Release preparation for version 2.12.5

2023-03-16 12:58:50 +00:00 · 2023-03-16 12:58:50 +00:00 · fe4d27e8cc
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@ -1,3 +1,46 @@
+## 0.6.0
+
+### Breaking Changes
+
+* The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
+
+### Deprecated APIs
+
+* The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
+  The new library behaves much more like the dataflow library of other CodeQL supported
+  languages by following use-use dataflow paths instead of def-use dataflow paths.
+  The new library also better supports dataflow through indirections, and new predicates
+  such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
+
+  The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
+  `semmle.code.cpp.dataflow.new.DataFlow` library.
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+* Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
+* Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
+* Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
+* Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
+* Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
+* Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
+* Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
+
 ## 0.5.4

 No user-facing changes.
--- a/cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md
+++ b/cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md
@ -1,4 +0,0 @@
---
-category: breaking
---
-* The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
--- a/cpp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/cpp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@ -1,9 +0,0 @@
---
-category: majorAnalysis
---
-* The main data flow and taint tracking APIs have been changed. The old APIs
-  remain in place for now and translate to the new through a
-  backwards-compatible wrapper. If multiple configurations are in scope
-  simultaneously, then this may affect results slightly. The new API is quite
-  similar to the old, but makes use of a configuration module instead of a
-  configuration class.
--- a/cpp/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/cpp/ql/lib/change-notes/2023-03-03-delete-deps.md
@ -1,12 +0,0 @@
---
-category: minorAnalysis
---
-* Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
-* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
-* Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
-* Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
-* Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
-* Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
-* Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
-* Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
-* Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
--- a/cpp/ql/lib/change-notes/2023-03-08-deprecated-dataflow-configurations.md
+++ b/cpp/ql/lib/change-notes/2023-03-08-deprecated-dataflow-configurations.md
@ -1,4 +0,0 @@
---
-category: deprecated
---
-* The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
--- a/cpp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/cpp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@ -1,4 +0,0 @@
---
-category: feature
---
-* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/cpp/ql/lib/change-notes/2023-03-16-use-use-flow.md
+++ b/cpp/ql/lib/change-notes/2023-03-16-use-use-flow.md
@ -1,11 +0,0 @@
---
-category: majorAnalysis
---
-* A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
-  The new library behaves much more like the dataflow library of other CodeQL supported
-  languages by following use-use dataflow paths instead of def-use dataflow paths.
-  The new library also better supports dataflow through indirections, and new predicates
-  such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
-
-  The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
-  `semmle.code.cpp.dataflow.new.DataFlow` library.
--- a/cpp/ql/lib/change-notes/released/0.6.0.md
+++ b/cpp/ql/lib/change-notes/released/0.6.0.md
@ -0,0 +1,42 @@
+## 0.6.0
+
+### Breaking Changes
+
+* The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.
+
+### Deprecated APIs
+
+* The `WriteConfig` taint tracking configuration has been deprecated. Please use `WriteFlow`.
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* A new C/C++ dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) has been added.
+  The new library behaves much more like the dataflow library of other CodeQL supported
+  languages by following use-use dataflow paths instead of def-use dataflow paths.
+  The new library also better supports dataflow through indirections, and new predicates
+  such as `Node::asIndirectExpr` have been added to facilitate working with indirections.
+
+  The `semmle.code.cpp.ir.dataflow.DataFlow` library is now identical to the new
+  `semmle.code.cpp.dataflow.new.DataFlow` library.
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `hasGeneratedCopyConstructor` and `hasGeneratedCopyAssignmentOperator` predicates from the `Folder` class.
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+* Deleted the deprecated `getMustlockFunction`, `getTrylockFunction`, `getLockFunction`, and `getUnlockFunction` predicates from the `MutexType` class.
+* Deleted the deprecated `getPosInBasicBlock` predicate from the `SubBasicBlock` class.
+* Deleted the deprecated `getExpr` predicate from the `PointerDereferenceExpr` class.
+* Deleted the deprecated `getUseInstruction` and `getDefinitionInstruction` predicates from the `Operand` class.
+* Deleted the deprecated `isInParameter`, `isInParameterPointer`, and `isInQualifier` predicates from the `FunctionInput` class.
+* Deleted the deprecated `isOutParameterPointer`, `isOutQualifier`, `isOutReturnValue`, and `isOutReturnPointer` predicate from the `FunctionOutput` class.
+* Deleted the deprecated 3-argument `isGuardPhi` predicate from the `RangeSsaDefinition` class.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.6.0
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.5.5-dev
+version: 0.6.0
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@ -1,3 +1,10 @@
+## 0.5.5
+
+### Deprecated Queries
+
+* The `NetworkToBufferSizeConfiguration` and `UntrustedDataToExternalApiConfig` dataflow configurations have been deprecated. Please use `NetworkToBufferSizeFlow` and `UntrustedDataToExternalApiFlow`.
+* The `LeapYearCheckConfiguration`, `FiletimeYearArithmeticOperationCheckConfiguration`, and `PossibleYearArithmeticOperationCheckConfiguration` dataflow configurations have been deprecated. Please use `LeapYearCheckFlow`, `FiletimeYearArithmeticOperationCheckFlow` and `PossibleYearArithmeticOperationCheckFlow`.
+
 ## 0.5.4

