mirror of
https://github.com/github/codeql.git
synced 2026-05-16 04:09:27 +02:00
Compare commits
3 Commits
codeql-cli
...
post-relea
| Author | SHA1 | Date | |
|---|---|---|---|
|
cea19c4d1b | ||
|
|
89ac7a5440 | ||
|
|
febeb66f7b |
@@ -1,3 +1,16 @@
|
||||
## 0.12.2
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has.
|
||||
* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition.
|
||||
* The deprecated `DefaultTaintTracking` library has been removed.
|
||||
* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases.
|
||||
|
||||
## 0.12.1
|
||||
|
||||
### New Features
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The deprecated `DefaultTaintTracking` library has been removed.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has.
|
||||
12
cpp/ql/lib/change-notes/released/0.12.2.md
Normal file
12
cpp/ql/lib/change-notes/released/0.12.2.md
Normal file
@@ -0,0 +1,12 @@
|
||||
## 0.12.2
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has.
|
||||
* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition.
|
||||
* The deprecated `DefaultTaintTracking` library has been removed.
|
||||
* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.12.1
|
||||
lastReleaseVersion: 0.12.2
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 0.12.2-dev
|
||||
version: 0.12.3-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -1,3 +1,13 @@
|
||||
## 0.9.1
|
||||
|
||||
### New Queries
|
||||
|
||||
* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur.
|
||||
|
||||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: newQuery
|
||||
---
|
||||
* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur.
|
||||
9
cpp/ql/src/change-notes/released/0.9.1.md
Normal file
9
cpp/ql/src/change-notes/released/0.9.1.md
Normal file
@@ -0,0 +1,9 @@
|
||||
## 0.9.1
|
||||
|
||||
### New Queries
|
||||
|
||||
* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.9.0
|
||||
lastReleaseVersion: 0.9.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 0.9.1-dev
|
||||
version: 0.9.2-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.4
|
||||
lastReleaseVersion: 1.7.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.5-dev
|
||||
version: 1.7.6-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.4
|
||||
lastReleaseVersion: 1.7.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.5-dev
|
||||
version: 1.7.6-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
## 0.8.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The dataflow models for the `System.Text.StringBuilder` class have been reworked. New summaries have been added for `Append` and `AppendLine`. With the changes, we expect queries that use taint tracking to find more results when interpolated strings or `StringBuilder` instances are passed to `Append` or `AppendLine`.
|
||||
* Additional support for `Amazon.Lambda` SDK
|
||||
|
||||
## 0.8.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Additional support for `Amazon.Lambda` SDK
|
||||
@@ -1,5 +1,6 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.8.5
|
||||
|
||||
* The dataflow models for the `System.Text.StringBuilder` class have been reworked. New summaries have been added for `Append` and `AppendLine`. With the changes, we expect queries that use taint tracking to find more results when interpolated strings or `StringBuilder` instances are passed to `Append` or `AppendLine`.
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The dataflow models for the `System.Text.StringBuilder` class have been reworked. New summaries have been added for `Append` and `AppendLine`. With the changes, we expect queries that use taint tracking to find more results when interpolated strings or `StringBuilder` instances are passed to `Append` or `AppendLine`.
|
||||
* Additional support for `Amazon.Lambda` SDK
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.8.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Fixed a URL redirection from remote source false positive when guarding a redirect with `HttpRequestBase.IsUrlLocalToHost()`
|
||||
|
||||
## 0.8.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Fixed a URL redirection from remote source false positive when guarding a redirect with `HttpRequestBase.IsUrlLocalToHost()`
|
||||
5
csharp/ql/src/change-notes/released/0.8.5.md
Normal file
5
csharp/ql/src/change-notes/released/0.8.5.md
Normal file
@@ -0,0 +1,5 @@
|
||||
## 0.8.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Fixed a URL redirection from remote source false positive when guarding a redirect with `HttpRequestBase.IsUrlLocalToHost()`
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.0.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.0.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
go/ql/consistency-queries/change-notes/released/0.0.4.md
Normal file
3
go/ql/consistency-queries/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.0.4
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.0.3
|
||||
lastReleaseVersion: 0.0.4
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 0.0.4-dev
|
||||
version: 0.0.5-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.7.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* `CallNode::getACallee` and related predicates now recognise more callees accessed via a function variable, in particular when the callee is stored into a global variable or is captured by an anonymous function. This may lead to new alerts where data-flow into such a callee is relevant.
