mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Release preparation for version 2.21.4
This commit is contained in:
github-actions[bot]
@@ -1,3 +1,7 @@
|
|||||||
|
## 0.4.10
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 0.4.9
|
## 0.4.9
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
3
actions/ql/lib/change-notes/released/0.4.10.md
Normal file
3
actions/ql/lib/change-notes/released/0.4.10.md
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
## 0.4.10
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.4.9
|
lastReleaseVersion: 0.4.10
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/actions-all
|
name: codeql/actions-all
|
||||||
version: 0.4.10-dev
|
version: 0.4.10
|
||||||
library: true
|
library: true
|
||||||
warnOnImplicitThis: true
|
warnOnImplicitThis: true
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 0.6.2
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The query `actions/missing-workflow-permissions` is now aware of the minimal permissions needed for the actions `deploy-pages`, `delete-package-versions`, `ai-inference`. This should lead to better alert messages and better fix suggestions.
|
||||||
|
|
||||||
## 0.6.1
|
## 0.6.1
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 0.6.2
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* The query `actions/missing-workflow-permissions` is now aware of the minimal permissions needed for the actions `deploy-pages`, `delete-package-versions`, `ai-inference`. This should lead to better alert messages and better fix suggestions.
|
* The query `actions/missing-workflow-permissions` is now aware of the minimal permissions needed for the actions `deploy-pages`, `delete-package-versions`, `ai-inference`. This should lead to better alert messages and better fix suggestions.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.6.1
|
lastReleaseVersion: 0.6.2
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/actions-queries
|
name: codeql/actions-queries
|
||||||
version: 0.6.2-dev
|
version: 0.6.2
|
||||||
library: false
|
library: false
|
||||||
warnOnImplicitThis: true
|
warnOnImplicitThis: true
|
||||||
groups: [actions, queries]
|
groups: [actions, queries]
|
||||||
|
|||||||
@@ -1,3 +1,27 @@
|
|||||||
|
## 5.0.0
|
||||||
|
|
||||||
|
### Breaking Changes
|
||||||
|
|
||||||
|
* Deleted the deprecated `userInputArgument` predicate and its convenience accessor from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `userInputReturned` predicate and its convenience accessor from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `userInputReturn` predicate from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `isUserInput` predicate and its convenience accessor from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `userInputArgument` predicate from the `SecurityOptions.qll`.
|
||||||
|
* Deleted the deprecated `userInputReturned` predicate from the `SecurityOptions.qll`.
|
||||||
|
|
||||||
|
### New Features
|
||||||
|
|
||||||
|
* Added local flow source models for `ReadFile`, `ReadFileEx`, `MapViewOfFile`, `MapViewOfFile2`, `MapViewOfFile3`, `MapViewOfFile3FromApp`, `MapViewOfFileEx`, `MapViewOfFileFromApp`, `MapViewOfFileNuma2`, and `NtReadFile`.
|
||||||
|
* Added the `pCmdLine` arguments of `WinMain` and `wWinMain` as local flow sources.
|
||||||
|
* Added source models for `GetCommandLineA`, `GetCommandLineW`, `GetEnvironmentStringsA`, `GetEnvironmentStringsW`, `GetEnvironmentVariableA`, and `GetEnvironmentVariableW`.
|
||||||
|
* Added summary models for `CommandLineToArgvA` and `CommandLineToArgvW`.
|
||||||
|
* Added support for `wmain` as part of the ArgvSource model.
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ArrayAggregateLiteral`s.
|
||||||
|
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ClassAggregateLiteral`s.
|
||||||
|
|
||||||
## 4.3.1
|
## 4.3.1
|
||||||
|
|
||||||
### Bug Fixes
|
### Bug Fixes
|
||||||
|
|||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: fix
|
|
||||||
---
|
|
||||||
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ClassAggregateLiteral`s.
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: fix
|
|
||||||
---
|
|
||||||
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ArrayAggregateLiteral`s.
