From a121c5a5d062d11166f898cc13c8e2ca3bd7c405 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 6 Jan 2025 18:20:22 +0000 Subject: [PATCH] Release preparation for version 2.20.1 --- actions/ql/lib/CHANGELOG.md | 5 +++++ actions/ql/lib/change-notes/released/0.4.0.md | 5 +++++ actions/ql/lib/codeql-pack.release.yml | 2 ++ actions/ql/lib/qlpack.yml | 2 +- .../CHANGELOG.md} | 7 ++++--- .../0.4.0.md} | 7 ++++--- actions/ql/src/codeql-pack.release.yml | 2 ++ actions/ql/src/qlpack.yml | 2 +- cpp/ql/lib/CHANGELOG.md | 19 +++++++++++++++++ .../2024-12-04-guard-conditions.md | 4 ---- .../2024-12-17-template-parameter-base.md | 4 ---- .../2024-12-17-template-parameter.md | 4 ---- .../2024-12-18-non-type-template-parameter.md | 4 ---- .../change-notes/2024-12-20-sizeof-pack.md | 4 ---- ...4-12-20-template-template-instantiation.md | 6 ------ cpp/ql/lib/change-notes/released/3.1.0.md | 18 ++++++++++++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 10 +++++++++ .../2024-11-27-active-template-library.md | 4 ---- .../2024-12-05-badly-bounded-write.md | 4 ---- ...024-12-05-wrong-number-format-arguments.md | 4 ---- .../2024-12-05-wrong-type-format-args.md | 4 ---- ...024-12-18-return-stack-allocated-memory.md | 4 ---- cpp/ql/src/change-notes/released/1.3.1.md | 9 ++++++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../lib/change-notes/released/1.7.31.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../src/change-notes/released/1.7.31.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 13 ++++++++++++ .../2024-12-04-dataflow-type-pruning-tweak.md | 4 ---- .../ql/lib/change-notes/2024-12-04-dotnet9.md | 4 ---- .../2024-12-05-aspnetcore-mvc-model.md | 4 ---- ...add-markupstring-as-html-injection-sink.md | 4 ---- .../2024-12-18-blazor-attribute-sources.md | 6 ------ .../2024-12-20-collection-params.md | 4 ---- csharp/ql/lib/change-notes/released/4.0.1.md | 12 +++++++++++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ++++++ .../1.0.14.md} | 7 ++++--- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.14.md | 3 +++ .../codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 8 +++++++ ...-improve-flow-out-of-variadic-parameter.md | 4 ---- .../2024-12-12-variadic-parameter-sources.md | 4 ---- .../change-notes/2024-12-13-os-args-model.md | 5 ----- go/ql/lib/change-notes/released/3.0.1.md | 7 +++++++ go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/1.1.5.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 21 +++++++++++++++++++ ...sttemplate-getforobject-third-parameter.md | 4 ---- .../2024-12-04-dataflow-type-pruning-tweak.md | 4 ---- .../change-notes/2024-12-06-file-getname.md | 4 ---- .../6.0.0.md} | 13 +++++++++--- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 4 ++++ java/ql/src/change-notes/released/1.1.11.md | 3 +++ java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ .../ql/lib/change-notes/released/2.2.1.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ++++ .../ql/src/change-notes/released/1.2.6.md | 3 +++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.14.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 11 ++++++++++ .../2024-12-18-fastapi-request-modeling.md | 5 ----- .../3.1.0.md} | 11 +++++++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ++++++ .../1.4.0.md} | 9 ++++---- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ++++ ruby/ql/lib/change-notes/released/3.0.1.md | 3 +++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++++ ruby/ql/src/change-notes/released/1.1.9.md | 3 +++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.14.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 6 ++++++ .../1.1.8.md} | 7 ++++--- shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/1.0.14.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.14.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/1.0.14.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/1.0.14.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.14.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ .../tutorial/change-notes/released/1.0.14.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ++++ .../typeflow/change-notes/released/1.0.14.md | 3 +++ shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.14.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/1.0.14.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/2.0.1.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ++++ shared/xml/change-notes/released/1.0.14.md | 3 +++ shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/1.0.14.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ++++++ .../3.1.0.md} | 7 ++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/1.0.14.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 168 files changed, 447 insertions(+), 197 deletions(-) create mode 100644 actions/ql/lib/CHANGELOG.md create mode 100644 actions/ql/lib/change-notes/released/0.4.0.md create mode 100644 actions/ql/lib/codeql-pack.release.yml rename actions/ql/{lib/change-notes/2024-12-19-initial-release.md => src/CHANGELOG.md} (55%) rename actions/ql/src/change-notes/{2024-12-19-initial-release.md => released/0.4.0.md} (55%) create mode 100644 actions/ql/src/codeql-pack.release.yml delete mode 100644 cpp/ql/lib/change-notes/2024-12-04-guard-conditions.md delete mode 100644 cpp/ql/lib/change-notes/2024-12-17-template-parameter-base.md delete mode 100644 cpp/ql/lib/change-notes/2024-12-17-template-parameter.md delete mode 100644 cpp/ql/lib/change-notes/2024-12-18-non-type-template-parameter.md delete mode 100644 cpp/ql/lib/change-notes/2024-12-20-sizeof-pack.md delete mode 100644 cpp/ql/lib/change-notes/2024-12-20-template-template-instantiation.md create mode 100644 cpp/ql/lib/change-notes/released/3.1.0.md delete mode 100644 cpp/ql/src/change-notes/2024-11-27-active-template-library.md delete mode 100644 cpp/ql/src/change-notes/2024-12-05-badly-bounded-write.md delete mode 100644 cpp/ql/src/change-notes/2024-12-05-wrong-number-format-arguments.md delete mode 100644 cpp/ql/src/change-notes/2024-12-05-wrong-type-format-args.md delete mode 100644 cpp/ql/src/change-notes/2024-12-18-return-stack-allocated-memory.md create mode 100644 cpp/ql/src/change-notes/released/1.3.1.md create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.31.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.31.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-04-dotnet9.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-05-aspnetcore-mvc-model.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-12-add-markupstring-as-html-injection-sink.