Release preparation for version 2.24.1 #21245
Merged
+477
−187
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
C#
JS
C++
documentation
Java
Python
Go
Ruby
Rust
henrymercer
approved these changes
Feb 2, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Prepares multiple CodeQL packs for a release by finalizing version numbers, updating release metadata, and promoting accumulated change notes into released notes/CHANGELOGs.
Changes:
- Remove
-devsuffixes and set releasedversion:values across packs. - Update
codeql-pack.release.ymllastReleaseVersionvalues. - Add new
change-notes/released/*.mdfiles and prepend corresponding entries toCHANGELOG.md, removing now-redundant dated change-note drafts.
Reviewed changes
Copilot reviewed 186 out of 186 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| swift/ql/src/qlpack.yml | Finalize Swift queries pack version for release. |
| swift/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for Swift queries pack. |
| swift/ql/src/change-notes/released/1.2.15.md | Add released notes for Swift queries 1.2.15. |
| swift/ql/src/CHANGELOG.md | Add Swift queries 1.2.15 changelog entry. |
| swift/ql/lib/qlpack.yml | Finalize Swift library pack version for release. |
| swift/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Swift library pack. |
| swift/ql/lib/change-notes/released/6.2.1.md | Update released notes for Swift library 6.2.1. |
| swift/ql/lib/change-notes/2026-01-16-summarized-callable.md | Remove superseded draft change note (promoted to release notes). |
| swift/ql/lib/CHANGELOG.md | Add Swift library 6.2.1 changelog entry. |
| shared/yaml/qlpack.yml | Finalize YAML pack version for release. |
| shared/yaml/codeql-pack.release.yml | Bump lastReleaseVersion for YAML pack. |
| shared/yaml/change-notes/released/1.0.41.md | Add released notes for YAML 1.0.41. |
| shared/yaml/CHANGELOG.md | Add YAML 1.0.41 changelog entry. |
| shared/xml/qlpack.yml | Finalize XML pack version for release. |
| shared/xml/codeql-pack.release.yml | Bump lastReleaseVersion for XML pack. |
| shared/xml/change-notes/released/1.0.41.md | Add released notes for XML 1.0.41. |
| shared/xml/CHANGELOG.md | Add XML 1.0.41 changelog entry. |
| shared/util/qlpack.yml | Finalize util pack version for release. |
| shared/util/codeql-pack.release.yml | Bump lastReleaseVersion for util pack. |
| shared/util/change-notes/released/2.0.28.md | Add released notes for util 2.0.28. |
| shared/util/CHANGELOG.md | Add util 2.0.28 changelog entry. |
| shared/typos/qlpack.yml | Finalize typos pack version for release. |
| shared/typos/codeql-pack.release.yml | Bump lastReleaseVersion for typos pack. |
| shared/typos/change-notes/released/1.0.41.md | Add released notes for typos 1.0.41. |
| shared/typos/CHANGELOG.md | Add typos 1.0.41 changelog entry. |
| shared/typetracking/qlpack.yml | Finalize typetracking pack version for release. |
| shared/typetracking/codeql-pack.release.yml | Bump lastReleaseVersion for typetracking pack. |
| shared/typetracking/change-notes/released/2.0.25.md | Add released notes for typetracking 2.0.25. |
| shared/typetracking/CHANGELOG.md | Add typetracking 2.0.25 changelog entry. |
| shared/typeinference/qlpack.yml | Finalize typeinference pack version for release. |
| shared/typeinference/codeql-pack.release.yml | Bump lastReleaseVersion for typeinference pack. |
| shared/typeinference/change-notes/released/0.0.22.md | Add released notes for typeinference 0.0.22. |
| shared/typeinference/CHANGELOG.md | Add typeinference 0.0.22 changelog entry. |
| shared/typeflow/qlpack.yml | Finalize typeflow pack version for release. |
| shared/typeflow/codeql-pack.release.yml | Bump lastReleaseVersion for typeflow pack. |
| shared/typeflow/change-notes/released/1.0.41.md | Add released notes for typeflow 1.0.41. |
| shared/typeflow/CHANGELOG.md | Add typeflow 1.0.41 changelog entry. |
