Apply rustfmt

Format the touched Rust crates (shared/tree-sitter-extractor, shared/yeast, shared/yeast-macros, unified/extractor) so the tree-sitter-extractor CI fmt check passes. No functional changes. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
unified/swift: Use tree! instead of ctx.node
2026-06-26 07:07:07 +02:00 · 2026-06-25 17:28:24 +02:00 · 2026-06-25 17:28:24 +02:00 · 2026-06-25 17:28:24 +02:00 · 2026-06-25 17:28:24 +02:00 · 2026-06-25 17:28:24 +02:00
219 changed files with 1618 additions and 1014 deletions
--- a/actions/ql/lib/CHANGELOG.md
+++ b/actions/ql/lib/CHANGELOG.md
@@ -1,10 +1,3 @@
-## 0.4.38
-
-### Bug Fixes
-
-* GitHub Actions queries now better account for permission checks on jobs that call reusable workflows.
-* The query `actions/pr-on-self-hosted-runner` was updated to the latest standard runner labels reducing false positive results.
-
 ## 0.4.37

 ### Minor Analysis Improvements
--- a/actions/ql/lib/change-notes/2026-06-12-self_hosted_runners.md
+++ b/actions/ql/lib/change-notes/2026-06-12-self_hosted_runners.md
@@ -0,0 +1,4 @@
+---
+category: fix
+---
+* The query `actions/pr-on-self-hosted-runner` was updated to the latest standard runner labels reducing false positive results.
--- a/actions/ql/lib/change-notes/2026-06-15-permission_check.md
+++ b/actions/ql/lib/change-notes/2026-06-15-permission_check.md
@@ -0,0 +1,4 @@
+---
+category: fix
+---
+* GitHub Actions queries now better account for permission checks on jobs that call reusable workflows.
--- a/actions/ql/lib/change-notes/released/0.4.38.md
+++ b/actions/ql/lib/change-notes/released/0.4.38.md
@@ -1,6 +0,0 @@
-## 0.4.38
-
-### Bug Fixes
-
-* GitHub Actions queries now better account for permission checks on jobs that call reusable workflows.
-* The query `actions/pr-on-self-hosted-runner` was updated to the latest standard runner labels reducing false positive results.
--- a/actions/ql/lib/codeql-pack.release.yml
+++ b/actions/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.38
+lastReleaseVersion: 0.4.37
--- a/actions/ql/lib/qlpack.yml
+++ b/actions/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.39-dev
+version: 0.4.38-dev
 library: true
 warnOnImplicitThis: true
 dependencies:
--- a/actions/ql/src/CHANGELOG.md
+++ b/actions/ql/src/CHANGELOG.md
@@ -1,9 +1,3 @@
-## 0.6.30
-
-### Query Metadata Changes
-
-* The name, description, and alert message of `actions/untrusted-checkout/medium` have been corrected to describe a non-privileged context.
-
 ## 0.6.29

 ### Query Metadata Changes
--- a/actions/ql/src/change-notes/2026-06-04-untrusted-checkout-medium-metadata.md
+++ b/actions/ql/src/change-notes/2026-06-04-untrusted-checkout-medium-metadata.md
@@ -1,5 +1,4 @@
-## 0.6.30
-
-### Query Metadata Changes
-
+---
+category: queryMetadata
+---
 * The name, description, and alert message of `actions/untrusted-checkout/medium` have been corrected to describe a non-privileged context.
--- a/actions/ql/src/codeql-pack.release.yml
+++ b/actions/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.30
+lastReleaseVersion: 0.6.29
--- a/actions/ql/src/qlpack.yml
+++ b/actions/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.6.31-dev
+version: 0.6.30-dev
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,20 +1,3 @@
-## 11.0.0
-
-### Breaking Changes
-
-* Removed the deprecated `overrideReturnsNull` predicate from `Options.qll`. Use `CustomOptions.overrideReturnsNull` instead.
-* Removed the deprecated `returnsNull` predicate from `Options.qll`. Use `CustomOptions.returnsNull` instead.
-* Removed the deprecated `exits` predicate from `Options.qll`. Use `CustomOptions.exits` instead.
-* Removed the deprecated `exprExits` predicate from `Options.qll`. Use `CustomOptions.exprExits` instead.
-* Removed the deprecated `alwaysCheckReturnValue` predicate from `Options.qll`. Use `CustomOptions.alwaysCheckReturnValue` instead.
-* Removed the deprecated `okToIgnoreReturnValue` predicate from `Options.qll`. Use `CustomOptions.okToIgnoreReturnValue` instead.
-* Removed the deprecated `semmle.code.cpp.Member`. Import `semmle.code.cpp.Element` and/or `semmle.code.cpp.Type` directly.
-* Removed the deprecated `UnknownDefaultLocation` class. Use `UnknownLocation` instead.
-* Removed the deprecated `UnknownExprLocation` class. Use `UnknownLocation` instead.
-* Removed the deprecated `UnknownStmtLocation` class. Use `UnknownLocation` instead.
-* Removed the deprecated `TemplateParameter` class. Use `TypeTemplateParameter` instead.
-* Support for class resolution across link targets has been removed for databases which were created with CodeQL versions before 1.23.0.
-
 ## 10.2.0

