diff --git a/actions/ql/lib/CHANGELOG.md b/actions/ql/lib/CHANGELOG.md
index e6ae9a82059e..3de5d186721a 100644
--- a/actions/ql/lib/CHANGELOG.md
+++ b/actions/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.4.19
+
+No user-facing changes.
+
## 0.4.18
No user-facing changes.
diff --git a/actions/ql/lib/change-notes/released/0.4.19.md b/actions/ql/lib/change-notes/released/0.4.19.md
new file mode 100644
index 000000000000..fb592c5a34fe
--- /dev/null
+++ b/actions/ql/lib/change-notes/released/0.4.19.md
@@ -0,0 +1,3 @@
+## 0.4.19
+
+No user-facing changes.
diff --git a/actions/ql/lib/codeql-pack.release.yml b/actions/ql/lib/codeql-pack.release.yml
index 1a848f928999..abf63707906b 100644
--- a/actions/ql/lib/codeql-pack.release.yml
+++ b/actions/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 0.4.18
+lastReleaseVersion: 0.4.19
diff --git a/actions/ql/lib/qlpack.yml b/actions/ql/lib/qlpack.yml
index 80eecfca28d5..6423894239dc 100644
--- a/actions/ql/lib/qlpack.yml
+++ b/actions/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/actions-all
-version: 0.4.19-dev
+version: 0.4.20-dev
library: true
warnOnImplicitThis: true
dependencies:
diff --git a/actions/ql/src/CHANGELOG.md b/actions/ql/src/CHANGELOG.md
index 534ba89566b2..4592fbb66da7 100644
--- a/actions/ql/src/CHANGELOG.md
+++ b/actions/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.6.11
+
+No user-facing changes.
+
## 0.6.10
No user-facing changes.
diff --git a/actions/ql/src/change-notes/released/0.6.11.md b/actions/ql/src/change-notes/released/0.6.11.md
new file mode 100644
index 000000000000..3c83e3ac1120
--- /dev/null
+++ b/actions/ql/src/change-notes/released/0.6.11.md
@@ -0,0 +1,3 @@
+## 0.6.11
+
+No user-facing changes.
diff --git a/actions/ql/src/codeql-pack.release.yml b/actions/ql/src/codeql-pack.release.yml
index c2eebb652b05..b73e74898d0f 100644
--- a/actions/ql/src/codeql-pack.release.yml
+++ b/actions/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 0.6.10
+lastReleaseVersion: 0.6.11
diff --git a/actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql b/actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql
index 2e583a989893..2b4ed1a30b45 100644
--- a/actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql
+++ b/actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql
@@ -19,5 +19,5 @@ import SecretExfiltrationFlow::PathGraph
from SecretExfiltrationFlow::PathNode source, SecretExfiltrationFlow::PathNode sink
where SecretExfiltrationFlow::flowPath(source, sink)
select sink.getNode(), source, sink,
- "Potential secret exfiltration in $@, which may be be leaked to an attacker-controlled resource.",
+ "Potential secret exfiltration in $@, which may be leaked to an attacker-controlled resource.",
sink, sink.getNode().asExpr().(Expression).getRawExpression()
diff --git a/actions/ql/src/qlpack.yml b/actions/ql/src/qlpack.yml
index 2de1276aa82d..553e579ceacf 100644
--- a/actions/ql/src/qlpack.yml
+++ b/actions/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/actions-queries
-version: 0.6.11-dev
+version: 0.6.12-dev
library: false
warnOnImplicitThis: true
groups: [actions, queries]
diff --git a/actions/ql/test/query-tests/Security/CWE-200/SecretExfiltration.expected b/actions/ql/test/query-tests/Security/CWE-200/SecretExfiltration.expected
index 259746eaec9a..59b58e03be78 100644
--- a/actions/ql/test/query-tests/Security/CWE-200/SecretExfiltration.expected
+++ b/actions/ql/test/query-tests/Security/CWE-200/SecretExfiltration.expected
@@ -3,4 +3,4 @@ nodes
| .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | semmle.label | github.event.pull_request.title |
subpaths
#select
-| .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | Potential secret exfiltration in $@, which may be be leaked to an attacker-controlled resource. | .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | ${{ github.event.pull_request.title }} |
+| .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | Potential secret exfiltration in $@, which may be leaked to an attacker-controlled resource. | .github/workflows/test1.yml:15:11:16:75 | github.event.pull_request.title | ${{ github.event.pull_request.title }} |
diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md
index 0909c8e3c881..093b31078e0c 100644
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 6.0.0
+
+### Breaking Changes
+
+* The "Guards" libraries (`semmle.code.cpp.controlflow.Guards` and `semmle.code.cpp.controlflow.IRGuards`) have been totally rewritten to recognize many more guards. The API remains unchanged, but the `GuardCondition` class now extends `Element` instead of `Expr`.
+
+### New Features
+
+* C/C++ `build-mode: none` support is now generally available.
+
## 5.6.1
No user-facing changes.
diff --git a/cpp/ql/lib/change-notes/2025-10-07-bmn-ga.md b/cpp/ql/lib/change-notes/2025-10-07-bmn-ga.md
deleted file mode 100644
index dce0cabc38c0..000000000000
--- a/cpp/ql/lib/change-notes/2025-10-07-bmn-ga.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: feature
----
-* The C/C++ "build-mode: none" support is now General Availability (GA).
diff --git a/cpp/ql/lib/change-notes/2025-09-18-guards.md b/cpp/ql/lib/change-notes/released/6.0.0.md
similarity index 67%
rename from cpp/ql/lib/change-notes/2025-09-18-guards.md
rename to cpp/ql/lib/change-notes/released/6.0.0.md
index a739df714713..574e05442ec4 100644
--- a/cpp/ql/lib/change-notes/2025-09-18-guards.md
+++ b/cpp/ql/lib/change-notes/released/6.0.0.md
@@ -1,4 +1,9 @@
----
-category: breaking
----
-* The "Guards" libraries (`semmle.code.cpp.controlflow.Guards` and `semmle.code.cpp.controlflow.IRGuards`) have been totally rewritten to recognize many more guards. The API remains unchanged, but the `GuardCondition` class now extends `Element` instead of `Expr`.
