Release preparation for version 2.14.4

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,18 @@
+## 0.9.2
+
+### Deprecated APIs
+
+* `getAllocatorCall` on `DeleteExpr` and `DeleteArrayExpr` has been deprecated. `getDeallocatorCall` should be used instead.
+
+### New Features
+
+* Added `DeleteOrDeleteArrayExpr` as a super type of `DeleteExpr` and `DeleteArrayExpr`
+
+### Minor Analysis Improvements
+
+* `delete` and `delete[]` are now modeled as calls to the relevant `operator delete` in the IR. In the case of a dynamic delete call a new instruction `VirtualDeleteFunctionAddress` is used to represent a function that dispatches to the correct delete implementation.
+* Only the 2 level indirection of `argv` (corresponding to `**argv`) is consided for `FlowSource`.
+
 ## 0.9.1
 
 No user-facing changes.

cpp/ql/lib/change-notes/2023-08-24-no-taint-argv-indirections.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Only the 2 level indirection of `argv` (corresponding to `**argv`) is consided for `FlowSource`.

cpp/ql/lib/change-notes/2023-08-25-delete-or-delete-array.md

@@ -1,4 +0,0 @@
----
-category: feature
----
-* Added `DeleteOrDeleteArrayExpr` as a super type of `DeleteExpr` and `DeleteArrayExpr`

cpp/ql/lib/change-notes/2023-08-25-getAllocatorCall-deprecated.md

@@ -1,4 +0,0 @@
----
-category: deprecated
----
-* `getAllocatorCall` on `DeleteExpr` and `DeleteArrayExpr` has been deprecated. `getDeallocatorCall` should be used instead.

cpp/ql/lib/change-notes/2023-08-29-delete-ir.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* `delete` and `delete[]` are now modeled as calls to the relevant `operator delete` in the IR. In the case of a dynamic delete call a new instruction `VirtualDeleteFunctionAddress` is used to represent a function that dispatches to the correct delete implementation.

cpp/ql/lib/change-notes/released/0.9.2.md

@@ -0,0 +1,14 @@
+## 0.9.2
+
+### Deprecated APIs
+
+* `getAllocatorCall` on `DeleteExpr` and `DeleteArrayExpr` has been deprecated. `getDeallocatorCall` should be used instead.
+
+### New Features
+
+* Added `DeleteOrDeleteArrayExpr` as a super type of `DeleteExpr` and `DeleteArrayExpr`
+
+### Minor Analysis Improvements
+
+* `delete` and `delete[]` are now modeled as calls to the relevant `operator delete` in the IR. In the case of a dynamic delete call a new instruction `VirtualDeleteFunctionAddress` is used to represent a function that dispatches to the correct delete implementation.
+* Only the 2 level indirection of `argv` (corresponding to `**argv`) is consided for `FlowSource`.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.1
+lastReleaseVersion: 0.9.2

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.9.2-dev
+version: 0.9.2
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,15 @@
+## 0.7.4
+
+### New Queries
+
+* Added a new query, `cpp/invalid-pointer-deref`, to detect out-of-bounds pointer reads and writes.
+
+### Minor Analysis Improvements
+
+* The "Comparison where assignment was intended" query (`cpp/compare-where-assign-meant`) no longer reports comparisons that appear in macro expansions.
+* Some queries that had repeated results corresponding to different levels of indirection for `argv` now only have a single result.
+* The `cpp/non-constant-format` query no longer considers an assignment on the right-hand side of another assignment to be a source of non-constant format strings. As a result, the query may now produce fewer results.
+
 ## 0.7.3
 
 No user-facing changes.

cpp/ql/src/change-notes/2023-08-21-invalid-pointer-deref.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* Added a new query, `cpp/invalid-pointer-deref`, to detect out-of-bounds pointer reads and writes.

cpp/ql/src/change-notes/2023-08-24-no-taint-argv-indirections.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Some queries that had repeated results corresponding to different levels of indirection for `argv` now only have a single result.

cpp/ql/src/change-notes/2023-08-24-remove-non-constant-assign-sources.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The `cpp/non-constant-format` query no longer considers an assignment on the right-hand side of another assignment to be a source of non-constant format strings. As a result, the query may now produce fewer results.

cpp/ql/src/change-notes/2023-08-25-compare-where-assign-meant.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Comparison where assignment was intended" query (`cpp/compare-where-assign-meant`) no longer reports comparisons that appear in macro expansions.

