Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow

2025-12-24 12:46:34 +01:00 · 2023-01-31 11:15:42 +00:00
parent be359a32c0 ee442e4d4b
commit 1a27a069ac
168 changed files with 12074 additions and 5909 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,6 +5,11 @@ updates:
    schedule:
      interval: "daily"
  - package-ecosystem: "cargo"
    directory: "ql"
    schedule:
      interval: "daily"
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
--- a/config/identical-files.json
+++ b/config/identical-files.json
@@ -36,7 +36,6 @@
    "python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll",
    "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll",
    "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll",
    "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForRegExp.qll",
    "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForHttpClientLibraries.qll",
    "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForPathname.qll",
    "swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll"
--- a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
+++ b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
+++ b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
+++ b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
+++ b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl2.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl3.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl3.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl4.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl4.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplLocal.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplLocal.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll
@@ -412,6 +412,9 @@ class CallTargetOperand extends RegisterOperand {
 */
 class ArgumentOperand extends RegisterOperand {
  override ArgumentOperandTag tag;
  /** Gets the `CallInstruction` for which this is an argument. */
  CallInstruction getCall() { result.getAnArgumentOperand() = this }
 }
 /**
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Operand.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Operand.qll
@@ -412,6 +412,9 @@ class CallTargetOperand extends RegisterOperand {
 */
 class ArgumentOperand extends RegisterOperand {
  override ArgumentOperandTag tag;
  /** Gets the `CallInstruction` for which this is an argument. */
  CallInstruction getCall() { result.getAnArgumentOperand() = this }
 }
 /**
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Operand.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Operand.qll
@@ -412,6 +412,9 @@ class CallTargetOperand extends RegisterOperand {
 */
 class ArgumentOperand extends RegisterOperand {
  override ArgumentOperandTag tag;
  /** Gets the `CallInstruction` for which this is an argument. */
  CallInstruction getCall() { result.getAnArgumentOperand() = this }
 }
 /**
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplForContentDataFlow.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplForContentDataFlow.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/csharp/ql/src/experimental/ir/implementation/raw/Operand.qll
+++ b/csharp/ql/src/experimental/ir/implementation/raw/Operand.qll
@@ -412,6 +412,9 @@ class CallTargetOperand extends RegisterOperand {
 */
 class ArgumentOperand extends RegisterOperand {
  override ArgumentOperandTag tag;
  /** Gets the `CallInstruction` for which this is an argument. */
  CallInstruction getCall() { result.getAnArgumentOperand() = this }
 }
 /**
--- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Operand.qll
+++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Operand.qll
@@ -412,6 +412,9 @@ class CallTargetOperand extends RegisterOperand {
 */
 class ArgumentOperand extends RegisterOperand {
  override ArgumentOperandTag tag;
  /** Gets the `CallInstruction` for which this is an argument. */
  CallInstruction getCall() { result.getAnArgumentOperand() = this }
 }
 /**
--- a/docs/codeql/writing-codeql-queries/metadata-for-codeql-queries.rst
+++ b/docs/codeql/writing-codeql-queries/metadata-for-codeql-queries.rst
@@ -45,7 +45,7 @@ The following properties are supported by all query files:
 |                       | | ``high``                |                                                                                                                                                                                                                                                                                                                                                                       |
 |                       | | ``very-high``           |                                                                                                                                                                                                                                                                                                                                                                       |
 +-----------------------+---------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
-| ``@problem.severity`` | | ``error``               | Defines the level of severity of any alerts generated by a non-security query. This, along with the ``@precision`` property, determines how the results are displayed on GitHub.                                                                                                                                                                                      |
+| ``@problem.severity`` | | ``error``               | Defines the level of severity of any alerts generated by a non-security query. This, along with the ``@precision`` property, determines how the results are displayed on GitHub. For more information, see the `Query metadata style guide <https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md>`__.                                        |
 |                       | | ``warning``             |                                                                                                                                                                                                                                                                                                                                                                       |
 |                       | | ``recommendation``      |                                                                                                                                                                                                                                                                                                                                                                       |
 +-----------------------+---------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
--- a/go/extractor/util/util.go
+++ b/go/extractor/util/util.go
@@ -170,7 +170,7 @@ func GetPkgDir(pkgpath string, flags ...string) string {
 // DepErrors checks there are any errors resolving dependencies for `pkgpath`. It passes the `go
 // list` command the flags specified by `flags`.
 func DepErrors(pkgpath string, flags ...string) bool {
-	out, err := runGoList("{{if .DepsErrors}}{{else}}error{{end}}", []string{pkgpath}, flags...)
+	out, err := runGoList("{{if .DepsErrors}}error{{else}}{{end}}", []string{pkgpath}, flags...)
 	if err != nil {
 		// if go list failed, assume dependencies are broken
 		return false
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl2.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplForStringsNewReplacer.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImplForStringsNewReplacer.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/kotlin-extractor/src/main/java/com/semmle/extractor/java/OdasaOutput.java
+++ b/java/kotlin-extractor/src/main/java/com/semmle/extractor/java/OdasaOutput.java
@@ -50,10 +50,6 @@ import com.semmle.util.trap.dependencies.TrapSet;
 import com.semmle.util.trap.pathtransformers.PathTransformer;
 public class OdasaOutput {
 	// By default we use lockless TRAP writing, but this can be set
 	// if we want to use the old TRAP locking for any reason.
 	private final boolean use_trap_locking = Env.systemEnv().getBoolean("CODEQL_EXTRACTOR_JAVA_TRAP_LOCKING", false);
 	// either these are set ...
 	private final File trapFolder;
 	private final File sourceArchiveFolder;
@@ -270,55 +266,36 @@ public class OdasaOutput {
 	 * 		For functions for example, this means its parameter signature.
 	 */
 	private TrapFileManager getMembersWriterForDecl(File trap, File trapFileBase, TrapClassVersion trapFileVersion, IrElement sym, String signature) {
-		if (use_trap_locking) {
+		// If the TRAP file already exists then we
-			TrapClassVersion currVersion = TrapClassVersion.fromSymbol(sym, log);
+		// don't need to write it.
-			String shortName = sym instanceof IrDeclarationWithName ? ((IrDeclarationWithName)sym).getName().asString() : "(name unknown)";
+		if (trap.exists()) {
-			if (trap.exists()) {
+			log.trace("Not rewriting trap file for " + trap.toString() + " as it exists");
-				// Only re-write an existing trap file if we encountered a newer version of the same class.
+			return null;
-				TrapClassVersion trapVersion = readVersionInfo(trap);
+		}
-				if (!currVersion.isValid()) {
+		// If the TRAP file was written in the past, and
-					log.trace("Not rewriting trap file for: " + shortName + " " + trapVersion + " " + currVersion + " " + trap);
+		// then renamed to its trap-old name, then we
-				} else if (currVersion.newerThan(trapVersion)) {
+		// don't need to rewrite it only to rename it
-					log.trace("Rewriting trap file for: " + shortName + " " + trapVersion + " " + currVersion + " " + trap);
+		// again.
-					deleteTrapFileAndDependencies(sym, signature);
+		File trapFileDir = trap.getParentFile();
-				} else {
+		File trapOld = new File(trapFileDir, trap.getName().replace(".trap.gz", ".trap-old.gz"));
-					return null;
+		if (trapOld.exists()) {
-				}
+			log.trace("Not rewriting trap file for " + trap.toString() + " as the trap-old exists");
-			} else {
+			return null;
-				log.trace("Writing trap file for: " + shortName + " " + currVersion + " " + trap);
+		}
-			}
+		// Otherwise, if any newer TRAP file has already
-		} else {
+		// been written then we don't need to write
-			// If the TRAP file already exists then we
+		// anything.
-			// don't need to write it.
+		if (trapFileBase != null && trapFileVersion != null && trapFileDir.exists()) {
-			if (trap.exists()) {
+			String trapFileBaseName = trapFileBase.getName();
 				log.trace("Not rewriting trap file for " + trap.toString() + " as it exists");
 				return null;
 			}
 			// If the TRAP file was written in the past, and
 			// then renamed to its trap-old name, then we
 			// don't need to rewrite it only to rename it
 			// again.
 			File trapFileDir = trap.getParentFile();
 			File trapOld = new File(trapFileDir, trap.getName().replace(".trap.gz", ".trap-old.gz"));
 			if (trapOld.exists()) {
 				log.trace("Not rewriting trap file for " + trap.toString() + " as the trap-old exists");
 				return null;
 			}
 			// Otherwise, if any newer TRAP file has already
 			// been written then we don't need to write
 			// anything.
 			if (trapFileBase != null && trapFileVersion != null && trapFileDir.exists()) {
 				String trapFileBaseName = trapFileBase.getName();
-				for (File f: FileUtil.list(trapFileDir)) {
+			for (File f: FileUtil.list(trapFileDir)) {
-					String name = f.getName();
+				String name = f.getName();
-					Matcher m = selectClassVersionComponents.matcher(name);
+				Matcher m = selectClassVersionComponents.matcher(name);
-					if (m.matches() && m.group(1).equals(trapFileBaseName)) {
+				if (m.matches() && m.group(1).equals(trapFileBaseName)) {
-						TrapClassVersion v = new TrapClassVersion(Integer.valueOf(m.group(2)), Integer.valueOf(m.group(3)), Long.valueOf(m.group(4)), m.group(5));
+					TrapClassVersion v = new TrapClassVersion(Integer.valueOf(m.group(2)), Integer.valueOf(m.group(3)), Long.valueOf(m.group(4)), m.group(5));
-						if (v.newerThan(trapFileVersion)) {
+					if (v.newerThan(trapFileVersion)) {
-							log.trace("Not rewriting trap file for " + trap.toString() + " as " + f.toString() + " exists");
+						log.trace("Not rewriting trap file for " + trap.toString() + " as " + f.toString() + " exists");
-							return null;
+						return null;
 						}
 					}
 				}
 			}
@@ -374,25 +351,6 @@ public class OdasaOutput {
 			}
 			writeTrapDependencies(trapDependenciesForClass);
 			// If we are using TRAP locking then we
 			// need to write a metadata file.
 			if (use_trap_locking) {
 				// Record major/minor version information for extracted class files.
 				// This is subsequently used to determine whether to re-extract (a newer version of) the same class.
 				File metadataFile = new File(trapFile.getAbsolutePath().replace(".trap.gz", ".metadata"));
 				try {
 					Map<String, String> versionMap = new LinkedHashMap<>();
 					TrapClassVersion tcv = TrapClassVersion.fromSymbol(sym, log);
 					versionMap.put(MAJOR_VERSION, String.valueOf(tcv.getMajorVersion()));
 					versionMap.put(MINOR_VERSION, String.valueOf(tcv.getMinorVersion()));
 					versionMap.put(LAST_MODIFIED, String.valueOf(tcv.getLastModified()));
 					versionMap.put(EXTRACTOR_NAME, tcv.getExtractorName());
 					FileUtil.writePropertiesCSV(metadataFile, versionMap);
 				} catch (IOException e) {
 					log.warn("Could not save trap metadata file: " + metadataFile.getAbsolutePath(), e);
 				}
 			}
 		}
 		private void writeTrapDependencies(TrapDependencies trapDependencies) {
 			String dep = trapDependencies.trapFile().replace(".trap.gz", ".dep");
@@ -480,22 +438,18 @@ public class OdasaOutput {
 				trapFile = null;
 			} else {
 				File normalTrapFile = getTrapFileForDecl(sym, signature);
-				if (use_trap_locking) {
+				// We encode the metadata into the filename, so that the
-					trapFile = normalTrapFile;
+				// TRAP filenames for different metadatas don't overlap.
-				} else {
+				if (fromSource)
-					// We encode the metadata into the filename, so that the
+					trapFileVersion = new TrapClassVersion(0, 0, 0, "kotlin");
-					// TRAP filenames for different metadatas don't overlap.
+				else
-					if (fromSource)
+					trapFileVersion = TrapClassVersion.fromSymbol(sym, log);
-						trapFileVersion = new TrapClassVersion(0, 0, 0, "kotlin");
+				String baseName = normalTrapFile.getName().replace(".trap.gz", "");
-					else
+				// If a class has lots of inner classes, then we get lots of files
-						trapFileVersion = TrapClassVersion.fromSymbol(sym, log);
+				// in a single directory. This makes our directory listings later slow.
-					String baseName = normalTrapFile.getName().replace(".trap.gz", "");
+				// To avoid this, rather than using files named .../Foo*, we use .../Foo/Foo*.
-					// If a class has lots of inner classes, then we get lots of files
+				trapFileBase = new File(new File(normalTrapFile.getParentFile(), baseName), baseName);
-					// in a single directory. This makes our directory listings later slow.
