diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index 98666dfbbdb8..827d7ded490b 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.10.0 + +### Minor Analysis Improvements + +* Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as + non-returning in the IR and dataflow. +* Treat functions that reach the end of the function as returning in the IR. + They used to be treated as unreachable but it is allowed in C. +* The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly. + ## 0.9.3 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2023-09-06-as-defining-argument-off-by-one-fix.md b/cpp/ql/lib/change-notes/2023-09-06-as-defining-argument-off-by-one-fix.md deleted file mode 100644 index 11c3b7366821..000000000000 --- a/cpp/ql/lib/change-notes/2023-09-06-as-defining-argument-off-by-one-fix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly. diff --git a/cpp/ql/lib/change-notes/2023-09-07-return-from-end.md b/cpp/ql/lib/change-notes/2023-09-07-return-from-end.md deleted file mode 100644 index 8f1b8e9be888..000000000000 --- a/cpp/ql/lib/change-notes/2023-09-07-return-from-end.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Treat functions that reach the end of the function as returning in the IR. - They used to be treated as unreachable but it is allowed in C. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2023-09-08-more-unreachble.md b/cpp/ql/lib/change-notes/2023-09-08-more-unreachble.md deleted file mode 100644 index 6b2fff3d1767..000000000000 --- a/cpp/ql/lib/change-notes/2023-09-08-more-unreachble.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as - non-returning in the IR and dataflow. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/released/0.10.0.md b/cpp/ql/lib/change-notes/released/0.10.0.md new file mode 100644 index 000000000000..9c4b95e37e09 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.10.0.md @@ -0,0 +1,9 @@ +## 0.10.0 + +### Minor Analysis Improvements + +* Functions that do not return due to calling functions that don't return (e.g. `exit`) are now detected as + non-returning in the IR and dataflow. +* Treat functions that reach the end of the function as returning in the IR. + They used to be treated as unreachable but it is allowed in C. +* The `DataFlow::asDefiningArgument` predicate now takes its argument from the range starting at `1` instead of `2`. Queries that depend on the single-parameter version of `DataFlow::asDefiningArgument` should have their arguments updated accordingly. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index 7af7247cbb0a..b21db6232459 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.9.3 +lastReleaseVersion: 0.10.0 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 0a60a2153e9b..6cd876f92679 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.10.0-dev +version: 0.10.1-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll b/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll index 1c557af797e5..6bf7764d7e98 100644 --- a/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll +++ b/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll @@ -73,6 +73,10 @@ private int isSource(Expr bufferExpr, Element why) { ) } +/** Same as `getBufferSize`, but with the `why` column projected away to prevent large duplications. */ +pragma[nomagic] +int getBufferSizeProj(Expr bufferExpr) { result = getBufferSize(bufferExpr, _) } + /** * Get the size in bytes of the buffer pointed to by an expression (if this can be determined). */ @@ -87,7 +91,7 @@ int getBufferSize(Expr bufferExpr, Element why) { why = bufferVar and parentPtr = bufferExpr.(VariableAccess).getQualifier() and parentPtr.getTarget().getUnspecifiedType().(PointerType).getBaseType() = parentClass and - result = getBufferSize(parentPtr, _) + bufferSize - parentClass.getSize() + result = getBufferSizeProj(parentPtr) + bufferSize - parentClass.getSize() | if exists(bufferVar.getType().getSize()) then bufferSize = bufferVar.getType().getSize() @@ -95,7 +99,6 @@ int getBufferSize(Expr bufferExpr, Element why) { ) or // dataflow (all sources must be the same size) - result = unique(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | getBufferSize(def, _)) and - // find reason + result = unique(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | getBufferSizeProj(def)) and exists(Expr def | DataFlow::localExprFlowStep(def, bufferExpr) | exists(getBufferSize(def, why))) } diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 700c0e331dd0..cf5256e244d0 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,16 @@ +## 0.8.0 + +### Query Metadata Changes + +* The `cpp/double-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`. +* The `cpp/use-after-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`. + +### Minor Analysis Improvements + +* The queries `cpp/double-free` and `cpp/use-after-free` find fewer false positives + in cases where a non-returning function is called. +* The number of duplicated dataflow paths reported by queries has been significantly reduced. + ## 0.7.5 No user-facing changes. diff --git a/cpp/ql/src/change-notes/2023-09-06-deduplicated-results.md b/cpp/ql/src/change-notes/2023-09-06-deduplicated-results.md deleted file mode 100644 index e8a2160f4c25..000000000000 --- a/cpp/ql/src/change-notes/2023-09-06-deduplicated-results.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The number of duplicated dataflow paths reported by queries has been significantly reduced. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2023-09-08-unreachble-edges.md b/cpp/ql/src/change-notes/2023-09-08-unreachble-edges.md deleted file mode 100644 index 1839120619b0..000000000000 --- a/cpp/ql/src/change-notes/2023-09-08-unreachble-edges.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* The queries `cpp/double-free` and `cpp/use-after-free` find fewer false positives - in cases where a non-returning function is called. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2023-10-03-double-free.md b/cpp/ql/src/change-notes/2023-10-03-double-free.md deleted file mode 100644 index ebe6674320d6..000000000000 --- a/cpp/ql/src/change-notes/2023-10-03-double-free.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* The `cpp/double-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/2023-10-03-use-after-free.md b/cpp/ql/src/change-notes/2023-10-03-use-after-free.md deleted file mode 100644 index 6c1165edb343..000000000000 --- a/cpp/ql/src/change-notes/2023-10-03-use-after-free.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: queryMetadata ---- -* The `cpp/use-after-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`. \ No newline at end of file diff --git a/cpp/ql/src/change-notes/released/0.8.0.md b/cpp/ql/src/change-notes/released/0.8.0.md new file mode 100644 index 000000000000..664e8760f48e --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.8.0.md @@ -0,0 +1,12 @@ +## 0.8.0 + +### Query Metadata Changes + +* The `cpp/double-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`. +* The `cpp/use-after-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`. + +### Minor Analysis Improvements + +* The queries `cpp/double-free` and `cpp/use-after-free` find fewer false positives + in cases where a non-returning function is called. +* The number of duplicated dataflow paths reported by queries has been significantly reduced. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 88e5026c939f..2c693b7de4df 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.8.0-dev +version: 0.8.1-dev groups: - cpp - queries diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index cc79b182da60..61606368e4c6 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.0 + +No user-facing changes. + ## 1.6.5 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.0.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.0.md new file mode 100644 index 000000000000..07492eebff7c --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.0.md @@ -0,0 +1,3 @@ +## 1.7.0 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 031532705578..d1184cc67507 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.5 +lastReleaseVersion: 1.7.0 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 8d400fbbaa4b..f4dd73b013e9 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.7.0-dev +version: 1.7.1-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index cc79b182da60..61606368e4c6 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.7.0 + +No user-facing changes. + ## 1.6.5 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.0.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.0.md new file mode 100644 index 000000000000..07492eebff7c --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.0.md @@ -0,0 +1,3 @@ +## 1.7.0 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 031532705578..d1184cc67507 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.6.5 +lastReleaseVersion: 1.7.0 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index ddf6820236ff..c6a5d9038392 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.7.0-dev +version: 1.7.1-dev groups: - csharp - solorigate diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 1d2703e856e2..de8d30425f77 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.0 + +No user-facing changes. + ## 0.7.5 No user-facing changes. diff --git a/csharp/ql/lib/change-notes/released/0.8.0.md b/csharp/ql/lib/change-notes/released/0.8.0.md new file mode 100644 index 000000000000..16ea5f603735 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.8.0.md @@ -0,0 +1,3 @@ +## 0.8.0 + +No user-facing changes. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 1f96818bb7fe..16908da66d0d 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.8.0-dev +version: 0.8.1-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index d391679c5dfc..4b03f57bd9e8 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.8.0 + +### New Queries + +* Added a new query, `cs/web/insecure-direct-object-reference`, to find instances of missing authorization checks for resources selected by an ID parameter. + ## 0.7.5 No user-facing changes. diff --git a/csharp/ql/src/change-notes/2023-08-21-insecure-direct-object-reference.md b/csharp/ql/src/change-notes/released/0.8.0.md similarity index 69% rename from csharp/ql/src/change-notes/2023-08-21-insecure-direct-object-reference.md rename to csharp/ql/src/change-notes/released/0.8.0.md index edbb11347390..caef33b6a935 100644 --- a/csharp/ql/src/change-notes/2023-08-21-insecure-direct-object-reference.md +++ b/csharp/ql/src/change-notes/released/0.8.0.md @@ -1,4 +1,5 @@ ---- -category: newQuery ---- -* Added a new query, `cs/web/insecure-direct-object-reference`, to find instances of missing authorization checks for resources selected by an ID parameter. \ No newline at end of file +## 0.8.0 + +### New Queries + +* Added a new query, `cs/web/insecure-direct-object-reference`, to find instances of missing authorization checks for resources selected by an ID parameter. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index 7690ae016fc5..ab9f80b9de57 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.8.0-dev +version: 0.8.1-dev groups: - csharp - queries diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index fba37b581ac0..5b4530cd2a97 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.7.0 + +### Minor Analysis Improvements + +* Added Numeric and Boolean types to SQL injection sanitzers. + ## 0.6.5 No user-facing changes. diff --git a/go/ql/lib/change-notes/2023-09-12-add-int&bool-sanitizer-for-sql.md b/go/ql/lib/change-notes/2023-09-12-add-int&bool-sanitizer-for-sql.md deleted file mode 100644 index 26751edf2fe7..000000000000 --- a/go/ql/lib/change-notes/2023-09-12-add-int&bool-sanitizer-for-sql.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added Numeric and Boolean types to SQL injection sanitzers. \ No newline at end of file diff --git a/go/ql/lib/change-notes/released/0.7.0.md b/go/ql/lib/change-notes/released/0.7.0.md new file mode 100644 index 000000000000..6df2bd55237a --- /dev/null +++ b/go/ql/lib/change-notes/released/0.7.0.md @@ -0,0 +1,5 @@ +## 0.7.0 + +### Minor Analysis Improvements + +* Added Numeric and Boolean types to SQL injection sanitzers. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 86780fb61480..c761f3e7ab44 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.5 +lastReleaseVersion: 0.7.0 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index cdacb07367df..fb6cd5638731 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.7.0-dev +version: 0.7.1-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 4b7c6babedc1..0e1e2c030977 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.0 + +No user-facing changes. + ## 0.6.5 No user-facing changes. diff --git a/go/ql/src/change-notes/released/0.7.0.md b/go/ql/src/change-notes/released/0.7.0.md new file mode 100644 index 000000000000..80d3864a0f98 --- /dev/null +++ b/go/ql/src/change-notes/released/0.7.0.md @@ -0,0 +1,3 @@ +## 0.7.0 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 86780fb61480..c761f3e7ab44 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.5 +lastReleaseVersion: 0.7.0 diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 8a187f1080e0..9916dec16afb 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.7.0-dev +version: 0.7.1-dev groups: - go - queries diff --git a/java/ql/automodel/src/CHANGELOG.md b/java/ql/automodel/src/CHANGELOG.md index a78acd769605..ee2610f9bd65 100644 --- a/java/ql/automodel/src/CHANGELOG.md +++ b/java/ql/automodel/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.5 + +No user-facing changes. + ## 0.0.4 No user-facing changes. diff --git a/java/ql/automodel/src/change-notes/released/0.0.5.md b/java/ql/automodel/src/change-notes/released/0.0.5.md new file mode 100644 index 000000000000..766ec2723b56 --- /dev/null +++ b/java/ql/automodel/src/change-notes/released/0.0.5.md @@ -0,0 +1,3 @@ +## 0.0.5 + +No user-facing changes. diff --git a/java/ql/automodel/src/codeql-pack.release.yml b/java/ql/automodel/src/codeql-pack.release.yml index ec411a674bcd..bb45a1ab0182 100644 --- a/java/ql/automodel/src/codeql-pack.release.yml +++ b/java/ql/automodel/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.0.5 diff --git a/java/ql/automodel/src/qlpack.yml b/java/ql/automodel/src/qlpack.yml index d41368cab933..d5cf16380154 100644 --- a/java/ql/automodel/src/qlpack.yml +++ b/java/ql/automodel/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-automodel-queries -version: 0.0.5-dev +version: 0.0.6-dev groups: - java - automodel diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index c5d72b195012..34b1f5487a91 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,21 @@ +## 0.8.0 + +### New Features + +* Kotlin versions up to 1.9.20 are now supported. + +### Minor Analysis Improvements + +* Fixed a control-flow bug where case rule statements would incorrectly include a fall-through edge. +* Added support for default cases as proper guards in switch expressions to match switch statements. +* Improved the class `ArithExpr` of the `Overflow.qll` module to also include compound operators. Because of this, new alerts may be raised in queries related to overflows/underflows. +* Added new dataflow models for the Apache CXF framework. +* Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags. + +### Bug Fixes + +* The regular expressions library no longer incorrectly matches mode flag characters against the input. + ## 0.7.5 No user-facing changes. diff --git a/java/ql/lib/change-notes/2023-07-20-regex-parse-modes.md b/java/ql/lib/change-notes/2023-07-20-regex-parse-modes.md deleted file mode 100644 index 2d6762274910..000000000000 --- a/java/ql/lib/change-notes/2023-07-20-regex-parse-modes.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags. diff --git a/java/ql/lib/change-notes/2023-08-23-apache-cxf-models.md b/java/ql/lib/change-notes/2023-08-23-apache-cxf-models.md deleted file mode 100644 index fbd0fef3b7f0..000000000000 --- a/java/ql/lib/change-notes/2023-08-23-apache-cxf-models.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added new dataflow models for the Apache CXF framework. diff --git a/java/ql/lib/change-notes/2023-09-12-kotlin-1.9.20.md b/java/ql/lib/change-notes/2023-09-12-kotlin-1.9.20.md deleted file mode 100644 index 275c72fdf6bd..000000000000 --- a/java/ql/lib/change-notes/2023-09-12-kotlin-1.9.20.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Kotlin versions up to 1.9.20 are now supported. diff --git a/java/ql/lib/change-notes/2023-09-12-regex-mode-flag-groups.md b/java/ql/lib/change-notes/2023-09-12-regex-mode-flag-groups.md deleted file mode 100644 index d13350726a82..000000000000 --- a/java/ql/lib/change-notes/2023-09-12-regex-mode-flag-groups.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* The regular expressions library no longer incorrectly matches mode flag characters against the input. diff --git a/java/ql/lib/change-notes/2023-09-19-arithexpr-assignop.md b/java/ql/lib/change-notes/2023-09-19-arithexpr-assignop.md deleted file mode 100644 index 389015002263..000000000000 --- a/java/ql/lib/change-notes/2023-09-19-arithexpr-assignop.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved the class `ArithExpr` of the `Overflow.qll` module to also include compound operators. Because of this, new alerts may be raised in queries related to overflows/underflows. diff --git a/java/ql/lib/change-notes/2023-09-28-case-rule-stmt-cfg-fix.md b/java/ql/lib/change-notes/2023-09-28-case-rule-stmt-cfg-fix.md deleted file mode 100644 index 5e99335aba7c..000000000000 --- a/java/ql/lib/change-notes/2023-09-28-case-rule-stmt-cfg-fix.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* Fixed a control-flow bug where case rule statements would incorrectly include a fall-through edge. -* Added support for default cases as proper guards in switch expressions to match switch statements. diff --git a/java/ql/lib/change-notes/released/0.8.0.md b/java/ql/lib/change-notes/released/0.8.0.md new file mode 100644 index 000000000000..16f020fa7dfa --- /dev/null +++ b/java/ql/lib/change-notes/released/0.8.0.md @@ -0,0 +1,17 @@ +## 0.8.0 + +### New Features + +* Kotlin versions up to 1.9.20 are now supported. + +### Minor Analysis Improvements + +* Fixed a control-flow bug where case rule statements would incorrectly include a fall-through edge. +* Added support for default cases as proper guards in switch expressions to match switch statements. +* Improved the class `ArithExpr` of the `Overflow.qll` module to also include compound operators. Because of this, new alerts may be raised in queries related to overflows/underflows. +* Added new dataflow models for the Apache CXF framework. +* Regular expressions containing multiple parse mode flags are now interpretted correctly. For example `"(?is)abc.*"` with both the `i` and `s` flags. + +### Bug Fixes + +* The regular expressions library no longer incorrectly matches mode flag characters against the input. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index df095807bd53..eef8bc66fe1c 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.8.0-dev +version: 0.8.1-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 956a81d7802d..ea706bfd0559 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.0 + +No user-facing changes. + ## 0.7.5 No user-facing changes. diff --git a/java/ql/src/change-notes/released/0.8.0.md b/java/ql/src/change-notes/released/0.8.0.md new file mode 100644 index 000000000000..16ea5f603735 --- /dev/null +++ b/java/ql/src/change-notes/released/0.8.0.md @@ -0,0 +1,3 @@ +## 0.8.0 + +No user-facing changes. diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index f09f03cb987a..bced8cc4b86c 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.8.0-dev +version: 0.8.1-dev groups: - java - queries diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 022aebbd6932..f1aac73b5777 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.0 + +No user-facing changes. + ## 0.7.5 No user-facing changes. diff --git a/javascript/ql/lib/change-notes/released/0.8.0.md b/javascript/ql/lib/change-notes/released/0.8.0.md new file mode 100644 index 000000000000..16ea5f603735 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.8.0.md @@ -0,0 +1,3 @@ +## 0.8.0 + +No user-facing changes. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 2b5b69eccf94..3f14c99a88b2 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.8.0-dev +version: 0.8.1-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index c67be888c57e..8c0e3b427e98 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.8.0 + +No user-facing changes. + ## 0.7.5 ### Bug Fixes diff --git a/javascript/ql/src/change-notes/released/0.8.0.md b/javascript/ql/src/change-notes/released/0.8.0.md new file mode 100644 index 000000000000..16ea5f603735 --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.8.0.md @@ -0,0 +1,3 @@ +## 0.8.0 + +No user-facing changes. diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index 831f4e9aa57b..95c39434842a 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.8.0-dev +version: 0.8.1-dev groups: - javascript - queries diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md index 9435d172e6f3..7467add73bad 100644 --- a/misc/suite-helpers/CHANGELOG.md +++ b/misc/suite-helpers/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.7.0 + +No user-facing changes. + ## 0.6.5 No user-facing changes. diff --git a/misc/suite-helpers/change-notes/released/0.7.0.md b/misc/suite-helpers/change-notes/released/0.7.0.md new file mode 100644 index 000000000000..80d3864a0f98 --- /dev/null +++ b/misc/suite-helpers/change-notes/released/0.7.0.md @@ -0,0 +1,3 @@ +## 0.7.0 + +No user-facing changes. diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml index 86780fb61480..c761f3e7ab44 100644 --- a/misc/suite-helpers/codeql-pack.release.yml +++ b/misc/suite-helpers/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.5 +lastReleaseVersion: 0.7.0 diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 820c1bfc571e..0d1250e87079 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/suite-helpers -version: 0.7.0-dev +version: 0.7.1-dev groups: shared warnOnImplicitThis: true diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index 0f7d9c299758..630309929990 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.11.0 + +### Minor Analysis Improvements + +* Django Rest Framework better handles custom `ModelViewSet` classes functions +* Regular expression fragments residing inside implicitly concatenated strings now have better location information. + +### Bug Fixes + +* Subterms of regular expressions encoded as single-line string literals now have better source-location information. + ## 0.10.5 No user-facing changes. diff --git a/python/ql/lib/change-notes/2023-09-22-regex-prefix.md b/python/ql/lib/change-notes/2023-09-22-regex-prefix.md deleted file mode 100644 index 20affaaab4ee..000000000000 --- a/python/ql/lib/change-notes/2023-09-22-regex-prefix.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* Subterms of regular expressions encoded as single-line string literals now have better source-location information. \ No newline at end of file diff --git a/python/ql/lib/change-notes/2023-09-26-regex-locations-in-string-parts.md b/python/ql/lib/change-notes/2023-09-26-regex-locations-in-string-parts.md deleted file mode 100644 index 32bdc1db15c3..000000000000 --- a/python/ql/lib/change-notes/2023-09-26-regex-locations-in-string-parts.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Regular expression fragments residing inside implicitly concatenated strings now have better location information. diff --git a/python/ql/lib/change-notes/2023-09-29-django-restframework-improvements.md b/python/ql/lib/change-notes/2023-09-29-django-restframework-improvements.md deleted file mode 100644 index cf0c93fca2be..000000000000 --- a/python/ql/lib/change-notes/2023-09-29-django-restframework-improvements.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Django Rest Framework better handles custom `ModelViewSet` classes functions \ No newline at end of file diff --git a/python/ql/lib/change-notes/released/0.11.0.md b/python/ql/lib/change-notes/released/0.11.0.md new file mode 100644 index 000000000000..bf689298b4cf --- /dev/null +++ b/python/ql/lib/change-notes/released/0.11.0.md @@ -0,0 +1,10 @@ +## 0.11.0 + +### Minor Analysis Improvements + +* Django Rest Framework better handles custom `ModelViewSet` classes functions +* Regular expression fragments residing inside implicitly concatenated strings now have better location information. + +### Bug Fixes + +* Subterms of regular expressions encoded as single-line string literals now have better source-location information. diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index 2e5e2af8307c..fce68697d682 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.10.5 +lastReleaseVersion: 0.11.0 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index 9f2da148abf0..070d058b79ce 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.11.0-dev +version: 0.11.1-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index ca2dfaae5460..230f54ce6454 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,14 @@ +## 0.9.0 + +### New Queries + +* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now available in the default security suite. + +### Minor Analysis Improvements + +* Improved _URL redirection from remote source_ (`py/url-redirection`) query to not alert when URL has been checked with `django.utils.http. url_has_allowed_host_and_scheme`. +* Extended the `py/command-line-injection` query with sinks from Python's `asyncio` module. + ## 0.8.5 No user-facing changes. diff --git a/python/ql/src/change-notes/2023-09-05-asyncio-cmdi-sinks.md b/python/ql/src/change-notes/2023-09-05-asyncio-cmdi-sinks.md deleted file mode 100644 index 6a05b201d6b7..000000000000 --- a/python/ql/src/change-notes/2023-09-05-asyncio-cmdi-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Extended the `py/command-line-injection` query with sinks from Python's `asyncio` module. diff --git a/python/ql/src/change-notes/2023-09-13-django-url-allowed-host.md b/python/ql/src/change-notes/2023-09-13-django-url-allowed-host.md deleted file mode 100644 index 3ba166559d21..000000000000 --- a/python/ql/src/change-notes/2023-09-13-django-url-allowed-host.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Improved _URL redirection from remote source_ (`py/url-redirection`) query to not alert when URL has been checked with `django.utils.http. url_has_allowed_host_and_scheme`. diff --git a/python/ql/src/change-notes/2023-09-18-promoted-nosql-injection-query.md b/python/ql/src/change-notes/2023-09-18-promoted-nosql-injection-query.md deleted file mode 100644 index 2b30fd492d53..000000000000 --- a/python/ql/src/change-notes/2023-09-18-promoted-nosql-injection-query.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now available in the default security suite. diff --git a/python/ql/src/change-notes/released/0.9.0.md b/python/ql/src/change-notes/released/0.9.0.md new file mode 100644 index 000000000000..12e30a0f8381 --- /dev/null +++ b/python/ql/src/change-notes/released/0.9.0.md @@ -0,0 +1,10 @@ +## 0.9.0 + +### New Queries + +* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now available in the default security suite. + +### Minor Analysis Improvements + +* Improved _URL redirection from remote source_ (`py/url-redirection`) query to not alert when URL has been checked with `django.utils.http. url_has_allowed_host_and_scheme`. +* Extended the `py/command-line-injection` query with sinks from Python's `asyncio` module. diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index cbe6bc6b7c62..8b9fc185202d 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.8.5 +lastReleaseVersion: 0.9.0 diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 7790d40858b6..dd2d91e0d889 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.9.0-dev +version: 0.9.1-dev groups: - python - queries diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 60cc08a923dd..f44809f63d2d 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.8.0 