Release preparation for version 2.16.2

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.12.5
+
+### New Features
+
+* Added the `PreprocBlock.qll` library to this repository.  This library offers a view of `#if`, `#elif`, `#else` and similar directives as a tree with navigable parent-child relationships.
+* Added a new `ThrowingFunction` abstract class that can be used to model an external function that may throw an exception.
+
 ## 0.12.4
 
 ### Minor Analysis Improvements

cpp/ql/lib/change-notes/2024-01-30-throwing-model.md

@@ -1,4 +0,0 @@
----
-category: feature
----
-* Added a new `ThrowingFunction` abstract class that can be used to model an external function that may throw an exception.

cpp/ql/lib/change-notes/released/0.12.5.md

@@ -1,4 +1,6 @@
----
+## 0.12.5
-category: feature
+
----
+### New Features
+
 * Added the `PreprocBlock.qll` library to this repository.  This library offers a view of `#if`, `#elif`, `#else` and similar directives as a tree with navigable parent-child relationships.
+* Added a new `ThrowingFunction` abstract class that can be used to model an external function that may throw an exception.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.12.4
+lastReleaseVersion: 0.12.5

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.12.5-dev
+version: 0.12.5
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.9.4
+
+### Minor Analysis Improvements
+
+* Corrected 2 false positive with `cpp/incorrect-string-type-conversion`: conversion of byte arrays to wchar and new array allocations converted to wchar.
+* The "Incorrect return-value check for a 'scanf'-like function" query (`cpp/incorrectly-checked-scanf`) no longer reports an alert when an explicit check for EOF is added.
+* The "Incorrect return-value check for a 'scanf'-like function" query (`cpp/incorrectly-checked-scanf`) now recognizes more EOF checks.
+* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) no longer reports an alert when the local variable is used as a qualifier to a static member function call.
+* ```
+* The diagnostic query `cpp/diagnostics/successfully-extracted-files` now considers any C/C++ file seen during extraction, even one with some errors, to be extracted / scanned. This affects the Code Scanning UI measure of scanned C/C++ files.
+
 ## 0.9.3
 
 ### Minor Analysis Improvements

cpp/ql/src/change-notes/2024-01-19-extracted-files.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The diagnostic query `cpp/diagnostics/successfully-extracted-files` now considers any C/C++ file seen during extraction, even one with some errors, to be extracted / scanned. This affects the Code Scanning UI measure of scanned C/C++ files.

cpp/ql/src/change-notes/2024-01-29-false_positive_incorrect_string_type_conversion.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Corrected 2 false positive with `cpp/incorrect-string-type-conversion`: conversion of byte arrays to wchar and new array allocations converted to wchar.

cpp/ql/src/change-notes/2024-01-29-incorrectly-checked-scanf-2.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Incorrect return-value check for a 'scanf'-like function" query (`cpp/incorrectly-checked-scanf`) now recognizes more EOF checks.

cpp/ql/src/change-notes/2024-01-29-incorrectly-checked-scanf.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Incorrect return-value check for a 'scanf'-like function" query (`cpp/incorrectly-checked-scanf`) no longer reports an alert when an explicit check for EOF is added.

cpp/ql/src/change-notes/2024-01-29-uninitialized-local-false-positive.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) no longer reports an alert when the local variable is used as a qualifier to a static member function call.
-* ```

cpp/ql/src/change-notes/released/0.9.4.md

@@ -0,0 +1,10 @@
+## 0.9.4
+
+### Minor Analysis Improvements
+
+* Corrected 2 false positive with `cpp/incorrect-string-type-conversion`: conversion of byte arrays to wchar and new array allocations converted to wchar.
+* The "Incorrect return-value check for a 'scanf'-like function" query (`cpp/incorrectly-checked-scanf`) no longer reports an alert when an explicit check for EOF is added.
+* The "Incorrect return-value check for a 'scanf'-like function" query (`cpp/incorrectly-checked-scanf`) now recognizes more EOF checks.
+* The "Potentially uninitialized local variable" query (`cpp/uninitialized-local`) no longer reports an alert when the local variable is used as a qualifier to a static member function call.
+* ```
+* The diagnostic query `cpp/diagnostics/successfully-extracted-files` now considers any C/C++ file seen during extraction, even one with some errors, to be extracted / scanned. This affects the Code Scanning UI measure of scanned C/C++ files.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.3
+lastReleaseVersion: 0.9.4

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.9.4-dev
+version: 0.9.4
 groups:
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.8
+
+No user-facing changes.
+
 ## 1.7.7
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.8.md

@@ -0,0 +1,3 @@
+## 1.7.8
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.7
+lastReleaseVersion: 1.7.8

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.8-dev
+version: 1.7.8
 groups:
   - csharp
   - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.7.8
+
+No user-facing changes.
+
 ## 1.7.7
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.8.md