| shared/tutorial/qlpack.yml | Finalize tutorial pack version for release. |
| shared/tutorial/codeql-pack.release.yml | Bump lastReleaseVersion for tutorial pack. |
| shared/tutorial/change-notes/released/1.0.41.md | Add released notes for tutorial 1.0.41. |
| shared/tutorial/CHANGELOG.md | Add tutorial 1.0.41 changelog entry. |
| shared/threat-models/qlpack.yml | Finalize threat-models pack version for release. |
| shared/threat-models/codeql-pack.release.yml | Bump lastReleaseVersion for threat-models pack. |
| shared/threat-models/change-notes/released/1.0.41.md | Add released notes for threat-models 1.0.41. |
| shared/threat-models/CHANGELOG.md | Add threat-models 1.0.41 changelog entry. |
| shared/ssa/qlpack.yml | Finalize SSA pack version for release. |
| shared/ssa/codeql-pack.release.yml | Bump lastReleaseVersion for SSA pack. |
| shared/ssa/change-notes/released/2.0.17.md | Add released notes for SSA 2.0.17. |
| shared/ssa/CHANGELOG.md | Add SSA 2.0.17 changelog entry. |
| shared/regex/qlpack.yml | Finalize regex pack version for release. |
| shared/regex/codeql-pack.release.yml | Bump lastReleaseVersion for regex pack. |
| shared/regex/change-notes/released/1.0.41.md | Add released notes for regex 1.0.41. |
| shared/regex/CHANGELOG.md | Add regex 1.0.41 changelog entry. |
| shared/rangeanalysis/qlpack.yml | Finalize rangeanalysis pack version for release. |
| shared/rangeanalysis/codeql-pack.release.yml | Bump lastReleaseVersion for rangeanalysis pack. |
| shared/rangeanalysis/change-notes/released/1.0.41.md | Add released notes for rangeanalysis 1.0.41. |
| shared/rangeanalysis/CHANGELOG.md | Add rangeanalysis 1.0.41 changelog entry. |
| shared/quantum/qlpack.yml | Finalize quantum pack version for release. |
| shared/quantum/codeql-pack.release.yml | Bump lastReleaseVersion for quantum pack. |
| shared/quantum/change-notes/released/0.0.19.md | Add released notes for quantum 0.0.19. |
| shared/quantum/CHANGELOG.md | Add quantum 0.0.19 changelog entry. |
| shared/mad/qlpack.yml | Finalize MAD pack version for release. |
| shared/mad/codeql-pack.release.yml | Bump lastReleaseVersion for MAD pack. |
| shared/mad/change-notes/released/1.0.41.md | Add released notes for MAD 1.0.41. |
| shared/mad/CHANGELOG.md | Add MAD 1.0.41 changelog entry. |
| shared/dataflow/qlpack.yml | Finalize dataflow pack version for release. |
| shared/dataflow/codeql-pack.release.yml | Bump lastReleaseVersion for dataflow pack. |
| shared/dataflow/change-notes/released/2.0.25.md | Add released notes for dataflow 2.0.25. |
| shared/dataflow/CHANGELOG.md | Add dataflow 2.0.25 changelog entry. |
| shared/controlflow/qlpack.yml | Finalize controlflow pack version for release. |
| shared/controlflow/codeql-pack.release.yml | Bump lastReleaseVersion for controlflow pack. |
| shared/controlflow/change-notes/released/2.0.25.md | Add released notes for controlflow 2.0.25. |
| shared/controlflow/CHANGELOG.md | Add controlflow 2.0.25 changelog entry. |
| shared/concepts/qlpack.yml | Finalize concepts pack version for release. |
| shared/concepts/codeql-pack.release.yml | Bump lastReleaseVersion for concepts pack. |
| shared/concepts/change-notes/released/0.0.15.md | Add released notes for concepts 0.0.15. |
| shared/concepts/CHANGELOG.md | Add concepts 0.0.15 changelog entry. |
| rust/ql/src/qlpack.yml | Finalize Rust queries pack version for release. |
| rust/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for Rust queries pack. |
| rust/ql/src/change-notes/released/0.1.26.md | Add released notes for Rust queries 0.1.26. |
| rust/ql/src/CHANGELOG.md | Add Rust queries 0.1.26 changelog entry. |
| rust/ql/lib/qlpack.yml | Finalize Rust library pack version for release. |
| rust/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Rust library pack. |
