diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index f1dfa53f9ba..5ccbbd8592c 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.1 + +No user-facing changes. + ## 0.4.0 ### Deprecated APIs diff --git a/cpp/ql/lib/change-notes/released/0.4.1.md b/cpp/ql/lib/change-notes/released/0.4.1.md new file mode 100644 index 00000000000..0d865d0571e --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.4.1.md @@ -0,0 +1,3 @@ +## 0.4.1 + +No user-facing changes. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index cb70ba272d3..2746ed855a3 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.4.1-dev +version: 0.4.1 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 54dec3b197f..8da02215877 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.4.1 + +### Minor Analysis Improvements + +* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. + ## 0.4.0 ### New Queries diff --git a/csharp/ql/src/change-notes/2022-09-29-alert-messages.md b/cpp/ql/src/change-notes/released/0.4.1.md similarity index 76% rename from csharp/ql/src/change-notes/2022-09-29-alert-messages.md rename to cpp/ql/src/change-notes/released/0.4.1.md index c6ce24514b8..f5e1dbf00ed 100644 --- a/csharp/ql/src/change-notes/2022-09-29-alert-messages.md +++ b/cpp/ql/src/change-notes/released/0.4.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.4.1 + +### Minor Analysis Improvements + * The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 12c12ffe83e..5bb1b4e6c67 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.4.1-dev +version: 0.4.1 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 49d355ec453..afbbf19794a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.1 + +No user-facing changes. + ## 1.3.0 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.3.1.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.3.1.md new file mode 100644 index 00000000000..8dd9964197c --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.3.1.md @@ -0,0 +1,3 @@ +## 1.3.1 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index ec16350ed6f..e71b6d081f1 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.0 +lastReleaseVersion: 1.3.1 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 648df77d7ff..2bf4479335c 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.3.1-dev +version: 1.3.1 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 49d355ec453..afbbf19794a 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.1 + +No user-facing changes. + ## 1.3.0 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.3.1.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.3.1.md new file mode 100644 index 00000000000..8dd9964197c --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.3.1.md @@ -0,0 +1,3 @@ +## 1.3.1 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index ec16350ed6f..e71b6d081f1 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.0 +lastReleaseVersion: 1.3.1 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 940cdf055f8..d2bd8afddf1 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.3.1-dev +version: 1.3.1 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 83b9e7b837c..c303fa86a4a 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.4.1 + +### Minor Analysis Improvements + +* `DateTime` expressions are now considered simple type sanitizers. This affects a wide range of security queries. +* ASP.NET Core controller definition has been made more precise. The amount of introduced taint sources or eliminated false positives should be low though, since the most common pattern is to derive all user defined ASP.NET Core controllers from the standard Controller class, which is not affected. + ## 0.4.0 ### Deprecated APIs diff --git a/csharp/ql/lib/change-notes/2022-09-23-simpletypesanitizer.md b/csharp/ql/lib/change-notes/2022-09-23-simpletypesanitizer.md deleted file mode 100644 index a4d7e4cde7a..00000000000 --- a/csharp/ql/lib/change-notes/2022-09-23-simpletypesanitizer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* `DateTime` expressions are now considered simple type sanitizers. This affects a wide range of security queries. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2022-08-24-aps-net-core-controllers.md b/csharp/ql/lib/change-notes/released/0.4.1.md similarity index 65% rename from csharp/ql/lib/change-notes/2022-08-24-aps-net-core-controllers.md rename to csharp/ql/lib/change-notes/released/0.4.1.md index b3b5006bc57..f3bdef7797c 100644 --- a/csharp/ql/lib/change-notes/2022-08-24-aps-net-core-controllers.md +++ b/csharp/ql/lib/change-notes/released/0.4.1.