Merge pull request #14091 from github/dbartol/fake/release-prep/2.14.4

Release preparation for version 2.14.4
2026-05-18 21:27:08 +02:00 · 2023-08-29 15:01:47 -04:00 · 2023-08-29 18:54:04 +00:00
126 changed files with 326 additions and 126 deletions
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.9.2
+
+### Minor Analysis Improvements
+
+* Only the 2 level indirection of `argv` (corresponding to `**argv`) is consided for `FlowSource`.
+
 ## 0.9.1

 No user-facing changes.
--- a/cpp/ql/lib/change-notes/2023-08-24-no-taint-argv-indirections.md
+++ b/cpp/ql/lib/change-notes/2023-08-24-no-taint-argv-indirections.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 0.9.2
+
+### Minor Analysis Improvements
+
 * Only the 2 level indirection of `argv` (corresponding to `**argv`) is consided for `FlowSource`.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.1
+lastReleaseVersion: 0.9.2
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.9.2-dev
+version: 0.9.2
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,10 @@
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* Some queries that had repeated results corresponding to different levels of indirection for `argv` now only have a single result.
+* The `cpp/non-constant-format` query no longer considers an assignment on the right-hand side of another assignment to be a source of non-constant format strings. As a result, the query may now produce fewer results.
+
 ## 0.7.3

 No user-facing changes.
--- a/cpp/ql/src/change-notes/2023-08-24-no-taint-argv-indirections.md
+++ b/cpp/ql/src/change-notes/2023-08-24-no-taint-argv-indirections.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Some queries that had repeated results corresponding to different levels of indirection for `argv` now only have a single result.
--- a/cpp/ql/src/change-notes/2023-08-24-remove-non-constant-assign-sources.md
+++ b/cpp/ql/src/change-notes/2023-08-24-remove-non-constant-assign-sources.md
@@ -1,4 +1,6 @@
---
-category: minorAnalysis
---
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* Some queries that had repeated results corresponding to different levels of indirection for `argv` now only have a single result.
 * The `cpp/non-constant-format` query no longer considers an assignment on the right-hand side of another assignment to be a source of non-constant format strings. As a result, the query may now produce fewer results.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
  - cpp
  - queries
--- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.6.4
+
+No user-facing changes.
+
 ## 1.6.3

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.6.4.md
+++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.6.4.md
@@ -0,0 +1,3 @@
+## 1.6.4
+
+No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.3
+lastReleaseVersion: 1.6.4
--- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.6.4-dev
+version: 1.6.4
 groups:
    - csharp
    - solorigate
--- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.6.4
+
+No user-facing changes.
+
 ## 1.6.3

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.6.4.md
+++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.6.4.md
@@ -0,0 +1,3 @@
+## 1.6.4
+
+No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.3
+lastReleaseVersion: 1.6.4
--- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.6.4-dev
+version: 1.6.4
 groups:
    - csharp
    - solorigate
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.7.4
+
+No user-facing changes.
+
 ## 0.7.3

 ### Minor Analysis Improvements
--- a/csharp/ql/lib/change-notes/released/0.7.4.md
+++ b/csharp/ql/lib/change-notes/released/0.7.4.md
@@ -0,0 +1,3 @@
+## 0.7.4
+
+No user-facing changes.
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.7.4
+
+No user-facing changes.
+
 ## 0.7.3

 No user-facing changes.
--- a/csharp/ql/src/change-notes/released/0.7.4.md
+++ b/csharp/ql/src/change-notes/released/0.7.4.md
@@ -0,0 +1,3 @@
+## 0.7.4
+
+No user-facing changes.
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
  - csharp
  - queries
--- a/go/ql/lib/CHANGELOG.md
+++ b/go/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.6.4
+
+No user-facing changes.
+
 ## 0.6.3

