From 55935fc123cc4d6244ee6787b0ee6c497a72a374 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 22 Jul 2024 14:56:15 +0000 Subject: [PATCH] Release preparation for version 2.18.1 --- cpp/ql/lib/CHANGELOG.md | 8 +++++++ .../2024-07-10-newarrayexpr-arraysize.md | 4 ---- .../2024-07-16-alert-provenance.md | 4 ---- .../1.3.0.md} | 9 +++++--- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 11 ++++++++++ .../2024-07-08-unsafe-strncat-query.md | 4 ---- ...-11-iterator-to-expired-container-query.md | 4 ---- ...ed-difference-expression-compared-zero-.md | 4 ---- cpp/ql/src/change-notes/released/1.1.0.md | 10 +++++++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../lib/change-notes/released/1.7.21.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../src/change-notes/released/1.7.21.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 4 ++++ csharp/ql/lib/change-notes/released/1.0.4.md | 3 +++ csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 4 ++++ csharp/ql/src/change-notes/released/1.0.4.md | 3 +++ csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.4.md | 3 +++ .../codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 6 ++++++ .../1.1.3.md} | 7 ++++--- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/1.0.4.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ++++ .../src/change-notes/released/1.0.4.md | 3 +++ java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 21 +++++++++++++++++++ .../2024-06-12-isandroid-deprecated.md | 4 ---- .../change-notes/2024-06-19-kotlin-2.0.20.md | 4 ---- .../2024-06-25-java-tools-status.md | 4 ---- .../2024-07-03-env-var-semmle-dist.md | 4 ---- .../2024-07-11-FilePath-exists-sink.md | 4 ---- .../lib/change-notes/2024-07-11-kotlin-ga.md | 4 ---- .../2024-07-11-toByteArray-summary.md | 4 ---- java/ql/lib/change-notes/released/2.0.0.md | 20 ++++++++++++++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 6 ++++++ .../1.1.1.md} | 7 ++++--- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ .../ql/lib/change-notes/released/1.1.1.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 14 +++++++++++++ .../2024-06-19-insecure-helmet-config.md | 4 ---- .../1.1.0.md} | 11 +++++++--- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.4.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 6 ++++++ .../1.0.4.md} | 9 ++++---- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 4 ++++ python/ql/src/change-notes/released/1.0.4.md | 3 +++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ++++ ruby/ql/lib/change-notes/released/1.0.4.md | 3 +++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++++ ruby/ql/src/change-notes/released/1.0.4.md | 3 +++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.4.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ .../dataflow/change-notes/released/1.0.4.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/1.0.4.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.4.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/1.0.4.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/1.0.4.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.4.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ .../tutorial/change-notes/released/1.0.4.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ++++ .../typeflow/change-notes/released/1.0.4.md | 3 +++ shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.4.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/1.0.4.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/1.0.4.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ++++ shared/xml/change-notes/released/1.0.4.md | 3 +++ shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/1.0.4.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 10 +++++++++ .../lib/change-notes/2024-07-11-swift-ga.md | 4 ---- .../1.1.0.md} | 11 +++++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/1.0.4.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 154 files changed, 406 insertions(+), 145 deletions(-) delete mode 100644 cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md delete mode 100644 cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md rename cpp/ql/lib/change-notes/{2024-07-11-additional-builtin-support.md => released/1.3.0.md} (57%) delete mode 100644 cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md delete mode 100644 cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md delete mode 100644 cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md create mode 100644 cpp/ql/src/change-notes/released/1.1.0.md create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md create mode 100644 csharp/ql/lib/change-notes/released/1.0.4.md create mode 100644 csharp/ql/src/change-notes/released/1.0.4.md create mode 100644 go/ql/consistency-queries/change-notes/released/1.0.4.md rename go/ql/lib/change-notes/{2024-07-08-fix-clear-sanitizer.md => released/1.1.3.md} (81%) create mode 100644 go/ql/src/change-notes/released/1.0.4.md create mode 100644 java/ql/automodel/src/change-notes/released/1.0.4.md delete mode 100644 java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md delete mode 100644 java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md delete mode 100644 java/ql/lib/change-notes/2024-06-25-java-tools-status.md delete mode 100644 java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md delete mode 100644 java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md delete mode 100644 java/ql/lib/change-notes/2024-07-11-kotlin-ga.md