Release preparation for version 2.17.4

github · May 23, 2024 · ebb9a22 · ebb9a22
1 parent 613ccaa
commit ebb9a22
Show file tree

Hide file tree

Showing 182 changed files with 545 additions and 260 deletions.
diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
 ## 0.13.1
 
 No user-facing changes.

diff --git a/...l/lib/change-notes/2024-05-23-Version1.md → cpp/ql/lib/change-notes/released/1.0.0.md b/...l/lib/change-notes/2024-05-23-Version1.md → cpp/ql/lib/change-notes/released/1.0.0.md
@@ -1,4 +1,5 @@
----
-category: breaking
----
+## 1.0.0
+
+### Breaking Changes
+
 * CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.13.1
+lastReleaseVersion: 1.0.0
diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 1.0.0-dev
+version: 1.0.0
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
+* The "Use of unique pointer after lifetime ends" query (`cpp/use-of-unique-pointer-after-lifetime-ends`) no longer reports an alert when the pointer is converted to a boolean
+* The "Variable not initialized before use" query (`cpp/not-initialised`) no longer reports an alert on static variables.
+
 ## 0.9.12
 
 ### New Queries

diff --git a/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md b/cpp/ql/src/change-notes/2024-05-19-avoid-reporting-static-variable.md
diff --git a/cpp/ql/src/change-notes/2024-05-22-use-of-unique-pointer-after-lifetime-ends-fp.md b/cpp/ql/src/change-notes/2024-05-22-use-of-unique-pointer-after-lifetime-ends-fp.md
diff --git a/cpp/ql/src/change-notes/released/1.0.0.md b/cpp/ql/src/change-notes/released/1.0.0.md
@@ -0,0 +1,10 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
+* The "Use of unique pointer after lifetime ends" query (`cpp/use-of-unique-pointer-after-lifetime-ends`) no longer reports an alert when the pointer is converted to a boolean
+* The "Variable not initialized before use" query (`cpp/not-initialised`) no longer reports an alert on static variables.
diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.9.12
+lastReleaseVersion: 1.0.0
diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.0.0-dev
+version: 1.0.0
 groups:
   - cpp
   - queries

diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.7.17
+
+No user-facing changes.
+
 ## 1.7.16
 
 No user-facing changes.

diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.17.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.17.md
@@ -0,0 +1,3 @@
+## 1.7.17
+
+No user-facing changes.
diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.16
+lastReleaseVersion: 1.7.17
diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.17-dev
+version: 1.7.17
 groups:
   - csharp
   - solorigate

diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.7.17
+
+No user-facing changes.
+
 ## 1.7.16
 
 No user-facing changes.

diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.17.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.17.md
@@ -0,0 +1,3 @@
+## 1.7.17
+
+No user-facing changes.
diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.16
+lastReleaseVersion: 1.7.17
diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.17-dev
+version: 1.7.17
 groups:
   - csharp
   - solorigate

diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
 ## 0.10.1
 
 No user-facing changes.

diff --git a/...l/lib/change-notes/2024-05-23-Version1.md → csharp/ql/lib/change-notes/released/1.0.0.md b/...l/lib/change-notes/2024-05-23-Version1.md → csharp/ql/lib/change-notes/released/1.0.0.md
@@ -1,4 +1,5 @@
----
-category: breaking
----
+## 1.0.0
+
+### Breaking Changes
+
 * CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.10.1
+lastReleaseVersion: 1.0.0
diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 1.0.0-dev
+version: 1.0.0
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
 ## 0.8.16
 
 No user-facing changes.

diff --git a/...l/src/change-notes/2024-05-23-Version1.md → csharp/ql/src/change-notes/released/1.0.0.md b/...l/src/change-notes/2024-05-23-Version1.md → csharp/ql/src/change-notes/released/1.0.0.md
@@ -1,4 +1,5 @@
----
-category: breaking
----
+## 1.0.0
+
+### Breaking Changes
+
 * CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.16
+lastReleaseVersion: 1.0.0
diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.0.0-dev
+version: 1.0.0
 groups:
   - csharp
   - queries

diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
 ## 0.0.15
 
 No user-facing changes.

diff --git a/go/ql/consistency-queries/change-notes/2024-05-23-Version1.md b/go/ql/consistency-queries/change-notes/2024-05-23-Version1.md
diff --git a/...l/src/change-notes/2024-05-23-Version1.md → ...cy-queries/change-notes/released/1.0.0.md b/...l/src/change-notes/2024-05-23-Version1.md → ...cy-queries/change-notes/released/1.0.0.md
@@ -1,4 +1,5 @@
----
-category: breaking
----
+## 1.0.0
+
+### Breaking Changes
+
 * CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.15
+lastReleaseVersion: 1.0.0
diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.0-dev
+version: 1.0.0
 groups:
   - go
   - queries

diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md
@@ -1,3 +1,15 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
+* A bug has been fixed which meant that the query `go/incorrect-integer-conversion` did not consider type assertions and type switches which use a defined type whose underlying type is an integer type. This may lead to fewer false positive alerts.
+* A bug has been fixed which meant flow was not followed through some ranged for loops. This may lead to more alerts being found.
+* Converted the models for the built-in functions `append`, `copy`, `max` and `min` to value flow and Models-as-Data.
+
 ## 0.8.1
 