 No user-facing changes.
--- a/cpp/ql/src/change-notes/2023-03-08-deprecated-dataflow-configurations.md
+++ b/cpp/ql/src/change-notes/2023-03-08-deprecated-dataflow-configurations.md
@ -1,4 +0,0 @@
---
-category: deprecated
---
-* The `NetworkToBufferSizeConfiguration` and `UntrustedDataToExternalApiConfig` dataflow configurations have been deprecated. Please use `NetworkToBufferSizeFlow` and `UntrustedDataToExternalApiFlow`.
--- a/cpp/ql/src/change-notes/2023-03-08-deprecated-leap-year-dataflow-configurations.md
+++ b/cpp/ql/src/change-notes/2023-03-08-deprecated-leap-year-dataflow-configurations.md
@ -1,4 +1,6 @@
---
-category: deprecated
---
+## 0.5.5
+
+### Deprecated Queries
+
+* The `NetworkToBufferSizeConfiguration` and `UntrustedDataToExternalApiConfig` dataflow configurations have been deprecated. Please use `NetworkToBufferSizeFlow` and `UntrustedDataToExternalApiFlow`.
 * The `LeapYearCheckConfiguration`, `FiletimeYearArithmeticOperationCheckConfiguration`, and `PossibleYearArithmeticOperationCheckConfiguration` dataflow configurations have been deprecated. Please use `LeapYearCheckFlow`, `FiletimeYearArithmeticOperationCheckFlow` and `PossibleYearArithmeticOperationCheckFlow`.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - cpp
  - queries
--- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@ -1,3 +1,7 @@
+## 1.4.5
+
+No user-facing changes.
+
 ## 1.4.4

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.4.5.md
+++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.4.5.md
@ -0,0 +1,3 @@
+## 1.4.5
+
+No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.4
+lastReleaseVersion: 1.4.5
--- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.4.5-dev
+version: 1.4.5
 groups:
    - csharp
    - solorigate
--- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@ -1,3 +1,7 @@
+## 1.4.5
+
+No user-facing changes.
+
 ## 1.4.4

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.4.5.md
+++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.4.5.md
@ -0,0 +1,3 @@
+## 1.4.5
+
+No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.4
+lastReleaseVersion: 1.4.5
--- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.4.5-dev
+version: 1.4.5
 groups:
    - csharp
    - solorigate
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@ -1,3 +1,25 @@
+## 0.5.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+* Deleted the deprecated `getAssertionIndex`, and `getAssertedParameter` predicates from the `AssertMethod` class.
+* Deleted the deprecated `OverridableMethod` and `OverridableAccessor` classes.
+* The `unsafe` predicate for `Modifiable` has been extended to cover delegate return types and identify pointer like types at any nest level. This is relevant for `unsafe` declarations extracted from assemblies.
+
 ## 0.5.4

