зеркало из https://github.com/github/codeql.git
Merge pull request #16086 from github/post-release-prep/codeql-cli-2.17.0
Post-release preparation for codeql-cli-2.17.0
This commit is contained in:
Chuan-kai Lin
GitHub
Коммит
0bc9318400
|
|
@ -1,3 +1,18 @@
|
|||
## 0.12.10
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field.
|
||||
* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant.
|
||||
* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant.
|
||||
* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant.
|
||||
* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant.
|
||||
* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added destructors for temporary objects with extended lifetimes to the intermediate representation.
|
||||
|
||||
## 0.12.9
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added destructors for temporary objects with extended lifetimes to the intermediate representation.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant.
|
||||
* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant.
|
||||
* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field.
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
## 0.12.10
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field.
|
||||
* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant.
|
||||
* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant.
|
||||
* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant.
|
||||
* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant.
|
||||
* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added destructors for temporary objects with extended lifetimes to the intermediate representation.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.12.9
|
||||
lastReleaseVersion: 0.12.10
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/cpp-all
|
||||
version: 0.12.10-dev
|
||||
version: 0.12.11-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
|
|
|||
|
|
@ -1,3 +1,19 @@
|
|||
## 0.9.9
|
||||
|
||||
### New Queries
|
||||
|
||||
* Added a new query, `cpp/type-confusion`, to detect casts to invalid types.
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* `@precision medium` metadata was added to the `cpp/boost/tls-settings-misconfiguration` and `cpp/boost/use-of-deprecated-hardcoded-security-protocol` queries, and these queries are now included in the security-extended suite. The `@name` metadata of these queries were also updated.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The "Missing return-value check for a 'scanf'-like function" query (`cpp/missing-check-scanf`) has been converted to a `path-problem` query.
|
||||
* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) has been converted to a `path-problem` query.
|
||||
* Added models for `GLib` allocation and deallocation functions.
|
||||
|
||||
## 0.9.8
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: newQuery
|
||||
---
|
||||
* Added a new query, `cpp/type-confusion`, to detect casts to invalid types.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added models for `GLib` allocation and deallocation functions.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) has been converted to a `path-problem` query.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The "Missing return-value check for a 'scanf'-like function" query (`cpp/missing-check-scanf`) has been converted to a `path-problem` query.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* `@precision medium` metadata was added to the `cpp/boost/tls-settings-misconfiguration` and `cpp/boost/use-of-deprecated-hardcoded-security-protocol` queries, and these queries are now included in the security-extended suite. The `@name` metadata of these queries were also updated.
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
## 0.9.9
|
||||
|
||||
### New Queries
|
||||
|
||||
* Added a new query, `cpp/type-confusion`, to detect casts to invalid types.
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* `@precision medium` metadata was added to the `cpp/boost/tls-settings-misconfiguration` and `cpp/boost/use-of-deprecated-hardcoded-security-protocol` queries, and these queries are now included in the security-extended suite. The `@name` metadata of these queries were also updated.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The "Missing return-value check for a 'scanf'-like function" query (`cpp/missing-check-scanf`) has been converted to a `path-problem` query.
|
||||
* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) has been converted to a `path-problem` query.
|
||||
* Added models for `GLib` allocation and deallocation functions.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.9.8
|
||||
lastReleaseVersion: 0.9.9
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/cpp-queries
|
||||
version: 0.9.9-dev
|
||||
version: 0.9.10-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.7.13
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.7.13
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.7.12
|
||||
lastReleaseVersion: 1.7.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.13-dev
|
||||
version: 1.7.14-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.7.13
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.7.13
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.7.12
|
||||
lastReleaseVersion: 1.7.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.13-dev
|
||||
version: 1.7.14-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
|
|
|||
|
|
@ -1,3 +1,21 @@
|
|||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* The CIL extractor has been deleted and the corresponding extractor option `cil` has been removed. It is no longer possible to do CIL extraction.
