Release preparation for version 2.12.5

2025-12-16 16:53:25 +01:00 · 2023-03-16 12:58:50 +00:00
parent 8aa9207281
commit fe4d27e8cc
119 changed files with 491 additions and 229 deletions
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,46 @@
 ## 0.6.0
 ### Breaking Changes
 * The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
 ### Deprecated APIs
 * The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
  The new library behaves much more like the dataflow library of other CodeQL supported
  languages by following use-use dataflow paths instead of def-use dataflow paths.
  The new library also better supports dataflow through indirections, and new predicates
  such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
  The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
  `semmle.code.cpp.dataflow.new.DataFlow` library.
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
 * Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
 * Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
 * Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
 * Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
 * Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
 * Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
 ## 0.5.4
 No user-facing changes.
--- a/cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md
+++ b/cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md
@@ -1,4 +0,0 @@
 ---
 category: breaking
 ---
 * The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
--- a/cpp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/cpp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@@ -1,9 +0,0 @@
 ---
 category: majorAnalysis
 ---
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
--- a/cpp/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/cpp/ql/lib/change-notes/2023-03-03-delete-deps.md
@@ -1,12 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
 * Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
 * Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
 * Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
 * Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
 * Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
 * Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
--- a/cpp/ql/lib/change-notes/2023-03-08-deprecated-dataflow-configurations.md
+++ b/cpp/ql/lib/change-notes/2023-03-08-deprecated-dataflow-configurations.md
@@ -1,4 +0,0 @@
 ---
 category: deprecated
 ---
 * The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
--- a/cpp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/cpp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@@ -1,4 +0,0 @@
 ---
 category: feature
 ---
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/cpp/ql/lib/change-notes/2023-03-16-use-use-flow.md
+++ b/cpp/ql/lib/change-notes/2023-03-16-use-use-flow.md
@@ -1,11 +0,0 @@
 ---
 category: majorAnalysis
 ---
 * A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
  The new library behaves much more like the dataflow library of other CodeQL supported
  languages by following use-use dataflow paths instead of def-use dataflow paths.
  The new library also better supports dataflow through indirections, and new predicates
  such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
  The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
  `semmle.code.cpp.dataflow.new.DataFlow` library.
--- a/cpp/ql/lib/change-notes/released/0.6.0.md
+++ b/cpp/ql/lib/change-notes/released/0.6.0.md
@@ -0,0 +1,42 @@
 ## 0.6.0
 ### Breaking Changes
 * The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
 ### Deprecated APIs
 * The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
  The new library behaves much more like the dataflow library of other CodeQL supported
  languages by following use-use dataflow paths instead of def-use dataflow paths.
  The new library also better supports dataflow through indirections, and new predicates
  such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
  The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
  `semmle.code.cpp.dataflow.new.DataFlow` library.
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
 * Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
 * Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
 * Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
 * Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
 * Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
 * Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.6.0
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.5.5-dev
+version: 0.6.0
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,10 @@
 ## 0.5.5
 ### Deprecated Queries
 * The `NetworkToBufferSizeConfiguration` and `UntrustedDataToExternalApiConfig` dataflow configurations have been deprecated. Please use `NetworkToBufferSizeFlow` and `UntrustedDataToExternalApiFlow`.
 * The `LeapYearCheckConfiguration`, `FiletimeYearArithmeticOperationCheckConfiguration`, and `PossibleYearArithmeticOperationCheckConfiguration` dataflow configurations have been deprecated. Please use `LeapYearCheckFlow`, `FiletimeYearArithmeticOperationCheckFlow` and `PossibleYearArithmeticOperationCheckFlow`.
 ## 0.5.4
 No user-facing changes.
--- a/cpp/ql/src/change-notes/2023-03-08-deprecated-dataflow-configurations.md
+++ b/cpp/ql/src/change-notes/2023-03-08-deprecated-dataflow-configurations.md
@@ -1,4 +0,0 @@
 ---
 category: deprecated
 ---
 * The `NetworkToBufferSizeConfiguration` and `UntrustedDataToExternalApiConfig` dataflow configurations have been deprecated. Please use `NetworkToBufferSizeFlow` and `UntrustedDataToExternalApiFlow`.