 ### Minor Analysis Improvements
--- a/csharp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/csharp/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@ -1,9 +0,0 @@
---
-category: majorAnalysis
---
-* The main data flow and taint tracking APIs have been changed. The old APIs
-  remain in place for now and translate to the new through a
-  backwards-compatible wrapper. If multiple configurations are in scope
-  simultaneously, then this may affect results slightly. The new API is quite
-  similar to the old, but makes use of a configuration module instead of a
-  configuration class.
--- a/csharp/ql/lib/change-notes/2023-03-02-unsafemembers.md
+++ b/csharp/ql/lib/change-notes/2023-03-02-unsafemembers.md
@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The `unsafe` predicate for `Modifiable` has been extended to cover delegate return types and identify pointer like types at any nest level. This is relevant for `unsafe` declarations extracted from assemblies.
--- a/csharp/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/csharp/ql/lib/change-notes/2023-03-03-delete-deps.md
@ -1,6 +0,0 @@
---
-category: minorAnalysis
---
-* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
-* Deleted the deprecated `getAssertionIndex`, and `getAssertedParameter` predicates from the `AssertMethod` class.
-* Deleted the deprecated `OverridableMethod` and `OverridableAccessor` classes.
--- a/csharp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/csharp/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@ -1,4 +0,0 @@
---
-category: feature
---
-* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/csharp/ql/lib/change-notes/released/0.5.5.md
+++ b/csharp/ql/lib/change-notes/released/0.5.5.md
@ -0,0 +1,21 @@
+## 0.5.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+* Deleted the deprecated `getAssertionIndex`, and `getAssertedParameter` predicates from the `AssertMethod` class.
+* Deleted the deprecated `OverridableMethod` and `OverridableAccessor` classes.
+* The `unsafe` predicate for `Modifiable` has been extended to cover delegate return types and identify pointer like types at any nest level. This is relevant for `unsafe` declarations extracted from assemblies.
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.5.5-dev
+version: 0.5.5
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@ -1,3 +1,7 @@
+## 0.5.5
+
+No user-facing changes.
+
 ## 0.5.4

 No user-facing changes.
--- a/csharp/ql/src/change-notes/released/0.5.5.md
+++ b/csharp/ql/src/change-notes/released/0.5.5.md
@ -0,0 +1,3 @@
+## 0.5.5
+
+No user-facing changes.
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - csharp
  - queries
--- a/go/ql/lib/CHANGELOG.md
+++ b/go/ql/lib/CHANGELOG.md
@ -1,3 +1,18 @@
+## 0.4.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
 ## 0.4.4

 No user-facing changes.
--- a/go/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/go/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@ -1,4 +0,0 @@
---
-category: feature
---
-* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/java/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/java/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@ -1,6 +1,11 @@
---
-category: majorAnalysis
---
+## 0.4.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
--- a/go/ql/lib/codeql-pack.release.yml
+++ b/go/ql/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.4
+lastReleaseVersion: 0.4.5
--- a/go/ql/lib/qlpack.yml
+++ b/go/ql/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.4.5-dev
+version: 0.4.5
 groups: go
 dbscheme: go.dbscheme
 extractor: go
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@ -1,3 +1,7 @@
+## 0.4.5
+
+No user-facing changes.
+
 ## 0.4.4

 ### Minor Analysis Improvements
--- a/go/ql/src/change-notes/released/0.4.5.md
+++ b/go/ql/src/change-notes/released/0.4.5.md
@ -0,0 +1,3 @@
+## 0.4.5
+
+No user-facing changes.
--- a/go/ql/src/codeql-pack.release.yml
+++ b/go/ql/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.4
+lastReleaseVersion: 0.4.5
--- a/go/ql/src/qlpack.yml
+++ b/go/ql/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.4.5-dev
+version: 0.4.5
 groups:
  - go
  - queries
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@ -1,3 +1,34 @@
+## 0.5.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* Removed low-confidence call edges to known neutral call targets from the call graph used in data flow analysis. This includes, for example, custom `List.contains` implementations when the best inferrable type at the call site is simply `List`.
+* Added more sink and summary dataflow models for the following packages:
+  * `java.io`
+  * `java.lang`
+  * `java.sql`
+  * `javafx.scene.web`
+  * `org.apache.commons.compress.archivers.tar`
+  * `org.apache.http.client.utils`
+  * `org.codehaus.cargo.container.installer`
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+* Deleted the deprecated `getRepresentedString` predicate from the `StringLiteral` class.
+* Deleted the deprecated `ServletWriterSource` class.
+* Deleted the deprecated `getGroupID`, `getArtefactID`, and `artefactMatches` predicates from the `MavenRepoJar` class.
+
 ## 0.5.4

 ### Minor Analysis Improvements
--- a/java/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/java/ql/lib/change-notes/2023-03-03-delete-deps.md
@ -1,7 +0,0 @@
---
-category: minorAnalysis
---
-* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
-* Deleted the deprecated `getRepresentedString` predicate from the `StringLiteral` class.
-* Deleted the deprecated `ServletWriterSource` class.
-* Deleted the deprecated `getGroupID`, `getArtefactID`, and `artefactMatches` predicates from the `MavenRepoJar` class.
--- a/java/ql/lib/change-notes/2023-03-09-more-models.md
+++ b/java/ql/lib/change-notes/2023-03-09-more-models.md
@ -1,11 +0,0 @@
---
-category: majorAnalysis
---
-* Added more sink and summary dataflow models for the following packages:
-  * `java.io`
-  * `java.lang`
-  * `java.sql`
-  * `javafx.scene.web`
-  * `org.apache.commons.compress.archivers.tar`
-  * `org.apache.http.client.utils`
-  * `org.codehaus.cargo.container.installer`
--- a/java/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/java/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@ -1,4 +0,0 @@
---
-category: feature
---
-* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/java/ql/lib/change-notes/2023-03-14-neutral-dispatch.md
+++ b/java/ql/lib/change-notes/2023-03-14-neutral-dispatch.md
@ -1,4 +0,0 @@
---
-category: majorAnalysis
---
-* Removed low-confidence call edges to known neutral call targets from the call graph used in data flow analysis. This includes, for example, custom `List.contains` implementations when the best inferrable type at the call site is simply `List`.
--- a/java/ql/lib/change-notes/released/0.5.5.md
+++ b/java/ql/lib/change-notes/released/0.5.5.md
@ -0,0 +1,30 @@
+## 0.5.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* Removed low-confidence call edges to known neutral call targets from the call graph used in data flow analysis. This includes, for example, custom `List.contains` implementations when the best inferrable type at the call site is simply `List`.
+* Added more sink and summary dataflow models for the following packages:
+  * `java.io`
+  * `java.lang`
+  * `java.sql`
+  * `javafx.scene.web`
+  * `org.apache.commons.compress.archivers.tar`
+  * `org.apache.http.client.utils`
+  * `org.codehaus.cargo.container.installer`
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+* Deleted the deprecated `getRepresentedString` predicate from the `StringLiteral` class.
+* Deleted the deprecated `ServletWriterSource` class.
+* Deleted the deprecated `getGroupID`, `getArtefactID`, and `artefactMatches` predicates from the `MavenRepoJar` class.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.5.5-dev
+version: 0.5.5
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@ -1,3 +1,9 @@
+## 0.5.5
+
+### New Queries
+
+* Added a new query, `java/android/arbitrary-apk-installation`, to detect installation of APKs from untrusted sources.
+
 ## 0.5.4

 No user-facing changes.
--- a/java/ql/src/change-notes/2023-01-19-arbitrary-apk-installation.md
+++ b/java/ql/src/change-notes/2023-01-19-arbitrary-apk-installation.md
@ -1,5 +1,5 @@
---
-category: newQuery
---
-* Added a new query, `java/android/arbitrary-apk-installation`, to detect installation of APKs from untrusted sources.
+## 0.5.5

