Release preparation for version 2.15.0

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.11.0
+
+### Minor Analysis Improvements
+
+* Django Rest Framework better handles custom `ModelViewSet` classes functions
+* Regular expression fragments residing inside implicitly concatenated strings now have better location information.
+
+### Bug Fixes
+
+* Subterms of regular expressions encoded as single-line string literals now have better source-location information.
+
 ## 0.10.5
 
 No user-facing changes.

python/ql/lib/change-notes/2023-09-22-regex-prefix.md

@@ -1,4 +0,0 @@
----
-category: fix
----
-* Subterms of regular expressions encoded as single-line string literals now have better source-location information.

python/ql/lib/change-notes/2023-09-26-regex-locations-in-string-parts.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Regular expression fragments residing inside implicitly concatenated strings now have better location information.

python/ql/lib/change-notes/2023-09-29-django-restframework-improvements.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Django Rest Framework better handles custom `ModelViewSet` classes functions

python/ql/lib/change-notes/released/0.11.0.md

@@ -0,0 +1,10 @@
+## 0.11.0
+
+### Minor Analysis Improvements
+
+* Django Rest Framework better handles custom `ModelViewSet` classes functions
+* Regular expression fragments residing inside implicitly concatenated strings now have better location information.
+
+### Bug Fixes
+
+* Subterms of regular expressions encoded as single-line string literals now have better source-location information.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.10.5
+lastReleaseVersion: 0.11.0

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.11.0-dev
+version: 0.11.0
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.9.0
+
+### New Queries
+
+* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now available in the default security suite.
+
+### Minor Analysis Improvements
+
+* Improved _URL redirection from remote source_ (`py/url-redirection`) query to not alert when URL has been checked with `django.utils.http. url_has_allowed_host_and_scheme`.
+* Extended the `py/command-line-injection` query with sinks from Python's `asyncio` module.
+
 ## 0.8.5
 
 No user-facing changes.

python/ql/src/change-notes/2023-09-05-asyncio-cmdi-sinks.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Extended the `py/command-line-injection` query with sinks from Python's `asyncio` module.

python/ql/src/change-notes/2023-09-13-django-url-allowed-host.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Improved _URL redirection from remote source_ (`py/url-redirection`) query to not alert when URL has been checked with `django.utils.http. url_has_allowed_host_and_scheme`.

python/ql/src/change-notes/2023-09-18-promoted-nosql-injection-query.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now available in the default security suite.

python/ql/src/change-notes/released/0.9.0.md

@@ -0,0 +1,10 @@
+## 0.9.0
+
+### New Queries
+
+* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now available in the default security suite.
+
+### Minor Analysis Improvements
+
+* Improved _URL redirection from remote source_ (`py/url-redirection`) query to not alert when URL has been checked with `django.utils.http. url_has_allowed_host_and_scheme`.
+* Extended the `py/command-line-injection` query with sinks from Python's `asyncio` module.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.5
+lastReleaseVersion: 0.9.0

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.9.0-dev
+version: 0.9.0
 groups:
   - python
   - queries