diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index 465cd145d436..6b69ddec1aa0 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.4.6 + +### Bug Fixes + +* The query `actions/code-injection/medium` now produces alerts for injection + vulnerabilities on `pull_request` events. + ## 0.4.5 No user-facing changes. diff --git a/actions/ql/lib/change-notes/2025-03-20-code-injection-pr.md b/actions/ql/lib/change-notes/released/0.4.6.md similarity index 53% rename from actions/ql/lib/change-notes/2025-03-20-code-injection-pr.md rename to actions/ql/lib/change-notes/released/0.4.6.md index 1f8b74308376..49cbcbb63a27 100644 --- a/actions/ql/lib/change-notes/2025-03-20-code-injection-pr.md +++ b/actions/ql/lib/change-notes/released/0.4.6.md @@ -1,5 +1,6 @@ ---- -category: fix ---- +## 0.4.6 + +### Bug Fixes + * The query `actions/code-injection/medium` now produces alerts for injection - vulnerabilities on `pull_request` events. \ No newline at end of file + vulnerabilities on `pull_request` events. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 466cd01cf4e7..2b842473675e 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.5 +lastReleaseVersion: 0.4.6 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 76ef8181803e..aecd3607345d 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.6-dev +version: 0.4.7-dev library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index bd465cd8a20d..c2b0d353f185 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.5.3 + +### Bug Fixes + +* Fixed typos in the query and alert titles for the queries + `actions/envpath-injection/critical`, `actions/envpath-injection/medium`, + `actions/envvar-injection/critical`, and `actions/envvar-injection/medium`. + ## 0.5.2 No user-facing changes. @@ -7,9 +15,10 @@ No user-facing changes. ### Bug Fixes * The `actions/unversioned-immutable-action` query will no longer report any alerts, since the - Immutable Actions feature is not yet available for customer use. The query remains in the - default Code Scanning suites for use internal to GitHub. Once the Immutable Actions feature is - available, the query will be updated to report alerts again. + Immutable Actions feature is not yet available for customer use. The query has also been moved + to the experimental folder and will not be used in code scanning unless it is explicitly added + to a code scanning configuration. Once the Immutable Actions feature is available, the query will + be updated to report alerts again. ## 0.5.0 diff --git a/actions/ql/src/change-notes/2025-03-13-environment-query-names.md b/actions/ql/src/change-notes/released/0.5.3.md similarity index 83% rename from actions/ql/src/change-notes/2025-03-13-environment-query-names.md rename to actions/ql/src/change-notes/released/0.5.3.md index c0594fc6beef..b8c6dc4fa8d4 100644 --- a/actions/ql/src/change-notes/2025-03-13-environment-query-names.md +++ b/actions/ql/src/change-notes/released/0.5.3.md @@ -1,6 +1,7 @@ ---- -category: fix ---- +## 0.5.3 + +### Bug Fixes + * Fixed typos in the query and alert titles for the queries `actions/envpath-injection/critical`, `actions/envpath-injection/medium`, - `actions/envvar-injection/critical`, and `actions/envvar-injection/medium`. \ No newline at end of file + `actions/envvar-injection/critical`, and `actions/envvar-injection/medium`. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index 8ec60febbcf4..f6eb8be1138c 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.5.3-dev +version: 0.5.4-dev library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 234a154fe456..e958516a5a43 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 4.1.0 + +### New Features + +* Added `Node.asUncertainDefinition` and `Node.asCertainDefinition` to the `DataFlow::Node` class for querying whether a definition overwrites the entire destination buffer. + ## 4.0.3 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2025-03-13-ascertaindef.md b/cpp/ql/lib/change-notes/released/4.1.0.md similarity index 63% rename from cpp/ql/lib/change-notes/2025-03-13-ascertaindef.md rename to cpp/ql/lib/change-notes/released/4.1.0.md index 6a55fc7bdd08..0ba91f0fa68b 100644 --- a/cpp/ql/lib/change-notes/2025-03-13-ascertaindef.md +++ b/cpp/ql/lib/change-notes/released/4.1.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- -* Added `Node.asUncertainDefinition` and `Node.asCertainDefinition` to the `DataFlow::Node` class for querying whether a definition overwrites the entire destination buffer. \ No newline at end of file +## 4.1.0 + +### New Features + +* Added `Node.asUncertainDefinition` and `Node.asCertainDefinition` to the `DataFlow::Node` class for querying whether a definition overwrites the entire destination buffer. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index f6bbc961bb14..d5b1bf88d10e 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.3 +lastReleaseVersion: 4.1.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 21923ae1536b..5ee964c4b50f 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 4.0.4-dev +version: 4.1.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 36df98d3941c..ab79d5cb46ef 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 1.3.7 + +### Minor Analysis Improvements + +* Fixed a bug in the models for Microsoft's Active Template Library (ATL). +* The query "Use of basic integral type" (`cpp/jpl-c/basic-int-types`) no longer produces alerts for the standard fixed width integer types (`int8_t`, `uint8_t`, etc.), and the `_Bool` and `bool` types. + ## 1.3.6 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2025-03-14-mad-atl-fix.md b/cpp/ql/src/change-notes/2025-03-14-mad-atl-fix.md deleted file mode 100644 index 7e7c5f7e279b..000000000000 --- a/cpp/ql/src/change-notes/2025-03-14-mad-atl-fix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed a bug in the models for Microsoft's Active Template Library (ATL). diff --git a/cpp/ql/src/change-notes/2025-03-11-basic-int-types.md b/cpp/ql/src/change-notes/released/1.3.7.md similarity index 59% rename from cpp/ql/src/change-notes/2025-03-11-basic-int-types.md rename to cpp/ql/src/change-notes/released/1.3.7.md index 7d3bd4b82339..6af01103f083 100644 --- a/cpp/ql/src/change-notes/2025-03-11-basic-int-types.md +++ b/cpp/ql/src/change-notes/released/1.3.7.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- -* The query "Use of basic integral type" (`cpp/jpl-c/basic-int-types`) no longer produces alerts for the standard fixed width integer types (`int8_t`, `uint8_t`, etc.), and the `_Bool` and `bool` types. \ No newline at end of file +## 1.3.7 + +### Minor Analysis Improvements + +* Fixed a bug in the models for Microsoft's Active Template Library (ATL). +* The query "Use of basic integral type" (`cpp/jpl-c/basic-int-types`) no longer produces alerts for the standard fixed width integer types (`int8_t`, `uint8_t`, etc.), and the `_Bool` and `bool` types. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 0a0b09863112..2f4b67be43f7 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.6 +lastReleaseVersion: 1.3.7 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index fa04e55439bb..67293337da94 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.3.7-dev +version: 1.3.8-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 49b1297498cd..38009248e963 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.37 + +No user-facing changes. + ## 1.7.36 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.37.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.37.md new file mode 100644 index 000000000000..d451a3fb0e78 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.37.md @@ -0,0 +1,3 @@ +## 1.7.37 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 5d773ebdb702..4d975f78ff6e 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.36 +lastReleaseVersion: 1.7.37 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 7a4b5a1ef198..eefe4e2fe57c 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.37-dev +version: 1.7.38-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 49b1297498cd..38009248e963 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.37 + +No user-facing changes. + ## 1.7.36 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.37.