github · mbg · Nov 11, 2025 · Nov 11, 2025 · Nov 3, 2025 · Nov 7, 2025
@@ -1,3 +1,7 @@
+## 0.4.20
+
+No user-facing changes.
+
 ## 0.4.19
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 0.4.20
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.19
+lastReleaseVersion: 0.4.20
@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.20-dev
+version: 0.4.20
 library: true
 warnOnImplicitThis: true
 dependencies:

@@ -1,3 +1,7 @@
+## 0.6.12
+
+No user-facing changes.
+
 ## 0.6.11
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 0.6.12
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.11
+lastReleaseVersion: 0.6.12
@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.6.12-dev
+version: 0.6.12
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]

@@ -1,3 +1,9 @@
+## 6.0.1
+
+### Bug Fixes
+
+* Improve performance of the range analysis in cases where it would otherwise take an exorbitant amount of time.
+
 ## 6.0.0
 
 ### Breaking Changes

@@ -0,0 +1,5 @@
+## 6.0.1
+
+### Bug Fixes
+
+* Improve performance of the range analysis in cases where it would otherwise take an exorbitant amount of time.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 6.0.0
+lastReleaseVersion: 6.0.1
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 6.0.1-dev
+version: 6.0.1
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

@@ -1,3 +1,7 @@
+## 1.5.3
+
+No user-facing changes.
+
 ## 1.5.2
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.5.3
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.5.2
+lastReleaseVersion: 1.5.3
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.5.3-dev
+version: 1.5.3
 groups:
   - cpp
   - queries

@@ -1,3 +1,7 @@
+## 1.7.51
+
+No user-facing changes.
+
 ## 1.7.50
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.7.51
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.50
+lastReleaseVersion: 1.7.51
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.51-dev
+version: 1.7.51
 groups:
   - csharp
   - solorigate

@@ -1,3 +1,7 @@
+## 1.7.51
+
+No user-facing changes.
+
 ## 1.7.50
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.7.51
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.50
+lastReleaseVersion: 1.7.51
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.51-dev
+version: 1.7.51
 groups:
   - csharp
   - solorigate

@@ -1,3 +1,18 @@
+## 5.3.0
+
+### Deprecated APIs
+
+* The class `AbstractValue` in the `Guards` library has been deprecated and replaced with the class `GuardValue`.
+
+### Major Analysis Improvements
+
+* The representation of the C# control-flow graph has been significantly changed. This has minor effects on a wide range of queries including both minor improvements and minor regressions, for example, improved precision has been observed for `cs/inefficient-containskey` and `cs/stringbuilder-creation-in-loop`. Two queries stand out as being significantly affected with great improvements: `cs/dereferenced-value-may-be-null` has been completely rewritten which removes a very significant number of false positives. Furthermore, `cs/constant-condition` has been updated to report many new results - these new results are primarily expected to be true positives, but a few new false positives are expected as well. As part of these changes, `cs/dereferenced-value-may-be-null` has been changed from a `path-problem` query to a `problem` query, so paths are no longer reported for this query.
+
+### Minor Analysis Improvements
+
+* Added tracer support for macOS and Linux when the .NET CLI (`dotnet`) directly invokes the C# compiler (`csc`). This enhancement provides basic tracing and extraction capabilities for .NET 10 RC2 on these platforms.
+* The extraction of location information for source code entities has been updated to use star IDs (`*` IDs). This change should be transparent to end-users but may improve extraction performance in some cases by reducing TRAP file size and eliminating overhead from location de-duplication.
+
 ## 5.2.6
 
