diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 387f55a3e2e0..319e78ac20b0 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.3 + +No user-facing changes. + ## 0.5.2 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/released/0.5.3.md b/cpp/ql/lib/change-notes/released/0.5.3.md new file mode 100644 index 000000000000..e97503053f02 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.5.3.md @@ -0,0 +1,3 @@ +## 0.5.3 + +No user-facing changes. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 239e5ad00557..4eff7132f6ca 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.5.3-dev +version: 0.5.3 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 8b2bc6c1be0a..f0364b77bab6 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.3 + +No user-facing changes. + ## 0.5.2 No user-facing changes. diff --git a/cpp/ql/src/change-notes/released/0.5.3.md b/cpp/ql/src/change-notes/released/0.5.3.md new file mode 100644 index 000000000000..e97503053f02 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.5.3.md @@ -0,0 +1,3 @@ +## 0.5.3 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index fb977480f050..227e7e4036d2 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.5.3-dev +version: 0.5.3 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 3137a84a4355..3d63162ca4d6 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.4.3 + +No user-facing changes. + ## 1.4.2 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.4.3.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.4.3.md new file mode 100644 index 000000000000..abf2a0d4dcce --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.4.3.md @@ -0,0 +1,3 @@ +## 1.4.3 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index a76cacdf7997..08f88b689fb6 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.2 +lastReleaseVersion: 1.4.3 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 4655f3d59390..8dea74ded80a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.4.3-dev +version: 1.4.3 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 3137a84a4355..3d63162ca4d6 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.4.3 + +No user-facing changes. + ## 1.4.2 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.4.3.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.4.3.md new file mode 100644 index 000000000000..abf2a0d4dcce --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.4.3.md @@ -0,0 +1,3 @@ +## 1.4.3 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index a76cacdf7997..08f88b689fb6 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.2 +lastReleaseVersion: 1.4.3 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 813cb0d50ce1..526b9726aac4 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.4.3-dev +version: 1.4.3 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index d31bad9b040e..7d14d20ddbc9 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.5.3 + +### Minor Analysis Improvements + +* C# 11: Added extractor support for the `scoped` modifier annotation on parameters and local variables. + ## 0.5.2 ### Major Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2023-02-07-scoped-modifier.md b/csharp/ql/lib/change-notes/2023-02-07-scoped-modifier.md deleted file mode 100644 index 93460b641841..000000000000 --- a/csharp/ql/lib/change-notes/2023-02-07-scoped-modifier.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 11: Added extractor support for the `scoped` modifier annotation on parameters and local variables. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/released/0.5.3.md b/csharp/ql/lib/change-notes/released/0.5.3.md new file mode 100644 index 000000000000..a4f605335acd --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.5.3.md @@ -0,0 +1,5 @@ +## 0.5.3 + +### Minor Analysis Improvements + +* C# 11: Added extractor support for the `scoped` modifier annotation on parameters and local variables. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 106d566fefea..7b3d1f34c3d3 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.5.3-dev +version: 0.5.3 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index c9bdcf20c42e..15b14e1e20d8 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.3 + +No user-facing changes. + ## 0.5.2 No user-facing changes. diff --git a/csharp/ql/src/change-notes/released/0.5.3.md b/csharp/ql/src/change-notes/released/0.5.3.md new file mode 100644 index 000000000000..e97503053f02 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.5.3.md @@ -0,0 +1,3 @@ +## 0.5.3 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index b3c48bf29fe5..74689657702b 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.5.3-dev +version: 0.5.3 groups: - csharp - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 687d1d2ca663..1a5db51a5ee3 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.4.3 + +### New Features + +* Go 1.20 is now supported. The extractor now functions as expected when Go 1.20 is installed; the definition of `implementsComparable` has been updated according to Go 1.20's new, more-liberal rules; and taint flow models have been added for relevant, new standard-library functions. + +### Minor Analysis Improvements + +* Support for the Twirp framework has been added. + ## 0.4.2 No user-facing changes. diff --git a/go/ql/lib/change-notes/2023-02-01--add-support-for-twirp-framework.md b/go/ql/lib/change-notes/2023-02-01--add-support-for-twirp-framework.md deleted file mode 100644 index a5e70658c4af..000000000000 --- a/go/ql/lib/change-notes/2023-02-01--add-support-for-twirp-framework.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Support for the Twirp framework has been added. diff --git a/go/ql/lib/change-notes/2023-02-15-golang-120.md b/go/ql/lib/change-notes/2023-02-15-golang-120.md deleted file mode 100644 index 37e7433cbcb1..000000000000 --- a/go/ql/lib/change-notes/2023-02-15-golang-120.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Go 1.20 is now supported. The extractor now functions as expected when Go 1.20 is installed, the definitions of `implementsComparable` has been updated according to Go 1.20's new, more-liberal rules, and taint flow models have been added for relevant new standard library functions. diff --git a/go/ql/lib/change-notes/released/0.4.3.md b/go/ql/lib/change-notes/released/0.4.3.md new file mode 100644 index 000000000000..812c902d9bfc --- /dev/null +++ b/go/ql/lib/change-notes/released/0.4.3.md @@ -0,0 +1,9 @@ +## 0.4.3 + +### New Features + +* Go 1.20 is now supported. The extractor now functions as expected when Go 1.20 is installed; the definition of `implementsComparable` has been updated according to Go 1.20's new, more-liberal rules; and taint flow models have been added for relevant, new standard-library functions. + +### Minor Analysis Improvements + +* Support for the Twirp framework has been added. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 94c5b17423cc..1ec9c4ea5d96 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.2 +lastReleaseVersion: 0.4.3 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 7519fff5a280..c0f303848da9 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.4.3-dev +version: 0.4.3 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 7271b2529964..d7c6b659d233 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.4.3 + +### New Queries + +* Added a new query, `go/unhandled-writable-file-close`, to detect instances where writable file handles are closed without appropriate checks for errors. + +### Query Metadata Changes + +* The precision of the `go/log-injection` query was decreased from `high` to `medium`, since it may not be able to identify every way in which log data may be sanitized. This also aligns it with the precision of comparable queries for other languages. + ## 0.4.2 No user-facing changes. diff --git a/go/ql/src/change-notes/2023-02-06-unhandled-close-writable-handle.md b/go/ql/src/change-notes/2023-02-06-unhandled-close-writable-handle.md deleted file mode 100644 index a759cd48517c..000000000000 --- a/go/ql/src/change-notes/2023-02-06-unhandled-close-writable-handle.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `go/unhandled-writable-file-close`, to detect instances where writable file handles are closed without appropriate checks for errors. diff --git a/go/ql/src/change-notes/2023-02-09-log-injection-precision.md b/go/ql/src/change-notes/released/0.4.3.md similarity index 54% rename from go/ql/src/change-notes/2023-02-09-log-injection-precision.md rename to go/ql/src/change-notes/released/0.4.3.md index 668d06dbfb55..3a1f617387c6 100644 --- a/go/ql/src/change-notes/2023-02-09-log-injection-precision.md +++ b/go/ql/src/change-notes/released/0.4.3.md @@ -1,4 +1,9 @@ ---- -category: queryMetadata ---- +## 0.4.3 + +### New Queries + +* Added a new query, `go/unhandled-writable-file-close`, to detect instances where writable file handles are closed without appropriate checks for errors. + +### Query Metadata Changes + * The precision of the `go/log-injection` query was decreased from `high` to `medium`, since it may not be able to identify every way in which log data may be sanitized. This also aligns it with the precision of comparable queries for other languages. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 94c5b17423cc..1ec9c4ea5d96 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.2 +lastReleaseVersion: 0.4.3 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 191e4d8f9402..64d978e72afb 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.4.3-dev +version: 0.4.3 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 1aa4de9efe6d..a7710c105fdc 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,15 @@ +## 0.5.3 + +### New Features + +* Kotlin versions up to 1.8.20 are now supported. + +### Minor Analysis Improvements + +* Removed the first argument of `java.nio.file.Files#createTempDirectory(String,FileAttribute[])` as a "create-file" sink. +* Added the first argument of `java.nio.file.Files#copy` as a "read-file" sink for the `java/path-injection` query. +* The data flow library now disregards flow through code that is dead based on some basic constant propagation, for example, guards like `if (1+1>3)`. + ## 0.5.2 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2023-02-06-dataflow-deadcode.md b/java/ql/lib/change-notes/2023-02-06-dataflow-deadcode.md deleted file mode 100644 index d802e802a18a..000000000000 --- a/java/ql/lib/change-notes/2023-02-06-dataflow-deadcode.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The data flow library now disregards flow through code that is dead based on some basic constant propagation, for example, guards like `if (1+1>3)`. diff --git a/java/ql/lib/change-notes/2023-02-08-kotlin-1.8.20.md b/java/ql/lib/change-notes/2023-02-08-kotlin-1.8.20.md deleted file mode 100644 index f328dd7f05f1..000000000000 --- a/java/ql/lib/change-notes/2023-02-08-kotlin-1.8.20.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Kotlin versions up to 1.8.20 are now supported. diff --git a/java/ql/lib/change-notes/2023-02-13-update-create-file-sinks.md b/java/ql/lib/change-notes/2023-02-13-update-create-file-sinks.md deleted file mode 100644 index ad4f35a6421d..000000000000 --- a/java/ql/lib/change-notes/2023-02-13-update-create-file-sinks.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Removed the first argument of `java.nio.file.Files#createTempDirectory(String,FileAttribute[])` as a "create-file" sink. -* Added the first argument of `java.nio.file.Files#copy` as a "read-file" sink for the `java/path-injection` query. diff --git a/java/ql/lib/change-notes/released/0.5.3.md b/java/ql/lib/change-notes/released/0.5.3.md new file mode 100644 index 000000000000..e16561a850d5 --- /dev/null +++ b/java/ql/lib/change-notes/released/0.5.3.md @@ -0,0 +1,11 @@ +## 0.5.3 + +### New Features + +* Kotlin versions up to 1.8.20 are now supported. + +### Minor Analysis Improvements + +* Removed the first argument of `java.nio.file.Files#createTempDirectory(String,FileAttribute[])` as a "create-file" sink. +* Added the first argument of `java.nio.file.Files#copy` as a "read-file" sink for the `java/path-injection` query. +* The data flow library now disregards flow through code that is dead based on some basic constant propagation, for example, guards like `if (1+1>3)`. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 48043d91fb21..3688ef4a66c8 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.5.3-dev +version: 0.5.3 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index fe6ce573adaa..0741ea4a1a3a 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.5.3 + +### New Queries + +* Added a new query, `java/xxe-local`, which is a version of the XXE query that uses local sources (for example, reads from a local file). + +### Minor Analysis Improvements + +* The `java/index-out-of-bounds` query has improved its handling of arrays of constant length, and may report additional results in those cases. + ## 0.5.2 ### New Queries diff --git a/java/ql/src/change-notes/2023-02-06-index-out-of-bounds-constant.md b/java/ql/src/change-notes/2023-02-06-index-out-of-bounds-constant.md deleted file mode 100644 index 364dfb1ab22f..000000000000 --- a/java/ql/src/change-notes/2023-02-06-index-out-of-bounds-constant.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/index-out-of-bounds` query has improved its handling of arrays of constant length, and may report additional results in those cases. diff --git a/java/ql/src/change-notes/2023-02-09-xxe-local.md b/java/ql/src/change-notes/2023-02-09-xxe-local.md deleted file mode 100644 index fd9d7209253f..000000000000 --- a/java/ql/src/change-notes/2023-02-09-xxe-local.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `java/xxe-local`, which is a version of the XXE query that uses local sources (for example, reads from a local file). diff --git a/java/ql/src/change-notes/released/0.5.3.md b/java/ql/src/change-notes/released/0.5.3.md new file mode 100644 index 000000000000..dfd7f6d23437 --- /dev/null +++ b/java/ql/src/change-notes/released/0.5.3.md @@ -0,0 +1,9 @@ +## 0.5.3 + +### New Queries + +* Added a new query, `java/xxe-local`, which is a version of the XXE query that uses local sources (for example, reads from a local file). + +### Minor Analysis Improvements + +* The `java/index-out-of-bounds` query has improved its handling of arrays of constant length, and may report additional results in those cases. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index f1efa658670f..ac79303e9f2b 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.5.3-dev +version: 0.5.3 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 81e26afe0ea7..428036e9c45b 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.4.3 + +### Minor Analysis Improvements + +* Added dataflow sources for the [express-ws](https://www.npmjs.com/package/express-ws) library. + ## 0.4.2 ### Minor Analysis Improvements diff --git a/javascript/ql/lib/change-notes/2023-02-12-express-ws.md b/javascript/ql/lib/change-notes/2023-02-12-express-ws.md deleted file mode 100644 index f1e59ca7e1c6..000000000000 --- a/javascript/ql/lib/change-notes/2023-02-12-express-ws.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added dataflow sources for the [express-ws](https://www.npmjs.com/package/express-ws) library. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/released/0.4.3.md b/javascript/ql/lib/change-notes/released/0.4.3.md new file mode 100644 index 000000000000..03f2bdd2cf1c --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.4.3.md @@ -0,0 +1,5 @@ +## 0.4.3 + +### Minor Analysis Improvements + +* Added dataflow sources for the [express-ws](https://www.npmjs.com/package/express-ws) library. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 94c5b17423cc..1ec9c4ea5d96 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.2 +lastReleaseVersion: 0.4.3 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 8ce67542e116..a497a3694d12 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.4.3-dev +version: 0.4.3 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 192e7caf9967..7eb1ebe12bd4 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.3 + +No user-facing changes. + ## 0.5.2 No user-facing changes. diff --git a/javascript/ql/src/change-notes/released/0.5.3.md b/javascript/ql/src/change-notes/released/0.5.3.md new file mode 100644 index 000000000000..e97503053f02 --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.5.3.md @@ -0,0 +1,3 @@ +## 0.5.3 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 25edf011032c..d890538b935a 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.5.3-dev +version: 0.5.3 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 108c522a649b..e6532a3f5d89 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.3 + +No user-facing changes. + ## 0.4.2 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.4.3.md b/misc/suite-helpers/change-notes/released/0.4.3.md new file mode 100644 index 000000000000..126fb6225832 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.4.3.md @@ -0,0 +1,3 @@ +## 0.4.3 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 94c5b17423cc..1ec9c4ea5d96 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.2 +lastReleaseVersion: 0.4.3 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 6154a791ba2a..58add65b1839 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,3 +1,3 @@ name: codeql/suite-helpers -version: 0.4.3-dev +version: 0.4.3 groups: shared diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 473d1ebc67e0..c7ade22bbcbc 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,16 @@ +## 0.8.0 + +### Breaking Changes + +- Python 2 is no longer supported for extracting databases using the CodeQL CLI. As a consequence, + the previously deprecated support for `pyxl` and `spitfire` templates has also been removed. When + extracting Python 2 code, having Python 2 installed is still recommended, as this ensures the + correct version of the Python standard library is extracted. + +### Minor Analysis Improvements + +* Fixed module resolution so we properly recognize that in `from import *`, where `` is a package, the actual imports are made from the `/__init__.py` file. + ## 0.7.2 No user-facing changes. diff --git a/python/ql/lib/change-notes/2023-02-15-import-star-package.md b/python/ql/lib/change-notes/2023-02-15-import-star-package.md deleted file mode 100644 index c2f3e24cc2dd..000000000000 --- a/python/ql/lib/change-notes/2023-02-15-import-star-package.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed module resolution so we properly recognize that in `from import *`, where `` is a package, the actual imports are made from the `/__init__.py` file. diff --git a/python/ql/lib/change-notes/2023-02-14-python-2-no-longer-supported.md b/python/ql/lib/change-notes/released/0.8.0.md similarity index 59% rename from python/ql/lib/change-notes/2023-02-14-python-2-no-longer-supported.md rename to python/ql/lib/change-notes/released/0.8.0.md index a15dda02da98..16533f766b62 100644 --- a/python/ql/lib/change-notes/2023-02-14-python-2-no-longer-supported.md +++ b/python/ql/lib/change-notes/released/0.8.0.md @@ -1,7 +1,12 @@ ---- -category: breaking ---- +## 0.8.0 + +### Breaking Changes + - Python 2 is no longer supported for extracting databases using the CodeQL CLI. As a consequence, the previously deprecated support for `pyxl` and `spitfire` templates has also been removed. When extracting Python 2 code, having Python 2 installed is still recommended, as this ensures the correct version of the Python standard library is extracted. + +### Minor Analysis Improvements + +* Fixed module resolution so we properly recognize that in `from import *`, where `` is a package, the actual imports are made from the `/__init__.py` file. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index fee171e96850..37eab3197dcb 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.2 +lastReleaseVersion: 0.8.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index cc59833287a7..ca2bb693a354 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.7.3-dev +version: 0.8.0 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 6199749411d6..eace5e342049 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.3 + +No user-facing changes. + ## 0.6.2 No user-facing changes. diff --git a/python/ql/src/change-notes/released/0.6.3.md b/python/ql/src/change-notes/released/0.6.3.md new file mode 100644 index 000000000000..83374bcef56f --- /dev/null +++ b/python/ql/src/change-notes/released/0.6.3.md @@ -0,0 +1,3 @@ +## 0.6.3 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 5501a2a1cc59..b7dafe32c5d8 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.2 +lastReleaseVersion: 0.6.3 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 8f91049c4798..a29da011d40c 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.6.3-dev +version: 0.6.3 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 9c0a2e312689..3aabcb81fa70 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.5.3 + +### Minor Analysis Improvements + + * Ruby 3.1: one-line pattern matches are now supported. The AST nodes are named `TestPattern` (`expr in pattern`) and `MatchPattern` (`expr => pattern`). + ## 0.5.2 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2023-02-06-one-line-matches.md b/ruby/ql/lib/change-notes/released/0.5.3.md similarity index 78% rename from ruby/ql/lib/change-notes/2023-02-06-one-line-matches.md rename to ruby/ql/lib/change-notes/released/0.5.3.md index 3eefba83c2db..3535d0a9fa7d 100644 --- a/ruby/ql/lib/change-notes/2023-02-06-one-line-matches.md +++ b/ruby/ql/lib/change-notes/released/0.5.3.md @@ -1,4 +1,5 @@ ---- - category: minorAnalysis ---- +## 0.5.3 + +### Minor Analysis Improvements + * Ruby 3.1: one-line pattern matches are now supported. The AST nodes are named `TestPattern` (`expr in pattern`) and `MatchPattern` (`expr => pattern`). diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index b5932af8ccad..7838a425ce39 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.5.3-dev +version: 0.5.3 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 0d0783ac7350..c5329a4db5aa 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.5.3 + +### New Queries + +* Added a new query, `rb/regex/badly-anchored-regexp`, to detect regular expression validators that use `^` and `$` + as anchors and therefore might match only a single line of a multi-line string. + +### Minor Analysis Improvements + +* The `rb/polynomial-redos` query now considers the entrypoints of the API of a gem as sources. + ## 0.5.2 ### New Queries diff --git a/ruby/ql/src/change-notes/2022-10-11-poly-redos-lib.md b/ruby/ql/src/change-notes/2022-10-11-poly-redos-lib.md deleted file mode 100644 index 125f87378afd..000000000000 --- a/ruby/ql/src/change-notes/2022-10-11-poly-redos-lib.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `rb/polynomial-redos` query now considers the entrypoints of the API of a gem as sources. diff --git a/ruby/ql/src/change-notes/2023-01-06-badly-anchored-regex.md b/ruby/ql/src/change-notes/released/0.5.3.md similarity index 55% rename from ruby/ql/src/change-notes/2023-01-06-badly-anchored-regex.md rename to ruby/ql/src/change-notes/released/0.5.3.md index ab694d3106f0..e45205dbd417 100644 --- a/ruby/ql/src/change-notes/2023-01-06-badly-anchored-regex.md +++ b/ruby/ql/src/change-notes/released/0.5.3.md @@ -1,5 +1,10 @@ ---- -category: newQuery ---- +## 0.5.3 + +### New Queries + * Added a new query, `rb/regex/badly-anchored-regexp`, to detect regular expression validators that use `^` and `$` as anchors and therefore might match only a single line of a multi-line string. + +### Minor Analysis Improvements + +* The `rb/polynomial-redos` query now considers the entrypoints of the API of a gem as sources. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 2d9d3f587f82..2164e038a5d1 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.2 +lastReleaseVersion: 0.5.3 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index e054a69c412b..0c8fa047bd40 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.5.3-dev +version: 0.5.3 groups: - ruby - queries diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 6fbffd820ce6..122ab5362b6f 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.7 + +No user-facing changes. + ## 0.0.6 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.0.7.md b/shared/regex/change-notes/released/0.0.7.md new file mode 100644 index 000000000000..84da6f18c42e --- /dev/null +++ b/shared/regex/change-notes/released/0.0.7.md @@ -0,0 +1,3 @@ +## 0.0.7 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index cf398ce02aa4..a2a5484910bc 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.6 +lastReleaseVersion: 0.0.7 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 12294207f32d..4cbe36ea935c 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.0.7-dev +version: 0.0.7 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 59b8e47aca35..4f07ce5c1ec0 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.11 + +No user-facing changes. + ## 0.0.10 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.0.11.md b/shared/ssa/change-notes/released/0.0.11.md new file mode 100644 index 000000000000..19a2a55bd685 --- /dev/null +++ b/shared/ssa/change-notes/released/0.0.11.md @@ -0,0 +1,3 @@ +## 0.0.11 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index b740014e5aed..e679dc420925 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.10 +lastReleaseVersion: 0.0.11 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index fee841c9975d..754dd25d74b2 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/ssa -version: 0.0.11-dev +version: 0.0.11 groups: shared library: true diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 54503e1a4817..3db1262ff447 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.4 + +No user-facing changes. + ## 0.0.3 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.0.4.md b/shared/tutorial/change-notes/released/0.0.4.md new file mode 100644 index 000000000000..eefe286a4d88 --- /dev/null +++ b/shared/tutorial/change-notes/released/0.0.4.md @@ -0,0 +1,3 @@ +## 0.0.4 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index a24b693d1e7a..ec411a674bcd 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 9cc8b266cd13..ea8c77d9b9d4 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.0.4-dev +version: 0.0.4 groups: shared library: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index a5e0d0a4ff32..203d814ee878 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.4 + +No user-facing changes. + ## 0.0.3 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.0.4.md b/shared/typetracking/change-notes/released/0.0.4.md new file mode 100644 index 000000000000..eefe286a4d88 --- /dev/null +++ b/shared/typetracking/change-notes/released/0.0.4.md @@ -0,0 +1,3 @@ +## 0.0.4 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index a24b693d1e7a..ec411a674bcd 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 632e6e5afb35..74c76caf243b 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.0.4-dev +version: 0.0.4 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index d00e75f58950..5bfc49ecc913 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.11 + +No user-facing changes. + ## 0.0.10 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.0.11.md b/shared/typos/change-notes/released/0.0.11.md new file mode 100644 index 000000000000..19a2a55bd685 --- /dev/null +++ b/shared/typos/change-notes/released/0.0.11.md @@ -0,0 +1,3 @@ +## 0.0.11 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index b740014e5aed..e679dc420925 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.10 +lastReleaseVersion: 0.0.11 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index af24ed34a093..bfcf30b6b726 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/typos -version: 0.0.11-dev +version: 0.0.11 groups: shared library: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index f7fa0fe0e407..60892d241a6b 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.4 + +No user-facing changes. + ## 0.0.3 No user-facing changes. diff --git a/shared/util/change-notes/released/0.0.4.md b/shared/util/change-notes/released/0.0.4.md new file mode 100644 index 000000000000..eefe286a4d88 --- /dev/null +++ b/shared/util/change-notes/released/0.0.4.md @@ -0,0 +1,3 @@ +## 0.0.4 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index a24b693d1e7a..ec411a674bcd 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.3 +lastReleaseVersion: 0.0.4 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 469f40a4d3e2..e84f606de69e 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.0.4-dev +version: 0.0.4 groups: shared library: true dependencies: