From a67218a0277be5516730cf3bdb0fb1932c14b2c1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 4 Mar 2024 17:42:08 +0000 Subject: [PATCH 01/12] Release preparation for version 2.16.4 --- cpp/ql/lib/CHANGELOG.md | 6 ++++++ .../0.12.7.md} | 9 +++++---- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 7 +++++++ .../2024-02-29-non-constant-format-path-query.md | 4 ---- .../0.9.6.md} | 8 +++++--- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../Solorigate/lib/change-notes/released/1.7.10.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../Solorigate/src/change-notes/released/1.7.10.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 14 ++++++++++++++ .../change-notes/2024-02-21-getonly-properties.md | 4 ---- .../ql/lib/change-notes/2024-02-22-no-db-stats.md | 4 ---- .../change-notes/2024-02-23-compiler-generated.md | 4 ---- .../2024-02-26-variable-capture-flow.md | 4 ---- .../2024-02-28-experimental-attribute.md | 4 ---- .../2024-02-28-refreadonly-parameter.md | 4 ---- csharp/ql/lib/change-notes/released/0.8.10.md | 13 +++++++++++++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ++++++ .../0.8.10.md} | 9 +++++---- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/0.0.9.md | 3 +++ go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 11 +++++++++++ .../lib/change-notes/2024-02-14-range-map-read.md | 4 ---- .../0.7.10.md} | 11 ++++++++--- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/0.7.10.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ++++ .../automodel/src/change-notes/released/0.0.17.md | 3 +++ java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 11 +++++++++++ .../change-notes/2024-02-23-widget-flowsteps.md | 4 ---- java/ql/lib/change-notes/2024-02-27-error-types.md | 4 ---- .../lib/change-notes/2024-02-27-mvnw-versions.md | 4 ---- java/ql/lib/change-notes/released/0.8.10.md | 10 ++++++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 10 ++++++++++ .../2024-02-12-android-insecure-keys.md | 4 ---- .../0.8.10.md} | 11 ++++++++--- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ javascript/ql/lib/change-notes/released/0.8.10.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ++++ javascript/ql/src/change-notes/released/0.8.10.md | 3 +++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ misc/suite-helpers/change-notes/released/0.7.10.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 7 +++++++ .../2024-02-28-iterable-unpacking-module-scope.md | 4 ---- .../0.11.10.md} | 8 +++++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ++++++ .../0.9.10.md} | 7 ++++--- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 9 +++++++++ ...2024-02-15-activerecord_connection_sql_sinks.md | 4 ---- .../2024-02-20-activerecord-sql-sink-arguments.md | 4 ---- .../lib/change-notes/2024-02-26-arel-sqlliteral.md | 4 ---- .../lib/change-notes/2024-02-29-i18n-translate.md | 4 ---- ruby/ql/lib/change-notes/released/0.8.10.md | 8 ++++++++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 7 +++++++ .../2024-02-13-rails-more-request-sources.md | 4 ---- .../0.8.10.md} | 10 ++++++---- ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ shared/controlflow/change-notes/released/0.1.10.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ shared/dataflow/change-notes/released/0.2.1.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/0.2.10.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../rangeanalysis/change-notes/released/0.0.9.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/0.2.10.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/0.2.10.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../threat-models/change-notes/released/0.0.9.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ shared/tutorial/change-notes/released/0.2.10.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../typetracking/change-notes/released/0.2.10.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/0.2.10.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/0.2.10.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/0.2.10.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ++++++ .../0.3.10.md} | 7 ++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/0.3.10.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 150 files changed, 394 insertions(+), 168 deletions(-) rename cpp/ql/lib/change-notes/{2024-02-26-ir-named-destructors.md => released/0.12.7.md} (54%) delete mode 100644 cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md rename cpp/ql/src/change-notes/{2024-02-16-modelled-functions-block-flow.md => released/0.9.6.md} (77%) create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md create mode 100644 csharp/ql/lib/change-notes/released/0.8.10.md rename csharp/ql/src/change-notes/{2024-02-06-threat-models.md => released/0.8.10.md} (88%) create mode 100644 go/ql/consistency-queries/change-notes/released/0.0.9.md delete mode 100644 go/ql/lib/change-notes/2024-02-14-range-map-read.md rename go/ql/lib/change-notes/{2024-03-04-autobuilder-changes.md => released/0.7.10.md} (68%) create mode 100644 go/ql/src/change-notes/released/0.7.10.md create mode 100644 java/ql/automodel/src/change-notes/released/0.0.17.md delete mode 100644 java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md delete mode 100644 java/ql/lib/change-notes/2024-02-27-error-types.md delete mode 100644 java/ql/lib/change-notes/2024-02-27-mvnw-versions.md create mode 100644 java/ql/lib/change-notes/released/0.8.10.md delete mode 100644 java/ql/src/change-notes/2024-02-12-android-insecure-keys.md rename java/ql/src/change-notes/{2024-03-04-sensitive-log-remove-null-from-sources.md => released/0.8.10.md} (54%) create mode 100644 javascript/ql/lib/change-notes/released/0.8.10.md create mode 100644 javascript/ql/src/change-notes/released/0.8.10.md create mode 100644 misc/suite-helpers/change-notes/released/0.7.10.md delete mode 100644 python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md rename python/ql/lib/change-notes/{2024-03-01-dict-update-content.md => released/0.11.10.md} (52%) rename python/ql/src/change-notes/{2024-03-04-nosql-injection.md => released/0.9.10.md} (81%) delete mode 100644 ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md create mode 100644 ruby/ql/lib/change-notes/released/0.8.10.md delete mode 100644 ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md rename ruby/ql/src/change-notes/{2024-03-01-method-code-injection-sinks.md => released/0.8.10.md} (51%) create mode 100644 shared/controlflow/change-notes/released/0.1.10.md create mode 100644 shared/dataflow/change-notes/released/0.2.1.md create mode 100644 shared/mad/change-notes/released/0.2.10.md create mode 100644 shared/rangeanalysis/change-notes/released/0.0.9.md create mode 100644 shared/regex/change-notes/released/0.2.10.md create mode 100644 shared/ssa/change-notes/released/0.2.10.md create mode 100644 shared/threat-models/change-notes/released/0.0.9.md create mode 100644 shared/tutorial/change-notes/released/0.2.10.md create mode 100644 shared/typetracking/change-notes/released/0.2.10.md create mode 100644 shared/typos/change-notes/released/0.2.10.md create mode 100644 shared/util/change-notes/released/0.2.10.md create mode 100644 shared/yaml/change-notes/released/0.2.10.md rename swift/ql/lib/change-notes/{2024-02-22-extension-patch.md => released/0.3.10.md} (83%) create mode 100644 swift/ql/src/change-notes/released/0.3.10.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index b3091ec37d8f..e1c0dfbecd9a 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.12.7 + +### Minor Analysis Improvements + +* Added destructors for named objects to the intermediate representation. + ## 0.12.6 ### New Features diff --git a/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md b/cpp/ql/lib/change-notes/released/0.12.7.md similarity index 54% rename from cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md rename to cpp/ql/lib/change-notes/released/0.12.7.md index 4e35decaf8ed..856a8b665c74 100644 --- a/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md +++ b/cpp/ql/lib/change-notes/released/0.12.7.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Added destructors for named objects to the intermediate representation. \ No newline at end of file +## 0.12.7 + +### Minor Analysis Improvements + +* Added destructors for named objects to the intermediate representation. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 170a312c1047..20419e9c6100 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.6 +lastReleaseVersion: 0.12.7 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8e201fff5943..3bb9229bf94d 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.7-dev +version: 0.12.7 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index ffcd73ff5d72..f6acd424bb05 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.9.6 + +### Minor Analysis Improvements + +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. +* The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. + ## 0.9.5 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md deleted file mode 100644 index 2e5933a61e86..000000000000 --- a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md b/cpp/ql/src/change-notes/released/0.9.6.md similarity index 77% rename from cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md rename to cpp/ql/src/change-notes/released/0.9.6.md index d6ef3c3e0569..0c85f3f9f0f0 100644 --- a/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md +++ b/cpp/ql/src/change-notes/released/0.9.6.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.9.6 + +### Minor Analysis Improvements + +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. * The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 460240feafff..19139c132b2d 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.5 +lastReleaseVersion: 0.9.6 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 31bd20166b2b..4052647bb97f 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.6-dev +version: 0.9.6 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 190b83b0f25a..82eacfc84f70 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.10 + +No user-facing changes. + ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md new file mode 100644 index 000000000000..8e8007d8475f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md @@ -0,0 +1,3 @@ +## 1.7.10 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 678da6bc37e9..31c7fe07020b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.9 +lastReleaseVersion: 1.7.10 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 7e643b0fac33..ee993bed0c91 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.10-dev +version: 1.7.10 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 190b83b0f25a..82eacfc84f70 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.10 + +No user-facing changes. + ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md new file mode 100644 index 000000000000..8e8007d8475f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md @@ -0,0 +1,3 @@ +## 1.7.10 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 678da6bc37e9..31c7fe07020b 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.9 +lastReleaseVersion: 1.7.10 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 8654bbfd0312..1f421754fc82 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.10-dev +version: 1.7.10 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 95fd64c52704..16cc14259e19 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,17 @@ +## 0.8.10 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. + +### Minor Analysis Improvements + +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. +* C# 12: Add extractor and QL library support for `ref readonly` parameters. +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md deleted file mode 100644 index 6bb8e99c71ef..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md deleted file mode 100644 index d6ffbd523ac6..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. diff --git a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md deleted file mode 100644 index 9b1739b9b6da..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. diff --git a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md deleted file mode 100644 index 66ab65083dc3..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md deleted file mode 100644 index 8749c790954e..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. diff --git a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md deleted file mode 100644 index 586b5341d293..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 12: Add extractor and QL library support for `ref readonly` parameters. diff --git a/csharp/ql/lib/change-notes/released/0.8.10.md b/csharp/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..f591ddc5b21a --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,13 @@ +## 0.8.10 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. + +### Minor Analysis Improvements + +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. +* C# 12: Add extractor and QL library support for `ref readonly` parameters. +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index d75ea3c63207..93c5c1120a24 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.10-dev +version: 0.8.10 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 9fe1609363fc..46c939e5cee1 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/2024-02-06-threat-models.md b/csharp/ql/src/change-notes/released/0.8.10.md similarity index 88% rename from csharp/ql/src/change-notes/2024-02-06-threat-models.md rename to csharp/ql/src/change-notes/released/0.8.10.md index 69ac4e4dc17a..702161c3d28f 100644 --- a/csharp/ql/src/change-notes/2024-02-06-threat-models.md +++ b/csharp/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. \ No newline at end of file +## 0.8.10 + +### Minor Analysis Improvements + +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 9ee23cc73078..46384094b19e 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.10-dev +version: 0.8.10 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index fba2a8703562..a59e560c4155 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.9.md b/go/ql/consistency-queries/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index b574796b9954..d5a2fbee5f19 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.9-dev +version: 0.0.9 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 65a2376217b1..fee5fd37a267 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.7.10 + +### Major Analysis Improvements + +* We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. +* Go 1.22 has been included in the range of supported Go versions. + +### Bug Fixes + +* Fixed dataflow out of a `map` using a `range` statement. + ## 0.7.9 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-02-14-range-map-read.md b/go/ql/lib/change-notes/2024-02-14-range-map-read.md deleted file mode 100644 index ea45737a72ea..000000000000 --- a/go/ql/lib/change-notes/2024-02-14-range-map-read.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md b/go/ql/lib/change-notes/released/0.7.10.md similarity index 68% rename from go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md rename to go/ql/lib/change-notes/released/0.7.10.md index 0442a571029f..55954f8a3945 100644 --- a/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md +++ b/go/ql/lib/change-notes/released/0.7.10.md @@ -1,5 +1,10 @@ ---- -category: majorAnalysis ---- +## 0.7.10 + +### Major Analysis Improvements + * We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. * Go 1.22 has been included in the range of supported Go versions. + +### Bug Fixes + +* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index f21e478efa68..8cc190fa880a 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.10-dev +version: 0.7.10 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index d95165a3a34e..24e38b9890e1 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.10 + +No user-facing changes. + ## 0.7.9 ### New Queries diff --git a/go/ql/src/change-notes/released/0.7.10.md b/go/ql/src/change-notes/released/0.7.10.md new file mode 100644 index 000000000000..989c5b8f6823 --- /dev/null +++ b/go/ql/src/change-notes/released/0.7.10.md @@ -0,0 +1,3 @@ +## 0.7.10 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index d91cab596127..4ded3a52f63e 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.10-dev +version: 0.7.10 groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 4a3c54adb385..c3282c773a9d 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.17 + +No user-facing changes. + ## 0.0.16 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.17.md b/java/ql/automodel/src/change-notes/released/0.0.17.md new file mode 100644 index 000000000000..62cc89030a62 --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/0.0.17.md @@ -0,0 +1,3 @@ +## 0.0.17 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index a49f7be4cff3..cbc3d3cd4934 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.16 +lastReleaseVersion: 0.0.17 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 898239be0989..59fab0cdcc53 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.17-dev +version: 0.0.17 groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index d369cbdc9318..2a02ccee6abb 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. + +### Bug Fixes + +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. + ## 0.8.9 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md deleted file mode 100644 index eb560fba07da..000000000000 --- a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/change-notes/2024-02-27-error-types.md b/java/ql/lib/change-notes/2024-02-27-error-types.md deleted file mode 100644 index cdc6d7620aa8..000000000000 --- a/java/ql/lib/change-notes/2024-02-27-error-types.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. diff --git a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md deleted file mode 100644 index a0227088ae97..000000000000 --- a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. diff --git a/java/ql/lib/change-notes/released/0.8.10.md b/java/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..b45f14bf347a --- /dev/null +++ b/java/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,10 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. + +### Bug Fixes + +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 15b4982d41eb..428eedc75e3d 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.10-dev +version: 0.8.10 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 5d8353514538..c61275f5ed84 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.8.10 + +### New Queries + +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. + +### Minor Analysis Improvements + +* To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. + ## 0.8.9 ### New Queries diff --git a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md deleted file mode 100644 index 1de077277962..000000000000 --- a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. \ No newline at end of file diff --git a/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md b/java/ql/src/change-notes/released/0.8.10.md similarity index 54% rename from java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md rename to java/ql/src/change-notes/released/0.8.10.md index 0bb4f18f2bd9..c5d18ae33794 100644 --- a/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md +++ b/java/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,9 @@ ---- -category: minorAnalysis ---- +## 0.8.10 + +### New Queries + +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. + +### Minor Analysis Improvements + * To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 8f4de528e213..ebbdbeee3b2c 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.10-dev +version: 0.8.10 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 5b97ebbb22b3..d5edcc005131 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.10 + +No user-facing changes. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/0.8.10.md b/javascript/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..777bbd2fdede --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,3 @@ +## 0.8.10 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index ef3ca7521aca..da16493a21c9 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.10-dev +version: 0.8.10 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 85516e3625d1..b9627cac5eee 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.10 + +No user-facing changes. + ## 0.8.9 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/released/0.8.10.md b/javascript/ql/src/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..777bbd2fdede --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.8.10.md @@ -0,0 +1,3 @@ +## 0.8.10 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index b6181aa30e99..d224952c5641 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.10-dev +version: 0.8.10 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 3c06dd69b0f5..1c4455b66c43 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.10 + +No user-facing changes. + ## 0.7.9 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.10.md b/misc/suite-helpers/change-notes/released/0.7.10.md new file mode 100644 index 000000000000..989c5b8f6823 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.7.10.md @@ -0,0 +1,3 @@ +## 0.7.10 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 49b7a6bda4c2..54d978d5efe7 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.10-dev +version: 0.7.10 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index e6f318c51ea8..f095607ca1bf 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.11.10 + +### Minor Analysis Improvements + +* Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. + ## 0.11.9 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md deleted file mode 100644 index 3c47c6ba866a..000000000000 --- a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/change-notes/2024-03-01-dict-update-content.md b/python/ql/lib/change-notes/released/0.11.10.md similarity index 52% rename from python/ql/lib/change-notes/2024-03-01-dict-update-content.md rename to python/ql/lib/change-notes/released/0.11.10.md index dfb8d247fffa..ed873724e4f2 100644 --- a/python/ql/lib/change-notes/2024-03-01-dict-update-content.md +++ b/python/ql/lib/change-notes/released/0.11.10.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.11.10 + +### Minor Analysis Improvements + * Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index b064d1778a10..ddddcbe9193d 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.9 +lastReleaseVersion: 0.11.10 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index e9f66e205f24..59a8b4c96d17 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.10-dev +version: 0.11.10 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 50762bcbf34e..d4245aba7a62 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.9.10 + +### New Queries + +* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. + ## 0.9.9 No user-facing changes. diff --git a/python/ql/src/change-notes/2024-03-04-nosql-injection.md b/python/ql/src/change-notes/released/0.9.10.md similarity index 81% rename from python/ql/src/change-notes/2024-03-04-nosql-injection.md rename to python/ql/src/change-notes/released/0.9.10.md index 6e98540c757c..4cbb221b789f 100644 --- a/python/ql/src/change-notes/2024-03-04-nosql-injection.md +++ b/python/ql/src/change-notes/released/0.9.10.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- +## 0.9.10 + +### New Queries + * The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index aabed7c396b7..d086ed69541d 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.9 +lastReleaseVersion: 0.9.10 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index aa18f2d87074..c920f667836b 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.10-dev +version: 0.9.10 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index a623a151e891..c61a12e0f4ad 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md deleted file mode 100644 index c2276f284a84..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md deleted file mode 100644 index 1486c7a472d1..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md deleted file mode 100644 index 6f3a90768bab..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md deleted file mode 100644 index 350e049b5bfc..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/released/0.8.10.md b/ruby/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..666e28f840e7 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,8 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 7d409b83adbd..de5b41999fe1 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.10-dev +version: 0.8.10 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 4149c728effa..f875b6d16ad4 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. +* Added additional request sources for Ruby on Rails. + ## 0.8.9 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md deleted file mode 100644 index 84ea696dfef4..000000000000 --- a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added additional request sources for Ruby on Rails. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md b/ruby/ql/src/change-notes/released/0.8.10.md similarity index 51% rename from ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md rename to ruby/ql/src/change-notes/released/0.8.10.md index 43e40d3fd536..985cdf8d22e0 100644 --- a/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md +++ b/ruby/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. \ No newline at end of file +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. +* Added additional request sources for Ruby on Rails. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 8af7f9fd7976..5e3792682346 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.10-dev +version: 0.8.10 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index dbfa6ef4512d..75f2ca53f987 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.10 + +No user-facing changes. + ## 0.1.9 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.10.md b/shared/controlflow/change-notes/released/0.1.10.md new file mode 100644 index 000000000000..47358eeee934 --- /dev/null +++ b/shared/controlflow/change-notes/released/0.1.10.md @@ -0,0 +1,3 @@ +## 0.1.10 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 1425c0edf7f8..30f5ca88be0e 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.9 +lastReleaseVersion: 0.1.10 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 9d35a6782761..1d43802be421 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.10-dev +version: 0.1.10 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 67a5bf589f4f..ef80788bded6 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.1 + +No user-facing changes. + ## 0.2.0 ### Breaking Changes diff --git a/shared/dataflow/change-notes/released/0.2.1.md b/shared/dataflow/change-notes/released/0.2.1.md new file mode 100644 index 000000000000..3dbfc85fe11d --- /dev/null +++ b/shared/dataflow/change-notes/released/0.2.1.md @@ -0,0 +1,3 @@ +## 0.2.1 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 5274e27ed522..df29a726bccc 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.0 +lastReleaseVersion: 0.2.1 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 1e7becf71c4f..ee422e02ea9a 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.1-dev +version: 0.2.1 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 4d09057118ce..4730366775ea 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.10.md b/shared/mad/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/mad/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 22c8f271ccc6..6d7269ef3da8 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 5b8dbcfab22c..9943dcb79727 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.9.md b/shared/rangeanalysis/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 836fe51ee344..01db5d5734d0 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.9-dev +version: 0.0.9 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index cd5f91f71ec1..c05869c153d3 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.10.md b/shared/regex/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/regex/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index ea3f7f9b2389..0d4f485312f7 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 01acfae01489..a9161ff578b0 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.10.md b/shared/ssa/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/ssa/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 19304ad107f1..2ad254711a50 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index fba2a8703562..a59e560c4155 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.9.md b/shared/threat-models/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/shared/threat-models/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index d0ed9a913b21..60cbbc56fcb3 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.9-dev +version: 0.0.9 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 1db3a01af0b1..560ad058d5b3 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.10.md b/shared/tutorial/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/tutorial/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index b595ae9ee70a..69116705c1bf 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index afc857bc6bce..350f9ecbeae0 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.10.md b/shared/typetracking/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/typetracking/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index b55927f59bb7..fbbdcf5162a1 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 66c5871d9821..54b1eaa4d589 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.10.md b/shared/typos/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/typos/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 644bfe11bff7..4d59d9b3c342 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 63832e927fa5..1ca1f71bcbc2 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.10.md b/shared/util/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/util/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index ca1a866a53d4..28ed738a93dd 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index e5495abcd503..9fd5ebc26ab2 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.10.md b/shared/yaml/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/yaml/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index de5b47e120ae..9643ffcec66b 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e88cd0259ccf..8f14bfcedc9c 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.3.10 + +### Bug Fixes + +* Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. + ## 0.3.9 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/2024-02-22-extension-patch.md b/swift/ql/lib/change-notes/released/0.3.10.md similarity index 83% rename from swift/ql/lib/change-notes/2024-02-22-extension-patch.md rename to swift/ql/lib/change-notes/released/0.3.10.md index 7bd78f3b785c..9d6286ff58a7 100644 --- a/swift/ql/lib/change-notes/2024-02-22-extension-patch.md +++ b/swift/ql/lib/change-notes/released/0.3.10.md @@ -1,4 +1,5 @@ ---- -category: fix ---- +## 0.3.10 + +### Bug Fixes + * Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 3fa5180bcb49..76ca0ac8ba76 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.9 +lastReleaseVersion: 0.3.10 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index a37a4cb3d580..70ec4798ea85 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.10-dev +version: 0.3.10 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 96615d069729..bda9834c9bca 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.3.10 + +No user-facing changes. + ## 0.3.9 ### New Queries diff --git a/swift/ql/src/change-notes/released/0.3.10.md b/swift/ql/src/change-notes/released/0.3.10.md new file mode 100644 index 000000000000..925a48fc52e0 --- /dev/null +++ b/swift/ql/src/change-notes/released/0.3.10.md @@ -0,0 +1,3 @@ +## 0.3.10 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 3fa5180bcb49..76ca0ac8ba76 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.9 +lastReleaseVersion: 0.3.10 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index e3ead42c98bf..ba66b065529b 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.10-dev +version: 0.3.10 groups: - swift - queries From 2aa093c95cde5faed2aef27e119f8266e660863b Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 5 Mar 2024 11:25:02 +0000 Subject: [PATCH 02/12] Go: Move `getImportPath` to shared `util` package --- .../cli/go-autobuilder/go-autobuilder.go | 60 +------------------ go/extractor/util/util.go | 59 ++++++++++++++++++ .../util_test.go} | 2 +- 3 files changed, 61 insertions(+), 60 deletions(-) rename go/extractor/{cli/go-autobuilder/go-autobuilder_test.go => util/util_test.go} (98%) diff --git a/go/extractor/cli/go-autobuilder/go-autobuilder.go b/go/extractor/cli/go-autobuilder/go-autobuilder.go index 91291c771448..b2e2a78666f6 100644 --- a/go/extractor/cli/go-autobuilder/go-autobuilder.go +++ b/go/extractor/cli/go-autobuilder/go-autobuilder.go @@ -3,7 +3,6 @@ package main import ( "fmt" "log" - "net/url" "os" "os/exec" "path/filepath" @@ -56,63 +55,6 @@ Build behavior: fmt.Fprintf(os.Stderr, "Usage:\n\n %s\n", os.Args[0]) } -// Returns the import path of the package being built, or "" if it cannot be determined. -func getImportPath() (importpath string) { - importpath = os.Getenv("LGTM_INDEX_IMPORT_PATH") - if importpath == "" { - repourl := os.Getenv("SEMMLE_REPO_URL") - if repourl == "" { - githubrepo := os.Getenv("GITHUB_REPOSITORY") - if githubrepo == "" { - log.Printf("Unable to determine import path, as neither LGTM_INDEX_IMPORT_PATH nor GITHUB_REPOSITORY is set\n") - return "" - } else { - importpath = "github.com/" + githubrepo - } - } else { - importpath = getImportPathFromRepoURL(repourl) - if importpath == "" { - log.Printf("Failed to determine import path from SEMMLE_REPO_URL '%s'\n", repourl) - return - } - } - } - log.Printf("Import path is '%s'\n", importpath) - return -} - -// Returns the import path of the package being built from `repourl`, or "" if it cannot be -// determined. -func getImportPathFromRepoURL(repourl string) string { - // check for scp-like URL as in "git@github.com:github/codeql-go.git" - shorturl := regexp.MustCompile(`^([^@]+@)?([^:]+):([^/].*?)(\.git)?$`) - m := shorturl.FindStringSubmatch(repourl) - if m != nil { - return m[2] + "/" + m[3] - } - - // otherwise parse as proper URL - u, err := url.Parse(repourl) - if err != nil { - log.Fatalf("Malformed repository URL '%s'\n", repourl) - } - - if u.Scheme == "file" { - // we can't determine import paths from file paths - return "" - } - - if u.Hostname() == "" || u.Path == "" { - return "" - } - - host := u.Hostname() - path := u.Path - // strip off leading slashes and trailing `.git` if present - path = regexp.MustCompile(`^/+|\.git$`).ReplaceAllString(path, "") - return host + "/" + path -} - func restoreRepoLayout(fromDir string, dirEntries []string, scratchDirName string, toDir string) { for _, dirEntry := range dirEntries { if dirEntry != scratchDirName { @@ -568,7 +510,7 @@ func installDependenciesAndBuild() { if len(workspaces) == 1 { workspace := workspaces[0] - importpath := getImportPath() + importpath := util.GetImportPath() needGopath := getNeedGopath(workspace, importpath) inLGTM := os.Getenv("LGTM_SRC") != "" || os.Getenv("LGTM_INDEX_NEED_GOPATH") != "" diff --git a/go/extractor/util/util.go b/go/extractor/util/util.go index b5b28089e789..2ae6a2b0cd2b 100644 --- a/go/extractor/util/util.go +++ b/go/extractor/util/util.go @@ -6,9 +6,11 @@ import ( "io" "io/fs" "log" + "net/url" "os" "os/exec" "path/filepath" + "regexp" "runtime" "slices" "strings" @@ -350,3 +352,60 @@ func GetParentDirs(paths []string) []string { } return dirs } + +// Returns the import path of the package being built, or "" if it cannot be determined. +func GetImportPath() (importpath string) { + importpath = os.Getenv("LGTM_INDEX_IMPORT_PATH") + if importpath == "" { + repourl := os.Getenv("SEMMLE_REPO_URL") + if repourl == "" { + githubrepo := os.Getenv("GITHUB_REPOSITORY") + if githubrepo == "" { + log.Printf("Unable to determine import path, as neither LGTM_INDEX_IMPORT_PATH nor GITHUB_REPOSITORY is set\n") + return "" + } else { + importpath = "github.com/" + githubrepo + } + } else { + importpath = getImportPathFromRepoURL(repourl) + if importpath == "" { + log.Printf("Failed to determine import path from SEMMLE_REPO_URL '%s'\n", repourl) + return + } + } + } + log.Printf("Import path is '%s'\n", importpath) + return +} + +// Returns the import path of the package being built from `repourl`, or "" if it cannot be +// determined. +func getImportPathFromRepoURL(repourl string) string { + // check for scp-like URL as in "git@github.com:github/codeql-go.git" + shorturl := regexp.MustCompile(`^([^@]+@)?([^:]+):([^/].*?)(\.git)?$`) + m := shorturl.FindStringSubmatch(repourl) + if m != nil { + return m[2] + "/" + m[3] + } + + // otherwise parse as proper URL + u, err := url.Parse(repourl) + if err != nil { + log.Fatalf("Malformed repository URL '%s'\n", repourl) + } + + if u.Scheme == "file" { + // we can't determine import paths from file paths + return "" + } + + if u.Hostname() == "" || u.Path == "" { + return "" + } + + host := u.Hostname() + path := u.Path + // strip off leading slashes and trailing `.git` if present + path = regexp.MustCompile(`^/+|\.git$`).ReplaceAllString(path, "") + return host + "/" + path +} diff --git a/go/extractor/cli/go-autobuilder/go-autobuilder_test.go b/go/extractor/util/util_test.go similarity index 98% rename from go/extractor/cli/go-autobuilder/go-autobuilder_test.go rename to go/extractor/util/util_test.go index f4e8405fe365..45d32bda3e1b 100644 --- a/go/extractor/cli/go-autobuilder/go-autobuilder_test.go +++ b/go/extractor/util/util_test.go @@ -1,4 +1,4 @@ -package main +package util import "testing" From 367ecf75d5889bb20da8e8a2123804d6cb76d79b Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 5 Mar 2024 11:37:51 +0000 Subject: [PATCH 03/12] Go: Use import path for auto-generated Go module names --- go/extractor/toolchain/toolchain.go | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/go/extractor/toolchain/toolchain.go b/go/extractor/toolchain/toolchain.go index 38abfd43874c..104894c59757 100644 --- a/go/extractor/toolchain/toolchain.go +++ b/go/extractor/toolchain/toolchain.go @@ -5,8 +5,10 @@ import ( "log" "os" "os/exec" + "path/filepath" "strings" + "github.com/github/codeql-go/extractor/util" "golang.org/x/mod/semver" ) @@ -81,7 +83,20 @@ func TidyModule(path string) *exec.Cmd { // Run `go mod init` in the directory given by `path`. func InitModule(path string) *exec.Cmd { - modInit := exec.Command("go", "mod", "init", "codeql/auto-project") + moduleName := "codeql/auto-project" + + if importpath := util.GetImportPath(); importpath != "" { + // This should be something like `github.com/user/repo` + moduleName = importpath + + // If we are not initialising the new module in the root directory of the workspace, + // append the relative path to the module name. + if relPath, err := filepath.Rel(".", path); err != nil && relPath != "." { + moduleName = moduleName + "/" + relPath + } + } + + modInit := exec.Command("go", "mod", "init", moduleName) modInit.Dir = path return modInit } From b1e0bc03ab34a271563ac8a5ba66577b0f59b954 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 5 Mar 2024 11:55:10 +0000 Subject: [PATCH 04/12] Go: Fix check for whether it is safe to initialise a `go.mod` file in a given directory --- go/extractor/project/project.go | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/go/extractor/project/project.go b/go/extractor/project/project.go index 187389ecd553..9315a33f04cf 100644 --- a/go/extractor/project/project.go +++ b/go/extractor/project/project.go @@ -439,8 +439,9 @@ func getBuildRoots(emitDiagnostics bool) (goWorkspaces []GoWorkspace, totalModul for _, component := range components { path = filepath.Join(path, component) - // Try to initialize a `go.mod` file automatically for the stray source files. - if !slices.Contains(goModDirs, path) { + // Try to initialize a `go.mod` file automatically for the stray source files if + // doing so would not place it in a parent directory of an existing `go.mod` file. + if !startsWithAnyOf(path, goModDirs) { goWorkspaces = append(goWorkspaces, GoWorkspace{ BaseDir: path, DepMode: GoGetNoModules, @@ -477,6 +478,16 @@ func getBuildRoots(emitDiagnostics bool) (goWorkspaces []GoWorkspace, totalModul return } +// Determines whether `str` starts with any of `prefixes`. +func startsWithAnyOf(str string, prefixes []string) bool { + for _, prefix := range prefixes { + if strings.HasPrefix(str, prefix) { + return true + } + } + return false +} + // Finds Go workspaces in the current working directory. func GetWorkspaceInfo(emitDiagnostics bool) []GoWorkspace { bazelPaths := slices.Concat( From ac394dc80ce6e3488285fd5abc01f2c5543ba0fb Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 5 Mar 2024 13:46:33 +0000 Subject: [PATCH 05/12] Go: Better check for path prefixes --- go/extractor/project/project.go | 2 +- go/extractor/project/project_test.go | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 go/extractor/project/project_test.go diff --git a/go/extractor/project/project.go b/go/extractor/project/project.go index 9315a33f04cf..22c0f856c798 100644 --- a/go/extractor/project/project.go +++ b/go/extractor/project/project.go @@ -481,7 +481,7 @@ func getBuildRoots(emitDiagnostics bool) (goWorkspaces []GoWorkspace, totalModul // Determines whether `str` starts with any of `prefixes`. func startsWithAnyOf(str string, prefixes []string) bool { for _, prefix := range prefixes { - if strings.HasPrefix(str, prefix) { + if relPath, err := filepath.Rel(str, prefix); err == nil && !strings.HasPrefix(relPath, "..") { return true } } diff --git a/go/extractor/project/project_test.go b/go/extractor/project/project_test.go new file mode 100644 index 000000000000..f2de420773f9 --- /dev/null +++ b/go/extractor/project/project_test.go @@ -0,0 +1,27 @@ +package project + +import ( + "path/filepath" + "testing" +) + +func testStartsWithAnyOf(t *testing.T, path string, prefix string, expectation bool) { + result := startsWithAnyOf(path, []string{prefix}) + if result != expectation { + t.Errorf("Expected startsWithAnyOf(%s, %s) to be %t, but it is %t.", path, prefix, expectation, result) + } +} + +func TestStartsWithAnyOf(t *testing.T) { + testStartsWithAnyOf(t, ".", ".", true) + testStartsWithAnyOf(t, ".", "dir", true) + testStartsWithAnyOf(t, ".", filepath.Join("foo", "bar"), true) + testStartsWithAnyOf(t, "dir", "dir", true) + testStartsWithAnyOf(t, "foo", filepath.Join("foo", "bar"), true) + testStartsWithAnyOf(t, filepath.Join("foo", "bar"), filepath.Join("foo", "bar"), true) + testStartsWithAnyOf(t, filepath.Join("foo", "bar"), filepath.Join("foo", "bar", "baz"), true) + + testStartsWithAnyOf(t, filepath.Join("foo", "bar"), "foo", false) + testStartsWithAnyOf(t, filepath.Join("foo", "bar"), "bar", false) + testStartsWithAnyOf(t, filepath.Join("foo", "bar"), filepath.Join("foo", "baz"), false) +} From a8d240dd7278a4d0e73b92daff10bfd1e7d17d98 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 5 Mar 2024 14:08:16 +0000 Subject: [PATCH 06/12] Go: Add integration test for mixed layout project --- .../go/mixed-layout/diagnostics.expected | 28 +++++++++++++++++++ .../force_sequential_test_execution | 2 ++ .../go/mixed-layout/src/module/go.mod | 5 ++++ .../go/mixed-layout/src/module/go.sum | 7 +++++ .../go/mixed-layout/src/module/test.go | 13 +++++++++ .../go/mixed-layout/src/stray-files/test.go | 13 +++++++++ .../go/mixed-layout/src/workspace/go.work | 3 ++ .../mixed-layout/src/workspace/subdir/go.mod | 5 ++++ .../mixed-layout/src/workspace/subdir/go.sum | 7 +++++ .../mixed-layout/src/workspace/subdir/test.go | 13 +++++++++ .../go/mixed-layout/test.expected | 8 ++++++ .../all-platforms/go/mixed-layout/test.py | 18 ++++++++++++ .../all-platforms/go/mixed-layout/test.ql | 8 ++++++ 13 files changed, 130 insertions(+) create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/diagnostics.expected create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/force_sequential_test_execution create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.mod create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.sum create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/test.go create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/stray-files/test.go create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/go.work create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.mod create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.sum create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/test.go create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/test.expected create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/test.py create mode 100644 go/ql/integration-tests/all-platforms/go/mixed-layout/test.ql diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/diagnostics.expected b/go/ql/integration-tests/all-platforms/go/mixed-layout/diagnostics.expected new file mode 100644 index 000000000000..bbbdd515d68b --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/diagnostics.expected @@ -0,0 +1,28 @@ +{ + "markdownMessage": "1 `go.work` file was found:\n\n`workspace/go.work`", + "severity": "note", + "source": { + "extractorName": "go", + "id": "go/autobuilder/go-work-found", + "name": "`go.work` file found" + }, + "visibility": { + "cliSummaryTable": false, + "statusPage": false, + "telemetry": true + } +} +{ + "markdownMessage": "Go files were found outside of the Go modules corresponding to these `go.mod` files.\n\n`workspace/subdir/go.mod`, `module/go.mod`", + "severity": "note", + "source": { + "extractorName": "go", + "id": "go/autobuilder/go-files-outside-go-modules", + "name": "Go files were found outside Go modules" + }, + "visibility": { + "cliSummaryTable": false, + "statusPage": false, + "telemetry": true + } +} diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/force_sequential_test_execution b/go/ql/integration-tests/all-platforms/go/mixed-layout/force_sequential_test_execution new file mode 100644 index 000000000000..47ca99290999 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/force_sequential_test_execution @@ -0,0 +1,2 @@ +# go get has been observed to sometimes fail when multiple tests try to simultaneously fetch the same package. +goget diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.mod b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.mod new file mode 100644 index 000000000000..0b8f33b9069d --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.mod @@ -0,0 +1,5 @@ +go 1.14 + +require golang.org/x/net v0.0.0-20200505041828-1ed23360d12c + +module module diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.sum b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.sum new file mode 100644 index 000000000000..6c5ffa613d0a --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/go.sum @@ -0,0 +1,7 @@ +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/net v0.0.0-20200505041828-1ed23360d12c h1:zJ0mtu4jCalhKg6Oaukv6iIkb+cOvDrajDH9DH46Q4M= +golang.org/x/net v0.0.0-20200505041828-1ed23360d12c/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/test.go b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/test.go new file mode 100644 index 000000000000..afc86ac3a126 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/module/test.go @@ -0,0 +1,13 @@ +package subdir + +import ( + "fmt" + + "golang.org/x/net/ipv4" +) + +func test() { + + header := ipv4.Header{} + fmt.Print(header.String()) +} diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/stray-files/test.go b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/stray-files/test.go new file mode 100644 index 000000000000..afc86ac3a126 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/stray-files/test.go @@ -0,0 +1,13 @@ +package subdir + +import ( + "fmt" + + "golang.org/x/net/ipv4" +) + +func test() { + + header := ipv4.Header{} + fmt.Print(header.String()) +} diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/go.work b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/go.work new file mode 100644 index 000000000000..e7e866fbe27d --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/go.work @@ -0,0 +1,3 @@ +go 1.22.0 + +use ./subdir diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.mod b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.mod new file mode 100644 index 000000000000..40a3b330c385 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.mod @@ -0,0 +1,5 @@ +go 1.22.0 + +require golang.org/x/net v0.0.0-20200505041828-1ed23360d12c + +module subdir diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.sum b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.sum new file mode 100644 index 000000000000..6c5ffa613d0a --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/go.sum @@ -0,0 +1,7 @@ +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/net v0.0.0-20200505041828-1ed23360d12c h1:zJ0mtu4jCalhKg6Oaukv6iIkb+cOvDrajDH9DH46Q4M= +golang.org/x/net v0.0.0-20200505041828-1ed23360d12c/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/test.go b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/test.go new file mode 100644 index 000000000000..afc86ac3a126 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/src/workspace/subdir/test.go @@ -0,0 +1,13 @@ +package subdir + +import ( + "fmt" + + "golang.org/x/net/ipv4" +) + +func test() { + + header := ipv4.Header{} + fmt.Print(header.String()) +} diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/test.expected b/go/ql/integration-tests/all-platforms/go/mixed-layout/test.expected new file mode 100644 index 000000000000..ddd1888562f2 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/test.expected @@ -0,0 +1,8 @@ +extractedFiles +| src/module/go.mod:0:0:0:0 | src/module/go.mod | +| src/module/test.go:0:0:0:0 | src/module/test.go | +| src/stray-files/go.mod:0:0:0:0 | src/stray-files/go.mod | +| src/stray-files/test.go:0:0:0:0 | src/stray-files/test.go | +| src/workspace/subdir/go.mod:0:0:0:0 | src/workspace/subdir/go.mod | +| src/workspace/subdir/test.go:0:0:0:0 | src/workspace/subdir/test.go | +#select diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/test.py b/go/ql/integration-tests/all-platforms/go/mixed-layout/test.py new file mode 100644 index 000000000000..43c7d1b38e88 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/test.py @@ -0,0 +1,18 @@ +import os +import subprocess + +from create_database_utils import * +from diagnostics_test_utils import * + +# Set up a GOPATH relative to this test's root directory; +# we set os.environ instead of using extra_env because we +# need it to be set for the call to "go clean -modcache" later +goPath = os.path.join(os.path.abspath(os.getcwd()), ".go") +os.environ['GOPATH'] = goPath +run_codeql_database_create([], lang="go", source="src") + +check_diagnostics() + +# Clean up the temporary GOPATH to prevent Bazel failures next +# time the tests are run; see https://github.com/golang/go/issues/27161 +subprocess.call(["go", "clean", "-modcache"]) diff --git a/go/ql/integration-tests/all-platforms/go/mixed-layout/test.ql b/go/ql/integration-tests/all-platforms/go/mixed-layout/test.ql new file mode 100644 index 000000000000..459a43015602 --- /dev/null +++ b/go/ql/integration-tests/all-platforms/go/mixed-layout/test.ql @@ -0,0 +1,8 @@ +import go +import semmle.go.DiagnosticsReporting + +query predicate extractedFiles(File f) { any() } + +from string msg, int sev +where reportableDiagnostics(_, msg, sev) +select msg, sev From 40ff75db07a66f4663ba00b7d76ea8d7ff870aa6 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 5 Mar 2024 14:56:51 +0000 Subject: [PATCH 07/12] Go: Update list of expected files for `single-go-mod-and-go-files-not-under-it` test --- .../go/single-go-mod-and-go-files-not-under-it/test.expected | 2 -- 1 file changed, 2 deletions(-) diff --git a/go/ql/integration-tests/all-platforms/go/single-go-mod-and-go-files-not-under-it/test.expected b/go/ql/integration-tests/all-platforms/go/single-go-mod-and-go-files-not-under-it/test.expected index 957d2f845a41..66ba3ef588fd 100644 --- a/go/ql/integration-tests/all-platforms/go/single-go-mod-and-go-files-not-under-it/test.expected +++ b/go/ql/integration-tests/all-platforms/go/single-go-mod-and-go-files-not-under-it/test.expected @@ -1,6 +1,4 @@ extractedFiles -| src/go.mod:0:0:0:0 | src/go.mod | -| src/main.go:0:0:0:0 | src/main.go | | src/subdir/go.mod:0:0:0:0 | src/subdir/go.mod | | src/subdir/subsubdir/add.go:0:0:0:0 | src/subdir/subsubdir/add.go | | src/subdir/test.go:0:0:0:0 | src/subdir/test.go | From 967963a6534b1fcdda3d4f5b6960c29346516303 Mon Sep 17 00:00:00 2001 From: Angela P Wen Date: Tue, 5 Mar 2024 08:53:33 -0800 Subject: [PATCH 08/12] Revert "Release preparation for version 2.16.4" --- cpp/ql/lib/CHANGELOG.md | 6 ------ ....12.7.md => 2024-02-26-ir-named-destructors.md} | 9 ++++----- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 7 ------- ...