cpp/ql/src/change-notes/released/0.7.4.md

@@ -0,0 +1,11 @@
+## 0.7.4
+
+### New Queries
+
+* Added a new query, `cpp/invalid-pointer-deref`, to detect out-of-bounds pointer reads and writes.
+
+### Minor Analysis Improvements
+
+* The "Comparison where assignment was intended" query (`cpp/compare-where-assign-meant`) no longer reports comparisons that appear in macro expansions.
+* Some queries that had repeated results corresponding to different levels of indirection for `argv` now only have a single result.
+* The `cpp/non-constant-format` query no longer considers an assignment on the right-hand side of another assignment to be a source of non-constant format strings. As a result, the query may now produce fewer results.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.6.4
+
+No user-facing changes.
+
 ## 1.6.3
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.6.4.md

@@ -0,0 +1,3 @@
+## 1.6.4
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.3
+lastReleaseVersion: 1.6.4

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.6.4-dev
+version: 1.6.4
 groups:
     - csharp
     - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.6.4
+
+No user-facing changes.
+
 ## 1.6.3
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.6.4.md

@@ -0,0 +1,3 @@
+## 1.6.4
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.3
+lastReleaseVersion: 1.6.4

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.6.4-dev
+version: 1.6.4
 groups:
     - csharp
     - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* The `--nostdlib` extractor option for the standalone extractor has been removed.
+
 ## 0.7.3
 
 ### Minor Analysis Improvements

csharp/ql/lib/change-notes/released/0.7.4.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* The `--nostdlib` extractor option for the standalone extractor has been removed.
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* The `--nostdlib` extractor option for the standalone extractor has been removed.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.4
+
+No user-facing changes.
+
 ## 0.7.3
 
 No user-facing changes.

csharp/ql/src/change-notes/released/0.7.4.md

@@ -0,0 +1,3 @@
+## 0.7.4
+
+No user-facing changes.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
   - csharp
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.6.4
+
+### Minor Analysis Improvements
+
+* Added [http.Error](https://pkg.go.dev/net/http#Error) to XSS sanitzers.
+
 ## 0.6.3
 
 No user-facing changes.

go/ql/lib/change-notes/released/0.6.4.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* Added [http.Error](https://pkg.go.dev/net/http#Error) to XSS sanitzers.
+## 0.6.4
+
+### Minor Analysis Improvements
+
+* Added [http.Error](https://pkg.go.dev/net/http#Error) to XSS sanitzers.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.3
+lastReleaseVersion: 0.6.4

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.6.4-dev
+version: 0.6.4
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.6.4
+
+No user-facing changes.
+
 ## 0.6.3
 
 No user-facing changes.

go/ql/src/change-notes/released/0.6.4.md

@@ -0,0 +1,3 @@
+## 0.6.4
+
+No user-facing changes.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.3
+lastReleaseVersion: 0.6.4

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.6.4-dev
+version: 0.6.4
 groups:
   - go
   - queries

java/ql/automodel/src/CHANGELOG.md

@@ -0,0 +1,3 @@
+## 0.0.3
+
+No user-facing changes.

java/ql/automodel/src/change-notes/released/0.0.3.md

@@ -0,0 +1,3 @@
+## 0.0.3
+
+No user-facing changes.

java/ql/automodel/src/codeql-pack.release.yml

@@ -0,0 +1,2 @@
+---
+lastReleaseVersion: 0.0.3

java/ql/automodel/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-automodel-queries
-version: 0.0.3-dev
+version: 0.0.3
 groups:
     - java
     - automodel

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,16 @@
+## 0.7.4
+
+### New Features
+
+* Kotlin versions up to 1.9.10 are now supported.
+
+### Minor Analysis Improvements
+
+* Fixed the MaD signature specifications to use proper nested type names.
+* Added new sanitizer to Java command injection model
+* Added more dataflow models for JAX-RS.
+* The predicate `JaxWsEndpoint::getARemoteMethod` no longer requires the result to be annotated with `@WebMethod`. Instead, the requirements listed in the JAX-RPC Specification 1.1 for required parameter and return types are used. Applications using JAX-RS may see an increase in results.
+
 ## 0.7.3
 
 ### Major Analysis Improvements

java/ql/lib/change-notes/2023-08-07-jaxrs-new-models.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added more dataflow models for JAX-RS.

java/ql/lib/change-notes/2023-08-21-java-command-injection-sanitizer.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added new sanitizer to Java command injection model

java/ql/lib/change-notes/2023-08-23-mad-nestednames.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Fixed the MaD signature specifications to use proper nested type names.

