зеркало из https://github.com/github/codeql.git
Merge pull request #17480 from github/post-release-prep/codeql-cli-2.19.0
Post-release preparation for codeql-cli-2.19.0
This commit is contained in:
Коммит
30be6803c3
|
@ -1,3 +1,27 @@
|
|||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
|
||||
* Deleted the deprecated `hasQualifiedName` and `isDefined` predicates from the `Declaration` class, use `hasGlobalName` and `hasDefinition` respectively instead.
|
||||
* Deleted the `getFullSignature` predicate from the `Function` class, use `getIdentityString(Declaration)` from `semmle.code.cpp.Print` instead.
|
||||
* Deleted the deprecated `freeCall` predicate from `Alloc.qll`. Use `DeallocationExpr` instead.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
* Deleted the deprecated `getFieldExpr` predicate from `ClassAggregateLiteral`, use `getAFieldExpr` instead.
|
||||
* Deleted the deprecated `getElementExpr` predicate from `ArrayOrVectorAggregateLiteral`, use `getAnElementExpr` instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a class `C11GenericExpr` to represent C11 generic selection expressions. The generic selection is represented as a `Conversion` on the expression that will be selected.
|
||||
* Added subclasses of `BuiltInOperations` for the `__is_scoped_enum`, `__is_trivially_equality_comparable`, and `__is_trivially_relocatable` builtin operations.
|
||||
* Added a subclass of `Expr` for `__datasizeof` expressions.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added a data flow model for `swap` member functions, which were previously modeled as taint tracking functions. This change improves the precision of queries where flow through `swap` member functions might affect the results.
|
||||
* Added a data flow model for `realloc`-like functions, which were previously modeled as a taint tracking functions. This change improves the precision of queries where flow through `realloc`-like functions might affect the results.
|
||||
|
||||
## 1.4.2
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: feature
|
||||
---
|
||||
* Added subclasses of `BuiltInOperations` for the `__is_scoped_enum`, `__is_trivially_equality_comparable`, and `__is_trivially_relocatable` builtin operations.
|
||||
* Added a subclass of `Expr` for `__datasizeof` expressions.
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: feature
|
||||
---
|
||||
* Added a class `C11GenericExpr` to represent C11 generic selection expressions. The generic selection is represented as a `Conversion` on the expression that will be selected.
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a data flow model for `realloc`-like functions, which were previously modeled as a taint tracking functions. This change improves the precision of queries where flow through `realloc`-like functions might affect the results.
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added a data flow model for `swap` member functions, which were previously modeled as taint tracking functions. This change improves the precision of queries where flow through `swap` member functions might affect the results.
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
|
||||
* Deleted the deprecated `hasQualifiedName` and `isDefined` predicates from the `Declaration` class, use `hasGlobalName` and `hasDefinition` respectively instead.
|
||||
|
@ -9,3 +10,14 @@ category: breaking
|
|||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
* Deleted the deprecated `getFieldExpr` predicate from `ClassAggregateLiteral`, use `getAFieldExpr` instead.
|
||||
* Deleted the deprecated `getElementExpr` predicate from `ArrayOrVectorAggregateLiteral`, use `getAnElementExpr` instead.
|
||||
|
||||
### New Features
|
||||
|
||||
* Added a class `C11GenericExpr` to represent C11 generic selection expressions. The generic selection is represented as a `Conversion` on the expression that will be selected.
|
||||
* Added subclasses of `BuiltInOperations` for the `__is_scoped_enum`, `__is_trivially_equality_comparable`, and `__is_trivially_relocatable` builtin operations.
|
||||
* Added a subclass of `Expr` for `__datasizeof` expressions.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added a data flow model for `swap` member functions, which were previously modeled as taint tracking functions. This change improves the precision of queries where flow through `swap` member functions might affect the results.
|
||||
* Added a data flow model for `realloc`-like functions, which were previously modeled as a taint tracking functions. This change improves the precision of queries where flow through `realloc`-like functions might affect the results.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.4.2
|
||||
lastReleaseVersion: 2.0.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/cpp-all
|
||||
version: 1.4.3-dev
|
||||
version: 2.0.1-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
|
|
@ -1,3 +1,11 @@
|
|||
## 1.2.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Removed false positives caused by buffer accesses in unreachable code.
|
||||
* Removed false positives caused by inconsistent type checking.
|
||||
* Add modeling of C functions that don't throw, thereby increasing the precision of the `cpp/incorrect-allocation-error-handling` ("Incorrect allocation-error handling") query. The query now produces additional true positives.
|
||||
|
||||
## 1.2.2
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Add modeling of C functions that don't throw, thereby increasing the precision of the `cpp/incorrect-allocation-error-handling` ("Incorrect allocation-error handling") query. The query now produces additional true positives.