=> 2024-02-16-modelled-functions-block-flow.md} | 8 +++----- .../2024-02-29-non-constant-format-path-query.md | 4 ++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ---- .../Solorigate/lib/change-notes/released/1.7.10.md | 3 --- .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ---- .../Solorigate/src/change-notes/released/1.7.10.md | 3 --- .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 14 -------------- .../change-notes/2024-02-21-getonly-properties.md | 4 ++++ .../ql/lib/change-notes/2024-02-22-no-db-stats.md | 4 ++++ .../change-notes/2024-02-23-compiler-generated.md | 4 ++++ .../2024-02-26-variable-capture-flow.md | 4 ++++ .../2024-02-28-experimental-attribute.md | 4 ++++ .../2024-02-28-refreadonly-parameter.md | 4 ++++ csharp/ql/lib/change-notes/released/0.8.10.md | 13 ------------- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ------ .../0.8.10.md => 2024-02-06-threat-models.md} | 9 ++++----- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ---- .../change-notes/released/0.0.9.md | 3 --- go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 11 ----------- .../lib/change-notes/2024-02-14-range-map-read.md | 4 ++++ ...0.7.10.md => 2024-03-04-autobuilder-changes.md} | 11 +++-------- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ---- go/ql/src/change-notes/released/0.7.10.md | 3 --- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ---- .../automodel/src/change-notes/released/0.0.17.md | 3 --- java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 11 ----------- .../change-notes/2024-02-23-widget-flowsteps.md | 4 ++++ java/ql/lib/change-notes/2024-02-27-error-types.md | 4 ++++ .../lib/change-notes/2024-02-27-mvnw-versions.md | 4 ++++ java/ql/lib/change-notes/released/0.8.10.md | 10 ---------- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 10 ---------- .../2024-02-12-android-insecure-keys.md | 4 ++++ ...3-04-sensitive-log-remove-null-from-sources.md} | 11 +++-------- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ---- javascript/ql/lib/change-notes/released/0.8.10.md | 3 --- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ---- javascript/ql/src/change-notes/released/0.8.10.md | 3 --- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ---- misc/suite-helpers/change-notes/released/0.7.10.md | 3 --- misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 7 ------- .../2024-02-28-iterable-unpacking-module-scope.md | 4 ++++ ....11.10.md => 2024-03-01-dict-update-content.md} | 8 +++----- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ------ .../0.9.10.md => 2024-03-04-nosql-injection.md} | 7 +++---- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 9 --------- ...2024-02-15-activerecord_connection_sql_sinks.md | 4 ++++ .../2024-02-20-activerecord-sql-sink-arguments.md | 4 ++++ .../lib/change-notes/2024-02-26-arel-sqlliteral.md | 4 ++++ .../lib/change-notes/2024-02-29-i18n-translate.md | 4 ++++ ruby/ql/lib/change-notes/released/0.8.10.md | 8 -------- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 7 ------- .../2024-02-13-rails-more-request-sources.md | 4 ++++ ...d => 2024-03-01-method-code-injection-sinks.md} | 10 ++++------ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ---- shared/controlflow/change-notes/released/0.1.10.md | 3 --- shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ---- shared/dataflow/change-notes/released/0.2.1.md | 3 --- shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ---- shared/mad/change-notes/released/0.2.10.md | 3 --- shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ---- .../rangeanalysis/change-notes/released/0.0.9.md | 3 --- shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ---- shared/regex/change-notes/released/0.2.10.md | 3 --- shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ---- shared/ssa/change-notes/released/0.2.10.md | 3 --- shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ---- .../threat-models/change-notes/released/0.0.9.md | 3 --- shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ---- shared/tutorial/change-notes/released/0.2.10.md | 3 --- shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ---- .../typetracking/change-notes/released/0.2.10.md | 3 --- shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ---- shared/typos/change-notes/released/0.2.10.md | 3 --- shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ---- shared/util/change-notes/released/0.2.10.md | 3 --- shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ---- shared/yaml/change-notes/released/0.2.10.md | 3 --- shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ------ .../0.3.10.md => 2024-02-22-extension-patch.md} | 7 +++---- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ---- swift/ql/src/change-notes/released/0.3.10.md | 3 --- swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 150 files changed, 168 insertions(+), 394 deletions(-) rename cpp/ql/lib/change-notes/{released/0.12.7.md => 2024-02-26-ir-named-destructors.md} (54%) rename cpp/ql/src/change-notes/{released/0.9.6.md => 2024-02-16-modelled-functions-block-flow.md} (77%) create mode 100644 cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md delete mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md delete mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md create mode 100644 csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md create mode 100644 csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md create mode 100644 csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md create mode 100644 csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md create mode 100644 csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md create mode 100644 csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md delete mode 100644 csharp/ql/lib/change-notes/released/0.8.10.md rename csharp/ql/src/change-notes/{released/0.8.10.md => 2024-02-06-threat-models.md} (88%) delete mode 100644 go/ql/consistency-queries/change-notes/released/0.0.9.md create mode 100644 go/ql/lib/change-notes/2024-02-14-range-map-read.md rename go/ql/lib/change-notes/{released/0.7.10.md => 2024-03-04-autobuilder-changes.md} (68%) delete mode 100644 go/ql/src/change-notes/released/0.7.10.md delete mode 100644 java/ql/automodel/src/change-notes/released/0.0.17.md create mode 100644 java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md create mode 100644 java/ql/lib/change-notes/2024-02-27-error-types.md create mode 100644 java/ql/lib/change-notes/2024-02-27-mvnw-versions.md delete mode 100644 java/ql/lib/change-notes/released/0.8.10.md create mode 100644 java/ql/src/change-notes/2024-02-12-android-insecure-keys.md rename java/ql/src/change-notes/{released/0.8.10.md => 2024-03-04-sensitive-log-remove-null-from-sources.md} (54%) delete mode 100644 javascript/ql/lib/change-notes/released/0.8.10.md delete mode 100644 javascript/ql/src/change-notes/released/0.8.10.md delete mode 100644 misc/suite-helpers/change-notes/released/0.7.10.md create mode 100644 python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md rename python/ql/lib/change-notes/{released/0.11.10.md => 2024-03-01-dict-update-content.md} (52%) rename python/ql/src/change-notes/{released/0.9.10.md => 2024-03-04-nosql-injection.md} (81%) create mode 100644 ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md create mode 100644 ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md create mode 100644 ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md create mode 100644 ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md delete mode 100644 ruby/ql/lib/change-notes/released/0.8.10.md create mode 100644 ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md rename ruby/ql/src/change-notes/{released/0.8.10.md => 2024-03-01-method-code-injection-sinks.md} (51%) delete mode 100644 shared/controlflow/change-notes/released/0.1.10.md delete mode 100644 shared/dataflow/change-notes/released/0.2.1.md delete mode 100644 shared/mad/change-notes/released/0.2.10.md delete mode 100644 shared/rangeanalysis/change-notes/released/0.0.9.md delete mode 100644 shared/regex/change-notes/released/0.2.10.md delete mode 100644 shared/ssa/change-notes/released/0.2.10.md delete mode 100644 shared/threat-models/change-notes/released/0.0.9.md delete mode 100644 shared/tutorial/change-notes/released/0.2.10.md delete mode 100644 shared/typetracking/change-notes/released/0.2.10.md delete mode 100644 shared/typos/change-notes/released/0.2.10.md delete mode 100644 shared/util/change-notes/released/0.2.10.md delete mode 100644 shared/yaml/change-notes/released/0.2.10.md rename swift/ql/lib/change-notes/{released/0.3.10.md => 2024-02-22-extension-patch.md} (83%) delete mode 100644 swift/ql/src/change-notes/released/0.3.10.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index e1c0dfbecd9a..b3091ec37d8f 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.12.7 - -### Minor Analysis Improvements - -* Added destructors for named objects to the intermediate representation. - ## 0.12.6 ### New Features diff --git a/cpp/ql/lib/change-notes/released/0.12.7.md b/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md similarity index 54% rename from cpp/ql/lib/change-notes/released/0.12.7.md rename to cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md index 856a8b665c74..4e35decaf8ed 100644 --- a/cpp/ql/lib/change-notes/released/0.12.7.md +++ b/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md @@ -1,5 +1,4 @@ -## 0.12.7 - -### Minor Analysis Improvements - -* Added destructors for named objects to the intermediate representation. +--- +category: minorAnalysis +--- +* Added destructors for named objects to the intermediate representation. \ No newline at end of file diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 20419e9c6100..170a312c1047 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.7 +lastReleaseVersion: 0.12.6 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 3bb9229bf94d..8e201fff5943 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.7 +version: 0.12.7-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index f6acd424bb05..ffcd73ff5d72 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.9.6 - -### Minor Analysis Improvements - -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. -* The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. - ## 0.9.5 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/released/0.9.6.md b/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md similarity index 77% rename from cpp/ql/src/change-notes/released/0.9.6.md rename to cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md index 0c85f3f9f0f0..d6ef3c3e0569 100644 --- a/cpp/ql/src/change-notes/released/0.9.6.md +++ b/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md @@ -1,6 +1,4 @@ -## 0.9.6 - -### Minor Analysis Improvements - -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. +--- +category: minorAnalysis +--- * The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. diff --git a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md new file mode 100644 index 000000000000..2e5933a61e86 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 19139c132b2d..460240feafff 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.6 +lastReleaseVersion: 0.9.5 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4052647bb97f..31bd20166b2b 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.6 +version: 0.9.6-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 82eacfc84f70..190b83b0f25a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.10 - -No user-facing changes. - ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md deleted file mode 100644 index 8e8007d8475f..000000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.10 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 31c7fe07020b..678da6bc37e9 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.10 +lastReleaseVersion: 1.7.9 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index ee993bed0c91..7e643b0fac33 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.10 +version: 1.7.10-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 82eacfc84f70..190b83b0f25a 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.10 - -No user-facing changes. - ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md deleted file mode 100644 index 8e8007d8475f..000000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.10 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 31c7fe07020b..678da6bc37e9 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.10 +lastReleaseVersion: 1.7.9 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 1f421754fc82..8654bbfd0312 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.10 +version: 1.7.10-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 16cc14259e19..95fd64c52704 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,17 +1,3 @@ -## 0.8.10 - -### Major Analysis Improvements - -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. - -### Minor Analysis Improvements - -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. -* C# 12: Add extractor and QL library support for `ref readonly` parameters. -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md new file mode 100644 index 000000000000..6bb8e99c71ef --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md new file mode 100644 index 000000000000..d6ffbd523ac6 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. diff --git a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md new file mode 100644 index 000000000000..9b1739b9b6da --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. diff --git a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md new file mode 100644 index 000000000000..66ab65083dc3 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md new file mode 100644 index 000000000000..8749c790954e --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. diff --git a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md new file mode 100644 index 000000000000..586b5341d293 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C# 12: Add extractor and QL library support for `ref readonly` parameters. diff --git a/csharp/ql/lib/change-notes/released/0.8.10.md b/csharp/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index f591ddc5b21a..000000000000 --- a/csharp/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,13 +0,0 @@ -## 0.8.10 - -### Major Analysis Improvements - -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. - -### Minor Analysis Improvements - -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. -* C# 12: Add extractor and QL library support for `ref readonly` parameters. -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 93c5c1120a24..d75ea3c63207 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.10 +version: 0.8.10-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 46c939e5cee1..9fe1609363fc 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/0.8.10.md b/csharp/ql/src/change-notes/2024-02-06-threat-models.md similarity index 88% rename from csharp/ql/src/change-notes/released/0.8.10.md rename to csharp/ql/src/change-notes/2024-02-06-threat-models.md index 702161c3d28f..69ac4e4dc17a 100644 --- a/csharp/ql/src/change-notes/released/0.8.10.md +++ b/csharp/ql/src/change-notes/2024-02-06-threat-models.md @@ -1,5 +1,4 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. +--- +category: minorAnalysis +--- +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. \ No newline at end of file diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 46384094b19e..9ee23cc73078 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.10 +version: 0.8.10-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a59e560c4155..fba2a8703562 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.9.md b/go/ql/consistency-queries/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf2..000000000000 --- a/go/ql/consistency-queries/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index ecdd64fbab86..58fdc6b45deb 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index d5a2fbee5f19..b574796b9954 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.9 +version: 0.0.9-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index fee5fd37a267..65a2376217b1 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.7.10 - -### Major Analysis Improvements - -* We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. -* Go 1.22 has been included in the range of supported Go versions. - -### Bug Fixes - -* Fixed dataflow out of a `map` using a `range` statement. - ## 0.7.9 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-02-14-range-map-read.md b/go/ql/lib/change-notes/2024-02-14-range-map-read.md new file mode 100644 index 000000000000..ea45737a72ea --- /dev/null +++ b/go/ql/lib/change-notes/2024-02-14-range-map-read.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/change-notes/released/0.7.10.md b/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md similarity index 68% rename from go/ql/lib/change-notes/released/0.7.10.md rename to go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md index 55954f8a3945..0442a571029f 100644 --- a/go/ql/lib/change-notes/released/0.7.10.md +++ b/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md @@ -1,10 +1,5 @@ -## 0.7.10 - -### Major Analysis Improvements - +--- +category: majorAnalysis +--- * We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. * Go 1.22 has been included in the range of supported Go versions. - -### Bug Fixes - -* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 675185672974..576395f3405e 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 8cc190fa880a..f21e478efa68 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.10 +version: 0.7.10-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 24e38b9890e1..d95165a3a34e 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.7.10 - -No user-facing changes. - ## 0.7.9 ### New Queries diff --git a/go/ql/src/change-notes/released/0.7.10.md b/go/ql/src/change-notes/released/0.7.10.md deleted file mode 100644 index 989c5b8f6823..000000000000 --- a/go/ql/src/change-notes/released/0.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.7.10 - -No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 675185672974..576395f3405e 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 4ded3a52f63e..d91cab596127 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.10 +version: 0.7.10-dev groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index c3282c773a9d..4a3c54adb385 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.17 - -No user-facing changes. - ## 0.0.16 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.17.md b/java/ql/automodel/src/change-notes/released/0.0.17.md deleted file mode 100644 index 62cc89030a62..000000000000 --- a/java/ql/automodel/src/change-notes/released/0.0.17.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.17 - -No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index cbc3d3cd4934..a49f7be4cff3 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.17 +lastReleaseVersion: 0.0.16 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 59fab0cdcc53..898239be0989 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.17 +version: 0.0.17-dev groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2a02ccee6abb..d369cbdc9318 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. - -### Bug Fixes - -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. - ## 0.8.9 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md new file mode 100644 index 000000000000..eb560fba07da --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/change-notes/2024-02-27-error-types.md b/java/ql/lib/change-notes/2024-02-27-error-types.md new file mode 100644 index 000000000000..cdc6d7620aa8 --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-27-error-types.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. diff --git a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md new file mode 100644 index 000000000000..a0227088ae97 --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. diff --git a/java/ql/lib/change-notes/released/0.8.10.md b/java/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index b45f14bf347a..000000000000 --- a/java/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,10 +0,0 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. - -### Bug Fixes - -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 428eedc75e3d..15b4982d41eb 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.10 +version: 0.8.10-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index c61275f5ed84..5d8353514538 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,13 +1,3 @@ -## 0.8.10 - -### New Queries - -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. - -### Minor Analysis Improvements - -* To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. - ## 0.8.9 ### New Queries diff --git a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md new file mode 100644 index 000000000000..1de077277962 --- /dev/null +++ b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. \ No newline at end of file diff --git a/java/ql/src/change-notes/released/0.8.10.md b/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md similarity index 54% rename from java/ql/src/change-notes/released/0.8.10.md rename to java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md index c5d18ae33794..0bb4f18f2bd9 100644 --- a/java/ql/src/change-notes/released/0.8.10.md +++ b/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md @@ -1,9 +1,4 @@ -## 0.8.10 - -### New Queries - -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index ebbdbeee3b2c..8f4de528e213 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.10 +version: 0.8.10-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index d5edcc005131..5b97ebbb22b3 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.8.10 - -No user-facing changes. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/0.8.10.md b/javascript/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index 777bbd2fdede..000000000000 --- a/javascript/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.8.10 - -No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index da16493a21c9..ef3ca7521aca 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.10 +version: 0.8.10-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index b9627cac5eee..85516e3625d1 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.8.10 - -No user-facing changes. - ## 0.8.9 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/released/0.8.10.md b/javascript/ql/src/change-notes/released/0.8.10.md deleted file mode 100644 index 777bbd2fdede..000000000000 --- a/javascript/ql/src/change-notes/released/0.8.