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.37.md new file mode 100644 index 000000000000..d451a3fb0e78 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.37.md @@ -0,0 +1,3 @@ +## 1.7.37 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 5d773ebdb702..4d975f78ff6e 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.36 +lastReleaseVersion: 1.7.37 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index b0d8cb147970..a03f987c8c79 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.37-dev +version: 1.7.38-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 2ca6fea2b086..9b5f38e0ca51 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 5.1.3 + +### Minor Analysis Improvements + +* The models for `System.Uri` have been modified to better model the flow of tainted URIs. +* Modeled parameter passing between Blazor parent and child components. + ## 5.1.2 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/2025-03-26-blazor-parameter-passing.md b/csharp/ql/lib/change-notes/2025-03-26-blazor-parameter-passing.md deleted file mode 100644 index 9838aa8d44af..000000000000 --- a/csharp/ql/lib/change-notes/2025-03-26-blazor-parameter-passing.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Modeled parameter passing between Blazor parent and child components. diff --git a/csharp/ql/lib/change-notes/2025-03-27-update-system.uri-model.md b/csharp/ql/lib/change-notes/2025-03-27-update-system.uri-model.md deleted file mode 100644 index 2b88cfb44d03..000000000000 --- a/csharp/ql/lib/change-notes/2025-03-27-update-system.uri-model.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The models for `System.Uri` have been modified to better model the flow of tainted URIs. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/released/5.1.3.md b/csharp/ql/lib/change-notes/released/5.1.3.md new file mode 100644 index 000000000000..978a05a50fae --- /dev/null +++ b/csharp/ql/lib/change-notes/released/5.1.3.md @@ -0,0 +1,6 @@ +## 5.1.3 + +### Minor Analysis Improvements + +* The models for `System.Uri` have been modified to better model the flow of tainted URIs. +* Modeled parameter passing between Blazor parent and child components. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index d21c12fbe7fb..8ffbc76d58a0 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.2 +lastReleaseVersion: 5.1.3 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 7df16ccea0b4..647655511ea1 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.1.3-dev +version: 5.1.4-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 09d65767a943..125e61622531 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,18 @@ +## 1.1.0 + +### New Queries + +* Added a new query, `csharp/path-combine`, to recommend against the `Path.Combine` method due to it silently discarding its earlier parameters if later parameters are rooted. + +### Minor Analysis Improvements + +* Improved dependency resolution in `build-mode: none` extraction to handle failing `dotnet restore` processes that managed to download a subset of the dependencies before the failure. +* Increase query precision for `cs/useless-gethashcode-call` by not flagging calls to `GetHashCode` on `uint`, `long` and `ulong`. +* Increase query precision for `cs/constant-condition` and allow the use of discards in switch/case statements and also take the condition (if any) into account. +* The `cs/local-not-disposed` query no longer flags un-disposed tasks as this is often not needed (explained [here](https://devblogs.microsoft.com/pfxteam/do-i-need-to-dispose-of-tasks/)). +* Increase query precision for `cs/useless-assignment-to-local` and `cs/constant-condition` when *unknown* types are involved (mostly relevant for `build-mode: none` databases). +* Don't consider an if-statement to be *useless* in `cs/useless-if-statement` if there is at least a comment. + ## 1.0.19 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2025-02-26-path-combine.md b/csharp/ql/src/change-notes/2025-02-26-path-combine.md deleted file mode 100644 index 81610502b229..000000000000 --- a/csharp/ql/src/change-notes/2025-02-26-path-combine.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `csharp/path-combine`, to recommend against the `Path.Combine` method due to it silently discarding its earlier parameters if later parameters are rooted. \ No newline at end of file diff --git a/csharp/ql/src/change-notes/2025-03-05-useless-if-statement.md b/csharp/ql/src/change-notes/2025-03-05-useless-if-statement.md deleted file mode 100644 index 3d62fe373e1e..000000000000 --- a/csharp/ql/src/change-notes/2025-03-05-useless-if-statement.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Don't consider an if-statement to be *useless* in `cs/useless-if-statement` if there is at least a comment. diff --git a/csharp/ql/src/change-notes/2025-03-10-task-not-disposed.md b/csharp/ql/src/change-notes/2025-03-10-task-not-disposed.md deleted file mode 100644 index faf748d873f6..000000000000 --- a/csharp/ql/src/change-notes/2025-03-10-task-not-disposed.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `cs/local-not-disposed` query no longer flags un-disposed tasks as this is often not needed (explained [here](https://devblogs.microsoft.com/pfxteam/do-i-need-to-dispose-of-tasks/)). diff --git a/csharp/ql/src/change-notes/2025-03-10-unknown-type-matching.md b/csharp/ql/src/change-notes/2025-03-10-unknown-type-matching.md deleted file mode 100644 index 634f46067007..000000000000 --- a/csharp/ql/src/change-notes/2025-03-10-unknown-type-matching.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Increase query precision for `cs/useless-assignment-to-local` and `cs/constant-condition` when *unknown* types are involved (mostly relevant for `build-mode: none` databases). diff --git a/csharp/ql/src/change-notes/2025-03-11-constant-condition.md b/csharp/ql/src/change-notes/2025-03-11-constant-condition.md deleted file mode 100644 index 2c9e50136af0..000000000000 --- a/csharp/ql/src/change-notes/2025-03-11-constant-condition.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Increase query precision for `cs/constant-condition` and allow the use of discards in switch/case statements and also take the condition (if any) into account. diff --git a/csharp/ql/src/change-notes/2025-03-13-useless-gethashcode-call.md b/csharp/ql/src/change-notes/2025-03-13-useless-gethashcode-call.md deleted file mode 100644 index 55b705b79ecb..000000000000 --- a/csharp/ql/src/change-notes/2025-03-13-useless-gethashcode-call.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Increase query precision for `cs/useless-gethashcode-call` by not flagging calls to `GetHashCode` on `uint`, `long` and `ulong`. diff --git a/csharp/ql/src/change-notes/2025-03-21-dependency-fetching.md b/csharp/ql/src/change-notes/2025-03-21-dependency-fetching.md deleted file mode 100644 index 84c6a9721dc8..000000000000 --- a/csharp/ql/src/change-notes/2025-03-21-dependency-fetching.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved dependency resolution in `build-mode: none` extraction to handle failing `dotnet restore` processes that managed to download a subset of the dependencies before the failure. diff --git a/csharp/ql/src/change-notes/released/1.1.0.md b/csharp/ql/src/change-notes/released/1.1.0.md new file mode 100644 index 000000000000..e3bffce48a5f --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.1.0.md @@ -0,0 +1,14 @@ +## 1.1.0 + +### New Queries + +* Added a new query, `csharp/path-combine`, to recommend against the `Path.Combine` method due to it silently discarding its earlier parameters if later parameters are rooted. + +### Minor Analysis Improvements + +* Improved dependency resolution in `build-mode: none` extraction to handle failing `dotnet restore` processes that managed to download a subset of the dependencies before the failure. +* Increase query precision for `cs/useless-gethashcode-call` by not flagging calls to `GetHashCode` on `uint`, `long` and `ulong`. +* Increase query precision for `cs/constant-condition` and allow the use of discards in switch/case statements and also take the condition (if any) into account. +* The `cs/local-not-disposed` query no longer flags un-disposed tasks as this is often not needed (explained [here](https://devblogs.microsoft.com/pfxteam/do-i-need-to-dispose-of-tasks/)). +* Increase query precision for `cs/useless-assignment-to-local` and `cs/constant-condition` when *unknown* types are involved (mostly relevant for `build-mode: none` databases). +* Don't consider an if-statement to be *useless* in `cs/useless-if-statement` if there is at least a comment. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index e15e0d267b0a..2ac15439f561 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.1.0 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 607c7f084c2f..d6f04fe65759 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.20-dev +version: 1.1.1-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 72016e3f662f..b20db0162311 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.20.md b/go/ql/consistency-queries/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 0fbb1c5c7edd..78d52739d9ed 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.20-dev +version: 1.0.21-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 78bb56e662af..27ad374e3747 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,11 @@ +## 4.2.2 + +### Minor Analysis Improvements + +* We no longer track taint into a `sync.Map` via the key of a key-value pair, since we do not model any way in which keys can be read from a `sync.Map`. +* `database` source models have been added for v1 and v2 of the `github.com/couchbase/gocb` package. +* Added `database` source models for the `github.com/Masterminds/squirrel` ORM package. + ## 4.2.1 No user-facing changes. diff --git a/go/ql/lib/change-notes/2025-03-02-squirrel-source-models.md b/go/ql/lib/change-notes/2025-03-02-squirrel-source-models.md deleted file mode 100644 index 05896168630d..000000000000 --- a/go/ql/lib/change-notes/2025-03-02-squirrel-source-models.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `database` source models for the `github.com/Masterminds/squirrel` ORM package. - diff --git a/go/ql/lib/change-notes/2025-03-03-couchbase-source-models.md b/go/ql/lib/change-notes/2025-03-03-couchbase-source-models.md deleted file mode 100644 index cb5fd1f12841..000000000000 --- a/go/ql/lib/change-notes/2025-03-03-couchbase-source-models.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* `database` source models have been added for v1 and v2 of the `github.com/couchbase/gocb` package. - diff --git a/go/ql/lib/change-notes/2025-03-04-improve-models-for-sync-map.md b/go/ql/lib/change-notes/2025-03-04-improve-models-for-sync-map.md deleted file mode 100644 index ec0a167993cd..000000000000 --- a/go/ql/lib/change-notes/2025-03-04-improve-models-for-sync-map.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* We no longer track taint into a `sync.Map` via the key of a key-value pair, since we do not model any way in which keys can be read from a `sync.Map`. diff --git a/go/ql/lib/change-notes/released/4.2.2.md b/go/ql/lib/change-notes/released/4.2.2.md new file mode 100644 index 000000000000..d710ac69f69d --- /dev/null +++ b/go/ql/lib/change-notes/released/4.2.2.md @@ -0,0 +1,7 @@ +## 4.2.2 + +### Minor Analysis Improvements + +* We no longer track taint into a `sync.Map` via the key of a key-value pair, since we do not model any way in which keys can be read from a `sync.Map`. +* `database` source models have been added for v1 and v2 of the `github.com/couchbase/gocb` package. +* Added `database` source models for the `github.com/Masterminds/squirrel` ORM package. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 38ea9976fccd..18bc07709932 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.2.1 +lastReleaseVersion: 4.2.2 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 0ece9e1769e4..34ba33332a27 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 4.2.2-dev +version: 4.2.3-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index fb033ceb26ce..ff91b3d9ce83 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.11 + +### Minor Analysis Improvements + +* False positives in "Log entries created from user input" (`go/log-injection`) and "Clear-text logging of sensitive information" (`go/clear-text-logging`) which involved the verb `%T` in a format specifier have been fixed. As a result, some users may also see more alerts from the "Use of constant `state` value in OAuth 2.0 URL" (`go/constant-oauth2-state`) query. + ## 1.1.10 No user-facing changes. diff --git a/go/ql/src/change-notes/2025-03-20-logging-false-positive-type-format-specifier.md b/go/ql/src/change-notes/released/1.1.11.md similarity index 89% rename from go/ql/src/change-notes/2025-03-20-logging-false-positive-type-format-specifier.md rename to go/ql/src/change-notes/released/1.1.11.md index 43478a70097e..44dc87cea8c2 100644 --- a/go/ql/src/change-notes/2025-03-20-logging-false-positive-type-format-specifier.md +++ b/go/ql/src/change-notes/released/1.1.11.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.1.11 + +### Minor Analysis Improvements + * False positives in "Log entries created from user input" (`go/log-injection`) and "Clear-text logging of sensitive information" (`go/clear-text-logging`) which involved the verb `%T` in a format specifier have been fixed. As a result, some users may also see more alerts from the "Use of constant `state` value in OAuth 2.0 URL" (`go/constant-oauth2-state`) query. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 4c01918d4144..121f8cf035d3 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.10 +lastReleaseVersion: 1.1.11 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 52ed59f34a1f..3e3b248716d6 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.1.11-dev +version: 1.1.12-dev groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 0bd7926c9565..4e5f40cbc844 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,18 @@ +## 7.1.2 + +### Minor Analysis Improvements + +* Java extraction is now able to download Maven 3.9.x if a Maven Enforcer Plugin configuration indicates it is necessary. Maven 3.8.x is still preferred if the enforcer-plugin configuration (if any) permits it. +* Added a path injection sanitizer for calls to `java.lang.String.matches`, `java.lang.String.replace`, and `java.lang.String.replaceAll` that make sure '/', '\', '..' are not in the path. + +### Bug Fixes + +* In `build-mode: none` where the project has a Gradle build system, database creation no longer attempts to download some non-existent jar files relating to non-jar Maven artifacts, such as BOMs. This was harmless, but saves some time and reduces spurious warnings. +* Java extraction no longer freezes for a long time or times out when using libraries that feature expanding cyclic generic types. For example, this was known to occur when using some classes from the Blazebit Persistence library. +* Java build-mode `none` no longer fails when a required version of Gradle cannot be downloaded using the `gradle wrapper` command, such as due to a firewall. It will now attempt to use the system version of Gradle if present, or otherwise proceed without detailed dependency information. +* Java build-mode `none` no longer fails when a required version of Maven cannot be downloaded, such as due to a firewall. It will now attempt to use the system version of Maven if present, or otherwise proceed without detailed dependency information. +* Java build-mode `none` now correctly uses Maven dependency information on Windows platforms. + ## 7.1.1 No user-facing changes. diff --git a/java/ql/lib/change-notes/2025-03-03-maven-fixes.md b/java/ql/lib/change-notes/2025-03-03-maven-fixes.md deleted file mode 100644 index 0ec0c40dc175..000000000000 --- a/java/ql/lib/change-notes/2025-03-03-maven-fixes.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- -* Java build-mode `none` no longer fails when a required version of Maven cannot be downloaded, such as due to a firewall. It will now attempt to use the system version of Maven if present, or otherwise proceed without detailed dependency information. -* Java build-mode `none` now correctly uses Maven dependency information on Windows platforms. diff --git a/java/ql/lib/change-notes/2025-03-10-matches-replace-path-sanitizer.md b/java/ql/lib/change-notes/2025-03-10-matches-replace-path-sanitizer.md deleted file mode 100644 index 21d4c61f7c11..000000000000 --- a/java/ql/lib/change-notes/2025-03-10-matches-replace-path-sanitizer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a path injection sanitizer for calls to `java.lang.String.matches`, `java.lang.String.replace`, and `java.lang.String.replaceAll` that make sure '/', '\', '..' are not in the path. diff --git a/java/ql/lib/change-notes/2025-03-18-cyclic-types.md b/java/ql/lib/change-notes/2025-03-18-cyclic-types.md deleted file mode 100644 index 15734999bb0f..000000000000 --- a/java/ql/lib/change-notes/2025-03-18-cyclic-types.