Release preparation for version 2.23.5

2025-12-16 16:53:25 +01:00 · 2025-11-11 11:33:33 +00:00
parent 5b1e651803
commit e4f25c9a13
181 changed files with 472 additions and 171 deletions
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 7.7.3
+
+No user-facing changes.
+
 ## 7.7.2

 ### Minor Analysis Improvements
--- a/java/ql/lib/change-notes/released/7.7.3.md
+++ b/java/ql/lib/change-notes/released/7.7.3.md
@@ -0,0 +1,3 @@
+## 7.7.3
+
+No user-facing changes.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.7.2
+lastReleaseVersion: 7.7.3
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 7.7.3-dev
+version: 7.7.3
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,3 +1,16 @@
+## 1.9.0
+
+### New Queries
+
+* The `java/sensitive-cookie-not-httponly` query has been promoted from experimental to the main query pack.
+* Added a new query, `java/escaping`, to detect values escaping from classes marked as `@ThreadSafe`.
+* Added a new query, `java/not-threadsafe`, to detect data races in classes marked as `@ThreadSafe`.
+* Added a new query, `java/safe-publication`, to detect unsafe publication in classes marked as `@ThreadSafe`.
+
+### Minor Analysis Improvements
+
+* Calls to `String.matches` are now treated as sanitizers for the `java/ssrf` query.
+
 ## 1.8.2

 No user-facing changes.
--- a/java/ql/src/change-notes/2025-06-22-query-escaping.md
+++ b/java/ql/src/change-notes/2025-06-22-query-escaping.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query, `java/escaping`, to detect values escaping from classes marked as `@ThreadSafe`.
--- a/java/ql/src/change-notes/2025-06-22-query-not-thread-safe.md
+++ b/java/ql/src/change-notes/2025-06-22-query-not-thread-safe.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query, `java/not-threadsafe`, to detect data races in classes marked as `@ThreadSafe`.
--- a/java/ql/src/change-notes/2025-06-22-query-safe-publication.md
+++ b/java/ql/src/change-notes/2025-06-22-query-safe-publication.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query, `java/safe-publication`, to detect unsafe publication in classes marked as `@ThreadSafe`.
--- a/java/ql/src/change-notes/2025-10-02-http-only-cookie-promote.md
+++ b/java/ql/src/change-notes/2025-10-02-http-only-cookie-promote.md
@@ -1,4 +0,0 @@
---
-category: newQuery
---
-* The `java/sensitive-cookie-not-httponly` query has been promoted from experimental to the main query pack.
--- a/java/ql/src/change-notes/2025-10-24-request-forgery-matches-sanitizer.md
+++ b/java/ql/src/change-notes/2025-10-24-request-forgery-matches-sanitizer.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Calls to `String.matches` are now treated as sanitizers for the `java/ssrf` query.
--- a/java/ql/src/change-notes/released/1.9.0.md
+++ b/java/ql/src/change-notes/released/1.9.0.md
@@ -0,0 +1,12 @@
+## 1.9.0
+
+### New Queries
+
+* The `java/sensitive-cookie-not-httponly` query has been promoted from experimental to the main query pack.
+* Added a new query, `java/escaping`, to detect values escaping from classes marked as `@ThreadSafe`.
+* Added a new query, `java/not-threadsafe`, to detect data races in classes marked as `@ThreadSafe`.
+* Added a new query, `java/safe-publication`, to detect unsafe publication in classes marked as `@ThreadSafe`.
+
+### Minor Analysis Improvements
+
+* Calls to `String.matches` are now treated as sanitizers for the `java/ssrf` query.
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.8.2
+lastReleaseVersion: 1.9.0
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 1.8.3-dev
+version: 1.9.0
 groups:
  - java
  - queries