Post-release preparation for codeql-cli-2.25.5#21864
Merged
Merged
Conversation
Release preparation for version 2.25.5
github-actions
Bot
added
C#
JS
C++
documentation
Java
Python
Go
Ruby
Rust
oscarsj
approved these changes
May 22, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
This PR performs post-release bookkeeping for the CodeQL CLI 2.25.5 release by merging back released pack metadata/changelogs and bumping pack version strings to the next -dev versions in preparation for the next release cycle.
Changes:
- Bump
qlpack.ymlversionfields andcodeql-pack.release.ymllastReleaseVersionacross multiple packs. - Add corresponding
CHANGELOG.mdentries andchange-notes/released/<version>.mdrelease notes for the released versions. - Remove now-superseded unreleased change-note files for Actions that have been incorporated into the release notes.
Show a summary per file
| File | Description |
|---|---|
| swift/ql/src/qlpack.yml | Bump Swift queries pack dev version to 1.3.4-dev. |
| swift/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.3.3. |
| swift/ql/src/CHANGELOG.md | Add 1.3.3 changelog section. |
| swift/ql/src/change-notes/released/1.3.3.md | Add released notes for 1.3.3. |
| swift/ql/lib/qlpack.yml | Bump Swift library pack dev version to 6.6.1-dev. |
| swift/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 6.6.0. |
| swift/ql/lib/CHANGELOG.md | Add 6.6.0 changelog section. |
| swift/ql/lib/change-notes/released/6.6.0.md | Convert released notes format / ensure 6.6.0 release content is present. |
| shared/yaml/qlpack.yml | Bump shared YAML pack dev version to 1.0.51-dev. |
| shared/yaml/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/yaml/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/yaml/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/xml/qlpack.yml | Bump shared XML pack dev version to 1.0.51-dev. |
| shared/xml/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/xml/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/xml/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/util/qlpack.yml | Bump shared util pack dev version to 2.0.38-dev. |
| shared/util/codeql-pack.release.yml | Update lastReleaseVersion to 2.0.37. |
| shared/util/CHANGELOG.md | Add 2.0.37 changelog section. |
| shared/util/change-notes/released/2.0.37.md | Add released notes for 2.0.37. |
| shared/typos/qlpack.yml | Bump shared typos pack dev version to 1.0.51-dev. |
| shared/typos/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/typos/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/typos/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/typetracking/qlpack.yml | Bump typetracking pack dev version to 2.0.35-dev. |
| shared/typetracking/codeql-pack.release.yml | Update lastReleaseVersion to 2.0.34. |
| shared/typetracking/CHANGELOG.md | Add 2.0.34 changelog section. |
| shared/typetracking/change-notes/released/2.0.34.md | Add released notes for 2.0.34. |
| shared/typeinference/qlpack.yml | Bump typeinference pack dev version to 0.0.32-dev. |
| shared/typeinference/codeql-pack.release.yml | Update lastReleaseVersion to 0.0.31. |
| shared/typeinference/CHANGELOG.md | Add 0.0.31 changelog section. |
| shared/typeinference/change-notes/released/0.0.31.md | Add released notes for 0.0.31. |
| shared/typeflow/qlpack.yml | Bump typeflow pack dev version to 1.0.51-dev. |
| shared/typeflow/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/typeflow/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/typeflow/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/tutorial/qlpack.yml | Bump tutorial pack dev version to 1.0.51-dev. |
| shared/tutorial/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/tutorial/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/tutorial/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/threat-models/qlpack.yml | Bump threat-models pack dev version to 1.0.51-dev. |
| shared/threat-models/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/threat-models/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/threat-models/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/ssa/qlpack.yml | Bump SSA pack dev version to 2.0.27-dev. |
| shared/ssa/codeql-pack.release.yml | Update lastReleaseVersion to 2.0.26. |
| shared/ssa/CHANGELOG.md | Add 2.0.26 changelog section. |
| shared/ssa/change-notes/released/2.0.26.md | Add released notes for 2.0.26. |
| shared/regex/qlpack.yml | Bump regex pack dev version to 1.0.51-dev. |
| shared/regex/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/regex/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/regex/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/rangeanalysis/qlpack.yml | Bump rangeanalysis pack dev version to 1.0.51-dev. |
