mirror of
https://github.com/github/codeql.git
synced 2026-05-27 01:21:23 +02:00
Merge branch 'main' into tausbn/rust-upgrade-to-rust-analyzer-0.0.328
This commit is contained in:
Paolo Tranquilli
@@ -1,3 +1,9 @@
|
||||
## 0.4.36
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`.
|
||||
|
||||
## 0.4.35
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`.
|
||||
## 0.4.36
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Altered 2 patterns in the `poisonable_steps` modelling. Extra sinks are detected in the following cases: scripts executed via python modules and `go run` in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: `actions/untrusted-checkout/high`, `actions/untrusted-checkout/critical`, `actions/untrusted-checkout-toctou/high`, `actions/untrusted-checkout-toctou/critical`, `actions/cache-poisoning/poisonable-step`, `actions/cache-poisoning/direct-cache` and `actions/artifact-poisoning/path-traversal`.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.4.35
|
||||
lastReleaseVersion: 0.4.36
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-all
|
||||
version: 0.4.36-dev
|
||||
version: 0.4.37-dev
|
||||
library: true
|
||||
warnOnImplicitThis: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,3 +1,17 @@
|
||||
## 0.6.28
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur.
|
||||
|
||||
## 0.6.27
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem.
|
||||
13
actions/ql/src/change-notes/released/0.6.28.md
Normal file
13
actions/ql/src/change-notes/released/0.6.28.md
Normal file
@@ -0,0 +1,13 @@
|
||||
## 0.6.28
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* Adjusted the name of `actions/untrusted-checkout/high` to more clearly describe which parts of the scenario are in a privileged context.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `actions/unpinned-tag` query now analyzes composite action metadata (`action.yml`/`action.yaml` files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.6.27
|
||||
lastReleaseVersion: 0.6.28
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-queries
|
||||
version: 0.6.28-dev
|
||||
version: 0.6.29-dev
|
||||
library: false
|
||||
warnOnImplicitThis: true
|
||||
groups: [actions, queries]
|
||||
|
||||
2577
cpp/downgrades/ef8d209a22e27413aaaeff4446f0ecb9fa2c227b/old.dbscheme
Normal file
2577
cpp/downgrades/ef8d209a22e27413aaaeff4446f0ecb9fa2c227b/old.dbscheme
Normal file
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,6 @@
|
||||
description: Capture information about one template being generated from another
|
||||
compatibility: full
|
||||
class_template_generated_from.rel: delete
|
||||
function_template_generated_from.rel: delete
|
||||
variable_template_generated_from.rel: delete
|
||||
alias_template_generated_from.rel: delete
|
||||
@@ -1,3 +1,9 @@
|
||||
## 10.1.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket.
|
||||
|
||||
## 10.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
4
cpp/ql/lib/change-notes/2026-05-21-generated-from.md
Normal file
4
cpp/ql/lib/change-notes/2026-05-21-generated-from.md
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a `getOriginalTemplate` predicate to `TemplateClass`, `TemplateFunction`, `TemplateVariable`, and `AliasTemplateType`, which yields the class member template the template was generated from. The predicates only have results for templates that are members of class template instantiations.
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket.
|
||||
## 10.1.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `RemoteFlowSourceFunction` model for `fscanf` (and variants) now implements `hasSocketInput` to reflect that these functions may read from a socket.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 10.1.0
|
||||
lastReleaseVersion: 10.1.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 10.1.1-dev
|
||||
version: 10.1.2-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -856,8 +856,10 @@ class AbstractClass extends Class {
|
||||
|
||||
/**
|
||||
* A class template (this class also finds partial specializations
|
||||
* of class templates). For example in the following code there is a
|
||||
* `MyTemplateClass<T>` template:
|
||||
* of class templates).
|
||||
*
|
||||
* For example in the following code there is a `MyTemplateClass<T>`
|
||||
* template:
|
||||
* ```
|
||||
* template<class T>
|
||||
* class MyTemplateClass {
|
||||
@@ -893,6 +895,29 @@ class TemplateClass extends Class {
|
||||
}
|
||||
|
||||
override string getAPrimaryQlClass() { result = "TemplateClass" }
|
||||
|
||||
/**
|
||||
* Gets the class member template this template was generated from.
|
||||
*
|
||||
* This predicate only has results for templates that are members of class
|
||||
* template instantiations. For example, for `MyTemplateClass<int>::C<S>`
|
||||
* in the following code, the result is `MyTemplateClass<T>::C<S>`.
|
||||
* ```cpp
|
||||
* template<class T>
|
||||
* class MyTemplateClass {
|
||||
* template<class S>
|
||||
* class C {
|
||||
* ...
|
||||
* };
|
||||
* };
|
||||
*
|
||||
* template
|
||||
* class MyTemplateClass<int>;
|
||||
* ```
|
||||
*/
|
||||
TemplateClass getOriginalTemplate() {
|
||||
class_template_generated_from(underlyingElement(this), unresolveElement(result))
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -828,6 +828,27 @@ class TemplateFunction extends Function {
|
||||
* such things -- see FunctionTemplateSpecialization for further details.
|
||||
*/
|
||||
FunctionTemplateSpecialization getASpecialization() { result.getPrimaryTemplate() = this }
|
||||
|
||||
/**
|
||||
* Gets the class member template this template was generated from.
|
||||
*
|
||||
* This predicate only has results for templates that are members of class
|
||||
* template instantiations. For example, for `MyTemplateClass<int>::f<S>`
|
||||
* in the following code, the result is `MyTemplateClass<T>::f<S>`.
|
||||
* ```cpp
|
||||
* template<class T>
|
||||
* class MyTemplateClass {
|
||||
* template<class S>
|
||||
* S f();
|
||||
* };
|
||||
*
|
||||
* template
|
||||
* class MyTemplateClass<int>;
|
||||
* ```
|
||||
*/
|
||||
TemplateFunction getOriginalTemplate() {
|
||||
function_template_generated_from(underlyingElement(this), unresolveElement(result))
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -130,6 +130,27 @@ class AliasTemplateType extends TypeAliasType {
|
||||
* ```
|
||||
*/
|
||||
TypeAliasType getAnInstantiation() { result.isConstructedFrom(this) }
|
||||
|
||||
/**
|
||||
* Gets the class member template this template was generated from.
|
||||
*
|
||||
* This predicate only has results for templates that are members of class
|
||||
* template instantiations. For example, for `MyTemplateClass<int>::t<S>`
|
||||
* in the following code, the result is `MyTemplateClass<T>::t<S>`.
|
||||
* ```cpp
|
||||
* template<class T>
|
||||
* class MyTemplateClass {
|
||||
* template<class S>
|
||||
* using t = S;
|
||||
* };
|
||||
*
|
||||
* template
|
||||
* class MyTemplateClass<int>;
|
||||
* ```
|
||||
*/
|
||||
AliasTemplateType getOriginalTemplate() {
|
||||
alias_template_generated_from(underlyingElement(this), unresolveElement(result))
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -614,6 +614,27 @@ class TemplateVariable extends Variable {
|
||||
result.isConstructedFrom(this) and
|
||||
not result.isSpecialization()
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the class member template this template was generated from.
|
||||
*
|
||||
* This predicate only has results for templates that are members of class
|
||||
* template instantiations. For example, for `MyTemplateClass<int>::x<S>`
|
||||
* in the following code, the result is `MyTemplateClass<T>::x<S>`.
|
||||
* ```cpp
|
||||
* template<class T>
|
||||
* class MyTemplateClass {
|
||||
* template<class S>
|
||||
* static S x;
|
||||
* };
|
||||
*
|
||||
* template
|
||||
* class MyTemplateClass<int>;
|
||||
* ```
|
||||
*/
|
||||
TemplateVariable getOriginalTemplate() {
|
||||
variable_template_generated_from(underlyingElement(this), unresolveElement(result))
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -912,6 +912,10 @@ class_template_argument_value(
|
||||
int index: int ref,
|
||||
int arg_value: @expr ref
|
||||
);
|
||||
class_template_generated_from(
|
||||
unique int template: @usertype ref,
|
||||
int from: @usertype ref
|
||||
)
|
||||
|
||||
@user_or_decltype = @usertype | @decltype;
|
||||
|
||||
@@ -943,6 +947,10 @@ function_template_argument_value(
|
||||
int index: int ref,
|
||||
int arg_value: @expr ref
|
||||
);
|
||||
function_template_generated_from(
|
||||
unique int template: @function ref,
|
||||
int from: @function ref
|
||||
);
|
||||
|
||||
is_variable_template(unique int id: @variable ref);
|
||||
variable_instantiation(
|
||||
@@ -959,6 +967,10 @@ variable_template_argument_value(
|
||||
int index: int ref,
|
||||
int arg_value: @expr ref
|
||||
);
|
||||
variable_template_generated_from(
|
||||
unique int template: @variable ref,
|
||||
int from: @variable ref
|
||||
);
|
||||
|
||||
is_alias_template(unique int id: @usertype ref);
|
||||
alias_instantiation(
|
||||
@@ -966,15 +978,19 @@ alias_instantiation(
|
||||
int from: @usertype ref
|
||||
);
|
||||
alias_template_argument(
|
||||
int variable_id: @usertype ref,
|
||||
int type_id: @usertype ref,
|
||||
int index: int ref,
|
||||
int arg_type: @type ref
|
||||
);
|
||||
alias_template_argument_value(
|
||||
int variable_id: @usertype ref,
|
||||
int type_id: @usertype ref,
|
||||
int index: int ref,
|
||||
int arg_value: @expr ref
|
||||
);
|
||||
alias_template_generated_from(
|
||||
unique int template: @usertype ref,
|
||||
int from: @usertype ref
|
||||
);
|
||||
|
||||
template_template_instantiation(
|
||||
int to: @usertype ref,
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,2 @@
|
||||
description: Capture information about one template being generated from another
|
||||
compatibility: backwards
|
||||
@@ -1,3 +1,9 @@
|
||||
## 1.6.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`.
|
||||
|
||||
## 1.6.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`.
|
||||
## 1.6.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The 'Cleartext transmission of sensitive information' query (`cpp/cleartext-transmission`) no longer raises an alert on calls to `fscanf` (and variants) when the call reads from an "obviously local" `FILE` stream such as `stdin`.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.6.2
|
||||
lastReleaseVersion: 1.6.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 1.6.3-dev
|
||||
version: 1.6.4-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -32,9 +32,13 @@ namespace Semmle.Extraction.CSharp.Entities
|
||||
{
|
||||
var assembly = Assembly.CreateOutputAssembly(Context);
|
||||
|
||||
trapFile.compilations(this, FileUtils.ConvertToUnix(cwd));
|
||||
var path = Context.ExtractionContext.PathTransformer.Transform(cwd);
|
||||
trapFile.compilations(this, path.Value);
|
||||
trapFile.compilation_assembly(this, assembly);
|
||||
|
||||
// Ensure that a `Folder` entity exists
|
||||
Folder.Create(Context, path);
|
||||
|
||||
// Arguments
|
||||
var expandedIndex = 0;
|
||||
for (var i = 0; i < args.Length; i++)
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.67
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.66
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.67
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.66
|
||||
lastReleaseVersion: 1.7.67
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.67-dev
|
||||
version: 1.7.68-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.67
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.66
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.67
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.66
|
||||
lastReleaseVersion: 1.7.67
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.67-dev
|
||||
version: 1.7.68-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 6.0.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 6.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
3
csharp/ql/lib/change-notes/released/6.0.1.md
Normal file
3
csharp/ql/lib/change-notes/released/6.0.1.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 6.0.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 6.0.0
|
||||
lastReleaseVersion: 6.0.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 6.0.1-dev
|
||||
version: 6.0.2-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
csharp/ql/src/change-notes/released/1.7.3.md
Normal file
3
csharp/ql/src/change-notes/released/1.7.3.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.7.3
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.2
|
||||
lastReleaseVersion: 1.7.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 1.7.3-dev
|
||||
version: 1.7.4-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.0.50
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.49
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.0.50
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.49
|
||||
lastReleaseVersion: 1.0.50
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 1.0.50-dev
|
||||
version: 1.0.51-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 7.1.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 7.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
3
go/ql/lib/change-notes/released/7.1.1.md
Normal file
3
go/ql/lib/change-notes/released/7.1.1.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 7.1.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 7.1.0
|
||||
lastReleaseVersion: 7.1.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 7.1.1-dev
|
||||
version: 7.1.2-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.6.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.6.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
go/ql/src/change-notes/released/1.6.3.md
Normal file
3
go/ql/src/change-notes/released/1.6.3.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.6.3
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.6.2
|
||||
lastReleaseVersion: 1.6.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 1.6.3-dev
|
||||
version: 1.6.4-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 9.1.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Introduced a new sink kind `path-injection[read]` for Models-as-Data rows that only read from a path (such as `ClassLoader.getResource`, `FileInputStream`, `FileReader`, `Files.readAllBytes`, and related APIs). The general `java/path-injection` query continues to consider both `path-injection` and `path-injection[read]` sinks.
