From a6c8cc955143f43455d916c1f1aa0811787539fa Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 8 Jan 2024 13:11:26 +0000 Subject: [PATCH 1/6] Release preparation for version 2.16.0 --- cpp/ql/lib/CHANGELOG.md | 21 +++++++++++ .../2022-11-21-ir-guards-replacement.md | 4 --- ...23-11-25-default-taint-tracking-removal.md | 4 --- .../change-notes/2023-11-30-as-definition.md | 4 --- .../2023-12-08-ususerinput-deprecation.md | 4 --- .../2023-12-14-dataflow-tostring.md | 4 --- .../2023-12-22-unique-function.md | 4 --- .../change-notes/2024-01-02-function-types.md | 4 --- cpp/ql/lib/change-notes/released/0.12.3.md | 20 +++++++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 11 ++++++ .../2023-12-04-incorrectly-checked-scanf.md | 4 --- ...e-of-unique-pointer-after-lifetime-ends.md | 4 --- .../2023-12-15-badly-bounded-write.md | 4 --- cpp/ql/src/change-notes/released/0.9.2.md | 10 ++++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 +++ .../lib/change-notes/released/1.7.6.md | 3 ++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 +++ .../src/change-notes/released/1.7.6.md | 3 ++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 8 +++++ .../2023-06-22-aws-lambda-models.md | 4 --- .../2023-12-20-arg-param-mapping.md | 5 --- .../0.8.6.md} | 10 +++--- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 7 ++++ .../2023-11-29-url-redirect-false-positive.md | 4 --- .../2024-01-03-logforging-false-positive.md | 4 --- csharp/ql/src/change-notes/released/0.8.6.md | 6 ++++ csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 +++ .../change-notes/released/0.0.5.md | 3 ++ .../codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 8 +++++ ...ind-more-callees-for-captured-functions.md | 4 --- ...2023-12-22-minor-analysis-xpath-libxml2.md | 4 --- .../2024-01-02-go-successfully-extracted.md | 4 --- go/ql/lib/change-notes/released/0.7.6.md | 7 ++++ go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 6 ++++ .../0.7.6.md} | 7 ++-- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 +++ .../src/change-notes/released/0.0.12.md | 3 ++ java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 35 +++++++++++++++++++ .../lib/change-notes/2023-10-24-new-models.md | 12 ------- .../lib/change-notes/2023-10-31-new-models.md | 16 --------- .../2023-11-29-new-spring-models.md | 5 --- .../2023-12-05-kotlin-array-get-set.md | 4 --- ...cate-reexport-of-old-dataflow-libraries.md | 4 --- ...12-19-add-replace-methods-to-mapmutator.md | 4 --- java/ql/lib/change-notes/released/0.8.6.md | 34 ++++++++++++++++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 16 +++++++++ .../2023-11-08-weak-randomness-query.md | 5 --- ...2-android-certificate-pinning-precision.md | 4 --- .../2023-12-12-ognl-invalid-sinks.md | 4 --- .../2023-12-14-flowstatestring-deprecated.md | 4 --- ...ographic-algorithm-from-properties-file.md | 4 --- java/ql/src/change-notes/released/0.8.6.md | 15 ++++++++ java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 +++ .../ql/lib/change-notes/released/0.8.6.md | 3 ++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 +++ .../ql/src/change-notes/released/0.8.6.md | 3 ++ javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 +++ .../change-notes/released/0.7.6.md | 3 ++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 16 +++++++++ ...0-remove-essa-nodes-from-dataflow-graph.md | 5 --- .../2023-11-21-new-type-tracking-lib.md | 4 --- .../2023-12-08-automated-subclass-models.md | 4 --- .../2023-12-18-support-variable-capture.md | 4 --- ...-12-20-add-scope-entry-definition-nodes.md | 5 --- python/ql/lib/change-notes/released/0.11.6.md | 15 ++++++++ python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 4 +++ python/ql/src/change-notes/released/0.9.6.md | 3 ++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 8 +++++ .../2023-11-21-new-type-tracking-lib.md | 4 --- .../0.8.6.md} | 8 +++-- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 +++ ruby/ql/src/change-notes/released/0.8.6.md | 3 ++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 +++ .../change-notes/released/0.1.6.md | 3 ++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 6 ++++ .../0.1.6.md} | 7 ++-- shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 +++ shared/mad/change-notes/released/0.2.6.md | 3 ++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 +++ .../change-notes/released/0.0.5.md | 3 ++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 +++ shared/regex/change-notes/released/0.2.6.md | 3 ++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 +++ shared/ssa/change-notes/released/0.2.6.md | 3 ++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 +++ .../change-notes/released/0.0.5.md | 3 ++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 +++ .../tutorial/change-notes/released/0.2.6.md | 3 ++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 +++ .../change-notes/released/0.2.6.md | 3 ++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 +++ shared/typos/change-notes/released/0.2.6.md | 3 ++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 +++ shared/util/change-notes/released/0.2.6.md | 3 ++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 +++ shared/yaml/change-notes/released/0.2.6.md | 3 ++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 11 ++++++ .../change-notes/2023-10-24-pattern-types.md | 5 --- .../ql/lib/change-notes/2023-11-27-append.md | 4 --- .../ql/lib/change-notes/2023-12-05-seckey.md | 4 --- .../change-notes/2023-12-07-closure-models.md | 5 --- .../change-notes/2023-12-08-pointermodels.md | 4 --- swift/ql/lib/change-notes/released/0.3.6.md | 10 ++++++ swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 6 ++++ .../0.3.6.md} | 6 ++-- swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 171 files changed, 504 insertions(+), 265 deletions(-) delete mode 100644 cpp/ql/lib/change-notes/2022-11-21-ir-guards-replacement.md delete mode 100644 cpp/ql/lib/change-notes/2023-11-25-default-taint-tracking-removal.md delete mode 100644 cpp/ql/lib/change-notes/2023-11-30-as-definition.md delete mode 100644 cpp/ql/lib/change-notes/2023-12-08-ususerinput-deprecation.md delete mode 100644 cpp/ql/lib/change-notes/2023-12-14-dataflow-tostring.md delete mode 100644 cpp/ql/lib/change-notes/2023-12-22-unique-function.md delete mode 100644 cpp/ql/lib/change-notes/2024-01-02-function-types.md create mode 100644 cpp/ql/lib/change-notes/released/0.12.3.md delete mode 100644 cpp/ql/src/change-notes/2023-12-04-incorrectly-checked-scanf.md delete mode 100644 cpp/ql/src/change-notes/2023-12-12-use-of-unique-pointer-after-lifetime-ends.md delete mode 100644 cpp/ql/src/change-notes/2023-12-15-badly-bounded-write.md create mode 100644 cpp/ql/src/change-notes/released/0.9.2.md create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.6.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.6.md delete mode 100644 csharp/ql/lib/change-notes/2023-06-22-aws-lambda-models.md delete mode 100644 csharp/ql/lib/change-notes/2023-12-20-arg-param-mapping.md rename csharp/ql/lib/change-notes/{2023-12-07-stringbuilder.md => released/0.8.6.md} (60%) delete mode 100644 csharp/ql/src/change-notes/2023-11-29-url-redirect-false-positive.md delete mode 100644 csharp/ql/src/change-notes/2024-01-03-logforging-false-positive.md create mode 100644 csharp/ql/src/change-notes/released/0.8.6.md create mode 100644 go/ql/consistency-queries/change-notes/released/0.0.5.md delete mode 100644 go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md delete mode 100644 go/ql/lib/change-notes/2023-12-22-minor-analysis-xpath-libxml2.md delete mode 100644 go/ql/lib/change-notes/2024-01-02-go-successfully-extracted.md create mode 100644 go/ql/lib/change-notes/released/0.7.6.md rename go/ql/src/change-notes/{2023-12-17-incorrect-integer-conversion-fix.md => released/0.7.6.md} (86%) create mode 100644 java/ql/automodel/src/change-notes/released/0.0.12.md delete mode 100644 java/ql/lib/change-notes/2023-10-24-new-models.md delete mode 100644 java/ql/lib/change-notes/2023-10-31-new-models.md delete mode 100644 java/ql/lib/change-notes/2023-11-29-new-spring-models.md delete mode 100644 java/ql/lib/change-notes/2023-12-05-kotlin-array-get-set.md delete mode 100644 java/ql/lib/change-notes/2023-12-08-deprecate-reexport-of-old-dataflow-libraries.md delete mode 100644 java/ql/lib/change-notes/2023-12-19-add-replace-methods-to-mapmutator.md create mode 100644 java/ql/lib/change-notes/released/0.8.6.md delete mode 100644 java/ql/src/change-notes/2023-11-08-weak-randomness-query.md delete mode 100644 java/ql/src/change-notes/2023-12-12-android-certificate-pinning-precision.md delete mode 100644 java/ql/src/change-notes/2023-12-12-ognl-invalid-sinks.md delete mode 100644 java/ql/src/change-notes/2023-12-14-flowstatestring-deprecated.md delete mode 100644 java/ql/src/change-notes/2023-12-15-weak-cryptographic-algorithm-from-properties-file.md create mode 100644 java/ql/src/change-notes/released/0.8.6.md create mode 100644 javascript/ql/lib/change-notes/released/0.8.6.md create mode 100644 javascript/ql/src/change-notes/released/0.8.6.md create mode 100644 misc/suite-helpers/change-notes/released/0.7.6.md delete mode 100644 python/ql/lib/change-notes/2023-11-20-remove-essa-nodes-from-dataflow-graph.md delete mode 100644 python/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md delete mode 100644 python/ql/lib/change-notes/2023-12-08-automated-subclass-models.md delete mode 100644 python/ql/lib/change-notes/2023-12-18-support-variable-capture.md delete mode 100644 python/ql/lib/change-notes/2023-12-20-add-scope-entry-definition-nodes.md create mode 100644 python/ql/lib/change-notes/released/0.11.6.md create mode 100644 python/ql/src/change-notes/released/0.9.6.md delete mode 100644 ruby/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md rename ruby/ql/lib/change-notes/{2024-01-05-division-newline.md => released/0.8.6.md} (59%) create mode 100644 ruby/ql/src/change-notes/released/0.8.6.md create mode 100644 shared/controlflow/change-notes/released/0.1.6.md rename shared/dataflow/change-notes/{2023-12-08-dataflow-old-api-deprecated.md => released/0.1.6.md} (88%) create mode 100644 shared/mad/change-notes/released/0.2.6.md create mode 100644 shared/rangeanalysis/change-notes/released/0.0.5.md create mode 100644 shared/regex/change-notes/released/0.2.6.md create mode 100644 shared/ssa/change-notes/released/0.2.6.md create mode 100644 shared/threat-models/change-notes/released/0.0.5.md create mode 100644 shared/tutorial/change-notes/released/0.2.6.md create mode 100644 shared/typetracking/change-notes/released/0.2.6.md create mode 100644 shared/typos/change-notes/released/0.2.6.md