WIP

C#: Adjust compiler argument integration test

.vscode/settings.json

@@ -1,5 +1,6 @@
 {
   "omnisharp.autoStart": false,
   "cmake.sourceDirectory": "${workspaceFolder}/swift",
-  "cmake.buildDirectory": "${workspaceFolder}/bazel-cmake-build"
+  "cmake.buildDirectory": "${workspaceFolder}/bazel-cmake-build",
+  "codeQL.githubDatabase.download": "never"
 }

cpp/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

cpp/ql/lib/experimental/buildless/ASTSig.qll

@@ -0,0 +1,88 @@
+import cpp
+
+/*
+    The syntax of a C++ program.
+*/
+signature module BuildlessASTSig
+{
+    class Node;
+    predicate nodeLocation(Node node, Location location);
+
+    // Parent/child relationship between AST nodes
+    predicate edge(Node parent, int index, Node child);
+
+    // Include graph
+    predicate userInclude(Node include, string path);
+    predicate systemInclude(Node include, string path);
+
+    // Namespaces
+    predicate namespace(Node ns);
+    predicate namespaceName(Node ns, string name);
+    predicate namespaceMember(Node ns, Node member);
+
+    // Functions
+    predicate function(Node fn);
+    predicate functionBody(Node fn, Node body);
+    predicate functionReturn(Node fn, Node returnType);
+    predicate functionName(Node fn, string name);
+    predicate functionParameter(Node fn, int i, Node parameterDecl);
+    predicate functionDefinition(Node fn);  // If a definition as opposed to a declaration
+
+    // Statements
+    predicate stmt(Node node);
+    predicate blockStmt(Node stmt);
+    predicate blockMember(Node stmt, int index, Node child);
+    predicate ifStmt(Node stmt, Node condition, Node thenBranch);
+    predicate ifStmt(Node tmt, Node condition, Node thenBranch, Node elseBranch);
+    predicate whileStmt(Node stmt, Node condition, Node body);
+    predicate doWhileStmt(Node stmt, Node condition, Node body);
+    predicate forStmt(Node stmt, Node init, Node condition, Node update, Node body);
+    predicate exprStmt(Node stmt, Node expr);
+    predicate returnStmt(Node stmt, Node expr);
+    predicate returnVoidStmt(Node stmt);
+    // etc
+
+    // Types
+    predicate type(Node type);
+    predicate ptrType(Node type, Node element);
+    predicate refType(Node type, Node element);
+    predicate constType(Node type, Node element);
+    predicate rvalueRefType(Node type, Node element);
+    predicate arrayType(Node type, Node element, Node size);
+    predicate arrayType(Node type, Node element);
+    predicate typename(Node node, string name);  // Any named type, including built-in types
+    predicate templated(Node node);
+    predicate typeDefinition(Node node);  // If a definition as opposed to a declaration
+
+    predicate classOrStructDefinition(Node node);
+    predicate classMember(Node classOrStruct, int child, Node member);
+
+    // Templates
+    predicate templateParameter(Node node, int i, Node parameter);
+    predicate typeParameter(Node templateParameter, Node type, Node parameter);
+    predicate typeParameterDefault(Node templateParameter, Node defaultTypeOrValue);
+
+    // Declarations
+    predicate variableDeclaration(Node decl);
+    predicate variableDeclarationType(Node decl, Node type);
+    predicate variableDeclarationEntry(Node decl, int index, Node entry);
+    predicate variableDeclarationEntryInitializer(Node entry, Node initializer);
+    predicate variableName(Node entry, string name);
+    predicate ptrEntry(Node entry, Node element);
+    predicate refEntry(Node entry, Node element);
+    predicate rvalueRefEntry(Node entry, Node element);
+    predicate arrayEntry(Node entry, Node element);  // ?? Size
+
+    // Expressions
+    predicate expression(Node node);
+    predicate prefixExpr(Node expr, string operator, Node operand);
+    predicate postfixExpr(Node expr, Node operand, string operator);
+    predicate binaryExpr(Node expr, Node lhs, string operator, Node rhs);
+    predicate castExpr(Node expr, Node type, Node operand);
+    predicate callExpr(Node call);
+    predicate callArgument(Node call, int i, Node arg);
+    predicate callReceiver(Node call, Node receiver);
+    predicate accessExpr(Node expr, string name);
+    predicate literal(Node expr, string value);
+    predicate stringLiteral(Node expr, string value);
+}

cpp/ql/lib/experimental/buildless/CompiledAST.qll

@@ -0,0 +1,304 @@
+import cpp
+import ASTSig
+
+module CompiledAST implements BuildlessASTSig {
+  private class SourceLocation extends Location {
+    SourceLocation() { not this.hasLocationInfo(_, 0, 0, 0, 0) }
+  }
+
+  private Type reachableType(Type type) {
+    result = type or
+    result = reachableType(type).stripTopLevelSpecifiers() or
+    result = reachableType(type).(PointerType).getBaseType() or
+    result = reachableType(type).(ReferenceType).getBaseType()
+  }
+
+  private class SourceDeclEntry extends DeclarationEntry {
+    SourceDeclEntry() {
+      not this.isAffectedByMacro() and
+      not this.isFromTemplateInstantiation(_) and
+      not this.isInMacroExpansion() and
+      not this.getDeclaration().isInMacroExpansion() and
+      this.getLocation() instanceof SourceLocation and
+      not this.(FunctionDeclarationEntry).getDeclaration().isCompilerGenerated()
+    }
+  }
+
+  private newtype TNode =
+    // TFunction(SourceLocation loc) { exists(Function f | f.getLocation() = loc) } or
+    TStatement(SourceLocation loc) { exists(Stmt s | s.getLocation() = loc) } or
+    TDeclaration(SourceDeclEntry decl) or
+    TExpression(SourceLocation loc) { exists(Expr e | e.getLocation() = loc) } or
+    TFunctionCallName(SourceLocation loc) { exists(FunctionCall c | c.getLocation() = loc) } or
+    TDeclarationType(SourceDeclEntry decl, Type type) { type = reachableType(decl.getType()) } or
+    TNamespaceDeclaration(NamespaceDeclarationEntry ns) { any() } or
+    TInclude(Include i)
+
+  class Node extends TNode {
+    string toString() { result = "node" }
+
+    SourceLocation getLocation() {
+      this = TStatement(result) or
+      result = this.getDeclaration().getLocation() or
+      this = TExpression(result) or
+      this = TFunctionCallName(result) or
+      result = this.getVariableDeclaration().getLocation() or
+      result = this.getNamespaceDeclaration().getLocation() or
+      result = this.getInclude().getLocation()
+    }
+
+    Include getInclude() { this = TInclude(result) }
+
+    Stmt getStmt() { this = TStatement(result.getLocation()) }
+
+    Function getFunction() {
+      result = this.getDeclaration().getDeclaration() and
+      not result.isFromTemplateInstantiation(_) and
+      not result.isCompilerGenerated()
+    }
+
+    SourceDeclEntry getDeclaration() { this = TDeclaration(result) }
+
+    NamespaceDeclarationEntry getNamespaceDeclaration() { this = TNamespaceDeclaration(result) }
+
+    Type getType() { this = TDeclarationType(_, result) }
+
+    SourceDeclEntry getVariableDeclaration() { this = TDeclarationType(result, _) }
+
+    Expr getExpr() { this = TExpression(result.getLocation()) }
+
+    FunctionCall getFunctionCallName() { this = TFunctionCallName(result.getLocation()) }
+  }
+
+  predicate nodeLocation(Node node, Location location) { location = node.getLocation() }
+
+  // Include graph
+  predicate userInclude(Node include, string path) {
+    exists(string head | head = include.getInclude().getHead() |
+      path = head.substring(1, head.length() - 1) and head.charAt(0) = "\""
+    )
+  }
+
+  predicate systemInclude(Node include, string path) {
+    exists(string head | head = include.getInclude().getHead() |
+      path = head.substring(1, head.length() - 1) and head.charAt(0) = "<"
+    )
+  }
+
+  // Functions
+  predicate function(Node fn) { exists(fn.getFunction()) }
+
+  predicate functionBody(Node fn, Node body) { body.getStmt() = fn.getFunction().getBlock() }
+
+  predicate functionReturn(Node fn, Node returnType) {
+    returnType.getVariableDeclaration() = fn.getDeclaration() and
+    fn.getDeclaration().(FunctionDeclarationEntry).getDeclaration().getType() = returnType.getType()
+  }
+
+  predicate functionName(Node fn, string name) { name = fn.getFunction().getName() }
+
+  predicate functionParameter(Node fn, int i, Node parameterDecl) {
+    functionParameter0(fn, i, parameterDecl) and
+    not exists(Node param2 | functionParameter0(fn, i, param2) |
+      param2.getLocation().getStartLine() < parameterDecl.getLocation().getStartLine()
+    )
+  }
+
+  pragma[nomagic]
+  private predicate functionParameter0(Node fn, int i, Node parameterDecl) {
+    fn.getFunction().getParameter(i).getADeclarationEntry() = parameterDecl.getDeclaration() and
+    fn.getLocation().getFile() = parameterDecl.getLocation().getFile() and
+    fn.getLocation().getStartLine() <= parameterDecl.getLocation().getStartLine()
+  }
+
+  // Statements
+  predicate stmt(Node node) { exists(node.getStmt()) }
+
+  predicate blockStmt(Node stmt) { stmt.getStmt() instanceof BlockStmt }
+
+  predicate blockMember(Node stmt, int index, Node child) {
+    child.getStmt() = stmt.getStmt().(BlockStmt).getChild(index)
+  }
+
+  predicate ifStmt(Node stmt, Node condition, Node thenBranch) { none() }
+
+  predicate ifStmt(Node tmt, Node condition, Node thenBranch, Node elseBranch) { none() }
+
+  predicate whileStmt(Node stmt, Node condition, Node body) { none() }
+
+  predicate doWhileStmt(Node stmt, Node condition, Node body) { none() }
+
+  predicate forStmt(Node stmt, Node init, Node condition, Node update, Node body) { none() }
+
+  predicate exprStmt(Node stmt, Node expr) { none() }
+
+  predicate returnStmt(Node stmt, Node expr) { none() }
+
+  predicate returnVoidStmt(Node stmt) { none() }
+
+  // etc
+  // Types
+  predicate ptrType(Node node, Node element) {
+    exists(PointerType type, SourceDeclEntry e |
+      node = TDeclarationType(e, type) and
+      element = TDeclarationType(e, type.getBaseType())
+    )
+  }
+
+  predicate refType(Node node, Node element) {
+    exists(ReferenceType type, SourceDeclEntry e |
+      node = TDeclarationType(e, type) and
+      element = TDeclarationType(e, type.getBaseType())
+    )
+  }
+
+  predicate rvalueRefType(Node type, Node element) { none() }
+
+  predicate arrayType(Node type, Node element, Node size) { none() }
+
+  predicate arrayType(Node type, Node element) { none() }
+
+  predicate typename(Node node, string name) {
+    exists(Class c | c = node.getDeclaration().getDeclaration() |
+      not c.isAnonymous() and c.getName() = name
+    )
+    or
+    name = node.getType().getName()
+  }
+
+  predicate templated(Node node) { none() }
+
+  predicate classOrStructDefinition(Node node) {
+    node.getDeclaration().getDeclaration() instanceof Class
+  }
+
+  predicate classMember(Node classOrStruct, int child, Node member) {
+    classOrStruct.getDeclaration().getDeclaration().(Class).getAMember() =
+      member.getDeclaration().getDeclaration() and
+    child = 0 and
+    classOrStruct.getLocation().getFile() = member.getLocation().getFile() // TODO: Disambiguate
+    // and not member.getDeclaration().getDeclaration() instanceof FriendDecl
+  }
+
+  // Templates
+  predicate templateParameter(Node node, int i, Node parameter) { none() }
+
+  predicate typeParameter(Node templateParameter, Node type, Node parameter) { none() }
+
+  predicate typeParameterDefault(Node templateParameter, Node defaultTypeOrValue) { none() }
+
+  // Declarations
+  predicate variableDeclaration(Node decl) {
+    decl.getDeclaration() instanceof VariableDeclarationEntry
+  }
+
+  pragma[nomagic]
+  private predicate variableDeclarationType2(Node decl, Node type) {
+    decl.getDeclaration() = type.getVariableDeclaration()
+  }
+
+  predicate variableDeclarationType(Node decl, Node type) {
+    variableDeclarationType2(decl, type) and
+    type.getType() = decl.getDeclaration().getType()
+  }
+
+  predicate variableDeclarationEntry(Node decl, int index, Node entry) { none() }
+
+  predicate variableDeclarationEntryInitializer(Node entry, Node initializer) { none() }
+
+  predicate variableName(Node decl, string name) {
+    decl.getDeclaration().(VariableDeclarationEntry).getName() = name
+  }
+
+  predicate ptrEntry(Node entry, Node element) { none() }
+
+  predicate refEntry(Node entry, Node element) { none() }
+
+  predicate rvalueRefEntry(Node entry, Node element) { none() }
+
+  predicate arrayEntry(Node entry, Node element) { none() }
+
+  // Expressions
+  predicate expression(Node node) { exists(node.getExpr()) or exists(node.getFunctionCallName()) }
+
+  predicate prefixExpr(Node expr, string operator, Node operand) { none() }
+
+  predicate postfixExpr(Node expr, Node operand, string operator) { none() }
+
+  predicate binaryExpr(Node expr, Node lhs, string operator, Node rhs) { none() }
+
+  predicate castExpr(Node expr, Node type, Node operand) { none() }
+
+  predicate callExpr(Node call) { call.getExpr() instanceof Call }
+
+  predicate callArgument(Node call, int i, Node arg) {
+    arg.getExpr() = call.getExpr().(Call).getArgument(i)
+  }
+
+  predicate callReceiver(Node call, Node receiver) {
+    receiver.getFunctionCallName() = call.getExpr()
+  }
+
+  predicate accessExpr(Node expr, string name) {
+    expr.getExpr().(VariableAccess).getTarget().getName() = name or
+    expr.getFunctionCallName().getTarget().getName() = name
+  }
+
+  predicate literal(Node expr, string value) { expr.getExpr().(Literal).toString() = value }
+
+  predicate stringLiteral(Node expr, string value) {
+    expr.getExpr().(StringLiteral).getValue() = value
+  }
+
+  predicate type(Node node) { node = TDeclarationType(_, _) }
+
+  predicate constType(Node node, Node element) {
+    exists(SpecifiedType type, SourceDeclEntry e |
+      node = TDeclarationType(e, type) and
+      element = TDeclarationType(e, type.getBaseType()) and
+      type.isConst()
+    )
+  }
+
+  predicate namespace(Node ns) { exists(ns.getNamespaceDeclaration()) }
+
+  predicate namespaceName(Node ns, string name) {
+    ns.getNamespaceDeclaration().getNamespace().getName() = name
+  }
+
+  pragma[nomagic]
+  private predicate namespaceNamespace(Node ns, Node child) {
+    ns.getNamespaceDeclaration().getNamespace().getAChildNamespace() =
+      child.getNamespaceDeclaration().getNamespace() and
+    ns.getLocation().getFile() = child.getLocation().getFile()
+  }
+
+  pragma[nomagic]
+  private predicate namespaceDecl(Node ns, Node child) {
+    child.getDeclaration().getDeclaration() =
+      ns.getNamespaceDeclaration().getNamespace().getADeclaration() and
+    ns.getLocation().getFile() = child.getLocation().getFile() and
+    ns.getLocation().getStartLine() <= child.getLocation().getStartLine()
+  }
+
+  predicate namespaceMember(Node ns, Node member) {
+    namespaceNamespace(ns, member) or
+    namespaceDecl(ns, member)
+  }
+
+  predicate edge(Node parent, int index, Node child) {
+    namespaceMember(parent, child) and index = 0
+    or
+    classMember(parent, index, child)
+    or
+    blockMember(parent, index, child)
+  }
+
+  predicate typeDefinition(Node node) {
+    node.getDeclaration().(TypeDeclarationEntry).isDefinition()
+  }
+
+  predicate functionDefinition(Node fn) {
+    fn.getDeclaration().(FunctionDeclarationEntry).isDefinition()
+  }
+}