java/ql/lib/change-notes/2023-08-24-kotlin-1.9.10.md

@@ -1,4 +0,0 @@
----
-category: feature
----
-* Kotlin versions up to 1.9.10 are now supported.

java/ql/lib/change-notes/released/0.7.4.md

@@ -1,4 +1,12 @@
----
-category: minorAnalysis
----
+## 0.7.4
+
+### New Features
+
+* Kotlin versions up to 1.9.10 are now supported.
+
+### Minor Analysis Improvements
+
+* Fixed the MaD signature specifications to use proper nested type names.
+* Added new sanitizer to Java command injection model
+* Added more dataflow models for JAX-RS.
 * The predicate `JaxWsEndpoint::getARemoteMethod` no longer requires the result to be annotated with `@WebMethod`. Instead, the requirements listed in the JAX-RPC Specification 1.1 for required parameter and return types are used. Applications using JAX-RS may see an increase in results.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 0.7.4
+
+### New Queries
+
+* Added the `java/trust-boundary-violation` query to detect trust boundary violations between HTTP requests and the HTTP session. Also added the `trust-boundary-violation` sink kind for sinks which may cross a trust boundary, such as calls to the `HttpSession#setAttribute` method.
+
+### Minor Analysis Improvements
+
+* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the MDHT library.
+
 ## 0.7.3
 
 No user-facing changes.

java/ql/src/change-notes/2023-07-19-xxe-new-sinks.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the MDHT library.

java/ql/src/change-notes/released/0.7.4.md

@@ -1,5 +1,9 @@
----
-category: newQuery
----
+## 0.7.4
+
+### New Queries
+
 * Added the `java/trust-boundary-violation` query to detect trust boundary violations between HTTP requests and the HTTP session. Also added the `trust-boundary-violation` sink kind for sinks which may cross a trust boundary, such as calls to the `HttpSession#setAttribute` method.
 
+### Minor Analysis Improvements
+
+* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the MDHT library.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.7.4
+
+### Major Analysis Improvements
+
+* Added support for TypeScript 5.2.
+
 ## 0.7.3
 
 No user-facing changes.

javascript/ql/lib/change-notes/2023-06-30-typescript-5-2.md

@@ -1,4 +0,0 @@
----
-category: majorAnalysis
----
-* Added support for TypeScript 5.2.

javascript/ql/lib/change-notes/released/0.7.4.md

@@ -0,0 +1,5 @@
+## 0.7.4
+
+### Major Analysis Improvements
+
+* Added support for TypeScript 5.2.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* Files larger than 10 MB are no longer be extracted or analyzed.
+* Imports can now be resolved in more cases, where a non-constant string expression is passed to a `require()` call.
+
+### Bug Fixes
+
+* Fixed an extractor crash that would occur in rare cases when a TypeScript file contains a self-referential namespace alias.
+
 ## 0.7.3
 
 No user-facing changes.

javascript/ql/src/change-notes/2023-08-23-fix-cyclic-alias-extraction.md

@@ -1,4 +0,0 @@
----
-category: fix
----
-* Fixed an extractor crash that would occur in rare cases when a TypeScript file contains a self-referential namespace alias.

javascript/ql/src/change-notes/2023-08-23-ignore-huge-files.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Files larger than 10 MB are no longer be extracted or analyzed.

javascript/ql/src/change-notes/2023-08-23-import-path-string.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Imports can now be resolved in more cases, where a non-constant string expression is passed to a `require()` call.

javascript/ql/src/change-notes/released/0.7.4.md

@@ -0,0 +1,10 @@
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* Files larger than 10 MB are no longer be extracted or analyzed.
+* Imports can now be resolved in more cases, where a non-constant string expression is passed to a `require()` call.
+
+### Bug Fixes
+
+* Fixed an extractor crash that would occur in rare cases when a TypeScript file contains a self-referential namespace alias.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
   - javascript
   - queries

misc/suite-helpers/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.6.4
+
+No user-facing changes.
+
 ## 0.6.3
 
 No user-facing changes.

misc/suite-helpers/change-notes/released/0.6.4.md

@@ -0,0 +1,3 @@
+## 0.6.4
+
+No user-facing changes.

misc/suite-helpers/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.3
+lastReleaseVersion: 0.6.4

misc/suite-helpers/qlpack.yml

@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 0.6.4-dev
+version: 0.6.4
 groups: shared
 warnOnImplicitThis: true

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.10.4
+
+### Minor Analysis Improvements
+
+* Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags.
+* Added `shlex.quote` as a sanitizer for the `py/shell-command-constructed-from-input` query.
+
 ## 0.10.3
 
 ### Minor Analysis Improvements

python/ql/lib/change-notes/2023-07-20-shlex-quote-sanitizer.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added `shlex.quote` as a sanitizer for the `py/shell-command-constructed-from-input` query.

python/ql/lib/change-notes/released/0.10.4.md

@@ -1,4 +1,6 @@
----
-category: minorAnalysis
----
+## 0.10.4
+
+### Minor Analysis Improvements
+
 * Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags.
+* Added `shlex.quote` as a sanitizer for the `py/shell-command-constructed-from-input` query.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.10.3
+lastReleaseVersion: 0.10.4

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.10.4-dev
+version: 0.10.4
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.8.4
+
+### Minor Analysis Improvements
+
+* Improved _Reflected server-side cross-site scripting_ (`py/reflective-xss`) query to not alert on data passed to `flask.jsonify`. Since these HTTP responses are returned with mime-type `application/json`, they do not pose a security risk for XSS.
+* Updated path explanations for `@kind path-problem` queries to always include left hand side of assignments, making paths easier to understand.
+
 ## 0.8.3
 
 No user-facing changes.

python/ql/src/change-notes/2023-08-17-improved-path-graph.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Updated path explanations for `@kind path-problem` queries to always include left hand side of assignments, making paths easier to understand.

python/ql/src/change-notes/released/0.8.4.md

@@ -1,4 +1,6 @@
----
-category: minorAnalysis
----
+## 0.8.4
+
+### Minor Analysis Improvements
+
 * Improved _Reflected server-side cross-site scripting_ (`py/reflective-xss`) query to not alert on data passed to `flask.jsonify`. Since these HTTP responses are returned with mime-type `application/json`, they do not pose a security risk for XSS.
+* Updated path explanations for `@kind path-problem` queries to always include left hand side of assignments, making paths easier to understand.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.3
+lastReleaseVersion: 0.8.4

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.8.4-dev
+version: 0.8.4
 groups: 
   - python
   - queries

ruby/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.4
+
+No user-facing changes.
+
 ## 0.7.3
 
 ### Minor Analysis Improvements

ruby/ql/lib/change-notes/released/0.7.4.md

@@ -0,0 +1,3 @@
+## 0.7.4
+
+No user-facing changes.

ruby/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.7.4
+
+### New Queries
+
+* Added a new experimental query, `rb/improper-ldap-auth`, to detect cases where user input is used during LDAP authentication without proper validation or sanitization, potentially leading to authentication bypass.
+
 ## 0.7.3
 
 No user-facing changes.

ruby/ql/src/change-notes/released/0.7.4.md

@@ -1,4 +1,5 @@
----
-category: newQuery
----
+## 0.7.4
+
+### New Queries
+
 * Added a new experimental query, `rb/improper-ldap-auth`, to detect cases where user input is used during LDAP authentication without proper validation or sanitization, potentially leading to authentication bypass.

ruby/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
   - ruby
   - queries

shared/controlflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.3
+
+No user-facing changes.
+
 ## 0.0.2
 
 No user-facing changes.

shared/controlflow/change-notes/released/0.0.3.md

@@ -0,0 +1,3 @@
+## 0.0.3
+
+No user-facing changes.

shared/controlflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.2
+lastReleaseVersion: 0.0.3

shared/controlflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/controlflow
-version: 0.0.3-dev
+version: 0.0.3
 groups: shared
 library: true
 dependencies:

shared/dataflow/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 0.0.3
+
+### New Features
+
+* The various inline flow test libraries have been consolidated as a shared library part in the dataflow qlpack.
+
+### Minor Analysis Improvements
+
+* The shared taint-tracking library is now part of the dataflow qlpack.
+
 ## 0.0.2
 
 ### Major Analysis Improvements

shared/dataflow/change-notes/2023-08-04-taint-tracking.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The shared taint-tracking library is now part of the dataflow qlpack.

shared/dataflow/change-notes/2023-08-24-inline-flow-test.md

@@ -1,4 +0,0 @@
----
-category: feature
----
-* The various inline flow test libraries have been consolidated as a shared library part in the dataflow qlpack.

shared/dataflow/change-notes/released/0.0.3.md

@@ -0,0 +1,9 @@
+## 0.0.3
+
+### New Features
+
+* The various inline flow test libraries have been consolidated as a shared library part in the dataflow qlpack.
+
+### Minor Analysis Improvements
+
+* The shared taint-tracking library is now part of the dataflow qlpack.

shared/dataflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.2
+lastReleaseVersion: 0.0.3