From 46577b585e23ebbab79188339dabe141a1c1347a Mon Sep 17 00:00:00 2001 From: Alexander Eyers-Taylor Date: Wed, 7 Aug 2024 14:24:37 +0100 Subject: [PATCH] Revert "Release preparation for version 2.18.2" --- cpp/ql/lib/CHANGELOG.md | 15 ------------- .../2024-07-23-destroying-delete.md | 4 ++++ .../2024-07-23-using-enum-declaration.md | 4 ++++ .../2024-07-25-alias-analysis-perf.md | 4 ++++ .../change-notes/2024-07-31-constexpr-if.md | 4 ++++ .../2024-08-01-deduction-guide.md | 4 ++++ .../change-notes/2024-08-01-explicit-bool.md | 5 +++++ cpp/ql/lib/change-notes/released/1.4.0.md | 14 ------------- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 13 ------------ ...fference-expression-compared-zero-query.md | 4 ++++ ...-22-incorrect-allocation-error-handling.md | 4 ++++ .../2024-07-22-suspicious-allocation-size.md | 4 ++++ .../2024-07-23-incorrectly-checked-scanf.md | 4 ++++ .../2024-07-31-memory-may-not-be-freed.md | 4 ++++ cpp/ql/src/change-notes/released/1.2.0.md | 12 ----------- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ---- .../lib/change-notes/released/1.7.22.md | 3 --- .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- .../ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ---- .../src/change-notes/released/1.7.22.md | 3 --- .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 4 ---- csharp/ql/lib/change-notes/released/1.0.5.md | 3 --- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 4 ---- csharp/ql/src/change-notes/released/1.0.5.md | 3 --- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.5.md | 3 --- .../codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 4 ---- go/ql/lib/change-notes/released/1.1.4.md | 3 --- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ---- go/ql/src/change-notes/released/1.0.5.md | 3 --- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/automodel/src/CHANGELOG.md | 4 ---- .../src/change-notes/released/1.0.5.md | 3 --- java/ql/automodel/src/codeql-pack.release.yml | 2 +- java/ql/automodel/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 20 ------------------ ...reverse-dns-separate-threat-model-kind.md} | 21 +++---------------- ...add-models-for-the-lastaflute-framework.md | 4 ++++ .../2024-07-19-apache-ant-property-sinks.md | 4 ++++ .../2024-07-24-url-fields-inherit-taint.md | 4 ++++ .../lib/change-notes/2024-07-25-env-vars.md | 4 ++++ .../change-notes/2024-08-02-buildless-ga.md | 4 ++++ java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 11 +--------- ...2024-07-23-java-sensitivelogging-source.md | 4 ++++ .../2024-07-25-java-error-message-exposure.md | 4 ++++ ...07-30-sensitive-log-whitelist-tokenizer.md | 4 ++++ java/ql/src/change-notes/2024-07-30-unused.md | 4 ++++ java/ql/src/change-notes/released/1.1.2.md | 8 ------- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ---- .../ql/lib/change-notes/released/1.1.2.md | 3 --- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 4 ---- .../ql/src/change-notes/released/1.1.1.md | 3 --- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.5.md | 3 --- misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 6 ------ ....0.5.md => 2024-07-12-mad-dict-sources.md} | 7 +++---- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 10 --------- ....1.0.md => 2024-07-19-cookie-injection.md} | 13 ++++-------- .../2024-07-26-streamlit-models.md | 4 ++++ python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ---- ruby/ql/lib/change-notes/released/1.0.5.md | 3 --- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 6 ------ ...6-18-weak-sensitive-data-hashing-query.md} | 7 +++---- ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.5.md | 3 --- shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ---- .../dataflow/change-notes/released/1.0.5.md | 3 --- shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ---- shared/mad/change-notes/released/1.0.5.md | 3 --- shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.5.md | 3 --- shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ---- shared/regex/change-notes/released/1.0.5.md | 3 --- shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ---- shared/ssa/change-notes/released/1.0.5.md | 3 --- shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.5.md | 3 --- shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ---- .../tutorial/change-notes/released/1.0.5.md | 3 --- shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ---- .../typeflow/change-notes/released/1.0.5.md | 3 --- shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.5.md | 3 --- shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ---- shared/typos/change-notes/released/1.0.5.md | 3 --- shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ---- shared/util/change-notes/released/1.0.5.md | 3 --- shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ---- shared/xml/change-notes/released/1.0.5.md | 3 --- shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ---- shared/yaml/change-notes/released/1.0.5.md | 3 --- shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 7 ------- .../lib/change-notes/2024-07-24-url-model.md | 4 ++++ .../2024-08-01-filemanager-model.md | 4 ++++ swift/ql/lib/change-notes/released/1.1.1.md | 6 ------ swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 7 ------- .../1.0.5.md => 2024-08-01-constant-salt.md} | 7 +++---- swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 163 files changed, 180 insertions(+), 425 deletions(-) create mode 100644 cpp/ql/lib/change-notes/2024-07-23-destroying-delete.md create mode 100644 cpp/ql/lib/change-notes/2024-07-23-using-enum-declaration.md create mode 100644 cpp/ql/lib/change-notes/2024-07-25-alias-analysis-perf.md create mode 100644 cpp/ql/lib/change-notes/2024-07-31-constexpr-if.md create mode 100644 cpp/ql/lib/change-notes/2024-08-01-deduction-guide.md create mode 100644 cpp/ql/lib/change-notes/2024-08-01-explicit-bool.md delete mode 100644 cpp/ql/lib/change-notes/released/1.4.0.md create mode 100644 cpp/ql/src/change-notes/2024-07-11-unsigned-difference-expression-compared-zero-query.md create mode 100644 cpp/ql/src/change-notes/2024-07-22-incorrect-allocation-error-handling.md create mode 100644 cpp/ql/src/change-notes/2024-07-22-suspicious-allocation-size.md create mode 100644 cpp/ql/src/change-notes/2024-07-23-incorrectly-checked-scanf.md create mode 100644 cpp/ql/src/change-notes/2024-07-31-memory-may-not-be-freed.md delete mode 100644 cpp/ql/src/change-notes/released/1.2.0.md delete mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.22.md delete mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.22.md delete mode 100644 csharp/ql/lib/change-notes/released/1.0.5.md delete mode 100644 csharp/ql/src/change-notes/released/1.0.5.md delete mode 100644 go/ql/consistency-queries/change-notes/released/1.0.5.md delete mode 100644 go/ql/lib/change-notes/released/1.1.4.md delete mode 100644 go/ql/src/change-notes/released/1.0.5.md delete mode 100644 java/ql/automodel/src/change-notes/released/1.0.5.md rename java/ql/lib/change-notes/{released/3.0.0.md => 2024-06-14-reverse-dns-separate-threat-model-kind.md} (60%) create mode 100644 java/ql/lib/change-notes/2024-07-16-add-models-for-the-lastaflute-framework.md create mode 100644 java/ql/lib/change-notes/2024-07-19-apache-ant-property-sinks.md create mode 100644 java/ql/lib/change-notes/2024-07-24-url-fields-inherit-taint.md create mode 100644 java/ql/lib/change-notes/2024-07-25-env-vars.md create mode 100644 java/ql/lib/change-notes/2024-08-02-buildless-ga.md create mode 100644 java/ql/src/change-notes/2024-07-23-java-sensitivelogging-source.md create mode 100644 java/ql/src/change-notes/2024-07-25-java-error-message-exposure.md create mode 100644 java/ql/src/change-notes/2024-07-30-sensitive-log-whitelist-tokenizer.md create mode 100644 java/ql/src/change-notes/2024-07-30-unused.md delete mode 100644 java/ql/src/change-notes/released/1.1.2.md delete mode 100644 javascript/ql/lib/change-notes/released/1.1.2.md delete mode 100644 javascript/ql/src/change-notes/released/1.1.1.md delete mode 100644 misc/suite-helpers/change-notes/released/1.0.5.md rename python/ql/lib/change-notes/{released/1.0.5.md => 2024-07-12-mad-dict-sources.md} (83%) rename python/ql/src/change-notes/{released/1.1.0.md => 2024-07-19-cookie-injection.md} (59%) create mode 100644 python/ql/src/change-notes/2024-07-26-streamlit-models.md delete mode 100644 ruby/ql/lib/change-notes/released/1.0.5.md rename ruby/ql/src/change-notes/{released/1.1.0.md => 2024-06-18-weak-sensitive-data-hashing-query.md} (84%) delete mode 100644 shared/controlflow/change-notes/released/1.0.5.md delete mode 100644 shared/dataflow/change-notes/released/1.0.5.md delete mode 100644 shared/mad/change-notes/released/1.0.5.md delete mode 100644 shared/rangeanalysis/change-notes/released/1.0.5.md delete mode 100644 shared/regex/change-notes/released/1.0.5.md delete mode 100644 shared/ssa/change-notes/released/1.0.5.md delete mode 100644 shared/threat-models/change-notes/released/1.0.5.md delete mode 100644 shared/tutorial/change-notes/released/1.0.5.md delete mode 100644 shared/typeflow/change-notes/released/1.0.5.md delete mode 100644 shared/typetracking/change-notes/released/1.0.5.md delete mode 100644 shared/typos/change-notes/released/1.0.5.md delete mode 100644 shared/util/change-notes/released/1.0.5.md delete mode 100644 shared/xml/change-notes/released/1.0.5.md delete mode 100644 shared/yaml/change-notes/released/1.0.5.md create mode 100644 swift/ql/lib/change-notes/2024-07-24-url-model.md create mode 100644 swift/ql/lib/change-notes/2024-08-01-filemanager-model.md delete mode 100644 swift/ql/lib/change-notes/released/1.1.1.md rename swift/ql/src/change-notes/{released/1.0.5.md => 2024-08-01-constant-salt.md} (88%) diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 646199bb39c8..9f01040830c1 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,18 +1,3 @@ -## 1.4.0 - -### New Features - -* A `getTemplateClass` predicate was added to the `DeductionGuide` class to get the class template for which the deduction guide is a guide. -* An `isExplicit` predicate was added to the `Function` class that determines whether the function was declared as explicit. -* A `getExplicitExpr` predicate was added to the `Function` class that yields the constant boolean expression (if any) that conditionally determines whether the function is explicit. -* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete. - -### Minor Analysis Improvements - -* The controlling expression of a `constexpr if` is now always recognized as an unevaluated expression. -* Improved performance of alias analysis of large function bodies. In rare cases, alerts that depend on alias analysis of large function bodies may be affected. -* A `UsingEnumDeclarationEntry` class has been added for C++ `using enum` declarations. As part of this, synthesized `UsingDeclarationEntry`s are no longer emitted for individual enumerators of the referenced enumeration. - ## 1.3.0 ### New Features diff --git a/cpp/ql/lib/change-notes/2024-07-23-destroying-delete.md b/cpp/ql/lib/change-notes/2024-07-23-destroying-delete.md new file mode 100644 index 000000000000..eb2a69f5bac6 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-07-23-destroying-delete.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete. diff --git a/cpp/ql/lib/change-notes/2024-07-23-using-enum-declaration.md b/cpp/ql/lib/change-notes/2024-07-23-using-enum-declaration.md new file mode 100644 index 000000000000..cf85b3cef4e8 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-07-23-using-enum-declaration.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* A `UsingEnumDeclarationEntry` class has been added for C++ `using enum` declarations. As part of this, synthesized `UsingDeclarationEntry`s are no longer emitted for individual enumerators of the referenced enumeration. diff --git a/cpp/ql/lib/change-notes/2024-07-25-alias-analysis-perf.md b/cpp/ql/lib/change-notes/2024-07-25-alias-analysis-perf.md new file mode 100644 index 000000000000..585e824e6f19 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-07-25-alias-analysis-perf.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Improved performance of alias analysis of large function bodies. In rare cases, alerts that depend on alias analysis of large function bodies may be affected. diff --git a/cpp/ql/lib/change-notes/2024-07-31-constexpr-if.md b/cpp/ql/lib/change-notes/2024-07-31-constexpr-if.md new file mode 100644 index 000000000000..09e27337bd11 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-07-31-constexpr-if.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The controlling expression of a `constexpr if` is now always recognized as an unevaluated expression. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2024-08-01-deduction-guide.md b/cpp/ql/lib/change-notes/2024-08-01-deduction-guide.md new file mode 100644 index 000000000000..b2d18d5994f5 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-08-01-deduction-guide.