diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index e1c0dfbecd9..b3091ec37d8 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.12.7 - -### Minor Analysis Improvements - -* Added destructors for named objects to the intermediate representation. - ## 0.12.6 ### New Features diff --git a/cpp/ql/lib/change-notes/released/0.12.7.md b/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md similarity index 54% rename from cpp/ql/lib/change-notes/released/0.12.7.md rename to cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md index 856a8b665c7..4e35decaf8e 100644 --- a/cpp/ql/lib/change-notes/released/0.12.7.md +++ b/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md @@ -1,5 +1,4 @@ -## 0.12.7 - -### Minor Analysis Improvements - -* Added destructors for named objects to the intermediate representation. +--- +category: minorAnalysis +--- +* Added destructors for named objects to the intermediate representation. \ No newline at end of file diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 20419e9c610..170a312c104 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.7 +lastReleaseVersion: 0.12.6 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 3bb9229bf94..8e201fff594 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.7 +version: 0.12.7-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index f6acd424bb0..ffcd73ff5d7 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.9.6 - -### Minor Analysis Improvements - -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. -* The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. - ## 0.9.5 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/released/0.9.6.md b/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md similarity index 77% rename from cpp/ql/src/change-notes/released/0.9.6.md rename to cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md index 0c85f3f9f0f..d6ef3c3e056 100644 --- a/cpp/ql/src/change-notes/released/0.9.6.md +++ b/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md @@ -1,6 +1,4 @@ -## 0.9.6 - -### Minor Analysis Improvements - -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. +--- +category: minorAnalysis +--- * The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. diff --git a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md new file mode 100644 index 00000000000..2e5933a61e8 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 19139c132b2..460240feaff 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.6 +lastReleaseVersion: 0.9.5 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4052647bb97..31bd20166b2 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.6 +version: 0.9.6-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 82eacfc84f7..190b83b0f25 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.10 - -No user-facing changes. - ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md deleted file mode 100644 index 8e8007d8475..00000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.10 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 31c7fe07020..678da6bc37e 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.10 +lastReleaseVersion: 1.7.9 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index ee993bed0c9..7e643b0fac3 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.10 +version: 1.7.10-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 82eacfc84f7..190b83b0f25 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.10 - -No user-facing changes. - ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md deleted file mode 100644 index 8e8007d8475..00000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.10 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 31c7fe07020..678da6bc37e 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.10 +lastReleaseVersion: 1.7.9 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 1f421754fc8..8654bbfd031 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.10 +version: 1.7.10-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 16cc14259e1..95fd64c5270 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,17 +1,3 @@ -## 0.8.10 - -### Major Analysis Improvements - -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. - -### Minor Analysis Improvements - -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. -* C# 12: Add extractor and QL library support for `ref readonly` parameters. -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md new file mode 100644 index 00000000000..6bb8e99c71e --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md new file mode 100644 index 00000000000..d6ffbd523ac --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. diff --git a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md new file mode 100644 index 00000000000..9b1739b9b6d --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. diff --git a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md new file mode 100644 index 00000000000..66ab65083dc --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md new file mode 100644 index 00000000000..8749c790954 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. diff --git a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md new file mode 100644 index 00000000000..586b5341d29 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C# 12: Add extractor and QL library support for `ref readonly` parameters. diff --git a/csharp/ql/lib/change-notes/released/0.8.10.md b/csharp/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index f591ddc5b21..00000000000 --- a/csharp/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,13 +0,0 @@ -## 0.8.10 - -### Major Analysis Improvements - -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. - -### Minor Analysis Improvements - -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. -* C# 12: Add extractor and QL library support for `ref readonly` parameters. -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 93c5c1120a2..d75ea3c6320 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.10 +version: 0.8.10-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 46c939e5cee..9fe1609363f 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/0.8.10.md b/csharp/ql/src/change-notes/2024-02-06-threat-models.md similarity index 88% rename from csharp/ql/src/change-notes/released/0.8.10.md rename to csharp/ql/src/change-notes/2024-02-06-threat-models.md index 702161c3d28..69ac4e4dc17 100644 --- a/csharp/ql/src/change-notes/released/0.8.10.md +++ b/csharp/ql/src/change-notes/2024-02-06-threat-models.md @@ -1,5 +1,4 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. +--- +category: minorAnalysis +--- +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. \ No newline at end of file diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 46384094b19..9ee23cc7307 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.10 +version: 0.8.10-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a59e560c415..fba2a870356 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.9.md b/go/ql/consistency-queries/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf..00000000000 --- a/go/ql/consistency-queries/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index ecdd64fbab8..58fdc6b45de 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index d5a2fbee5f1..b574796b995 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.9 +version: 0.0.9-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index fee5fd37a26..65a2376217b 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.7.10 - -### Major Analysis Improvements - -* We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. -* Go 1.22 has been included in the range of supported Go versions. - -### Bug Fixes - -* Fixed dataflow out of a `map` using a `range` statement. - ## 0.7.9 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-02-14-range-map-read.md b/go/ql/lib/change-notes/2024-02-14-range-map-read.md new file mode 100644 index 00000000000..ea45737a72e --- /dev/null +++ b/go/ql/lib/change-notes/2024-02-14-range-map-read.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/change-notes/released/0.7.10.md b/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md similarity index 68% rename from go/ql/lib/change-notes/released/0.7.10.md rename to go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md index 55954f8a394..0442a571029 100644 --- a/go/ql/lib/change-notes/released/0.7.10.md +++ b/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md @@ -1,10 +1,5 @@ -## 0.7.10 - -### Major Analysis Improvements - +--- +category: majorAnalysis +--- * We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. * Go 1.22 has been included in the range of supported Go versions. - -### Bug Fixes - -* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 67518567297..576395f3405 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 8cc190fa880..f21e478efa6 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.10 +version: 0.7.10-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 24e38b9890e..d95165a3a34 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.7.10 - -No user-facing changes. - ## 0.7.9 ### New Queries diff --git a/go/ql/src/change-notes/released/0.7.10.md b/go/ql/src/change-notes/released/0.7.10.md deleted file mode 100644 index 989c5b8f682..00000000000 --- a/go/ql/src/change-notes/released/0.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.7.10 - -No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 67518567297..576395f3405 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 4ded3a52f63..d91cab59612 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.10 +version: 0.7.10-dev groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index c3282c773a9..4a3c54adb38 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.17 - -No user-facing changes. - ## 0.0.16 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.17.md b/java/ql/automodel/src/change-notes/released/0.0.17.md deleted file mode 100644 index 62cc89030a6..00000000000 --- a/java/ql/automodel/src/change-notes/released/0.0.17.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.17 - -No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index cbc3d3cd493..a49f7be4cff 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.17 +lastReleaseVersion: 0.0.16 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 59fab0cdcc5..898239be098 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.17 +version: 0.0.17-dev groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2a02ccee6ab..d369cbdc931 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. - -### Bug Fixes - -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. - ## 0.8.9 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md new file mode 100644 index 00000000000..eb560fba07d --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/change-notes/2024-02-27-error-types.md b/java/ql/lib/change-notes/2024-02-27-error-types.md new file mode 100644 index 00000000000..cdc6d7620aa --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-27-error-types.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. diff --git a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md new file mode 100644 index 00000000000..a0227088ae9 --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. diff --git a/java/ql/lib/change-notes/released/0.8.10.md b/java/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index b45f14bf347..00000000000 --- a/java/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,10 +0,0 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. - -### Bug Fixes - -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 428eedc75e3..15b4982d41e 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.10 +version: 0.8.10-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index c61275f5ed8..5d835351453 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,13 +1,3 @@ -## 0.8.10 - -### New Queries - -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. - -### Minor Analysis Improvements - -* To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. - ## 0.8.9 ### New Queries diff --git a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md new file mode 100644 index 00000000000..1de07727796 --- /dev/null +++ b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. \ No newline at end of file diff --git a/java/ql/src/change-notes/released/0.8.10.md b/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md similarity index 54% rename from java/ql/src/change-notes/released/0.8.10.md rename to java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md index c5d18ae3379..0bb4f18f2bd 100644 --- a/java/ql/src/change-notes/released/0.8.10.md +++ b/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md @@ -1,9 +1,4 @@ -## 0.8.10 - -### New Queries - -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index ebbdbeee3b2..8f4de528e21 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.10 +version: 0.8.10-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index d5edcc00513..5b97ebbb22b 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.8.10 - -No user-facing changes. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/0.8.10.md b/javascript/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index 777bbd2fded..00000000000 --- a/javascript/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.8.10 - -No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index da16493a21c..ef3ca7521ac 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.10 +version: 0.8.10-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index b9627cac5ee..85516e3625d 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.8.10 - -No user-facing changes. - ## 0.8.9 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/released/0.8.10.md b/javascript/ql/src/change-notes/released/0.8.10.md deleted file mode 100644 index 777bbd2fded..00000000000 --- a/javascript/ql/src/change-notes/released/0.8.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.8.10 - -No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index d224952c564..b6181aa30e9 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.10 +version: 0.8.10-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 1c4455b66c4..3c06dd69b0f 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.7.10 - -No user-facing changes. - ## 0.7.9 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.10.md b/misc/suite-helpers/change-notes/released/0.7.10.md deleted file mode 100644 index 989c5b8f682..00000000000 --- a/misc/suite-helpers/change-notes/released/0.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.7.10 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 67518567297..576395f3405 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 54d978d5efe..49b7a6bda4c 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.10 +version: 0.7.10-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index f095607ca1b..e6f318c51ea 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.11.10 - -### Minor Analysis Improvements - -* Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. - ## 0.11.9 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md new file mode 100644 index 00000000000..3c47c6ba866 --- /dev/null +++ b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/change-notes/released/0.11.10.md b/python/ql/lib/change-notes/2024-03-01-dict-update-content.md similarity index 52% rename from python/ql/lib/change-notes/released/0.11.10.md rename to python/ql/lib/change-notes/2024-03-01-dict-update-content.md index ed873724e4f..dfb8d247fff 100644 --- a/python/ql/lib/change-notes/released/0.11.10.md +++ b/python/ql/lib/change-notes/2024-03-01-dict-update-content.md @@ -1,6 +1,4 @@ -## 0.11.10 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index ddddcbe9193..b064d1778a1 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.10 +lastReleaseVersion: 0.11.9 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 59a8b4c96d1..e9f66e205f2 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.10 +version: 0.11.10-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index d4245aba7a6..50762bcbf34 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.9.10 - -### New Queries - -* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. - ## 0.9.9 No user-facing changes. diff --git a/python/ql/src/change-notes/released/0.9.10.md b/python/ql/src/change-notes/2024-03-04-nosql-injection.md similarity index 81% rename from python/ql/src/change-notes/released/0.9.10.md rename to python/ql/src/change-notes/2024-03-04-nosql-injection.md index 4cbb221b789..6e98540c757 100644 --- a/python/ql/src/change-notes/released/0.9.10.md +++ b/python/ql/src/change-notes/2024-03-04-nosql-injection.md @@ -1,5 +1,4 @@ -## 0.9.10 - -### New Queries - +--- +category: newQuery +--- * The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index d086ed69541..aabed7c396b 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.10 +lastReleaseVersion: 0.9.9 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index c920f667836..aa18f2d8707 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.10 +version: 0.9.10-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index c61a12e0f4a..a623a151e89 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,12 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md new file mode 100644 index 00000000000..c2276f284a8 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md new file mode 100644 index 00000000000..1486c7a472d --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md new file mode 100644 index 00000000000..6f3a90768ba --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md new file mode 100644 index 00000000000..350e049b5bf --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/released/0.8.10.md b/ruby/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index 666e28f840e..00000000000 --- a/ruby/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,8 +0,0 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index de5b41999fe..7d409b83adb 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.10 +version: 0.8.10-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index f875b6d16ad..4149c728eff 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. -* Added additional request sources for Ruby on Rails. - ## 0.8.9 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md new file mode 100644 index 00000000000..84ea696dfef --- /dev/null +++ b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added additional request sources for Ruby on Rails. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/released/0.8.10.md b/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md similarity index 51% rename from ruby/ql/src/change-notes/released/0.8.10.md rename to ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md index 985cdf8d22e..43e40d3fd53 100644 --- a/ruby/ql/src/change-notes/released/0.8.10.md +++ b/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md @@ -1,6 +1,4 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. -* Added additional request sources for Ruby on Rails. +--- +category: minorAnalysis +--- +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. \ No newline at end of file diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 0521f0f75fa..5290c29b7fe 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 5e379268234..8af7f9fd797 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.10 +version: 0.8.10-dev groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 75f2ca53f98..dbfa6ef4512 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.1.10 - -No user-facing changes. - ## 0.1.9 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.10.md b/shared/controlflow/change-notes/released/0.1.10.md deleted file mode 100644 index 47358eeee93..00000000000 --- a/shared/controlflow/change-notes/released/0.1.