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-18-blazor-attribute-sources.md delete mode 100644 csharp/ql/lib/change-notes/2024-12-20-collection-params.md create mode 100644 csharp/ql/lib/change-notes/released/4.0.1.md rename csharp/ql/src/change-notes/{2024-12-17-move-libraries.md => released/1.0.14.md} (65%) create mode 100644 go/ql/consistency-queries/change-notes/released/1.0.14.md delete mode 100644 go/ql/lib/change-notes/2024-12-06-improve-flow-out-of-variadic-parameter.md delete mode 100644 go/ql/lib/change-notes/2024-12-12-variadic-parameter-sources.md delete mode 100644 go/ql/lib/change-notes/2024-12-13-os-args-model.md create mode 100644 go/ql/lib/change-notes/released/3.0.1.md create mode 100644 go/ql/src/change-notes/released/1.1.5.md delete mode 100644 java/ql/lib/change-notes/2024-11-28-model-resttemplate-getforobject-third-parameter.md delete mode 100644 java/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md delete mode 100644 java/ql/lib/change-notes/2024-12-06-file-getname.md rename java/ql/lib/change-notes/{2024-11-14-control-flow-graph-lightweight-IR-layer.md => released/6.0.0.md} (50%) create mode 100644 java/ql/src/change-notes/released/1.1.11.md create mode 100644 javascript/ql/lib/change-notes/released/2.2.1.md create mode 100644 javascript/ql/src/change-notes/released/1.2.6.md create mode 100644 misc/suite-helpers/change-notes/released/1.0.14.md delete mode 100644 python/ql/lib/change-notes/2024-12-18-fastapi-request-modeling.md rename python/ql/lib/change-notes/{2024-11-26-parameter-annotation-api-graph-support.md => released/3.1.0.md} (58%) rename python/ql/src/change-notes/{2024-11-21-template-injection.md => released/1.4.0.md} (78%) create mode 100644 ruby/ql/lib/change-notes/released/3.0.1.md create mode 100644 ruby/ql/src/change-notes/released/1.1.9.md create mode 100644 shared/controlflow/change-notes/released/1.0.14.md rename shared/dataflow/change-notes/{2023-10-02-deduplicate-path-graph.md => released/1.1.8.md} (77%) create mode 100644 shared/mad/change-notes/released/1.0.14.md create mode 100644 shared/rangeanalysis/change-notes/released/1.0.14.md create mode 100644 shared/regex/change-notes/released/1.0.14.md create mode 100644 shared/ssa/change-notes/released/1.0.14.md create mode 100644 shared/threat-models/change-notes/released/1.0.14.md create mode 100644 shared/tutorial/change-notes/released/1.0.14.md create mode 100644 shared/typeflow/change-notes/released/1.0.14.md create mode 100644 shared/typetracking/change-notes/released/1.0.14.md create mode 100644 shared/typos/change-notes/released/1.0.14.md create mode 100644 shared/util/change-notes/released/2.0.1.md create mode 100644 shared/xml/change-notes/released/1.0.14.md create mode 100644 shared/yaml/change-notes/released/1.0.14.md rename swift/ql/lib/change-notes/{2024-12-09-swift-6.md => released/3.1.0.md} (51%) create mode 100644 swift/ql/src/change-notes/released/1.0.14.md diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md new file mode 100644 index 00000000000..7ad10899ce1 --- /dev/null +++ b/actions/ql/lib/CHANGELOG.md @@ -0,0 +1,5 @@ +## 0.4.0 + +### New Features + +* Initial public preview release diff --git a/actions/ql/lib/change-notes/released/0.4.0.md b/actions/ql/lib/change-notes/released/0.4.0.md new file mode 100644 index 00000000000..7ad10899ce1 --- /dev/null +++ b/actions/ql/lib/change-notes/released/0.4.0.md @@ -0,0 +1,5 @@ +## 0.4.0 + +### New Features + +* Initial public preview release diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml new file mode 100644 index 00000000000..458bfbeccff --- /dev/null +++ b/actions/ql/lib/codeql-pack.release.yml @@ -0,0 +1,2 @@ +--- +lastReleaseVersion: 0.4.0 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 83cdaabc80d..2f6aa980728 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.0-dev +version: 0.4.0 library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/lib/change-notes/2024-12-19-initial-release.md b/actions/ql/src/CHANGELOG.md similarity index 55% rename from actions/ql/lib/change-notes/2024-12-19-initial-release.md rename to actions/ql/src/CHANGELOG.md index 09263f5089d..caa8feca558 100644 --- a/actions/ql/lib/change-notes/2024-12-19-initial-release.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 0.4.0 + +### New Queries + * Initial public preview release diff --git a/actions/ql/src/change-notes/2024-12-19-initial-release.md b/actions/ql/src/change-notes/released/0.4.0.md similarity index 55% rename from actions/ql/src/change-notes/2024-12-19-initial-release.md rename to actions/ql/src/change-notes/released/0.4.0.md index e02078ea273..caa8feca558 100644 --- a/actions/ql/src/change-notes/2024-12-19-initial-release.md +++ b/actions/ql/src/change-notes/released/0.4.0.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- +## 0.4.0 + +### New Queries + * Initial public preview release diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml new file mode 100644 index 00000000000..458bfbeccff --- /dev/null +++ b/actions/ql/src/codeql-pack.release.yml @@ -0,0 +1,2 @@ +--- +lastReleaseVersion: 0.4.0 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index f822a516e56..7ea8f9d77dd 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.4.0-dev +version: 0.4.0 library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 19784b530e7..919bd905e73 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,22 @@ +## 3.1.0 + +### Deprecated APIs + +* The `TemplateParameter` class, representing C++ type template parameters has been deprecated. Use `TypeTemplateParameter` instead. + +### New Features + +* New classes `SizeofPackExprOperator` and `SizeofPackTypeOperator` were introduced, which represent the C++ `sizeof...` operator taking expressions and type arguments, respectively. +* A new class `TemplateTemplateParameterInstantiation` was introduced, which represents instantiations of template template parameters. +* A new predicate `getAnInstantiation` was added to the `TemplateTemplateParameter` class, which yields instantiations of template template parameters. +* The `getTemplateArgumentType` and `getTemplateArgumentValue` predicates of the `Declaration` class now also yield template arguments of template template parameters. +* A new class `NonTypeTemplateParameter` was introduced, which represents C++ non-type template parameters. +* A new class `TemplateParameterBase` was introduced, which represents C++ non-type template parameters, type template parameters, and template template parameters. + +### Minor Analysis Improvements + +* The `Guards` library (`semmle.code.cpp.controlflow.Guards`) has been improved to recognize more guard conditions. + ## 3.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/2024-12-04-guard-conditions.md b/cpp/ql/lib/change-notes/2024-12-04-guard-conditions.md deleted file mode 100644 index f60a6a2970a..00000000000 --- a/cpp/ql/lib/change-notes/2024-12-04-guard-conditions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `Guards` library (`semmle.code.cpp.controlflow.Guards`) has been improved to recognize more guard conditions. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-12-17-template-parameter-base.md b/cpp/ql/lib/change-notes/2024-12-17-template-parameter-base.md deleted file mode 100644 index 6fec6d5f4f5..00000000000 --- a/cpp/ql/lib/change-notes/2024-12-17-template-parameter-base.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new class `TemplateParameterBase` was introduced, which represents C++ non-type template parameters, type template parameters, and template template parameters. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-12-17-template-parameter.md b/cpp/ql/lib/change-notes/2024-12-17-template-parameter.md deleted file mode 100644 index 0ac7085b371..00000000000 --- a/cpp/ql/lib/change-notes/2024-12-17-template-parameter.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The `TemplateParameter` class, representing C++ type template parameters has been deprecated. Use `TypeTemplateParameter` instead. diff --git a/cpp/ql/lib/change-notes/2024-12-18-non-type-template-parameter.md b/cpp/ql/lib/change-notes/2024-12-18-non-type-template-parameter.md deleted file mode 100644 index 41fe400ed66..00000000000 --- a/cpp/ql/lib/change-notes/2024-12-18-non-type-template-parameter.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new class `NonTypeTemplateParameter` was introduced, which represents C++ non-type template parameters. diff --git a/cpp/ql/lib/change-notes/2024-12-20-sizeof-pack.md b/cpp/ql/lib/change-notes/2024-12-20-sizeof-pack.md deleted file mode 100644 index bd912e4fb2e..00000000000 --- a/cpp/ql/lib/change-notes/2024-12-20-sizeof-pack.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* New classes `SizeofPackExprOperator` and `SizeofPackTypeOperator` were introduced, which represent the C++ `sizeof...` operator taking expressions and type arguments, respectively. diff --git a/cpp/ql/lib/change-notes/2024-12-20-template-template-instantiation.md b/cpp/ql/lib/change-notes/2024-12-20-template-template-instantiation.md deleted file mode 100644 index 6e3ecd3468c..00000000000 --- a/cpp/ql/lib/change-notes/2024-12-20-template-template-instantiation.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: feature ---- -* A new class `TemplateTemplateParameterInstantiation` was introduced, which represents instantiations of template template parameters. -* A new predicate `getAnInstantiation` was added to the `TemplateTemplateParameter` class, which yields instantiations of template template parameters. -* The `getTemplateArgumentType` and `getTemplateArgumentValue` predicates of the `Declaration` class now also yield template arguments of template template parameters. diff --git a/cpp/ql/lib/change-notes/released/3.1.0.md b/cpp/ql/lib/change-notes/released/3.1.0.md new file mode 100644 index 00000000000..3c7f181f60a --- /dev/null +++ b/cpp/ql/lib/change-notes/released/3.1.0.md @@ -0,0 +1,18 @@ +## 3.1.0 + +### Deprecated APIs + +* The `TemplateParameter` class, representing C++ type template parameters has been deprecated. Use `TypeTemplateParameter` instead. + +### New Features + +* New classes `SizeofPackExprOperator` and `SizeofPackTypeOperator` were introduced, which represent the C++ `sizeof...` operator taking expressions and type arguments, respectively. +* A new class `TemplateTemplateParameterInstantiation` was introduced, which represents instantiations of template template parameters. +* A new predicate `getAnInstantiation` was added to the `TemplateTemplateParameter` class, which yields instantiations of template template parameters. +* The `getTemplateArgumentType` and `getTemplateArgumentValue` predicates of the `Declaration` class now also yield template arguments of template template parameters. +* A new class `NonTypeTemplateParameter` was introduced, which represents C++ non-type template parameters. +* A new class `TemplateParameterBase` was introduced, which represents C++ non-type template parameters, type template parameters, and template template parameters. + +### Minor Analysis Improvements + +* The `Guards` library (`semmle.code.cpp.controlflow.Guards`) has been improved to recognize more guard conditions. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 33d3a2cd113..82f62960aa3 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.0.0 +lastReleaseVersion: 3.1.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 4bb4b04e02f..2d83b8d4840 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 3.0.1-dev +version: 3.1.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index db16fe6f8b3..7d957e42696 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 1.3.1 + +### Minor Analysis Improvements + +* The "Returning stack-allocated memory" query (`cpp/return-stack-allocated-memory`) no longer produces results if there is an extraction error in the returned expression. +* The "Badly bounded write" query (`cpp/badly-bounded-write`) no longer produces results if there is an extraction error in the type of the output buffer. +* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) no longer produces results if an argument has an extraction error. +* The "Wrong type of arguments to formatting function" query (`cpp/wrong-type-format-argument`) no longer produces results when an argument type has an extraction error. +* Added dataflow models and flow sources for Microsoft's Active Template Library (ATL). + ## 1.3.0 ### New Queries diff --git a/cpp/ql/src/change-notes/2024-11-27-active-template-library.md b/cpp/ql/src/change-notes/2024-11-27-active-template-library.md deleted file mode 100644 index a677ac66107..00000000000 --- a/cpp/ql/src/change-notes/2024-11-27-active-template-library.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added dataflow models and flow sources for Microsoft's Active Template Library (ATL). \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2024-12-05-badly-bounded-write.md b/cpp/ql/src/change-notes/2024-12-05-badly-bounded-write.md deleted file mode 100644 index c7ddd104ad0..00000000000 --- a/cpp/ql/src/change-notes/2024-12-05-badly-bounded-write.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Badly bounded write" query (`cpp/badly-bounded-write`) no longer produces results if there is an extraction error in the type of the output buffer. diff --git a/cpp/ql/src/change-notes/2024-12-05-wrong-number-format-arguments.md b/cpp/ql/src/change-notes/2024-12-05-wrong-number-format-arguments.md deleted file mode 100644 index 6b41378f556..00000000000 --- a/cpp/ql/src/change-notes/2024-12-05-wrong-number-format-arguments.