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.4.1 + +### Minor Analysis Improvements + +* `DateTime` expressions are now considered simple type sanitizers. This affects a wide range of security queries. * ASP.NET Core controller definition has been made more precise. The amount of introduced taint sources or eliminated false positives should be low though, since the most common pattern is to derive all user defined ASP.NET Core controllers from the standard Controller class, which is not affected. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 270ae8a65aa..5d5e75ad307 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.4.1-dev +version: 0.4.1 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index bf47d9f7f70..8bd7652a52c 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.4.1 + +### Minor Analysis Improvements + +* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. + ## 0.4.0 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/2022-09-23-alert-messages.md b/csharp/ql/src/change-notes/released/0.4.1.md similarity index 69% rename from cpp/ql/src/change-notes/2022-09-23-alert-messages.md rename to csharp/ql/src/change-notes/released/0.4.1.md index de46b7752eb..f5e1dbf00ed 100644 --- a/cpp/ql/src/change-notes/2022-09-23-alert-messages.md +++ b/csharp/ql/src/change-notes/released/0.4.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. \ No newline at end of file +## 0.4.1 + +### Minor Analysis Improvements + +* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index e2721c02552..2a80e25d0b6 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.4.1-dev +version: 0.4.1 groups: - csharp - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 1f851cdf663..c38ebde0723 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.3.1 + +### Minor Analysis Improvements + +* Added support for `BeegoInput.RequestBody` as a source of untrusted data. + ## 0.3.0 ### Deprecated APIs diff --git a/go/ql/lib/change-notes/2022-10-06-beego-request-body-source.md b/go/ql/lib/change-notes/released/0.3.1.md similarity index 63% rename from go/ql/lib/change-notes/2022-10-06-beego-request-body-source.md rename to go/ql/lib/change-notes/released/0.3.1.md index 9980b0aadd2..be16eed5d3e 100644 --- a/go/ql/lib/change-notes/2022-10-06-beego-request-body-source.md +++ b/go/ql/lib/change-notes/released/0.3.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.3.1 + +### Minor Analysis Improvements + * Added support for `BeegoInput.RequestBody` as a source of untrusted data. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 95f6e3a0ba6..bb106b1cb63 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.0 +lastReleaseVersion: 0.3.1 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 8025056129c..cd565f720c5 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.3.1-dev +version: 0.3.1 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 47dabdb2d2e..68880b18281 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.3.1 + +No user-facing changes. + ## 0.3.0 ### Query Metadata Changes diff --git a/go/ql/src/change-notes/released/0.3.1.md b/go/ql/src/change-notes/released/0.3.1.md new file mode 100644 index 00000000000..9fd4efd6c80 --- /dev/null +++ b/go/ql/src/change-notes/released/0.3.1.md @@ -0,0 +1,3 @@ +## 0.3.1 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 95f6e3a0ba6..bb106b1cb63 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.0 +lastReleaseVersion: 0.3.1 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index f454b5ce9d9..4a85f9fe6f3 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.3.1-dev +version: 0.3.1 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 0f9512eabda..2724a6d3cef 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.4.1 + +### Minor Analysis Improvements + +* Added external flow sources for the intents received in exported Android services. + ## 0.4.0 ### Breaking Changes diff --git a/java/ql/lib/change-notes/2022-09-23-android-service-sources.md b/java/ql/lib/change-notes/released/0.4.1.md similarity index 66% rename from java/ql/lib/change-notes/2022-09-23-android-service-sources.md rename to java/ql/lib/change-notes/released/0.4.1.md index 812ff07422d..866a6cf524b 100644 --- a/java/ql/lib/change-notes/2022-09-23-android-service-sources.md +++ b/java/ql/lib/change-notes/released/0.4.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.4.1 + +### Minor Analysis Improvements + * Added external flow sources for the intents received in exported Android services. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index df1ad196123..3d5ea96dcc0 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.4.1-dev +version: 0.4.1 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 4f6633176f4..055d1327b06 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,15 @@ +## 0.4.1 + +### New Queries + +* Added a new query, `java/android/webview-debugging-enabled`, to detect instances of WebView debugging being enabled in production builds. + +### Minor Analysis Improvements + +* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. +* `PathSanitizer.qll` has been promoted from experimental to the main query pack. This sanitizer was originally [submitted as part of an experimental query by @luchua-bc](https://github.com/github/codeql/pull/7286). +* The queries `java/path-injection`, `java/path-injection-local` and `java/zipslip` now use the sanitizers provided by `PathSanitizer.qll`. + ## 0.4.0 ### New Queries diff --git a/java/ql/src/change-notes/2022-08-25-path-sanitizer.md b/java/ql/src/change-notes/2022-08-25-path-sanitizer.md deleted file mode 100644 index a883561d59c..00000000000 --- a/java/ql/src/change-notes/2022-08-25-path-sanitizer.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: minorAnalysis ---- - -* `PathSanitizer.qll` has been promoted from experimental to the main query pack. This sanitizer was originally [submitted as part of an experimental query by @luchua-bc](https://github.com/github/codeql/pull/7286). -* The queries `java/path-injection`, `java/path-injection-local` and `java/zipslip` now use the sanitizers provided by `PathSanitizer.qll`. \ No newline at end of file diff --git a/java/ql/src/change-notes/2022-08-31-webview-dubugging.md b/java/ql/src/change-notes/2022-08-31-webview-dubugging.md deleted file mode 100644 index 8e6295efeb3..00000000000 --- a/java/ql/src/change-notes/2022-08-31-webview-dubugging.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `java/android/webview-debugging-enabled`, to detect instances of WebView debugging being enabled in production builds. \ No newline at end of file diff --git a/java/ql/src/change-notes/2022-09-23-alert-messages.md b/java/ql/src/change-notes/2022-09-23-alert-messages.md deleted file mode 100644 index de46b7752eb..00000000000 --- a/java/ql/src/change-notes/2022-09-23-alert-messages.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. \ No newline at end of file diff --git a/java/ql/src/change-notes/released/0.4.1.md b/java/ql/src/change-notes/released/0.4.1.md new file mode 100644 index 00000000000..0ac482407a7 --- /dev/null +++ b/java/ql/src/change-notes/released/0.4.1.md @@ -0,0 +1,11 @@ +## 0.4.1 + +### New Queries + +* Added a new query, `java/android/webview-debugging-enabled`, to detect instances of WebView debugging being enabled in production builds. + +### Minor Analysis Improvements + +* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages. +* `PathSanitizer.qll` has been promoted from experimental to the main query pack. This sanitizer was originally [submitted as part of an experimental query by @luchua-bc](https://github.com/github/codeql/pull/7286). +* The queries `java/path-injection`, `java/path-injection-local` and `java/zipslip` now use the sanitizers provided by `PathSanitizer.qll`. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 5f93a953ea6..1377facc607 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.4.1-dev +version: 0.4.1 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index d85a14dca02..de3424c2f4d 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.3.1 + +### Minor Analysis Improvements + +- Several of the SQL and NoSQL library models have improved, leading to more results for the `js/sql-injection` query, + and in some cases the `js/missing-rate-limiting` query. + ## 0.3.0 ### Breaking Changes diff --git a/javascript/ql/lib/change-notes/2022-09-06-type-defs-squashed.md b/javascript/ql/lib/change-notes/released/0.3.1.md similarity index 80% rename from javascript/ql/lib/change-notes/2022-09-06-type-defs-squashed.md rename to javascript/ql/lib/change-notes/released/0.3.1.md index 9e628b394dc..81c8ef9fcff 100644 --- a/javascript/ql/lib/change-notes/2022-09-06-type-defs-squashed.md +++ b/javascript/ql/lib/change-notes/released/0.3.1.md @@ -1,6 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.3.1 + +### Minor Analysis Improvements - Several of the SQL and NoSQL library models have improved, leading to more results for the `js/sql-injection` query, and in some cases the `js/missing-rate-limiting` query. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 95f6e3a0ba6..bb106b1cb63 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.0 +lastReleaseVersion: 0.3.1 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 0cf4b33407a..5fe7be54a20 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.3.1-dev +version: 0.3.1 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index a5e41a1e50a..b166176b56f 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.1 + +No user-facing changes. + ## 0.4.0 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/released/0.4.1.md b/javascript/ql/src/change-notes/released/0.4.1.md new file mode 100644 index 00000000000..0d865d0571e --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.4.1.md @@ -0,0 +1,3 @@ +## 0.4.1 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 44ac00e5caf..9a7548cadb1 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.4.1-dev +version: 0.4.1 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 6bd73620860..c93557f5801 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.3.1 + +No user-facing changes. + ## 0.3.0 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.3.1.md b/misc/suite-helpers/change-notes/released/0.3.1.md new file mode 100644 index 00000000000..9fd4efd6c80 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.3.1.md @@ -0,0 +1,3 @@ +## 0.3.1 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 95f6e3a0ba6..bb106b1cb63 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.0 +lastReleaseVersion: 0.3.1 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index aa0a2693b1d..911d334cc09 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,3 +1,3 @@ name: codeql/suite-helpers -version: 0.3.1-dev +version: 0.3.1 groups: shared diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 962c7b5d023..10707d9d391 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.6.1 + +### Minor Analysis Improvements + +* Added the ability to refer to subscript operations in the API graph. It is now possible to write `response().getMember("cookies").getASubscript()` to find code like `resp.cookies["key"]` (assuming `response` returns an API node for reponse objects). +* Added modeling of creating Flask responses with `flask.jsonify`. + ## 0.6.0 ### Deprecated APIs diff --git a/python/ql/lib/change-notes/2022-09-22-flask-jsonify.md b/python/ql/lib/change-notes/2022-09-22-flask-jsonify.md deleted file mode 100644 index cac16e270f4..00000000000 --- a/python/ql/lib/change-notes/2022-09-22-flask-jsonify.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added modeling of creating Flask responses with `flask.jsonify`. diff --git a/python/ql/lib/change-notes/2022-09-28-api-subscript.md b/python/ql/lib/change-notes/released/0.6.1.md similarity index 69% rename from python/ql/lib/change-notes/2022-09-28-api-subscript.md rename to python/ql/lib/change-notes/released/0.6.1.md index f14b59d643b..e4ca9748e5f 100644 --- a/python/ql/lib/change-notes/2022-09-28-api-subscript.md +++ b/python/ql/lib/change-notes/released/0.6.1.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.6.1 + +### Minor Analysis Improvements + * Added the ability to refer to subscript operations in the API graph. It is now possible to write `response().getMember("cookies").getASubscript()` to find code like `resp.cookies["key"]` (assuming `response` returns an API node for reponse objects). +* Added modeling of creating Flask responses with `flask.jsonify`. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index a3f820f884d..80fb0899f64 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.0 +lastReleaseVersion: 0.6.1 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 6121fdace8c..2104997ba95 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.6.1-dev +version: 0.6.1 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index b26aede7b0b..aaf184f4e7c 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.1 + +No user-facing changes. + ## 0.5.0 ### Query Metadata Changes diff --git a/python/ql/src/change-notes/released/0.5.1.md b/python/ql/src/change-notes/released/0.5.1.md new file mode 100644 index 00000000000..0275d38f63c --- /dev/null +++ b/python/ql/src/change-notes/released/0.5.1.md @@ -0,0 +1,3 @@ +## 0.5.1 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 30e271c5361..0bf7024c337 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.0 +lastReleaseVersion: 0.5.1 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 6e3e2010677..4f57ea416ec 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.5.1-dev +version: 0.5.1 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 1a96d857e7f..677403b9a16 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,26 @@ +## 0.4.1 + +### Minor Analysis Improvements + +* The following classes have been moved from `codeql.ruby.frameworks.ActionController` to `codeql.ruby.frameworks.Rails`: + * `ParamsCall`, now accessed as `Rails::ParamsCall`. + * `CookieCall`, now accessed as `Rails::CookieCall`. +* The following classes have been moved from `codeql.ruby.frameworks.ActionView` to `codeql.ruby.frameworks.Rails`: + * `HtmlSafeCall`, now accessed as `Rails::HtmlSafeCall`. + * `HtmlEscapeCall`, now accessed as `Rails::HtmlEscapeCall`. + * `RenderCall`, now accessed as `Rails::RenderCall`. + * `RenderToCall`, now accessed as `Rails::RenderToCall`. +* Subclasses of `ActionController::Metal` are now recognised as