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.1.10 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 30f5ca88be0..1425c0edf7f 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.10 +lastReleaseVersion: 0.1.9 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 1d43802be42..9d35a678276 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.10 +version: 0.1.10-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ef80788bded..67a5bf589f4 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.1 - -No user-facing changes. - ## 0.2.0 ### Breaking Changes diff --git a/shared/dataflow/change-notes/released/0.2.1.md b/shared/dataflow/change-notes/released/0.2.1.md deleted file mode 100644 index 3dbfc85fe11..00000000000 --- a/shared/dataflow/change-notes/released/0.2.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.1 - -No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index df29a726bcc..5274e27ed52 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.1 +lastReleaseVersion: 0.2.0 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index ee422e02ea9..1e7becf71c4 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.1 +version: 0.2.1-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 4730366775e..4d09057118c 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.10.md b/shared/mad/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/mad/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 6d7269ef3da..22c8f271ccc 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 9943dcb7972..5b8dbcfab22 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.9.md b/shared/rangeanalysis/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf..00000000000 --- a/shared/rangeanalysis/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index ecdd64fbab8..58fdc6b45de 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 01db5d5734d..836fe51ee34 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.9 +version: 0.0.9-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index c05869c153d..cd5f91f71ec 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.10.md b/shared/regex/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/regex/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 0d4f485312f..ea3f7f9b238 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index a9161ff578b..01acfae0148 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.10.md b/shared/ssa/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/ssa/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 2ad254711a5..19304ad107f 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a59e560c415..fba2a870356 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.9.md b/shared/threat-models/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf..00000000000 --- a/shared/threat-models/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index ecdd64fbab8..58fdc6b45de 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 60cbbc56fcb..d0ed9a913b2 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.9 +version: 0.0.9-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 560ad058d5b..1db3a01af0b 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.10.md b/shared/tutorial/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/tutorial/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 69116705c1b..b595ae9ee70 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 350f9ecbeae..afc857bc6bc 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.10.md b/shared/typetracking/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/typetracking/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fbbdcf5162a..b55927f59bb 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 54b1eaa4d58..66c5871d982 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.10.md b/shared/typos/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/typos/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 4d59d9b3c34..644bfe11bff 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 1ca1f71bcbc..63832e927fa 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.10.md b/shared/util/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/util/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 28ed738a93d..ca1a866a53d 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 9fd5ebc26ab..e5495abcd50 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.10.md b/shared/yaml/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19f..00000000000 --- a/shared/yaml/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index a71167814cb..d021cf0a6be 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 9643ffcec66..de5b47e120a 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 8f14bfcedc9..e88cd0259cc 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.3.10 - -### Bug Fixes - -* Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. - ## 0.3.9 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/released/0.3.10.md b/swift/ql/lib/change-notes/2024-02-22-extension-patch.md similarity index 83% rename from swift/ql/lib/change-notes/released/0.3.10.md rename to swift/ql/lib/change-notes/2024-02-22-extension-patch.md index 9d6286ff58a..7bd78f3b785 100644 --- a/swift/ql/lib/change-notes/released/0.3.10.md +++ b/swift/ql/lib/change-notes/2024-02-22-extension-patch.md @@ -1,5 +1,4 @@ -## 0.3.10 - -### Bug Fixes - +--- +category: fix +--- * Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 76ca0ac8ba7..3fa5180bcb4 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.10 +lastReleaseVersion: 0.3.9 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 70ec4798ea8..a37a4cb3d58 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.10 +version: 0.3.10-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index bda9834c9bc..96615d06972 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.3.10 - -No user-facing changes. - ## 0.3.9 ### New Queries diff --git a/swift/ql/src/change-notes/released/0.3.10.md b/swift/ql/src/change-notes/released/0.3.10.md deleted file mode 100644 index 925a48fc52e..00000000000 --- a/swift/ql/src/change-notes/released/0.3.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.3.10 - -No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 76ca0ac8ba7..3fa5180bcb4 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.10 +lastReleaseVersion: 0.3.9 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index ba66b065529..e3ead42c98b 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.10 +version: 0.3.10-dev groups: - swift - queries