Post-release preparation for codeql-cli-2.11.3

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.4.3
+
+### Minor Analysis Improvements
+
+* Fixed bugs in the `FormatLiteral` class that were causing `getMaxConvertedLength` and related predicates to return no results when the format literal was `%e`, `%f` or `%g` and an explicit precision was specified.
+
 ## 0.4.2
 
 No user-facing changes.

cpp/ql/lib/change-notes/2022-10-22-format-literal.md → cpp/ql/lib/change-notes/released/0.4.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.4.3
+
+### Minor Analysis Improvements
+
 * Fixed bugs in the `FormatLiteral` class that were causing `getMaxConvertedLength` and related predicates to return no results when the format literal was `%e`, `%f` or `%g` and an explicit precision was specified.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.2
+lastReleaseVersion: 0.4.3

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.4.3-dev
+version: 0.4.4-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.4.3
+
+### Minor Analysis Improvements
+
+* Fixed a bug in `cpp/jsf/av-rule-76` that caused the query to miss results when an implicitly-defined copy constructor or copy assignment operator was generated.
+
 ## 0.4.2
 
 ### New Queries

cpp/ql/src/change-notes/2022-11-03-av-rule-76.md → cpp/ql/src/change-notes/released/0.4.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
-* Fixed a bug in `cpp/jsf/av-rule-76` that caused the query to miss results when an implicitly-defined copy constructor or copy assignment operator was generated.
+## 0.4.3
+
+### Minor Analysis Improvements
+
+* Fixed a bug in `cpp/jsf/av-rule-76` that caused the query to miss results when an implicitly-defined copy constructor or copy assignment operator was generated.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.2
+lastReleaseVersion: 0.4.3

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.4.3-dev
+version: 0.4.4-dev
 groups: 
   - cpp
   - queries

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.3.3
+
+No user-facing changes.
+
 ## 1.3.2
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.3.3.md

@@ -0,0 +1,3 @@
+## 1.3.3
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.3.2
+lastReleaseVersion: 1.3.3

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.3.3-dev
+version: 1.3.4-dev
 groups:
     - csharp
     - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.3.3
+
+No user-facing changes.
+
 ## 1.3.2
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.3.3.md

@@ -0,0 +1,3 @@
+## 1.3.3
+
+No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.3.2
+lastReleaseVersion: 1.3.3

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.3.3-dev
+version: 1.3.4-dev
 groups:
     - csharp
     - solorigate

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.3
+
+No user-facing changes.
+
 ## 0.4.2
 
 No user-facing changes.

csharp/ql/lib/change-notes/released/0.4.3.md

@@ -0,0 +1,3 @@
+## 0.4.3
+
+No user-facing changes.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.2
+lastReleaseVersion: 0.4.3

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.4.3-dev
+version: 0.4.4-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.3
+
+No user-facing changes.
+
 ## 0.4.2
 
 No user-facing changes.

csharp/ql/src/change-notes/released/0.4.3.md

@@ -0,0 +1,3 @@
+## 0.4.3
+
+No user-facing changes.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.2
+lastReleaseVersion: 0.4.3

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.4.3-dev
+version: 0.4.4-dev
 groups: 
   - csharp
   - queries

go/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.3.3
+
+No user-facing changes.
+
 ## 0.3.2
 
 No user-facing changes.

go/ql/lib/change-notes/released/0.3.3.md

@@ -0,0 +1,3 @@
+## 0.3.3
+
+No user-facing changes.

go/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

go/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 0.3.3-dev
+version: 0.3.4-dev
 groups: go
 dbscheme: go.dbscheme
 extractor: go

go/ql/src/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.3.3
+
+### Minor Analysis Improvements
+
+* Query `go/clear-text-logging` now excludes `GetX` methods of protobuf `Message` structs, except where taint is specifically known to belong to the right field. This is to avoid FPs where taint is written to one field and then spuriously read from another.
+
 ## 0.3.2
 
 ### Minor Analysis Improvements

go/ql/src/change-notes/2022-10-28-protobuf-cleartext-logging.md → go/ql/src/change-notes/released/0.3.3.md