 ### Minor Analysis Improvements

@@ -1,4 +1,14 @@
----
-category: majorAnalysis
----
+## 5.3.0
+
+### Deprecated APIs
+
+* The class `AbstractValue` in the `Guards` library has been deprecated and replaced with the class `GuardValue`.
+
+### Major Analysis Improvements
+
 * The representation of the C# control-flow graph has been significantly changed. This has minor effects on a wide range of queries including both minor improvements and minor regressions, for example, improved precision has been observed for `cs/inefficient-containskey` and `cs/stringbuilder-creation-in-loop`. Two queries stand out as being significantly affected with great improvements: `cs/dereferenced-value-may-be-null` has been completely rewritten which removes a very significant number of false positives. Furthermore, `cs/constant-condition` has been updated to report many new results - these new results are primarily expected to be true positives, but a few new false positives are expected as well. As part of these changes, `cs/dereferenced-value-may-be-null` has been changed from a `path-problem` query to a `problem` query, so paths are no longer reported for this query.
+
+### Minor Analysis Improvements
+
+* Added tracer support for macOS and Linux when the .NET CLI (`dotnet`) directly invokes the C# compiler (`csc`). This enhancement provides basic tracing and extraction capabilities for .NET 10 RC2 on these platforms.
+* The extraction of location information for source code entities has been updated to use star IDs (`*` IDs). This change should be transparent to end-users but may improve extraction performance in some cases by reducing TRAP file size and eliminating overhead from location de-duplication.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.2.6
+lastReleaseVersion: 5.3.0
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 5.2.7-dev
+version: 5.3.0
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

@@ -1,3 +1,9 @@
+## 1.4.3
+
+### Minor Analysis Improvements
+
+* the `cs/web/missing-x-frame-options` query now correctly handles configuration nested in root `<location>` elements.
+
 ## 1.4.2
 
 No user-facing changes.

@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 1.4.3
+
+### Minor Analysis Improvements
+
 * the `cs/web/missing-x-frame-options` query now correctly handles configuration nested in root `<location>` elements.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.2
+lastReleaseVersion: 1.4.3
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.4.3-dev
+version: 1.4.3
 groups:
   - csharp
   - queries

@@ -1,3 +1,7 @@
+## 1.0.34
+
+No user-facing changes.
+
 ## 1.0.33
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.0.34
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.33
+lastReleaseVersion: 1.0.34
@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.34-dev
+version: 1.0.34
 groups:
   - go
   - queries

@@ -1,3 +1,7 @@
+## 5.0.1
+
+No user-facing changes.
+
 ## 5.0.0
 
 ### Breaking Changes

@@ -0,0 +1,3 @@
+## 5.0.1
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.0.0
+lastReleaseVersion: 5.0.1
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 5.0.1-dev
+version: 5.0.1
 groups: go
 dbscheme: go.dbscheme
 extractor: go

@@ -1,3 +1,7 @@
+## 1.4.8
+
+No user-facing changes.
+
 ## 1.4.7
 
 No user-facing changes.

@@ -0,0 +1,3 @@
+## 1.4.8
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.7
+lastReleaseVersion: 1.4.8
@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 1.4.8-dev
+version: 1.4.8
 groups:
   - go
   - queries

@@ -1,3 +1,7 @@
+## 7.7.3
+
+No user-facing changes.
+
 ## 7.7.2
 
 ### Minor Analysis Improvements

@@ -0,0 +1,3 @@
+## 7.7.3
+
+No user-facing changes.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.7.2
+lastReleaseVersion: 7.7.3
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 7.7.3-dev
+version: 7.7.3
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java

@@ -1,3 +1,16 @@
+## 1.9.0
+
+### New Queries
+
+* The `java/sensitive-cookie-not-httponly` query has been promoted from experimental to the main query pack.
+* Added a new query, `java/escaping`, to detect values escaping from classes marked as `@ThreadSafe`.
+* Added a new query, `java/not-threadsafe`, to detect data races in classes marked as `@ThreadSafe`.
+* Added a new query, `java/safe-publication`, to detect unsafe publication in classes marked as `@ThreadSafe`.
+
+### Minor Analysis Improvements
+
+* Calls to `String.matches` are now treated as sanitizers for the `java/ssrf` query.
+
 ## 1.8.2
 
 No user-facing changes.

@@ -0,0 +1,12 @@
+## 1.9.0
+
+### New Queries
+
+* The `java/sensitive-cookie-not-httponly` query has been promoted from experimental to the main query pack.
+* Added a new query, `java/escaping`, to detect values escaping from classes marked as `@ThreadSafe`.
+* Added a new query, `java/not-threadsafe`, to detect data races in classes marked as `@ThreadSafe`.
+* Added a new query, `java/safe-publication`, to detect unsafe publication in classes marked as `@ThreadSafe`.
+
+### Minor Analysis Improvements
+
+* Calls to `String.matches` are now treated as sanitizers for the `java/ssrf` query.
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.8.2
+lastReleaseVersion: 1.9.0