|
||||
* The QL library C# classes no longer extend their corresponding `DotNet` classes. Furthermore, CIL related data flow functionality has been deleted and all `DotNet` and `CIL` related classes have been deprecated. This effectively means that it no longer has any effect to enable CIL extraction.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added new source models for the `Dapper` package. These models can be enabled by enabling the `database` threat model.
|
||||
* Additional models have been added for `System.IO`. These are primarily source models with the `file` threat model, and summaries related to reading from a file or stream.
|
||||
* Support for C# 12 / .NET8.
|
||||
* Added the `windows-registry` source kind and threat model to represent values which come from the registry on Windows.
|
||||
* The models for `System.Net.Http.HttpRequestMessage` have been modified to better model the flow of tainted URIs.
|
||||
* The .NET standard libraries APIs for accessing command line arguments and environment variables have been modeled using the `commandargs` and `environment` threat models.
|
||||
* The `cs/assembly-path-injection` query has been modified so that it's sources rely on `ThreatModelFlowSource`. In order to restore results from command line arguments, you should enable the `commandargs` threat model.
|
||||
* The models for `System.IO.TextReader` have been modified to better model the flow of tainted text from a `TextReader`.
|
||||
|
||||
## 0.8.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
* The QL library C# classes no longer extend their corresponding `DotNet` classes. Furthermore, CIL related data flow functionality has been deleted and all `DotNet` and `CIL` related classes have been deprecated. This effectively means that it no longer has any effect to enable CIL extraction.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The models for `System.IO.TextReader` have been modified to better model the flow of tainted text from a `TextReader`.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The .NET standard libraries APIs for accessing command line arguments and environment variables have been modeled using the `commandargs` and `environment` threat models.
|
||||
* The `cs/assembly-path-injection` query has been modified so that it's sources rely on `ThreatModelFlowSource`. In order to restore results from command line arguments, you should enable the `commandargs` threat model.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
* The CIL extractor has been deleted and the corresponding extractor option `cil` has been removed. It is no longer possible to do CIL extraction.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The models for `System.Net.Http.HttpRequestMessage` have been modified to better model the flow of tainted URIs.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Support for C# 12 / .NET8.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added the `windows-registry` source kind and threat model to represent values which come from the registry on Windows.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Additional models have been added for `System.IO`. These are primarily source models with the `file` threat model, and summaries related to reading from a file or stream.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added new source models for the `Dapper` package. These models can be enabled by enabling the `database` threat model.
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* The CIL extractor has been deleted and the corresponding extractor option `cil` has been removed. It is no longer possible to do CIL extraction.
|
||||
* The QL library C# classes no longer extend their corresponding `DotNet` classes. Furthermore, CIL related data flow functionality has been deleted and all `DotNet` and `CIL` related classes have been deprecated. This effectively means that it no longer has any effect to enable CIL extraction.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added new source models for the `Dapper` package. These models can be enabled by enabling the `database` threat model.
|
||||
* Additional models have been added for `System.IO`. These are primarily source models with the `file` threat model, and summaries related to reading from a file or stream.
|
||||
* Support for C# 12 / .NET8.
|
||||
* Added the `windows-registry` source kind and threat model to represent values which come from the registry on Windows.
|
||||
* The models for `System.Net.Http.HttpRequestMessage` have been modified to better model the flow of tainted URIs.
|
||||
* The .NET standard libraries APIs for accessing command line arguments and environment variables have been modeled using the `commandargs` and `environment` threat models.
|
||||
* The `cs/assembly-path-injection` query has been modified so that it's sources rely on `ThreatModelFlowSource`. In order to restore results from command line arguments, you should enable the `commandargs` threat model.
|
||||
* The models for `System.IO.TextReader` have been modified to better model the flow of tainted text from a `TextReader`.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.8.12
|
||||
lastReleaseVersion: 0.9.0
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-all
|
||||
version: 0.8.13-dev
|
||||
version: 0.9.1-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
|
|
|||
|
|
@ -1,3 +1,14 @@
|
|||
## 0.8.13
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* The `Stored` variants of some queries (`cs/stored-command-line-injection`, `cs/web/stored-xss`, `cs/stored-ldap-injection`, `cs/xml/stored-xpath-injection`, `cs/second-order-sql-injection`) have been removed. If you were using these queries, their results can be restored by enabling the `file` and `database` threat models in your threat model configuration.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The alert message of `cs/wrong-compareto-signature` has been changed to remove unnecessary element references.