\ No newline at end of file
+## 6.0.0
+
+### Breaking Changes
+
+* The "Guards" libraries (`semmle.code.cpp.controlflow.Guards` and `semmle.code.cpp.controlflow.IRGuards`) have been totally rewritten to recognize many more guards. The API remains unchanged, but the `GuardCondition` class now extends `Element` instead of `Expr`.
+
+### New Features
+
+* C/C++ `build-mode: none` support is now generally available.
diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml
index 2dcac412aa9c..f8c4fa43ccb7 100644
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 5.6.1
+lastReleaseVersion: 6.0.0
diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml
index 435d013c47b6..8712e4008971 100644
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/cpp-all
-version: 5.6.2-dev
+version: 6.0.1-dev
groups: cpp
dbscheme: semmlecode.cpp.dbscheme
extractor: cpp
diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md
index 39549ed1bdc2..4b876310708b 100644
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.5.2
+
+No user-facing changes.
+
## 1.5.1
No user-facing changes.
diff --git a/cpp/ql/src/change-notes/released/1.5.2.md b/cpp/ql/src/change-notes/released/1.5.2.md
new file mode 100644
index 000000000000..384c27833f18
--- /dev/null
+++ b/cpp/ql/src/change-notes/released/1.5.2.md
@@ -0,0 +1,3 @@
+## 1.5.2
+
+No user-facing changes.
diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml
index c5775c46013c..7eb901bae56a 100644
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.5.1
+lastReleaseVersion: 1.5.2
diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml
index f5193698fdb7..71aa95bed9e6 100644
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/cpp-queries
-version: 1.5.2-dev
+version: 1.5.3-dev
groups:
- cpp
- queries
diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
index bcfd38e14942..7b4887608d94 100644
--- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.7.50
+
+No user-facing changes.
+
## 1.7.49
No user-facing changes.
diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.50.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.50.md
new file mode 100644
index 000000000000..187bfe4d01f4
--- /dev/null
+++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.50.md
@@ -0,0 +1,3 @@
+## 1.7.50
+
+No user-facing changes.
diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
index fe16fdfefdc8..dab079d66444 100644
--- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.7.49
+lastReleaseVersion: 1.7.50
diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
index 3c14c29940c0..a569cf6a5c4f 100644
--- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/csharp-solorigate-all
-version: 1.7.50-dev
+version: 1.7.51-dev
groups:
- csharp
- solorigate
diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
index bcfd38e14942..7b4887608d94 100644
--- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.7.50
+
+No user-facing changes.
+
## 1.7.49
No user-facing changes.
diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.50.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.50.md
new file mode 100644
index 000000000000..187bfe4d01f4
--- /dev/null
+++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.50.md
@@ -0,0 +1,3 @@
+## 1.7.50
+
+No user-facing changes.
diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
index fe16fdfefdc8..dab079d66444 100644
--- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.7.49
+lastReleaseVersion: 1.7.50
diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
index efb3216f3b9b..d91f21b0e90b 100644
--- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/csharp-solorigate-queries
-version: 1.7.50-dev
+version: 1.7.51-dev
groups:
- csharp
- solorigate
diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md
index 095eab5cdbaf..a722d924f3b8 100644
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@@ -1,3 +1,12 @@
+## 5.2.6
+
+### Minor Analysis Improvements
+
+* The extraction of location information for parameters, fields, constructors, destructors and user operators has been optimized. Previously, location information was extracted multiple times for each bound generic. Now, only the location of the unbound generic declaration is extracted during the extraction phase, and the QL library explicitly reuses this location for all bound instances of the same generic.
+* The extraction of location information for type parameters and tuples types has been optimized. Previously, location information was extracted multiple times for each type when it was declared across multiple files. Now, the extraction context is respected during the extraction phase, ensuring locations are only extracted within the appropriate context. This change should be transparent to end-users but may improve extraction performance in some cases.
+* The extraction of location information for named types (classes, structs, etc.) has been optimized. Previously, location information was extracted multiple times for each type when it was declared across multiple files. Now, the extraction context is respected during the extraction phase, ensuring locations are only extracted within the appropriate context. This change should be transparent to end-users but may improve extraction performance in some cases.
+* The extraction of the location for bound generic entities (methods, accessors, indexers, properties, and events) has been optimized. Previously, location information was extracted multiple times for each bound generic. Now, only the location of the unbound generic declaration is extracted during the extraction phase, and the QL library explicitly reuses this location for all bound instances of the same generic.