create mode 100644 shared/util/change-notes/released/0.2.6.md create mode 100644 shared/yaml/change-notes/released/0.2.6.md delete mode 100644 swift/ql/lib/change-notes/2023-10-24-pattern-types.md delete mode 100644 swift/ql/lib/change-notes/2023-11-27-append.md delete mode 100644 swift/ql/lib/change-notes/2023-12-05-seckey.md delete mode 100644 swift/ql/lib/change-notes/2023-12-07-closure-models.md delete mode 100644 swift/ql/lib/change-notes/2023-12-08-pointermodels.md create mode 100644 swift/ql/lib/change-notes/released/0.3.6.md rename swift/ql/src/change-notes/{2023-11-20-cleartext-logging.md => released/0.3.6.md} (80%) diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 1466e7ce645a..e3a13b1d5183 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,24 @@ +## 0.12.3 + +### Deprecated APIs + +* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead. + +### New Features + +* `UserDefineLiteral` and `DeductionGuide` classes have been added, representing C++11 user defined literals and C++17 deduction guides. + +### Minor Analysis Improvements + +* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has. +* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition. +* The deprecated `DefaultTaintTracking` library has been removed. +* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases. + +### Bug Fixes + +* Under certain circumstances a function declaration that is not also a definition could be associated with a `Function` that did not have the definition as a `FunctionDeclarationEntry`. This is now fixed when only one definition exists, and a unique `Function` will exist that has both the declaration and the definition as a `FunctionDeclarationEntry`. + ## 0.12.2 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2022-11-21-ir-guards-replacement.md b/cpp/ql/lib/change-notes/2022-11-21-ir-guards-replacement.md deleted file mode 100644 index aa924c2a497e..000000000000 --- a/cpp/ql/lib/change-notes/2022-11-21-ir-guards-replacement.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2023-11-25-default-taint-tracking-removal.md b/cpp/ql/lib/change-notes/2023-11-25-default-taint-tracking-removal.md deleted file mode 100644 index b5ff6a11d0d2..000000000000 --- a/cpp/ql/lib/change-notes/2023-11-25-default-taint-tracking-removal.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The deprecated `DefaultTaintTracking` library has been removed. diff --git a/cpp/ql/lib/change-notes/2023-11-30-as-definition.md b/cpp/ql/lib/change-notes/2023-11-30-as-definition.md deleted file mode 100644 index 0362929ca7f3..000000000000 --- a/cpp/ql/lib/change-notes/2023-11-30-as-definition.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition. diff --git a/cpp/ql/lib/change-notes/2023-12-08-ususerinput-deprecation.md b/cpp/ql/lib/change-notes/2023-12-08-ususerinput-deprecation.md deleted file mode 100644 index 89b7a9007c54..000000000000 --- a/cpp/ql/lib/change-notes/2023-12-08-ususerinput-deprecation.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead. diff --git a/cpp/ql/lib/change-notes/2023-12-14-dataflow-tostring.md b/cpp/ql/lib/change-notes/2023-12-14-dataflow-tostring.md deleted file mode 100644 index 94380c96ed12..000000000000 --- a/cpp/ql/lib/change-notes/2023-12-14-dataflow-tostring.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has. diff --git a/cpp/ql/lib/change-notes/2023-12-22-unique-function.md b/cpp/ql/lib/change-notes/2023-12-22-unique-function.md deleted file mode 100644 index bd5d84132abf..000000000000 --- a/cpp/ql/lib/change-notes/2023-12-22-unique-function.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Under certain circumstances a function declaration that is not also a definition could be associated with a `Function` that did not have the definition as a `FunctionDeclarationEntry`. This is now fixed when only one definition exists, and a unique `Function` will exist that has both the declaration and the definition as a `FunctionDeclarationEntry`. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-01-02-function-types.md b/cpp/ql/lib/change-notes/2024-01-02-function-types.md deleted file mode 100644 index 9ff5e582ae88..000000000000 --- a/cpp/ql/lib/change-notes/2024-01-02-function-types.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* `UserDefineLiteral` and `DeductionGuide` classes have been added, representing C++11 user defined literals and C++17 deduction guides. diff --git a/cpp/ql/lib/change-notes/released/0.12.3.md b/cpp/ql/lib/change-notes/released/0.12.3.md new file mode 100644 index 000000000000..6ae4af94795e --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.12.3.md @@ -0,0 +1,20 @@ +## 0.12.3 + +### Deprecated APIs + +* The `isUserInput`, `userInputArgument`, and `userInputReturned` predicates from `SecurityOptions` have been deprecated. Use `FlowSource` instead. + +### New Features + +* `UserDefineLiteral` and `DeductionGuide` classes have been added, representing C++11 user defined literals and C++17 deduction guides. + +### Minor Analysis Improvements + +* Changed the output of `Node.toString` to better reflect how many indirections a given dataflow node has. +* Added a new predicate `Node.asDefinition` on `DataFlow::Node`s for selecting the dataflow node corresponding to a particular definition. +* The deprecated `DefaultTaintTracking` library has been removed. +* The `Guards` library has been replaced with the API-compatible `IRGuards` implementation, which has better precision in some cases. + +### Bug Fixes + +* Under certain circumstances a function declaration that is not also a definition could be associated with a `Function` that did not have the definition as a `FunctionDeclarationEntry`. This is now fixed when only one definition exists, and a unique `Function` will exist that has both the declaration and the definition as a `FunctionDeclarationEntry`. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 8baa46a61508..65578a5162ee 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.12.2 +lastReleaseVersion: 0.12.3 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 1a1f2d1c7c78..8018ba065e31 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.3-dev +version: 0.12.3 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index e1485b436761..9c287ddfae82 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.9.2 + +### New Queries + +* Added a new query, `cpp/use-of-unique-pointer-after-lifetime-ends`, to detect uses of the contents unique pointers that will be destroyed immediately. +* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there. + +### Minor Analysis Improvements + +* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur. + ## 0.9.1 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2023-12-04-incorrectly-checked-scanf.md b/cpp/ql/src/change-notes/2023-12-04-incorrectly-checked-scanf.md deleted file mode 100644 index 3bebd2dff46d..000000000000 --- a/cpp/ql/src/change-notes/2023-12-04-incorrectly-checked-scanf.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there. diff --git a/cpp/ql/src/change-notes/2023-12-12-use-of-unique-pointer-after-lifetime-ends.md b/cpp/ql/src/change-notes/2023-12-12-use-of-unique-pointer-after-lifetime-ends.md deleted file mode 100644 index a74017aa6a13..000000000000 --- a/cpp/ql/src/change-notes/2023-12-12-use-of-unique-pointer-after-lifetime-ends.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `cpp/use-of-unique-pointer-after-lifetime-ends`, to detect uses of the contents unique pointers that will be destroyed immediately. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2023-12-15-badly-bounded-write.md b/cpp/ql/src/change-notes/2023-12-15-badly-bounded-write.md deleted file mode 100644 index 1dd4705754b3..000000000000 --- a/cpp/ql/src/change-notes/2023-12-15-badly-bounded-write.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur. diff --git a/cpp/ql/src/change-notes/released/0.9.2.md b/cpp/ql/src/change-notes/released/0.9.2.md new file mode 100644 index 000000000000..7945a450a4c3 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.9.2.md @@ -0,0 +1,10 @@ +## 0.9.2 + +### New Queries + +* Added a new query, `cpp/use-of-unique-pointer-after-lifetime-ends`, to detect uses of the contents unique pointers that will be destroyed immediately. +* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there. + +### Minor Analysis Improvements + +* The `cpp/badly-bounded-write` query could report false positives when a pointer was first initialized with a literal and later assigned a dynamically allocated array. These false positives now no longer occur. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 6789dcd18b70..e1eda5194355 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.1 +lastReleaseVersion: 0.9.2 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 9c5e81a6c314..96c8abf6b94d 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.2-dev +version: 0.9.2 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 881ef60c7c73..303e0da11759 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.6 + +No user-facing changes. + ## 1.7.5 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.6.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.6.md new file mode 100644 index 000000000000..fe2a0f02e7e9 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.6.md @@ -0,0 +1,3 @@ +## 1.7.6 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 83aebd7c12a0..1f68518dba9b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.5 +lastReleaseVersion: 1.7.6 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index a2969f590b76..167689f15798 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.6-dev +version: 1.7.6 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 881ef60c7c73..303e0da11759 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.6 + +No user-facing changes. + ## 1.7.5 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.6.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.6.md new file mode 100644 index 000000000000..fe2a0f02e7e9 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.6.md @@ -0,0 +1,3 @@ +## 1.7.6 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 83aebd7c12a0..1f68518dba9b 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.5 +lastReleaseVersion: 1.7.6 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 9c9fb4bc5fcc..7313dee61111 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.6-dev +version: 1.7.6 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index fe7cf2a05a51..a0d1cbc59f86 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.8.6 + +### Minor Analysis Improvements + +* The `Call::getArgumentForParameter` predicate has been reworked to add support for arguments passed to `params` parameters. +* The dataflow models for the `System.Text.StringBuilder` class have been reworked. New summaries have been added for `Append` and `AppendLine`. With the changes, we expect queries that use taint tracking to find more results when interpolated strings or `StringBuilder` instances are passed to `Append` or `AppendLine`. +* Additional support for `Amazon.Lambda` SDK + ## 0.8.5 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/2023-06-22-aws-lambda-models.md b/csharp/ql/lib/change-notes/2023-06-22-aws-lambda-models.md deleted file mode 100644 index 9943af0797f6..000000000000 --- a/csharp/ql/lib/change-notes/2023-06-22-aws-lambda-models.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Additional support for `Amazon.Lambda` SDK \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2023-12-20-arg-param-mapping.md b/csharp/ql/lib/change-notes/2023-12-20-arg-param-mapping.md deleted file mode 100644 index f701d47ab543..000000000000 --- a/csharp/ql/lib/change-notes/2023-12-20-arg-param-mapping.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* The `Call::getArgumentForParameter` predicate has been reworked to add support for arguments passed to `params` parameters. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2023-12-07-stringbuilder.md b/csharp/ql/lib/change-notes/released/0.8.6.md similarity index 60% rename from csharp/ql/lib/change-notes/2023-12-07-stringbuilder.md rename to csharp/ql/lib/change-notes/released/0.8.6.md index 8ea6ff9940f7..0e4cdca9e1a3 100644 --- a/csharp/ql/lib/change-notes/2023-12-07-stringbuilder.md +++ b/csharp/ql/lib/change-notes/released/0.8.6.md @@ -1,5 +1,7 @@ ---- -category: minorAnalysis ---- +## 0.8.6 -* The dataflow models for the `System.Text.StringBuilder` class have been reworked. New summaries have been added for `Append` and `AppendLine`. With the changes, we expect queries that use taint tracking to find more results when interpolated strings or `StringBuilder` instances are passed to `Append` or `AppendLine`. \ No newline at end of file +### Minor Analysis Improvements + +* The `Call::getArgumentForParameter` predicate has been reworked to add support for arguments passed to `params` parameters. +* The dataflow models for the `System.Text.StringBuilder` class have been reworked. New summaries have been added for `Append` and `AppendLine`. With the changes, we expect queries that use taint tracking to find more results when interpolated strings or `StringBuilder` instances are passed to `Append` or `AppendLine`. +* Additional support for `Amazon.Lambda` SDK diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 4afc1644ba1d..49e5f54d8703 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.6-dev +version: 0.8.6 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index 0318549742f4..ebb31d1516f9 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.8.6 + +### Minor Analysis Improvements + +* Fixed a Log forging false positive when using `String.Replace` to sanitize the input. +* Fixed a URL redirection from remote source false positive when guarding a redirect with `HttpRequestBase.IsUrlLocalToHost()` + ## 0.8.5 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2023-11-29-url-redirect-false-positive.md b/csharp/ql/src/change-notes/2023-11-29-url-redirect-false-positive.md deleted file mode 100644 index b993fb80dcf1..000000000000 --- a/csharp/ql/src/change-notes/2023-11-29-url-redirect-false-positive.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed a URL redirection from remote source false positive when guarding a redirect with `HttpRequestBase.IsUrlLocalToHost()` \ No newline at end of file diff --git a/csharp/ql/src/change-notes/2024-01-03-logforging-false-positive.md b/csharp/ql/src/change-notes/2024-01-03-logforging-false-positive.md deleted file mode 100644 index d2719cb3049b..000000000000 --- a/csharp/ql/src/change-notes/2024-01-03-logforging-false-positive.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed a Log forging false positive when using `String.Replace` to sanitize the input. diff --git a/csharp/ql/src/change-notes/released/0.8.6.md b/csharp/ql/src/change-notes/released/0.8.6.md new file mode 100644 index 000000000000..d52c8b7f8a14 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.8.6.md @@ -0,0 +1,6 @@ +## 0.8.6 + +### Minor Analysis Improvements + +* Fixed a Log forging false positive when using `String.Replace` to sanitize the input. +* Fixed a URL redirection from remote source false positive when guarding a redirect with `HttpRequestBase.IsUrlLocalToHost()` diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 006a95aa0f0a..77b4bdf2f30d 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.6-dev +version: 0.8.6 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 4ffbff1e0c4e..9b269441c000 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.5 + +No user-facing changes. + ## 0.0.4 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/0.0.5.md b/go/ql/consistency-queries/change-notes/released/0.0.5.md new file mode 100644 index 000000000000..766ec2723b56 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/0.0.5.md @@ -0,0 +1,3 @@ +## 0.0.5 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index ec411a674bcd..bb45a1ab0182 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.0.5 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 1b8ac8c1be93..05cf96dc4c9c 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.5-dev +version: 0.0.5 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 87ef5eb34433..048d598bf3b9 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.7.6 + +### Minor Analysis Improvements + +* The diagnostic query `go/diagnostics/successfully-extracted-files`, and therefore the Code Scanning UI measure of scanned Go files, now considers any Go file seen during extraction, even one with some errors, to be extracted / scanned. +* The XPath library, which is used for the XPath injection query (`go/xml/xpath-injection`), now includes support for `Parser` sinks from the [libxml2](https://github.com/lestrrat-go/libxml2) package. +* `CallNode::getACallee` and related predicates now recognise more callees accessed via a function variable, in particular when the callee is stored into a global variable or is captured by an anonymous function. This may lead to new alerts where data-flow into such a callee is relevant. + ## 0.7.5 No user-facing changes. diff --git a/go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md b/go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md deleted file mode 100644 index 8a02c12fd917..000000000000 --- a/go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* `CallNode::getACallee` and related predicates now recognise more callees accessed via a function variable, in particular when the callee is stored into a global variable or is captured by an anonymous function. This may lead to new alerts where data-flow into such a callee is relevant. diff --git a/go/ql/lib/change-notes/2023-12-22-minor-analysis-xpath-libxml2.md b/go/ql/lib/change-notes/2023-12-22-minor-analysis-xpath-libxml2.md deleted file mode 100644 index 16baf7f5b07a..000000000000 --- a/go/ql/lib/change-notes/2023-12-22-minor-analysis-xpath-libxml2.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The XPath library, which is used for the XPath injection query (`go/xml/xpath-injection`), now includes support for `Parser` sinks from the [libxml2](https://github.com/lestrrat-go/libxml2) package. \ No newline at end of file diff --git a/go/ql/lib/change-notes/2024-01-02-go-successfully-extracted.md b/go/ql/lib/change-notes/2024-01-02-go-successfully-extracted.md deleted file mode 100644 index 7cc21215c817..000000000000 --- a/go/ql/lib/change-notes/2024-01-02-go-successfully-extracted.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The diagnostic query `go/diagnostics/successfully-extracted-files`, and therefore the Code Scanning UI measure of scanned Go files, now considers any Go file seen during extraction, even one with some errors, to be extracted / scanned. diff --git a/go/ql/lib/change-notes/released/0.7.6.md b/go/ql/lib/change-notes/released/0.7.6.md new file mode 100644 index 000000000000..caaee4357a33 --- /dev/null +++ b/go/ql/lib/change-notes/released/0.7.6.md @@ -0,0 +1,7 @@ +## 0.7.6 + +### Minor Analysis Improvements + +* The diagnostic query `go/diagnostics/successfully-extracted-files`, and therefore the Code Scanning UI measure of scanned Go files, now considers any Go file seen during extraction, even one with some errors, to be extracted / scanned. +* The XPath library, which is used for the XPath injection query (`go/xml/xpath-injection`), now includes support for `Parser` sinks from the [libxml2](https://github.com/lestrrat-go/libxml2) package. +* `CallNode::getACallee` and related predicates now recognise more callees accessed via a function variable, in particular when the callee is stored into a global variable or is captured by an anonymous function. This may lead to new alerts where data-flow into such a callee is relevant. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index b5108ee0bda8..863f5a24cd20 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.7.6 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index b22fdbf06ab0..8fa1884d0e04 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.6-dev +version: 0.7.6 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 504a9aefdde2..702bdfd7f402 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.7.6 + +### Minor Analysis Improvements + +* There was a bug in the query `go/incorrect-integer-conversion` which meant that upper bound checks using a strict inequality (`<`) and comparing against `math.MaxInt` or `math.MaxUint` were not considered correctly, which led to false positives. This has now been fixed. + ## 0.7.5 No user-facing changes. diff --git a/go/ql/src/change-notes/2023-12-17-incorrect-integer-conversion-fix.md b/go/ql/src/change-notes/released/0.7.6.md similarity index 86% rename from go/ql/src/change-notes/2023-12-17-incorrect-integer-conversion-fix.md rename to go/ql/src/change-notes/released/0.7.6.md index 23f1e1e5f451..6ae8efc913b0 100644 --- a/go/ql/src/change-notes/2023-12-17-incorrect-integer-conversion-fix.md +++ b/go/ql/src/change-notes/released/0.7.6.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.7.6 + +### Minor Analysis Improvements + * There was a bug in the query `go/incorrect-integer-conversion` which meant that upper bound checks using a strict inequality (`<`) and comparing against `math.MaxInt` or `math.MaxUint` were not considered correctly, which led to false positives. This has now been fixed. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index b5108ee0bda8..863f5a24cd20 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.7.6 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 4d54626aa34b..7ac72a934a81 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.6-dev +version: 0.7.6 groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 0a3a35ff891b..d1bc8b8ee5f1 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.12 + +No user-facing changes. + ## 0.0.11 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.12.md b/java/ql/automodel/src/change-notes/released/0.0.12.md new file mode 100644 index 000000000000..0e206033bc47 --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/0.0.12.md @@ -0,0 +1,3 @@ +## 0.0.12 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index e679dc420925..997fb8da83cd 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.12 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 9939f0ef5553..d56d6f3167c6 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.12-dev +version: 0.0.12 groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index bc07396977a9..dc0af8b76be7 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,38 @@ +## 0.8.6 + +### Deprecated APIs + +* Imports of the old dataflow libraries (e.g. `semmle.code.java.dataflow.DataFlow2`) have been deprecated in the libraries under the `semmle.code.java.security` namespace. + +### Minor Analysis Improvements + +* Added the `Map#replace` and `Map#replaceAll` methods to the `MapMutator` class in `semmle.code.java.Maps`. +* Taint tracking now understands Kotlin's `Array.get` and `Array.set` methods. +* Added a sink model for the `createRelative` method of the `org.springframework.core.io.Resource` interface. +* Added source models for methods of the `org.springframework.web.util.UrlPathHelper` class and removed their taint flow models. +* Added models for the following packages: + + * com.google.common.io + * hudson + * hudson.console + * java.lang + * java.net + * java.util.logging + * javax.imageio.stream + * org.apache.commons.io + * org.apache.hadoop.hive.ql.exec + * org.apache.hadoop.hive.ql.metadata + * org.apache.tools.ant.taskdefs +* Added models for the following packages: + + * com.alibaba.druid.sql.repository + * jakarta.persistence + * jakarta.persistence.criteria + * liquibase.database.jvm + * liquibase.statement.core + * org.apache.ibatis.mapping + * org.keycloak.models.map.storage + ## 0.8.5 No user-facing changes. diff --git a/java/ql/lib/change-notes/2023-10-24-new-models.md b/java/ql/lib/change-notes/2023-10-24-new-models.md deleted file mode 100644 index b587721af7b2..000000000000 --- a/java/ql/lib/change-notes/2023-10-24-new-models.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -category: minorAnalysis ---- -* Added models for the following packages: - - * com.alibaba.druid.sql.repository - * jakarta.persistence - * jakarta.persistence.criteria - * liquibase.database.jvm - * liquibase.statement.core - * org.apache.ibatis.mapping - * org.keycloak.models.map.storage diff --git a/java/ql/lib/change-notes/2023-10-31-new-models.md b/java/ql/lib/change-notes/2023-10-31-new-models.md deleted file mode 100644 index 1c0fc3daa555..000000000000 --- a/java/ql/lib/change-notes/2023-10-31-new-models.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -category: minorAnalysis ---- -* Added models for the following packages: - - * com.google.common.io - * hudson - * hudson.console - * java.lang - * java.net - * java.util.logging - * javax.imageio.stream - * org.apache.commons.io - * org.apache.hadoop.hive.ql.exec - * org.apache.hadoop.hive.ql.metadata - * org.apache.tools.ant.taskdefs diff --git a/java/ql/lib/change-notes/2023-11-29-new-spring-models.md b/java/ql/lib/change-notes/2023-11-29-new-spring-models.md deleted file mode 100644 index e513f71bda6d..000000000000 --- a/java/ql/lib/change-notes/2023-11-29-new-spring-models.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a sink model for the `createRelative` method of the `org.springframework.core.io.Resource` interface. -* Added source models for methods of the `org.springframework.web.util.UrlPathHelper` class and removed their taint flow models. diff --git a/java/ql/lib/change-notes/2023-12-05-kotlin-array-get-set.md b/java/ql/lib/change-notes/2023-12-05-kotlin-array-get-set.md deleted file mode 100644 index 60c56a8f8f3f..000000000000 --- a/java/ql/lib/change-notes/2023-12-05-kotlin-array-get-set.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Taint tracking now understands Kotlin's `Array.get` and `Array.set` methods. diff --git a/java/ql/lib/change-notes/2023-12-08-deprecate-reexport-of-old-dataflow-libraries.md b/java/ql/lib/change-notes/2023-12-08-deprecate-reexport-of-old-dataflow-libraries.md deleted file mode 100644 index 789949147d1b..000000000000 --- a/java/ql/lib/change-notes/2023-12-08-deprecate-reexport-of-old-dataflow-libraries.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* Imports of the old dataflow libraries (e.g. `semmle.code.java.dataflow.DataFlow2`) have been deprecated in the libraries under the `semmle.code.java.security` namespace. diff --git a/java/ql/lib/change-notes/2023-12-19-add-replace-methods-to-mapmutator.md b/java/ql/lib/change-notes/2023-12-19-add-replace-methods-to-mapmutator.md deleted file mode 100644 index 9f69b26aefbd..000000000000 --- a/java/ql/lib/change-notes/2023-12-19-add-replace-methods-to-mapmutator.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added the `Map#replace` and `Map#replaceAll` methods to the `MapMutator` class in `semmle.code.java.Maps`. diff --git a/java/ql/lib/change-notes/released/0.8.6.md b/java/ql/lib/change-notes/released/0.8.6.md new file mode 100644 index 000000000000..4af302527a5f --- /dev/null +++ b/java/ql/lib/change-notes/released/0.8.6.md @@ -0,0 +1,34 @@ +## 0.8.6 + +### Deprecated APIs + +* Imports of the old dataflow libraries (e.g. `semmle.code.java.dataflow.DataFlow2`) have been deprecated in the libraries under the `semmle.code.java.security` namespace. + +### Minor Analysis Improvements + +* Added the `Map#replace` and `Map#replaceAll` methods to the `MapMutator` class in `semmle.code.java.Maps`. +* Taint tracking now understands Kotlin's `Array.get` and `Array.set` methods. +* Added a sink model for the `createRelative` method of the `org.springframework.core.io.Resource` interface. +* Added source models for methods of the `org.springframework.web.util.UrlPathHelper` class and removed their taint flow models. +* Added models for the following packages: + + * com.google.common.io + * hudson + * hudson.console + * java.lang + * java.net + * java.util.logging + * javax.imageio.stream + * org.apache.commons.io + * org.apache.hadoop.hive.ql.exec + * org.apache.hadoop.hive.ql.metadata + * org.apache.tools.ant.taskdefs +* Added models for the following packages: + + * com.alibaba.druid.sql.repository + * jakarta.persistence + * jakarta.persistence.criteria + * liquibase.database.jvm + * liquibase.statement.core + * org.apache.ibatis.mapping + * org.keycloak.models.map.storage diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 77503a51cb30..f9d3e42fa3f5 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.6-dev +version: 0.8.6 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 58799c443cc3..89a3d694649d 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,19 @@ +## 0.8.6 + +### Deprecated Queries + +* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated. + +### New Queries + +* Added the `java/insecure-randomness` query to detect uses of weakly random values which an attacker may be able to predict. Also added the `crypto-parameter` sink kind for sinks which represent the parameters and keys of cryptographic operations. + +### Minor Analysis Improvements + +* Modified the `java/potentially-weak-cryptographic-algorithm` query to include the use of weak cryptographic algorithms from configuration values specified in properties files. +* The query `java/android/missing-certificate-pinning` should no longer alert about requests pointing to the local filesystem. +* Removed some spurious sinks related to `com.opensymphony.xwork2.TextProvider.getText` from the query `java/ognl-injection`. + ## 0.8.5 No user-facing changes. diff --git a/java/ql/src/change-notes/2023-11-08-weak-randomness-query.md b/java/ql/src/change-notes/2023-11-08-weak-randomness-query.md deleted file mode 100644 index 9022f825af6e..000000000000 --- a/java/ql/src/change-notes/2023-11-08-weak-randomness-query.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: newQuery ---- -* Added the `java/insecure-randomness` query to detect uses of weakly random values which an attacker may be able to predict. Also added the `crypto-parameter` sink kind for sinks which represent the parameters and keys of cryptographic operations. - diff --git a/java/ql/src/change-notes/2023-12-12-android-certificate-pinning-precision.md b/java/ql/src/change-notes/2023-12-12-android-certificate-pinning-precision.md deleted file mode 100644 index ae3742e9f83c..000000000000 --- a/java/ql/src/change-notes/2023-12-12-android-certificate-pinning-precision.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The query `java/android/missing-certificate-pinning` should no longer alert about requests pointing to the local filesystem. diff --git a/java/ql/src/change-notes/2023-12-12-ognl-invalid-sinks.md b/java/ql/src/change-notes/2023-12-12-ognl-invalid-sinks.md deleted file mode 100644 index f7c5197bf96f..000000000000 --- a/java/ql/src/change-notes/2023-12-12-ognl-invalid-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Removed some spurious sinks related to `com.opensymphony.xwork2.TextProvider.getText` from the query `java/ognl-injection`. diff --git a/java/ql/src/change-notes/2023-12-14-flowstatestring-deprecated.md b/java/ql/src/change-notes/2023-12-14-flowstatestring-deprecated.md deleted file mode 100644 index 580f88c78074..000000000000 --- a/java/ql/src/change-notes/2023-12-14-flowstatestring-deprecated.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated. diff --git a/java/ql/src/change-notes/2023-12-15-weak-cryptographic-algorithm-from-properties-file.md b/java/ql/src/change-notes/2023-12-15-weak-cryptographic-algorithm-from-properties-file.md deleted file mode 100644 index 9b5436b4b250..000000000000 --- a/java/ql/src/change-notes/2023-12-15-weak-cryptographic-algorithm-from-properties-file.