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) no longer produces results if an argument has an extraction error. diff --git a/cpp/ql/src/change-notes/2024-12-05-wrong-type-format-args.md b/cpp/ql/src/change-notes/2024-12-05-wrong-type-format-args.md deleted file mode 100644 index 1bf77d55a61..00000000000 --- a/cpp/ql/src/change-notes/2024-12-05-wrong-type-format-args.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Wrong type of arguments to formatting function" query (`cpp/wrong-type-format-argument`) no longer produces results when an argument type has an extraction error. diff --git a/cpp/ql/src/change-notes/2024-12-18-return-stack-allocated-memory.md b/cpp/ql/src/change-notes/2024-12-18-return-stack-allocated-memory.md deleted file mode 100644 index 76f5b9d7eae..00000000000 --- a/cpp/ql/src/change-notes/2024-12-18-return-stack-allocated-memory.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Returning stack-allocated memory" query (`cpp/return-stack-allocated-memory`) no longer produces results if there is an extraction error in the returned expression. diff --git a/cpp/ql/src/change-notes/released/1.3.1.md b/cpp/ql/src/change-notes/released/1.3.1.md new file mode 100644 index 00000000000..bb3b2bf16c7 --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.3.1.md @@ -0,0 +1,9 @@ +## 1.3.1 + +### Minor Analysis Improvements + +* The "Returning stack-allocated memory" query (`cpp/return-stack-allocated-memory`) no longer produces results if there is an extraction error in the returned expression. +* The "Badly bounded write" query (`cpp/badly-bounded-write`) no longer produces results if there is an extraction error in the type of the output buffer. +* The "Too few arguments to formatting function" query (`cpp/wrong-number-format-arguments`) no longer produces results if an argument has an extraction error. +* The "Wrong type of arguments to formatting function" query (`cpp/wrong-type-format-argument`) no longer produces results when an argument type has an extraction error. +* Added dataflow models and flow sources for Microsoft's Active Template Library (ATL). diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index ec16350ed6f..e71b6d081f1 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.0 +lastReleaseVersion: 1.3.1 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 940c3e2a4cb..b37fc604fc6 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.3.1-dev +version: 1.3.1 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index a71f93aacd4..0a74ff6d7d0 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.31 + +No user-facing changes. + ## 1.7.30 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.31.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.31.md new file mode 100644 index 00000000000..17df0436207 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.31.md @@ -0,0 +1,3 @@ +## 1.7.31 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index c0346e526b9..908f8a00a39 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.30 +lastReleaseVersion: 1.7.31 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 781915bf1a1..d5274444753 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.31-dev +version: 1.7.31 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index a71f93aacd4..0a74ff6d7d0 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.31 + +No user-facing changes. + ## 1.7.30 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.31.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.31.md new file mode 100644 index 00000000000..17df0436207 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.31.md @@ -0,0 +1,3 @@ +## 1.7.31 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index c0346e526b9..908f8a00a39 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.30 +lastReleaseVersion: 1.7.31 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 979d8e6c661..41d5662ed57 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.31-dev +version: 1.7.31 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 86f279365f0..857acdec93a 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,16 @@ +## 4.0.1 + +### Minor Analysis Improvements + +* C# 13: Added QL library support for *collection* like type `params` parameters. +* Added `remote` flow source models for properties of Blazor components annotated with any of the following attributes from `Microsoft.AspNetCore.Components`: + - `[SupplyParameterFromForm]` + - `[SupplyParameterFromQuery]` +* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`. +* Added flow summaries for the `Microsoft.AspNetCore.Mvc.Controller::View` method. +* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths. +* The C# extractor now supports *basic* extraction of .NET 9 projects. There might be limited support for extraction of code using the new C# 13 language features. + ## 4.0.0 ### Breaking Changes diff --git a/csharp/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md b/csharp/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md deleted file mode 100644 index 258c0e5326b..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths. diff --git a/csharp/ql/lib/change-notes/2024-12-04-dotnet9.md b/csharp/ql/lib/change-notes/2024-12-04-dotnet9.md deleted file mode 100644 index e166040e155..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-04-dotnet9.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The C# extractor now supports *basic* extraction of .NET 9 projects. There might be limited support for extraction of code using the new C# 13 language features. diff --git a/csharp/ql/lib/change-notes/2024-12-05-aspnetcore-mvc-model.md b/csharp/ql/lib/change-notes/2024-12-05-aspnetcore-mvc-model.md deleted file mode 100644 index 04afe96522b..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-05-aspnetcore-mvc-model.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added flow summaries for the `Microsoft.AspNetCore.Mvc.Controller::View` method. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-12-12-add-markupstring-as-html-injection-sink.md b/csharp/ql/lib/change-notes/2024-12-12-add-markupstring-as-html-injection-sink.md deleted file mode 100644 index 032edbb1f10..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-12-add-markupstring-as-html-injection-sink.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`. diff --git a/csharp/ql/lib/change-notes/2024-12-18-blazor-attribute-sources.md b/csharp/ql/lib/change-notes/2024-12-18-blazor-attribute-sources.md deleted file mode 100644 index 5a48753b259..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-18-blazor-attribute-sources.