Release preparation for version 2.11.2

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.2
+
+No user-facing changes.
+
 ## 0.4.1
 
 No user-facing changes.

cpp/ql/lib/change-notes/released/0.4.2.md

@@ -0,0 +1,3 @@
+## 0.4.2
+
+No user-facing changes.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.1
+lastReleaseVersion: 0.4.2

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.4.2-dev
+version: 0.4.2
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 0.4.2
+
+### New Queries
+
+* Added a new medium-precision query, `cpp/comma-before-misleading-indentation`, which detects instances of whitespace that have readability issues.
+
+### Minor Analysis Improvements
+
+* The "Unterminated variadic call" (`cpp/unterminated-variadic-call`) query has been tuned to produce fewer false positive results.
+* Fixed false positives from the "Unused static function" (`cpp/unused-static-function`) query in files that had errors during compilation.
+
 ## 0.4.1
 
 ### Minor Analysis Improvements

cpp/ql/src/change-notes/released/0.4.2.md

@@ -0,0 +1,10 @@
+## 0.4.2
+
+### New Queries
+
+* Added a new medium-precision query, `cpp/comma-before-misleading-indentation`, which detects instances of whitespace that have readability issues.
+
+### Minor Analysis Improvements
+
+* The "Unterminated variadic call" (`cpp/unterminated-variadic-call`) query has been tuned to produce fewer false positive results.
+* Fixed false positives from the "Unused static function" (`cpp/unused-static-function`) query in files that had errors during compilation.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.1
+lastReleaseVersion: 0.4.2

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.4.2-dev
+version: 0.4.2
 groups: 
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.3.2
+
+No user-facing changes.
+
 ## 1.3.1
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.3.2.md

@@ -0,0 +1,3 @@
+## 1.3.2
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.3.1
+lastReleaseVersion: 1.3.2

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.3.2-dev
+version: 1.3.2
 groups:
     - csharp
     - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.3.2
+
+No user-facing changes.
+
 ## 1.3.1
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.3.2.md

@@ -0,0 +1,3 @@
+## 1.3.2
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.3.1
+lastReleaseVersion: 1.3.2

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.3.2-dev
+version: 1.3.2
 groups:
     - csharp
     - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.2
+
+No user-facing changes.
+
 ## 0.4.1
 
 ### Minor Analysis Improvements

csharp/ql/lib/change-notes/released/0.4.2.md

@@ -0,0 +1,3 @@
+## 0.4.2
+
+No user-facing changes.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.1
+lastReleaseVersion: 0.4.2

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.4.2-dev
+version: 0.4.2
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.2
+
+No user-facing changes.
+
 ## 0.4.1
 
 ### Minor Analysis Improvements

csharp/ql/src/change-notes/released/0.4.2.md

@@ -0,0 +1,3 @@
+## 0.4.2
+
+No user-facing changes.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.1
+lastReleaseVersion: 0.4.2

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.4.2-dev
+version: 0.4.2
 groups: 
   - csharp
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.3.2
+
+No user-facing changes.
+
 ## 0.3.1
 
 ### Minor Analysis Improvements

go/ql/lib/change-notes/released/0.3.2.md

@@ -0,0 +1,3 @@
+## 0.3.2
+
+No user-facing changes.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.3.2-dev
+version: 0.3.2
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.3.2
+
+### Minor Analysis Improvements
+
+* The alert messages of many queries were changed to better follow the style guide and make the messages consistent with other languages.
+
 ## 0.3.1
 
 No user-facing changes.

go/ql/src/change-notes/released/0.3.2.md

@@ -0,0 +1,5 @@
+## 0.3.2
+
+### Minor Analysis Improvements
+
+* The alert messages of many queries were changed to better follow the style guide and make the messages consistent with other languages.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.3.2-dev
+version: 0.3.2
 groups:
   - go
   - queries

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,20 @@
+## 0.4.2
+
+### Deprecated APIs
+
+* Deprecated `ContextStartActivityMethod`. Use `StartActivityMethod` instead.
+
+### New Features
+
+* Added a new predicate, `hasIncompletePermissions`, in the `AndroidProviderXmlElement` class. This predicate detects if a provider element does not provide both read and write permissions.
+
+### Minor Analysis Improvements
+
+* Added support for common patterns involving `Stream.collect` and common collectors like `Collectors.toList()`.
+* The class `TypeVariable` now also extends `Modifiable`.
+* Added data flow steps for tainted Android intents that are sent to services and receivers.
+* Improved the data flow step for tainted Android intents that are sent to activities so that more cases are covered.
+
 ## 0.4.1
 
 ### Minor Analysis Improvements

java/ql/lib/change-notes/released/0.4.2.md

@@ -0,0 +1,16 @@
+## 0.4.2
+
+### Deprecated APIs
+
+* Deprecated `ContextStartActivityMethod`. Use `StartActivityMethod` instead.
+
+### New Features
+
+* Added a new predicate, `hasIncompletePermissions`, in the `AndroidProviderXmlElement` class. This predicate detects if a provider element does not provide both read and write permissions.
+
+### Minor Analysis Improvements
+
+* Added support for common patterns involving `Stream.collect` and common collectors like `Collectors.toList()`.
+* The class `TypeVariable` now also extends `Modifiable`.
+* Added data flow steps for tainted Android intents that are sent to services and receivers.
+* Improved the data flow step for tainted Android intents that are sent to activities so that more cases are covered.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.1
+lastReleaseVersion: 0.4.2

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.4.2-dev
+version: 0.4.2
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.4.2
+
+### New Queries
+
+* Added a new query, `java/android/incomplete-provider-permissions`, to detect if an Android ContentProvider is not protected with a correct set of permissions.
+* A new query "Uncontrolled data used in content resolution" (`java/androd/unsafe-content-uri-resolution`) has been added. This query finds paths from user-provided data to URI resolution operations in Android's `ContentResolver` without previous validation or sanitization.
+
 ## 0.4.1
 
 ### New Queries

java/ql/src/change-notes/2022-08-26-unsafe-content-uri-resolution.md → java/ql/src/change-notes/released/0.4.2.md

@@ -1,4 +1,6 @@
----
-category: newQuery
----
-* A new query "Uncontrolled data used in content resolution" (`java/androd/unsafe-content-uri-resolution`) has been added. This query finds paths from user-provided data to URI resolution operations in Android's `ContentResolver` without previous validation or sanitization.
+## 0.4.2
+
+### New Queries
+
+* Added a new query, `java/android/incomplete-provider-permissions`, to detect if an Android ContentProvider is not protected with a correct set of permissions.
+* A new query "Uncontrolled data used in content resolution" (`java/androd/unsafe-content-uri-resolution`) has been added. This query finds paths from user-provided data to URI resolution operations in Android's `ContentResolver` without previous validation or sanitization.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.1
+lastReleaseVersion: 0.4.2

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.4.2-dev
+version: 0.4.2
 groups: 
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.3.2
+
+No user-facing changes.
+
 ## 0.3.1
 
 ### Minor Analysis Improvements

javascript/ql/lib/change-notes/released/0.3.2.md

@@ -0,0 +1,3 @@
+## 0.3.2
+
+No user-facing changes.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.1
+lastReleaseVersion: 0.3.2

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.3.2-dev
+version: 0.3.2
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.4.2
+
+### Minor Analysis Improvements
+
+* Removed some false positives from the `js/file-system-race` query by requiring that the file-check dominates the file-access.
+* Improved taint tracking through `JSON.stringify` in cases where a tainted value is stored somewhere in the input object.
+
 ## 0.4.1
 
 No user-facing changes.

javascript/ql/src/change-notes/released/0.4.2.md

@@ -0,0 +1,6 @@
+## 0.4.2
+
+### Minor Analysis Improvements
+
+* Removed some false positives from the `js/file-system-race` query by requiring that the file-check dominates the file-access.
+* Improved taint tracking through `JSON.stringify` in cases where a tainted value is stored somewhere in the input object.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.1
+lastReleaseVersion: 0.4.2

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.4.2-dev
+version: 0.4.2
 groups: 
   - javascript
   - queries