diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index e84ba38d180..011af903a2a 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.35 + +No user-facing changes. + ## 0.4.34 ### Minor Analysis Improvements diff --git a/actions/ql/lib/change-notes/released/0.4.35.md b/actions/ql/lib/change-notes/released/0.4.35.md new file mode 100644 index 00000000000..3274ffc88e4 --- /dev/null +++ b/actions/ql/lib/change-notes/released/0.4.35.md @@ -0,0 +1,3 @@ +## 0.4.35 + +No user-facing changes. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 69fb16e4c39..524302c92d3 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.34 +lastReleaseVersion: 0.4.35 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 6e78fc546b3..cf1232c01fb 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.35-dev +version: 0.4.36-dev library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 96f8d266206..0a7fa1ce830 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.27 + +No user-facing changes. + ## 0.6.26 ### Major Analysis Improvements @@ -173,7 +177,7 @@ No user-facing changes. * `actions/if-expression-always-true/critical` * `actions/if-expression-always-true/high` * `actions/unnecessary-use-of-advanced-config` - + * The following query has been moved from the `code-scanning` suite to the `security-extended` suite. Any existing alerts for this query will be closed automatically unless the analysis is configured to use the `security-extended` suite. diff --git a/actions/ql/src/change-notes/released/0.6.27.md b/actions/ql/src/change-notes/released/0.6.27.md new file mode 100644 index 00000000000..52d3a10fd1f --- /dev/null +++ b/actions/ql/src/change-notes/released/0.6.27.md @@ -0,0 +1,3 @@ +## 0.6.27 + +No user-facing changes. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index e83bac0046e..0748b12112f 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.26 +lastReleaseVersion: 0.6.27 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index c815afc498c..2c9811c780a 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.27-dev +version: 0.6.28-dev library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 2cd1bcede35..828b8779117 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 10.1.0 + +### New Features + +* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). + +### Minor Analysis Improvements + +* Added taint flow models for the `Strsafe.h` header from the Windows SDK. + ## 10.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 30f0092a4e9..00000000000 --- a/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). diff --git a/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md b/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md deleted file mode 100644 index 4b0d7528d47..00000000000 --- a/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. diff --git a/cpp/ql/lib/change-notes/2026-04-28-strsafe.md b/cpp/ql/lib/change-notes/2026-04-28-strsafe.md deleted file mode 100644 index 9ef3fab0853..00000000000 --- a/cpp/ql/lib/change-notes/2026-04-28-strsafe.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint flow models for the `Strsafe.h` header from the Windows SDK. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/released/10.1.0.md b/cpp/ql/lib/change-notes/released/10.1.0.md new file mode 100644 index 00000000000..45d153b4896 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/10.1.0.md @@ -0,0 +1,10 @@ +## 10.1.0 + +### New Features + +* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). + +### Minor Analysis Improvements + +* Added taint flow models for the `Strsafe.h` header from the Windows SDK. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 28758256b94..a85b2d36d7c 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 10.0.0 +lastReleaseVersion: 10.1.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8a9d60a7fa9..88d4dafaebb 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 10.0.1-dev +version: 10.1.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index e677f584416..3a9d4fae927 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 ### Minor Analysis Improvements @@ -366,7 +370,7 @@ No user-facing changes. ### Minor Analysis Improvements * The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives. -* Added dataflow models for the `gettext` function variants. +* Added dataflow models for the `gettext` function variants. ## 0.9.4 diff --git a/cpp/ql/src/change-notes/released/1.6.2.md b/cpp/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 00000000000..bbe3747556f --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index ef7a789e0cf..5f5beb68311 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 714167434c8..ddd0014f2e0 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.2-dev +version: 1.6.3-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 166a94bd88d..4cb7b556968 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.66 + +No user-facing changes. + ## 1.7.65 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md new file mode 100644 index 00000000000..7fc1a46a66e --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md @@ -0,0 +1,3 @@ +## 1.7.66 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index bf581427d29..7d0a2c0bc07 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.66 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 9d0e0ffd4f9..c5cfa0dcd89 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.66-dev +version: 1.7.67-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 166a94bd88d..4cb7b556968 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.66 + +No user-facing changes. + ## 1.7.65 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md new file mode 100644 index 00000000000..7fc1a46a66e --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md @@ -0,0 +1,3 @@ +## 1.7.66 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index bf581427d29..7d0a2c0bc07 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.66 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index f5203f4e443..c9f0acac983 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.66-dev +version: 1.7.67-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 2e3f6c137ee..1d7f42a9075 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,42 @@ +## 6.0.0 + +### Breaking Changes + +* The C# control flow graph (CFG) implementation has been completely + rewritten. The CFG now includes additional