| rust/ql/lib/change-notes/released/0.2.5.md | Add released notes for Rust library 0.2.5. |
| rust/ql/lib/change-notes/2026-01-16-type-inference-closures.md | Remove superseded draft change note (promoted to release notes). |
| rust/ql/lib/change-notes/2026-01-16-summarized-callable.md | Remove superseded draft change note (promoted to release notes). |
| rust/ql/lib/CHANGELOG.md | Add Rust library 0.2.5 entry and fix typo in prior entry. |
| ruby/ql/src/qlpack.yml | Finalize Ruby queries pack version for release. |
| ruby/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for Ruby queries pack. |
| ruby/ql/src/change-notes/released/1.5.6.md | Add released notes for Ruby queries 1.5.6. |
| ruby/ql/src/CHANGELOG.md | Add Ruby queries 1.5.6 changelog entry. |
| ruby/ql/lib/qlpack.yml | Finalize Ruby library pack version for release. |
| ruby/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Ruby library pack. |
| ruby/ql/lib/change-notes/released/5.1.9.md | Update released notes for Ruby library 5.1.9. |
| ruby/ql/lib/change-notes/2026-01-16-summarized-callable.md | Remove superseded draft change note (promoted to release notes). |
| ruby/ql/lib/CHANGELOG.md | Add Ruby library 5.1.9 changelog entry. |
| python/ql/src/qlpack.yml | Finalize Python queries pack version for release. |
| python/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for Python queries pack. |
| python/ql/src/change-notes/released/1.7.6.md | Add released notes for Python queries 1.7.6. |
| python/ql/src/CHANGELOG.md | Add Python queries 1.7.6 changelog entry. |
| python/ql/lib/qlpack.yml | Finalize Python library pack version for release. |
| python/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Python library pack. |
| python/ql/lib/change-notes/released/6.1.0.md | Add released notes for Python library 6.1.0. |
| python/ql/lib/change-notes/2026-01-20-support-ListElement-in-python-MaD.md | Remove superseded draft change note (promoted to release notes). |
| python/ql/lib/change-notes/2026-01-16-summarized-callable.md | Remove superseded draft change note (promoted to release notes). |
| python/ql/lib/change-notes/2026-01-02-prompt-injection.md | Remove superseded draft change note (promoted to release notes). |
| python/ql/lib/change-notes/2025-12-01-websockets.md | Remove superseded draft change note (promoted to release notes). |
| python/ql/lib/CHANGELOG.md | Add Python library 6.1.0 changelog entry. |
| misc/suite-helpers/qlpack.yml | Finalize suite-helpers pack version for release. |
| misc/suite-helpers/codeql-pack.release.yml | Bump lastReleaseVersion for suite-helpers pack. |
| misc/suite-helpers/change-notes/released/1.0.41.md | Add released notes for suite-helpers 1.0.41. |
| misc/suite-helpers/CHANGELOG.md | Add suite-helpers 1.0.41 changelog entry. |
| javascript/ql/src/qlpack.yml | Finalize JavaScript queries pack version for release. |
| javascript/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for JavaScript queries pack. |
| javascript/ql/src/change-notes/released/2.3.1.md | Add released notes for JavaScript queries 2.3.1. |
| javascript/ql/src/CHANGELOG.md | Add JavaScript queries 2.3.1 changelog entry. |
| javascript/ql/lib/qlpack.yml | Finalize JavaScript library pack version for release. |
| javascript/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for JavaScript library pack. |
| javascript/ql/lib/change-notes/released/2.6.21.md | Update released notes for JavaScript library 2.6.21. |
| javascript/ql/lib/CHANGELOG.md | Add JavaScript library 2.6.21 changelog entry. |
| java/ql/src/qlpack.yml | Finalize Java queries pack version for release. |
| java/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for Java queries pack. |
| java/ql/src/change-notes/released/1.10.6.md | Add released notes for Java queries 1.10.6. |
| java/ql/src/CHANGELOG.md | Add Java queries 1.10.6 changelog entry. |
| java/ql/lib/qlpack.yml | Finalize Java library pack version for release. |
| java/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Java library pack. |
| java/ql/lib/change-notes/released/8.0.0.md | Add released notes for Java library 8.0.0. |
| java/ql/lib/change-notes/2026-01-27-unreleased-lock-pools.md | Remove superseded draft change note (promoted to release notes). |
| java/ql/lib/change-notes/2026-01-27-struts-7-support.md | Remove superseded draft change note (promoted to release notes). |
| java/ql/lib/change-notes/2026-01-26-kotlin-extractor-load-last.md | Remove superseded draft change note (promoted to release notes). |
| java/ql/lib/change-notes/2026-01-09-maven-plugin-registries.md | Remove superseded draft change note (promoted to release notes). |
| java/ql/lib/change-notes/2026-01-07-kotlin-mimimum_suppoted_version.md | Remove superseded draft change note (promoted to release notes). |
| java/ql/lib/change-notes/2026-01-07-kotlin-2_3.md | Remove superseded draft change note (promoted to release notes). |
| java/ql/lib/CHANGELOG.md | Add Java library 8.0.0 changelog entry. |
| go/ql/src/qlpack.yml | Finalize Go queries pack version for release. |
| go/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for Go queries pack. |
| go/ql/src/change-notes/released/1.5.5.md | Add released notes for Go queries 1.5.5. |
| go/ql/src/CHANGELOG.md | Add Go queries 1.5.5 changelog entry. |
| go/ql/lib/qlpack.yml | Finalize Go library pack version for release. |
| go/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Go library pack. |
| go/ql/lib/change-notes/released/6.0.1.md | Update released notes for Go library 6.0.1. |
| go/ql/lib/CHANGELOG.md | Add Go library 6.0.1 changelog entry. |
| go/ql/consistency-queries/qlpack.yml | Finalize Go consistency queries pack version for release. |
| go/ql/consistency-queries/codeql-pack.release.yml | Bump lastReleaseVersion for Go consistency pack. |
| go/ql/consistency-queries/change-notes/released/1.0.41.md | Add released notes for Go consistency pack 1.0.41. |
| go/ql/consistency-queries/CHANGELOG.md | Add Go consistency pack 1.0.41 changelog entry. |
| csharp/ql/src/qlpack.yml | Finalize C# queries pack version for release. |
| csharp/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for C# queries pack. |
| csharp/ql/src/change-notes/released/1.6.1.md | Add released notes for C# queries 1.6.1. |
| csharp/ql/src/CHANGELOG.md | Add C# queries 1.6.1 changelog entry. |
| csharp/ql/lib/qlpack.yml | Finalize C# library pack version for release. |
| csharp/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for C# library pack. |
| csharp/ql/lib/change-notes/released/5.4.6.md | Add released notes for C# library 5.4.6. |
| csharp/ql/lib/change-notes/2026-01-16-summarized-callable.md | Remove superseded draft change note (promoted to release notes). |
| csharp/ql/lib/change-notes/2026-01-14-null-conditional-assignments.md | Remove superseded draft change note (promoted to release notes). |
| csharp/ql/lib/CHANGELOG.md | Add C# library 5.4.6 changelog entry. |
| csharp/ql/campaigns/Solorigate/src/qlpack.yml | Finalize Solorigate queries pack version for release. |
| csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml | Bump lastReleaseVersion for Solorigate queries pack. |
| csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.58.md | Add released notes for Solorigate queries 1.7.58. |
| csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | Add Solorigate queries 1.7.58 changelog entry. |
| csharp/ql/campaigns/Solorigate/lib/qlpack.yml | Finalize Solorigate library pack version for release. |
| csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Solorigate library pack. |
| csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.58.md | Add released notes for Solorigate library 1.7.58. |
| csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | Add Solorigate library 1.7.58 changelog entry. |
| cpp/ql/src/qlpack.yml | Finalize C/C++ queries pack version for release. |
| cpp/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for C/C++ queries pack. |
| cpp/ql/src/change-notes/released/1.5.10.md | Add released notes for C/C++ queries 1.5.10. |
| cpp/ql/src/CHANGELOG.md | Add C/C++ queries 1.5.10 changelog entry. |
| cpp/ql/lib/qlpack.yml | Finalize C/C++ library pack version for release. |
| cpp/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for C/C++ library pack. |
| cpp/ql/lib/change-notes/released/7.1.0.md | Add released notes for C/C++ library 7.1.0. |
| cpp/ql/lib/change-notes/2026-01-30-guard-condition-logical-operators.md | Remove superseded draft change note (promoted to release notes). |
| cpp/ql/lib/change-notes/2026-01-26-buffer-overflow-fps.md | Remove superseded draft change note (promoted to release notes). |
| cpp/ql/lib/change-notes/2026-01-23-mysql.md | Remove superseded draft change note (promoted to release notes). |
| cpp/ql/lib/change-notes/2026-01-23-as-definition.md | Remove superseded draft change note (promoted to release notes). |
| cpp/ql/lib/change-notes/2026-01-19-parameterized-barrier-guard.md | Remove superseded draft change note (promoted to release notes). |
| cpp/ql/lib/change-notes/2026-01-19-embed.md | Remove superseded draft change note (promoted to release notes). |
| cpp/ql/lib/CHANGELOG.md | Add C/C++ library 7.1.0 changelog entry. |
| actions/ql/src/qlpack.yml | Finalize Actions queries pack version for release. |
| actions/ql/src/codeql-pack.release.yml | Bump lastReleaseVersion for Actions queries pack. |
| actions/ql/src/change-notes/released/0.6.19.md | Add released notes for Actions queries 0.6.19. |
| actions/ql/src/CHANGELOG.md | Add Actions queries 0.6.19 changelog entry. |
| actions/ql/lib/qlpack.yml | Finalize Actions library pack version for release. |
| actions/ql/lib/codeql-pack.release.yml | Bump lastReleaseVersion for Actions library pack. |
| actions/ql/lib/change-notes/released/0.4.27.md | Update released notes for Actions library 0.4.27. |
| actions/ql/lib/CHANGELOG.md | Add Actions library 0.4.27 changelog entry. |
| ### Minor Analysis Improvements | ||
|
|
||
| * The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases. | ||
| * Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions. |
There was a problem hiding this comment.
mySQL should be capitalized as MySQL (consistent with other MySQL references in the codebase, e.g. cpp/ql/lib/semmle/code/cpp/models/implementations/MySql.qll).
Suggested change
| * Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions. | |
| * Added `taint` summary models and `sql-injection` barrier models for the MySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions. |
| ### Minor Analysis Improvements | ||
|
|
||
| * The `Buffer.qll` library will no longer report incorrect buffer sizes on certain malformed databases. As a result, the queries `cpp/static-buffer-overflow`, `cpp/overflow-buffer`, `cpp/badly-bounded-write`, `cpp/overrunning-write`, `cpp/overrunning-write-with-float`, and `cpp/very-likely-overrunning-write` will report fewer false positives on such databases. | ||
| * Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions. |
There was a problem hiding this comment.
mySQL should be capitalized as MySQL (consistent with other MySQL references in the codebase, e.g. cpp/ql/lib/semmle/code/cpp/models/implementations/MySql.qll).
Suggested change
| * Added `taint` summary models and `sql-injection` barrier models for the mySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions. | |
| * Added `taint` summary models and `sql-injection` barrier models for the MySQL `mysql_real_escape_string` and `mysql_real_escape_string_quote` escaping functions. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.