+
## 5.2.5
No user-facing changes.
diff --git a/csharp/ql/lib/change-notes/2025-10-02-entity-locations.md b/csharp/ql/lib/change-notes/2025-10-02-entity-locations.md
deleted file mode 100644
index dd13aab6292e..000000000000
--- a/csharp/ql/lib/change-notes/2025-10-02-entity-locations.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The extraction of the location for bound generic entities (methods, accessors, indexers, properties, and events) has been optimized. Previously, location information was extracted multiple times for each bound generic. Now, only the location of the unbound generic declaration is extracted during the extraction phase, and the QL library explicitly reuses this location for all bound instances of the same generic.
diff --git a/csharp/ql/lib/change-notes/2025-10-07-entity-locations.md b/csharp/ql/lib/change-notes/2025-10-07-entity-locations.md
deleted file mode 100644
index 44f36fe44c6a..000000000000
--- a/csharp/ql/lib/change-notes/2025-10-07-entity-locations.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The extraction of location information for named types (classes, structs, etc.) has been optimized. Previously, location information was extracted multiple times for each type when it was declared across multiple files. Now, the extraction context is respected during the extraction phase, ensuring locations are only extracted within the appropriate context. This change should be transparent to end-users but may improve extraction performance in some cases.
diff --git a/csharp/ql/lib/change-notes/2025-10-08-entity-locations.md b/csharp/ql/lib/change-notes/2025-10-08-entity-locations.md
deleted file mode 100644
index a96afe072513..000000000000
--- a/csharp/ql/lib/change-notes/2025-10-08-entity-locations.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The extraction of location information for type parameters and tuples types has been optimized. Previously, location information was extracted multiple times for each type when it was declared across multiple files. Now, the extraction context is respected during the extraction phase, ensuring locations are only extracted within the appropriate context. This change should be transparent to end-users but may improve extraction performance in some cases.
diff --git a/csharp/ql/lib/change-notes/2025-10-10-entity-locations.md b/csharp/ql/lib/change-notes/2025-10-10-entity-locations.md
deleted file mode 100644
index 72aa663febe0..000000000000
--- a/csharp/ql/lib/change-notes/2025-10-10-entity-locations.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The extraction of location information for parameters, fields, constructors, destructors and user operators has been optimized. Previously, location information was extracted multiple times for each bound generic. Now, only the location of the unbound generic declaration is extracted during the extraction phase, and the QL library explicitly reuses this location for all bound instances of the same generic.
diff --git a/csharp/ql/lib/change-notes/released/5.2.6.md b/csharp/ql/lib/change-notes/released/5.2.6.md
new file mode 100644
index 000000000000..54ef01bfbf87
--- /dev/null
+++ b/csharp/ql/lib/change-notes/released/5.2.6.md
@@ -0,0 +1,8 @@
+## 5.2.6
+
+### Minor Analysis Improvements
+
+* The extraction of location information for parameters, fields, constructors, destructors and user operators has been optimized. Previously, location information was extracted multiple times for each bound generic. Now, only the location of the unbound generic declaration is extracted during the extraction phase, and the QL library explicitly reuses this location for all bound instances of the same generic.
+* The extraction of location information for type parameters and tuples types has been optimized. Previously, location information was extracted multiple times for each type when it was declared across multiple files. Now, the extraction context is respected during the extraction phase, ensuring locations are only extracted within the appropriate context. This change should be transparent to end-users but may improve extraction performance in some cases.
+* The extraction of location information for named types (classes, structs, etc.) has been optimized. Previously, location information was extracted multiple times for each type when it was declared across multiple files. Now, the extraction context is respected during the extraction phase, ensuring locations are only extracted within the appropriate context. This change should be transparent to end-users but may improve extraction performance in some cases.
+* The extraction of the location for bound generic entities (methods, accessors, indexers, properties, and events) has been optimized. Previously, location information was extracted multiple times for each bound generic. Now, only the location of the unbound generic declaration is extracted during the extraction phase, and the QL library explicitly reuses this location for all bound instances of the same generic.
diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml
index 63222f8b4a01..1ac2b5309f2d 100644
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 5.2.5
+lastReleaseVersion: 5.2.6
diff --git a/csharp/ql/lib/ext/System.ComponentModel.model.yml b/csharp/ql/lib/ext/System.ComponentModel.model.yml
index d98c97727fbc..a3b561583e38 100644
--- a/csharp/ql/lib/ext/System.ComponentModel.model.yml
+++ b/csharp/ql/lib/ext/System.ComponentModel.model.yml
@@ -36,3 +36,8 @@ extensions:
- ["System.ComponentModel", "PropertyDescriptorCollection", False, "set_Item", "(System.Int32,System.Object)", "", "Argument[0]", "Argument[this].Element.Property[System.Collections.Generic.KeyValuePair`2.Key]", "value", "manual"]
- ["System.ComponentModel", "PropertyDescriptorCollection", False, "set_Item", "(System.Int32,System.Object)", "", "Argument[1]", "Argument[this].Element.Property[System.Collections.Generic.KeyValuePair`2.Value]", "value", "manual"]
- ["System.ComponentModel", "PropertyDescriptorCollection", False, "set_Item", "(System.Object,System.Object)", "", "Argument[1]", "Argument[this].Element", "value", "manual"]
+ - addsTo:
+ pack: codeql/csharp-all
+ extensible: neutralModel
+ data:
+ - ["System.ComponentModel", "PropertyDescriptor", "GetValue", "(System.Object)", "summary", "manual"]
\ No newline at end of file
diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml
index 2f92b5edafdb..92a08088be73 100644
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/csharp-all
-version: 5.2.6-dev
+version: 5.2.7-dev
groups: csharp
dbscheme: semmlecode.csharp.dbscheme
extractor: csharp
diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md
index 7fa8992c49af..40ea9e3693a8 100644
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.4.2
+
+No user-facing changes.
+
## 1.4.1
### Minor Analysis Improvements
diff --git a/csharp/ql/src/change-notes/released/1.4.2.md b/csharp/ql/src/change-notes/released/1.4.2.md
new file mode 100644
index 000000000000..37be01f40d98
--- /dev/null
+++ b/csharp/ql/src/change-notes/released/1.4.2.md
@@ -0,0 +1,3 @@
+## 1.4.2
+
+No user-facing changes.
diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml
index 43ccf4467bed..a76cacdf7997 100644
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.4.1
+lastReleaseVersion: 1.4.2
diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml
index fad06a3e9289..a9776d058b98 100644
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/csharp-queries
-version: 1.4.2-dev
+version: 1.4.3-dev
groups:
- csharp
- queries
diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
index 36e23003fcc2..8ffcd84e54ba 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
@@ -3715,7 +3715,6 @@ summary
| Newtonsoft.Json.Linq;JObject;set_Item;(System.String,Newtonsoft.Json.Linq.JToken);Argument[0];Argument[this].Element.Property[System.Collections.Generic.KeyValuePair`2.Key];value;manual |
| Newtonsoft.Json.Linq;JObject;set_Item;(System.String,Newtonsoft.Json.Linq.JToken);Argument[1];Argument[this].Element.Property[System.Collections.Generic.KeyValuePair`2.Value];value;manual |
| Newtonsoft.Json.Linq;JObject;set_Item;(System.String,Newtonsoft.Json.Linq.JToken);Argument[1];Argument[this].Element;value;manual |
-| Newtonsoft.Json.Linq;JPropertyDescriptor;GetValue;(System.Object);Argument[0];ReturnValue;taint;dfc-generated |
| Newtonsoft.Json.Linq;JPropertyDescriptor;ResetValue;(System.Object);Argument[this];Argument[0];taint;df-generated |
| Newtonsoft.Json.Linq;JPropertyDescriptor;SetValue;(System.Object,System.Object);Argument[0];Argument[this];taint;df-generated |
| Newtonsoft.Json.Linq;JPropertyDescriptor;SetValue;(System.Object,System.Object);Argument[1];Argument[0];taint;df-generated |
@@ -9085,7 +9084,6 @@ summary
| System.ComponentModel;PropertyDescriptor;FillAttributes;(System.Collections.IList);Argument[this];Argument[0].Element;taint;df-generated |
| System.ComponentModel;PropertyDescriptor;GetEditor;(System.Type);Argument[this];ReturnValue;taint;df-generated |
| System.ComponentModel;PropertyDescriptor;GetInvocationTarget;(System.Type,System.Object);Argument[1];ReturnValue;value;dfc-generated |
-| System.ComponentModel;PropertyDescriptor;GetValue;(System.Object);Argument[0];ReturnValue;taint;dfc-generated |
| System.ComponentModel;PropertyDescriptor;RemoveValueChanged;(System.Object,System.EventHandler);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
| System.ComponentModel;PropertyDescriptor;ResetValue;(System.Object);Argument[this];Argument[0];taint;df-generated |
| System.ComponentModel;PropertyDescriptor;SetValue;(System.Object,System.Object);Argument[0];Argument[this];taint;df-generated |
@@ -25715,6 +25713,7 @@ neutral
| Newtonsoft.Json.Linq;JObject;remove_PropertyChanged;(System.ComponentModel.PropertyChangedEventHandler);summary;df-generated |
| Newtonsoft.Json.Linq;JObject;remove_PropertyChanging;(System.ComponentModel.PropertyChangingEventHandler);summary;df-generated |
| Newtonsoft.Json.Linq;JPropertyDescriptor;CanResetValue;(System.Object);summary;df-generated |
+| Newtonsoft.Json.Linq;JPropertyDescriptor;GetValue;(System.Object);summary;manual |
| Newtonsoft.Json.Linq;JPropertyDescriptor;ShouldSerializeValue;(System.Object);summary;df-generated |
| Newtonsoft.Json.Linq;JPropertyDescriptor;get_ComponentType;();summary;df-generated |
| Newtonsoft.Json.Linq;JPropertyDescriptor;get_IsReadOnly;();summary;df-generated |
@@ -28812,6 +28811,7 @@ neutral
| System.ComponentModel;PropertyDescriptor;GetChildProperties;(System.Object,System.Attribute[]);summary;df-generated |
| System.ComponentModel;PropertyDescriptor;GetHashCode;();summary;df-generated |
| System.ComponentModel;PropertyDescriptor;GetTypeFromName;(System.String);summary;df-generated |
+| System.ComponentModel;PropertyDescriptor;GetValue;(System.Object);summary;manual |
| System.ComponentModel;PropertyDescriptor;GetValueChangedHandler;(System.Object);summary;df-generated |
| System.ComponentModel;PropertyDescriptor;OnValueChanged;(System.Object,System.EventArgs);summary;df-generated |
| System.ComponentModel;PropertyDescriptor;PropertyDescriptor;(System.ComponentModel.MemberDescriptor);summary;df-generated |
diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
index 25ac85e95485..c885864a31ee 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
@@ -6727,7 +6727,6 @@
| System.ComponentModel;PropertyChangingEventHandler;BeginInvoke;(System.Object,System.ComponentModel.PropertyChangingEventArgs,System.AsyncCallback,System.Object);Argument[2];Argument[2].Parameter[delegate-self];value;hq-generated |
| System.ComponentModel;PropertyDescriptor;AddValueChanged;(System.Object,System.EventHandler);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
| System.ComponentModel;PropertyDescriptor;GetEditor;(System.Type);Argument[this];ReturnValue;taint;df-generated |
-| System.ComponentModel;PropertyDescriptor;GetValue;(System.Object);Argument[0];ReturnValue;taint;dfc-generated |
| System.ComponentModel;PropertyDescriptor;RemoveValueChanged;(System.Object,System.EventHandler);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
| System.ComponentModel;PropertyDescriptor;ResetValue;(System.Object);Argument[this];Argument[0];taint;df-generated |
| System.ComponentModel;PropertyDescriptor;SetValue;(System.Object,System.Object);Argument[0];Argument[this];taint;df-generated |
diff --git a/go/ql/consistency-queries/CHANGELOG.md b/go/ql/consistency-queries/CHANGELOG.md
index 331bb4c220e0..102463df544a 100644
--- a/go/ql/consistency-queries/CHANGELOG.md
+++ b/go/ql/consistency-queries/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.0.33
+
+No user-facing changes.
