diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index 011af903a2a..ddd0b0f1aec 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.4.36 + +### Minor Analysis Improvements + +* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`. + ## 0.4.35 No user-facing changes. diff --git a/actions/ql/lib/change-notes/2026-04-15-poisonable-steps-additions-alterations.md b/actions/ql/lib/change-notes/released/0.4.36.md similarity index 92% rename from actions/ql/lib/change-notes/2026-04-15-poisonable-steps-additions-alterations.md rename to actions/ql/lib/change-notes/released/0.4.36.md index 4a28280a3c8..1781776f932 100644 --- a/actions/ql/lib/change-notes/2026-04-15-poisonable-steps-additions-alterations.md +++ b/actions/ql/lib/change-notes/released/0.4.36.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`. \ No newline at end of file +## 0.4.36 + +### Minor Analysis Improvements + +* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 524302c92d3..45433e3ec03 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.35 +lastReleaseVersion: 0.4.36 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index cf1232c01fb..747298d69c6 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.36-dev +version: 0.4.36 library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 0a7fa1ce830..1670f0af5be 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,17 @@ +## 0.6.28 + +### Query Metadata Changes + +* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context. + +### Minor Analysis Improvements + +* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem. + +### Bug Fixes + +* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. + ## 0.6.27 No user-facing changes. diff --git a/actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-helpfile.md b/actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-helpfile.md deleted file mode 100644 index 2555bc03d3d..00000000000 --- a/actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-helpfile.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. \ No newline at end of file diff --git a/actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-metadata.md b/actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-metadata.md deleted file mode 100644 index 78f97da0f17..00000000000 --- a/actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-metadata.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context. \ No newline at end of file diff --git a/actions/ql/src/change-notes/2026-04-20-unpinned-tag-composite-actions.md b/actions/ql/src/change-notes/2026-04-20-unpinned-tag-composite-actions.md deleted file mode 100644 index 7e00965a17c..00000000000 --- a/actions/ql/src/change-notes/2026-04-20-unpinned-tag-composite-actions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem. \ No newline at end of file diff --git a/actions/ql/src/change-notes/released/0.6.28.md b/actions/ql/src/change-notes/released/0.6.28.md new file mode 100644 index 00000000000..23a7aa24ee3 --- /dev/null +++ b/actions/ql/src/change-notes/released/0.6.28.md @@ -0,0 +1,13 @@ +## 0.6.28 + +### Query Metadata Changes + +* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context. + +### Minor Analysis Improvements + +* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem. + +### Bug Fixes + +* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index 0748b12112f..90f3f09295a 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.27 +lastReleaseVersion: 0.6.28 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index 2c9811c780a..894ba6fec69 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.28-dev +version: 0.6.28 library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 828b8779117..3b95c10fbb5 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 10.1.1 + +### Minor Analysis Improvements + +* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket. + ## 10.1.0 ### New Features diff --git a/cpp/ql/lib/change-notes/2026-05-15-hasSocketInput-for-fscanf.md b/cpp/ql/lib/change-notes/released/10.1.1.md similarity index 64% rename from cpp/ql/lib/change-notes/2026-05-15-hasSocketInput-for-fscanf.md rename to cpp/ql/lib/change-notes/released/10.1.1.md index 842d52dd8bf..f89a429fae6 100644 --- a/cpp/ql/lib/change-notes/2026-05-15-hasSocketInput-for-fscanf.md +++ b/cpp/ql/lib/change-notes/released/10.1.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket. \ No newline at end of file +## 10.1.1 + +### Minor Analysis Improvements + +* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index a85b2d36d7c..940a668bbf3 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 10.1.0 +lastReleaseVersion: 10.1.1 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 88d4dafaebb..dd55ebe6c3a 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 10.1.1-dev +version: 10.1.1 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 3a9d4fae927..901d2092283 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.6.3 + +### Minor Analysis Improvements + +* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`. + ## 1.6.2 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2026-05-15-cleartext-transmission-fp.md b/cpp/ql/src/change-notes/released/1.6.3.md similarity index 69% rename from cpp/ql/src/change-notes/2026-05-15-cleartext-transmission-fp.md rename to cpp/ql/src/change-notes/released/1.6.3.md index 6fcb3e1c88b..bd2b7c9bdb1 100644 --- a/cpp/ql/src/change-notes/2026-05-15-cleartext-transmission-fp.md +++ b/cpp/ql/src/change-notes/released/1.6.3.