Merge back rc/3.21 into main by oscarsj · Pull Request #21423 · github/codeql

oscarsj · 2026-03-06T15:21:09Z

https://github.com/github/codeql-team/issues/4500

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Release preparation for version 2.24.3

…24.3 Post-release preparation for codeql-cli-2.24.3

…merge-back-rc-3.21

Copilot

Pull request overview

Release-prep and post-release bookkeeping for CodeQL pack versions associated with the 2.24.3 release line: updating pack versions/release markers and rolling up change notes into per-release changelog entries across multiple languages/packs.

Changes:

Bump qlpack.yml dev versions and codeql-pack.release.yml lastReleaseVersion values across many packs.
Add/update per-release notes under change-notes/released/ and prepend matching entries in CHANGELOG.md.
Remove now-released dated change-note fragments that have been folded into the release notes (notably for Python/C++/C#/Java).

Reviewed changes

Copilot reviewed 175 out of 175 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
swift/ql/src/qlpack.yml	Bump Swift queries pack dev version.
swift/ql/src/codeql-pack.release.yml	Update Swift queries `lastReleaseVersion`.
swift/ql/src/change-notes/released/1.2.17.md	Add Swift queries release note stub for 1.2.17.
swift/ql/src/CHANGELOG.md	Add Swift queries 1.2.17 changelog entry.
swift/ql/lib/qlpack.yml	Bump Swift library pack dev version.
swift/ql/lib/codeql-pack.release.yml	Update Swift library `lastReleaseVersion`.
swift/ql/lib/change-notes/released/6.2.3.md	Add Swift library release note stub for 6.2.3.
swift/ql/lib/CHANGELOG.md	Add Swift library 6.2.3 changelog entry.
shared/yaml/qlpack.yml	Bump shared YAML pack dev version.
shared/yaml/codeql-pack.release.yml	Update shared YAML `lastReleaseVersion`.
shared/yaml/change-notes/released/1.0.43.md	Add shared YAML release note stub for 1.0.43.
shared/yaml/CHANGELOG.md	Add shared YAML 1.0.43 changelog entry.
shared/xml/qlpack.yml	Bump shared XML pack dev version.
shared/xml/codeql-pack.release.yml	Update shared XML `lastReleaseVersion`.
shared/xml/change-notes/released/1.0.43.md	Add shared XML release note stub for 1.0.43.
shared/xml/CHANGELOG.md	Add shared XML 1.0.43 changelog entry.
shared/util/qlpack.yml	Bump shared util pack dev version.
shared/util/codeql-pack.release.yml	Update shared util `lastReleaseVersion`.
shared/util/change-notes/released/2.0.30.md	Add shared util release note stub for 2.0.30.
shared/util/CHANGELOG.md	Add shared util 2.0.30 changelog entry.
shared/typos/qlpack.yml	Bump shared typos pack dev version.
shared/typos/codeql-pack.release.yml	Update shared typos `lastReleaseVersion`.
shared/typos/change-notes/released/1.0.43.md	Add shared typos release note stub for 1.0.43.
shared/typos/CHANGELOG.md	Add shared typos 1.0.43 changelog entry.
shared/typetracking/qlpack.yml	Bump shared typetracking pack dev version.
shared/typetracking/codeql-pack.release.yml	Update shared typetracking `lastReleaseVersion`.
shared/typetracking/change-notes/released/2.0.27.md	Add shared typetracking release note stub for 2.0.27.
shared/typetracking/CHANGELOG.md	Add shared typetracking 2.0.27 changelog entry.
shared/typeinference/qlpack.yml	Bump shared typeinference pack dev version.
shared/typeinference/codeql-pack.release.yml	Update shared typeinference `lastReleaseVersion`.
shared/typeinference/change-notes/released/0.0.24.md	Add shared typeinference release note stub for 0.0.24.
shared/typeinference/CHANGELOG.md	Add shared typeinference 0.0.24 changelog entry.
shared/typeflow/qlpack.yml	Bump shared typeflow pack dev version.
shared/typeflow/codeql-pack.release.yml	Update shared typeflow `lastReleaseVersion`.
shared/typeflow/change-notes/released/1.0.43.md	Add shared typeflow release note stub for 1.0.43.
shared/typeflow/CHANGELOG.md	Add shared typeflow 1.0.43 changelog entry.
shared/tutorial/qlpack.yml	Bump shared tutorial pack dev version.
shared/tutorial/codeql-pack.release.yml	Update shared tutorial `lastReleaseVersion`.
shared/tutorial/change-notes/released/1.0.43.md	Add shared tutorial release note stub for 1.0.43.
shared/tutorial/CHANGELOG.md	Add shared tutorial 1.0.43 changelog entry.
shared/threat-models/qlpack.yml	Bump shared threat-models pack dev version.
shared/threat-models/codeql-pack.release.yml	Update shared threat-models `lastReleaseVersion`.
shared/threat-models/change-notes/released/1.0.43.md	Add shared threat-models release note stub for 1.0.43.
shared/threat-models/CHANGELOG.md	Add shared threat-models 1.0.43 changelog entry.
shared/ssa/qlpack.yml	Bump shared SSA pack dev version.
shared/ssa/codeql-pack.release.yml	Update shared SSA `lastReleaseVersion`.
shared/ssa/change-notes/released/2.0.19.md	Add shared SSA release note stub for 2.0.19.
shared/ssa/CHANGELOG.md	Add shared SSA 2.0.19 changelog entry.
shared/regex/qlpack.yml	Bump shared regex pack dev version.
shared/regex/codeql-pack.release.yml	Update shared regex `lastReleaseVersion`.
shared/regex/change-notes/released/1.0.43.md	Add shared regex release note stub for 1.0.43.
shared/regex/CHANGELOG.md	Add shared regex 1.0.43 changelog entry.
shared/rangeanalysis/qlpack.yml	Bump shared rangeanalysis pack dev version.
shared/rangeanalysis/codeql-pack.release.yml	Update shared rangeanalysis `lastReleaseVersion`.
shared/rangeanalysis/change-notes/released/1.0.43.md	Add shared rangeanalysis release note stub for 1.0.43.
shared/rangeanalysis/CHANGELOG.md	Add shared rangeanalysis 1.0.43 changelog entry.
shared/quantum/qlpack.yml	Bump shared quantum pack dev version.
shared/quantum/codeql-pack.release.yml	Update shared quantum `lastReleaseVersion`.
shared/quantum/change-notes/released/0.0.21.md	Add shared quantum release note stub for 0.0.21.
shared/quantum/CHANGELOG.md	Add shared quantum 0.0.21 changelog entry.
shared/mad/qlpack.yml	Bump shared MAD pack dev version.
shared/mad/codeql-pack.release.yml	Update shared MAD `lastReleaseVersion`.
shared/mad/change-notes/released/1.0.43.md	Add shared MAD release note stub for 1.0.43.
shared/mad/CHANGELOG.md	Add shared MAD 1.0.43 changelog entry.
shared/dataflow/qlpack.yml	Bump shared dataflow pack dev version.
shared/dataflow/codeql-pack.release.yml	Update shared dataflow `lastReleaseVersion`.
shared/dataflow/change-notes/released/2.0.27.md	Add shared dataflow release note stub for 2.0.27.
shared/dataflow/CHANGELOG.md	Add shared dataflow 2.0.27 changelog entry.
shared/controlflow/qlpack.yml	Bump shared controlflow pack dev version.
shared/controlflow/codeql-pack.release.yml	Update shared controlflow `lastReleaseVersion`.
shared/controlflow/change-notes/released/2.0.27.md	Add shared controlflow release note stub for 2.0.27.
shared/controlflow/CHANGELOG.md	Add shared controlflow 2.0.27 changelog entry.
shared/concepts/qlpack.yml	Bump shared concepts pack dev version.
shared/concepts/codeql-pack.release.yml	Update shared concepts `lastReleaseVersion`.
shared/concepts/change-notes/released/0.0.17.md	Add shared concepts release note stub for 0.0.17.
shared/concepts/CHANGELOG.md	Add shared concepts 0.0.17 changelog entry.
rust/ql/src/qlpack.yml	Bump Rust queries pack dev version.
rust/ql/src/codeql-pack.release.yml	Update Rust queries `lastReleaseVersion`.
rust/ql/src/change-notes/released/0.1.28.md	Convert/ensure Rust queries 0.1.28 release note format and content.
rust/ql/src/CHANGELOG.md	Add Rust queries 0.1.28 changelog entry.
rust/ql/lib/qlpack.yml	Bump Rust library pack dev version.
rust/ql/lib/codeql-pack.release.yml	Update Rust library `lastReleaseVersion`.
rust/ql/lib/change-notes/released/0.2.7.md	Convert/ensure Rust library 0.2.7 release note format and content.
rust/ql/lib/CHANGELOG.md	Add Rust library 0.2.7 changelog entry.
ruby/ql/src/qlpack.yml	Bump Ruby queries pack dev version.
ruby/ql/src/codeql-pack.release.yml	Update Ruby queries `lastReleaseVersion`.
ruby/ql/src/change-notes/released/1.5.8.md	Add Ruby queries release note stub for 1.5.8.
ruby/ql/src/CHANGELOG.md	Add Ruby queries 1.5.8 changelog entry.
ruby/ql/lib/qlpack.yml	Bump Ruby library pack dev version.
ruby/ql/lib/codeql-pack.release.yml	Update Ruby library `lastReleaseVersion`.
ruby/ql/lib/change-notes/released/5.1.11.md	Convert/ensure Ruby library 5.1.11 release note format and content.
ruby/ql/lib/CHANGELOG.md	Add Ruby library 5.1.11 changelog entry.
python/ql/src/qlpack.yml	Bump Python queries pack dev version.
python/ql/src/codeql-pack.release.yml	Update Python queries `lastReleaseVersion`.
python/ql/src/change-notes/released/1.7.8.md	Add Python queries release note stub for 1.7.8.
python/ql/src/CHANGELOG.md	Add Python queries 1.7.8 changelog entry.
python/ql/lib/qlpack.yml	Bump Python library pack dev version (major series bump).
python/ql/lib/codeql-pack.release.yml	Update Python library `lastReleaseVersion` (to 7.0.0).
python/ql/lib/change-notes/released/7.0.0.md	Add Python library 7.0.0 consolidated release notes.
python/ql/lib/change-notes/2026-02-18-remove-points-to-from-metrics.md	Remove dated note now included in 7.0.0 release notes.
python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md	Remove dated note now included in 7.0.0 release notes.
python/ql/lib/change-notes/2026-02-09-ssrf_test_case_cleanup_and_new_ssrf_barriers.md	Remove dated note now included in 7.0.0 release notes.
python/ql/lib/change-notes/2026-02-08-guards-compared-to-boolean-literals.md	Remove dated note now included in 7.0.0 release notes.
python/ql/lib/CHANGELOG.md	Prepend Python library 7.0.0 changelog entry and minor formatting tweak.
misc/suite-helpers/qlpack.yml	Bump suite-helpers pack dev version.
misc/suite-helpers/codeql-pack.release.yml	Update suite-helpers `lastReleaseVersion`.
misc/suite-helpers/change-notes/released/1.0.43.md	Add suite-helpers release note stub for 1.0.43.
misc/suite-helpers/CHANGELOG.md	Add suite-helpers 1.0.43 changelog entry.
javascript/ql/src/qlpack.yml	Bump JavaScript queries pack dev version.
javascript/ql/src/codeql-pack.release.yml	Update JavaScript queries `lastReleaseVersion`.
javascript/ql/src/change-notes/released/2.3.3.md	Add JavaScript queries release note stub for 2.3.3.
javascript/ql/src/CHANGELOG.md	Add JavaScript queries 2.3.3 changelog entry.
javascript/ql/lib/qlpack.yml	Bump JavaScript library pack dev version.
javascript/ql/lib/codeql-pack.release.yml	Update JavaScript library `lastReleaseVersion`.
javascript/ql/lib/change-notes/released/2.6.23.md	Convert/ensure JavaScript library 2.6.23 release note format and content.
javascript/ql/lib/CHANGELOG.md	Add JavaScript library 2.6.23 changelog entry.
java/ql/src/qlpack.yml	Bump Java queries pack dev version.
java/ql/src/codeql-pack.release.yml	Update Java queries `lastReleaseVersion`.
java/ql/src/change-notes/released/1.10.8.md	Consolidate Java queries 1.10.8 release notes.
java/ql/src/change-notes/2026-02-17-support-java-26.md	Remove dated note now included in 1.10.8 release notes.
java/ql/src/CHANGELOG.md	Add Java queries 1.10.8 changelog entry.
java/ql/lib/qlpack.yml	Bump Java library pack dev version.
java/ql/lib/codeql-pack.release.yml	Update Java library `lastReleaseVersion`.
java/ql/lib/change-notes/released/8.1.1.md	Convert/ensure Java library 8.1.1 release note format and content.
java/ql/lib/CHANGELOG.md	Add Java library 8.1.1 changelog entry.
go/ql/src/qlpack.yml	Bump Go queries pack dev version.
go/ql/src/codeql-pack.release.yml	Update Go queries `lastReleaseVersion`.
go/ql/src/change-notes/released/1.5.7.md	Add Go queries release note stub for 1.5.7.
go/ql/src/CHANGELOG.md	Add Go queries 1.5.7 changelog entry.
go/ql/lib/qlpack.yml	Bump Go library pack dev version.
go/ql/lib/codeql-pack.release.yml	Update Go library `lastReleaseVersion`.
