diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index e84ba38d1801..011af903a2a2 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.35 + +No user-facing changes. + ## 0.4.34 ### Minor Analysis Improvements diff --git a/actions/ql/lib/change-notes/released/0.4.35.md b/actions/ql/lib/change-notes/released/0.4.35.md new file mode 100644 index 000000000000..3274ffc88e4d --- /dev/null +++ b/actions/ql/lib/change-notes/released/0.4.35.md @@ -0,0 +1,3 @@ +## 0.4.35 + +No user-facing changes. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 69fb16e4c39f..524302c92d3e 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.34 +lastReleaseVersion: 0.4.35 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 6e78fc546b33..a20f2e7a5075 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.35-dev +version: 0.4.35 library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 96f8d2662060..0a7fa1ce8309 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.27 + +No user-facing changes. + ## 0.6.26 ### Major Analysis Improvements @@ -173,7 +177,7 @@ No user-facing changes. * `actions/if-expression-always-true/critical` * `actions/if-expression-always-true/high` * `actions/unnecessary-use-of-advanced-config` - + * The following query has been moved from the `code-scanning` suite to the `security-extended` suite. Any existing alerts for this query will be closed automatically unless the analysis is configured to use the `security-extended` suite. diff --git a/actions/ql/src/change-notes/released/0.6.27.md b/actions/ql/src/change-notes/released/0.6.27.md new file mode 100644 index 000000000000..52d3a10fd1f9 --- /dev/null +++ b/actions/ql/src/change-notes/released/0.6.27.md @@ -0,0 +1,3 @@ +## 0.6.27 + +No user-facing changes. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index e83bac0046e3..0748b12112f0 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.26 +lastReleaseVersion: 0.6.27 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index c815afc498c8..bcc7fe06a3b4 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.27-dev +version: 0.6.27 library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 2cd1bcede35e..828b87791179 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 10.1.0 + +### New Features + +* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). + +### Minor Analysis Improvements + +* Added taint flow models for the `Strsafe.h` header from the Windows SDK. + ## 10.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 30f0092a4e95..000000000000 --- a/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). diff --git a/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md b/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md deleted file mode 100644 index 4b0d7528d479..000000000000 --- a/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. diff --git a/cpp/ql/lib/change-notes/2026-04-28-strsafe.md b/cpp/ql/lib/change-notes/2026-04-28-strsafe.md deleted file mode 100644 index 9ef3fab08537..000000000000 --- a/cpp/ql/lib/change-notes/2026-04-28-strsafe.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint flow models for the `Strsafe.h` header from the Windows SDK. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/released/10.1.0.md b/cpp/ql/lib/change-notes/released/10.1.0.md new file mode 100644 index 000000000000..45d153b4896e --- /dev/null +++ b/cpp/ql/lib/change-notes/released/10.1.0.md @@ -0,0 +1,10 @@ +## 10.1.0 + +### New Features + +* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). + +### Minor Analysis Improvements + +* Added taint flow models for the `Strsafe.h` header from the Windows SDK. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 28758256b943..a85b2d36d7c5 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 10.0.0 +lastReleaseVersion: 10.1.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8a9d60a7fa94..e3b9f7c33634 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 10.0.1-dev +version: 10.1.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index e677f584416c..3a9d4fae927b 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 ### Minor Analysis Improvements @@ -366,7 +370,7 @@ No user-facing changes. ### Minor Analysis Improvements * The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives. -* Added dataflow models for the `gettext` function variants. +* Added dataflow models for the `gettext` function variants. ## 0.9.4 diff --git a/cpp/ql/src/change-notes/released/1.6.2.md b/cpp/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 000000000000..bbe3747556fb --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index ef7a789e0cf1..5f5beb68311a 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 714167434c8a..83d7a32e6d41 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.2-dev +version: 1.6.2 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 166a94bd88df..4cb7b5569687 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.66 + +No user-facing changes. + ## 1.7.65 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md new file mode 100644 index 000000000000..7fc1a46a66ef --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md @@ -0,0 +1,3 @@ +## 1.7.66 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index bf581427d298..7d0a2c0bc078 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.66 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 9d0e0ffd4f96..88ba74212c7a 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.66-dev +version: 1.7.66 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 166a94bd88df..4cb7b5569687 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.66 + +No user-facing changes. + ## 1.7.65 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md new file mode 100644 index 000000000000..7fc1a46a66ef --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md @@ -0,0 +1,3 @@ +## 1.7.66 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index bf581427d298..7d0a2c0bc078 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.66 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index f5203f4e4434..fee050486c93 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.66-dev +version: 1.7.66 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 2e3f6c137eed..1d7f42a9075e 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,42 @@ +## 6.0.0 + +### Breaking Changes + +* The C# control flow graph (CFG) implementation has been completely + rewritten. The CFG now includes additional nodes to more accurately represent + certain constructs. This also means that any existing code that implicitly + relies on very specific details about the CFG may need to be updated. + The CFG no longer uses splitting, which means that AST nodes now have a unique + CFG node representation. + Additionally, the following breaking changes have been made: + - `ControlFlow::Node` has been renamed to `ControlFlowNode`. + - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. + - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. + - `BasicBlocks.qll` has been deleted. + - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG + mapping remains one-to-many, but now for a different reason. It used to be + because of splitting, but now it's because of additional "helper" CFG + nodes. To get the (now canonical) CFG node for a given AST node, use + `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or + `ControlFlowElement.getControlFlowNode()` instead. + +### Deprecated APIs + +* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). + +### Major Analysis Improvements + +* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. + +### Minor Analysis Improvements + +* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. +* C# 14: Added support for user-defined compound assignment operators. + ## 5.5.0 ### Deprecated APIs diff --git a/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md b/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md deleted file mode 100644 index f7e68b9b7d73..000000000000 --- a/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 14: Added support for user-defined compound assignment operators. diff --git a/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 6408acc7dae8..000000000000 --- a/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). diff --git a/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md b/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md deleted file mode 100644 index 52f3f721e9fa..000000000000 --- a/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. diff --git a/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md b/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md deleted file mode 100644 index a4282d0468da..000000000000 --- a/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. diff --git a/csharp/ql/lib/change-notes/2026-04-13-cfg.md b/csharp/ql/lib/change-notes/2026-04-13-cfg.md deleted file mode 100644 index 9c588fbcfa8f..000000000000 --- a/csharp/ql/lib/change-notes/2026-04-13-cfg.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -category: breaking ---- -* The C# control flow graph (CFG) implementation has been completely - rewritten. The CFG now includes additional nodes to more accurately represent - certain constructs. This also means that any existing code that implicitly - relies on very specific details about the CFG may need to be updated. - The CFG no longer uses splitting, which means that AST nodes now have a unique - CFG node representation. - Additionally, the following breaking changes have been made: - - `ControlFlow::Node` has been renamed to `ControlFlowNode`. - - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. - - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. - - `BasicBlocks.qll` has been deleted. - - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG - mapping remains one-to-many, but now for a different reason. It used to be - because of splitting, but now it's because of additional "helper" CFG - nodes. To get the (now canonical) CFG node for a given AST node, use - `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or - `ControlFlowElement.getControlFlowNode()` instead. diff --git a/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md b/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md deleted file mode 100644 index 27988f36f2fd..000000000000 --- a/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. diff --git a/csharp/ql/lib/change-notes/released/6.0.0.md b/csharp/ql/lib/change-notes/released/6.0.0.md new file mode 100644 index 000000000000..e249567d0958 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/6.0.0.md @@ -0,0 +1,38 @@ +## 6.0.0 + +### Breaking Changes + +* The C# control flow graph (CFG) implementation has been completely + rewritten. The CFG now includes additional nodes to more accurately represent + certain constructs. This also means that any existing code that implicitly + relies on very specific details about the CFG may need to be updated. + The CFG no longer uses splitting, which means that AST nodes now have a unique + CFG node representation. + Additionally, the following breaking changes have been made: + - `ControlFlow::Node` has been renamed to `ControlFlowNode`. + - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. + - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. + - `BasicBlocks.qll` has been deleted. + - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG + mapping remains one-to-many, but now for a different reason. It used to be + because of splitting, but now it's because of additional "helper" CFG + nodes. To get the (now canonical) CFG node for a given AST node, use + `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or + `ControlFlowElement.getControlFlowNode()` instead. + +### Deprecated APIs + +* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). + +### Major Analysis Improvements + +* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. + +### Minor Analysis Improvements + +* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. +* C# 14: Added support for user-defined compound assignment operators. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 4b8cf9533c17..f8c4fa43ccb7 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.5.0 +lastReleaseVersion: 6.0.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 26e332652cdb..daded1ee71e0 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.5.1-dev +version: 6.0.0 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index cdab71341852..32243acfb97f 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.2 + +No user-facing changes. + ## 1.7.1 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/1.7.2.md b/csharp/ql/src/change-notes/released/1.7.2.md new file mode 100644 index 000000000000..b950385c16d7 --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.7.2.md @@ -0,0 +1,3 @@ +## 1.7.2 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 7bdec0d85c73..39bbba86c198 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.1 +lastReleaseVersion: 1.7.2 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 25b04cf2dc66..72d951194c3b 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.2-dev +version: 1.7.2 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a3aa00d4872e..a6b6055373af 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.49.md b/go/ql/consistency-queries/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index a82ec95583b6..73a837bd0e01 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.49-dev +version: 1.0.49 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 737d08654b89..5043d924be06 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Go](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-go/). + ## 7.0.6 No user-facing changes. diff --git a/go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/go/ql/lib/change-notes/released/7.1.0.md similarity index 89% rename from go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to go/ql/lib/change-notes/released/7.1.0.md index ee1b51de861f..b1f6efbf0010 100644 --- a/go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/go/ql/lib/change-notes/released/7.1.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 7.1.0 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Go](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-go/). diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index c7cff8c53789..dcaaa76112a6 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.6 +lastReleaseVersion: 7.1.0 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index e191e0da6884..1d1682d6108c 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.0.7-dev +version: 7.1.0 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 971d478d56e4..ddda5dc4829c 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.6.2.md b/go/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 000000000000..bbe3747556fb --- /dev/null +++ b/go/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index ef7a789e0cf1..5f5beb68311a 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index fa7e934382a8..78c754593872 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.2-dev +version: 1.6.2 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2d34c791c924..2187f00c3997 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,18 @@ +## 9.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). + +### Minor Analysis Improvements + +* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. +* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. +* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. +* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). +* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. +* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. + ## 9.0.4 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index f8bcbb1fcb2a..000000000000 --- a/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). diff --git a/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md b/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md deleted file mode 100644 index 8856d419bce0..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. diff --git a/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md b/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md deleted file mode 100644 index 15fc811360b5..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). diff --git a/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md b/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md deleted file mode 100644 index 7323ab09737a..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. diff --git a/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md b/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md deleted file mode 100644 index b80c0611b6de..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. diff --git a/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md b/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md deleted file mode 100644 index 8c15a346552e..000000000000 --- a/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. diff --git a/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md b/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md deleted file mode 100644 index 018ce8d348e7..000000000000 --- a/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. diff --git a/java/ql/lib/change-notes/released/9.1.0.md b/java/ql/lib/change-notes/released/9.1.0.md new file mode 100644 index 000000000000..aed1a85e63f4 --- /dev/null +++ b/java/ql/lib/change-notes/released/9.1.0.md @@ -0,0 +1,14 @@ +## 9.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). + +### Minor Analysis Improvements + +* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. +* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. +* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. +* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). +* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. +* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 4bbe4f75b589..83ec2b42fcdd 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.4 +lastReleaseVersion: 9.1.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index d256d2a84c13..e57412ee1fc3 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.0.5-dev +version: 9.1.0 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 1b5d2bdad8a2..fd13cbdcf830 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.11.2 + +No user-facing changes. + ## 1.11.1 No user-facing changes. diff --git a/java/ql/src/change-notes/released/1.11.2.md b/java/ql/src/change-notes/released/1.11.2.md new file mode 100644 index 000000000000..93a8b73f6b95 --- /dev/null +++ b/java/ql/src/change-notes/released/1.11.2.md @@ -0,0 +1,3 @@ +## 1.11.2 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 4ae123153bf4..3e341cf85d52 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.11.1 +lastReleaseVersion: 1.11.2 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 2f2233460bac..bdaaf77ec9e2 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.2-dev +version: 1.11.2 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 77837f46c5e8..53708faed093 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.7.0 + +### New Features + +* Added support for [`@vercel/node`](https://www.npmjs.com/package/@vercel/node) Vercel serverless functions. Handlers are recognized via the `VercelRequest`/`VercelResponse` TypeScript parameter types, and standard security queries (`js/reflected-xss`, `js/request-forgery`, `js/sql-injection`, `js/command-line-injection`, etc.) now detect vulnerabilities in Vercel API route files. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). + ## 2.6.28 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index d849f4c0c698..000000000000 --- a/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). diff --git a/javascript/ql/lib/change-notes/2026-04-12-vercel-node.md b/javascript/ql/lib/change-notes/released/2.7.0.md similarity index 58% rename from javascript/ql/lib/change-notes/2026-04-12-vercel-node.md rename to javascript/ql/lib/change-notes/released/2.7.0.md index 39802258b02f..c6f46c8c0d4b 100644 --- a/javascript/ql/lib/change-notes/2026-04-12-vercel-node.md +++ b/javascript/ql/lib/change-notes/released/2.7.0.md @@ -1,4 +1,6 @@ ---- -category: feature ---- +## 2.7.0 + +### New Features + * Added support for [`@vercel/node`](https://www.npmjs.com/package/@vercel/node) Vercel serverless functions. Handlers are recognized via the `VercelRequest`/`VercelResponse` TypeScript parameter types, and standard security queries (`js/reflected-xss`, `js/request-forgery`, `js/sql-injection`, `js/command-line-injection`, etc.) now detect vulnerabilities in Vercel API route files. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2456457874e2..6a6c87f537da 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.28 +lastReleaseVersion: 2.7.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index b62abbbe1016..97c3de6a8eb6 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.29-dev +version: 2.7.0 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 9b122364ffae..615c030de52a 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.3.9 + +No user-facing changes. + ## 2.3.8 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/released/2.3.9.md b/javascript/ql/src/change-notes/released/2.3.9.md new file mode 100644 index 000000000000..fac422eb6b87 --- /dev/null +++ b/javascript/ql/src/change-notes/released/2.3.9.md @@ -0,0 +1,3 @@ +## 2.3.9 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index c68b70cb8bea..079eb5bfb0c3 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.3.8 +lastReleaseVersion: 2.3.9 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 9081791d0e0d..417df72e5bad 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.9-dev +version: 2.3.9 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 897533f6450c..d6d070a91bb9 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.49.md b/misc/suite-helpers/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 778284fbe9a3..52fc453aa323 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.49-dev +version: 1.0.49 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 69fa60a66758..8ede35e9bdc6 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). + +### Minor Analysis Improvements + +- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. + ## 7.0.5 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 522801a0e46d..000000000000 --- a/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). diff --git a/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md b/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md deleted file mode 100644 index d7406d0a606c..000000000000 --- a/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. diff --git a/python/ql/lib/change-notes/released/7.1.0.md b/python/ql/lib/change-notes/released/7.1.0.md new file mode 100644 index 000000000000..553b5fe4cee7 --- /dev/null +++ b/python/ql/lib/change-notes/released/7.1.0.md @@ -0,0 +1,9 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). + +### Minor Analysis Improvements + +- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 2cff21d59fec..dcaaa76112a6 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.5 +lastReleaseVersion: 7.1.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 8564a098594b..2cd96a3e4430 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.0.6-dev +version: 7.1.0 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 38018f098560..8676d754d015 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.8.2 + +No user-facing changes. + ## 1.8.1 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/released/1.8.2.md b/python/ql/src/change-notes/released/1.8.2.md new file mode 100644 index 000000000000..12e641fd7205 --- /dev/null +++ b/python/ql/src/change-notes/released/1.8.2.md @@ -0,0 +1,3 @@ +## 1.8.2 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 28a7c123ae84..559af8348bb0 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.8.1 +lastReleaseVersion: 1.8.2 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 2d99bcd0c7a3..46e7203a953d 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.2-dev +version: 1.8.2 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 8315b6413696..e8dd84283c66 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 5.2.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/). + ## 5.1.16 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/ruby/ql/lib/change-notes/released/5.2.0.md similarity index 89% rename from ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to ruby/ql/lib/change-notes/released/5.2.0.md index da53d584e11d..c17c834f18d8 100644 --- a/ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/ruby/ql/lib/change-notes/released/5.2.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 5.2.0 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/). diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 735f742e9af7..9e57a36a7dce 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.16 +lastReleaseVersion: 5.2.0 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 1ac5090098a3..261a9890d44b 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.17-dev +version: 5.2.0 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 5266fc1d5d91..927a40e596db 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.6.2.md b/ruby/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 000000000000..bbe3747556fb --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index ef7a789e0cf1..5f5beb68311a 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 978102bb82a6..34f5d14c39cd 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.2-dev +version: 1.6.2 groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 8e515660f290..30ae7d73b67f 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.2.13 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. + ## 0.2.12 No user-facing changes. diff --git a/rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/rust/ql/lib/change-notes/released/0.2.13.md similarity index 73% rename from rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to rust/ql/lib/change-notes/released/0.2.13.md index 5e97a1533a9e..9c390c9ca09b 100644 --- a/rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/rust/ql/lib/change-notes/released/0.2.13.