| shared/rangeanalysis/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/rangeanalysis/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/rangeanalysis/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/quantum/qlpack.yml | Bump quantum pack dev version to 0.0.29-dev. |
| shared/quantum/codeql-pack.release.yml | Update lastReleaseVersion to 0.0.28. |
| shared/quantum/CHANGELOG.md | Add 0.0.28 changelog section. |
| shared/quantum/change-notes/released/0.0.28.md | Add released notes for 0.0.28. |
| shared/mad/qlpack.yml | Bump MAD pack dev version to 1.0.51-dev. |
| shared/mad/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| shared/mad/CHANGELOG.md | Add 1.0.50 changelog section. |
| shared/mad/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| shared/dataflow/qlpack.yml | Bump dataflow pack dev version to 2.1.7-dev. |
| shared/dataflow/codeql-pack.release.yml | Update lastReleaseVersion to 2.1.6. |
| shared/dataflow/CHANGELOG.md | Add 2.1.6 changelog section. |
| shared/dataflow/change-notes/released/2.1.6.md | Add released notes for 2.1.6. |
| shared/controlflow/qlpack.yml | Bump controlflow pack dev version to 2.0.35-dev. |
| shared/controlflow/codeql-pack.release.yml | Update lastReleaseVersion to 2.0.34. |
| shared/controlflow/CHANGELOG.md | Add 2.0.34 changelog section. |
| shared/controlflow/change-notes/released/2.0.34.md | Add released notes for 2.0.34. |
| shared/concepts/qlpack.yml | Bump concepts pack dev version to 0.0.25-dev. |
| shared/concepts/codeql-pack.release.yml | Update lastReleaseVersion to 0.0.24. |
| shared/concepts/CHANGELOG.md | Add 0.0.24 changelog section. |
| shared/concepts/change-notes/released/0.0.24.md | Add released notes for 0.0.24. |
| rust/ql/src/qlpack.yml | Bump Rust queries pack dev version to 0.1.36-dev. |
| rust/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 0.1.35. |
| rust/ql/src/CHANGELOG.md | Add 0.1.35 changelog section. |
| rust/ql/src/change-notes/released/0.1.35.md | Add released notes for 0.1.35. |
| rust/ql/lib/qlpack.yml | Bump Rust library pack dev version to 0.2.15-dev. |
| rust/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 0.2.14. |
| rust/ql/lib/CHANGELOG.md | Add 0.2.14 changelog section. |
| rust/ql/lib/change-notes/released/0.2.14.md | Add released notes for 0.2.14. |
| ruby/ql/src/qlpack.yml | Bump Ruby queries pack dev version to 1.6.4-dev. |
| ruby/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.6.3. |
| ruby/ql/src/CHANGELOG.md | Add 1.6.3 changelog section. |
| ruby/ql/src/change-notes/released/1.6.3.md | Add released notes for 1.6.3. |
| ruby/ql/lib/qlpack.yml | Bump Ruby library pack dev version to 5.2.2-dev. |
| ruby/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 5.2.1. |
| ruby/ql/lib/CHANGELOG.md | Add 5.2.1 changelog section. |
| ruby/ql/lib/change-notes/released/5.2.1.md | Add released notes for 5.2.1. |
| python/ql/src/qlpack.yml | Bump Python queries pack dev version to 1.8.4-dev. |
| python/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.8.3. |
| python/ql/src/CHANGELOG.md | Add 1.8.3 changelog section. |
| python/ql/src/change-notes/released/1.8.3.md | Add released notes for 1.8.3. |
| python/ql/lib/qlpack.yml | Bump Python library pack dev version to 7.1.2-dev. |
| python/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 7.1.1. |
| python/ql/lib/CHANGELOG.md | Add 7.1.1 changelog section. |
| python/ql/lib/change-notes/released/7.1.1.md | Add released notes for 7.1.1. |
| misc/suite-helpers/qlpack.yml | Bump suite-helpers pack dev version to 1.0.51-dev. |
| misc/suite-helpers/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| misc/suite-helpers/CHANGELOG.md | Add 1.0.50 changelog section. |
| misc/suite-helpers/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| javascript/ql/src/qlpack.yml | Bump JavaScript queries pack dev version to 2.3.11-dev. |
| javascript/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 2.3.10. |
| javascript/ql/src/CHANGELOG.md | Add 2.3.10 changelog section. |
| javascript/ql/src/change-notes/released/2.3.10.md | Add released notes for 2.3.10. |
| javascript/ql/lib/qlpack.yml | Bump JavaScript library pack dev version to 2.7.2-dev. |
| javascript/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 2.7.1. |
| javascript/ql/lib/CHANGELOG.md | Add 2.7.1 changelog section. |
| javascript/ql/lib/change-notes/released/2.7.1.md | Add released notes for 2.7.1. |
| java/ql/src/qlpack.yml | Bump Java queries pack dev version to 1.11.4-dev. |
| java/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.11.3. |
| java/ql/src/CHANGELOG.md | Add 1.11.3 changelog section. |
| java/ql/src/change-notes/released/1.11.3.md | Ensure released notes use released-note heading format. |
| java/ql/lib/qlpack.yml | Bump Java library pack dev version to 9.1.2-dev. |
| java/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 9.1.1. |
