From fa850cccb1397569c74f51a84e062e093f465557 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 3 Mar 2025 17:13:19 +0000 Subject: [PATCH] Release preparation for version 2.20.6 --- actions/ql/lib/CHANGELOG.md | 4 ++++ actions/ql/lib/change-notes/released/0.4.4.md | 3 +++ actions/ql/lib/codeql-pack.release.yml | 2 +- actions/ql/lib/qlpack.yml | 2 +- actions/ql/src/CHANGELOG.md | 9 +++++++++ .../0.5.1.md} | 7 ++++--- actions/ql/src/codeql-pack.release.yml | 2 +- actions/ql/src/qlpack.yml | 2 +- cpp/ql/lib/CHANGELOG.md | 7 +++++++ .../lib/change-notes/2025-02-20-getbuffersize.md | 4 ---- .../lib/change-notes/2025-02-25-getbuffersize.md | 4 ---- cpp/ql/lib/change-notes/released/4.0.2.md | 6 ++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 7 +++++++ .../change-notes/2025-02-20-overflow-buffer.md | 4 ---- .../2025-02-27-static-buffer-overflow.md | 4 ---- cpp/ql/src/change-notes/released/1.3.5.md | 6 ++++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../lib/change-notes/released/1.7.35.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../src/change-notes/released/1.7.35.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 4 ++++ csharp/ql/lib/change-notes/released/5.1.1.md | 3 +++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ++++++ .../1.0.18.md} | 7 ++++--- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.18.md | 3 +++ .../consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 16 ++++++++++++++++ .../change-notes/2025-01-14-mongodb-models.md | 5 ----- .../2025-02-25-go-database-rqlite-sources.md | 4 ---- .../2025-02-26-location-info-changed.md | 4 ---- .../change-notes/2025-02-27-go-version-1-24.md | 4 ---- .../2025-02-27-haslocationinfo-deprecated.md | 4 ---- go/ql/lib/change-notes/released/4.2.0.md | 15 +++++++++++++++ go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/1.1.9.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 10 ++++++++++ java/ql/lib/change-notes/2025-02-27-jdk-24.md | 4 ---- .../7.1.0.md} | 11 ++++++++--- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 6 ++++++ .../1.3.0.md} | 7 ++++--- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 12 ++++++++++++ .../change-notes/2025-02-12-express-download.md | 4 ---- .../2.5.0.md} | 11 ++++++++--- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 10 ++++++++++ .../2025-02-18-no-implicit-array-taint.md | 5 ----- .../1.5.0.md} | 9 ++++++--- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.18.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 4 ++++ python/ql/lib/change-notes/released/4.0.2.md | 3 +++ python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 4 ++++ python/ql/src/change-notes/released/1.4.4.md | 3 +++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ++++ ruby/ql/lib/change-notes/released/4.1.1.md | 3 +++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++++ ruby/ql/src/change-notes/released/1.1.13.md | 3 +++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- rust/ql/lib/CHANGELOG.md | 4 ++++ rust/ql/lib/change-notes/released/0.1.3.md | 3 +++ rust/ql/lib/codeql-pack.release.yml | 2 +- rust/ql/lib/qlpack.yml | 2 +- rust/ql/src/CHANGELOG.md | 4 ++++ rust/ql/src/change-notes/released/0.1.3.md | 3 +++ rust/ql/src/codeql-pack.release.yml | 2 +- rust/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ .../controlflow/change-notes/released/2.0.2.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ shared/dataflow/change-notes/released/2.0.2.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/1.0.18.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.18.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/1.0.18.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/1.0.18.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.18.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ shared/tutorial/change-notes/released/1.0.18.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ++++ shared/typeflow/change-notes/released/1.0.18.md | 3 +++ shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../typetracking/change-notes/released/2.0.2.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/1.0.18.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/2.0.5.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ++++ shared/xml/change-notes/released/1.0.18.md | 3 +++ shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/1.0.18.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 4 ++++ swift/ql/lib/change-notes/released/4.1.1.md | 3 +++ swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/1.0.18.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 164 files changed, 423 insertions(+), 144 deletions(-) create mode 100644 actions/ql/lib/change-notes/released/0.4.4.md rename actions/ql/src/change-notes/{2025-02-27-immutable-actions-list.md => released/0.5.1.md} (93%) delete mode 100644 cpp/ql/lib/change-notes/2025-02-20-getbuffersize.md delete mode 100644 cpp/ql/lib/change-notes/2025-02-25-getbuffersize.md create mode 100644 cpp/ql/lib/change-notes/released/4.0.2.md delete mode 100644 cpp/ql/src/change-notes/2025-02-20-overflow-buffer.md delete mode 100644 cpp/ql/src/change-notes/2025-02-27-static-buffer-overflow.md create mode 100644 cpp/ql/src/change-notes/released/1.3.5.md create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.35.