 No user-facing changes.
--- a/go/ql/lib/change-notes/released/0.6.4.md
+++ b/go/ql/lib/change-notes/released/0.6.4.md
@@ -0,0 +1,3 @@
+## 0.6.4
+
+No user-facing changes.
--- a/go/ql/lib/codeql-pack.release.yml
+++ b/go/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.3
+lastReleaseVersion: 0.6.4
--- a/go/ql/lib/qlpack.yml
+++ b/go/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.6.4-dev
+version: 0.6.4
 groups: go
 dbscheme: go.dbscheme
 extractor: go
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.6.4
+
+No user-facing changes.
+
 ## 0.6.3

 No user-facing changes.
--- a/go/ql/src/change-notes/released/0.6.4.md
+++ b/go/ql/src/change-notes/released/0.6.4.md
@@ -0,0 +1,3 @@
+## 0.6.4
+
+No user-facing changes.
--- a/go/ql/src/codeql-pack.release.yml
+++ b/go/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.3
+lastReleaseVersion: 0.6.4
--- a/go/ql/src/qlpack.yml
+++ b/go/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.6.4-dev
+version: 0.6.4
 groups:
  - go
  - queries
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,16 @@
+## 0.7.4
+
+### New Features
+
+* Kotlin versions up to 1.9.10 are now supported.
+
+### Minor Analysis Improvements
+
+* Fixed the MaD signature specifications to use proper nested type names.
+* Added new sanitizer to Java command injection model
+* Added more dataflow models for JAX-RS.
+* The predicate `JaxWsEndpoint::getARemoteMethod` no longer requires the result to be annotated with `@WebMethod`. Instead, the requirements listed in the JAX-RPC Specification 1.1 for required parameter and return types are used. Applications using JAX-RS may see an increase in results.
+
 ## 0.7.3

 ### Major Analysis Improvements
--- a/java/ql/lib/change-notes/2023-08-07-jaxrs-new-models.md
+++ b/java/ql/lib/change-notes/2023-08-07-jaxrs-new-models.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Added more dataflow models for JAX-RS.
--- a/java/ql/lib/change-notes/2023-08-21-java-command-injection-sanitizer.md
+++ b/java/ql/lib/change-notes/2023-08-21-java-command-injection-sanitizer.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Added new sanitizer to Java command injection model
--- a/java/ql/lib/change-notes/2023-08-23-mad-nestednames.md
+++ b/java/ql/lib/change-notes/2023-08-23-mad-nestednames.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Fixed the MaD signature specifications to use proper nested type names.
--- a/java/ql/lib/change-notes/2023-08-24-kotlin-1.9.10.md
+++ b/java/ql/lib/change-notes/2023-08-24-kotlin-1.9.10.md
@@ -1,4 +0,0 @@
---
-category: feature
---
-* Kotlin versions up to 1.9.10 are now supported.
--- a/java/ql/lib/change-notes/2023-08-07-jaxrs-webmethod-improvements.md
+++ b/java/ql/lib/change-notes/2023-08-07-jaxrs-webmethod-improvements.md
@@ -1,4 +1,12 @@
---
-category: minorAnalysis
---
+## 0.7.4
+
+### New Features
+
+* Kotlin versions up to 1.9.10 are now supported.
+
+### Minor Analysis Improvements
+
+* Fixed the MaD signature specifications to use proper nested type names.
+* Added new sanitizer to Java command injection model
+* Added more dataflow models for JAX-RS.
 * The predicate `JaxWsEndpoint::getARemoteMethod` no longer requires the result to be annotated with `@WebMethod`. Instead, the requirements listed in the JAX-RPC Specification 1.1 for required parameter and return types are used. Applications using JAX-RS may see an increase in results.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 0.7.4
+
+### New Queries
+
+* Added the `java/trust-boundary-violation` query to detect trust boundary violations between HTTP requests and the HTTP session. Also added the `trust-boundary-violation` sink kind for sinks which may cross a trust boundary, such as calls to the `HttpSession#setAttribute` method.
+
+### Minor Analysis Improvements
+
+* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the MDHT library.
+
 ## 0.7.3

 No user-facing changes.
--- a/java/ql/src/change-notes/2023-07-19-xxe-new-sinks.md
+++ b/java/ql/src/change-notes/2023-07-19-xxe-new-sinks.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the MDHT library.
--- a/java/ql/src/change-notes/2023-07-25-trust-boundary-violation-query.md
+++ b/java/ql/src/change-notes/2023-07-25-trust-boundary-violation-query.md
@@ -1,5 +1,9 @@
---
-category: newQuery
---
+## 0.7.4
+
+### New Queries
+
 * Added the `java/trust-boundary-violation` query to detect trust boundary violations between HTTP requests and the HTTP session. Also added the `trust-boundary-violation` sink kind for sinks which may cross a trust boundary, such as calls to the `HttpSession#setAttribute` method.

+### Minor Analysis Improvements
+
+* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the MDHT library.
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
  - java
  - queries
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.7.4
+
+No user-facing changes.
+
 ## 0.7.3

 No user-facing changes.
--- a/javascript/ql/lib/change-notes/released/0.7.4.md
+++ b/javascript/ql/lib/change-notes/released/0.7.4.md
@@ -0,0 +1,3 @@
+## 0.7.4
+
+No user-facing changes.
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* Files larger than 10 MB are no longer be extracted or analyzed.
+* Imports can now be resolved in more cases, where a non-constant string expression is passed to a `require()` call.
+
+### Bug Fixes
+
+* Fixed an extractor crash that would occur in rare cases when a TypeScript file contains a self-referential namespace alias.
+
 ## 0.7.3

 No user-facing changes.
--- a/javascript/ql/src/change-notes/2023-08-23-fix-cyclic-alias-extraction.md
+++ b/javascript/ql/src/change-notes/2023-08-23-fix-cyclic-alias-extraction.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* Fixed an extractor crash that would occur in rare cases when a TypeScript file contains a self-referential namespace alias.
--- a/javascript/ql/src/change-notes/2023-08-23-ignore-huge-files.md
+++ b/javascript/ql/src/change-notes/2023-08-23-ignore-huge-files.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Files larger than 10 MB are no longer be extracted or analyzed.
--- a/javascript/ql/src/change-notes/2023-08-23-import-path-string.md
+++ b/javascript/ql/src/change-notes/2023-08-23-import-path-string.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Imports can now be resolved in more cases, where a non-constant string expression is passed to a `require()` call.
--- a/javascript/ql/src/change-notes/released/0.7.4.md
+++ b/javascript/ql/src/change-notes/released/0.7.4.md
@@ -0,0 +1,10 @@
+## 0.7.4
+
+### Minor Analysis Improvements
+
+* Files larger than 10 MB are no longer be extracted or analyzed.
+* Imports can now be resolved in more cases, where a non-constant string expression is passed to a `require()` call.
+
+### Bug Fixes
+
+* Fixed an extractor crash that would occur in rare cases when a TypeScript file contains a self-referential namespace alias.
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
  - javascript
  - queries
--- a/misc/suite-helpers/CHANGELOG.md
+++ b/misc/suite-helpers/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.6.4
+
+No user-facing changes.
+
 ## 0.6.3

 No user-facing changes.
--- a/misc/suite-helpers/change-notes/released/0.6.4.md
+++ b/misc/suite-helpers/change-notes/released/0.6.4.md
@@ -0,0 +1,3 @@
+## 0.6.4
+
+No user-facing changes.
--- a/misc/suite-helpers/codeql-pack.release.yml
+++ b/misc/suite-helpers/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.3
+lastReleaseVersion: 0.6.4
--- a/misc/suite-helpers/qlpack.yml
+++ b/misc/suite-helpers/qlpack.yml
@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 0.6.4-dev
+version: 0.6.4
 groups: shared
 warnOnImplicitThis: true
--- a/python/ql/lib/CHANGELOG.md
+++ b/python/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.10.4
+
+### Minor Analysis Improvements
+
+* Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags.
+
 ## 0.10.3