cpp/ql/lib/experimental/buildless/Model.qll

@@ -0,0 +1,282 @@
+import AST
+
+module BuildlessModel<BuildlessASTSig Sig> {
+  module AST = BuildlessAST<Sig>;
+
+  private string getQualifiedName(AST::SourceNamespace ns) {
+    not exists(AST::SourceNamespace p | ns = p.getAChild()) and result = ns.getName()
+    or
+    exists(AST::SourceNamespace p | ns = p.getAChild() and ns != p |
+      result = getQualifiedName(p) + "::" + ns.getName()
+    )
+  }
+
+  private newtype TElement =
+    TNamespace(string fqn) { fqn = getQualifiedName(_) } or
+    TASTNode(AST::SourceElement node) { any() }
+
+    /*
+      Any compile-time concept that can be named.
+    */
+  class Entity extends string
+  {
+    bindingset[this] Entity() { any() }
+  }
+
+  /*
+    An entity that contains named members.
+  */
+  class Scope extends Entity
+  {
+    bindingset[this] Scope() { any() }
+
+    Member getAMember() { result = this.getAMember(_) }
+
+    abstract Member getAMember(string name);
+  }
+
+  /*
+    An entity that is a member of a scope.
+  */
+  class Member extends Entity
+  {
+    bindingset[this] Member() { any() }
+
+    abstract string getName();
+    abstract Scope getParent();
+  }
+
+  class Namespace2 extends Member, Scope
+  {
+    AST::SourceNamespace ns;
+
+    Namespace2() { this = "::" + getQualifiedName(ns) }
+
+    AST::SourceNamespace getAstNode() { result = ns }
+
+    override Namespace2 getParent() { result.getAstNode() = ns.getParent() }
+
+    override string getName() { result = ns.getName() }
+
+    override Member getAMember(string name) {
+      result = this.getMemberNamespace(name)
+      // !! Types
+    }
+
+    Namespace2 getMemberNamespace(string name) {
+      result.getParent() = this and result.getName() = name
+    }
+
+  }
+
+  class Type extends Member, Scope {
+    Type() { exists(SourceTypeDeclaration t | t.getMangledName() = this) }
+
+    AST::SourceType getAstNode() { result = this.getADeclaration().getSourceNode() }
+
+    // string toString() { result = "i am a type" }
+    override string getName() { result = this.getADeclaration().getName() }
+
+    Location getLocation() { result = this.getADefinition().getLocation() }
+
+    SourceTypeDeclaration getADeclaration() { result.getMangledName() = this }
+
+    SourceTypeDefinition getADefinition() { result.getMangledName() = this }
+
+    override Member getAMember(string name)
+    {
+      result = getMemberType(name)
+    }
+
+    Type getMemberType(string name)
+    {
+      none()
+    }
+
+    Namespace2 getParentNamespace() {
+      result.getAstNode() = this.getADeclaration().getParentNamespace()
+    }
+
+    Type getParentType() { result.getADeclaration() = this.getADeclaration().getParentType() }
+
+    override Scope getParent() { result = this.getParentNamespace() or result = this.getParentType() }
+
+    string getFullyQualifiedName() { result = this.getADeclaration().getFullyQualifiedName() }
+
+    Field getAField() { result.getParentType() = this }
+  }
+
+  private Type lookupNameInType(Type type, string name)
+  {
+    // Is the name a member of this type?
+
+    // Is the name in the same scope as the type?
+
+    // Is the name in global scope?
+
+    // TODO!
+    none()
+  }
+
+  class Field extends string {
+    Type containingType;
+    SourceTypeDefinition containingTypeDef;
+    AST::SourceVariableDeclaration fieldDef;
+
+    Field() {
+      containingType.getADefinition() = containingTypeDef and
+      fieldDef = containingTypeDef.getAField() and
+      this = containingTypeDef.getMangledName() + "::" + fieldDef.getName()
+    }
+
+    Location getLocation() { result = fieldDef.getLocation() }
+
+    Type getParentType() { result = containingType }
+
+    string getName() { result = fieldDef.getName() }
+
+    // TODO: The type of the field
+
+  }
+
+  class Element extends TElement {
+    string toString() { result = "element" }
+  }
+
+  class Namespace extends Element, TNamespace {
+    string getFullyQualifiedName() { this = TNamespace(result) }
+
+    override string toString() { result = "namespace " + this.getFullyQualifiedName() }
+
+    NamespaceDeclaration getADeclaration() { result.getNamespace() = this }
+  }
+
+  class SourceElement extends Element, TASTNode {
+    AST::SourceElement node;
+
+    SourceElement() { this = TASTNode(node) }
+
+    Location getLocation() { result = node.getLocation() }
+
+    AST::SourceElement getSourceNode() { result = node }
+  }
+
+  class SourceDeclaration extends SourceElement, TASTNode {
+    abstract SourceDeclaration getParent();
+
+    abstract string getName();
+
+    abstract string getMangledName();
+
+    abstract predicate isDefinition();
+  }
+
+  abstract class SourceDefinition extends SourceDeclaration { }
+
+  class NamespaceDeclaration extends SourceDeclaration {
+    AST::SourceNamespace ns;
+
+    NamespaceDeclaration() { ns = node }
+
+    override string getName() { result = ns.getName() }
+
+    Namespace getNamespace() { result.getFullyQualifiedName() = this.getFullyQualifiedName() }
+
+    override string toString() { result = "namespace " + this.getName() + " { ... }" }
+
+    override NamespaceDeclaration getParent() { result.getSourceNode() = node.getParent() }
+
+    string getFullyQualifiedName() {
+      if exists(this.getParent())
+      then result = this.getParent().getFullyQualifiedName() + "::" + this.getName()
+      else result = this.getName()
+    }
+
+    override string getMangledName() { result = "::" + this.getFullyQualifiedName() }
+
+    override predicate isDefinition() { any() }
+  }
+
+  class SourceTypeDeclaration extends SourceDeclaration {
+    AST::SourceTypeDefinition def;
+
+    SourceTypeDeclaration() { def = node }
+
+    override Location getLocation() { result = def.getLocation() }
+
+    override string toString() { result = "typename " + def.getName() }
+
+    string getFullyQualifiedName() {
+      if exists(this.getParentNamespace())
+      then result = this.getParentNamespace().getFullyQualifiedName() + "::" + this.getName()
+      else
+        if exists(this.getParentType())
+        then result = this.getParentType() + "::" + this.getName()
+        else result = this.getName()
+    }
+
+    NamespaceDeclaration getParentNamespace() { result.getSourceNode() = def.getParent() }
+
+    SourceTypeDeclaration getParentType() { result.getSourceNode() = def.getParent() }
+
+    override SourceDeclaration getParent() {
+      result = this.getParentNamespace() or result = this.getParentType()
+    }
+
+    override string getName() { result = def.getName() }
+
+    // Mangled name
+    override string getMangledName() {
+      if exists(this.getParent())
+      then result = this.getParent().getMangledName() + "::" + this.getName()
+      else result = "::" + this.getName()
+    }
+
+    override predicate isDefinition() { def.isDefinition() }
+
+    AST::SourceVariableDeclaration getAField() {
+      result = def.getAMember()
+    }
+  }
+
+  class SourceTypeDefinition extends SourceTypeDeclaration, SourceDefinition {
+    SourceTypeDefinition() { this.isDefinition() }
+  }
+
+  class SourceFunctionDeclaration extends SourceDeclaration {
+    AST::SourceFunction fn;
+
+    SourceFunctionDeclaration() { fn = node }
+
+    SourceTypeDeclaration getParentType() { result.getSourceNode() = fn.getParent() }
+
+    NamespaceDeclaration getParentNamespace() { result.getSourceNode() = fn.getParent() }
+
+    override SourceDeclaration getParent() {
+      result = this.getParentType() or result = this.getParentNamespace()
+    }
+
+    override string toString() { result = fn.getName() + "()" }
+
+    override Location getLocation() { result = fn.getLocation() }
+
+    override string getName() { result = fn.getName() }
+
+    override string getMangledName() {
+      if exists(this.getParent())
+      then result = this.getParent().getMangledName() + "::" + this.getName() + "()"
+      else result = "::" + this.getName() + "()"
+    }
+
+    override predicate isDefinition() { fn.isDefinition() }
+  }
+
+  class SourceFunctionDefinition extends SourceFunctionDeclaration, SourceDefinition {
+    SourceFunctionDefinition() { this.isDefinition() }
+  }
+
+  predicate invalidParent(SourceDeclaration decl) { decl.getParent+() = decl }
+}
+
+// For debugging in context
+module TestModel = BuildlessModel<CompiledAST>;

cpp/ql/lib/experimental/buildless/TODO.md

@@ -0,0 +1,46 @@
+Next:
+- [x] Namespaces
+- [ ] Unnamed class/struct/union and name mangling
+- [ ] Linker awareness is creating duplicates
+
+
+
+- Resolve the type of a local variable
+
+
+- [ ] Parent scopes - where are things declared
+    Parent class
+    Parent namespace
+    Parent function (for variable declarations and parameters)
+    Parent block (for blocks and statements)
+
+
+
+- [ ] Return type nodes
+- [ ] Construction of types
+- [ ] Construction of functions
+- [ ] Construction of Variables
+
+
+
+
+Names:
+- [x] Identify all function names
+- [x] Identify all parameter names
+- [x] Identify all variable declaration names
+- [x] Identify variable accesses
+
+Types:
+- [x] Locate user type definitions and typedefs
+- [x] Get the type of the parameter
+- [ ] Assign types to variable accesses
+
+Calls:
+- [x] Identify function call expressions
+- [x] Identify the "target" of a call in a trivial case.
+
+Overloads:
+
+Types:
+- [ ] Identify return types
+- [x] Identify parameter types and other declarations