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `remote` flow source models for properties of Blazor components annotated with any of the following attributes from `Microsoft.AspNetCore.Components`: - - `[SupplyParameterFromForm]` - - `[SupplyParameterFromQuery]` diff --git a/csharp/ql/lib/change-notes/2024-12-20-collection-params.md b/csharp/ql/lib/change-notes/2024-12-20-collection-params.md deleted file mode 100644 index bb5ea26c6d4..00000000000 --- a/csharp/ql/lib/change-notes/2024-12-20-collection-params.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 13: Added QL library support for *collection* like type `params` parameters. diff --git a/csharp/ql/lib/change-notes/released/4.0.1.md b/csharp/ql/lib/change-notes/released/4.0.1.md new file mode 100644 index 00000000000..703439b4cfe --- /dev/null +++ b/csharp/ql/lib/change-notes/released/4.0.1.md @@ -0,0 +1,12 @@ +## 4.0.1 + +### Minor Analysis Improvements + +* C# 13: Added QL library support for *collection* like type `params` parameters. +* Added `remote` flow source models for properties of Blazor components annotated with any of the following attributes from `Microsoft.AspNetCore.Components`: + - `[SupplyParameterFromForm]` + - `[SupplyParameterFromQuery]` +* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`. +* Added flow summaries for the `Microsoft.AspNetCore.Mvc.Controller::View` method. +* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths. +* The C# extractor now supports *basic* extraction of .NET 9 projects. There might be limited support for extraction of code using the new C# 13 language features. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 49fe3eef697..c0db4dcc0b3 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.0 +lastReleaseVersion: 4.0.1 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 81a55470a4d..bb79e33a528 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 4.0.1-dev +version: 4.0.1 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 370a9cf4a6a..1adfe6e1822 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.0.14 + +### Minor Analysis Improvements + +* The `ExternalApi` and `TestLibrary` modules have been moved to the library pack. + ## 1.0.13 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/2024-12-17-move-libraries.md b/csharp/ql/src/change-notes/released/1.0.14.md similarity index 65% rename from csharp/ql/src/change-notes/2024-12-17-move-libraries.md rename to csharp/ql/src/change-notes/released/1.0.14.md index 07bf61b7e35..d49594169df 100644 --- a/csharp/ql/src/change-notes/2024-12-17-move-libraries.md +++ b/csharp/ql/src/change-notes/released/1.0.14.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.0.14 + +### Minor Analysis Improvements + * The `ExternalApi` and `TestLibrary` modules have been moved to the library pack. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index e4d9400d96d..5334c690270 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.14-dev +version: 1.0.14 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 3c6fa155a32..2d5ba191d2e 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.14.md b/go/ql/consistency-queries/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 1812705438c..5e500c12eb7 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.14-dev +version: 1.0.14 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 83052b3a1d9..9c0c41ec4cb 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,11 @@ +## 3.0.1 + +### Minor Analysis Improvements + +* Added a `commandargs` local source model for the `os.Args` variable. +* Source models defined using models-as-data now work for variadic parameters. +* Data flow out of variadic parameters now works in more situations. Summary models defined using models-as-data work. Source models defined using models-as-data do not work yet. + ## 3.0.0 ### Breaking Changes diff --git a/go/ql/lib/change-notes/2024-12-06-improve-flow-out-of-variadic-parameter.md b/go/ql/lib/change-notes/2024-12-06-improve-flow-out-of-variadic-parameter.md deleted file mode 100644 index 8244ba06994..00000000000 --- a/go/ql/lib/change-notes/2024-12-06-improve-flow-out-of-variadic-parameter.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Data flow out of variadic parameters now works in more situations. Summary models defined using models-as-data work. Source models defined using models-as-data do not work yet. diff --git a/go/ql/lib/change-notes/2024-12-12-variadic-parameter-sources.md b/go/ql/lib/change-notes/2024-12-12-variadic-parameter-sources.md deleted file mode 100644 index 38d5ad2783f..00000000000 --- a/go/ql/lib/change-notes/2024-12-12-variadic-parameter-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Source models defined using models-as-data now work for variadic parameters. diff --git a/go/ql/lib/change-notes/2024-12-13-os-args-model.md b/go/ql/lib/change-notes/2024-12-13-os-args-model.md deleted file mode 100644 index 20a16d222e4..00000000000 --- a/go/ql/lib/change-notes/2024-12-13-os-args-model.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a `commandargs` local source model for the `os.Args` variable. - diff --git a/go/ql/lib/change-notes/released/3.0.1.md b/go/ql/lib/change-notes/released/3.0.1.md new file mode 100644 index 00000000000..a8faff41943 --- /dev/null +++ b/go/ql/lib/change-notes/released/3.0.1.md @@ -0,0 +1,7 @@ +## 3.0.1 + +### Minor Analysis Improvements + +* Added a `commandargs` local source model for the `os.Args` variable. +* Source models defined using models-as-data now work for variadic parameters. +* Data flow out of variadic parameters now works in more situations. Summary models defined using models-as-data work. Source models defined using models-as-data do not work yet. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 33d3a2cd113..e3b15d965db 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.0.0 +lastReleaseVersion: 3.0.1 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 4e72aa3857b..a540b7905c3 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 3.0.1-dev +version: 3.0.1 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index c9044e55cdc..838a8bce5ea 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.5 + +No user-facing changes. + ## 1.1.4 ### Minor Analysis Improvements diff --git a/go/ql/src/change-notes/released/1.1.5.md b/go/ql/src/change-notes/released/1.1.5.md new file mode 100644 index 00000000000..11a52a121d1 --- /dev/null +++ b/go/ql/src/change-notes/released/1.1.5.md @@ -0,0 +1,3 @@ +## 1.1.5 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 26cbcd3f123..df39a9de059 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.4 +lastReleaseVersion: 1.1.5 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 36775d0d862..52d3c0012ba 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.1.5-dev +version: 1.1.5 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 09ee80087e8..e7aa3c152de 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,24 @@ +## 6.0.0 + +### Breaking Changes + +* The class `ControlFlowNode` (and by extension `BasicBlock`) is no longer + directly equatable to `Expr` and `Stmt`. Any queries that have been + exploiting these equalities, for example by using casts, will need minor + updates in order to fix any compilation errors. Conversions can be inserted + in either direction depending on what is most convenient. Available + conversions include `Expr.getControlFlowNode()`, `Stmt.getControlFlowNode()`, + `ControlFlowNode.asExpr()`, `ControlFlowNode.asStmt()`, and + `ControlFlowNode.asCall()`. Exit nodes were until now modelled as a + `ControlFlowNode` equal to its enclosing `Callable`; these are now instead + modelled by the class `ControlFlow::ExitNode`. + +### Minor Analysis Improvements + +* Added `java.io.File.getName()` as a path injection sanitizer. +* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths. +* Added a sink for "Server-side request forgery" (`java/ssrf`) for the third parameter to org.springframework.web.client.RestTemplate.getForObject, when we cannot statically determine that it does not affect the host in the URL. + ## 5.0.0 ### Breaking Changes diff --git a/java/ql/lib/change-notes/2024-11-28-model-resttemplate-getforobject-third-parameter.md b/java/ql/lib/change-notes/2024-11-28-model-resttemplate-getforobject-third-parameter.md deleted file mode 100644 index 4f45d19e5e8..00000000000 --- a/java/ql/lib/change-notes/2024-11-28-model-resttemplate-getforobject-third-parameter.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a sink for "Server-side request forgery" (`java/ssrf`) for the third parameter to org.springframework.web.client.RestTemplate.getForObject, when we cannot statically determine that it does not affect the host in the URL. diff --git a/java/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md b/java/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md deleted file mode 100644 index 258c0e5326b..00000000000 --- a/java/ql/lib/change-notes/2024-12-04-dataflow-type-pruning-tweak.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths. diff --git a/java/ql/lib/change-notes/2024-12-06-file-getname.md b/java/ql/lib/change-notes/2024-12-06-file-getname.md deleted file mode 100644 index b2d1d271ab5..00000000000 --- a/java/ql/lib/change-notes/2024-12-06-file-getname.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `java.io.File.getName()` as a path injection sanitizer. diff --git a/java/ql/lib/change-notes/2024-11-14-control-flow-graph-lightweight-IR-layer.md b/java/ql/lib/change-notes/released/6.0.0.md similarity index 50% rename from java/ql/lib/change-notes/2024-11-14-control-flow-graph-lightweight-IR-layer.md rename to java/ql/lib/change-notes/released/6.0.0.md index 2fbb6a537c7..f66dd1b2bbf 100644 --- a/java/ql/lib/change-notes/2024-11-14-control-flow-graph-lightweight-IR-layer.md +++ b/java/ql/lib/change-notes/released/6.0.0.md @@ -1,6 +1,7 @@ ---- -category: breaking ---- +## 6.0.0 + +### Breaking Changes + * The class `ControlFlowNode` (and by extension `BasicBlock`) is no longer directly equatable to `Expr` and `Stmt`. Any queries that have been exploiting these equalities, for example by using casts, will need minor @@ -11,3 +12,9 @@ category: breaking `ControlFlowNode.asCall()`. Exit nodes were until now modelled as a `ControlFlowNode` equal to its enclosing `Callable`; these are now instead modelled by the class `ControlFlow::ExitNode`. + +### Minor Analysis Improvements + +* Added `java.io.File.getName()` as a path injection sanitizer. +* The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths. +* Added a sink for "Server-side request forgery" (`java/ssrf`) for the third parameter to org.springframework.web.client.RestTemplate.getForObject, when we cannot statically determine that it does not affect the host in the URL. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index c9e54136ca5..f8c4fa43ccb 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.0.0 +lastReleaseVersion: 6.0.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index f892ca1c450..d0490615f69 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 5.0.1-dev +version: 6.0.0 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 0bb38874b82..c7148cba8d8 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.11 + +No user-facing changes. + ## 1.1.10 ### Minor Analysis Improvements diff --git a/java/ql/src/change-notes/released/1.1.11.md b/java/ql/src/change-notes/released/1.1.11.md new file mode 100644 index 00000000000..c94f527264e --- /dev/null +++ b/java/ql/src/change-notes/released/1.1.11.md @@ -0,0 +1,3 @@ +## 1.1.11 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 4c01918d414..121f8cf035d 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.10 +lastReleaseVersion: 1.1.11 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 8ee211fb536..dd530febd2e 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.1.11-dev +version: 1.1.11 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index ebe424935eb..7aa60446f0e 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.2.1 + +No user-facing changes. + ## 2.2.0 ### Major Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/2.2.1.md b/javascript/ql/lib/change-notes/released/2.2.1.md new file mode 100644 index 00000000000..62b48f9d2e8 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.2.1.md @@ -0,0 +1,3 @@ +## 2.2.1 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2f308354195..863e3cd380d 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.2.0 +lastReleaseVersion: 2.2.1 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 4d568ff4813..d78821f0892 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.2.1-dev +version: 2.2.1 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 195298ec89f..5bf4466796e 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.2.6 + +No user-facing changes. + ## 1.2.5 No user-facing changes. diff --git a/javascript/ql/src/change-notes/released/1.2.6.md b/javascript/ql/src/change-notes/released/1.2.6.md new file mode 100644 index 00000000000..0832850ff8c --- /dev/null +++ b/javascript/ql/src/change-notes/released/1.2.6.md @@ -0,0 +1,3 @@ +## 1.2.6 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 40355f0807f..24962f7ba24 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.5 +lastReleaseVersion: 1.2.6 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 78f0585027b..04e84d1ac74 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.2.6-dev +version: 1.2.6 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 5d46c57bf4e..490b5dc360a 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.14.md b/misc/suite-helpers/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index eeb8f762b13..f14cabfe129 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.14-dev +version: 1.0.14 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 81c7659c4ed..dce2aad3c6d 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 3.1.0 + +### New Features + +- Added support for parameter annotations in API graphs. This means that in a function definition such as `def foo(x: Bar): ...