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.35.md create mode 100644 csharp/ql/lib/change-notes/released/5.1.1.md rename csharp/ql/src/change-notes/{2025-02-24-object-tostring.md => released/1.0.18.md} (65%) create mode 100644 go/ql/consistency-queries/change-notes/released/1.0.18.md delete mode 100644 go/ql/lib/change-notes/2025-01-14-mongodb-models.md delete mode 100644 go/ql/lib/change-notes/2025-02-25-go-database-rqlite-sources.md delete mode 100644 go/ql/lib/change-notes/2025-02-26-location-info-changed.md delete mode 100644 go/ql/lib/change-notes/2025-02-27-go-version-1-24.md delete mode 100644 go/ql/lib/change-notes/2025-02-27-haslocationinfo-deprecated.md create mode 100644 go/ql/lib/change-notes/released/4.2.0.md create mode 100644 go/ql/src/change-notes/released/1.1.9.md delete mode 100644 java/ql/lib/change-notes/2025-02-27-jdk-24.md rename java/ql/lib/change-notes/{2025-01-16-file-constructor-sanitizer.md => released/7.1.0.md} (55%) rename java/ql/src/change-notes/{2025-01-28-fix-xss-content-type-safe.md => released/1.3.0.md} (81%) delete mode 100644 javascript/ql/lib/change-notes/2025-02-12-express-download.md rename javascript/ql/lib/change-notes/{2025-02-21-tanstack.md => released/2.5.0.md} (72%) delete mode 100644 javascript/ql/src/change-notes/2025-02-18-no-implicit-array-taint.md rename javascript/ql/src/change-notes/{2025-02-17-downward-calls.md => released/1.5.0.md} (55%) create mode 100644 misc/suite-helpers/change-notes/released/1.0.18.md create mode 100644 python/ql/lib/change-notes/released/4.0.2.md create mode 100644 python/ql/src/change-notes/released/1.4.4.md create mode 100644 ruby/ql/lib/change-notes/released/4.1.1.md create mode 100644 ruby/ql/src/change-notes/released/1.1.13.md create mode 100644 rust/ql/lib/change-notes/released/0.1.3.md create mode 100644 rust/ql/src/change-notes/released/0.1.3.md create mode 100644 shared/controlflow/change-notes/released/2.0.2.md create mode 100644 shared/dataflow/change-notes/released/2.0.2.md create mode 100644 shared/mad/change-notes/released/1.0.18.md create mode 100644 shared/rangeanalysis/change-notes/released/1.0.18.md create mode 100644 shared/regex/change-notes/released/1.0.18.md create mode 100644 shared/ssa/change-notes/released/1.0.18.md create mode 100644 shared/threat-models/change-notes/released/1.0.18.md create mode 100644 shared/tutorial/change-notes/released/1.0.18.md create mode 100644 shared/typeflow/change-notes/released/1.0.18.md create mode 100644 shared/typetracking/change-notes/released/2.0.2.md create mode 100644 shared/typos/change-notes/released/1.0.18.md create mode 100644 shared/util/change-notes/released/2.0.5.md create mode 100644 shared/xml/change-notes/released/1.0.18.md create mode 100644 shared/yaml/change-notes/released/1.0.18.md create mode 100644 swift/ql/lib/change-notes/released/4.1.1.md create mode 100644 swift/ql/src/change-notes/released/1.0.18.md diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index c5829269bf4..a6e7b2800c1 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.4 + +No user-facing changes. + ## 0.4.3 ### New Features diff --git a/actions/ql/lib/change-notes/released/0.4.4.md b/actions/ql/lib/change-notes/released/0.4.4.md new file mode 100644 index 00000000000..33e1c91255d --- /dev/null +++ b/actions/ql/lib/change-notes/released/0.4.4.md @@ -0,0 +1,3 @@ +## 0.4.4 + +No user-facing changes. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 1ec9c4ea5d9..e9b57993a01 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.3 +lastReleaseVersion: 0.4.4 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 2a5ca8a5fff..06653506dbe 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.4-dev +version: 0.4.4 library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 58690da3f48..d428e463dbd 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.5.1 + +### Bug Fixes + +* The `actions/unversioned-immutable-action` query will no longer report any alerts, since the + Immutable Actions feature is not yet available for customer use. The query remains in the + default Code Scanning suites for use internal to GitHub. Once the Immutable Actions feature is + available, the query will be updated to report alerts again. + ## 0.5.0 ### Breaking Changes diff --git a/actions/ql/src/change-notes/2025-02-27-immutable-actions-list.md b/actions/ql/src/change-notes/released/0.5.1.md similarity index 93% rename from actions/ql/src/change-notes/2025-02-27-immutable-actions-list.md rename to actions/ql/src/change-notes/released/0.5.1.md index ea195c4b149..b6b4341bae6 100644 --- a/actions/ql/src/change-notes/2025-02-27-immutable-actions-list.md +++ b/actions/ql/src/change-notes/released/0.5.1.md @@ -1,6 +1,7 @@ ---- -category: fix ---- +## 0.5.1 + +### Bug Fixes + * The `actions/unversioned-immutable-action` query will no longer report any alerts, since the Immutable Actions feature is not yet available for customer use. The query remains in the default Code Scanning suites for use internal to GitHub. Once the Immutable Actions feature is diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index 30e271c5361..0bf7024c337 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.0 +lastReleaseVersion: 0.5.1 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index 7777783bfad..635f0f7757c 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.5.1-dev +version: 0.5.1 library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index ad800292195..881d2d43ebb 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 4.0.2 + +### Minor Analysis Improvements + +* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class. +* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer. + ## 4.0.1 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2025-02-20-getbuffersize.md b/cpp/ql/lib/change-notes/2025-02-20-getbuffersize.md deleted file mode 100644 index 07646d96ddd..00000000000 --- a/cpp/ql/lib/change-notes/2025-02-20-getbuffersize.