diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index ffe1cba82818..0ae66461fc7e 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.21 + +No user-facing changes. + ## 0.4.20 No user-facing changes. diff --git a/actions/ql/lib/change-notes/released/0.4.21.md b/actions/ql/lib/change-notes/released/0.4.21.md new file mode 100644 index 000000000000..4457437acf28 --- /dev/null +++ b/actions/ql/lib/change-notes/released/0.4.21.md @@ -0,0 +1,3 @@ +## 0.4.21 + +No user-facing changes. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 380b2d094239..eb3b038a7159 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.20 +lastReleaseVersion: 0.4.21 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 295d925c3189..7671d59ddc06 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.21-dev +version: 0.4.22-dev library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index c7253227b7c3..b26f2472b1db 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.13 + +No user-facing changes. + ## 0.6.12 No user-facing changes. diff --git a/actions/ql/src/change-notes/released/0.6.13.md b/actions/ql/src/change-notes/released/0.6.13.md new file mode 100644 index 000000000000..0dad2009c46d --- /dev/null +++ b/actions/ql/src/change-notes/released/0.6.13.md @@ -0,0 +1,3 @@ +## 0.6.13 + +No user-facing changes. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index 28c22ccab7cb..4568aee7f4f4 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.12 +lastReleaseVersion: 0.6.13 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index b612696b8162..b11eab521ebb 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.13-dev +version: 0.6.14-dev library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 0f158cd3fb5b..450185adf894 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 6.1.0 + +### New Features + +* New predicates `getAnExpandedArgument` and `getExpandedArgument` were added to the `Compilation` class, yielding compilation arguments after expansion of response files. + +### Bug Fixes + +* Improve performance of the range analysis in cases where it would otherwise take an exorbitant amount of time. + ## 6.0.1 No user-facing changes. @@ -259,8 +269,8 @@ No user-facing changes. ### Breaking Changes -* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`. -* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`. +* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`. +* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`. * Deleted the deprecated `hasQualifiedName` and `isDefined` predicates from the `Declaration` class, use `hasGlobalName` and `hasDefinition` respectively instead. * Deleted the `getFullSignature` predicate from the `Function` class, use `getIdentityString(Declaration)` from `semmle.code.cpp.Print` instead. * Deleted the deprecated `freeCall` predicate from `Alloc.qll`. Use `DeallocationExpr` instead. @@ -294,7 +304,7 @@ No user-facing changes. * A `getTemplateClass` predicate was added to the `DeductionGuide` class to get the class template for which the deduction guide is a guide. * An `isExplicit` predicate was added to the `Function` class that determines whether the function was declared as explicit. * A `getExplicitExpr` predicate was added to the `Function` class that yields the constant boolean expression (if any) that conditionally determines whether the function is explicit. -* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete. +* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete. ### Minor Analysis Improvements @@ -372,9 +382,9 @@ No user-facing changes. ### New Features * Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field. -* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant. +* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant. * Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant. -* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant. +* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant. * Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant. * Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement. @@ -490,7 +500,7 @@ No user-facing changes. * Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as non-returning in the IR and dataflow. * Treat functions that reach the end of the function as returning in the IR. - They used to be treated as unreachable but it is allowed in C. + They used to be treated as unreachable but it is allowed in C. * The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly. ## 0.9.3 @@ -539,7 +549,7 @@ No user-facing changes. ### New Features -* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`. +* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`. Hence it is no longer needed to provide `none()` implementations of these predicates if they are not needed. ### Minor Analysis Improvements @@ -733,7 +743,7 @@ No user-facing changes. ### Deprecated APIs -* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide. +* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide. The old name still exists as a deprecated alias. ### New Features @@ -750,7 +760,7 @@ No user-facing changes. ### Deprecated APIs -* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide. +* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide. The old name still exists as a deprecated alias. ### New Features @@ -849,7 +859,7 @@ No user-facing changes. ### Deprecated APIs -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. The old name still exists as a deprecated alias. ### New Features diff --git a/cpp/ql/lib/change-notes/2025-11-11-range-analysis-performance.md b/cpp/ql/lib/change-notes/2025-11-11-range-analysis-performance.md deleted file mode 100644 index f24ab4b87fec..000000000000 --- a/cpp/ql/lib/change-notes/2025-11-11-range-analysis-performance.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Improve performance of the range analysis in cases where it would otherwise take an exorbitant amount of time. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2025-11-13-expanded.md b/cpp/ql/lib/change-notes/released/6.1.0.md similarity index 52% rename from cpp/ql/lib/change-notes/2025-11-13-expanded.md rename to cpp/ql/lib/change-notes/released/6.1.0.md index 82d0a1f51057..a904793a03f2 100644 --- a/cpp/ql/lib/change-notes/2025-11-13-expanded.md +++ b/cpp/ql/lib/change-notes/released/6.1.0.md @@ -1,4 +1,9 @@ ---- -category: feature ---- +## 6.1.0 + +### New Features + * New predicates `getAnExpandedArgument` and `getExpandedArgument` were added to the `Compilation` class, yielding compilation arguments after expansion of response files. + +### Bug Fixes + +* Improve performance of the range analysis in cases where it would otherwise take an exorbitant amount of time. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index d1f3c68c8120..22247782f3e5 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.0.1 +lastReleaseVersion: 6.1.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8b2113533238..febb297cb8da 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 6.0.2-dev +version: 6.1.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 880cab8a58de..58677d61a2a1 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.4 + +No user-facing changes. + ## 1.5.3 No user-facing changes. diff --git a/cpp/ql/src/change-notes/released/1.5.4.md b/cpp/ql/src/change-notes/released/1.5.4.md new file mode 100644 index 000000000000..5ff5ac8ebb7c --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.5.4.md @@ -0,0 +1,3 @@ +## 1.5.4 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 232224b0e267..c216828ee1c3 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.3 +lastReleaseVersion: 1.5.4 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 39cdb717ca7d..1e30e25da037 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.5.4-dev +version: 1.5.5-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index a25c349e35ee..de67deb4d32e 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.52 + +No user-facing changes. + ## 1.7.51 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.52.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.52.md new file mode 100644 index 000000000000..07bec2a826a4 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.52.md @@ -0,0 +1,3 @@ +## 1.7.52 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 26376c0cebb2..31d9cd574dd0 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.51 +lastReleaseVersion: 1.7.52 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 7877ad717e23..177b79ef6b83 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.52-dev +version: 1.7.53-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index a25c349e35ee..de67deb4d32e 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.52 + +No user-facing changes. + ## 1.7.51 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.52.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.52.md new file mode 100644 index 000000000000..07bec2a826a4 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.52.md @@ -0,0 +1,3 @@ +## 1.7.52 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 26376c0cebb2..31d9cd574dd0 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.51 +lastReleaseVersion: 1.7.52 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 6427ecbb9358..7b065e193b68 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.52-dev +version: 1.7.53-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 20b1c03d7222..dbaa58119a4f 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,17 @@ +## 5.4.0 + +### Deprecated APIs + +* `ControlFlowElement.controlsBlock` has been deprecated in favor of the Guards library. + +### New Features + +* Initial support for incremental C# databases via `codeql database create --overlay-base`/`--overlay-changes`. + +### Minor Analysis Improvements + +* Updated *roslyn* and *binlog* dependencies in the extractor, which may improve database and analysis quality. + ## 5.3.0 ### Deprecated APIs @@ -143,7 +157,7 @@ No user-facing changes. * Added `remote` flow source models for properties of Blazor components annotated with any of the following attributes from `Microsoft.AspNetCore.Components`: - `[SupplyParameterFromForm]` - `[SupplyParameterFromQuery]` -* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`. +* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`. * Added flow summaries for the `Microsoft.AspNetCore.Mvc.Controller::View` method. * The data flow library has been updated to track types in a slightly different way: The type of the tainted data (which may be stored into fields, etc.) is tracked more precisely, while the types of intermediate containers for nested contents is tracked less precisely. This may have a slight effect on false positives for complex flow paths. * The C# extractor now supports *basic* extraction of .NET 9 projects. There might be limited support for extraction of code using the new C# 13 language features. @@ -163,7 +177,7 @@ No user-facing changes. - `System.Web.HttpUtility::ParseQueryString` - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseQuery` - `Microsoft.AspNetCore.WebUtilities.QueryHelpers::ParseNullableQuery` -* Added `js-interop` sinks for the `InvokeAsync` and `InvokeVoidAsync` methods of `Microsoft.JSInterop.IJSRuntime`, which can run arbitrary JavaScript. +* Added `js-interop` sinks for the `InvokeAsync` and `InvokeVoidAsync` methods of `Microsoft.JSInterop.IJSRuntime`, which can run arbitrary JavaScript. ## 3.1.1 @@ -201,8 +215,8 @@ No user-facing changes. ### Breaking Changes -* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`. -* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`. +* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`. +* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`. * Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration` instead. ### Minor Analysis Improvements @@ -451,7 +465,7 @@ No user-facing changes. ### New Features -* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`. +* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`. Hence it is no longer needed to provide `none()` implementations of these predicates if they are not needed. ### Minor Analysis Improvements @@ -586,7 +600,7 @@ No user-facing changes. * Attributes on methods in CIL are now extracted (Bugfix). * Support for `static virtual` and `static abstract` interface