+				trapFile = new File(trapFileBase.getPath() + '#' + trapFileVersion.toString() + ".trap.gz");
 					// To avoid this, rather than using files named .../Foo*, we use .../Foo/Foo*.
 					trapFileBase = new File(new File(normalTrapFile.getParentFile(), baseName), baseName);
 					trapFile = new File(trapFileBase.getPath() + '#' + trapFileVersion.toString() + ".trap.gz");
 				}
 			}
 		}
 		private TrapLocker(File jarFile) {
@@ -510,9 +464,6 @@ public class OdasaOutput {
 		}
 		public TrapFileManager getTrapFileManager() {
 			if (trapFile!=null) {
 				if (use_trap_locking) {
 					lockTrapFile(trapFile);
 				}
 				return getMembersWriterForDecl(trapFile, trapFileBase, trapFileVersion, sym, signature);
 			} else {
 				return null;
@@ -522,23 +473,14 @@ public class OdasaOutput {
 		@Override
 		public void close() {
 			if (trapFile!=null) {
-				try {
+				// Now that we have finished writing our TRAP file, we want
-					if (use_trap_locking) {
+				// to rename and TRAP file that matches our trapFileBase
-						unlockTrapFile(trapFile);
+				// but doesn't have the latest metadata.
 					}
 				} catch (NestedError e) {
 					log.warn("Error unlocking trap file " + trapFile.getAbsolutePath(), e);
 				}
 				// If we are writing TRAP file locklessly, then now that we
 				// have finished writing our TRAP file, we want to rename
 				// and TRAP file that matches our trapFileBase but doesn't
 				// have the latest metadata.
 				// Renaming it to trap-old means that it won't be imported,
 				// but we can still use its presence to avoid future
 				// invocations rewriting it, and it means that the information
 				// is in the TRAP directory if we need it for debugging.
-				if (!use_trap_locking && sym != null) {
+				if (sym != null) {
 					File trapFileDir = trapFileBase.getParentFile();
 					String trapFileBaseName = trapFileBase.getName();
--- a/java/ql/integration-tests/all-platforms/java/gradle-sample/test.py
+++ b/java/ql/integration-tests/all-platforms/java/gradle-sample/test.py
@@ -2,4 +2,7 @@ import sys
 from create_database_utils import *
 #The version of gradle used doesn't work on java 17
 try_use_java11()
 run_codeql_database_create([], lang="java")
--- a/java/ql/integration-tests/all-platforms/java/partial-gradle-sample/test.py
+++ b/java/ql/integration-tests/all-platforms/java/partial-gradle-sample/test.py
@@ -2,4 +2,7 @@ import sys
 from create_database_utils import *
 #The version of gradle used doesn't work on java 17
 try_use_java11()
 run_codeql_database_create([], lang="java")
--- a/java/ql/lib/change-notes/2023-01-27-update-queryproducer-sinks.md
+++ b/java/ql/lib/change-notes/2023-01-27-update-queryproducer-sinks.md
@@ -0,0 +1,4 @@
 ---
 category: minorAnalysis
 ---
 * Added sink models for the `createQuery`, `createNativeQuery`, and `createSQLQuery` methods of the `org.hibernate.query.QueryProducer` interface.
--- a/java/ql/lib/ext/org.hibernate.model.yml
+++ b/java/ql/lib/ext/org.hibernate.model.yml
@@ -3,9 +3,6 @@ extensions:
      pack: codeql/java-all
      extensible: sinkModel
    data:
      - ["org.hibernate", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql", "manual"]
      - ["org.hibernate", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql", "manual"]
      - ["org.hibernate", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"]
      - ["org.hibernate", "Session", True, "createQuery", "", "", "Argument[0]", "sql", "manual"]
      - ["org.hibernate", "Session", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"]
      - ["org.hibernate", "SharedSessionContract", True, "createQuery", "", "", "Argument[0]", "sql", "manual"]
--- a/java/ql/lib/ext/org.hibernate.query.model.yml
+++ b/java/ql/lib/ext/org.hibernate.query.model.yml
@@ -0,0 +1,8 @@
 extensions:
  - addsTo:
      pack: codeql/java-all
      extensible: sinkModel
    data:
      - ["org.hibernate.query", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql", "manual"]
      - ["org.hibernate.query", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql", "manual"]
      - ["org.hibernate.query", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll
@@ -197,6 +197,20 @@ module ClientRequest {
  /** Gets the string `url` or `uri`. */
  private string urlPropertyName() { result = "url" or result = "uri" }
  /** An API entry-point for the global variable `axios`. */
  private class AxiosGlobalEntryPoint extends API::EntryPoint {
    AxiosGlobalEntryPoint() { this = "axiosGlobal" }
    override DataFlow::SourceNode getASource() { result = DataFlow::globalVarRef("axios") }
  }
  /** Gets a reference to the `axios` library. */
  private API::Node axios() {
    result = API::moduleImport("axios")
    or
    result = API::root().getASuccessor(API::Label::entryPoint(any(AxiosGlobalEntryPoint entry)))
  }
  /**
   * A model of a URL request made using the `axios` library.
   */
@@ -204,9 +218,10 @@ module ClientRequest {
    string method;
    AxiosUrlRequest() {
-      this = API::moduleImport("axios").getACall() and method = "request"
+      this = axios().getACall() and
      method = "request"
      or
-      this = API::moduleImport("axios").getMember(method).getACall() and
+      this = axios().getMember(method).getACall() and
      method = [httpMethodName(), "request"]
    }
--- a/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequests.expected
+++ b/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequests.expected
@@ -5,6 +5,8 @@ test_ClientRequest
 | apollo.js:17:1:17:34 | new Pre ... yurl"}) |
 | apollo.js:20:1:20:77 | createN ... phql'}) |
 | apollo.js:23:1:23:31 | new Web ... wsUri}) |
 | axiosTest.js:4:5:7:6 | axios({ ... \\n    }) |
 | axiosTest.js:12:5:17:6 | axios({ ... \\n    }) |
 | puppeteer.ts:6:11:6:42 | page.go ... e.com') |
 | puppeteer.ts:8:5:8:61 | page.ad ... css" }) |
 | puppeteer.ts:18:30:18:50 | page.go ... estUrl) |
@@ -90,6 +92,8 @@ test_ClientRequest
 | tst.js:296:5:299:6 | axios({ ... \\n    }) |
 | tst.js:312:12:312:36 | fetchPo ... o/bar') |
 test_getADataNode
 | axiosTest.js:12:5:17:6 | axios({ ... \\n    }) | axiosTest.js:15:18:15:55 | { 'Cont ... json' } |
 | axiosTest.js:12:5:17:6 | axios({ ... \\n    }) | axiosTest.js:16:15:16:35 | {x: 'te ... 'test'} |
 | tst.js:53:5:53:23 | axios({data: data}) | tst.js:53:18:53:21 | data |
 | tst.js:57:5:57:39 | axios.p ... data2}) | tst.js:57:19:57:23 | data1 |
 | tst.js:57:5:57:39 | axios.p ... data2}) | tst.js:57:33:57:37 | data2 |
@@ -143,6 +147,10 @@ test_getUrl
 | apollo.js:17:1:17:34 | new Pre ... yurl"}) | apollo.js:17:26:17:32 | "myurl" |
 | apollo.js:20:1:20:77 | createN ... phql'}) | apollo.js:20:30:20:75 | 'https: ... raphql' |
 | apollo.js:23:1:23:31 | new Web ... wsUri}) | apollo.js:23:25:23:29 | wsUri |
 | axiosTest.js:4:5:7:6 | axios({ ... \\n    }) | axiosTest.js:4:11:7:5 | {\\n      ... ,\\n    } |
 | axiosTest.js:4:5:7:6 | axios({ ... \\n    }) | axiosTest.js:6:14:6:16 | url |
 | axiosTest.js:12:5:17:6 | axios({ ... \\n    }) | axiosTest.js:12:11:17:5 | {\\n      ... }\\n    } |
 | axiosTest.js:12:5:17:6 | axios({ ... \\n    }) | axiosTest.js:14:14:14:16 | url |
 | puppeteer.ts:6:11:6:42 | page.go ... e.com') | puppeteer.ts:6:21:6:41 | 'https: ... le.com' |
 | puppeteer.ts:8:5:8:61 | page.ad ... css" }) | puppeteer.ts:8:29:8:58 | "http:/ ... le.css" |
 | puppeteer.ts:18:30:18:50 | page.go ... estUrl) | puppeteer.ts:18:40:18:49 | requestUrl |
@@ -233,6 +241,8 @@ test_getUrl
 | tst.js:296:5:299:6 | axios({ ... \\n    }) | tst.js:298:14:298:44 | "http:/ ... -axios" |
 | tst.js:312:12:312:36 | fetchPo ... o/bar') | tst.js:312:26:312:35 | '/foo/bar' |
 test_getAResponseDataNode
 | axiosTest.js:4:5:7:6 | axios({ ... \\n    }) | axiosTest.js:4:5:7:6 | axios({ ... \\n    }) | json | true |
 | axiosTest.js:12:5:17:6 | axios({ ... \\n    }) | axiosTest.js:12:5:17:6 | axios({ ... \\n    }) | json | true |
 | tst.js:19:5:19:23 | requestPromise(url) | tst.js:19:5:19:23 | requestPromise(url) | text | true |
 | tst.js:21:5:21:23 | superagent.get(url) | tst.js:21:5:21:23 | superagent.get(url) | stream | true |
 | tst.js:25:5:25:14 | axios(url) | tst.js:25:5:25:14 | axios(url) |  | true |
--- a/javascript/ql/test/library-tests/frameworks/ClientRequests/axiosTest.js
+++ b/javascript/ql/test/library-tests/frameworks/ClientRequests/axiosTest.js
@@ -0,0 +1,21 @@
 //Use of axios as a global variable instead of an imported module to make Ajax calls 
 var testvar = function () {
    axios({
        method: 'get',
        url: url,
    }).then(function (response) {
        console.log(response.data) })
    axios({
        method: 'post',
        url: url,
        headers: { 'Content-Type': 'application/json' },
        data: {x: 'test', y:'test'}
    }).then(function (response) {
        console.log(response.data) })
 }
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/ql/Cargo.lock
+++ b/ql/Cargo.lock
--- a/ql/extractor/Cargo.toml
+++ b/ql/extractor/Cargo.toml
@@ -18,4 +18,4 @@ tracing = "0.1"
 tracing-subscriber = { version = "0.3.3", features = ["env-filter"] }
 rayon = "1.5.0"
 num_cpus = "1.13.0"
-regex = "1.5.5"
+regex = "1.7.1"
--- a/ql/ql/src/codeql_ql/ast/internal/Builtins.qll
+++ b/ql/ql/src/codeql_ql/ast/internal/Builtins.qll
@@ -115,6 +115,12 @@ module QlBuiltinsMocks {
      or
      i = 2 and
      result instanceof EquivalenceRelation::EquivalenceRelationModule
      or
      i = 3 and
      result instanceof NewEntity::EntityKeySigClass
      or
      i = 4 and
      result instanceof NewEntity::NewEntityModule
    }
  }
@@ -123,15 +129,16 @@ module QlBuiltinsMocks {
   * The equivalent to the following is implemented:
   * ```CodeQL
   * module QlBuiltins {
-   *  signature class T;
+   *   signature class T;
-   *  module EdgeSig<T MyT> { // This might not be needed.
+   *   module EdgeSig<T MyT> { // This might not be needed.
-   *    signature predicate edgeSig(MyT a, MyT b);
+   *     signature predicate edgeSig(MyT a, MyT b);
-   *  }
+   *   }
-   *  module EquivalenceRelation<T MyT, EdgeSig<MyT>::edgeSig/2 edge> { // the `edge` parameter is not modeled
+   *   module EquivalenceRelation<T MyT, EdgeSig<MyT>::edgeSig/2 edge> { // the `edge` parameter is not modeled
-   *    class EquivalenceClass;
+   *     class EquivalenceClass;
-   *    EquivalenceClass getEquivalenceClass(MyT a);
+   *     EquivalenceClass getEquivalenceClass(MyT a);
-   *  }
+   *   }
-   *}
+   * }
   * ```
   */
  module EquivalenceRelation {
    class SigClass extends MockClass::Range {
@@ -259,4 +266,92 @@ module QlBuiltinsMocks {
      override string getClassName() { result = "EquivalenceClass" }
    }
  }
  /**
   * A mock that implements the `NewEntity` module.