 ### Deprecated APIs
--- a/cpp/ql/lib/change-notes/2026-05-27-deprecated-removal.md
+++ b/cpp/ql/lib/change-notes/2026-05-27-deprecated-removal.md
@@ -1,7 +1,6 @@
-## 11.0.0
-
-### Breaking Changes
-
+---
+category: breaking
+---
 * Removed the deprecated `overrideReturnsNull` predicate from `Options.qll`. Use `CustomOptions.overrideReturnsNull` instead.
 * Removed the deprecated `returnsNull` predicate from `Options.qll`. Use `CustomOptions.returnsNull` instead.
 * Removed the deprecated `exits` predicate from `Options.qll`. Use `CustomOptions.exits` instead.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 11.0.0
+lastReleaseVersion: 10.2.0
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 11.0.1-dev
+version: 10.2.1-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,7 +1,3 @@
-## 1.6.5
-
-No user-facing changes.
-
 ## 1.6.4

 No user-facing changes.
--- a/cpp/ql/src/change-notes/released/1.6.5.md
+++ b/cpp/ql/src/change-notes/released/1.6.5.md
@@ -1,3 +0,0 @@
-## 1.6.5
-
-No user-facing changes.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.5
+lastReleaseVersion: 1.6.4
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.6.6-dev
+version: 1.6.5-dev
 groups:
  - cpp
  - queries
--- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@@ -1,7 +1,3 @@
-## 1.7.69
-
-No user-facing changes.
-
 ## 1.7.68

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.69.md
+++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.69.md
@@ -1,3 +0,0 @@
-## 1.7.69
-
-No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.69
+lastReleaseVersion: 1.7.68
--- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.70-dev
+version: 1.7.69-dev
 groups:
  - csharp
  - solorigate
--- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@@ -1,7 +1,3 @@
-## 1.7.69
-
-No user-facing changes.
-
 ## 1.7.68

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.69.md
+++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.69.md
@@ -1,3 +0,0 @@
-## 1.7.69
-
-No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.69
+lastReleaseVersion: 1.7.68
--- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.70-dev
+version: 1.7.69-dev
 groups:
  - csharp
  - solorigate
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@@ -1,19 +1,3 @@
-## 7.0.0
-
-### Breaking Changes
-
-* Renamed types related to *operation* expressions. The QL classes `BinaryArithmeticOperation`, `BinaryBitwiseOperation`, and `BinaryLogicalOperation` now include compound assignments; for example, `BinaryArithmeticOperation` now includes `a += b`.
-
-### Major Analysis Improvements
-
-* Added Razor Page handler method parameters (e.g., `OnGet`, `OnPost`, `OnPostAsync`) as remote flow sources, enabling security queries such as `cs/sql-injection` to detect vulnerabilities in `PageModel` subclasses.
-
-### Minor Analysis Improvements
-
-* Improved property and indexer call target resolution for partially overridden properties and indexers.
-* Improved extraction of range-access expressions on spans and strings (for example, `a[0..3]`). These expressions are now extracted as `Slice` (span) or `Substring` (string) calls.
-* Improved call target resolution for ref-return properties and indexers.
-
 ## 6.0.2

 ### Minor Analysis Improvements
--- a/csharp/ql/lib/change-notes/2026-05-19-properties-indexers-refreturn.md
+++ b/csharp/ql/lib/change-notes/2026-05-19-properties-indexers-refreturn.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Improved call target resolution for ref-return properties and indexers.
--- a/csharp/ql/lib/change-notes/2026-05-21-spanaccess-range.md
+++ b/csharp/ql/lib/change-notes/2026-05-21-spanaccess-range.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Improved extraction of range-access expressions on spans and strings (for example, `a[0..3]`). These expressions are now extracted as `Slice` (span) or `Substring` (string) calls.
--- a/csharp/ql/lib/change-notes/2026-05-22-property-indexer-partial-override.md
+++ b/csharp/ql/lib/change-notes/2026-05-22-property-indexer-partial-override.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Improved property and indexer call target resolution for partially overridden properties and indexers.
--- a/csharp/ql/lib/change-notes/2026-06-12-razor-page-handler-sources.md
+++ b/csharp/ql/lib/change-notes/2026-06-12-razor-page-handler-sources.md
@@ -0,0 +1,4 @@
+---
+category: majorAnalysis
+---
+* Added Razor Page handler method parameters (e.g., `OnGet`, `OnPost`, `OnPostAsync`) as remote flow sources, enabling security queries such as `cs/sql-injection` to detect vulnerabilities in `PageModel` subclasses.
--- a/csharp/ql/lib/change-notes/2026-06-12-restructure-operations.md
+++ b/csharp/ql/lib/change-notes/2026-06-12-restructure-operations.md
@@ -0,0 +1,4 @@
+---
+category: breaking
+---
+* Renamed types related to *operation* expressions. The QL classes `BinaryArithmeticOperation`, `BinaryBitwiseOperation`, and `BinaryLogicalOperation` now include compound assignments; for example, `BinaryArithmeticOperation` now includes `a += b`.
--- a/csharp/ql/lib/change-notes/released/7.0.0.md
+++ b/csharp/ql/lib/change-notes/released/7.0.0.md
@@ -1,15 +0,0 @@
-## 7.0.0
-
-### Breaking Changes
-
-* Renamed types related to *operation* expressions. The QL classes `BinaryArithmeticOperation`, `BinaryBitwiseOperation`, and `BinaryLogicalOperation` now include compound assignments; for example, `BinaryArithmeticOperation` now includes `a += b`.
-
-### Major Analysis Improvements
-
-* Added Razor Page handler method parameters (e.g., `OnGet`, `OnPost`, `OnPostAsync`) as remote flow sources, enabling security queries such as `cs/sql-injection` to detect vulnerabilities in `PageModel` subclasses.
-
-### Minor Analysis Improvements
-
-* Improved property and indexer call target resolution for partially overridden properties and indexers.
-* Improved extraction of range-access expressions on spans and strings (for example, `a[0..3]`). These expressions are now extracted as `Slice` (span) or `Substring` (string) calls.
-* Improved call target resolution for ref-return properties and indexers.
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.0.0
+lastReleaseVersion: 6.0.2
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 7.0.1-dev
+version: 6.0.3-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@@ -1,7 +1,3 @@
-## 1.7.5
-
-No user-facing changes.
-
 ## 1.7.4

 No user-facing changes.
--- a/csharp/ql/src/change-notes/released/1.7.5.md
+++ b/csharp/ql/src/change-notes/released/1.7.5.md
@@ -1,3 +0,0 @@
-## 1.7.5
-
-No user-facing changes.
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.5
+lastReleaseVersion: 1.7.4
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.7.6-dev
+version: 1.7.5-dev
 groups:
  - csharp
  - queries
--- a/go/ql/consistency-queries/CHANGELOG.md
+++ b/go/ql/consistency-queries/CHANGELOG.md
@@ -1,7 +1,3 @@
-## 1.0.52
-
-No user-facing changes.
-
 ## 1.0.51

 No user-facing changes.
--- a/go/ql/consistency-queries/change-notes/released/1.0.52.md
+++ b/go/ql/consistency-queries/change-notes/released/1.0.52.md
@@ -1,3 +0,0 @@
-## 1.0.52
-
-No user-facing changes.
--- a/go/ql/consistency-queries/codeql-pack.release.yml
+++ b/go/ql/consistency-queries/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.52
+lastReleaseVersion: 1.0.51
--- a/go/ql/consistency-queries/qlpack.yml
+++ b/go/ql/consistency-queries/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.53-dev
+version: 1.0.52-dev
 groups:
  - go
  - queries
--- a/go/ql/lib/CHANGELOG.md
+++ b/go/ql/lib/CHANGELOG.md
@@ -1,20 +1,3 @@
-## 7.2.0
-
-### Deprecated APIs
-
-* `FuncTypeExpr.getResultDecl()` has been deprecated. Use `FuncTypeExpr.getResultDecl(int i)` instead.
-
-### Minor Analysis Improvements
-
-* Added models for the `log/slog` package (Go 1.21+). Its logging functions and
-  `*slog.Logger` methods (`Debug`/`Info`/`Warn`/`Error`, their `Context`
-  variants, and `Log`/`LogAttrs`) are now recognized as logging sinks, so the
-  `go/log-injection` and `go/clear-text-logging` queries cover code that logs
-  through `slog`.
-* `DataFlow::ResultNode`s are no longer created for returned expressions in functions with named result parameters. In this case there are already result nodes corresponding to `IR::ReadResultInstruction`s at the end of the function body.
-* `FuncTypeExpr.getNumResult()` now gets the number of result parameters. It previously got the number of result declarations, which is different when one result declaration declares more than one variable, as in `x, y int`. All uses of it expected the number of result parameters. Its QLDoc has been updated.
-* More logging functions are now recognized as not returning or panicking.
-
 ## 7.1.2

 No user-facing changes.
--- a/go/ql/lib/change-notes/2026-06-01-non-returning-functions.md
+++ b/go/ql/lib/change-notes/2026-06-01-non-returning-functions.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* More logging functions are now recognized as not returning or panicking.
--- a/go/ql/lib/change-notes/2026-06-08-deprecate-functypeexpr-getresultdecl.md
+++ b/go/ql/lib/change-notes/2026-06-08-deprecate-functypeexpr-getresultdecl.md
@@ -0,0 +1,4 @@
+---
+category: deprecated
+---
+* `FuncTypeExpr.getResultDecl()` has been deprecated. Use `FuncTypeExpr.getResultDecl(int i)` instead.
--- a/go/ql/lib/change-notes/2026-06-08-fix-result-nodes.md
+++ b/go/ql/lib/change-notes/2026-06-08-fix-result-nodes.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* `DataFlow::ResultNode`s are no longer created for returned expressions in functions with named result parameters. In this case there are already result nodes corresponding to `IR::ReadResultInstruction`s at the end of the function body.
--- a/go/ql/lib/change-notes/2026-06-08-functypeexpr-getnumresult.md
+++ b/go/ql/lib/change-notes/2026-06-08-functypeexpr-getnumresult.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* `FuncTypeExpr.getNumResult()` now gets the number of result parameters. It previously got the number of result declarations, which is different when one result declaration declares more than one variable, as in `x, y int`. All uses of it expected the number of result parameters. Its QLDoc has been updated.
--- a/go/ql/lib/change-notes/2026-06-17-model-log-slog.md
+++ b/go/ql/lib/change-notes/2026-06-17-model-log-slog.md
@@ -0,0 +1,8 @@
+---
+category: minorAnalysis
+---
+* Added models for the `log/slog` package (Go 1.21+). Its logging functions and
+  `*slog.Logger` methods (`Debug`/`Info`/`Warn`/`Error`, their `Context`
+  variants, and `Log`/`LogAttrs`) are now recognized as logging sinks, so the
+  `go/log-injection` and `go/clear-text-logging` queries cover code that logs
+  through `slog`.
--- a/go/ql/lib/change-notes/released/7.2.0.md
+++ b/go/ql/lib/change-notes/released/7.2.0.md
@@ -1,16 +0,0 @@
-## 7.2.0
-
-### Deprecated APIs
-
-* `FuncTypeExpr.getResultDecl()` has been deprecated. Use `FuncTypeExpr.getResultDecl(int i)` instead.
-
-### Minor Analysis Improvements
-
-* Added models for the `log/slog` package (Go 1.21+). Its logging functions and
-  `*slog.Logger` methods (`Debug`/`Info`/`Warn`/`Error`, their `Context`
-  variants, and `Log`/`LogAttrs`) are now recognized as logging sinks, so the
-  `go/log-injection` and `go/clear-text-logging` queries cover code that logs
-  through `slog`.
-* `DataFlow::ResultNode`s are no longer created for returned expressions in functions with named result parameters. In this case there are already result nodes corresponding to `IR::ReadResultInstruction`s at the end of the function body.
-* `FuncTypeExpr.getNumResult()` now gets the number of result parameters. It previously got the number of result declarations, which is different when one result declaration declares more than one variable, as in `x, y int`. All uses of it expected the number of result parameters. Its QLDoc has been updated.
-* More logging functions are now recognized as not returning or panicking.
--- a/go/ql/lib/codeql-pack.release.yml
+++ b/go/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.2.0
+lastReleaseVersion: 7.1.2
--- a/go/ql/lib/qlpack.yml
+++ b/go/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 7.2.1-dev
+version: 7.1.3-dev
 groups: go
 dbscheme: go.dbscheme
 extractor: go
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@@ -1,9 +1,3 @@
-## 1.6.5
-
-### Minor Analysis Improvements
-
-* The query `go/unhandled-writable-file-close` ("Writable file handle closed without error handling") now produces fewer false positives. A deferred call to `Close` that is preceded on every execution path by a handled call to `Sync` on the same file handle is no longer flagged.
-
 ## 1.6.4