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* A `getTemplateClass` predicate was added to the `DeductionGuide` class to get the class template for which the deduction guide is a guide. diff --git a/cpp/ql/lib/change-notes/2024-08-01-explicit-bool.md b/cpp/ql/lib/change-notes/2024-08-01-explicit-bool.md new file mode 100644 index 000000000000..f6ff9d19e8b3 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-08-01-explicit-bool.md @@ -0,0 +1,5 @@ +--- +category: feature +--- +* An `isExplicit` predicate was added to the `Function` class that determines whether the function was declared as explicit. +* A `getExplicitExpr` predicate was added to the `Function` class that yields the constant boolean expression (if any) that conditionally determines whether the function is explicit. diff --git a/cpp/ql/lib/change-notes/released/1.4.0.md b/cpp/ql/lib/change-notes/released/1.4.0.md deleted file mode 100644 index a8466b0ef11c..000000000000 --- a/cpp/ql/lib/change-notes/released/1.4.0.md +++ /dev/null @@ -1,14 +0,0 @@ -## 1.4.0 - -### New Features - -* A `getTemplateClass` predicate was added to the `DeductionGuide` class to get the class template for which the deduction guide is a guide. -* An `isExplicit` predicate was added to the `Function` class that determines whether the function was declared as explicit. -* A `getExplicitExpr` predicate was added to the `Function` class that yields the constant boolean expression (if any) that conditionally determines whether the function is explicit. -* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete. - -### Minor Analysis Improvements - -* The controlling expression of a `constexpr if` is now always recognized as an unevaluated expression. -* Improved performance of alias analysis of large function bodies. In rare cases, alerts that depend on alias analysis of large function bodies may be affected. -* A `UsingEnumDeclarationEntry` class has been added for C++ `using enum` declarations. As part of this, synthesized `UsingDeclarationEntry`s are no longer emitted for individual enumerators of the referenced enumeration. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index b8b2e97d5086..ec16350ed6fd 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.4.0 +lastReleaseVersion: 1.3.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 002da21daec9..5ef613e94c00 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 1.4.0 +version: 1.3.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 25e322a99b75..9f10be7db909 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,16 +1,3 @@ -## 1.2.0 - -### Query Metadata Changes - -* The precision of `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. - -### Minor Analysis Improvements - -* Fixed false positives in the `cpp/memory-may-not-be-freed` ("Memory may not be freed") query involving class methods that returned an allocated field of that class being misidentified as allocators. -* The `cpp/incorrectly-checked-scanf` ("Incorrect return-value check for a 'scanf'-like function") query now produces fewer false positive results. -* The `cpp/incorrect-allocation-error-handling` ("Incorrect allocation-error handling") query no longer produces occasional false positive results inside template instantiations. -* The `cpp/suspicious-allocation-size` ("Not enough memory allocated for array of pointer type") query no longer produces false positives on "variable size" `struct`s. - ## 1.1.0 ### Query Metadata Changes diff --git a/cpp/ql/src/change-notes/2024-07-11-unsigned-difference-expression-compared-zero-query.md b/cpp/ql/src/change-notes/2024-07-11-unsigned-difference-expression-compared-zero-query.md new file mode 100644 index 000000000000..7a1469464c27 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-11-unsigned-difference-expression-compared-zero-query.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The precision of `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. diff --git a/cpp/ql/src/change-notes/2024-07-22-incorrect-allocation-error-handling.md b/cpp/ql/src/change-notes/2024-07-22-incorrect-allocation-error-handling.md new file mode 100644 index 000000000000..5e95cd05678e --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-22-incorrect-allocation-error-handling.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `cpp/incorrect-allocation-error-handling` ("Incorrect allocation-error handling") query no longer produces occasional false positive results inside template instantiations. diff --git a/cpp/ql/src/change-notes/2024-07-22-suspicious-allocation-size.md b/cpp/ql/src/change-notes/2024-07-22-suspicious-allocation-size.md new file mode 100644 index 000000000000..8b55e61e85a7 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-22-suspicious-allocation-size.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `cpp/suspicious-allocation-size` ("Not enough memory allocated for array of pointer type") query no longer produces false positives on "variable size" `struct`s. diff --git a/cpp/ql/src/change-notes/2024-07-23-incorrectly-checked-scanf.md b/cpp/ql/src/change-notes/2024-07-23-incorrectly-checked-scanf.md new file mode 100644 index 000000000000..9149c7611f5b --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-23-incorrectly-checked-scanf.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `cpp/incorrectly-checked-scanf` ("Incorrect return-value check for a 'scanf'-like function") query now produces fewer false positive results. diff --git a/cpp/ql/src/change-notes/2024-07-31-memory-may-not-be-freed.md b/cpp/ql/src/change-notes/2024-07-31-memory-may-not-be-freed.md new file mode 100644 index 000000000000..a0ce19ccf694 --- /dev/null +++ b/cpp/ql/src/change-notes/2024-07-31-memory-may-not-be-freed.