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Modified the `java/potentially-weak-cryptographic-algorithm` query to include the use of weak cryptographic algorithms from configuration values specified in properties files. diff --git a/java/ql/src/change-notes/released/0.8.6.md b/java/ql/src/change-notes/released/0.8.6.md new file mode 100644 index 000000000000..cb3d51c991d3 --- /dev/null +++ b/java/ql/src/change-notes/released/0.8.6.md @@ -0,0 +1,15 @@ +## 0.8.6 + +### Deprecated Queries + +* The three queries `java/insufficient-key-size`, `java/server-side-template-injection`, and `java/android/implicit-pendingintents` had accidentally general extension points allowing arbitrary string-based flow state. This has been fixed and the old extension points have been deprecated where possible, and otherwise updated. + +### New Queries + +* Added the `java/insecure-randomness` query to detect uses of weakly random values which an attacker may be able to predict. Also added the `crypto-parameter` sink kind for sinks which represent the parameters and keys of cryptographic operations. + +### Minor Analysis Improvements + +* Modified the `java/potentially-weak-cryptographic-algorithm` query to include the use of weak cryptographic algorithms from configuration values specified in properties files. +* The query `java/android/missing-certificate-pinning` should no longer alert about requests pointing to the local filesystem. +* Removed some spurious sinks related to `com.opensymphony.xwork2.TextProvider.getText` from the query `java/ognl-injection`. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index a409cf51016f..ce12b520b714 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.6-dev +version: 0.8.6 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 7a9d08a50f2a..c963c1fd4ab7 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.6 + +No user-facing changes. + ## 0.8.5 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/0.8.6.md b/javascript/ql/lib/change-notes/released/0.8.6.md new file mode 100644 index 000000000000..76516cea7c8b --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.8.6.md @@ -0,0 +1,3 @@ +## 0.8.6 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 3fa86edf3e3b..3960ed22f04d 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.6-dev +version: 0.8.6 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 1af40bc77b5a..3e8696d3fb10 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.6 + +No user-facing changes. + ## 0.8.5 No user-facing changes. diff --git a/javascript/ql/src/change-notes/released/0.8.6.md b/javascript/ql/src/change-notes/released/0.8.6.md new file mode 100644 index 000000000000..76516cea7c8b --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.8.6.md @@ -0,0 +1,3 @@ +## 0.8.6 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 947d9c61bf75..5b2e528ec737 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.6-dev +version: 0.8.6 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 4048fb51cd93..5fd816aeb8c3 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.6 + +No user-facing changes. + ## 0.7.5 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.6.md b/misc/suite-helpers/change-notes/released/0.7.6.md new file mode 100644 index 000000000000..1370a410515a --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.7.6.md @@ -0,0 +1,3 @@ +## 0.7.6 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index b5108ee0bda8..863f5a24cd20 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.7.6 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 5ee25056a75a..eff9586b020f 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.6-dev +version: 0.7.6 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 8a570da513f0..f9f4fc8c8a46 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,19 @@ +## 0.11.6 + +### Major Analysis Improvements + +* Added support for global data-flow through captured variables. + +### Minor Analysis Improvements + +* Captured subclass relationships ahead-of-time for most popular PyPI packages so we are able to resolve subclass relationships even without having the packages installed. For example we have captured that `flask_restful.Resource` is a subclass of `flask.views.MethodView`, so our Flask modeling will still consider a function named `post` on a `class Foo(flask_restful.Resource):` as a HTTP request handler. +* Python now makes use of the shared type tracking library, exposed as `semmle.python.dataflow.new.TypeTracking`. The existing type tracking library, `semmle.python.dataflow.new.TypeTracker`, has consequently been deprecated. + +### Bug Fixes + +- We would previously confuse all captured variables into a single scope entry node. Now they each get their own node so they can be tracked properly. +- The dataflow graph no longer contains SSA variables. Instead, flow is directed via the corresponding controlflow nodes. This should make the graph and the flow simpler to understand. Minor improvements in flow computation has been observed, but in general negligible changes to alerts are expected. + ## 0.11.5 No user-facing changes. diff --git a/python/ql/lib/change-notes/2023-11-20-remove-essa-nodes-from-dataflow-graph.md b/python/ql/lib/change-notes/2023-11-20-remove-essa-nodes-from-dataflow-graph.md deleted file mode 100644 index e35eca34679b..000000000000 --- a/python/ql/lib/change-notes/2023-11-20-remove-essa-nodes-from-dataflow-graph.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- - -- The dataflow graph no longer contains SSA variables. Instead, flow is directed via the corresponding controlflow nodes. This should make the graph and the flow simpler to understand. Minor improvements in flow computation has been observed, but in general negligible changes to alerts are expected. diff --git a/python/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md b/python/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md deleted file mode 100644 index aef3146d6f2b..000000000000 --- a/python/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Python now makes use of the shared type tracking library, exposed as `semmle.python.dataflow.new.TypeTracking`. The existing type tracking library, `semmle.python.dataflow.new.TypeTracker`, has consequently been deprecated. \ No newline at end of file diff --git a/python/ql/lib/change-notes/2023-12-08-automated-subclass-models.md b/python/ql/lib/change-notes/2023-12-08-automated-subclass-models.md deleted file mode 100644 index 8f9e4a1b6141..000000000000 --- a/python/ql/lib/change-notes/2023-12-08-automated-subclass-models.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Captured subclass relationships ahead-of-time for most popular PyPI packages so we are able to resolve subclass relationships even without having the packages installed. For example we have captured that `flask_restful.Resource` is a subclass of `flask.views.MethodView`, so our Flask modeling will still consider a function named `post` on a `class Foo(flask_restful.Resource):` as a HTTP request handler. diff --git a/python/ql/lib/change-notes/2023-12-18-support-variable-capture.md b/python/ql/lib/change-notes/2023-12-18-support-variable-capture.md deleted file mode 100644 index e7aee047fa15..000000000000 --- a/python/ql/lib/change-notes/2023-12-18-support-variable-capture.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Added support for global data-flow through captured variables. \ No newline at end of file diff --git a/python/ql/lib/change-notes/2023-12-20-add-scope-entry-definition-nodes.md b/python/ql/lib/change-notes/2023-12-20-add-scope-entry-definition-nodes.md deleted file mode 100644 index f2fca008e44c..000000000000 --- a/python/ql/lib/change-notes/2023-12-20-add-scope-entry-definition-nodes.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: fix ---- - -- We would previously confuse all captured variables into a single scope entry node. Now they each get their own node so they can be tracked properly. diff --git a/python/ql/lib/change-notes/released/0.11.6.md b/python/ql/lib/change-notes/released/0.11.6.md new file mode 100644 index 000000000000..e24d66901fcd --- /dev/null +++ b/python/ql/lib/change-notes/released/0.11.6.md @@ -0,0 +1,15 @@ +## 0.11.6 + +### Major Analysis Improvements + +* Added support for global data-flow through captured variables. + +### Minor Analysis Improvements + +* Captured subclass relationships ahead-of-time for most popular PyPI packages so we are able to resolve subclass relationships even without having the packages installed. For example we have captured that `flask_restful.Resource` is a subclass of `flask.views.MethodView`, so our Flask modeling will still consider a function named `post` on a `class Foo(flask_restful.Resource):` as a HTTP request handler. +* Python now makes use of the shared type tracking library, exposed as `semmle.python.dataflow.new.TypeTracking`. The existing type tracking library, `semmle.python.dataflow.new.TypeTracker`, has consequently been deprecated. + +### Bug Fixes + +- We would previously confuse all captured variables into a single scope entry node. Now they each get their own node so they can be tracked properly. +- The dataflow graph no longer contains SSA variables. Instead, flow is directed via the corresponding controlflow nodes. This should make the graph and the flow simpler to understand. Minor improvements in flow computation has been observed, but in general negligible changes to alerts are expected. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index ca91bf6fce9c..100225af99d3 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.11.5 +lastReleaseVersion: 0.11.6 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 8a0e93bbe8e7..aee9bfc2d01d 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.6-dev +version: 0.11.6 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 175f47861b9c..ade5cb0cc54d 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.9.6 + +No user-facing changes. + ## 0.9.5 No user-facing changes. diff --git a/python/ql/src/change-notes/released/0.9.6.md b/python/ql/src/change-notes/released/0.9.6.md new file mode 100644 index 000000000000..1e5874c13a6f --- /dev/null +++ b/python/ql/src/change-notes/released/0.9.6.md @@ -0,0 +1,3 @@ +## 0.9.6 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 460240feafff..19139c132b2d 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.5 +lastReleaseVersion: 0.9.6 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 25594b06637b..9c3e9a4dd480 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.6-dev +version: 0.9.6 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 0641b60a508e..4a2cc6d2e24c 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.8.6 + +### Minor Analysis Improvements + +* Parsing of division operators (`/`) at the end of a line has been improved. Before they were wrongly interpreted as the start of a regular expression literal (`/.../`) leading to syntax errors. +* Parsing of `case` statements that are formatted with the value expression on a different line than the `case` keyword has been improved and should no longer lead to syntax errors. +* Ruby now makes use of the shared type tracking library, exposed as `codeql.ruby.typetracking.TypeTracking`. The existing type tracking library, `codeql.ruby.typetracking.TypeTracker`, has consequently been deprecated. + ## 0.8.5 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md b/ruby/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md deleted file mode 100644 index c03804e59750..000000000000 --- a/ruby/ql/lib/change-notes/2023-11-21-new-type-tracking-lib.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Ruby now makes use of the shared type tracking library, exposed as `codeql.ruby.typetracking.TypeTracking`. The existing type tracking library, `codeql.ruby.typetracking.TypeTracker`, has consequently been deprecated. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2024-01-05-division-newline.md b/ruby/ql/lib/change-notes/released/0.8.6.md similarity index 59% rename from ruby/ql/lib/change-notes/2024-01-05-division-newline.md rename to ruby/ql/lib/change-notes/released/0.8.6.md index 384542e4ea4a..ed73a368b674 100644 --- a/ruby/ql/lib/change-notes/2024-01-05-division-newline.md +++ b/ruby/ql/lib/change-notes/released/0.8.6.md @@ -1,5 +1,7 @@ ---- -category: minorAnalysis ---- +## 0.8.6 + +### Minor Analysis Improvements + * Parsing of division operators (`/`) at the end of a line has been improved. Before they were wrongly interpreted as the start of a regular expression literal (`/.../`) leading to syntax errors. * Parsing of `case` statements that are formatted with the value expression on a different line than the `case` keyword has been improved and should no longer lead to syntax errors. +* Ruby now makes use of the shared type tracking library, exposed as `codeql.ruby.typetracking.TypeTracking`. The existing type tracking library, `codeql.ruby.typetracking.TypeTracker`, has consequently been deprecated. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index c460d2d3638b..6a8ad466f2da 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.6-dev +version: 0.8.6 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 0e589135e411..7d5c2de21319 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.6 + +No user-facing changes. + ## 0.8.5 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/0.8.6.md b/ruby/ql/src/change-notes/released/0.8.6.md new file mode 100644 index 000000000000..76516cea7c8b --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.8.6.md @@ -0,0 +1,3 @@ +## 0.8.6 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index cbe6bc6b7c62..d67c1aac29de 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.8.6 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 9dc44497c148..222dbb854db1 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.6-dev +version: 0.8.6 groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index d14dc358bafa..71269fe4ba88 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.6 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.6.md b/shared/controlflow/change-notes/released/0.1.6.md new file mode 100644 index 000000000000..b856f15fe69b --- /dev/null +++ b/shared/controlflow/change-notes/released/0.1.6.md @@ -0,0 +1,3 @@ +## 0.1.6 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 157cff8108d3..d271632b3dde 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.1.6 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 9f1a41b9c158..86a30bba306b 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.6-dev +version: 0.1.6 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 39444bf389a2..a996595df47a 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.1.6 + +### Deprecated APIs + +* The old configuration-class based data flow api has been deprecated. The configuration-module based api should be used instead. For details, see https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries/. + ## 0.1.5 No user-facing changes. diff --git a/shared/dataflow/change-notes/2023-12-08-dataflow-old-api-deprecated.md b/shared/dataflow/change-notes/released/0.1.6.md similarity index 88% rename from shared/dataflow/change-notes/2023-12-08-dataflow-old-api-deprecated.md rename to shared/dataflow/change-notes/released/0.1.6.md index 628a0d906688..4df6b52a190e 100644 --- a/shared/dataflow/change-notes/2023-12-08-dataflow-old-api-deprecated.md +++ b/shared/dataflow/change-notes/released/0.1.6.md @@ -1,4 +1,5 @@ ---- -category: deprecated ---- +## 0.1.6 + +### Deprecated APIs + * The old configuration-class based data flow api has been deprecated. The configuration-module based api should be used instead. For details, see https://github.blog/changelog/2023-08-14-new-dataflow-api-for-writing-custom-codeql-queries/. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 157cff8108d3..d271632b3dde 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.1.6 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index d53e750de32e..c3331c55e393 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.1.6-dev +version: 0.1.6 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 8fdbd159d53b..514ddda4d2b1 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.6.md b/shared/mad/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/mad/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 47c23b2976f7..c74a3990bfd4 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index a66789ca7f5d..381b7ea88408 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.5 + +No user-facing changes. + ## 0.0.4 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/0.0.5.md b/shared/rangeanalysis/change-notes/released/0.0.5.md new file mode 100644 index 000000000000..766ec2723b56 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/0.0.5.md @@ -0,0 +1,3 @@ +## 0.0.5 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index ec411a674bcd..bb45a1ab0182 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.0.5 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index f0c5bd25a696..a549db3f1449 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.5-dev +version: 0.0.5 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 3cf342c9f29a..04bb2adcc0ab 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.6.md b/shared/regex/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/regex/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 33b5952fe87c..e2931e467a28 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index d1f2a74fec09..3ba7f8edce16 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.6.md b/shared/ssa/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/ssa/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 00e6b698e43b..de4724ebf2a0 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 4ffbff1e0c4e..9b269441c000 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.5 + +No user-facing changes. + ## 0.0.4 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/0.0.5.md b/shared/threat-models/change-notes/released/0.0.5.md new file mode 100644 index 000000000000..766ec2723b56 --- /dev/null +++ b/shared/threat-models/change-notes/released/0.0.5.md @@ -0,0 +1,3 @@ +## 0.0.5 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index ec411a674bcd..bb45a1ab0182 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.0.5 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index abe9e10f4afa..40d1dba613ca 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.5-dev +version: 0.0.5 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index a0bfc02bcbfd..1523a1599c21 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.6.md b/shared/tutorial/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/tutorial/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 9e095cb2b6c6..e0d5641a1b71 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 2236b1a2d5d4..a8639d1de49a 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.6.md b/shared/typetracking/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/typetracking/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 24301a5c13e8..88865eedf548 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 9db98dbb2d0a..bd1c41f82970 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.6.md b/shared/typos/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/typos/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 3c4ea9d6fb2c..e39af7faad09 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index a1df29447d57..677b82a2b4e6 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.6.md b/shared/util/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/util/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 6652d73fba1f..65dac9155830 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index aa342042f471..e043461448eb 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.6 + +No user-facing changes. + ## 0.2.5 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.6.md b/shared/yaml/change-notes/released/0.2.6.md new file mode 100644 index 000000000000..edaefe75481e --- /dev/null +++ b/shared/yaml/change-notes/released/0.2.6.md @@ -0,0 +1,3 @@ +## 0.2.6 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 211454ed3064..248dd0f4594b 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.2.6 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index f13f8aeca746..ca586959f2b0 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.6-dev +version: 0.2.6 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 16d44561346e..7236e3740d94 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.3.6 + +### Minor Analysis Improvements + +* Expanded flow models for `UnsafePointer` and similar classes. +* Added flow models for non-member `withUnsafePointer` and similar functions. +* Added flow models for `withMemoryRebound`, `assumingMemoryBound` and `bindMemory` member functions of library pointer classes. +* Added a sensitive data model for `SecKeyCopyExternalRepresentation`. +* Added imprecise flow models for `append` and `insert` methods, and initializer calls with a `data` argument. +* Tyes for patterns are now included in the database and made available through the `Pattern::getType()` method. + ## 0.3.5 No user-facing changes. diff --git a/swift/ql/lib/change-notes/2023-10-24-pattern-types.md b/swift/ql/lib/change-notes/2023-10-24-pattern-types.md deleted file mode 100644 index 0288e56ce3ef..000000000000 --- a/swift/ql/lib/change-notes/2023-10-24-pattern-types.