nodes to more accurately represent + certain constructs. This also means that any existing code that implicitly + relies on very specific details about the CFG may need to be updated. + The CFG no longer uses splitting, which means that AST nodes now have a unique + CFG node representation. + Additionally, the following breaking changes have been made: + - `ControlFlow::Node` has been renamed to `ControlFlowNode`. + - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. + - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. + - `BasicBlocks.qll` has been deleted. + - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG + mapping remains one-to-many, but now for a different reason. It used to be + because of splitting, but now it's because of additional "helper" CFG + nodes. To get the (now canonical) CFG node for a given AST node, use + `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or + `ControlFlowElement.getControlFlowNode()` instead. + +### Deprecated APIs + +* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). + +### Major Analysis Improvements + +* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. + +### Minor Analysis Improvements + +* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. +* C# 14: Added support for user-defined compound assignment operators. + ## 5.5.0 ### Deprecated APIs diff --git a/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md b/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md deleted file mode 100644 index f7e68b9b7d7..00000000000 --- a/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 14: Added support for user-defined compound assignment operators. diff --git a/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 6408acc7dae..00000000000 --- a/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). diff --git a/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md b/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md deleted file mode 100644 index 52f3f721e9f..00000000000 --- a/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. diff --git a/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md b/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md deleted file mode 100644 index a4282d0468d..00000000000 --- a/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. diff --git a/csharp/ql/lib/change-notes/2026-04-13-cfg.md b/csharp/ql/lib/change-notes/2026-04-13-cfg.md deleted file mode 100644 index 9c588fbcfa8..00000000000 --- a/csharp/ql/lib/change-notes/2026-04-13-cfg.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -category: breaking ---- -* The C# control flow graph (CFG) implementation has been completely - rewritten. The CFG now includes additional nodes to more accurately represent - certain constructs. This also means that any existing code that implicitly - relies on very specific details about the CFG may need to be updated. - The CFG no longer uses splitting, which means that AST nodes now have a unique - CFG node representation. - Additionally, the following breaking changes have been made: - - `ControlFlow::Node` has been renamed to `ControlFlowNode`. - - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. - - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. - - `BasicBlocks.qll` has been deleted. - - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG - mapping remains one-to-many, but now for a different reason. It used to be - because of splitting, but now it's because of additional "helper" CFG - nodes. To get the (now canonical) CFG node for a given AST node, use - `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or - `ControlFlowElement.getControlFlowNode()` instead. diff --git a/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md b/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md deleted file mode 100644 index 27988f36f2f..00000000000 --- a/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. diff --git a/csharp/ql/lib/change-notes/released/6.0.0.md b/csharp/ql/lib/change-notes/released/6.0.0.md new file mode 100644 index 00000000000..e249567d095 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/6.0.0.md @@ -0,0 +1,38 @@ +## 6.0.0 + +### Breaking Changes + +* The C# control flow graph (CFG) implementation has been completely + rewritten. The CFG now includes additional nodes to more accurately represent + certain constructs. This also means that any existing code that implicitly + relies on very specific details about the CFG may need to be updated. + The CFG no longer uses splitting, which means that AST nodes now have a unique + CFG node representation. + Additionally, the following breaking changes have been made: + - `ControlFlow::Node` has been renamed to `ControlFlowNode`. + - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. + - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. + - `BasicBlocks.qll` has been deleted. + - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG + mapping remains one-to-many, but now for a different reason. It used to be + because of splitting, but now it's because of additional "helper" CFG + nodes. To get the (now canonical) CFG node for a given AST node, use + `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or + `ControlFlowElement.getControlFlowNode()` instead. + +### Deprecated APIs + +* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). + +### Major Analysis Improvements + +* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. + +### Minor Analysis Improvements + +* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. +* C# 14: Added support for user-defined compound assignment operators. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 4b8cf9533c1..f8c4fa43ccb 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.5.0 +lastReleaseVersion: 6.0.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 26e332652cd..0e03db99ca9 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.5.1-dev +version: 6.0.1-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index cdab7134185..32243acfb97 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.2 + +No user-facing changes. + ## 1.7.1 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/1.7.2.md b/csharp/ql/src/change-notes/released/1.7.2.md new file mode 100644 index 00000000000..b950385c16d --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.7.2.md @@ -0,0 +1,3 @@ +## 1.7.2 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 7bdec0d85c7..39bbba86c19 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.1 +lastReleaseVersion: 1.7.2 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 25b04cf2dc6..de201743065 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.2-dev +version: 1.7.3-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a3aa00d4872..a6b6055373a 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.49.md b/go/ql/consistency-queries/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index a82ec95583b..49572c215bb 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.49-dev +version: 1.0.50-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 737d08654b8..5043d924be0 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Go](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-go/). + ## 7.0.6 No user-facing changes. diff --git a/go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/go/ql/lib/change-notes/released/7.1.0.md similarity index 89% rename from go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to go/ql/lib/change-notes/released/7.1.0.md index ee1b51de861..b1f6efbf001 100644 --- a/go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/go/ql/lib/change-notes/released/7.1.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 7.1.0 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Go](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-go/). diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index c7cff8c5378..dcaaa76112a 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.6 +lastReleaseVersion: 7.1.0 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index e191e0da688..16ddb133517 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.0.7-dev +version: 7.1.1-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 971d478d56e..ddda5dc4829 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.6.2.md b/go/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 00000000000..bbe3747556f --- /dev/null +++ b/go/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index ef7a789e0cf..5f5beb68311 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index fa7e934382a..5fdc63fe363 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.2-dev +version: 1.6.3-dev groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2d34c791c92..2187f00c399 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,18 @@ +## 9.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). + +### Minor Analysis Improvements + +* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. +* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. +* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. +* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). +* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. +* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. + ## 9.0.4 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index f8bcbb1fcb2..00000000000 --- a/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). diff --git a/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md b/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md deleted file mode 100644 index 8856d419bce..00000000000 --- a/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. diff --git a/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md b/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md deleted file mode 100644 index 15fc811360b..00000000000 --- a/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). diff --git a/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md b/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md deleted file mode 100644 index 7323ab09737..00000000000 --- a/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. diff --git a/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md b/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md deleted file mode 100644 index b80c0611b6d..00000000000 --- a/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. diff --git a/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md b/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md deleted file mode 100644 index 8c15a346552..00000000000 --- a/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. diff --git a/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md b/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md deleted file mode 100644 index 018ce8d348e..00000000000 --- a/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. diff --git a/java/ql/lib/change-notes/released/9.1.0.md b/java/ql/lib/change-notes/released/9.1.0.md new file mode 100644 index 00000000000..aed1a85e63f --- /dev/null +++ b/java/ql/lib/change-notes/released/9.1.0.md @@ -0,0 +1,14 @@ +## 9.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). + +### Minor Analysis Improvements + +* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. +* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. +* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. +* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). +* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. +* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 4bbe4f75b58..83ec2b42fcd 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.4 +lastReleaseVersion: 9.1.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index d256d2a84c1..e5ebb1d2131 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.0.5-dev +version: 9.1.1-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 1b5d2bdad8a..fd13cbdcf83 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.11.2 + +No user-facing changes. + ## 1.11.1 No user-facing changes. diff --git a/java/ql/src/change-notes/released/1.11.2.md b/java/ql/src/change-notes/released/1.11.2.md new file mode 100644 index 00000000000..93a8b73f6b9 --- /dev/null +++ b/java/ql/src/change-notes/released/1.11.2.md @@ -0,0 +1,3 @@ +## 1.11.2 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 4ae123153bf..3e341cf85d5 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.11.1 +lastReleaseVersion: 1.11.2 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 2f2233460ba..3776af914c2 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.2-dev +version: 1.11.3-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 77837f46c5e..53708faed09 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.7.0 + +### New Features + +* Added support for [`@vercel/node`](https://www.npmjs.com/package/@vercel/node) Vercel serverless functions. Handlers are recognized via the `VercelRequest`/`VercelResponse` TypeScript parameter types, and standard security queries (`js/reflected-xss`, `js/request-forgery`, `js/sql-injection`, `js/command-line-injection`, etc.) now detect vulnerabilities in Vercel API route files. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). + ## 2.6.28 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index d849f4c0c69..00000000000 --- a/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). diff --git a/javascript/ql/lib/change-notes/2026-04-12-vercel-node.md b/javascript/ql/lib/change-notes/released/2.7.0.md similarity index 58% rename from javascript/ql/lib/change-notes/2026-04-12-vercel-node.md rename to javascript/ql/lib/change-notes/released/2.7.0.md index 39802258b02..c6f46c8c0d4 100644 --- a/javascript/ql/lib/change-notes/2026-04-12-vercel-node.md +++ b/javascript/ql/lib/change-notes/released/2.7.0.md @@ -1,4 +1,6 @@ ---- -category: feature ---- +## 2.7.0 + +### New Features + * Added support for [`@vercel/node`](https://www.npmjs.com/package/@vercel/node) Vercel serverless functions. Handlers are recognized via the `VercelRequest`/`VercelResponse` TypeScript parameter types, and standard security queries (`js/reflected-xss`, `js/request-forgery`, `js/sql-injection`, `js/command-line-injection`, etc.) now detect vulnerabilities in Vercel API route files. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2456457874e..6a6c87f537d 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.28 +lastReleaseVersion: 2.7.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index b62abbbe101..623a7f4db2f 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.29-dev +version: 2.7.1-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 9b122364ffa..615c030de52 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.3.9 + +No user-facing changes. + ## 2.3.8 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/released/2.3.9.md b/javascript/ql/src/change-notes/released/2.3.9.md new file mode 100644 index 00000000000..fac422eb6b8 --- /dev/null +++ b/javascript/ql/src/change-notes/released/2.3.9.md @@ -0,0 +1,3 @@ +## 2.3.9 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index c68b70cb8be..079eb5bfb0c 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.3.8 +lastReleaseVersion: 2.3.9 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 9081791d0e0..593c0032466 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.9-dev +version: 2.3.10-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 897533f6450..d6d070a91bb 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.49.md b/misc/suite-helpers/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 778284fbe9a..802112d0fc8 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.49-dev +version: 1.0.50-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 69fa60a6675..8ede35e9bdc 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). + +### Minor Analysis Improvements + +- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. + ## 7.0.5 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 522801a0e46..00000000000 --- a/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). diff --git a/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md b/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md deleted file mode 100644 index d7406d0a606..00000000000 --- a/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. diff --git a/python/ql/lib/change-notes/released/7.1.0.md b/python/ql/lib/change-notes/released/7.1.0.md new file mode 100644 index 00000000000..553b5fe4cee --- /dev/null +++ b/python/ql/lib/change-notes/released/7.1.0.md @@ -0,0 +1,9 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). + +### Minor Analysis Improvements + +- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 2cff21d59fe..dcaaa76112a 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.5 +lastReleaseVersion: 7.1.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 8564a098594..724d270b4e8 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.0.6-dev +version: 7.1.1-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 38018f09856..8676d754d01 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.8.2 + +No user-facing changes. + ## 1.8.1 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/released/1.8.2.md b/python/ql/src/change-notes/released/1.8.2.md new file mode 100644 index 00000000000..12e641fd720 --- /dev/null +++ b/python/ql/src/change-notes/released/1.8.2.md @@ -0,0 +1,3 @@ +## 1.8.2 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 28a7c123ae8..559af8348bb 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.8.1 +lastReleaseVersion: 1.8.2 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 2d99bcd0c7a..0544fddc168 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.2-dev +version: 1.8.3-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 8315b641369..e8dd84283c6 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 5.2.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/). + ## 5.1.16 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/ruby/ql/lib/change-notes/released/5.2.0.md similarity index 89% rename from ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to ruby/ql/lib/change-notes/released/5.2.0.md index da53d584e11..c17c834f18d 100644 --- a/ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/ruby/ql/lib/change-notes/released/5.2.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 5.2.0 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/). diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 735f742e9af..9e57a36a7dc 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.16 +lastReleaseVersion: 5.2.0 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 1ac5090098a..cfdaf454426 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.17-dev +version: 5.2.1-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 5266fc1d5d9..927a40e596d 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.6.2.md b/ruby/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 00000000000..bbe3747556f --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index ef7a789e0cf..5f5beb68311 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 978102bb82a..beaf92c0d8a 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.2-dev +version: 1.6.3-dev groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 8e515660f29..30ae7d73b67 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.2.13 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. + ## 0.2.12 No user-facing changes. diff --git a/rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/rust/ql/lib/change-notes/released/0.2.13.md similarity index 73% rename from rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to rust/ql/lib/change-notes/released/0.2.13.md index 5e97a1533a9..9c390c9ca09 100644 --- a/rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/rust/ql/lib/change-notes/released/0.2.13.