delete mode 100644 java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md create mode 100644 java/ql/lib/change-notes/released/2.0.0.md rename java/ql/src/change-notes/{2024-07-07-android-application-heuristic-updated.md => released/1.1.1.md} (88%) create mode 100644 javascript/ql/lib/change-notes/released/1.1.1.md delete mode 100644 javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md rename javascript/ql/src/change-notes/{2024-07-08-functionality-from-untrusted-domain.md => released/1.1.0.md} (79%) create mode 100644 misc/suite-helpers/change-notes/released/1.0.4.md rename python/ql/lib/change-notes/{2024-06-24-cookie-header-writes.md => released/1.0.4.md} (65%) create mode 100644 python/ql/src/change-notes/released/1.0.4.md create mode 100644 ruby/ql/lib/change-notes/released/1.0.4.md create mode 100644 ruby/ql/src/change-notes/released/1.0.4.md create mode 100644 shared/controlflow/change-notes/released/1.0.4.md create mode 100644 shared/dataflow/change-notes/released/1.0.4.md create mode 100644 shared/mad/change-notes/released/1.0.4.md create mode 100644 shared/rangeanalysis/change-notes/released/1.0.4.md create mode 100644 shared/regex/change-notes/released/1.0.4.md create mode 100644 shared/ssa/change-notes/released/1.0.4.md create mode 100644 shared/threat-models/change-notes/released/1.0.4.md create mode 100644 shared/tutorial/change-notes/released/1.0.4.md create mode 100644 shared/typeflow/change-notes/released/1.0.4.md create mode 100644 shared/typetracking/change-notes/released/1.0.4.md create mode 100644 shared/typos/change-notes/released/1.0.4.md create mode 100644 shared/util/change-notes/released/1.0.4.md create mode 100644 shared/xml/change-notes/released/1.0.4.md create mode 100644 shared/yaml/change-notes/released/1.0.4.md delete mode 100644 swift/ql/lib/change-notes/2024-07-11-swift-ga.md rename swift/ql/lib/change-notes/{2024-05-23-sensitive-data.md => released/1.1.0.md} (70%) create mode 100644 swift/ql/src/change-notes/released/1.0.4.md diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 61cbcd1318a..9f01040830c 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,11 @@ +## 1.3.0 + +### New Features + +* Models-as-data alert provenance information has been extended to the C/C++ language. Any qltests that include the edges relation in their output (for example, `.qlref`s that reference path-problem queries) will need to be have their expected output updated accordingly. +* Added subclasses of `BuiltInOperations` for `__builtin_has_attribute`, `__builtin_is_corresponding_member`, `__builtin_is_pointer_interconvertible_with_class`, `__is_assignable_no_precondition_check`, `__is_bounded_array`, `__is_convertible`, `__is_corresponding_member`, `__is_nothrow_convertible`, `__is_pointer_interconvertible_with_class`, `__is_referenceable`, `__is_same_as`, `__is_trivially_copy_assignable`, `__is_unbounded_array`, `__is_valid_winrt_type`, `_is_win_class`, `__is_win_interface`, `__reference_binds_to_temporary`, `__reference_constructs_from_temporary`, and `__reference_converts_from_temporary`. +* The class `NewArrayExpr` adds a predicate `getArraySize()` to allow a more convenient way to access the static size of the array when the extent is missing. + ## 1.2.0 ### New Features diff --git a/cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md b/cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md deleted file mode 100644 index 0a806c93243..00000000000 --- a/cpp/ql/lib/change-notes/2024-07-10-newarrayexpr-arraysize.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The class `NewArrayExpr` adds a predicate `getArraySize()` to allow a more convenient way to access the static size of the array when the extent is missing. diff --git a/cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md b/cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md deleted file mode 100644 index 3f773028073..00000000000 --- a/cpp/ql/lib/change-notes/2024-07-16-alert-provenance.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Models-as-data alert provenance information has been extended to the C/C++ language. Any qltests that include the edges relation in their output (for example, `.qlref`s that reference path-problem queries) will need to be have their expected output updated accordingly. diff --git a/cpp/ql/lib/change-notes/2024-07-11-additional-builtin-support.md b/cpp/ql/lib/change-notes/released/1.3.0.md similarity index 57% rename from cpp/ql/lib/change-notes/2024-07-11-additional-builtin-support.md rename to cpp/ql/lib/change-notes/released/1.3.0.md index f389283ad1e..3c3010da96d 100644 --- a/cpp/ql/lib/change-notes/2024-07-11-additional-builtin-support.md +++ b/cpp/ql/lib/change-notes/released/1.3.0.md @@ -1,4 +1,7 @@ ---- -category: feature ---- +## 1.3.0 + +### New Features + +* Models-as-data alert provenance information has been extended to the C/C++ language. Any qltests that include the edges relation in their output (for example, `.qlref`s that reference path-problem queries) will need to be have their expected output updated accordingly. * Added subclasses of `BuiltInOperations` for `__builtin_has_attribute`, `__builtin_is_corresponding_member`, `__builtin_is_pointer_interconvertible_with_class`, `__is_assignable_no_precondition_check`, `__is_bounded_array`, `__is_convertible`, `__is_corresponding_member`, `__is_nothrow_convertible`, `__is_pointer_interconvertible_with_class`, `__is_referenceable`, `__is_same_as`, `__is_trivially_copy_assignable`, `__is_unbounded_array`, `__is_valid_winrt_type`, `_is_win_class`, `__is_win_interface`, `__reference_binds_to_temporary`, `__reference_constructs_from_temporary`, and `__reference_converts_from_temporary`. +* The class `NewArrayExpr` adds a predicate `getArraySize()` to allow a more convenient way to access the static size of the array when the extent is missing. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 75430e73d1c..ec16350ed6f 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.0 +lastReleaseVersion: 1.3.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 6b3f05d5f7c..aee0698f32a 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 1.2.1-dev +version: 1.3.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index badaa459be1..9f10be7db90 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,14 @@ +## 1.1.0 + +### Query Metadata Changes + +* The precision of `cpp/iterator-to-expired-container` ("Iterator to expired container") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. +* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. + +### Minor Analysis Improvements + +* The `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") query now produces fewer false positives. + ## 1.0.3 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md b/cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md deleted file mode 100644 index a85958bc6ba..00000000000 --- a/cpp/ql/src/change-notes/2024-07-08-unsafe-strncat-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. diff --git a/cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md b/cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md deleted file mode 100644 index 37d1f9eda4a..00000000000 --- a/cpp/ql/src/change-notes/2024-07-11-iterator-to-expired-container-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* The precision of `cpp/iterator-to-expired-container` ("Iterator to expired container") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. diff --git a/cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md b/cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md deleted file mode 100644 index a4fb27acc41..00000000000 --- a/cpp/ql/src/change-notes/2024-07-16-unsigned-difference-expression-compared-zero-.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") query now produces fewer false positives. diff --git a/cpp/ql/src/change-notes/released/1.1.0.md b/cpp/ql/src/change-notes/released/1.1.0.md new file mode 100644 index 00000000000..50e703a5814 --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.1.0.md @@ -0,0 +1,10 @@ +## 1.1.0 + +### Query Metadata Changes + +* The precision of `cpp/iterator-to-expired-container` ("Iterator to expired container") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. +* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. + +### Minor Analysis Improvements + +* The `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") query now produces fewer false positives. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 06fa75b96cb..2ac15439f56 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.1.0 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index ec7e9e095ed..179bbafe4ac 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.0.4-dev +version: 1.1.0 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 4f04af92303..503822fbd68 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.21 + +No user-facing changes. + ## 1.7.20 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md new file mode 100644 index 00000000000..bdd54f47083 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.21.md @@ -0,0 +1,3 @@ +## 1.7.21 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 747131a0b2b..87eff681b88 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.20 +lastReleaseVersion: 1.7.21 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 30856be18e2..593ee8b9125 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.21-dev +version: 1.7.21 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 4f04af92303..503822fbd68 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.21 + +No user-facing changes. + ## 1.7.20 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md new file mode 100644 index 00000000000..bdd54f47083 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.21.md @@ -0,0 +1,3 @@ +## 1.7.21 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 747131a0b2b..87eff681b88 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.20 +lastReleaseVersion: 1.7.21 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 434601dad84..3182e69d672 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.21-dev +version: 1.7.21 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 6abef1b2c04..e8db0331951 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/released/1.0.4.md b/csharp/ql/lib/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/csharp/ql/lib/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 28319e6dc99..97d1ed9a892 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 1.0.4-dev +version: 1.0.4 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 5edbf922962..0b2583745f1 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/csharp/ql/src/change-notes/released/1.0.4.md b/csharp/ql/src/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 1805c054d6b..73aed8329de 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.4-dev +version: 1.0.4 