|
||||
* Data flow queries that track flow from *local* flow sources now use the current *threat model* configuration instead. This may lead to changes in the produced alerts if the threat model configuration only uses *remote* flow sources. The changed queries are `cs/code-injection`, `cs/resource-injection`, `cs/sql-injection`, and `cs/uncontrolled-format-string`.
|
||||
|
||||
## 0.8.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Data flow queries that track flow from *local* flow sources now use the current *threat model* configuration instead. This may lead to changes in the produced alerts if the threat model configuration only uses *remote* flow sources. The changed queries are `cs/code-injection`, `cs/resource-injection`, `cs/sql-injection`, and `cs/uncontrolled-format-string`.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* The `Stored` variants of some queries (`cs/stored-command-line-injection`, `cs/web/stored-xss`, `cs/stored-ldap-injection`, `cs/xml/stored-xpath-injection`, `cs/second-order-sql-injection`) have been removed. If you were using these queries, their results can be restored by enabling the `file` and `database` threat models in your threat model configuration.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The alert message of `cs/wrong-compareto-signature` has been changed to remove unnecessary element references.
|
||||
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
## 0.8.13
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* The `Stored` variants of some queries (`cs/stored-command-line-injection`, `cs/web/stored-xss`, `cs/stored-ldap-injection`, `cs/xml/stored-xpath-injection`, `cs/second-order-sql-injection`) have been removed. If you were using these queries, their results can be restored by enabling the `file` and `database` threat models in your threat model configuration.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The alert message of `cs/wrong-compareto-signature` has been changed to remove unnecessary element references.
|
||||
* Data flow queries that track flow from *local* flow sources now use the current *threat model* configuration instead. This may lead to changes in the produced alerts if the threat model configuration only uses *remote* flow sources. The changed queries are `cs/code-injection`, `cs/resource-injection`, `cs/sql-injection`, and `cs/uncontrolled-format-string`.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.8.12
|
||||
lastReleaseVersion: 0.8.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-queries
|
||||
version: 0.8.13-dev
|
||||
version: 0.8.14-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 0.0.12
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.0.11
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 0.0.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.0.11
|
||||
lastReleaseVersion: 0.0.12
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql-go-consistency-queries
|
||||
version: 0.0.12-dev
|
||||
version: 0.0.13-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,10 @@
|
|||
## 0.7.13
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO` option, which speeds up retrieval of dependency information, is now on by default. This was originally an external contribution by @xhd2015.
|
||||
* Added dataflow sources for the package `gopkg.in/macaron.v1`.
|
||||
|
||||
## 0.7.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added dataflow sources for the package `gopkg.in/macaron.v1`.
|
||||
|
|
@ -1,4 +1,6 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.7.13
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `CODEQL_EXTRACTOR_GO_FAST_PACKAGE_INFO` option, which speeds up retrieval of dependency information, is now on by default. This was originally an external contribution by @xhd2015.
|
||||
* Added dataflow sources for the package `gopkg.in/macaron.v1`.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.7.12
|
||||
lastReleaseVersion: 0.7.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/go-all
|
||||
version: 0.7.13-dev
|
||||
version: 0.7.14-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
|
|
|||
|
|
@ -1,3 +1,14 @@
|
|||
## 0.7.13
|
||||
|
||||
### New Queries
|
||||
|
||||
* The query "Slice memory allocation with excessive size value" (`go/uncontrolled-allocation-size`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @Malayke](https://github.com/github/codeql/pull/15130).
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The query `go/hardcoded-credentials` no longer discards string literals based on "weak password" heuristics.
|
||||
* The query `go/sql-injection` now recognizes more sinks in the package `github.com/Masterminds/squirrel`.
|
||||
|
||||
## 0.7.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The query `go/sql-injection` now recognizes more sinks in the package `github.com/Masterminds/squirrel`.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The query `go/hardcoded-credentials` no longer discards string literals based on "weak password" heuristics.
|
||||
|
|
@ -1,4 +1,10 @@
|
|||
---
|
||||
category: newQuery
|
||||
---
|
||||
## 0.7.13
|
||||
|
||||
### New Queries
|
||||
|
||||
* The query "Slice memory allocation with excessive size value" (`go/uncontrolled-allocation-size`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @Malayke](https://github.com/github/codeql/pull/15130).
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The query `go/hardcoded-credentials` no longer discards string literals based on "weak password" heuristics.
|
||||
* The query `go/sql-injection` now recognizes more sinks in the package `github.com/Masterminds/squirrel`.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.7.12
|
||||
lastReleaseVersion: 0.7.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/go-queries
|
||||
version: 0.7.13-dev
|
||||
version: 0.7.14-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 0.0.20
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.0.19
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 0.0.20
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.0.19
|
||||
lastReleaseVersion: 0.0.20
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-automodel-queries
|
||||
version: 0.0.20-dev
|
||||
version: 0.0.21-dev
|
||||
groups:
|
||||
- java
|
||||
- automodel
|
||||
|
|
|
|||
|
|
@ -1,3 +1,16 @@
|
|||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* The Java extractor no longer supports the `ODASA_SNAPSHOT` legacy environment variable.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Increased the precision of some dataflow models of the class `java.net.URL` by distinguishing the parts of a URL.
|
||||
* The Java extractor and QL libraries now support Java 22, including support for anonymous variables, lambda parameters and patterns.
|
||||
* Pattern cases with multiple patterns and that fall through to or from other pattern cases are now supported. The `PatternCase` class gains the new `getPatternAtIndex` and `getAPattern` predicates, and deprecates `getPattern`.
|
||||
* Added a `path-injection` sink for the `open` methods of the `android.os.ParcelFileDescriptor` class.
|
||||
|
||||
## 0.8.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a `path-injection` sink for the `open` methods of the `android.os.ParcelFileDescriptor` class.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
* The Java extractor no longer supports the `ODASA_SNAPSHOT` legacy environment variable.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The Java extractor and QL libraries now support Java 22, including support for anonymous variables, lambda parameters and patterns.
|
||||
* Pattern cases with multiple patterns and that fall through to or from other pattern cases are now supported. The `PatternCase` class gains the new `getPatternAtIndex` and `getAPattern` predicates, and deprecates `getPattern`.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Increased the precision of some dataflow models of the class `java.net.URL` by distinguishing the parts of a URL.
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
## 0.9.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* The Java extractor no longer supports the `ODASA_SNAPSHOT` legacy environment variable.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Increased the precision of some dataflow models of the class `java.net.URL` by distinguishing the parts of a URL.
|
||||
* The Java extractor and QL libraries now support Java 22, including support for anonymous variables, lambda parameters and patterns.
|
||||
* Pattern cases with multiple patterns and that fall through to or from other pattern cases are now supported. The `PatternCase` class gains the new `getPatternAtIndex` and `getAPattern` predicates, and deprecates `getPattern`.
|
||||
* Added a `path-injection` sink for the `open` methods of the `android.os.ParcelFileDescriptor` class.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.8.12
|
||||
lastReleaseVersion: 0.9.0
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-all
|
||||
version: 0.8.13-dev
|
||||
version: 0.9.1-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
|
|
|||
|
|
@ -1,3 +1,18 @@
|
|||
## 0.8.13
|
||||
|
||||
### New Queries
|
||||
|
||||
* The query `java/unsafe-url-forward-dispatch-load` has been promoted from experimental to the main query pack as `java/unvalidated-url-forward`. Its results will now appear by default. This query was originally submitted as an experimental query [by @haby0](https://github.com/github/codeql/pull/6240) and [by @luchua-bc](https://github.com/github/codeql/pull/7286).
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* The `java/missing-case-in-switch` query now gives only a single alert for each switch statement, giving some examples of the missing cases as well as a count of how many are missing.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts.
|
||||
* Added sanitizers for relative URLs, `List.contains()`, and checking the host of a URI to the `java/ssrf` and `java/unvalidated-url-redirection` queries.
|
||||
|
||||
## 0.8.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: newQuery
|
||||
---
|
||||
* The query `java/unsafe-url-forward-dispatch-load` has been promoted from experimental to the main query pack as `java/unvalidated-url-forward`. Its results will now appear by default. This query was originally submitted as an experimental query [by @haby0](https://github.com/github/codeql/pull/6240) and [by @luchua-bc](https://github.com/github/codeql/pull/7286).
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added sanitizers for relative URLs, `List.contains()`, and checking the host of a URI to the `java/ssrf` and `java/unvalidated-url-redirection` queries.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* The `java/missing-case-in-switch` query now gives only a single alert for each switch statement, giving some examples of the missing cases as well as a count of how many are missing.
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
## 0.8.13
|
||||
|
||||
### New Queries
|
||||
|
||||
* The query `java/unsafe-url-forward-dispatch-load` has been promoted from experimental to the main query pack as `java/unvalidated-url-forward`. Its results will now appear by default. This query was originally submitted as an experimental query [by @haby0](https://github.com/github/codeql/pull/6240) and [by @luchua-bc](https://github.com/github/codeql/pull/7286).
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* The `java/missing-case-in-switch` query now gives only a single alert for each switch statement, giving some examples of the missing cases as well as a count of how many are missing.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Variables named `tokenImage` are no longer sources for the `java/sensitive-log` query. This is because this variable name is used in parsing code generated by JavaCC, so it causes a large number of false positive alerts.
|
||||
* Added sanitizers for relative URLs, `List.contains()`, and checking the host of a URI to the `java/ssrf` and `java/unvalidated-url-redirection` queries.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.8.12
|
||||
lastReleaseVersion: 0.8.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-queries
|
||||
version: 0.8.13-dev
|
||||
version: 0.8.14-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,9 @@
|
|||
## 0.8.13
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for TypeScript 5.4.
|
||||
|
||||
## 0.8.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* Added support for TypeScript 5.4.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
## 0.8.13
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for TypeScript 5.4.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.8.12
|
||||
lastReleaseVersion: 0.8.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/javascript-all
|
||||
version: 0.8.13-dev
|
||||
version: 0.8.14-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
|
|
|||
|
|
@ -1,3 +1,13 @@
|
|||
## 0.8.13
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The `@precision` of the `js/unsafe-external-link` has been reduced to `low` to reflect the fact that modern browsers do not expose the opening window for such links. This mitigates the potential security risk of having a link with `target="_blank"`.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The call graph has been improved, leading to more alerts for data flow based queries.
|
||||
|
||||
## 0.8.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The call graph has been improved, leading to more alerts for data flow based queries.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
* The `@precision` of the `js/unsafe-external-link` has been reduced to `low` to reflect the fact that modern browsers do not expose the opening window for such links. This mitigates the potential security risk of having a link with `target="_blank"`.
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
## 0.8.13
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The `@precision` of the `js/unsafe-external-link` has been reduced to `low` to reflect the fact that modern browsers do not expose the opening window for such links. This mitigates the potential security risk of having a link with `target="_blank"`.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The call graph has been improved, leading to more alerts for data flow based queries.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.8.12
|
||||
lastReleaseVersion: 0.8.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/javascript-queries
|
||||
version: 0.8.13-dev
|
||||
version: 0.8.14-dev
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 0.7.13
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.7.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 0.7.13
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.7.12
|
||||
lastReleaseVersion: 0.7.13
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
name: codeql/suite-helpers
|
||||
version: 0.7.13-dev
|
||||
version: 0.7.14-dev
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 0.11.13
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 0.11.12
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 0.11.13
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 0.11.12
|
||||
lastReleaseVersion: 0.11.13
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/python-all
|
||||
version: 0.11.13-dev
|
||||
version: 0.11.14-dev
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
|
|
|||
Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше
Загрузка…
Ссылка в новой задаче