+
## 1.0.32
No user-facing changes.
diff --git a/go/ql/consistency-queries/change-notes/released/1.0.33.md b/go/ql/consistency-queries/change-notes/released/1.0.33.md
new file mode 100644
index 000000000000..3a65838479f2
--- /dev/null
+++ b/go/ql/consistency-queries/change-notes/released/1.0.33.md
@@ -0,0 +1,3 @@
+## 1.0.33
+
+No user-facing changes.
diff --git a/go/ql/consistency-queries/codeql-pack.release.yml b/go/ql/consistency-queries/codeql-pack.release.yml
index 7bc5c51ba7bf..914c722b5d98 100644
--- a/go/ql/consistency-queries/codeql-pack.release.yml
+++ b/go/ql/consistency-queries/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.0.32
+lastReleaseVersion: 1.0.33
diff --git a/go/ql/consistency-queries/qlpack.yml b/go/ql/consistency-queries/qlpack.yml
index 70529ff4f909..e44457e45700 100644
--- a/go/ql/consistency-queries/qlpack.yml
+++ b/go/ql/consistency-queries/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql-go-consistency-queries
-version: 1.0.33-dev
+version: 1.0.34-dev
groups:
- go
- queries
diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md
index adf218a99e44..71d6bfdc60f6 100644
--- a/go/ql/lib/CHANGELOG.md
+++ b/go/ql/lib/CHANGELOG.md
@@ -1,3 +1,25 @@
+## 5.0.0
+
+### Breaking Changes
+
+* The member predicate `writesField` on `DataFlow::Write` now uses the post-update node for `base` when that is the node being updated, which is in all cases except initializing a struct literal. A new member predicate `writesFieldPreUpdate` has been added for cases where this behaviour is not desired.
+* The member predicate `writesElement` on `DataFlow::Write` now uses the post-update node for `base` when that is the node being updated, which is in all cases except initializing an array/slice/map literal. A new member predicate `writesElementPreUpdate` has been added for cases where this behaviour is not desired.
+
+### Deprecated APIs
+
+* The class `SqlInjection::NumericOrBooleanSanitizer` has been deprecated. Use `SimpleTypeSanitizer` from `semmle.go.security.Sanitizers` instead.
+* The member predicate `writesComponent` on `DataFlow::Write` has been deprecated. Instead, use `writesFieldPreUpdate` and `writesElementPreUpdate`, or their new versions `writesField` and `writesElement`.
+
+### Major Analysis Improvements
+
+* The shape of the Go data-flow graph has changed. Previously for code like `x := def(); use1(x); use2(x)`, there would be edges from the definition of `x` to each use. Now there is an edge from the definition to the first use, then another from the first use to the second, and so on. This means that data-flow barriers work differently - flow will not reach any uses after the barrier node. Where this is not desired it may be necessary to add an additional flow step to propagate the flow forward. Additionally, when a variable may be subject to a side-effect, such as updating an array, passing a pointer to a function that might write through it or writing to a field of a struct, there is now a dedicated post-update node representing the variable after this side-effect has taken place. Previously post-update nodes were aliases for either a variable's definition, or were equal to the pre-update node. This led to backwards steps in the data-flow graph, which could cause false positives. For example, in the previous code there would be an edge from `x` in `use2(x)` back to the definition of `x`. If we define our sources as any argument of `use2` and our sinks as any argument of `use1` then this would lead to a false positive path. Now there are distinct post-update nodes and no backwards edge to the definition, so we will not find this false positive path.
+
+### Minor Analysis Improvements
+
+* The query `go/request-forgery` will no longer report alerts when the user input is of a simple type, like a number or a boolean.
+* For the query `go/unvalidated-url-redirection`, when untrusted data is assigned to the `Host` field of a `url.URL` struct, we consider the whole struct untrusted. We now also include the case when this happens during struct initialization, for example `&url.URL{Host: untrustedData}`.
+* `go/unvalidated-url-redirection` and `go/request-forgery` have a shared notion of a safe URL, which is known to not be malicious. Some URLs which were incorrectly considered safe are now correctly considered unsafe. This may lead to more alerts for those two queries.
+
## 4.3.5
No user-facing changes.
diff --git a/go/ql/lib/change-notes/2025-09-19-api-changes.md b/go/ql/lib/change-notes/2025-09-19-api-changes.md
deleted file mode 100644
index 071ec2719b3f..000000000000
--- a/go/ql/lib/change-notes/2025-09-19-api-changes.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-category: breaking
----
-* The member predicate `writesField` on `DataFlow::Write` now uses the post-update node for `base` when that is the node being updated, which is in all cases except initializing a struct literal. A new member predicate `writesFieldPreUpdate` has been added for cases where this behaviour is not desired.
-* The member predicate `writesElement` on `DataFlow::Write` now uses the post-update node for `base` when that is the node being updated, which is in all cases except initializing an array/slice/map literal. A new member predicate `writesElementPreUpdate` has been added for cases where this behaviour is not desired.
diff --git a/go/ql/lib/change-notes/2025-09-19-use-use-flow-proper-post-update-nodes.md b/go/ql/lib/change-notes/2025-09-19-use-use-flow-proper-post-update-nodes.md
deleted file mode 100644
index 607f23dfb03e..000000000000
--- a/go/ql/lib/change-notes/2025-09-19-use-use-flow-proper-post-update-nodes.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: majorAnalysis
----
-* The shape of the Go data-flow graph has changed. Previously for code like `x := def(); use1(x); use2(x)`, there would be edges from the definition of `x` to each use. Now there is an edge from the definition to the first use, then another from the first use to the second, and so on. This means that data-flow barriers work differently - flow will not reach any uses after the barrier node. Where this is not desired it may be be necessary to add an additional flow step to propagate the flow forward. Additionally, when a variable may be subject to a side-effect, such as updating an array, passing a pointer to a function that might write through it or writing to a field of a struct, there is now a dedicated post-update node representing the variable after this side-effect has taken place. Previously post-update nodes were aliases for either a variable's definition, or were equal to the pre-update node. This led to backwards steps in the data-flow graph, which could cause false positives. For example, in the previous code there would be an edge from `x` in `use2(x)` back to the definition of `x`. If we define our sources as any argument of `use2` and our sinks as any argument of `use1` then this would lead to a false positive path. Now there are distinct post-update nodes and no backwards edge to the definition, so we will not find this false positive path.
diff --git a/go/ql/lib/change-notes/2025-09-30-fewer-safe-urls.md b/go/ql/lib/change-notes/2025-09-30-fewer-safe-urls.md
deleted file mode 100644
index 5eeee51c4a3c..000000000000
--- a/go/ql/lib/change-notes/2025-09-30-fewer-safe-urls.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* `go/unvalidated-url-redirection` and `go/request-forgery` have a shared notion of a safe URL, which is known to not be malicious. Some URLs which were incorrectly considered safe are now correctly considered unsafe. This may lead to more alerts for those two queries.
diff --git a/go/ql/lib/change-notes/2025-10-02-unvalidated-url-redirection-struct-init-fix.md b/go/ql/lib/change-notes/2025-10-02-unvalidated-url-redirection-struct-init-fix.md
deleted file mode 100644
index 9e5d5aa14a2f..000000000000
--- a/go/ql/lib/change-notes/2025-10-02-unvalidated-url-redirection-struct-init-fix.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* For the query `go/unvalidated-url-redirection`, when untrusted data is assigned to the `Host` field of a `url.URL` struct, we consider the whole struct untrusted. We now also include the case when this happens during struct initialization, for example `&url.URL{Host: untrustedData}`.
diff --git a/go/ql/lib/change-notes/2025-10-02-writenode-writescomponent-deprecated.md b/go/ql/lib/change-notes/2025-10-02-writenode-writescomponent-deprecated.md
deleted file mode 100644
index 834266e36b96..000000000000
--- a/go/ql/lib/change-notes/2025-10-02-writenode-writescomponent-deprecated.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: deprecated
----
-* The member predicate `writesComponent` on `DataFlow::Write` has been deprecated. Instead, use `writesFieldPreUpdate` and `writesElementPreUpdate`, or their new versions `writesField` and `writesElement`.
diff --git a/go/ql/lib/change-notes/2025-10-09-deprecate-sqlinjection-numericorbooleansanitizer.md b/go/ql/lib/change-notes/2025-10-09-deprecate-sqlinjection-numericorbooleansanitizer.md
deleted file mode 100644
index 647d9a4332cd..000000000000
--- a/go/ql/lib/change-notes/2025-10-09-deprecate-sqlinjection-numericorbooleansanitizer.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: deprecated
----
-* The class `SqlInjection::NumericOrBooleanSanitizer` has been deprecated. Use `SimpleTypeSanitizer` from `semmle.go.security.Sanitizers` instead.
diff --git a/go/ql/lib/change-notes/2025-10-09-sanitize-simple-types-request-forgery.md b/go/ql/lib/change-notes/2025-10-09-sanitize-simple-types-request-forgery.md
deleted file mode 100644
index 1bbf8c7f88a9..000000000000
--- a/go/ql/lib/change-notes/2025-10-09-sanitize-simple-types-request-forgery.md
+++ /dev/null
@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The query `go/request-forgery` will no longer report alerts when the user input is of a simple type, like a number or a boolean.
diff --git a/go/ql/lib/change-notes/released/5.0.0.md b/go/ql/lib/change-notes/released/5.0.0.md
new file mode 100644
index 000000000000..096e0b350bf6
--- /dev/null
+++ b/go/ql/lib/change-notes/released/5.0.0.md
@@ -0,0 +1,21 @@
+## 5.0.0
+
+### Breaking Changes
+
+* The member predicate `writesField` on `DataFlow::Write` now uses the post-update node for `base` when that is the node being updated, which is in all cases except initializing a struct literal. A new member predicate `writesFieldPreUpdate` has been added for cases where this behaviour is not desired.
+* The member predicate `writesElement` on `DataFlow::Write` now uses the post-update node for `base` when that is the node being updated, which is in all cases except initializing an array/slice/map literal. A new member predicate `writesElementPreUpdate` has been added for cases where this behaviour is not desired.
+
+### Deprecated APIs
+
+* The class `SqlInjection::NumericOrBooleanSanitizer` has been deprecated. Use `SimpleTypeSanitizer` from `semmle.go.security.Sanitizers` instead.
+* The member predicate `writesComponent` on `DataFlow::Write` has been deprecated. Instead, use `writesFieldPreUpdate` and `writesElementPreUpdate`, or their new versions `writesField` and `writesElement`.