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 86a6976ddc7..bdc66d51322 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.4.md b/go/ql/consistency-queries/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 66c00f275bd..e3561decdf0 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.4-dev +version: 1.0.4 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 875c2809beb..ed4e9b3750f 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.3 + +### Minor Analysis Improvements + +* There was a bug which meant that the built-in function `clear` was considered as a sanitizer in some cases when it shouldn't have been. This has now been fixed, which may lead to more alerts. + ## 1.1.2 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md b/go/ql/lib/change-notes/released/1.1.3.md similarity index 81% rename from go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md rename to go/ql/lib/change-notes/released/1.1.3.md index 711287f6a89..d97cd24d93c 100644 --- a/go/ql/lib/change-notes/2024-07-08-fix-clear-sanitizer.md +++ b/go/ql/lib/change-notes/released/1.1.3.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.1.3 + +### Minor Analysis Improvements + * There was a bug which meant that the built-in function `clear` was considered as a sanitizer in some cases when it shouldn't have been. This has now been fixed, which may lead to more alerts. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 53ab127707f..35e710ab1bf 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.2 +lastReleaseVersion: 1.1.3 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 34fec580e8c..7e0622a6f07 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 1.1.3-dev +version: 1.1.3 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index f02101176a9..7248057e408 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.0.4.md b/go/ql/src/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/go/ql/src/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 27c6eaf86a9..8438e3c589c 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.0.4-dev +version: 1.0.4 groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 6e2e78d0a63..7ef174ca56a 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/1.0.4.md b/java/ql/automodel/src/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index ad247f25bf1..096cba6156a 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 1.0.4-dev +version: 1.0.4 groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index d4ceec95093..365117374e6 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,24 @@ +## 2.0.0 + +### Breaking Changes + +* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable. + +### Deprecated APIs + +* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead. + +### New Features + +* Kotlin support is now out of beta, and generally available +* Kotlin versions up to 2.0.2\ *x* are now supported. + +### Minor Analysis Improvements + +* Added a path-injection sink for `hudson.FilePath.exists()`. +* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`. +* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. + ## 1.1.2 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md b/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md deleted file mode 100644 index 3c1ab0de8e2..00000000000 --- a/java/ql/lib/change-notes/2024-06-12-isandroid-deprecated.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead. diff --git a/java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md b/java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md deleted file mode 100644 index f9023051191..00000000000 --- a/java/ql/lib/change-notes/2024-06-19-kotlin-2.0.20.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Kotlin versions up to 2.0.2\ *x* are now supported. diff --git a/java/ql/lib/change-notes/2024-06-25-java-tools-status.md b/java/ql/lib/change-notes/2024-06-25-java-tools-status.md deleted file mode 100644 index 67a72a12bb7..00000000000 --- a/java/ql/lib/change-notes/2024-06-25-java-tools-status.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. diff --git a/java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md b/java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md deleted file mode 100644 index 372bed1eb66..00000000000 --- a/java/ql/lib/change-notes/2024-07-03-env-var-semmle-dist.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable. diff --git a/java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md b/java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md deleted file mode 100644 index 0c8f80cb715..00000000000 --- a/java/ql/lib/change-notes/2024-07-11-FilePath-exists-sink.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a path-injection sink for `hudson.FilePath.exists()`. diff --git a/java/ql/lib/change-notes/2024-07-11-kotlin-ga.md b/java/ql/lib/change-notes/2024-07-11-kotlin-ga.md deleted file mode 100644 index 24d6c5d7d76..00000000000 --- a/java/ql/lib/change-notes/2024-07-11-kotlin-ga.