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Removed false positives caused by buffer accesses in unreachable code
|
||||
* Removed false positives caused by inconsistent type checking
|
|
@ -0,0 +1,7 @@
|
|||
## 1.2.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Removed false positives caused by buffer accesses in unreachable code
|
||||
* Removed false positives caused by inconsistent type checking
|
||||
* Add modeling of C functions that don't throw, thereby increasing the precision of the `cpp/incorrect-allocation-error-handling` ("Incorrect allocation-error handling") query. The query now produces additional true positives.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.2.2
|
||||
lastReleaseVersion: 1.2.3
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/cpp-queries
|
||||
version: 1.2.3-dev
|
||||
version: 1.2.4-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.7.25
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.24
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.7.25
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.7.24
|
||||
lastReleaseVersion: 1.7.25
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.25-dev
|
||||
version: 1.7.26-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.7.25
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.24
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.7.25
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.7.24
|
||||
lastReleaseVersion: 1.7.25
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.25-dev
|
||||
version: 1.7.26-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
|
|
@ -1,3 +1,16 @@
|
|||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Parameters of public methods in abstract controller-like classes are now considered remote flow sources.
|
||||
* The reported location of `partial` methods has been changed from the definition to the implementation part.
|
||||
|
||||
## 1.2.0
|
||||
|
||||
### New Features
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Parameters of public methods in abstract controller-like classes are now considered remote flow sources.
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The reported location of `partial` methods has been changed from the definition to the implementation part.
|
|
@ -1,6 +1,12 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Parameters of public methods in abstract controller-like classes are now considered remote flow sources.
|
||||
* The reported location of `partial` methods has been changed from the definition to the implementation part.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.2.0
|
||||
lastReleaseVersion: 2.0.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-all
|
||||
version: 1.2.1-dev
|
||||
version: 2.0.1-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 1.0.8
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-queries
|
||||
version: 1.0.8-dev
|
||||
version: 1.0.9-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 1.0.8
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql-go-consistency-queries
|
||||
version: 1.0.8-dev
|
||||
version: 1.0.9-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,27 @@
|
|||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* When a function or type has more than one anonymous type parameters, they were mistakenly being treated as the same type parameter. This has now been fixed.
|
||||
* Local source models for reading and parsing environment variables have been added for the following libraries:
|
||||
* `os`
|
||||
* `syscall`
|
||||
* `github.com/caarlos0/env`
|
||||
* `github.com/gobuffalo/envy`
|
||||
* `github.com/hashicorp/go-envparse`
|
||||
* `github.com/joho/godotenv`
|
||||
* `github.com/kelseyhightower/envconfig`
|
||||
* Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models).
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Golang vendor directories not at the root of a repository are now correctly excluded from the baseline Go file count. This means code coverage information will be more accurate.
|
||||
|
||||
## 1.2.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
@ -6,18 +30,6 @@
|
|||
|
||||
## 1.1.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Local source models for reading and parsing environment variables have been added for the following libraries:
|
||||
- os
|
||||
- syscall
|
||||
- github.com/caarlos0/env
|
||||
- github.com/gobuffalo/envy
|
||||
- github.com/hashicorp/go-envparse
|
||||
- github.com/joho/godotenv
|
||||
- github.com/kelseyhightower/envconfig
|
||||
* Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models).
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed an issue where `io/ioutil.WriteFile`'s non-path arguments incorrectly generated `go/path-injection` alerts when untrusted data was written to a file, or controlled the file's mode.
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: fix
|
||||
---
|
||||
* Golang vendor directories not at the root of a repository are now correctly excluded from the baseline Go file count. This means code coverage information will be more accurate.
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* When a function or type has more than one anonymous type parameters, they were mistakenly being treated as the same type parameter. This has now been fixed.
|
|
@ -1,6 +1,13 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* When a function or type has more than one anonymous type parameters, they were mistakenly being treated as the same type parameter. This has now been fixed.
|
||||
* Local source models for reading and parsing environment variables have been added for the following libraries:
|
||||
* os
|
||||
* syscall
|
||||
|
@ -10,3 +17,7 @@ category: minorAnalysis
|
|||
* github.com/joho/godotenv
|
||||
* github.com/kelseyhightower/envconfig
|
||||
* Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models).
