No user-facing changes.

• The @security-severity metadata of rust/log-injection has been increased from 2.6 (low) to 6.1 (medium).
• The @security-severity metadata of rust/xss has been increased from 6.1 (medium) to 7.8 (high).

No user-facing changes.

No user-facing changes.

No user-facing changes.

• The macro resolution metric has been removed from rust/diagnostic/database-quality. This metric was found to be an unreliable indicator of database quality in many cases, leading to false alarms on the tool status page.

No user-facing changes.

No user-facing changes.

• Fixed common false positives for the rust/unused-variable and rust/unused-value queries.
• Fixed false positives from the rust/access-invalid-pointer query, by only considering dereferences of raw pointers as sinks.
• Fixed false positives from the rust/access-after-lifetime-ended query, involving calls to trait methods.
• The rust/hard-coded-cryptographic-value query has been extended with new heuristic sinks identifying passwords, initialization vectors, nonces and salts.

No user-facing changes.

No user-facing changes.

No user-facing changes.

• Added a new query rust/xss, to detect cross-site scripting security vulnerabilities.
• Added a new query rust/disabled-certificate-check, to detect disabled TLS certificate checks.
• Added three example queries (rust/examples/empty-if, rust/examples/simple-sql-injection and rust/examples/simple-constant-password) to help developers learn to write CodeQL queries for Rust.

• The rust/access-invalid-pointer query has been improved with new flow sources and barriers.

• Taint flow barriers have been added to the rust/regex-injection, rust/sql-injection and rust/log-injection, reducing the frequency of false positive results for these queries.

• The "Low Rust analysis quality" query (rust/diagnostic/database-quality), used by the tool status page, has been extended with a measure of successful type inference.

• Added a new query, rust/insecure-cookie, to detect cookies created without the 'Secure' attribute.

• Added a new query, rust/non-https-url, for detecting the use of non-HTTPS URLs that can be intercepted by third parties.

• Added a new query, rust/request-forgery, for detecting server-side request forgery vulnerabilities.

• The message for rust/diagnostic/database-quality has been updated to include detailed database health metrics. These changes are visible on the tool status page.

• Added a new query, rust/log-injection, for detecting cases where log entries could be forged by a malicious user.

• The "Low Rust analysis quality" query (rust/diagnostic/database-quality) has been tuned so that it won't trigger on databases that have extracted normally. This will remove spurious messages of "Low Rust analysis quality" on the CodeQL status page.
• Fixed an inconsistency across languages where most have a Customizations.qll file for adding customizations, but not all did.

• Added a new query, rust/cleartext-storage-database, for detecting cases where sensitive information is stored non-encrypted in a database.

• Added a new query, rust/hard-coded-cryptographic-value, for detecting use of hardcoded keys, passwords, salts and initialization vectors.

• Type inference now supports closures, calls to closures, and trait bounds using the FnOnce trait.
• Type inference now supports trait objects, i.e., dyn Trait types.
• Type inference now supports tuple types.

• Added a new query, rust/access-after-lifetime-ended, for detecting pointer dereferences after the lifetime of the pointed-to object has ended.

• Initial public preview release.

No user-facing changes.

No user-facing changes.

No user-facing changes.

• Changes to the MaD model generation infrastructure:
  • Changed the query rust/utils/modelgenerator/summary-models to use the implementation from rust/utils/modelgenerator/mixed-summary-models.
  • Removed the now-redundant rust/utils/modelgenerator/mixed-summary-models query.
  • A similar replacement was made for rust/utils/modelgenerator/neutral-models. That is, if GenerateFlowModel.py is provided with --with-summaries, combined/mixed models are now generated instead of heuristic models (and similar for --with-neutrals).

No user-facing changes.

No user-facing changes.

No user-facing changes.

No user-facing changes.

No user-facing changes.

No user-facing changes.

No user-facing changes.