+### New Queries
+
+* Added a new query, `java/android/arbitrary-apk-installation`, to detect installation of APKs from untrusted sources.
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - java
  - queries
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@ -1,3 +1,15 @@
+## 0.5.1
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+* Deleted the deprecated `getId` from the `Function`, `NamespaceDefinition`, and `ImportEqualsDeclaration` classes.
+* Deleted the deprecated `flowsTo` predicate from the `HTTP::Servers::RequestSource` and `HTTP::Servers::ResponseSource` class.
+* Deleted the deprecated `getEventName` predicate from the `SocketIO::ReceiveNode`, `SocketIO::SendNode`, `SocketIOClient::SendNode` classes.
+* Deleted the deprecated `RateLimitedRouteHandlerExpr` and `RouteHandlerExpressionWithRateLimiter` classes.
+* [Import assertions](https://github.com/tc39/proposal-import-assertions) are now supported.
+  Previously this feature was only supported in TypeScript code, but is now supported for plain JavaScript as well and is also accessible in the AST.
+
 ## 0.5.0

 ### Breaking Changes
--- a/javascript/ql/lib/change-notes/2023-03-03-import-assertion.md
+++ b/javascript/ql/lib/change-notes/2023-03-03-import-assertion.md
@ -1,5 +0,0 @@
---
-category: minorAnalysis
---
-* [Import assertions](https://github.com/tc39/proposal-import-assertions) are now supported.
-  Previously this feature was only supported in TypeScript code, but is now supported for plain JavaScript as well and is also accessible in the AST.
--- a/javascript/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/javascript/ql/lib/change-notes/2023-03-03-delete-deps.md
@ -1,8 +1,11 @@
---
-category: minorAnalysis
---
+## 0.5.1
+
+### Minor Analysis Improvements
+
 * Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
 * Deleted the deprecated `getId` from the `Function`, `NamespaceDefinition`, and `ImportEqualsDeclaration` classes.
 * Deleted the deprecated `flowsTo` predicate from the `HTTP::Servers::RequestSource` and `HTTP::Servers::ResponseSource` class.
 * Deleted the deprecated `getEventName` predicate from the `SocketIO::ReceiveNode`, `SocketIO::SendNode`, `SocketIOClient::SendNode` classes.
-* Deleted the deprecated `RateLimitedRouteHandlerExpr` and `RouteHandlerExpressionWithRateLimiter` classes.
+* Deleted the deprecated `RateLimitedRouteHandlerExpr` and `RouteHandlerExpressionWithRateLimiter` classes.
+* [Import assertions](https://github.com/tc39/proposal-import-assertions) are now supported.
+  Previously this feature was only supported in TypeScript code, but is now supported for plain JavaScript as well and is also accessible in the AST.
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.0
+lastReleaseVersion: 0.5.1
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.5.1-dev
+version: 0.5.1
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@ -1,3 +1,11 @@
+## 0.5.5
+
+### Minor Analysis Improvements
+
+* The following queries now recognize HTML sanitizers as propagating taint: `js/sql-injection`,
+  `js/path-injection`, `js/server-side-unvalidated-url-redirection`, `js/client-side-unvalidated-url-redirection`,
+  and `js/request-forgery`.
+
 ## 0.5.4

 ### Minor Analysis Improvements
--- a/javascript/ql/src/change-notes/2023-03-07-html-sanitizer-for-sql.md
+++ b/javascript/ql/src/change-notes/2023-03-07-html-sanitizer-for-sql.md
@ -1,6 +1,7 @@
---
-category: minorAnalysis
---
+## 0.5.5
+
+### Minor Analysis Improvements
+
 * The following queries now recognize HTML sanitizers as propagating taint: `js/sql-injection`,
  `js/path-injection`, `js/server-side-unvalidated-url-redirection`, `js/client-side-unvalidated-url-redirection`,
  and `js/request-forgery`.
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - javascript
  - queries
--- a/misc/suite-helpers/CHANGELOG.md
+++ b/misc/suite-helpers/CHANGELOG.md
@ -1,3 +1,7 @@
+## 0.4.5
+
+No user-facing changes.
+
 ## 0.4.4

 No user-facing changes.
--- a/misc/suite-helpers/change-notes/released/0.4.5.md
+++ b/misc/suite-helpers/change-notes/released/0.4.5.md
@ -0,0 +1,3 @@
+## 0.4.5
+
+No user-facing changes.
--- a/misc/suite-helpers/codeql-pack.release.yml
+++ b/misc/suite-helpers/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.4
+lastReleaseVersion: 0.4.5
--- a/misc/suite-helpers/qlpack.yml
+++ b/misc/suite-helpers/qlpack.yml
@ -1,3 +1,3 @@
 name: codeql/suite-helpers
-version: 0.4.5-dev
+version: 0.4.5
 groups: shared
--- a/python/ql/lib/CHANGELOG.md
+++ b/python/ql/lib/CHANGELOG.md
@ -1,3 +1,22 @@
+## 0.8.2
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
+
 ## 0.8.1

 ### Major Analysis Improvements
--- a/python/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/python/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@ -1,9 +0,0 @@
---
-category: majorAnalysis
---
-* The main data flow and taint tracking APIs have been changed. The old APIs
-  remain in place for now and translate to the new through a
-  backwards-compatible wrapper. If multiple configurations are in scope
-  simultaneously, then this may affect results slightly. The new API is quite
-  similar to the old, but makes use of a configuration module instead of a
-  configuration class.
--- a/python/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/python/ql/lib/change-notes/2023-03-03-delete-deps.md
@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
--- a/python/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/python/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@ -1,4 +0,0 @@
---
-category: feature
---
-* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/go/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/go/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@ -1,9 +1,18 @@
---
-category: majorAnalysis
---
+## 0.8.2
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
 * The main data flow and taint tracking APIs have been changed. The old APIs
  remain in place for now and translate to the new through a
  backwards-compatible wrapper. If multiple configurations are in scope
  simultaneously, then this may affect results slightly. The new API is quite
  similar to the old, but makes use of a configuration module instead of a
  configuration class.
+
+### Minor Analysis Improvements
+
+* Deleted the deprecated `getPath` and `getFolder` predicates from the `XmlFile` class.
--- a/python/ql/lib/codeql-pack.release.yml
+++ b/python/ql/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.1
+lastReleaseVersion: 0.8.2
--- a/python/ql/lib/qlpack.yml
+++ b/python/ql/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.8.2-dev
+version: 0.8.2
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python
--- a/python/ql/src/CHANGELOG.md
+++ b/python/ql/src/CHANGELOG.md
@ -1,3 +1,9 @@
+## 0.6.5
+
+### New Queries
+
+* Added a new query, `py/shell-command-constructed-from-input`, to detect libraries that unsafely construct shell commands from their inputs.
+
 ## 0.6.4

 No user-facing changes.
--- a/python/ql/src/change-notes/2023-02-03-unsafe-shell-command-construction.md
+++ b/python/ql/src/change-notes/2023-02-03-unsafe-shell-command-construction.md
@ -1,4 +1,5 @@
---
-category: newQuery
---
+## 0.6.5
+
+### New Queries
+
 * Added a new query, `py/shell-command-constructed-from-input`, to detect libraries that unsafely construct shell commands from their inputs.
--- a/python/ql/src/codeql-pack.release.yml
+++ b/python/ql/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.4
+lastReleaseVersion: 0.6.5
--- a/python/ql/src/qlpack.yml
+++ b/python/ql/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.6.5-dev
+version: 0.6.5
 groups: 
  - python
  - queries
--- a/ruby/ql/lib/CHANGELOG.md
+++ b/ruby/ql/lib/CHANGELOG.md
@ -1,3 +1,29 @@
+## 0.5.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Data flow through `initialize` methods is now taken into account also when the receiver of a `new` call is an (implicit or explicit) `self`.
+* The Active Record query methods `reorder` and `count_by_sql` are now recognised as SQL executions.
+* Calls to `ActiveRecord::Connection#execute`, including those via subclasses, are now recognised as SQL executions.
+* Data flow through `ActionController::Parameters#require` is now tracked properly.
+* The severity of parse errors was reduced to warning (previously error). 
+* Deleted the deprecated `getQualifiedName` predicate from the `ConstantWriteAccess` class.
+* Deleted the deprecated `getWhenBranch` and `getAWhenBranch` predicates from the `CaseExpr` class.
+* Deleted the deprecated `Self`, `PatternParameter`, `Pattern`, `VariablePattern`, `TuplePattern`, and `TuplePatternParameter` classes.
+
 ## 0.5.4

 ### Minor Analysis Improvements
--- a/ruby/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
+++ b/ruby/ql/lib/change-notes/2023-03-02-dataflow-conf-module.md
@ -1,9 +0,0 @@
---
-category: majorAnalysis
---
-* The main data flow and taint tracking APIs have been changed. The old APIs
-  remain in place for now and translate to the new through a
-  backwards-compatible wrapper. If multiple configurations are in scope
-  simultaneously, then this may affect results slightly. The new API is quite
-  similar to the old, but makes use of a configuration module instead of a
-  configuration class.
--- a/ruby/ql/lib/change-notes/2023-03-03-delete-deps.md
+++ b/ruby/ql/lib/change-notes/2023-03-03-delete-deps.md
@ -1,6 +0,0 @@
---
-category: minorAnalysis
---
-* Deleted the deprecated `getQualifiedName` predicate from the `ConstantWriteAccess` class.
-* Deleted the deprecated `getWhenBranch` and `getAWhenBranch` predicates from the `CaseExpr` class.
-* Deleted the deprecated `Self`, `PatternParameter`, `Pattern`, `VariablePattern`, `TuplePattern`, and `TuplePatternParameter` classes.
--- a/ruby/ql/lib/change-notes/2023-03-09-parse-error.md
+++ b/ruby/ql/lib/change-notes/2023-03-09-parse-error.md
@ -1,4 +0,0 @@
---
- category: minorAnalysis
---
-* The severity of parse errors was reduced to warning (previously error). 
--- a/ruby/ql/lib/change-notes/2023-03-13-initalize-flow.md
+++ b/ruby/ql/lib/change-notes/2023-03-13-initalize-flow.md
@ -1,4 +0,0 @@
---
- category: minorAnalysis
---
-* Data flow through `initialize` methods is now taken into account also when the receiver of a `new` call is an (implicit or explicit) `self`.
--- a/ruby/ql/lib/change-notes/2023-03-13-mergepathgraph.md
+++ b/ruby/ql/lib/change-notes/2023-03-13-mergepathgraph.md
@ -1,4 +0,0 @@
---
-category: feature
---
-* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
--- a/ruby/ql/lib/change-notes/2023-03-13-rails-sinks.md
+++ b/ruby/ql/lib/change-notes/2023-03-13-rails-sinks.md
@ -1,6 +0,0 @@
---
- category: minorAnalysis
---
-* The Active Record query methods `reorder` and `count_by_sql` are now recognised as SQL executions.
-* Calls to `ActiveRecord::Connection#execute`, including those via subclasses, are now recognised as SQL executions.
-* Data flow through `ActionController::Parameters#require` is now tracked properly.
--- a/ruby/ql/lib/change-notes/released/0.5.5.md
+++ b/ruby/ql/lib/change-notes/released/0.5.5.md
@ -0,0 +1,25 @@
+## 0.5.5
+
+### New Features
+
+* Added support for merging two `PathGraph`s via disjoint union to allow results from multiple data flow computations in a single `path-problem` query.
+
+### Major Analysis Improvements
+
+* The main data flow and taint tracking APIs have been changed. The old APIs
+  remain in place for now and translate to the new through a
+  backwards-compatible wrapper. If multiple configurations are in scope
+  simultaneously, then this may affect results slightly. The new API is quite
+  similar to the old, but makes use of a configuration module instead of a
+  configuration class.
+
+### Minor Analysis Improvements
+
+* Data flow through `initialize` methods is now taken into account also when the receiver of a `new` call is an (implicit or explicit) `self`.
+* The Active Record query methods `reorder` and `count_by_sql` are now recognised as SQL executions.
+* Calls to `ActiveRecord::Connection#execute`, including those via subclasses, are now recognised as SQL executions.
+* Data flow through `ActionController::Parameters#require` is now tracked properly.
+* The severity of parse errors was reduced to warning (previously error). 
+* Deleted the deprecated `getQualifiedName` predicate from the `ConstantWriteAccess` class.
+* Deleted the deprecated `getWhenBranch` and `getAWhenBranch` predicates from the `CaseExpr` class.
+* Deleted the deprecated `Self`, `PatternParameter`, `Pattern`, `VariablePattern`, `TuplePattern`, and `TuplePatternParameter` classes.
--- a/ruby/ql/lib/codeql-pack.release.yml
+++ b/ruby/ql/lib/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/ruby/ql/lib/qlpack.yml
+++ b/ruby/ql/lib/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.5.5-dev
+version: 0.5.5
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme
--- a/ruby/ql/src/CHANGELOG.md
+++ b/ruby/ql/src/CHANGELOG.md
@ -1,3 +1,9 @@
+## 0.5.5
+
+### New Queries
+
+* Added a new query, `rb/zip-slip`, to detect arbitrary file writes during extraction of zip/tar archives.
+
 ## 0.5.4

