From 9f70f718e3e314204126c8a9acb42e339db367f0 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 27 Apr 2026 09:36:56 +0100 Subject: [PATCH 1/5] Revert "Release preparation for version 2.25.3" --- actions/ql/lib/CHANGELOG.md | 6 ------ ...md => 2026-03-26-remove-false-positive-sinks.md} | 7 +++---- actions/ql/lib/codeql-pack.release.yml | 2 +- actions/ql/lib/qlpack.yml | 2 +- actions/ql/src/CHANGELOG.md | 12 +----------- .../change-notes/2026-04-02-alert-msg-poisoning.md | 4 ++++ .../ql/src/change-notes/2026-04-02-permissions.md | 4 ++++ actions/ql/src/change-notes/released/0.6.26.md | 9 --------- actions/ql/src/codeql-pack.release.yml | 2 +- actions/ql/src/qlpack.yml | 2 +- cpp/ql/lib/CHANGELOG.md | 11 ----------- cpp/ql/lib/change-notes/2026-04-07-autoconf.md | 4 ++++ cpp/ql/lib/change-notes/2026-04-14-throwing.md | 5 +++++ cpp/ql/lib/change-notes/released/10.0.0.md | 10 ---------- cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 13 +------------ .../2026-03-23-implicit-function-declaration.md | 4 ++++ .../2026-04-02-comparison-with-wider-type.md | 4 ++++ .../2026-04-02-implicit-function-declaration.md | 4 ++++ ...026-04-02-integer-multiplication-cast-to-long.md | 4 ++++ .../2026-04-02-suspicious-add-sizeof.md | 4 ++++ .../2026-04-02-wrong-type-format-argument.md | 4 ++++ .../2026-04-16-add-model-for-aligned-alloc.md | 4 ++++ cpp/ql/src/change-notes/released/1.6.1.md | 10 ---------- cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ---- .../Solorigate/lib/change-notes/released/1.7.65.md | 3 --- .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ---- .../Solorigate/src/change-notes/released/1.7.65.md | 3 --- .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 6 ------ .../{released/5.5.0.md => 2026-04-01-getlrvalue.md} | 7 +++---- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 9 --------- .../1.7.1.md => 2026-04-17-useless-to-string.md} | 7 +++---- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ---- .../change-notes/released/1.0.48.md | 3 --- go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 4 ---- go/ql/lib/change-notes/released/7.0.6.md | 3 --- go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ---- go/ql/src/change-notes/released/1.6.1.md | 3 --- go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 6 ------ .../9.0.4.md => 2026-04-16-woodstox-xxe.md} | 7 +++---- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 4 ---- java/ql/src/change-notes/released/1.11.1.md | 3 --- java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ---- javascript/ql/lib/change-notes/released/2.6.28.md | 3 --- javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 7 ------- ...d => 2026-04-13-fastify-per-route-rate-limit.md} | 7 +++---- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ---- misc/suite-helpers/change-notes/released/1.0.48.md | 3 --- misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 6 ------ .../7.0.5.md => 2026-04-10-support-lazy-keyword.md} | 6 +++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ------ ...2026-03-26-improve-bind-all-interfaces-query.md} | 6 +++--- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ---- ruby/ql/lib/change-notes/released/5.1.16.md | 3 --- ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ---- ruby/ql/src/change-notes/released/1.6.1.md | 3 --- ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- rust/ql/lib/CHANGELOG.md | 4 ---- rust/ql/lib/change-notes/released/0.2.12.md | 3 --- rust/ql/lib/codeql-pack.release.yml | 2 +- rust/ql/lib/qlpack.yml | 2 +- rust/ql/src/CHANGELOG.md | 4 ---- rust/ql/src/change-notes/released/0.1.33.md | 3 --- rust/ql/src/codeql-pack.release.yml | 2 +- rust/ql/src/qlpack.yml | 2 +- shared/concepts/CHANGELOG.md | 4 ---- shared/concepts/change-notes/released/0.0.22.md | 3 --- shared/concepts/codeql-pack.release.yml | 2 +- shared/concepts/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ---- shared/controlflow/change-notes/released/2.0.32.md | 3 --- shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ---- shared/dataflow/change-notes/released/2.1.4.md | 3 --- shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ---- shared/mad/change-notes/released/1.0.48.md | 3 --- shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/quantum/CHANGELOG.md | 4 ---- shared/quantum/change-notes/released/0.0.26.md | 3 --- shared/quantum/codeql-pack.release.yml | 2 +- shared/quantum/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ---- .../rangeanalysis/change-notes/released/1.0.48.md | 3 --- shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ---- shared/regex/change-notes/released/1.0.48.md | 3 --- shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ---- shared/ssa/change-notes/released/2.0.24.md | 3 --- shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ---- .../threat-models/change-notes/released/1.0.48.md | 3 --- shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ---- shared/tutorial/change-notes/released/1.0.48.md | 3 --- shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ---- shared/typeflow/change-notes/released/1.0.48.md | 3 --- shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typeinference/CHANGELOG.md | 4 ---- .../typeinference/change-notes/released/0.0.29.md | 3 --- shared/typeinference/codeql-pack.release.yml | 2 +- shared/typeinference/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ---- shared/typetracking/change-notes/released/2.0.32.md | 3 --- shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ---- shared/typos/change-notes/released/1.0.48.md | 3 --- shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ---- shared/util/change-notes/released/2.0.35.md | 3 --- shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ---- shared/xml/change-notes/released/1.0.48.md | 3 --- shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ---- shared/yaml/change-notes/released/1.0.48.md | 3 --- shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ------ .../{released/6.4.0.md => 2026-04-06-swift-6.3.md} | 7 +++---- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ---- swift/ql/src/change-notes/released/1.3.1.md | 3 --- swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 175 files changed, 153 insertions(+), 437 deletions(-) rename actions/ql/lib/change-notes/{released/0.4.34.md => 2026-03-26-remove-false-positive-sinks.md} (79%) create mode 100644 actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md create mode 100644 actions/ql/src/change-notes/2026-04-02-permissions.md delete mode 100644 actions/ql/src/change-notes/released/0.6.26.md create mode 100644 cpp/ql/lib/change-notes/2026-04-07-autoconf.md create mode 100644 cpp/ql/lib/change-notes/2026-04-14-throwing.md delete mode 100644 cpp/ql/lib/change-notes/released/10.0.0.md create mode 100644 cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md create mode 100644 cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md create mode 100644 cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md create mode 100644 cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md create mode 100644 cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md create mode 100644 cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md create mode 100644 cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md delete mode 100644 cpp/ql/src/change-notes/released/1.6.1.md delete mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md delete mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md rename csharp/ql/lib/change-notes/{released/5.5.0.md => 2026-04-01-getlrvalue.md} (79%) rename csharp/ql/src/change-notes/{released/1.7.1.md => 2026-04-17-useless-to-string.md} (84%) delete mode 100644 go/ql/consistency-queries/change-notes/released/1.0.48.md delete mode 100644 go/ql/lib/change-notes/released/7.0.6.md delete mode 100644 go/ql/src/change-notes/released/1.6.1.md rename java/ql/lib/change-notes/{released/9.0.4.md => 2026-04-16-woodstox-xxe.md} (88%) delete mode 100644 java/ql/src/change-notes/released/1.11.1.md delete mode 100644 javascript/ql/lib/change-notes/released/2.6.28.md rename javascript/ql/src/change-notes/{released/2.3.8.md => 2026-04-13-fastify-per-route-rate-limit.md} (69%) delete mode 100644 misc/suite-helpers/change-notes/released/1.0.48.md rename python/ql/lib/change-notes/{released/7.0.5.md => 2026-04-10-support-lazy-keyword.md} (81%) rename python/ql/src/change-notes/{released/1.8.1.md => 2026-03-26-improve-bind-all-interfaces-query.md} (86%) delete mode 100644 ruby/ql/lib/change-notes/released/5.1.16.md delete mode 100644 ruby/ql/src/change-notes/released/1.6.1.md delete mode 100644 rust/ql/lib/change-notes/released/0.2.12.md delete mode 100644 rust/ql/src/change-notes/released/0.1.33.md delete mode 100644 shared/concepts/change-notes/released/0.0.22.md delete mode 100644 shared/controlflow/change-notes/released/2.0.32.md delete mode 100644 shared/dataflow/change-notes/released/2.1.4.md delete mode 100644 shared/mad/change-notes/released/1.0.48.md delete mode 100644 shared/quantum/change-notes/released/0.0.26.md delete mode 100644 shared/rangeanalysis/change-notes/released/1.0.48.md delete mode 100644 shared/regex/change-notes/released/1.0.48.md delete mode 100644 shared/ssa/change-notes/released/2.0.24.md delete mode 100644 shared/threat-models/change-notes/released/1.0.48.md delete mode 100644 shared/tutorial/change-notes/released/1.0.48.md delete mode 100644 shared/typeflow/change-notes/released/1.0.48.md delete mode 100644 shared/typeinference/change-notes/released/0.0.29.md delete mode 100644 shared/typetracking/change-notes/released/2.0.32.md delete mode 100644 shared/typos/change-notes/released/1.0.48.md delete mode 100644 shared/util/change-notes/released/2.0.35.md delete mode 100644 shared/xml/change-notes/released/1.0.48.md delete mode 100644 shared/yaml/change-notes/released/1.0.48.md rename swift/ql/lib/change-notes/{released/6.4.0.md => 2026-04-06-swift-6.3.md} (50%) delete mode 100644 swift/ql/src/change-notes/released/1.3.1.md diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index e84ba38d1801..d625bc6f619e 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 0.4.34 - -### Minor Analysis Improvements - -* Removed false positive injection sink models for the `context` input of `docker/build-push-action` and the `allowed-endpoints` input of `step-security/harden-runner`. - ## 0.4.33 No user-facing changes. diff --git a/actions/ql/lib/change-notes/released/0.4.34.md b/actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md similarity index 79% rename from actions/ql/lib/change-notes/released/0.4.34.md rename to actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md index 23b06db49679..20ccc6d6c024 100644 --- a/actions/ql/lib/change-notes/released/0.4.34.md +++ b/actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md @@ -1,5 +1,4 @@ -## 0.4.34 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * Removed false positive injection sink models for the `context` input of `docker/build-push-action` and the `allowed-endpoints` input of `step-security/harden-runner`. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 69fb16e4c39f..7581fef2abf7 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.34 +lastReleaseVersion: 0.4.33 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index b7acc7a39570..fec274158000 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.34 +version: 0.4.34-dev library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 96f8d2662060..d991237aca97 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,13 +1,3 @@ -## 0.6.26 - -### Major Analysis Improvements - -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also improved the wording to make it clearer that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Finally, changed the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. - -### Minor Analysis Improvements - -* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. - ## 0.6.25 No user-facing changes. @@ -173,7 +163,7 @@ No user-facing changes. * `actions/if-expression-always-true/critical` * `actions/if-expression-always-true/high` * `actions/unnecessary-use-of-advanced-config` - + * The following query has been moved from the `code-scanning` suite to the `security-extended` suite. Any existing alerts for this query will be closed automatically unless the analysis is configured to use the `security-extended` suite. diff --git a/actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md b/actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md new file mode 100644 index 000000000000..e2340f446a71 --- /dev/null +++ b/actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. \ No newline at end of file diff --git a/actions/ql/src/change-notes/2026-04-02-permissions.md b/actions/ql/src/change-notes/2026-04-02-permissions.md new file mode 100644 index 000000000000..2672a30ef870 --- /dev/null +++ b/actions/ql/src/change-notes/2026-04-02-permissions.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. \ No newline at end of file diff --git a/actions/ql/src/change-notes/released/0.6.26.md b/actions/ql/src/change-notes/released/0.6.26.md deleted file mode 100644 index 8bf43e639079..000000000000 --- a/actions/ql/src/change-notes/released/0.6.26.md +++ /dev/null @@ -1,9 +0,0 @@ -## 0.6.26 - -### Major Analysis Improvements - -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also improved the wording to make it clearer that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Finally, changed the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. - -### Minor Analysis Improvements - -* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index e83bac0046e3..b8288b392226 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.26 +lastReleaseVersion: 0.6.25 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index fc18f8052b23..3216a36f3d08 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.26 +version: 0.6.26-dev library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 2cd1bcede35e..5b5bc748c5dd 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,14 +1,3 @@ -## 10.0.0 - -### Breaking Changes - -* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. -* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. - -### New Features - -* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. - ## 9.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/2026-04-07-autoconf.md b/cpp/ql/lib/change-notes/2026-04-07-autoconf.md new file mode 100644 index 000000000000..9f04417b8e25 --- /dev/null +++ b/cpp/ql/lib/change-notes/2026-04-07-autoconf.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. diff --git a/cpp/ql/lib/change-notes/2026-04-14-throwing.md b/cpp/ql/lib/change-notes/2026-04-14-throwing.md new file mode 100644 index 000000000000..6a15437e126e --- /dev/null +++ b/cpp/ql/lib/change-notes/2026-04-14-throwing.md @@ -0,0 +1,5 @@ +--- +category: breaking +--- +* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. +* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. diff --git a/cpp/ql/lib/change-notes/released/10.0.0.md b/cpp/ql/lib/change-notes/released/10.0.0.md deleted file mode 100644 index af591bd1a0ad..000000000000 --- a/cpp/ql/lib/change-notes/released/10.0.0.md +++ /dev/null @@ -1,10 +0,0 @@ -## 10.0.0 - -### Breaking Changes - -* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. -* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. - -### New Features - -* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 28758256b943..fd5f4a48b3c1 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 10.0.0 +lastReleaseVersion: 9.0.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 4bcb59885fa7..dbf57d2b8699 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 10.0.0 +version: 9.0.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 80b9ad0e4753..a3f9d1836ade 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,14 +1,3 @@ -## 1.6.1 - -### Minor Analysis Improvements - -* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. -* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. However, for `build mode: none` databases, it no longer produces any results. The results in this mode were found to be very noisy and fundamentally imprecise. - ## 1.6.0 ### Query Metadata Changes @@ -366,7 +355,7 @@ No user-facing changes. ### Minor Analysis Improvements * The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives. -* Added dataflow models for the `gettext` function variants. +* Added dataflow models for the `gettext` function variants. ## 0.9.4 diff --git a/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md b/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md new file mode 100644 index 000000000000..8c2c431ec24c --- /dev/null +++ b/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. diff --git a/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md b/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md new file mode 100644 index 000000000000..c84e1dba404c --- /dev/null +++ b/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md b/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md new file mode 100644 index 000000000000..dd0dbd4bc7d9 --- /dev/null +++ b/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. diff --git a/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md b/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md new file mode 100644 index 000000000000..cd6796b408f0 --- /dev/null +++ b/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md b/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md new file mode 100644 index 000000000000..040e89c13475 --- /dev/null +++ b/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md b/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md new file mode 100644 index 000000000000..f8b9085dacc6 --- /dev/null +++ b/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md b/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md new file mode 100644 index 000000000000..af97cee7f9e4 --- /dev/null +++ b/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. diff --git a/cpp/ql/src/change-notes/released/1.6.1.md b/cpp/ql/src/change-notes/released/1.6.1.md deleted file mode 100644 index 83781b87c584..000000000000 --- a/cpp/ql/src/change-notes/released/1.6.1.md +++ /dev/null @@ -1,10 +0,0 @@ -## 1.6.1 - -### Minor Analysis Improvements - -* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. -* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. However, for `build mode: none` databases, it no longer produces any results. The results in this mode were found to be very noisy and fundamentally imprecise. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index ef7a789e0cf1..c4f0b07d5336 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.0 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 8ec81ab6135e..4648951796cc 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.1 +version: 1.6.1-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 166a94bd88df..f7107d18c014 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.65 - -No user-facing changes. - ## 1.7.64 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md deleted file mode 100644 index 12bf5dad4b08..000000000000 --- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.65 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index bf581427d298..f41e954c9ae2 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.64 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index d50eb024972c..006ef851567f 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.65 +version: 1.7.65-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 166a94bd88df..f7107d18c014 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.7.65 - -No user-facing changes. - ## 1.7.64 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md deleted file mode 100644 index 12bf5dad4b08..000000000000 --- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.7.65 - -No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index bf581427d298..f41e954c9ae2 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.65 +lastReleaseVersion: 1.7.64 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index bd70b1664ac5..af5fd98f58af 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.65 +version: 1.7.65-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 32cd8f33c650..57d99a41480b 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 5.5.0 - -### Deprecated APIs - -* The predicates `get[L|R]Value` in the class `Assignment` have been deprecated. Use `get[Left|Right]Operand` instead. - ## 5.4.12 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/released/5.5.0.md b/csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md similarity index 79% rename from csharp/ql/lib/change-notes/released/5.5.0.md rename to csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md index b497d8ea51b4..da1a3d621481 100644 --- a/csharp/ql/lib/change-notes/released/5.5.0.md +++ b/csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md @@ -1,5 +1,4 @@ -## 5.5.0 - -### Deprecated APIs - +--- +category: deprecated +--- * The predicates `get[L|R]Value` in the class `Assignment` have been deprecated. Use `get[Left|Right]Operand` instead. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 4b8cf9533c17..43db6e52c988 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.5.0 +lastReleaseVersion: 5.4.12 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index f90aa010b895..02c1ccd0d33c 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.5.0 +version: 5.4.13-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index cdab71341852..fc0f8c58d794 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,12 +1,3 @@ -## 1.7.1 - -### Minor Analysis Improvements - -* The query `cs/useless-tostring-call` has been updated to avoid false - positive results in calls to `StringBuilder.AppendLine` and calls of - the form `base.ToString()`. Moreover, the alert message has been - made more precise. - ## 1.7.0 ### Query Metadata Changes diff --git a/csharp/ql/src/change-notes/released/1.7.1.md b/csharp/ql/src/change-notes/2026-04-17-useless-to-string.md similarity index 84% rename from csharp/ql/src/change-notes/released/1.7.1.md rename to csharp/ql/src/change-notes/2026-04-17-useless-to-string.md index 0b5df9629c67..9b4c81378c91 100644 --- a/csharp/ql/src/change-notes/released/1.7.1.md +++ b/csharp/ql/src/change-notes/2026-04-17-useless-to-string.md @@ -1,7 +1,6 @@ -## 1.7.1 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * The query `cs/useless-tostring-call` has been updated to avoid false positive results in calls to `StringBuilder.AppendLine` and calls of the form `base.ToString()`. Moreover, the alert message has been diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 7bdec0d85c73..d1184cc67507 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.1 +lastReleaseVersion: 1.7.0 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index c7d8eace2961..9ea341d1b38d 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.1 +version: 1.7.1-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index a3aa00d4872e..34ae2fd22778 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.48.md b/go/ql/consistency-queries/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/go/ql/consistency-queries/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 2a03af961527..c9dda4765dd0 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.48 +version: 1.0.48-dev groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 737d08654b89..441d15a0d0e8 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 7.0.6 - -No user-facing changes. - ## 7.0.5 No user-facing changes. diff --git a/go/ql/lib/change-notes/released/7.0.6.md b/go/ql/lib/change-notes/released/7.0.6.md deleted file mode 100644 index ca9a73aa64c1..000000000000 --- a/go/ql/lib/change-notes/released/7.0.6.md +++ /dev/null @@ -1,3 +0,0 @@ -## 7.0.6 - -No user-facing changes. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index c7cff8c53789..2cff21d59fec 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.6 +lastReleaseVersion: 7.0.5 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 71a8c1c50f07..2d7338a020dc 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.0.6 +version: 7.0.6-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 971d478d56e4..2bc95cc19222 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.6.1 - -No user-facing changes. - ## 1.6.0 ### Query Metadata Changes diff --git a/go/ql/src/change-notes/released/1.6.1.md b/go/ql/src/change-notes/released/1.6.1.md deleted file mode 100644 index 898f6201ed73..000000000000 --- a/go/ql/src/change-notes/released/1.6.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.6.1 - -No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index ef7a789e0cf1..c4f0b07d5336 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.0 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 3f3d4e7cc2aa..de4e5e06d381 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.1 +version: 1.6.1-dev groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 2d34c791c924..caa1eaecb948 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 9.0.4 - -### Minor Analysis Improvements - -* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the Woodstox StAX library when `com.ctc.wstx.stax.WstxInputFactory` or `org.codehaus.stax2.XMLInputFactory2` are used directly. - ## 9.0.3 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/released/9.0.4.md b/java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md similarity index 88% rename from java/ql/lib/change-notes/released/9.0.4.md rename to java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md index a54996349514..891fc489e464 100644 --- a/java/ql/lib/change-notes/released/9.0.4.md +++ b/java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md @@ -1,5 +1,4 @@ -## 9.0.4 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the Woodstox StAX library when `com.ctc.wstx.stax.WstxInputFactory` or `org.codehaus.stax2.XMLInputFactory2` are used directly. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 4bbe4f75b589..175658aaf53d 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.4 +lastReleaseVersion: 9.0.3 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 0a842a96b345..7f058cfb8d60 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.0.4 +version: 9.0.4-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 1b5d2bdad8a2..2a2f8052092f 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.11.1 - -No user-facing changes. - ## 1.11.0 ### Query Metadata Changes diff --git a/java/ql/src/change-notes/released/1.11.1.md b/java/ql/src/change-notes/released/1.11.1.md deleted file mode 100644 index f5047685223d..000000000000 --- a/java/ql/src/change-notes/released/1.11.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.11.1 - -No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 4ae123153bf4..276088d81dc8 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.11.1 +lastReleaseVersion: 1.11.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 49c552ec02ac..72b4a5f94e6c 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.1 +version: 1.11.1-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 77837f46c5e8..fedb0b9b587f 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.6.28 - -No user-facing changes. - ## 2.6.27 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/2.6.28.md b/javascript/ql/lib/change-notes/released/2.6.28.md deleted file mode 100644 index 9c30dddcc0a7..000000000000 --- a/javascript/ql/lib/change-notes/released/2.6.28.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.6.28 - -No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2456457874e2..2ce86b10a85d 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.28 +lastReleaseVersion: 2.6.27 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index dabbc8bd755f..e0834c056d11 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.28 +version: 2.6.28-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 9b122364ffae..29e6c8e8da32 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,10 +1,3 @@ -## 2.3.8 - -### Minor Analysis Improvements - -* The query `js/missing-rate-limiting` now takes Fastify per-route - rate limiting into account. - ## 2.3.7 No user-facing changes. diff --git a/javascript/ql/src/change-notes/released/2.3.8.md b/javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md similarity index 69% rename from javascript/ql/src/change-notes/released/2.3.8.md rename to javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md index 5ce5cbe2f244..56d523885248 100644 --- a/javascript/ql/src/change-notes/released/2.3.8.md +++ b/javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md @@ -1,6 +1,5 @@ -## 2.3.8 - -### Minor Analysis Improvements - +--- +category: minorAnalysis +--- * The query `js/missing-rate-limiting` now takes Fastify per-route rate limiting into account. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index c68b70cb8bea..914cded08b38 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.3.8 +lastReleaseVersion: 2.3.7 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index dd4f7c255a84..117fae183e99 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.8 +version: 2.3.8-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 897533f6450c..4b73639b1f75 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.48.md b/misc/suite-helpers/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/misc/suite-helpers/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index c18ab2bb10ed..1d8538023420 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.48 +version: 1.0.48-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 69fa60a66758..a6833ea8db3d 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 7.0.5 - -### Minor Analysis Improvements - -- The Python extractor now supports the new `lazy import ...` and `lazy from ... import ...` (as defined in [PEP-810](https://peps.python.org/pep-0810/)) that will be part of Python 3.15. - ## 7.0.4 ### Bug Fixes diff --git a/python/ql/lib/change-notes/released/7.0.5.md b/python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md similarity index 81% rename from python/ql/lib/change-notes/released/7.0.5.md rename to python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md index e205660dfde0..67de168ff47e 100644 --- a/python/ql/lib/change-notes/released/7.0.5.md +++ b/python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md @@ -1,5 +1,5 @@ -## 7.0.5 - -### Minor Analysis Improvements +--- +category: minorAnalysis +--- - The Python extractor now supports the new `lazy import ...` and `lazy from ... import ...` (as defined in [PEP-810](https://peps.python.org/pep-0810/)) that will be part of Python 3.15. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 2cff21d59fec..6630ee1984ad 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.5 +lastReleaseVersion: 7.0.4 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 4dc63a6f9cbe..fe87c5761cfd 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.0.5 +version: 7.0.5-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 38018f098560..d5f5269c61d9 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,9 +1,3 @@ -## 1.8.1 - -### Minor Analysis Improvements - -- The `py/bind-socket-all-network-interfaces` query now uses the global data-flow library, leading to better precision and more results. Also, wrappers of `socket.socket` in the `eventlet` and `gevent` libraries are now also recognized as socket binding operations. - ## 1.8.0 ### Query Metadata Changes diff --git a/python/ql/src/change-notes/released/1.8.1.md b/python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md similarity index 86% rename from python/ql/src/change-notes/released/1.8.1.md rename to python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md index cafb58c11c9d..bc78b2b6f776 100644 --- a/python/ql/src/change-notes/released/1.8.1.md +++ b/python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md @@ -1,5 +1,5 @@ -## 1.8.1 - -### Minor Analysis Improvements +--- +category: minorAnalysis +--- - The `py/bind-socket-all-network-interfaces` query now uses the global data-flow library, leading to better precision and more results. Also, wrappers of `socket.socket` in the `eventlet` and `gevent` libraries are now also recognized as socket binding operations. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index 28a7c123ae84..dc8a37cc443d 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.8.1 +lastReleaseVersion: 1.8.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index b7d90a618e9f..aa2a2364854f 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.1 +version: 1.8.1-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 8315b6413696..40cb88d396f4 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 5.1.16 - -No user-facing changes. - ## 5.1.15 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/5.1.16.md b/ruby/ql/lib/change-notes/released/5.1.16.md deleted file mode 100644 index 42c9934011a3..000000000000 --- a/ruby/ql/lib/change-notes/released/5.1.16.md +++ /dev/null @@ -1,3 +0,0 @@ -## 5.1.16 - -No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 735f742e9af7..840348ed924e 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.16 +lastReleaseVersion: 5.1.15 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index ef68525f982b..bbf4de409093 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.16 +version: 5.1.16-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 5266fc1d5d91..cb4c0ae7874a 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.6.1 - -No user-facing changes. - ## 1.6.0 ### Query Metadata Changes diff --git a/ruby/ql/src/change-notes/released/1.6.1.md b/ruby/ql/src/change-notes/released/1.6.1.md deleted file mode 100644 index 898f6201ed73..000000000000 --- a/ruby/ql/src/change-notes/released/1.6.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.6.1 - -No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index ef7a789e0cf1..c4f0b07d5336 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.1 +lastReleaseVersion: 1.6.0 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 8964f6e51ac9..191689565de4 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.1 +version: 1.6.1-dev groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index 8e515660f290..eea5bd6e89d8 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.2.12 - -No user-facing changes. - ## 0.2.11 No user-facing changes. diff --git a/rust/ql/lib/change-notes/released/0.2.12.md b/rust/ql/lib/change-notes/released/0.2.12.md deleted file mode 100644 index 590eb0cedd1f..000000000000 --- a/rust/ql/lib/change-notes/released/0.2.12.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.2.12 - -No user-facing changes. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index da1cea933934..2ee635b99371 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.12 +lastReleaseVersion: 0.2.11 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 569930438abe..f50310200378 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.12 +version: 0.2.12-dev groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index 14034c9877d8..eab921bcbd6b 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.1.33 - -No user-facing changes. - ## 0.1.32 ### Query Metadata Changes diff --git a/rust/ql/src/change-notes/released/0.1.33.md b/rust/ql/src/change-notes/released/0.1.33.md deleted file mode 100644 index 5bd982edadd6..000000000000 --- a/rust/ql/src/change-notes/released/0.1.33.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.1.33 - -No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index d9c9e819daa0..21bbd752f27a 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.33 +lastReleaseVersion: 0.1.32 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index 0eefe2f39325..f78504db76eb 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.33 +version: 0.1.33-dev groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index e8b920847e90..704ea3e8e019 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.22 - -No user-facing changes. - ## 0.0.21 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.22.md b/shared/concepts/change-notes/released/0.0.22.md deleted file mode 100644 index 002267474382..000000000000 --- a/shared/concepts/change-notes/released/0.0.22.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.22 - -No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index 11aaa2243f57..0c15c351db40 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.22 +lastReleaseVersion: 0.0.21 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index 2ce2978829e3..bf6e8b6018c0 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.22 +version: 0.0.22-dev groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index df00c6146d8f..baca729ddda8 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.32 - -No user-facing changes. - ## 2.0.31 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.32.md b/shared/controlflow/change-notes/released/2.0.32.md deleted file mode 100644 index 0930bb07f8c4..000000000000 --- a/shared/controlflow/change-notes/released/2.0.32.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.32 - -No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 483a0d5db8ec..783d47207cda 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.31 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index b293853c73bd..5573548794d0 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.32 +version: 2.0.32-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index ed60239f3de3..52c893f78e27 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.1.4 - -No user-facing changes. - ## 2.1.3 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.1.4.md b/shared/dataflow/change-notes/released/2.1.4.md deleted file mode 100644 index a1035c6b05b2..000000000000 --- a/shared/dataflow/change-notes/released/2.1.4.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.1.4 - -No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 896b46fda9bd..345fb0c73a44 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.4 +lastReleaseVersion: 2.1.3 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index e7778805c504..3b917def33db 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.4 +version: 2.1.4-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index ff868403d0c4..1bffb976cf8c 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.48.md b/shared/mad/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/mad/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 920ffe102676..b5583f8c55a2 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index eccc65c6041d..8d524a11a093 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.26 - -No user-facing changes. - ## 0.0.25 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.26.md b/shared/quantum/change-notes/released/0.0.26.md deleted file mode 100644 index e6dc680cc11b..000000000000 --- a/shared/quantum/change-notes/released/0.0.26.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.26 - -No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index c576d2d7db2a..6d0e80a50c3f 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.26 +lastReleaseVersion: 0.0.25 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index 52c78c5f963f..a19e99ef7eaa 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.26 +version: 0.0.26-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 9afb612f18a4..0ab7487192cb 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.48.md b/shared/rangeanalysis/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/rangeanalysis/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 274a6160372e..d493350749ee 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 2375b7b56ab6..dd6f0c4cad6b 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.48.md b/shared/regex/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/regex/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index abe561fb37c0..7b953dcff1cf 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index dd21ba6d38b1..3573140fc410 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.24 - -No user-facing changes. - ## 2.0.23 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.24.md b/shared/ssa/change-notes/released/2.0.24.md deleted file mode 100644 index 6547901c3343..000000000000 --- a/shared/ssa/change-notes/released/2.0.24.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.24 - -No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 1460df314d51..1bd7e296a34f 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.24 +lastReleaseVersion: 2.0.23 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 16d312b77aed..a8fa9a114243 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.24 +version: 2.0.24-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index a3aa00d4872e..34ae2fd22778 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.48.md b/shared/threat-models/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/threat-models/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 2cf364fa3327..a4a367a990b3 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.48 +version: 1.0.48-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 9350e8a04eb7..cf8f60d1d46a 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.48.md b/shared/tutorial/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/tutorial/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 5c9c6cdc47c2..f961ccdc0eb2 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 035c2aa456e9..8c5ee5e94864 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.48.md b/shared/typeflow/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/typeflow/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index c9d4ec97a924..f7e111d28fde 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index c8b656e4f351..7153b9314b18 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,7 +1,3 @@ -## 0.0.29 - -No user-facing changes. - ## 0.0.28 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.29.md b/shared/typeinference/change-notes/released/0.0.29.md deleted file mode 100644 index 4428927c79d5..000000000000 --- a/shared/typeinference/change-notes/released/0.0.29.md +++ /dev/null @@ -1,3 +0,0 @@ -## 0.0.29 - -No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index c81f18131208..3462db7d348f 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.29 +lastReleaseVersion: 0.0.28 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 57ed4da1080f..97c8df368959 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.29 +version: 0.0.29-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 75d8938e6a18..f779002267aa 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.32 - -No user-facing changes. - ## 2.0.31 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.32.md b/shared/typetracking/change-notes/released/2.0.32.md deleted file mode 100644 index 0930bb07f8c4..000000000000 --- a/shared/typetracking/change-notes/released/2.0.32.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.32 - -No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 483a0d5db8ec..783d47207cda 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.32 +lastReleaseVersion: 2.0.31 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 7d506ee6807c..aa0296875312 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.32 +version: 2.0.32-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 35825098a633..b49f756fef03 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.48.md b/shared/typos/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/typos/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 5ba6ce2b43d4..37fc79bb1dfd 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index d1becc8ba2c1..cb3ac7bbe797 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,7 +1,3 @@ -## 2.0.35 - -No user-facing changes. - ## 2.0.34 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.35.md b/shared/util/change-notes/released/2.0.35.md deleted file mode 100644 index 526e1fc9f4ce..000000000000 --- a/shared/util/change-notes/released/2.0.35.md +++ /dev/null @@ -1,3 +0,0 @@ -## 2.0.35 - -No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 27eb8ef8ecea..339a3ce7c57a 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.35 +lastReleaseVersion: 2.0.34 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 1e765b5e42e4..02e6241dccbf 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.35 +version: 2.0.35-dev groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 131bf7afd2a2..98702251320c 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.48.md b/shared/xml/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/xml/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 45ddcffaee77..0d75859bdb9d 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 1c420b31355d..4a41f8ee9dfe 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.0.48 - -No user-facing changes. - ## 1.0.47 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.48.md b/shared/yaml/change-notes/released/1.0.48.md deleted file mode 100644 index c484c6e8d6e2..000000000000 --- a/shared/yaml/change-notes/released/1.0.48.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.0.48 - -No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 6db79f2c3970..dcec0f6405ab 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.48 +lastReleaseVersion: 1.0.47 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 461f97ac4dba..cfea54e0b5b5 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.48 +version: 1.0.48-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e2cb45f97693..3967689b9331 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,9 +1,3 @@ -## 6.4.0 - -### Major Analysis Improvements - -* Upgraded to allow analysis of Swift 6.3. - ## 6.3.3 No user-facing changes. diff --git a/swift/ql/lib/change-notes/released/6.4.0.md b/swift/ql/lib/change-notes/2026-04-06-swift-6.3.md similarity index 50% rename from swift/ql/lib/change-notes/released/6.4.0.md rename to swift/ql/lib/change-notes/2026-04-06-swift-6.3.md index e4b68cd2c9b8..512cb6139847 100644 --- a/swift/ql/lib/change-notes/released/6.4.0.md +++ b/swift/ql/lib/change-notes/2026-04-06-swift-6.3.md @@ -1,5 +1,4 @@ -## 6.4.0 - -### Major Analysis Improvements - +--- +category: majorAnalysis +--- * Upgraded to allow analysis of Swift 6.3. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 3098c5db6c37..83b98dcdbc38 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.4.0 +lastReleaseVersion: 6.3.3 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index c8cc7f97a2b0..32c6458ddeae 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.4.0 +version: 6.3.4-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index af70cebc1e49..f880dc3366f8 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,7 +1,3 @@ -## 1.3.1 - -No user-facing changes. - ## 1.3.0 ### Query Metadata Changes diff --git a/swift/ql/src/change-notes/released/1.3.1.md b/swift/ql/src/change-notes/released/1.3.1.md deleted file mode 100644 index 8dd9964197cb..000000000000 --- a/swift/ql/src/change-notes/released/1.3.1.md +++ /dev/null @@ -1,3 +0,0 @@ -## 1.3.1 - -No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index e71b6d081f15..ec16350ed6fd 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.1 +lastReleaseVersion: 1.3.0 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 2bde0f317c79..5b6c7a6977a8 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.1 +version: 1.3.1-dev groups: - swift - queries From 019ec0caf735dc92ee66f46ffa861564a17f3c27 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 27 Apr 2026 10:01:23 +0000 Subject: [PATCH 2/5] Release preparation for version 2.25.3 --- actions/ql/lib/CHANGELOG.md | 6 ++++++ .../0.4.34.md} | 7 ++++--- actions/ql/lib/codeql-pack.release.yml | 2 +- actions/ql/lib/qlpack.yml | 2 +- actions/ql/src/CHANGELOG.md | 10 ++++++++++ .../ql/src/change-notes/2026-04-02-permissions.md | 4 ---- .../0.6.26.md} | 13 +++++++++---- actions/ql/src/codeql-pack.release.yml | 2 +- actions/ql/src/qlpack.yml | 2 +- cpp/ql/lib/CHANGELOG.md | 11 +++++++++++ cpp/ql/lib/change-notes/2026-04-07-autoconf.md | 4 ---- cpp/ql/lib/change-notes/2026-04-14-throwing.md | 5 ----- cpp/ql/lib/change-notes/released/10.0.0.md | 10 ++++++++++ cpp/ql/lib/codeql-pack.release.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/CHANGELOG.md | 12 ++++++++++++ .../2026-03-23-implicit-function-declaration.md | 4 ---- .../2026-04-02-comparison-with-wider-type.md | 4 ---- .../2026-04-02-implicit-function-declaration.md | 4 ---- ...026-04-02-integer-multiplication-cast-to-long.md | 4 ---- .../2026-04-02-suspicious-add-sizeof.md | 4 ---- .../2026-04-02-wrong-type-format-argument.md | 4 ---- .../2026-04-16-add-model-for-aligned-alloc.md | 4 ---- cpp/ql/src/change-notes/released/1.6.1.md | 11 +++++++++++ cpp/ql/src/codeql-pack.release.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | 4 ++++ .../Solorigate/lib/change-notes/released/1.7.65.md | 3 +++ .../Solorigate/lib/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | 4 ++++ .../Solorigate/src/change-notes/released/1.7.65.md | 3 +++ .../Solorigate/src/codeql-pack.release.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/CHANGELOG.md | 6 ++++++ .../{2026-04-01-getlrvalue.md => released/5.5.0.md} | 7 ++++--- csharp/ql/lib/codeql-pack.release.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/CHANGELOG.md | 9 +++++++++ .../1.7.1.md} | 7 ++++--- csharp/ql/src/codeql-pack.release.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/CHANGELOG.md | 4 ++++ .../change-notes/released/1.0.48.md | 3 +++ go/ql/consistency-queries/codeql-pack.release.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/CHANGELOG.md | 4 ++++ go/ql/lib/change-notes/released/7.0.6.md | 3 +++ go/ql/lib/codeql-pack.release.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/CHANGELOG.md | 4 ++++ go/ql/src/change-notes/released/1.6.1.md | 3 +++ go/ql/src/codeql-pack.release.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/CHANGELOG.md | 6 ++++++ .../9.0.4.md} | 7 ++++--- java/ql/lib/codeql-pack.release.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/CHANGELOG.md | 4 ++++ java/ql/src/change-notes/released/1.11.1.md | 3 +++ java/ql/src/codeql-pack.release.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/CHANGELOG.md | 4 ++++ javascript/ql/lib/change-notes/released/2.6.28.md | 3 +++ javascript/ql/lib/codeql-pack.release.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/CHANGELOG.md | 7 +++++++ .../2.3.8.md} | 7 ++++--- javascript/ql/src/codeql-pack.release.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/CHANGELOG.md | 4 ++++ misc/suite-helpers/change-notes/released/1.0.48.md | 3 +++ misc/suite-helpers/codeql-pack.release.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/CHANGELOG.md | 6 ++++++ .../7.0.5.md} | 6 +++--- python/ql/lib/codeql-pack.release.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/CHANGELOG.md | 6 ++++++ .../1.8.1.md} | 6 +++--- python/ql/src/codeql-pack.release.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/CHANGELOG.md | 4 ++++ ruby/ql/lib/change-notes/released/5.1.16.md | 3 +++ ruby/ql/lib/codeql-pack.release.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/CHANGELOG.md | 4 ++++ ruby/ql/src/change-notes/released/1.6.1.md | 3 +++ ruby/ql/src/codeql-pack.release.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- rust/ql/lib/CHANGELOG.md | 4 ++++ rust/ql/lib/change-notes/released/0.2.12.md | 3 +++ rust/ql/lib/codeql-pack.release.yml | 2 +- rust/ql/lib/qlpack.yml | 2 +- rust/ql/src/CHANGELOG.md | 4 ++++ rust/ql/src/change-notes/released/0.1.33.md | 3 +++ rust/ql/src/codeql-pack.release.yml | 2 +- rust/ql/src/qlpack.yml | 2 +- shared/concepts/CHANGELOG.md | 4 ++++ shared/concepts/change-notes/released/0.0.22.md | 3 +++ shared/concepts/codeql-pack.release.yml | 2 +- shared/concepts/qlpack.yml | 2 +- shared/controlflow/CHANGELOG.md | 4 ++++ shared/controlflow/change-notes/released/2.0.32.md | 3 +++ shared/controlflow/codeql-pack.release.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/CHANGELOG.md | 4 ++++ shared/dataflow/change-notes/released/2.1.4.md | 3 +++ shared/dataflow/codeql-pack.release.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/CHANGELOG.md | 4 ++++ shared/mad/change-notes/released/1.0.48.md | 3 +++ shared/mad/codeql-pack.release.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/quantum/CHANGELOG.md | 4 ++++ shared/quantum/change-notes/released/0.0.26.md | 3 +++ shared/quantum/codeql-pack.release.yml | 2 +- shared/quantum/qlpack.yml | 2 +- shared/rangeanalysis/CHANGELOG.md | 4 ++++ .../rangeanalysis/change-notes/released/1.0.48.md | 3 +++ shared/rangeanalysis/codeql-pack.release.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/CHANGELOG.md | 4 ++++ shared/regex/change-notes/released/1.0.48.md | 3 +++ shared/regex/codeql-pack.release.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/CHANGELOG.md | 4 ++++ shared/ssa/change-notes/released/2.0.24.md | 3 +++ shared/ssa/codeql-pack.release.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/CHANGELOG.md | 4 ++++ .../threat-models/change-notes/released/1.0.48.md | 3 +++ shared/threat-models/codeql-pack.release.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/CHANGELOG.md | 4 ++++ shared/tutorial/change-notes/released/1.0.48.md | 3 +++ shared/tutorial/codeql-pack.release.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/CHANGELOG.md | 4 ++++ shared/typeflow/change-notes/released/1.0.48.md | 3 +++ shared/typeflow/codeql-pack.release.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typeinference/CHANGELOG.md | 4 ++++ .../typeinference/change-notes/released/0.0.29.md | 3 +++ shared/typeinference/codeql-pack.release.yml | 2 +- shared/typeinference/qlpack.yml | 2 +- shared/typetracking/CHANGELOG.md | 4 ++++ shared/typetracking/change-notes/released/2.0.32.md | 3 +++ shared/typetracking/codeql-pack.release.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/CHANGELOG.md | 4 ++++ shared/typos/change-notes/released/1.0.48.md | 3 +++ shared/typos/codeql-pack.release.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/CHANGELOG.md | 4 ++++ shared/util/change-notes/released/2.0.35.md | 3 +++ shared/util/codeql-pack.release.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/CHANGELOG.md | 4 ++++ shared/xml/change-notes/released/1.0.48.md | 3 +++ shared/xml/codeql-pack.release.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/CHANGELOG.md | 4 ++++ shared/yaml/change-notes/released/1.0.48.md | 3 +++ shared/yaml/codeql-pack.release.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/CHANGELOG.md | 6 ++++++ .../{2026-04-06-swift-6.3.md => released/6.4.0.md} | 7 ++++--- swift/ql/lib/codeql-pack.release.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/CHANGELOG.md | 4 ++++ swift/ql/src/change-notes/released/1.3.1.md | 3 +++ swift/ql/src/codeql-pack.release.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 174 files changed, 437 insertions(+), 151 deletions(-) rename actions/ql/lib/change-notes/{2026-03-26-remove-false-positive-sinks.md => released/0.4.34.md} (79%) delete mode 100644 actions/ql/src/change-notes/2026-04-02-permissions.md rename actions/ql/src/change-notes/{2026-04-02-alert-msg-poisoning.md => released/0.6.26.md} (64%) delete mode 100644 cpp/ql/lib/change-notes/2026-04-07-autoconf.md delete mode 100644 cpp/ql/lib/change-notes/2026-04-14-throwing.md create mode 100644 cpp/ql/lib/change-notes/released/10.0.0.md delete mode 100644 cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md delete mode 100644 cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md delete mode 100644 cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md create mode 100644 cpp/ql/src/change-notes/released/1.6.1.md create mode 100644 csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md create mode 100644 csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md rename csharp/ql/lib/change-notes/{2026-04-01-getlrvalue.md => released/5.5.0.md} (79%) rename csharp/ql/src/change-notes/{2026-04-17-useless-to-string.md => released/1.7.1.md} (84%) create mode 100644 go/ql/consistency-queries/change-notes/released/1.0.48.md create mode 100644 go/ql/lib/change-notes/released/7.0.6.md create mode 100644 go/ql/src/change-notes/released/1.6.1.md rename java/ql/lib/change-notes/{2026-04-16-woodstox-xxe.md => released/9.0.4.md} (88%) create mode 100644 java/ql/src/change-notes/released/1.11.1.md create mode 100644 javascript/ql/lib/change-notes/released/2.6.28.md rename javascript/ql/src/change-notes/{2026-04-13-fastify-per-route-rate-limit.md => released/2.3.8.md} (69%) create mode 100644 misc/suite-helpers/change-notes/released/1.0.48.md rename python/ql/lib/change-notes/{2026-04-10-support-lazy-keyword.md => released/7.0.5.md} (81%) rename python/ql/src/change-notes/{2026-03-26-improve-bind-all-interfaces-query.md => released/1.8.1.md} (86%) create mode 100644 ruby/ql/lib/change-notes/released/5.1.16.md create mode 100644 ruby/ql/src/change-notes/released/1.6.1.md create mode 100644 rust/ql/lib/change-notes/released/0.2.12.md create mode 100644 rust/ql/src/change-notes/released/0.1.33.md create mode 100644 shared/concepts/change-notes/released/0.0.22.md create mode 100644 shared/controlflow/change-notes/released/2.0.32.md create mode 100644 shared/dataflow/change-notes/released/2.1.4.md create mode 100644 shared/mad/change-notes/released/1.0.48.md create mode 100644 shared/quantum/change-notes/released/0.0.26.md create mode 100644 shared/rangeanalysis/change-notes/released/1.0.48.md create mode 100644 shared/regex/change-notes/released/1.0.48.md create mode 100644 shared/ssa/change-notes/released/2.0.24.md create mode 100644 shared/threat-models/change-notes/released/1.0.48.md create mode 100644 shared/tutorial/change-notes/released/1.0.48.md create mode 100644 shared/typeflow/change-notes/released/1.0.48.md create mode 100644 shared/typeinference/change-notes/released/0.0.29.md create mode 100644 shared/typetracking/change-notes/released/2.0.32.md create mode 100644 shared/typos/change-notes/released/1.0.48.md create mode 100644 shared/util/change-notes/released/2.0.35.md create mode 100644 shared/xml/change-notes/released/1.0.48.md create mode 100644 shared/yaml/change-notes/released/1.0.48.md rename swift/ql/lib/change-notes/{2026-04-06-swift-6.3.md => released/6.4.0.md} (50%) create mode 100644 swift/ql/src/change-notes/released/1.3.1.md diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md index d625bc6f619e..e84ba38d1801 100644 --- a/actions/ql/lib/CHANGELOG.md +++ b/actions/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.4.34 + +### Minor Analysis Improvements + +* Removed false positive injection sink models for the `context` input of `docker/build-push-action` and the `allowed-endpoints` input of `step-security/harden-runner`. + ## 0.4.33 No user-facing changes. diff --git a/actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md b/actions/ql/lib/change-notes/released/0.4.34.md similarity index 79% rename from actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md rename to actions/ql/lib/change-notes/released/0.4.34.md index 20ccc6d6c024..23b06db49679 100644 --- a/actions/ql/lib/change-notes/2026-03-26-remove-false-positive-sinks.md +++ b/actions/ql/lib/change-notes/released/0.4.34.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.4.34 + +### Minor Analysis Improvements + * Removed false positive injection sink models for the `context` input of `docker/build-push-action` and the `allowed-endpoints` input of `step-security/harden-runner`. diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml index 7581fef2abf7..69fb16e4c39f 100644 --- a/actions/ql/lib/codeql-pack.release.yml +++ b/actions/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.4.33 +lastReleaseVersion: 0.4.34 diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index fec274158000..b7acc7a39570 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.34-dev +version: 0.4.34 library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index d991237aca97..9dd234fd4836 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.6.26 + +### Major Analysis Improvements + +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. + +### Minor Analysis Improvements + +* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. + ## 0.6.25 No user-facing changes. diff --git a/actions/ql/src/change-notes/2026-04-02-permissions.md b/actions/ql/src/change-notes/2026-04-02-permissions.md deleted file mode 100644 index 2672a30ef870..000000000000 --- a/actions/ql/src/change-notes/2026-04-02-permissions.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. \ No newline at end of file diff --git a/actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md b/actions/ql/src/change-notes/released/0.6.26.md similarity index 64% rename from actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md rename to actions/ql/src/change-notes/released/0.6.26.md index e2340f446a71..3147a666cdb7 100644 --- a/actions/ql/src/change-notes/2026-04-02-alert-msg-poisoning.md +++ b/actions/ql/src/change-notes/released/0.6.26.md @@ -1,4 +1,9 @@ ---- -category: majorAnalysis ---- -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. \ No newline at end of file +## 0.6.26 + +### Major Analysis Improvements + +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. + +### Minor Analysis Improvements + +* The query `actions/missing-workflow-permissions` no longer produces false positive results on reusable workflows where all callers set permissions. diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml index b8288b392226..e83bac0046e3 100644 --- a/actions/ql/src/codeql-pack.release.yml +++ b/actions/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.25 +lastReleaseVersion: 0.6.26 diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index 3216a36f3d08..fc18f8052b23 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.26-dev +version: 0.6.26 library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 5b5bc748c5dd..2cd1bcede35e 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 10.0.0 + +### Breaking Changes + +* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. +* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. + +### New Features + +* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. + ## 9.0.0 ### Breaking Changes diff --git a/cpp/ql/lib/change-notes/2026-04-07-autoconf.md b/cpp/ql/lib/change-notes/2026-04-07-autoconf.md deleted file mode 100644 index 9f04417b8e25..000000000000 --- a/cpp/ql/lib/change-notes/2026-04-07-autoconf.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. diff --git a/cpp/ql/lib/change-notes/2026-04-14-throwing.md b/cpp/ql/lib/change-notes/2026-04-14-throwing.md deleted file mode 100644 index 6a15437e126e..000000000000 --- a/cpp/ql/lib/change-notes/2026-04-14-throwing.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: breaking ---- -* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. -* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. diff --git a/cpp/ql/lib/change-notes/released/10.0.0.md b/cpp/ql/lib/change-notes/released/10.0.0.md new file mode 100644 index 000000000000..af591bd1a0ad --- /dev/null +++ b/cpp/ql/lib/change-notes/released/10.0.0.md @@ -0,0 +1,10 @@ +## 10.0.0 + +### Breaking Changes + +* The deprecated `NonThrowingFunction` class has been removed, use `NonCppThrowingFunction` instead. +* The deprecated `ThrowingFunction` class has been removed, use `AlwaysSehThrowingFunction` instead. + +### New Features + +* Added a subclass `AutoconfConfigureTestFile` of `ConfigurationTestFile` that represents files created by GNU autoconf configure scripts to test the build configuration. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index fd5f4a48b3c1..28758256b943 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.0 +lastReleaseVersion: 10.0.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index dbf57d2b8699..4bcb59885fa7 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 9.0.1-dev +version: 10.0.0 groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index a3f9d1836ade..aca22062e9f3 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,15 @@ +## 1.6.1 + +### Minor Analysis Improvements + +* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. +* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. +* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. + ## 1.6.0 ### Query Metadata Changes diff --git a/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md b/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md deleted file mode 100644 index 8c2c431ec24c..000000000000 --- a/cpp/ql/src/change-notes/2026-03-23-implicit-function-declaration.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. diff --git a/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md b/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md deleted file mode 100644 index c84e1dba404c..000000000000 --- a/cpp/ql/src/change-notes/2026-04-02-comparison-with-wider-type.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md b/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md deleted file mode 100644 index dd0dbd4bc7d9..000000000000 --- a/cpp/ql/src/change-notes/2026-04-02-implicit-function-declaration.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. diff --git a/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md b/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md deleted file mode 100644 index cd6796b408f0..000000000000 --- a/cpp/ql/src/change-notes/2026-04-02-integer-multiplication-cast-to-long.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md b/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md deleted file mode 100644 index 040e89c13475..000000000000 --- a/cpp/ql/src/change-notes/2026-04-02-suspicious-add-sizeof.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md b/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md deleted file mode 100644 index f8b9085dacc6..000000000000 --- a/cpp/ql/src/change-notes/2026-04-02-wrong-type-format-argument.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. diff --git a/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md b/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md deleted file mode 100644 index af97cee7f9e4..000000000000 --- a/cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. diff --git a/cpp/ql/src/change-notes/released/1.6.1.md b/cpp/ql/src/change-notes/released/1.6.1.md new file mode 100644 index 000000000000..4cba7e508bdb --- /dev/null +++ b/cpp/ql/src/change-notes/released/1.6.1.md @@ -0,0 +1,11 @@ +## 1.6.1 + +### Minor Analysis Improvements + +* Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. +* The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. +* The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index c4f0b07d5336..ef7a789e0cf1 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.0 +lastReleaseVersion: 1.6.1 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 4648951796cc..8ec81ab6135e 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.1-dev +version: 1.6.1 groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index f7107d18c014..166a94bd88df 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.65 + +No user-facing changes. + ## 1.7.64 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md new file mode 100644 index 000000000000..12bf5dad4b08 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md @@ -0,0 +1,3 @@ +## 1.7.65 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index f41e954c9ae2..bf581427d298 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.64 +lastReleaseVersion: 1.7.65 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 006ef851567f..d50eb024972c 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.65-dev +version: 1.7.65 groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index f7107d18c014..166a94bd88df 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.65 + +No user-facing changes. + ## 1.7.64 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md new file mode 100644 index 000000000000..12bf5dad4b08 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md @@ -0,0 +1,3 @@ +## 1.7.65 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index f41e954c9ae2..bf581427d298 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.64 +lastReleaseVersion: 1.7.65 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index af5fd98f58af..bd70b1664ac5 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.65-dev +version: 1.7.65 groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 57d99a41480b..32cd8f33c650 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 5.5.0 + +### Deprecated APIs + +* The predicates `get[L|R]Value` in the class `Assignment` have been deprecated. Use `get[Left|Right]Operand` instead. + ## 5.4.12 ### Minor Analysis Improvements diff --git a/csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md b/csharp/ql/lib/change-notes/released/5.5.0.md similarity index 79% rename from csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md rename to csharp/ql/lib/change-notes/released/5.5.0.md index da1a3d621481..b497d8ea51b4 100644 --- a/csharp/ql/lib/change-notes/2026-04-01-getlrvalue.md +++ b/csharp/ql/lib/change-notes/released/5.5.0.md @@ -1,4 +1,5 @@ ---- -category: deprecated ---- +## 5.5.0 + +### Deprecated APIs + * The predicates `get[L|R]Value` in the class `Assignment` have been deprecated. Use `get[Left|Right]Operand` instead. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 43db6e52c988..4b8cf9533c17 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.4.12 +lastReleaseVersion: 5.5.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 02c1ccd0d33c..f90aa010b895 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.4.13-dev +version: 5.5.0 groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index fc0f8c58d794..cdab71341852 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,12 @@ +## 1.7.1 + +### Minor Analysis Improvements + +* The query `cs/useless-tostring-call` has been updated to avoid false + positive results in calls to `StringBuilder.AppendLine` and calls of + the form `base.ToString()`. Moreover, the alert message has been + made more precise. + ## 1.7.0 ### Query Metadata Changes diff --git a/csharp/ql/src/change-notes/2026-04-17-useless-to-string.md b/csharp/ql/src/change-notes/released/1.7.1.md similarity index 84% rename from csharp/ql/src/change-notes/2026-04-17-useless-to-string.md rename to csharp/ql/src/change-notes/released/1.7.1.md index 9b4c81378c91..0b5df9629c67 100644 --- a/csharp/ql/src/change-notes/2026-04-17-useless-to-string.md +++ b/csharp/ql/src/change-notes/released/1.7.1.md @@ -1,6 +1,7 @@ ---- -category: minorAnalysis ---- +## 1.7.1 + +### Minor Analysis Improvements + * The query `cs/useless-tostring-call` has been updated to avoid false positive results in calls to `StringBuilder.AppendLine` and calls of the form `base.ToString()`. Moreover, the alert message has been diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index d1184cc67507..7bdec0d85c73 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.7.0 +lastReleaseVersion: 1.7.1 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 9ea341d1b38d..c7d8eace2961 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.1-dev +version: 1.7.1 groups: - csharp - queries diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md index 34ae2fd22778..a3aa00d4872e 100644 --- a/go/ql/consistency-queries/CHANGELOG.md +++ b/go/ql/consistency-queries/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/go/ql/consistency-queries/change-notes/released/1.0.48.md b/go/ql/consistency-queries/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/go/ql/consistency-queries/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/go/ql/consistency-queries/codeql-pack.release.yml +++ b/go/ql/consistency-queries/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index c9dda4765dd0..2a03af961527 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.48-dev +version: 1.0.48 groups: - go - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index 441d15a0d0e8..737d08654b89 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 7.0.6 + +No user-facing changes. + ## 7.0.5 No user-facing changes. diff --git a/go/ql/lib/change-notes/released/7.0.6.md b/go/ql/lib/change-notes/released/7.0.6.md new file mode 100644 index 000000000000..ca9a73aa64c1 --- /dev/null +++ b/go/ql/lib/change-notes/released/7.0.6.md @@ -0,0 +1,3 @@ +## 7.0.6 + +No user-facing changes. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 2cff21d59fec..c7cff8c53789 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.5 +lastReleaseVersion: 7.0.6 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 2d7338a020dc..71a8c1c50f07 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.0.6-dev +version: 7.0.6 groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 2bc95cc19222..971d478d56e4 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.1 + +No user-facing changes. + ## 1.6.0 ### Query Metadata Changes diff --git a/go/ql/src/change-notes/released/1.6.1.md b/go/ql/src/change-notes/released/1.6.1.md new file mode 100644 index 000000000000..898f6201ed73 --- /dev/null +++ b/go/ql/src/change-notes/released/1.6.1.md @@ -0,0 +1,3 @@ +## 1.6.1 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index c4f0b07d5336..ef7a789e0cf1 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.0 +lastReleaseVersion: 1.6.1 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index de4e5e06d381..3f3d4e7cc2aa 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.1-dev +version: 1.6.1 groups: - go - queries diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index caa1eaecb948..2d34c791c924 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 9.0.4 + +### Minor Analysis Improvements + +* The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the Woodstox StAX library when `com.ctc.wstx.stax.WstxInputFactory` or `org.codehaus.stax2.XMLInputFactory2` are used directly. + ## 9.0.3 ### Minor Analysis Improvements diff --git a/java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md b/java/ql/lib/change-notes/released/9.0.4.md similarity index 88% rename from java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md rename to java/ql/lib/change-notes/released/9.0.4.md index 891fc489e464..a54996349514 100644 --- a/java/ql/lib/change-notes/2026-04-16-woodstox-xxe.md +++ b/java/ql/lib/change-notes/released/9.0.4.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 9.0.4 + +### Minor Analysis Improvements + * The queries "Resolving XML external entity in user-controlled data" (`java/xxe`) and "Resolving XML external entity in user-controlled data from local source" (`java/xxe-local`) now recognize sinks in the Woodstox StAX library when `com.ctc.wstx.stax.WstxInputFactory` or `org.codehaus.stax2.XMLInputFactory2` are used directly. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 175658aaf53d..4bbe4f75b589 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 9.0.3 +lastReleaseVersion: 9.0.4 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 7f058cfb8d60..0a842a96b345 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.0.4-dev +version: 9.0.4 groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 2a2f8052092f..1b5d2bdad8a2 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.11.1 + +No user-facing changes. + ## 1.11.0 ### Query Metadata Changes diff --git a/java/ql/src/change-notes/released/1.11.1.md b/java/ql/src/change-notes/released/1.11.1.md new file mode 100644 index 000000000000..f5047685223d --- /dev/null +++ b/java/ql/src/change-notes/released/1.11.1.md @@ -0,0 +1,3 @@ +## 1.11.1 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 276088d81dc8..4ae123153bf4 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.11.0 +lastReleaseVersion: 1.11.1 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 72b4a5f94e6c..49c552ec02ac 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.1-dev +version: 1.11.1 groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index fedb0b9b587f..77837f46c5e8 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.6.28 + +No user-facing changes. + ## 2.6.27 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/2.6.28.md b/javascript/ql/lib/change-notes/released/2.6.28.md new file mode 100644 index 000000000000..9c30dddcc0a7 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/2.6.28.md @@ -0,0 +1,3 @@ +## 2.6.28 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 2ce86b10a85d..2456457874e2 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.6.27 +lastReleaseVersion: 2.6.28 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index e0834c056d11..dabbc8bd755f 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.28-dev +version: 2.6.28 groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index 29e6c8e8da32..9b122364ffae 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.3.8 + +### Minor Analysis Improvements + +* The query `js/missing-rate-limiting` now takes Fastify per-route + rate limiting into account. + ## 2.3.7 No user-facing changes. diff --git a/javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md b/javascript/ql/src/change-notes/released/2.3.8.md similarity index 69% rename from javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md rename to javascript/ql/src/change-notes/released/2.3.8.md index 56d523885248..5ce5cbe2f244 100644 --- a/javascript/ql/src/change-notes/2026-04-13-fastify-per-route-rate-limit.md +++ b/javascript/ql/src/change-notes/released/2.3.8.md @@ -1,5 +1,6 @@ ---- -category: minorAnalysis ---- +## 2.3.8 + +### Minor Analysis Improvements + * The query `js/missing-rate-limiting` now takes Fastify per-route rate limiting into account. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 914cded08b38..c68b70cb8bea 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.3.7 +lastReleaseVersion: 2.3.8 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 117fae183e99..dd4f7c255a84 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.8-dev +version: 2.3.8 groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 4b73639b1f75..897533f6450c 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/1.0.48.md b/misc/suite-helpers/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 1d8538023420..c18ab2bb10ed 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.48-dev +version: 1.0.48 groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index a6833ea8db3d..69fa60a66758 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 7.0.5 + +### Minor Analysis Improvements + +- The Python extractor now supports the new `lazy import ...` and `lazy from ... import ...` (as defined in [PEP-810](https://peps.python.org/pep-0810/)) that will be part of Python 3.15. + ## 7.0.4 ### Bug Fixes diff --git a/python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md b/python/ql/lib/change-notes/released/7.0.5.md similarity index 81% rename from python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md rename to python/ql/lib/change-notes/released/7.0.5.md index 67de168ff47e..e205660dfde0 100644 --- a/python/ql/lib/change-notes/2026-04-10-support-lazy-keyword.md +++ b/python/ql/lib/change-notes/released/7.0.5.md @@ -1,5 +1,5 @@ ---- -category: minorAnalysis ---- +## 7.0.5 + +### Minor Analysis Improvements - The Python extractor now supports the new `lazy import ...` and `lazy from ... import ...` (as defined in [PEP-810](https://peps.python.org/pep-0810/)) that will be part of Python 3.15. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 6630ee1984ad..2cff21d59fec 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 7.0.4 +lastReleaseVersion: 7.0.5 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index fe87c5761cfd..4dc63a6f9cbe 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.0.5-dev +version: 7.0.5 groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index d5f5269c61d9..38018f098560 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.8.1 + +### Minor Analysis Improvements + +- The `py/bind-socket-all-network-interfaces` query now uses the global data-flow library, leading to better precision and more results. Also, wrappers of `socket.socket` in the `eventlet` and `gevent` libraries are now also recognized as socket binding operations. + ## 1.8.0 ### Query Metadata Changes diff --git a/python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md b/python/ql/src/change-notes/released/1.8.1.md similarity index 86% rename from python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md rename to python/ql/src/change-notes/released/1.8.1.md index bc78b2b6f776..cafb58c11c9d 100644 --- a/python/ql/src/change-notes/2026-03-26-improve-bind-all-interfaces-query.md +++ b/python/ql/src/change-notes/released/1.8.1.md @@ -1,5 +1,5 @@ ---- -category: minorAnalysis ---- +## 1.8.1 + +### Minor Analysis Improvements - The `py/bind-socket-all-network-interfaces` query now uses the global data-flow library, leading to better precision and more results. Also, wrappers of `socket.socket` in the `eventlet` and `gevent` libraries are now also recognized as socket binding operations. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index dc8a37cc443d..28a7c123ae84 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.8.0 +lastReleaseVersion: 1.8.1 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index aa2a2364854f..b7d90a618e9f 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.1-dev +version: 1.8.1 groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 40cb88d396f4..8315b6413696 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 5.1.16 + +No user-facing changes. + ## 5.1.15 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/released/5.1.16.md b/ruby/ql/lib/change-notes/released/5.1.16.md new file mode 100644 index 000000000000..42c9934011a3 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/5.1.16.md @@ -0,0 +1,3 @@ +## 5.1.16 + +No user-facing changes. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index 840348ed924e..735f742e9af7 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 5.1.15 +lastReleaseVersion: 5.1.16 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index bbf4de409093..ef68525f982b 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.16-dev +version: 5.1.16 groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index cb4c0ae7874a..5266fc1d5d91 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.6.1 + +No user-facing changes. + ## 1.6.0 ### Query Metadata Changes diff --git a/ruby/ql/src/change-notes/released/1.6.1.md b/ruby/ql/src/change-notes/released/1.6.1.md new file mode 100644 index 000000000000..898f6201ed73 --- /dev/null +++ b/ruby/ql/src/change-notes/released/1.6.1.md @@ -0,0 +1,3 @@ +## 1.6.1 + +No user-facing changes. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index c4f0b07d5336..ef7a789e0cf1 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.0 +lastReleaseVersion: 1.6.1 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 191689565de4..8964f6e51ac9 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.1-dev +version: 1.6.1 groups: - ruby - queries diff --git a/rust/ql/lib/CHANGELOG.md b/rust/ql/lib/CHANGELOG.md index eea5bd6e89d8..8e515660f290 100644 --- a/rust/ql/lib/CHANGELOG.md +++ b/rust/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.12 + +No user-facing changes. + ## 0.2.11 No user-facing changes. diff --git a/rust/ql/lib/change-notes/released/0.2.12.md b/rust/ql/lib/change-notes/released/0.2.12.md new file mode 100644 index 000000000000..590eb0cedd1f --- /dev/null +++ b/rust/ql/lib/change-notes/released/0.2.12.md @@ -0,0 +1,3 @@ +## 0.2.12 + +No user-facing changes. diff --git a/rust/ql/lib/codeql-pack.release.yml b/rust/ql/lib/codeql-pack.release.yml index 2ee635b99371..da1cea933934 100644 --- a/rust/ql/lib/codeql-pack.release.yml +++ b/rust/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.11 +lastReleaseVersion: 0.2.12 diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index f50310200378..569930438abe 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.12-dev +version: 0.2.12 groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/CHANGELOG.md b/rust/ql/src/CHANGELOG.md index eab921bcbd6b..14034c9877d8 100644 --- a/rust/ql/src/CHANGELOG.md +++ b/rust/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.33 + +No user-facing changes. + ## 0.1.32 ### Query Metadata Changes diff --git a/rust/ql/src/change-notes/released/0.1.33.md b/rust/ql/src/change-notes/released/0.1.33.md new file mode 100644 index 000000000000..5bd982edadd6 --- /dev/null +++ b/rust/ql/src/change-notes/released/0.1.33.md @@ -0,0 +1,3 @@ +## 0.1.33 + +No user-facing changes. diff --git a/rust/ql/src/codeql-pack.release.yml b/rust/ql/src/codeql-pack.release.yml index 21bbd752f27a..d9c9e819daa0 100644 --- a/rust/ql/src/codeql-pack.release.yml +++ b/rust/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.32 +lastReleaseVersion: 0.1.33 diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index f78504db76eb..0eefe2f39325 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.33-dev +version: 0.1.33 groups: - rust - queries diff --git a/shared/concepts/CHANGELOG.md b/shared/concepts/CHANGELOG.md index 704ea3e8e019..e8b920847e90 100644 --- a/shared/concepts/CHANGELOG.md +++ b/shared/concepts/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.22 + +No user-facing changes. + ## 0.0.21 No user-facing changes. diff --git a/shared/concepts/change-notes/released/0.0.22.md b/shared/concepts/change-notes/released/0.0.22.md new file mode 100644 index 000000000000..002267474382 --- /dev/null +++ b/shared/concepts/change-notes/released/0.0.22.md @@ -0,0 +1,3 @@ +## 0.0.22 + +No user-facing changes. diff --git a/shared/concepts/codeql-pack.release.yml b/shared/concepts/codeql-pack.release.yml index 0c15c351db40..11aaa2243f57 100644 --- a/shared/concepts/codeql-pack.release.yml +++ b/shared/concepts/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.21 +lastReleaseVersion: 0.0.22 diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index bf6e8b6018c0..2ce2978829e3 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.22-dev +version: 0.0.22 groups: shared library: true dependencies: diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index baca729ddda8..df00c6146d8f 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.32 + +No user-facing changes. + ## 2.0.31 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/2.0.32.md b/shared/controlflow/change-notes/released/2.0.32.md new file mode 100644 index 000000000000..0930bb07f8c4 --- /dev/null +++ b/shared/controlflow/change-notes/released/2.0.32.md @@ -0,0 +1,3 @@ +## 2.0.32 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index 783d47207cda..483a0d5db8ec 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.31 +lastReleaseVersion: 2.0.32 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 5573548794d0..b293853c73bd 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.32-dev +version: 2.0.32 groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index 52c893f78e27..ed60239f3de3 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.1.4 + +No user-facing changes. + ## 2.1.3 No user-facing changes. diff --git a/shared/dataflow/change-notes/released/2.1.4.md b/shared/dataflow/change-notes/released/2.1.4.md new file mode 100644 index 000000000000..a1035c6b05b2 --- /dev/null +++ b/shared/dataflow/change-notes/released/2.1.4.md @@ -0,0 +1,3 @@ +## 2.1.4 + +No user-facing changes. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index 345fb0c73a44..896b46fda9bd 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.1.3 +lastReleaseVersion: 2.1.4 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 3b917def33db..e7778805c504 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.4-dev +version: 2.1.4 groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 1bffb976cf8c..ff868403d0c4 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/mad/change-notes/released/1.0.48.md b/shared/mad/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/mad/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index b5583f8c55a2..920ffe102676 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/quantum/CHANGELOG.md b/shared/quantum/CHANGELOG.md index 8d524a11a093..eccc65c6041d 100644 --- a/shared/quantum/CHANGELOG.md +++ b/shared/quantum/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.26 + +No user-facing changes. + ## 0.0.25 No user-facing changes. diff --git a/shared/quantum/change-notes/released/0.0.26.md b/shared/quantum/change-notes/released/0.0.26.md new file mode 100644 index 000000000000..e6dc680cc11b --- /dev/null +++ b/shared/quantum/change-notes/released/0.0.26.md @@ -0,0 +1,3 @@ +## 0.0.26 + +No user-facing changes. diff --git a/shared/quantum/codeql-pack.release.yml b/shared/quantum/codeql-pack.release.yml index 6d0e80a50c3f..c576d2d7db2a 100644 --- a/shared/quantum/codeql-pack.release.yml +++ b/shared/quantum/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.25 +lastReleaseVersion: 0.0.26 diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index a19e99ef7eaa..52c78c5f963f 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.26-dev +version: 0.0.26 groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/CHANGELOG.md b/shared/rangeanalysis/CHANGELOG.md index 0ab7487192cb..9afb612f18a4 100644 --- a/shared/rangeanalysis/CHANGELOG.md +++ b/shared/rangeanalysis/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/rangeanalysis/change-notes/released/1.0.48.md b/shared/rangeanalysis/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/rangeanalysis/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/rangeanalysis/codeql-pack.release.yml b/shared/rangeanalysis/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/rangeanalysis/codeql-pack.release.yml +++ b/shared/rangeanalysis/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index d493350749ee..274a6160372e 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index dd6f0c4cad6b..2375b7b56ab6 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/regex/change-notes/released/1.0.48.md b/shared/regex/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/regex/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index 7b953dcff1cf..abe561fb37c0 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index 3573140fc410..dd21ba6d38b1 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.24 + +No user-facing changes. + ## 2.0.23 No user-facing changes. diff --git a/shared/ssa/change-notes/released/2.0.24.md b/shared/ssa/change-notes/released/2.0.24.md new file mode 100644 index 000000000000..6547901c3343 --- /dev/null +++ b/shared/ssa/change-notes/released/2.0.24.md @@ -0,0 +1,3 @@ +## 2.0.24 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 1bd7e296a34f..1460df314d51 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.23 +lastReleaseVersion: 2.0.24 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index a8fa9a114243..16d312b77aed 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.24-dev +version: 2.0.24 groups: shared library: true dependencies: diff --git a/shared/threat-models/CHANGELOG.md b/shared/threat-models/CHANGELOG.md index 34ae2fd22778..a3aa00d4872e 100644 --- a/shared/threat-models/CHANGELOG.md +++ b/shared/threat-models/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/threat-models/change-notes/released/1.0.48.md b/shared/threat-models/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/threat-models/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/threat-models/codeql-pack.release.yml b/shared/threat-models/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/threat-models/codeql-pack.release.yml +++ b/shared/threat-models/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index a4a367a990b3..2cf364fa3327 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.48-dev +version: 1.0.48 library: true groups: shared dataExtensions: diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index cf8f60d1d46a..9350e8a04eb7 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/1.0.48.md b/shared/tutorial/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/tutorial/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index f961ccdc0eb2..5c9c6cdc47c2 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/CHANGELOG.md b/shared/typeflow/CHANGELOG.md index 8c5ee5e94864..035c2aa456e9 100644 --- a/shared/typeflow/CHANGELOG.md +++ b/shared/typeflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/typeflow/change-notes/released/1.0.48.md b/shared/typeflow/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/typeflow/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/typeflow/codeql-pack.release.yml b/shared/typeflow/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/typeflow/codeql-pack.release.yml +++ b/shared/typeflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index f7e111d28fde..c9d4ec97a924 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/typeinference/CHANGELOG.md b/shared/typeinference/CHANGELOG.md index 7153b9314b18..c8b656e4f351 100644 --- a/shared/typeinference/CHANGELOG.md +++ b/shared/typeinference/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.29 + +No user-facing changes. + ## 0.0.28 No user-facing changes. diff --git a/shared/typeinference/change-notes/released/0.0.29.md b/shared/typeinference/change-notes/released/0.0.29.md new file mode 100644 index 000000000000..4428927c79d5 --- /dev/null +++ b/shared/typeinference/change-notes/released/0.0.29.md @@ -0,0 +1,3 @@ +## 0.0.29 + +No user-facing changes. diff --git a/shared/typeinference/codeql-pack.release.yml b/shared/typeinference/codeql-pack.release.yml index 3462db7d348f..c81f18131208 100644 --- a/shared/typeinference/codeql-pack.release.yml +++ b/shared/typeinference/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.28 +lastReleaseVersion: 0.0.29 diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 97c8df368959..57ed4da1080f 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.29-dev +version: 0.0.29 groups: shared library: true dependencies: diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index f779002267aa..75d8938e6a18 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.32 + +No user-facing changes. + ## 2.0.31 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/2.0.32.md b/shared/typetracking/change-notes/released/2.0.32.md new file mode 100644 index 000000000000..0930bb07f8c4 --- /dev/null +++ b/shared/typetracking/change-notes/released/2.0.32.md @@ -0,0 +1,3 @@ +## 2.0.32 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 783d47207cda..483a0d5db8ec 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.31 +lastReleaseVersion: 2.0.32 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index aa0296875312..7d506ee6807c 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.32-dev +version: 2.0.32 groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index b49f756fef03..35825098a633 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/typos/change-notes/released/1.0.48.md b/shared/typos/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/typos/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 37fc79bb1dfd..5ba6ce2b43d4 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index cb3ac7bbe797..d1becc8ba2c1 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 2.0.35 + +No user-facing changes. + ## 2.0.34 No user-facing changes. diff --git a/shared/util/change-notes/released/2.0.35.md b/shared/util/change-notes/released/2.0.35.md new file mode 100644 index 000000000000..526e1fc9f4ce --- /dev/null +++ b/shared/util/change-notes/released/2.0.35.md @@ -0,0 +1,3 @@ +## 2.0.35 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 339a3ce7c57a..27eb8ef8ecea 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 2.0.34 +lastReleaseVersion: 2.0.35 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 02e6241dccbf..1e765b5e42e4 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.35-dev +version: 2.0.35 groups: shared library: true dependencies: null diff --git a/shared/xml/CHANGELOG.md b/shared/xml/CHANGELOG.md index 98702251320c..131bf7afd2a2 100644 --- a/shared/xml/CHANGELOG.md +++ b/shared/xml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/xml/change-notes/released/1.0.48.md b/shared/xml/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/xml/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/xml/codeql-pack.release.yml b/shared/xml/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/xml/codeql-pack.release.yml +++ b/shared/xml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 0d75859bdb9d..45ddcffaee77 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true dependencies: diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index 4a41f8ee9dfe..1c420b31355d 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.48 + +No user-facing changes. + ## 1.0.47 No user-facing changes. diff --git a/shared/yaml/change-notes/released/1.0.48.md b/shared/yaml/change-notes/released/1.0.48.md new file mode 100644 index 000000000000..c484c6e8d6e2 --- /dev/null +++ b/shared/yaml/change-notes/released/1.0.48.md @@ -0,0 +1,3 @@ +## 1.0.48 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index dcec0f6405ab..6db79f2c3970 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.47 +lastReleaseVersion: 1.0.48 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index cfea54e0b5b5..461f97ac4dba 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.48-dev +version: 1.0.48 groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index 3967689b9331..e2cb45f97693 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 6.4.0 + +### Major Analysis Improvements + +* Upgraded to allow analysis of Swift 6.3. + ## 6.3.3 No user-facing changes. diff --git a/swift/ql/lib/change-notes/2026-04-06-swift-6.3.md b/swift/ql/lib/change-notes/released/6.4.0.md similarity index 50% rename from swift/ql/lib/change-notes/2026-04-06-swift-6.3.md rename to swift/ql/lib/change-notes/released/6.4.0.md index 512cb6139847..e4b68cd2c9b8 100644 --- a/swift/ql/lib/change-notes/2026-04-06-swift-6.3.md +++ b/swift/ql/lib/change-notes/released/6.4.0.md @@ -1,4 +1,5 @@ ---- -category: majorAnalysis ---- +## 6.4.0 + +### Major Analysis Improvements + * Upgraded to allow analysis of Swift 6.3. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 83b98dcdbc38..3098c5db6c37 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 6.3.3 +lastReleaseVersion: 6.4.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 32c6458ddeae..c8cc7f97a2b0 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.3.4-dev +version: 6.4.0 groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index f880dc3366f8..af70cebc1e49 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.3.1 + +No user-facing changes. + ## 1.3.0 ### Query Metadata Changes diff --git a/swift/ql/src/change-notes/released/1.3.1.md b/swift/ql/src/change-notes/released/1.3.1.md new file mode 100644 index 000000000000..8dd9964197cb --- /dev/null +++ b/swift/ql/src/change-notes/released/1.3.1.md @@ -0,0 +1,3 @@ +## 1.3.1 + +No user-facing changes. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index ec16350ed6fd..e71b6d081f15 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.3.0 +lastReleaseVersion: 1.3.1 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 5b6c7a6977a8..2bde0f317c79 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.1-dev +version: 1.3.1 groups: - swift - queries From 03c3b3f4c4aec8214ded9c5c0e6ca7a3c2b94bbe Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 20 Apr 2026 11:40:32 +0200 Subject: [PATCH 3/5] Improve wording of `actions` note --- actions/ql/src/CHANGELOG.md | 4 ++-- actions/ql/src/change-notes/released/0.6.26.