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Java extraction no longer freezes for a long time or times out when using libraries that feature expanding cyclic generic types. For example, this was known to occur when using some classes from the Blazebit Persistence library. diff --git a/java/ql/lib/change-notes/2025-03-18-gradle-fixes.md b/java/ql/lib/change-notes/2025-03-18-gradle-fixes.md deleted file mode 100644 index 2def03388fcb..000000000000 --- a/java/ql/lib/change-notes/2025-03-18-gradle-fixes.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Java build-mode `none` no longer fails when a required version of Gradle cannot be downloaded using the `gradle wrapper` command, such as due to a firewall. It will now attempt to use the system version of Gradle if present, or otherwise proceed without detailed dependency information. diff --git a/java/ql/lib/change-notes/2025-03-18-maven-enforcer.md b/java/ql/lib/change-notes/2025-03-18-maven-enforcer.md deleted file mode 100644 index 549862da7ba8..000000000000 --- a/java/ql/lib/change-notes/2025-03-18-maven-enforcer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Java extraction is now able to download Maven 3.9.x if a Maven Enforcer Plugin configuration indicates it is necessary. Maven 3.8.x is still preferred if the enforcer-plugin configuration (if any) permits it. diff --git a/java/ql/lib/change-notes/2025-03-27-gradle-fetch-reduction.md b/java/ql/lib/change-notes/2025-03-27-gradle-fetch-reduction.md deleted file mode 100644 index 138ff89ff485..000000000000 --- a/java/ql/lib/change-notes/2025-03-27-gradle-fetch-reduction.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* In `build-mode: none` where the project has a Gradle build system, database creation no longer attempts to download some non-existent jar files relating to non-jar Maven artifacts, such as BOMs. This was harmless, but saves some time and reduces spurious warnings. diff --git a/java/ql/lib/change-notes/released/7.1.2.md b/java/ql/lib/change-notes/released/7.1.2.md new file mode 100644 index 000000000000..57fc5b2cc6d0 --- /dev/null +++ b/java/ql/lib/change-notes/released/7.1.2.md @@ -0,0 +1,14 @@ +## 7.1.2 + +### Minor Analysis Improvements + +* Java extraction is now able to download Maven 3.9.x if a Maven Enforcer Plugin configuration indicates it is necessary. Maven 3.8.x is still preferred if the enforcer-plugin configuration (if any) permits it. +* Added a path injection sanitizer for calls to `java.lang.String.matches`, `java.lang.String.replace`, and `java.lang.String.replaceAll` that make sure '/', '\', '..' are not in the path. + +### Bug Fixes + +* In `build-mode: none` where the project has a Gradle build system, database creation no longer attempts to download some non-existent jar files relating to non-jar Maven artifacts, such as BOMs. This was harmless, but saves some time and reduces spurious warnings. +* Java extraction no longer freezes for a long time or times out when using libraries that feature expanding cyclic generic types. For example, this was known to occur when using some classes from the Blazebit Persistence library. +* Java build-mode `none` no longer fails when a required version of Gradle cannot be downloaded using the `gradle wrapper` command, such as due to a firewall. It will now attempt to use the system version of Gradle if present, or otherwise proceed without detailed dependency information. +* Java build-mode `none` no longer fails when a required version of Maven cannot be downloaded, such as due to a firewall. It will now attempt to use the system version of Maven if present, or otherwise proceed without detailed dependency information. +* Java build-mode `none` now correctly uses Maven dependency information on Windows platforms. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 8e970df6cae3..547681cc4408 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.1.1 +lastReleaseVersion: 7.1.2 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index a92a21f77473..1037ae7708a2 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 7.1.2-dev +version: 7.1.3-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 8e463d79fb99..d27571c724db 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,19 @@ +## 1.4.0 + +### New Queries + +* Added a new quality query, `java/empty-method`, to detect empty methods. +* The query `java/spring-boot-exposed-actuators` has been promoted from experimental to the main query pack. Its results will now appear by default, and the query itself will be removed from the [CodeQL Community Packs](https://github.com/GitHubSecurityLab/CodeQL-Community-Packs). This query was originally submitted as an experimental query [by @ggolawski](https://github.com/github/codeql/pull/2901). + +### Major Analysis Improvements + +* Updated the `java/unreleased-lock` query so that it no longer report alerts in cases where a boolean variable is used to track lock state. + +### Minor Analysis Improvements + +* Fixed a false positive in "Time-of-check time-of-use race condition" (`java/toctou-race-condition`) where a field of a non-static class was not considered always-locked if it was accessed in a constructor. +* Overrides of `BroadcastReceiver::onReceive` with no statements in their body are no longer considered unverified by the `java/improper-intent-verification` query. This will reduce false positives from `onReceive` methods which do not perform any actions. + ## 1.3.1 No user-facing changes. diff --git a/java/ql/src/change-notes/2025-02-24-spring-boot-actuators-promo.md b/java/ql/src/change-notes/2025-02-24-spring-boot-actuators-promo.md deleted file mode 100644 index 8f407de95ac2..000000000000 --- a/java/ql/src/change-notes/2025-02-24-spring-boot-actuators-promo.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* The query `java/spring-boot-exposed-actuators` has been promoted from experimental to the main query pack. Its results will now appear by default, and the query itself will be removed from the [CodeQL Community Packs](https://github.com/GitHubSecurityLab/CodeQL-Community-Packs). This query was originally submitted as an experimental query [by @ggolawski](https://github.com/github/codeql/pull/2901). diff --git a/java/ql/src/change-notes/2025-03-02-unreleased-lock-fp.md b/java/ql/src/change-notes/2025-03-02-unreleased-lock-fp.md deleted file mode 100644 index 915f87604e7f..000000000000 --- a/java/ql/src/change-notes/2025-03-02-unreleased-lock-fp.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Updated the `java/unreleased-lock` query so that it no longer report alerts in cases where a boolean variable is used to track lock state. diff --git a/java/ql/src/change-notes/2025-03-03-fix-improper-intent-verification-query.md b/java/ql/src/change-notes/2025-03-03-fix-improper-intent-verification-query.md deleted file mode 100644 index b07ffc99a969..000000000000 --- a/java/ql/src/change-notes/2025-03-03-fix-improper-intent-verification-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Overrides of `BroadcastReceiver::onReceive` with no statements in their body are no longer considered unverified by the `java/improper-intent-verification` query. This will reduce false positives from `onReceive` methods which do not perform any actions. diff --git a/java/ql/src/change-notes/2025-03-10-empty-method.md b/java/ql/src/change-notes/2025-03-10-empty-method.md deleted file mode 100644 index 6b33deffd1a0..000000000000 --- a/java/ql/src/change-notes/2025-03-10-empty-method.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new quality query, `java/empty-method`, to detect empty methods. diff --git a/java/ql/src/change-notes/2025-03-13-fix-toctou-false-positive.md b/java/ql/src/change-notes/2025-03-13-fix-toctou-false-positive.md deleted file mode 100644 index fb6fcfaaf1b1..000000000000 --- a/java/ql/src/change-notes/2025-03-13-fix-toctou-false-positive.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed a false positive in "Time-of-check time-of-use race condition" (`java/toctou-race-condition`) where a field of a non-static class was not considered always-locked if it was accessed in a constructor. diff --git a/java/ql/src/change-notes/released/1.4.0.md b/java/ql/src/change-notes/released/1.4.0.md new file mode 100644 index 000000000000..bc86e5de425b --- /dev/null +++ b/java/ql/src/change-notes/released/1.4.0.md @@ -0,0 +1,15 @@ +## 1.4.0 + +### New Queries + +* Added a new quality query, `java/empty-method`, to detect empty methods. +* The query `java/spring-boot-exposed-actuators` has been promoted from experimental to the main query pack. Its results will now appear by default, and the query itself will be removed from the [CodeQL Community Packs](https://github.com/GitHubSecurityLab/CodeQL-Community-Packs). This query was originally submitted as an experimental query [by @ggolawski](https://github.com/github/codeql/pull/2901). + +### Major Analysis Improvements + +* Updated the `java/unreleased-lock` query so that it no longer report alerts in cases where a boolean variable is used to track lock state. + +### Minor Analysis Improvements + +* Fixed a false positive in "Time-of-check time-of-use race condition" (`java/toctou-race-condition`) where a field of a non-static class was not considered always-locked if it was accessed in a constructor. +* Overrides of `BroadcastReceiver::onReceive` with no statements in their body are no longer considered unverified by the `java/improper-intent-verification` query. This will reduce false positives from `onReceive` methods which do not perform any actions. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index e71b6d081f15..b8b2e97d5086 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.1 +lastReleaseVersion: 1.4.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 883a60e59beb..e7c3a7da88e4 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.3.2-dev +version: 1.4.1-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index a3bb2a7e5d4f..995666b29160 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,35 @@ +## 2.6.0 + +### New Features + +* Extraction now supports regular expressions with the `v` flag, using the new operators: + - Intersection `&&` + - Subtraction `--` + - `\q` quoted string + +### Major Analysis Improvements + +* Added support for TypeScript 5.8. + +### Minor Analysis Improvements + +* Added support for additional `fs-extra` methods as sinks in path-injection queries. +* Added support for the newer version of `Hapi` with the `@hapi/hapi` import and `server` function. +* Improved modeling of the `node:fs` module: `await`-ed calls to `read` and `readFile` are now supported. +* Added support for the `@sap/hana-client`, `@sap/hdbext` and `hdb` packages. +* Enhanced `axios` support with new methods (`postForm`, `putForm`, `patchForm`, `getUri`, `create`) and added support for `interceptors.request` and `interceptors.response`. +* Improved support for `got` package with `Options`, `paginate()` and `extend()` +* Added support for the `ApolloServer` class from `@apollo/server` and similar packages. In particular, the incoming data in a GraphQL resolver is now seen as a source of untrusted user input. +* Improved support for `superagent` to handle the case where the package is directly called as a function, or via the `.del()` or `.agent()` method. +* Added support for the `underscore.string` package. +* Added additional flow step for `unescape()` and `escape()`. +* Added support for the `@tanstack/vue-query` package. +* Added taint-steps for `unescape()`. +* Added support for the `@tanstack/angular-query-experimental` package. +* Improved support for the `@angular/common/http` package, detecting outgoing HTTP requests in more cases. +* Improved the modeling of the `markdown-table` package to ensure it handles nested arrays properly. +* Added support for the `react-relay` library. + ## 2.5.1 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/2025-02-17-typescript-5-8.md b/javascript/ql/lib/change-notes/2025-02-17-typescript-5-8.md deleted file mode 100644 index 8ada5149291d..000000000000 --- a/javascript/ql/lib/change-notes/2025-02-17-typescript-5-8.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Added support for TypeScript 5.8. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/2025-02-25-react-relay.md b/javascript/ql/lib/change-notes/2025-02-25-react-relay.md deleted file mode 100644 index 822f429f62a4..000000000000 --- a/javascript/ql/lib/change-notes/2025-02-25-react-relay.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for the `react-relay` library. diff --git a/javascript/ql/lib/change-notes/2025-03-03-regex-v.md b/javascript/ql/lib/change-notes/2025-03-03-regex-v.md deleted file mode 100644 index 4c6948049ebf..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-03-regex-v.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -category: feature ---- -* Extraction now supports regular expressions with the `v` flag, using the new operators: - - Intersection `&&` - - Subtraction `--` - - `\q` quoted string diff --git a/javascript/ql/lib/change-notes/2025-03-10-js-refactor-markdown-table.md b/javascript/ql/lib/change-notes/2025-03-10-js-refactor-markdown-table.md deleted file mode 100644 index 8dd3c17404c7..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-10-js-refactor-markdown-table.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved the modeling of the `markdown-table` package to ensure it handles nested arrays properly. diff --git a/javascript/ql/lib/change-notes/2025-03-11-tanstack-angular.md b/javascript/ql/lib/change-notes/2025-03-11-tanstack-angular.md deleted file mode 100644 index 5c4eb99eed76..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-11-tanstack-angular.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for the `@tanstack/angular-query-experimental` package. -* Improved support for the `@angular/common/http` package, detecting outgoing HTTP requests in more cases. diff --git a/javascript/ql/lib/change-notes/2025-03-13-tanstack-vue.md b/javascript/ql/lib/change-notes/2025-03-13-tanstack-vue.md deleted file mode 100644 index defc6c78bc2a..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-13-tanstack-vue.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for the `@tanstack/vue-query` package. diff --git a/javascript/ql/lib/change-notes/2025-03-13-unescape.md b/javascript/ql/lib/change-notes/2025-03-13-unescape.md deleted file mode 100644 index aa2d445118cb..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-13-unescape.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint-steps for `unescape()`. diff --git a/javascript/ql/lib/change-notes/2025-03-14-escape.md b/javascript/ql/lib/change-notes/2025-03-14-escape.md deleted file mode 100644 index 334fd6cc04d4..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-14-escape.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added additional flow step for `unescape()` and `escape()`. diff --git a/javascript/ql/lib/change-notes/2025-03-17-underscore-string.md b/javascript/ql/lib/change-notes/2025-03-17-underscore-string.md deleted file mode 100644 index c6bd442735ad..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-17-underscore-string.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for the `underscore.string` package. diff --git a/javascript/ql/lib/change-notes/2025-03-20-apollo-server.md b/javascript/ql/lib/change-notes/2025-03-20-apollo-server.md deleted file mode 100644 index 1976b91ea387..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-20-apollo-server.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for the `ApolloServer` class from `@apollo/server` and similar packages. In particular, the incoming data in a GraphQL resolver is now seen as a source of untrusted user input. diff --git a/javascript/ql/lib/change-notes/2025-03-20-superagent.md b/javascript/ql/lib/change-notes/2025-03-20-superagent.md deleted file mode 100644 index 6516d49d66df..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-20-superagent.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved support for `superagent` to handle the case where the package is directly called as a function, or via the `.del()` or `.agent()` method. diff --git a/javascript/ql/lib/change-notes/2025-03-24-axios-additional-methods.md b/javascript/ql/lib/change-notes/2025-03-24-axios-additional-methods.md deleted file mode 100644 index 4b92a5a3e43f..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-24-axios-additional-methods.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Enhanced `axios` support with new methods (`postForm`, `putForm`, `patchForm`, `getUri`, `create`) and added support for `interceptors.request` and `interceptors.response`. diff --git a/javascript/ql/lib/change-notes/2025-03-24-got-package.md b/javascript/ql/lib/change-notes/2025-03-24-got-package.md deleted file mode 100644 index 4830ce077cbd..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-24-got-package.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved support for `got` package with `Options`, `paginate()` and `extend()` diff --git a/javascript/ql/lib/change-notes/2025-03-26-Hapi.md b/javascript/ql/lib/change-notes/2025-03-26-Hapi.md deleted file mode 100644 index d6d5795570f0..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-26-Hapi.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for the newer version of `Hapi` with the `@hapi/hapi` import and `server` function. diff --git a/javascript/ql/lib/change-notes/2025-03-26-async-fileRead.md b/javascript/ql/lib/change-notes/2025-03-26-async-fileRead.md deleted file mode 100644 index f15d525530ae..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-26-async-fileRead.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved modeling of the `node:fs` module: `await`-ed calls to `read` and `readFile` are now supported. diff --git a/javascript/ql/lib/change-notes/2025-03-26-hana-db-client.md b/javascript/ql/lib/change-notes/2025-03-26-hana-db-client.md deleted file mode 100644 index 170707e0e787..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-26-hana-db-client.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for the `@sap/hana-client`, `@sap/hdbext` and `hdb` packages. diff --git a/javascript/ql/lib/change-notes/2025-03-28-fs-extra.md b/javascript/ql/lib/change-notes/2025-03-28-fs-extra.md deleted file mode 100644 index f30177905ae8..000000000000 --- a/javascript/ql/lib/change-notes/2025-03-28-fs-extra.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added support for additional `fs-extra` methods as sinks in path-injection queries. diff --git a/javascript/ql/lib/change-notes/released/2.6.0.md b/javascript/ql/lib/change-notes/released/2.6.0.md new file mode 100644 index 000000000000..037621be6add --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.6.0.md @@ -0,0 +1,31 @@ +## 2.6.0 + +### New Features + +* Extraction now supports regular expressions with the `v` flag, using the new operators: + - Intersection `&&` + - Subtraction `--` + - `\q` quoted string + +### Major Analysis Improvements + +* Added support for TypeScript 5.8. + +### Minor Analysis Improvements + +* Added support for additional `fs-extra` methods as sinks in path-injection queries. +* Added support for the newer version of `Hapi` with the `@hapi/hapi` import and `server` function. +* Improved modeling of the `node:fs` module: `await`-ed calls to `read` and `readFile` are now supported. +* Added support for the `@sap/hana-client`, `@sap/hdbext` and `hdb` packages. +* Enhanced `axios` support with new methods (`postForm`, `putForm`, `patchForm`, `getUri`, `create`) and added support for `interceptors.request` and `interceptors.response`. +* Improved support for `got` package with `Options`, `paginate()` and `extend()` +* Added support for the `ApolloServer` class from `@apollo/server` and similar packages. In particular, the incoming data in a GraphQL resolver is now seen as a source of untrusted user input. +* Improved support for `superagent` to handle the case where the package is directly called as a function, or via the `.del()` or `.agent()` method. +* Added support for the `underscore.string` package. +* Added additional flow step for `unescape()` and `escape()`. +* Added support for the `@tanstack/vue-query` package. +* Added taint-steps for `unescape()`. +* Added support for the `@tanstack/angular-query-experimental` package. +* Improved support for the `@angular/common/http` package, detecting outgoing HTTP requests in more cases. +* Improved the modeling of the `markdown-table` package to ensure it handles nested arrays properly. +* Added support for the `react-relay` library. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index a041decfd2dd..29308d702323 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.5.1 +lastReleaseVersion: 2.6.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 8bab6cb44348..80004cfa6a03 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.5.2-dev +version: 2.6.1-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index fbd576e4eea7..fef8edd5c801 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,17 @@ +## 1.5.2 + +### Bug Fixes + +* Fixed a bug, first introduced in `2.20.3`, that would prevent `v-html` attributes in Vue files + from being flagged by the `js/xss` query. The original behaviour has been restored and the `v-html` + attribute is once again functioning as a sink for the `js/xss` query. +* Fixed a bug that would in rare cases cause some regexp-based checks + to be seen as generic taint sanitisers, even though the underlying regexp + is not restrictive enough. The regexps are now analysed more precisely, + and unrestrictive regexp checks will no longer block taint flow. +* Fixed a recently-introduced bug that caused `js/server-side-unvalidated-url-redirection` to ignore + valid hostname checks and report spurious alerts after such a check. The original behaviour has been restored. + ## 1.5.1 No user-facing changes. diff --git a/javascript/ql/src/change-notes/2025-02-21-test-suite.md b/javascript/ql/src/change-notes/2025-02-21-test-suite.md deleted file mode 100644 index 2fe2a2884964..000000000000 --- a/javascript/ql/src/change-notes/2025-02-21-test-suite.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- -* Fixed a recently-introduced bug that caused `js/server-side-unvalidated-url-redirection` to ignore - valid hostname checks and report spurious alerts after such a check. The original behaviour has been restored. diff --git a/javascript/ql/src/change-notes/2025-02-28-membership-regexp-test.md b/javascript/ql/src/change-notes/2025-02-28-membership-regexp-test.md deleted file mode 100644 index a1c46f0d795f..000000000000 --- a/javascript/ql/src/change-notes/2025-02-28-membership-regexp-test.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -category: fix ---- -* Fixed a bug that would in rare cases cause some regexp-based checks - to be seen as generic taint sanitisers, even though the underlying regexp - is not restrictive enough. The regexps are now analysed more precisely, - and unrestrictive regexp checks will no longer block taint flow. diff --git a/javascript/ql/src/change-notes/2025-03-11-vue-fix.md b/javascript/ql/src/change-notes/2025-03-11-vue-fix.md deleted file mode 100644 index b32e4f1fe563..000000000000 --- a/javascript/ql/src/change-notes/2025-03-11-vue-fix.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -category: fix ---- -* Fixed a bug, first introduced in `2.20.3`, that would prevent `v-html` attributes in Vue files - from being flagged by the `js/xss` query. The original behaviour has been restored and the `v-html` - attribute is once again functioning as a sink for the `js/xss` query. diff --git a/javascript/ql/src/change-notes/released/1.5.2.md b/javascript/ql/src/change-notes/released/1.5.2.md new file mode 100644 index 000000000000..6b0d7b03dece --- /dev/null +++ b/javascript/ql/src/change-notes/released/1.5.2.md @@ -0,0 +1,13 @@ +## 1.5.2 + +### Bug Fixes + +* Fixed a bug, first introduced in `2.20.3`, that would prevent `v-html` attributes in Vue files + from being flagged by the `js/xss` query. The original behaviour has been restored and the `v-html` + attribute is once again functioning as a sink for the `js/xss` query. +* Fixed a bug that would in rare cases cause some regexp-based checks + to be seen as generic taint sanitisers, even though the underlying regexp + is not restrictive enough. The regexps are now analysed more precisely, + and unrestrictive regexp checks will no longer block taint flow. +* Fixed a recently-introduced bug that caused `js/server-side-unvalidated-url-redirection` to ignore + valid hostname checks and report spurious alerts after such a check. The original behaviour has been restored. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index c5775c46013c..7eb901bae56a 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.1 +lastReleaseVersion: 1.5.2 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 5d855ccf9684..3a5ecb85b4f3 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.5.2-dev +version: 1.5.3-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 9767d978f89b..03ff99634124 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.20.md b/misc/suite-helpers/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 053ee911ddf0..28a36682869f 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.20-dev +version: 1.0.21-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 9750358f9407..8ea99e00e054 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 4.0.4 + +### Minor Analysis Improvements + +- Added the methods `getMinArguments` and `getMaxArguments` to the `Function` class. These return the minimum and maximum positional arguments that the given function accepts. + +### Bug Fixes + +- `MatchLiteralPattern`s such as `case None: ...