 No user-facing changes.
--- a/ruby/ql/src/change-notes/2023-02-17-zip-slip-query.md
+++ b/ruby/ql/src/change-notes/2023-02-17-zip-slip-query.md
@ -1,4 +0,0 @@
---
-category: newQuery
---
-* Added a new query, `rb/zip-slip`, to detect arbitrary file writes during extraction of zip/tar archives.
--- a/ruby/ql/src/change-notes/released/0.5.5.md
+++ b/ruby/ql/src/change-notes/released/0.5.5.md
@ -0,0 +1,5 @@
+## 0.5.5
+
+### New Queries
+
+* Added a new query, `rb/zip-slip`, to detect arbitrary file writes during extraction of zip/tar archives.
--- a/ruby/ql/src/codeql-pack.release.yml
+++ b/ruby/ql/src/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.4
+lastReleaseVersion: 0.5.5
--- a/ruby/ql/src/qlpack.yml
+++ b/ruby/ql/src/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.5.5-dev
+version: 0.5.5
 groups: 
  - ruby
  - queries
--- a/shared/regex/CHANGELOG.md
+++ b/shared/regex/CHANGELOG.md
@ -1,3 +1,7 @@
+## 0.0.9
+
+No user-facing changes.
+
 ## 0.0.8

 No user-facing changes.
--- a/shared/regex/change-notes/released/0.0.9.md
+++ b/shared/regex/change-notes/released/0.0.9.md
@ -0,0 +1,3 @@
+## 0.0.9
+
+No user-facing changes.
--- a/shared/regex/codeql-pack.release.yml
+++ b/shared/regex/codeql-pack.release.yml
@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.8
+lastReleaseVersion: 0.0.9
--- a/shared/regex/qlpack.yml
+++ b/shared/regex/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/regex
-version: 0.0.9-dev
+version: 0.0.9
 groups: shared
 library: true
 dependencies:
--- a/shared/ssa/CHANGELOG.md
+++ b/shared/ssa/CHANGELOG.md
@ -1,3 +1,7 @@
+## 0.0.13
+
+No user-facing changes.
+
 ## 0.0.12

 No user-facing changes.
--- a/Показать больше
+++ b/Показать больше