Apply suggestions from code review

go/ql/lib/CHANGELOG.md

@@ -2,7 +2,7 @@
 
 ### Breaking Changes
 
-The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTracking::Configuration` has changed from `allowImplicitRead(DataFlow::Node node, DataFlow::Content c)` to `allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c)`.
+* The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTracking::Configuration` has changed from `allowImplicitRead(DataFlow::Node node, DataFlow::Content c)` to `allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c)`.
 
 ### Deprecated APIs
 
@@ -11,11 +11,7 @@ The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTrac
 ### Minor Analysis Improvements
 
 * The predicate `getNumParameter` on `FuncTypeExpr` has been changed to actually give the number of parameters. It previously gave the number of parameter declarations. `getNumParameterDecl` has been introduced to preserve this functionality.
-The definition of `mayHaveSideEffects` for `ReturnStmt` was incorrect when more
-than one expression was being returned. Such return statements were
-effectively considered to never have side effects. This has now been fixed.
-In rare circumstances `globalValueNumber` may have incorrectly treated two
-values as the same when they were in fact distinct.
+* The definition of `mayHaveSideEffects` for `ReturnStmt` was incorrect when more than one expression was being returned. Such return statements were effectively considered to never have side effects. This has now been fixed. In rare circumstances `globalValueNumber` may have incorrectly treated two values as the same when they were in fact distinct.
 * Queries that care about SQL, such as `go/sql-injection`, now recognise SQL-consuming functions belonging to the `gorqlite` and `GoFrame` packages.
  * `rsync` has been added to the list of commands which may evaluate its parameters as a shell command.
 

go/ql/lib/change-notes/released/0.4.0.md

@@ -2,7 +2,7 @@
 
 ### Breaking Changes
 
-The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTracking::Configuration` has changed from `allowImplicitRead(DataFlow::Node node, DataFlow::Content c)` to `allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c)`.
+* The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTracking::Configuration` has changed from `allowImplicitRead(DataFlow::Node node, DataFlow::Content c)` to `allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c)`.
 
 ### Deprecated APIs
 
@@ -11,13 +11,9 @@ The signature of `allowImplicitRead` on `DataFlow::Configuration` and `TaintTrac
 ### Minor Analysis Improvements
 
 * The predicate `getNumParameter` on `FuncTypeExpr` has been changed to actually give the number of parameters. It previously gave the number of parameter declarations. `getNumParameterDecl` has been introduced to preserve this functionality.
-The definition of `mayHaveSideEffects` for `ReturnStmt` was incorrect when more
-than one expression was being returned. Such return statements were
-effectively considered to never have side effects. This has now been fixed.
-In rare circumstances `globalValueNumber` may have incorrectly treated two
-values as the same when they were in fact distinct.
+* The definition of `mayHaveSideEffects` for `ReturnStmt` was incorrect when more than one expression was being returned. Such return statements were effectively considered to never have side effects. This has now been fixed. In rare circumstances `globalValueNumber` may have incorrectly treated two values as the same when they were in fact distinct.
 * Queries that care about SQL, such as `go/sql-injection`, now recognise SQL-consuming functions belonging to the `gorqlite` and `GoFrame` packages.
- * `rsync` has been added to the list of commands which may evaluate its parameters as a shell command.
+* `rsync` has been added to the list of commands which may evaluate its parameters as a shell command.
 
 ### Bug Fixes
 

javascript/ql/lib/CHANGELOG.md

@@ -2,15 +2,15 @@
 
 ### New Features
 
-- Improved support for [Restify](http://restify.com/) framework, leading to more results when scanning applications developed with this framework.
-- Added support for the [Spife](https://github.com/npm/spife) framework.
+* Improved support for [Restify](http://restify.com/) framework, leading to more results when scanning applications developed with this framework.
+* Added support for the [Spife](https://github.com/npm/spife) framework.
 
 ### Minor Analysis Improvements
 
 * Deleted the deprecated `Instance` class from the `Vue` module.
 * Deleted the deprecated `VHtmlSourceWrite` class from `DomBasedXssQuery.qll`.
 * Deleted all the deprecated `[QueryName].qll` files from the `javascript/ql/lib/semmle/javascript/security/dataflow` folder, use the corresponding `[QueryName]Query.qll` files instead.
- * The ReDoS libraries in `semmle.code.javascript.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.
+* The ReDoS libraries in `semmle.code.javascript.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.
 
 ## 0.3.6
 

javascript/ql/lib/change-notes/released/0.4.0.md

@@ -2,12 +2,12 @@
 
 ### New Features
 
-- Improved support for [Restify](http://restify.com/) framework, leading to more results when scanning applications developed with this framework.
-- Added support for the [Spife](https://github.com/npm/spife) framework.
+* Improved support for [Restify](http://restify.com/) framework, leading to more results when scanning applications developed with this framework.
+* Added support for the [Spife](https://github.com/npm/spife) framework.
 
 ### Minor Analysis Improvements
 
 * Deleted the deprecated `Instance` class from the `Vue` module.
 * Deleted the deprecated `VHtmlSourceWrite` class from `DomBasedXssQuery.qll`.
 * Deleted all the deprecated `[QueryName].qll` files from the `javascript/ql/lib/semmle/javascript/security/dataflow` folder, use the corresponding `[QueryName]Query.qll` files instead.
- * The ReDoS libraries in `semmle.code.javascript.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.
+* The ReDoS libraries in `semmle.code.javascript.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.

python/ql/lib/CHANGELOG.md

@@ -6,9 +6,8 @@
 
 ### Minor Analysis Improvements
 
-- Added `subprocess.getoutput` and `subprocess.getoutputstatus` as new command injection sinks for the StdLib.
- * The data-flow library has been rewritten to no longer rely on the points-to analysis in order to
-   resolve references to modules. Improvements in the module resolution can lead to more results.
+* Added `subprocess.getoutput` and `subprocess.getoutputstatus` as new command injection sinks for the StdLib.
+* The data-flow library has been rewritten to no longer rely on the points-to analysis in order to resolve references to modules. Improvements in the module resolution can lead to more results.
 * Deleted the deprecated `importNode` predicate from the `DataFlowUtil.qll` file.
 * Deleted the deprecated features from `PEP249.qll` that were not inside the `PEP249` module.
 * Deleted the deprecated `werkzeug` from the `Werkzeug` module in `Werkzeug.qll`.

python/ql/lib/change-notes/released/0.7.0.md

@@ -6,9 +6,8 @@
 
 ### Minor Analysis Improvements
 
-- Added `subprocess.getoutput` and `subprocess.getoutputstatus` as new command injection sinks for the StdLib.
- * The data-flow library has been rewritten to no longer rely on the points-to analysis in order to
-   resolve references to modules. Improvements in the module resolution can lead to more results.
+* Added `subprocess.getoutput` and `subprocess.getoutputstatus` as new command injection sinks for the StdLib.
+* The data-flow library has been rewritten to no longer rely on the points-to analysis in order to resolve references to modules. Improvements in the module resolution can lead to more results.
 * Deleted the deprecated `importNode` predicate from the `DataFlowUtil.qll` file.
 * Deleted the deprecated features from `PEP249.qll` that were not inside the `PEP249` module.
 * Deleted the deprecated `werkzeug` from the `Werkzeug` module in `Werkzeug.qll`.

ruby/ql/lib/CHANGELOG.md

@@ -17,13 +17,13 @@ there will be flow from `y` to the field `@field` on the constructed `C` object.
 ### Minor Analysis Improvements
 
 * Calls to `Kernel.load`, `Kernel.require`, `Kernel.autoload` are now modeled as sinks for path injection.
- * Calls to `mail` and `inbound_mail` in `ActionMailbox` controllers are now considered sources of remote input.
- * Calls to `GlobalID::Locator.locate` and its variants are now recognized as instances of `OrmInstantiation`.
+* Calls to `mail` and `inbound_mail` in `ActionMailbox` controllers are now considered sources of remote input.
+* Calls to `GlobalID::Locator.locate` and its variants are now recognized as instances of `OrmInstantiation`.
 * Data flow through the `ActiveSupport` extensions `Enumerable#index_with`, `Enumerable#pick`, `Enumerable#pluck` and `Enumerable#sole`  are now modeled.
 * When resolving a method call, the analysis now also searches in sub-classes of the receiver's type.
- * Taint flow is now tracked through many common JSON parsing and generation methods.
- * The ReDoS libraries in `codeql.ruby.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.
- * String literals and arrays of string literals in case expression patterns are now recognised as barrier guards.
+* Taint flow is now tracked through many common JSON parsing and generation methods.
+* The ReDoS libraries in `codeql.ruby.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.
+* String literals and arrays of string literals in case expression patterns are now recognised as barrier guards.
 
 ## 0.4.6
 

ruby/ql/lib/change-notes/released/0.5.0.md

@@ -17,10 +17,10 @@ there will be flow from `y` to the field `@field` on the constructed `C` object.
 ### Minor Analysis Improvements
 
 * Calls to `Kernel.load`, `Kernel.require`, `Kernel.autoload` are now modeled as sinks for path injection.
- * Calls to `mail` and `inbound_mail` in `ActionMailbox` controllers are now considered sources of remote input.
- * Calls to `GlobalID::Locator.locate` and its variants are now recognized as instances of `OrmInstantiation`.
+* Calls to `mail` and `inbound_mail` in `ActionMailbox` controllers are now considered sources of remote input.
+* Calls to `GlobalID::Locator.locate` and its variants are now recognized as instances of `OrmInstantiation`.
 * Data flow through the `ActiveSupport` extensions `Enumerable#index_with`, `Enumerable#pick`, `Enumerable#pluck` and `Enumerable#sole`  are now modeled.
 * When resolving a method call, the analysis now also searches in sub-classes of the receiver's type.
- * Taint flow is now tracked through many common JSON parsing and generation methods.
- * The ReDoS libraries in `codeql.ruby.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.
- * String literals and arrays of string literals in case expression patterns are now recognised as barrier guards.
+* Taint flow is now tracked through many common JSON parsing and generation methods.
+* The ReDoS libraries in `codeql.ruby.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.
+* String literals and arrays of string literals in case expression patterns are now recognised as barrier guards.