| java/ql/lib/CHANGELOG.md | Add 9.1.1 changelog section. |
| java/ql/lib/change-notes/released/9.1.1.md | Ensure released notes use released-note heading format. |
| go/ql/src/qlpack.yml | Bump Go queries pack dev version to 1.6.4-dev. |
| go/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.6.3. |
| go/ql/src/CHANGELOG.md | Add 1.6.3 changelog section. |
| go/ql/src/change-notes/released/1.6.3.md | Add released notes for 1.6.3. |
| go/ql/lib/qlpack.yml | Bump Go library pack dev version to 7.1.2-dev. |
| go/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 7.1.1. |
| go/ql/lib/CHANGELOG.md | Add 7.1.1 changelog section. |
| go/ql/lib/change-notes/released/7.1.1.md | Add released notes for 7.1.1. |
| go/ql/consistency-queries/qlpack.yml | Bump Go consistency queries pack dev version to 1.0.51-dev. |
| go/ql/consistency-queries/codeql-pack.release.yml | Update lastReleaseVersion to 1.0.50. |
| go/ql/consistency-queries/CHANGELOG.md | Add 1.0.50 changelog section. |
| go/ql/consistency-queries/change-notes/released/1.0.50.md | Add released notes for 1.0.50. |
| csharp/ql/src/qlpack.yml | Bump C# queries pack dev version to 1.7.4-dev. |
| csharp/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.7.3. |
| csharp/ql/src/CHANGELOG.md | Add 1.7.3 changelog section. |
| csharp/ql/src/change-notes/released/1.7.3.md | Add released notes for 1.7.3. |
| csharp/ql/lib/qlpack.yml | Bump C# library pack dev version to 6.0.2-dev. |
| csharp/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 6.0.1. |
| csharp/ql/lib/CHANGELOG.md | Add 6.0.1 changelog section. |
| csharp/ql/lib/change-notes/released/6.0.1.md | Add released notes for 6.0.1. |
| csharp/ql/campaigns/Solorigate/src/qlpack.yml | Bump Solorigate queries pack dev version to 1.7.68-dev. |
| csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.7.67. |
| csharp/ql/campaigns/Solorigate/src/CHANGELOG.md | Add 1.7.67 changelog section. |
| csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.67.md | Add released notes for 1.7.67. |
| csharp/ql/campaigns/Solorigate/lib/qlpack.yml | Bump Solorigate library pack dev version to 1.7.68-dev. |
| csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml | Update lastReleaseVersion to 1.7.67. |
| csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md | Add 1.7.67 changelog section. |
| csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.67.md | Add released notes for 1.7.67. |
| cpp/ql/src/qlpack.yml | Bump C/C++ queries pack dev version to 1.6.4-dev. |
| cpp/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 1.6.3. |
| cpp/ql/src/CHANGELOG.md | Add 1.6.3 changelog section. |
| cpp/ql/src/change-notes/released/1.6.3.md | Ensure released notes use released-note heading format. |
| cpp/ql/lib/qlpack.yml | Bump C/C++ library pack dev version to 10.1.2-dev. |
| cpp/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 10.1.1. |
| cpp/ql/lib/CHANGELOG.md | Add 10.1.1 changelog section. |
| cpp/ql/lib/change-notes/released/10.1.1.md | Ensure released notes use released-note heading format. |
| actions/ql/src/qlpack.yml | Bump Actions queries pack dev version to 0.6.29-dev. |
| actions/ql/src/codeql-pack.release.yml | Update lastReleaseVersion to 0.6.28. |
| actions/ql/src/CHANGELOG.md | Add 0.6.28 changelog section. |
| actions/ql/src/change-notes/released/0.6.28.md | Add released notes for 0.6.28. |
| actions/ql/src/change-notes/2026-04-20-unpinned-tag-composite-actions.md | Remove unreleased note now reflected in 0.6.28 release notes. |
| actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-metadata.md | Remove unreleased note now reflected in 0.6.28 release notes. |
| actions/ql/src/change-notes/2026-04-15-untrusted-checkout-improvements-helpfile.md | Remove unreleased note now reflected in 0.6.28 release notes. |
| actions/ql/lib/qlpack.yml | Bump Actions library pack dev version to 0.4.37-dev. |
| actions/ql/lib/codeql-pack.release.yml | Update lastReleaseVersion to 0.4.36. |
| actions/ql/lib/CHANGELOG.md | Add 0.4.36 changelog section. |
| actions/ql/lib/change-notes/released/0.4.36.md | Ensure released notes use released-note heading format. |
Copilot's findings
- Files reviewed: 167/167 changed files
- Comments generated: 2
|
|
||
| ### Bug Fixes | ||
|
|
||
| * Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. |
|
|
||
| ### Bug Fixes | ||
|
|
||
| * Fixed help file descriptions for queries: `actions/untrusted-checkout/critical`, `actions/untrusted-checkout/high`, `actions/untrusted-checkout/medium`. Previously the messages were unclear as to why and how the vulnerabilities could occur. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR merges back all of the changes from the release of codeql-cli-2.25.5. And it bumps the version version strings in semmle-code in preparation for the next release of 2.25.6.