diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index e84ba38d1801..011af903a2a2 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.4.35 + +No user-facing changes. + ## 0.4.34 ### Minor Analysis Improvements diff --git a/actions/ql/lib/change-notes/released/0.4.35.md b/actions/ql/lib/change-notes/released/0.4.35.md new file mode 100644 index 000000000000..3274ffc88e4d --- /dev/null +++ b/actions/ql/lib/change-notes/released/0.4.35.md @@ -0,0 +1,3 @@ +## 0.4.35 + +No user-facing changes. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 69fb16e4c39f..524302c92d3e 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.34 +lastReleaseVersion: 0.4.35 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index 6e78fc546b33..cf1232c01fb4 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.35-dev +version: 0.4.36-dev library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 96f8d2662060..0a7fa1ce8309 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.27 + +No user-facing changes. + ## 0.6.26 ### Major Analysis Improvements @@ -173,7 +177,7 @@ No user-facing changes. * `actions/if-expression-always-true/critical` * `actions/if-expression-always-true/high` * `actions/unnecessary-use-of-advanced-config` - + * The following query has been moved from the `code-scanning` suite to the `security-extended` suite. Any existing alerts for this query will be closed automatically unless the analysis is configured to use the `security-extended` suite. diff --git a/actions/ql/src/change-notes/released/0.6.27.md b/actions/ql/src/change-notes/released/0.6.27.md new file mode 100644 index 000000000000..52d3a10fd1f9 --- /dev/null +++ b/actions/ql/src/change-notes/released/0.6.27.md @@ -0,0 +1,3 @@ +## 0.6.27 + +No user-facing changes. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index e83bac0046e3..0748b12112f0 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.26 +lastReleaseVersion: 0.6.27 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index c815afc498c8..2c9811c780ad 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.27-dev +version: 0.6.28-dev library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 2cd1bcede35e..828b87791179 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 10.1.0 + +### New Features + +* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). + +### Minor Analysis Improvements + +* Added taint flow models for the `Strsafe.h` header from the Windows SDK. + ## 10.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 30f0092a4e95..000000000000 --- a/cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). diff --git a/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md b/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md deleted file mode 100644 index 4b0d7528d479..000000000000 --- a/cpp/ql/lib/change-notes/2026-03-28-switch-stmt.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. diff --git a/cpp/ql/lib/change-notes/2026-04-28-strsafe.md b/cpp/ql/lib/change-notes/2026-04-28-strsafe.md deleted file mode 100644 index 9ef3fab08537..000000000000 --- a/cpp/ql/lib/change-notes/2026-04-28-strsafe.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added taint flow models for the `Strsafe.h` header from the Windows SDK. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/released/10.1.0.md b/cpp/ql/lib/change-notes/released/10.1.0.md new file mode 100644 index 000000000000..45d153b4896e --- /dev/null +++ b/cpp/ql/lib/change-notes/released/10.1.0.md @@ -0,0 +1,10 @@ +## 10.1.0 + +### New Features + +* A new predicate `getSwitchCase` was added to the `SwitchStmt` class, which yields the `n`th `case` statement from a `switch` statement. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C and C++](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-cpp/). + +### Minor Analysis Improvements + +* Added taint flow models for the `Strsafe.h` header from the Windows SDK. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 28758256b943..a85b2d36d7c5 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 10.0.0 +lastReleaseVersion: 10.1.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 8a9d60a7fa94..88d4dafaebb1 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 10.0.1-dev +version: 10.1.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index e677f584416c..3a9d4fae927b 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 ### Minor Analysis Improvements @@ -366,7 +370,7 @@ No user-facing changes. ### Minor Analysis Improvements * The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives. -* Added dataflow models for the `gettext` function variants. +* Added dataflow models for the `gettext` function variants. ## 0.9.4 diff --git a/cpp/ql/src/change-notes/released/1.6.2.md b/cpp/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 000000000000..bbe3747556fb --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index ef7a789e0cf1..5f5beb68311a 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 714167434c8a..ddd0014f2e02 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.2-dev +version: 1.6.3-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 166a94bd88df..4cb7b5569687 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.66 + +No user-facing changes. + ## 1.7.65 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md new file mode 100644 index 000000000000..7fc1a46a66ef --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.66.md @@ -0,0 +1,3 @@ +## 1.7.66 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index bf581427d298..7d0a2c0bc078 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.66 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 9d0e0ffd4f96..c5cfa0dcd89b 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.66-dev +version: 1.7.67-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 166a94bd88df..4cb7b5569687 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.66 + +No user-facing changes. + ## 1.7.65 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md new file mode 100644 index 000000000000..7fc1a46a66ef --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.66.md @@ -0,0 +1,3 @@ +## 1.7.66 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index bf581427d298..7d0a2c0bc078 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.66 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index f5203f4e4434..c9f0acac983d 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.66-dev +version: 1.7.67-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 2e3f6c137eed..1d7f42a9075e 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,42 @@ +## 6.0.0 + +### Breaking Changes + +* The C# control flow graph (CFG) implementation has been completely + rewritten. The CFG now includes additional nodes to more accurately represent + certain constructs. This also means that any existing code that implicitly + relies on very specific details about the CFG may need to be updated. + The CFG no longer uses splitting, which means that AST nodes now have a unique + CFG node representation. + Additionally, the following breaking changes have been made: + - `ControlFlow::Node` has been renamed to `ControlFlowNode`. + - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. + - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. + - `BasicBlocks.qll` has been deleted. + - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG + mapping remains one-to-many, but now for a different reason. It used to be + because of splitting, but now it's because of additional "helper" CFG + nodes. To get the (now canonical) CFG node for a given AST node, use + `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or + `ControlFlowElement.getControlFlowNode()` instead. + +### Deprecated APIs + +* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). + +### Major Analysis Improvements + +* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. + +### Minor Analysis Improvements + +* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. +* C# 14: Added support for user-defined compound assignment operators. + ## 5.5.0 ### Deprecated APIs diff --git a/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md b/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md deleted file mode 100644 index f7e68b9b7d73..000000000000 --- a/csharp/ql/lib/change-notes/2026-03-06-compound-assignment-operations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* C# 14: Added support for user-defined compound assignment operators. diff --git a/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 6408acc7dae8..000000000000 --- a/csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). diff --git a/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md b/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md deleted file mode 100644 index 52f3f721e9fa..000000000000 --- a/csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. diff --git a/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md b/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md deleted file mode 100644 index a4282d0468da..000000000000 --- a/csharp/ql/lib/change-notes/2026-04-10-nuget-feed-usage-in-bmn.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. diff --git a/csharp/ql/lib/change-notes/2026-04-13-cfg.md b/csharp/ql/lib/change-notes/2026-04-13-cfg.md deleted file mode 100644 index 9c588fbcfa8f..000000000000 --- a/csharp/ql/lib/change-notes/2026-04-13-cfg.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -category: breaking ---- -* The C# control flow graph (CFG) implementation has been completely - rewritten. The CFG now includes additional nodes to more accurately represent - certain constructs. This also means that any existing code that implicitly - relies on very specific details about the CFG may need to be updated. - The CFG no longer uses splitting, which means that AST nodes now have a unique - CFG node representation. - Additionally, the following breaking changes have been made: - - `ControlFlow::Node` has been renamed to `ControlFlowNode`. - - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. - - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. - - `BasicBlocks.qll` has been deleted. - - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG - mapping remains one-to-many, but now for a different reason. It used to be - because of splitting, but now it's because of additional "helper" CFG - nodes. To get the (now canonical) CFG node for a given AST node, use - `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or - `ControlFlowElement.getControlFlowNode()` instead. diff --git a/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md b/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md deleted file mode 100644 index 27988f36f2fd..000000000000 --- a/csharp/ql/lib/change-notes/2026-05-01-ssa-replacement.