Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0

Post-release preparation for codeql-cli-2.9.0
2025-12-17 01:03:14 +01:00 · 2022-04-25 22:52:55 +01:00
parent 2c33a7cdd8 1aecfc67c2
commit aca4c8727f
86 changed files with 277 additions and 162 deletions
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,17 @@
+## 0.1.0
+
+### Breaking Changes
+
+* The recently added flow-state versions of `isBarrierIn`, `isBarrierOut`, `isSanitizerIn`, and `isSanitizerOut` in the data flow and taint tracking libraries have been removed.
+
+### New Features
+
+* A new library `semmle.code.cpp.security.PrivateData` has been added. The new library heuristically detects variables and functions dealing with sensitive private data, such as e-mail addresses and credit card numbers.
+
+### Minor Analysis Improvements
+
+* The `semmle.code.cpp.security.SensitiveExprs` library has been enhanced with some additional rules for detecting credentials.
+
 ## 0.0.13

 ## 0.0.12
--- a/cpp/ql/lib/change-notes/2022-03-28-private-data.md
+++ b/cpp/ql/lib/change-notes/2022-03-28-private-data.md
@@ -1,4 +0,0 @@
---
-category: feature
---
-* A new library `semmle.code.cpp.security.PrivateData` has been added. The new library heuristically detects variables and functions dealing with sensitive private data, such as e-mail addresses and credit card numbers.
--- a/cpp/ql/lib/change-notes/2022-03-31-sensitive-exprs.md
+++ b/cpp/ql/lib/change-notes/2022-03-31-sensitive-exprs.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The `semmle.code.cpp.security.SensitiveExprs` library has been enhanced with some additional rules for detecting credentials.
--- a/cpp/ql/lib/change-notes/2022-04-08-flow-state-barriers.md
+++ b/cpp/ql/lib/change-notes/2022-04-08-flow-state-barriers.md
@@ -1,4 +0,0 @@
---
-category: breaking
---
-The recently added flow-state versions of `isBarrierIn`, `isBarrierOut`, `isSanitizerIn`, and `isSanitizerOut` in the data flow and taint tracking libraries have been removed.
--- a/cpp/ql/lib/change-notes/released/0.1.0.md
+++ b/cpp/ql/lib/change-notes/released/0.1.0.md
@@ -0,0 +1,13 @@
+## 0.1.0
+
+### Breaking Changes
+
+* The recently added flow-state versions of `isBarrierIn`, `isBarrierOut`, `isSanitizerIn`, and `isSanitizerOut` in the data flow and taint tracking libraries have been removed.
+
+### New Features
+
+* A new library `semmle.code.cpp.security.PrivateData` has been added. The new library heuristically detects variables and functions dealing with sensitive private data, such as e-mail addresses and credit card numbers.
+
+### Minor Analysis Improvements
+
+* The `semmle.code.cpp.security.SensitiveExprs` library has been enhanced with some additional rules for detecting credentials.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.13
+lastReleaseVersion: 0.1.0
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.1.0-dev
+version: 0.1.1-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,12 @@
+## 0.1.0
+
+### Minor Analysis Improvements
+
+* The `cpp/cleartext-transmission` query now recognizes additional sources, for sensitive private data such as e-mail addresses and credit card numbers.
+* The `cpp/unused-local-variable` no longer ignores functions that include lambda expressions capturing trivially copyable objects.
+* The `cpp/command-line-injection` query now takes into account calling contexts across string concatenations. This removes false positives due to mismatched calling contexts before and after string concatenations.
+* A new query, "Potential exposure of sensitive system data to an unauthorized control sphere" (`cpp/potential-system-data-exposure`) has been added. This query is focused on exposure of information that is highly likely to be sensitive, whereas the similar query "Exposure of system data to an unauthorized control sphere" (`cpp/system-data-exposure`) is focused on exposure of information on a channel that is more likely to be intercepted by an attacker.
+
 ## 0.0.13

 ## 0.0.12
--- a/cpp/ql/src/change-notes/2022-03-03-potential-system-data-exposure.md
+++ b/cpp/ql/src/change-notes/2022-03-03-potential-system-data-exposure.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* A new query, "Potential exposure of sensitive system data to an unauthorized control sphere" (`cpp/potential-system-data-exposure`) has been added. This query is focused on exposure of information that is highly likely to be sensitive, whereas the similar query "Exposure of system data to an unauthorized control sphere" (`cpp/system-data-exposure`) is focused on exposure of information on a channel that is more likely to be intercepted by an attacker.
--- a/cpp/ql/src/change-notes/2022-03-21-command-line-injection-with-flow-states.md
+++ b/cpp/ql/src/change-notes/2022-03-21-command-line-injection-with-flow-states.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The `cpp/command-line-injection` query now takes into account calling contexts across string concatenations. This removes false positives due to mismatched calling contexts before and after string concatenations.
--- a/cpp/ql/src/change-notes/2022-03-25-unused-lambda-capture.md
+++ b/cpp/ql/src/change-notes/2022-03-25-unused-lambda-capture.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The `cpp/unused-local-variable` no longer ignores functions that include lambda expressions capturing trivially copyable objects.
--- a/cpp/ql/src/change-notes/2022-03-28-cleartext-transmission.md
+++ b/cpp/ql/src/change-notes/2022-03-28-cleartext-transmission.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The `cpp/cleartext-transmission` query now recognizes additional sources, for sensitive private data such as e-mail addresses and credit card numbers.
--- a/cpp/ql/src/change-notes/released/0.1.0.md
+++ b/cpp/ql/src/change-notes/released/0.1.0.md
@@ -0,0 +1,8 @@
+## 0.1.0
+
+### Minor Analysis Improvements
+
+* The `cpp/cleartext-transmission` query now recognizes additional sources, for sensitive private data such as e-mail addresses and credit card numbers.
+* The `cpp/unused-local-variable` no longer ignores functions that include lambda expressions capturing trivially copyable objects.
+* The `cpp/command-line-injection` query now takes into account calling contexts across string concatenations. This removes false positives due to mismatched calling contexts before and after string concatenations.
+* A new query, "Potential exposure of sensitive system data to an unauthorized control sphere" (`cpp/potential-system-data-exposure`) has been added. This query is focused on exposure of information that is highly likely to be sensitive, whereas the similar query "Exposure of system data to an unauthorized control sphere" (`cpp/system-data-exposure`) is focused on exposure of information on a channel that is more likely to be intercepted by an attacker.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.13
+lastReleaseVersion: 0.1.0
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.1.0-dev
+version: 0.1.1-dev
 groups: 
  - cpp
  - queries