 No user-facing changes.
--- a/go/ql/src/change-notes/2026-06-04-unhandled-writable-file-close.md
+++ b/go/ql/src/change-notes/2026-06-04-unhandled-writable-file-close.md
@@ -1,5 +1,4 @@
-## 1.6.5
-
-### Minor Analysis Improvements
-
+---
+category: minorAnalysis
+---
 * The query `go/unhandled-writable-file-close` ("Writable file handle closed without error handling") now produces fewer false positives. A deferred call to `Close` that is preceded on every execution path by a handled call to `Sync` on the same file handle is no longer flagged.
--- a/go/ql/src/codeql-pack.release.yml
+++ b/go/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.5
+lastReleaseVersion: 1.6.4
--- a/go/ql/src/qlpack.yml
+++ b/go/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 1.6.6-dev
+version: 1.6.5-dev
 groups:
  - go
  - queries
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,13 +1,3 @@
-## 9.2.0
-
-### New Features
-
-* Kotlin 2.4.0 can now be analysed.
-
-### Minor Analysis Improvements
-
-* Improved modeling of Apache HttpClient `execute` method sinks for `java/ssrf` and `java/non-https-url`.
-
 ## 9.1.2

 ### Minor Analysis Improvements
--- a/java/ql/lib/change-notes/2026-05-07-apache-httpclient-ssrf-sinks.md
+++ b/java/ql/lib/change-notes/2026-05-07-apache-httpclient-ssrf-sinks.md
@@ -1,9 +1,4 @@
-## 9.2.0
-
-### New Features
-
-* Kotlin 2.4.0 can now be analysed.
-
-### Minor Analysis Improvements
-
+---
+category: minorAnalysis
+---
 * Improved modeling of Apache HttpClient `execute` method sinks for `java/ssrf` and `java/non-https-url`.
--- a/java/ql/lib/change-notes/2026-06-04-kotlin-2.4.0.md
+++ b/java/ql/lib/change-notes/2026-06-04-kotlin-2.4.0.md
@@ -0,0 +1,4 @@
+---
+category: feature
+---
+* Kotlin 2.4.0 can now be analysed.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 9.2.0
+lastReleaseVersion: 9.1.2
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 9.2.1-dev
+version: 9.1.3-dev
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,7 +1,3 @@
-## 1.11.5
-
-No user-facing changes.
-
 ## 1.11.4

 No user-facing changes.
--- a/java/ql/src/change-notes/released/1.11.5.md
+++ b/java/ql/src/change-notes/released/1.11.5.md
@@ -1,3 +0,0 @@
-## 1.11.5
-
-No user-facing changes.
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.11.5
+lastReleaseVersion: 1.11.4
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 1.11.6-dev
+version: 1.11.5-dev
 groups:
  - java
  - queries
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@@ -1,14 +1,3 @@
-## 2.8.0
-
-### New Features
-
-* Added `UseMemoDirective` and `UseNoMemoDirective` classes to model the React compiler directives `"use memo"` and `"use no memo"`.
-
-### Minor Analysis Improvements
-
-* Added more prompt-injection sinks for the OpenAI, Anthropic, and Google GenAI SDKs: OpenAI `videos.create`/`edit`/`extend`/`remix` (Sora) prompts and `beta.realtime.sessions.create` instructions, Anthropic legacy `completions.create` prompts, and Google GenAI `caches.create` cached contents and system instructions.
-* The OpenAI legacy `completions.create` prompt is now treated as a user-prompt-injection sink instead of a system-prompt-injection sink, since the legacy `/v1/completions` endpoint takes a single free-form prompt with no role separation.
-
 ## 2.7.2