controllers. +* `ActionController::DataStreaming::send_file` is now recognized as a + `FileSystemAccess`. +* Various XSS sinks in the ActionView library are now recognized. +* Calls to `ActiveRecord::Base.create` are now recognized as model + instantiations. +* Various code executions, command executions and HTTP requests in the + ActiveStorage library are now recognized. +* `MethodBase` now has two new predicates related to visibility: `isPublic` and + `isProtected`. These hold, respectively, if the method is public or protected. + ## 0.4.0 ### Breaking Changes diff --git a/ruby/ql/lib/change-notes/2022-08-16-protected-methods.md b/ruby/ql/lib/change-notes/2022-08-16-protected-methods.md deleted file mode 100644 index 7647517c06c..00000000000 --- a/ruby/ql/lib/change-notes/2022-08-16-protected-methods.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* `MethodBase` now has two new predicates related to visibility: `isPublic` and - `isProtected`. These hold, respectively, if the method is public or protected. diff --git a/ruby/ql/lib/change-notes/2022-08-30-activestorage.md b/ruby/ql/lib/change-notes/2022-08-30-activestorage.md deleted file mode 100644 index b5ab9e34479..00000000000 --- a/ruby/ql/lib/change-notes/2022-08-30-activestorage.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: minorAnalysis ---- -* Various code executions, command executions and HTTP requests in the - ActiveStorage library are now recognized. - diff --git a/ruby/ql/lib/change-notes/2022-09-27-actionview.md b/ruby/ql/lib/change-notes/2022-09-27-actionview.md deleted file mode 100644 index d8f392971ad..00000000000 --- a/ruby/ql/lib/change-notes/2022-09-27-actionview.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Various XSS sinks in the ActionView library are now recognized. diff --git a/ruby/ql/lib/change-notes/2022-09-27-activerecord-create.md b/ruby/ql/lib/change-notes/2022-09-27-activerecord-create.md deleted file mode 100644 index b16da83f611..00000000000 --- a/ruby/ql/lib/change-notes/2022-09-27-activerecord-create.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `ActiveRecord::Base.create` are now recognized as model - instantiations. diff --git a/ruby/ql/lib/change-notes/2022-09-28-actioncontroller-metal.md b/ruby/ql/lib/change-notes/2022-09-28-actioncontroller-metal.md deleted file mode 100644 index 4d4e2fef174..00000000000 --- a/ruby/ql/lib/change-notes/2022-09-28-actioncontroller-metal.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Subclasses of `ActionController::Metal` are now recognised as controllers. diff --git a/ruby/ql/lib/change-notes/2022-09-28-actioncontroller-sendfile.md b/ruby/ql/lib/change-notes/2022-09-28-actioncontroller-sendfile.md deleted file mode 100644 index 93bf546f4a5..00000000000 --- a/ruby/ql/lib/change-notes/2022-09-28-actioncontroller-sendfile.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: minorAnalysis ---- -* `ActionController::DataStreaming::send_file` is now recognized as a - `FileSystemAccess`. - diff --git a/ruby/ql/lib/change-notes/2022-10-04-actionview-controller-renames.md b/ruby/ql/lib/change-notes/2022-10-04-actionview-controller-renames.md deleted file mode 100644 index f269442dcf4..00000000000 --- a/ruby/ql/lib/change-notes/2022-10-04-actionview-controller-renames.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -category: minorAnalysis ---- -* The following classes have been moved from `codeql.ruby.frameworks.ActionController` to `codeql.ruby.frameworks.Rails`: - * `ParamsCall`, now accessed as `Rails::ParamsCall`. - * `CookieCall`, now accessed as `Rails::CookieCall`. -* The following classes have been moved from `codeql.ruby.frameworks.ActionView` to `codeql.ruby.frameworks.Rails`: - * `HtmlSafeCall`, now accessed as `Rails::HtmlSafeCall`. - * `HtmlEscapeCall`, now accessed as `Rails::HtmlEscapeCall`. - * `RenderCall`, now accessed as `Rails::RenderCall`. - * `RenderToCall`, now accessed as `Rails::RenderToCall`. diff --git a/ruby/ql/lib/change-notes/released/0.4.1.md b/ruby/ql/lib/change-notes/released/0.4.1.md new file mode 100644 index 00000000000..9c492f4ac7e --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.4.1.md @@ -0,0 +1,22 @@ +## 0.4.1 + +### Minor Analysis Improvements + +* The following classes have been moved from `codeql.ruby.frameworks.ActionController` to `codeql.ruby.frameworks.Rails`: + * `ParamsCall`, now accessed as `Rails::ParamsCall`. + * `CookieCall`, now accessed as `Rails::CookieCall`. +* The following classes have been moved from `codeql.ruby.frameworks.ActionView` to `codeql.ruby.frameworks.Rails`: + * `HtmlSafeCall`, now accessed as `Rails::HtmlSafeCall`. + * `HtmlEscapeCall`, now accessed as `Rails::HtmlEscapeCall`. + * `RenderCall`, now accessed as `Rails::RenderCall`. + * `RenderToCall`, now accessed as `Rails::RenderToCall`. +* Subclasses of `ActionController::Metal` are now recognised as controllers. +* `ActionController::DataStreaming::send_file` is now recognized as a + `FileSystemAccess`. +* Various XSS sinks in the ActionView library are now recognized. +* Calls to `ActiveRecord::Base.create` are now recognized as model + instantiations. +* Various code executions, command executions and HTTP requests in the + ActiveStorage library are now recognized. +* `MethodBase` now has two new predicates related to visibility: `isPublic` and + `isProtected`. These hold, respectively, if the method is public or protected. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 97c480b8f6e..8010fd63a50 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.4.1-dev +version: 0.4.1 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index e45d4e8c250..6792b3e61c0 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.4.1 + +### Minor Analysis Improvements + +* The `rb/xxe` query has been updated to add the following sinks for XML external entity expansion: + 1. Calls to parse XML using `LibXML` when its `default_substitute_entities` option is enabled. + 2. Uses of the Rails methods `ActiveSupport::XmlMini.parse`, `Hash.from_xml`, and `Hash.from_trusted_xml` when `ActiveSupport::XmlMini` is configured to use `LibXML` as its backend, and its `default_substitute_entities` option is enabled. + ## 0.4.0 ### New Queries diff --git a/ruby/ql/src/change-notes/2022-09-27-libxml-xxe.md b/ruby/ql/src/change-notes/released/0.4.1.md similarity index 80% rename from ruby/ql/src/change-notes/2022-09-27-libxml-xxe.md rename to ruby/ql/src/change-notes/released/0.4.1.md index a3084c62f2a..a3ee4612257 100644 --- a/ruby/ql/src/change-notes/2022-09-27-libxml-xxe.md +++ b/ruby/ql/src/change-notes/released/0.4.1.md @@ -1,6 +1,7 @@ ---- -category: minorAnalysis ---- +## 0.4.1 + +### Minor Analysis Improvements + * The `rb/xxe` query has been updated to add the following sinks for XML external entity expansion: 1. Calls to parse XML using `LibXML` when its `default_substitute_entities` option is enabled. - 2. Uses of the Rails methods `ActiveSupport::XmlMini.parse`, `Hash.from_xml`, and `Hash.from_trusted_xml` when `ActiveSupport::XmlMini` is configured to use `LibXML` as its backend, and its `default_substitute_entities` option is enabled. \ No newline at end of file + 2. Uses of the Rails methods `ActiveSupport::XmlMini.parse`, `Hash.from_xml`, and `Hash.from_trusted_xml` when `ActiveSupport::XmlMini` is configured to use `LibXML` as its backend, and its `default_substitute_entities` option is enabled. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 458bfbeccff..89fa3a87180 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.0 +lastReleaseVersion: 0.4.1 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 66f006ac2d5..344a7b03f93 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.4.1-dev +version: 0.4.1 groups: - ruby - queries diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 2c547c365ec..9f2cb351ed0 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.2 + +No user-facing changes. + ## 0.0.1 * Initial release. Extracted common SSA code into a library pack to share code between languages. diff --git a/shared/ssa/change-notes/released/0.0.2.md b/shared/ssa/change-notes/released/0.0.2.md new file mode 100644 index 00000000000..5ab250998ed --- /dev/null +++ b/shared/ssa/change-notes/released/0.0.2.md @@ -0,0 +1,3 @@ +## 0.0.2 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index c6933410b71..55dc06fbd76 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.1 +lastReleaseVersion: 0.0.2 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index ef21714c8b8..54bf861fa2e 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/ssa -version: 0.0.2-dev +version: 0.0.2 groups: shared library: true diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 95a5c570ac0..82994494b53 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.2 + +No user-facing changes. + ## 0.0.1 * Initial release. Share the database of common typographical errors between languages. diff --git a/shared/typos/change-notes/released/0.0.2.md b/shared/typos/change-notes/released/0.0.2.md new file mode 100644 index 00000000000..5ab250998ed --- /dev/null +++ b/shared/typos/change-notes/released/0.0.2.md @@ -0,0 +1,3 @@ +## 0.0.2 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index c6933410b71..55dc06fbd76 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.1 +lastReleaseVersion: 0.0.2 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 587537220ec..3b52e2e07fb 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/typos -version: 0.0.2-dev +version: 0.0.2 groups: shared library: true