github · codeql-ci · Apr 6, 2026 · Apr 6, 2026 · Apr 6, 2026
@@ -1,3 +1,7 @@
+## 0.4.33
+
+No user-facing changes.
+
 ## 0.4.32
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 0.4.33
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.32
+lastReleaseVersion: 0.4.33
@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.33-dev
+version: 0.4.34-dev
 library: true
 warnOnImplicitThis: true
 dependencies:

@@ -1,3 +1,7 @@
+## 0.6.25
+
+No user-facing changes.
+
 ## 0.6.24
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 0.6.25
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.24
+lastReleaseVersion: 0.6.25
@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.6.25-dev
+version: 0.6.26-dev
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]

@@ -1,3 +1,23 @@
+## 9.0.0
+
+### Breaking Changes
+
+* The `SourceModelCsv`, `SinkModelCsv`, and `SummaryModelCsv` classes and the associated CSV parsing infrastructure have been removed from `ExternalFlow.qll`. New models should be added as `.model.yml` files in the `ext/` directory.
+
+### New Features
+
+* Added a subclass `MesonPrivateTestFile` of `ConfigurationTestFile` that represents files created by Meson to test the build configuration.
+* Added a class `ConstructorDirectFieldInit` to represent field initializations that occur in member initializer lists.
+* Added a class `ConstructorDefaultFieldInit` to represent default field initializations.
+* Added a class `DataFlow::IndirectParameterNode` to represent the indirection of a parameter as a dataflow node.
+* Added a predicate `Node::asIndirectInstruction` which returns the `Instruction` that defines the indirect dataflow node, if any.
+* Added a class `IndirectUninitializedNode` to represent the indirection of an uninitialized local variable as a dataflow node.
+
+### Minor Analysis Improvements
+
+* Added `HttpReceiveHttpRequest`, `HttpReceiveRequestEntityBody`, and `HttpReceiveClientCertificate` from Win32's `http.h` as remote flow sources.
+* Added dataflow through members initialized via non-static data member initialization (NSDMI).
+
 ## 8.0.3
 
 No user-facing changes.

@@ -0,0 +1,19 @@
+## 9.0.0
+
+### Breaking Changes
+
+* The `SourceModelCsv`, `SinkModelCsv`, and `SummaryModelCsv` classes and the associated CSV parsing infrastructure have been removed from `ExternalFlow.qll`. New models should be added as `.model.yml` files in the `ext/` directory.
+
+### New Features
+
+* Added a subclass `MesonPrivateTestFile` of `ConfigurationTestFile` that represents files created by Meson to test the build configuration.
+* Added a class `ConstructorDirectFieldInit` to represent field initializations that occur in member initializer lists.
+* Added a class `ConstructorDefaultFieldInit` to represent default field initializations.
+* Added a class `DataFlow::IndirectParameterNode` to represent the indirection of a parameter as a dataflow node.
+* Added a predicate `Node::asIndirectInstruction` which returns the `Instruction` that defines the indirect dataflow node, if any.
+* Added a class `IndirectUninitializedNode` to represent the indirection of an uninitialized local variable as a dataflow node.
+
+### Minor Analysis Improvements
+
+* Added `HttpReceiveHttpRequest`, `HttpReceiveRequestEntityBody`, and `HttpReceiveClientCertificate` from Win32's `http.h` as remote flow sources.
+* Added dataflow through members initialized via non-static data member initialization (NSDMI).
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 8.0.3
+lastReleaseVersion: 9.0.0
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 8.0.4-dev
+version: 9.0.1-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

@@ -1,3 +1,17 @@
+## 1.6.0
+
+### Query Metadata Changes
+
+* The `@security-severity` metadata of `cpp/cgi-xss` has been increased from 6.1 (medium) to 7.8 (high).
+
+### Minor Analysis Improvements
+
+* The "Extraction warnings" (`cpp/diagnostics/extraction-warnings`) diagnostics query no longer yields `ExtractionRecoverableWarning`s for `build-mode: none` databases. The results were found to significantly increase the sizes of the produced SARIF files, making them unprocessable in some cases.
+* Fixed an issue with the "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query causing false positive results in `build-mode: none` databases.
+* Fixed an issue with the "Uncontrolled format string" (`cpp/tainted-format-string`) query involving certain kinds of formatting function implementations.
+* Fixed an issue with the "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query causing false positive results in `build-mode: none` databases.
+* Fixed an issue with the "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query causing false positive results in `build-mode: none` databases.
+
 ## 1.5.15
 
 No user-facing changes.