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 0.3.3
+
+### Minor Analysis Improvements
+
 * Query `go/clear-text-logging` now excludes `GetX` methods of protobuf `Message` structs, except where taint is specifically known to belong to the right field. This is to avoid FPs where taint is written to one field and then spuriously read from another.

go/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

go/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 0.3.3-dev
+version: 0.3.4-dev
 groups:
   - go
   - queries

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.3
+
+No user-facing changes.
+
 ## 0.4.2
 
 ### Deprecated APIs

java/ql/lib/change-notes/released/0.4.3.md

@@ -0,0 +1,3 @@
+## 0.4.3
+
+No user-facing changes.

java/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.2
+lastReleaseVersion: 0.4.3

java/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.4.3-dev
+version: 0.4.4-dev
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

java/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.4.3
+
+No user-facing changes.
+
 ## 0.4.2
 
 ### New Queries

java/ql/src/change-notes/released/0.4.3.md

@@ -0,0 +1,3 @@
+## 0.4.3
+
+No user-facing changes.

java/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.2
+lastReleaseVersion: 0.4.3

java/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.4.3-dev
+version: 0.4.4-dev
 groups: 
   - java
   - queries

javascript/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.3.3
+
+No user-facing changes.
+
 ## 0.3.2
 
 No user-facing changes.

javascript/ql/lib/change-notes/released/0.3.3.md

@@ -0,0 +1,3 @@
+## 0.3.3
+
+No user-facing changes.

javascript/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

javascript/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.3.3-dev
+version: 0.3.4-dev
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript

javascript/ql/src/CHANGELOG.md

@@ -1,3 +1,17 @@
+## 0.4.3
+
+### New Queries
+
+* Added a new query, `js/second-order-command-line-injection`, to detect shell
+  commands that may execute arbitrary code when the user has control over 
+  the arguments to a command-line program.
+  This currently flags up unsafe invocations of git and hg.
+
+### Minor Analysis Improvements
+
+* Added sources for user defined path and query parameters in `Next.js`.
+* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages.
+
 ## 0.4.2
 
 ### Minor Analysis Improvements

javascript/ql/src/change-notes/released/0.4.3.md

@@ -0,0 +1,13 @@
+## 0.4.3
+
+### New Queries
+
+* Added a new query, `js/second-order-command-line-injection`, to detect shell
+  commands that may execute arbitrary code when the user has control over 
+  the arguments to a command-line program.
+  This currently flags up unsafe invocations of git and hg.
+
+### Minor Analysis Improvements
+
+* Added sources for user defined path and query parameters in `Next.js`.
+* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages.

javascript/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.2
+lastReleaseVersion: 0.4.3

javascript/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.4.3-dev
+version: 0.4.4-dev
 groups: 
   - javascript
   - queries

misc/suite-helpers/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.3.3
+
+No user-facing changes.
+
 ## 0.3.2
 
 No user-facing changes.

misc/suite-helpers/change-notes/released/0.3.3.md

@@ -0,0 +1,3 @@
+## 0.3.3
+
+No user-facing changes.

misc/suite-helpers/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.3.2
+lastReleaseVersion: 0.3.3

misc/suite-helpers/qlpack.yml

@@ -1,3 +1,3 @@
 name: codeql/suite-helpers
-version: 0.3.3-dev
+version: 0.3.4-dev
 groups: shared

python/ql/lib/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.6.3
+
+No user-facing changes.
+
 ## 0.6.2
 
 ### Minor Analysis Improvements

python/ql/lib/change-notes/released/0.6.3.md

@@ -0,0 +1,3 @@
+## 0.6.3
+
+No user-facing changes.

python/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.2
+lastReleaseVersion: 0.6.3

python/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.6.3-dev
+version: 0.6.4-dev
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python

python/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.5.3
+
+No user-facing changes.
+
 ## 0.5.2
 
 ### Minor Analysis Improvements

python/ql/src/change-notes/released/0.5.3.md

@@ -0,0 +1,3 @@
+## 0.5.3
+
+No user-facing changes.

python/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.2
+lastReleaseVersion: 0.5.3