Skip to content

Post-release preparation for codeql-cli-2.23.4 #20781

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 9 commits into from
Nov 7, 2025
+471 −6,449
Merged

Post-release preparation for codeql-cli-2.23.4 #20781

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
e7c029a
Revert "Merge pull request #20645 from paldepind/cpp/range-analysis-m…
esteffin Nov 7, 2025
6ce8f07
Revert "Release preparation for version 2.23.4"
mbg Nov 7, 2025
9d2206b
Merge pull request #20775 from github/esteffin/revert-20645-cpp-range…
mbg Nov 7, 2025
eb32c32
Merge pull request #20777 from github/revert-20745-release-prep/2.23.4
mbg Nov 7, 2025
6342da9
Release preparation for version 2.23.4
invalid-email-address Nov 7, 2025
262bfe0
C#: Minor changelog improvements
mbg Nov 3, 2025
0cbc935
Revert C++ range analysis change note
mbg Nov 7, 2025
714296b
Merge pull request #20778 from github/release-prep/2.23.4
mbg Nov 7, 2025
10ae374
Post-release preparation for codeql-cli-2.23.4
invalid-email-address Nov 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion actions/ql/lib/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/actions-all
version: 0.4.20
version: 0.4.21-dev
library: true
warnOnImplicitThis: true
dependencies:
Expand Down
2 changes: 1 addition & 1 deletion actions/ql/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/actions-queries
version: 0.6.12
version: 0.6.13-dev
library: false
warnOnImplicitThis: true
groups: [actions, queries]
Expand Down
24 changes: 11 additions & 13 deletions cpp/ql/lib/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
## 6.0.1

### Bug Fixes

* Improve performance of the range analysis in cases where it would otherwise take an exorbitant amount of time.
No user-facing changes.
Comment on lines 1 to +3
Copy link

Copilot AI Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changelog entry states "No user-facing changes" for version 6.0.1, but the diff shows that a bug fix about range analysis performance improvements is being removed from this version's release notes. This creates confusion about what version 6.0.1 actually contains. If the performance improvement was never released in 6.0.1, the changelog is correct. However, if it was released and is now being reverted, this should be documented as a breaking change or regression in a future version, not silently removed from the 6.0.1 notes.

See below for a potential fix:

## 6.0.2

### Breaking Changes

* The range analysis performance improvement introduced in 6.0.1 has been reverted due to unforeseen issues. Performance will be as in 6.0.0.

## 6.0.1

### Bug Fixes

* Improved performance of range analysis in certain cases.

Copilot uses AI. Check for mistakes.

## 6.0.0

Expand Down Expand Up @@ -261,8 +259,8 @@ No user-facing changes.

### Breaking Changes

* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
* Deleted many deprecated taint-tracking configurations based on `TaintTracking::Configuration`.
* Deleted many deprecated dataflow configurations based on `DataFlow::Configuration`.
* Deleted the deprecated `hasQualifiedName` and `isDefined` predicates from the `Declaration` class, use `hasGlobalName` and `hasDefinition` respectively instead.
* Deleted the `getFullSignature` predicate from the `Function` class, use `getIdentityString(Declaration)` from `semmle.code.cpp.Print` instead.
* Deleted the deprecated `freeCall` predicate from `Alloc.qll`. Use `DeallocationExpr` instead.
Expand Down Expand Up @@ -296,7 +294,7 @@ No user-facing changes.
* A `getTemplateClass` predicate was added to the `DeductionGuide` class to get the class template for which the deduction guide is a guide.
* An `isExplicit` predicate was added to the `Function` class that determines whether the function was declared as explicit.
* A `getExplicitExpr` predicate was added to the `Function` class that yields the constant boolean expression (if any) that conditionally determines whether the function is explicit.
* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete.
* A `isDestroyingDeleteDeallocation` predicate was added to the `NewOrNewArrayExpr` and `DeleteOrDeleteArrayExpr` classes to indicate whether the deallocation function is a destroying delete.

### Minor Analysis Improvements

Expand Down Expand Up @@ -374,9 +372,9 @@ No user-facing changes.
### New Features

* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field.
* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant.
* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant.
* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant.
* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement.

Expand Down Expand Up @@ -492,7 +490,7 @@ No user-facing changes.
* Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as
non-returning in the IR and dataflow.
* Treat functions that reach the end of the function as returning in the IR.
They used to be treated as unreachable but it is allowed in C.
They used to be treated as unreachable but it is allowed in C.
* The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly.

## 0.9.3
Expand Down Expand Up @@ -541,7 +539,7 @@ No user-facing changes.

### New Features

* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`.
* The `DataFlow::StateConfigSig` signature module has gained default implementations for `isBarrier/2` and `isAdditionalFlowStep/4`.
Hence it is no longer needed to provide `none()` implementations of these predicates if they are not needed.

### Minor Analysis Improvements
Expand Down Expand Up @@ -735,7 +733,7 @@ No user-facing changes.

### Deprecated APIs

* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
* Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
The old name still exists as a deprecated alias.

### New Features
Expand All @@ -752,7 +750,7 @@ No user-facing changes.

### Deprecated APIs

* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
* Many classes/predicates/modules with upper-case acronyms in their name have been renamed to follow our style-guide.
The old name still exists as a deprecated alias.

### New Features
Expand Down Expand Up @@ -851,7 +849,7 @@ No user-facing changes.

### Deprecated APIs

* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide.
* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide.
The old name still exists as a deprecated alias.

### New Features
Expand Down
4 changes: 1 addition & 3 deletions cpp/ql/lib/change-notes/released/6.0.1.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
## 6.0.1

### Bug Fixes

* Improve performance of the range analysis in cases where it would otherwise take an exorbitant amount of time.
No user-facing changes.
Copy link

Copilot AI Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changelog entry states "No user-facing changes" for version 6.0.1, but the diff shows that a bug fix about range analysis performance improvements is being removed from this version's release notes. This creates confusion about what version 6.0.1 actually contains. If the performance improvement was never released in 6.0.1, the changelog is correct. However, if it was released and is now being reverted, this should be documented as a breaking change or regression in a future version, not silently removed from the 6.0.1 notes.

Suggested change
No user-facing changes.
- Improved performance of range analysis in certain cases.

Copilot uses AI. Check for mistakes.
2 changes: 1 addition & 1 deletion cpp/ql/lib/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/cpp-all
version: 6.0.1
version: 6.0.2-dev
groups: cpp
dbscheme: semmlecode.cpp.dbscheme
extractor: cpp
Expand Down
Loading
Loading