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer. diff --git a/cpp/ql/lib/change-notes/2025-02-25-getbuffersize.md b/cpp/ql/lib/change-notes/2025-02-25-getbuffersize.md deleted file mode 100644 index cbc7e86d8d2..00000000000 --- a/cpp/ql/lib/change-notes/2025-02-25-getbuffersize.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class. diff --git a/cpp/ql/lib/change-notes/released/4.0.2.md b/cpp/ql/lib/change-notes/released/4.0.2.md new file mode 100644 index 00000000000..6b6426c44b0 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/4.0.2.md @@ -0,0 +1,6 @@ +## 4.0.2 + +### Minor Analysis Improvements + +* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class. +* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index c0db4dcc0b3..765f0717719 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.1 +lastReleaseVersion: 4.0.2 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 6d862ce68cf..6101bb53f2a 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 4.0.2-dev +version: 4.0.2 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 21e9b2b6119..51d3b99bc30 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 1.3.5 + +### Minor Analysis Improvements + +* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation. +* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues. + ## 1.3.4 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2025-02-20-overflow-buffer.md b/cpp/ql/src/change-notes/2025-02-20-overflow-buffer.md deleted file mode 100644 index 11e9b1ac48b..00000000000 --- a/cpp/ql/src/change-notes/2025-02-20-overflow-buffer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues. diff --git a/cpp/ql/src/change-notes/2025-02-27-static-buffer-overflow.md b/cpp/ql/src/change-notes/2025-02-27-static-buffer-overflow.md deleted file mode 100644 index 91e893c5ee9..00000000000 --- a/cpp/ql/src/change-notes/2025-02-27-static-buffer-overflow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation. diff --git a/cpp/ql/src/change-notes/released/1.3.5.md b/cpp/ql/src/change-notes/released/1.3.5.md new file mode 100644 index 00000000000..e1d739d833c --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.3.5.md @@ -0,0 +1,6 @@ +## 1.3.5 + +### Minor Analysis Improvements + +* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation. +* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 8263ddf2c8b..1e1845ea66d 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.4 +lastReleaseVersion: 1.3.5 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index bcd94838675..a5230a3a43a 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.3.5-dev +version: 1.3.5 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 938e64917e4..87b217c4d89 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.35 + +No user-facing changes. + ## 1.7.34 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.35.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.35.md new file mode 100644 index 00000000000..e19c5d91916 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.35.md @@ -0,0 +1,3 @@ +## 1.7.35 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 8b738878b2f..9c3f883d91f 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.34 +lastReleaseVersion: 1.7.35 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index fc9b5c3bdbe..fc638b0caee 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.35-dev +version: 1.7.35 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 938e64917e4..87b217c4d89 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.35 + +No user-facing changes. + ## 1.7.34 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.35.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.35.md new file mode 100644 index 00000000000..e19c5d91916 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.35.md @@ -0,0 +1,3 @@ +## 1.7.35 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 8b738878b2f..9c3f883d91f 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.34 +lastReleaseVersion: 1.7.35 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 37b99a5d69d..24a867d8bba 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.35-dev +version: 1.7.35 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 2b00693f0cd..e701e5900f9 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 5.1.1 + +No user-facing changes. + ## 5.1.0 ### Deprecated APIs diff --git a/csharp/ql/lib/change-notes/released/5.1.1.md b/csharp/ql/lib/change-notes/released/5.1.1.md new file mode 100644 index 00000000000..28b0060cedc --- /dev/null +++ b/csharp/ql/lib/change-notes/released/5.1.1.md @@ -0,0 +1,3 @@ +## 5.1.1 + +No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index dd8d287d010..dcb83eca6a3 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.0 +lastReleaseVersion: 5.1.1 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index bfa839cde60..09634ae6532 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.1.1-dev +version: 5.1.1 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 3818028925a..264193f3cb2 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.0.18 + +### Minor Analysis Improvements + +* C#: Improve precision of the query `cs/call-to-object-tostring` for value tuples. + ## 1.0.17 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2025-02-24-object-tostring.md b/csharp/ql/src/change-notes/released/1.0.18.md similarity index 65% rename from csharp/ql/src/change-notes/2025-02-24-object-tostring.md rename to csharp/ql/src/change-notes/released/1.0.18.md index 9dff09fb07a..2c9381270c7 100644 --- a/csharp/ql/src/change-notes/2025-02-24-object-tostring.md +++ b/csharp/ql/src/change-notes/released/1.0.18.