 ### Minor Analysis Improvements
--- a/python/ql/lib/change-notes/2023-07-20-regex-parse-modes.md
+++ b/python/ql/lib/change-notes/2023-07-20-regex-parse-modes.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 0.10.4
+
+### Minor Analysis Improvements
+
 * Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags.
--- a/python/ql/lib/codeql-pack.release.yml
+++ b/python/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.10.3
+lastReleaseVersion: 0.10.4
--- a/python/ql/lib/qlpack.yml
+++ b/python/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.10.4-dev
+version: 0.10.4
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python
--- a/python/ql/src/CHANGELOG.md
+++ b/python/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.8.4
+
+### Minor Analysis Improvements
+
+* Updated path explanations for `@kind path-problem` queries to always include left hand side of assignments, making paths easier to understand.
+
 ## 0.8.3

 No user-facing changes.
--- a/python/ql/src/change-notes/2023-08-17-improved-path-graph.md
+++ b/python/ql/src/change-notes/2023-08-17-improved-path-graph.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 0.8.4
+
+### Minor Analysis Improvements
+
 * Updated path explanations for `@kind path-problem` queries to always include left hand side of assignments, making paths easier to understand.
--- a/python/ql/src/codeql-pack.release.yml
+++ b/python/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.3
+lastReleaseVersion: 0.8.4
--- a/python/ql/src/qlpack.yml
+++ b/python/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.8.4-dev
+version: 0.8.4
 groups: 
  - python
  - queries
--- a/ruby/ql/lib/CHANGELOG.md
+++ b/ruby/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.7.4
+
+No user-facing changes.
+
 ## 0.7.3

 ### Minor Analysis Improvements
--- a/ruby/ql/lib/change-notes/released/0.7.4.md
+++ b/ruby/ql/lib/change-notes/released/0.7.4.md
@@ -0,0 +1,3 @@
+## 0.7.4
+
+No user-facing changes.
--- a/ruby/ql/lib/codeql-pack.release.yml
+++ b/ruby/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/ruby/ql/lib/qlpack.yml
+++ b/ruby/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.7.4-dev
+version: 0.7.4
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme
--- a/ruby/ql/src/CHANGELOG.md
+++ b/ruby/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.7.4
+
+### New Queries
+
+* Added a new experimental query, `rb/improper-ldap-auth`, to detect cases where user input is used during LDAP authentication without proper validation or sanitization, potentially leading to authentication bypass.
+
 ## 0.7.3

 No user-facing changes.
--- a/ruby/ql/src/change-notes/2023-05-29-improper-ldap-auth-query.md
+++ b/ruby/ql/src/change-notes/2023-05-29-improper-ldap-auth-query.md
@@ -1,4 +1,5 @@
---
-category: newQuery
---
+## 0.7.4
+
+### New Queries
+
 * Added a new experimental query, `rb/improper-ldap-auth`, to detect cases where user input is used during LDAP authentication without proper validation or sanitization, potentially leading to authentication bypass.
--- a/ruby/ql/src/codeql-pack.release.yml
+++ b/ruby/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.3
+lastReleaseVersion: 0.7.4
--- a/ruby/ql/src/qlpack.yml
+++ b/ruby/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.7.4-dev
+version: 0.7.4
 groups: 
  - ruby
  - queries
--- a/shared/controlflow/CHANGELOG.md
+++ b/shared/controlflow/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.0.3
+
+No user-facing changes.
+
 ## 0.0.2

 No user-facing changes.
--- a/shared/controlflow/change-notes/released/0.0.3.md
+++ b/shared/controlflow/change-notes/released/0.0.3.md
@@ -0,0 +1,3 @@
+## 0.0.3
+
+No user-facing changes.
--- a/shared/controlflow/codeql-pack.release.yml
+++ b/shared/controlflow/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.2
+lastReleaseVersion: 0.0.3
--- a/shared/controlflow/qlpack.yml
+++ b/shared/controlflow/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/controlflow
-version: 0.0.3-dev
+version: 0.0.3
 groups: shared
 library: true
 dependencies:
--- a/shared/dataflow/CHANGELOG.md
+++ b/shared/dataflow/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.0.3
+
+### Minor Analysis Improvements
+
+* The shared taint-tracking library is now part of the dataflow qlpack.
+
 ## 0.0.2

 ### Major Analysis Improvements
--- a/shared/dataflow/change-notes/2023-08-04-taint-tracking.md
+++ b/shared/dataflow/change-notes/2023-08-04-taint-tracking.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 0.0.3
+
+### Minor Analysis Improvements
+
 * The shared taint-tracking library is now part of the dataflow qlpack.
--- a/shared/dataflow/codeql-pack.release.yml
+++ b/shared/dataflow/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.2
+lastReleaseVersion: 0.0.3
--- a/shared/dataflow/qlpack.yml
+++ b/shared/dataflow/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/dataflow
-version: 0.0.3-dev
+version: 0.0.3
 groups: shared
 library: true
 dependencies:
--- a/shared/mad/CHANGELOG.md
+++ b/shared/mad/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.1.4
+
+No user-facing changes.
+
 ## 0.1.3

 No user-facing changes.
--- a/shared/mad/change-notes/released/0.1.4.md
+++ b/shared/mad/change-notes/released/0.1.4.md
@@ -0,0 +1,3 @@
+## 0.1.4
+
+No user-facing changes.
--- a/shared/mad/codeql-pack.release.yml
+++ b/shared/mad/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.3
+lastReleaseVersion: 0.1.4
--- a/shared/mad/qlpack.yml
+++ b/shared/mad/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/mad
-version: 0.1.4-dev
+version: 0.1.4
 groups: shared
 library: true
 dependencies:
--- a/shared/regex/CHANGELOG.md
+++ b/shared/regex/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.1.4
+
+No user-facing changes.
+
 ## 0.1.3

 No user-facing changes.
--- a/shared/regex/change-notes/released/0.1.4.md
+++ b/shared/regex/change-notes/released/0.1.4.md
@@ -0,0 +1,3 @@
+## 0.1.4
+
+No user-facing changes.
--- a/shared/regex/codeql-pack.release.yml
+++ b/shared/regex/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.3
+lastReleaseVersion: 0.1.4
--- a/shared/regex/qlpack.yml
+++ b/shared/regex/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/regex
-version: 0.1.4-dev
+version: 0.1.4
 groups: shared
 library: true
 dependencies:
--- a/shared/ssa/CHANGELOG.md
+++ b/shared/ssa/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.1.4
+
+No user-facing changes.
+
 ## 0.1.3

 No user-facing changes.
--- a/shared/ssa/change-notes/released/0.1.4.md
+++ b/shared/ssa/change-notes/released/0.1.4.md
@@ -0,0 +1,3 @@
+## 0.1.4
+
+No user-facing changes.
--- a/shared/ssa/codeql-pack.release.yml
+++ b/shared/ssa/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.3
+lastReleaseVersion: 0.1.4
--- a/shared/ssa/qlpack.yml
+++ b/shared/ssa/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ssa
-version: 0.1.4-dev
+version: 0.1.4
 groups: shared
 library: true
 warnOnImplicitThis: true
--- a/shared/tutorial/CHANGELOG.md
+++ b/shared/tutorial/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.1.4
+
+No user-facing changes.
+
 ## 0.1.3

 No user-facing changes.
--- a/shared/tutorial/change-notes/released/0.1.4.md
+++ b/shared/tutorial/change-notes/released/0.1.4.md
@@ -0,0 +1,3 @@
+## 0.1.4
+
+No user-facing changes.
--- a/shared/tutorial/codeql-pack.release.yml
+++ b/shared/tutorial/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.3
+lastReleaseVersion: 0.1.4
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Dave Bartolomeo	7d6e1c7a10	Merge pull request #14091 from github/dbartol/fake/release-prep/2.14.4 Release preparation for version 2.14.4	2023-08-29 15:01:47 -04:00
github-actions[bot]	4202d2d0d5	Release preparation for version 2.14.4	2023-08-29 18:54:04 +00:00