@@ -0,0 +1,3 @@
+## 1.7.8
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.7
+lastReleaseVersion: 1.7.8

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.8-dev
+version: 1.7.8
 groups:
   - csharp
   - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.8.8
+
+### Minor Analysis Improvements
+
+* Added a new database relation to store compiler arguments specified inside `@[...].rsp` file arguments. The arguments
+are returned by `Compilation::getExpandedArgument/1` and `Compilation::getExpandedArguments/0`.
+* C# 12: Added extractor, QL library and data flow support for collection expressions like `[1, y, 4, .. x]`.
+* The C# extractor now accepts an extractor option `logging.verbosity` that specifies the verbosity of the logs. The
+option is added via `codeql database create --language=csharp -Ologging.verbosity=debug ...` or by setting the
+corresponding environment variable `CODEQL_EXTRACTOR_CSHARP_OPTION_LOGGING_VERBOSITY`.
+
 ## 0.8.7
 
 ### Minor Analysis Improvements

csharp/ql/lib/change-notes/2024-01-25-extractor-option-logging.md

@@ -1,6 +0,0 @@
----
-category: minorAnalysis
----
-* The C# extractor now accepts an extractor option `logging.verbosity` that specifies the verbosity of the logs. The
-option is added via `codeql database create --language=csharp -Ologging.verbosity=debug ...` or by setting the
-corresponding environment variable `CODEQL_EXTRACTOR_CSHARP_OPTION_LOGGING_VERBOSITY`.

csharp/ql/lib/change-notes/2024-01-26-collection-expression.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* C# 12: Added extractor, QL library and data flow support for collection expressions like `[1, y, 4, .. x]`.

csharp/ql/lib/change-notes/2024-01-31-compilation-expanded-args.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* Added a new database relation to store compiler arguments specified inside `@[...].rsp` file arguments. The arguments
-are returned by `Compilation::getExpandedArgument/1` and `Compilation::getExpandedArguments/0`.

csharp/ql/lib/change-notes/released/0.8.8.md

@@ -0,0 +1,10 @@
+## 0.8.8
+
+### Minor Analysis Improvements
+
+* Added a new database relation to store compiler arguments specified inside `@[...].rsp` file arguments. The arguments
+are returned by `Compilation::getExpandedArgument/1` and `Compilation::getExpandedArguments/0`.
+* C# 12: Added extractor, QL library and data flow support for collection expressions like `[1, y, 4, .. x]`.
+* The C# extractor now accepts an extractor option `logging.verbosity` that specifies the verbosity of the logs. The
+option is added via `codeql database create --language=csharp -Ologging.verbosity=debug ...` or by setting the
+corresponding environment variable `CODEQL_EXTRACTOR_CSHARP_OPTION_LOGGING_VERBOSITY`.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.8.8-dev
+version: 0.8.8
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.8
+
+### Minor Analysis Improvements
+
+* Added string interpolation expressions and `string.Format` as possible sanitizers for the `cs/web/unvalidated-url-redirection` query.
+
 ## 0.8.7
 
 ### Minor Analysis Improvements

csharp/ql/src/change-notes/released/0.8.8.md

@@ -1,4 +1,5 @@
----
+## 0.8.8
-category: minorAnalysis
+
----
+### Minor Analysis Improvements
+
 * Added string interpolation expressions and `string.Format` as possible sanitizers for the `cs/web/unvalidated-url-redirection` query.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.8.8-dev
+version: 0.8.8
 groups:
   - csharp
   - queries

go/ql/consistency-queries/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.7
+
+No user-facing changes.
+
 ## 0.0.6
 
 No user-facing changes.

go/ql/consistency-queries/change-notes/released/0.0.7.md

@@ -0,0 +1,3 @@
+## 0.0.7
+
+No user-facing changes.

go/ql/consistency-queries/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.6
+lastReleaseVersion: 0.0.7

go/ql/consistency-queries/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 0.0.7-dev
+version: 0.0.7
 groups:
   - go
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.8
+
+No user-facing changes.
+
 ## 0.7.7
 
 ### Deprecated APIs

go/ql/lib/change-notes/released/0.7.8.md

@@ -0,0 +1,3 @@
+## 0.7.8
+
+No user-facing changes.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.7
+lastReleaseVersion: 0.7.8

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.7.8-dev
+version: 0.7.8
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.8
+
+No user-facing changes.
+
 ## 0.7.7
 
 ### Minor Analysis Improvements

go/ql/src/change-notes/released/0.7.8.md

@@ -0,0 +1,3 @@
+## 0.7.8
+
+No user-facing changes.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.7
+lastReleaseVersion: 0.7.8