 ### Minor Analysis Improvements
--- a/javascript/ql/lib/change-notes/2026-05-05-use-memo-directive.md
+++ b/javascript/ql/lib/change-notes/2026-05-05-use-memo-directive.md
@@ -0,0 +1,4 @@
+---
+category: feature
+---
+* Added `UseMemoDirective` and `UseNoMemoDirective` classes to model the React compiler directives `"use memo"` and `"use no memo"`.
--- a/javascript/ql/lib/change-notes/2026-06-18-prompt-injection-sinks.md
+++ b/javascript/ql/lib/change-notes/2026-06-18-prompt-injection-sinks.md
@@ -1,10 +1,5 @@
-## 2.8.0
-
-### New Features
-
-* Added `UseMemoDirective` and `UseNoMemoDirective` classes to model the React compiler directives `"use memo"` and `"use no memo"`.
-
-### Minor Analysis Improvements
-
+---
+category: minorAnalysis
+---
 * Added more prompt-injection sinks for the OpenAI, Anthropic, and Google GenAI SDKs: OpenAI `videos.create`/`edit`/`extend`/`remix` (Sora) prompts and `beta.realtime.sessions.create` instructions, Anthropic legacy `completions.create` prompts, and Google GenAI `caches.create` cached contents and system instructions.
 * The OpenAI legacy `completions.create` prompt is now treated as a user-prompt-injection sink instead of a system-prompt-injection sink, since the legacy `/v1/completions` endpoint takes a single free-form prompt with no role separation.
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.8.0
+lastReleaseVersion: 2.7.2
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 2.8.1-dev
+version: 2.7.3-dev
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,10 +1,3 @@
-## 2.4.0
-
-### New Queries
-
-* Added a new query, `js/system-prompt-injection`, to detect cases where untrusted, user-provided values flow into the system prompt of an AI model, allowing an attacker to manipulate the model's behavior.
-* Added a new experimental query, `javascript/ssrf-ipv6-transition-incomplete-guard`, to detect SSRF host-validation guards that reject private IPv4 ranges but fail to unwrap IPv6-transition forms (IPv4-mapped `::ffff:`, NAT64 `64:ff9b::`, 6to4 `2002::`), allowing the guard to be bypassed by wrapping an internal IPv4 address in a transition literal.
-
 ## 2.3.11

 No user-facing changes.
--- a/javascript/ql/src/change-notes/2026-06-06-ssrf-ipv6-transition-incomplete-guard.md
+++ b/javascript/ql/src/change-notes/2026-06-06-ssrf-ipv6-transition-incomplete-guard.md
@@ -1,6 +1,4 @@
-## 2.4.0
-
-### New Queries
-
-* Added a new query, `js/system-prompt-injection`, to detect cases where untrusted, user-provided values flow into the system prompt of an AI model, allowing an attacker to manipulate the model's behavior.
+---
+category: newQuery
+---
 * Added a new experimental query, `javascript/ssrf-ipv6-transition-incomplete-guard`, to detect SSRF host-validation guards that reject private IPv4 ranges but fail to unwrap IPv6-transition forms (IPv4-mapped `::ffff:`, NAT64 `64:ff9b::`, 6to4 `2002::`), allowing the guard to be bypassed by wrapping an internal IPv4 address in a transition literal.
--- a/javascript/ql/src/change-notes/2026-06-08-new-system-prompt-injection-query.md
+++ b/javascript/ql/src/change-notes/2026-06-08-new-system-prompt-injection-query.md
@@ -0,0 +1,5 @@
+---
+category: newQuery
+---
+
+* Added a new query, `js/system-prompt-injection`, to detect cases where untrusted, user-provided values flow into the system prompt of an AI model, allowing an attacker to manipulate the model's behavior.
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 2.4.0
+lastReleaseVersion: 2.3.11
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 2.4.1-dev
+version: 2.3.12-dev
 groups:
  - javascript
  - queries
--- a/misc/suite-helpers/CHANGELOG.md
+++ b/misc/suite-helpers/CHANGELOG.md
@@ -1,7 +1,3 @@
-## 1.0.52
-
-No user-facing changes.
-
 ## 1.0.51

 No user-facing changes.
--- a/misc/suite-helpers/change-notes/released/1.0.52.md
+++ b/misc/suite-helpers/change-notes/released/1.0.52.md
@@ -1,3 +0,0 @@
-## 1.0.52
-
-No user-facing changes.
--- a/misc/suite-helpers/codeql-pack.release.yml
+++ b/misc/suite-helpers/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.52
+lastReleaseVersion: 1.0.51
--- a/misc/suite-helpers/qlpack.yml
+++ b/misc/suite-helpers/qlpack.yml
@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 1.0.53-dev
+version: 1.0.52-dev
 groups: shared
 warnOnImplicitThis: true
--- a/python/ql/lib/CHANGELOG.md
+++ b/python/ql/lib/CHANGELOG.md
@@ -1,16 +1,3 @@
-## 7.2.0
-
-### Deprecated APIs
-
-* The `Function.getAReturnValueFlowNode()` predicate has been deprecated. Bind a `Return` node explicitly instead — `exists(Return ret | ret.getScope() = f and n.getNode() = ret.getValue())`. This is a preparatory step towards migrating the dataflow library off the legacy CFG; it has no semantic effect.
-* The `AstNode.getAFlowNode()` predicate has been deprecated. Use `ControlFlowNode.getNode()` from the other direction instead: replace `e.getAFlowNode() = n` with `n.getNode() = e`. This is a preparatory step towards migrating the dataflow library off the legacy CFG; it has no semantic effect.
-
-### Minor Analysis Improvements
-
-* Python type tracking now follows values stored in instance attributes such as `self.attr` across instance methods, including across a class hierarchy (for example, a value stored on `self.attr` in a base class and read in a subclass, or vice versa). As a result, analysis is more likely to recognize user-defined objects that are stored on `self` and used later in other methods, which may produce additional results.
-* Simplified the internal predicates that detect `@staticmethod`, `@classmethod` and `@property` decorators to match the decorator's AST `Name` directly, rather than going through the CFG and requiring the name to resolve globally. Code that shadows these three builtin decorators at the module-scope will now be classified by the decorator name alone; in practice, shadowing these names is extremely rare and the call-graph results are unchanged.
-* Python taint tracking is now more precise for values flowing through container contents, such as list, set, tuple, and dictionary elements. This may remove some false positive alerts.
-
 ## 7.1.2