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.8.10 - -No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index d224952c5641..b6181aa30e99 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.10 +version: 0.8.10-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 1c4455b66c43..3c06dd69b0f5 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.7.10 - -No user-facing changes. - ## 0.7.9 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.10.md b/misc/suite-helpers/change-notes/released/0.7.10.md deleted file mode 100644 index 989c5b8f6823..000000000000 --- a/misc/suite-helpers/change-notes/released/0.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.7.10 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 675185672974..576395f3405e 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 54d978d5efe7..49b7a6bda4c2 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.10 +version: 0.7.10-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index f095607ca1bf..e6f318c51ea8 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.11.10 - -### Minor Analysis Improvements - -* Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. - ## 0.11.9 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md new file mode 100644 index 000000000000..3c47c6ba866a --- /dev/null +++ b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/change-notes/released/0.11.10.md b/python/ql/lib/change-notes/2024-03-01-dict-update-content.md similarity index 52% rename from python/ql/lib/change-notes/released/0.11.10.md rename to python/ql/lib/change-notes/2024-03-01-dict-update-content.md index ed873724e4f2..dfb8d247fffa 100644 --- a/python/ql/lib/change-notes/released/0.11.10.md +++ b/python/ql/lib/change-notes/2024-03-01-dict-update-content.md @@ -1,6 +1,4 @@ -## 0.11.10 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index ddddcbe9193d..b064d1778a10 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.10 +lastReleaseVersion: 0.11.9 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 59a8b4c96d17..e9f66e205f24 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.10 +version: 0.11.10-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index d4245aba7a62..50762bcbf34e 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.9.10 - -### New Queries - -* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. - ## 0.9.9 No user-facing changes. diff --git a/python/ql/src/change-notes/released/0.9.10.md b/python/ql/src/change-notes/2024-03-04-nosql-injection.md similarity index 81% rename from python/ql/src/change-notes/released/0.9.10.md rename to python/ql/src/change-notes/2024-03-04-nosql-injection.md index 4cbb221b789f..6e98540c757c 100644 --- a/python/ql/src/change-notes/released/0.9.10.md +++ b/python/ql/src/change-notes/2024-03-04-nosql-injection.md @@ -1,5 +1,4 @@ -## 0.9.10 - -### New Queries - +--- +category: newQuery +--- * The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index d086ed69541d..aabed7c396b7 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.10 +lastReleaseVersion: 0.9.9 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index c920f667836b..aa18f2d87074 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.10 +version: 0.9.10-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index c61a12e0f4ad..a623a151e891 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,12 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md new file mode 100644 index 000000000000..c2276f284a84 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md new file mode 100644 index 000000000000..1486c7a472d1 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md new file mode 100644 index 000000000000..6f3a90768bab --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md new file mode 100644 index 000000000000..350e049b5bfc --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/released/0.8.10.md b/ruby/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index 666e28f840e7..000000000000 --- a/ruby/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,8 +0,0 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index de5b41999fe1..7d409b83adbd 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.10 +version: 0.8.10-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index f875b6d16ad4..4149c728effa 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. -* Added additional request sources for Ruby on Rails. - ## 0.8.9 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md new file mode 100644 index 000000000000..84ea696dfef4 --- /dev/null +++ b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added additional request sources for Ruby on Rails. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/released/0.8.10.md b/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md similarity index 51% rename from ruby/ql/src/change-notes/released/0.8.10.md rename to ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md index 985cdf8d22e0..43e40d3fd536 100644 --- a/ruby/ql/src/change-notes/released/0.8.10.md +++ b/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md @@ -1,6 +1,4 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. -* Added additional request sources for Ruby on Rails. +--- +category: minorAnalysis +--- +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. \ No newline at end of file diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 5e3792682346..8af7f9fd7976 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.10 +version: 0.8.10-dev groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 75f2ca53f987..dbfa6ef4512d 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.1.10 - -No user-facing changes. - ## 0.1.9 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.10.md b/shared/controlflow/change-notes/released/0.1.10.md deleted file mode 100644 index 47358eeee934..000000000000 --- a/shared/controlflow/change-notes/released/0.1.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.1.10 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 30f5ca88be0e..1425c0edf7f8 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.10 +lastReleaseVersion: 0.1.9 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 1d43802be421..9d35a6782761 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.10 +version: 0.1.10-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ef80788bded6..67a5bf589f4f 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.1 - -No user-facing changes. - ## 0.2.0 ### Breaking Changes diff --git a/shared/dataflow/change-notes/released/0.2.1.md b/shared/dataflow/change-notes/released/0.2.1.md deleted file mode 100644 index 3dbfc85fe11d..000000000000 --- a/shared/dataflow/change-notes/released/0.2.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.1 - -No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index df29a726bccc..5274e27ed522 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.1 +lastReleaseVersion: 0.2.0 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index ee422e02ea9a..1e7becf71c4f 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.1 +version: 0.2.1-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 4730366775ea..4d09057118ce 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.10.md b/shared/mad/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/mad/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 6d7269ef3da8..22c8f271ccc6 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 9943dcb79727..5b8dbcfab22c 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.9.md b/shared/rangeanalysis/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf2..000000000000 --- a/shared/rangeanalysis/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index ecdd64fbab86..58fdc6b45deb 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 01db5d5734d0..836fe51ee344 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.9 +version: 0.0.9-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index c05869c153d3..cd5f91f71ec1 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.10.md b/shared/regex/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/regex/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 0d4f485312f7..ea3f7f9b2389 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index a9161ff578b0..01acfae01489 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.10.md b/shared/ssa/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/ssa/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 2ad254711a50..19304ad107f1 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a59e560c4155..fba2a8703562 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.9.md b/shared/threat-models/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf2..000000000000 --- a/shared/threat-models/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index ecdd64fbab86..58fdc6b45deb 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 60cbbc56fcb3..d0ed9a913b21 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.9 +version: 0.0.9-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 560ad058d5b3..1db3a01af0b1 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.10.md b/shared/tutorial/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/tutorial/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 69116705c1bf..b595ae9ee70a 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 350f9ecbeae0..afc857bc6bce 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.10.md b/shared/typetracking/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/typetracking/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fbbdcf5162a1..b55927f59bb7 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 54b1eaa4d589..66c5871d9821 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.10.md b/shared/typos/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/typos/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 4d59d9b3c342..644bfe11bff7 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 1ca1f71bcbc2..63832e927fa5 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.10.md b/shared/util/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/util/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 28ed738a93dd..ca1a866a53d4 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 9fd5ebc26ab2..e5495abcd503 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.10.md b/shared/yaml/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/yaml/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 9643ffcec66b..de5b47e120ae 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 8f14bfcedc9c..e88cd0259ccf 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.3.10 - -### Bug Fixes - -* Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. - ## 0.3.9 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/released/0.3.10.md b/swift/ql/lib/change-notes/2024-02-22-extension-patch.md similarity index 83% rename from swift/ql/lib/change-notes/released/0.3.10.md rename to swift/ql/lib/change-notes/2024-02-22-extension-patch.md index 9d6286ff58a7..7bd78f3b785c 100644 --- a/swift/ql/lib/change-notes/released/0.3.10.md +++ b/swift/ql/lib/change-notes/2024-02-22-extension-patch.md @@ -1,5 +1,4 @@ -## 0.3.10 - -### Bug Fixes - +--- +category: fix +--- * Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 76ca0ac8ba76..3fa5180bcb49 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.10 +lastReleaseVersion: 0.3.9 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 70ec4798ea85..a37a4cb3d580 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.10 +version: 0.3.10-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index bda9834c9bca..96615d069729 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.3.10 - -No user-facing changes. - ## 0.3.9 ### New Queries diff --git a/swift/ql/src/change-notes/released/0.3.10.md b/swift/ql/src/change-notes/released/0.3.10.md deleted file mode 100644 index 925a48fc52e0..000000000000 --- a/swift/ql/src/change-notes/released/0.3.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.3.10 - -No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 76ca0ac8ba76..3fa5180bcb49 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.10 +lastReleaseVersion: 0.3.9 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index ba66b065529b..e3ead42c98bf 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.10 +version: 0.3.10-dev groups: - swift - queries From 661e68dab5ee8d71edcec82139314a481dd983d5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 5 Mar 2024 18:13:58 +0000 Subject: [PATCH 09/12] Release preparation for version 2.16.4 --- cpp/ql/lib/CHANGELOG.md | 6 ++++++ .../0.12.7.md} | 9 +++++---- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 7 +++++++ .../2024-02-29-non-constant-format-path-query.md | 4 ---- .../0.9.6.md} | 8 +++++--- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../Solorigate/lib/change-notes/released/1.7.10.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../Solorigate/src/change-notes/released/1.7.10.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 14 ++++++++++++++ .../change-notes/2024-02-21-getonly-properties.md | 4 ---- .../ql/lib/change-notes/2024-02-22-no-db-stats.md | 4 ---- .../change-notes/2024-02-23-compiler-generated.md | 4 ---- .../2024-02-26-variable-capture-flow.md | 4 ---- .../2024-02-28-experimental-attribute.md | 4 ---- .../2024-02-28-refreadonly-parameter.md | 4 ---- csharp/ql/lib/change-notes/released/0.8.10.md | 13 +++++++++++++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ++++++ .../0.8.10.md} | 9 +++++---- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/0.0.9.md | 3 +++ go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 11 +++++++++++ .../lib/change-notes/2024-02-14-range-map-read.md | 4 ---- .../0.7.10.md} | 11 ++++++++--- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/0.7.10.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ++++ .../automodel/src/change-notes/released/0.0.17.md | 3 +++ java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 11 +++++++++++ .../change-notes/2024-02-23-widget-flowsteps.md | 4 ---- java/ql/lib/change-notes/2024-02-27-error-types.md | 4 ---- .../lib/change-notes/2024-02-27-mvnw-versions.md | 4 ---- java/ql/lib/change-notes/released/0.8.10.md | 10 ++++++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 10 ++++++++++ .../2024-02-12-android-insecure-keys.md | 4 ---- .../0.8.10.md} | 11 ++++++++--- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ javascript/ql/lib/change-notes/released/0.8.10.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ++++ javascript/ql/src/change-notes/released/0.8.10.md | 3 +++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ misc/suite-helpers/change-notes/released/0.7.10.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 7 +++++++ .../2024-02-28-iterable-unpacking-module-scope.md | 4 ---- .../0.11.10.md} | 8 +++++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ++++++ .../0.9.10.md} | 7 ++++--- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 9 +++++++++ ...2024-02-15-activerecord_connection_sql_sinks.md | 4 ---- .../2024-02-20-activerecord-sql-sink-arguments.md | 4 ---- .../lib/change-notes/2024-02-26-arel-sqlliteral.md | 4 ---- .../lib/change-notes/2024-02-29-i18n-translate.md | 4 ---- ruby/ql/lib/change-notes/released/0.8.10.md | 8 ++++++++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 7 +++++++ .../2024-02-13-rails-more-request-sources.md | 4 ---- .../0.8.10.md} | 10 ++++++---- ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ shared/controlflow/change-notes/released/0.1.10.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ shared/dataflow/change-notes/released/0.2.1.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/0.2.10.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../rangeanalysis/change-notes/released/0.0.9.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/0.2.10.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/0.2.10.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../threat-models/change-notes/released/0.0.9.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ shared/tutorial/change-notes/released/0.2.10.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../typetracking/change-notes/released/0.2.10.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/0.2.10.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/0.2.10.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/0.2.10.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ++++++ .../0.3.10.md} | 7 ++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/0.3.10.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 150 files changed, 394 insertions(+), 168 deletions(-) rename cpp/ql/lib/change-notes/{2024-02-26-ir-named-destructors.md => released/0.12.7.md} (54%) delete mode 100644 cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md rename cpp/ql/src/change-notes/{2024-02-16-modelled-functions-block-flow.md => released/0.9.6.md} (77%) create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md create mode 100644 csharp/ql/lib/change-notes/released/0.8.10.md rename csharp/ql/src/change-notes/{2024-02-06-threat-models.md => released/0.8.10.md} (88%) create mode 100644 go/ql/consistency-queries/change-notes/released/0.0.9.md delete mode 100644 go/ql/lib/change-notes/2024-02-14-range-map-read.md rename go/ql/lib/change-notes/{2024-03-04-autobuilder-changes.md => released/0.7.10.md} (68%) create mode 100644 go/ql/src/change-notes/released/0.7.10.md create mode 100644 java/ql/automodel/src/change-notes/released/0.0.17.md delete mode 100644 java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md delete mode 100644 java/ql/lib/change-notes/2024-02-27-error-types.md delete mode 100644 java/ql/lib/change-notes/2024-02-27-mvnw-versions.md create mode 100644 java/ql/lib/change-notes/released/0.8.10.md delete mode 100644 java/ql/src/change-notes/2024-02-12-android-insecure-keys.md rename java/ql/src/change-notes/{2024-03-04-sensitive-log-remove-null-from-sources.md => released/0.8.10.md} (54%) create mode 100644 javascript/ql/lib/change-notes/released/0.8.10.md create mode 100644 javascript/ql/src/change-notes/released/0.8.10.md create mode 100644 misc/suite-helpers/change-notes/released/0.7.10.md delete mode 100644 python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md rename python/ql/lib/change-notes/{2024-03-01-dict-update-content.md => released/0.11.10.md} (52%) rename python/ql/src/change-notes/{2024-03-04-nosql-injection.md => released/0.9.10.md} (81%) delete mode 100644 ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md create mode 100644 ruby/ql/lib/change-notes/released/0.8.10.md delete mode 100644 ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md rename ruby/ql/src/change-notes/{2024-03-01-method-code-injection-sinks.md => released/0.8.10.md} (51%) create mode 100644 shared/controlflow/change-notes/released/0.1.10.md create mode 100644 shared/dataflow/change-notes/released/0.2.1.md create mode 100644 shared/mad/change-notes/released/0.2.10.md create mode 100644 shared/rangeanalysis/change-notes/released/0.0.9.md create mode 100644 shared/regex/change-notes/released/0.2.10.md create mode 100644 shared/ssa/change-notes/released/0.2.10.md create mode 100644 shared/threat-models/change-notes/released/0.0.9.md create mode 100644 shared/tutorial/change-notes/released/0.2.10.md create mode 100644 shared/typetracking/change-notes/released/0.2.10.md create mode 100644 shared/typos/change-notes/released/0.2.10.md create mode 100644 shared/util/change-notes/released/0.2.10.md create mode 100644 shared/yaml/change-notes/released/0.2.10.md rename swift/ql/lib/change-notes/{2024-02-22-extension-patch.md => released/0.3.10.md} (83%) create mode 100644 swift/ql/src/change-notes/released/0.3.10.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index b3091ec37d8f..e1c0dfbecd9a 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.12.7 + +### Minor Analysis Improvements + +* Added destructors for named objects to the intermediate representation. + ## 0.12.6 ### New Features diff --git a/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md b/cpp/ql/lib/change-notes/released/0.12.7.md similarity index 54% rename from cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md rename to cpp/ql/lib/change-notes/released/0.12.7.md index 4e35decaf8ed..856a8b665c74 100644 --- a/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md +++ b/cpp/ql/lib/change-notes/released/0.12.7.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Added destructors for named objects to the intermediate representation. \ No newline at end of file +## 0.12.7 + +### Minor Analysis Improvements + +* Added destructors for named objects to the intermediate representation. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 170a312c1047..20419e9c6100 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.6 +lastReleaseVersion: 0.12.7 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8e201fff5943..3bb9229bf94d 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.7-dev +version: 0.12.7 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index ffcd73ff5d72..f6acd424bb05 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.9.6 + +### Minor Analysis Improvements + +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. +* The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. + ## 0.9.5 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md deleted file mode 100644 index 2e5933a61e86..000000000000 --- a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md b/cpp/ql/src/change-notes/released/0.9.6.md similarity index 77% rename from cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md rename to cpp/ql/src/change-notes/released/0.9.6.md index d6ef3c3e0569..0c85f3f9f0f0 100644 --- a/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md +++ b/cpp/ql/src/change-notes/released/0.9.6.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.9.6 + +### Minor Analysis Improvements + +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. * The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 460240feafff..19139c132b2d 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.5 +lastReleaseVersion: 0.9.6 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 31bd20166b2b..4052647bb97f 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.6-dev +version: 0.9.6 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 190b83b0f25a..82eacfc84f70 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.10 + +No user-facing changes. + ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md new file mode 100644 index 000000000000..8e8007d8475f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md @@ -0,0 +1,3 @@ +## 1.7.10 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 678da6bc37e9..31c7fe07020b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.9 +lastReleaseVersion: 1.7.10 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 7e643b0fac33..ee993bed0c91 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.10-dev +version: 1.7.10 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 190b83b0f25a..82eacfc84f70 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.10 + +No user-facing changes. + ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md new file mode 100644 index 000000000000..8e8007d8475f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md @@ -0,0 +1,3 @@ +## 1.7.10 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 678da6bc37e9..31c7fe07020b 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.9 +lastReleaseVersion: 1.7.10 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 8654bbfd0312..1f421754fc82 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.10-dev +version: 1.7.10 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 95fd64c52704..16cc14259e19 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,17 @@ +## 0.8.10 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. + +### Minor Analysis Improvements + +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. +* C# 12: Add extractor and QL library support for `ref readonly` parameters. +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md deleted file mode 100644 index 6bb8e99c71ef..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md deleted file mode 100644 index d6ffbd523ac6..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. diff --git a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md deleted file mode 100644 index 9b1739b9b6da..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. diff --git a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md deleted file mode 100644 index 66ab65083dc3..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md deleted file mode 100644 index 8749c790954e..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. diff --git a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md deleted file mode 100644 index 586b5341d293..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 12: Add extractor and QL library support for `ref readonly` parameters. diff --git a/csharp/ql/lib/change-notes/released/0.8.10.md b/csharp/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..f591ddc5b21a --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,13 @@ +## 0.8.10 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. + +### Minor Analysis Improvements + +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. +* C# 12: Add extractor and QL library support for `ref readonly` parameters. +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index d75ea3c63207..93c5c1120a24 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.10-dev +version: 0.8.10 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 9fe1609363fc..46c939e5cee1 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/2024-02-06-threat-models.md b/csharp/ql/src/change-notes/released/0.8.10.md similarity index 88% rename from csharp/ql/src/change-notes/2024-02-06-threat-models.md rename to csharp/ql/src/change-notes/released/0.8.10.md index 69ac4e4dc17a..702161c3d28f 100644 --- a/csharp/ql/src/change-notes/2024-02-06-threat-models.md +++ b/csharp/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. \ No newline at end of file +## 0.8.10 + +### Minor Analysis Improvements + +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 9ee23cc73078..46384094b19e 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.10-dev +version: 0.8.10 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index fba2a8703562..a59e560c4155 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.9.md b/go/ql/consistency-queries/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index b574796b9954..d5a2fbee5f19 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.9-dev +version: 0.0.9 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 65a2376217b1..fee5fd37a267 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.7.10 + +### Major Analysis Improvements + +* We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. +* Go 1.22 has been included in the range of supported Go versions. + +### Bug Fixes + +* Fixed dataflow out of a `map` using a `range` statement. + ## 0.7.9 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-02-14-range-map-read.md b/go/ql/lib/change-notes/2024-02-14-range-map-read.md deleted file mode 100644 index ea45737a72ea..000000000000 --- a/go/ql/lib/change-notes/2024-02-14-range-map-read.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md b/go/ql/lib/change-notes/released/0.7.10.md similarity index 68% rename from go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md rename to go/ql/lib/change-notes/released/0.7.10.md index 0442a571029f..55954f8a3945 100644 --- a/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md +++ b/go/ql/lib/change-notes/released/0.7.10.md @@ -1,5 +1,10 @@ ---- -category: majorAnalysis ---- +## 0.7.10 + +### Major Analysis Improvements + * We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. * Go 1.22 has been included in the range of supported Go versions. + +### Bug Fixes + +* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index f21e478efa68..8cc190fa880a 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.10-dev +version: 0.7.10 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index d95165a3a34e..24e38b9890e1 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.10 + +No user-facing changes. + ## 0.7.9 ### New Queries diff --git a/go/ql/src/change-notes/released/0.7.10.md b/go/ql/src/change-notes/released/0.7.10.md new file mode 100644 index 000000000000..989c5b8f6823 --- /dev/null +++ b/go/ql/src/change-notes/released/0.7.10.md @@ -0,0 +1,3 @@ +## 0.7.10 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index d91cab596127..4ded3a52f63e 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.10-dev +version: 0.7.10 groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 4a3c54adb385..c3282c773a9d 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.17 + +No user-facing changes. + ## 0.0.16 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.17.md b/java/ql/automodel/src/change-notes/released/0.0.17.md new file mode 100644 index 000000000000..62cc89030a62 --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/0.0.17.md @@ -0,0 +1,3 @@ +## 0.0.17 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index a49f7be4cff3..cbc3d3cd4934 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.16 +lastReleaseVersion: 0.0.17 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 898239be0989..59fab0cdcc53 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.17-dev +version: 0.0.17 groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index d369cbdc9318..2a02ccee6abb 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. + +### Bug Fixes + +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. + ## 0.8.9 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md deleted file mode 100644 index eb560fba07da..000000000000 --- a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/change-notes/2024-02-27-error-types.md b/java/ql/lib/change-notes/2024-02-27-error-types.md deleted file mode 100644 index cdc6d7620aa8..000000000000 --- a/java/ql/lib/change-notes/2024-02-27-error-types.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. diff --git a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md deleted file mode 100644 index a0227088ae97..000000000000 --- a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. diff --git a/java/ql/lib/change-notes/released/0.8.10.md b/java/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..b45f14bf347a --- /dev/null +++ b/java/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,10 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. + +### Bug Fixes + +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 15b4982d41eb..428eedc75e3d 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.10-dev +version: 0.8.10 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 5d8353514538..c61275f5ed84 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.8.10 + +### New Queries + +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. + +### Minor Analysis Improvements + +* To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. + ## 0.8.9 ### New Queries diff --git a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md deleted file mode 100644 index 1de077277962..000000000000 --- a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. \ No newline at end of file diff --git a/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md b/java/ql/src/change-notes/released/0.8.10.md similarity index 54% rename from java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md rename to java/ql/src/change-notes/released/0.8.10.md index 0bb4f18f2bd9..c5d18ae33794 100644 --- a/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md +++ b/java/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,9 @@ ---- -category: minorAnalysis ---- +## 0.8.10 + +### New Queries + +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. + +### Minor Analysis Improvements + * To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 8f4de528e213..ebbdbeee3b2c 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.10-dev +version: 0.8.10 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 5b97ebbb22b3..d5edcc005131 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.10 + +No user-facing changes. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/0.8.10.md b/javascript/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..777bbd2fdede --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,3 @@ +## 0.8.10 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index ef3ca7521aca..da16493a21c9 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.10-dev +version: 0.8.10 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 85516e3625d1..b9627cac5eee 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.10 + +No user-facing changes. + ## 0.8.9 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/released/0.8.10.md b/javascript/ql/src/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..777bbd2fdede --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.8.10.md @@ -0,0 +1,3 @@ +## 0.8.10 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index b6181aa30e99..d224952c5641 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.10-dev +version: 0.8.10 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 3c06dd69b0f5..1c4455b66c43 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.10 + +No user-facing changes. + ## 0.7.9 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.10.md b/misc/suite-helpers/change-notes/released/0.7.10.md new file mode 100644 index 000000000000..989c5b8f6823 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.7.10.md @@ -0,0 +1,3 @@ +## 0.7.10 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 49b7a6bda4c2..54d978d5efe7 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.10-dev +version: 0.7.10 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index e6f318c51ea8..f095607ca1bf 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.11.10 + +### Minor Analysis Improvements + +* Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. + ## 0.11.9 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md deleted file mode 100644 index 3c47c6ba866a..000000000000 --- a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/change-notes/2024-03-01-dict-update-content.md b/python/ql/lib/change-notes/released/0.11.10.md similarity index 52% rename from python/ql/lib/change-notes/2024-03-01-dict-update-content.md rename to python/ql/lib/change-notes/released/0.11.10.md index dfb8d247fffa..ed873724e4f2 100644 --- a/python/ql/lib/change-notes/2024-03-01-dict-update-content.md +++ b/python/ql/lib/change-notes/released/0.11.10.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.11.10 + +### Minor Analysis Improvements + * Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index b064d1778a10..ddddcbe9193d 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.9 +lastReleaseVersion: 0.11.10 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index e9f66e205f24..59a8b4c96d17 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.10-dev +version: 0.11.10 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 50762bcbf34e..d4245aba7a62 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.9.10 + +### New Queries + +* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. + ## 0.9.9 No user-facing changes. diff --git a/python/ql/src/change-notes/2024-03-04-nosql-injection.md b/python/ql/src/change-notes/released/0.9.10.md similarity index 81% rename from python/ql/src/change-notes/2024-03-04-nosql-injection.md rename to python/ql/src/change-notes/released/0.9.10.md index 6e98540c757c..4cbb221b789f 100644 --- a/python/ql/src/change-notes/2024-03-04-nosql-injection.md +++ b/python/ql/src/change-notes/released/0.9.10.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- +## 0.9.10 + +### New Queries + * The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index aabed7c396b7..d086ed69541d 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.9 +lastReleaseVersion: 0.9.10 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index aa18f2d87074..c920f667836b 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.10-dev +version: 0.9.10 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index a623a151e891..c61a12e0f4ad 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md deleted file mode 100644 index c2276f284a84..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md deleted file mode 100644 index 1486c7a472d1..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md deleted file mode 100644 index 6f3a90768bab..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md deleted file mode 100644 index 350e049b5bfc..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/released/0.8.10.md b/ruby/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..666e28f840e7 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,8 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 7d409b83adbd..de5b41999fe1 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.10-dev +version: 0.8.10 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 4149c728effa..f875b6d16ad4 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. +* Added additional request sources for Ruby on Rails. + ## 0.8.9 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md deleted file mode 100644 index 84ea696dfef4..000000000000 --- a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added additional request sources for Ruby on Rails. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md b/ruby/ql/src/change-notes/released/0.8.10.md similarity index 51% rename from ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md rename to ruby/ql/src/change-notes/released/0.8.10.md index 43e40d3fd536..985cdf8d22e0 100644 --- a/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md +++ b/ruby/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. \ No newline at end of file +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. +* Added additional request sources for Ruby on Rails. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 8af7f9fd7976..5e3792682346 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.10-dev +version: 0.8.10 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index dbfa6ef4512d..75f2ca53f987 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.10 + +No user-facing changes. + ## 0.1.9 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.10.md b/shared/controlflow/change-notes/released/0.1.10.md new file mode 100644 index 000000000000..47358eeee934 --- /dev/null +++ b/shared/controlflow/change-notes/released/0.1.10.md @@ -0,0 +1,3 @@ +## 0.1.10 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 1425c0edf7f8..30f5ca88be0e 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.9 +lastReleaseVersion: 0.1.10 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 9d35a6782761..1d43802be421 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.10-dev +version: 0.1.10 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 67a5bf589f4f..ef80788bded6 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.1 + +No user-facing changes. + ## 0.2.0 ### Breaking Changes diff --git a/shared/dataflow/change-notes/released/0.2.1.md b/shared/dataflow/change-notes/released/0.2.1.md new file mode 100644 index 000000000000..3dbfc85fe11d --- /dev/null +++ b/shared/dataflow/change-notes/released/0.2.1.md @@ -0,0 +1,3 @@ +## 0.2.1 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 5274e27ed522..df29a726bccc 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.0 +lastReleaseVersion: 0.2.1 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 1e7becf71c4f..ee422e02ea9a 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.1-dev +version: 0.2.1 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 4d09057118ce..4730366775ea 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.10.md b/shared/mad/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/mad/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 22c8f271ccc6..6d7269ef3da8 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 5b8dbcfab22c..9943dcb79727 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.9.md b/shared/rangeanalysis/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 836fe51ee344..01db5d5734d0 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.9-dev +version: 0.0.9 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index cd5f91f71ec1..c05869c153d3 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.10.md b/shared/regex/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/regex/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index ea3f7f9b2389..0d4f485312f7 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 01acfae01489..a9161ff578b0 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.10.md b/shared/ssa/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/ssa/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 19304ad107f1..2ad254711a50 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index fba2a8703562..a59e560c4155 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.9.md b/shared/threat-models/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/shared/threat-models/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index d0ed9a913b21..60cbbc56fcb3 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.9-dev +version: 0.0.9 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 1db3a01af0b1..560ad058d5b3 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.10.md b/shared/tutorial/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/tutorial/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index b595ae9ee70a..69116705c1bf 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index afc857bc6bce..350f9ecbeae0 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.10.md b/shared/typetracking/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/typetracking/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index b55927f59bb7..fbbdcf5162a1 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 66c5871d9821..54b1eaa4d589 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.10.md b/shared/typos/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/typos/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 644bfe11bff7..4d59d9b3c342 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 63832e927fa5..1ca1f71bcbc2 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.10.md b/shared/util/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/util/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index ca1a866a53d4..28ed738a93dd 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index e5495abcd503..9fd5ebc26ab2 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.10.md b/shared/yaml/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/yaml/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index de5b47e120ae..9643ffcec66b 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e88cd0259ccf..8f14bfcedc9c 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.3.10 + +### Bug Fixes + +* Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. + ## 0.3.9 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/2024-02-22-extension-patch.md b/swift/ql/lib/change-notes/released/0.3.10.md similarity index 83% rename from swift/ql/lib/change-notes/2024-02-22-extension-patch.md rename to swift/ql/lib/change-notes/released/0.3.10.md index 7bd78f3b785c..9d6286ff58a7 100644 --- a/swift/ql/lib/change-notes/2024-02-22-extension-patch.md +++ b/swift/ql/lib/change-notes/released/0.3.10.md @@ -1,4 +1,5 @@ ---- -category: fix ---- +## 0.3.10 + +### Bug Fixes + * Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 3fa5180bcb49..76ca0ac8ba76 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.9 +lastReleaseVersion: 0.3.10 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index a37a4cb3d580..70ec4798ea85 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.10-dev +version: 0.3.10 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 96615d069729..bda9834c9bca 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.3.10 + +No user-facing changes. + ## 0.3.9 ### New Queries diff --git a/swift/ql/src/change-notes/released/0.3.10.md b/swift/ql/src/change-notes/released/0.3.10.md new file mode 100644 index 000000000000..925a48fc52e0 --- /dev/null +++ b/swift/ql/src/change-notes/released/0.3.10.md @@ -0,0 +1,3 @@ +## 0.3.10 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 3fa5180bcb49..76ca0ac8ba76 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.9 +lastReleaseVersion: 0.3.10 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index e3ead42c98bf..ba66b065529b 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.10-dev +version: 0.3.10 groups: - swift - queries From ce31f8641a4c4f83c8665bdf48de524862aa15c7 Mon Sep 17 00:00:00 2001 From: Angela P Wen Date: Wed, 6 Mar 2024 12:07:33 -0800 Subject: [PATCH 10/12] Revert "Release preparation for version 2.16.4" --- cpp/ql/lib/CHANGELOG.md | 6 ------ ....12.7.md => 2024-02-26-ir-named-destructors.md} | 9 ++++----- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 7 ------- ...=> 2024-02-16-modelled-functions-block-flow.md} | 8 +++----- .../2024-02-29-non-constant-format-path-query.md | 4 ++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ---- .../Solorigate/lib/change-notes/released/1.7.10.md | 3 --- .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ---- .../Solorigate/src/change-notes/released/1.7.10.md | 3 --- .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 14 -------------- .../change-notes/2024-02-21-getonly-properties.md | 4 ++++ .../ql/lib/change-notes/2024-02-22-no-db-stats.md | 4 ++++ .../change-notes/2024-02-23-compiler-generated.md | 4 ++++ .../2024-02-26-variable-capture-flow.md | 4 ++++ .../2024-02-28-experimental-attribute.md | 4 ++++ .../2024-02-28-refreadonly-parameter.md | 4 ++++ csharp/ql/lib/change-notes/released/0.8.10.md | 13 ------------- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ------ .../0.8.10.md => 2024-02-06-threat-models.md} | 9 ++++----- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ---- .../change-notes/released/0.0.9.md | 3 --- go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 11 ----------- .../lib/change-notes/2024-02-14-range-map-read.md | 4 ++++ ...0.7.10.md => 2024-03-04-autobuilder-changes.md} | 11 +++-------- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ---- go/ql/src/change-notes/released/0.7.10.md | 3 --- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ---- .../automodel/src/change-notes/released/0.0.17.md | 3 --- java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 11 ----------- .../change-notes/2024-02-23-widget-flowsteps.md | 4 ++++ java/ql/lib/change-notes/2024-02-27-error-types.md | 4 ++++ .../lib/change-notes/2024-02-27-mvnw-versions.md | 4 ++++ java/ql/lib/change-notes/released/0.8.10.md | 10 ---------- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 10 ---------- .../2024-02-12-android-insecure-keys.md | 4 ++++ ...3-04-sensitive-log-remove-null-from-sources.md} | 11 +++-------- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ---- javascript/ql/lib/change-notes/released/0.8.10.md | 3 --- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ---- javascript/ql/src/change-notes/released/0.8.10.md | 3 --- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ---- misc/suite-helpers/change-notes/released/0.7.10.md | 3 --- misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 7 ------- .../2024-02-28-iterable-unpacking-module-scope.md | 4 ++++ ....11.10.md => 2024-03-01-dict-update-content.md} | 8 +++----- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ------ .../0.9.10.md => 2024-03-04-nosql-injection.md} | 7 +++---- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 9 --------- ...2024-02-15-activerecord_connection_sql_sinks.md | 4 ++++ .../2024-02-20-activerecord-sql-sink-arguments.md | 4 ++++ .../lib/change-notes/2024-02-26-arel-sqlliteral.md | 4 ++++ .../lib/change-notes/2024-02-29-i18n-translate.md | 4 ++++ ruby/ql/lib/change-notes/released/0.8.10.md | 8 -------- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 7 ------- .../2024-02-13-rails-more-request-sources.md | 4 ++++ ...d => 2024-03-01-method-code-injection-sinks.md} | 10 ++++------ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ---- shared/controlflow/change-notes/released/0.1.10.md | 3 --- shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ---- shared/dataflow/change-notes/released/0.2.1.md | 3 --- shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ---- shared/mad/change-notes/released/0.2.10.md | 3 --- shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ---- .../rangeanalysis/change-notes/released/0.0.9.md | 3 --- shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ---- shared/regex/change-notes/released/0.2.10.md | 3 --- shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ---- shared/ssa/change-notes/released/0.2.10.md | 3 --- shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ---- .../threat-models/change-notes/released/0.0.9.md | 3 --- shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ---- shared/tutorial/change-notes/released/0.2.10.md | 3 --- shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ---- .../typetracking/change-notes/released/0.2.10.md | 3 --- shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ---- shared/typos/change-notes/released/0.2.10.md | 3 --- shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ---- shared/util/change-notes/released/0.2.10.md | 3 --- shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ---- shared/yaml/change-notes/released/0.2.10.md | 3 --- shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ------ .../0.3.10.md => 2024-02-22-extension-patch.md} | 7 +++---- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ---- swift/ql/src/change-notes/released/0.3.10.md | 3 --- swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 150 files changed, 168 insertions(+), 394 deletions(-) rename cpp/ql/lib/change-notes/{released/0.12.7.md => 2024-02-26-ir-named-destructors.md} (54%) rename cpp/ql/src/change-notes/{released/0.9.6.md => 2024-02-16-modelled-functions-block-flow.md} (77%) create mode 100644 cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md delete mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md delete mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md create mode 100644 csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md create mode 100644 csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md create mode 100644 csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md create mode 100644 csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md create mode 100644 csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md create mode 100644 csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md delete mode 100644 csharp/ql/lib/change-notes/released/0.8.10.md rename csharp/ql/src/change-notes/{released/0.8.10.md => 2024-02-06-threat-models.md} (88%) delete mode 100644 go/ql/consistency-queries/change-notes/released/0.0.9.md create mode 100644 go/ql/lib/change-notes/2024-02-14-range-map-read.md rename go/ql/lib/change-notes/{released/0.7.10.md => 2024-03-04-autobuilder-changes.md} (68%) delete mode 100644 go/ql/src/change-notes/released/0.7.10.md delete mode 100644 java/ql/automodel/src/change-notes/released/0.0.17.md create mode 100644 java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md create mode 100644 java/ql/lib/change-notes/2024-02-27-error-types.md create mode 100644 java/ql/lib/change-notes/2024-02-27-mvnw-versions.md delete mode 100644 java/ql/lib/change-notes/released/0.8.10.md create mode 100644 java/ql/src/change-notes/2024-02-12-android-insecure-keys.md rename java/ql/src/change-notes/{released/0.8.10.md => 2024-03-04-sensitive-log-remove-null-from-sources.md} (54%) delete mode 100644 javascript/ql/lib/change-notes/released/0.8.10.md delete mode 100644 javascript/ql/src/change-notes/released/0.8.10.md delete mode 100644 misc/suite-helpers/change-notes/released/0.7.10.md create mode 100644 python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md rename python/ql/lib/change-notes/{released/0.11.10.md => 2024-03-01-dict-update-content.md} (52%) rename python/ql/src/change-notes/{released/0.9.10.md => 2024-03-04-nosql-injection.md} (81%) create mode 100644 ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md create mode 100644 ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md create mode 100644 ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md create mode 100644 ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md delete mode 100644 ruby/ql/lib/change-notes/released/0.8.10.md create mode 100644 ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md rename ruby/ql/src/change-notes/{released/0.8.10.md => 2024-03-01-method-code-injection-sinks.md} (51%) delete mode 100644 shared/controlflow/change-notes/released/0.1.10.md delete mode 100644 shared/dataflow/change-notes/released/0.2.1.md delete mode 100644 shared/mad/change-notes/released/0.2.10.md delete mode 100644 shared/rangeanalysis/change-notes/released/0.0.9.md delete mode 100644 shared/regex/change-notes/released/0.2.10.md delete mode 100644 shared/ssa/change-notes/released/0.2.10.md delete mode 100644 shared/threat-models/change-notes/released/0.0.9.md delete mode 100644 shared/tutorial/change-notes/released/0.2.10.md delete mode 100644 shared/typetracking/change-notes/released/0.2.10.md delete mode 100644 shared/typos/change-notes/released/0.2.10.md delete mode 100644 shared/util/change-notes/released/0.2.10.md delete mode 100644 shared/yaml/change-notes/released/0.2.10.md rename swift/ql/lib/change-notes/{released/0.3.10.md => 2024-02-22-extension-patch.md} (83%) delete mode 100644 swift/ql/src/change-notes/released/0.3.10.