+
+### Major Analysis Improvements
+
+* The shape of the Go data-flow graph has changed. Previously for code like `x := def(); use1(x); use2(x)`, there would be edges from the definition of `x` to each use. Now there is an edge from the definition to the first use, then another from the first use to the second, and so on. This means that data-flow barriers work differently - flow will not reach any uses after the barrier node. Where this is not desired it may be necessary to add an additional flow step to propagate the flow forward. Additionally, when a variable may be subject to a side-effect, such as updating an array, passing a pointer to a function that might write through it or writing to a field of a struct, there is now a dedicated post-update node representing the variable after this side-effect has taken place. Previously post-update nodes were aliases for either a variable's definition, or were equal to the pre-update node. This led to backwards steps in the data-flow graph, which could cause false positives. For example, in the previous code there would be an edge from `x` in `use2(x)` back to the definition of `x`. If we define our sources as any argument of `use2` and our sinks as any argument of `use1` then this would lead to a false positive path. Now there are distinct post-update nodes and no backwards edge to the definition, so we will not find this false positive path.
+
+### Minor Analysis Improvements
+
+* The query `go/request-forgery` will no longer report alerts when the user input is of a simple type, like a number or a boolean.
+* For the query `go/unvalidated-url-redirection`, when untrusted data is assigned to the `Host` field of a `url.URL` struct, we consider the whole struct untrusted. We now also include the case when this happens during struct initialization, for example `&url.URL{Host: untrustedData}`.
+* `go/unvalidated-url-redirection` and `go/request-forgery` have a shared notion of a safe URL, which is known to not be malicious. Some URLs which were incorrectly considered safe are now correctly considered unsafe. This may lead to more alerts for those two queries.
diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml
index d6a085129424..c9e54136ca5c 100644
--- a/go/ql/lib/codeql-pack.release.yml
+++ b/go/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 4.3.5
+lastReleaseVersion: 5.0.0
diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml
index 20ace6482e44..bf2586d9089e 100644
--- a/go/ql/lib/qlpack.yml
+++ b/go/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/go-all
-version: 4.3.6-dev
+version: 5.0.1-dev
groups: go
dbscheme: go.dbscheme
extractor: go
diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md
index 65d6436fce3e..eb370a8cdddc 100644
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.4.7
+
+No user-facing changes.
+
## 1.4.6
No user-facing changes.
diff --git a/go/ql/src/change-notes/released/1.4.7.md b/go/ql/src/change-notes/released/1.4.7.md
new file mode 100644
index 000000000000..4f064ad746f9
--- /dev/null
+++ b/go/ql/src/change-notes/released/1.4.7.md
@@ -0,0 +1,3 @@
+## 1.4.7
+
+No user-facing changes.
diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml
index 3b00bbce928c..163362bd6321 100644
--- a/go/ql/src/codeql-pack.release.yml
+++ b/go/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.4.6
+lastReleaseVersion: 1.4.7
diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml
index c85a94a90f58..3133d392d892 100644
--- a/go/ql/src/qlpack.yml
+++ b/go/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/go-queries
-version: 1.4.7-dev
+version: 1.4.8-dev
groups:
- go
- queries
diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md
index 0e74414917b6..5d6fcbde3360 100644
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 7.7.2
+
+### Minor Analysis Improvements
+
+* Fields of certain objects are considered tainted if the object is tainted. This holds, for example, for objects that occur directly as sources in the active threat model (for instance, a remote flow source). This has now been amended to also include array types, such that if an array like `MyPojo[]` is a source, then fields of a tainted `MyPojo` are now also considered tainted.
+
## 7.7.1
No user-facing changes.
diff --git a/java/ql/lib/change-notes/2025-10-07-array-entrypointtype.md b/java/ql/lib/change-notes/released/7.7.2.md
similarity index 89%
rename from java/ql/lib/change-notes/2025-10-07-array-entrypointtype.md
rename to java/ql/lib/change-notes/released/7.7.2.md
index 45b898b6b2a6..43d4f94b816f 100644
--- a/java/ql/lib/change-notes/2025-10-07-array-entrypointtype.md
+++ b/java/ql/lib/change-notes/released/7.7.2.md
@@ -1,4 +1,5 @@
----
-category: minorAnalysis
----
+## 7.7.2
+
+### Minor Analysis Improvements
+
* Fields of certain objects are considered tainted if the object is tainted. This holds, for example, for objects that occur directly as sources in the active threat model (for instance, a remote flow source). This has now been amended to also include array types, such that if an array like `MyPojo[]` is a source, then fields of a tainted `MyPojo` are now also considered tainted.
diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml
index c94dbb3cd65d..25c09b25d217 100644
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 7.7.1
+lastReleaseVersion: 7.7.2
diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml
index dabb65e61cef..7f8860bc6324 100644
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/java-all
-version: 7.7.2-dev
+version: 7.7.3-dev
groups: java
dbscheme: config/semmlecode.dbscheme
extractor: java
diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md
index 1e6df88fc31d..06133dffeba8 100644
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.8.2
+
+No user-facing changes.
+
## 1.8.1
No user-facing changes.
diff --git a/java/ql/src/change-notes/released/1.8.2.md b/java/ql/src/change-notes/released/1.8.2.md
new file mode 100644
index 000000000000..12e641fd7205
--- /dev/null
+++ b/java/ql/src/change-notes/released/1.8.2.md
@@ -0,0 +1,3 @@
+## 1.8.2
+
+No user-facing changes.
diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml
index 28a7c123ae84..559af8348bb0 100644
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.8.1
+lastReleaseVersion: 1.8.2
diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml
index b1ee0395fb2e..faf088b7a4a4 100644
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/java-queries
-version: 1.8.2-dev
+version: 1.8.3-dev
groups:
- java
- queries
diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md
index 975d14e10988..1e874227c37b 100644
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 2.6.13
+
+No user-facing changes.
+
## 2.6.12
### Minor Analysis Improvements
diff --git a/javascript/ql/lib/change-notes/released/2.6.13.md b/javascript/ql/lib/change-notes/released/2.6.13.md
new file mode 100644
index 000000000000..475bfb69be95
--- /dev/null
+++ b/javascript/ql/lib/change-notes/released/2.6.13.md
@@ -0,0 +1,3 @@
+## 2.6.13
+
+No user-facing changes.
diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml
index 8b34428a8454..9240f755da88 100644
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 2.6.12
+lastReleaseVersion: 2.6.13
diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml
index da942ea28a88..1ee1c8c78150 100644
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/javascript-all
-version: 2.6.13-dev
+version: 2.6.14-dev
groups: javascript
dbscheme: semmlecode.javascript.dbscheme
extractor: javascript
diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md
index 46aae437f779..f03b3a66e4d3 100644
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 2.1.2
+
+No user-facing changes.
+
## 2.1.1
No user-facing changes.
diff --git a/javascript/ql/src/change-notes/released/2.1.2.md b/javascript/ql/src/change-notes/released/2.1.2.md
new file mode 100644
index 000000000000..6e72407c8c7a
--- /dev/null
+++ b/javascript/ql/src/change-notes/released/2.1.2.md
@@ -0,0 +1,3 @@
+## 2.1.2
+
+No user-facing changes.
diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml
index 576c2ea18d68..1a4e53e87724 100644
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 2.1.1
+lastReleaseVersion: 2.1.2
diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml
index 2581f9476291..df854af7e2b2 100644
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/javascript-queries
-version: 2.1.2-dev
+version: 2.1.3-dev
groups:
- javascript
- queries
diff --git a/misc/suite-helpers/CHANGELOG.md b/misc/suite-helpers/CHANGELOG.md
index 4cbaa48190df..a6f9fcd2377b 100644
--- a/misc/suite-helpers/CHANGELOG.md
+++ b/misc/suite-helpers/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.0.33
+
+No user-facing changes.
+
## 1.0.32
No user-facing changes.
diff --git a/misc/suite-helpers/change-notes/released/1.0.33.md b/misc/suite-helpers/change-notes/released/1.0.33.md
new file mode 100644
index 000000000000..3a65838479f2
--- /dev/null
+++ b/misc/suite-helpers/change-notes/released/1.0.33.md
@@ -0,0 +1,3 @@
+## 1.0.33
+
+No user-facing changes.
diff --git a/misc/suite-helpers/codeql-pack.release.yml b/misc/suite-helpers/codeql-pack.release.yml
index 7bc5c51ba7bf..914c722b5d98 100644
--- a/misc/suite-helpers/codeql-pack.release.yml
+++ b/misc/suite-helpers/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 1.0.32
+lastReleaseVersion: 1.0.33
diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml
index 7715f68107e7..daf9a60662d0 100644
--- a/misc/suite-helpers/qlpack.yml
+++ b/misc/suite-helpers/qlpack.yml
@@ -1,4 +1,4 @@
name: codeql/suite-helpers
-version: 1.0.33-dev
+version: 1.0.34-dev
groups: shared
warnOnImplicitThis: true
diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md
index 070309c08a05..cb18c48a0510 100644
--- a/python/ql/lib/CHANGELOG.md
+++ b/python/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 4.0.17
+
+### Bug Fixes
+
+* The Python extractor no longer crashes with an `ImportError` when run using Python 3.14.
+
## 4.0.16
### Minor Analysis Improvements
diff --git a/python/ql/lib/change-notes/2025-10-13-fix-importerror-on-python-3.14.md b/python/ql/lib/change-notes/released/4.0.17.md
similarity index 77%
rename from python/ql/lib/change-notes/2025-10-13-fix-importerror-on-python-3.14.md
rename to python/ql/lib/change-notes/released/4.0.17.md
index d2eefde0e119..561e2db6a31c 100644
--- a/python/ql/lib/change-notes/2025-10-13-fix-importerror-on-python-3.14.md
+++ b/python/ql/lib/change-notes/released/4.0.17.md
@@ -1,4 +1,5 @@
----
-category: fix
----
+## 4.0.17
+
+### Bug Fixes
+
* The Python extractor no longer crashes with an `ImportError` when run using Python 3.14.
diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml
index 916d99df3ad6..d1339a1f762e 100644
--- a/python/ql/lib/codeql-pack.release.yml
+++ b/python/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
---
-lastReleaseVersion: 4.0.16
+lastReleaseVersion: 4.0.17
diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml
index 35ab576bf1a9..011afcb68446 100644
--- a/python/ql/lib/qlpack.yml
+++ b/python/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
name: codeql/python-all
-version: 4.0.17-dev
+version: 4.0.18-dev
groups: python
dbscheme: semmlecode.python.dbscheme
extractor: python
diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md
index e620dee4fca9..aef1a87136d6 100644
--- a/python/ql/src/CHANGELOG.md
+++ b/python/ql/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.6.7
+
+No user-facing changes.
+
## 1.6.6
### Minor Analysis Improvements
diff --git a/python/ql/src/Classes/CallsToInitDel/SuperclassDelCalledMultipleTimes.qhelp b/python/ql/src/Classes/CallsToInitDel/SuperclassDelCalledMultipleTimes.qhelp
index df9c073fcceb..e61627c878fb 100644
--- a/python/ql/src/Classes/CallsToInitDel/SuperclassDelCalledMultipleTimes.qhelp
+++ b/python/ql/src/Classes/CallsToInitDel/SuperclassDelCalledMultipleTimes.qhelp
@@ -16,7 +16,7 @@ If a superclass finalizer is called multiple times, this may lead to errors such
cleaned up properly as expected.
-There are a number of ways that a __del__ method may be be called more than once.
+There are a number of ways that a __del__ method may be called more than once.