go/ql/lib/change-notes/released/7.0.1.md	Add Go library release note stub for 7.0.1.
go/ql/lib/CHANGELOG.md	Add Go library 7.0.1 changelog entry.
go/ql/consistency-queries/qlpack.yml	Bump Go consistency queries pack dev version.
go/ql/consistency-queries/codeql-pack.release.yml	Update Go consistency queries `lastReleaseVersion`.
go/ql/consistency-queries/change-notes/released/1.0.43.md	Add Go consistency queries release note stub for 1.0.43.
go/ql/consistency-queries/CHANGELOG.md	Add Go consistency queries 1.0.43 changelog entry.
csharp/ql/src/qlpack.yml	Bump C# queries pack dev version.
csharp/ql/src/codeql-pack.release.yml	Update C# queries `lastReleaseVersion`.
csharp/ql/src/change-notes/released/1.6.3.md	Add C# queries release note stub for 1.6.3.
csharp/ql/src/CHANGELOG.md	Add C# queries 1.6.3 changelog entry.
csharp/ql/lib/qlpack.yml	Bump C# library pack dev version.
csharp/ql/lib/codeql-pack.release.yml	Update C# library `lastReleaseVersion`.
csharp/ql/lib/change-notes/released/5.4.8.md	Consolidate C# library 5.4.8 release notes.
csharp/ql/lib/change-notes/2026-02-16-partial-events.md	Remove dated note now included in 5.4.8 release notes.
csharp/ql/lib/change-notes/2026-02-12-field-keyword.md	Remove dated note now included in 5.4.8 release notes.
csharp/ql/lib/CHANGELOG.md	Add C# library 5.4.8 changelog entry.
csharp/ql/campaigns/Solorigate/src/qlpack.yml	Bump Solorigate C# queries pack dev version.
csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml	Update Solorigate C# queries `lastReleaseVersion`.
csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.60.md	Add Solorigate C# queries release note stub for 1.7.60.
csharp/ql/campaigns/Solorigate/src/CHANGELOG.md	Add Solorigate C# queries 1.7.60 changelog entry.
csharp/ql/campaigns/Solorigate/lib/qlpack.yml	Bump Solorigate C# library pack dev version.
csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml	Update Solorigate C# library `lastReleaseVersion`.
csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.60.md	Add Solorigate C# library release note stub for 1.7.60.
csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md	Add Solorigate C# library 1.7.60 changelog entry.
cpp/ql/src/qlpack.yml	Bump C++ queries pack dev version.
cpp/ql/src/codeql-pack.release.yml	Update C++ queries `lastReleaseVersion`.
cpp/ql/src/change-notes/released/1.5.12.md	Add C++ queries release note stub for 1.5.12.
cpp/ql/src/CHANGELOG.md	Add C++ queries 1.5.12 changelog entry.
cpp/ql/lib/qlpack.yml	Bump C++ library pack dev version (major series bump).
cpp/ql/lib/codeql-pack.release.yml	Update C++ library `lastReleaseVersion` (to 8.0.0).
cpp/ql/lib/change-notes/released/8.0.0.md	Add C++ library 8.0.0 consolidated release notes.
cpp/ql/lib/change-notes/2026-02-24-barrier-guards.md	Remove dated note now included in 8.0.0 release notes.
cpp/ql/lib/change-notes/2026-02-14-must-flow.md	Remove dated note now included in 8.0.0 release notes.
cpp/ql/lib/change-notes/2026-02-14-must-flow-fix.md	Remove dated note now included in 8.0.0 release notes.
cpp/ql/lib/change-notes/2026-02-06-UncheckedLeapYearAfterModification_Refactor.md	Remove dated note now included in 8.0.0 release notes.
cpp/ql/lib/CHANGELOG.md	Add C++ library 8.0.0 changelog entry.
actions/ql/src/qlpack.yml	Bump Actions queries pack dev version.
actions/ql/src/codeql-pack.release.yml	Update Actions queries `lastReleaseVersion`.
actions/ql/src/change-notes/released/0.6.21.md	Add Actions queries release note stub for 0.6.21.
actions/ql/src/CHANGELOG.md	Add Actions queries 0.6.21 changelog entry.
actions/ql/lib/qlpack.yml	Bump Actions library pack dev version.
actions/ql/lib/codeql-pack.release.yml	Update Actions library `lastReleaseVersion`.
actions/ql/lib/change-notes/released/0.4.29.md	Add Actions library release note stub for 0.4.29.
actions/ql/lib/CHANGELOG.md	Add Actions library 0.4.29 changelog entry.