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index e1c0dfbecd9a..b3091ec37d8f 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.12.7 - -### Minor Analysis Improvements - -* Added destructors for named objects to the intermediate representation. - ## 0.12.6 ### New Features diff --git a/cpp/ql/lib/change-notes/released/0.12.7.md b/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md similarity index 54% rename from cpp/ql/lib/change-notes/released/0.12.7.md rename to cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md index 856a8b665c74..4e35decaf8ed 100644 --- a/cpp/ql/lib/change-notes/released/0.12.7.md +++ b/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md @@ -1,5 +1,4 @@ -## 0.12.7 - -### Minor Analysis Improvements - -* Added destructors for named objects to the intermediate representation. +--- +category: minorAnalysis +--- +* Added destructors for named objects to the intermediate representation. \ No newline at end of file diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 20419e9c6100..170a312c1047 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.7 +lastReleaseVersion: 0.12.6 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 3bb9229bf94d..8e201fff5943 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.7 +version: 0.12.7-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index f6acd424bb05..ffcd73ff5d72 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.9.6 - -### Minor Analysis Improvements - -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. -* The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. - ## 0.9.5 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/released/0.9.6.md b/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md similarity index 77% rename from cpp/ql/src/change-notes/released/0.9.6.md rename to cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md index 0c85f3f9f0f0..d6ef3c3e0569 100644 --- a/cpp/ql/src/change-notes/released/0.9.6.md +++ b/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md @@ -1,6 +1,4 @@ -## 0.9.6 - -### Minor Analysis Improvements - -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. +--- +category: minorAnalysis +--- * The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. diff --git a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md new file mode 100644 index 000000000000..2e5933a61e86 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 19139c132b2d..460240feafff 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.6 +lastReleaseVersion: 0.9.5 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4052647bb97f..31bd20166b2b 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.6 +version: 0.9.6-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 82eacfc84f70..190b83b0f25a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.10 - -No user-facing changes. - ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md deleted file mode 100644 index 8e8007d8475f..000000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.10 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 31c7fe07020b..678da6bc37e9 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.10 +lastReleaseVersion: 1.7.9 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index ee993bed0c91..7e643b0fac33 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.10 +version: 1.7.10-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 82eacfc84f70..190b83b0f25a 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.10 - -No user-facing changes. - ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md deleted file mode 100644 index 8e8007d8475f..000000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.10 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 31c7fe07020b..678da6bc37e9 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.10 +lastReleaseVersion: 1.7.9 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 1f421754fc82..8654bbfd0312 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.10 +version: 1.7.10-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 16cc14259e19..95fd64c52704 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,17 +1,3 @@ -## 0.8.10 - -### Major Analysis Improvements - -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. - -### Minor Analysis Improvements - -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. -* C# 12: Add extractor and QL library support for `ref readonly` parameters. -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md new file mode 100644 index 000000000000..6bb8e99c71ef --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md new file mode 100644 index 000000000000..d6ffbd523ac6 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. diff --git a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md new file mode 100644 index 000000000000..9b1739b9b6da --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. diff --git a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md new file mode 100644 index 000000000000..66ab65083dc3 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md new file mode 100644 index 000000000000..8749c790954e --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. diff --git a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md new file mode 100644 index 000000000000..586b5341d293 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C# 12: Add extractor and QL library support for `ref readonly` parameters. diff --git a/csharp/ql/lib/change-notes/released/0.8.10.md b/csharp/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index f591ddc5b21a..000000000000 --- a/csharp/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,13 +0,0 @@ -## 0.8.10 - -### Major Analysis Improvements - -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. - -### Minor Analysis Improvements - -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. -* C# 12: Add extractor and QL library support for `ref readonly` parameters. -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 93c5c1120a24..d75ea3c63207 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.10 +version: 0.8.10-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 46c939e5cee1..9fe1609363fc 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/0.8.10.md b/csharp/ql/src/change-notes/2024-02-06-threat-models.md similarity index 88% rename from csharp/ql/src/change-notes/released/0.8.10.md rename to csharp/ql/src/change-notes/2024-02-06-threat-models.md index 702161c3d28f..69ac4e4dc17a 100644 --- a/csharp/ql/src/change-notes/released/0.8.10.md +++ b/csharp/ql/src/change-notes/2024-02-06-threat-models.md @@ -1,5 +1,4 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. +--- +category: minorAnalysis +--- +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. \ No newline at end of file diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 46384094b19e..9ee23cc73078 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.10 +version: 0.8.10-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a59e560c4155..fba2a8703562 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.9.md b/go/ql/consistency-queries/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf2..000000000000 --- a/go/ql/consistency-queries/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index ecdd64fbab86..58fdc6b45deb 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index d5a2fbee5f19..b574796b9954 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.9 +version: 0.0.9-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index fee5fd37a267..65a2376217b1 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.7.10 - -### Major Analysis Improvements - -* We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. -* Go 1.22 has been included in the range of supported Go versions. - -### Bug Fixes - -* Fixed dataflow out of a `map` using a `range` statement. - ## 0.7.9 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-02-14-range-map-read.md b/go/ql/lib/change-notes/2024-02-14-range-map-read.md new file mode 100644 index 000000000000..ea45737a72ea --- /dev/null +++ b/go/ql/lib/change-notes/2024-02-14-range-map-read.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/change-notes/released/0.7.10.md b/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md similarity index 68% rename from go/ql/lib/change-notes/released/0.7.10.md rename to go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md index 55954f8a3945..0442a571029f 100644 --- a/go/ql/lib/change-notes/released/0.7.10.md +++ b/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md @@ -1,10 +1,5 @@ -## 0.7.10 - -### Major Analysis Improvements - +--- +category: majorAnalysis +--- * We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. * Go 1.22 has been included in the range of supported Go versions. - -### Bug Fixes - -* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 675185672974..576395f3405e 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 8cc190fa880a..f21e478efa68 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.10 +version: 0.7.10-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 24e38b9890e1..d95165a3a34e 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.7.10 - -No user-facing changes. - ## 0.7.9 ### New Queries diff --git a/go/ql/src/change-notes/released/0.7.10.md b/go/ql/src/change-notes/released/0.7.10.md deleted file mode 100644 index 989c5b8f6823..000000000000 --- a/go/ql/src/change-notes/released/0.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.7.10 - -No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 675185672974..576395f3405e 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 4ded3a52f63e..d91cab596127 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.10 +version: 0.7.10-dev groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index c3282c773a9d..4a3c54adb385 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.17 - -No user-facing changes. - ## 0.0.16 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.17.md b/java/ql/automodel/src/change-notes/released/0.0.17.md deleted file mode 100644 index 62cc89030a62..000000000000 --- a/java/ql/automodel/src/change-notes/released/0.0.17.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.17 - -No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index cbc3d3cd4934..a49f7be4cff3 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.17 +lastReleaseVersion: 0.0.16 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 59fab0cdcc53..898239be0989 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.17 +version: 0.0.17-dev groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2a02ccee6abb..d369cbdc9318 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. - -### Bug Fixes - -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. - ## 0.8.9 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md new file mode 100644 index 000000000000..eb560fba07da --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/change-notes/2024-02-27-error-types.md b/java/ql/lib/change-notes/2024-02-27-error-types.md new file mode 100644 index 000000000000..cdc6d7620aa8 --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-27-error-types.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. diff --git a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md new file mode 100644 index 000000000000..a0227088ae97 --- /dev/null +++ b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md @@ -0,0 +1,4 @@ +--- +category: fix +--- +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. diff --git a/java/ql/lib/change-notes/released/0.8.10.md b/java/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index b45f14bf347a..000000000000 --- a/java/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,10 +0,0 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. - -### Bug Fixes - -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 428eedc75e3d..15b4982d41eb 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.10 +version: 0.8.10-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index c61275f5ed84..5d8353514538 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,13 +1,3 @@ -## 0.8.10 - -### New Queries - -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. - -### Minor Analysis Improvements - -* To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. - ## 0.8.9 ### New Queries diff --git a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md new file mode 100644 index 000000000000..1de077277962 --- /dev/null +++ b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. \ No newline at end of file diff --git a/java/ql/src/change-notes/released/0.8.10.md b/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md similarity index 54% rename from java/ql/src/change-notes/released/0.8.10.md rename to java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md index c5d18ae33794..0bb4f18f2bd9 100644 --- a/java/ql/src/change-notes/released/0.8.10.md +++ b/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md @@ -1,9 +1,4 @@ -## 0.8.10 - -### New Queries - -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index ebbdbeee3b2c..8f4de528e213 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.10 +version: 0.8.10-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index d5edcc005131..5b97ebbb22b3 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.8.10 - -No user-facing changes. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/0.8.10.md b/javascript/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index 777bbd2fdede..000000000000 --- a/javascript/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.8.10 - -No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index da16493a21c9..ef3ca7521aca 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.10 +version: 0.8.10-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index b9627cac5eee..85516e3625d1 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.8.10 - -No user-facing changes. - ## 0.8.9 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/released/0.8.10.md b/javascript/ql/src/change-notes/released/0.8.10.md deleted file mode 100644 index 777bbd2fdede..000000000000 --- a/javascript/ql/src/change-notes/released/0.8.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.8.10 - -No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index d224952c5641..b6181aa30e99 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.10 +version: 0.8.10-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 1c4455b66c43..3c06dd69b0f5 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.7.10 - -No user-facing changes. - ## 0.7.9 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.10.md b/misc/suite-helpers/change-notes/released/0.7.10.md deleted file mode 100644 index 989c5b8f6823..000000000000 --- a/misc/suite-helpers/change-notes/released/0.7.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.7.10 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 675185672974..576395f3405e 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.10 +lastReleaseVersion: 0.7.9 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 54d978d5efe7..49b7a6bda4c2 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.10 +version: 0.7.10-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index f095607ca1bf..e6f318c51ea8 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.11.10 - -### Minor Analysis Improvements - -* Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. - ## 0.11.9 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md new file mode 100644 index 000000000000..3c47c6ba866a --- /dev/null +++ b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/change-notes/released/0.11.10.md b/python/ql/lib/change-notes/2024-03-01-dict-update-content.md similarity index 52% rename from python/ql/lib/change-notes/released/0.11.10.md rename to python/ql/lib/change-notes/2024-03-01-dict-update-content.md index ed873724e4f2..dfb8d247fffa 100644 --- a/python/ql/lib/change-notes/released/0.11.10.md +++ b/python/ql/lib/change-notes/2024-03-01-dict-update-content.md @@ -1,6 +1,4 @@ -## 0.11.10 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index ddddcbe9193d..b064d1778a10 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.10 +lastReleaseVersion: 0.11.9 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 59a8b4c96d17..e9f66e205f24 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.10 +version: 0.11.10-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index d4245aba7a62..50762bcbf34e 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.9.10 - -### New Queries - -* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. - ## 0.9.9 No user-facing changes. diff --git a/python/ql/src/change-notes/released/0.9.10.md b/python/ql/src/change-notes/2024-03-04-nosql-injection.md similarity index 81% rename from python/ql/src/change-notes/released/0.9.10.md rename to python/ql/src/change-notes/2024-03-04-nosql-injection.md index 4cbb221b789f..6e98540c757c 100644 --- a/python/ql/src/change-notes/released/0.9.10.md +++ b/python/ql/src/change-notes/2024-03-04-nosql-injection.md @@ -1,5 +1,4 @@ -## 0.9.10 - -### New Queries - +--- +category: newQuery +--- * The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index d086ed69541d..aabed7c396b7 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.10 +lastReleaseVersion: 0.9.9 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index c920f667836b..aa18f2d87074 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.10 +version: 0.9.10-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index c61a12e0f4ad..a623a151e891 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,12 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. - ## 0.8.9 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md new file mode 100644 index 000000000000..c2276f284a84 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md new file mode 100644 index 000000000000..1486c7a472d1 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md new file mode 100644 index 000000000000..6f3a90768bab --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md new file mode 100644 index 000000000000..350e049b5bfc --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/released/0.8.10.md b/ruby/ql/lib/change-notes/released/0.8.10.md deleted file mode 100644 index 666e28f840e7..000000000000 --- a/ruby/ql/lib/change-notes/released/0.8.10.md +++ /dev/null @@ -1,8 +0,0 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index de5b41999fe1..7d409b83adbd 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.10 +version: 0.8.10-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index f875b6d16ad4..4149c728effa 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. -* Added additional request sources for Ruby on Rails. - ## 0.8.9 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md new file mode 100644 index 000000000000..84ea696dfef4 --- /dev/null +++ b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added additional request sources for Ruby on Rails. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/released/0.8.10.md b/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md similarity index 51% rename from ruby/ql/src/change-notes/released/0.8.10.md rename to ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md index 985cdf8d22e0..43e40d3fd536 100644 --- a/ruby/ql/src/change-notes/released/0.8.10.md +++ b/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md @@ -1,6 +1,4 @@ -## 0.8.10 - -### Minor Analysis Improvements - -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. -* Added additional request sources for Ruby on Rails. +--- +category: minorAnalysis +--- +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. \ No newline at end of file diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 0521f0f75fad..5290c29b7fe7 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.10 +lastReleaseVersion: 0.8.9 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 5e3792682346..8af7f9fd7976 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.10 +version: 0.8.10-dev groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 75f2ca53f987..dbfa6ef4512d 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.1.10 - -No user-facing changes. - ## 0.1.9 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.10.md b/shared/controlflow/change-notes/released/0.1.10.md deleted file mode 100644 index 47358eeee934..000000000000 --- a/shared/controlflow/change-notes/released/0.1.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.1.10 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 30f5ca88be0e..1425c0edf7f8 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.10 +lastReleaseVersion: 0.1.9 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 1d43802be421..9d35a6782761 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.10 +version: 0.1.10-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ef80788bded6..67a5bf589f4f 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.1 - -No user-facing changes. - ## 0.2.0 ### Breaking Changes diff --git a/shared/dataflow/change-notes/released/0.2.1.md b/shared/dataflow/change-notes/released/0.2.1.md deleted file mode 100644 index 3dbfc85fe11d..000000000000 --- a/shared/dataflow/change-notes/released/0.2.