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Kotlin support is now out of beta, and generally available diff --git a/java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md b/java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md deleted file mode 100644 index b24905cb9e7..00000000000 --- a/java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`. diff --git a/java/ql/lib/change-notes/released/2.0.0.md b/java/ql/lib/change-notes/released/2.0.0.md new file mode 100644 index 00000000000..c78ae3e78e3 --- /dev/null +++ b/java/ql/lib/change-notes/released/2.0.0.md @@ -0,0 +1,20 @@ +## 2.0.0 + +### Breaking Changes + +* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable. + +### Deprecated APIs + +* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead. + +### New Features + +* Kotlin support is now out of beta, and generally available +* Kotlin versions up to 2.0.2\ *x* are now supported. + +### Minor Analysis Improvements + +* Added a path-injection sink for `hudson.FilePath.exists()`. +* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`. +* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 53ab127707f..0abe6ccede0 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.2 +lastReleaseVersion: 2.0.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 9d64327d6d8..cf98ca82d81 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 1.1.3-dev +version: 2.0.0 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 30ac37246bb..687e54f3d9b 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.1.1 + +### Minor Analysis Improvements + +* The heuristic to enable certain Android queries has been improved. Now it ignores Android Manifests which don't define an activity, content provider or service. We also only consider files which are under a folder containing such an Android Manifest for these queries. This should remove some false positive alerts. + ## 1.1.0 ### Major Analysis Improvements diff --git a/java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md b/java/ql/src/change-notes/released/1.1.1.md similarity index 88% rename from java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md rename to java/ql/src/change-notes/released/1.1.1.md index fbf24383c19..e8403c4e15a 100644 --- a/java/ql/src/change-notes/2024-07-07-android-application-heuristic-updated.md +++ b/java/ql/src/change-notes/released/1.1.1.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.1.1 + +### Minor Analysis Improvements + * The heuristic to enable certain Android queries has been improved. Now it ignores Android Manifests which don't define an activity, content provider or service. We also only consider files which are under a folder containing such an Android Manifest for these queries. This should remove some false positive alerts. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 2ac15439f56..1a19084be3f 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.1.1 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 65236db5e55..66b53f46939 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.1.1-dev +version: 1.1.1 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index c5df4d5fa27..182f9a9685c 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.1.1 + +No user-facing changes. + ## 1.1.0 ### Major Analysis Improvements diff --git a/javascript/ql/lib/change-notes/released/1.1.1.md b/javascript/ql/lib/change-notes/released/1.1.1.md new file mode 100644 index 00000000000..7fb56d36610 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/1.1.1.md @@ -0,0 +1,3 @@ +## 1.1.1 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2ac15439f56..1a19084be3f 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.1.1 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 23b7ec9240a..651f453bced 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 1.1.1-dev +version: 1.1.1 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index a3d09c1e02b..0f30798ecd1 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,17 @@ +## 1.1.0 + +### New Queries + +* Added a new query, `js/insecure-helmet-configuration`, to detect instances where Helmet middleware is configured with important security features disabled. + +### Minor Analysis Improvements + +* Added a new query, `js/functionality-from-untrusted-domain`, which detects uses in HTML and JavaScript scripts from untrusted domains, including the `polyfill.io` content delivery network + * it can be extended to detect other compromised scripts using user-provided data extensions of the `untrustedDomain` predicate, which takes one string argument with the domain to warn on (and will warn on any subdomains too). +* Modified existing query, `js/functionality-from-untrusted-source`, to allow adding this new query, but reusing the same logic + * Added the ability to use data extensions to require SRI on CDN hostnames using the `isCdnDomainWithCheckingRequired` predicate, which takes one string argument of the full hostname to require SRI for. +* Created a new library, `semmle.javascript.security.FunctionalityFromUntrustedSource`, to support both queries. + ## 1.0.3 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md b/javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md deleted file mode 100644 index bee7ccb8fb9..00000000000 --- a/javascript/ql/src/change-notes/2024-06-19-insecure-helmet-config.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `js/insecure-helmet-configuration`, to detect instances where Helmet middleware is configured with important security features disabled. diff --git a/javascript/ql/src/change-notes/2024-07-08-functionality-from-untrusted-domain.md b/javascript/ql/src/change-notes/released/1.1.0.md similarity index 79% rename from javascript/ql/src/change-notes/2024-07-08-functionality-from-untrusted-domain.md rename to javascript/ql/src/change-notes/released/1.1.0.md index 48a524c0d98..81883a0d44f 100644 --- a/javascript/ql/src/change-notes/2024-07-08-functionality-from-untrusted-domain.md +++ b/javascript/ql/src/change-notes/released/1.1.0.md @@ -1,6 +1,11 @@ ---- -category: minorAnalysis ---- +## 1.1.0 + +### New Queries + +* Added a new query, `js/insecure-helmet-configuration`, to detect instances where Helmet middleware is configured with important security features disabled. + +### Minor Analysis Improvements + * Added a new query, `js/functionality-from-untrusted-domain`, which detects uses in HTML and JavaScript scripts from untrusted domains, including the `polyfill.io` content delivery network * it can be extended to detect other compromised scripts using user-provided data extensions of the `untrustedDomain` predicate, which takes one string argument with the domain to warn on (and will warn on any subdomains too). * Modified existing query, `js/functionality-from-untrusted-source`, to allow adding this new query, but reusing the same logic diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 06fa75b96cb..2ac15439f56 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.1.0 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 96db5feb0c8..113e769b9fc 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.0.4-dev +version: 1.1.0 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index d38834ba2ef..9f92ac20b25 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.4.md b/misc/suite-helpers/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index a8a38a7cbd3..14e15f3b9a9 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.4-dev +version: 1.0.4 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 65d784e6456..0b41146d493 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.0.4 + +### Minor Analysis Improvements + +* Additional modelling has been added to detect cookie writes from direct writes to the `Set-Cookie` header have been added for several web frameworks. + ## 1.0.3 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2024-06-24-cookie-header-writes.md b/python/ql/lib/change-notes/released/1.0.4.md similarity index 65% rename from python/ql/lib/change-notes/2024-06-24-cookie-header-writes.md rename to python/ql/lib/change-notes/released/1.0.4.md index 583e0f44c05..267019190ea 100644 --- a/python/ql/lib/change-notes/2024-06-24-cookie-header-writes.md +++ b/python/ql/lib/change-notes/released/1.0.4.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- -* Additional modelling has been added to detect cookie writes from direct writes to the `Set-Cookie` header have been added for several web frameworks. \ No newline at end of file +## 1.0.4 + +### Minor Analysis Improvements + +* Additional modelling has been added to detect cookie writes from direct writes to the `Set-Cookie` header have been added for several web frameworks. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index f72b0c14f5b..fdb646bad17 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 1.0.4-dev +version: 1.0.4 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 1015dd24144..b386509bd97 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/released/1.0.4.md b/python/ql/src/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/python/ql/src/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index e12dd987495..698c52f9e8f 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.0.4-dev +version: 1.0.4 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 140cdd2cdba..865dc997f3a 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/released/1.0.4.md b/ruby/ql/lib/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/ruby/ql/lib/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index caf4ecc62ec..bf914c07196 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 1.0.4-dev +version: 1.0.4 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 766deb43582..ac5d0c7525c 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.0.4.md b/ruby/ql/src/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index c6503d479c3..3ef18acf231 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.0.4-dev +version: 1.0.4 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index dab49cbe607..047afa97e51 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/1.0.4.md b/shared/controlflow/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/controlflow/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 72d92972d09..0b055d4c623 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ae88f0beac8..ca6c7165b9b 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/1.0.4.md b/shared/dataflow/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/dataflow/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 16e7e9af0d2..283e277909d 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 1b49bf2fb06..8680f86e786 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.4.md b/shared/mad/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/mad/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 3f35765b5d4..8167a79b21b 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 5093ac17ebd..a33a857c905 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.4.md b/shared/rangeanalysis/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 27fc3198a4d..9490c61761c 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index bc4c3b902b9..d78925faba0 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.4.md b/shared/regex/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/regex/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 37f37353811..b12651a8035 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 