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.7.8-dev
+version: 0.7.8
 groups:
   - go
   - queries

java/ql/automodel/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.14
+
+No user-facing changes.
+
 ## 0.0.13
 
 No user-facing changes.

java/ql/automodel/src/change-notes/released/0.0.14.md

@@ -0,0 +1,3 @@
+## 0.0.14
+
+No user-facing changes.

java/ql/automodel/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.13
+lastReleaseVersion: 0.0.14

java/ql/automodel/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-automodel-queries
-version: 0.0.14-dev
+version: 0.0.14
 groups:
     - java
     - automodel

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 0.8.8
+
+### Minor Analysis Improvements
+
+* Added models for the following packages:
+
+  * com.fasterxml.jackson.databind
+  * javax.servlet
+* Added the `java.util.Date` and `java.util.UUID` classes to the list of types in the `SimpleTypeSanitizer` class in `semmle.code.java.security.Sanitizers`.
+
 ## 0.8.7
 
 ### New Features

java/ql/lib/change-notes/2024-01-24-new-models.md

@@ -1,7 +0,0 @@
----
-category: minorAnalysis
----
-* Added models for the following packages:
-
-  * com.fasterxml.jackson.databind
-  * javax.servlet

java/ql/lib/change-notes/released/0.8.8.md

@@ -1,4 +1,9 @@
----
+## 0.8.8
-category: minorAnalysis
+
----
+### Minor Analysis Improvements
+
+* Added models for the following packages:
+
+  * com.fasterxml.jackson.databind
+  * javax.servlet
 * Added the `java.util.Date` and `java.util.UUID` classes to the list of types in the `SimpleTypeSanitizer` class in `semmle.code.java.security.Sanitizers`.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.8.8-dev
+version: 0.8.8
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.8.8
+
+### New Queries
+
+* Added a new query `java/android/sensitive-text` to detect instances of sensitive data being exposed through text fields without being properly masked. 
+* Added a new query `java/android/sensitive-notification` to detect instances of sensitive data being exposed through Android notifications. 
+
 ## 0.8.7
 
 ### New Queries
@@ -10,10 +17,6 @@
 
 ## 0.8.6
 
-### Deprecated Queries
-
-* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated.
-
 ### New Queries
 
 * Added the `java/insecure-randomness` query to detect uses of weakly random values which an attacker may be able to predict. Also added the `crypto-parameter` sink kind for sinks which represent the parameters and keys of cryptographic operations. 
@@ -24,6 +27,10 @@
 * The query `java/android/missing-certificate-pinning` should no longer alert about requests pointing to the local filesystem.
 * Removed some spurious sinks related to `com.opensymphony.xwork2.TextProvider.getText` from the query `java/ognl-injection`.
 
+### Bug Fixes
+
+* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated.
+
 ## 0.8.5
 
 No user-facing changes.

java/ql/src/change-notes/2024-01-15-android-sensitive-notification-query.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* Added a new query `java/android/sensitive-notification` to detect instances of sensitive data being exposed through Android notifications. 

java/ql/src/change-notes/2024-01-29-android-sensitive-text-field-query.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* Added a new query `java/android/sensitive-text` to detect instances of sensitive data being exposed through text fields without being properly masked. 

java/ql/src/change-notes/released/0.8.8.md

@@ -0,0 +1,6 @@
+## 0.8.8
+
+### New Queries
+
+* Added a new query `java/android/sensitive-text` to detect instances of sensitive data being exposed through text fields without being properly masked. 
+* Added a new query `java/android/sensitive-notification` to detect instances of sensitive data being exposed through Android notifications. 

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.8.8-dev
+version: 0.8.8
 groups:
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.8.8
+
+No user-facing changes.
+
 ## 0.8.7
 
 ### Minor Analysis Improvements

javascript/ql/lib/change-notes/released/0.8.8.md

@@ -0,0 +1,3 @@
+## 0.8.8
+
+No user-facing changes.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.8.8-dev
+version: 0.8.8
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.8.8
+
+No user-facing changes.
+
 ## 0.8.7
 
 ### Minor Analysis Improvements

javascript/ql/src/change-notes/released/0.8.8.md

@@ -0,0 +1,3 @@
+## 0.8.8
+
+No user-facing changes.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.8.8-dev
+version: 0.8.8
 groups:
   - javascript
   - queries

misc/suite-helpers/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.7.8
+
+No user-facing changes.
+
 ## 0.7.7
 
 No user-facing changes.

misc/suite-helpers/change-notes/released/0.7.8.md

@@ -0,0 +1,3 @@
+## 0.7.8
+
+No user-facing changes.

misc/suite-helpers/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.7
+lastReleaseVersion: 0.7.8

misc/suite-helpers/qlpack.yml

@@ -1,4 +1,4 @@
 name: codeql/suite-helpers
-version: 0.7.8-dev
+version: 0.7.8
 groups: shared
 warnOnImplicitThis: true

