From 8f55dcdd6789db9bdb9c1fbaf9f292dd5224d439 Mon Sep 17 00:00:00 2001
From: Jon Janego <jonjanego@github.com>
Date: Wed, 11 Jun 2025 15:36:30 -0500
Subject: [PATCH 1/2] removing brackets around a url

---
 go/ql/src/CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md
index b711743ccc9a..515fbad7adf9 100644
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@@ -2,7 +2,7 @@
 
 ### New Queries
 
-* Query (`go/html-template-escaping-bypass-xss`) has been promoted to the main query suite. This query finds potential cross-site scripting (XSS) vulnerabilities when using the `html/template` package, caused by user input being cast to a type which bypasses the HTML autoescaping. It was originally contributed to the experimental query pack by @gagliardetto in <https://github.com/github/codeql-go/pull/493>.
+* Query (`go/html-template-escaping-bypass-xss`) has been promoted to the main query suite. This query finds potential cross-site scripting (XSS) vulnerabilities when using the `html/template` package, caused by user input being cast to a type which bypasses the HTML autoescaping. It was originally contributed to the experimental query pack by @gagliardetto in https://github.com/github/codeql-go/pull/493.
 
 ## 1.2.1
 

From 6336e3d44b26c46b1af1b27fb8efce5e15fa15d7 Mon Sep 17 00:00:00 2001
From: Jon Janego <jonjanego@github.com>
Date: Wed, 11 Jun 2025 16:02:28 -0500
Subject: [PATCH 2/2] fixing another bracket

---
 go/ql/src/change-notes/released/1.3.0.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go/ql/src/change-notes/released/1.3.0.md b/go/ql/src/change-notes/released/1.3.0.md
index fe0c5a7af3c4..84afeabc50de 100644
--- a/go/ql/src/change-notes/released/1.3.0.md
+++ b/go/ql/src/change-notes/released/1.3.0.md
@@ -2,4 +2,4 @@
 
 ### New Queries
 
-* Query (`go/html-template-escaping-bypass-xss`) has been promoted to the main query suite. This query finds potential cross-site scripting (XSS) vulnerabilities when using the `html/template` package, caused by user input being cast to a type which bypasses the HTML autoescaping. It was originally contributed to the experimental query pack by @gagliardetto in <https://github.com/github/codeql-go/pull/493>.
+* Query (`go/html-template-escaping-bypass-xss`) has been promoted to the main query suite. This query finds potential cross-site scripting (XSS) vulnerabilities when using the `html/template` package, caused by user input being cast to a type which bypasses the HTML autoescaping. It was originally contributed to the experimental query pack by @gagliardetto in https://github.com/github/codeql-go/pull/493.