|
||||
|
||||
## 9.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 9.1.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Introduced a new sink kind `path-injection[read]` for Models-as-Data rows that only read from a path (such as `ClassLoader.getResource`, `FileInputStream`, `FileReader`, `Files.readAllBytes`, and related APIs). The general `java/path-injection` query continues to consider both `path-injection` and `path-injection[read]` sinks.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 9.1.0
|
||||
lastReleaseVersion: 9.1.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 9.1.1-dev
|
||||
version: 9.1.2-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 1.11.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `java/zipslip` query no longer reports archive entry names that flow only to read-only path sinks such as `ClassLoader.getResource`, `FileInputStream`, and `FileReader`. The query now restricts its sinks to the `path-injection` kind and deliberately excludes the new `path-injection[read]` sub-kind, matching the Zip Slip threat model of unsafe archive extraction.
|
||||
|
||||
## 1.11.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 1.11.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `java/zipslip` query no longer reports archive entry names that flow only to read-only path sinks such as `ClassLoader.getResource`, `FileInputStream`, and `FileReader`. The query now restricts its sinks to the `path-injection` kind and deliberately excludes the new `path-injection[read]` sub-kind, matching the Zip Slip threat model of unsafe archive extraction.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.11.2
|
||||
lastReleaseVersion: 1.11.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 1.11.3-dev
|
||||
version: 1.11.4-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 2.7.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 2.7.0
|
||||
|
||||
### New Features
|
||||
|
||||
3
javascript/ql/lib/change-notes/released/2.7.1.md
Normal file
3
javascript/ql/lib/change-notes/released/2.7.1.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 2.7.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.7.0
|
||||
lastReleaseVersion: 2.7.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 2.7.1-dev
|
||||
version: 2.7.2-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 2.3.10
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 2.3.9
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
javascript/ql/src/change-notes/released/2.3.10.md
Normal file
3
javascript/ql/src/change-notes/released/2.3.10.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 2.3.10
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.3.9
|
||||
lastReleaseVersion: 2.3.10
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 2.3.10-dev
|
||||
version: 2.3.11-dev
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.0.50
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.49
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
misc/suite-helpers/change-notes/released/1.0.50.md
Normal file
3
misc/suite-helpers/change-notes/released/1.0.50.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.0.50
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.49
|
||||
lastReleaseVersion: 1.0.50
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
name: codeql/suite-helpers
|
||||
version: 1.0.50-dev
|
||||
version: 1.0.51-dev
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 7.1.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 7.1.0
|
||||
|
||||
### New Features
|
||||
|
||||
3
python/ql/lib/change-notes/released/7.1.1.md
Normal file
3
python/ql/lib/change-notes/released/7.1.1.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 7.1.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 7.1.0
|
||||
lastReleaseVersion: 7.1.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-all
|
||||
version: 7.1.1-dev
|
||||
version: 7.1.2-dev
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.8.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.8.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
python/ql/src/change-notes/released/1.8.3.md
Normal file
3
python/ql/src/change-notes/released/1.8.3.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.8.3
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.8.2
|
||||
lastReleaseVersion: 1.8.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-queries
|
||||
version: 1.8.3-dev
|
||||
version: 1.8.4-dev
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 5.2.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 5.2.0
|
||||
|
||||
### New Features
|
||||
|
||||
3
ruby/ql/lib/change-notes/released/5.2.1.md
Normal file
3
ruby/ql/lib/change-notes/released/5.2.1.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 5.2.1
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 5.2.0
|
||||
lastReleaseVersion: 5.2.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-all
|
||||
version: 5.2.1-dev
|
||||
version: 5.2.2-dev
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.6.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.6.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
ruby/ql/src/change-notes/released/1.6.3.md
Normal file
3
ruby/ql/src/change-notes/released/1.6.3.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.6.3
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.6.2
|
||||
lastReleaseVersion: 1.6.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-queries
|
||||
version: 1.6.3-dev
|
||||
version: 1.6.4-dev
|
||||
groups:
|
||||
- ruby
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.2.14
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.2.13
|
||||
|
||||
### New Features
|
||||
|
||||
3
rust/ql/lib/change-notes/released/0.2.14.md
Normal file
3
rust/ql/lib/change-notes/released/0.2.14.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.2.14
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.2.13
|
||||
lastReleaseVersion: 0.2.14
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user