|
||||
|
||||
## 0.7.4
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.7.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* `CallNode::getACallee` and related predicates now recognise more callees accessed via a function variable, in particular when the callee is stored into a global variable or is captured by an anonymous function. This may lead to new alerts where data-flow into such a callee is relevant.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.7.4
|
||||
lastReleaseVersion: 0.7.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 0.7.5-dev
|
||||
version: 0.7.6-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.7.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.7.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
go/ql/src/change-notes/released/0.7.5.md
Normal file
3
go/ql/src/change-notes/released/0.7.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.7.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.7.4
|
||||
lastReleaseVersion: 0.7.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 0.7.5-dev
|
||||
version: 0.7.6-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.0.10
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.0.9
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
java/ql/automodel/src/change-notes/released/0.0.10.md
Normal file
3
java/ql/automodel/src/change-notes/released/0.0.10.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.0.10
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.0.9
|
||||
lastReleaseVersion: 0.0.10
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-automodel-queries
|
||||
version: 0.0.10-dev
|
||||
version: 0.0.11-dev
|
||||
groups:
|
||||
- java
|
||||
- automodel
|
||||
|
||||
@@ -1,3 +1,15 @@
|
||||
## 0.8.5
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* Imports of the old dataflow libraries (e.g. `semmle.code.java.dataflow.DataFlow2`) have been deprecated in the libraries under the `semmle.code.java.security` namespace.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Taint tracking now understands Kotlin's `Array.get` and `Array.set` methods.
|
||||
* Added a sink model for the `createRelative` method of the `org.springframework.core.io.Resource` interface.
|
||||
* Added source models for methods of the `org.springframework.web.util.UrlPathHelper` class and removed their taint flow models.
|
||||
|
||||
## 0.8.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a sink model for the `createRelative` method of the `org.springframework.core.io.Resource` interface.
|
||||
* Added source models for methods of the `org.springframework.web.util.UrlPathHelper` class and removed their taint flow models.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Taint tracking now understands Kotlin's `Array.get` and `Array.set` methods.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* Imports of the old dataflow libraries (e.g. `semmle.code.java.dataflow.DataFlow2`) have been deprecated in the libraries under the `semmle.code.java.security` namespace.
|
||||
11
java/ql/lib/change-notes/released/0.8.5.md
Normal file
11
java/ql/lib/change-notes/released/0.8.5.md
Normal file
@@ -0,0 +1,11 @@
|
||||
## 0.8.5
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* Imports of the old dataflow libraries (e.g. `semmle.code.java.dataflow.DataFlow2`) have been deprecated in the libraries under the `semmle.code.java.security` namespace.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Taint tracking now understands Kotlin's `Array.get` and `Array.set` methods.
|
||||
* Added a sink model for the `createRelative` method of the `org.springframework.core.io.Resource` interface.
|
||||
* Added source models for methods of the `org.springframework.web.util.UrlPathHelper` class and removed their taint flow models.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-all
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
||||
@@ -1,3 +1,19 @@
|
||||
## 0.8.5
|
||||
|
||||
### Deprecated Queries
|
||||
|
||||
* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated.
|
||||
|
||||
### New Queries
|
||||
|
||||
* Added the `java/insecure-randomness` query to detect uses of weakly random values which an attacker may be able to predict. Also added the `crypto-parameter` sink kind for sinks which represent the parameters and keys of cryptographic operations.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Modified the `java/potentially-weak-cryptographic-algorithm` query to include the use of weak cryptographic algorithms from configuration values specified in properties files.
|
||||
* The query `java/android/missing-certificate-pinning` should no longer alert about requests pointing to the local filesystem.
|
||||
* Removed some spurious sinks related to `com.opensymphony.xwork2.TextProvider.getText` from the query `java/ognl-injection`.
|
||||
|
||||
## 0.8.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: newQuery
|
||||
---
|
||||
* Added the `java/insecure-randomness` query to detect uses of weakly random values which an attacker may be able to predict. Also added the `crypto-parameter` sink kind for sinks which represent the parameters and keys of cryptographic operations.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The query `java/android/missing-certificate-pinning` should no longer alert about requests pointing to the local filesystem.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Removed some spurious sinks related to `com.opensymphony.xwork2.TextProvider.getText` from the query `java/ognl-injection`.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Modified the `java/potentially-weak-cryptographic-algorithm` query to include the use of weak cryptographic algorithms from configuration values specified in properties files.
|
||||
15
java/ql/src/change-notes/released/0.8.5.md
Normal file
15
java/ql/src/change-notes/released/0.8.5.md
Normal file
@@ -0,0 +1,15 @@
|
||||
## 0.8.5
|
||||
|
||||
### Deprecated Queries
|
||||
|
||||
* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated.
|
||||
|
||||
### New Queries
|
||||
|
||||
* Added the `java/insecure-randomness` query to detect uses of weakly random values which an attacker may be able to predict. Also added the `crypto-parameter` sink kind for sinks which represent the parameters and keys of cryptographic operations.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Modified the `java/potentially-weak-cryptographic-algorithm` query to include the use of weak cryptographic algorithms from configuration values specified in properties files.
|
||||
* The query `java/android/missing-certificate-pinning` should no longer alert about requests pointing to the local filesystem.
|
||||
* Removed some spurious sinks related to `com.opensymphony.xwork2.TextProvider.getText` from the query `java/ognl-injection`.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/java-queries
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.8.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.8.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
3
javascript/ql/lib/change-notes/released/0.8.5.md
Normal file
3
javascript/ql/lib/change-notes/released/0.8.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.8.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.8.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.8.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
3
javascript/ql/src/change-notes/released/0.8.5.md
Normal file
3
javascript/ql/src/change-notes/released/0.8.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.8.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.7.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.7.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
misc/suite-helpers/change-notes/released/0.7.5.md
Normal file
3
misc/suite-helpers/change-notes/released/0.7.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.7.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.7.4
|
||||
lastReleaseVersion: 0.7.5
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
name: codeql/suite-helpers
|
||||
version: 0.7.5-dev
|
||||
version: 0.7.6-dev
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.11.5
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
- The dataflow graph no longer contains SSA variables. Instead, flow is directed via the corresponding controlflow nodes. This should make the graph and the flow simpler to understand. Minor improvements in flow computation has been observed, but in general negligible changes to alerts are expected.
|
||||
|
||||
## 0.11.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
## 0.11.5
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
- The dataflow graph no longer contains SSA variables. Instead, flow is directed via the corresponding controlflow nodes. This should make the graph and the flow simpler to understand. Minor improvements in flow computation has been observed, but in general negligible changes to alerts are expected.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.11.4
|
||||
lastReleaseVersion: 0.11.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-all
|
||||
version: 0.11.5-dev
|
||||
version: 0.11.6-dev
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.9.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.9.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
python/ql/src/change-notes/released/0.9.5.md
Normal file
3
python/ql/src/change-notes/released/0.9.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.9.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.9.4
|
||||
lastReleaseVersion: 0.9.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/python-queries
|
||||
version: 0.9.5-dev
|
||||
version: 0.9.6-dev
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.8.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Ruby now makes use of the shared type tracking library, exposed as `codeql.ruby.typetracking.TypeTracking`. The existing type tracking library, `codeql.ruby.typetracking.TypeTracker`, has consequently been deprecated.
|
||||
|
||||
## 0.8.4
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Ruby now makes use of the shared type tracking library, exposed as `codeql.ruby.typetracking.TypeTracking`. The existing type tracking library, `codeql.ruby.typetracking.TypeTracker`, has consequently been deprecated.
|
||||
## 0.8.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Ruby now makes use of the shared type tracking library, exposed as `codeql.ruby.typetracking.TypeTracking`. The existing type tracking library, `codeql.ruby.typetracking.TypeTracker`, has consequently been deprecated.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-all
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.8.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.8.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
ruby/ql/src/change-notes/released/0.8.5.md
Normal file
3
ruby/ql/src/change-notes/released/0.8.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.8.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.8.4
|
||||
lastReleaseVersion: 0.8.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/ruby-queries
|
||||
version: 0.8.5-dev
|
||||
version: 0.8.6-dev
|
||||
groups:
|
||||
- ruby
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 0.1.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.1.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
shared/controlflow/change-notes/released/0.1.5.md
Normal file
3
shared/controlflow/change-notes/released/0.1.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 0.1.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.1.4
|
||||
lastReleaseVersion: 0.1.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/controlflow
|
||||
version: 0.1.5-dev
|
||||
version: 0.1.6-dev
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.1.5
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The old configuration-class based data flow api has been deprecated. The configuration-module based api should be used instead. For details, see https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries/.
|
||||
|
||||
## 0.1.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
## 0.1.5
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The old configuration-class based data flow api has been deprecated. The configuration-module based api should be used instead. For details, see https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries/.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.1.4
|
||||
lastReleaseVersion: 0.1.5
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user