cpp/ql/lib/experimental/buildless/ast.qll

@@ -0,0 +1,196 @@
+import CompiledAST
+import ASTSig
+
+module BuildlessAST<BuildlessASTSig AST> {
+  final class Node = AST::Node;
+
+  // Any node in the abstract syntax tree
+  class SourceElement extends Node {
+    Location getLocation() { AST::nodeLocation(this, result) }
+
+    string toString() { result = "element" }
+
+    SourceElement getParent() { AST::edge(result, _, this) }
+
+    SourceElement getChild(int i) { AST::edge(this, i, result) }
+
+    SourceElement getAChild() { result = this.getChild(_) }
+  }
+
+  bindingset[path]
+  private File getAnIncludeTarget(string path) {
+    exists(string p | p = result.toString() | path = p.suffix(p.length() - path.length()))
+  }
+
+  class Include extends SourceElement {
+    string path;
+
+    Include() { AST::userInclude(this, path) or AST::systemInclude(this, path) }
+
+    File getATarget() {
+      result = getAnIncludeTarget(path)
+      or
+      path.prefix(3) = "../" and result = getAnIncludeTarget(path.suffix(3))
+      or
+      path.prefix(2) = "./" and result = getAnIncludeTarget(path.suffix(2))
+    }
+
+    predicate isSystemInclude() { AST::systemInclude(this, _) }
+
+    predicate isUserInclude() { AST::userInclude(this, _) }
+
+    override string toString() {
+      this.isSystemInclude() and result = "#include <" + path + ">"
+      or
+      this.isUserInclude() and result = "#include \"" + path + "\""
+    }
+  }
+
+  abstract class SourceScope extends SourceElement { }
+
+  class SourceNamespace extends SourceScope, SourceDeclaration {
+    SourceNamespace() { AST::namespace(this) }
+
+    override string getName() { AST::namespaceName(this, result) }
+
+    override string toString() { result = "namespace " + this.getName() }
+  }
+
+  // Any syntax node that is a declaration
+  abstract class SourceDeclaration extends SourceElement {
+    abstract string getName();
+  }
+
+  // A syntax node that declares or defines a function
+  class SourceFunction extends SourceDeclaration {
+    SourceFunction() { AST::function(this) }
+
+    override string getName() { AST::functionName(this, result) }
+
+    override string toString() { result = this.getName() }
+
+    BlockStmt getBody() { AST::functionBody(this, result) }
+
+    SourceParameter getParameter(int i) { AST::functionParameter(this, i, result) }
+
+    SourceType getReturnType() { AST::functionReturn(this, result) }
+
+    predicate isDefinition() { AST::functionDefinition(this) }
+  }
+
+  // A syntax node that declares a variable (including fields and parameters)
+  class SourceVariableDeclaration extends SourceDeclaration {
+    SourceVariableDeclaration() { AST::variableDeclaration(this) }
+
+    override string getName() { AST::variableName(this, result) }
+
+    override string toString() { result = this.getName() }
+
+    SourceType getType() { AST::variableDeclarationType(this, result) }
+  }
+
+  // A syntax node that declares a parameter
+  class SourceParameter extends SourceVariableDeclaration {
+    SourceFunction fn;
+    int index;
+
+    SourceParameter() { AST::functionParameter(fn, index, this) }
+  }
+
+  class Stmt extends SourceElement {
+    Stmt() { AST::stmt(this) }
+
+    override string toString() { result = "stmt" }
+  }
+
+  class BlockStmt extends Stmt {
+    BlockStmt() { AST::blockStmt(this) }
+
+    override string toString() { result = "{ ... }" }
+  }
+
+  class Expr extends SourceElement {
+    Expr() { AST::expression(this) }
+  }
+
+  class AccessExpr extends Expr {
+    string identifier;
+
+    AccessExpr() { AST::accessExpr(this, identifier) }
+
+    string getName() { result = identifier }
+
+    override string toString() { result = this.getName() }
+  }
+
+  class CallExpr extends Expr {
+    CallExpr() { AST::callExpr(this) }
+
+    Expr getReceiver() { AST::callReceiver(this, result) }
+
+    Expr getArgument(int i) { AST::callArgument(this, i, result) }
+
+    override string toString() { result = "...(...)" }
+  }
+
+  class Literal extends Expr {
+    string value;
+
+    Literal() { AST::literal(this, value) }
+
+    override string toString() { result = value }
+
+    string getValue() { result = value }
+  }
+
+  class StringLiteral extends Literal {
+    StringLiteral() { AST::stringLiteral(this, _) }
+  }
+
+  abstract class SourceDefinition extends SourceDeclaration { }
+
+  class SourceTypeDefinition extends SourceDefinition {
+    SourceTypeDefinition() { AST::classOrStructDefinition(this) }
+
+    override string getName() { AST::typename(this, result) }
+
+    override string toString() { result = this.getName() }
+
+    SourceElement getAMember() { AST::classMember(this, _, result) }
+
+    predicate isDefinition() { AST::typeDefinition(this) }
+  }
+
+  // A node that contains a type of some kind
+  class SourceType extends SourceElement {
+    SourceType() { AST::type(this) }
+
+    override string toString() { AST::typename(this, result) }
+  }
+
+  class SourcePointer extends SourceType {
+    SourceType pointee;
+
+    SourcePointer() { AST::ptrType(this, pointee) }
+
+    SourceType getType() { result = pointee }
+  }
+
+  class SourceConst extends SourceType {
+    SourceType type;
+
+    SourceConst() { AST::constType(this, type) }
+
+    SourceType getType() { result = type }
+  }
+
+  class SourceReference extends SourceType {
+    SourceType type;
+
+    SourceReference() { AST::refType(this, type) }
+
+    SourceType getType() { result = type }
+  }
+}
+
+module TestAST = BuildlessAST<CompiledAST>;

cpp/ql/lib/experimental/buildless/checks.ql

@@ -0,0 +1,3 @@
+import Model
+
+select 1

cpp/ql/lib/experimental/buildless/identifiers.qll

@@ -0,0 +1,31 @@
+import ast_sig
+import ast
+import compiled_ast // For debugging in context
+
+module BuildlessIdentifiers<BuildlessASTSig A> {
+  module AST = Buildless<A>;
+
+  string getQualifiedName(AST::SourceNamespace ns) {
+    not exists(AST::SourceNamespace p | ns = p.getAChild()) and result = ns.getName()
+    or
+    exists(AST::SourceNamespace p | ns = p.getAChild() and ns !=p|
+      result = getQualifiedName(p) + "::" + ns.getName()
+    )
+  }
+
+  predicate namespace(string ns) {
+    ns = ["", getQualifiedName(_)]
+  }
+
+  // What are the identifiers in scope at a given point in the program?
+  // Give a potential object that the identifier refers to
+  AST::SourceDeclaration nameLookup(AST::SourceScope scope) {
+    result = scope
+    or
+    result = scope.(AST::SourceNamespace).getAChild()
+    or
+    result = scope.(AST::SourceTypeDefinition).getAMember()
+  }
+}
+
+module TestIdentifiers = BuildlessIdentifiers<CompiledAST>;

cpp/ql/lib/experimental/buildless/test_ast.ql

@@ -0,0 +1,26 @@
+import AST
+import types
+
+query TestAST::SourceFunction lua_copy() { result.getName() = "lua_copy" }
+
+query int lua_copy_count() { result = count(lua_copy()) }
+
+query predicate variables(TestAST::SourceVariableDeclaration decl, TestAST::SourceType sourceType) {
+  sourceType = decl.getType()
+}
+
+query predicate naiveCallTargets(TestAST::CallExpr call, TestAST::SourceFunction target) {
+  call.getReceiver().(TestAST::AccessExpr).getName() = target.getName() and
+  target.getName() = "max"
+}
+
+query predicate fnParents(TestAST::SourceFunction fn, TestAST::SourceNamespace parent) {
+  parent = fn.getParent()
+}
+
+query predicate includes(TestAST::Include include, File target) { target = include.getATarget() }
+
+query predicate unresolvedIncludes(TestAST::Include include) { not exists(include.getATarget()) }
+
+from TestAST::SourceFunction fn
+select fn, fn.getReturnType(), count(fn.getReturnType()), fn.getReturnType().getAQlClass()