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 0.2.13 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index da1cea933934..979eb20092e9 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.12 +lastReleaseVersion: 0.2.13 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 7eb159e4b505..96b825fd9496 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.13-dev +version: 0.2.13 groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 14034c9877d8..4b735337c908 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.34 + +No user-facing changes. + ## 0.1.33 No user-facing changes. diff --git a/rust/ql/src/change-notes/released/0.1.34.md b/rust/ql/src/change-notes/released/0.1.34.md new file mode 100644 index 000000000000..a3a4edb1e1d0 --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.34.md @@ -0,0 +1,3 @@ +## 0.1.34 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index d9c9e819daa0..a1d4333b19bf 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.33 +lastReleaseVersion: 0.1.34 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index 7b2bd73728ae..3fde632f1ac0 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.34-dev +version: 0.1.34 groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index e8b920847e90..59942922ea09 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.23 + +No user-facing changes. + ## 0.0.22 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.23.md b/shared/concepts/change-notes/released/0.0.23.md new file mode 100644 index 000000000000..e89a1284bb82 --- /dev/null +++ b/shared/concepts/change-notes/released/0.0.23.md @@ -0,0 +1,3 @@ +## 0.0.23 + +No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index 11aaa2243f57..cc2195603d84 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.22 +lastReleaseVersion: 0.0.23 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index 947826f7dfd7..95f898e6a70f 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.23-dev +version: 0.0.23 groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index df00c6146d8f..9c6d7c09d178 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.33 + +No user-facing changes. + ## 2.0.32 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.33.md b/shared/controlflow/change-notes/released/2.0.33.md new file mode 100644 index 000000000000..d33a61332cf3 --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.33.md @@ -0,0 +1,3 @@ +## 2.0.33 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 483a0d5db8ec..92e23200b4d6 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.33 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index adc4aedc5c37..fa246d14d696 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.33-dev +version: 2.0.33 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ed60239f3de3..9e4ca0a0ea81 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.1.5 + +No user-facing changes. + ## 2.1.4 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.1.5.md b/shared/dataflow/change-notes/released/2.1.5.md new file mode 100644 index 000000000000..7e559ea5dd0a --- /dev/null +++ b/shared/dataflow/change-notes/released/2.1.5.md @@ -0,0 +1,3 @@ +## 2.1.5 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 896b46fda9bd..a890ff0111c9 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.4 +lastReleaseVersion: 2.1.5 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index a18b746e4b44..700651f8de61 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.5-dev +version: 2.1.5 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index ff868403d0c4..5d5551d10a36 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.49.md b/shared/mad/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index dd5fcf54034b..472719d4127b 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index eccc65c6041d..be06e2108a8a 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.27 + +No user-facing changes. + ## 0.0.26 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.27.md b/shared/quantum/change-notes/released/0.0.27.md new file mode 100644 index 000000000000..ff6e274427b7 --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.27.md @@ -0,0 +1,3 @@ +## 0.0.27 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index c576d2d7db2a..dbab90d69898 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.26 +lastReleaseVersion: 0.0.27 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index c4e5d41dfaa3..d29cac4faa18 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.27-dev +version: 0.0.27 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 9afb612f18a4..8b457ef59270 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.49.md b/shared/rangeanalysis/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index ed3b4a66239c..4261dfb4991e 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 2375b7b56ab6..639cede00af6 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.49.md b/shared/regex/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 3d569c7d429f..3d6feafbf39b 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index dd21ba6d38b1..9cfbb004657b 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.25 + +No user-facing changes. + ## 2.0.24 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.25.md b/shared/ssa/change-notes/released/2.0.25.md new file mode 100644 index 000000000000..ca39dd50c697 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.25.md @@ -0,0 +1,3 @@ +## 2.0.25 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 1460df314d51..f54d86201189 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.24 +lastReleaseVersion: 2.0.25 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index c1fd261e070e..517a79c557c9 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.25-dev +version: 2.0.25 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a3aa00d4872e..a6b6055373af 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.49.md b/shared/threat-models/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 59ce8c067277..71e6b70a3138 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.49-dev +version: 1.0.49 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 9350e8a04eb7..5fcacc0b8b5b 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.49.md b/shared/tutorial/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 36b8181e0bf7..c1df7d67b850 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 035c2aa456e9..fbfdb4311615 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.49.md b/shared/typeflow/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 0734b2b722ed..2f22c6655a58 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index c8b656e4f351..1652285654aa 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.30 + +No user-facing changes. + ## 0.0.29 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.30.md b/shared/typeinference/change-notes/released/0.0.30.md new file mode 100644 index 000000000000..10c7a0c5c131 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.30.md @@ -0,0 +1,3 @@ +## 0.0.30 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index c81f18131208..0c61b463bab3 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.29 +lastReleaseVersion: 0.0.30 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 2bf5c49d97e5..039107b5ef96 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.30-dev +version: 0.0.30 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 75d8938e6a18..ecdded5ceda8 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.33 + +No user-facing changes. + ## 2.0.32 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.33.md b/shared/typetracking/change-notes/released/2.0.33.md new file mode 100644 index 000000000000..d33a61332cf3 --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.33.md @@ -0,0 +1,3 @@ +## 2.0.33 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 483a0d5db8ec..92e23200b4d6 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.33 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fe35cf5955b6..4f8f21fd5690 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.33-dev +version: 2.0.33 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 35825098a633..617fa5638b45 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.49.md b/shared/typos/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index a8c85168f20f..441404e19f3b 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index d1becc8ba2c1..51488029e964 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.36 + +No user-facing changes. + ## 2.0.35 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.36.md b/shared/util/change-notes/released/2.0.36.md new file mode 100644 index 000000000000..8acdd12366e4 --- /dev/null +++ b/shared/util/change-notes/released/2.0.36.md @@ -0,0 +1,3 @@ +## 2.0.36 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 27eb8ef8ecea..7e4aaa0dd676 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.35 +lastReleaseVersion: 2.0.36 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 99f8c5374dce..f3b6b7f3ff83 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.36-dev +version: 2.0.36 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 131bf7afd2a2..9f60f66ff728 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.49.md b/shared/xml/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 2c44df63e7e5..718c36108f61 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 1c420b31355d..a13e3308874d 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.49.md b/shared/yaml/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 6778ee5a156c..4bb6e173ab60 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.49-dev +version: 1.0.49 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e2cb45f97693..e7979dbf0ed4 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 6.5.0 + +### New Features + +* The `BuiltinFixedArrayType` class now defines the predicates `getSize` and `getElementType`, which yield the size of the array and the type of elements stored in the array, respectively. + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3.1. + ## 6.4.0 ### Major Analysis Improvements diff --git a/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md b/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md deleted file mode 100644 index acc4bc73861a..000000000000 --- a/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Upgraded to allow analysis of Swift 6.3.1. diff --git a/swift/ql/lib/change-notes/2026-04-17-fixed-array.md b/swift/ql/lib/change-notes/released/6.5.0.md similarity index 63% rename from swift/ql/lib/change-notes/2026-04-17-fixed-array.md rename to swift/ql/lib/change-notes/released/6.5.0.md index 3fd91627544b..5b390d1bfd4a 100644 --- a/swift/ql/lib/change-notes/2026-04-17-fixed-array.md +++ b/swift/ql/lib/change-notes/released/6.5.0.md @@ -1,4 +1,9 @@ ---- -category: feature ---- +## 6.5.0 + +### New Features + * The `BuiltinFixedArrayType` class now defines the predicates `getSize` and `getElementType`, which yield the size of the array and the type of elements stored in the array, respectively. + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3.1. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 3098c5db6c37..2813c8e210f0 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.4.0 +lastReleaseVersion: 6.5.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 595a2804df50..ff088e209fa8 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.4.1-dev +version: 6.5.0 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index af70cebc1e49..f7b811010377 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.2 + +No user-facing changes. + ## 1.3.1 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.3.2.md b/swift/ql/src/change-notes/released/1.3.2.md new file mode 100644 index 000000000000..14f14807ef51 --- /dev/null +++ b/swift/ql/src/change-notes/released/1.3.2.md @@ -0,0 +1,3 @@ +## 1.3.2 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index e71b6d081f15..86a9cb32d86b 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.1 +lastReleaseVersion: 1.3.2 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 6b4dc1f65e51..26d9123f0501 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.2-dev +version: 1.3.2 groups: - swift - queries