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.0.18 + +### Minor Analysis Improvements + * C#: Improve precision of the query `cs/call-to-object-tostring` for value tuples. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 846fa2dd51a..92c49e6048c 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.18-dev +version: 1.0.18 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 99c47f43d52..f2362fbbc75 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.18.md b/go/ql/consistency-queries/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index b88dbb62067..d73142df81b 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.18-dev +version: 1.0.18 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index eef7a13d9a9..735bde5c87c 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,19 @@ +## 4.2.0 + +### Deprecated APIs + +* The member predicate `hasLocationInfo` has been deprecated on the following classes: `BasicBlock`, `Callable`, `Content`, `ContentSet`, `ControlFlow::Node`, `DataFlowCallable`, `DataFlow::Node`, `Entity`, `GVN`, `HtmlTemplate::TemplateStmt`, `IR:WriteTarget`, `SourceSinkInterpretationInput::SourceOrSinkElement`, `SourceSinkInterpretationInput::InterpretNode`, `SsaVariable`, `SsaDefinition`, `SsaWithFields`, `StringOps::ConcatenationElement`, `Type`, and `VariableWithFields`. Use `getLocation()` instead. + +### Major Analysis Improvements + +* Go 1.24 is now supported. This includes the new language feature of generic type aliases. + +### Minor Analysis Improvements + +* The location info for the following classes has been changed slightly to match a location that is in the database: `BasicBlock`, `ControlFlow::EntryNode`, `ControlFlow::ExitNode`, `ControlFlow::ConditionGuardNode`, `IR::ImplicitLiteralElementIndexInstruction`, `IR::EvalImplicitTrueInstruction`, `SsaImplicitDefinition`, `SsaPhiNode`. +* Added `database` source models for the `github.com/rqlite/gorqlite` package. +* Added `database` source models for database methods from the `go.mongodb.org/mongo-driver/mongo` package. + ## 4.1.0 ### Deprecated APIs diff --git a/go/ql/lib/change-notes/2025-01-14-mongodb-models.md b/go/ql/lib/change-notes/2025-01-14-mongodb-models.md deleted file mode 100644 index 22b22d0b856..00000000000 --- a/go/ql/lib/change-notes/2025-01-14-mongodb-models.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `database` source models for database methods from the `go.mongodb.org/mongo-driver/mongo` package. - diff --git a/go/ql/lib/change-notes/2025-02-25-go-database-rqlite-sources.md b/go/ql/lib/change-notes/2025-02-25-go-database-rqlite-sources.md deleted file mode 100644 index d767137a00f..00000000000 --- a/go/ql/lib/change-notes/2025-02-25-go-database-rqlite-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `database` source models for the `github.com/rqlite/gorqlite` package. diff --git a/go/ql/lib/change-notes/2025-02-26-location-info-changed.md b/go/ql/lib/change-notes/2025-02-26-location-info-changed.md deleted file mode 100644 index e644eafc672..00000000000 --- a/go/ql/lib/change-notes/2025-02-26-location-info-changed.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The location info for the following classes has been changed slightly to match a location that is in the database: `BasicBlock`, `ControlFlow::EntryNode`, `ControlFlow::ExitNode`, `ControlFlow::ConditionGuardNode`, `IR::ImplicitLiteralElementIndexInstruction`, `IR::EvalImplicitTrueInstruction`, `SsaImplicitDefinition`, `SsaPhiNode`. diff --git a/go/ql/lib/change-notes/2025-02-27-go-version-1-24.md b/go/ql/lib/change-notes/2025-02-27-go-version-1-24.md deleted file mode 100644 index f2fbf69699b..00000000000 --- a/go/ql/lib/change-notes/2025-02-27-go-version-1-24.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Go 1.24 is now supported. This includes the new language feature of generic type aliases. diff --git a/go/ql/lib/change-notes/2025-02-27-haslocationinfo-deprecated.md b/go/ql/lib/change-notes/2025-02-27-haslocationinfo-deprecated.md deleted file mode 100644 index b51793a215d..00000000000 --- a/go/ql/lib/change-notes/2025-02-27-haslocationinfo-deprecated.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The member predicate `hasLocationInfo` has been deprecated on the following classes: `BasicBlock`, `Callable`, `Content`, `ContentSet`, `ControlFlow::Node`, `DataFlowCallable`, `DataFlow::Node`, `Entity`, `GVN`, `HtmlTemplate::TemplateStmt`, `IR:WriteTarget`, `SourceSinkInterpretationInput::SourceOrSinkElement`, `SourceSinkInterpretationInput::InterpretNode`, `SsaVariable`, `SsaDefinition`, `SsaWithFields`, `StringOps::ConcatenationElement`, `Type`, and `VariableWithFields`. Use `getLocation()` instead. diff --git a/go/ql/lib/change-notes/released/4.2.0.md b/go/ql/lib/change-notes/released/4.2.0.md new file mode 100644 index 00000000000..771e8733053 --- /dev/null +++ b/go/ql/lib/change-notes/released/4.2.0.md @@ -0,0 +1,15 @@ +## 4.2.0 + +### Deprecated APIs + +* The member predicate `hasLocationInfo` has been deprecated on the following classes: `BasicBlock`, `Callable`, `Content`, `ContentSet`, `ControlFlow::Node`, `DataFlowCallable`, `DataFlow::Node`, `Entity`, `GVN`, `HtmlTemplate::TemplateStmt`, `IR:WriteTarget`, `SourceSinkInterpretationInput::SourceOrSinkElement`, `SourceSinkInterpretationInput::InterpretNode`, `SsaVariable`, `SsaDefinition`, `SsaWithFields`, `StringOps::ConcatenationElement`, `Type`, and `VariableWithFields`. Use `getLocation()` instead. + +### Major Analysis Improvements + +* Go 1.24 is now supported. This includes the new language feature of generic type aliases. + +### Minor Analysis Improvements + +* The location info for the following classes has been changed slightly to match a location that is in the database: `BasicBlock`, `ControlFlow::EntryNode`, `ControlFlow::ExitNode`, `ControlFlow::ConditionGuardNode`, `IR::ImplicitLiteralElementIndexInstruction`, `IR::EvalImplicitTrueInstruction`, `SsaImplicitDefinition`, `SsaPhiNode`. +* Added `database` source models for the `github.com/rqlite/gorqlite` package. +* Added `database` source models for database methods from the `go.mongodb.org/mongo-driver/mongo` package. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index d5b1bf88d10..9fc6933b429 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.1.0 +lastReleaseVersion: 4.2.0 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index ccd136c1c7e..b64f14c64af 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 4.1.1-dev +version: 4.2.0 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index acb065e05a3..f282e5279c3 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.9 + +No user-facing changes. + ## 1.1.8 ### Minor Analysis Improvements diff --git a/go/ql/src/change-notes/released/1.1.9.md b/go/ql/src/change-notes/released/1.1.9.md new file mode 100644 index 00000000000..f9d367d4248 --- /dev/null +++ b/go/ql/src/change-notes/released/1.1.9.md @@ -0,0 +1,3 @@ +## 1.1.9 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 64972659c42..6f4795f3ea0 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.8 +lastReleaseVersion: 1.1.9 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 553c830e891..c3d52f5f4cf 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.1.9-dev +version: 1.1.9 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index b7ef02c4149..8cdf8cef66b 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 7.1.0 + +### New Features + +* The Java extractor and QL libraries now support Java 24. + +### Minor Analysis Improvements + +* Added a path injection sanitizer for the `child` argument of a `java.io.File` constructor if that argument does not contain path traversal sequences. + ## 7.0.1 No user-facing changes. diff --git a/java/ql/lib/change-notes/2025-02-27-jdk-24.md b/java/ql/lib/change-notes/2025-02-27-jdk-24.md deleted file mode 100644 index fe718c82fff..00000000000 --- a/java/ql/lib/change-notes/2025-02-27-jdk-24.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The Java extractor and QL libraries now support Java 24. diff --git a/java/ql/lib/change-notes/2025-01-16-file-constructor-sanitizer.md b/java/ql/lib/change-notes/released/7.1.0.md similarity index 55% rename from java/ql/lib/change-notes/2025-01-16-file-constructor-sanitizer.md rename to java/ql/lib/change-notes/released/7.1.0.md index 8296f447e24..f7fd261f00e 100644 --- a/java/ql/lib/change-notes/2025-01-16-file-constructor-sanitizer.md +++ b/java/ql/lib/change-notes/released/7.1.0.md @@ -1,4 +1,9 @@ ---- -category: minorAnalysis ---- +## 7.1.0 + +### New Features + +* The Java extractor and QL libraries now support Java 24. + +### Minor Analysis Improvements + * Added a path injection sanitizer for the `child` argument of a `java.io.File` constructor if that argument does not contain path traversal sequences. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index a18747dd3a7..dcaaa76112a 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.1 +lastReleaseVersion: 7.1.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index d0085155128..21b5554634e 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 7.0.2-dev +version: 7.1.0 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index b687bb0f6d9..1647e891541 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.3.0 + +### Major Analysis Improvements + +* Fixed false positive alerts in the java query "Cross-site scripting" (`java/xss`) when `javax.servlet.http.HttpServletResponse` is used with a content type which is not exploitable. + ## 1.2.0 ### New Queries diff --git a/java/ql/src/change-notes/2025-01-28-fix-xss-content-type-safe.md b/java/ql/src/change-notes/released/1.3.0.md similarity index 81% rename from java/ql/src/change-notes/2025-01-28-fix-xss-content-type-safe.md rename to java/ql/src/change-notes/released/1.3.0.md index 4e5692375b2..d3b2a547794 100644 --- a/java/ql/src/change-notes/2025-01-28-fix-xss-content-type-safe.md +++ b/java/ql/src/change-notes/released/1.3.0.md @@ -1,4 +1,5 @@ ---- -category: majorAnalysis ---- +## 1.3.0 + +### Major Analysis Improvements + * Fixed false positive alerts in the java query "Cross-site scripting" (`java/xss`) when `javax.servlet.http.HttpServletResponse` is used with a content type which is not exploitable. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 75430e73d1c..ec16350ed6f 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.0 +lastReleaseVersion: 1.3.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index babf946af10..1811fa0cde5 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.2.1-dev +version: 1.3.0 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 75fc3bec6dc..06113b87471 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,15 @@ +## 2.5.0 + +### Major Analysis Improvements + +--- +* Added support for the `response` threat model kind, which can enabled with [advanced setup](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models). When enabled, the response data coming back from an outgoing HTTP request is considered a source of taint. +* Added support for the `useQuery` hook from `@tanstack/react-query`. + +### Minor Analysis Improvements + +* The `response.download()` function in `express` is now recognized as a sink for path traversal attacks. + ## 2.4.1 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/2025-02-12-express-download.md b/javascript/ql/lib/change-notes/2025-02-12-express-download.md deleted file mode 100644 index 7d9cf337234..00000000000 --- a/javascript/ql/lib/change-notes/2025-02-12-express-download.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `response.download()` function in `express` is now recognized as a sink for path traversal attacks. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/2025-02-21-tanstack.md b/javascript/ql/lib/change-notes/released/2.5.0.md similarity index 72% rename from javascript/ql/lib/change-notes/2025-02-21-tanstack.md rename to javascript/ql/lib/change-notes/released/2.5.0.md index 49169ddc943..838e1209d2d 100644 --- a/javascript/ql/lib/change-notes/2025-02-21-tanstack.md +++ b/javascript/ql/lib/change-notes/released/2.5.0.md @@ -1,6 +1,11 @@ ---- -category: majorAnalysis ---- +## 2.5.0 + +### Major Analysis Improvements + --- * Added support for the `response` threat model kind, which can enabled with [advanced setup](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models). When enabled, the response data coming back from an outgoing HTTP request is considered a source of taint. * Added support for the `useQuery` hook from `@tanstack/react-query`. + +### Minor Analysis Improvements + +* The `response.download()` function in `express` is now recognized as a sink for path traversal attacks. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index eead7b212da..a1e889c054a 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.4.1 +lastReleaseVersion: 2.5.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index f5f46e45737..fa961735ca8 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.4.2-dev +version: 2.5.0 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 49d57f50ba9..ea026707d51 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 1.5.0 + +### Major Analysis Improvements + +* Improved precision of data flow through arrays, fixing some spurious flows + that would sometimes cause the `length` property of an array to be seen as tainted. +* Improved call resolution logic to better handle calls resolving "downwards", targeting + a method declared in a subclass of the enclosing class. Data flow analysis + has also improved to avoid spurious flow between unrelated classes in the class hierarchy. + ## 1.4.1 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/2025-02-18-no-implicit-array-taint.md b/javascript/ql/src/change-notes/2025-02-18-no-implicit-array-taint.md deleted file mode 100644 index 444ffb30905..00000000000 --- a/javascript/ql/src/change-notes/2025-02-18-no-implicit-array-taint.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: majorAnalysis ---- -* Improved precision of data flow through arrays, fixing some spurious flows - that would sometimes cause the `length` property of an array to be seen as tainted. diff --git a/javascript/ql/src/change-notes/2025-02-17-downward-calls.md b/javascript/ql/src/change-notes/released/1.5.0.md similarity index 55% rename from javascript/ql/src/change-notes/2025-02-17-downward-calls.md rename to javascript/ql/src/change-notes/released/1.5.0.md index 84bde9dbde8..4358a755f53 100644 --- a/javascript/ql/src/change-notes/2025-02-17-downward-calls.md +++ b/javascript/ql/src/change-notes/released/1.5.0.md @@ -1,6 +1,9 @@ ---- -category: majorAnalysis ---- +## 1.5.0 + +### Major Analysis Improvements + +* Improved precision of data flow through arrays, fixing some spurious flows + that would sometimes cause the `length` property of an array to be seen as tainted. * Improved call resolution logic to better handle calls resolving "downwards", targeting a method declared in a subclass of the enclosing class. Data flow analysis has also improved to avoid spurious flow between unrelated classes in the class hierarchy. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 43ccf4467be..639f80c4341 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.1 +lastReleaseVersion: 1.5.0 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index cab60e2c47b..7b814c84a51 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.4.2-dev +version: 1.5.0 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 9bc6498316c..42ffd7377f4 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.18.md b/misc/suite-helpers/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 5cfea663b2b..346f88ce356 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.18-dev +version: 1.0.18 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 17c118e7039..3fa7cb8f329 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.0.2 + +No user-facing changes. + ## 4.0.1 ### Bug Fixes diff --git a/python/ql/lib/change-notes/released/4.0.2.md b/python/ql/lib/change-notes/released/4.0.2.md new file mode 100644 index 00000000000..448e4f852b3 --- /dev/null +++ b/python/ql/lib/change-notes/released/4.0.2.md @@ -0,0 +1,3 @@ +## 4.0.2 + +No user-facing changes. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index c0db4dcc0b3..765f0717719 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.1 +lastReleaseVersion: 4.0.2 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 3e2b578bc4e..955c51e3017 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 4.0.2-dev +version: 4.0.2 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 51366c4c90e..c28f8e68fc1 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.4.4 + +No user-facing changes. + ## 1.4.3 No user-facing changes. diff --git a/python/ql/src/change-notes/released/1.4.4.md b/python/ql/src/change-notes/released/1.4.4.md new file mode 100644 index 00000000000..cb7dd204b9c --- /dev/null +++ b/python/ql/src/change-notes/released/1.4.4.md @@ -0,0 +1,3 @@ +## 1.4.4 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 08f88b689fb..1dfca6daa3b 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.3 +lastReleaseVersion: 1.4.4 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 9de5652f766..2d59cf08976 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.4.4-dev +version: 1.4.4 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index d7818abe71e..ef93e6fa0c8 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.1.1 + +No user-facing changes. + ## 4.1.0 ### Deprecated APIs diff --git a/ruby/ql/lib/change-notes/released/4.1.1.md b/ruby/ql/lib/change-notes/released/4.1.1.md new file mode 100644 index 00000000000..23583cbad73 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/4.1.1.md @@ -0,0 +1,3 @@ +## 4.1.1 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index d5b1bf88d10..9c871cefc42 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.1.0 +lastReleaseVersion: 4.1.1 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 3f8aa19c7fe..654731c8d10 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 4.1.1-dev +version: 4.1.1 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 2c7cdc596b2..b8ccb69f8f9 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.13 + +No user-facing changes. + ## 1.1.12 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.1.13.md b/ruby/ql/src/change-notes/released/1.1.13.md new file mode 100644 index 00000000000..ef6635cd9bc --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.1.13.md @@ -0,0 +1,3 @@ +## 1.1.13 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index f5b135d0193..09a80be68d1 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.12 +lastReleaseVersion: 1.1.13 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 0c869afeb60..32a4630c6a1 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.1.13-dev +version: 1.1.13 groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index ea8b30ac3fe..4c7b7dd6878 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.3 + +No user-facing changes. + ## 0.1.2 No user-facing changes. diff --git a/rust/ql/lib/change-notes/released/0.1.3.md b/rust/ql/lib/change-notes/released/0.1.3.md new file mode 100644 index 00000000000..8a4827cdf12 --- /dev/null +++ b/rust/ql/lib/change-notes/released/0.1.3.md @@ -0,0 +1,3 @@ +## 0.1.3 + +No user-facing changes. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index 6abd14b1ef8..b79d8f9d00a 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.2 +lastReleaseVersion: 0.1.3 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index fee6db9154f..559bcac7144 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.1.3-dev +version: 0.1.3 groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index ea8b30ac3fe..4c7b7dd6878 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.3 + +No user-facing changes. + ## 0.1.2 No user-facing changes. diff --git a/rust/ql/src/change-notes/released/0.1.3.md b/rust/ql/src/change-notes/released/0.1.3.md new file mode 100644 index 00000000000..8a4827cdf12 --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.3.md @@ -0,0 +1,3 @@ +## 0.1.3 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index 6abd14b1ef8..b79d8f9d00a 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.2 +lastReleaseVersion: 0.1.3 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index 570ab528b80..726a2095fe5 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.3-dev +version: 0.1.3 groups: - rust - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 60a09e6e04d..f3715d5438b 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.2 + +No user-facing changes. + ## 2.0.1 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.2.md b/shared/controlflow/change-notes/released/2.0.2.md new file mode 100644 index 00000000000..862ef0e9df7 --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.2.md @@ -0,0 +1,3 @@ +## 2.0.2 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index fe974a4dbf3..81c7f1dbc13 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.1 +lastReleaseVersion: 2.0.2 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index e2b78e76e55..53b096b9046 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.2-dev +version: 2.0.2 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 6a65f730aca..df4120d1ac4 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.2 + +No user-facing changes. + ## 2.0.1 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.0.2.md b/shared/dataflow/change-notes/released/2.0.2.md new file mode 100644 index 00000000000..862ef0e9df7 --- /dev/null +++ b/shared/dataflow/change-notes/released/2.0.2.md @@ -0,0 +1,3 @@ +## 2.0.2 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index fe974a4dbf3..81c7f1dbc13 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.1 +lastReleaseVersion: 2.0.2 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index cd8496066aa..c6203b2866d 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.0.2-dev +version: 2.0.2 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index d4d7ae992e3..82da07edf18 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.18.md