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: feature
|
|
||||||
---
|
|
||||||
* Added support for `wmain` as part of the ArgvSource model.
|
|
||||||
@@ -1,9 +0,0 @@
|
|||||||
---
|
|
||||||
category: breaking
|
|
||||||
---
|
|
||||||
* Deleted the deprecated `userInputArgument` predicate and its convenience accessor from the `Security.qll`.
|
|
||||||
* Deleted the deprecated `userInputReturned` predicate and its convenience accessor from the `Security.qll`.
|
|
||||||
* Deleted the deprecated `userInputReturn` predicate from the `Security.qll`.
|
|
||||||
* Deleted the deprecated `isUserInput` predicate and its convenience accessor from the `Security.qll`.
|
|
||||||
* Deleted the deprecated `userInputArgument` predicate from the `SecurityOptions.qll`.
|
|
||||||
* Deleted the deprecated `userInputReturned` predicate from the `SecurityOptions.qll`.
|
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
---
|
|
||||||
category: feature
|
|
||||||
---
|
|
||||||
* Added the `pCmdLine` arguments of `WinMain` and `wWinMain` as local flow sources.
|
|
||||||
* Added source models for `GetCommandLineA`, `GetCommandLineW`, `GetEnvironmentStringsA`, `GetEnvironmentStringsW`, `GetEnvironmentVariableA`, and `GetEnvironmentVariableW`.
|
|
||||||
* Added summary models for `CommandLineToArgvA` and `CommandLineToArgvW`.
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: feature
|
|
||||||
---
|
|
||||||
* Added local flow source models for `ReadFile`, `ReadFileEx`, `MapViewOfFile`, `MapViewOfFile2`, `MapViewOfFile3`, `MapViewOfFile3FromApp`, `MapViewOfFileEx`, `MapViewOfFileFromApp`, `MapViewOfFileNuma2`, and `NtReadFile`.
|
|
||||||
23
cpp/ql/lib/change-notes/released/5.0.0.md
Normal file
23
cpp/ql/lib/change-notes/released/5.0.0.md
Normal file
@@ -0,0 +1,23 @@
|
|||||||
|
## 5.0.0
|
||||||
|
|
||||||
|
### Breaking Changes
|
||||||
|
|
||||||
|
* Deleted the deprecated `userInputArgument` predicate and its convenience accessor from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `userInputReturned` predicate and its convenience accessor from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `userInputReturn` predicate from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `isUserInput` predicate and its convenience accessor from the `Security.qll`.
|
||||||
|
* Deleted the deprecated `userInputArgument` predicate from the `SecurityOptions.qll`.
|
||||||
|
* Deleted the deprecated `userInputReturned` predicate from the `SecurityOptions.qll`.
|
||||||
|
|
||||||
|
### New Features
|
||||||
|
|
||||||
|
* Added local flow source models for `ReadFile`, `ReadFileEx`, `MapViewOfFile`, `MapViewOfFile2`, `MapViewOfFile3`, `MapViewOfFile3FromApp`, `MapViewOfFileEx`, `MapViewOfFileFromApp`, `MapViewOfFileNuma2`, and `NtReadFile`.
|
||||||
|
* Added the `pCmdLine` arguments of `WinMain` and `wWinMain` as local flow sources.
|
||||||
|
* Added source models for `GetCommandLineA`, `GetCommandLineW`, `GetEnvironmentStringsA`, `GetEnvironmentStringsW`, `GetEnvironmentVariableA`, and `GetEnvironmentVariableW`.
|
||||||
|
* Added summary models for `CommandLineToArgvA` and `CommandLineToArgvW`.
|
||||||
|
* Added support for `wmain` as part of the ArgvSource model.