members. -* Support for *operators* in interface definitions. +* Support for *operators* in interface definitions. * C# 11: Added support for the unsigned right shift `>>>` and unsigned right shift assignment `>>>=` operators. * Query id's have been aligned such that they are prefixed with `cs` instead of `csharp`. @@ -626,13 +640,13 @@ No user-facing changes. ### Minor Analysis Improvements * `DateTime` expressions are now considered simple type sanitizers. This affects a wide range of security queries. -* ASP.NET Core controller definition has been made more precise. The amount of introduced taint sources or eliminated false positives should be low though, since the most common pattern is to derive all user defined ASP.NET Core controllers from the standard Controller class, which is not affected. +* ASP.NET Core controller definition has been made more precise. The amount of introduced taint sources or eliminated false positives should be low though, since the most common pattern is to derive all user defined ASP.NET Core controllers from the standard Controller class, which is not affected. ## 0.4.0 ### Deprecated APIs -* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide. +* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide. The old name still exists as a deprecated alias. ### Bug Fixes @@ -645,7 +659,7 @@ No user-facing changes. ### Deprecated APIs -* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide. +* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide. The old name still exists as a deprecated alias. ### Minor Analysis Improvements @@ -692,7 +706,7 @@ No user-facing changes. ### Deprecated APIs -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. The old name still exists as a deprecated alias. ### New Features diff --git a/csharp/ql/lib/change-notes/2025-10-04-deprecate-controlsblock.md b/csharp/ql/lib/change-notes/2025-10-04-deprecate-controlsblock.md deleted file mode 100644 index a3c69932917d..000000000000 --- a/csharp/ql/lib/change-notes/2025-10-04-deprecate-controlsblock.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* `ControlFlowElement.controlsBlock` has been deprecated in favor of the Guards library. diff --git a/csharp/ql/lib/change-notes/2025-10-30-overlay-compilation-and-extraction.md b/csharp/ql/lib/change-notes/2025-10-30-overlay-compilation-and-extraction.md deleted file mode 100644 index 0f5005a22a2f..000000000000 --- a/csharp/ql/lib/change-notes/2025-10-30-overlay-compilation-and-extraction.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: feature ---- - -* Initial support for incremental C# databases via `codeql database create --overlay-base`/`--overlay-changes`. diff --git a/csharp/ql/lib/change-notes/2025-11-03-roslyn-and-binlog.md b/csharp/ql/lib/change-notes/2025-11-03-roslyn-and-binlog.md deleted file mode 100644 index 92231d3be2fc..000000000000 --- a/csharp/ql/lib/change-notes/2025-11-03-roslyn-and-binlog.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Updated *roslyn* and *binlog* dependencies in the extractor, which may improve database and analysis quality. diff --git a/csharp/ql/lib/change-notes/released/5.3.0.md b/csharp/ql/lib/change-notes/released/5.3.0.md index 144f8bf26332..fa3053625757 100644 --- a/csharp/ql/lib/change-notes/released/5.3.0.md +++ b/csharp/ql/lib/change-notes/released/5.3.0.md @@ -6,7 +6,7 @@ ### Major Analysis Improvements -* The representation of the C# control-flow graph has been significantly changed. This has minor effects on a wide range of queries including both minor improvements and minor regressions, for example, improved precision has been observed for `cs/inefficient-containskey` and `cs/stringbuilder-creation-in-loop`. Two queries stand out as being significantly affected with great improvements: `cs/dereferenced-value-may-be-null` has been completely rewritten which removes a very significant number of false positives. Furthermore, `cs/constant-condition` has been updated to report many new results - these new results are primarily expected to be true positives, but a few new false positives are expected as well. As part of these changes, `cs/dereferenced-value-may-be-null` has been changed from a `path-problem` query to a `problem` query, so paths are no longer reported for this query. +* The representation of the C# control-flow graph has been significantly changed. This has minor effects on a wide range of queries including both minor improvements and minor regressions. For example, improved precision has been observed for `cs/inefficient-containskey` and `cs/stringbuilder-creation-in-loop`. Two queries stand out as being significantly affected with great improvements: `cs/dereferenced-value-may-be-null` has been completely rewritten which removes a very significant number of false positives. Furthermore, `cs/constant-condition` has been updated to report many new results - these new results are primarily expected to be true positives, but a few new false positives are expected as well. As part of these changes, `cs/dereferenced-value-may-be-null` has been changed from a `path-problem` query to a `problem` query, so paths are no longer reported for this query. ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/released/5.4.0.md b/csharp/ql/lib/change-notes/released/5.4.0.md new file mode 100644 index 000000000000..478e6deb4141 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/5.4.0.md @@ -0,0 +1,13 @@ +## 5.4.0 + +### Deprecated APIs + +* `ControlFlowElement.controlsBlock` has been deprecated in favor of the Guards library. + +### New Features + +* Initial support for incremental C# databases via `codeql database create --overlay-base`/`--overlay-changes`. + +### Minor Analysis Improvements + +* Updated *roslyn* and *binlog* dependencies in the extractor, which may improve database and analysis quality. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index b0a1c83e5bc9..afb2156eaa2b 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.3.0 +lastReleaseVersion: 5.4.