   * The equivalent to the following is implemented:
   * ```CodeQL
   * class EntityKeySig;
   * module NewEntity<EntityKeySig EntityKey> {
   *   class EntityId;
   *
   *   EntityId map(EntityKey key) { none() }
   * }
   * ```
   */
  module NewEntity {
    class EntityKeySigClass extends MockClass::Range {
      EntityKeySigClass() { this = "Mock: QlBuiltins::NewEntity::EntityKeySig" }
      override string getName() { result = "EntityKeySig" }
    }
    class NewEntityModule extends MockModule::Range {
      NewEntityModule() { this = "Mock: QlBuiltins::NewEntity" }
      override string getName() { result = "NewEntity" }
      override string getMember(int i) {
        i = 0 and result instanceof EntityIdClass
        or
        i = 1 and result instanceof NewEntityMapPredicate
      }
      ///  Holds if the `i`th type parameter has `type` (the ID of the mocked node) with `name`.
      override predicate hasTypeParam(int i, string type, string name) {
        i = 0 and
        name = "EntityKey" and
        type instanceof EntityKeySigTypeExpr
      }
    }
    class EntityKeySigTypeExpr extends MockTypeExpr::Range {
      EntityKeySigTypeExpr() { this = "Mock: QlBuiltins::NewEntity::EntityKey" }
      override string getClassName() { result = "EntityKeySig" }
    }
    class EntityIdClass extends MockClass::Range {
      EntityIdClass() { this = "Mock: QlBuiltins::NewEntity::EntityId" }
      override string getName() { result = "EntityId" }
    }
    class NewEntityMapPredicate extends MockClasslessPredicate::Range {
      NewEntityMapPredicate() { this = "Mock: QlBuiltins::NewEntity::map" }
      override string getName() { result = "map" }
      override string getParameter(int i) {
        i = 0 and
        result instanceof NewEntityMapPredicateParam
      }
      override MockTypeExpr::Range getReturnTypeExpr() {
        result.(NewEntityMapPredicateTypes).getClassName() = "EntityId"
      }
    }
    // both the TypeExprs used in the `map` predicate.
    class NewEntityMapPredicateTypes extends MockTypeExpr::Range {
      string type;
      NewEntityMapPredicateTypes() {
        type = ["EntityId", "EntityKey"] and
        this = "Mock: QlBuiltins::NewEntity::map::T#" + type
      }
      override string getClassName() { result = type }
    }
    class NewEntityMapPredicateParam extends MockVarDecl::Range {
      NewEntityMapPredicateParam() { this = "Mock: QlBuiltins::NewEntity::map::#0" }
      override string getName() { result = "key" }
      override MockTypeExpr::Range getType() {
        result.(NewEntityMapPredicateTypes).getClassName() = "EntityKey"
      }
    }
  }
 }
--- a/ql/ql/test/modules/Foo.qll
+++ b/ql/ql/test/modules/Foo.qll
@@ -34,3 +34,27 @@ private class TypeFlowScc = Scc::EquivalenceClass;
 predicate sccRepr(Node n, TypeFlowScc scc) { scc = Scc::getEquivalenceClass(n) }
 predicate sccJoinStep(Node n, TypeFlowScc scc) { none() }
 module NewEntity {
  newtype TFoo = TFoo1()
  newtype EntityKey =
    Key1() or
    Key2()
  // this errors out in normal QL, but QL-for-QL doesn't differentiate between upgrade scripts and "normal" code, and it also doesn't care if the number of type-parameters matches.
  // so this should work fine in QL-for-QL
  module NewEntityModule = QlBuiltins::NewEntity<EntityKey>;
  class Union = TFoo or NewEntityModule::EntityId;
  class Foo extends Union {
    string toString() { none() }
  }
  predicate foo(Foo id, string message) {
    id = NewEntityModule::map(Key1()) and message = "upgrade-1"
    or
    id = NewEntityModule::map(Key2()) and message = "upgrade-2"
  }
 }
--- a/ql/ql/test/modules/test.expected
+++ b/ql/ql/test/modules/test.expected
@@ -14,6 +14,14 @@ getTarget
 | Foo.qll:31:29:31:31 | Scc | file://:0:0:0:0 | EquivalenceRelation |
 | Foo.qll:34:52:34:54 | Scc | Foo.qll:29:16:29:18 | Scc |
 | Foo.qll:34:52:34:54 | Scc | file://:0:0:0:0 | EquivalenceRelation |
 | Foo.qll:47:28:47:37 | QlBuiltins | file://:0:0:0:0 | QlBuiltins |
 | Foo.qll:47:28:47:59 | NewEntity | file://:0:0:0:0 | NewEntity |
 | Foo.qll:49:25:49:39 | NewEntityModule | Foo.qll:47:10:47:24 | NewEntityModule |
 | Foo.qll:49:25:49:39 | NewEntityModule | file://:0:0:0:0 | NewEntity |
 | Foo.qll:56:10:56:24 | NewEntityModule | Foo.qll:47:10:47:24 | NewEntityModule |
 | Foo.qll:56:10:56:24 | NewEntityModule | file://:0:0:0:0 | NewEntity |
 | Foo.qll:58:10:58:24 | NewEntityModule | Foo.qll:47:10:47:24 | NewEntityModule |
 | Foo.qll:58:10:58:24 | NewEntityModule | file://:0:0:0:0 | NewEntity |
 getTargetType
 | ClassSig.qll:3:23:3:28 | TypeExpr | file://:0:0:0:0 | string |
 | ClassSig.qll:7:12:7:17 | TypeExpr | ClassSig.qll:1:17:1:22 | FooSig |
@@ -44,6 +52,25 @@ getTargetType
 | Foo.qll:34:52:34:54 | Scc | file://:0:0:0:0 | EquivalenceRelation |
 | Foo.qll:36:23:36:26 | TypeExpr | Foo.qll:23:7:23:10 | Node |
 | Foo.qll:36:31:36:41 | TypeExpr | file://:0:0:0:0 | EquivalenceClass |
 | Foo.qll:47:28:47:37 | QlBuiltins | file://:0:0:0:0 | QlBuiltins |
 | Foo.qll:47:28:47:59 | NewEntity | file://:0:0:0:0 | NewEntity |
 | Foo.qll:47:50:47:58 | TypeExpr | Foo.qll:41:11:41:19 | EntityKey |
 | Foo.qll:49:17:49:20 | TypeExpr | Foo.qll:39:11:39:14 | TFoo |
 | Foo.qll:49:25:49:39 | NewEntityModule | Foo.qll:47:10:47:24 | NewEntityModule |
 | Foo.qll:49:25:49:39 | NewEntityModule | file://:0:0:0:0 | NewEntity |
 | Foo.qll:49:25:49:49 | TypeExpr | file://:0:0:0:0 | EntityId |
 | Foo.qll:51:21:51:25 | TypeExpr | Foo.qll:49:9:49:13 | Union |
 | Foo.qll:52:5:52:10 | TypeExpr | file://:0:0:0:0 | string |
 | Foo.qll:55:17:55:19 | TypeExpr | Foo.qll:51:9:51:11 | Foo |
 | Foo.qll:55:25:55:30 | TypeExpr | file://:0:0:0:0 | string |
 | Foo.qll:56:10:56:24 | NewEntityModule | Foo.qll:47:10:47:24 | NewEntityModule |
 | Foo.qll:56:10:56:24 | NewEntityModule | file://:0:0:0:0 | NewEntity |
 | Foo.qll:58:10:58:24 | NewEntityModule | Foo.qll:47:10:47:24 | NewEntityModule |
 | Foo.qll:58:10:58:24 | NewEntityModule | file://:0:0:0:0 | NewEntity |
 | file://:0:0:0:0 | TypeExpr | Foo.qll:41:11:41:19 | EntityKey |
 | file://:0:0:0:0 | TypeExpr | file://:0:0:0:0 | EntityId |
 | file://:0:0:0:0 | TypeExpr | file://:0:0:0:0 | EntityKeySig |
 | file://:0:0:0:0 | TypeExpr | file://:0:0:0:0 | EntityKeySig |
 | file://:0:0:0:0 | TypeExpr | file://:0:0:0:0 | EquivalenceClass |
 | file://:0:0:0:0 | TypeExpr | file://:0:0:0:0 | T |
 | file://:0:0:0:0 | TypeExpr | file://:0:0:0:0 | T |
--- a/ruby/ql/lib/codeql/ruby/Concepts.qll
+++ b/ruby/ql/lib/codeql/ruby/Concepts.qll
@@ -10,6 +10,7 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.Frameworks
 private import codeql.ruby.dataflow.RemoteFlowSources
 private import codeql.ruby.ApiGraphs
 private import codeql.ruby.Regexp as RE
 /**
 * A data-flow node that constructs a SQL statement.
@@ -77,6 +78,49 @@ module SqlExecution {
  }
 }
 /**
 * A data-flow node that executes a regular expression.
 *
 * Extend this class to refine existing API models. If you want to model new APIs,
 * extend `RegexExecution::Range` instead.
 */
 class RegexExecution extends DataFlow::Node instanceof RegexExecution::Range {
  /** Gets the data flow node for the regex being executed by this node. */
  DataFlow::Node getRegex() { result = super.getRegex() }
  /** Gets a dataflow node for the string to be searched or matched against. */
  DataFlow::Node getString() { result = super.getString() }
  /**
   * Gets the name of this regex execution, typically the name of an executing method.
   * This is used for nice alert messages and should include the module if possible.
   */
  string getName() { result = super.getName() }
 }
 /** Provides classes for modeling new regular-expression execution APIs. */
 module RegexExecution {
  /**
   * A data-flow node that executes a regular expression.
   *
   * Extend this class to model new APIs. If you want to refine existing API models,
   * extend `RegexExecution` instead.
   */
  abstract class Range extends DataFlow::Node {
    /** Gets the data flow node for the regex being executed by this node. */
    abstract DataFlow::Node getRegex();
    /** Gets a dataflow node for the string to be searched or matched against. */
    abstract DataFlow::Node getString();
    /**
     * Gets the name of this regex execution, typically the name of an executing method.
     * This is used for nice alert messages and should include the module if possible.
     */
    abstract string getName();
  }
 }
 /**
 * A data flow node that performs a file system access, including reading and writing data,
 * creating and deleting files and folders, checking and updating permissions, and so on.
--- a/ruby/ql/lib/codeql/ruby/Regexp.qll
+++ b/ruby/ql/lib/codeql/ruby/Regexp.qll
@@ -7,10 +7,12 @@
 import regexp.RegExpTreeView // re-export
 private import regexp.internal.ParseRegExp
-private import regexp.internal.RegExpConfiguration
+private import regexp.internal.RegExpTracking as RegExpTracking
-private import codeql.ruby.ast.Literal as Ast
+private import codeql.ruby.AST as Ast
 private import codeql.ruby.CFG
 private import codeql.ruby.DataFlow
 private import codeql.ruby.ApiGraphs
 private import codeql.ruby.Concepts
 /**
 * Provides utility predicates related to regular expressions.
@@ -63,7 +65,11 @@ private class RegExpLiteralPatternSource extends RegExpPatternSource {
 private class StringRegExpPatternSource extends RegExpPatternSource {
  private DataFlow::Node parse;
-  StringRegExpPatternSource() { this = regExpSource(parse) }
+  StringRegExpPatternSource() {
    this = regExpSource(parse) and
    // `regExpSource()` tracks both strings and regex literals, narrow it down to strings.
    this.asExpr().getConstantValue().isString(_)
  }
  override DataFlow::Node getAParse() { result = parse }
@@ -104,6 +110,7 @@ module RegExpInterpretation {
 /**
 * A node interpreted as a regular expression.
 * Speficically nodes where string values are interpreted as regular expressions.
 */
 class StdLibRegExpInterpretation extends RegExpInterpretation::Range {
  StdLibRegExpInterpretation() {
@@ -115,16 +122,100 @@ class StdLibRegExpInterpretation extends RegExpInterpretation::Range {
      mce.getMethodName() = ["match", "match?"] and
      this = mce.getArgument(0) and
      // exclude https://ruby-doc.org/core-2.4.0/Regexp.html#method-i-match
-      not mce.getReceiver() = trackRegexpType()
+      not mce.getReceiver() = RegExpTracking::trackRegexpType()
    )
  }
 }
 /**
 * Holds if `exec` is a node where `regexp` is interpreted as a regular expression and
 * tested against the string value of `input`.
 * `name` describes the regexp execution, typically the name of the method being called.
 */
 private predicate regexExecution(
  DataFlow::Node exec, DataFlow::Node input, DataFlow::Node regexp, string name
 ) {
  // `=~` or `!~`
  exists(CfgNodes::ExprNodes::BinaryOperationCfgNode op |
    name = op.getOperator() and
    exec.asExpr() = op and
    (
      op.getExpr() instanceof Ast::RegExpMatchExpr or
      op.getExpr() instanceof Ast::NoRegExpMatchExpr
    ) and
    (
      input.asExpr() = op.getLeftOperand() and regexp.asExpr() = op.getRightOperand()
      or
      input.asExpr() = op.getRightOperand() and regexp.asExpr() = op.getLeftOperand()
    )
  )
  or
  // Any of the methods on `String` that take a regexp.
  exists(DataFlow::CallNode call | exec = call |
    name = "String#" + call.getMethodName() and
    call.getMethodName() =
      [
        "[]", "gsub", "gsub!", "index", "match", "match?", "partition", "rindex", "rpartition",
        "scan", "slice!", "split", "sub", "sub!"
      ] and
    input = call.getReceiver() and
    regexp = call.getArgument(0) and
    // exclude https://ruby-doc.org/core-2.4.0/Regexp.html#method-i-match, they are handled on the next case of this disjunction
    // also see `StdLibRegExpInterpretation`
    not (
      call.getMethodName() = ["match", "match?"] and
      call.getReceiver() = RegExpTracking::trackRegexpType()
    )
  )
  or
  // A call to `match` or `match?` where the regexp is the receiver.
  exists(DataFlow::CallNode call | exec = call |
    name = "Regexp#" + call.getMethodName() and
    call.getMethodName() = ["match", "match?"] and
    regexp = call.getReceiver() and
    input = call.getArgument(0)
  )
  or
  // a case-when statement
  exists(CfgNodes::ExprNodes::CaseExprCfgNode caseExpr |
    exec.asExpr() = caseExpr and
    input.asExpr() = caseExpr.getValue()
  |
    name = "case-when" and
    regexp.asExpr() = caseExpr.getBranch(_).(CfgNodes::ExprNodes::WhenClauseCfgNode).getPattern(_)
    or
    name = "case-in" and
    regexp.asExpr() = caseExpr.getBranch(_).(CfgNodes::ExprNodes::InClauseCfgNode).getPattern()
  )
 }
 /**
 * An execution of a regular expression by the standard library.