` are now never pruned from the extracted source code. This fixes some situations where code was wrongly identified as unreachable. + ## 4.0.3 No user-facing changes. diff --git a/python/ql/lib/change-notes/2025-02-11-fix-match-literal-pruning.md b/python/ql/lib/change-notes/2025-02-11-fix-match-literal-pruning.md deleted file mode 100644 index 957f2a4ca99c..000000000000 --- a/python/ql/lib/change-notes/2025-02-11-fix-match-literal-pruning.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- - -- `MatchLiteralPattern`s such as `case None: ...` are now never pruned from the extracted source code. This fixes some situations where code was wrongly identified as unreachable. diff --git a/python/ql/lib/change-notes/2025-02-26-add-get-min-max-parameters-to-function-class.md b/python/ql/lib/change-notes/2025-02-26-add-get-min-max-parameters-to-function-class.md deleted file mode 100644 index f35b0981bafc..000000000000 --- a/python/ql/lib/change-notes/2025-02-26-add-get-min-max-parameters-to-function-class.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -- Added the methods `getMinArguments` and `getMaxArguments` to the `Function` class. These return the minimum and maximum positional arguments that the given function accepts. diff --git a/python/ql/lib/change-notes/released/4.0.4.md b/python/ql/lib/change-notes/released/4.0.4.md new file mode 100644 index 000000000000..b72949b0829c --- /dev/null +++ b/python/ql/lib/change-notes/released/4.0.4.md @@ -0,0 +1,9 @@ +## 4.0.4 + +### Minor Analysis Improvements + +- Added the methods `getMinArguments` and `getMaxArguments` to the `Function` class. These return the minimum and maximum positional arguments that the given function accepts. + +### Bug Fixes + +- `MatchLiteralPattern`s such as `case None: ...` are now never pruned from the extracted source code. This fixes some situations where code was wrongly identified as unreachable. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index f6bbc961bb14..b207094e2b39 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.0.3 +lastReleaseVersion: 4.0.4 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index dc06cd6582e0..020415470fe4 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 4.0.4-dev +version: 4.0.5-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index e885400b9b32..33e8046917e8 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 1.4.6 + +### Minor Analysis Improvements + +- The `py/special-method-wrong-signature` has been modernized and rewritten to no longer rely on outdated APIs. Moreover, the query no longer flags cases where a default value is never used, as these alerts were rarely useful. + +### Bug Fixes + +- The `py/unused-global-variable` now no longer flags variables that are only used in forward references (e.g. the `Foo` in `def bar(x: "Foo"): ...`). + ## 1.4.5 No user-facing changes. diff --git a/python/ql/src/change-notes/2025-03-04-fix-forward-annotation-fp-in-unused-global-var-query.md b/python/ql/src/change-notes/2025-03-04-fix-forward-annotation-fp-in-unused-global-var-query.md deleted file mode 100644 index 78142ea3fc68..000000000000 --- a/python/ql/src/change-notes/2025-03-04-fix-forward-annotation-fp-in-unused-global-var-query.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- - -- The `py/unused-global-variable` now no longer flags variables that are only used in forward references (e.g. the `Foo` in `def bar(x: "Foo"): ...`). diff --git a/python/ql/src/change-notes/2025-03-20-modernize-special-method-wrong-signature-query.md b/python/ql/src/change-notes/released/1.4.6.md similarity index 52% rename from python/ql/src/change-notes/2025-03-20-modernize-special-method-wrong-signature-query.md rename to python/ql/src/change-notes/released/1.4.6.md index e871b7510d9e..56b1147206be 100644 --- a/python/ql/src/change-notes/2025-03-20-modernize-special-method-wrong-signature-query.md +++ b/python/ql/src/change-notes/released/1.4.6.md @@ -1,5 +1,9 @@ ---- -category: minorAnalysis ---- +## 1.4.6 + +### Minor Analysis Improvements - The `py/special-method-wrong-signature` has been modernized and rewritten to no longer rely on outdated APIs. Moreover, the query no longer flags cases where a default value is never used, as these alerts were rarely useful. + +### Bug Fixes + +- The `py/unused-global-variable` now no longer flags variables that are only used in forward references (e.g. the `Foo` in `def bar(x: "Foo"): ...`). diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index a74b6b08d860..3b00bbce928c 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.5 +lastReleaseVersion: 1.4.6 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 3ba383b3dd27..2d3896cc57ff 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.4.6-dev +version: 1.4.7-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index db75b3193671..5eabfa99ba6d 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.1.3 + +No user-facing changes. + ## 4.1.2 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/4.1.3.md b/ruby/ql/lib/change-notes/released/4.1.3.md new file mode 100644 index 000000000000..789b2913c77b --- /dev/null +++ b/ruby/ql/lib/change-notes/released/4.1.3.md @@ -0,0 +1,3 @@ +## 4.1.3 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 2567ae3f9cce..cdfb18533241 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.1.2 +lastReleaseVersion: 4.1.3 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 993fe1292f07..639f6fb35f17 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 4.1.3-dev +version: 4.1.4-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index a07ad59185d5..7877bdb6a79c 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.15 + +No user-facing changes. + ## 1.1.14 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.1.15.md b/ruby/ql/src/change-notes/released/1.1.15.md new file mode 100644 index 000000000000..48d8c05d25f8 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.1.15.md @@ -0,0 +1,3 @@ +## 1.1.15 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 29ea4a8cc19b..9ec2e68cbd32 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.14 +lastReleaseVersion: 1.1.15 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 64547a36c7e6..ca0617aa13e0 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.1.15-dev +version: 1.1.16-dev groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 2bfa7916b94b..85c1fc61056f 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.5 + +No user-facing changes. + ## 0.1.4 No user-facing changes. diff --git a/rust/ql/lib/change-notes/released/0.1.5.md b/rust/ql/lib/change-notes/released/0.1.5.md new file mode 100644 index 000000000000..83cd9c5ff46a --- /dev/null +++ b/rust/ql/lib/change-notes/released/0.1.5.md @@ -0,0 +1,3 @@ +## 0.1.5 + +No user-facing changes. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index e8ee3af8ef9a..157cff8108d3 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.4 +lastReleaseVersion: 0.1.5 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 73785c49ded8..603ede342c78 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.1.5-dev +version: 0.1.6-dev groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 2bfa7916b94b..85c1fc61056f 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.5 + +No user-facing changes. + ## 0.1.4 No user-facing changes. diff --git a/rust/ql/src/change-notes/released/0.1.5.md b/rust/ql/src/change-notes/released/0.1.5.md new file mode 100644 index 000000000000..83cd9c5ff46a --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.5.md @@ -0,0 +1,3 @@ +## 0.1.5 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index e8ee3af8ef9a..157cff8108d3 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.4 +lastReleaseVersion: 0.1.5 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index a91a26473227..4b0296c0af8f 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.5-dev +version: 0.1.6-dev groups: - rust - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 234a79df339b..06ae926fe116 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.4 + +No user-facing changes. + ## 2.0.3 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.4.md b/shared/controlflow/change-notes/released/2.0.4.md new file mode 100644 index 000000000000..8e002b6db642 --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.4.md @@ -0,0 +1,3 @@ +## 2.0.4 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index fabf1e865966..0f306f8bd3bd 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.3 +lastReleaseVersion: 2.0.4 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 54e7b4b4f240..5b1c8278c8a9 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.4-dev +version: 2.0.5-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 8bffa581e57d..19d6b3ed9099 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.4 + +No user-facing changes. + ## 2.0.3 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.0.4.md b/shared/dataflow/change-notes/released/2.0.4.md new file mode 100644 index 000000000000..8e002b6db642 --- /dev/null +++ b/shared/dataflow/change-notes/released/2.0.4.md @@ -0,0 +1,3 @@ +## 2.0.4 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index fabf1e865966..0f306f8bd3bd 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.3 +lastReleaseVersion: 2.0.4 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index caa60e4d04d9..86a58593efd0 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.0.4-dev +version: 2.0.5-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index e9f3aba90f55..428eb375a90d 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.20.md b/shared/mad/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 5e4b3509b05d..0c7d0f8fb148 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 8cbc1671c892..8ca74122cc45 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.20.md b/shared/rangeanalysis/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 61a4c03bcd4b..258e34f4416a 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 1e1547b2f9d9..06d3215edb5a 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.20.md b/shared/regex/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 063f6bac3745..fb48dd895fe4 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 55580824a9b9..fb40fb4db741 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.20.md b/shared/ssa/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/ssa/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 038bbce301a6..c5e5a1470858 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 72016e3f662f..b20db0162311 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.20.md b/shared/threat-models/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index e3e5fad35e94..2698ba75fe47 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.20-dev +version: 1.0.21-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index f61d21be5852..2f7a36a4d8b6 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.20.md b/shared/tutorial/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 4907292655e9..239783afe11b 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index dbbac850f625..4c72a93118ed 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.20.md b/shared/typeflow/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 1c71dd0795ef..243dbbefacc8 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md new file mode 100644 index 000000000000..59b60bad0f37 --- /dev/null +++ b/shared/typeinference/CHANGELOG.md @@ -0,0 +1,3 @@ +## 0.0.1 + +No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.1.md b/shared/typeinference/change-notes/released/0.0.1.md new file mode 100644 index 000000000000..59b60bad0f37 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.1.md @@ -0,0 +1,3 @@ +## 0.0.1 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml new file mode 100644 index 000000000000..c6933410b71c --- /dev/null +++ b/shared/typeinference/codeql-pack.release.yml @@ -0,0 +1,2 @@ +--- +lastReleaseVersion: 0.0.1 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index dc1d4e81ed4e..4606888741ad 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.1-dev +version: 0.0.2-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index d527d9f47d9e..c31f7b82d8bd 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.4 + +No user-facing changes. + ## 2.0.3 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.4.md b/shared/typetracking/change-notes/released/2.0.4.md new file mode 100644 index 000000000000..8e002b6db642 --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.4.md @@ -0,0 +1,3 @@ +## 2.0.4 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index fabf1e865966..0f306f8bd3bd 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.3 +lastReleaseVersion: 2.0.4 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index de4bb160af4c..387f2df08500 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.4-dev +version: 2.0.5-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 53806f92bcdd..4365eb52a388 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.20.md b/shared/typos/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 369522f1d257..b84e528b13a9 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 263d05e55f4d..fa3c9ff7fb42 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.7 + +No user-facing changes. + ## 2.0.6 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.7.md b/shared/util/change-notes/released/2.0.7.md new file mode 100644 index 000000000000..4eb1353458c2 --- /dev/null +++ b/shared/util/change-notes/released/2.0.7.md @@ -0,0 +1,3 @@ +## 2.0.7 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index fbbc03c76427..08d5e9594498 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.6 +lastReleaseVersion: 2.0.7 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index bf91dbb06f93..cec325c5327a 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.7-dev +version: 2.0.8-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 281186a77b7c..5551a042e155 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.20.md b/shared/xml/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index b8b539862c5c..ddd183347db4 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index bc24aa51f120..2aff70a053b4 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.20 + +No user-facing changes. + ## 1.0.19 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.20.md b/shared/yaml/change-notes/released/1.0.20.md new file mode 100644 index 000000000000..5fc76269ab27 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.20.md @@ -0,0 +1,3 @@ +## 1.0.20 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index e15e0d267b0a..7af2d1347ffc 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.0.20 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index f1dc9a88774a..bfb8003b7451 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.20-dev +version: 1.0.21-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 2b896b57956b..d11c1a7a7766 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 4.1.3 + +No user-facing changes. + ## 4.1.2 No user-facing changes. diff --git a/swift/ql/lib/change-notes/released/4.1.3.md b/swift/ql/lib/change-notes/released/4.1.3.md new file mode 100644 index 000000000000..789b2913c77b --- /dev/null +++ b/swift/ql/lib/change-notes/released/4.1.3.md @@ -0,0 +1,3 @@ +## 4.1.3 + +No user-facing changes. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 2567ae3f9cce..cdfb18533241 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.1.2 +lastReleaseVersion: 4.1.3 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 60dae36afc68..a8937945393d 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 4.1.3-dev +version: 4.1.4-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index f81969a619e8..ee24a514d14f 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.0 + +### New Queries + +* Added a new summary query counting the total number of extracted AST nodes. + ## 1.0.19 No user-facing changes. diff --git a/swift/ql/src/change-notes/2025-03-18-number_of_nodes.md b/swift/ql/src/change-notes/released/1.1.0.md similarity index 74% rename from swift/ql/src/change-notes/2025-03-18-number_of_nodes.md rename to swift/ql/src/change-notes/released/1.1.0.md index bf7a08198221..c9cba1415cd2 100644 --- a/swift/ql/src/change-notes/2025-03-18-number_of_nodes.md +++ b/swift/ql/src/change-notes/released/1.1.0.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- +## 1.1.0 + +### New Queries + * Added a new summary query counting the total number of extracted AST nodes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index e15e0d267b0a..2ac15439f561 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.19 +lastReleaseVersion: 1.1.0 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 6c59362f5045..65d542ab524c 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.20-dev +version: 1.1.1-dev groups: - swift - queries