 ### Minor Analysis Improvements

diff --git a/go/ql/lib/change-notes/2024-05-09-model-append-copy-max-min.md b/go/ql/lib/change-notes/2024-05-09-model-append-copy-max-min.md
diff --git a/go/ql/lib/change-notes/2024-05-16-incorrect-integer-conversion-defined-types.md b/go/ql/lib/change-notes/2024-05-16-incorrect-integer-conversion-defined-types.md
diff --git a/go/ql/lib/change-notes/2024-05-16-read-store-steps-named-types.md b/go/ql/lib/change-notes/2024-05-16-read-store-steps-named-types.md
diff --git a/go/ql/lib/change-notes/2024-05-23-Version1.md b/go/ql/lib/change-notes/2024-05-23-Version1.md
diff --git a/go/ql/lib/change-notes/released/1.0.0.md b/go/ql/lib/change-notes/released/1.0.0.md
@@ -0,0 +1,11 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
+* A bug has been fixed which meant that the query `go/incorrect-integer-conversion` did not consider type assertions and type switches which use a defined type whose underlying type is an integer type. This may lead to fewer false positive alerts.
+* A bug has been fixed which meant flow was not followed through some ranged for loops. This may lead to more alerts being found.
+* Converted the models for the built-in functions `append`, `copy`, `max` and `min` to value flow and Models-as-Data.
diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.8.1
+lastReleaseVersion: 1.0.0
diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 1.0.0-dev
+version: 1.0.0
 groups: go
 dbscheme: go.dbscheme
 extractor: go

diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
+* The query `go/incorrect-integer-conversion` has now been restricted to only use flow through value-preserving steps. This reduces false positives, especially around type switches.
+
 ## 0.7.16
 
 No user-facing changes.

diff --git a/go/ql/src/change-notes/2024-05-14-incorrect-integer-conversion.md b/go/ql/src/change-notes/2024-05-14-incorrect-integer-conversion.md
diff --git a/go/ql/src/change-notes/2024-05-23-Version1.md b/go/ql/src/change-notes/2024-05-23-Version1.md
diff --git a/go/ql/src/change-notes/released/1.0.0.md b/go/ql/src/change-notes/released/1.0.0.md
@@ -0,0 +1,9 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
+* The query `go/incorrect-integer-conversion` has now been restricted to only use flow through value-preserving steps. This reduces false positives, especially around type switches.
diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.7.16
+lastReleaseVersion: 1.0.0
diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 1.0.0-dev
+version: 1.0.0
 groups:
   - go
   - queries

diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
 ## 0.0.23
 
 No user-facing changes.

diff --git a/java/ql/automodel/src/change-notes/2024-05-23-Version1.md b/java/ql/automodel/src/change-notes/2024-05-23-Version1.md
diff --git a/java/ql/automodel/src/change-notes/released/1.0.0.md b/java/ql/automodel/src/change-notes/released/1.0.0.md
@@ -0,0 +1,5 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.23
+lastReleaseVersion: 1.0.0
diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-automodel-queries
-version: 1.0.0-dev
+version: 1.0.0
 groups:
     - java
     - automodel

diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
+* JDK version detection based on Gradle projects has been improved. Java extraction using build-modes `autobuild` or `none` is more likely to pick an appropriate JDK version, particularly when the Android Gradle Plugin or Spring Boot Plugin are in use.
+
 ## 0.11.0
 
 ### Breaking Changes

diff --git a/java/ql/lib/change-notes/2024-05-23-Version1.md b/java/ql/lib/change-notes/2024-05-23-Version1.md
diff --git a/...-notes/2024-05-16-gradle-jdk-detection.md → java/ql/lib/change-notes/released/1.0.0.md b/...-notes/2024-05-16-gradle-jdk-detection.md → java/ql/lib/change-notes/released/1.0.0.md
@@ -1,4 +1,9 @@
----
-category: minorAnalysis
----
+## 1.0.0
+
+### Breaking Changes
+
+* CodeQL package management is now generally available, and all GitHub-produced CodeQL packages have had their version numbers increased to 1.0.0.
+
+### Minor Analysis Improvements
+
 * JDK version detection based on Gradle projects has been improved. Java extraction using build-modes `autobuild` or `none` is more likely to pick an appropriate JDK version, particularly when the Android Gradle Plugin or Spring Boot Plugin are in use.
diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.11.0
+lastReleaseVersion: 1.0.0
diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 1.0.0-dev
+version: 1.0.0
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java