From 9231df8f23df70b6150bd79223c42d5e20c94934 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=93scar=20San=20Jos=C3=A9?= Date: Thu, 5 Mar 2026 17:08:45 +0100 Subject: [PATCH 1/6] Update CHANGELOG.md for 2.24.3 From f467d25f90410a13ab54482a71c991714ac8a3a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=93scar=20San=20Jos=C3=A9?= Date: Thu, 5 Mar 2026 17:10:54 +0100 Subject: [PATCH 2/6] Update CHANGELOG for release 2.24.3 Added details about bug fixes in release 2.24.3, including race condition fix and spurious warnings. --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 916665c..e429b8c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,13 @@ you know what to do). --> +## Release 2.24.3 (2026-03-05) + +### Bug Fixes + +- Fixed a race condition that could cause flaky failures in overlay CodeQL tests. Test extraction now skips `*.testproj` directories by name, preventing interference from concurrently cleaned-up test databases. +- Fixed spurious "OOPS" warnings that could appear in help output for commands using mutually exclusive option groups, such as `codeql query run`. + ## Release 2.24.2 (2026-02-20) ### Bug Fixes From 249f3d5b0553b743286d11218ae16297c13a9cc4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=93scar=20San=20Jos=C3=A9?= Date: Thu, 19 Mar 2026 13:15:33 +0100 Subject: [PATCH 3/6] Update CHANGELOG for release 2.25.0 Added release notes for version 2.25.0, including breaking changes and bug fixes. --- CHANGELOG.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e429b8c..489bd40 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,20 @@ checklist for a CLI release, you can edit here. But then you know what to do). --> +## Release 2.25.0 (2026-03-19) + +### Breaking Changes + +- `codeql database interpret-results` and `codeql database analyze` no longer attempt to reconstruct file baseline information from databases created with CLI versions before 2.11.2. + +### Bug Fixes + +- Upgraded Jackson library from 2.16.1 to 2.18.6 to address a high-severity denial of service vulnerability (GHSA-72hv-8253-57qq) in jackson-core's async JSON parser. +- Upgraded snakeyaml (which is a dependency of jackson-dataformat-yaml) from 2.2 to 2.3. + +## Release 2.24.4 (2026-03-16) + +This release was skipped. ## Release 2.24.3 (2026-03-05) From 1ebe9749ba4d4fc7a4d4f4cb900c8c2fd6a52893 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=93scar=20San=20Jos=C3=A9?= Date: Fri, 27 Mar 2026 09:44:04 +0000 Subject: [PATCH 4/6] Update changelog for release 2.25.1 --- CHANGELOG.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 489bd40..4f60231 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,16 @@ checklist for a CLI release, you can edit here. But then you know what to do). --> +## Release 2.25.1 (2026-03-27) + +### Bug Fixes + +- Fixed a bug where extraction could fail on YAML files containing emoji.Collapse commentComment on lines R24 to R25henrymercer commented on Mar 26, 2026 henrymerceron Mar 26, 2026More actions + +### Miscellaneous + +- Upgraded snakeyaml (which is a dependency of jackson-dataformat-yaml) from 2.3 to 2.6. + ## Release 2.25.0 (2026-03-19) ### Breaking Changes From 0564862bef092139fbd761ee56dc3f2380555ef5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=93scar=20San=20Jos=C3=A9?= Date: Fri, 27 Mar 2026 10:49:07 +0100 Subject: [PATCH 5/6] Fix YAML extraction bug and upgrade snakeyaml --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4f60231..90fb0e7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,7 +20,7 @@ ### Bug Fixes -- Fixed a bug where extraction could fail on YAML files containing emoji.Collapse commentComment on lines R24 to R25henrymercer commented on Mar 26, 2026 henrymerceron Mar 26, 2026More actions +- Fixed a bug where extraction could fail on YAML files containing emoji. ### Miscellaneous From 2c725ac18f6b371750d317f5f98d247c75d4c85b Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Wed, 15 Apr 2026 11:44:22 +0100 Subject: [PATCH 6/6] Add changenotes for 2.25.2 --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 90fb0e7..0e93e38 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,14 @@ checklist for a CLI release, you can edit here. But then you know what to do). --> + +## Release 2.25.2 (2026-04-15) + +### Miscellaneous + +- The build of Eclipse Temurin OpenJDK that is used to run the CodeQL + CLI has been updated to version 21.0.10. + ## Release 2.25.1 (2026-03-27) ### Bug Fixes