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Fixed false positives in the `cpp/memory-may-not-be-freed` ("Memory may not be freed") query involving class methods that returned an allocated field of that class being misidentified as allocators. diff --git a/cpp/ql/src/change-notes/released/1.2.0.md b/cpp/ql/src/change-notes/released/1.2.0.md deleted file mode 100644 index f23e2b92eec6..000000000000 --- a/cpp/ql/src/change-notes/released/1.2.0.md +++ /dev/null @@ -1,12 +0,0 @@ -## 1.2.0 - -### Query Metadata Changes - -* The precision of `cpp/unsigned-difference-expression-compared-zero` ("Unsigned difference expression compared to zero") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite. - -### Minor Analysis Improvements - -* Fixed false positives in the `cpp/memory-may-not-be-freed` ("Memory may not be freed") query involving class methods that returned an allocated field of that class being misidentified as allocators. -* The `cpp/incorrectly-checked-scanf` ("Incorrect return-value check for a 'scanf'-like function") query now produces fewer false positive results. -* The `cpp/incorrect-allocation-error-handling` ("Incorrect allocation-error handling") query no longer produces occasional false positive results inside template instantiations. -* The `cpp/suspicious-allocation-size` ("Not enough memory allocated for array of pointer type") query no longer produces false positives on "variable size" `struct`s. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 75430e73d1c4..2ac15439f561 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.2.0 +lastReleaseVersion: 1.1.0 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index a26e3b68c6de..97b40ad7de2d 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.2.0 +version: 1.1.1-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index eb7af5234e3c..503822fbd684 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.22 - -No user-facing changes. - ## 1.7.21 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.22.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.22.md deleted file mode 100644 index 7d6f39f3ce21..000000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.22.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.22 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 6a79a0ec163e..87eff681b88a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.22 +lastReleaseVersion: 1.7.21 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index a13c44628162..f8c5a6f14a29 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.22 +version: 1.7.22-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index eb7af5234e3c..503822fbd684 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.22 - -No user-facing changes. - ## 1.7.21 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.22.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.22.md deleted file mode 100644 index 7d6f39f3ce21..000000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.22.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.22 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 6a79a0ec163e..87eff681b88a 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.22 +lastReleaseVersion: 1.7.21 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index d6062ac903d3..f8e6ff0dc93a 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.22 +version: 1.7.22-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 50a19e99d36a..e8db03319514 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/released/1.0.5.md b/csharp/ql/lib/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/csharp/ql/lib/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 6df287fb5e1c..7c679023e56f 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 1.0.5 +version: 1.0.5-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index bd25f8118dd5..0b2583745f1e 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/csharp/ql/src/change-notes/released/1.0.5.md b/csharp/ql/src/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/csharp/ql/src/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 1f6b695454dc..d1efd4cbf183 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.0.5 +version: 1.0.5-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 2e7162889c38..bdc66d513224 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.5.md b/go/ql/consistency-queries/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/go/ql/consistency-queries/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 62d6836c3c35..84c6cd451e2e 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.5 +version: 1.0.5-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 41cfec4595ef..ed4e9b3750f8 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.1.4 - -No user-facing changes. - ## 1.1.3 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/released/1.1.4.md b/go/ql/lib/change-notes/released/1.1.4.md deleted file mode 100644 index b95051903c5a..000000000000 --- a/go/ql/lib/change-notes/released/1.1.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.1.4 - -No user-facing changes. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 26cbcd3f123b..35e710ab1bf0 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.4 +lastReleaseVersion: 1.1.3 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 574d34df3c58..0393983bbc1e 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 1.1.4 +version: 1.1.4-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 36470f89ebab..7248057e4089 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.0.5.md b/go/ql/src/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/go/ql/src/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 2d492bd3eaa7..36f79d28b5b4 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.0.5 +version: 1.0.5-dev groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index 7dc759d1ac6f..7ef174ca56a5 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/1.0.5.md b/java/ql/automodel/src/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/java/ql/automodel/src/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index 77cfa34c6dbe..59878324d3d2 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 1.0.5 +version: 1.0.5-dev groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2dd89daf33f6..07b324f259c5 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,23 +1,3 @@ -## 3.0.0 - -### Breaking Changes - -* The Java and Kotlin extractors no longer support the `SOURCE_ARCHIVE` and `TRAP_FOLDER` legacy environment variable. - -### New Features - -* Java support for `build-mode: none` is now out of beta, and generally available. - -### Major Analysis Improvements - -* We previously considered reverse DNS resolutions (IP address -> domain name) as sources of untrusted data, since compromised/malicious DNS servers could potentially return malicious responses to arbitrary requests. We have now removed this source from the default set of untrusted sources and made a new threat model kind for them, called "reverse-dns". You can optionally include other threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models). - -### Minor Analysis Improvements - -* Added flow through some methods of the class `java.net.URL` by ensuring that the fields of a URL are tainted. -* Added path-injection sinks for `org.apache.tools.ant.taskdefs.Property.setFile` and `org.apache.tools.ant.taskdefs.Property.setResource`. -* Adds models for request handlers using the `org.lastaflute.web` web framework. - ## 2.0.0 ### Breaking Changes diff --git a/java/ql/lib/change-notes/released/3.0.0.md b/java/ql/lib/change-notes/2024-06-14-reverse-dns-separate-threat-model-kind.md similarity index 60% rename from java/ql/lib/change-notes/released/3.0.0.md rename to java/ql/lib/change-notes/2024-06-14-reverse-dns-separate-threat-model-kind.md index be106b16574c..f5e39a0b5ea5 100644 --- a/java/ql/lib/change-notes/released/3.0.0.md +++ b/java/ql/lib/change-notes/2024-06-14-reverse-dns-separate-threat-model-kind.md @@ -1,19 +1,4 @@ -## 3.0.0 - -### Breaking Changes - -* The Java and Kotlin extractors no longer support the `SOURCE_ARCHIVE` and `TRAP_FOLDER` legacy environment variable. - -### New Features - -* Java support for `build-mode: none` is now out of beta, and generally available. - -### Major Analysis Improvements - +--- +category: majorAnalysis +--- * We previously considered reverse DNS resolutions (IP address -> domain name) as sources of untrusted data, since compromised/malicious DNS servers could potentially return malicious responses to arbitrary requests. We have now removed this source from the default set of untrusted sources and made a new threat model kind for them, called "reverse-dns". You can optionally include other threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models). - -### Minor Analysis Improvements - -* Added flow through some methods of the class `java.net.URL` by ensuring that the fields of a URL are tainted. -* Added path-injection sinks for `org.apache.tools.ant.taskdefs.Property.setFile` and `org.apache.tools.ant.taskdefs.Property.setResource`. -* Adds models for request handlers using the `org.lastaflute.web` web framework. diff --git a/java/ql/lib/change-notes/2024-07-16-add-models-for-the-lastaflute-framework.md b/java/ql/lib/change-notes/2024-07-16-add-models-for-the-lastaflute-framework.md new file mode 100644 index 000000000000..b5f924cdb676 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-16-add-models-for-the-lastaflute-framework.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Adds models for request handlers using the `org.lastaflute.web` web framework. diff --git a/java/ql/lib/change-notes/2024-07-19-apache-ant-property-sinks.md b/java/ql/lib/change-notes/2024-07-19-apache-ant-property-sinks.md new file mode 100644 index 000000000000..11d84d15e3f2 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-19-apache-ant-property-sinks.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added path-injection sinks for `org.apache.tools.ant.taskdefs.Property.setFile` and `org.apache.tools.ant.taskdefs.Property.setResource`. diff --git a/java/ql/lib/change-notes/2024-07-24-url-fields-inherit-taint.md b/java/ql/lib/change-notes/2024-07-24-url-fields-inherit-taint.md new file mode 100644 index 000000000000..80851dbc6559 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-24-url-fields-inherit-taint.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added flow through some methods of the class `java.net.URL` by ensuring that the fields of a URL are tainted. diff --git a/java/ql/lib/change-notes/2024-07-25-env-vars.md b/java/ql/lib/change-notes/2024-07-25-env-vars.md new file mode 100644 index 000000000000..8c58be3b4126 --- /dev/null +++ b/java/ql/lib/change-notes/2024-07-25-env-vars.md @@ -0,0 +1,4 @@ +--- +category: breaking +--- +* The Java and Kotlin extractors no longer support the `SOURCE_ARCHIVE` and `TRAP_FOLDER` legacy environment variable. diff --git a/java/ql/lib/change-notes/2024-08-02-buildless-ga.md b/java/ql/lib/change-notes/2024-08-02-buildless-ga.md new file mode 100644 index 000000000000..8d2d8b6255d4 --- /dev/null +++ b/java/ql/lib/change-notes/2024-08-02-buildless-ga.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Java support for `build-mode: none` is now out of beta, and generally available. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 33d3a2cd1139..0abe6ccede0f 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 3.0.0 +lastReleaseVersion: 2.0.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 74bb47b0b8d0..470dfa198988 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 3.0.0 +version: 2.0.1-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 464768e3a7fc..79a69c7ed9b6 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,12 +1,3 @@ -## 1.1.2 - -### Minor Analysis Improvements - -* Variables names containing the string "tokenizer" (case-insensitively) are no longer sources for the `java/sensitive-log` query. They normally relate to things like `java.util.StringTokenizer`, which are not sensitive information. This should fix some false positive alerts. -* The query "Unused classes and interfaces" (`java/unused-reference-type`) now recognizes that if a method of a class has an annotation then it may be accessed reflectively. This should remove false positive alerts, especially for JUnit 4-style tests annotated with `@test`. -* Alerts about exposing `exception.getMessage()` in servlet responses are now split out of `java/stack-trace-exposure` into its own query `java/error-message-exposure`. -* Added the extensible abstract class `SensitiveLoggerSource`. Now this class can be extended to add more sources to the `java/sensitive-log` query or for customizations overrides. - ## 1.1.1 ### Minor Analysis Improvements @@ -334,7 +325,7 @@ No user-facing changes. ### New Queries * Added a new query, `java/android/incomplete-provider-permissions`, to detect if an Android ContentProvider is not protected with a correct set of permissions. -* A new query "Uncontrolled data used in content resolution" (`java/androd/unsafe-content-uri-resolution`) has been added. This query finds paths from user-provided data to URI resolution operations in Android's `ContentResolver` without previous validation or sanitization. +* A new query "Uncontrolled data used in content resolution" (`java/android/unsafe-content-uri-resolution`) has been added. This query finds paths from user-provided data to URI resolution operations in Android's `ContentResolver` without previous validation or sanitization. ## 0.4.1 diff --git a/java/ql/src/change-notes/2024-07-23-java-sensitivelogging-source.md b/java/ql/src/change-notes/2024-07-23-java-sensitivelogging-source.md new file mode 100644 index 000000000000..ff8a3e12ee4a --- /dev/null +++ b/java/ql/src/change-notes/2024-07-23-java-sensitivelogging-source.