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Tyes for patterns are now included in the database and made available through the `Pattern::getType()` method. diff --git a/swift/ql/lib/change-notes/2023-11-27-append.md b/swift/ql/lib/change-notes/2023-11-27-append.md deleted file mode 100644 index b6bc9dfc6bec..000000000000 --- a/swift/ql/lib/change-notes/2023-11-27-append.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added imprecise flow models for `append` and `insert` methods, and initializer calls with a `data` argument. diff --git a/swift/ql/lib/change-notes/2023-12-05-seckey.md b/swift/ql/lib/change-notes/2023-12-05-seckey.md deleted file mode 100644 index 883eedd48a59..000000000000 --- a/swift/ql/lib/change-notes/2023-12-05-seckey.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added a sensitive data model for `SecKeyCopyExternalRepresentation`. diff --git a/swift/ql/lib/change-notes/2023-12-07-closure-models.md b/swift/ql/lib/change-notes/2023-12-07-closure-models.md deleted file mode 100644 index 33e0335f1e6f..000000000000 --- a/swift/ql/lib/change-notes/2023-12-07-closure-models.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Added flow models for non-member `withUnsafePointer` and similar functions. -* Added flow models for `withMemoryRebound`, `assumingMemoryBound` and `bindMemory` member functions of library pointer classes. diff --git a/swift/ql/lib/change-notes/2023-12-08-pointermodels.md b/swift/ql/lib/change-notes/2023-12-08-pointermodels.md deleted file mode 100644 index 18073fc04761..000000000000 --- a/swift/ql/lib/change-notes/2023-12-08-pointermodels.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Expanded flow models for `UnsafePointer` and similar classes. diff --git a/swift/ql/lib/change-notes/released/0.3.6.md b/swift/ql/lib/change-notes/released/0.3.6.md new file mode 100644 index 000000000000..0aa8cf50fdef --- /dev/null +++ b/swift/ql/lib/change-notes/released/0.3.6.md @@ -0,0 +1,10 @@ +## 0.3.6 + +### Minor Analysis Improvements + +* Expanded flow models for `UnsafePointer` and similar classes. +* Added flow models for non-member `withUnsafePointer` and similar functions. +* Added flow models for `withMemoryRebound`, `assumingMemoryBound` and `bindMemory` member functions of library pointer classes. +* Added a sensitive data model for `SecKeyCopyExternalRepresentation`. +* Added imprecise flow models for `append` and `insert` methods, and initializer calls with a `data` argument. +* Tyes for patterns are now included in the database and made available through the `Pattern::getType()` method. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 468917f2543f..7bbaa8987dd3 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.5 +lastReleaseVersion: 0.3.6 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 2a4fe611768f..62e132acadeb 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.6-dev +version: 0.3.6 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 689f4e90b87c..9ef921546760 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.3.6 + +### Minor Analysis Improvements + +* Added additional sinks for the "Cleartext logging of sensitive information" (`swift/cleartext-logging`) query. Some of these sinks are heuristic (imprecise) in nature. + ## 0.3.5 No user-facing changes. diff --git a/swift/ql/src/change-notes/2023-11-20-cleartext-logging.md b/swift/ql/src/change-notes/released/0.3.6.md similarity index 80% rename from swift/ql/src/change-notes/2023-11-20-cleartext-logging.md rename to swift/ql/src/change-notes/released/0.3.6.md index 83ecd0fd182e..e9bea70df8b4 100644 --- a/swift/ql/src/change-notes/2023-11-20-cleartext-logging.md +++ b/swift/ql/src/change-notes/released/0.3.6.md @@ -1,5 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.3.6 + +### Minor Analysis Improvements * Added additional sinks for the "Cleartext logging of sensitive information" (`swift/cleartext-logging`) query. Some of these sinks are heuristic (imprecise) in nature. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 468917f2543f..7bbaa8987dd3 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.3.5 +lastReleaseVersion: 0.3.6 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 180db628f9eb..686a82482a99 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.6-dev +version: 0.3.6 groups: - swift - queries From be0df9298f26a2a15e96e46dc13168dbaed84a2a Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Tue, 9 Jan 2024 15:06:51 +0000 Subject: [PATCH 2/6] Update supported-versions-compilers.rst on 2.16.0 branch --- docs/codeql/reusables/supported-versions-compilers.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/codeql/reusables/supported-versions-compilers.rst b/docs/codeql/reusables/supported-versions-compilers.rst index 2e55c78668bc..a9840bdb3707 100644 --- a/docs/codeql/reusables/supported-versions-compilers.rst +++ b/docs/codeql/reusables/supported-versions-compilers.rst @@ -17,7 +17,7 @@ .NET 5, .NET 6, .NET 7","``.sln``, ``.csproj``, ``.cs``, ``.cshtml``, ``.xaml``" Go (aka Golang), "Go up to 1.21", "Go 1.11 or more recent", ``.go`` - Java,"Java 7 to 20 [5]_","javac (OpenJDK and Oracle JDK), + Java,"Java 7 to 21 [5]_","javac (OpenJDK and Oracle JDK), Eclipse compiler for Java (ECJ) [6]_",``.java`` Kotlin [7]_,"Kotlin 1.5.0 to 1.9.20","kotlinc",``.kt`` @@ -33,7 +33,7 @@ .. [2] Objective-C, Objective-C++, C++/CLI, and C++/CX are not supported. .. [3] Support for the clang-cl compiler is preliminary. .. [4] Support for the Arm Compiler (armcc) is preliminary. - .. [5] Builds that execute on Java 7 to 20 can be analyzed. The analysis understands Java 20 standard language features. + .. [5] Builds that execute on Java 7 to 21 can be analyzed. The analysis understands Java 21 standard language features. .. [6] ECJ is supported when the build invokes it via the Maven Compiler plugin or the Takari Lifecycle plugin. .. [7] Kotlin support is currently in beta. .. [8] JSX and Flow code, YAML, JSON, HTML, and XML files may also be analyzed with JavaScript files. From 84d08b0417b88ec41f1a375b98d9a2ccd55bbcb4 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 12 Jan 2024 09:29:17 +0000 Subject: [PATCH 3/6] Revert "Merge pull request #12125 from jketema/unique-function" This reverts commit 9c039c4a080ce4847107ac0012ffebc90df8b42a, reversing changes made to ecd2003c14c9877e0133d398e4fd5635198d8b7d. --- cpp/ql/lib/semmle/code/cpp/Element.qll | 4 -- cpp/ql/lib/semmle/code/cpp/Function.qll | 3 - .../controlflow/internal/ConstantExprs.qll | 6 +- .../code/cpp/internal/ResolveFunction.qll | 57 ------------------- .../cpp/internal/ResolveGlobalVariable.qll | 2 +- 5 files changed, 4 insertions(+), 68 deletions(-) delete mode 100644 cpp/ql/lib/semmle/code/cpp/internal/ResolveFunction.qll diff --git a/cpp/ql/lib/semmle/code/cpp/Element.qll b/cpp/ql/lib/semmle/code/cpp/Element.qll index 98b5da60c1c5..79df774d80f1 100644 --- a/cpp/ql/lib/semmle/code/cpp/Element.qll +++ b/cpp/ql/lib/semmle/code/cpp/Element.qll @@ -7,7 +7,6 @@ import semmle.code.cpp.Location private import semmle.code.cpp.Enclosing private import semmle.code.cpp.internal.ResolveClass private import semmle.code.cpp.internal.ResolveGlobalVariable -private import semmle.code.cpp.internal.ResolveFunction /** * Get the `Element` that represents this `@element`. @@ -31,14 +30,11 @@ pragma[inline] @element unresolveElement(Element e) { not result instanceof @usertype and not result instanceof @variable and - not result instanceof @function and result = e or e = resolveClass(result) or e = resolveGlobalVariable(result) - or - e = resolveFunction(result) } /** diff --git a/cpp/ql/lib/semmle/code/cpp/Function.qll b/cpp/ql/lib/semmle/code/cpp/Function.qll index 550501597356..d4580ceb1d5c 100644 --- a/cpp/ql/lib/semmle/code/cpp/Function.qll +++ b/cpp/ql/lib/semmle/code/cpp/Function.qll @@ -9,7 +9,6 @@ import semmle.code.cpp.exprs.Call import semmle.code.cpp.metrics.MetricFunction import semmle.code.cpp.Linkage private import semmle.code.cpp.internal.ResolveClass -private import semmle.code.cpp.internal.ResolveFunction /** * A C/C++ function [N4140 8.3.5]. Both member functions and non-member @@ -26,8 +25,6 @@ private import semmle.code.cpp.internal.ResolveFunction * in more detail in `Declaration.qll`. */ class Function extends Declaration, ControlFlowNode, AccessHolder, @function { - Function() { isFunction(underlyingElement(this)) } - override string getName() { functions(underlyingElement(this), result, _) } /** diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll index 84e96fa9c468..dfb5782238bc 100644 --- a/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll +++ b/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll @@ -110,8 +110,8 @@ private predicate loopConditionAlwaysUponEntry(ControlFlowNode loop, Expr condit * should be in this relation. */ pragma[noinline] -private predicate isFunction(@element el) { - el instanceof @function +private predicate isFunction(Element el) { + el instanceof Function or el.(Expr).getParent() = el } @@ -122,7 +122,7 @@ private predicate isFunction(@element el) { */ pragma[noopt] private predicate callHasNoTarget(@funbindexpr fc) { - exists(@function f | + exists(Function f | funbind(fc, f) and not isFunction(f) ) diff --git a/cpp/ql/lib/semmle/code/cpp/internal/ResolveFunction.qll b/cpp/ql/lib/semmle/code/cpp/internal/ResolveFunction.qll deleted file mode 100644 index 95cd28068568..000000000000 --- a/cpp/ql/lib/semmle/code/cpp/internal/ResolveFunction.qll +++ /dev/null @@ -1,57 +0,0 @@ -private predicate hasDefinition(@function f) { - exists(@fun_decl fd | fun_decls(fd, f, _, _, _) | fun_def(fd)) -} - -private predicate onlyOneCompleteFunctionExistsWithMangledName(@mangledname name) { - strictcount(@function f | hasDefinition(f) and mangled_name(f, name)) = 1 -} - -/** Holds if `f` is a unique function with a definition named `name`. */ -private predicate isFunctionWithMangledNameAndWithDefinition(@mangledname name, @function f) { - hasDefinition(f) and - mangled_name(f, name) and - onlyOneCompleteFunctionExistsWithMangledName(name) -} - -/** Holds if `f` is a function without a definition named `name`. */ -private predicate isFunctionWithMangledNameAndWithoutDefinition(@mangledname name, @function f) { - not hasDefinition(f) and - mangled_name(f, name) -} - -/** - * Holds if `incomplete` is a function without a definition, and there exists - * a unique function `complete` with the same name that does have a definition. - */ -private predicate hasTwinWithDefinition(@function incomplete, @function complete) { - not function_instantiation(incomplete, complete) and - ( - not compgenerated(incomplete) or - not compgenerated(complete) - ) and - exists(@mangledname name | - isFunctionWithMangledNameAndWithoutDefinition(name, incomplete) and - isFunctionWithMangledNameAndWithDefinition(name, complete) - ) -} - -import Cached - -cached -private module Cached { - /** - * If `f` is a function without a definition, and there exists a unique - * function with the same name that does have a definition, then the - * result is that unique function. Otherwise, the result is `f`. - */ - cached - @function resolveFunction(@function f) { - hasTwinWithDefinition(f, result) - or - not hasTwinWithDefinition(f, _) and - result = f - } - - cached - predicate isFunction(@function f) { f = resolveFunction(_) } -} diff --git a/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll b/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll index 3727a1aaa00c..c11e1457dae7 100644 --- a/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll +++ b/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll @@ -24,8 +24,8 @@ private predicate isGlobalWithMangledNameAndWithoutDefinition(@mangledname name, * a unique global variable `complete` with the same name that does have a definition. */ private predicate hasTwinWithDefinition(@globalvariable incomplete, @globalvariable complete) { - not variable_instantiation(incomplete, complete) and exists(@mangledname name | + not variable_instantiation(incomplete, complete) and isGlobalWithMangledNameAndWithoutDefinition(name, incomplete) and isGlobalWithMangledNameAndWithDefinition(name, complete) ) From fe2c806c2db5f3dceaf2877f34a25fcbce34337b Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 12 Jan 2024 09:35:50 +0000 Subject: [PATCH 4/6] C++: Undo some of the reverting. --- .../semmle/code/cpp/controlflow/internal/ConstantExprs.qll | 6 +++--- .../lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll index dfb5782238bc..84e96fa9c468 100644 --- a/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll +++ b/cpp/ql/lib/semmle/code/cpp/controlflow/internal/ConstantExprs.qll @@ -110,8 +110,8 @@ private predicate loopConditionAlwaysUponEntry(ControlFlowNode loop, Expr condit * should be in this relation. */ pragma[noinline] -private predicate isFunction(Element el) { - el instanceof Function +private predicate isFunction(@element el) { + el instanceof @function or el.(Expr).getParent() = el } @@ -122,7 +122,7 @@ private predicate isFunction(Element el) { */ pragma[noopt] private predicate callHasNoTarget(@funbindexpr fc) { - exists(Function f | + exists(@function f | funbind(fc, f) and not isFunction(f) ) diff --git a/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll b/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll index c11e1457dae7..3727a1aaa00c 100644 --- a/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll +++ b/cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll @@ -24,8 +24,8 @@ private predicate isGlobalWithMangledNameAndWithoutDefinition(@mangledname name, * a unique global variable `complete` with the same name that does have a definition. */ private predicate hasTwinWithDefinition(@globalvariable incomplete, @globalvariable complete) { + not variable_instantiation(incomplete, complete) and exists(@mangledname name | - not variable_instantiation(incomplete, complete) and isGlobalWithMangledNameAndWithoutDefinition(name, incomplete) and isGlobalWithMangledNameAndWithDefinition(name, complete) ) From 28dd2e979b73feed485f644df0e13a6f767170e7 Mon Sep 17 00:00:00 2001 From: Alex Denisov Date: Fri, 12 Jan 2024 12:34:13 +0100 Subject: [PATCH 5/6] Revert "Swift: separate installation of dependencies and autobuilding" This reverts commit dd13ea3d0a41764b065f6e50efff40aa4fc8ffca. --- swift/swift-autobuilder/swift-autobuilder.cpp | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/swift/swift-autobuilder/swift-autobuilder.cpp b/swift/swift-autobuilder/swift-autobuilder.cpp index 32cd52541a93..c6b2582ed2b3 100644 --- a/swift/swift-autobuilder/swift-autobuilder.cpp +++ b/swift/swift-autobuilder/swift-autobuilder.cpp @@ -54,11 +54,6 @@ static bool buildSwiftPackages(const std::vector& swiftPa return any_successful; } -static void installDependencies(const CLIArgs& args) { - auto structure = scanProjectStructure(args.workingDir); - installDependencies(structure, args.dryRun); -} - static bool autobuild(const CLIArgs& args) { auto structure = scanProjectStructure(args.workingDir); auto& xcodeTargets = structure.xcodeTargets; @@ -87,6 +82,7 @@ static bool autobuild(const CLIArgs& args) { return false; } else if (!xcodeTargets.empty()) { LOG_INFO("Building Xcode target: {}", xcodeTargets.front()); + installDependencies(structure, args.dryRun); auto buildSucceeded = buildXcodeTarget(xcodeTargets.front(), args.dryRun); // If build failed, try to build Swift packages if (!buildSucceeded && !swiftPackages.empty()) { @@ -117,7 +113,6 @@ static CLIArgs parseCLIArgs(int argc, char** argv) { int main(int argc, char** argv) { auto args = parseCLIArgs(argc, argv); - installDependencies(args); auto success = autobuild(args); codeql::Log::flush(); if (!success) { From 57df8b92dfc431f5ccce7395a9a7409421bc7fe8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 15 Jan 2024 15:00:50 +0000 Subject: [PATCH 6/6] Post-release preparation for codeql-cli-2.16.0 --- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 33 files changed, 33 insertions(+), 33 deletions(-) diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8018ba065e31..a937e3d6023b 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.12.3 +version: 0.12.4-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 96c8abf6b94d..0950e88c3d86 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.9.2 +version: 0.9.3-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 167689f15798..2d733304bee5 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.6 +version: 1.7.7-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 7313dee61111..507492f20444 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.6 +version: 1.7.7-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 49e5f54d8703..2a8b136fdcfb 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.6 +version: 0.8.7-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 77b4bdf2f30d..19e64a427646 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.6 +version: 0.8.7-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 05cf96dc4c9c..3d2df20dccac 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 0.0.5 +version: 0.0.6-dev groups: - go - queries diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 8fa1884d0e04..a6623a1daafc 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.6 +version: 0.7.7-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 7ac72a934a81..fc83f4bf1842 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.6 +version: 0.7.7-dev groups: - go - queries diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index d56d6f3167c6..178b3a9f2a90 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.12 +version: 0.0.13-dev groups: - java - automodel diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index f9d3e42fa3f5..2c70000e4da7 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.6 +version: 0.8.7-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index ce12b520b714..9f4e3f937df2 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.6 +version: 0.8.7-dev groups: - java - queries diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 3960ed22f04d..e6494d64d9a5 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.6 +version: 0.8.7-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 5b2e528ec737..96edbefafe69 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.6 +version: 0.8.7-dev groups: - javascript - queries diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index eff9586b020f..8c0470c0a3b9 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.6 +version: 0.7.7-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index aee9bfc2d01d..78e859e46490 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.6 +version: 0.11.7-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 9c3e9a4dd480..b55fb9e2c5b8 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.6 +version: 0.9.7-dev groups: - python - queries diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 6a8ad466f2da..026be203d9ab 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.6 +version: 0.8.7-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 222dbb854db1..eb204a2988d8 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.6 +version: 0.8.7-dev groups: - ruby - queries diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 86a30bba306b..b70a8b5a307c 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.6 +version: 0.1.7-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index c3331c55e393..54c411fd27db 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.1.6 +version: 0.1.7-dev groups: shared library: true dependencies: diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index c74a3990bfd4..09bfb3de3d65 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true dependencies: null diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index a549db3f1449..ab5974524f2f 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 0.0.5 +version: 0.0.6-dev groups: shared library: true dependencies: diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index e2931e467a28..c8db4fc8b891 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true dependencies: diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index de4724ebf2a0..5a9c880c1981 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 40d1dba613ca..4db8c6ee2fd4 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 0.0.5 +version: 0.0.6-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index e0d5641a1b71..992f83d7dd35 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 88865eedf548..63dc62c9a91a 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true dependencies: diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index e39af7faad09..b9342d72242a 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 65dac9155830..332d91969fbe 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true dependencies: null diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index ca586959f2b0..23d8139aebb7 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.6 +version: 0.2.7-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 62e132acadeb..b09ea3b1690f 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.6 +version: 0.3.7-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 686a82482a99..09314f7dc00e 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.6 +version: 0.3.7-dev groups: - swift - queries pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy