diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 646199bb39c8..c66bc4a45524 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.4.1 + +No user-facing changes. + ## 1.4.0 ### New Features diff --git a/cpp/ql/lib/change-notes/released/1.4.1.md b/cpp/ql/lib/change-notes/released/1.4.1.md new file mode 100644 index 000000000000..38987aa49cd0 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/1.4.1.md @@ -0,0 +1,3 @@ +## 1.4.1 + +No user-facing changes. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index b8b2e97d5086..43ccf4467bed 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.0 +lastReleaseVersion: 1.4.1 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 830e4f754084..0db1f9e8036b 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 1.4.1-dev +version: 1.4.1 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 25e322a99b75..d5e4575e097c 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.2.1 + +### Minor Analysis Improvements + +* The `cpp/uncontrolled-allocation-size` ("Uncontrolled allocation size") query now considers arithmetic operations that might reduce the size of user input as a barrier. The query therefore produces fewer false positive results. + ## 1.2.0 ### Query Metadata Changes diff --git a/cpp/ql/src/change-notes/2024-08-16-uncontrolled-allocation-size.md b/cpp/ql/src/change-notes/released/1.2.1.md similarity index 70% rename from cpp/ql/src/change-notes/2024-08-16-uncontrolled-allocation-size.md rename to cpp/ql/src/change-notes/released/1.2.1.md index 4d0d05933634..c7f2fafb36b9 100644 --- a/cpp/ql/src/change-notes/2024-08-16-uncontrolled-allocation-size.md +++ b/cpp/ql/src/change-notes/released/1.2.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* The `cpp/uncontrolled-allocation-size` ("Uncontrolled allocation size") query now considers arithmetic operations that might reduce the size of user input as a barrier. The query therefore produces fewer false positive results. \ No newline at end of file +## 1.2.1 + +### Minor Analysis Improvements + +* The `cpp/uncontrolled-allocation-size` ("Uncontrolled allocation size") query now considers arithmetic operations that might reduce the size of user input as a barrier. The query therefore produces fewer false positive results. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 75430e73d1c4..73dd403938c9 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.0 +lastReleaseVersion: 1.2.1 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 13d1448bf8d3..a0728a2475b5 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.2.1-dev +version: 1.2.1 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index eb7af5234e3c..18779106c780 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.23 + +No user-facing changes. + ## 1.7.22 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.23.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.23.md new file mode 100644 index 000000000000..97c0d95c5c38 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.23.md @@ -0,0 +1,3 @@ +## 1.7.23 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 6a79a0ec163e..55921f9b14ab 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.22 +lastReleaseVersion: 1.7.23 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 07db663f549d..0c04b5292ef7 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.23-dev +version: 1.7.23 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index eb7af5234e3c..18779106c780 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.23 + +No user-facing changes. + ## 1.7.22 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.23.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.23.md new file mode 100644 index 000000000000..97c0d95c5c38 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.23.md @@ -0,0 +1,3 @@ +## 1.7.23 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 6a79a0ec163e..55921f9b14ab 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.22 +lastReleaseVersion: 1.7.23 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 880aae8371f4..83d083f56c22 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.23-dev +version: 1.7.23 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 50a19e99d36a..a2aaab7a5426 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 1.1.0 + +### Major Analysis Improvements + +* Added support for data flow through side-effects on static fields. For example, when a static field containing an array is updated. + +### Minor Analysis Improvements + +* Added some new `local` source models. Most prominently `System.IO.Path.GetTempPath` and `System.Environment.GetFolderPath`. This might produce more alerts, if the `local` threat model is enabled. +* The extractor has been changed to not skip source files that have already been seen. This has an impact on source files that are compiled multiple times in the build process. Source files with conditional compilation preprocessor directives (such as `#if`) are now extracted for each set of preprocessor symbols that are used during the build process. + ## 1.0.5 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/2024-05-23-static-field-side-effect.md b/csharp/ql/lib/change-notes/2024-05-23-static-field-side-effect.md deleted file mode 100644 index f41dfab76d45..000000000000 --- a/csharp/ql/lib/change-notes/2024-05-23-static-field-side-effect.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Added support for data flow through side-effects on static fields. For example, when a static field containing an array is updated. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2024-07-10-conditional-compilation.md b/csharp/ql/lib/change-notes/2024-07-10-conditional-compilation.md deleted file mode 100644 index a4a59b2abea7..000000000000 --- a/csharp/ql/lib/change-notes/2024-07-10-conditional-compilation.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The extractor has been changed to not skip source files that have already been seen. This has an impact on source files that are compiled multiple times in the build process. Source files with conditional compilation preprocessor directives (such as `#if`) are now extracted for each set of preprocessor symbols that are used during the build process. diff --git a/csharp/ql/lib/change-notes/2024-07-19-added-sources.md b/csharp/ql/lib/change-notes/2024-07-19-added-sources.md deleted file mode 100644 index 43e7b947a989..000000000000 --- a/csharp/ql/lib/change-notes/2024-07-19-added-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added some new `local` source models. Most prominently `System.IO.Path.GetTempPath` and `System.Environment.GetFolderPath`. This might produce more alerts, if the `local` threat model is enabled. diff --git a/csharp/ql/lib/change-notes/released/1.1.0.md b/csharp/ql/lib/change-notes/released/1.1.0.md new file mode 100644 index 000000000000..a02581a221b7 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/1.1.0.md @@ -0,0 +1,10 @@ +## 1.1.0 + +### Major Analysis Improvements + +* Added support for data flow through side-effects on static fields. For example, when a static field containing an array is updated. + +### Minor Analysis Improvements + +* Added some new `local` source models. Most prominently `System.IO.Path.GetTempPath` and `System.Environment.GetFolderPath`. This might produce more alerts, if the `local` threat model is enabled. +* The extractor has been changed to not skip source files that have already been seen. This has an impact on source files that are compiled multiple times in the build process. Source files with conditional compilation preprocessor directives (such as `#if`) are now extracted for each set of preprocessor symbols that are used during the build process. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 42da17b38415..2ac15439f561 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.1.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 2bba2984c8f7..75d559a215d2 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 1.0.6-dev +version: 1.1.0 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index bd25f8118dd5..1b1d04129e2f 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 1.0.6 + +### Minor Analysis Improvements + +* Attributes in the `System.Runtime.CompilerServices` namespace are ignored when checking if a declaration requires documentation comments. +* C# build-mode `none` analyses now report a warning on the CodeQL status page when there are significant analysis problems -- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. + ## 1.0.5 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2024-08-07-db-quality-diagnostic.md b/csharp/ql/src/change-notes/2024-08-07-db-quality-diagnostic.md deleted file mode 100644 index a22d136ce8bf..000000000000 --- a/csharp/ql/src/change-notes/2024-08-07-db-quality-diagnostic.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# build-mode `none` analyses now report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. \ No newline at end of file diff --git a/csharp/ql/src/change-notes/2024-08-12-doc-comments.md b/csharp/ql/src/change-notes/2024-08-12-doc-comments.md deleted file mode 100644 index e4c49351f3a3..000000000000 --- a/csharp/ql/src/change-notes/2024-08-12-doc-comments.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Attributes in the `System.Runtime.CompilerServices` namespace are ignored when checking if a declaration requires documentation comments. \ No newline at end of file diff --git a/csharp/ql/src/change-notes/released/1.0.6.md b/csharp/ql/src/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..c14546428239 --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.0.6.md @@ -0,0 +1,6 @@ +## 1.0.6 + +### Minor Analysis Improvements + +* Attributes in the `System.Runtime.CompilerServices` namespace are ignored when checking if a declaration requires documentation comments. +* C# build-mode `none` analyses now report a warning on the CodeQL status page when there are significant analysis problems -- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 51699111e25f..975b56f78e4d 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.6-dev +version: 1.0.6 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 2e7162889c38..6976ee14e273 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.6.md b/go/ql/consistency-queries/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 17f966d2c413..aaa6fc16d08b 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.6-dev +version: 1.0.6 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 41cfec4595ef..d44205e61f71 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,21 @@ +## 1.1.5 + +### Minor Analysis Improvements + +* Local source models for reading and parsing environment variables have been added for the following libraries: + - os + - syscall + - github.com/caarlos0/env + - github.com/gobuffalo/envy + - github.com/hashicorp/go-envparse + - github.com/joho/godotenv + - github.com/kelseyhightower/envconfig +* Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models). + +### Bug Fixes + +* Fixed an issue where `io/ioutil.WriteFile`'s non-path arguments incorrectly generated `go/path-injection` alerts when untrusted data was written to a file, or controlled the file's mode. + ## 1.1.4 No user-facing changes. diff --git a/go/ql/lib/change-notes/2024-08-12-add-environment-models.md b/go/ql/lib/change-notes/2024-08-12-add-environment-models.md deleted file mode 100644 index c511718475d5..000000000000 --- a/go/ql/lib/change-notes/2024-08-12-add-environment-models.