`, you can now use the `getInstanceFromAnnotation()` method to step from `Bar` to `x`. In addition to this, the `getAnInstance` method now also includes instances arising from parameter annotations. + +### Minor Analysis Improvements + +* Added modeling of `fastapi.Request` and `starlette.requests.Request` as sources of untrusted input, + and modeling of tainted data flow out of these request objects. + ## 3.0.0 ### Breaking Changes diff --git a/python/ql/lib/change-notes/2024-12-18-fastapi-request-modeling.md b/python/ql/lib/change-notes/2024-12-18-fastapi-request-modeling.md deleted file mode 100644 index adc7d39653f..00000000000 --- a/python/ql/lib/change-notes/2024-12-18-fastapi-request-modeling.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added modeling of `fastapi.Request` and `starlette.requests.Request` as sources of untrusted input, - and modeling of tainted data flow out of these request objects. diff --git a/python/ql/lib/change-notes/2024-11-26-parameter-annotation-api-graph-support.md b/python/ql/lib/change-notes/released/3.1.0.md similarity index 58% rename from python/ql/lib/change-notes/2024-11-26-parameter-annotation-api-graph-support.md rename to python/ql/lib/change-notes/released/3.1.0.md index 57bb1b4a078..50b4b8184b7 100644 --- a/python/ql/lib/change-notes/2024-11-26-parameter-annotation-api-graph-support.md +++ b/python/ql/lib/change-notes/released/3.1.0.md @@ -1,5 +1,10 @@ ---- -category: feature ---- +## 3.1.0 + +### New Features - Added support for parameter annotations in API graphs. This means that in a function definition such as `def foo(x: Bar): ...`, you can now use the `getInstanceFromAnnotation()` method to step from `Bar` to `x`. In addition to this, the `getAnInstance` method now also includes instances arising from parameter annotations. + +### Minor Analysis Improvements + +* Added modeling of `fastapi.Request` and `starlette.requests.Request` as sources of untrusted input, + and modeling of tainted data flow out of these request objects. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 33d3a2cd113..82f62960aa3 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.0.0 +lastReleaseVersion: 3.1.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 147933b96fe..8e015428c49 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 3.0.1-dev +version: 3.1.0 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index c247e217acf..d5cacfc8401 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.4.0 + +### New Queries + +* The Server Side Template Injection query (`py/template-injection`), originally contributed to the experimental query pack by @porcupineyhairs, has been promoted to the main query suite. This query finds instances of templates for a template engine such as Jinja being constructed with user input. + ## 1.3.4 No user-facing changes. diff --git a/python/ql/src/change-notes/2024-11-21-template-injection.md b/python/ql/src/change-notes/released/1.4.0.md similarity index 78% rename from python/ql/src/change-notes/2024-11-21-template-injection.md rename to python/ql/src/change-notes/released/1.4.0.md index 7c604e9c993..02acaabcb98 100644 --- a/python/ql/src/change-notes/2024-11-21-template-injection.md +++ b/python/ql/src/change-notes/released/1.4.0.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- -* The Server Side Template Injection query (`py/template-injection`), originally contributed to the experimental query pack by @porcupineyhairs, has been promoted to the main query suite. This query finds instances of templates for a template engine such as Jinja being constructed with user input. \ No newline at end of file +## 1.4.0 + +### New Queries + +* The Server Side Template Injection query (`py/template-injection`), originally contributed to the experimental query pack by @porcupineyhairs, has been promoted to the main query suite. This query finds instances of templates for a template engine such as Jinja being constructed with user input. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 8263ddf2c8b..b8b2e97d508 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.4 +lastReleaseVersion: 1.4.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index d83b6433ac6..9d330fc3526 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.3.5-dev +version: 1.4.0 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 737903a3232..9179de3b7d5 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 3.0.1 + +No user-facing changes. + ## 3.0.0 ### Breaking Changes diff --git a/ruby/ql/lib/change-notes/released/3.0.1.md b/ruby/ql/lib/change-notes/released/3.0.1.md new file mode 100644 index 00000000000..ac5998ace61 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/3.0.1.md @@ -0,0 +1,3 @@ +## 3.0.1 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 33d3a2cd113..e3b15d965db 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.0.0 +lastReleaseVersion: 3.0.1 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index ddf106c95bf..a169addf8e7 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 3.0.1-dev +version: 3.0.1 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 5fe04780136..7d341c3f808 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.9 + +No user-facing changes. + ## 1.1.8 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.1.9.md b/ruby/ql/src/change-notes/released/1.1.9.md new file mode 100644 index 00000000000..f9d367d4248 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.1.9.md @@ -0,0 +1,3 @@ +## 1.1.9 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 64972659c42..6f4795f3ea0 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.8 +lastReleaseVersion: 1.1.9 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 43bfe75f566..72ff669503a 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.1.9-dev +version: 1.1.9 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 285b39a4359..5f4501ed1e3 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/1.0.14.md b/shared/controlflow/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/controlflow/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 268f142bd1b..590d3e1666d 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index df038524d2d..949660e3381 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.8 + +### Minor Analysis Improvements + +* Added a module `DataFlow::DeduplicatePathGraph` that can be used to avoid generating duplicate path explanations in queries that use flow state. + ## 1.1.7 No user-facing changes. diff --git a/shared/dataflow/change-notes/2023-10-02-deduplicate-path-graph.md b/shared/dataflow/change-notes/released/1.1.8.md similarity index 77% rename from shared/dataflow/change-notes/2023-10-02-deduplicate-path-graph.md rename to shared/dataflow/change-notes/released/1.1.8.md index 30e71ade6af..d951e6bf0c7 100644 --- a/shared/dataflow/change-notes/2023-10-02-deduplicate-path-graph.md +++ b/shared/dataflow/change-notes/released/1.1.8.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.1.8 + +### Minor Analysis Improvements + * Added a module `DataFlow::DeduplicatePathGraph` that can be used to avoid generating duplicate path explanations in queries that use flow state. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 75910556516..64972659c42 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.7 +lastReleaseVersion: 1.1.8 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 6a8e8c3a4ae..fe44120b3c1 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 1.1.8-dev +version: 1.1.8 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 93a528a4f3c..1b2146927e5 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.14.md b/shared/mad/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 125bcad622d..341373b22f5 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 6b25d16e0f7..993922ecc49 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.14.md b/shared/rangeanalysis/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 62c8c1e46b6..efb29bbc02c 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 54c3ed2b307..45bb8da81db 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.14.md b/shared/regex/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index e2cda264dc8..8db7e73e336 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 01c19388c92..d31fb6c6120 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.14.md b/shared/ssa/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/ssa/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index b146ce5bc91..1276fd498f7 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 3c6fa155a32..2d5ba191d2e 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.14.md b/shared/threat-models/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 6ec41bbcc04..f337bfa721d 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.14-dev +version: 1.0.14 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 1f4e7ad4ed3..cc4652e04ff 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.14.md b/shared/tutorial/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 6677c74eed4..4c55d52356c 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index dd8fb7a60b2..ac6192fd7d8 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.14.md b/shared/typeflow/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index cd9e70bba8c..15761af538a 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 0ab05873af4..f651b953118 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/1.0.14.md b/shared/typetracking/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/typetracking/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fbe63f0da01..224b85826c4 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index c0c3cea3948..924a3fc0a7b 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.14.md b/shared/typos/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 250f729ab5f..31f04e60666 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index e03d990b747..9dd6c05d40a 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.1 + +No user-facing changes. + ## 2.0.0 ### Breaking Changes diff --git a/shared/util/change-notes/released/2.0.1.md b/shared/util/change-notes/released/2.0.1.md new file mode 100644 index 00000000000..b5b6d0dee91 --- /dev/null +++ b/shared/util/change-notes/released/2.0.1.md @@ -0,0 +1,3 @@ +## 2.0.1 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 0abe6ccede0..fe974a4dbf3 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.0 +lastReleaseVersion: 2.0.1 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index b327c25a3d9..da932a6ed36 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.1-dev +version: 2.0.1 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index c3ebc31994b..6837f7507d8 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.14.md b/shared/xml/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 76c408c2920..a3ace631d1b 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 28fcbceec8e..6e940e8d264 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.14.md b/shared/yaml/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 0c756e1edbb..006f30012bb 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.14-dev +version: 1.0.14 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index ba76b51c80e..c976d0c8514 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 3.1.0 + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.0.2. + ## 3.0.0 ### Breaking Changes diff --git a/swift/ql/lib/change-notes/2024-12-09-swift-6.md b/swift/ql/lib/change-notes/released/3.1.0.md similarity index 51% rename from swift/ql/lib/change-notes/2024-12-09-swift-6.md rename to swift/ql/lib/change-notes/released/3.1.0.md index e32344b28d8..655a8ad323a 100644 --- a/swift/ql/lib/change-notes/2024-12-09-swift-6.md +++ b/swift/ql/lib/change-notes/released/3.1.0.md @@ -1,4 +1,5 @@ ---- -category: majorAnalysis ---- +## 3.1.0 + +### Major Analysis Improvements + * Upgraded to allow analysis of Swift 6.0.2. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 33d3a2cd113..82f62960aa3 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.0.0 +lastReleaseVersion: 3.1.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 7752975faea..91e4d06f537 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 3.0.1-dev +version: 3.1.0 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 73ac6bef86d..a26a68434eb 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.14 + +No user-facing changes. + ## 1.0.13 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.0.14.md b/swift/ql/src/change-notes/released/1.0.14.md new file mode 100644 index 00000000000..84f6736f1a1 --- /dev/null +++ b/swift/ql/src/change-notes/released/1.0.14.md @@ -0,0 +1,3 @@ +## 1.0.14 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index c3be7eb7716..3b484f28dfa 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.13 +lastReleaseVersion: 1.0.14 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index ec8e2cb9932..1ce09dc0969 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.14-dev +version: 1.0.14 groups: - swift - queries