hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.16.0

Browse Source
This commit is contained in:
github-actions[bot]
2024-01-08 13:11:26 +00:00
parent f4df5c9556
commit a6c8cc9551
171 changed files with 504 additions and 265 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
cpp/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,24 @@
## 0.12.3
### Deprecated APIs
* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead.
### New Features
* `UserDefineLiteral` and `DeductionGuide` classes have been added, representing C++11 user defined literals and C++17 deduction guides.
### Minor Analysis Improvements
* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has.
* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition.
* The deprecated `DefaultTaintTracking` library has been removed.
* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases.
### Bug Fixes
* Under certain circumstances a function declaration that is not also a definition could be associated with a `Function` that did not have the definition as a `FunctionDeclarationEntry`. This is now fixed when only one definition exists, and a unique `Function` will exist that has both the declaration and the definition as a `FunctionDeclarationEntry`.
## 0.12.2
No user-facing changes.

4
cpp/ql/lib/change-notes/2022-11-21-ir-guards-replacement.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases.

4
cpp/ql/lib/change-notes/2023-11-25-default-taint-tracking-removal.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* The deprecated `DefaultTaintTracking` library has been removed.

4
cpp/ql/lib/change-notes/2023-11-30-as-definition.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition.

4
cpp/ql/lib/change-notes/2023-12-08-ususerinput-deprecation.md
View File

@@ -1,4 +0,0 @@
---
category: deprecated
---
* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead.

4
cpp/ql/lib/change-notes/2023-12-14-dataflow-tostring.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has.

4
cpp/ql/lib/change-notes/2023-12-22-unique-function.md
View File

@@ -1,4 +0,0 @@
---
category: fix
---
* Under certain circumstances a function declaration that is not also a definition could be associated with a `Function` that did not have the definition as a `FunctionDeclarationEntry`. This is now fixed when only one definition exists, and a unique `Function` will exist that has both the declaration and the definition as a `FunctionDeclarationEntry`.

4
cpp/ql/lib/change-notes/2024-01-02-function-types.md
View File

@@ -1,4 +0,0 @@
---
category: feature
---
* `UserDefineLiteral` and `DeductionGuide` classes have been added, representing C++11 user defined literals and C++17 deduction guides.

20
cpp/ql/lib/change-notes/released/0.12.3.md Normal file
View File

@@ -0,0 +1,20 @@
## 0.12.3
### Deprecated APIs
* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead.
### New Features
* `UserDefineLiteral` and `DeductionGuide` classes have been added, representing C++11 user defined literals and C++17 deduction guides.
### Minor Analysis Improvements
* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has.
* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition.
* The deprecated `DefaultTaintTracking` library has been removed.
* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases.
### Bug Fixes
* Under certain circumstances a function declaration that is not also a definition could be associated with a `Function` that did not have the definition as a `FunctionDeclarationEntry`. This is now fixed when only one definition exists, and a unique `Function` will exist that has both the declaration and the definition as a `FunctionDeclarationEntry`.

2
cpp/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.12.2
lastReleaseVersion: 0.12.3

2
cpp/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/cpp-all
version: 0.12.3-dev
version: 0.12.3
groups: cpp
dbscheme: semmlecode.cpp.dbscheme
extractor: cpp

11
cpp/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,14 @@
## 0.9.2
### New Queries
* Added a new query, `cpp/use-of-unique-pointer-after-lifetime-ends`, to detect uses of the contents unique pointers that will be destroyed immediately.
* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there.
### Minor Analysis Improvements
* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur.
## 0.9.1
No user-facing changes.

4
cpp/ql/src/change-notes/2023-12-04-incorrectly-checked-scanf.md
View File

@@ -1,4 +0,0 @@
---
category: newQuery
---
* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there.

4
cpp/ql/src/change-notes/2023-12-12-use-of-unique-pointer-after-lifetime-ends.md
View File

@@ -1,4 +0,0 @@
---
category: newQuery
---
* Added a new query, `cpp/use-of-unique-pointer-after-lifetime-ends`, to detect uses of the contents unique pointers that will be destroyed immediately.

4
cpp/ql/src/change-notes/2023-12-15-badly-bounded-write.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur.

10
cpp/ql/src/change-notes/released/0.9.2.md Normal file
View File

@@ -0,0 +1,10 @@
## 0.9.2
### New Queries
* Added a new query, `cpp/use-of-unique-pointer-after-lifetime-ends`, to detect uses of the contents unique pointers that will be destroyed immediately.
* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there.
### Minor Analysis Improvements
* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur.

2
cpp/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.9.1
lastReleaseVersion: 0.9.2

2
cpp/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/cpp-queries
version: 0.9.2-dev
version: 0.9.2
groups:
- cpp
- queries