 */
 private class StdRegexpExecution extends RegexExecution::Range {
  DataFlow::Node regexp;
  DataFlow::Node input;
  string name;
  StdRegexpExecution() { regexExecution(this, input, regexp, name) }
  override DataFlow::Node getRegex() { result = regexp }
  override DataFlow::Node getString() { result = input }
  override string getName() { result = name }
 }
 /**
 * Gets a node whose value may flow (inter-procedurally) to `re`, where it is interpreted
 * as a part of a regular expression.
 */
 cached
-DataFlow::Node regExpSource(DataFlow::Node re) {
+DataFlow::Node regExpSource(DataFlow::Node re) { result = RegExpTracking::regExpSource(re) }
-  exists(RegExpConfiguration c | c.hasFlow(result, re))
+
 /** Gets a parsed regular expression term that is executed at `exec`. */
 RegExpTerm getTermForExecution(RegexExecution exec) {
  exists(RegExpPatternSource source | source = regExpSource(exec.getRegex()) |
    result = source.getRegExpTerm()
  )
 }
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForHttpClientLibraries.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForHttpClientLibraries.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForPathname.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForPathname.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForRegExp.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForRegExp.qll
--- a/ruby/ql/lib/codeql/ruby/regexp/internal/DebugRegExpConfiguration.ql
+++ b/ruby/ql/lib/codeql/ruby/regexp/internal/DebugRegExpConfiguration.ql
@@ -1,12 +1,11 @@
 /**
 * @description Used to debug the discovery of regexp literals.
- * @kind path-problem
+ * @kind problem
 */
-import RegExpConfiguration
+import codeql.ruby.regexp.internal.RegExpTracking
-import codeql.ruby.dataflow.internal.DataFlowImplForRegExp
+import ruby
 import PathGraph
-from RegExpConfiguration c, PathNode source, PathNode sink
+from DataFlow::Node source, DataFlow::Node sink
-where c.hasFlowPath(source, sink)
+where source = regExpSource(sink)
-select source.getNode(), source, sink, source.toString()
+select sink, "Regexp from $@ is used.", source, "this source"
--- a/ruby/ql/lib/codeql/ruby/regexp/internal/RegExpConfiguration.qll
+++ b/ruby/ql/lib/codeql/ruby/regexp/internal/RegExpConfiguration.qll
@@ -1,68 +0,0 @@
 private import codeql.ruby.Regexp
 private import codeql.ruby.AST as Ast
 private import codeql.ruby.CFG
 private import codeql.ruby.DataFlow
 private import codeql.ruby.controlflow.CfgNodes
 private import codeql.ruby.dataflow.internal.DataFlowImplForRegExp
 private import codeql.ruby.typetracking.TypeTracker
 private import codeql.ruby.ApiGraphs
 private import codeql.ruby.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 private import codeql.ruby.TaintTracking
 private import codeql.ruby.frameworks.core.String
 class RegExpConfiguration extends Configuration {
  RegExpConfiguration() { this = "RegExpConfiguration" }
  override predicate isSource(DataFlow::Node source) {
    source.asExpr() =
      any(ExprCfgNode e |
        e.getConstantValue().isString(_) and
        not e instanceof ExprNodes::VariableReadAccessCfgNode and
        not e instanceof ExprNodes::ConstantReadAccessCfgNode
      )
  }
  override predicate isSink(DataFlow::Node sink) { sink instanceof RegExpInterpretation::Range }
  override predicate isBarrier(DataFlow::Node node) {
    exists(DataFlow::CallNode mce | mce.getMethodName() = ["match", "match?"] |
      // receiver of https://ruby-doc.org/core-2.4.0/String.html#method-i-match
      node = mce.getReceiver() and
      mce.getArgument(0) = trackRegexpType()
      or
      // first argument of https://ruby-doc.org/core-2.4.0/Regexp.html#method-i-match
      node = mce.getArgument(0) and
      mce.getReceiver() = trackRegexpType()
    )
  }
  override predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
    // include taint flow through `String` summaries
    TaintTracking::localTaintStep(nodeFrom, nodeTo) and
    nodeFrom.(DataFlowPrivate::SummaryNode).getSummarizedCallable() instanceof
      String::SummarizedCallable
    or
    // string concatenations, and
    exists(CfgNodes::ExprNodes::OperationCfgNode op |
      op = nodeTo.asExpr() and
      op.getAnOperand() = nodeFrom.asExpr() and
      op.getExpr().(Ast::BinaryOperation).getOperator() = "+"
    )
    or
    // string interpolations
    nodeFrom.asExpr() =
      nodeTo.asExpr().(CfgNodes::ExprNodes::StringlikeLiteralCfgNode).getAComponent()
  }
 }
 private DataFlow::LocalSourceNode trackRegexpType(TypeTracker t) {
  t.start() and
  (
    result.asExpr().getExpr() instanceof Ast::RegExpLiteral or
    result = API::getTopLevelMember("Regexp").getAMethodCall(["compile", "new"])
  )
  or
  exists(TypeTracker t2 | result = trackRegexpType(t2).track(t2, t))
 }
 DataFlow::Node trackRegexpType() { trackRegexpType(TypeTracker::end()).flowsTo(result) }
--- a/ruby/ql/lib/codeql/ruby/regexp/internal/RegExpTracking.qll
+++ b/ruby/ql/lib/codeql/ruby/regexp/internal/RegExpTracking.qll
@@ -0,0 +1,183 @@
 /**
 * Provides predicates that track strings and regular expressions to where they are used.
 * This is implemented using TypeTracking in two phases:
 *
 * 1: An exploratory analysis that just imprecisely tracks all string and regular expressions
 * to all places where regular expressions (as string or as regular expression objects) can be used.
 * The exploratory phase then ends with a backwards analysis from the uses that were reached.
 * This is similar to the exploratory phase of the JavaScript global DataFlow library.
 *
 * 2: A precise type tracking analysis that tracks
 * strings and regular expressions to the places where they are used.
 * This phase keeps track of which strings and regular expressions end up in which places.
 */
 private import codeql.ruby.Regexp as RE
 private import codeql.ruby.AST as Ast
 private import codeql.ruby.CFG
 private import codeql.ruby.DataFlow
 private import codeql.ruby.controlflow.CfgNodes
 private import codeql.ruby.typetracking.TypeTracker
 private import codeql.ruby.ApiGraphs
 private import codeql.ruby.Concepts
 private import codeql.ruby.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 private import codeql.ruby.TaintTracking
 private import codeql.ruby.frameworks.core.String
 /** Gets a constant string value that may be used as a regular expression. */
 DataFlow::LocalSourceNode strStart() {
  result.asExpr() =
    any(ExprCfgNode e |
      e.getConstantValue().isString(_) and
      not e instanceof ExprNodes::VariableReadAccessCfgNode and
      not e instanceof ExprNodes::ConstantReadAccessCfgNode
    )
 }
 /** Gets a dataflow node for a regular expression literal. */
 DataFlow::LocalSourceNode regStart() { result.asExpr().getExpr() instanceof Ast::RegExpLiteral }
 /**
 * Holds if the analysis should track flow from `nodeFrom` to `nodeTo` on top of the ordinary type-tracking steps.
 * `nodeFrom` and `nodeTo` has type `fromType` and `toType` respectively.
 * The types are either "string" or "regexp".
 */
 predicate step(
  DataFlow::Node nodeFrom, DataFlow::LocalSourceNode nodeTo, string fromType, string toType
 ) {
  fromType = toType and
  fromType = "string" and
  (
    // include taint flow through `String` summaries
    TaintTracking::localTaintStep(nodeFrom, nodeTo) and
    nodeFrom.(DataFlowPrivate::SummaryNode).getSummarizedCallable() instanceof
      String::SummarizedCallable
    or
    // string concatenations, and
    exists(CfgNodes::ExprNodes::OperationCfgNode op |
      op = nodeTo.asExpr() and
      op.getAnOperand() = nodeFrom.asExpr() and
      op.getExpr().(Ast::BinaryOperation).getOperator() = "+"
    )
    or
    // string interpolations
    nodeFrom.asExpr() =
      nodeTo.asExpr().(CfgNodes::ExprNodes::StringlikeLiteralCfgNode).getAComponent()
  )
  or
  fromType = "string" and
  toType = "reg" and
  exists(DataFlow::CallNode call |
    call = API::getTopLevelMember("Regexp").getAMethodCall(["compile", "new"]) and
    nodeFrom = call.getArgument(0) and
    nodeTo = call
  )
 }
 /** Gets a node where string values that flow to the node are interpreted as regular expressions. */
 DataFlow::Node stringSink() {
  result instanceof RE::RegExpInterpretation::Range and
  not exists(DataFlow::CallNode mce | mce.getMethodName() = ["match", "match?"] |
    // receiver of https://ruby-doc.org/core-2.4.0/String.html#method-i-match
    result = mce.getReceiver() and
    mce.getArgument(0) = trackRegexpType()
    or
    // first argument of https://ruby-doc.org/core-2.4.0/Regexp.html#method-i-match
    result = mce.getArgument(0) and
    mce.getReceiver() = trackRegexpType()
  )
 }
 /** Gets a node where regular expressions that flow to the node are used. */
 DataFlow::Node regSink() { result = any(RegexExecution exec).getRegex() }
 /** Gets a node that is reachable by type-tracking from any string or regular expression. */
 DataFlow::LocalSourceNode forward(TypeTracker t) {
  t.start() and
  result = [strStart(), regStart()]
  or
  exists(TypeTracker t2 | result = forward(t2).track(t2, t))
  or
  exists(TypeTracker t2 | t2 = t.continue() | step(forward(t2).getALocalUse(), result, _, _))
 }
 /**
 * Gets a node that is backwards reachable from any regular expression use,
 * where that use is reachable by type-tracking from any string or regular expression.
 */
 DataFlow::LocalSourceNode backwards(TypeBackTracker t) {
  t.start() and
  result.flowsTo([stringSink(), regSink()]) and
  result = forward(TypeTracker::end())
  or
  exists(TypeBackTracker t2 | result = backwards(t2).backtrack(t2, t))
  or
  exists(TypeBackTracker t2 | t2 = t.continue() | step(result.getALocalUse(), backwards(t2), _, _))
 }
 /**
 * Gets a node that has been tracked from the string constant `start` to some node.
 * This is used to figure out where `start` is evaluated as a regular expression against an input string,
 * or where `start` is compiled into a regular expression.
 */
 private DataFlow::LocalSourceNode trackStrings(DataFlow::Node start, TypeTracker t) {
  result = backwards(_) and
  (
    t.start() and
    start = result and
    result = strStart()
    or
    exists(TypeTracker t2 | result = trackStrings(start, t2).track(t2, t))
    or
    // an additional step from string to string
    exists(TypeTracker t2 | t2 = t.continue() |
      step(trackStrings(start, t2).getALocalUse(), result, "string", "string")
    )
  )
 }
 /**
 * Gets a node that has been tracked from the regular expression `start` to some node.
 * This is used to figure out where `start` is executed against an input string.
 */
 private DataFlow::LocalSourceNode trackRegs(DataFlow::Node start, TypeTracker t) {
  result = backwards(_) and
  (
    t.start() and
    start = result and
    result = regStart()
    or
    exists(TypeTracker t2 | result = trackRegs(start, t2).track(t2, t))
    or
    // an additional step where a string is converted to a regular expression
    exists(TypeTracker t2 | t2 = t.continue() |
      step(trackStrings(start, t2).getALocalUse(), result, "string", "reg")
    )
  )
 }
 /** Gets a node that references a regular expression. */
 private DataFlow::LocalSourceNode trackRegexpType(TypeTracker t) {
  t.start() and
  (
    result = regStart() or
    result = API::getTopLevelMember("Regexp").getAMethodCall(["compile", "new"])
  )
  or
  exists(TypeTracker t2 | result = trackRegexpType(t2).track(t2, t))
 }
 /** Gets a node that references a regular expression. */
 DataFlow::Node trackRegexpType() { trackRegexpType(TypeTracker::end()).flowsTo(result) }
 /** Gets a node holding a value for the regular expression that is evaluated at `re`. */
 cached
 DataFlow::Node regExpSource(DataFlow::Node re) {
  exists(DataFlow::LocalSourceNode end | end = trackStrings(result, TypeTracker::end()) |
    end.getALocalUse() = re and re = stringSink()
  )
  or
  exists(DataFlow::LocalSourceNode end | end = trackRegs(result, TypeTracker::end()) |
    end.getALocalUse() = re and re = regSink()
  )
 }
--- a/ruby/ql/lib/codeql/ruby/security/regexp/PolynomialReDoSCustomizations.qll
+++ b/ruby/ql/lib/codeql/ruby/security/regexp/PolynomialReDoSCustomizations.qll
@@ -9,6 +9,8 @@ private import codeql.ruby.CFG
 private import codeql.ruby.DataFlow
 private import codeql.ruby.dataflow.RemoteFlowSources
 private import codeql.ruby.regexp.RegExpTreeView::RegexTreeView as TreeView
 private import codeql.ruby.Regexp as RE
 private import codeql.ruby.Concepts
 /**
 * Provides default sources, sinks and sanitizers for reasoning about
@@ -53,80 +55,22 @@ module PolynomialReDoS {
   */
  class RemoteFlowSourceAsSource extends Source, RemoteFlowSource { }
  /**
   * Gets the AST of a regular expression object that can flow to `node`.
