467407 100644 --- a/cpp/ql/lib/change-notes/2024-12-03-remove-dataflow-config-class-api.md +++ b/swift/ql/lib/change-notes/released/3.0.0.md @@ -1,4 +1,5 @@ ---- -category: breaking ---- +## 3.0.0 + +### Breaking Changes + * Deleted the old deprecated data flow API that was based on extending a configuration class. See https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries for instructions on migrating your queries to use the new API. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 0f306f8bd3b..33d3a2cd113 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.4 +lastReleaseVersion: 3.0.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 2e855546d50..66fd8af358e 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 2.0.5-dev +version: 3.0.0 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 76de7db1348..73ac6bef86d 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.13 + +No user-facing changes. + ## 1.0.12 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.0.13.md b/swift/ql/src/change-notes/released/1.0.13.md new file mode 100644 index 00000000000..378f97eeb1b --- /dev/null +++ b/swift/ql/src/change-notes/released/1.0.13.md @@ -0,0 +1,3 @@ +## 1.0.13 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 2036690b201..c3be7eb7716 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.12 +lastReleaseVersion: 1.0.13 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 1d9f7154cda..ee53e55fe41 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.13-dev +version: 1.0.13 groups: - swift - queries