cpp/ql/lib/experimental/buildless/test_model.ql

@@ -0,0 +1,13 @@
+import Model
+
+query predicate multipleDefinitions(TestModel::Type type, TestModel::SourceTypeDefinition def1, TestModel::SourceTypeDefinition def2)
+{
+    def1 = type.getADefinition() and
+    def2 = type.getADefinition() and 
+    def1.getLocation() != def2.getLocation() and
+    def1 != def2
+}
+
+from TestModel::SourceDeclaration decl
+where decl.getParent+()=decl
+select decl, "This has an invalid parent $@", decl.getParent()

cpp/ql/lib/experimental/buildless/test_types.ql

@@ -0,0 +1,34 @@
+import types
+
+query predicate constPointers(TestAST::SourceType t, TestAST::SourceConst c, TestAST::SourcePointer p)
+{
+    p.getType() = c and 
+    t = c.getType()
+}
+
+query predicate constRefs(TestAST::SourceType t, TestAST::SourceConst c, TestAST::SourceReference p)
+{
+    p.getType() = c and 
+    t = c.getType()
+}
+
+query predicate nestedNamespaces(TestAST::SourceNamespace parent, TestAST::SourceNamespace child)
+{
+    child = parent.getAChild()
+}
+
+query predicate recursiveNamespace(TestAST::SourceNamespace ns, TestAST::SourceNamespace descendents)
+{
+    ns = ns.getAChild+() and
+    descendents = ns.getAChild+()
+}
+
+query predicate usertypes(TestAST::SourceNamespace ns, TestAST::SourceTypeDefinition td)
+{
+    td = ns.getAChild()
+}
+
+// Let's try to resolve the type of a local variable
+
+from TestTypes::Type t
+select t

cpp/ql/lib/experimental/buildless/types.qll

@@ -0,0 +1,34 @@
+import AST
+
+module BuildlessTypes<BuildlessASTSig Sig> {
+  module AST = BuildlessAST<Sig>;
+
+  private newtype TType =
+    TBuiltinType(string name) { name = ["int", "char"] }
+    or
+    TUserType(string fqn) { exists(AST::SourceTypeDefinition d | d.getName() = fqn) }
+    //or
+    //TPointerType(Type type) { exists(A::SourcePointer p | p.getType() = type) }
+    //or
+    //TConstType(Type type) { exists(A::SourceConst c | c.getType() = type) }
+
+  class Type extends TType {
+    string toString() { result = this.getName() }
+
+    abstract string getName();
+    Location getLocation() { none() }
+  }
+
+  class BuiltinType extends Type, TBuiltinType {
+    override string getName() { this = TBuiltinType(result) }
+  }
+
+  class UserType extends Type, TUserType
+  {
+    override string getName() { this = TUserType(result) }
+
+    override Location getLocation() { exists(AST::SourceTypeDefinition d | this.getName() = d.getName() | result = d.getLocation()) }
+  }
+}
+
+module TestTypes = BuildlessTypes<CompiledAST>;

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.13.2-dev
+version: 1.0.0-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.9.13-dev
+version: 1.0.0-dev
 groups:
   - cpp
   - queries

csharp/ql/integration-tests/linux-only/compiler_args/CompilerArgs.expected

@@ -1,9 +1,14 @@
 | 0 | /noconfig |
 | 1 | /unsafe- |
 | 2 | /checked- |
+| 3 | /nowarn:1701,1702,1701,1702 |
 | 4 | /fullpaths |
 | 5 | /nostdlib+ |
+| 6 | /errorreport:prompt |
+| 7 | /warn:8 |
+| 8 | /define:TRACE;DEBUG;NET;NET8_0;NETCOREAPP;NET5_0_OR_GREATER;NET6_0_OR_GREATER;NET7_0_OR_GREATER;NET8_0_OR_GREATER;NETCOREAPP1_0_OR_GREATER;NETCOREAPP1_1_OR_GREATER;NETCOREAPP2_0_OR_GREATER;NETCOREAPP2_1_OR_GREATER;NETCOREAPP2_2_OR_GREATER;NETCOREAPP3_0_OR_GREATER;NETCOREAPP3_1_OR_GREATER |
 | 9 | /highentropyva+ |
+| 10 | /nullable:enable |
 | 11 | /reference:[...]/8.0.1/ref/net8.0/Microsoft.CSharp.dll |
 | 12 | /reference:[...]/8.0.1/ref/net8.0/Microsoft.VisualBasic.Core.dll |
 | 13 | /reference:[...]/8.0.1/ref/net8.0/Microsoft.VisualBasic.dll |
@@ -168,10 +173,24 @@
 | 172 | /reference:[...]/8.0.1/ref/net8.0/System.Xml.XPath.XDocument.dll |
 | 173 | /reference:[...]/8.0.1/ref/net8.0/WindowsBase.dll |
 | 174 | /debug+ |
+| 175 | /debug:portable |
+| 176 | /filealign:512 |
+| 177 | /generatedfilesout:obj/Debug/net8.0//generated |
 | 178 | /optimize- |
+| 179 | /out:obj/Debug/net8.0/test.dll |
+| 180 | /refout:obj/Debug/net8.0/refint/test.dll |
+| 181 | /target:exe |
 | 182 | /warnaserror- |
 | 183 | /utf8output |
 | 184 | /deterministic+ |
+| 185 | /sourcelink:obj/Debug/net8.0/test.sourcelink.json |
+| 186 | /langversion:12.0 |
+| 187 | /embed:Program.cs |
+| 188 | /embed:obj/Debug/net8.0/test.GlobalUsings.g.cs |
+| 189 | /embed:"obj/Debug/net8.0/.NETCoreApp,Version=v8.0.AssemblyAttributes.cs" |
+| 190 | /embed:obj/Debug/net8.0/test.AssemblyInfo.cs |
+| 191 | /analyzerconfig:/home/runner/work/semmle-code/semmle-code/.editorconfig |
+| 192 | /analyzerconfig:obj/Debug/net8.0/test.GeneratedMSBuildEditorConfig.editorconfig |
 | 193 | /analyzerconfig:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/analyzers/build/config/analysislevel_8_default.globalconfig |
 | 194 | /analyzer:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/targets/../analyzers/Microsoft.CodeAnalysis.CSharp.NetAnalyzers.dll |
 | 195 | /analyzer:[...]/8.0.101/Sdks/Microsoft.NET.Sdk/targets/../analyzers/Microsoft.CodeAnalysis.NetAnalyzers.dll |
@@ -185,3 +204,4 @@
 | 203 | obj/Debug/net8.0/test.GlobalUsings.g.cs |
 | 204 | obj/Debug/net8.0/.NETCoreApp,Version=v8.0.AssemblyAttributes.cs |
 | 205 | obj/Debug/net8.0/test.AssemblyInfo.cs |
+| 206 | /warnaserror+:NU1605,SYSLIB0011 |

csharp/ql/integration-tests/linux-only/compiler_args/CompilerArgs.ql

@@ -3,7 +3,8 @@ import semmle.code.csharp.commons.Compilation
 
 bindingset[arg]
 private string normalize(string arg) {
-  not exists(arg.indexOf(":")) and result = arg
+  (not exists(arg.indexOf(":")) or not exists(arg.indexOf("/8.0"))) and
+  result = arg
   or
   exists(int i, int j |
     i = arg.indexOf(":") and

csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_fallback/diagnostics.expected

@@ -13,7 +13,7 @@
   }
 }
 {
-  "markdownMessage": "C# was extracted with build-mode set to 'none'. This means that all C# source in the working directory will be scanned, with build tools, such as Nuget and Dotnet CLIs, only contributing information about external dependencies.", 
+  "markdownMessage": "C# was extracted with build-mode set to 'none'. This means that all C# source in the working directory will be scanned, with build tools, such as Nuget and Dotnet CLIs, only contributing information about external dependencies.",
   "severity": "note",
   "source": {
     "extractorName": "csharp",

csharp/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.10.2-dev
+version: 1.0.0-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.8.17-dev
+version: 1.0.0-dev
 groups:
   - csharp
   - queries

go/ql/consistency-queries/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

go/ql/consistency-queries/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 0.0.16-dev
+version: 1.0.0-dev
 groups:
   - go
   - queries

go/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.8.2-dev
+version: 1.0.0-dev
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.7.17-dev
+version: 1.0.0-dev
 groups:
   - go
   - queries

java/ql/automodel/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

java/ql/automodel/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-automodel-queries
-version: 0.0.24-dev
+version: 1.0.0-dev
 groups:
     - java
     - automodel

java/ql/automodel/test/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

java/ql/automodel/test/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-automodel-tests
-version: 0.0.1-dev
+version: 1.0.0-dev
 groups:
     - java
     - automodel

java/ql/lib/change-notes/2024-05-15-static-field-side-effect.md

@@ -0,0 +1,4 @@
+---
+category: majorAnalysis
+---
+* Added support for data flow through side-effects on static fields. For example, when a static field containing an array is updated.