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.1 - -No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index df29a726bccc..5274e27ed522 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.1 +lastReleaseVersion: 0.2.0 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index ee422e02ea9a..1e7becf71c4f 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.1 +version: 0.2.1-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 4730366775ea..4d09057118ce 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.10.md b/shared/mad/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/mad/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 6d7269ef3da8..22c8f271ccc6 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 9943dcb79727..5b8dbcfab22c 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.9.md b/shared/rangeanalysis/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf2..000000000000 --- a/shared/rangeanalysis/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index ecdd64fbab86..58fdc6b45deb 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 01db5d5734d0..836fe51ee344 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.9 +version: 0.0.9-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index c05869c153d3..cd5f91f71ec1 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.10.md b/shared/regex/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/regex/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 0d4f485312f7..ea3f7f9b2389 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index a9161ff578b0..01acfae01489 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.10.md b/shared/ssa/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/ssa/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 2ad254711a50..19304ad107f1 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a59e560c4155..fba2a8703562 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.9 - -No user-facing changes. - ## 0.0.8 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.9.md b/shared/threat-models/change-notes/released/0.0.9.md deleted file mode 100644 index c9e17c6d6cf2..000000000000 --- a/shared/threat-models/change-notes/released/0.0.9.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.9 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index ecdd64fbab86..58fdc6b45deb 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.9 +lastReleaseVersion: 0.0.8 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 60cbbc56fcb3..d0ed9a913b21 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.9 +version: 0.0.9-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 560ad058d5b3..1db3a01af0b1 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.10.md b/shared/tutorial/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/tutorial/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 69116705c1bf..b595ae9ee70a 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 350f9ecbeae0..afc857bc6bce 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.10.md b/shared/typetracking/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/typetracking/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fbbdcf5162a1..b55927f59bb7 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 54b1eaa4d589..66c5871d9821 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.10.md b/shared/typos/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/typos/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 4d59d9b3c342..644bfe11bff7 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 1ca1f71bcbc2..63832e927fa5 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.10.md b/shared/util/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/util/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 28ed738a93dd..ca1a866a53d4 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 9fd5ebc26ab2..e5495abcd503 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.10 - -No user-facing changes. - ## 0.2.9 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.10.md b/shared/yaml/change-notes/released/0.2.10.md deleted file mode 100644 index 81c9722b19fe..000000000000 --- a/shared/yaml/change-notes/released/0.2.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.10 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index a71167814cb7..d021cf0a6bed 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.10 +lastReleaseVersion: 0.2.9 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 9643ffcec66b..de5b47e120ae 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.10 +version: 0.2.10-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 8f14bfcedc9c..e88cd0259ccf 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.3.10 - -### Bug Fixes - -* Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. - ## 0.3.9 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/released/0.3.10.md b/swift/ql/lib/change-notes/2024-02-22-extension-patch.md similarity index 83% rename from swift/ql/lib/change-notes/released/0.3.10.md rename to swift/ql/lib/change-notes/2024-02-22-extension-patch.md index 9d6286ff58a7..7bd78f3b785c 100644 --- a/swift/ql/lib/change-notes/released/0.3.10.md +++ b/swift/ql/lib/change-notes/2024-02-22-extension-patch.md @@ -1,5 +1,4 @@ -## 0.3.10 - -### Bug Fixes - +--- +category: fix +--- * Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 76ca0ac8ba76..3fa5180bcb49 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.10 +lastReleaseVersion: 0.3.9 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 70ec4798ea85..a37a4cb3d580 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.10 +version: 0.3.10-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index bda9834c9bca..96615d069729 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.3.10 - -No user-facing changes. - ## 0.3.9 ### New Queries diff --git a/swift/ql/src/change-notes/released/0.3.10.md b/swift/ql/src/change-notes/released/0.3.10.md deleted file mode 100644 index 925a48fc52e0..000000000000 --- a/swift/ql/src/change-notes/released/0.3.10.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.3.10 - -No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 76ca0ac8ba76..3fa5180bcb49 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.10 +lastReleaseVersion: 0.3.9 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index ba66b065529b..e3ead42c98bf 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.10 +version: 0.3.10-dev groups: - swift - queries From 2f058ffb4d0bc7486717a95744c240b9eef87fe6 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 6 Mar 2024 20:56:51 +0000 Subject: [PATCH 11/12] Release preparation for version 2.16.4 --- cpp/ql/lib/CHANGELOG.md | 6 ++++++ .../0.12.7.md} | 9 +++++---- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 7 +++++++ .../2024-02-29-non-constant-format-path-query.md | 4 ---- .../0.9.6.md} | 8 +++++--- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../Solorigate/lib/change-notes/released/1.7.10.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../Solorigate/src/change-notes/released/1.7.10.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 14 ++++++++++++++ .../change-notes/2024-02-21-getonly-properties.md | 4 ---- .../ql/lib/change-notes/2024-02-22-no-db-stats.md | 4 ---- .../change-notes/2024-02-23-compiler-generated.md | 4 ---- .../2024-02-26-variable-capture-flow.md | 4 ---- .../2024-02-28-experimental-attribute.md | 4 ---- .../2024-02-28-refreadonly-parameter.md | 4 ---- csharp/ql/lib/change-notes/released/0.8.10.md | 13 +++++++++++++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 6 ++++++ .../0.8.10.md} | 9 +++++---- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/0.0.9.md | 3 +++ go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 11 +++++++++++ .../lib/change-notes/2024-02-14-range-map-read.md | 4 ---- .../0.7.10.md} | 11 ++++++++--- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/0.7.10.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ++++ .../automodel/src/change-notes/released/0.0.17.md | 3 +++ java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 11 +++++++++++ .../change-notes/2024-02-23-widget-flowsteps.md | 4 ---- java/ql/lib/change-notes/2024-02-27-error-types.md | 4 ---- .../lib/change-notes/2024-02-27-mvnw-versions.md | 4 ---- java/ql/lib/change-notes/released/0.8.10.md | 10 ++++++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 10 ++++++++++ .../2024-02-12-android-insecure-keys.md | 4 ---- .../0.8.10.md} | 11 ++++++++--- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ javascript/ql/lib/change-notes/released/0.8.10.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ++++ javascript/ql/src/change-notes/released/0.8.10.md | 3 +++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ misc/suite-helpers/change-notes/released/0.7.10.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 7 +++++++ .../2024-02-28-iterable-unpacking-module-scope.md | 4 ---- .../0.11.10.md} | 8 +++++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ++++++ .../0.9.10.md} | 7 ++++--- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 9 +++++++++ ...2024-02-15-activerecord_connection_sql_sinks.md | 4 ---- .../2024-02-20-activerecord-sql-sink-arguments.md | 4 ---- .../lib/change-notes/2024-02-26-arel-sqlliteral.md | 4 ---- .../lib/change-notes/2024-02-29-i18n-translate.md | 4 ---- ruby/ql/lib/change-notes/released/0.8.10.md | 8 ++++++++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 7 +++++++ .../2024-02-13-rails-more-request-sources.md | 4 ---- .../0.8.10.md} | 10 ++++++---- ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ shared/controlflow/change-notes/released/0.1.10.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ shared/dataflow/change-notes/released/0.2.1.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/0.2.10.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../rangeanalysis/change-notes/released/0.0.9.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/0.2.10.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/0.2.10.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../threat-models/change-notes/released/0.0.9.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ shared/tutorial/change-notes/released/0.2.10.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../typetracking/change-notes/released/0.2.10.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/0.2.10.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/0.2.10.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/0.2.10.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ++++++ .../0.3.10.md} | 7 ++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/0.3.10.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 150 files changed, 394 insertions(+), 168 deletions(-) rename cpp/ql/lib/change-notes/{2024-02-26-ir-named-destructors.md => released/0.12.7.md} (54%) delete mode 100644 cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md rename cpp/ql/src/change-notes/{2024-02-16-modelled-functions-block-flow.md => released/0.9.6.md} (77%) create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md delete mode 100644 csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md create mode 100644 csharp/ql/lib/change-notes/released/0.8.10.md rename csharp/ql/src/change-notes/{2024-02-06-threat-models.md => released/0.8.10.md} (88%) create mode 100644 go/ql/consistency-queries/change-notes/released/0.0.9.md delete mode 100644 go/ql/lib/change-notes/2024-02-14-range-map-read.md rename go/ql/lib/change-notes/{2024-03-04-autobuilder-changes.md => released/0.7.10.md} (68%) create mode 100644 go/ql/src/change-notes/released/0.7.10.md create mode 100644 java/ql/automodel/src/change-notes/released/0.0.17.md delete mode 100644 java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md delete mode 100644 java/ql/lib/change-notes/2024-02-27-error-types.md delete mode 100644 java/ql/lib/change-notes/2024-02-27-mvnw-versions.md create mode 100644 java/ql/lib/change-notes/released/0.8.10.md delete mode 100644 java/ql/src/change-notes/2024-02-12-android-insecure-keys.md rename java/ql/src/change-notes/{2024-03-04-sensitive-log-remove-null-from-sources.md => released/0.8.10.md} (54%) create mode 100644 javascript/ql/lib/change-notes/released/0.8.10.md create mode 100644 javascript/ql/src/change-notes/released/0.8.10.md create mode 100644 misc/suite-helpers/change-notes/released/0.7.10.md delete mode 100644 python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md rename python/ql/lib/change-notes/{2024-03-01-dict-update-content.md => released/0.11.10.md} (52%) rename python/ql/src/change-notes/{2024-03-04-nosql-injection.md => released/0.9.10.md} (81%) delete mode 100644 ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md delete mode 100644 ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md create mode 100644 ruby/ql/lib/change-notes/released/0.8.10.md delete mode 100644 ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md rename ruby/ql/src/change-notes/{2024-03-01-method-code-injection-sinks.md => released/0.8.10.md} (51%) create mode 100644 shared/controlflow/change-notes/released/0.1.10.md create mode 100644 shared/dataflow/change-notes/released/0.2.1.md create mode 100644 shared/mad/change-notes/released/0.2.10.md create mode 100644 shared/rangeanalysis/change-notes/released/0.0.9.md create mode 100644 shared/regex/change-notes/released/0.2.10.md create mode 100644 shared/ssa/change-notes/released/0.2.10.md create mode 100644 shared/threat-models/change-notes/released/0.0.9.md create mode 100644 shared/tutorial/change-notes/released/0.2.10.md create mode 100644 shared/typetracking/change-notes/released/0.2.10.md create mode 100644 shared/typos/change-notes/released/0.2.10.md create mode 100644 shared/util/change-notes/released/0.2.10.md create mode 100644 shared/yaml/change-notes/released/0.2.10.md rename swift/ql/lib/change-notes/{2024-02-22-extension-patch.md => released/0.3.10.md} (83%) create mode 100644 swift/ql/src/change-notes/released/0.3.10.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index b3091ec37d8f..e1c0dfbecd9a 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.12.7 + +### Minor Analysis Improvements + +* Added destructors for named objects to the intermediate representation. + ## 0.12.6 ### New Features diff --git a/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md b/cpp/ql/lib/change-notes/released/0.12.7.md similarity index 54% rename from cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md rename to cpp/ql/lib/change-notes/released/0.12.7.md index 4e35decaf8ed..856a8b665c74 100644 --- a/cpp/ql/lib/change-notes/2024-02-26-ir-named-destructors.md +++ b/cpp/ql/lib/change-notes/released/0.12.7.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Added destructors for named objects to the intermediate representation. \ No newline at end of file +## 0.12.7 + +### Minor Analysis Improvements + +* Added destructors for named objects to the intermediate representation. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 170a312c1047..20419e9c6100 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.6 +lastReleaseVersion: 0.12.7 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8e201fff5943..3bb9229bf94d 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.7-dev +version: 0.12.7 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index ffcd73ff5d72..f6acd424bb05 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.9.6 + +### Minor Analysis Improvements + +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. +* The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. + ## 0.9.5 ### Minor Analysis Improvements diff --git a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md b/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md deleted file mode 100644 index 2e5933a61e86..000000000000 --- a/cpp/ql/src/change-notes/2024-02-29-non-constant-format-path-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md b/cpp/ql/src/change-notes/released/0.9.6.md similarity index 77% rename from cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md rename to cpp/ql/src/change-notes/released/0.9.6.md index d6ef3c3e0569..0c85f3f9f0f0 100644 --- a/cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md +++ b/cpp/ql/src/change-notes/released/0.9.6.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.9.6 + +### Minor Analysis Improvements + +* The "non-constant format string" query (`cpp/non-constant-format`) has been converted to a `path-problem` query. * The new C/C++ dataflow and taint-tracking libraries (`semmle.code.cpp.dataflow.new.DataFlow` and `semmle.code.cpp.dataflow.new.TaintTracking`) now implicitly assume that dataflow and taint modelled via `DataFlowFunction` and `TaintFunction` always fully overwrite their buffers and thus act as flow barriers. As a result, many dataflow and taint-tracking queries now produce fewer false positives. To remove this assumption and go back to the previous behavior for a given model, one can override the new `isPartialWrite` predicate. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 460240feafff..19139c132b2d 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.5 +lastReleaseVersion: 0.9.6 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 31bd20166b2b..4052647bb97f 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.6-dev +version: 0.9.6 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 190b83b0f25a..82eacfc84f70 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.10 + +No user-facing changes. + ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md new file mode 100644 index 000000000000..8e8007d8475f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.10.md @@ -0,0 +1,3 @@ +## 1.7.10 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 678da6bc37e9..31c7fe07020b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.9 +lastReleaseVersion: 1.7.10 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 7e643b0fac33..ee993bed0c91 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.10-dev +version: 1.7.10 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 190b83b0f25a..82eacfc84f70 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.10 + +No user-facing changes. + ## 1.7.9 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md new file mode 100644 index 000000000000..8e8007d8475f --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.10.md @@ -0,0 +1,3 @@ +## 1.7.10 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 678da6bc37e9..31c7fe07020b 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.9 +lastReleaseVersion: 1.7.10 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 8654bbfd0312..1f421754fc82 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.10-dev +version: 1.7.10 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 95fd64c52704..16cc14259e19 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,17 @@ +## 0.8.10 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. + +### Minor Analysis Improvements + +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. +* C# 12: Add extractor and QL library support for `ref readonly` parameters. +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md b/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md deleted file mode 100644 index 6bb8e99c71ef..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md b/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md deleted file mode 100644 index d6ffbd523ac6..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. diff --git a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md b/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md deleted file mode 100644 index 9b1739b9b6da..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-23-compiler-generated.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. diff --git a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md b/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md deleted file mode 100644 index 66ab65083dc3..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-26-variable-capture-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md b/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md deleted file mode 100644 index 8749c790954e..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-28-experimental-attribute.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. diff --git a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md b/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md deleted file mode 100644 index 586b5341d293..000000000000 --- a/csharp/ql/lib/change-notes/2024-02-28-refreadonly-parameter.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 12: Add extractor and QL library support for `ref readonly` parameters. diff --git a/csharp/ql/lib/change-notes/released/0.8.10.md b/csharp/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..f591ddc5b21a --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,13 @@ +## 0.8.10 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. +* We no longer make use of CodeQL database stats, which may affect join-orders in custom queries. It is therefore recommended to test performance of custom queries after upgrading to this version. + +### Minor Analysis Improvements + +* C# 12: Add QL library support (`ExperimentalAttribute`) for the experimental attribute. +* C# 12: Add extractor and QL library support for `ref readonly` parameters. +* C#: The table `expr_compiler_generated` has been deleted and its content has been added to `compiler_generated`. +* Data flow via get only properties like `public object Obj { get; }` is now captured by the data flow library. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index d75ea3c63207..93c5c1120a24 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.10-dev +version: 0.8.10 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 9fe1609363fc..46c939e5cee1 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/2024-02-06-threat-models.md b/csharp/ql/src/change-notes/released/0.8.10.md similarity index 88% rename from csharp/ql/src/change-notes/2024-02-06-threat-models.md rename to csharp/ql/src/change-notes/released/0.8.10.md index 69ac4e4dc17a..702161c3d28f 100644 --- a/csharp/ql/src/change-notes/2024-02-06-threat-models.md +++ b/csharp/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. \ No newline at end of file +## 0.8.10 + +### Minor Analysis Improvements + +* Most data flow queries that track flow from *remote* flow sources now use the current *threat model* configuration instead. This doesn't lead to any changes in the produced alerts (as the default configuration is *remote* flow sources) unless the threat model configuration is changed. The changed queries are `cs/code-injection`, `cs/command-line-injection`, `cs/user-controlled-bypass`, `cs/count-untrusted-data-external-api`, `cs/untrusted-data-to-external-api`, `cs/ldap-injection`, `cs/log-forging`, `cs/xml/missing-validation`, `cs/redos`, `cs/regex-injection`, `cs/resource-injection`, `cs/sql-injection`, `cs/path-injection`, `cs/unsafe-deserialization-untrusted-input`, `cs/web/unvalidated-url-redirection`, `cs/xml/insecure-dtd-handling`, `cs/xml/xpath-injection`, `cs/web/xss`, and `cs/uncontrolled-format-string`. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 9ee23cc73078..46384094b19e 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.10-dev +version: 0.8.10 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index fba2a8703562..a59e560c4155 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.9.md b/go/ql/consistency-queries/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index b574796b9954..d5a2fbee5f19 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.9-dev +version: 0.0.9 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 65a2376217b1..fee5fd37a267 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.7.10 + +### Major Analysis Improvements + +* We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. +* Go 1.22 has been included in the range of supported Go versions. + +### Bug Fixes + +* Fixed dataflow out of a `map` using a `range` statement. + ## 0.7.9 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-02-14-range-map-read.md b/go/ql/lib/change-notes/2024-02-14-range-map-read.md deleted file mode 100644 index ea45737a72ea..000000000000 --- a/go/ql/lib/change-notes/2024-02-14-range-map-read.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md b/go/ql/lib/change-notes/released/0.7.10.md similarity index 68% rename from go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md rename to go/ql/lib/change-notes/released/0.7.10.md index 0442a571029f..55954f8a3945 100644 --- a/go/ql/lib/change-notes/2024-03-04-autobuilder-changes.md +++ b/go/ql/lib/change-notes/released/0.7.10.md @@ -1,5 +1,10 @@ ---- -category: majorAnalysis ---- +## 0.7.10 + +### Major Analysis Improvements + * We have significantly improved the Go autobuilder to understand a greater range of project layouts, which allows Go source files to be analysed that could previously not be processed. * Go 1.22 has been included in the range of supported Go versions. + +### Bug Fixes + +* Fixed dataflow out of a `map` using a `range` statement. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index f21e478efa68..8cc190fa880a 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.10-dev +version: 0.7.10 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index d95165a3a34e..24e38b9890e1 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.10 + +No user-facing changes. + ## 0.7.9 ### New Queries diff --git a/go/ql/src/change-notes/released/0.7.10.md b/go/ql/src/change-notes/released/0.7.10.md new file mode 100644 index 000000000000..989c5b8f6823 --- /dev/null +++ b/go/ql/src/change-notes/released/0.7.10.md @@ -0,0 +1,3 @@ +## 0.7.10 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index d91cab596127..4ded3a52f63e 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.10-dev +version: 0.7.10 groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 4a3c54adb385..c3282c773a9d 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.17 + +No user-facing changes. + ## 0.0.16 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.17.md b/java/ql/automodel/src/change-notes/released/0.0.17.md new file mode 100644 index 000000000000..62cc89030a62 --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/0.0.17.md @@ -0,0 +1,3 @@ +## 0.0.17 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index a49f7be4cff3..cbc3d3cd4934 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.16 +lastReleaseVersion: 0.0.17 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 898239be0989..59fab0cdcc53 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.17-dev +version: 0.0.17 groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index d369cbdc9318..2a02ccee6abb 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. + +### Bug Fixes + +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. + ## 0.8.9 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md b/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md deleted file mode 100644 index eb560fba07da..000000000000 --- a/java/ql/lib/change-notes/2024-02-23-widget-flowsteps.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/change-notes/2024-02-27-error-types.md b/java/ql/lib/change-notes/2024-02-27-error-types.md deleted file mode 100644 index cdc6d7620aa8..000000000000 --- a/java/ql/lib/change-notes/2024-02-27-error-types.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. diff --git a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md b/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md deleted file mode 100644 index a0227088ae97..000000000000 --- a/java/ql/lib/change-notes/2024-02-27-mvnw-versions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. diff --git a/java/ql/lib/change-notes/released/0.8.10.md b/java/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..b45f14bf347a --- /dev/null +++ b/java/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,10 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often. + +### Bug Fixes + +* Fixed the Java autobuilder overriding the version of Maven used by a project when the Maven wrapper `mvnw` is in use and the `maven-wrapper.jar` file is not present in the repository. +* Some flow steps related to `android.text.Editable.toString` that were accidentally disabled have been re-enabled. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 15b4982d41eb..428eedc75e3d 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.10-dev +version: 0.8.10 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 5d8353514538..c61275f5ed84 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.8.10 + +### New Queries + +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. + +### Minor Analysis Improvements + +* To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. + ## 0.8.9 ### New Queries diff --git a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md b/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md deleted file mode 100644 index 1de077277962..000000000000 --- a/java/ql/src/change-notes/2024-02-12-android-insecure-keys.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. \ No newline at end of file diff --git a/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md b/java/ql/src/change-notes/released/0.8.10.md similarity index 54% rename from java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md rename to java/ql/src/change-notes/released/0.8.10.md index 0bb4f18f2bd9..c5d18ae33794 100644 --- a/java/ql/src/change-notes/2024-03-04-sensitive-log-remove-null-from-sources.md +++ b/java/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,9 @@ ---- -category: minorAnalysis ---- +## 0.8.10 + +### New Queries + +* Added a new query `java/android/insecure-local-key-gen` for finding instances of keys generated for biometric authentication in an insecure way. + +### Minor Analysis Improvements + * To reduce the number of false positives in the query "Insertion of sensitive information into log files" (`java/sensitive-log`), variables with names that contain "null" (case-insensitively) are no longer considered sources of sensitive information. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 8f4de528e213..ebbdbeee3b2c 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.10-dev +version: 0.8.10 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 5b97ebbb22b3..d5edcc005131 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.10 + +No user-facing changes. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/0.8.10.md b/javascript/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..777bbd2fdede --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,3 @@ +## 0.8.10 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index ef3ca7521aca..da16493a21c9 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.10-dev +version: 0.8.10 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 85516e3625d1..b9627cac5eee 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.10 + +No user-facing changes. + ## 0.8.9 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/released/0.8.10.md b/javascript/ql/src/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..777bbd2fdede --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.8.10.md @@ -0,0 +1,3 @@ +## 0.8.10 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index b6181aa30e99..d224952c5641 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.10-dev +version: 0.8.10 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 3c06dd69b0f5..1c4455b66c43 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.10 + +No user-facing changes. + ## 0.7.9 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.10.md b/misc/suite-helpers/change-notes/released/0.7.10.md new file mode 100644 index 000000000000..989c5b8f6823 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.7.10.md @@ -0,0 +1,3 @@ +## 0.7.10 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 576395f3405e..675185672974 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.9 +lastReleaseVersion: 0.7.10 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 49b7a6bda4c2..54d978d5efe7 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.10-dev +version: 0.7.10 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index e6f318c51ea8..f095607ca1bf 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.11.10 + +### Minor Analysis Improvements + +* Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. + ## 0.11.9 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md b/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md deleted file mode 100644 index 3c47c6ba866a..000000000000 --- a/python/ql/lib/change-notes/2024-02-28-iterable-unpacking-module-scope.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/change-notes/2024-03-01-dict-update-content.md b/python/ql/lib/change-notes/released/0.11.10.md similarity index 52% rename from python/ql/lib/change-notes/2024-03-01-dict-update-content.md rename to python/ql/lib/change-notes/released/0.11.10.md index dfb8d247fffa..ed873724e4f2 100644 --- a/python/ql/lib/change-notes/2024-03-01-dict-update-content.md +++ b/python/ql/lib/change-notes/released/0.11.10.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.11.10 + +### Minor Analysis Improvements + * Fixed missing flow for dictionary updates (`d[] = ...`) when `` is a string constant not used in dictionary literals or as name of keyword-argument. +* Fixed flow for iterable unpacking (`a,b = my_tuple`) when it occurs on top-level (module) scope. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index b064d1778a10..ddddcbe9193d 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.9 +lastReleaseVersion: 0.11.10 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index e9f66e205f24..59a8b4c96d17 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.10-dev +version: 0.11.10 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 50762bcbf34e..d4245aba7a62 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.9.10 + +### New Queries + +* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. + ## 0.9.9 No user-facing changes. diff --git a/python/ql/src/change-notes/2024-03-04-nosql-injection.md b/python/ql/src/change-notes/released/0.9.10.md similarity index 81% rename from python/ql/src/change-notes/2024-03-04-nosql-injection.md rename to python/ql/src/change-notes/released/0.9.10.md index 6e98540c757c..4cbb221b789f 100644 --- a/python/ql/src/change-notes/2024-03-04-nosql-injection.md +++ b/python/ql/src/change-notes/released/0.9.10.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- +## 0.9.10 + +### New Queries + * The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now part of the default security suite. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index aabed7c396b7..d086ed69541d 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.9 +lastReleaseVersion: 0.9.10 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index aa18f2d87074..c920f667836b 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.10-dev +version: 0.9.10 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index a623a151e891..c61a12e0f4ad 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. + ## 0.8.9 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md b/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md deleted file mode 100644 index c2276f284a84..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md b/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md deleted file mode 100644 index 1486c7a472d1..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md b/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md deleted file mode 100644 index 6f3a90768bab..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-26-arel-sqlliteral.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md b/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md deleted file mode 100644 index 350e049b5bfc..000000000000 --- a/ruby/ql/lib/change-notes/2024-02-29-i18n-translate.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/released/0.8.10.md b/ruby/ql/lib/change-notes/released/0.8.10.md new file mode 100644 index 000000000000..666e28f840e7 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.8.10.md @@ -0,0 +1,8 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `I18n.translate` as well as Rails helper translate methods now propagate taint from their keyword arguments. The Rails translate methods are also recognized as XSS sanitizers when using keys marked as html safe. +* Calls to `Arel::Nodes::SqlLiteral.new` are now modeled as instances of the `SqlConstruction` concept, as well as propagating taint from their argument. +* Additional arguments beyond the first of calls to the `ActiveRecord` methods `select`, `reselect`, `order`, `reorder`, `joins`, `group`, and `pluck` are now recognized as sql injection sinks. +* Calls to several methods of `ActiveRecord::Connection`, such as `ActiveRecord::Connection#exec_query`, are now recognized as SQL executions, including those via subclasses. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 7d409b83adbd..de5b41999fe1 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.10-dev +version: 0.8.10 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 4149c728effa..f875b6d16ad4 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. +* Added additional request sources for Ruby on Rails. + ## 0.8.9 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md b/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md deleted file mode 100644 index 84ea696dfef4..000000000000 --- a/ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added additional request sources for Ruby on Rails. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md b/ruby/ql/src/change-notes/released/0.8.10.md similarity index 51% rename from ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md rename to ruby/ql/src/change-notes/released/0.8.10.md index 43e40d3fd536..985cdf8d22e0 100644 --- a/ruby/ql/src/change-notes/2024-03-01-method-code-injection-sinks.md +++ b/ruby/ql/src/change-notes/released/0.8.10.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- -* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. \ No newline at end of file +## 0.8.10 + +### Minor Analysis Improvements + +* Calls to `Object#method`, `Object#public_method` and `Object#singleton_method` with untrusted data are now recognised as sinks for code injection. +* Added additional request sources for Ruby on Rails. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 5290c29b7fe7..0521f0f75fad 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.9 +lastReleaseVersion: 0.8.10 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 8af7f9fd7976..5e3792682346 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.10-dev +version: 0.8.10 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index dbfa6ef4512d..75f2ca53f987 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.10 + +No user-facing changes. + ## 0.1.9 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.10.md b/shared/controlflow/change-notes/released/0.1.10.md new file mode 100644 index 000000000000..47358eeee934 --- /dev/null +++ b/shared/controlflow/change-notes/released/0.1.10.md @@ -0,0 +1,3 @@ +## 0.1.10 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 1425c0edf7f8..30f5ca88be0e 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.9 +lastReleaseVersion: 0.1.10 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 9d35a6782761..1d43802be421 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.10-dev +version: 0.1.10 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 67a5bf589f4f..ef80788bded6 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.1 + +No user-facing changes. + ## 0.2.0 ### Breaking Changes diff --git a/shared/dataflow/change-notes/released/0.2.1.md b/shared/dataflow/change-notes/released/0.2.1.md new file mode 100644 index 000000000000..3dbfc85fe11d --- /dev/null +++ b/shared/dataflow/change-notes/released/0.2.1.md @@ -0,0 +1,3 @@ +## 0.2.1 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 5274e27ed522..df29a726bccc 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.0 +lastReleaseVersion: 0.2.1 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 1e7becf71c4f..ee422e02ea9a 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.1-dev +version: 0.2.1 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 4d09057118ce..4730366775ea 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.10.md b/shared/mad/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/mad/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 22c8f271ccc6..6d7269ef3da8 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 5b8dbcfab22c..9943dcb79727 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.9.md b/shared/rangeanalysis/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 836fe51ee344..01db5d5734d0 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.9-dev +version: 0.0.9 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index cd5f91f71ec1..c05869c153d3 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.10.md b/shared/regex/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/regex/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index ea3f7f9b2389..0d4f485312f7 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 01acfae01489..a9161ff578b0 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.10.md b/shared/ssa/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/ssa/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 19304ad107f1..2ad254711a50 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index fba2a8703562..a59e560c4155 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.9.md b/shared/threat-models/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/shared/threat-models/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index d0ed9a913b21..60cbbc56fcb3 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.9-dev +version: 0.0.9 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 1db3a01af0b1..560ad058d5b3 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.10.md b/shared/tutorial/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/tutorial/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index b595ae9ee70a..69116705c1bf 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index afc857bc6bce..350f9ecbeae0 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.10.md b/shared/typetracking/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/typetracking/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index b55927f59bb7..fbbdcf5162a1 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 66c5871d9821..54b1eaa4d589 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.10.md b/shared/typos/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/typos/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 644bfe11bff7..4d59d9b3c342 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 63832e927fa5..1ca1f71bcbc2 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.10.md b/shared/util/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/util/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index ca1a866a53d4..28ed738a93dd 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index e5495abcd503..9fd5ebc26ab2 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.10 + +No user-facing changes. + ## 0.2.9 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.10.md b/shared/yaml/change-notes/released/0.2.10.md new file mode 100644 index 000000000000..81c9722b19fe --- /dev/null +++ b/shared/yaml/change-notes/released/0.2.10.md @@ -0,0 +1,3 @@ +## 0.2.10 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index d021cf0a6bed..a71167814cb7 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.9 +lastReleaseVersion: 0.2.10 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index de5b47e120ae..9643ffcec66b 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.10-dev +version: 0.2.10 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e88cd0259ccf..8f14bfcedc9c 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.3.10 + +### Bug Fixes + +* Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. + ## 0.3.9 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/2024-02-22-extension-patch.md b/swift/ql/lib/change-notes/released/0.3.10.md similarity index 83% rename from swift/ql/lib/change-notes/2024-02-22-extension-patch.md rename to swift/ql/lib/change-notes/released/0.3.10.md index 7bd78f3b785c..9d6286ff58a7 100644 --- a/swift/ql/lib/change-notes/2024-02-22-extension-patch.md +++ b/swift/ql/lib/change-notes/released/0.3.10.md @@ -1,4 +1,5 @@ ---- -category: fix ---- +## 0.3.10 + +### Bug Fixes + * Fixed an issue where `TypeDecl.getFullName` would get stuck in an loop and fail when minor database inconsistencies are present. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 3fa5180bcb49..76ca0ac8ba76 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.9 +lastReleaseVersion: 0.3.10 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index a37a4cb3d580..70ec4798ea85 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.10-dev +version: 0.3.10 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 96615d069729..bda9834c9bca 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.3.10 + +No user-facing changes. + ## 0.3.9 ### New Queries diff --git a/swift/ql/src/change-notes/released/0.3.10.md b/swift/ql/src/change-notes/released/0.3.10.md new file mode 100644 index 000000000000..925a48fc52e0 --- /dev/null +++ b/swift/ql/src/change-notes/released/0.3.10.md @@ -0,0 +1,3 @@ +## 0.3.10 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 3fa5180bcb49..76ca0ac8ba76 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.9 +lastReleaseVersion: 0.3.10 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index e3ead42c98bf..ba66b065529b 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.10-dev +version: 0.3.10 groups: - swift - queries From dc9092c9ec2cdda8188e9e44d8d51d2a0c6b6cc9 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 6 Mar 2024 22:19:33 +0000 Subject: [PATCH 12/12] Post-release preparation for codeql-cli-2.16.4 --- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 33 files changed, 33 insertions(+), 33 deletions(-) diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 3bb9229bf94d..8b17a050d82a 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.7 +version: 0.12.8-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4052647bb97f..49eb255cc8f7 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.6 +version: 0.9.7-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index ee993bed0c91..3e8792bce0ec 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.10 +version: 1.7.11-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 1f421754fc82..c67ab9130a0e 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.10 +version: 1.7.11-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 93c5c1120a24..a67b40f744f1 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.10 +version: 0.8.11-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 46384094b19e..a2148a361570 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.10 +version: 0.8.11-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index d5a2fbee5f19..e82c98f52cb3 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.9 +version: 0.0.10-dev groups: - go - queries diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 8cc190fa880a..54b284e7ee58 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.10 +version: 0.7.11-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 4ded3a52f63e..c89aacb8aa22 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.10 +version: 0.7.11-dev groups: - go - queries diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 59fab0cdcc53..8064163f5ccc 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.17 +version: 0.0.18-dev groups: - java - automodel diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 428eedc75e3d..ed83a620d20a 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.10 +version: 0.8.11-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index ebbdbeee3b2c..d7612d9da676 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.10 +version: 0.8.11-dev groups: - java - queries diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index da16493a21c9..30fa7de41986 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.10 +version: 0.8.11-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index d224952c5641..01a3e8a0841d 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.10 +version: 0.8.11-dev groups: - javascript - queries diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 54d978d5efe7..5d8225b2e0b6 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.10 +version: 0.7.11-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 59a8b4c96d17..daab6a412065 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.10 +version: 0.11.11-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index c920f667836b..5b641a329cb2 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.10 +version: 0.9.11-dev groups: - python - queries diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index de5b41999fe1..81695d545ec2 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.10 +version: 0.8.11-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 5e3792682346..65e81bf2ba28 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.10 +version: 0.8.11-dev groups: - ruby - queries diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 1d43802be421..19c95747294b 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.10 +version: 0.1.11-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index ee422e02ea9a..4e896e9ae020 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.2.1 +version: 0.2.2-dev groups: shared library: true dependencies: diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 6d7269ef3da8..e3d2ccaf7483 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 01db5d5734d0..6a528c17637e 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.9 +version: 0.0.10-dev groups: shared library: true dependencies: diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 0d4f485312f7..8717c5b8a730 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true dependencies: diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 2ad254711a50..656662e9061e 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 60cbbc56fcb3..ece8f74f701c 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.9 +version: 0.0.10-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 69116705c1bf..b1f2b729a851 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fbbdcf5162a1..efca17020697 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true dependencies: diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 4d59d9b3c342..76434dcb21cd 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 28ed738a93dd..f4d51c896ce6 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true dependencies: null diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 9643ffcec66b..41f2bc851fd8 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.10 +version: 0.2.11-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 70ec4798ea85..673004b5172b 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.10 +version: 0.3.11-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index ba66b065529b..11192f11d8b8 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.10 +version: 0.3.11-dev groups: - swift - queries