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: deprecated ---- -* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. diff --git a/csharp/ql/lib/change-notes/released/6.0.0.md b/csharp/ql/lib/change-notes/released/6.0.0.md new file mode 100644 index 000000000000..e249567d0958 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/6.0.0.md @@ -0,0 +1,38 @@ +## 6.0.0 + +### Breaking Changes + +* The C# control flow graph (CFG) implementation has been completely + rewritten. The CFG now includes additional nodes to more accurately represent + certain constructs. This also means that any existing code that implicitly + relies on very specific details about the CFG may need to be updated. + The CFG no longer uses splitting, which means that AST nodes now have a unique + CFG node representation. + Additionally, the following breaking changes have been made: + - `ControlFlow::Node` has been renamed to `ControlFlowNode`. + - `ControlFlow::Nodes` has been renamed to `ControlFlowNodes`. + - `BasicBlock.getCallable` has been renamed to `BasicBlock.getEnclosingCallable`. + - `BasicBlocks.qll` has been deleted. + - `ControlFlowNode.getAstNode` has changed its meaning. The AST-to-CFG + mapping remains one-to-many, but now for a different reason. It used to be + because of splitting, but now it's because of additional "helper" CFG + nodes. To get the (now canonical) CFG node for a given AST node, use + `ControlFlowNode.asExpr()` or `ControlFlowNode.asStmt()` or + `ControlFlowElement.getControlFlowNode()` instead. + +### Deprecated APIs + +* The QL classes in the C# SSA library have been renamed to improve consistency between languages. Any custom QL code that makes use of SSA needs to be updated. The old classes have been deprecated and include more detailed migration instructions in their qldoc. + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/). + +### Major Analysis Improvements + +* When resolving dependencies in `build-mode: none`, `dotnet restore` now explicitly receives reachable NuGet feeds configured in `nuget.config` when feed responsiveness checking is enabled (the default), and any private registries directly, improving reliability when default feeds are unavailable or restricted. + +### Minor Analysis Improvements + +* Expanded ASP and ASP.NET remote source modeling to cover additional sources, including fields of tainted parameters as well as properties and fields that become tainted transitively. +* C# 14: Added support for user-defined compound assignment operators. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 4b8cf9533c17..f8c4fa43ccb7 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.5.0 +lastReleaseVersion: 6.0.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 26e332652cdb..0e03db99ca91 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.5.1-dev +version: 6.0.1-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index cdab71341852..32243acfb97f 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.2 + +No user-facing changes. + ## 1.7.1 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/1.7.2.md b/csharp/ql/src/change-notes/released/1.7.2.md new file mode 100644 index 000000000000..b950385c16d7 --- /dev/null +++ b/csharp/ql/src/change-notes/released/1.7.2.md @@ -0,0 +1,3 @@ +## 1.7.2 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 7bdec0d85c73..39bbba86c198 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.1 +lastReleaseVersion: 1.7.2 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 25b04cf2dc66..de201743065f 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.2-dev +version: 1.7.3-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a3aa00d4872e..a6b6055373af 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.49.md b/go/ql/consistency-queries/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index a82ec95583b6..49572c215bbd 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.49-dev +version: 1.0.50-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 737d08654b89..5043d924be06 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Go](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-go/). + ## 7.0.6 No user-facing changes. diff --git a/go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/go/ql/lib/change-notes/released/7.1.0.md similarity index 89% rename from go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to go/ql/lib/change-notes/released/7.1.0.md index ee1b51de861f..b1f6efbf0010 100644 --- a/go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/go/ql/lib/change-notes/released/7.1.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 7.1.0 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Go](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-go/). diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index c7cff8c53789..dcaaa76112a6 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.6 +lastReleaseVersion: 7.1.0 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index e191e0da6884..16ddb133517d 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.0.7-dev +version: 7.1.1-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 971d478d56e4..ddda5dc4829c 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/go/ql/src/change-notes/released/1.6.2.md b/go/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 000000000000..bbe3747556fb --- /dev/null +++ b/go/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index ef7a789e0cf1..5f5beb68311a 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index fa7e934382a8..5fdc63fe363d 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.2-dev +version: 1.6.3-dev groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2d34c791c924..2187f00c3997 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,18 @@ +## 9.