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Golang vendor directories not at the root of a repository are now correctly excluded from the baseline Go file count. This means code coverage information will be more accurate.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.2.0
|
||||
lastReleaseVersion: 2.0.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/go-all
|
||||
version: 1.2.1-dev
|
||||
version: 2.0.1-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 1.0.8
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/go-queries
|
||||
version: 1.0.8-dev
|
||||
version: 1.0.9-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 1.0.8
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-automodel-queries
|
||||
version: 1.0.8-dev
|
||||
version: 1.0.9-dev
|
||||
groups:
|
||||
- java
|
||||
- automodel
|
||||
|
|
|
@ -1,3 +1,20 @@
|
|||
## 4.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `ProcessBuilderConstructor`, `MethodProcessBuilderCommand`, and `MethodRuntimeExec` from `JDK.qll`.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
* Deleted the deprecated `getURI` predicate from `CamelJavaDslToDecl` and `SpringCamelXmlToElement`, use `getUri` instead.
|
||||
* Deleted the deprecated `ExecCallable` class from `ExternalProcess.qll`.
|
||||
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
|
||||
* Deleted the deprecated `PathCreation.qll` file.
|
||||
* Deleted the deprecated `WebviewDubuggingEnabledQuery.qll` file.
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* When a method exists as source code, we will no longer use a models-as-data (MaD) model of that method. This primarily affects query results when the analysis includes generated models for the source code being analysed.
|
||||
|
||||
## 3.0.2
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* A generated (Models as Data) summary model is no longer used, if there exists a source code alternative. This primarily affects the analysis, when the analysis includes generated models for the source code being analysed.
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
## 4.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `ProcessBuilderConstructor`, `MethodProcessBuilderCommand`, and `MethodRuntimeExec` from `JDK.qll`.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
|
@ -9,3 +10,7 @@ category: breaking
|
|||
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
|
||||
* Deleted the deprecated `PathCreation.qll` file.
|
||||
* Deleted the deprecated `WebviewDubuggingEnabledQuery.qll` file.
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* A generated (Models as Data) summary model is no longer used, if there exists a source code alternative. This primarily affects the analysis, when the analysis includes generated models for the source code being analysed.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 3.0.2
|
||||
lastReleaseVersion: 4.0.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-all
|
||||
version: 3.0.3-dev
|
||||
version: 4.0.1-dev
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.1.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.4
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.1.5
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.4
|
||||
lastReleaseVersion: 1.1.5
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-queries
|
||||
version: 1.1.5-dev
|
||||
version: 1.1.6-dev
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,19 @@
|
|||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `isHTMLElement` and `getDOMName` predicates from the JSX library, use `isHtmlElement` and `getDomName` respectively instead.
|
||||
* Deleted the deprecated `getPackageJSON` predicate from the `SourceMappingComment` class, use `SourceMappingComment` instead.
|
||||
* Deleted many deprecated directives from the `Stmt.qll` file, use the `Directive::` module instead.
|
||||
* Deleted the deprecated `YAMLNode`, `YAMLValue`, and `YAMLScalar` classes from the YAML libraries, use `YamlNode`, `YamlValue`, and `YamlScalar` respectively instead.
|
||||
* Deleted the deprecated `getARouteHandlerExpr` predicate from `Connect.qll`, use `getARouteHandlerNode` instead.
|
||||
* Deleted the deprecated `getGWTVersion` predicate from `GWT.qll`, use `getGwtVersion` instead.
|
||||
* Deleted the deprecated `getOwnOptionsObject` predicate from `Vue.qll`, use `getOwnOptions().getASink()` instead.
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for TypeScript 5.6.
|
||||
|
||||
## 1.1.4
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* Added support for TypeScript 5.6.
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `isHTMLElement` and `getDOMName` predicates from the JSX library, use `isHtmlElement` and `getDomName` respectively instead.
|
||||
* Deleted the deprecated `getPackageJSON` predicate from the `SourceMappingComment` class, use `SourceMappingComment` instead.
|
||||
* Deleted many deprecated directives from the `Stmt.qll` file, use the `Directive::` module instead.
|
||||
|
@ -8,3 +9,7 @@ category: breaking
|
|||
* Deleted the deprecated `getARouteHandlerExpr` predicate from `Connect.qll`, use `getARouteHandlerNode` instead.
|
||||
* Deleted the deprecated `getGWTVersion` predicate from `GWT.qll`, use `getGwtVersion` instead.
|
||||
* Deleted the deprecated `getOwnOptionsObject` predicate from `Vue.qll`, use `getOwnOptions().getASink()` instead.