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -category: minorAnalysis ---- -* Local source models for reading and parsing environment variables have been added for the following libraries: - - os - - syscall - - github.com/caarlos0/env - - github.com/gobuffalo/envy - - github.com/hashicorp/go-envparse - - github.com/joho/godotenv - - github.com/kelseyhightower/envconfig diff --git a/go/ql/lib/change-notes/2024-08-24-ioutil-fix.md b/go/ql/lib/change-notes/2024-08-24-ioutil-fix.md deleted file mode 100644 index 68e480fd35a6..000000000000 --- a/go/ql/lib/change-notes/2024-08-24-ioutil-fix.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- -* Fixed an issue where `io/ioutil.WriteFile`'s non-path arguments incorrectly generated `go/path-injection` alerts when untrusted data was written to a file, or controlled the file's mode. - diff --git a/go/ql/lib/change-notes/2024-08-12-add-file-models.md b/go/ql/lib/change-notes/released/1.1.5.md similarity index 58% rename from go/ql/lib/change-notes/2024-08-12-add-file-models.md rename to go/ql/lib/change-notes/released/1.1.5.md index eed216dd3614..6f2221304e9e 100644 --- a/go/ql/lib/change-notes/2024-08-12-add-file-models.md +++ b/go/ql/lib/change-notes/released/1.1.5.md @@ -1,4 +1,17 @@ ---- -category: minorAnalysis ---- +## 1.1.5 + +### Minor Analysis Improvements + +* Local source models for reading and parsing environment variables have been added for the following libraries: + - os + - syscall + - github.com/caarlos0/env + - github.com/gobuffalo/envy + - github.com/hashicorp/go-envparse + - github.com/joho/godotenv + - github.com/kelseyhightower/envconfig * Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models). + +### Bug Fixes + +* Fixed an issue where `io/ioutil.WriteFile`'s non-path arguments incorrectly generated `go/path-injection` alerts when untrusted data was written to a file, or controlled the file's mode. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 26cbcd3f123b..df39a9de059d 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.4 +lastReleaseVersion: 1.1.5 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 5d56d0ecc731..cc840ed3854b 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 1.1.5-dev +version: 1.1.5 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 36470f89ebab..88ad1b3ceec0 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.0.6.md b/go/ql/src/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/go/ql/src/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 4df9de83c212..8129981ba0af 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.0.6-dev +version: 1.0.6 groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 7dc759d1ac6f..3d5fc1f22298 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/1.0.6.md b/java/ql/automodel/src/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index fd277afd1d7c..0bc0c8b24ac5 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 1.0.6-dev +version: 1.0.6 groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2dd89daf33f6..608f229f028c 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,15 @@ +## 3.0.1 + +### Minor Analysis Improvements + +* Threat-model for `System.in` changed from `commandargs` to newly created `stdin` (both subgroups of `local`). + +### Bug Fixes + +* Fixed an issue where analysis in `build-mode: none` may very occasionally throw a `CoderMalfunctionError` while resolving dependencies provided by a build system (Maven or Gradle), which could cause some dependency resolution and consequently alerts to vary unpredictably from one run to another. +* Fixed an issue where Java analysis in `build-mode: none` would fail to resolve dependencies using the `executable-war` Maven artifact type. +* Fixed an issue where analysis in `build-mode: none` may fail to resolve dependencies of Gradle projects where the dependency uses a non-empty artifact classifier -- for example, `someproject-1.2.3-tests.jar`, which has the classifier `tests`. + ## 3.0.0 ### Breaking Changes diff --git a/java/ql/lib/change-notes/2024-08-09-buildless-executable-war.md b/java/ql/lib/change-notes/2024-08-09-buildless-executable-war.md deleted file mode 100644 index 96088e505329..000000000000 --- a/java/ql/lib/change-notes/2024-08-09-buildless-executable-war.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed an issue where Java analysis in `build-mode: none` would fail to resolve dependencies using the `executable-war` Maven artifact type. diff --git a/java/ql/lib/change-notes/2024-08-09-buildless-gradle-classifiers.md b/java/ql/lib/change-notes/2024-08-09-buildless-gradle-classifiers.md deleted file mode 100644 index d8ed932ecf2d..000000000000 --- a/java/ql/lib/change-notes/2024-08-09-buildless-gradle-classifiers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed an issue where analysis in `build-mode: none` may fail to resolve dependencies of Gradle projects where the dependency uses a non-empty artifact classifier -- for example, `someproject-1.2.3-tests.jar`, which has the classifier `tests`. diff --git a/java/ql/lib/change-notes/2024-08-13-stdin-threat-model.md b/java/ql/lib/change-notes/2024-08-13-stdin-threat-model.md deleted file mode 100644 index 93d456dc2a30..000000000000 --- a/java/ql/lib/change-notes/2024-08-13-stdin-threat-model.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Threat-model for `System.in` changed from `commandargs` to newly created `stdin` (both subgroups of `local`). diff --git a/java/ql/lib/change-notes/2024-08-14-buildless-coder-malfunction.md b/java/ql/lib/change-notes/2024-08-14-buildless-coder-malfunction.md deleted file mode 100644 index a84fec4c8f11..000000000000 --- a/java/ql/lib/change-notes/2024-08-14-buildless-coder-malfunction.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Fixed an issue where analysis in `build-mode: none` may very occasionally throw a `CoderMalfunctionError` while resolving dependencies provided by a build system (Maven or Gradle), which could cause some dependency resolution and consequently alerts to vary unpredictably from one run to another. diff --git a/java/ql/lib/change-notes/released/3.0.1.md b/java/ql/lib/change-notes/released/3.0.1.md new file mode 100644 index 000000000000..6c67dd0d9bf2 --- /dev/null +++ b/java/ql/lib/change-notes/released/3.0.1.md @@ -0,0 +1,11 @@ +## 3.0.1 + +### Minor Analysis Improvements + +* Threat-model for `System.in` changed from `commandargs` to newly created `stdin` (both subgroups of `local`). + +### Bug Fixes + +* Fixed an issue where analysis in `build-mode: none` may very occasionally throw a `CoderMalfunctionError` while resolving dependencies provided by a build system (Maven or Gradle), which could cause some dependency resolution and consequently alerts to vary unpredictably from one run to another. +* Fixed an issue where Java analysis in `build-mode: none` would fail to resolve dependencies using the `executable-war` Maven artifact type. +* Fixed an issue where analysis in `build-mode: none` may fail to resolve dependencies of Gradle projects where the dependency uses a non-empty artifact classifier -- for example, `someproject-1.2.3-tests.jar`, which has the classifier `tests`. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 33d3a2cd1139..e3b15d965db6 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.0.0 +lastReleaseVersion: 3.0.1 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 3b1e06d84aec..9fcae1be43eb 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 3.0.1-dev +version: 3.0.1 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 464768e3a7fc..f40eb15e63e9 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.3 + +No user-facing changes. + ## 1.1.2 ### Minor Analysis Improvements diff --git a/java/ql/src/change-notes/released/1.1.3.md b/java/ql/src/change-notes/released/1.1.3.md new file mode 100644 index 000000000000..e8f1701bd624 --- /dev/null +++ b/java/ql/src/change-notes/released/1.1.3.md @@ -0,0 +1,3 @@ +## 1.1.3 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 53ab127707fc..35e710ab1bf0 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.2 +lastReleaseVersion: 1.1.3 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 32442dbf4d62..6cde17b60a0e 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.1.3-dev +version: 1.1.3 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 134bbe39a693..301a52e0d9d6 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.3 + +No user-facing changes. + ## 1.1.2 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/1.1.3.md b/javascript/ql/lib/change-notes/released/1.1.3.md new file mode 100644 index 000000000000..e8f1701bd624 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/1.1.3.md @@ -0,0 +1,3 @@ +## 1.1.3 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 53ab127707fc..35e710ab1bf0 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.2 +lastReleaseVersion: 1.1.3 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 0a9adfd363ab..42774a82e85d 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 1.1.3-dev +version: 1.1.3 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index af1e040cc44a..a5f03a2f00e8 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,11 @@ +## 1.1.2 + +### Minor Analysis Improvements + +* Message events in the browser are now properly classified as client-side taint sources. Previously they were + incorrectly classified as server-side taint sources, which resulted in some alerts being reported by + the wrong query, such as server-side URL redirection instead of client-side URL redirection. + ## 1.1.1 No user-facing changes. diff --git a/javascript/ql/src/change-notes/2024-08-16-post-message-source-client-side.md b/javascript/ql/src/change-notes/released/1.1.2.md similarity index 87% rename from javascript/ql/src/change-notes/2024-08-16-post-message-source-client-side.md rename to javascript/ql/src/change-notes/released/1.1.2.md index 0866061c3bdc..1f410e20195b 100644 --- a/javascript/ql/src/change-notes/2024-08-16-post-message-source-client-side.md +++ b/javascript/ql/src/change-notes/released/1.1.2.md @@ -1,6 +1,7 @@ ---- -category: minorAnalysis ---- +## 1.1.2 + +### Minor Analysis Improvements + * Message events in the browser are now properly classified as client-side taint sources. Previously they were incorrectly classified as server-side taint sources, which resulted in some alerts being reported by the wrong query, such as server-side URL redirection instead of client-side URL redirection. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 1a19084be3f7..53ab127707fc 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.1 +lastReleaseVersion: 1.1.2 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 9932097414b7..fe53021b0d94 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.1.2-dev +version: 1.1.2 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 5e4196ac3372..66b29a94c278 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.6.md b/misc/suite-helpers/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index baedc3f13a1e..c3a108828106 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.6-dev +version: 1.0.6 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 87cbf5bfda15..588534dbe81a 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/released/1.0.6.md b/python/ql/lib/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/python/ql/lib/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 81d09c13b5d3..f96c4ffe0767 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 1.0.6-dev +version: 1.0.6 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 318971129253..88f9c1e5fa02 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.2.0 + +### New Queries + +* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being set without the `Secure`, `HttpOnly`, or `SameSite` attributes set to secure values. + ## 1.1.0 ### New Queries diff --git a/python/ql/src/change-notes/2024-07-23-insecure-cookie-promotion.md b/python/ql/src/change-notes/released/1.2.0.md similarity index 85% rename from python/ql/src/change-notes/2024-07-23-insecure-cookie-promotion.md rename to python/ql/src/change-notes/released/1.2.0.md index 370fe162290e..10a582953683 100644 --- a/python/ql/src/change-notes/2024-07-23-insecure-cookie-promotion.md +++ b/python/ql/src/change-notes/released/1.2.0.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- -* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being set without the `Secure`, `HttpOnly`, or `SameSite` attributes set to secure values. \ No newline at end of file +## 1.2.0 + +### New Queries + +* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being set without the `Secure`, `HttpOnly`, or `SameSite` attributes set to secure values. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 2ac15439f561..75430e73d1c4 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.2.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index d244f5dd13d7..f466064bdaf9 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.1.1-dev +version: 1.2.0 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 4d575d4ef0f3..d0d039c5bc60 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/1.0.6.md b/ruby/ql/lib/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index ecda3a78e654..12e6145cde4b 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 1.0.6-dev +version: 1.0.6 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 37101f41c704..fc4544acada8 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.1 + +No user-facing changes. + ## 1.1.0 ### New Queries diff --git a/ruby/ql/src/change-notes/released/1.1.1.md b/ruby/ql/src/change-notes/released/1.1.1.md new file mode 100644 index 000000000000..7fb56d366105 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.1.1.md @@ -0,0 +1,3 @@ +## 1.1.1 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 2ac15439f561..1a19084be3f7 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.1.1 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index ada2d7236d09..c4a7f239e670 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.1.1-dev +version: 1.1.1 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index f62d99b8a599..38127a99b3fb 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/1.0.6.md b/shared/controlflow/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/controlflow/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index b610d434e33e..adc815189754 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 0a94e1b80ec2..84b64cbc6eaa 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.0 + +### Deprecated APIs + +* The source/sink grouping feature of the data flow library has been removed. It was introduced primarily for debugging, but has not proven useful. + ## 1.0.5 No user-facing changes. diff --git a/shared/dataflow/change-notes/2024-08-20-remove-srcsink-grouping.md b/shared/dataflow/change-notes/released/1.1.0.md similarity index 82% rename from shared/dataflow/change-notes/2024-08-20-remove-srcsink-grouping.md rename to shared/dataflow/change-notes/released/1.1.0.md index ba3e86b720f9..44897538158e 100644 --- a/shared/dataflow/change-notes/2024-08-20-remove-srcsink-grouping.md +++ b/shared/dataflow/change-notes/released/1.1.0.md @@ -1,4 +1,5 @@ ---- -category: deprecated ---- +## 1.1.0 + +### Deprecated APIs + * The source/sink grouping feature of the data flow library has been removed. It was introduced primarily for debugging, but has not proven useful. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 42da17b38415..2ac15439f561 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.1.0 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 6bc83bb51643..36b88fe930ee 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 1.0.6-dev +version: 1.1.0 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 0bf218b96568..0a7df5106a12 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.6.md b/shared/mad/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 8568e62a12b6..00705b111316 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index f445578246d1..efa13cf50bc2 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.6.md b/shared/rangeanalysis/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 4a9285c82ec6..e5950297314f 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 78f8369e7396..92db438ed2f6 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.6.md b/shared/regex/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 39a0ce407686..d581b02a8a1d 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index f41fc9a7fe7e..27b5d839dc1a 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.6.md b/shared/ssa/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/ssa/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index ef726856cfb6..b9f9493484c0 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 2e7162889c38..6976ee14e273 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.6.md b/shared/threat-models/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index aa7f4f989fdc..886d7c97770e 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.6-dev +version: 1.0.6 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index f20cfe347d73..a1da8419af70 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.6.md b/shared/tutorial/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index e0516acd41d9..723ed36b4b4f 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 7ba137cbf536..9eedb855a5ae 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.6.md b/shared/typeflow/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 0681ba518257..68f2725581e5 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 77d9b6f4fcf5..712c3146f53b 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/1.0.6.md b/shared/typetracking/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/typetracking/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index da304ceb020f..a617c9f0abda 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index f8ac1347b0f9..968e737bdc47 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.6.md b/shared/typos/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index bc581f54edf7..5ba50ebea977 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index e44386743adc..d316357e0397 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/util/change-notes/released/1.0.6.md b/shared/util/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/util/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 38a2417c1c2f..500e4730ddfd 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 1b292c168764..ba782d716469 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.6.md b/shared/xml/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 6c62493a3c8d..6b55ad64714f 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 064f83a6efd6..e9239e16de76 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.6 + +No user-facing changes. + ## 1.0.5 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.6.md b/shared/yaml/change-notes/released/1.0.6.md new file mode 100644 index 000000000000..e5e80a3b3f14 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.6.md @@ -0,0 +1,3 @@ +## 1.0.6 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 5fc9dd318df7..3f140588def7 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.6-dev +version: 1.0.6 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index b8e0122e0a0e..f1e051b1bcb9 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.2 + +No user-facing changes. + ## 1.1.1 ### Minor Analysis Improvements diff --git a/swift/ql/lib/change-notes/released/1.1.2.md b/swift/ql/lib/change-notes/released/1.1.2.md new file mode 100644 index 000000000000..ce8d2c1a4f37 --- /dev/null +++ b/swift/ql/lib/change-notes/released/1.1.2.md @@ -0,0 +1,3 @@ +## 1.1.2 + +No user-facing changes. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 1a19084be3f7..53ab127707fc 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.1 +lastReleaseVersion: 1.1.2 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 49920fff3037..344577f08767 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 1.1.2-dev +version: 1.1.2 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index e33d96f63f5a..8ced5909fd02 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.0.6 + +### Minor Analysis Improvements + +* False positive results from the `swift/cleartext-transmission` ("Cleartext transmission of sensitive information") query involving `tel:`, `mailto:` and similar URLs have been fixed. + ## 1.0.5 ### Minor Analysis Improvements diff --git a/swift/ql/src/change-notes/2024-08-12-cleartext-transmission.md b/swift/ql/src/change-notes/released/1.0.6.md similarity index 81% rename from swift/ql/src/change-notes/2024-08-12-cleartext-transmission.md rename to swift/ql/src/change-notes/released/1.0.6.md index d8f3f3d16d5d..93df2cccfdb3 100644 --- a/swift/ql/src/change-notes/2024-08-12-cleartext-transmission.md +++ b/swift/ql/src/change-notes/released/1.0.6.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.0.6 + +### Minor Analysis Improvements + * False positive results from the `swift/cleartext-transmission` ("Cleartext transmission of sensitive information") query involving `tel:`, `mailto:` and similar URLs have been fixed. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 42da17b38415..8033d980afa0 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.6 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 5941fbe1954d..49b89fbc9fbc 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.6-dev +version: 1.0.6 groups: - swift - queries