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. + ## 0.7.5 No user-facing changes. diff --git a/ruby/ql/lib/change-notes/2023-08-23-variable-capture-flow.md b/ruby/ql/lib/change-notes/2023-08-23-variable-capture-flow.md deleted file mode 100644 index 66ab65083dc3..000000000000 --- a/ruby/ql/lib/change-notes/2023-08-23-variable-capture-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/released/0.8.0.md b/ruby/ql/lib/change-notes/released/0.8.0.md new file mode 100644 index 000000000000..a139654ebbe6 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.8.0.md @@ -0,0 +1,5 @@ +## 0.8.0 + +### Major Analysis Improvements + +* Improved support for flow through captured variables that properly adheres to inter-procedural control flow. diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index d90c77225c7e..9cadc1e426bc 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.8.0-dev +version: 0.8.1-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index f69f774d1711..6694814c95fc 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.8.0 + +### Minor Analysis Improvements + +* Built-in Ruby queries now use the new DataFlow API. + ## 0.7.5 No user-facing changes. diff --git a/ruby/ql/src/change-notes/2023-09-03-use-new-dataflow-api.md b/ruby/ql/src/change-notes/released/0.8.0.md similarity index 55% rename from ruby/ql/src/change-notes/2023-09-03-use-new-dataflow-api.md rename to ruby/ql/src/change-notes/released/0.8.0.md index 2cde6336ae47..14b7dd8b830c 100644 --- a/ruby/ql/src/change-notes/2023-09-03-use-new-dataflow-api.md +++ b/ruby/ql/src/change-notes/released/0.8.0.md @@ -1,4 +1,5 @@ ---- -category: minorAnalysis ---- +## 0.8.0 + +### Minor Analysis Improvements + * Built-in Ruby queries now use the new DataFlow API. diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index b5108ee0bda8..37eab3197dcb 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.5 +lastReleaseVersion: 0.8.0 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index 86ea5c3b18d7..3736cf58d5ef 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.8.0-dev +version: 0.8.1-dev groups: - ruby - queries diff --git a/shared/controlflow/CHANGELOG.md b/shared/controlflow/CHANGELOG.md index 3370a04b28cc..1a5a17a4456c 100644 --- a/shared/controlflow/CHANGELOG.md +++ b/shared/controlflow/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.0 + +No user-facing changes. + ## 0.0.4 No user-facing changes. diff --git a/shared/controlflow/change-notes/released/0.1.0.md b/shared/controlflow/change-notes/released/0.1.0.md new file mode 100644 index 000000000000..7b4d4fc699c0 --- /dev/null +++ b/shared/controlflow/change-notes/released/0.1.0.md @@ -0,0 +1,3 @@ +## 0.1.0 + +No user-facing changes. diff --git a/shared/controlflow/codeql-pack.release.yml b/shared/controlflow/codeql-pack.release.yml index ec411a674bcd..2e08f40f6aa3 100644 --- a/shared/controlflow/codeql-pack.release.yml +++ b/shared/controlflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.1.0 diff --git a/shared/controlflow/qlpack.yml b/shared/controlflow/qlpack.yml index 075a5632883e..dbe30353faa3 100644 --- a/shared/controlflow/qlpack.yml +++ b/shared/controlflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/controlflow -version: 0.1.0-dev +version: 0.1.1-dev groups: shared library: true dependencies: diff --git a/shared/dataflow/CHANGELOG.md b/shared/dataflow/CHANGELOG.md index e18f52c02373..e72f0484bcb2 100644 --- a/shared/dataflow/CHANGELOG.md +++ b/shared/dataflow/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.1.0 + +### Major Analysis Improvements + +* Added support for type-based call edge pruning. This removes data flow call edges that are incompatible with the set of flow paths that reach it based on type information. This improves dispatch precision for constructs like lambdas, `Object.toString()` calls, and the visitor pattern. For now this is only enabled for Java and C#. + +### Minor Analysis Improvements + +* The `isBarrierIn` and `isBarrierOut` predicates in `DataFlow::StateConfigSig` now have overloaded variants that block a specific `FlowState`. + ## 0.0.4 No user-facing changes. diff --git a/shared/dataflow/change-notes/2023-09-26-inout-barrier-flow-state.md b/shared/dataflow/change-notes/2023-09-26-inout-barrier-flow-state.md deleted file mode 100644 index c7ea9638ee86..000000000000 --- a/shared/dataflow/change-notes/2023-09-26-inout-barrier-flow-state.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `isBarrierIn` and `isBarrierOut` predicates in `DataFlow::StateConfigSig` now have overloaded variants that block a specific `FlowState`. diff --git a/shared/dataflow/change-notes/2023-09-12-typeflow.md b/shared/dataflow/change-notes/released/0.1.0.md similarity index 60% rename from shared/dataflow/change-notes/2023-09-12-typeflow.md rename to shared/dataflow/change-notes/released/0.1.0.md index e5f010354789..df05aff26c55 100644 --- a/shared/dataflow/change-notes/2023-09-12-typeflow.md +++ b/shared/dataflow/change-notes/released/0.1.0.md @@ -1,4 +1,9 @@ ---- -category: majorAnalysis ---- +## 0.1.0 + +### Major Analysis Improvements + * Added support for type-based call edge pruning. This removes data flow call edges that are incompatible with the set of flow paths that reach it based on type information. This improves dispatch precision for constructs like lambdas, `Object.toString()` calls, and the visitor pattern. For now this is only enabled for Java and C#. + +### Minor Analysis Improvements + +* The `isBarrierIn` and `isBarrierOut` predicates in `DataFlow::StateConfigSig` now have overloaded variants that block a specific `FlowState`. diff --git a/shared/dataflow/codeql-pack.release.yml b/shared/dataflow/codeql-pack.release.yml index ec411a674bcd..2e08f40f6aa3 100644 --- a/shared/dataflow/codeql-pack.release.yml +++ b/shared/dataflow/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.4 +lastReleaseVersion: 0.1.0 diff --git a/shared/dataflow/qlpack.yml b/shared/dataflow/qlpack.yml index 3ed09bbbbd91..ec5545512d3d 100644 --- a/shared/dataflow/qlpack.yml +++ b/shared/dataflow/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/dataflow -version: 0.1.0-dev +version: 0.1.1-dev groups: shared library: true dependencies: diff --git a/shared/mad/CHANGELOG.md b/shared/mad/CHANGELOG.md index 85c1fc61056f..0df0d4f14e38 100644 --- a/shared/mad/CHANGELOG.md +++ b/shared/mad/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/mad/change-notes/released/0.2.0.md b/shared/mad/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/mad/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/mad/codeql-pack.release.yml b/shared/mad/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/mad/codeql-pack.release.yml +++ b/shared/mad/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/mad/qlpack.yml b/shared/mad/qlpack.yml index df8815691e0a..65c2427b51fd 100644 --- a/shared/mad/qlpack.yml +++ b/shared/mad/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/mad -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true dependencies: null diff --git a/shared/regex/CHANGELOG.md b/shared/regex/CHANGELOG.md index 52d8a94f585f..9dc3e22056f6 100644 --- a/shared/regex/CHANGELOG.md +++ b/shared/regex/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/regex/change-notes/released/0.2.0.md b/shared/regex/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/regex/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/regex/codeql-pack.release.yml b/shared/regex/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/regex/codeql-pack.release.yml +++ b/shared/regex/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/regex/qlpack.yml b/shared/regex/qlpack.yml index a844c6216f0d..dff299a45fe7 100644 --- a/shared/regex/qlpack.yml +++ b/shared/regex/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/regex -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true dependencies: diff --git a/shared/ssa/CHANGELOG.md b/shared/ssa/CHANGELOG.md index c9857f9ad971..193121409899 100644 --- a/shared/ssa/CHANGELOG.md +++ b/shared/ssa/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/ssa/change-notes/released/0.2.0.md b/shared/ssa/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/ssa/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/ssa/codeql-pack.release.yml b/shared/ssa/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/ssa/codeql-pack.release.yml +++ b/shared/ssa/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/ssa/qlpack.yml b/shared/ssa/qlpack.yml index 767b14897070..adc544b49032 100644 --- a/shared/ssa/qlpack.yml +++ b/shared/ssa/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ssa -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/tutorial/CHANGELOG.md b/shared/tutorial/CHANGELOG.md index 9466e4c6a087..e1eddb1ead08 100644 --- a/shared/tutorial/CHANGELOG.md +++ b/shared/tutorial/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/tutorial/change-notes/released/0.2.0.md b/shared/tutorial/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/tutorial/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/tutorial/codeql-pack.release.yml b/shared/tutorial/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/tutorial/codeql-pack.release.yml +++ b/shared/tutorial/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/tutorial/qlpack.yml b/shared/tutorial/qlpack.yml index 7e247846603f..8077e73830ec 100644 --- a/shared/tutorial/qlpack.yml +++ b/shared/tutorial/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/tutorial description: Library for the CodeQL detective tutorials, helping new users learn to write CodeQL queries. -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/typetracking/CHANGELOG.md b/shared/typetracking/CHANGELOG.md index 30f8294e16af..37615bfd8d47 100644 --- a/shared/typetracking/CHANGELOG.md +++ b/shared/typetracking/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/typetracking/change-notes/released/0.2.0.md b/shared/typetracking/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/typetracking/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/typetracking/codeql-pack.release.yml b/shared/typetracking/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/typetracking/codeql-pack.release.yml +++ b/shared/typetracking/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/typetracking/qlpack.yml b/shared/typetracking/qlpack.yml index ab4805633996..f320129ff12e 100644 --- a/shared/typetracking/qlpack.yml +++ b/shared/typetracking/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typetracking -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true dependencies: diff --git a/shared/typos/CHANGELOG.md b/shared/typos/CHANGELOG.md index 73d10ecca5bb..d77fa94eb253 100644 --- a/shared/typos/CHANGELOG.md +++ b/shared/typos/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/typos/change-notes/released/0.2.0.md b/shared/typos/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/typos/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/typos/codeql-pack.release.yml b/shared/typos/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/typos/codeql-pack.release.yml +++ b/shared/typos/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/typos/qlpack.yml b/shared/typos/qlpack.yml index 1d226cca2df4..a200e7d01b26 100644 --- a/shared/typos/qlpack.yml +++ b/shared/typos/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/typos -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true warnOnImplicitThis: true diff --git a/shared/util/CHANGELOG.md b/shared/util/CHANGELOG.md index 5d4ee4dd27f4..02134dcfd4f8 100644 --- a/shared/util/CHANGELOG.md +++ b/shared/util/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/util/change-notes/released/0.2.0.md b/shared/util/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/util/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/util/codeql-pack.release.yml b/shared/util/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/util/codeql-pack.release.yml +++ b/shared/util/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/util/qlpack.yml b/shared/util/qlpack.yml index 56e7751a8daa..fd764901fb41 100644 --- a/shared/util/qlpack.yml +++ b/shared/util/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/util -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true dependencies: null diff --git a/shared/yaml/CHANGELOG.md b/shared/yaml/CHANGELOG.md index b6247037fd48..4e844168d15c 100644 --- a/shared/yaml/CHANGELOG.md +++ b/shared/yaml/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.2.0 + +No user-facing changes. + ## 0.1.5 No user-facing changes. diff --git a/shared/yaml/change-notes/released/0.2.0.md b/shared/yaml/change-notes/released/0.2.0.md new file mode 100644 index 000000000000..eb192b7a61b1 --- /dev/null +++ b/shared/yaml/change-notes/released/0.2.0.md @@ -0,0 +1,3 @@ +## 0.2.0 + +No user-facing changes. diff --git a/shared/yaml/codeql-pack.release.yml b/shared/yaml/codeql-pack.release.yml index 157cff8108d3..5274e27ed522 100644 --- a/shared/yaml/codeql-pack.release.yml +++ b/shared/yaml/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.1.5 +lastReleaseVersion: 0.2.0 diff --git a/shared/yaml/qlpack.yml b/shared/yaml/qlpack.yml index efef7197a428..88f0cb289248 100644 --- a/shared/yaml/qlpack.yml +++ b/shared/yaml/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/yaml -version: 0.2.0-dev +version: 0.2.1-dev groups: shared library: true warnOnImplicitThis: true diff --git a/swift/ql/lib/CHANGELOG.md b/swift/ql/lib/CHANGELOG.md index e159bf2fbfc2..6011d2aa60d1 100644 --- a/swift/ql/lib/CHANGELOG.md +++ b/swift/ql/lib/CHANGELOG.md @@ -1,3 +1,32 @@ +## 0.3.0 + +### Deprecated APIs + +* The `ArrayContent` type in the data flow library has been deprecated and made an alias for the `CollectionContent` type, to better reflect the hierarchy of the Swift standard library. Uses of `ArrayElement` in model files will be interpreted as referring to `CollectionContent`. + +### Major Analysis Improvements + +* The predicates `getABaseType`, `getABaseTypeDecl`, `getADerivedType` and `getADerivedTypeDecl` on `Type` and `TypeDecl` now behave more usefully and consistently. They now explore through type aliases used in base class declarations, and include protocols added in extensions. + +To examine base class declarations at a low level without these enhancements, use `TypeDecl.getInheritedType`. + +`Type.getABaseType` (only) previously resolved a type alias it was called directly on. This behaviour no longer exists. To find any base type of a type that could be an alias, the construct `Type.getUnderlyingType().getABaseType*()` is recommended. + +### Minor Analysis Improvements + +* Modelled varargs function in `NSString` more accurately. +* Modelled `CustomStringConvertible.description` and `CustomDebugStringConvertible.debugDescription`, replacing ad-hoc models of these properties on derived classes. +* The regular expressions library now accepts a wider range of mode flags in a regular expression mode flag group (such as `(?u)`). The `(?w`) flag has been renamed from "UNICODE" to "UNICODEBOUNDARY", and the `(?u)` flag is called "UNICODE" in the libraries. +* Renamed `TypeDecl.getBaseType/1` to `getInheritedType`. +* Flow through writes via keypaths is now supported by the data flow library. +* Added flow through variadic arguments, and the `getVaList` function. +* Added flow steps through `Dictionary` keys and values. +* Added taint models for `Numeric` conversions. + +### Bug Fixes + +* The regular expressions library no longer incorrectly matches mode flag characters against the input. + ## 0.2.5 No user-facing changes. diff --git a/swift/ql/lib/change-notes/2023-08-10-numeric-models.md b/swift/ql/lib/change-notes/2023-08-10-numeric-models.md deleted file mode 100644 index 85812d99c103..000000000000 --- a/swift/ql/lib/change-notes/2023-08-10-numeric-models.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Added taint models for `Numeric` conversions. diff --git a/swift/ql/lib/change-notes/2023-08-11-dictionary-flow.md b/swift/ql/lib/change-notes/2023-08-11-dictionary-flow.md deleted file mode 100644 index 6496777f9e5e..000000000000 --- a/swift/ql/lib/change-notes/2023-08-11-dictionary-flow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added flow steps through `Dictionary` keys and values. diff --git a/swift/ql/lib/change-notes/2023-08-16-varargs.md b/swift/ql/lib/change-notes/2023-08-16-varargs.md deleted file mode 100644 index 324c43f3e217..000000000000 --- a/swift/ql/lib/change-notes/2023-08-16-varargs.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Added flow through variadic arguments, and the `getVaList` function. diff --git a/swift/ql/lib/change-notes/2023-09-12-keypath-writes.md b/swift/ql/lib/change-notes/2023-09-12-keypath-writes.md deleted file mode 100644 index 5d0c97e47e3b..000000000000 --- a/swift/ql/lib/change-notes/2023-09-12-keypath-writes.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Flow through writes via keypaths is now supported by the data flow library. diff --git a/swift/ql/lib/change-notes/2023-09-12-regex-mode-flag-groups.md b/swift/ql/lib/change-notes/2023-09-12-regex-mode-flag-groups.md deleted file mode 100644 index d13350726a82..000000000000 --- a/swift/ql/lib/change-notes/2023-09-12-regex-mode-flag-groups.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: fix ---- -* The regular expressions library no longer incorrectly matches mode flag characters against the input. diff --git a/swift/ql/lib/change-notes/2023-09-13-array-content-unification.md b/swift/ql/lib/change-notes/2023-09-13-array-content-unification.md deleted file mode 100644 index 4185581839dc..000000000000 --- a/swift/ql/lib/change-notes/2023-09-13-array-content-unification.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- - -* The `ArrayContent` type in the data flow library has been deprecated and made an alias for the `CollectionContent` type, to better reflect the hierarchy of the Swift standard library. Uses of `ArrayElement` in model files will be interpreted as referring to `CollectionContent`. diff --git a/swift/ql/lib/change-notes/2023-09-14-rename-base-types.md b/swift/ql/lib/change-notes/2023-09-14-rename-base-types.md deleted file mode 100644 index c0f7d24f8e51..000000000000 --- a/swift/ql/lib/change-notes/2023-09-14-rename-base-types.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Renamed `TypeDecl.getBaseType/1` to `getInheritedType`. diff --git a/swift/ql/lib/change-notes/2023-09-18-get-a-base-type.md b/swift/ql/lib/change-notes/2023-09-18-get-a-base-type.md deleted file mode 100644 index 482b8346b64d..000000000000 --- a/swift/ql/lib/change-notes/2023-09-18-get-a-base-type.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -category: majorAnalysis ---- - -* The predicates `getABaseType`, `getABaseTypeDecl`, `getADerivedType` and `getADerivedTypeDecl` on `Type` and `TypeDecl` now behave more usefully and consistently. They now explore through type aliases used in base class declarations, and include protocols added in extensions. - -To examine base class declarations at a low level without these enhancements, use `TypeDecl.getInheritedType`. - -`Type.getABaseType` (only) previously resolved a type alias it was called directly on. This behaviour no longer exists. To find any base type of a type that could be an alias, the construct `Type.getUnderlyingType().getABaseType*()` is recommended. diff --git a/swift/ql/lib/change-notes/2023-09-26-regex-mode-flags.md b/swift/ql/lib/change-notes/2023-09-26-regex-mode-flags.md deleted file mode 100644 index f55bfe567a6f..000000000000 --- a/swift/ql/lib/change-notes/2023-09-26-regex-mode-flags.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The regular expressions library now accepts a wider range of mode flags in a regular expression mode flag group (such as `(?u)`). The `(?w`) flag has been renamed from "UNICODE" to "UNICODEBOUNDARY", and the `(?u)` flag is called "UNICODE" in the libraries. diff --git a/swift/ql/lib/change-notes/2023-09-27-debugdesc.md b/swift/ql/lib/change-notes/2023-09-27-debugdesc.md deleted file mode 100644 index 41416a921248..000000000000 --- a/swift/ql/lib/change-notes/2023-09-27-debugdesc.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Modelled `CustomStringConvertible.description` and `CustomDebugStringConvertible.debugDescription`, replacing ad-hoc models of these properties on derived classes. diff --git a/swift/ql/lib/change-notes/2023-09-29-nsstring.md b/swift/ql/lib/change-notes/2023-09-29-nsstring.md deleted file mode 100644 index b1c806532268..000000000000 --- a/swift/ql/lib/change-notes/2023-09-29-nsstring.