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for TypeScript 5.6.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.4
|
||||
lastReleaseVersion: 2.0.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/javascript-all
|
||||
version: 1.1.5-dev
|
||||
version: 2.0.1-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
|
|
@ -1,3 +1,9 @@
|
|||
## 1.2.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
- Added a new query (`js/actions/actions-artifact-leak`) to detect GitHub Actions artifacts that may leak the `GITHUB_TOKEN` token.
|
||||
|
||||
## 1.1.3
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
## 1.2.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
- Added a new query (`js/actions/actions-artifact-leak`) to detect GitHub Actions artifacts that may leak the GITHUB_TOKEN token.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.3
|
||||
lastReleaseVersion: 1.2.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/javascript-queries
|
||||
version: 1.1.4-dev
|
||||
version: 1.2.1-dev
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 1.0.8
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
name: codeql/suite-helpers
|
||||
version: 1.0.8-dev
|
||||
version: 1.0.9-dev
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
|
|
@ -1,3 +1,14 @@
|
|||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
* Deleted the deprecated `semmle.python.RegexTreeView` module, use `semmle.python.regexp.RegexTreeView` instead.
|
||||
* Deleted the deprecated `RegexString` class from `regex.qll`.
|
||||
* Deleted the deprecated `Regex` class, use `RegExp` instead.
|
||||
* Deleted the deprecated `semmle/python/security/SQL.qll` file.
|
||||
* Deleted the deprecated `useSSL` predicates from the LDAP libraries, use `useSsl` instead.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
* Deleted the deprecated `semmle.python.RegexTreeView` module, use `semmle.python.regexp.RegexTreeView` instead.
|
||||
* Deleted the deprecated `RegexString` class from `regex.qll`.
|
||||
* Deleted the deprecated `Regex` class, use `RegExp` instead.
|
||||
* Deleted the deprecated `semmle/python/security/SQL.qll` file.
|
||||
* Deleted the deprecated `useSSL` predicates from the LDAP libraries, use `useSsl` instead.
|
||||
* Deleted the deprecated `useSSL` predicates from the LDAP libraries, use `useSsl` instead.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 2.0.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/python-all
|
||||
version: 1.0.8-dev
|
||||
version: 2.0.1-dev
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
|
|
@ -1,3 +1,9 @@
|
|||
## 1.2.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `py/clear-text-logging-sensitive-data` and `py/clear-text-storage-sensitive-data` queries have been updated to exclude the `certificate` classification of sensitive sources, which often do not contain sensitive data.
|
||||
|
||||
## 1.2.1
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `py/clear-text-logging-sensitive-data` and `py/clear-text-storage-sensitive-data` queries have been updated to exclude the `certificate` classification of sensitive sources, which often do not contain sensitive data.
|
||||
## 1.2.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `py/clear-text-logging-sensitive-data` and `py/clear-text-storage-sensitive-data` queries have been updated to exclude the `certificate` classification of sensitive sources, which often do not contain sensitive data.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.2.1
|
||||
lastReleaseVersion: 1.2.2
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/python-queries
|
||||
version: 1.2.2-dev
|
||||
version: 1.2.3-dev
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,13 @@
|
|||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `getURL` predicate the `Http::Request` class, use `getAUrlPart` instead.
|
||||
* Deleted the deprecated `getNode` predicate from the `CfgNode` class, use `getAstNode` instead.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
||||
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
|
||||
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
category: breaking
|
||||
---
|
||||
## 2.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Deleted the deprecated `getURL` predicate the `Http::Request` class, use `getAUrlPart` instead.
|
||||
* Deleted the deprecated `getNode` predicate from the `CfgNode` class, use `getAstNode` instead.
|
||||
* Deleted the deprecated `explorationLimit` predicate from `DataFlow::Configuration`, use `FlowExploration<explorationLimit>` instead.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 2.0.0
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/ruby-all
|
||||
version: 1.0.8-dev
|
||||
version: 2.0.1-dev
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.1.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.2
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.1.3
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.2
|
||||
lastReleaseVersion: 1.1.3
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/ruby-queries
|
||||
version: 1.1.3-dev
|
||||
version: 1.1.4-dev
|
||||
groups:
|
||||
- ruby
|
||||
- queries
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 1.0.8
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/controlflow
|
||||
version: 1.0.8-dev
|
||||
version: 1.0.9-dev
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.1.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.1
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.1.2
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.1
|
||||
lastReleaseVersion: 1.1.2
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/dataflow
|
||||
version: 1.1.2-dev
|
||||
version: 1.1.3-dev
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.7
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.8
|
||||
|
||||
No user-facing changes.
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.7
|
||||
lastReleaseVersion: 1.0.8
|
||||
|
|
Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше
Загрузка…
Ссылка в новой задаче