--- a/cpp/ql/src/change-notes/2023-03-08-deprecated-leap-year-dataflow-configurations.md
+++ b/cpp/ql/src/change-notes/2023-03-08-deprecated-leap-year-dataflow-configurations.md
@@ -1,4 +1,6 @@
---
+## 0.5.5
-category: deprecated
+
---
+### Deprecated Queries
 * The `NetworkToBufferSizeConfiguration` and `UntrustedDataToExternalApiConfig` dataflow configurations have been deprecated. Please use `NetworkToBufferSizeFlow` and `UntrustedDataToExternalApiFlow`.
 * The `LeapYearCheckConfiguration`, `FiletimeYearArithmeticOperationCheckConfiguration`, and `PossibleYearArithmeticOperationCheckConfiguration` dataflow configurations have been deprecated. Please use `LeapYearCheckFlow`, `FiletimeYearArithmeticOperationCheckFlow` and `PossibleYearArithmeticOperationCheckFlow`.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - cpp
  - queries
--- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.4.5
 No user-facing changes.
 ## 1.4.4
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.4.5.md
+++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.4.5.md
@@ -0,0 +1,3 @@
 ## 1.4.5
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.4
+lastReleaseVersion: 1.4.5
--- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.4.5-dev
+version: 1.4.5
 groups:
    - csharp
    - solorigate
--- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 1.4.5
 No user-facing changes.
 ## 1.4.4
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.4.5.md
+++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.4.5.md
@@ -0,0 +1,3 @@
 ## 1.4.5
 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.4
+lastReleaseVersion: 1.4.5
--- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.4.5-dev
+version: 1.4.5
 groups:
    - csharp
    - solorigate
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@@ -1,3 +1,25 @@
 ## 0.5.5
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getAssertionIndex`, and `getAssertedParameter` predicates from the `AssertMethod` class.
 * Deleted the deprecated `OverridableMethod` and `OverridableAccessor` classes.
 * The `unsafe` predicate for `Modifiable` has been extended to cover delegate return types and identify pointer like types at any nest level. This is relevant for `unsafe` declarations extracted from assemblies.
 ## 0.5.4
 ### Minor Analysis Improvements
--- a/csharp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/csharp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@@ -1,9 +0,0 @@
 ---
 category: majorAnalysis
 ---
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
--- a/csharp/ql/lib/change-notes/2023-03-02-unsafemembers.md
+++ b/csharp/ql/lib/change-notes/2023-03-02-unsafemembers.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * The `unsafe` predicate for `Modifiable` has been extended to cover delegate return types and identify pointer like types at any nest level. This is relevant for `unsafe` declarations extracted from assemblies.
--- a/csharp/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/csharp/ql/lib/change-notes/2023-03-03-delete-deps.md
@@ -1,6 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getAssertionIndex`, and `getAssertedParameter` predicates from the `AssertMethod` class.
 * Deleted the deprecated `OverridableMethod` and `OverridableAccessor` classes.
--- a/csharp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/csharp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@@ -1,4 +0,0 @@
 ---
 category: feature
 ---
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/csharp/ql/lib/change-notes/released/0.5.5.md
+++ b/csharp/ql/lib/change-notes/released/0.5.5.md
@@ -0,0 +1,21 @@
 ## 0.5.5
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getAssertionIndex`, and `getAssertedParameter` predicates from the `AssertMethod` class.
 * Deleted the deprecated `OverridableMethod` and `OverridableAccessor` classes.
 * The `unsafe` predicate for `Modifiable` has been extended to cover delegate return types and identify pointer like types at any nest level. This is relevant for `unsafe` declarations extracted from assemblies.
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.5.5-dev
+version: 0.5.5
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.5.5
 No user-facing changes.
 ## 0.5.4
 No user-facing changes.
--- a/csharp/ql/src/change-notes/released/0.5.5.md
+++ b/csharp/ql/src/change-notes/released/0.5.5.md
@@ -0,0 +1,3 @@
 ## 0.5.5
 No user-facing changes.
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - csharp
  - queries
--- a/go/ql/lib/CHANGELOG.md
+++ b/go/ql/lib/CHANGELOG.md
@@ -1,3 +1,18 @@
 ## 0.4.5
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ## 0.4.4
 No user-facing changes.
--- a/go/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/go/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@@ -1,4 +0,0 @@
 ---
 category: feature
 ---
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/java/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/java/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@@ -1,6 +1,11 @@
---
+## 0.4.5
-category: majorAnalysis
+
---
+### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
--- a/go/ql/lib/codeql-pack.release.yml
+++ b/go/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.4
+lastReleaseVersion: 0.4.5
--- a/go/ql/lib/qlpack.yml
+++ b/go/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.4.5-dev
+version: 0.4.5
 groups: go
 dbscheme: go.dbscheme
 extractor: go
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.4.5
 No user-facing changes.