397322fcfd8..1a64a39471c 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.4.md b/shared/ssa/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/ssa/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index ed7467eebf4..efdee4d845a 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 86a6976ddc7..bdc66d51322 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.4.md b/shared/threat-models/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 1f80ebd4983..fc944afcd9c 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.4-dev +version: 1.0.4 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 6212f4cebc7..ad8f62a4e9d 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.4.md b/shared/tutorial/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 86c983bb080..eb3fbc4b6f6 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 4cf16f9cb1e..b9366dadb5c 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.4.md b/shared/typeflow/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index a7590994015..4f43727f40d 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 7a288c03bd9..d17f150b27b 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/1.0.4.md b/shared/typetracking/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/typetracking/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index b83dc559057..14b58f18a55 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 27be8dccdaa..d323c0974fe 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.4.md b/shared/typos/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/typos/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 459e9b92621..353c40e472e 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index b098bee611b..6042620d77c 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/util/change-notes/released/1.0.4.md b/shared/util/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/util/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 4df8f4c4e46..a4fcfad3f4b 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 36b6e75f803..1323436e6b2 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.4.md b/shared/xml/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/xml/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 832ce27a19c..f2303124741 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 49b8a5aeb8c..cd2c2e92ddf 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.4.md b/shared/yaml/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 57b7890f9bb..6135b64ec83 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.4-dev +version: 1.0.4 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 0630a303d73..21e8b74bb02 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 1.1.0 + +### New Features + +* Swift support is now out of beta, and generally available. + +### Minor Analysis Improvements + +* Additional heuristics for sensitive private information have been added to the `SensitiveExprs.qll` library, improving coverage for credit card and social security numbers. This may result in additional results for queries that use sensitive data such as `swift/cleartext-transmission`. + ## 1.0.3 No user-facing changes. diff --git a/swift/ql/lib/change-notes/2024-07-11-swift-ga.md b/swift/ql/lib/change-notes/2024-07-11-swift-ga.md deleted file mode 100644 index e50a3074157..00000000000 --- a/swift/ql/lib/change-notes/2024-07-11-swift-ga.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Swift support is now out of beta, and generally available. diff --git a/swift/ql/lib/change-notes/2024-05-23-sensitive-data.md b/swift/ql/lib/change-notes/released/1.1.0.md similarity index 70% rename from swift/ql/lib/change-notes/2024-05-23-sensitive-data.md rename to swift/ql/lib/change-notes/released/1.1.0.md index f42901c4589..fd8955658fc 100644 --- a/swift/ql/lib/change-notes/2024-05-23-sensitive-data.md +++ b/swift/ql/lib/change-notes/released/1.1.0.md @@ -1,4 +1,9 @@ ---- -category: minorAnalysis ---- +## 1.1.0 + +### New Features + +* Swift support is now out of beta, and generally available. + +### Minor Analysis Improvements + * Additional heuristics for sensitive private information have been added to the `SensitiveExprs.qll` library, improving coverage for credit card and social security numbers. This may result in additional results for queries that use sensitive data such as `swift/cleartext-transmission`. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 06fa75b96cb..2ac15439f56 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.1.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index c6bd37e6215..cbb2fa19bf5 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 1.0.4-dev +version: 1.1.0 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index f08ae688531..ca26ff94f22 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.4 + +No user-facing changes. + ## 1.0.3 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.0.4.md b/swift/ql/src/change-notes/released/1.0.4.md new file mode 100644 index 00000000000..d0255e750ff --- /dev/null +++ b/swift/ql/src/change-notes/released/1.0.4.md @@ -0,0 +1,3 @@ +## 1.0.4 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 06fa75b96cb..03f7ea71b58 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.3 +lastReleaseVersion: 1.0.4 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 62409f64983..bcd1861583a 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.4-dev +version: 1.0.4 groups: - swift - queries