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added the extensible abstract class `SensitiveLoggerSource`. Now this class can be extended to add more sources to the `java/sensitive-log` query or for customizations overrides. \ No newline at end of file diff --git a/java/ql/src/change-notes/2024-07-25-java-error-message-exposure.md b/java/ql/src/change-notes/2024-07-25-java-error-message-exposure.md new file mode 100644 index 000000000000..2cc18cc1c644 --- /dev/null +++ b/java/ql/src/change-notes/2024-07-25-java-error-message-exposure.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Alerts about exposing `exception.getMessage()` in servlet responses are now split out of `java/stack-trace-exposure` into its own query `java/error-message-exposure`. \ No newline at end of file diff --git a/java/ql/src/change-notes/2024-07-30-sensitive-log-whitelist-tokenizer.md b/java/ql/src/change-notes/2024-07-30-sensitive-log-whitelist-tokenizer.md new file mode 100644 index 000000000000..a9a2bf2a9e0c --- /dev/null +++ b/java/ql/src/change-notes/2024-07-30-sensitive-log-whitelist-tokenizer.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Variables names containing the string "tokenizer" (case-insensitively) are no longer sources for the `java/sensitive-log` query. They normally relate to things like `java.util.StringTokenizer`, which are not sensitive information. This should fix some false positive alerts. diff --git a/java/ql/src/change-notes/2024-07-30-unused.md b/java/ql/src/change-notes/2024-07-30-unused.md new file mode 100644 index 000000000000..44eaaf515e5f --- /dev/null +++ b/java/ql/src/change-notes/2024-07-30-unused.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The query "Unused classes and interfaces" (`java/unused-reference-type`) now recognizes that if a method of a class has an annotation then it may be accessed reflectively. This should remove false positive alerts, especially for JUnit 4-style tests annotated with `@test`. diff --git a/java/ql/src/change-notes/released/1.1.2.md b/java/ql/src/change-notes/released/1.1.2.md deleted file mode 100644 index f14365cfdd3a..000000000000 --- a/java/ql/src/change-notes/released/1.1.2.md +++ /dev/null @@ -1,8 +0,0 @@ -## 1.1.2 - -### Minor Analysis Improvements - -* Variables names containing the string "tokenizer" (case-insensitively) are no longer sources for the `java/sensitive-log` query. They normally relate to things like `java.util.StringTokenizer`, which are not sensitive information. This should fix some false positive alerts. -* The query "Unused classes and interfaces" (`java/unused-reference-type`) now recognizes that if a method of a class has an annotation then it may be accessed reflectively. This should remove false positive alerts, especially for JUnit 4-style tests annotated with `@test`. -* Alerts about exposing `exception.getMessage()` in servlet responses are now split out of `java/stack-trace-exposure` into its own query `java/error-message-exposure`. -* Added the extensible abstract class `SensitiveLoggerSource`. Now this class can be extended to add more sources to the `java/sensitive-log` query or for customizations overrides. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 53ab127707fc..1a19084be3f7 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.2 +lastReleaseVersion: 1.1.1 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 2b82652c07ed..e34220277ab7 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.1.2 +version: 1.1.2-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 134bbe39a693..182f9a9685c5 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.1.2 - -No user-facing changes. - ## 1.1.1 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/1.1.2.md b/javascript/ql/lib/change-notes/released/1.1.2.md deleted file mode 100644 index ce8d2c1a4f37..000000000000 --- a/javascript/ql/lib/change-notes/released/1.1.2.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.1.2 - -No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 53ab127707fc..1a19084be3f7 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.2 +lastReleaseVersion: 1.1.1 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 55728be6e206..f7bdd033b1c9 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 1.1.2 +version: 1.1.2-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index af1e040cc44a..0f30798ecd18 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.1.1 - -No user-facing changes. - ## 1.1.0 ### New Queries diff --git a/javascript/ql/src/change-notes/released/1.1.1.md b/javascript/ql/src/change-notes/released/1.1.1.md deleted file mode 100644 index 7fb56d366105..000000000000 --- a/javascript/ql/src/change-notes/released/1.1.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.1.1 - -No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 1a19084be3f7..2ac15439f561 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.1 +lastReleaseVersion: 1.1.0 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 930347d58bc4..bd70dd01c26f 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 1.1.1 +version: 1.1.1-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 5e4196ac3372..9f92ac20b255 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.5.md b/misc/suite-helpers/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/misc/suite-helpers/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 530d81be5a7a..b09efa35a30e 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.5 +version: 1.0.5-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 87cbf5bfda15..382efff551c6 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.0.5 - -### Minor Analysis Improvements - -* Added support for `DictionaryElement[]` and `DictionaryElementAny` when Customizing Library Models for `sourceModel` (see https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/) - ## 1.0.4 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/released/1.0.5.md b/python/ql/lib/change-notes/2024-07-12-mad-dict-sources.md similarity index 83% rename from python/ql/lib/change-notes/released/1.0.5.md rename to python/ql/lib/change-notes/2024-07-12-mad-dict-sources.md index f65ec74a0951..1cc64bc5e7f3 100644 --- a/python/ql/lib/change-notes/released/1.0.5.md +++ b/python/ql/lib/change-notes/2024-07-12-mad-dict-sources.md @@ -1,5 +1,4 @@ -## 1.0.5 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Added support for `DictionaryElement[]` and `DictionaryElementAny` when Customizing Library Models for `sourceModel` (see https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/) diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index d43d4386a88e..f25441dbef5e 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 1.0.5 +version: 1.0.5-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 318971129253..b386509bd979 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,13 +1,3 @@ -## 1.1.0 - -### New Queries - -* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being constructed from user input. - -### Minor Analysis Improvements - -* Added models of `streamlit` PyPI package. - ## 1.0.4 No user-facing changes. diff --git a/python/ql/src/change-notes/released/1.1.0.md b/python/ql/src/change-notes/2024-07-19-cookie-injection.md similarity index 59% rename from python/ql/src/change-notes/released/1.1.0.md rename to python/ql/src/change-notes/2024-07-19-cookie-injection.md index 9ced8370f539..ceefa99c886b 100644 --- a/python/ql/src/change-notes/released/1.1.0.md +++ b/python/ql/src/change-notes/2024-07-19-cookie-injection.md @@ -1,9 +1,4 @@ -## 1.1.0 - -### New Queries - -* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being constructed from user input. - -### Minor Analysis Improvements - -* Added models of `streamlit` PyPI package. +--- +category: newQuery +--- +* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being constructed from user input. \ No newline at end of file diff --git a/python/ql/src/change-notes/2024-07-26-streamlit-models.md b/python/ql/src/change-notes/2024-07-26-streamlit-models.md new file mode 100644 index 000000000000..7deba7dffed6 --- /dev/null +++ b/python/ql/src/change-notes/2024-07-26-streamlit-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added models of `streamlit` PyPI package. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 2ac15439f561..03f7ea71b58e 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.0.4 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index d994d8744a18..6c6bf5f7798f 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.1.0 +version: 1.0.5-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 4d575d4ef0f3..865dc997f3a6 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/1.0.5.md b/ruby/ql/lib/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/ruby/ql/lib/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 5a94c2c93d3c..6cee97698704 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 1.0.5 +version: 1.0.5-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 37101f41c704..ac5d0c7525c0 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.1.0 - -### New Queries - -* Added a new query, `rb/weak-sensitive-data-hashing`, to detect cases where sensitive data is hashed using a weak cryptographic hashing algorithm. - ## 1.0.4 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.1.0.md b/ruby/ql/src/change-notes/2024-06-18-weak-sensitive-data-hashing-query.md similarity index 84% rename from ruby/ql/src/change-notes/released/1.1.0.md rename to ruby/ql/src/change-notes/2024-06-18-weak-sensitive-data-hashing-query.md index 17dcb0b1237f..6fffd21d616c 100644 --- a/ruby/ql/src/change-notes/released/1.1.0.md +++ b/ruby/ql/src/change-notes/2024-06-18-weak-sensitive-data-hashing-query.md @@ -1,5 +1,4 @@ -## 1.1.0 - -### New Queries - +--- +category: newQuery +--- * Added a new query, `rb/weak-sensitive-data-hashing`, to detect cases where sensitive data is hashed using a weak cryptographic hashing algorithm. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index 2ac15439f561..03f7ea71b58e 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.0 +lastReleaseVersion: 1.0.4 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 675736868034..c1c895167bcd 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.1.0 +version: 1.0.5-dev groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index f62d99b8a599..047afa97e510 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/1.0.5.md b/shared/controlflow/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/controlflow/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 411b43b82cc4..e981c2fed5dc 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 0a94e1b80ec2..ca6c7165b9bf 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/1.0.5.md b/shared/dataflow/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/dataflow/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index bfec0e93a53a..4302341cb3b5 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 0bf218b96568..8680f86e786b 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.5.md b/shared/mad/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/mad/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 21aa9dc3cb74..0c16b8a9bddb 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index f445578246d1..a33a857c9057 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.5.md b/shared/rangeanalysis/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/rangeanalysis/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 0a0b326205c1..c2f65e2931f0 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 78f8369e7396..d78925faba07 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.5.md b/shared/regex/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/regex/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index d0b658524fe6..930dfbf4098b 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index f41fc9a7fe7e..1a64a39471c8 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/ssa/change-notes/released/1.0.5.md b/shared/ssa/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/ssa/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 6ff39d141cdc..e59f7a2e601d 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 2e7162889c38..bdc66d513224 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.5.md b/shared/threat-models/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/threat-models/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index fdd405e20961..819206dd32a6 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.5 +version: 1.0.5-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index f20cfe347d73..ad8f62a4e9d5 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.5.md