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`. \ No newline at end of file +## 1.6.3 + +### Minor Analysis Improvements + +* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 5f5beb68311..00b51441d88 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.2 +lastReleaseVersion: 1.6.3 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index ddd0014f2e0..a57263b53fc 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.3-dev +version: 1.6.3 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 4cb7b556968..eefb35f174a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.67 + +No user-facing changes. + ## 1.7.66 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.67.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.67.md new file mode 100644 index 00000000000..6ae3bdfde83 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.67.md @@ -0,0 +1,3 @@ +## 1.7.67 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 7d0a2c0bc07..0293fdade8f 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.66 +lastReleaseVersion: 1.7.67 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index c5cfa0dcd89..51b34483e1b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.67-dev +version: 1.7.67 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 4cb7b556968..eefb35f174a 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.67 + +No user-facing changes. + ## 1.7.66 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.67.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.67.md new file mode 100644 index 00000000000..6ae3bdfde83 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.67.md @@ -0,0 +1,3 @@ +## 1.7.67 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 7d0a2c0bc07..0293fdade8f 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.66 +lastReleaseVersion: 1.7.67 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index c9f0acac983..81f347373c5 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.67-dev +version: 1.7.67 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 1d7f42a9075..17fd83bcda7 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 6.0.1 + +No user-facing changes. + ## 6.0.0 ### Breaking Changes diff --git a/csharp/ql/lib/change-notes/released/6.0.1.md b/csharp/ql/lib/change-notes/released/6.0.1.md new file mode 100644 index 00000000000..35b17912c81 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/6.0.1.md @@ -0,0 +1,3 @@ +## 6.0.1 + +No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index f8c4fa43ccb..d1f3c68c812 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.0.0 +lastReleaseVersion: 6.0.1 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 0e03db99ca9..1605a359ad8 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 6.0.1-dev +version: 6.0.1 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 32243acfb97..8c4388fe2bb 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.3 + +No user-facing changes. + ## 1.7.2 No user-facing changes. diff --git a/csharp/ql/src/change-notes/released/1.7.3.md b/csharp/ql/src/change-notes/released/1.7.3.md new file mode 100644 index 00000000000..a629082e215 --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.7.3.md @@ -0,0 +1,3 @@ +## 1.7.3 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 39bbba86c19..9f9661b1e77 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.2 +lastReleaseVersion: 1.7.3 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index de201743065..84a1271fcad 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.3-dev +version: 1.7.3 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a6b6055373a..512a5732ccd 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.50.md b/go/ql/consistency-queries/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 49572c215bb..a3f2fd4897a 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.50-dev +version: 1.0.50 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 5043d924be0..54afc3a977b 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 7.1.1 + +No user-facing changes. + ## 7.1.0 ### New Features diff --git a/go/ql/lib/change-notes/released/7.1.1.md b/go/ql/lib/change-notes/released/7.1.1.md new file mode 100644 index 00000000000..849fd4da328 --- /dev/null +++ b/go/ql/lib/change-notes/released/7.1.1.md @@ -0,0 +1,3 @@ +## 7.1.1 + +No user-facing changes. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index dcaaa76112a..8e970df6cae 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.1.0 +lastReleaseVersion: 7.1.1 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 16ddb133517..95fc95a0fc0 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.1.1-dev +version: 7.1.1 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index ddda5dc4829..84d9ae7de59 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.3 + +No user-facing changes. + ## 1.6.2 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.6.3.md b/go/ql/src/change-notes/released/1.6.3.md new file mode 100644 index 00000000000..a000ecf7025 --- /dev/null +++ b/go/ql/src/change-notes/released/1.6.3.md @@ -0,0 +1,3 @@ +## 1.6.3 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 5f5beb68311..00b51441d88 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.2 +lastReleaseVersion: 