github · smowton · Mar 20, 2025 · Mar 3, 2025 · Mar 3, 2025 · Mar 3, 2025
@@ -1,3 +1,11 @@
+## 0.4.5
+
+No user-facing changes.
+
+## 0.4.4
+
+No user-facing changes.
+
 ## 0.4.3
 
 ### New Features

@@ -0,0 +1,3 @@
+## 0.4.4
+
+No user-facing changes.
@@ -0,0 +1,3 @@
+## 0.4.5
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.3
+lastReleaseVersion: 0.4.5
@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.4-dev
+version: 0.4.6-dev
 library: true
 warnOnImplicitThis: true
 dependencies:

@@ -1,3 +1,16 @@
+## 0.5.2
+
+No user-facing changes.
+
+## 0.5.1
+
+### Bug Fixes
+
+* The `actions/unversioned-immutable-action` query will no longer report any alerts, since the
+  Immutable Actions feature is not yet available for customer use. The query remains in the
+  default Code Scanning suites for use internal to GitHub. Once the Immutable Actions feature is
+  available, the query will be updated to report alerts again.
+
 ## 0.5.0
 
 ### Breaking Changes

@@ -1,6 +1,7 @@
----
-category: fix
----
+## 0.5.1
+
+### Bug Fixes
+
 * The `actions/unversioned-immutable-action` query will no longer report any alerts, since the
   Immutable Actions feature is not yet available for customer use. The query has also been moved
   to the experimental folder and will not be used in code scanning unless it is explicitly added

@@ -0,0 +1,3 @@
+## 0.5.2
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.0
+lastReleaseVersion: 0.5.2
@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.5.1-dev
+version: 0.5.3-dev
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]

@@ -1,3 +1,14 @@
+## 4.0.3
+
+No user-facing changes.
+
+## 4.0.2
+
+### Minor Analysis Improvements
+
+* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class.
+* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer.
+
 ## 4.0.1
 
 No user-facing changes.

@@ -0,0 +1,6 @@
+## 4.0.2
+
+### Minor Analysis Improvements
+
+* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class.
+* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer.
@@ -0,0 +1,3 @@
+## 4.0.3
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 4.0.1
+lastReleaseVersion: 4.0.3
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 4.0.2-dev
+version: 4.0.4-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

@@ -1,3 +1,14 @@
+## 1.3.6
+
+No user-facing changes.
+
+## 1.3.5
+
+### Minor Analysis Improvements
+
+* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation.
+* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues.
+
 ## 1.3.4
 
 No user-facing changes.

@@ -0,0 +1,6 @@
+## 1.3.5
+
+### Minor Analysis Improvements
+
+* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation.
+* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues.
@@ -0,0 +1,3 @@
+## 1.3.6
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.3.4
+lastReleaseVersion: 1.3.6
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.3.5-dev
+version: 1.3.7-dev
 groups:
   - cpp
   - queries

@@ -1,3 +1,11 @@
+## 1.7.36
+
+No user-facing changes.
+
+## 1.7.35
+
+No user-facing changes.
+
 ## 1.7.34
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.7.35
+
+No user-facing changes.
@@ -0,0 +1,3 @@
+## 1.7.36
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.34
+lastReleaseVersion: 1.7.36
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.35-dev
+version: 1.7.37-dev
 groups:
   - csharp
   - solorigate

@@ -1,3 +1,11 @@
+## 1.7.36
+
+No user-facing changes.
+
+## 1.7.35
+
+No user-facing changes.
+
 ## 1.7.34
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.7.35
+
+No user-facing changes.
@@ -0,0 +1,3 @@
+## 1.7.36
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.34
+lastReleaseVersion: 1.7.36
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.35-dev
+version: 1.7.37-dev
 groups:
   - csharp
   - solorigate

@@ -1,3 +1,11 @@
+## 5.1.2
+
+No user-facing changes.
+
+## 5.1.1
+
+No user-facing changes.
+
 ## 5.1.0
 
 ### Deprecated APIs

@@ -0,0 +1,3 @@
+## 5.1.1
+
+No user-facing changes.
@@ -0,0 +1,3 @@
+## 5.1.2
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.1.0
+lastReleaseVersion: 5.1.2
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 5.1.1-dev
+version: 5.1.3-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

@@ -1,3 +1,13 @@
+## 1.0.19
+
+No user-facing changes.
+
+## 1.0.18
+
+### Minor Analysis Improvements
+
+* C#: Improve precision of the query `cs/call-to-object-tostring` for value tuples.
+
 ## 1.0.17
 
 No user-facing changes.

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 1.0.18
+
+### Minor Analysis Improvements
+
 * C#: Improve precision of the query `cs/call-to-object-tostring` for value tuples.
@@ -0,0 +1,3 @@
+## 1.0.19
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.17
+lastReleaseVersion: 1.0.19
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.0.18-dev
+version: 1.0.20-dev
 groups:
   - csharp
   - queries

@@ -109,6 +109,14 @@ Python
 *   Fixed a bug in the extractor where a comment inside a subscript could sometimes cause the AST to be missing nodes.
 *   Using the :code:`break` and :code:`continue` keywords outside of a loop, which is a syntax error but is accepted by our parser, would cause the control-flow construction to fail. This is now no longer the case.
 
+Major Analysis Improvements
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Golang
+""""""
+
+*   Go 1.24 is now supported. This includes the new language feature of generic type aliases.
+
 Minor Analysis Improvements
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~