Release preparation for version 2.16.4

2026-04-21 06:55:31 +02:00 · 2024-03-04 17:42:08 +00:00
parent 19539ab6d8
commit a67218a027
150 changed files with 394 additions and 168 deletions
--- a/java/ql/automodel/src/CHANGELOG.md
+++ b/java/ql/automodel/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.0.17
+
+No user-facing changes.
+
 ## 0.0.16

 No user-facing changes.
--- a/java/ql/automodel/src/change-notes/released/0.0.17.md
+++ b/java/ql/automodel/src/change-notes/released/0.0.17.md
@@ -0,0 +1,3 @@
+## 0.0.17
+
+No user-facing changes.
--- a/java/ql/automodel/src/codeql-pack.release.yml
+++ b/java/ql/automodel/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.16
+lastReleaseVersion: 0.0.17
--- a/java/ql/automodel/src/qlpack.yml
+++ b/java/ql/automodel/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-automodel-queries
-version: 0.0.17-dev
+version: 0.0.17
 groups:
    - java
    - automodel
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 0.8.10
+
+### Minor Analysis Improvements
+
+* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often.
+
+### Bug Fixes
+
+* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository.
+* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled.
+
 ## 0.8.9

 ### Deprecated APIs
--- a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md
+++ b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled.
--- a/java/ql/lib/change-notes/2024-02-27-error-types.md
+++ b/java/ql/lib/change-notes/2024-02-27-error-types.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often.
--- a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md
+++ b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository.
--- a/java/ql/lib/change-notes/released/0.8.10.md
+++ b/java/ql/lib/change-notes/released/0.8.10.md
@@ -0,0 +1,10 @@
+## 0.8.10
+
+### Minor Analysis Improvements
+
+* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often.
+
+### Bug Fixes
+
+* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository.
+* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.9
+lastReleaseVersion: 0.8.10
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.8.10-dev
+version: 0.8.10
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 0.8.10
+
+### New Queries
+
+* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way.
+
+### Minor Analysis Improvements
+
+* To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information.
+
 ## 0.8.9

 ### New Queries
--- a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md
+++ b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way.
--- a/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md
+++ b/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md
@@ -1,4 +1,9 @@
---
-category: minorAnalysis
---
+## 0.8.10
+
+### New Queries
+
+* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way.
+
+### Minor Analysis Improvements
+
 * To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information.
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.9
+lastReleaseVersion: 0.8.10
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.8.10-dev
+version: 0.8.10
 groups:
  - java
  - queries