1.6.3 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 5fdc63fe363..df9d7653085 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.3-dev +version: 1.6.3 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2187f00c399..a6c0cfc278a 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 9.1.1 + +### Minor Analysis Improvements + +* Introduced a new sink kind `path-injection[read]` for Models-as-Data rows that only read from a path (such as `ClassLoader.getResource`, `FileInputStream`, `FileReader`, `Files.readAllBytes`, and related APIs). The general `java/path-injection` query continues to consider both `path-injection` and `path-injection[read]` sinks. + ## 9.1.0 ### New Features diff --git a/java/ql/lib/change-notes/2026-04-21-path-injection-read-subkind.md b/java/ql/lib/change-notes/released/9.1.1.md similarity index 88% rename from java/ql/lib/change-notes/2026-04-21-path-injection-read-subkind.md rename to java/ql/lib/change-notes/released/9.1.1.md index bcd9479d2af..e4681c58644 100644 --- a/java/ql/lib/change-notes/2026-04-21-path-injection-read-subkind.md +++ b/java/ql/lib/change-notes/released/9.1.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 9.1.1 + +### Minor Analysis Improvements + * Introduced a new sink kind `path-injection[read]` for Models-as-Data rows that only read from a path (such as `ClassLoader.getResource`, `FileInputStream`, `FileReader`, `Files.readAllBytes`, and related APIs). The general `java/path-injection` query continues to consider both `path-injection` and `path-injection[read]` sinks. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 83ec2b42fcd..02e630d3384 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.1.0 +lastReleaseVersion: 9.1.1 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index e5ebb1d2131..5f6482c1ae2 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.1.1-dev +version: 9.1.1 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index fd13cbdcf83..fbbc339797b 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.11.3 + +### Minor Analysis Improvements + +* The `java/zipslip` query no longer reports archive entry names that flow only to read-only path sinks such as `ClassLoader.getResource`, `FileInputStream`, and `FileReader`. The query now restricts its sinks to the `path-injection` kind and deliberately excludes the new `path-injection[read]` sub-kind, matching the Zip Slip threat model of unsafe archive extraction. + ## 1.11.2 No user-facing changes. diff --git a/java/ql/src/change-notes/2026-04-21-zipslip-exclude-read-sinks.md b/java/ql/src/change-notes/released/1.11.3.md similarity index 89% rename from java/ql/src/change-notes/2026-04-21-zipslip-exclude-read-sinks.md rename to java/ql/src/change-notes/released/1.11.3.md index ee688924052..02f6fe7f16c 100644 --- a/java/ql/src/change-notes/2026-04-21-zipslip-exclude-read-sinks.md +++ b/java/ql/src/change-notes/released/1.11.3.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.11.3 + +### Minor Analysis Improvements + * The `java/zipslip` query no longer reports archive entry names that flow only to read-only path sinks such as `ClassLoader.getResource`, `FileInputStream`, and `FileReader`. The query now restricts its sinks to the `path-injection` kind and deliberately excludes the new `path-injection[read]` sub-kind, matching the Zip Slip threat model of unsafe archive extraction. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 3e341cf85d5..220561dc648 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.11.2 +lastReleaseVersion: 1.11.3 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 3776af914c2..1d3c3c5b716 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.3-dev +version: 1.11.3 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 53708faed09..c201b3a4b13 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.7.1 + +No user-facing changes. + ## 2.7.0 ### New Features diff --git a/javascript/ql/lib/change-notes/released/2.7.1.md b/javascript/ql/lib/change-notes/released/2.7.1.md new file mode 100644 index 00000000000..e7c89e7954f --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.7.1.md @@ -0,0 +1,3 @@ +## 2.7.1 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 6a6c87f537d..820fb65a5c7 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.7.0 +lastReleaseVersion: 2.7.1 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 623a7f4db2f..ff45431ce7a 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.7.1-dev +version: 2.7.1 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 615c030de52..1a69291d145 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.3.10 + +No user-facing changes. + ## 2.3.9 No user-facing changes. diff --git a/javascript/ql/src/change-notes/released/2.3.10.md b/javascript/ql/src/change-notes/released/2.3.10.md new file mode 100644 index 00000000000..bc91b8aba45 --- /dev/null +++ b/javascript/ql/src/change-notes/released/2.3.10.md @@ -0,0 +1,3 @@ +## 2.3.10 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 079eb5bfb0c..a4a2f98d509 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.3.9 +lastReleaseVersion: 2.3.10 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 593c0032466..ad653e83497 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.10-dev +version: 2.3.10 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index d6d070a91bb..8e20945c6bf 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.50.md b/misc/suite-helpers/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 802112d0fc8..4d751d815ec 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.50-dev +version: 1.0.50 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 8ede35e9bdc..3d09821803b 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 7.1.1 + +No user-facing changes. + ## 7.1.0 ### New Features diff --git a/python/ql/lib/change-notes/released/7.1.1.md b/python/ql/lib/change-notes/released/7.1.1.md new file mode 100644 index 00000000000..849fd4da328 --- /dev/null +++ b/python/ql/lib/change-notes/released/7.1.1.md @@ -0,0 +1,3 @@ +## 7.1.1 + +No user-facing changes. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index dcaaa76112a..8e970df6cae 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.1.0 +lastReleaseVersion: 7.1.1 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 724d270b4e8..826b3506869 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.1.1-dev +version: 7.1.1 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 8676d754d01..544b9778d4d 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.8.3 + +No user-facing changes. + ## 1.8.2 No user-facing changes. diff --git a/python/ql/src/change-notes/released/1.8.3.md b/python/ql/src/change-notes/released/1.8.3.md new file mode 100644 index 00000000000..5b25a447c30 --- /dev/null +++ b/python/ql/src/change-notes/released/1.8.3.md @@ -0,0 +1,3 @@ +## 1.8.3 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 559af8348bb..8071ef421ab 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.8.2 +lastReleaseVersion: 1.8.3 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 0544fddc168..ee265ad65e9 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.3-dev +version: 1.8.3 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index e8dd84283c6..07859d0f0e6 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 5.2.1 + +No user-facing changes. + ## 5.2.0 ### New Features diff --git a/ruby/ql/lib/change-notes/released/5.2.1.md b/ruby/ql/lib/change-notes/released/5.2.1.md new file mode 100644 index 00000000000..8d65db4e16d --- /dev/null +++ b/ruby/ql/lib/change-notes/released/5.2.1.md @@ -0,0 +1,3 @@ +## 5.2.1 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 9e57a36a7dc..1684d0e72a2 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.2.0 +lastReleaseVersion: 5.2.1 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index cfdaf454426..29c765d88ee 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.2.1-dev +version: 5.2.1 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 927a40e596d..c874059c151 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.3 + +No user-facing changes. + ## 1.6.2 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.6.3.md b/ruby/ql/src/change-notes/released/1.6.3.md new file mode 100644 index 00000000000..a000ecf7025 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.6.3.md @@ -0,0 +1,3 @@ +## 1.6.3 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 5f5beb68311..00b51441d88 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.2 +lastReleaseVersion: 1.6.3 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index beaf92c0d8a..a745eae0790 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.3-dev +version: 1.6.3 groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 30ae7d73b67..d85d27d88d6 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.14 + +No user-facing changes. + ## 0.2.13 ### New Features diff --git a/rust/ql/lib/change-notes/released/0.2.14.md b/rust/ql/lib/change-notes/released/0.2.14.md new file mode 100644 index 00000000000..f2d005e6285 --- /dev/null +++ b/rust/ql/lib/change-notes/released/0.2.14.md @@ -0,0 +1,3 @@ +## 0.2.14 + +No user-facing changes. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index 979eb20092e..c53820a76d5 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.13 +lastReleaseVersion: 0.2.14 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 47f846eb02b..03f5418863c 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.14-dev +version: 0.2.14 groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 4b735337c90..ad1e8ef3bfe 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.35 + +No user-facing changes. + ## 0.1.34 No user-facing changes. diff --git a/rust/ql/src/change-notes/released/0.1.35.md b/rust/ql/src/change-notes/released/0.1.35.md new file mode 100644 index 00000000000..5ac57c1d977 --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.35.md @@ -0,0 +1,3 @@ +## 0.1.35 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index a1d4333b19b..6a5806eec2b 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.34 +lastReleaseVersion: 0.1.35 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index ec76e8f1265..1de0db6c345 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.35-dev +version: 0.1.35 groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index 59942922ea0..e2de2975455 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.24 + +No user-facing changes. + ## 0.0.23 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.24.md b/shared/concepts/change-notes/released/0.0.24.md new file mode 100644 index 00000000000..84995db2aff --- /dev/null +++ b/shared/concepts/change-notes/released/0.0.24.md @@ -0,0 +1,3 @@ +## 0.0.24 + +No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index cc2195603d8..b956773a07f 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.23 +lastReleaseVersion: 0.0.24 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index 6943387bae2..a56c1d8efb2 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.24-dev +version: 0.0.24 groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 9c6d7c09d17..dc02f115c99 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.34 + +No user-facing changes. + ## 2.0.33 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.34.md b/shared/controlflow/change-notes/released/2.0.34.md new file mode 100644 index 00000000000..fd170d38ce6 --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.34.md @@ -0,0 +1,3 @@ +## 2.0.34 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 92e23200b4d..339a3ce7c57 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.33 +lastReleaseVersion: 2.0.34 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 7fbe2fd4ea9..e96e7aa69a2 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.34-dev +version: 2.0.34 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 9e4ca0a0ea8..7ecbeda3b21 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.1.6 + +No user-facing changes. + ## 2.1.5 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.1.6.md b/shared/dataflow/change-notes/released/2.1.6.md new file mode 100644 index 00000000000..39543a53672 --- /dev/null +++ b/shared/dataflow/change-notes/released/2.1.6.md @@ -0,0 +1,3 @@ +## 2.1.6 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index a890ff0111c..1c810b60c4a 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.5 +lastReleaseVersion: 2.1.6 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 34336f4c322..e599587f88a 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.6-dev +version: 2.1.6 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 5d5551d10a3..964c1bb1d98 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.50.md b/shared/mad/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/mad/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 5631fbf1a73..60567e24cb4 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index be06e2108a8..7153b9314b1 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.28 + +No user-facing changes. + ## 0.0.27 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.28.md b/shared/quantum/change-notes/released/0.0.28.md new file mode 100644 index 00000000000..1b4fdd47819 --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.28.md @@ -0,0 +1,3 @@ +## 0.0.28 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index dbab90d6989..3462db7d348 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.27 +lastReleaseVersion: 0.0.28 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index 794f238b6e9..58005b74255 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.28-dev +version: 0.0.28 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 8b457ef5927..e2a893046c9 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.50.md b/shared/rangeanalysis/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index e43819bf36e..5a61b8d5eb9 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 639cede00af..bb83dfc0a1f 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.50.md b/shared/regex/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/regex/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 242382c6a1f..a3c25f8f13e 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 9cfbb004657..f9145f2c88b 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.26 + +No user-facing changes. + ## 2.0.25 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.26.md b/shared/ssa/change-notes/released/2.0.26.md new file mode 100644 index 00000000000..9b1fe95f577 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.26.md @@ -0,0 +1,3 @@ +## 2.0.26 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index f54d8620118..63d57bef481 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.25 +lastReleaseVersion: 2.0.26 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 9e510c43dd0..1ddb7e74af2 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.26-dev +version: 2.0.26 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a6b6055373a..512a5732ccd 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.50.md b/shared/threat-models/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 14e33e435d1..2473e135f4d 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.50-dev +version: 1.0.50 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 5fcacc0b8b5..c98a035d149 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.50.md b/shared/tutorial/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 10b77ca0438..fa05472a305 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index fbfdb431161..de43834a84e 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.50.md b/shared/typeflow/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 9301be5228f..fe6ae27a1d1 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index 1652285654a..3bbb96e59a9 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.31 + +No user-facing changes. + ## 0.0.30 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.31.md b/shared/typeinference/change-notes/released/0.0.31.md new file mode 100644 index 