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 0.2.13 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index da1cea93393..979eb20092e 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.12 +lastReleaseVersion: 0.2.13 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 7eb159e4b50..47f846eb02b 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.13-dev +version: 0.2.14-dev groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 14034c9877d..4b735337c90 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.34 + +No user-facing changes. + ## 0.1.33 No user-facing changes. diff --git a/rust/ql/src/change-notes/released/0.1.34.md b/rust/ql/src/change-notes/released/0.1.34.md new file mode 100644 index 00000000000..a3a4edb1e1d --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.34.md @@ -0,0 +1,3 @@ +## 0.1.34 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index d9c9e819daa..a1d4333b19b 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.33 +lastReleaseVersion: 0.1.34 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index 7b2bd73728a..ec76e8f1265 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.34-dev +version: 0.1.35-dev groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index e8b920847e9..59942922ea0 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.23 + +No user-facing changes. + ## 0.0.22 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.23.md b/shared/concepts/change-notes/released/0.0.23.md new file mode 100644 index 00000000000..e89a1284bb8 --- /dev/null +++ b/shared/concepts/change-notes/released/0.0.23.md @@ -0,0 +1,3 @@ +## 0.0.23 + +No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index 11aaa2243f5..cc2195603d8 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.22 +lastReleaseVersion: 0.0.23 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index 947826f7dfd..6943387bae2 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.23-dev +version: 0.0.24-dev groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index df00c6146d8..9c6d7c09d17 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.33 + +No user-facing changes. + ## 2.0.32 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.33.md b/shared/controlflow/change-notes/released/2.0.33.md new file mode 100644 index 00000000000..d33a61332cf --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.33.md @@ -0,0 +1,3 @@ +## 2.0.33 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 483a0d5db8e..92e23200b4d 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.33 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index adc4aedc5c3..7fbe2fd4ea9 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.33-dev +version: 2.0.34-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ed60239f3de..9e4ca0a0ea8 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.1.5 + +No user-facing changes. + ## 2.1.4 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.1.5.md b/shared/dataflow/change-notes/released/2.1.5.md new file mode 100644 index 00000000000..7e559ea5dd0 --- /dev/null +++ b/shared/dataflow/change-notes/released/2.1.5.md @@ -0,0 +1,3 @@ +## 2.1.5 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 896b46fda9b..a890ff0111c 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.4 +lastReleaseVersion: 2.1.5 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index a18b746e4b4..34336f4c322 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.5-dev +version: 2.1.6-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index ff868403d0c..5d5551d10a3 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.49.md b/shared/mad/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index dd5fcf54034..5631fbf1a73 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index eccc65c6041..be06e2108a8 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.27 + +No user-facing changes. + ## 0.0.26 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.27.md b/shared/quantum/change-notes/released/0.0.27.md new file mode 100644 index 00000000000..ff6e274427b --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.27.md @@ -0,0 +1,3 @@ +## 0.0.27 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index c576d2d7db2..dbab90d6989 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.26 +lastReleaseVersion: 0.0.27 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index c4e5d41dfaa..794f238b6e9 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.27-dev +version: 0.0.28-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 9afb612f18a..8b457ef5927 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.49.md b/shared/rangeanalysis/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index ed3b4a66239..e43819bf36e 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 2375b7b56ab..639cede00af 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.49.md b/shared/regex/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 3d569c7d429..242382c6a1f 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index dd21ba6d38b..9cfbb004657 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.25 + +No user-facing changes. + ## 2.0.24 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.25.md b/shared/ssa/change-notes/released/2.0.25.md new file mode 100644 index 00000000000..ca39dd50c69 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.25.md @@ -0,0 +1,3 @@ +## 2.0.25 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 1460df314d5..f54d8620118 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.24 +lastReleaseVersion: 2.0.25 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index c1fd261e070..9e510c43dd0 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.25-dev +version: 2.0.26-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a3aa00d4872..a6b6055373a 