Java/C++/C#: Add change notes.

aschackmull · aschackmull · commit 455bb6cd151b · 2019-08-30T14:35:21.000+02:00
diff --git a/change-notes/1.23/analysis-cpp.md b/change-notes/1.23/analysis-cpp.md
@@ -18,4 +18,10 @@ The following changes in version 1.23 affect C/C++ analysis in all applications.
 
 ## Changes to QL libraries
 
-- bullet list
+* The data-flow library has been extended with a new feature to aid debugging.
+  Instead of specifying `isSink(Node n) { any() }` on a configuration to
+  explore the possible flow from a source, it is recommended to use the new
+  `Configuration::hasPartialFlow` predicate, as this gives a more complete
+  picture of the partial flow paths from a given source. The feature is
+  disabled by default and can be enabled for individual configurations by
+  overriding `int explorationLimit()`.
diff --git a/change-notes/1.23/analysis-csharp.md b/change-notes/1.23/analysis-csharp.md
@@ -20,5 +20,12 @@ The following changes in version 1.23 affect C# analysis in all applications.
   arising from guards by overriding the predicate
   `isBarrierGuard`/`isSanitizerGuard` on data-flow and taint-tracking
   configurations respectively.
+* The data-flow library has been extended with a new feature to aid debugging.
+  Instead of specifying `isSink(Node n) { any() }` on a configuration to
+  explore the possible flow from a source, it is recommended to use the new
+  `Configuration::hasPartialFlow` predicate, as this gives a more complete
+  picture of the partial flow paths from a given source. The feature is
+  disabled by default and can be enabled for individual configurations by
+  overriding `int explorationLimit()`.
 
 ## Changes to autobuilder
diff --git a/change-notes/1.23/analysis-java.md b/change-notes/1.23/analysis-java.md
@@ -9,3 +9,13 @@ The following changes in version 1.23 affect Java analysis in all applications.
 | Query built from user-controlled sources (`java/sql-injection`) | More results | The query now identifies arguments to `Statement.executeLargeUpdate` and `Connection.prepareCall` as SQL expressions sinks. |
 | Query built from local-user-controlled sources (`java/sql-injection-local`) | More results | The query now identifies arguments to `Statement.executeLargeUpdate` and `Connection.prepareCall` as SQL expressions sinks. |
 | Query built without neutralizing special characters (`java/concatenated-sql-query`) | More results | The query now identifies arguments to `Statement.executeLargeUpdate` and `Connection.prepareCall` as SQL expressions sinks. |
+
+## Changes to QL libraries
+
+* The data-flow library has been extended with a new feature to aid debugging.
+  Instead of specifying `isSink(Node n) { any() }` on a configuration to
+  explore the possible flow from a source, it is recommended to use the new
+  `Configuration::hasPartialFlow` predicate, as this gives a more complete
+  picture of the partial flow paths from a given source. The feature is
+  disabled by default and can be enabled for individual configurations by
+  overriding `int explorationLimit()`.