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Modelled varargs function in `NSString` more accurately. diff --git a/swift/ql/lib/change-notes/released/0.3.0.md b/swift/ql/lib/change-notes/released/0.3.0.md new file mode 100644 index 000000000000..606afb574dca --- /dev/null +++ b/swift/ql/lib/change-notes/released/0.3.0.md @@ -0,0 +1,28 @@ +## 0.3.0 + +### Deprecated APIs + +* The `ArrayContent` type in the data flow library has been deprecated and made an alias for the `CollectionContent` type, to better reflect the hierarchy of the Swift standard library. Uses of `ArrayElement` in model files will be interpreted as referring to `CollectionContent`. + +### Major Analysis Improvements + +* The predicates `getABaseType`, `getABaseTypeDecl`, `getADerivedType` and `getADerivedTypeDecl` on `Type` and `TypeDecl` now behave more usefully and consistently. They now explore through type aliases used in base class declarations, and include protocols added in extensions. + +To examine base class declarations at a low level without these enhancements, use `TypeDecl.getInheritedType`. + +`Type.getABaseType` (only) previously resolved a type alias it was called directly on. This behaviour no longer exists. To find any base type of a type that could be an alias, the construct `Type.getUnderlyingType().getABaseType*()` is recommended. + +### Minor Analysis Improvements + +* Modelled varargs function in `NSString` more accurately. +* Modelled `CustomStringConvertible.description` and `CustomDebugStringConvertible.debugDescription`, replacing ad-hoc models of these properties on derived classes. +* The regular expressions library now accepts a wider range of mode flags in a regular expression mode flag group (such as `(?u)`). The `(?w`) flag has been renamed from "UNICODE" to "UNICODEBOUNDARY", and the `(?u)` flag is called "UNICODE" in the libraries. +* Renamed `TypeDecl.getBaseType/1` to `getInheritedType`. +* Flow through writes via keypaths is now supported by the data flow library. +* Added flow through variadic arguments, and the `getVaList` function. +* Added flow steps through `Dictionary` keys and values. +* Added taint models for `Numeric` conversions. + +### Bug Fixes + +* The regular expressions library no longer incorrectly matches mode flag characters against the input. diff --git a/swift/ql/lib/codeql-pack.release.yml b/swift/ql/lib/codeql-pack.release.yml index 211454ed3064..95f6e3a0ba6d 100644 --- a/swift/ql/lib/codeql-pack.release.yml +++ b/swift/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.3.0 diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml index 22634a946371..fbe598dbda08 100644 --- a/swift/ql/lib/qlpack.yml +++ b/swift/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-all -version: 0.3.0-dev +version: 0.3.1-dev groups: swift extractor: swift dbscheme: swift.dbscheme diff --git a/swift/ql/src/CHANGELOG.md b/swift/ql/src/CHANGELOG.md index 18a68d6c8757..492dfbf8bb9b 100644 --- a/swift/ql/src/CHANGELOG.md +++ b/swift/ql/src/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.3.0 + +### Minor Analysis Improvements + +* Adder barriers for numeric type values to the injection-like queries, to reduce false positive results where the user input that can be injected is constrainted to a numerical value. The queries updated by this change are: "Predicate built from user-controlled sources" (`swift/predicate-injection`), "Database query built from user-controlled sources" (`swift/sql-injection`), "Uncontrolled format string" (`swift/uncontrolled-format-string`), "JavaScript Injection" (`swift/unsafe-js-eval`) and "Regular expression injection" (`swift/regex-injection`). +* Added additional taint steps to the `swift/cleartext-transmission`, `swift/cleartext-logging` and `swift/cleartext-storage-preferences` queries to identify data within sensitive containers. This is similar to an existing additional taint step in the `swift/cleartext-storage-database` query. +* Added new logging sinks to the `swift/cleartext-logging` query. +* Added sqlite3 and SQLite.swift path injection sinks for the `swift/path-injection` query. + ## 0.2.5 No user-facing changes. diff --git a/swift/ql/src/change-notes/2023-05-23-path-injection-sinks.md b/swift/ql/src/change-notes/2023-05-23-path-injection-sinks.md deleted file mode 100644 index 609041d2e757..000000000000 --- a/swift/ql/src/change-notes/2023-05-23-path-injection-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added sqlite3 and SQLite.swift path injection sinks for the `swift/path-injection` query. \ No newline at end of file diff --git a/swift/ql/src/change-notes/2023-08-16-cleartext-logging.md b/swift/ql/src/change-notes/2023-08-16-cleartext-logging.md deleted file mode 100644 index 4462b378dd4b..000000000000 --- a/swift/ql/src/change-notes/2023-08-16-cleartext-logging.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Added new logging sinks to the `swift/cleartext-logging` query. diff --git a/swift/ql/src/change-notes/2023-09-12-cleartext.md b/swift/ql/src/change-notes/2023-09-12-cleartext.md deleted file mode 100644 index 312ab00ca0b8..000000000000 --- a/swift/ql/src/change-notes/2023-09-12-cleartext.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- - -* Added additional taint steps to the `swift/cleartext-transmission`, `swift/cleartext-logging` and `swift/cleartext-storage-preferences` queries to identify data within sensitive containers. This is similar to an existing additional taint step in the `swift/cleartext-storage-database` query. diff --git a/swift/ql/src/change-notes/2023-09-19-numeric-barriers.md b/swift/ql/src/change-notes/released/0.3.0.md similarity index 52% rename from swift/ql/src/change-notes/2023-09-19-numeric-barriers.md rename to swift/ql/src/change-notes/released/0.3.0.md index 0fd9989afe13..cf67625e164a 100644 --- a/swift/ql/src/change-notes/2023-09-19-numeric-barriers.md +++ b/swift/ql/src/change-notes/released/0.3.0.md @@ -1,4 +1,8 @@ ---- -category: minorAnalysis ---- +## 0.3.0 + +### Minor Analysis Improvements + * Adder barriers for numeric type values to the injection-like queries, to reduce false positive results where the user input that can be injected is constrainted to a numerical value. The queries updated by this change are: "Predicate built from user-controlled sources" (`swift/predicate-injection`), "Database query built from user-controlled sources" (`swift/sql-injection`), "Uncontrolled format string" (`swift/uncontrolled-format-string`), "JavaScript Injection" (`swift/unsafe-js-eval`) and "Regular expression injection" (`swift/regex-injection`). +* Added additional taint steps to the `swift/cleartext-transmission`, `swift/cleartext-logging` and `swift/cleartext-storage-preferences` queries to identify data within sensitive containers. This is similar to an existing additional taint step in the `swift/cleartext-storage-database` query. +* Added new logging sinks to the `swift/cleartext-logging` query. +* Added sqlite3 and SQLite.swift path injection sinks for the `swift/path-injection` query. diff --git a/swift/ql/src/codeql-pack.release.yml b/swift/ql/src/codeql-pack.release.yml index 211454ed3064..95f6e3a0ba6d 100644 --- a/swift/ql/src/codeql-pack.release.yml +++ b/swift/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.2.5 +lastReleaseVersion: 0.3.0 diff --git a/swift/ql/src/qlpack.yml b/swift/ql/src/qlpack.yml index 6649542b2c59..b691018ae75f 100644 --- a/swift/ql/src/qlpack.yml +++ b/swift/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/swift-queries -version: 0.3.0-dev +version: 0.3.1-dev groups: - swift - queries