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 0.11.8
+
+### Minor Analysis Improvements
+
+* Added `html.escape` as a sanitizer for HTML.
+
+### Bug Fixes
+
+* Fixed the `a` (ASCII) inline flag not being recognized by the regular expression library.
+
 ## 0.11.7
 
 ### Minor Analysis Improvements

python/ql/lib/change-notes/2024-01-21-regex-ascii-flag.md

@@ -1,4 +0,0 @@
----
-category: fix
----
-* Fixed the `a` (ASCII) inline flag not being recognized by the regular expression library.

python/ql/lib/change-notes/2024-01-22-html-escape.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Added `html.escape` as a sanitizer for HTML.

python/ql/lib/change-notes/released/0.11.8.md

@@ -0,0 +1,9 @@
+## 0.11.8
+
+### Minor Analysis Improvements
+
+* Added `html.escape` as a sanitizer for HTML.
+
+### Bug Fixes
+
+* Fixed the `a` (ASCII) inline flag not being recognized by the regular expression library.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.11.7
+lastReleaseVersion: 0.11.8

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.11.8-dev
+version: 0.11.8
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.9.8
+
+No user-facing changes.
+
 ## 0.9.7
 
 ### Minor Analysis Improvements

python/ql/src/change-notes/released/0.9.8.md

@@ -0,0 +1,3 @@
+## 0.9.8
+
+No user-facing changes.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.7
+lastReleaseVersion: 0.9.8

python/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.9.8-dev
+version: 0.9.8
 groups:
   - python
   - queries

ruby/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.8.8
+
+### Minor Analysis Improvements
+
+* Flow is now tracked through Rails `render` calls, when the argument is a `ViewComponent`. In this case, data flow is tracked into the accompanying `.html.erb` file.
+
 ## 0.8.7
 
 ### Minor Analysis Improvements

ruby/ql/lib/change-notes/released/0.8.8.md

@@ -1,4 +1,5 @@
----
+## 0.8.8
-category: minorAnalysis
+
----
+### Minor Analysis Improvements
+
 * Flow is now tracked through Rails `render` calls, when the argument is a `ViewComponent`. In this case, data flow is tracked into the accompanying `.html.erb` file.

ruby/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

ruby/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.8.8-dev
+version: 0.8.8
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme

ruby/ql/src/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.8.8
+
+### New Queries
+
+* Added a new experimental query, `rb/insecure-randomness`, to detect when application uses random values that are not cryptographically secure.
+
+### Minor Analysis Improvements
+
+* Added new unsafe deserialization sinks for the ox gem.
+* Added an additional unsafe deserialization sink for the oj gem.
+
 ## 0.8.7
 
 No user-facing changes.

ruby/ql/src/change-notes/2023-12-18-insecure-randomness-query.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* Added a new experimental query, `rb/insecure-randomness`, to detect when application uses random values that are not cryptographically secure.

ruby/ql/src/change-notes/2024-01-30-unsafe-deserialization-sinks.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* Added new unsafe deserialization sinks for the ox gem.
-* Added an additional unsafe deserialization sink for the oj gem.

ruby/ql/src/change-notes/released/0.8.8.md

@@ -0,0 +1,10 @@
+## 0.8.8
+
+### New Queries
+
+* Added a new experimental query, `rb/insecure-randomness`, to detect when application uses random values that are not cryptographically secure.
+
+### Minor Analysis Improvements
+
+* Added new unsafe deserialization sinks for the ox gem.
+* Added an additional unsafe deserialization sink for the oj gem.

ruby/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.7
+lastReleaseVersion: 0.8.8

ruby/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.8.8-dev
+version: 0.8.8
 groups:
   - ruby
   - queries

shared/controlflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.1.8
+
+No user-facing changes.
+
 ## 0.1.7
 
 No user-facing changes.

shared/controlflow/change-notes/released/0.1.8.md

@@ -0,0 +1,3 @@
+## 0.1.8
+
+No user-facing changes.

shared/controlflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.7
+lastReleaseVersion: 0.1.8

shared/controlflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/controlflow
-version: 0.1.8-dev
+version: 0.1.8
 groups: shared
 library: true
 dependencies:

shared/dataflow/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.1.8
+
+No user-facing changes.
+
 ## 0.1.7
 
 No user-facing changes.

shared/dataflow/change-notes/released/0.1.8.md

@@ -0,0 +1,3 @@
+## 0.1.8
+
+No user-facing changes.

shared/dataflow/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.1.7
+lastReleaseVersion: 0.1.8

shared/dataflow/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/dataflow
-version: 0.1.8-dev
+version: 0.1.8
 groups: shared
 library: true
 dependencies: