Merge pull request #7503 from dbartol/dbartol/move-change-notes

hvitved · web-flow · commit de1697ab392a · 2022-01-04T09:35:21.000+01:00
Move change notes to correct location
diff --git a/cpp/old-change-notes/2021-10-07-cleartext-transmission.md b/cpp/old-change-notes/2021-10-07-cleartext-transmission.md
diff --git a/javascript/ql/src/change-notes/2021-11-08-routing-trees.md b/javascript/ql/src/change-notes/2021-11-08-routing-trees.md
@@ -1,3 +1,5 @@
-lgtm,codescanning
+---
+category: minorAnalysis
+---
 * Data flow is now tracked across middleware functions in more cases, leading to more security results in general. Affected packages are `express` and `fastify`.
 * `js/missing-token-validation` has been made more precise, yielding both fewer false positives and more true positives.
diff --git a/javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md b/javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md
@@ -1,3 +1,5 @@
-lgtm,codescanning
+---
+category: minorAnalysis
+---
 * Support for handlebars templates has improved. Raw interpolation tags of the form `{{& ... }}` are now recognized,
   as well as whitespace-trimming tags like `{{~ ... }}`.
diff --git a/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md b/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md
@@ -0,0 +1,4 @@
+---
+catgegory: minorAnalysis
+---
+* To support the new SSRF queries, the PyPI package `requests` has been modeled, along with `http.client.HTTP[S]Connection` from the standard library.
diff --git a/python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md b/python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md
@@ -1,3 +1,4 @@
-lgtm,codescanning
+---
+catgegory: newQuery
+---
 * Two new queries have been added for detecting Server-side request forgery (SSRF). _Full server-side request forgery_ (`py/full-ssrf`) will only alert when the URL is fully user-controlled, and _Partial server-side request forgery_ (`py/partial-ssrf`) will alert when any part of the URL is user-controlled. Only `py/full-ssrf` will be run by default.
-* To support the new SSRF queries, the PyPI package `requests` have been modeled, along with `http.client.HTTP[S]Connection` from the standard library.
diff --git a/ruby/ql/lib/change-notes/2021-12-21-constants.md b/ruby/ql/lib/change-notes/2021-12-21-constants.md
@@ -1,2 +1,4 @@
-lgtm,codescanning
+---
+category: deprecated
+---
 * `ConstantWriteAccess.getQualifiedName()` has been deprecated in favor of `getAQualifiedName()` which can return multiple possible qualified names for a given constant write access.

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +catgegory: minorAnalysis
 +---
 +* To support the new SSRF queries, the PyPI package `requests` has been modeled, along with `http.client.HTTP[S]Connection` from the standard library.