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.49.md b/shared/threat-models/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 59ce8c06727..14e33e435d1 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.49-dev +version: 1.0.50-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 9350e8a04eb..5fcacc0b8b5 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.49.md b/shared/tutorial/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 36b8181e0bf..10b77ca0438 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 035c2aa456e..fbfdb431161 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.49.md b/shared/typeflow/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 0734b2b722e..9301be5228f 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index c8b656e4f35..1652285654a 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.30 + +No user-facing changes. + ## 0.0.29 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.30.md b/shared/typeinference/change-notes/released/0.0.30.md new file mode 100644 index 00000000000..10c7a0c5c13 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.30.md @@ -0,0 +1,3 @@ +## 0.0.30 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index c81f1813120..0c61b463bab 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.29 +lastReleaseVersion: 0.0.30 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 2bf5c49d97e..1db3c0e95ac 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.30-dev +version: 0.0.31-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 75d8938e6a1..ecdded5ceda 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.33 + +No user-facing changes. + ## 2.0.32 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.33.md b/shared/typetracking/change-notes/released/2.0.33.md new file mode 100644 index 00000000000..d33a61332cf --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.33.md @@ -0,0 +1,3 @@ +## 2.0.33 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 483a0d5db8e..92e23200b4d 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.33 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fe35cf5955b..436b35815f0 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.33-dev +version: 2.0.34-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 35825098a63..617fa5638b4 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.49.md b/shared/typos/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index a8c85168f20..4057cfb5784 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index d1becc8ba2c..51488029e96 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.36 + +No user-facing changes. + ## 2.0.35 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.36.md b/shared/util/change-notes/released/2.0.36.md new file mode 100644 index 00000000000..8acdd12366e --- /dev/null +++ b/shared/util/change-notes/released/2.0.36.md @@ -0,0 +1,3 @@ +## 2.0.36 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 27eb8ef8ece..7e4aaa0dd67 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.35 +lastReleaseVersion: 2.0.36 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 99f8c5374dc..cff240056a4 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.36-dev +version: 2.0.37-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 131bf7afd2a..9f60f66ff72 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.49.md b/shared/xml/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 2c44df63e7e..748ac73e0f8 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 1c420b31355..a13e3308874 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.49.md b/shared/yaml/change-notes/released/1.0.49.md new file mode 100644 index 00000000000..df67fb8cc76 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 6db79f2c397..596617977df 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 6778ee5a156..54d582bb9fa 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e2cb45f9769..e7979dbf0ed 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 6.5.0 + +### New Features + +* The `BuiltinFixedArrayType` class now defines the predicates `getSize` and `getElementType`, which yield the size of the array and the type of elements stored in the array, respectively. + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3.1. + ## 6.4.0 ### Major Analysis Improvements diff --git a/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md b/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md deleted file mode 100644 index acc4bc73861..00000000000 --- a/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Upgraded to allow analysis of Swift 6.3.1. diff --git a/swift/ql/lib/change-notes/2026-04-17-fixed-array.md b/swift/ql/lib/change-notes/released/6.5.0.md similarity index 63% rename from swift/ql/lib/change-notes/2026-04-17-fixed-array.md rename to swift/ql/lib/change-notes/released/6.5.0.md index 3fd91627544..5b390d1bfd4 100644 --- a/swift/ql/lib/change-notes/2026-04-17-fixed-array.md +++ b/swift/ql/lib/change-notes/released/6.5.0.md @@ -1,4 +1,9 @@ ---- -category: feature ---- +## 6.5.0 + +### New Features + * The `BuiltinFixedArrayType` class now defines the predicates `getSize` and `getElementType`, which yield the size of the array and the type of elements stored in the array, respectively. + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3.1. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 3098c5db6c3..2813c8e210f 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.4.0 +lastReleaseVersion: 6.5.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 595a2804df5..921af77ca70 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.4.1-dev +version: 6.5.1-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index af70cebc1e4..f7b81101037 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.2 + +No user-facing changes. + ## 1.3.1 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.3.2.md b/swift/ql/src/change-notes/released/1.3.2.md new file mode 100644 index 00000000000..14f14807ef5 --- /dev/null +++ b/swift/ql/src/change-notes/released/1.3.2.md @@ -0,0 +1,3 @@ +## 1.3.2 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index e71b6d081f1..86a9cb32d86 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.1 +lastReleaseVersion: 1.3.2 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 6b4dc1f65e5..5354c5ee4d5 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.2-dev +version: 1.3.3-dev groups: - swift - queries