java/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.11.1-dev
+version: 1.0.0-dev
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll

@@ -40,8 +40,11 @@ private predicate fieldStep(Node node1, Node node2) {
   exists(Field f |
     // Taint fields through assigned values only if they're static
     f.isStatic() and
-    f.getAnAssignedValue() = node1.asExpr() and
     node2.(FieldValueNode).getField() = f
+  |
+    f.getAnAssignedValue() = node1.asExpr()
+    or
+    f.getAnAccess() = node1.(PostUpdateNode).getPreUpdateNode().asExpr()
   )
   or
   exists(Field f, FieldRead fr |

java/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.8.17-dev
+version: 1.0.0-dev
 groups:
   - java
   - queries

java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll

@@ -80,10 +80,11 @@ predicate isUninterestingForDataFlowModels(Callable api) {
 predicate isUninterestingForTypeBasedFlowModels(Callable api) { none() }
 
 /**
- * A class of Callables that are relevant for generating summary, source and sinks models for.
+ * A class of callables that are potentially relevant for generating summary, source, sink
+ * and neutral models.
  *
- * In the Standard library and 3rd party libraries it the Callables that can be called
- * from outside the library itself.
+ * In the Standard library and 3rd party libraries it is the callables (or callables that have a
+ * super implementation) that can be called from outside the library itself.
  */
 class TargetApiSpecific extends Callable {
   private Callable lift;
@@ -97,6 +98,11 @@ class TargetApiSpecific extends Callable {
    * Gets the callable that a model will be lifted to.
    */
   Callable lift() { result = lift }
+
+  /**
+   * Holds if this callable is relevant in terms of generating models.
+   */
+  predicate isRelevant() { relevant(this) }
 }
 
 private string isExtensible(Callable c) {
@@ -114,15 +120,13 @@ private string typeAsModel(Callable c) {
   )
 }
 
-private predicate partialLiftedModel(
-  TargetApiSpecific api, string type, string extensible, string name, string parameters
+private predicate partialModel(
+  Callable api, string type, string extensible, string name, string parameters
 ) {
-  exists(Callable c | c = api.lift() |
-    type = typeAsModel(c) and
-    extensible = isExtensible(c) and
-    name = c.getName() and
-    parameters = ExternalFlow::paramsString(c)
-  )
+  type = typeAsModel(api) and
+  extensible = isExtensible(api) and
+  name = api.getName() and
+  parameters = ExternalFlow::paramsString(api)
 }
 
 /**
@@ -130,7 +134,7 @@ private predicate partialLiftedModel(
  */
 string asPartialModel(TargetApiSpecific api) {
   exists(string type, string extensible, string name, string parameters |
-    partialLiftedModel(api, type, extensible, name, parameters) and
+    partialModel(api.lift(), type, extensible, name, parameters) and
     result =
       type + ";" //
         + extensible + ";" //
@@ -145,7 +149,7 @@ string asPartialModel(TargetApiSpecific api) {
  */
 string asPartialNeutralModel(TargetApiSpecific api) {
   exists(string type, string name, string parameters |
-    partialLiftedModel(api, type, _, name, parameters) and
+    partialModel(api, type, _, name, parameters) and
     result =
       type + ";" //
         + name + ";" //

java/ql/src/utils/modelgenerator/internal/CaptureSummaryFlowQuery.qll

@@ -79,5 +79,6 @@ string captureFlow(DataFlowTargetApi api) {
  */
 string captureNoFlow(DataFlowTargetApi api) {
   not exists(DataFlowTargetApi api0 | exists(captureFlow(api0)) and api0.lift() = api.lift()) and
+  api.isRelevant() and
   result = ModelPrinting::asNeutralSummaryModel(api)
 }

java/ql/test/library-tests/dataflow/fields/G.java

@@ -0,0 +1,21 @@
+public class G {
+  static Object[] f;
+
+  void sink(Object o) { }
+
+  void runsink() {
+    sink(f[0]);
+  }
+
+  void test1() {
+    f[0] = new Object();
+  }
+
+  void test2() {
+    addObj(f);
+  }
+
+  void addObj(Object[] xs) {
+    xs[0] = new Object();
+  }
+}

java/ql/test/library-tests/dataflow/fields/flow.expected

@@ -29,3 +29,5 @@
 | F.java:5:14:5:25 | new Object(...) | F.java:20:10:20:17 | f.Field1 |
 | F.java:10:16:10:27 | new Object(...) | F.java:15:10:15:17 | f.Field1 |
 | F.java:24:9:24:20 | new Object(...) | F.java:33:10:33:17 | f.Field1 |
+| G.java:11:12:11:23 | new Object(...) | G.java:7:10:7:13 | ...[...] |
+| G.java:19:13:19:24 | new Object(...) | G.java:7:10:7:13 | ...[...] |

java/ql/test/utils/modelgenerator/dataflow/p/ImplOfExternalSPI.java

@@ -7,7 +7,7 @@ import java.nio.file.Files;
 public class ImplOfExternalSPI extends AbstractImplOfExternalSPI {
 
   // sink=p;AbstractImplOfExternalSPI;true;accept;(File);;Argument[0];path-injection;df-generated
-  // neutral=p;AbstractImplOfExternalSPI;accept;(File);summary;df-generated
+  // neutral=p;ImplOfExternalSPI;accept;(File);summary;df-generated
   @Override
   public boolean accept(File pathname) {
     try {

java/ql/test/utils/modelgenerator/dataflow/p/Inheritance.java

@@ -88,4 +88,28 @@ public class Inheritance {
       return s;
     }
   }
+
+  public interface INeutral {
+    String id(String s);
+  }
+
+  public class F implements INeutral {
+    // neutral=p;Inheritance$F;id;(String);summary;df-generated
+    public String id(String s) {
+      return "";
+    }
+  }
+
+  public class G implements INeutral {
+    // neutral=p;Inheritance$G;id;(String);summary;df-generated
+    public String id(String s) {
+      return "";
+    }
+  }
+
+  private class H implements INeutral {
+    public String id(String s) {
+      return "";
+    }
+  }
 }

java/ql/test/utils/modelgenerator/dataflow/p/PrivateFlowViaPublicInterface.java

@@ -45,7 +45,6 @@ public class PrivateFlowViaPublicInterface {
       return null;
     }
 
-    // neutral=p;PrivateFlowViaPublicInterface$SPI;openStreamNone;();summary;df-generated
     @Override
     public OutputStream openStreamNone() throws IOException {
       return new FileOutputStream(new RandomPojo().someFile);

javascript/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.9.2-dev
+version: 1.0.0-dev
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

javascript/ql/src/experimental/semmle/javascript/Execa.qll

@@ -0,0 +1,211 @@
+/**
+ * Models the `execa` library in terms of `FileSystemAccess` and `SystemCommandExecution`.
+ */
+
+import javascript
+
+/**
+ * Provide model for [Execa](https://github.com/sindresorhus/execa) package
+ */
+module Execa {
+  /**
+   * The Execa input file read and output file write
+   */
+  class ExecaFileSystemAccess extends FileSystemReadAccess, DataFlow::Node {
+    API::Node execaArg;
+    boolean isPipedToFile;
+
+    ExecaFileSystemAccess() {
+      (
+        execaArg = API::moduleImport("execa").getMember("$").getParameter(0) and
+        isPipedToFile = false
+        or
+        execaArg =
+          API::moduleImport("execa")
+              .getMember(["execa", "execaCommand", "execaCommandSync", "execaSync"])
+              .getParameter([0, 1, 2]) and
+        isPipedToFile = false
+        or
+        execaArg =
+          API::moduleImport("execa")
+              .getMember(["execa", "execaCommand", "execaCommandSync", "execaSync"])
+              .getReturn()
+              .getMember(["pipeStdout", "pipeAll", "pipeStderr"])
+              .getParameter(0) and
+        isPipedToFile = true
+      ) and
+      this = execaArg.asSink()
+    }
+
+    override DataFlow::Node getADataNode() { none() }
+
+    override DataFlow::Node getAPathArgument() {
+      result = execaArg.getMember("inputFile").asSink() and isPipedToFile = false
+      or
+      result = execaArg.asSink() and isPipedToFile = true
+    }
+  }
+
+  /**
+   * A call to `execa.execa` or `execa.execaSync`
+   */
+  class ExecaCall extends API::CallNode {
+    boolean isSync;
+
+    ExecaCall() {
+      this = API::moduleImport("execa").getMember("execa").getACall() and
+      isSync = false
+      or
+      this = API::moduleImport("execa").getMember("execaSync").getACall() and
+      isSync = true
+    }
+  }
+
+  /**
+   * The system command execution nodes for `execa.execa` or `execa.execaSync` functions
+   */
+  class ExecaExec extends SystemCommandExecution, ExecaCall {
+    ExecaExec() { isSync = [false, true] }
+
+    override DataFlow::Node getACommandArgument() { result = this.getArgument(0) }
+
+    override predicate isShellInterpreted(DataFlow::Node arg) {
+      // if shell: true then first and second args are sinks
+      // options can be third argument
+      arg = [this.getArgument(0), this.getParameter(1).getUnknownMember().asSink()] and
+      isExecaShellEnable(this.getParameter(2))
+      or
+      // options can be second argument
+      arg = this.getArgument(0) and
+      isExecaShellEnable(this.getParameter(1))
+    }
+
+    override DataFlow::Node getArgumentList() {
+      // execa(cmd, [arg]);
+      exists(DataFlow::Node arg | arg = this.getArgument(1) |
+        // if it is a object then it is a option argument not command argument
+        result = arg and not arg.asExpr() instanceof ObjectExpr
+      )
+    }
+
+    override predicate isSync() { isSync = true }
+
+    override DataFlow::Node getOptionsArg() {
+      result = this.getLastArgument() and result.asExpr() instanceof ObjectExpr
+    }
+  }
+
+  /**
+   * A call to `execa.$` or `execa.$.sync` or `execa.$({})` or `execa.$.sync({})` tag functions
+   */
+  private class ExecaScriptCall extends API::CallNode {
+    boolean isSync;
+
+    ExecaScriptCall() {
+      exists(API::Node script |
+        script =
+          [
+            API::moduleImport("execa").getMember("$"),
+            API::moduleImport("execa").getMember("$").getReturn()
+          ]
+      |
+        this = script.getACall() and
+        isSync = false
+        or
+        this = script.getMember("sync").getACall() and
+        isSync = true
+      )
+    }
+  }
+
+  /**
+   * The system command execution nodes for `execa.$` or `execa.$.sync` tag functions
+   */
+  class ExecaScript extends SystemCommandExecution, ExecaScriptCall {
+    ExecaScript() { isSync = [false, true] }
+
+    override DataFlow::Node getACommandArgument() {
+      result = this.getParameter(1).asSink() and
+      not isTaggedTemplateFirstChildAnElement(this.getParameter(1).asSink().asExpr().getParent())
+    }
+
+    override predicate isShellInterpreted(DataFlow::Node arg) {
+      isExecaShellEnable(this.getParameter(0)) and
+      arg = this.getAParameter().asSink()
+    }
+
+    override DataFlow::Node getArgumentList() {
+      result = this.getParameter(any(int i | i >= 1)).asSink() and
+      isTaggedTemplateFirstChildAnElement(this.getParameter(1).asSink().asExpr().getParent())
+      or
+      result = this.getParameter(any(int i | i >= 2)).asSink() and
+      not isTaggedTemplateFirstChildAnElement(this.getParameter(1).asSink().asExpr().getParent())
+    }
+
+    override DataFlow::Node getOptionsArg() { result = this.getParameter(0).asSink() }
+
+    override predicate isSync() { isSync = true }
+  }
+
+  /**
+   * A call to `execa.execaCommandSync` or `execa.execaCommand`
+   */
+  private class ExecaCommandCall extends API::CallNode {
+    boolean isSync;
+
+    ExecaCommandCall() {
+      this = API::moduleImport("execa").getMember("execaCommandSync").getACall() and
+      isSync = true
+      or
+      this = API::moduleImport("execa").getMember("execaCommand").getACall() and
+      isSync = false
+    }
+  }
+
+  /**
+   * The system command execution nodes for `execa.execaCommand` or `execa.execaCommandSync` functions
+   */
+  class ExecaCommandExec extends SystemCommandExecution, ExecaCommandCall {
+    ExecaCommandExec() { isSync = [false, true] }
+
+    override DataFlow::Node getACommandArgument() {
+      result = this.(DataFlow::CallNode).getArgument(0)
+    }
+
+    override DataFlow::Node getArgumentList() {
+      // execaCommand(`${cmd} ${arg}`);
+      result.asExpr() = this.getParameter(0).asSink().asExpr().getAChildExpr() and
+      not result.asExpr() = this.getArgument(0).asExpr().getChildExpr(0)
+    }
+
+    override predicate isShellInterpreted(DataFlow::Node arg) {
+      // execaCommandSync(`${cmd} ${arg}`, {shell: true})
+      arg.asExpr() = this.getArgument(0).asExpr().getAChildExpr+() and
+      isExecaShellEnable(this.getParameter(1))
+      or
+      // there is only one argument that is constructed in previous nodes,
+      // it makes sanitizing really hard to select whether it is vulnerable to argument injection or not
+      arg = this.getParameter(0).asSink() and
+      not exists(this.getArgument(0).asExpr().getChildExpr(1))
+    }
+
+    override predicate isSync() { isSync = true }
+
+    override DataFlow::Node getOptionsArg() {
+      result = this.getLastArgument() and result.asExpr() instanceof ObjectExpr
+    }
+  }
+
+  /** Gets a TemplateLiteral and check if first child is a template element */
+  private predicate isTaggedTemplateFirstChildAnElement(TemplateLiteral templateLit) {
+    exists(templateLit.getChildExpr(0).(TemplateElement))
+  }
+
+  /**
+   * Holds whether Execa has shell enabled options or not, get Parameter responsible for options
+   */
+  pragma[inline]
+  private predicate isExecaShellEnable(API::Node n) {
+    n.getMember("shell").asSink().asExpr().(BooleanLiteral).getValue() = "true"
+  }
+}

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.8.17-dev
+version: 1.0.0-dev
 groups:
   - javascript
   - queries

javascript/ql/test/experimental/Execa/CommandInjection/tests.expected

@@ -0,0 +1,22 @@
+passingPositiveTests
+| PASSED | CommandInjection | tests.js:11:46:11:70 | // test ... jection |
+| PASSED | CommandInjection | tests.js:12:43:12:67 | // test ... jection |
+| PASSED | CommandInjection | tests.js:13:63:13:87 | // test ... jection |
+| PASSED | CommandInjection | tests.js:14:62:14:86 | // test ... jection |
+| PASSED | CommandInjection | tests.js:15:60:15:84 | // test ... jection |
+| PASSED | CommandInjection | tests.js:17:45:17:69 | // test ... jection |
+| PASSED | CommandInjection | tests.js:18:42:18:66 | // test ... jection |
+| PASSED | CommandInjection | tests.js:19:62:19:86 | // test ... jection |
+| PASSED | CommandInjection | tests.js:20:63:20:87 | // test ... jection |
+| PASSED | CommandInjection | tests.js:21:60:21:84 | // test ... jection |
+| PASSED | CommandInjection | tests.js:23:43:23:67 | // test ... jection |
+| PASSED | CommandInjection | tests.js:24:40:24:64 | // test ... jection |
+| PASSED | CommandInjection | tests.js:25:40:25:64 | // test ... jection |
+| PASSED | CommandInjection | tests.js:26:60:26:84 | // test ... jection |
+| PASSED | CommandInjection | tests.js:28:41:28:65 | // test ... jection |
+| PASSED | CommandInjection | tests.js:29:58:29:82 | // test ... jection |
+| PASSED | CommandInjection | tests.js:31:51:31:75 | // test ... jection |
+| PASSED | CommandInjection | tests.js:32:68:32:92 | // test ... jection |
+| PASSED | CommandInjection | tests.js:34:49:34:73 | // test ... jection |
+| PASSED | CommandInjection | tests.js:35:66:35:90 | // test ... jection |
+failingPositiveTests

javascript/ql/test/experimental/Execa/CommandInjection/tests.js

@@ -0,0 +1,36 @@
+import { execa, execaSync, execaCommand, execaCommandSync, $ } from 'execa';
+import http from 'node:http'
+import url from 'url'
+
+http.createServer(async function (req, res) {
+    let cmd = url.parse(req.url, true).query["cmd"][0];
+    let arg1 = url.parse(req.url, true).query["arg1"];
+    let arg2 = url.parse(req.url, true).query["arg2"];
+    let arg3 = url.parse(req.url, true).query["arg3"];
+
+    await $`${cmd} ${arg1} ${arg2} ${arg3}`; // test: CommandInjection
+    await $`ssh ${arg1} ${arg2} ${arg3}`; // test: CommandInjection
+    $({ shell: false }).sync`${cmd} ${arg1} ${arg2} ${arg3}`; // test: CommandInjection
+    $({ shell: true }).sync`${cmd} ${arg1} ${arg2} ${arg3}`; // test: CommandInjection
+    $({ shell: false }).sync`ssh ${arg1} ${arg2} ${arg3}`; // test: CommandInjection
+
+    $.sync`${cmd} ${arg1} ${arg2} ${arg3}`; // test: CommandInjection
+    $.sync`ssh ${arg1} ${arg2} ${arg3}`; // test: CommandInjection
+    await $({ shell: true })`${cmd} ${arg1} ${arg2} ${arg3}` // test: CommandInjection
+    await $({ shell: false })`${cmd} ${arg1} ${arg2} ${arg3}` // test: CommandInjection
+    await $({ shell: false })`ssh ${arg1} ${arg2} ${arg3}` // test: CommandInjection
+
+    await execa(cmd, [arg1, arg2, arg3]); // test: CommandInjection
+    await execa(cmd, { shell: true }); // test: CommandInjection
+    await execa(cmd, { shell: true }); // test: CommandInjection
+    await execa(cmd, [arg1, arg2, arg3], { shell: true }); // test: CommandInjection
+
+    execaSync(cmd, [arg1, arg2, arg3]); // test: CommandInjection
+    execaSync(cmd, [arg1, arg2, arg3], { shell: true }); // test: CommandInjection
+
+    await execaCommand(cmd + arg1 + arg2 + arg3); // test: CommandInjection
+    await execaCommand(cmd + arg1 + arg2 + arg3, { shell: true }); // test: CommandInjection
+
+    execaCommandSync(cmd + arg1 + arg2 + arg3); // test: CommandInjection
+    execaCommandSync(cmd + arg1 + arg2 + arg3, { shell: true }); // test: CommandInjection
+});

javascript/ql/test/experimental/Execa/CommandInjection/tests.ql

@@ -0,0 +1,38 @@
+import javascript
+
+class InlineTest extends LineComment {
+  string tests;
+
+  InlineTest() { tests = this.getText().regexpCapture("\\s*test:(.*)", 1) }
+
+  string getPositiveTest() {
+    result = tests.trim().splitAt(",").trim() and not result.matches("!%")
+  }
+
+  predicate hasPositiveTest(string test) { test = this.getPositiveTest() }
+
+  predicate inNode(DataFlow::Node n) {
+    this.getLocation().getFile() = n.getFile() and
+    this.getLocation().getStartLine() = n.getStartLine()
+  }
+}
+
+import experimental.semmle.javascript.Execa
+
+query predicate passingPositiveTests(string res, string expectation, InlineTest t) {
+  res = "PASSED" and
+  t.hasPositiveTest(expectation) and
+  expectation = "CommandInjection" and
+  exists(SystemCommandExecution n |
+    t.inNode(n.getArgumentList()) or t.inNode(n.getACommandArgument())
+  )
+}
+
+query predicate failingPositiveTests(string res, string expectation, InlineTest t) {
+  res = "FAILED" and
+  t.hasPositiveTest(expectation) and
+  expectation = "CommandInjection" and
+  not exists(SystemCommandExecution n |
+    t.inNode(n.getArgumentList()) or t.inNode(n.getACommandArgument())
+  )
+}

javascript/ql/test/experimental/Execa/PathInjection/tests.expected

@@ -0,0 +1,6 @@
+passingPositiveTests
+| PASSED | PathInjection | tests.js:9:43:9:64 | // test ... jection |
+| PASSED | PathInjection | tests.js:12:50:12:71 | // test ... jection |
+| PASSED | PathInjection | tests.js:15:61:15:82 | // test ... jection |
+| PASSED | PathInjection | tests.js:18:73:18:94 | // test ... jection |
+failingPositiveTests

javascript/ql/test/experimental/Execa/PathInjection/tests.js

@@ -0,0 +1,19 @@
+import { execa, $ } from 'execa';
+import http from 'node:http'
+import url from 'url'
+
+http.createServer(async function (req, res) {
+    let filePath = url.parse(req.url, true).query["filePath"][0];
+
+    // Piping to stdin from a file
+    await $({ inputFile: filePath })`cat` // test: PathInjection
+
+    // Piping to stdin from a file
+    await execa('cat', { inputFile: filePath }); // test: PathInjection
+
+    // Piping Stdout to file
+    await execa('echo', ['example3']).pipeStdout(filePath); // test: PathInjection
+
+    // Piping all of command output to file
+    await execa('echo', ['example4'], { all: true }).pipeAll(filePath); // test: PathInjection
+});

javascript/ql/test/experimental/Execa/PathInjection/tests.ql

@@ -0,0 +1,34 @@
+import javascript
+
+class InlineTest extends LineComment {
+  string tests;
+
+  InlineTest() { tests = this.getText().regexpCapture("\\s*test:(.*)", 1) }
+
+  string getPositiveTest() {
+    result = tests.trim().splitAt(",").trim() and not result.matches("!%")
+  }
+
+  predicate hasPositiveTest(string test) { test = this.getPositiveTest() }
+
+  predicate inNode(DataFlow::Node n) {
+    this.getLocation().getFile() = n.getFile() and
+    this.getLocation().getStartLine() = n.getStartLine()
+  }
+}
+
+import experimental.semmle.javascript.Execa
+
+query predicate passingPositiveTests(string res, string expectation, InlineTest t) {
+  res = "PASSED" and
+  t.hasPositiveTest(expectation) and
+  expectation = "PathInjection" and
+  exists(FileSystemReadAccess n | t.inNode(n.getAPathArgument()))
+}
+
+query predicate failingPositiveTests(string res, string expectation, InlineTest t) {
+  res = "FAILED" and
+  t.hasPositiveTest(expectation) and
+  expectation = "PathInjection" and
+  not exists(FileSystemReadAccess n | t.inNode(n.getAPathArgument()))
+}

misc/suite-helpers/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

misc/suite-helpers/qlpack.yml

@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 0.7.17-dev
+version: 1.0.0-dev
 groups: shared
 warnOnImplicitThis: true

python/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.12.2-dev
+version: 1.0.0-dev
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.9.17-dev
+version: 1.0.0-dev
 groups:
   - python
   - queries

ql/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

ql/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ql
-version: 0.1.0-dev
+version: 1.0.0-dev
 groups:
   - ql
   - queries

ruby/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.9.2-dev
+version: 1.0.0-dev
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.8.17-dev
+version: 1.0.0-dev
 groups:
   - ruby
   - queries

shared/controlflow/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/controlflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/controlflow
-version: 0.1.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/dataflow/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/dataflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/dataflow
-version: 0.2.8-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/mad/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/mad/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/mad
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/rangeanalysis/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/rangeanalysis/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/rangeanalysis
-version: 0.0.16-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/regex/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/regex/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/regex
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/ssa/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/ssa/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ssa
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/threat-models/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/threat-models/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/threat-models
-version: 0.0.16-dev
+version: 1.0.0-dev
 library: true
 groups: shared
 dataExtensions:

shared/tutorial/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/tutorial/qlpack.yml

@@ -1,7 +1,7 @@
 name: codeql/tutorial
 description: Library for the CodeQL detective tutorials, helping new users learn to
   write CodeQL queries.
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 warnOnImplicitThis: true

shared/typeflow/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/typeflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/typeflow
-version: 0.0.4-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/typetracking/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/typetracking/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/typetracking
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/typos/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/typos/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/typos
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 warnOnImplicitThis: true

shared/util/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/util/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/util
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies: null

shared/xml/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/xml/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/xml
-version: 0.0.4-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 dependencies:

shared/yaml/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

shared/yaml/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/yaml
-version: 0.2.17-dev
+version: 1.0.0-dev
 groups: shared
 library: true
 warnOnImplicitThis: true

swift/ql/lib/change-notes/2024-05-23-Version1.md

@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.

swift/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/swift-all
-version: 0.3.17-dev
+version: 1.0.0-dev
 groups: swift
 extractor: swift
 dbscheme: swift.dbscheme