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md index 9dd234fd4836..96f8d2662060 100644 --- a/actions/ql/src/CHANGELOG.md +++ b/actions/ql/src/CHANGELOG.md @@ -2,7 +2,7 @@ ### Major Analysis Improvements -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also improved the wording to make it clearer that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Finally, changed the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. ### Minor Analysis Improvements @@ -173,7 +173,7 @@ No user-facing changes. * `actions/if-expression-always-true/critical` * `actions/if-expression-always-true/high` * `actions/unnecessary-use-of-advanced-config` - + * The following query has been moved from the `code-scanning` suite to the `security-extended` suite. Any existing alerts for this query will be closed automatically unless the analysis is configured to use the `security-extended` suite. diff --git a/actions/ql/src/change-notes/released/0.6.26.md b/actions/ql/src/change-notes/released/0.6.26.md index 3147a666cdb7..8bf43e639079 100644 --- a/actions/ql/src/change-notes/released/0.6.26.md +++ b/actions/ql/src/change-notes/released/0.6.26.md @@ -2,7 +2,7 @@ ### Major Analysis Improvements -* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also clarify the wording to make it clear that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Also change the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. +* Fixed alert messages in `actions/artifact-poisoning/critical` and `actions/artifact-poisoning/medium` as they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also improved the wording to make it clearer that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Finally, changed the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful. ### Minor Analysis Improvements From f817bd4924665099296dec89614c62ebe401f32b Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 20 Apr 2026 12:24:05 +0200 Subject: [PATCH 4/5] Merge changelog entries for `cpp/implicit-function-declaration` --- cpp/ql/src/CHANGELOG.md | 5 ++--- cpp/ql/src/change-notes/released/1.6.1.md | 3 +-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index aca22062e9f3..80b9ad0e4753 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -4,11 +4,10 @@ * Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. * The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. * The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. However, for `build mode: none` databases, it no longer produces any results. The results in this mode were found to be very noisy and fundamentally imprecise. ## 1.6.0 @@ -367,7 +366,7 @@ No user-facing changes. ### Minor Analysis Improvements * The "non-constant format string" query (`cpp/non-constant-format`) has been updated to produce fewer false positives. -* Added dataflow models for the `gettext` function variants. +* Added dataflow models for the `gettext` function variants. ## 0.9.4 diff --git a/cpp/ql/src/change-notes/released/1.6.1.md b/cpp/ql/src/change-notes/released/1.6.1.md index 4cba7e508bdb..83781b87c584 100644 --- a/cpp/ql/src/change-notes/released/1.6.1.md +++ b/cpp/ql/src/change-notes/released/1.6.1.md @@ -4,8 +4,7 @@ * Added `AllocationFunction` models for `aligned_alloc`, `std::aligned_alloc`, and `bsl::aligned_alloc`. * The "Comparison of narrow type with wide type in loop condition" (`cpp/comparison-with-wider-type`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. * The "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. * The "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query has been upgraded to `high` precision. This query will now run in the default code scanning suite. -* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query no longer produces results on `build mode: none` databases. These results were found to be very noisy and fundamentally imprecise in this mode. +* The "Implicit function declaration" (`cpp/implicit-function-declaration`) query has been upgraded to `high` precision. However, for `build mode: none` databases, it no longer produces any results. The results in this mode were found to be very noisy and fundamentally imprecise. From 24edae5e7499ad1a99eb2e2045599f9c7713f196 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 27 Apr 2026 10:27:45 +0000 Subject: [PATCH 5/5] Post-release preparation for codeql-cli-2.25.3 --- actions/ql/lib/qlpack.yml | 2 +- actions/ql/src/qlpack.yml | 2 +- cpp/ql/lib/qlpack.yml | 2 +- cpp/ql/src/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/lib/qlpack.yml | 2 +- csharp/ql/campaigns/Solorigate/src/qlpack.yml | 2 +- csharp/ql/lib/qlpack.yml | 2 +- csharp/ql/src/qlpack.yml | 2 +- go/ql/consistency-queries/qlpack.yml | 2 +- go/ql/lib/qlpack.yml | 2 +- go/ql/src/qlpack.yml | 2 +- java/ql/lib/qlpack.yml | 2 +- java/ql/src/qlpack.yml | 2 +- javascript/ql/lib/qlpack.yml | 2 +- javascript/ql/src/qlpack.yml | 2 +- misc/suite-helpers/qlpack.yml | 2 +- python/ql/lib/qlpack.yml | 2 +- python/ql/src/qlpack.yml | 2 +- ruby/ql/lib/qlpack.yml | 2 +- ruby/ql/src/qlpack.yml | 2 +- rust/ql/lib/qlpack.yml | 2 +- rust/ql/src/qlpack.yml | 2 +- shared/concepts/qlpack.yml | 2 +- shared/controlflow/qlpack.yml | 2 +- shared/dataflow/qlpack.yml | 2 +- shared/mad/qlpack.yml | 2 +- shared/quantum/qlpack.yml | 2 +- shared/rangeanalysis/qlpack.yml | 2 +- shared/regex/qlpack.yml | 2 +- shared/ssa/qlpack.yml | 2 +- shared/threat-models/qlpack.yml | 2 +- shared/tutorial/qlpack.yml | 2 +- shared/typeflow/qlpack.yml | 2 +- shared/typeinference/qlpack.yml | 2 +- shared/typetracking/qlpack.yml | 2 +- shared/typos/qlpack.yml | 2 +- shared/util/qlpack.yml | 2 +- shared/xml/qlpack.yml | 2 +- shared/yaml/qlpack.yml | 2 +- swift/ql/lib/qlpack.yml | 2 +- swift/ql/src/qlpack.yml | 2 +- 41 files changed, 41 insertions(+), 41 deletions(-) diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml index b7acc7a39570..6e78fc546b33 100644 --- a/actions/ql/lib/qlpack.yml +++ b/actions/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-all -version: 0.4.34 +version: 0.4.35-dev library: true warnOnImplicitThis: true dependencies: diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml index fc18f8052b23..c815afc498c8 100644 --- a/actions/ql/src/qlpack.yml +++ b/actions/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/actions-queries -version: 0.6.26 +version: 0.6.27-dev library: false warnOnImplicitThis: true groups: [actions, queries] diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 4bcb59885fa7..8a9d60a7fa94 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 10.0.0 +version: 10.0.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 8ec81ab6135e..714167434c8a 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 1.6.1 +version: 1.6.2-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index d50eb024972c..9d0e0ffd4f96 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.65 +version: 1.7.66-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index bd70b1664ac5..f5203f4e4434 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.65 +version: 1.7.66-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index f90aa010b895..7c906e033ad6 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 5.5.0 +version: 5.5.1-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index c7d8eace2961..25b04cf2dc66 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 1.7.1 +version: 1.7.2-dev groups: - csharp - queries diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml index 2a03af961527..a82ec95583b6 100644 --- a/go/ql/consistency-queries/qlpack.yml +++ b/go/ql/consistency-queries/qlpack.yml @@ -1,5 +1,5 @@ name: codeql-go-consistency-queries -version: 1.0.48 +version: 1.0.49-dev groups: - go - queries diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 71a8c1c50f07..e191e0da6884 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 7.0.6 +version: 7.0.7-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 3f3d4e7cc2aa..fa7e934382a8 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 1.6.1 +version: 1.6.2-dev groups: - go - queries diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 0a842a96b345..efa1d011ea57 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 9.0.4 +version: 9.0.5-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index 49c552ec02ac..2f2233460bac 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 1.11.1 +version: 1.11.2-dev groups: - java - queries diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index dabbc8bd755f..b62abbbe1016 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 2.6.28 +version: 2.6.29-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index dd4f7c255a84..9081791d0e0d 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 2.3.8 +version: 2.3.9-dev groups: - javascript - queries diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index c18ab2bb10ed..778284fbe9a3 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 1.0.48 +version: 1.0.49-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 4dc63a6f9cbe..8564a098594b 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 7.0.5 +version: 7.0.6-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index b7d90a618e9f..2d99bcd0c7a3 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 1.8.1 +version: 1.8.2-dev groups: - python - queries diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index ef68525f982b..1ac5090098a3 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 5.1.16 +version: 5.1.17-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 8964f6e51ac9..978102bb82a6 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 1.6.1 +version: 1.6.2-dev groups: - ruby - queries diff --git a/rust/ql/lib/qlpack.yml b/rust/ql/lib/qlpack.yml index 569930438abe..7eb159e4b505 100644 --- a/rust/ql/lib/qlpack.yml +++ b/rust/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-all -version: 0.2.12 +version: 0.2.13-dev groups: rust extractor: rust dbscheme: rust.dbscheme diff --git a/rust/ql/src/qlpack.yml b/rust/ql/src/qlpack.yml index 0eefe2f39325..7b2bd73728ae 100644 --- a/rust/ql/src/qlpack.yml +++ b/rust/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rust-queries -version: 0.1.33 +version: 0.1.34-dev groups: - rust - queries diff --git a/shared/concepts/qlpack.yml b/shared/concepts/qlpack.yml index 2ce2978829e3..947826f7dfd7 100644 --- a/shared/concepts/qlpack.yml +++ b/shared/concepts/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/concepts -version: 0.0.22 +version: 0.0.23-dev groups: shared library: true dependencies: diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index b293853c73bd..adc4aedc5c37 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 2.0.32 +version: 2.0.33-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index e7778805c504..a18b746e4b44 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 2.1.4 +version: 2.1.5-dev groups: shared library: true dependencies: diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index 920ffe102676..dd5fcf54034b 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true dependencies: diff --git a/shared/quantum/qlpack.yml b/shared/quantum/qlpack.yml index 52c78c5f963f..c4e5d41dfaa3 100644 --- a/shared/quantum/qlpack.yml +++ b/shared/quantum/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/quantum -version: 0.0.26 +version: 0.0.27-dev groups: shared library: true dependencies: diff --git a/shared/rangeanalysis/qlpack.yml b/shared/rangeanalysis/qlpack.yml index 274a6160372e..ed3b4a66239c 100644 --- a/shared/rangeanalysis/qlpack.yml +++ b/shared/rangeanalysis/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/rangeanalysis -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true dependencies: diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index abe561fb37c0..3d569c7d429f 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true dependencies: diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 16d312b77aed..c1fd261e070e 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 2.0.24 +version: 2.0.25-dev groups: shared library: true dependencies: diff --git a/shared/threat-models/qlpack.yml b/shared/threat-models/qlpack.yml index 2cf364fa3327..59ce8c067277 100644 --- a/shared/threat-models/qlpack.yml +++ b/shared/threat-models/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/threat-models -version: 1.0.48 +version: 1.0.49-dev library: true groups: shared dataExtensions: diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 5c9c6cdc47c2..36b8181e0bf7 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typeflow/qlpack.yml b/shared/typeflow/qlpack.yml index c9d4ec97a924..0734b2b722ed 100644 --- a/shared/typeflow/qlpack.yml +++ b/shared/typeflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeflow -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true dependencies: diff --git a/shared/typeinference/qlpack.yml b/shared/typeinference/qlpack.yml index 57ed4da1080f..2bf5c49d97e5 100644 --- a/shared/typeinference/qlpack.yml +++ b/shared/typeinference/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typeinference -version: 0.0.29 +version: 0.0.30-dev groups: shared library: true dependencies: diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index 7d506ee6807c..fe35cf5955b6 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 2.0.32 +version: 2.0.33-dev groups: shared library: true dependencies: diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 5ba6ce2b43d4..a8c85168f20f 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 1e765b5e42e4..99f8c5374dce 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 2.0.35 +version: 2.0.36-dev groups: shared library: true dependencies: null diff --git a/shared/xml/qlpack.yml b/shared/xml/qlpack.yml index 45ddcffaee77..2c44df63e7e5 100644 --- a/shared/xml/qlpack.yml +++ b/shared/xml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/xml -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true dependencies: diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index 461f97ac4dba..6778ee5a156c 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 1.0.48 +version: 1.0.49-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index c8cc7f97a2b0..595a2804df50 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 6.4.0 +version: 6.4.1-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 2bde0f317c79..6b4dc1f65e51 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 1.3.1 +version: 1.3.2-dev groups: - swift - queries