@@ -0,0 +1,13 @@
+## 1.6.0
+
+### Query Metadata Changes
+
+* The `@security-severity` metadata of `cpp/cgi-xss` has been increased from 6.1 (medium) to 7.8 (high).
+
+### Minor Analysis Improvements
+
+* The "Extraction warnings" (`cpp/diagnostics/extraction-warnings`) diagnostics query no longer yields `ExtractionRecoverableWarning`s for `build-mode: none` databases. The results were found to significantly increase the sizes of the produced SARIF files, making them unprocessable in some cases.
+* Fixed an issue with the "Suspicious add with sizeof" (`cpp/suspicious-add-sizeof`) query causing false positive results in `build-mode: none` databases.
+* Fixed an issue with the "Uncontrolled format string" (`cpp/tainted-format-string`) query involving certain kinds of formatting function implementations.
+* Fixed an issue with the "Wrong type of arguments to formatting function" (`cpp/wrong-type-format-argument`) query causing false positive results in `build-mode: none` databases.
+* Fixed an issue with the "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query causing false positive results in `build-mode: none` databases.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.15
+lastReleaseVersion: 1.6.0
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.5.16-dev
+version: 1.6.1-dev
 groups:
   - cpp
   - queries

@@ -1,3 +1,7 @@
+## 1.7.64
+
+No user-facing changes.
+
 ## 1.7.63
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.7.64
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.63
+lastReleaseVersion: 1.7.64
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.64-dev
+version: 1.7.65-dev
 groups:
   - csharp
   - solorigate

@@ -1,3 +1,7 @@
+## 1.7.64
+
+No user-facing changes.
+
 ## 1.7.63
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.7.64
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.63
+lastReleaseVersion: 1.7.64
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.64-dev
+version: 1.7.65-dev
 groups:
   - csharp
   - solorigate

@@ -1,3 +1,13 @@
+## 5.4.12
+
+### Minor Analysis Improvements
+
+* The extractor no longer synthesizes expanded forms of compound assignments. This may have a small impact on the results of queries that explicitly or implicitly rely on the expanded form of compound assignments.
+* The `cs/log-forging` query no longer treats arguments to extension methods with
+  source code on `ILogger` types as sinks. Instead, taint is tracked interprocedurally
+  through extension method bodies, reducing false positives when extension methods
+  sanitize input internally.
+
 ## 5.4.11
 
 No user-facing changes.

@@ -1,6 +1,8 @@
----
-category: minorAnalysis
----
+## 5.4.12
+
+### Minor Analysis Improvements
+
+* The extractor no longer synthesizes expanded forms of compound assignments. This may have a small impact on the results of queries that explicitly or implicitly rely on the expanded form of compound assignments.
 * The `cs/log-forging` query no longer treats arguments to extension methods with
   source code on `ILogger` types as sinks. Instead, taint is tracked interprocedurally
   through extension method bodies, reducing false positives when extension methods

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.4.11
+lastReleaseVersion: 5.4.12
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 5.4.12-dev
+version: 5.4.13-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

@@ -1,3 +1,14 @@
+## 1.7.0
+
+### Query Metadata Changes
+
+* The `@security-severity` metadata of `cs/log-forging` has been reduced from 7.8 (high) to 6.1 (medium).
+* The `@security-severity` metadata of `cs/web/xss` has been increased from 6.1 (medium) to 7.8 (high).
+
+### Major Analysis Improvements
+
+* The `cs/constant-condition` query has been simplified. The query no longer reports trivially constant conditions as they were found to generally be intentional. As a result, it should now produce fewer false positives. Additionally, the simplification means that it now reports all the results that `cs/constant-comparison` used to report, and as consequence, that query has been deleted.
+
 ## 1.6.6
 
 No user-facing changes.

@@ -1,4 +1,10 @@
----
-category: majorAnalysis
----
+## 1.7.0
+
+### Query Metadata Changes
+
+* The `@security-severity` metadata of `cs/log-forging` has been reduced from 7.8 (high) to 6.1 (medium).
+* The `@security-severity` metadata of `cs/web/xss` has been increased from 6.1 (medium) to 7.8 (high).
+
+### Major Analysis Improvements
+
 * The `cs/constant-condition` query has been simplified. The query no longer reports trivially constant conditions as they were found to generally be intentional. As a result, it should now produce fewer false positives. Additionally, the simplification means that it now reports all the results that `cs/constant-comparison` used to report, and as consequence, that query has been deleted.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.6.6
+lastReleaseVersion: 1.7.0
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.6.7-dev
+version: 1.7.1-dev
 groups:
   - csharp
   - queries

@@ -1,3 +1,7 @@
+## 1.0.47
+
+No user-facing changes.
+
 ## 1.0.46
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.0.47
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.46
+lastReleaseVersion: 1.0.47
@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.47-dev
+version: 1.0.48-dev
 groups:
   - go
   - queries

@@ -1,3 +1,7 @@
+## 7.0.5
+
+No user-facing changes.
+
 ## 7.0.4
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 7.0.5
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.0.4
+lastReleaseVersion: 7.0.5
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 7.0.5-dev
+version: 7.0.6-dev
 groups: go
 dbscheme: go.dbscheme
 extractor: go