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ArrayAggregateLiteral`s.
|
||||||
|
* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ClassAggregateLiteral`s.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 4.3.1
|
lastReleaseVersion: 5.0.0
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/cpp-all
|
name: codeql/cpp-all
|
||||||
version: 4.3.2-dev
|
version: 5.0.0
|
||||||
groups: cpp
|
groups: cpp
|
||||||
dbscheme: semmlecode.cpp.dbscheme
|
dbscheme: semmlecode.cpp.dbscheme
|
||||||
extractor: cpp
|
extractor: cpp
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 1.4.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* Added flow model for the `SQLite` and `OpenSSL` libraries. This may result in more alerts when running queries on codebases that use these libraries.
|
||||||
|
|
||||||
## 1.4.0
|
## 1.4.0
|
||||||
|
|
||||||
### Query Metadata Changes
|
### Query Metadata Changes
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 1.4.1
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
* Added flow model for the `SQLite` and `OpenSSL` libraries. This may result in more alerts when running queries on codebases that use these libraries.
|
|
||||||
|
* Added flow model for the `SQLite` and `OpenSSL` libraries. This may result in more alerts when running queries on codebases that use these libraries.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.4.0
|
lastReleaseVersion: 1.4.1
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/cpp-queries
|
name: codeql/cpp-queries
|
||||||
version: 1.4.1-dev
|
version: 1.4.1
|
||||||
groups:
|
groups:
|
||||||
- cpp
|
- cpp
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
## 1.7.41
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 1.7.40
|
## 1.7.40
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
@@ -0,0 +1,3 @@
|
|||||||
|
## 1.7.41
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.7.40
|
lastReleaseVersion: 1.7.41
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-solorigate-all
|
name: codeql/csharp-solorigate-all
|
||||||
version: 1.7.41-dev
|
version: 1.7.41
|
||||||
groups:
|
groups:
|
||||||
- csharp
|
- csharp
|
||||||
- solorigate
|
- solorigate
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
## 1.7.41
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 1.7.40
|
## 1.7.40
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
@@ -0,0 +1,3 @@
|
|||||||
|
## 1.7.41
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.7.40
|
lastReleaseVersion: 1.7.41
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-solorigate-queries
|
name: codeql/csharp-solorigate-queries
|
||||||
version: 1.7.41-dev
|
version: 1.7.41
|
||||||
groups:
|
groups:
|
||||||
- csharp
|
- csharp
|
||||||
- solorigate
|
- solorigate
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 5.1.7
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The generated Models as Data (MaD) models for .NET 9 Runtime have been updated and are now more precise (due to a recent model generator improvement).
|
||||||
|
|
||||||
## 5.1.6
|
## 5.1.6
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 5.1.7
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* The generated Models as Data (MaD) models for .NET 9 Runtime have been updated and are now more precise (due to a recent model generator improvement).
|
* The generated Models as Data (MaD) models for .NET 9 Runtime have been updated and are now more precise (due to a recent model generator improvement).
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 5.1.6
|
lastReleaseVersion: 5.1.7
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-all
|
name: codeql/csharp-all
|
||||||
version: 5.1.7-dev
|
version: 5.1.7
|
||||||
groups: csharp
|
groups: csharp
|
||||||
dbscheme: semmlecode.csharp.dbscheme
|
dbscheme: semmlecode.csharp.dbscheme
|
||||||
extractor: csharp
|
extractor: csharp
|
||||||
|
|||||||
@@ -1,3 +1,12 @@
|
|||||||
|
## 1.2.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The precision of the query `cs/missed-readonly-modifier` has been improved. Some false positives related to static fields and struct type fields have been removed.
|
||||||
|
* The queries `cs/password-in-configuration`, `cs/hardcoded-credentials` and `cs/hardcoded-connection-string-credentials` have been removed from all query suites.
|
||||||
|
* The precision of the query `cs/gethashcode-is-not-defined` has been improved (false negative reduction). Calls to more methods (and indexers) that rely on the invariant `e1.Equals(e2)` implies `e1.GetHashCode() == e2.GetHashCode()` are taken into account.
|
||||||
|
* The precision of the query `cs/uncontrolled-format-string` has been improved (false negative reduction). Calls to `System.Text.CompositeFormat.Parse` are now considered a format like method call.
|
||||||
|
|
||||||
## 1.2.0
|
## 1.2.0
|
||||||
|
|
||||||
### Query Metadata Changes
|
### Query Metadata Changes
|
||||||
|
|||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: minorAnalysis
|
|
||||||
---
|
|
||||||
* The precision of the query `cs/uncontrolled-format-string` has been improved (false negative reduction). Calls to `System.Text.CompositeFormat.Parse` are now considered a format like method call.
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: minorAnalysis
|
|
||||||
---
|
|
||||||
* The precision of the query `cs/gethashcode-is-not-defined` has been improved (false negative reduction). Calls to more methods (and indexers) that rely on the invariant `e1.Equals(e2)` implies `e1.GetHashCode() == e2.GetHashCode()` are taken into account.
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: minorAnalysis
|
|
||||||
---
|
|
||||||
* The queries `cs/password-in-configuration`, `cs/hardcoded-credentials` and `cs/hardcoded-connection-string-credentials` have been removed from all query suites.
|
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: minorAnalysis
|
|
||||||
---
|
|
||||||
* The precision of the query `cs/missed-readonly-modifier` has been improved. Some false positives related to static fields and struct type fields have been removed.
|
|
||||||
8
csharp/ql/src/change-notes/released/1.2.1.md
Normal file
8
csharp/ql/src/change-notes/released/1.2.1.md
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
## 1.2.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The precision of the query `cs/missed-readonly-modifier` has been improved. Some false positives related to static fields and struct type fields have been removed.
|
||||||
|
* The queries `cs/password-in-configuration`, `cs/hardcoded-credentials` and `cs/hardcoded-connection-string-credentials` have been removed from all query suites.
|
||||||
|
* The precision of the query `cs/gethashcode-is-not-defined` has been improved (false negative reduction). Calls to more methods (and indexers) that rely on the invariant `e1.Equals(e2)` implies `e1.GetHashCode() == e2.GetHashCode()` are taken into account.
|
||||||
|
* The precision of the query `cs/uncontrolled-format-string` has been improved (false negative reduction). Calls to `System.Text.CompositeFormat.Parse` are now considered a format like method call.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.2.0
|
lastReleaseVersion: 1.2.1
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-queries
|
name: codeql/csharp-queries
|
||||||
version: 1.2.1-dev
|
version: 1.2.1
|
||||||
groups:
|
groups:
|
||||||
- csharp
|
- csharp
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
## 1.0.24
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 1.0.23
|
## 1.0.23
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
@@ -0,0 +1,3 @@
|
|||||||
|
## 1.0.24
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.0.23
|
lastReleaseVersion: 1.0.24
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql-go-consistency-queries
|
name: codeql-go-consistency-queries
|
||||||
version: 1.0.24-dev
|
version: 1.0.24
|
||||||
groups:
|
groups:
|
||||||
- go
|
- go
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
## 4.2.6
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 4.2.5
|
## 4.2.5
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
3
go/ql/lib/change-notes/released/4.2.6.md
Normal file
3
go/ql/lib/change-notes/released/4.2.6.md
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
## 4.2.6
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 4.2.5
|
lastReleaseVersion: 4.2.6
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/go-all
|
name: codeql/go-all
|
||||||
version: 4.2.6-dev
|
version: 4.2.6
|
||||||
groups: go
|
groups: go
|
||||||
dbscheme: go.dbscheme
|
dbscheme: go.dbscheme
|
||||||
extractor: go
|
extractor: go
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 1.2.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The query `go/hardcoded-credentials` has been removed from all query suites.
|
||||||
|
|
||||||
## 1.2.0
|
## 1.2.0
|
||||||
|
|
||||||
### Query Metadata Changes
|
### Query Metadata Changes
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 1.2.1
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* The query `go/hardcoded-credentials` has been removed from all query suites.
|
* The query `go/hardcoded-credentials` has been removed from all query suites.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.2.0
|
lastReleaseVersion: 1.2.1
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/go-queries
|
name: codeql/go-queries
|
||||||
version: 1.2.1-dev
|
version: 1.2.1
|
||||||
groups:
|
groups:
|
||||||
- go
|
- go
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,10 @@
|
|||||||
|
## 7.3.0
|
||||||
|
|
||||||
|
### Deprecated APIs
|
||||||
|
|
||||||
|
* The predicate `getValue()` on `SpringRequestMappingMethod` is now deprecated. Use `getAValue()` instead.
|
||||||
|
* Java now uses the shared `BasicBlock` library. This means that the names of several member predicates have been changed to align with the names used in other languages. The old predicates have been deprecated. The `BasicBlock` class itself no longer extends `ControlFlowNode` - the predicate `getFirstNode` can be used to fix any QL code that somehow relied on this.
|
||||||
|
|
||||||
## 7.2.0
|
## 7.2.0
|
||||||
|
|
||||||
### New Features
|
### New Features
|
||||||
|
|||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: deprecated
|
|
||||||
---
|
|
||||||
* The predicate `getValue()` on `SpringRequestMappingMethod` is now deprecated. Use `getAValue()` instead.
|
|
||||||
@@ -1,4 +1,6 @@
|
|||||||
---
|
## 7.3.0
|
||||||
category: deprecated
|
|
||||||
---
|
### Deprecated APIs
|
||||||
|
|
||||||
|
* The predicate `getValue()` on `SpringRequestMappingMethod` is now deprecated. Use `getAValue()` instead.
|
||||||
* Java now uses the shared `BasicBlock` library. This means that the names of several member predicates have been changed to align with the names used in other languages. The old predicates have been deprecated. The `BasicBlock` class itself no longer extends `ControlFlowNode` - the predicate `getFirstNode` can be used to fix any QL code that somehow relied on this.
|
* Java now uses the shared `BasicBlock` library. This means that the names of several member predicates have been changed to align with the names used in other languages. The old predicates have been deprecated. The `BasicBlock` class itself no longer extends `ControlFlowNode` - the predicate `getFirstNode` can be used to fix any QL code that somehow relied on this.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 7.2.0
|
lastReleaseVersion: 7.3.0
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/java-all
|
name: codeql/java-all
|
||||||
version: 7.2.1-dev
|
version: 7.3.0
|
||||||
groups: java
|
groups: java
|
||||||
dbscheme: config/semmlecode.dbscheme
|
dbscheme: config/semmlecode.dbscheme
|
||||||
extractor: java
|
extractor: java
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 1.5.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The query `java/hardcoded-credential-api-call` has been removed from all query suites.
|
||||||
|
|
||||||
## 1.5.0
|
## 1.5.0
|
||||||
|
|
||||||
### Query Metadata Changes
|
### Query Metadata Changes
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 1.5.1
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* The query `java/hardcoded-credential-api-call` has been removed from all query suites.
|
* The query `java/hardcoded-credential-api-call` has been removed from all query suites.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.5.0
|
lastReleaseVersion: 1.5.1
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/java-queries
|
name: codeql/java-queries
|
||||||
version: 1.5.1-dev
|
version: 1.5.1
|
||||||
groups:
|
groups:
|
||||||
- java
|
- java
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 2.6.4
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* Improved analysis for `ES6 classes` mixed with `function prototypes`, leading to more accurate call graph resolution.
|
||||||
|
|
||||||
## 2.6.3
|
## 2.6.3
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
### Minor Analysis Improvements
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 2.6.4
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* Improved analysis for `ES6 classes` mixed with `function prototypes`, leading to more accurate call graph resolution.
|
* Improved analysis for `ES6 classes` mixed with `function prototypes`, leading to more accurate call graph resolution.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 2.6.3
|
lastReleaseVersion: 2.6.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/javascript-all
|
name: codeql/javascript-all
|
||||||
version: 2.6.4-dev
|
version: 2.6.4
|
||||||
groups: javascript
|
groups: javascript
|
||||||
dbscheme: semmlecode.javascript.dbscheme
|
dbscheme: semmlecode.javascript.dbscheme
|
||||||
extractor: javascript
|
extractor: javascript
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 1.6.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The queries `js/hardcoded-credentials` and `js/password-in-configuration-file` have been removed from all query suites.
|
||||||
|
|
||||||
## 1.6.0
|
## 1.6.0
|
||||||
|
|
||||||
### Query Metadata Changes
|
### Query Metadata Changes
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 1.6.1
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* The queries `js/hardcoded-credentials` and `js/password-in-configuration-file` have been removed from all query suites.
|
* The queries `js/hardcoded-credentials` and `js/password-in-configuration-file` have been removed from all query suites.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.6.0
|
lastReleaseVersion: 1.6.1
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/javascript-queries
|
name: codeql/javascript-queries
|
||||||
version: 1.6.1-dev
|
version: 1.6.1
|
||||||
groups:
|
groups:
|
||||||
- javascript
|
- javascript
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
## 1.0.24
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 1.0.23
|
## 1.0.23
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
3
misc/suite-helpers/change-notes/released/1.0.24.md
Normal file
3
misc/suite-helpers/change-notes/released/1.0.24.md
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
## 1.0.24
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.0.23
|
lastReleaseVersion: 1.0.24
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
name: codeql/suite-helpers
|
name: codeql/suite-helpers
|
||||||
version: 1.0.24-dev
|
version: 1.0.24
|
||||||
groups: shared
|
groups: shared
|
||||||
warnOnImplicitThis: true
|
warnOnImplicitThis: true
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 4.0.8
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
- The Python extractor now extracts files in hidden directories by default. If you would like to skip files in hidden directories, add `paths-ignore: ["**/.*/**"]` to your [Code Scanning config](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan). If you would like to skip all hidden files, you can use `paths-ignore: ["**/.*"]`. When using the CodeQL CLI for extraction, specify the configuration (creating the configuration file if necessary) using the `--codescanning-config` option.
|
||||||
|
|
||||||
## 4.0.7
|
## 4.0.7
|
||||||
|
|
||||||
### Minor Analysis Improvements
|
### Minor Analysis Improvements
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
---
|
## 4.0.8
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
- The Python extractor now extracts files in hidden directories by default. If you would like to skip files in hidden directories, add `paths-ignore: ["**/.*/**"]` to your [Code Scanning config](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan). If you would like to skip all hidden files, you can use `paths-ignore: ["**/.*"]`. When using the CodeQL CLI for extraction, specify the configuration (creating the configuration file if necessary) using the `--codescanning-config` option.
|
- The Python extractor now extracts files in hidden directories by default. If you would like to skip files in hidden directories, add `paths-ignore: ["**/.*/**"]` to your [Code Scanning config](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan). If you would like to skip all hidden files, you can use `paths-ignore: ["**/.*"]`. When using the CodeQL CLI for extraction, specify the configuration (creating the configuration file if necessary) using the `--codescanning-config` option.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 4.0.7
|
lastReleaseVersion: 4.0.8
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/python-all
|
name: codeql/python-all
|
||||||
version: 4.0.8-dev
|
version: 4.0.8
|
||||||
groups: python
|
groups: python
|
||||||
dbscheme: semmlecode.python.dbscheme
|
dbscheme: semmlecode.python.dbscheme
|
||||||
extractor: python
|
extractor: python
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 1.5.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The query `py/hardcoded-credentials` has been removed from all query suites.
|
||||||
|
|
||||||
## 1.5.0
|
## 1.5.0
|
||||||
|
|
||||||
### Query Metadata Changes
|
### Query Metadata Changes
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 1.5.1
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* The query `py/hardcoded-credentials` has been removed from all query suites.
|
* The query `py/hardcoded-credentials` has been removed from all query suites.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.5.0
|
lastReleaseVersion: 1.5.1
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/python-queries
|
name: codeql/python-queries
|
||||||
version: 1.5.1-dev
|
version: 1.5.1
|
||||||
groups:
|
groups:
|
||||||
- python
|
- python
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,15 @@
|
|||||||
|
## 4.1.7
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* Captured variables are currently considered live when the capturing function exits normally. Now they are also considered live when the capturing function exits via an exception.
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* The Ruby printAst.qll library now orders AST nodes slightly differently: child nodes that do not literally appear in the source code, but whose parent nodes do, are assigned a deterministic order based on a combination of source location and logical order within the parent. This fixes the non-deterministic ordering that sometimes occurred depending on evaluation order. The effect may also be visible in downstream uses of the printAst library, such as the AST view in the VSCode extension.
|
||||||
|
|
||||||
## 4.1.6
|
## 4.1.6
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
@@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
category: minorAnalysis
|
|
||||||
---
|
|
||||||
* Captured variables are currently considered live when the capturing function exits normally. Now they are also considered live when the capturing function exits via an exception.
|
|
||||||
@@ -1,6 +1,11 @@
|
|||||||
---
|
## 4.1.7
|
||||||
category: fix
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* Captured variables are currently considered live when the capturing function exits normally. Now they are also considered live when the capturing function exits via an exception.
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
### Bug Fixes
|
### Bug Fixes
|
||||||
|
|
||||||
* The Ruby printAst.qll library now orders AST nodes slightly differently: child nodes that do not literally appear in the source code, but whose parent nodes do, are assigned a deterministic order based on a combination of source location and logical order within the parent. This fixes the non-deterministic ordering that sometimes occurred depending on evaluation order. The effect may also be visible in downstream uses of the printAst library, such as the AST view in the VSCode extension.
|
* The Ruby printAst.qll library now orders AST nodes slightly differently: child nodes that do not literally appear in the source code, but whose parent nodes do, are assigned a deterministic order based on a combination of source location and logical order within the parent. This fixes the non-deterministic ordering that sometimes occurred depending on evaluation order. The effect may also be visible in downstream uses of the printAst library, such as the AST view in the VSCode extension.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 4.1.6
|
lastReleaseVersion: 4.1.7
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/ruby-all
|
name: codeql/ruby-all
|
||||||
version: 4.1.7-dev
|
version: 4.1.7
|
||||||
groups: ruby
|
groups: ruby
|
||||||
extractor: ruby
|
extractor: ruby
|
||||||
dbscheme: ruby.dbscheme
|
dbscheme: ruby.dbscheme
|
||||||
|
|||||||
@@ -1,3 +1,9 @@
|
|||||||
|
## 1.3.1
|
||||||
|
|
||||||
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
|
* The query `rb/hardcoded-credentials` has been removed from all query suites.
|
||||||
|
|
||||||
## 1.3.0
|
## 1.3.0
|
||||||
|
|
||||||
### Query Metadata Changes
|
### Query Metadata Changes
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
---
|
## 1.3.1
|
||||||
category: minorAnalysis
|
|
||||||
---
|
### Minor Analysis Improvements
|
||||||
|
|
||||||
* The query `rb/hardcoded-credentials` has been removed from all query suites.
|
* The query `rb/hardcoded-credentials` has been removed from all query suites.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 1.3.0
|
lastReleaseVersion: 1.3.1
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/ruby-queries
|
name: codeql/ruby-queries
|
||||||
version: 1.3.1-dev
|
version: 1.3.1
|
||||||
groups:
|
groups:
|
||||||
- ruby
|
- ruby
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
## 0.1.9
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 0.1.8
|
## 0.1.8
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
3
rust/ql/lib/change-notes/released/0.1.9.md
Normal file
3
rust/ql/lib/change-notes/released/0.1.9.md
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
## 0.1.9
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.1.8
|
lastReleaseVersion: 0.1.9
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/rust-all
|
name: codeql/rust-all
|
||||||
version: 0.1.9-dev
|
version: 0.1.9
|
||||||
groups: rust
|
groups: rust
|
||||||
extractor: rust
|
extractor: rust
|
||||||
dbscheme: rust.dbscheme
|
dbscheme: rust.dbscheme
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
## 0.1.9
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
|
|
||||||
## 0.1.8
|
## 0.1.8
|
||||||
|
|
||||||
No user-facing changes.
|
No user-facing changes.
|
||||||
|
|||||||
3
rust/ql/src/change-notes/released/0.1.9.md
Normal file
3
rust/ql/src/change-notes/released/0.1.9.md
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
## 0.1.9
|
||||||
|
|
||||||
|
No user-facing changes.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.1.8
|
lastReleaseVersion: 0.1.9
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/rust-queries
|
name: codeql/rust-queries
|
||||||
version: 0.1.9-dev
|
version: 0.1.9
|
||||||
groups:
|
groups:
|
||||||
- rust
|
- rust
|
||||||
- queries
|
- queries
|
||||||
|
|||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user