00000000000..99e11d52c92 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.31.md @@ -0,0 +1,3 @@ +## 0.0.31 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index 0c61b463bab..54b504d06ec 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.30 +lastReleaseVersion: 0.0.31 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 1db3c0e95ac..dfefd717254 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.31-dev +version: 0.0.31 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index ecdded5ceda..313862d5bc7 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.34 + +No user-facing changes. + ## 2.0.33 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.34.md b/shared/typetracking/change-notes/released/2.0.34.md new file mode 100644 index 00000000000..fd170d38ce6 --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.34.md @@ -0,0 +1,3 @@ +## 2.0.34 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 92e23200b4d..339a3ce7c57 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.33 +lastReleaseVersion: 2.0.34 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 436b35815f0..905cc886823 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.34-dev +version: 2.0.34 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 617fa5638b4..5838cd3c535 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.50.md b/shared/typos/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/typos/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 4057cfb5784..65791cd6efd 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 51488029e96..24a4f7d09a2 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.37 + +No user-facing changes. + ## 2.0.36 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.37.md b/shared/util/change-notes/released/2.0.37.md new file mode 100644 index 00000000000..7d0b67a34af --- /dev/null +++ b/shared/util/change-notes/released/2.0.37.md @@ -0,0 +1,3 @@ +## 2.0.37 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 7e4aaa0dd67..108259a7400 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.36 +lastReleaseVersion: 2.0.37 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index cff240056a4..d7dd7255df0 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.37-dev +version: 2.0.37 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 9f60f66ff72..96dfbcadf56 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.50.md b/shared/xml/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/xml/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 748ac73e0f8..8de2d725b22 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index a13e3308874..e006acbeb21 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.50 + +No user-facing changes. + ## 1.0.49 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.50.md b/shared/yaml/change-notes/released/1.0.50.md new file mode 100644 index 00000000000..c1e5becd9fc --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.50.md @@ -0,0 +1,3 @@ +## 1.0.50 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 596617977df..856137cc5db 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.49 +lastReleaseVersion: 1.0.50 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 54d582bb9fa..6c817def500 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.50-dev +version: 1.0.50 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e7979dbf0ed..01461fd5bfe 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 6.6.0 + +### New Features + +* The `TypeDecl` class now defines a `getDeclaredInterfaceType` predicate, which yields the declared interface type of the type declaration. + ## 6.5.0 ### New Features diff --git a/swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md b/swift/ql/lib/change-notes/released/6.6.0.md similarity index 83% rename from swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md rename to swift/ql/lib/change-notes/released/6.6.0.md index c62130ee099..98de23680a3 100644 --- a/swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md +++ b/swift/ql/lib/change-notes/released/6.6.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 6.6.0 + +### New Features + * The `TypeDecl` class now defines a `getDeclaredInterfaceType` predicate, which yields the declared interface type of the type declaration. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 2813c8e210f..4d7f31f2d8e 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.5.0 +lastReleaseVersion: 6.6.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 921af77ca70..e1d436bb7f6 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.5.1-dev +version: 6.6.0 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index f7b81101037..4bd8088718a 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.3 + +No user-facing changes. + ## 1.3.2 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.3.3.md b/swift/ql/src/change-notes/released/1.3.3.md new file mode 100644 index 00000000000..27a88ea0061 --- /dev/null +++ b/swift/ql/src/change-notes/released/1.3.3.md @@ -0,0 +1,3 @@ +## 1.3.3 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 86a9cb32d86..eb1f7dabc84 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.2 +lastReleaseVersion: 1.3.3 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 5354c5ee4d5..e3e90856f70 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.3-dev +version: 1.3.3 groups: - swift - queries