Copilot · 2026-03-06T15:25:51Z

python/ql/lib/change-notes/released/7.0.0.md

+
+### Minor Analysis Improvements
+
+* Added new full SSRF sanitization barrier from the new AntiSSRF library. 


This bullet has trailing whitespace at the end of the line. Please remove it to avoid noisy diffs and potential markdown/style lint issues.

Copilot · 2026-03-06T15:25:52Z

python/ql/lib/CHANGELOG.md

+
+### Minor Analysis Improvements
+
+* Added new full SSRF sanitization barrier from the new AntiSSRF library. 


This bullet has trailing whitespace at the end of the line. Please remove it to avoid noisy diffs and potential markdown/style lint issues.

github-actions[bot] and others added 6 commits March 2, 2026 13:23

Release preparation for version 2.24.3

7795bad

Apply suggestions from code review

df7379c

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Merge pull request #21401 from github/release-prep/2.24.3

7d30e3c

Release preparation for version 2.24.3

Post-release preparation for codeql-cli-2.24.3

e152f08

Merge pull request #21402 from github/post-release-prep/codeql-cli-2.…

13ce515

…24.3 Post-release preparation for codeql-cli-2.24.3

Merge branch 'main' of https://github.com/github/codeql into oscarsj/…

3b9eba2

…merge-back-rc-3.21

Copilot AI review requested due to automatic review settings March 6, 2026 15:21

oscarsj requested review from a team as code owners March 6, 2026 15:21

github-actions bot added C# JS C++ documentation Java Python Go Ruby Rust Pull requests that update Rust code Swift labels Mar 6, 2026

github-actions bot added DataFlow Library Actions Analysis of GitHub Actions labels Mar 6, 2026

Copilot started reviewing on behalf of oscarsj March 6, 2026 15:21 View session

oscarsj changed the title ~~oscarsj/merge back rc 3.21~~ Merge back rc/3.21 into main Mar 6, 2026

Copilot AI reviewed Mar 6, 2026

View reviewed changes

jketema approved these changes Mar 6, 2026

View reviewed changes

oscarsj merged commit a6de855 into main Mar 6, 2026
154 of 156 checks passed

oscarsj deleted the oscarsj/merge-back-rc-3.21 branch March 6, 2026 15:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge back rc/3.21 into main#21423

Merge back rc/3.21 into main#21423
oscarsj merged 6 commits intomainfrom
oscarsj/merge-back-rc-3.21

oscarsj commented Mar 6, 2026 •

edited

Loading

Uh oh!

Copilot AI left a comment

Uh oh!

Copilot AI Mar 6, 2026

Uh oh!

Copilot AI Mar 6, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants


		### Minor Analysis Improvements

		* Added new full SSRF sanitization barrier from the new AntiSSRF library.

Conversation

oscarsj commented Mar 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Copilot AI Mar 6, 2026

Choose a reason for hiding this comment

Uh oh!

Copilot AI Mar 6, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

oscarsj commented Mar 6, 2026 •

edited

Loading