b/shared/tutorial/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/tutorial/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 502519631d05..c542374804d8 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 7ba137cbf536..b9366dadb5c1 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.5.md b/shared/typeflow/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/typeflow/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 95557584bfee..9dbfd6533f47 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 77d9b6f4fcf5..d17f150b27b2 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/1.0.5.md b/shared/typetracking/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/typetracking/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 0c31e5be9a1b..c2a176796e89 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index f8ac1347b0f9..d323c0974fe2 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.5.md b/shared/typos/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/typos/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 97b3f34bd045..5bbc01323a88 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index e44386743adc..6042620d77cb 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/util/change-notes/released/1.0.5.md b/shared/util/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/util/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 8b6247e151db..964747c8c599 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 1b292c168764..1323436e6b2f 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.5.md b/shared/xml/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/xml/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 1a7f307050be..edaeefea948c 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 064f83a6efd6..cd2c2e92ddfd 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.5 - -No user-facing changes. - ## 1.0.4 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.5.md b/shared/yaml/change-notes/released/1.0.5.md deleted file mode 100644 index 56907442d251..000000000000 --- a/shared/yaml/change-notes/released/1.0.5.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.5 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 790d2dc1caed..da7d8b2956ae 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.5 +version: 1.0.5-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index b8e0122e0a0e..21e8b74bb023 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,10 +1,3 @@ -## 1.1.1 - -### Minor Analysis Improvements - -* The model for `FileManager` no longer considers methods that return paths on the file system as taint sources. This is because these sources have been found to produce results of low value. -* An error in the model for `URL.withUnsafeFileSystemRepresentation(_:)` has been corrected. This may result in new data flow paths being found during analysis. - ## 1.1.0 ### New Features diff --git a/swift/ql/lib/change-notes/2024-07-24-url-model.md b/swift/ql/lib/change-notes/2024-07-24-url-model.md new file mode 100644 index 000000000000..ab831ab4593c --- /dev/null +++ b/swift/ql/lib/change-notes/2024-07-24-url-model.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* An error in the model for `URL.withUnsafeFileSystemRepresentation(_:)` has been corrected. This may result in new data flow paths being found during analysis. diff --git a/swift/ql/lib/change-notes/2024-08-01-filemanager-model.md b/swift/ql/lib/change-notes/2024-08-01-filemanager-model.md new file mode 100644 index 000000000000..e4630d38f2c1 --- /dev/null +++ b/swift/ql/lib/change-notes/2024-08-01-filemanager-model.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The model for `FileManager` no longer considers methods that return paths on the file system as taint sources. This is because these sources have been found to produce results of low value. diff --git a/swift/ql/lib/change-notes/released/1.1.1.md b/swift/ql/lib/change-notes/released/1.1.1.md deleted file mode 100644 index 50bd8dff3ce0..000000000000 --- a/swift/ql/lib/change-notes/released/1.1.1.md +++ /dev/null @@ -1,6 +0,0 @@ -## 1.1.1 - -### Minor Analysis Improvements - -* The model for `FileManager` no longer considers methods that return paths on the file system as taint sources. This is because these sources have been found to produce results of low value. -* An error in the model for `URL.withUnsafeFileSystemRepresentation(_:)` has been corrected. This may result in new data flow paths being found during analysis. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 1a19084be3f7..2ac15439f561 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.1.1 +lastReleaseVersion: 1.1.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 2878c24bc555..2b14c18b1283 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 1.1.1 +version: 1.1.1-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index e33d96f63f5a..ca26ff94f225 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 1.0.5 - -### Minor Analysis Improvements - -* The `swift/constant-salt` ("Use of constant salts") query now considers string concatenation and interpolation as a barrier. As a result, there will be fewer false positive results from this query involving constructed strings. -* The `swift/constant-salt` ("Use of constant salts") query message now contains a link to the source node. - ## 1.0.4 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.0.5.md b/swift/ql/src/change-notes/2024-08-01-constant-salt.md similarity index 88% rename from swift/ql/src/change-notes/released/1.0.5.md rename to swift/ql/src/change-notes/2024-08-01-constant-salt.md index f2169e0059f5..5ead3f3c9844 100644 --- a/swift/ql/src/change-notes/released/1.0.5.md +++ b/swift/ql/src/change-notes/2024-08-01-constant-salt.md @@ -1,6 +1,5 @@ -## 1.0.5 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * The `swift/constant-salt` ("Use of constant salts") query now considers string concatenation and interpolation as a barrier. As a result, there will be fewer false positive results from this query involving constructed strings. * The `swift/constant-salt` ("Use of constant salts") query message now contains a link to the source node. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 42da17b38415..03f7ea71b58e 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.4 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index c88cab945eb3..a6a4598cc743 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.0.5 +version: 1.0.5-dev groups: - swift - queries