 ## 0.4.4
 ### Minor Analysis Improvements
--- a/go/ql/src/change-notes/released/0.4.5.md
+++ b/go/ql/src/change-notes/released/0.4.5.md
@@ -0,0 +1,3 @@
 ## 0.4.5
 No user-facing changes.
--- a/go/ql/src/codeql-pack.release.yml
+++ b/go/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.4
+lastReleaseVersion: 0.4.5
--- a/go/ql/src/qlpack.yml
+++ b/go/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.4.5-dev
+version: 0.4.5
 groups:
  - go
  - queries
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,34 @@
 ## 0.5.5
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * Removed low-confidence call edges to known neutral call targets from the call graph used in data flow analysis. This includes, for example, custom `List.contains` implementations when the best inferrable type at the call site is simply `List`.
 * Added more sink and summary dataflow models for the following packages:
  * `java.io`
  * `java.lang`
  * `java.sql`
  * `javafx.scene.web`
  * `org.apache.commons.compress.archivers.tar`
  * `org.apache.http.client.utils`
  * `org.codehaus.cargo.container.installer`
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getRepresentedString` predicate from the `StringLiteral` class.
 * Deleted the deprecated `ServletWriterSource` class.
 * Deleted the deprecated `getGroupID`, `getArtefactID`, and `artefactMatches` predicates from the `MavenRepoJar` class.
 ## 0.5.4
 ### Minor Analysis Improvements
--- a/java/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/java/ql/lib/change-notes/2023-03-03-delete-deps.md
@@ -1,7 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getRepresentedString` predicate from the `StringLiteral` class.
 * Deleted the deprecated `ServletWriterSource` class.
 * Deleted the deprecated `getGroupID`, `getArtefactID`, and `artefactMatches` predicates from the `MavenRepoJar` class.
--- a/java/ql/lib/change-notes/2023-03-09-more-models.md
+++ b/java/ql/lib/change-notes/2023-03-09-more-models.md
@@ -1,11 +0,0 @@
 ---
 category: majorAnalysis
 ---
 * Added more sink and summary dataflow models for the following packages:
  * `java.io`
  * `java.lang`
  * `java.sql`
  * `javafx.scene.web`
  * `org.apache.commons.compress.archivers.tar`
  * `org.apache.http.client.utils`
  * `org.codehaus.cargo.container.installer`
--- a/java/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/java/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@@ -1,4 +0,0 @@
 ---
 category: feature
 ---
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/java/ql/lib/change-notes/2023-03-14-neutral-dispatch.md
+++ b/java/ql/lib/change-notes/2023-03-14-neutral-dispatch.md
@@ -1,4 +0,0 @@
 ---
 category: majorAnalysis
 ---
 * Removed low-confidence call edges to known neutral call targets from the call graph used in data flow analysis. This includes, for example, custom `List.contains` implementations when the best inferrable type at the call site is simply `List`.
--- a/java/ql/lib/change-notes/released/0.5.5.md
+++ b/java/ql/lib/change-notes/released/0.5.5.md
@@ -0,0 +1,30 @@
 ## 0.5.5
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * Removed low-confidence call edges to known neutral call targets from the call graph used in data flow analysis. This includes, for example, custom `List.contains` implementations when the best inferrable type at the call site is simply `List`.
 * Added more sink and summary dataflow models for the following packages:
  * `java.io`
  * `java.lang`
  * `java.sql`
  * `javafx.scene.web`
  * `org.apache.commons.compress.archivers.tar`
  * `org.apache.http.client.utils`
  * `org.codehaus.cargo.container.installer`
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getRepresentedString` predicate from the `StringLiteral` class.
 * Deleted the deprecated `ServletWriterSource` class.
 * Deleted the deprecated `getGroupID`, `getArtefactID`, and `artefactMatches` predicates from the `MavenRepoJar` class.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.5.5-dev
+version: 0.5.5
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 0.5.5
 ### New Queries
 * Added a new query, `java/android/arbitrary-apk-installation`, to detect installation of APKs from untrusted sources.
 ## 0.5.4
 No user-facing changes.
--- a/java/ql/src/change-notes/2023-01-19-arbitrary-apk-installation.md
+++ b/java/ql/src/change-notes/2023-01-19-arbitrary-apk-installation.md
@@ -1,5 +1,5 @@
---
+## 0.5.5
 category: newQuery
 ---
 * Added a new query, `java/android/arbitrary-apk-installation`, to detect installation of APKs from untrusted sources.
 ### New Queries
 * Added a new query, `java/android/arbitrary-apk-installation`, to detect installation of APKs from untrusted sources.
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - java
  - queries
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@@ -1,3 +1,15 @@
 ## 0.5.1
 ### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getId` from the `Function`, `NamespaceDefinition`, and `ImportEqualsDeclaration` classes.
 * Deleted the deprecated `flowsTo` predicate from the `HTTP::Servers::RequestSource` and `HTTP::Servers::ResponseSource` class.
 * Deleted the deprecated `getEventName` predicate from the `SocketIO::ReceiveNode`, `SocketIO::SendNode`, `SocketIOClient::SendNode` classes.
 * Deleted the deprecated `RateLimitedRouteHandlerExpr` and `RouteHandlerExpressionWithRateLimiter` classes.
 * [Import assertions](https://github.com/tc39/proposal-import-assertions) are now supported.
  Previously this feature was only supported in TypeScript code, but is now supported for plain JavaScript as well and is also accessible in the AST.
 ## 0.5.0
 ### Breaking Changes
--- a/javascript/ql/lib/change-notes/2023-03-03-import-assertion.md
+++ b/javascript/ql/lib/change-notes/2023-03-03-import-assertion.md
@@ -1,5 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * [Import assertions](https://github.com/tc39/proposal-import-assertions) are now supported.
  Previously this feature was only supported in TypeScript code, but is now supported for plain JavaScript as well and is also accessible in the AST.
--- a/javascript/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/javascript/ql/lib/change-notes/2023-03-03-delete-deps.md
@@ -1,8 +1,11 @@
---
+## 0.5.1
-category: minorAnalysis
+
---
+### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getId` from the `Function`, `NamespaceDefinition`, and `ImportEqualsDeclaration` classes.
 * Deleted the deprecated `flowsTo` predicate from the `HTTP::Servers::RequestSource` and `HTTP::Servers::ResponseSource` class.
 * Deleted the deprecated `getEventName` predicate from the `SocketIO::ReceiveNode`, `SocketIO::SendNode`, `SocketIOClient::SendNode` classes.
-* Deleted the deprecated `RateLimitedRouteHandlerExpr` and `RouteHandlerExpressionWithRateLimiter` classes.
+* Deleted the deprecated `RateLimitedRouteHandlerExpr` and `RouteHandlerExpressionWithRateLimiter` classes.
 * [Import assertions](https://github.com/tc39/proposal-import-assertions) are now supported.
  Previously this feature was only supported in TypeScript code, but is now supported for plain JavaScript as well and is also accessible in the AST.
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.0
+lastReleaseVersion: 0.5.1
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.5.1-dev
+version: 0.5.1
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,3 +1,11 @@
 ## 0.5.5
 ### Minor Analysis Improvements
 * The following queries now recognize HTML sanitizers as propagating taint: `js/sql-injection`,
  `js/path-injection`, `js/server-side-unvalidated-url-redirection`, `js/client-side-unvalidated-url-redirection`,
  and `js/request-forgery`.
 ## 0.5.4
 ### Minor Analysis Improvements
--- a/javascript/ql/src/change-notes/2023-03-07-html-sanitizer-for-sql.md
+++ b/javascript/ql/src/change-notes/2023-03-07-html-sanitizer-for-sql.md
@@ -1,6 +1,7 @@
---
+## 0.5.5
-category: minorAnalysis
+
---
+### Minor Analysis Improvements
 * The following queries now recognize HTML sanitizers as propagating taint: `js/sql-injection`,
  `js/path-injection`, `js/server-side-unvalidated-url-redirection`, `js/client-side-unvalidated-url-redirection`,
  and `js/request-forgery`.
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - javascript
  - queries
--- a/misc/suite-helpers/CHANGELOG.md
+++ b/misc/suite-helpers/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.4.5
 No user-facing changes.
 ## 0.4.4
 No user-facing changes.
--- a/misc/suite-helpers/change-notes/released/0.4.5.md
+++ b/misc/suite-helpers/change-notes/released/0.4.5.md
@@ -0,0 +1,3 @@
 ## 0.4.5
 No user-facing changes.
--- a/misc/suite-helpers/codeql-pack.release.yml
+++ b/misc/suite-helpers/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.4
+lastReleaseVersion: 0.4.5
--- a/misc/suite-helpers/qlpack.yml
+++ b/misc/suite-helpers/qlpack.yml
@@ -1,3 +1,3 @@
 name: codeql/suite-helpers
-version: 0.4.5-dev
+version: 0.4.5
 groups: shared
--- a/python/ql/lib/CHANGELOG.md
+++ b/python/ql/lib/CHANGELOG.md
@@ -1,3 +1,22 @@
 ## 0.8.2
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 ## 0.8.1
 ### Major Analysis Improvements
--- a/python/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/python/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@@ -1,9 +0,0 @@
 ---
 category: majorAnalysis
 ---
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
--- a/python/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/python/ql/lib/change-notes/2023-03-03-delete-deps.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
--- a/python/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/python/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@@ -1,4 +0,0 @@
 ---
 category: feature
 ---
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/go/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/go/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@@ -1,9 +1,18 @@
---
+## 0.8.2
-category: majorAnalysis
+
---
+### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
--- a/python/ql/lib/codeql-pack.release.yml
+++ b/python/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.1
+lastReleaseVersion: 0.8.2
--- a/python/ql/lib/qlpack.yml
+++ b/python/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.8.2-dev
+version: 0.8.2
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python
--- a/python/ql/src/CHANGELOG.md
+++ b/python/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 0.6.5
 ### New Queries
 * Added a new query, `py/shell-command-constructed-from-input`, to detect libraries that unsafely construct shell commands from their inputs.
 ## 0.6.4
 No user-facing changes.
--- a/python/ql/src/change-notes/2023-02-03-unsafe-shell-command-construction.md
+++ b/python/ql/src/change-notes/2023-02-03-unsafe-shell-command-construction.md
@@ -1,4 +1,5 @@
---
+## 0.6.5
-category: newQuery
+
---
+### New Queries
 * Added a new query, `py/shell-command-constructed-from-input`, to detect libraries that unsafely construct shell commands from their inputs.
--- a/python/ql/src/codeql-pack.release.yml
+++ b/python/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.4
+lastReleaseVersion: 0.6.5
--- a/python/ql/src/qlpack.yml
+++ b/python/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.6.5-dev
+version: 0.6.5
 groups: 
  - python
  - queries
--- a/ruby/ql/lib/CHANGELOG.md
+++ b/ruby/ql/lib/CHANGELOG.md
@@ -1,3 +1,29 @@
 ## 0.5.5
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Data flow through `initialize` methods is now taken into account also when the receiver of a `new` call is an (implicit or explicit) `self`.
 * The Active Record query methods `reorder` and `count_by_sql` are now recognised as SQL executions.
 * Calls to `ActiveRecord::Connection#execute`, including those via subclasses, are now recognised as SQL executions.
 * Data flow through `ActionController::Parameters#require` is now tracked properly.
 * The severity of parse errors was reduced to warning (previously error). 
 * Deleted the deprecated `getQualifiedName` predicate from the `ConstantWriteAccess` class.
 * Deleted the deprecated `getWhenBranch` and `getAWhenBranch` predicates from the `CaseExpr` class.
 * Deleted the deprecated `Self`, `PatternParameter`, `Pattern`, `VariablePattern`, `TuplePattern`, and `TuplePatternParameter` classes.
 ## 0.5.4
 ### Minor Analysis Improvements
--- a/ruby/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/ruby/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@@ -1,9 +0,0 @@
 ---
 category: majorAnalysis
 ---
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
--- a/ruby/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/ruby/ql/lib/change-notes/2023-03-03-delete-deps.md
@@ -1,6 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Deleted the deprecated `getQualifiedName` predicate from the `ConstantWriteAccess` class.
 * Deleted the deprecated `getWhenBranch` and `getAWhenBranch` predicates from the `CaseExpr` class.
 * Deleted the deprecated `Self`, `PatternParameter`, `Pattern`, `VariablePattern`, `TuplePattern`, and `TuplePatternParameter` classes.
--- a/ruby/ql/lib/change-notes/2023-03-09-parse-error.md
+++ b/ruby/ql/lib/change-notes/2023-03-09-parse-error.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * The severity of parse errors was reduced to warning (previously error). 
--- a/ruby/ql/lib/change-notes/2023-03-13-initalize-flow.md
+++ b/ruby/ql/lib/change-notes/2023-03-13-initalize-flow.md
@@ -1,4 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * Data flow through `initialize` methods is now taken into account also when the receiver of a `new` call is an (implicit or explicit) `self`.
--- a/ruby/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/ruby/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@@ -1,4 +0,0 @@
 ---
 category: feature
 ---
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/ruby/ql/lib/change-notes/2023-03-13-rails-sinks.md
+++ b/ruby/ql/lib/change-notes/2023-03-13-rails-sinks.md
@@ -1,6 +0,0 @@
 ---
 category: minorAnalysis
 ---
 * The Active Record query methods `reorder` and `count_by_sql` are now recognised as SQL executions.
 * Calls to `ActiveRecord::Connection#execute`, including those via subclasses, are now recognised as SQL executions.
 * Data flow through `ActionController::Parameters#require` is now tracked properly.
--- a/ruby/ql/lib/change-notes/released/0.5.5.md
+++ b/ruby/ql/lib/change-notes/released/0.5.5.md
@@ -0,0 +1,25 @@
 ## 0.5.5
 ### New Features
 * Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
 ### Major Analysis Improvements
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
 ### Minor Analysis Improvements
 * Data flow through `initialize` methods is now taken into account also when the receiver of a `new` call is an (implicit or explicit) `self`.
 * The Active Record query methods `reorder` and `count_by_sql` are now recognised as SQL executions.
 * Calls to `ActiveRecord::Connection#execute`, including those via subclasses, are now recognised as SQL executions.
 * Data flow through `ActionController::Parameters#require` is now tracked properly.
 * The severity of parse errors was reduced to warning (previously error). 
 * Deleted the deprecated `getQualifiedName` predicate from the `ConstantWriteAccess` class.
 * Deleted the deprecated `getWhenBranch` and `getAWhenBranch` predicates from the `CaseExpr` class.
 * Deleted the deprecated `Self`, `PatternParameter`, `Pattern`, `VariablePattern`, `TuplePattern`, and `TuplePatternParameter` classes.
--- a/ruby/ql/lib/codeql-pack.release.yml
+++ b/ruby/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/ruby/ql/lib/qlpack.yml
+++ b/ruby/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.5.5-dev
+version: 0.5.5
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme
--- a/ruby/ql/src/CHANGELOG.md
+++ b/ruby/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
 ## 0.5.5
 ### New Queries
 * Added a new query, `rb/zip-slip`, to detect arbitrary file writes during extraction of zip/tar archives.
 ## 0.5.4
 No user-facing changes.
--- a/ruby/ql/src/change-notes/2023-02-17-zip-slip-query.md
+++ b/ruby/ql/src/change-notes/2023-02-17-zip-slip-query.md
@@ -1,4 +0,0 @@
 ---
 category: newQuery
 ---
 * Added a new query, `rb/zip-slip`, to detect arbitrary file writes during extraction of zip/tar archives.
--- a/ruby/ql/src/change-notes/released/0.5.5.md
+++ b/ruby/ql/src/change-notes/released/0.5.5.md
@@ -0,0 +1,5 @@
 ## 0.5.5
 ### New Queries
 * Added a new query, `rb/zip-slip`, to detect arbitrary file writes during extraction of zip/tar archives.
--- a/ruby/ql/src/codeql-pack.release.yml
+++ b/ruby/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/ruby/ql/src/qlpack.yml
+++ b/ruby/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - ruby
  - queries
--- a/shared/regex/CHANGELOG.md
+++ b/shared/regex/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.0.9
 No user-facing changes.
 ## 0.0.8
 No user-facing changes.
--- a/shared/regex/change-notes/released/0.0.9.md
+++ b/shared/regex/change-notes/released/0.0.9.md
@@ -0,0 +1,3 @@
 ## 0.0.9
 No user-facing changes.
--- a/shared/regex/codeql-pack.release.yml
+++ b/shared/regex/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.8
+lastReleaseVersion: 0.0.9
--- a/shared/regex/qlpack.yml
+++ b/shared/regex/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/regex
-version: 0.0.9-dev
+version: 0.0.9
 groups: shared
 library: true
 dependencies:
--- a/shared/ssa/CHANGELOG.md
+++ b/shared/ssa/CHANGELOG.md
@@ -1,3 +1,7 @@
 ## 0.0.13
 No user-facing changes.
 ## 0.0.12
 No user-facing changes.
--- a/Show More
+++ b/Show More
`@@ -1,2 +1,2 @@`
	`---`	`---`
	`lastReleaseVersion: 0.5.4`	`lastReleaseVersion: 0.6.0`