 ### Minor Analysis Improvements
--- a/python/ql/lib/change-notes/2026-05-19-deprecate-getAFlowNode.md
+++ b/python/ql/lib/change-notes/2026-05-19-deprecate-getAFlowNode.md
@@ -0,0 +1,5 @@
+---
+category: deprecated
+---
+* The `AstNode.getAFlowNode()` predicate has been deprecated. Use `ControlFlowNode.getNode()` from the other direction instead: replace `e.getAFlowNode() = n` with `n.getNode() = e`. This is a preparatory step towards migrating the dataflow library off the legacy CFG; it has no semantic effect.
+
--- a/python/ql/lib/change-notes/2026-05-19-flask-subclasses.md
+++ b/python/ql/lib/change-notes/2026-05-19-flask-subclasses.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* `Flask::FlaskApp::instance()` will now also return instances of subclasses defined in the source tree. Previously, these were filtered out. `Flask::FlaskApp::classRef()` has been deprecated in favor of `Flask::FlaskApp::subclassRef()` since it already returned some subclasses.
--- a/python/ql/lib/change-notes/2026-05-28-remove-imprecise-containter-steps.md
+++ b/python/ql/lib/change-notes/2026-05-28-remove-imprecise-containter-steps.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Python taint tracking is now more precise for values flowing through container contents, such as list, set, tuple, and dictionary elements. This may remove some false positive alerts.
--- a/python/ql/lib/change-notes/2026-06-01-decorator-predicate-simplification.md
+++ b/python/ql/lib/change-notes/2026-06-01-decorator-predicate-simplification.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Simplified the internal predicates that detect `@staticmethod`, `@classmethod` and `@property` decorators to match the decorator's AST `Name` directly, rather than going through the CFG and requiring the name to resolve globally. Code that shadows these three builtin decorators at the module-scope will now be classified by the decorator name alone; in practice, shadowing these names is extremely rare and the call-graph results are unchanged.
--- a/python/ql/lib/change-notes/2026-06-01-deprecate-getAReturnValueFlowNode.md
+++ b/python/ql/lib/change-notes/2026-06-01-deprecate-getAReturnValueFlowNode.md
@@ -0,0 +1,4 @@
+---
+category: deprecated
+---
+* The `Function.getAReturnValueFlowNode()` predicate has been deprecated. Bind a `Return` node explicitly instead — `exists(Return ret | ret.getScope() = f and n.getNode() = ret.getValue())`. This is a preparatory step towards migrating the dataflow library off the legacy CFG; it has no semantic effect.
--- a/python/ql/lib/change-notes/2026-06-11-fix-type-tracking-instance-attributes.md
+++ b/python/ql/lib/change-notes/2026-06-11-fix-type-tracking-instance-attributes.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Python type tracking now follows values stored in instance attributes such as `self.attr` across instance methods, including across a class hierarchy (for example, a value stored on `self.attr` in a base class and read in a subclass, or vice versa). As a result, analysis is more likely to recognize user-defined objects that are stored on `self` and used later in other methods, which may produce additional results.
--- a/python/ql/lib/change-notes/released/7.2.0.md
+++ b/python/ql/lib/change-notes/released/7.2.0.md
@@ -1,12 +0,0 @@
-## 7.2.0
-
-### Deprecated APIs
-
-* The `Function.getAReturnValueFlowNode()` predicate has been deprecated. Bind a `Return` node explicitly instead — `exists(Return ret | ret.getScope() = f and n.getNode() = ret.getValue())`. This is a preparatory step towards migrating the dataflow library off the legacy CFG; it has no semantic effect.
-* The `AstNode.getAFlowNode()` predicate has been deprecated. Use `ControlFlowNode.getNode()` from the other direction instead: replace `e.getAFlowNode() = n` with `n.getNode() = e`. This is a preparatory step towards migrating the dataflow library off the legacy CFG; it has no semantic effect.
-
-### Minor Analysis Improvements
-
-* Python type tracking now follows values stored in instance attributes such as `self.attr` across instance methods, including across a class hierarchy (for example, a value stored on `self.attr` in a base class and read in a subclass, or vice versa). As a result, analysis is more likely to recognize user-defined objects that are stored on `self` and used later in other methods, which may produce additional results.
-* Simplified the internal predicates that detect `@staticmethod`, `@classmethod` and `@property` decorators to match the decorator's AST `Name` directly, rather than going through the CFG and requiring the name to resolve globally. Code that shadows these three builtin decorators at the module-scope will now be classified by the decorator name alone; in practice, shadowing these names is extremely rare and the call-graph results are unchanged.
-* Python taint tracking is now more precise for values flowing through container contents, such as list, set, tuple, and dictionary elements. This may remove some false positive alerts.
--- a/python/ql/lib/codeql-pack.release.yml
+++ b/python/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.2.0
+lastReleaseVersion: 7.1.2
--- a/python/ql/lib/qlpack.yml
+++ b/python/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 7.2.1-dev
+version: 7.1.3-dev
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python
--- a/python/ql/lib/semmle/python/frameworks/Flask.qll
+++ b/python/ql/lib/semmle/python/frameworks/Flask.qll
@@ -71,21 +71,14 @@ module Flask {
   * See https://flask.palletsprojects.com/en/1.1.x/api/#flask.Flask.
   */
  module FlaskApp {
-    /**
-     * Gets a reference to the `flask.Flask` class or any subclass.
-     *
-     * Deprecated: Use `subclassRef()` instead, this predicate always returned some subclasses.
-     */
-    deprecated API::Node classRef() { result = subclassRef() }
-
-    /** Gets a reference to the `flask.Flask` class or any subclass. */
-    API::Node subclassRef() {
-      result = API::moduleImport("flask").getMember("Flask").getASubclass*() or
+    /** Gets a reference to the `flask.Flask` class. */
+    API::Node classRef() {
+      result = API::moduleImport("flask").getMember("Flask") or
      result = ModelOutput::getATypeNode("flask.Flask~Subclass").getASubclass*()
    }