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 3ecdad08291b..7ea21611edc5 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.3.1-dev +version: 5.4.1-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 8993b4535436..fcf727fac490 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 1.5.0 + +### New Queries + +* The `cs/web/cookie-secure-not-set` and `cs/web/cookie-httponly-not-set` queries have been promoted from experimental to the main query pack. + +### Minor Analysis Improvements + +* An improvement to the Guards library for recognizing disjunctions means improved precision for `cs/constant-condition`, `cs/inefficient-containskey`, and `cs/dereferenced-value-may-be-null`. The two former can have additional findings, and the latter will have fewer false positives. + ## 1.4.3 ### Minor Analysis Improvements @@ -170,7 +180,7 @@ No user-facing changes. ### Minor Analysis Improvements -* C#: The method `string.ReplaceLineEndings(string)` is now considered a sanitizer for the `cs/log-forging` query. +* C#: The method `string.ReplaceLineEndings(string)` is now considered a sanitizer for the `cs/log-forging` query. ## 1.0.10 @@ -284,7 +294,7 @@ No user-facing changes. ### Minor Analysis Improvements -* Fixed a Log forging false positive when using `String.Replace` to sanitize the input. +* Fixed a Log forging false positive when using `String.Replace` to sanitize the input. * Fixed a URL redirection from remote source false positive when guarding a redirect with `HttpRequestBase.IsUrlLocalToHost()` ## 0.8.5 diff --git a/csharp/ql/src/change-notes/2025-10-24-insecure-cookie-query-promote.md b/csharp/ql/src/change-notes/2025-10-24-insecure-cookie-query-promote.md deleted file mode 100644 index 6b3d8d5b2590..000000000000 --- a/csharp/ql/src/change-notes/2025-10-24-insecure-cookie-query-promote.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* The `cs/web/cookie-secure-not-set` and `cs/web/cookie-httponly-not-set` queries have been promoted from experimental to the main query pack. diff --git a/csharp/ql/src/change-notes/released/1.0.11.md b/csharp/ql/src/change-notes/released/1.0.11.md index 9d2720380a06..d5c9f149c41d 100644 --- a/csharp/ql/src/change-notes/released/1.0.11.md +++ b/csharp/ql/src/change-notes/released/1.0.11.md @@ -2,4 +2,4 @@ ### Minor Analysis Improvements -* C#: The method `string.ReplaceLineEndings(string)` is now considered a sanitizer for the `cs/log-forging` query. +* C#: The method `string.ReplaceLineEndings(string)` is now considered a sanitizer for the `cs/log-forging` query. diff --git a/csharp/ql/src/change-notes/released/1.4.3.md b/csharp/ql/src/change-notes/released/1.4.3.md index 1a022f2462d4..b3427ec89067 100644 --- a/csharp/ql/src/change-notes/released/1.4.3.md +++ b/csharp/ql/src/change-notes/released/1.4.3.md @@ -2,4 +2,4 @@ ### Minor Analysis Improvements -* the `cs/web/missing-x-frame-options` query now correctly handles configuration nested in root `` elements. +* The `cs/web/missing-x-frame-options` query now correctly handles configuration nested in root `` elements. diff --git a/csharp/ql/src/change-notes/2025-11-14-guards-disjunctive.md b/csharp/ql/src/change-notes/released/1.5.0.md similarity index 58% rename from csharp/ql/src/change-notes/2025-11-14-guards-disjunctive.md rename to csharp/ql/src/change-notes/released/1.5.0.md index 015f16f8d091..16106aaca11f 100644 --- a/csharp/ql/src/change-notes/2025-11-14-guards-disjunctive.md +++ b/csharp/ql/src/change-notes/released/1.5.0.md @@ -1,4 +1,9 @@ ---- -category: minorAnalysis ---- +## 1.5.0 + +### New Queries + +* The `cs/web/cookie-secure-not-set` and `cs/web/cookie-httponly-not-set` queries have been promoted from experimental to the main query pack. + +### Minor Analysis Improvements + * An improvement to the Guards library for recognizing disjunctions means improved precision for `cs/constant-condition`, `cs/inefficient-containskey`, and `cs/dereferenced-value-may-be-null`. The two former can have additional findings, and the latter will have fewer false positives. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 08f88b689fb6..639f80c43417 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.3 +lastReleaseVersion: 1.5.0 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 2597e99f55b6..a4033c362f05 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.4.4-dev +version: 1.5.1-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 870695d684ce..c27711a0c4c8 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.35.md b/go/ql/consistency-queries/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index be82fc786d23..e7707ebbfe0a 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.35-dev +version: 1.0.36-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index e2d2a71f6bd0..553cccf4eab8 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,12 @@ +## 5.0.2 + +### Bug Fixes + +* Some fixes relating to use of path transformers when extracting a database: + * Fixed a problem where the path transformer would be ignored when extracting older codebases that predate the use of Go modules. + * The environment variable `CODEQL_PATH_TRANSFORMER` is now recognized, in addition to `SEMMLE_PATH_TRANSFORMER`. + * Fixed some cases where the extractor emitted paths without applying the path transformer. + ## 5.0.1 No user-facing changes. diff --git a/go/ql/lib/change-notes/2025-11-11-path-transformer.md b/go/ql/lib/change-notes/released/5.0.2.md similarity index 94% rename from go/ql/lib/change-notes/2025-11-11-path-transformer.md rename to go/ql/lib/change-notes/released/5.0.2.md index c36cf8fb83e6..1c95b433daca 100644 --- a/go/ql/lib/change-notes/2025-11-11-path-transformer.md +++ b/go/ql/lib/change-notes/released/5.0.2.md @@ -1,6 +1,7 @@ ---- -category: fix ---- +## 5.0.2 + +### Bug Fixes + * Some fixes relating to use of path transformers when extracting a database: * Fixed a problem where the path transformer would be ignored when extracting older codebases that predate the use of Go modules. * The environment variable `CODEQL_PATH_TRANSFORMER` is now recognized, in addition to `SEMMLE_PATH_TRANSFORMER`. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index ae7df5e18b78..3940dee0f32d 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.0.1 +lastReleaseVersion: 5.0.2 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 058e65978f23..97c351dfe8a1 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 5.0.2-dev +version: 5.0.3-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 786164b5fe4a..82f6633fef9c 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.4.9 + +No user-facing changes. + ## 1.4.8 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.4.9.md b/go/ql/src/change-notes/released/1.4.9.md new file mode 100644 index 000000000000..23b8222662cd --- /dev/null +++ b/go/ql/src/change-notes/released/1.4.9.md @@ -0,0 +1,3 @@ +## 1.4.9 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 16e6425ae7e4..c1bf629045f1 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.8 +lastReleaseVersion: 1.4.9 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 4a0baaa78369..1a6c47319a2a 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.4.9-dev +version: 1.4.10-dev groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index e261dbee59e9..10dfe5ce35b3 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 7.7.4 + +No user-facing changes. + ## 7.7.3 No user-facing changes. diff --git a/java/ql/lib/change-notes/released/7.7.4.md b/java/ql/lib/change-notes/released/7.7.4.md new file mode 100644 index 000000000000..47cd244f7892 --- /dev/null +++ b/java/ql/lib/change-notes/released/7.7.4.md @@ -0,0 +1,3 @@ +## 7.7.4 + +No user-facing changes. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 6856106e7719..7b894469209e 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.7.3 +lastReleaseVersion: 7.7.4 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index bcfc194a4cbb..5d14d9b313ae 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 7.7.4-dev +version: 7.7.5-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index ed02fdc5bb2a..9e82554241e8 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 1.10.0 + +### Query Metadata Changes + +* Reduced the `security-severity` score of the `java/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. +* Reduced the `security-severity` score of the `java/insecure-cookie` query from 5.0 to 4.0 to better reflect its impact. + ## 1.9.0 ### New Queries diff --git a/java/ql/src/change-notes/2025-10-22-adjust-query-severity.md b/java/ql/src/change-notes/released/1.10.0.md similarity index 66% rename from java/ql/src/change-notes/2025-10-22-adjust-query-severity.md rename to java/ql/src/change-notes/released/1.10.0.md index 61cc9402a786..6cfa49bc2c4e 100644 --- a/java/ql/src/change-notes/2025-10-22-adjust-query-severity.md +++ b/java/ql/src/change-notes/released/1.10.0.md @@ -1,5 +1,6 @@ ---- -category: queryMetadata ---- +## 1.10.0 + +### Query Metadata Changes + * Reduced the `security-severity` score of the `java/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. -* Reduced the `security-severity` score of the `java/insecure-cookie` query from 5.0 to 4.0 to better reflect its impact. \ No newline at end of file +* Reduced the `security-severity` score of the `java/insecure-cookie` query from 5.0 to 4.0 to better reflect its impact. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index df17dc3a3662..753e9ac28449 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.9.0 +lastReleaseVersion: 1.10.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 98f0bdd57106..f1a422dcfa92 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.9.1-dev +version: 1.10.1-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 9f27fdae99c4..7ec6b99fd998 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.6.15 + +No user-facing changes. + ## 2.6.14 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/2.6.15.md b/javascript/ql/lib/change-notes/released/2.6.15.md new file mode 100644 index 000000000000..f69028c68915 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.6.15.md @@ -0,0 +1,3 @@ +## 2.6.15 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 022aeff4e02f..cafb64b87929 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.14 +lastReleaseVersion: 2.6.15 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index bd19febdfaa6..b0c7e2e1e121 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.15-dev +version: 2.6.16-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 4a453506818e..f52156dc1b9c 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.2.0 + +### Query Metadata Changes + +* Increased the `security-severity` score of the `js/xss-through-dom` query from 6.1 to 7.8 to align with other XSS queries. +* Reduced the `security-severity` score of the `js/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. + ## 2.1.3 No user-facing changes. diff --git a/javascript/ql/src/change-notes/2025-10-22-adjust-query-severity.md b/javascript/ql/src/change-notes/released/2.2.0.md similarity index 66% rename from javascript/ql/src/change-notes/2025-10-22-adjust-query-severity.md rename to javascript/ql/src/change-notes/released/2.2.0.md index ca81037f44bc..6a60b337eef2 100644 --- a/javascript/ql/src/change-notes/2025-10-22-adjust-query-severity.md +++ b/javascript/ql/src/change-notes/released/2.2.0.md @@ -1,5 +1,6 @@ ---- -category: queryMetadata ---- +## 2.2.0 + +### Query Metadata Changes + * Increased the `security-severity` score of the `js/xss-through-dom` query from 6.1 to 7.8 to align with other XSS queries. -* Reduced the `security-severity` score of the `js/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. \ No newline at end of file +* Reduced the `security-severity` score of the `js/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 345fb0c73a44..2f3083541950 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.3 +lastReleaseVersion: 2.2.0 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 93dd9cf7ae7c..3716fa82c2fb 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.1.4-dev +version: 2.2.1-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 203d289a6734..b273c2953fd3 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.35.md b/misc/suite-helpers/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index e3283b5dc3f9..350d555bf574 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.35-dev +version: 1.0.36-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index df8a66ca0e62..67b8cece8211 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 5.0.0 + +### Breaking Changes + +- The classes `ControlFlowNode`, `Expr`, and `Module` no longer expose predicates that invoke the points-to analysis. To access these predicates, import the module `LegacyPointsTo` and follow the instructions given therein. + ## 4.1.0 ### New Features diff --git a/python/ql/lib/change-notes/2025-10-30-remove-points-to-from-cfg-and-expr.md b/python/ql/lib/change-notes/released/5.0.0.md similarity index 87% rename from python/ql/lib/change-notes/2025-10-30-remove-points-to-from-cfg-and-expr.md rename to python/ql/lib/change-notes/released/5.0.0.md index 9b8eef6bcbae..ae6a34880e01 100644 --- a/python/ql/lib/change-notes/2025-10-30-remove-points-to-from-cfg-and-expr.md +++ b/python/ql/lib/change-notes/released/5.0.0.md @@ -1,5 +1,5 @@ ---- -category: breaking ---- +## 5.0.0 + +### Breaking Changes - The classes `ControlFlowNode`, `Expr`, and `Module` no longer expose predicates that invoke the points-to analysis. To access these predicates, import the module `LegacyPointsTo` and follow the instructions given therein. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index d5b1bf88d10e..c9e54136ca5c 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 4.1.0 +lastReleaseVersion: 5.0.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index bb28a8f63157..7f4e67a5cbf6 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 4.1.1-dev +version: 5.0.1-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 65fd05e047b9..1496c93adc72 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.7.0 + +### Query Metadata Changes + +* Reduced the `security-severity` score of the `py/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. + ## 1.6.8 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/2025-10-22-adjust-query-severity.md b/python/ql/src/change-notes/2025-10-22-adjust-query-severity.md deleted file mode 100644 index bc314358a6f8..000000000000 --- a/python/ql/src/change-notes/2025-10-22-adjust-query-severity.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Reduced the `security-severity` score of the `py/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. \ No newline at end of file diff --git a/python/ql/src/change-notes/released/1.7.0.md b/python/ql/src/change-notes/released/1.7.0.md new file mode 100644 index 000000000000..92850b2e4649 --- /dev/null +++ b/python/ql/src/change-notes/released/1.7.0.md @@ -0,0 +1,5 @@ +## 1.7.0 + +### Query Metadata Changes + +* Reduced the `security-severity` score of the `py/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index fbc11aa62b75..d1184cc67507 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.8 +lastReleaseVersion: 1.7.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 7280bbcb67c9..40cb22f102a3 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.6.9-dev +version: 1.7.1-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index a99e40177893..1a4f011d531c 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 5.1.3 + +No user-facing changes. + ## 5.1.2 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/5.1.3.md b/ruby/ql/lib/change-notes/released/5.1.3.md new file mode 100644 index 000000000000..9af1eab14f34 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/5.1.3.md @@ -0,0 +1,3 @@ +## 5.1.3 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index d21c12fbe7fb..8ffbc76d58a0 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.2 +lastReleaseVersion: 5.1.3 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 3a400018dec5..99ffc1da075d 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.3-dev +version: 5.1.4-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 282fd2846352..300aa213b5d1 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.5.0 + +### Query Metadata Changes + +* Reduced the `security-severity` score of the `rb/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. + ## 1.4.8 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2025-10-22-adjust-query-severity.md b/ruby/ql/src/change-notes/2025-10-22-adjust-query-severity.md deleted file mode 100644 index 4da73769e279..000000000000 --- a/ruby/ql/src/change-notes/2025-10-22-adjust-query-severity.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* Reduced the `security-severity` score of the `rb/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/released/1.5.0.md b/ruby/ql/src/change-notes/released/1.5.0.md new file mode 100644 index 000000000000..491a3bf9ee42 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.5.0.md @@ -0,0 +1,5 @@ +## 1.5.0 + +### Query Metadata Changes + +* Reduced the `security-severity` score of the `rb/overly-large-range` query from 5.0 to 4.0 to better reflect its impact. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 16e6425ae7e4..639f80c43417 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.8 +lastReleaseVersion: 1.5.0 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 37c9e4be5221..81ee5e4f3790 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.4.9-dev +version: 1.5.1-dev groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 7e8575b03be4..7dd8b44f124d 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.1.20 + +### Minor Analysis Improvements + +* Added models for cookie methods in the `poem` crate. + ## 0.1.19 ### Major Analysis Improvements diff --git a/rust/ql/lib/change-notes/2025-11-05-poem.md b/rust/ql/lib/change-notes/released/0.1.20.md similarity index 55% rename from rust/ql/lib/change-notes/2025-11-05-poem.md rename to rust/ql/lib/change-notes/released/0.1.20.md index b71e52a81397..12d4a7a3d5ac 100644 --- a/rust/ql/lib/change-notes/2025-11-05-poem.md +++ b/rust/ql/lib/change-notes/released/0.1.20.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.1.20 + +### Minor Analysis Improvements + * Added models for cookie methods in the `poem` crate. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index de6e4c490684..9910e8d039f3 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.19 +lastReleaseVersion: 0.1.20 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 3c045cd83e56..bbd3b4da4b5c 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.1.20-dev +version: 0.1.21-dev groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 2b0c54fc057e..d292205bfdcd 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.1.20 + +### Minor Analysis Improvements + +* Taint flow barriers have been added to the `rust/regex-injection`, `rust/sql-injection` and `rust/log-injection`, reducing the frequency of false positive results for these queries. + ## 0.1.19 ### Minor Analysis Improvements diff --git a/rust/ql/src/change-notes/2025-10-31-barriers.md b/rust/ql/src/change-notes/released/0.1.20.md similarity index 80% rename from rust/ql/src/change-notes/2025-10-31-barriers.md rename to rust/ql/src/change-notes/released/0.1.20.md index 1504380d8d03..a29940bfb7cf 100644 --- a/rust/ql/src/change-notes/2025-10-31-barriers.md +++ b/rust/ql/src/change-notes/released/0.1.20.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.1.20 + +### Minor Analysis Improvements + * Taint flow barriers have been added to the `rust/regex-injection`, `rust/sql-injection` and `rust/log-injection`, reducing the frequency of false positive results for these queries. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index de6e4c490684..9910e8d039f3 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.19 +lastReleaseVersion: 0.1.20 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index a26c9d35de5d..557990e8f369 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.20-dev +version: 0.1.21-dev groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index 4d0898b90e46..ab7c158c25b5 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.9 + +No user-facing changes. + ## 0.0.8 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.9.md b/shared/concepts/change-notes/released/0.0.9.md new file mode 100644 index 000000000000..c9e17c6d6cf2 --- /dev/null +++ b/shared/concepts/change-notes/released/0.0.9.md @@ -0,0 +1,3 @@ +## 0.0.9 + +No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index 58fdc6b45deb..ecdd64fbab86 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.8 +lastReleaseVersion: 0.0.9 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index f76c1f2ae45d..a6f2253b7127 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.9-dev +version: 0.0.10-dev groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index c5b9b9d696ab..d2961b514834 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.19 + +No user-facing changes. + ## 2.0.18 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.19.md b/shared/controlflow/change-notes/released/2.0.19.md new file mode 100644 index 000000000000..b37b6798b125 --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.19.md @@ -0,0 +1,3 @@ +## 2.0.19 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 16342205c738..4aecf1e1f86f 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.18 +lastReleaseVersion: 2.0.19 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index fdf7de8e6a70..aa9beb00dc76 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.19-dev +version: 2.0.20-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index f963117ea88f..ff6b9243d64a 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.19 + +No user-facing changes. + ## 2.0.18 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.0.19.md b/shared/dataflow/change-notes/released/2.0.19.md new file mode 100644 index 000000000000..b37b6798b125 --- /dev/null +++ b/shared/dataflow/change-notes/released/2.0.19.md @@ -0,0 +1,3 @@ +## 2.0.19 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 16342205c738..4aecf1e1f86f 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.18 +lastReleaseVersion: 2.0.19 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 7f969fdef424..ba23cda97ca2 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.0.19-dev +version: 2.0.20-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index b0b444f8c414..b5ca37028e4c 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.35.md b/shared/mad/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 13a5b8507b36..579802e08f3a 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index 83a42fb05515..29ece641a7e3 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.13 + +No user-facing changes. + ## 0.0.12 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.13.md b/shared/quantum/change-notes/released/0.0.13.md new file mode 100644 index 000000000000..f679eaf0313a --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.13.md @@ -0,0 +1,3 @@ +## 0.0.13 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index 997fb8da83cd..044e54e4f7e5 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.13 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index 0cc0fbad9065..bd398ce4e038 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.13-dev +version: 0.0.14-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 640d26270e1f..f433c424cfeb 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.35.md b/shared/rangeanalysis/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 24b697d1f49a..1483733e8e37 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 1e3fb3c306c9..69cf5cdad0ec 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.35.md b/shared/regex/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index f66b9d743f6f..8d95fbccbda3 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 2d8087cd96c8..5cbc5a2ebca7 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.11 + +No user-facing changes. + ## 2.0.10 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.11.md b/shared/ssa/change-notes/released/2.0.11.md new file mode 100644 index 000000000000..b3d110bcba50 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.11.md @@ -0,0 +1,3 @@ +## 2.0.11 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 96ea0220a690..3cbe73b4cadc 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.10 +lastReleaseVersion: 2.0.11 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 0aada9508eea..4fa7f6e64220 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.11-dev +version: 2.0.12-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 870695d684ce..c27711a0c4c8 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.35.md b/shared/threat-models/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 4bb9cb4cb5f9..33680c17c7a0 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.35-dev +version: 1.0.36-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 23fd78f42e58..33db936cccce 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.35.md b/shared/tutorial/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index fa53c0be99f3..225922fa95a1 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index d95faf698642..04ce591c7d2e 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.35.md b/shared/typeflow/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 94cae6f26a66..baec0554bd8d 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index 4f4b3189bb41..28235d47f61f 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.16 + +No user-facing changes. + ## 0.0.15 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.16.md b/shared/typeinference/change-notes/released/0.0.16.md new file mode 100644 index 000000000000..62b5521ea013 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.16.md @@ -0,0 +1,3 @@ +## 0.0.16 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index dff35216fc69..a49f7be4cff3 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.15 +lastReleaseVersion: 0.0.16 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 000088497029..4bd6beec446d 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.16-dev +version: 0.0.17-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 4edafe872909..0d3ff4a1df1d 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.19 + +No user-facing changes. + ## 2.0.18 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.19.md b/shared/typetracking/change-notes/released/2.0.19.md new file mode 100644 index 000000000000..b37b6798b125 --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.19.md @@ -0,0 +1,3 @@ +## 2.0.19 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 16342205c738..4aecf1e1f86f 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.18 +lastReleaseVersion: 2.0.19 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 0c5881829119..bd32acdd76e1 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.19-dev +version: 2.0.20-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 9fbdb39d4931..e38e1645eb5c 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.35.md b/shared/typos/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index b876c84bbe37..752d11a2bc8c 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 88679dd68468..13de50b73212 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.22 + +No user-facing changes. + ## 2.0.21 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.22.md b/shared/util/change-notes/released/2.0.22.md new file mode 100644 index 000000000000..8a2611adad2d --- /dev/null +++ b/shared/util/change-notes/released/2.0.22.md @@ -0,0 +1,3 @@ +## 2.0.22 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index a572e88bffd4..980bdfe195ba 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.21 +lastReleaseVersion: 2.0.22 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 4d4b671071ee..47b84b65ff2f 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.22-dev +version: 2.0.23-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index ff67592d22ba..25cba5db417f 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.35.md b/shared/xml/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 40a7eadd8285..744b7a72909c 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index fb623a1f26cf..daf8d92d00ae 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.35 + +No user-facing changes. + ## 1.0.34 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.35.md b/shared/yaml/change-notes/released/1.0.35.md new file mode 100644 index 000000000000..c539ed2d3b13 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.35.md @@ -0,0 +1,3 @@ +## 1.0.35 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index b736654032cf..9493cf42a28b 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.34 +lastReleaseVersion: 1.0.35 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index a1af32ac0796..f905e7abee4f 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.35-dev +version: 1.0.36-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index b1b958708e0c..a1224ca4a8c9 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 6.1.0 + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.2.1. + ## 6.0.0 ### Breaking Changes diff --git a/swift/ql/lib/change-notes/2025-10-22-swift-6.2.1.md b/swift/ql/lib/change-notes/released/6.1.0.md similarity index 51% rename from swift/ql/lib/change-notes/2025-10-22-swift-6.2.1.md rename to swift/ql/lib/change-notes/released/6.1.0.md index 42a738ff746d..2c16ed106e6f 100644 --- a/swift/ql/lib/change-notes/2025-10-22-swift-6.2.1.md +++ b/swift/ql/lib/change-notes/released/6.1.0.md @@ -1,4 +1,5 @@ ---- -category: majorAnalysis ---- +## 6.1.0 + +### Major Analysis Improvements + * Upgraded to allow analysis of Swift 6.2.1. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index f8c4fa43ccb7..22247782f3e5 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.0.0 +lastReleaseVersion: 6.1.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index ba8c8aac0443..a35a1836ed14 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.0.1-dev +version: 6.1.1-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 99b5491b9dbb..ac02b32dc565 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.2.9 + +No user-facing changes. + ## 1.2.8 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.2.9.md b/swift/ql/src/change-notes/released/1.2.9.md new file mode 100644 index 000000000000..a928703e4be4 --- /dev/null +++ b/swift/ql/src/change-notes/released/1.2.9.md @@ -0,0 +1,3 @@ +## 1.2.9 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index a49a92ee5abd..96443e87f0d8 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.8 +lastReleaseVersion: 1.2.9 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index d5a55b365f1e..d7584e3ed16c 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.2.9-dev +version: 1.2.10-dev groups: - swift - queries