b/shared/mad/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 765b8d2e62f..d9b75780a31 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index eb259ae5af1..0c984938f64 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.18.md b/shared/rangeanalysis/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index dbd0ebe416b..0dbbff3d768 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 597cda59bb3..39af60e9a30 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.18.md b/shared/regex/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index c066aa0a4ae..044e2413354 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 6000f6d85a9..d3523f2fbdc 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.18.md b/shared/ssa/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/ssa/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index cf04130a464..1d1f282c3bc 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 99c47f43d52..f2362fbbc75 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.18.md b/shared/threat-models/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index bbc1c43dcc9..567da2777de 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.18-dev +version: 1.0.18 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 616521bdcfa..f97fdda4083 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.18.md b/shared/tutorial/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index f4e1f783fa1..822ed1d2c4f 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 1edea337a83..6ce47fc6eb3 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.18.md b/shared/typeflow/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 700414d36ad..eb93269f173 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 496612be952..2ae3f05a1e3 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.2 + +No user-facing changes. + ## 2.0.1 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.2.md b/shared/typetracking/change-notes/released/2.0.2.md new file mode 100644 index 00000000000..862ef0e9df7 --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.2.md @@ -0,0 +1,3 @@ +## 2.0.2 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index fe974a4dbf3..81c7f1dbc13 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.1 +lastReleaseVersion: 2.0.2 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 6d9cde362fd..9d384001a95 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.2-dev +version: 2.0.2 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 16433eff6d6..12f5aae2c25 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.18.md b/shared/typos/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index f0d70d09ad4..ea7315d16aa 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 5d0c95a3d9e..76e0a86b941 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.5 + +No user-facing changes. + ## 2.0.4 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.5.md b/shared/util/change-notes/released/2.0.5.md new file mode 100644 index 00000000000..8bce5b7ca75 --- /dev/null +++ b/shared/util/change-notes/released/2.0.5.md @@ -0,0 +1,3 @@ +## 2.0.5 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 0f306f8bd3b..6c269316f27 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.4 +lastReleaseVersion: 2.0.5 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index f2cf13e3f17..d33d773b4ec 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.5-dev +version: 2.0.5 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 77359b40c67..c6461740121 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.18.md b/shared/xml/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 444e69d7b4f..cb639f97c7c 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index b20aa95a794..3676f65875d 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.18.md b/shared/yaml/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 2bc443d00f5..157107787b1 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.18-dev +version: 1.0.18 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index c74bc7c586a..87c95b83238 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.1.1 + +No user-facing changes. + ## 4.1.0 ### Deprecated APIs diff --git a/swift/ql/lib/change-notes/released/4.1.1.md b/swift/ql/lib/change-notes/released/4.1.1.md new file mode 100644 index 00000000000..23583cbad73 --- /dev/null +++ b/swift/ql/lib/change-notes/released/4.1.1.md @@ -0,0 +1,3 @@ +## 4.1.1 + +No user-facing changes. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index d5b1bf88d10..9c871cefc42 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.1.0 +lastReleaseVersion: 4.1.1 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 665e977c878..9bf50ffeaa2 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 4.1.1-dev +version: 4.1.1 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 1c2d813af92..327577e76d9 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.18 + +No user-facing changes. + ## 1.0.17 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.0.18.md b/swift/ql/src/change-notes/released/1.0.18.md new file mode 100644 index 00000000000..cc8bd01a2f9 --- /dev/null +++ b/swift/ql/src/change-notes/released/1.0.18.md @@ -0,0 +1,3 @@ +## 1.0.18 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index a88f1245e14..99666d22a47 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.17 +lastReleaseVersion: 1.0.18 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 2821816e7da..e3e1049944c 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.18-dev +version: 1.0.18 groups: - swift - queries