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). + +### Minor Analysis Improvements + +* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. +* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. +* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. +* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). +* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. +* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. + ## 9.0.4 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index f8bcbb1fcb2a..000000000000 --- a/java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). diff --git a/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md b/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md deleted file mode 100644 index 8856d419bce0..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. diff --git a/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md b/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md deleted file mode 100644 index 15fc811360b5..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). diff --git a/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md b/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md deleted file mode 100644 index 7323ab09737a..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-sensitive-log-hash-sanitizer.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. diff --git a/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md b/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md deleted file mode 100644 index b80c0611b6de..000000000000 --- a/java/ql/lib/change-notes/2026-04-04-trust-boundary-regexp-barrier.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. diff --git a/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md b/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md deleted file mode 100644 index 8c15a346552e..000000000000 --- a/java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. diff --git a/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md b/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md deleted file mode 100644 index 018ce8d348e7..000000000000 --- a/java/ql/lib/change-notes/2026-04-23-hibernate-queryproducer-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. diff --git a/java/ql/lib/change-notes/released/9.1.0.md b/java/ql/lib/change-notes/released/9.1.0.md new file mode 100644 index 000000000000..aed1a85e63f4 --- /dev/null +++ b/java/ql/lib/change-notes/released/9.1.0.md @@ -0,0 +1,14 @@ +## 9.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/). + +### Minor Analysis Improvements + +* Added `sql-injection` sink models for the Hibernate `org.hibernate.query.QueryProducer` methods `createNativeMutationQuery`, `createMutationQuery`, and `createSelectionQuery`. +* The `java/partial-path-traversal` and `java/partial-path-traversal-from-remote` queries now correctly recognize file separator appends using `+=`. +* The `java/path-injection` and `java/zipslip` queries now recognize `Path.toRealPath()` as a path normalization sanitizer, consistent with the existing treatment of `Path.normalize()` and `File.getCanonicalPath()`. This reduces false positives for code that uses the NIO.2 API for path canonicalization. +* The `java/sensitive-log` query now excludes additional common variable naming patterns that do not hold sensitive data, reducing false positives. This includes pagination/iteration tokens (`nextToken`, `pageToken`, `continuationToken`), token metadata (`tokenType`, `tokenEndpoint`, `tokenCount`), and secret metadata (`secretName`, `secretId`, `secretVersion`). +* The `java/sensitive-log` query now treats method calls whose names contain "encrypt", "hash", or "digest" as sanitizers, consistent with the existing treatment in `java/cleartext-storage-in-log`. This reduces false positives when sensitive data is hashed or encrypted before logging. +* The `java/trust-boundary-violation` query now recognizes regular expression checks (including `String.matches()` guards and `@javax.validation.constraints.Pattern` annotations) as sanitizers, consistent with the existing treatment of ESAPI validators. This reduces false positives when input is validated against a pattern before being stored in a session. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 4bbe4f75b589..83ec2b42fcdd 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.4 +lastReleaseVersion: 9.1.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index d256d2a84c13..e5ebb1d2131c 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.0.5-dev +version: 9.1.1-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 1b5d2bdad8a2..fd13cbdcf830 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.11.2 + +No user-facing changes. + ## 1.11.1 No user-facing changes. diff --git a/java/ql/src/change-notes/released/1.11.2.md b/java/ql/src/change-notes/released/1.11.2.md new file mode 100644 index 000000000000..93a8b73f6b95 --- /dev/null +++ b/java/ql/src/change-notes/released/1.11.2.md @@ -0,0 +1,3 @@ +## 1.11.2 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 4ae123153bf4..3e341cf85d52 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.11.1 +lastReleaseVersion: 1.11.2 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 2f2233460bac..3776af914c2c 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.2-dev +version: 1.11.3-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 77837f46c5e8..53708faed093 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.7.0 + +### New Features + +* Added support for [`@vercel/node`](https://www.npmjs.com/package/@vercel/node) Vercel serverless functions. Handlers are recognized via the `VercelRequest`/`VercelResponse` TypeScript parameter types, and standard security queries (`js/reflected-xss`, `js/request-forgery`, `js/sql-injection`, `js/command-line-injection`, etc.) now detect vulnerabilities in Vercel API route files. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). + ## 2.6.28 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index d849f4c0c698..000000000000 --- a/javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). diff --git a/javascript/ql/lib/change-notes/2026-04-12-vercel-node.md b/javascript/ql/lib/change-notes/released/2.7.0.md similarity index 58% rename from javascript/ql/lib/change-notes/2026-04-12-vercel-node.md rename to javascript/ql/lib/change-notes/released/2.7.0.md index 39802258b02f..c6f46c8c0d4b 100644 --- a/javascript/ql/lib/change-notes/2026-04-12-vercel-node.md +++ b/javascript/ql/lib/change-notes/released/2.7.0.md @@ -1,4 +1,6 @@ ---- -category: feature ---- +## 2.7.0 + +### New Features + * Added support for [`@vercel/node`](https://www.npmjs.com/package/@vercel/node) Vercel serverless functions. Handlers are recognized via the `VercelRequest`/`VercelResponse` TypeScript parameter types, and standard security queries (`js/reflected-xss`, `js/request-forgery`, `js/sql-injection`, `js/command-line-injection`, etc.) now detect vulnerabilities in Vercel API route files. +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for JavaScript](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/). diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2456457874e2..6a6c87f537da 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.28 +lastReleaseVersion: 2.7.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index b62abbbe1016..623a7f4db2f2 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.29-dev +version: 2.7.1-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 9b122364ffae..615c030de52a 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.3.9 + +No user-facing changes. + ## 2.3.8 ### Minor Analysis Improvements diff --git a/javascript/ql/src/change-notes/released/2.3.9.md b/javascript/ql/src/change-notes/released/2.3.9.md new file mode 100644 index 000000000000..fac422eb6b87 --- /dev/null +++ b/javascript/ql/src/change-notes/released/2.3.9.md @@ -0,0 +1,3 @@ +## 2.3.9 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index c68b70cb8bea..079eb5bfb0c3 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.3.8 +lastReleaseVersion: 2.3.9 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 9081791d0e0d..593c00324664 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.9-dev +version: 2.3.10-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 897533f6450c..d6d070a91bb9 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.49.md b/misc/suite-helpers/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 778284fbe9a3..802112d0fc81 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.49-dev +version: 1.0.50-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 69fa60a66758..8ede35e9bdc6 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). + +### Minor Analysis Improvements + +- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. + ## 7.0.5 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md deleted file mode 100644 index 522801a0e46d..000000000000 --- a/python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). diff --git a/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md b/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md deleted file mode 100644 index d7406d0a606c..000000000000 --- a/python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. diff --git a/python/ql/lib/change-notes/released/7.1.0.md b/python/ql/lib/change-notes/released/7.1.0.md new file mode 100644 index 000000000000..553b5fe4cee7 --- /dev/null +++ b/python/ql/lib/change-notes/released/7.1.0.md @@ -0,0 +1,9 @@ +## 7.1.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/). + +### Minor Analysis Improvements + +- The Python extractor now supports unpacking in comprehensions, e.g. `[*x for x in nested]` (as defined in [PEP-798](https://peps.python.org/pep-0798/)) that will be part of Python 3.15. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 2cff21d59fec..dcaaa76112a6 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.5 +lastReleaseVersion: 7.1.