    /** Gets a reference to an instance of `flask.Flask` (a flask application). */
-    API::Node instance() { result = subclassRef().getReturn() }
+    API::Node instance() { result = classRef().getReturn() }
  }

  /**
@@ -139,7 +132,7 @@ module Flask {
    API::Node classRef() {
      result = API::moduleImport("flask").getMember("Response")
      or
-      result = [FlaskApp::subclassRef(), FlaskApp::instance()].getMember("response_class")
+      result = [FlaskApp::classRef(), FlaskApp::instance()].getMember("response_class")
      or
      result = ModelOutput::getATypeNode("flask.Response~Subclass").getASubclass*()
    }
--- a/python/ql/src/CHANGELOG.md
+++ b/python/ql/src/CHANGELOG.md
@@ -1,9 +1,3 @@
-## 1.8.5
-
-### Minor Analysis Improvements
-
-* The `py/modification-of-locals` query no longer flags modifications of a `locals()` dictionary that has been passed out of the scope in which `locals()` was called (for example, by passing it to another function or storing it in an instance attribute). In such cases the dictionary is used as an ordinary mapping and modifying it is meaningful, so these were false positives. The "modification has no effect" claim only applies within the scope that called `locals()`, which is now the only case reported.
-
 ## 1.8.4

 No user-facing changes.
--- a/python/ql/src/change-notes/2026-06-17-modification-of-locals-cross-scope.md
+++ b/python/ql/src/change-notes/2026-06-17-modification-of-locals-cross-scope.md
@@ -1,5 +1,4 @@
-## 1.8.5
-
-### Minor Analysis Improvements
-
+---
+category: minorAnalysis
+---
 * The `py/modification-of-locals` query no longer flags modifications of a `locals()` dictionary that has been passed out of the scope in which `locals()` was called (for example, by passing it to another function or storing it in an instance attribute). In such cases the dictionary is used as an ordinary mapping and modifying it is meaningful, so these were false positives. The "modification has no effect" claim only applies within the scope that called `locals()`, which is now the only case reported.
--- a/python/ql/src/codeql-pack.release.yml
+++ b/python/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.8.5
+lastReleaseVersion: 1.8.4
--- a/python/ql/src/meta/ClassHierarchy/Find.ql
+++ b/python/ql/src/meta/ClassHierarchy/Find.ql
@@ -351,7 +351,7 @@ class DjangoHttpRequest extends FindSubclassesSpec {
 class FlaskClass extends FindSubclassesSpec {
  FlaskClass() { this = "flask.Flask~Subclass" }

-  override API::Node getAlreadyModeledClass() { result = Flask::FlaskApp::subclassRef() }
+  override API::Node getAlreadyModeledClass() { result = Flask::FlaskApp::classRef() }
 }

 class FlaskBlueprint extends FindSubclassesSpec {
--- a/python/ql/src/qlpack.yml
+++ b/python/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 1.8.6-dev
+version: 1.8.5-dev
 groups:
  - python
  - queries
--- a/python/ql/test/experimental/meta/InlineInstanceTest.qll
+++ b/python/ql/test/experimental/meta/InlineInstanceTest.qll
@@ -1,29 +0,0 @@
-/**
- * Defines an InlineExpectationsTest for class instances, that is,
- * for any API::Node that is an instance of a class (e.g. `Flask`).
- */
-
-import python
-import semmle.python.ApiGraphs
-import utils.test.InlineExpectationsTest
-private import semmle.python.dataflow.new.internal.PrintNode
-
-signature API::Node getInstanceSig();
-
-module MakeInlineInstanceTest<getInstanceSig/0 getInstance> {
-  private module InlineInstanceTest implements TestSig {
-    string getARelevantTag() { result = "instance" }
-
-    predicate hasActualResult(Location location, string element, string tag, string value) {
-      exists(location.getFile().getRelativePath()) and
-      exists(API::Node instance | instance = getInstance() |
-        location = instance.getLocation() and
-        element = prettyNode(instance.asSource()) and
-        value = "" and
-        tag = "instance"
-      )
-    }
-  }
-
-  import MakeTest<InlineInstanceTest>
-}
--- a/python/ql/test/library-tests/frameworks/flask/InlineInstanceTest.expected
+++ b/python/ql/test/library-tests/frameworks/flask/InlineInstanceTest.expected
--- a/python/ql/test/library-tests/frameworks/flask/InlineInstanceTest.ql
+++ b/python/ql/test/library-tests/frameworks/flask/InlineInstanceTest.ql
@@ -1,8 +0,0 @@
-import python
-import semmle.python.frameworks.Flask
-import semmle.python.ApiGraphs
-import experimental.meta.InlineInstanceTest
-
-API::Node getInstance() { result = Flask::FlaskApp::instance() }
-
-import MakeInlineInstanceTest<getInstance/0>
--- a/python/ql/test/library-tests/frameworks/flask/flask_subclass.py
+++ b/python/ql/test/library-tests/frameworks/flask/flask_subclass.py
@@ -1,14 +0,0 @@
-from flask import Flask
-
-
-class Sub(Flask):
-    def __init__(self, *args, **kwargs):
-        Flask.__init__(self, *args, **kwargs)
-
-
-app = Sub(__name__) # $ instance
-
-
-@app.route("/") # $ routeSetup="/"
-def hello(): # $ requestHandler
-    return "world" # $ HttpResponse
--- a/python/ql/test/library-tests/frameworks/flask/old_test.py
+++ b/python/ql/test/library-tests/frameworks/flask/old_test.py
@@ -1,7 +1,7 @@
 import flask

 from flask import Flask, request, make_response
-app = Flask(__name__) # $ instance
+app = Flask(__name__)