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 8564a098594b..724d270b4e87 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.0.6-dev +version: 7.1.1-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 38018f098560..8676d754d015 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.8.2 + +No user-facing changes. + ## 1.8.1 ### Minor Analysis Improvements diff --git a/python/ql/src/change-notes/released/1.8.2.md b/python/ql/src/change-notes/released/1.8.2.md new file mode 100644 index 000000000000..12e641fd7205 --- /dev/null +++ b/python/ql/src/change-notes/released/1.8.2.md @@ -0,0 +1,3 @@ +## 1.8.2 + +No user-facing changes. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 28a7c123ae84..559af8348bb0 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.8.1 +lastReleaseVersion: 1.8.2 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 2d99bcd0c7a3..0544fddc168f 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.2-dev +version: 1.8.3-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 8315b6413696..e8dd84283c66 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 5.2.0 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/). + ## 5.1.16 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/ruby/ql/lib/change-notes/released/5.2.0.md similarity index 89% rename from ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to ruby/ql/lib/change-notes/released/5.2.0.md index da53d584e11d..c17c834f18d8 100644 --- a/ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/ruby/ql/lib/change-notes/released/5.2.0.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 5.2.0 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. For more information see [Customizing library models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/). diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 735f742e9af7..9e57a36a7dce 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.16 +lastReleaseVersion: 5.2.0 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index 1ac5090098a3..cfdaf454426f 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.17-dev +version: 5.2.1-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 5266fc1d5d91..927a40e596db 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.2 + +No user-facing changes. + ## 1.6.1 No user-facing changes. diff --git a/ruby/ql/src/change-notes/released/1.6.2.md b/ruby/ql/src/change-notes/released/1.6.2.md new file mode 100644 index 000000000000..bbe3747556fb --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.6.2.md @@ -0,0 +1,3 @@ +## 1.6.2 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index ef7a789e0cf1..5f5beb68311a 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.2 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 978102bb82a6..beaf92c0d8a3 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.2-dev +version: 1.6.3-dev groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 8e515660f290..30ae7d73b67f 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.2.13 + +### New Features + +* Data flow barriers and barrier guards can now be added using data extensions. + ## 0.2.12 No user-facing changes. diff --git a/rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md b/rust/ql/lib/change-notes/released/0.2.13.md similarity index 73% rename from rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md rename to rust/ql/lib/change-notes/released/0.2.13.md index 5e97a1533a9e..9c390c9ca09b 100644 --- a/rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md +++ b/rust/ql/lib/change-notes/released/0.2.13.md @@ -1,4 +1,5 @@ ---- -category: feature ---- +## 0.2.13 + +### New Features + * Data flow barriers and barrier guards can now be added using data extensions. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index da1cea933934..979eb20092e9 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.12 +lastReleaseVersion: 0.2.13 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 7eb159e4b505..47f846eb02b0 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.13-dev +version: 0.2.14-dev groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 14034c9877d8..4b735337c908 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.34 + +No user-facing changes. + ## 0.1.33 No user-facing changes. diff --git a/rust/ql/src/change-notes/released/0.1.34.md b/rust/ql/src/change-notes/released/0.1.34.md new file mode 100644 index 000000000000..a3a4edb1e1d0 --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.34.md @@ -0,0 +1,3 @@ +## 0.1.34 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index d9c9e819daa0..a1d4333b19bf 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.33 +lastReleaseVersion: 0.1.34 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index 7b2bd73728ae..ec76e8f1265b 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.34-dev +version: 0.1.35-dev groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index e8b920847e90..59942922ea09 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.23 + +No user-facing changes. + ## 0.0.22 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.23.md b/shared/concepts/change-notes/released/0.0.23.md new file mode 100644 index 000000000000..e89a1284bb82 --- /dev/null +++ b/shared/concepts/change-notes/released/0.0.23.md @@ -0,0 +1,3 @@ +## 0.0.23 + +No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index 11aaa2243f57..cc2195603d84 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.22 +lastReleaseVersion: 0.0.23 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index 947826f7dfd7..6943387bae25 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.23-dev +version: 0.0.24-dev groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index df00c6146d8f..9c6d7c09d178 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.33 + +No user-facing changes. + ## 2.0.32 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.33.md b/shared/controlflow/change-notes/released/2.0.33.md new file mode 100644 index 000000000000..d33a61332cf3 --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.33.md @@ -0,0 +1,3 @@ +## 2.0.33 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 483a0d5db8ec..92e23200b4d6 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.33 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index adc4aedc5c37..7fbe2fd4ea99 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.33-dev +version: 2.0.34-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ed60239f3de3..9e4ca0a0ea81 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.1.5 + +No user-facing changes. + ## 2.1.4 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.1.5.md b/shared/dataflow/change-notes/released/2.1.5.md new file mode 100644 index 000000000000..7e559ea5dd0a --- /dev/null +++ b/shared/dataflow/change-notes/released/2.1.5.md @@ -0,0 +1,3 @@ +## 2.1.5 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 896b46fda9bd..a890ff0111c9 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.4 +lastReleaseVersion: 2.1.5 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index a18b746e4b44..34336f4c3221 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.5-dev +version: 2.1.6-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index ff868403d0c4..5d5551d10a36 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.49.md b/shared/mad/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index dd5fcf54034b..5631fbf1a734 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index eccc65c6041d..be06e2108a8a 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.27 + +No user-facing changes. + ## 0.0.26 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.27.md b/shared/quantum/change-notes/released/0.0.27.md new file mode 100644 index 000000000000..ff6e274427b7 --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.27.md @@ -0,0 +1,3 @@ +## 0.0.27 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index c576d2d7db2a..dbab90d69898 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.26 +lastReleaseVersion: 0.0.27 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index c4e5d41dfaa3..794f238b6e90 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.27-dev +version: 0.0.28-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 9afb612f18a4..8b457ef59270 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.49.md b/shared/rangeanalysis/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index ed3b4a66239c..e43819bf36ee 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 2375b7b56ab6..639cede00af6 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.49.md b/shared/regex/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 3d569c7d429f..242382c6a1f3 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index dd21ba6d38b1..9cfbb004657b 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.25 + +No user-facing changes. + ## 2.0.24 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.25.md b/shared/ssa/change-notes/released/2.0.25.md new file mode 100644 index 000000000000..ca39dd50c697 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.25.md @@ -0,0 +1,3 @@ +## 2.0.25 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 1460df314d51..f54d86201189 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.24 +lastReleaseVersion: 2.0.25 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index c1fd261e070e..9e510c43dd0c 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.25-dev +version: 2.0.26-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a3aa00d4872e..a6b6055373af 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.49.md b/shared/threat-models/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 59ce8c067277..14e33e435d13 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.49-dev +version: 1.0.50-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 9350e8a04eb7..5fcacc0b8b5b 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.49.md b/shared/tutorial/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 36b8181e0bf7..10b77ca04381 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 035c2aa456e9..fbfdb4311615 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.49.md b/shared/typeflow/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index 0734b2b722ed..9301be5228f9 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index c8b656e4f351..1652285654aa 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.30 + +No user-facing changes. + ## 0.0.29 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.30.md b/shared/typeinference/change-notes/released/0.0.30.md new file mode 100644 index 000000000000..10c7a0c5c131 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.30.md @@ -0,0 +1,3 @@ +## 0.0.30 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index c81f18131208..0c61b463bab3 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.29 +lastReleaseVersion: 0.0.30 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 2bf5c49d97e5..1db3c0e95acc 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.30-dev +version: 0.0.31-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 75d8938e6a18..ecdded5ceda8 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.33 + +No user-facing changes. + ## 2.0.32 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.33.md b/shared/typetracking/change-notes/released/2.0.33.md new file mode 100644 index 000000000000..d33a61332cf3 --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.33.md @@ -0,0 +1,3 @@ +## 2.0.33 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 483a0d5db8ec..92e23200b4d6 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.33 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index fe35cf5955b6..436b35815f01 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.33-dev +version: 2.0.34-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 35825098a633..617fa5638b45 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.49.md b/shared/typos/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index a8c85168f20f..4057cfb57844 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index d1becc8ba2c1..51488029e964 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.36 + +No user-facing changes. + ## 2.0.35 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.36.md b/shared/util/change-notes/released/2.0.36.md new file mode 100644 index 000000000000..8acdd12366e4 --- /dev/null +++ b/shared/util/change-notes/released/2.0.36.md @@ -0,0 +1,3 @@ +## 2.0.36 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 27eb8ef8ecea..7e4aaa0dd676 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.35 +lastReleaseVersion: 2.0.36 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 99f8c5374dce..cff240056a43 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.36-dev +version: 2.0.37-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 131bf7afd2a2..9f60f66ff728 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.49.md b/shared/xml/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 2c44df63e7e5..748ac73e0f8d 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 1c420b31355d..a13e3308874d 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.49 + +No user-facing changes. + ## 1.0.48 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.49.md b/shared/yaml/change-notes/released/1.0.49.md new file mode 100644 index 000000000000..df67fb8cc768 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.49.md @@ -0,0 +1,3 @@ +## 1.0.49 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 6db79f2c3970..596617977df1 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.49 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 6778ee5a156c..54d582bb9fab 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.49-dev +version: 1.0.50-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e2cb45f97693..e7979dbf0ed4 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 6.5.0 + +### New Features + +* The `BuiltinFixedArrayType` class now defines the predicates `getSize` and `getElementType`, which yield the size of the array and the type of elements stored in the array, respectively. + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3.1. + ## 6.4.0 ### Major Analysis Improvements diff --git a/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md b/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md deleted file mode 100644 index acc4bc73861a..000000000000 --- a/swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Upgraded to allow analysis of Swift 6.3.1. diff --git a/swift/ql/lib/change-notes/2026-04-17-fixed-array.md b/swift/ql/lib/change-notes/released/6.5.0.md similarity index 63% rename from swift/ql/lib/change-notes/2026-04-17-fixed-array.md rename to swift/ql/lib/change-notes/released/6.5.0.md index 3fd91627544b..5b390d1bfd4a 100644 --- a/swift/ql/lib/change-notes/2026-04-17-fixed-array.md +++ b/swift/ql/lib/change-notes/released/6.5.0.md @@ -1,4 +1,9 @@ ---- -category: feature ---- +## 6.5.0 + +### New Features + * The `BuiltinFixedArrayType` class now defines the predicates `getSize` and `getElementType`, which yield the size of the array and the type of elements stored in the array, respectively. + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3.1. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 3098c5db6c37..2813c8e210f0 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.4.0 +lastReleaseVersion: 6.5.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 595a2804df50..921af77ca70c 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.4.1-dev +version: 6.5.1-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index af70cebc1e49..f7b811010377 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.2 + +No user-facing changes. + ## 1.3.1 No user-facing changes. diff --git a/swift/ql/src/change-notes/released/1.3.2.md b/swift/ql/src/change-notes/released/1.3.2.md new file mode 100644 index 000000000000..14f14807ef51 --- /dev/null +++ b/swift/ql/src/change-notes/released/1.3.2.md @@ -0,0 +1,3 @@ +## 1.3.2 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index e71b6d081f15..86a9cb32d86b 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.1 +lastReleaseVersion: 1.3.2 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 6b4dc1f65e51..5354c5ee4d5f 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.2-dev +version: 1.3.3-dev groups: - swift - queries