@app.route("/")  # $ routeSetup="/"
 def hello_world():  # $ requestHandler
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Taus	af7ae8c4cb	Apply rustfmt Format the touched Rust crates (shared/tree-sitter-extractor, shared/yeast, shared/yeast-macros, unified/extractor) so the tree-sitter-extractor CI fmt check passes. No functional changes. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>	2026-06-25 17:28:24 +02:00
Taus	1c4552edb0	unified/swift: Use `tree!` instead of ctx.node Cleans up a few places where we were constructing trees piece by piece rather than using the `tree!` macro. In the process, Copilot noticed an issue that should probably be addressed: the labeled_statement rule can never fire, since there are no such nodes in the input. This is possibly a simple as making _labeled_statement (which _does_ exist) named, but I haven't attempted this. Finally, a small change to yeast makes it so that the contents of a {} interpolation can be a Rust block (previously it could only be a single expression). This avoids the need to double-wrap instances where you want to interpolate a single node produced as the final value of some block.	2026-06-25 17:28:24 +02:00
Taus	5136d872ae	unified/swift: Replace reduce_left with Rust helpers (Both reduce_left and map are still supported, but we could remove them at this point.) I think this way of writing things makes the intent a lot clearer -- it avoids extending the yeast rule language with complicated constructs, pushing the complexity (such as it is) into Rust instead.	2026-06-25 17:28:24 +02:00
Taus	474bcd4dd1	unified/swift: Propagate property_declaration modifiers via context Gets rid of the final uses of mutation (via prepend_field). The approach is the same as in the preceding commits: we set the appropriate fields on the context when processing the outer node, and then access these fields on the inner nodes. The repeated use of `modifier` fields is a _bit_ clunky, but since we're likely moving to an out-of-band modifier mechanism at some point, I think it's good enough for now.	2026-06-25 17:28:24 +02:00
Taus	199489a225	unified/swift: Propagate enum_entry outer modifiers via context Same as in the preceding commit, we added a test beforehand for testing this syntax, and verified that it was unchanged by the cleanup in this commit.	2026-06-25 17:28:24 +02:00
Taus	ae4ccc651c	unified/swift: Translate protocol properties using context Avoids more "mutation after creation" via prepend_field. Also adds a test to the corpus for exercising this syntax. Although it's not evident, the test output was unchanged by this refactoring.	2026-06-25 17:28:24 +02:00
Taus	0d845c2ea9	unified/swift: Propagate parameter default values via context Extends the context with a field for keeping track of the default value. In the process, we also rename the context to SwiftContext as it now doesn't only concern itself with properties.	2026-06-25 17:28:24 +02:00
Taus	6d138c2bd4	yeast: Simplify Swift rules using the new machinery Propagates in name and type information for various property declarations, using the context mechanism. This avoids mutating already-translated nodes in-place, and is generally much easier to read.	2026-06-25 17:28:24 +02:00
Taus	85c39c04e0	yeast: Hide desugaring behind Desugarer trait This was necessary since otherwise the generic type of the user-specified context (which should only be a concern for yeast) starts to bleed out into the shared extractor. Instead, we type-erase it by putting it inside the aforementioned trait.	2026-06-25 17:28:24 +02:00
Taus	1ee142d8bd	yeast: Add macro for fine-grained rules Adds `manual_rule!` which provides a more low-level interface for defining rewrites. (I'm not entirely sold on the name, so any suggestions would be welcome.) Notably, the captures bound in the body of such rules have _not_ been translated yet -- they still come from the _input_ tree. It is the user's duty to call ctx.translate on these (which has the effect of recursively invoking the translation) before substituting them into the output. For _truly_ low-level access, the user can still construct a Rule directly, but this is now somewhat cumbersome as the closure contained therein takes quite a few parameters. Still, the possibility remains.	2026-06-25 17:28:24 +02:00
Taus	a523c7f47f	yeast: Pass raw captures to `Rule::new` rules This enables users to specify how and when these captures get translated. In conjunction with the context mechanism, this can be used to e.g. translate some piece of information (e.g. the type of something), record it in the context, and then recursively translate some other capture that relies on this information. This allows information to be cleanly passed into descendants (which can be written using context accesses in the `rule!` macro form). As a consequence of this change, we now need to pass around a TranslatorHandle to perform the manual translation. For Repeating rules, it doesn't really make sense to translate things, so in this case we simply signal an error. Also, the implementation of the `rule!` macro changes slightly (without changing semantics): it now essentially delegates to `Rule::new`, receiving raw captures, but then immediately applies the translation to those captures (which, for the majority of cases, is likely the desired behaviour).	2026-06-25 17:28:24 +02:00
Taus	5f73754b95	yeast: Make transforms return `Result` This will enable us to actually capture and log errors in complicated rules (e.g. ones written in Rust) rather than just panicking.	2026-06-25 17:28:24 +02:00
Taus	e0fa6cf785	yeast: Reify the context and allow user-defined data in it Renames what was previously called `__yeast_ctx` into just `ctx`, and adds a new field `user_ctx` to this context. Said field can contain a struct of any user type (necessitating making various parts of the implementation generic in said type). Through some Deref magic, field accesses are delegated to the inner struct (assuming they are not already defined on `ctx`), which should hopefully make the interface a bit more ergonomic.	2026-06-25 17:28:24 +02:00