   */
  RegExpTerm getRegExpObjectFromNode(DataFlow::Node node) {
    exists(DataFlow::LocalSourceNode regexp |
      regexp.flowsTo(node) and
      result = regexp.asExpr().(CfgNodes::ExprNodes::RegExpLiteralCfgNode).getExpr().getParsed()
    )
  }
  /**
   * A regexp match against a superlinear backtracking term, seen as a sink for
   * polynomial regular expression denial-of-service vulnerabilities.
   */
  class PolynomialBackTrackingTermMatch extends Sink {
    PolynomialBackTrackingTerm term;
-    DataFlow::ExprNode matchNode;
+    RegexExecution exec;
    PolynomialBackTrackingTermMatch() {
-      exists(DataFlow::Node regexp |
+      term.getRootTerm() = RE::getTermForExecution(exec) and
-        term.getRootTerm() = getRegExpObjectFromNode(regexp) and
+      this = exec.getString()
        (
          // `=~` or `!~`
          exists(CfgNodes::ExprNodes::BinaryOperationCfgNode op |
            matchNode.asExpr() = op and
            (
              op.getExpr() instanceof Ast::RegExpMatchExpr or
              op.getExpr() instanceof Ast::NoRegExpMatchExpr
            ) and
            (
              this.asExpr() = op.getLeftOperand() and regexp.asExpr() = op.getRightOperand()
              or
              this.asExpr() = op.getRightOperand() and regexp.asExpr() = op.getLeftOperand()
            )
          )
          or
          // Any of the methods on `String` that take a regexp.
          exists(CfgNodes::ExprNodes::MethodCallCfgNode call |
            matchNode.asExpr() = call and
            call.getExpr().getMethodName() =
              [
                "[]", "gsub", "gsub!", "index", "match", "match?", "partition", "rindex",
                "rpartition", "scan", "slice!", "split", "sub", "sub!"
              ] and
            this.asExpr() = call.getReceiver() and
            regexp.asExpr() = call.getArgument(0)
          )
          or
          // A call to `match` or `match?` where the regexp is the receiver.
          exists(CfgNodes::ExprNodes::MethodCallCfgNode call |
            matchNode.asExpr() = call and
            call.getExpr().getMethodName() = ["match", "match?"] and
            regexp.asExpr() = call.getReceiver() and
            this.asExpr() = call.getArgument(0)
          )
          or
          // a case-when statement
          exists(CfgNodes::ExprNodes::CaseExprCfgNode caseWhen |
            matchNode.asExpr() = caseWhen and
            this.asExpr() = caseWhen.getValue()
          |
            regexp.asExpr() =
              caseWhen.getBranch(_).(CfgNodes::ExprNodes::WhenClauseCfgNode).getPattern(_)
            or
            regexp.asExpr() =
              caseWhen.getBranch(_).(CfgNodes::ExprNodes::InClauseCfgNode).getPattern()
          )
        )
      )
    }
    override RegExpTerm getRegExp() { result = term }
-    override DataFlow::Node getHighlight() { result = matchNode }
+    override DataFlow::Node getHighlight() { result = exec }
  }
  private predicate lengthGuard(CfgNodes::AstCfgNode g, CfgNode node, boolean branch) {
--- a/ruby/ql/test/query-tests/security/cwe-020/IncompleteHostnameRegExp/IncompleteHostnameRegExp.expected
+++ b/ruby/ql/test/query-tests/security/cwe-020/IncompleteHostnameRegExp/IncompleteHostnameRegExp.expected
@@ -16,7 +16,6 @@
 | tst-IncompleteHostnameRegExp.rb:20:14:20:31 | ^test.example.com$ | This regular expression has an unescaped '.' before 'example.com', so it might match more hosts than expected. | tst-IncompleteHostnameRegExp.rb:20:13:20:26 | "#{...}$" | here |
 | tst-IncompleteHostnameRegExp.rb:22:24:22:40 | test.example.com$ | This string, which is used as a regular expression $@, has an unescaped '.' before 'example.com', so it might match more hosts than expected. | tst-IncompleteHostnameRegExp.rb:23:13:23:29 | ...[...] | here |
 | tst-IncompleteHostnameRegExp.rb:28:24:28:40 | test.example.com$ | This string, which is used as a regular expression $@, has an unescaped '.' before 'example.com', so it might match more hosts than expected. | tst-IncompleteHostnameRegExp.rb:63:20:63:36 | ...[...] | here |
 | tst-IncompleteHostnameRegExp.rb:30:27:30:43 | test.example.com$ | This string, which is used as a regular expression $@, has an unescaped '.' before 'example.com', so it might match more hosts than expected. | tst-IncompleteHostnameRegExp.rb:66:20:66:36 | ...[...] | here |
 | tst-IncompleteHostnameRegExp.rb:37:3:37:53 | ^(https?:)?\\/\\/((service\|www).)?example.com(?=$\|\\/) | This regular expression has an unescaped '.' before 'example.com', so it might match more hosts than expected. | tst-IncompleteHostnameRegExp.rb:37:2:37:54 | /^(https?:)?\\/\\/((service\|www).../ | here |
 | tst-IncompleteHostnameRegExp.rb:38:3:38:43 | ^(http\|https):\\/\\/www.example.com\\/p\\/f\\/ | This regular expression has an unescaped '.' before 'example.com', so it might match more hosts than expected. | tst-IncompleteHostnameRegExp.rb:38:2:38:44 | /^(http\|https):\\/\\/www.example.../ | here |
 | tst-IncompleteHostnameRegExp.rb:39:5:39:30 | http:\\/\\/sub.example.com\\/ | This regular expression has an unescaped '.' before 'example.com', so it might match more hosts than expected. | tst-IncompleteHostnameRegExp.rb:39:2:39:33 | /^(http:\\/\\/sub.example.com\\/)/ | here |
--- a/ruby/ql/test/query-tests/security/cwe-020/IncompleteHostnameRegExp/tst-IncompleteHostnameRegExp.rb
+++ b/ruby/ql/test/query-tests/security/cwe-020/IncompleteHostnameRegExp/tst-IncompleteHostnameRegExp.rb
@@ -27,7 +27,7 @@ def foo
 	convert1({ hostname: 'test.example.com$' }); # NOT OK
-	domains = [ { hostname: 'test.example.com$' } ];  # NOT OK
+	domains = [ { hostname: 'test.example.com$' } ];  # NOT OK - but not flagged due to limitations of TypeTracking.
--- a/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected
+++ b/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected
@@ -23,6 +23,17 @@ edges
 | PolynomialReDoS.rb:29:9:29:18 | ...[...] :  | PolynomialReDoS.rb:30:5:30:5 | b |
 | PolynomialReDoS.rb:31:9:31:14 | call to params :  | PolynomialReDoS.rb:31:9:31:18 | ...[...] :  |
 | PolynomialReDoS.rb:31:9:31:18 | ...[...] :  | PolynomialReDoS.rb:32:5:32:5 | c |
 | PolynomialReDoS.rb:54:12:54:17 | call to params :  | PolynomialReDoS.rb:54:12:54:24 | ...[...] :  |
 | PolynomialReDoS.rb:54:12:54:24 | ...[...] :  | PolynomialReDoS.rb:56:38:56:41 | name :  |
 | PolynomialReDoS.rb:54:12:54:24 | ...[...] :  | PolynomialReDoS.rb:58:37:58:40 | name :  |
 | PolynomialReDoS.rb:56:38:56:41 | name :  | PolynomialReDoS.rb:61:33:61:37 | input :  |
 | PolynomialReDoS.rb:58:37:58:40 | name :  | PolynomialReDoS.rb:65:42:65:46 | input :  |
 | PolynomialReDoS.rb:61:33:61:37 | input :  | PolynomialReDoS.rb:62:5:62:9 | input |
 | PolynomialReDoS.rb:65:42:65:46 | input :  | PolynomialReDoS.rb:66:5:66:9 | input |
 | PolynomialReDoS.rb:70:12:70:17 | call to params :  | PolynomialReDoS.rb:70:12:70:24 | ...[...] :  |
 | PolynomialReDoS.rb:70:12:70:24 | ...[...] :  | PolynomialReDoS.rb:73:32:73:35 | name :  |
 | PolynomialReDoS.rb:73:32:73:35 | name :  | PolynomialReDoS.rb:76:35:76:39 | input :  |
 | PolynomialReDoS.rb:76:35:76:39 | input :  | PolynomialReDoS.rb:77:5:77:9 | input |
 nodes
 | PolynomialReDoS.rb:4:12:4:17 | call to params :  | semmle.label | call to params :  |
 | PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | semmle.label | ...[...] :  |
@@ -52,6 +63,19 @@ nodes
 | PolynomialReDoS.rb:32:5:32:5 | c | semmle.label | c |
 | PolynomialReDoS.rb:42:10:42:13 | name | semmle.label | name |
 | PolynomialReDoS.rb:47:10:47:13 | name | semmle.label | name |
 | PolynomialReDoS.rb:54:12:54:17 | call to params :  | semmle.label | call to params :  |
 | PolynomialReDoS.rb:54:12:54:24 | ...[...] :  | semmle.label | ...[...] :  |
 | PolynomialReDoS.rb:56:38:56:41 | name :  | semmle.label | name :  |
 | PolynomialReDoS.rb:58:37:58:40 | name :  | semmle.label | name :  |
 | PolynomialReDoS.rb:61:33:61:37 | input :  | semmle.label | input :  |
 | PolynomialReDoS.rb:62:5:62:9 | input | semmle.label | input |
 | PolynomialReDoS.rb:65:42:65:46 | input :  | semmle.label | input :  |
 | PolynomialReDoS.rb:66:5:66:9 | input | semmle.label | input |
 | PolynomialReDoS.rb:70:12:70:17 | call to params :  | semmle.label | call to params :  |
 | PolynomialReDoS.rb:70:12:70:24 | ...[...] :  | semmle.label | ...[...] :  |
 | PolynomialReDoS.rb:73:32:73:35 | name :  | semmle.label | name :  |
 | PolynomialReDoS.rb:76:35:76:39 | input :  | semmle.label | input :  |
 | PolynomialReDoS.rb:77:5:77:9 | input | semmle.label | input |
 subpaths
 #select
 | PolynomialReDoS.rb:10:5:10:17 | ... =~ ... | PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:10:5:10:8 | name | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | PolynomialReDoS.rb:7:19:7:21 | \\s+ | regular expression | PolynomialReDoS.rb:4:12:4:17 | call to params | user-provided value |
@@ -74,3 +98,6 @@ subpaths
 | PolynomialReDoS.rb:32:5:32:20 | call to sub! | PolynomialReDoS.rb:31:9:31:14 | call to params :  | PolynomialReDoS.rb:32:5:32:5 | c | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | PolynomialReDoS.rb:7:19:7:21 | \\s+ | regular expression | PolynomialReDoS.rb:31:9:31:14 | call to params | user-provided value |
 | PolynomialReDoS.rb:42:5:45:7 | case ... | PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:42:10:42:13 | name | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | PolynomialReDoS.rb:7:19:7:21 | \\s+ | regular expression | PolynomialReDoS.rb:4:12:4:17 | call to params | user-provided value |
 | PolynomialReDoS.rb:47:5:50:7 | case ... | PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:47:10:47:13 | name | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | PolynomialReDoS.rb:48:14:48:16 | \\s+ | regular expression | PolynomialReDoS.rb:4:12:4:17 | call to params | user-provided value |
 | PolynomialReDoS.rb:62:5:62:22 | call to gsub | PolynomialReDoS.rb:54:12:54:17 | call to params :  | PolynomialReDoS.rb:62:5:62:9 | input | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | PolynomialReDoS.rb:56:31:56:33 | \\s+ | regular expression | PolynomialReDoS.rb:54:12:54:17 | call to params | user-provided value |
 | PolynomialReDoS.rb:66:5:66:34 | call to match? | PolynomialReDoS.rb:54:12:54:17 | call to params :  | PolynomialReDoS.rb:66:5:66:9 | input | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | PolynomialReDoS.rb:58:30:58:32 | \\s+ | regular expression | PolynomialReDoS.rb:54:12:54:17 | call to params | user-provided value |
 | PolynomialReDoS.rb:77:5:77:22 | call to gsub | PolynomialReDoS.rb:70:12:70:17 | call to params :  | PolynomialReDoS.rb:77:5:77:9 | input | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | PolynomialReDoS.rb:72:28:72:30 | \\s+ | regular expression | PolynomialReDoS.rb:70:12:70:17 | call to params | user-provided value |
--- a/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.rb
+++ b/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.rb
@@ -49,4 +49,31 @@ class FooController < ActionController::Base
      puts "foo"
    end
  end
  def some_other_request_handle
    name = params[:name] # source
    indirect_use_of_reg /^\s+|\s+$/, name
    as_string_indirect '^\s+|\s+$', name
  end
  def indirect_use_of_reg (reg, input)
    input.gsub reg, '' # NOT GOOD
  end
  def as_string_indirect (reg_as_string, input)
    input.match? reg_as_string, '' # NOT GOOD
  end
  def re_compile_indirect 
    name = params[:name] # source
    reg = Regexp.new '^\s+|\s+$'
    re_compile_indirect_2 reg, name
  end
  def re_compile_indirect_2 (reg, input)
    input.gsub reg, '' # NOT GOOD
  end
 end
--- a/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/iterable_decl_context_members.ql
+++ b/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/iterable_decl_context_members.ql
@@ -0,0 +1,17 @@
 class IterableDeclContext extends @decl {
  IterableDeclContext() {
    this instanceof @extension_decl
    or
    this instanceof @nominal_type_decl
  }
  string toString() { none() }
 }
 class DeclOrNone extends @decl_or_none {
  string toString() { none() }
 }
 query predicate iterable_decl_context_members(IterableDeclContext id, int index, DeclOrNone member) {
  decl_members(id, index, member)
 }
--- a/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/old.dbscheme
+++ b/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/old.dbscheme
--- a/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/swift.dbscheme
+++ b/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/swift.dbscheme
--- a/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/upgrade.properties
+++ b/swift/downgrades/15d0da3a76b9dbffb921ae6d585f8a8de8945a0b/upgrade.properties
@@ -0,0 +1,5 @@
 description: revert removal of IterableDeclContext
 compatibility: partial
 iterable_decl_context_members.rel: run iterable_decl_context_members.qlo
 decl_members.rel: delete
--- a/swift/extractor/translators/DeclTranslator.cpp
+++ b/swift/extractor/translators/DeclTranslator.cpp
@@ -354,7 +354,7 @@ void DeclTranslator::fillTypeDecl(const swift::TypeDecl& decl, codeql::TypeDecl&
 }
 void DeclTranslator::fillIterableDeclContext(const swift::IterableDeclContext& decl,
-                                             codeql::IterableDeclContext& entry) {
+                                             codeql::Decl& entry) {
  entry.members = dispatcher.fetchRepeatedLabels(decl.getAllMembers());
 }
--- a/swift/extractor/translators/DeclTranslator.h
+++ b/swift/extractor/translators/DeclTranslator.h
@@ -55,8 +55,7 @@ class DeclTranslator : public AstTranslatorBase<DeclTranslator> {
                                codeql::AbstractFunctionDecl& entry);
  void fillOperatorDecl(const swift::OperatorDecl& decl, codeql::OperatorDecl& entry);
  void fillTypeDecl(const swift::TypeDecl& decl, codeql::TypeDecl& entry);
-  void fillIterableDeclContext(const swift::IterableDeclContext& decl,
+  void fillIterableDeclContext(const swift::IterableDeclContext& decl, codeql::Decl& entry);
                               codeql::IterableDeclContext& entry);
  void fillVarDecl(const swift::VarDecl& decl, codeql::VarDecl& entry);
  void fillNominalTypeDecl(const swift::NominalTypeDecl& decl, codeql::NominalTypeDecl& entry);
  void fillGenericContext(const swift::GenericContext& decl, codeql::GenericContext& entry);
--- a/swift/ql/.generated.list
+++ b/swift/ql/.generated.list
@@ -363,7 +363,7 @@ ql/lib/codeql/swift/elements/type/VariadicSequenceType.qll 5bca77dd661d3b2653d31
 ql/lib/codeql/swift/elements/type/VariadicSequenceTypeConstructor.qll 0d1d2328a3b5e503a883e7e6d7efd0ca5e7f2633abead9e4c94a9f98ed3cb223 69bff81c1b9413949eacb9298d2efb718ea808e68364569a1090c9878c4af856
 ql/lib/codeql/swift/elements/type/WeakStorageType.qll 87a28616eea3600fb0156fffcd65eeddc1ea74ce9c0ba5886c6365b9359e00ce 9c968414d7cc8d672f3754bced5d4f83f43a6d7872d0d263d79ff60483e1f996
 ql/lib/codeql/swift/elements/type/WeakStorageTypeConstructor.qll d88b031ef44d6de14b3ddcff2eb47b53dbd11550c37250ff2edb42e5d21ec3e9 26d855c33492cf7a118e439f7baeed0e5425cfaf058b1dcc007eca7ed765c897
-ql/lib/codeql/swift/elements.qll f1a8645f3aaad53cfe653b5b93a9dbc8c1a9fce48d0804d876f79fa01b877924 f1a8645f3aaad53cfe653b5b93a9dbc8c1a9fce48d0804d876f79fa01b877924
+ql/lib/codeql/swift/elements.qll 1cab985d76142988a328bdcbbf47c12dad09fa950333ec4c15f220b199ef75ef 1cab985d76142988a328bdcbbf47c12dad09fa950333ec4c15f220b199ef75ef
 ql/lib/codeql/swift/generated/AstNode.qll 02ca56d82801f942ae6265c6079d92ccafdf6b532f6bcebd98a04029ddf696e4 6216fda240e45bd4302fa0cf0f08f5f945418b144659264cdda84622b0420aa2
 ql/lib/codeql/swift/generated/Callable.qll cc67625a86b62f91d1480e284a946aa5274a21a7da03d7ad9f1dc2197927d394 7ee41be3d36c74ed5662d7c1babe591942429f87020d09d7ba2c447ba058fb0a
 ql/lib/codeql/swift/generated/Comment.qll f58b49f6e68c21f87c51e2ff84c8a64b09286d733e86f70d67d3a98fe6260bd6 975bbb599a2a7adc35179f6ae06d9cbc56ea8a03b972ef2ee87604834bc6deb1
@@ -375,10 +375,10 @@ ql/lib/codeql/swift/generated/ErrorElement.qll 4b032abe8ffb71376a29c63e470a52943
 ql/lib/codeql/swift/generated/File.qll 61454459f5f1ae378bd4970ad1da4f39f3e696bac8a5eebdd162f131995c5316 3e6805f8858cd55dd0e0d0e5aeab923d6a55292dbf98b0029db1ae0208efe684
 ql/lib/codeql/swift/generated/Locatable.qll bdc98b9fb7788f44a4bf7e487ee5bd329473409950a8e9f116d61995615ad849 0b36b4fe45e2aa195e4bb70c50ea95f32f141b8e01e5f23466c6427dd9ab88fb
 ql/lib/codeql/swift/generated/Location.qll 851766e474cdfdfa67da42e0031fc42dd60196ff5edd39d82f08d3e32deb84c1 b29b2c37672f5acff15f1d3c5727d902f193e51122327b31bd27ec5f877bca3b
-ql/lib/codeql/swift/generated/ParentChild.qll 0f8559232a046fe48fff4add61caf9563daf2b921bf898d19de70165669681e4 d229113e146673e446b7e4517ee898d524edf16ab9cfcf01aab18d79042242ae
+ql/lib/codeql/swift/generated/ParentChild.qll 254455f775de22e625d349fb0a953a86894233ad40aabd8ae8877bebbd1d8432 c77bd5423d79b08354fe8905b9f262abe0d48f8ed22b41263d12ee8e1e202b00
 ql/lib/codeql/swift/generated/PureSynthConstructors.qll 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98 173c0dd59396a1de26fe870e3bc2766c46de689da2a4d8807cb62023bbce1a98
-ql/lib/codeql/swift/generated/Raw.qll 112397ddf13db0b83177c940f6681d2d1cf5224b8931ed8cdaaee63f3e9ce731 fbdd886f151a31709dcb058c790bdb2d8c304ac4183cfd5ddafcd70637bcf5a3
+ql/lib/codeql/swift/generated/Raw.qll 5452ceffbcdc1959e152e321f74363448ac39bf52f6c7d0dab39e7d7593c3c40 9e540580dd52ca67e85d5ceb38fae6179c042a6efd49fd8fdfa3941d690b9331
-ql/lib/codeql/swift/generated/Synth.qll 6a9e6edcc43732b6cf947d88b9562a591a54c651aa8e4f94b8b6139ff3f84b63 a1f37bb361fed57104f8277c8f8b1962a0a54b1f80c2d676e71c40a91d3af529
+ql/lib/codeql/swift/generated/Synth.qll 2ef42ec87a7943f3c6ebcc95a0db78be227f51d3333f1926cdce65107ec1ba0a a08ff724b500797f68b3cdf91ce7d70ac60b4844d91d5014d0489d963d1c54b0
 ql/lib/codeql/swift/generated/SynthConstructors.qll 62360813f1419e111732e42e209535a40644997009890d09e4cc70f3918fbf86 62360813f1419e111732e42e209535a40644997009890d09e4cc70f3918fbf86
 ql/lib/codeql/swift/generated/UnknownFile.qll 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6 0fcf9beb8de79440bcdfff4bb6ab3dd139bd273e6c32754e05e6a632651e85f6
 ql/lib/codeql/swift/generated/UnknownLocation.qll e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882 e50efefa02a0ec1ff635a00951b5924602fc8cab57e5756e4a039382c69d3882
@@ -392,12 +392,12 @@ ql/lib/codeql/swift/generated/decl/ClassDecl.qll a60e8af2fdbcd20cfa2049660c8bcbb
 ql/lib/codeql/swift/generated/decl/ConcreteFuncDecl.qll c7192e79ce67f77df36575cceb942f11b182c26c93899469654316de2d543cf9 c7192e79ce67f77df36575cceb942f11b182c26c93899469654316de2d543cf9
 ql/lib/codeql/swift/generated/decl/ConcreteVarDecl.qll 4801ccc477480c4bc4fc117976fbab152e081064e064c97fbb0f37199cb1d0a8 4d7cfbf5b39b307dd673781adc220fdef04213f2e3d080004fa658ba6d3acb8d
 ql/lib/codeql/swift/generated/decl/ConstructorDecl.qll 20e3a37809eacfc43828fa61248ad19b0ff610faad3a12b82b3cf5ed2bcce13c 20e3a37809eacfc43828fa61248ad19b0ff610faad3a12b82b3cf5ed2bcce13c
-ql/lib/codeql/swift/generated/decl/Decl.qll b850ab1b909c1b555f3847ce9dca0e2f075db87e7b40f460b8774220bf87a1e6 a3496437246cb10eafaa9d6d45f57f830b6a1c88f15bbcffa3c5dae476004140
+ql/lib/codeql/swift/generated/decl/Decl.qll 18f93933c2c00955f6d28b32c68e5b7ac13647ebff071911b26e68dbc57765a7 605e700ab8d83645f02b63234fee9d394b96caba9cad4dd80b3085c2ab63c33d
 ql/lib/codeql/swift/generated/decl/DestructorDecl.qll 8767e3ddabdf05ea5ee99867e9b77e67f7926c305b2fba1ca3abf94e31d836b9 8767e3ddabdf05ea5ee99867e9b77e67f7926c305b2fba1ca3abf94e31d836b9
 ql/lib/codeql/swift/generated/decl/EnumCaseDecl.qll f71c9d96db8260462c34e5d2bd86dda9b977aeeda087c235b873128b63633b9c e12ff7c0173e3cf9e2b64de66d8a7f2246bc0b2cb721d25b813d7a922212b35a
 ql/lib/codeql/swift/generated/decl/EnumDecl.qll fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534 fa4490d511ee537751a4fab2478e65250ff3deba43c74db5341184c9ba25b534
 ql/lib/codeql/swift/generated/decl/EnumElementDecl.qll 5ef4f6839f4f19f29fabd04b653e89484fa68a7e7ec94101a5201aa13d89e9eb 78006fa52b79248302db04348bc40f2f77edf101b6e429613f3089f70750fc11
-ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll 47d0d221deeb2f91346e0fce0bba88ae25da6c2f5f3469f8a279e6de07867110 9596c9f34813e141c970e21a7c3d0987842002db97a3251608d29a1b774b5938
+ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll 8129015990b6c80cedb796ae0768be2b9c040b5212b5543bc4d6fd994cc105f3 038b06a0c0eeb1ad7e31c995f20aaf4f8804001654ebb0e1e292d7e739a6c8ee
 ql/lib/codeql/swift/generated/decl/FuncDecl.qll 11ebe386dd06937c84fdb283a73be806763d939c163d3c0fd0c4c3eb1caeda41 6a5b6854818cb3d2bc76f0abdee4933ca839c182abd07fb4d271400f5267f6e2
 ql/lib/codeql/swift/generated/decl/GenericContext.qll 4c7bd7fd372c0c981b706de3a57988b92c65c8a0d83ea419066452244e6880de 332f8a65a6ae1cad4aa913f2d0a763d07393d68d81b61fb8ff9912b987c181bb
 ql/lib/codeql/swift/generated/decl/GenericTypeDecl.qll 71f5c9c6078567dda0a3ac17e2d2d590454776b2459267e31fed975724f84aec 669c5dbd8fad8daf007598e719ac0b2dbcb4f9fad698bffb6f1d0bcd2cee9102
@@ -405,10 +405,9 @@ ql/lib/codeql/swift/generated/decl/GenericTypeParamDecl.qll bc41a9d854e65b1e0da8
 ql/lib/codeql/swift/generated/decl/IfConfigDecl.qll 58c1a02a3867105c61d29e2d9bc68165ba88a5571aac0f91f918104938178c1e f74ef097848dd5a89a3427e3d008e2299bde11f1c0143837a8182572ac26f6c9
 ql/lib/codeql/swift/generated/decl/ImportDecl.qll 8892cd34d182c6747e266e213f0239fd3402004370a9be6e52b9747d91a7b61b 2c07217ab1b7ebc39dc2cb20d45a2b1b899150cabd3b1a15cd8b1479bab64578
 ql/lib/codeql/swift/generated/decl/InfixOperatorDecl.qll d98168fdf180f28582bae8ec0242c1220559235230a9c94e9f479708c561ea21 aad805aa74d63116b19f435983d6df6df31cef6a5bbd30d7c2944280b470dee6
 ql/lib/codeql/swift/generated/decl/IterableDeclContext.qll 26a5bd5d4c485ee03bf39bdcef5bc4ba8771e2839f5afcc953fa3beef60f8985 36c6aea5dabe7cc508707a56923fbdb54877fbc1a90c987f7ac7c89a731896ad
 ql/lib/codeql/swift/generated/decl/MissingMemberDecl.qll eaf8989eda461ec886a2e25c1e5e80fc4a409f079c8d28671e6e2127e3167479 d74b31b5dfa54ca5411cd5d41c58f1f76cfccc1e12b4f1fdeed398b4faae5355
 ql/lib/codeql/swift/generated/decl/ModuleDecl.qll 675135d140d273cd83e290cf433bcaebc48065d433e2cf8e570612b686d2fb53 d8cd5418205e05598800bf13e8aa01e6018b5c6727075381afd4c83136c29366
-ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll 1ff6cc5226206b6ce08c7206ef574ac36110403e97bd9a7ab3aef49c3966f2c5 50d25a5356b3b0863ef175afefed1d8159ee1b1a354f374b99de9c04f2146bde
+ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll 7e8980cd646e9dee91e429f738d6682b18c8f8974c9561c7b936fca01b56fdb2 513e55dd6a68d83a8e884c9a373ecd70eca8e3957e0f5f6c2b06696e4f56df88
 ql/lib/codeql/swift/generated/decl/OpaqueTypeDecl.qll f2cdbc238b9ea67d5bc2defd8ec0455efafd7fdaeca5b2f72d0bbb16a8006d17 041724a6ec61b60291d2a68d228d5f106c02e1ba6bf3c1d3d0a6dda25777a0e5
 ql/lib/codeql/swift/generated/decl/OperatorDecl.qll 3ffdc7ab780ee94a975f0ce3ae4252b52762ca8dbea6f0eb95f951e404c36a5b 25e39ccd868fa2d1fbce0eb7cbf8e9c2aca67d6fd42f76e247fb0fa74a51b230
 ql/lib/codeql/swift/generated/decl/ParamDecl.qll f182ebac3c54a57a291d695b87ff3dbc1499ea699747b800dc4a8c1a5a4524b1 979e27a6ce2bc932a45b968ee2f556afe1071888f1de8dd8ead60fb11acf300c
@@ -652,27 +651,31 @@ ql/lib/codeql/swift/generated/type/WeakStorageType.qll dda4397a49f537ec44117a86d
 ql/test/extractor-tests/generated/Comment/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
 ql/test/extractor-tests/generated/Diagnostics/Diagnostics.ql 6a4a9480cc929381e0337b181e5ac519a7abc6d597ebe24fb6701acf79ced86f 199c5bf8bd38e161d989e0e4db1ea1d3ddcb4d7cf571afd9112ce3ed8d9b8d2a
 ql/test/extractor-tests/generated/File/File.ql ab0968ae31b749da2b66462bd04e4dfb30604dba405a84594b575abfc4fa4c35 bcc0ff648b28c5ecd567e196e700272883756bbcc65296bbb880a979e3162628
-ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl.ql 5bfde9efcae4418ec82ef8ef39ac42e25888b45d4745221650bb89e79d37cd6f ff78564a33a8f33506cc2cff8eee4b5a55264cfb9964cb1eea0919efec4fa808
+ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl.ql 18937cb9ff06912f624e9b26318fd5286b0f2532062b6af339c45ae111aed9fd 674912a0c75c096823f20a36d76804db0c68d8097abab48c9cec6fe7a7fb08f1
 ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl_getBody.ql 1d42eb1a5b832cfaf1949b61a01a6a11448a6d4369a44f2511bb31d1d7fc10a8 b326a6743121353f8a66410d3d9151ca969939abcbbe5c411872ca290da45123
 ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl_getGenericTypeParam.ql 8648679e9403477c7f97b6df450a0fa623dc9aff0777021ee33f9cc96eef2611 59c384c35804bf205c3c63e8b956e6bc89d3ded7952911c40e7bf156acb56bf8
 ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl_getMember.ql 826f3cd3a3737938ade950555a36506d970894c3c761c07d36f0a6252672e9bc 0e681a49e07b69bf0df10c14864da946b04b2dea2412bdc93c9b5567c77f819a
 ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl_getName.ql a8f7b6cbb8ab43ed612cfbb36b48b5d6dd23b1dbe94a99d95fedf80e3c95f89f d70eb32403c4983c58448fe5c9e2d88bc873ab61e0e310c38356a9a144b42978
 ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl_getParam.ql 7c61c15d75f681c5f5817bdc1e0c1e2594afdc43a5a8889bd385b6cd007d6509 7f6111069c3f289fb3bd21933893757a0adbf8be8f21bf5f8960b6fb26840219
 ql/test/extractor-tests/generated/decl/AccessorDecl/AccessorDecl_getSelfParam.ql 0d773ccd4c84a5280f03341cccff8363479b668541d269311215db866a1cfd53 743d584a8d5d85aa11e96ca44151f1239c750bf8a429d60269129696411a0294
-ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql 74cf30be2fa4f825f0167bde4489b09683858f762bb335db04fe1cc474dafec6 0911e8a9130622da23f3b2747830c7c8e1659f0c062594bd34f82e335b08448e
+ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql 74579a1907817168b5014ebcb69ab9a85687189c73145f1a7c2d4b334af4eb30 5d1f265f0e6c1d2392a9e37a42a8e184a16e473836c1a45b5dbc4daccc4aeabb
 ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl_getBaseType.ql 39d26252c242eec5aaef23951bd76755a4d3cdceff7349b15067fefb2ece14b3 214fdbaa77d32ee6f21bcccf112d46c9d26006552081cc1f90cbb00a527a9d7f
-ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql b65b8bb8def2a79501d9b1379980003e22bb778b1163c73bb6b24de1bfdaef7f 137979d7fbb647ade6141f27daacbae834a556af691793731e9b664f7dbd13c7
+ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl_getMember.ql e662e651d84bddcf49445d7bf5732d0dad30242d32b90f86e40de0010d48fd9c a6b7028468490a12c0a9f4c535cbd5e6c50a6c3519c9d2552d34f9411f904718
 ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql a76c9710142c368206ceb26df38e9d182833641d1c5f2df178b03eb196b812f2 6661f2af1e7cddcc44735d2bbc7ecc40af69587024b7d8db74ff205dd8db2e6d
 ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl_getBaseType.ql 5f4fddbb3fb3d003f1485dc4c5a56f7d0d26dfc1d691540085654c4c66e70e69 0b5a5b757ca92e664ef136d26ac682aa5a0e071494d9f09d85f66cd13807e81d
 ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl_getGenericTypeParam.ql ca0b73a4f31eea47def7a1de017de36b5fdaec96ae98edb03ff00611bfcac572 f9badd62887a30113484496532b3ff9b67ff5047eb5a311aa2ec2e4d91321e0e
 ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl_getMember.ql f73881b14bb4eaf83dacf60b9e46d440227f90566e2dfb8908a55567626ccdda f78a7261f7ccfe01ca55f7279bd5a1a302fc65ba36b13e779426d173c7465b84
-ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl.ql ecc7c4fa21110e6661d4b6b25b1675bd6d8d9129465afff2f66df62513a4b210 207fbb75dabf125f2f79133fc8055e9200390dc7ec0a1abb9cbba5a8522d154f
+ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl.ql 71eec396eef782de51746fc192b6451421c09ba89a9639aeee558f20949a67b3 e9291ca7340fa625eae7b9677a46a7338c01b2327ade4bebfa6c4d6be6bb9736
 ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl_getBody.ql 3c742b9c8d8d8c23d1bef03f559e1b91f0d3848084ba5819f118c323dd1920a2 340d4e4a6312ffaf4c47bbc753828c1e478d84a2d399c66220288c081c8357ca
 ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl_getGenericTypeParam.ql b5e64bf02a5991a1549794af0aaab9ae654c88b5d52a3e04b7ac525b3a64af5e 034a7d0bf7500afa952a28d184d1d073e71c3dcec3bc26fcefaed70aef9de3ce
 ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl_getMember.ql aaba9cb097602d761c48de09de059ef2fe112e0c6c64a5f6988a95cddc9155d8 6e6b76a51bd1d9d4ec25865a1c229e5859ca55f11639ccee414a8cac7de1662a
 ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl_getName.ql d80c7dfdde294264b6763a7129e666efd98111dbf203a9739c24942659d7f832 396e44281e4f4af2188a4f7d246872b7058132b12f508b88dc60d5bdd14e2092
 ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl_getParam.ql 392bc906a24a432b0dd65a18248cab53874e1ea018b44fdf07d8acb55939c85d cf272febc8355d7171308c0b35f65ae0469106c022093f87ffd25d5951eef4a3
 ql/test/extractor-tests/generated/decl/ConcreteFuncDecl/ConcreteFuncDecl_getSelfParam.ql c8a593149db6785d9bc7017a3fcee305832ab434955b4c36ac2842e214f0acac b70a7c18085961d2c907631d69811071deb391c45c94ef7165bf7ce700dabaf9
-ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl.ql 5b38d0a84f99a7472a222fe612aa8a04f1ce0f7b804fd95eb75bfb83be5314c0 1a78d482860647c40b85e1119b849268f7d38c41b626d63f6cfa90fa933e9c1a
+ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl.ql 57a1bd716499550f7f578f2fc9243537fc54b034eece623fb37b761785cee808 0945ed19a9f4558755bb3ea7666b0a617333c339e759d49759fc8bfefe4dc2fc
 ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl_getAccessorDecl.ql 7f1890b891402c7974087bd1621ce7ce2893008a2ab0218396c82e99ce2e6c9d 4d483e18ad2211759e3a57f973679844d28505b84fe2b10b2303a561d0ac7ca5
 ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl_getAttachedPropertyWrapperType.ql 0fd114f752aae89ef80bc80e0532aa4849106f6d1af40b1861e4ba191898b69e fdf28e036a1c4dcb0a3aaaa9fb96dcc755ff530ab6f252270c319df9a1d0d7ac
 ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl_getMember.ql ab8061f4c024d4c4ea3f39211ccfadf9216968b7d8b9bf2dd813dea6b0250586 973bf8a0bcfcf98108267dd89fe9eb658a6096c9462881716f5a6ad260217a97
 ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl_getParentInitializer.ql c90aa3ae4249af7d436f976773e9208b41d784b57c6d73e23e1993f01262f592 3b1391d6b0605011bec7cc6f3f964ed476273bd5ed4bb5d6590f862aa4e7a2a3
 ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl_getParentPattern.ql a46347331698857119cd74495a25ea6cff6d20f8003741dc94e9d68b87e7ed1d c60aeb108f56485200eafbc677662869f4393f1d462a3385fa334926adff233c
 ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl_getPropertyWrapperBackingVar.ql 370da9dd7a6bcb02c18246f680ec2af9e12c81504285b43cbf6ffd8963fbd6e4 d9e86f574111e15d42c0eaabe4e65882ad55d3604d9cc281baf28d4817e438a8
@@ -682,33 +685,38 @@ ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl_getProper
 ql/test/extractor-tests/generated/decl/ConstructorDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
 ql/test/extractor-tests/generated/decl/DestructorDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
 ql/test/extractor-tests/generated/decl/EnumCaseDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
-ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql cfaa19a5ae44f535f753c8b89d5bacd8f29220a7dc962efa1a3a11a6eb6d6f31 ce21feae120f926a1425c0365de9fda84c3df1057e42f0aadc34d2bcaa7e35d1
+ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql e1906b751a4b72081a61b175e016f5182fdd0e27518f16017d17e14c65dd4268 8a1dd50e951ed2c25f18823ff8b9ab36dc2dc49703801dd48da443bc384bd9b4
 ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl_getBaseType.ql 4ace6176a57dd4c759356ddbefc28b25481c80bdeddfeb396d91b07db55af22a d0d1337ccbba45a648fe68fefc51006e14506d4fb7211fb2bde45f7761c4dbf1
 ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl_getGenericTypeParam.ql 3a0927f87a21d69bfc309f5f7faedb3d0cc2956c071b16c38b2b4acd36f24ea9 aafed56a1744579f05b3817adef6a5fd011d1b5cb7da2db230a43b6f55a04649
 ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl_getMember.ql 621870b7dbeaeefa93cbbfc102e97810b15d39b49db685019c9e3cbf2423ffef e110630f0ba8f588e7f8ebc56a1a31c2ca2f22f2cc763baa76854beb3b3a4ece
 ql/test/extractor-tests/generated/decl/EnumElementDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
-ql/test/extractor-tests/generated/decl/ExtensionDecl/ExtensionDecl.ql 2c3f12c77bf052a8353c57a693584d3315d34624c3b02c43966dbba4b23ff486 5507c68c10cba000dcd204af9bc0d8ef8d0591f47326911a82c55273734432f9
+ql/test/extractor-tests/generated/decl/ExtensionDecl/ExtensionDecl.ql 71523b034d2abc6225f433f140841a35a466e82c04cbf07bdb3a9e384024fedb 919c66eeff004324b48249fd746c38891f6f8723f1281ad60126cf4b3c1febe0
 ql/test/extractor-tests/generated/decl/ExtensionDecl/ExtensionDecl_getGenericTypeParam.ql e8c9815756cd3d82abfb421b1e38d6381e48938a21f798fd9abd93686acc070b 2574ead6e511f41ba416e831e176ecdaac27dde410157a4ee472a680f922dd20
 ql/test/extractor-tests/generated/decl/ExtensionDecl/ExtensionDecl_getMember.ql 8d1c6a2b7cb381a81d11775f0d1cfb13ee04dd27dc742e00a72d676f21481dde 430e5b9ed7eccd90383e362ffa5e512704883304c711b13c9110a57ae282bb40
 ql/test/extractor-tests/generated/decl/ExtensionDecl/ExtensionDecl_getProtocol.ql 11fc53f70f6e7f29546337a9f06157baaecd9c7d1d392910e94d18b71a0a9ae2 3591d4ff4108bd3399cecdf444161d770c01af20c14f23afac167beead564998
 ql/test/extractor-tests/generated/decl/GenericTypeParamDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
-ql/test/extractor-tests/generated/decl/IfConfigDecl/IfConfigDecl.ql 52e572682b381d6a3c4d38d2902c1fca3a371eec3859c49735fcab8eb5ae23c8 0b5fdf388f887c50ff333f662f6321851e923166ab5916bb07d1613452d495e1
+ql/test/extractor-tests/generated/decl/IfConfigDecl/IfConfigDecl.ql 5322f06ce9efe44baa798f31039c2955b31a8c1272580a0db7182ff1a3082509 3b6f34bc90b337b08eb159142bd5c8cbededd5e97d160e1f7342a7eb6e72e0a1
 ql/test/extractor-tests/generated/decl/IfConfigDecl/IfConfigDecl_getActiveElement.ql 914165306a2eb5c8039750e1e03bda156a684946abc8709d786b4144d9c9eb3b 5e87dfd99858ae257506415369bff937a731b6309dac2242b03ea79ead045fc1
-ql/test/extractor-tests/generated/decl/ImportDecl/ImportDecl.ql 34e45c5675750325ca212c05cdda4158c6bd9cc84d8cbc6672eca530fd8d5ba7 01f3ca092a9f91e0adfa3118162de4679962ba2c57e127642c496aeb91d50b68
+ql/test/extractor-tests/generated/decl/IfConfigDecl/IfConfigDecl_getMember.ql 2a2f4e89cb045c0f67c18d6c25e7f8cdcee5ce416304783c25ba2efb2afb45d4 4930c38baf0295399478733e24102a99307fe398986060d29e437bd65720f62d
 ql/test/extractor-tests/generated/decl/ImportDecl/ImportDecl.ql 65c03a28d5f5638b3ba15a02bdb33f214ab774c718e813ed29fda4dc59ef5ced 42b741d24e89f79f6a516fb272fedee1d2e94d6d3d5f437d4d0751a979206339
 ql/test/extractor-tests/generated/decl/ImportDecl/ImportDecl_getDeclaration.ql a76c6360ed7b423229ec64dc4d03f586204fbf5107408b7d07c06ef43b30526e bc8569ecf097f0e6176da4f42379158137f70dcfb9b6d60f4c16f643b68f9d91
 ql/test/extractor-tests/generated/decl/ImportDecl/ImportDecl_getImportedModule.ql 0339867ca4f414cceba85df20d12eca64a3eea9847bb02829dc28fa95701e987 8c292768f56cecbdfeb92985212e6b39ecada819891921c3ba1532d88d84c43e
 ql/test/extractor-tests/generated/decl/ImportDecl/ImportDecl_getMember.ql 6d48d3a93bc96dba3bda71ec9d9d6282615c2228a58da6167c169fafaedb3e17 8560b23d0f52b845c81727ce09c0b2f9647965c83d7de165e8cd3d91be5bdd42
 ql/test/extractor-tests/generated/decl/InfixOperatorDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
-ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql f2e3f8cf3d1a308460553033de41bf094fd7931ac0f4ae9c6b134940c0247b17 da3ac91991de773f1b914088435f1b7d9821b433b5af9ad8b003f62c15356774
+ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql f9216e83077ebc0cb5a5bf2d7368af86167a1bfd378f9cd5592fd484a1bbc5dd 1c2de61cb064474340db10de4399c49f15eb0a5669e6dc9587d8b4f656b0134f
 ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getBaseType.ql 54a4bd2cfa666271ae9092285bb7217b082c88483d614066cfb599fc8ab84305 8b24ab8e93efe3922cb192eb5de5f517763058782e83e8732153421adddd68e1
 ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getExportedModule.ql cfca012f0951c86560d892ea5eae182d5eda661c9484a0df71ef9c905123e8f6 dfebda4fcad0e2f2a2c944782a7355b3caeac569e5a45621c582bc1bb243b2cc
 ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.ql 44018a788205592c59cd10072f8b8d0558100bb15fff4b3e490176e86193e5b1 cc9fe6571713af8a0e844ac5da682c24feb1a2be4535e3feeb4cbbafba91a414
-ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql 7d91642f55a68928cf1d88c452f14788aa4299321505cc8104d865de4fc4106f 04765f0a4850bde6a8550d337a4a13d1d3a9df24f14de0fe403182a3ff6b78e2
+ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getMember.ql a4663d47cf0a16a07167b9a64d56f8ba8e504a78142c7e216d1df69879df9130 3f6a4080e33bddd1e34fa25519d855811c256182055db4989be8150fcddd541b
 ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql 16ccca5a90cc3133ab085ccb843416abc103f2fcf3423a84fbd7f5c15a5c7f17 242d7ea07842ee3fb0f9905b5cbc0ea744f1116c4591c5f133025260991bfdeb
 ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl_getBaseType.ql d030fd55ea5a5443c03e8ba1a024c03e3c68c96c948c850131f59fbac6409402 46816c1a75a4cf11db95884733382e46d5573b6c1116d5de0bfe5ae91fed4c3d
 ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl_getGenericTypeParam.ql c147420a91c157ee37a900dd7739bdb386fba5eeaadd84e609d2642d3fdbf2e0 cf1c981b6cb7b84944e9430cfe361905dcc396d4356d7f20a0ba993352bd5b02
 ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl_getMember.ql aa601966925c03f066624f4297b01ccc21cfeaba8e803e29c42cc9ef954258b6 4559e1d5257dcfb6cf414538f57fc015e483c06381048066c28b31324a2db09c
 ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl_getOpaqueGenericParam.ql 2b4264a68817f53ddd73e4fd80e9f7c3a5fcfa4d0692135e2d3b10c8a8379d98 c2efac460b655e726d898b2b80cbfce24820a922e26935804ddd21ae9c474085
-ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl.ql 70fd778e4d266ecc20180e09dde22107f0503c500d412ab9a5051c23bd8c7103 be5c8daed55d21db35d4a27e9d41038ea066355f7e5f3cb7c54d820545422147
+ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl.ql 5cd8b94d6c0d2fa7ecc554d4231ca6e9fc19524d33ebc4c551dbb5f89e77bc11 509f3bac1ed171d81c848de994403f3eeed3636f780c3bef2e45263e0497b571
 ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getAccessorDecl.ql bf6bd41b1eedad87a2d86acb4b183ddbd150119a0301ec56c6d7129fe5dee453 247fe28adde08cb86e03f9f21c32ea96b8bdc522b848bb84a592292338cac6b1
 ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getAttachedPropertyWrapperType.ql 3642cfd3ecf47a6b81a1745dc043131df349b898a937445eadfdee9f69aec3fc 97137c6673c45b0743db310b0839426eab71f5bc80ccc7bab99c304b8198159f
 ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getMember.ql b811867588bd320b9dcd116451a173c40581b36ba40b1ecb2da57033967d50df 523c22740e366edb880706fd11adcb1aaaa81509090bd2d0f0265ec5d2b431c2
 ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getParentInitializer.ql f0ecd0352a7e34e13040f31440a6170b0661b625c65b35d13021731b6db0f441 9fc89925050c9538ba3ba0b8c45278e30dffba64b53002f675e3f7a9ef014539
 ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getParentPattern.ql d6cbe58a6fb294762d88cbad55e2a8a188573969c1c691e73a9d6f598001f01e ddc4c06dccebaa4e92dcf765304278ca10339070955ee6616dfec6c814074496
 ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getPropertyWrapperBackingVar.ql d8b0a5264ebfd405d7a400cb56feffe66b73cbeb8caac92d96a5ee9acfc7a59d c3fd21ee69682592135fc2c88633dba36f5a5c4b07a3ad756977afdc055b9d6b
@@ -719,7 +727,8 @@ ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getPropertyWrapperPro
 ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl_getPropertyWrapperProjectionVarBinding.ql c79a13e49d3375edac8e51b27a58318afee959a8df639f7b0d7d77de1e2d60bc 8c3b9dae1079e674854d15f4bd43f1f507b7fac6900f0831d92f2140aae268b4
 ql/test/extractor-tests/generated/decl/PatternBindingDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
 ql/test/extractor-tests/generated/decl/PostfixOperatorDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
-ql/test/extractor-tests/generated/decl/PoundDiagnosticDecl/PoundDiagnosticDecl.ql 5a84b0117ba0bd438a7b6d034a95b4cf487eaec6ed45fa5a24df421a666704e0 2dd647c445849cc0ecfaa55b918d36c4f06a7c6e15f1f01a7a2f9c25e2b3b45b
+ql/test/extractor-tests/generated/decl/PoundDiagnosticDecl/PoundDiagnosticDecl.ql 17ac00f962db0e003c5845660b0dbad4ba59ce6e1def6384084ec937158544a5 df27465bc073fc4c031f75fa6b53263df2b902a8168f5d5c08851cc24bf0a647
 ql/test/extractor-tests/generated/decl/PoundDiagnosticDecl/PoundDiagnosticDecl_getMember.ql d670ff4ea33ea15aa5f0299fd5bb6cc637e8a16faebe19433d250627732f4903 9a2482a469797248aaeed33caa226c92c97392cad3aa9608554d8ad16cc5cb38
 ql/test/extractor-tests/generated/decl/PrecedenceGroupDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
 ql/test/extractor-tests/generated/decl/PrefixOperatorDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
 ql/test/extractor-tests/generated/decl/ProtocolDecl/MISSING_SOURCE.txt 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd 7e714762ffb48c436102027d560fb5addc1f7dc6dd6936b06e0d3cca031d67fd
--- a/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll
@@ -89,9 +89,9 @@ private module Frameworks {
  private import codeql.swift.frameworks.StandardLibrary.UrlSession
  private import codeql.swift.frameworks.StandardLibrary.WebView
  private import codeql.swift.frameworks.Alamofire.Alamofire
-  private import codeql.swift.security.CleartextLogging
+  private import codeql.swift.security.CleartextLoggingExtensions
-  private import codeql.swift.security.PathInjection
+  private import codeql.swift.security.PathInjectionExtensions
-  private import codeql.swift.security.PredicateInjection
+  private import codeql.swift.security.PredicateInjectionExtensions
 }
 /**
@@ -424,7 +424,7 @@ private Element interpretElement0(
    )
    or
    // Member functions
-    exists(NominalTypeDecl nomTypeDecl, IterableDeclContext decl, MethodDecl method |
+    exists(NominalTypeDecl nomTypeDecl, Decl decl, MethodDecl method |
      method.getName() = name and
      method = decl.getAMember() and
      nomTypeDecl.getFullName() = type and
@@ -432,25 +432,25 @@ private Element interpretElement0(
      result = method
    |
      subtypes = true and
-      decl.getNominalTypeDecl() = nomTypeDecl.getADerivedTypeDecl*()
+      decl.asNominalTypeDecl() = nomTypeDecl.getADerivedTypeDecl*()
      or
      subtypes = false and
-      decl.getNominalTypeDecl() = nomTypeDecl
+      decl.asNominalTypeDecl() = nomTypeDecl
    )
    or
    // Fields
    signature = "" and
-    exists(NominalTypeDecl nomTypeDecl, IterableDeclContext decl, FieldDecl field |
+    exists(NominalTypeDecl nomTypeDecl, Decl decl, FieldDecl field |
      field.getName() = name and
      field = decl.getAMember() and
      nomTypeDecl.getFullName() = type and
      result = field
    |
      subtypes = true and
-      decl.getNominalTypeDecl() = nomTypeDecl.getADerivedTypeDecl*()
+      decl.asNominalTypeDecl() = nomTypeDecl.getADerivedTypeDecl*()
      or
      subtypes = false and
-      decl.getNominalTypeDecl() = nomTypeDecl
+      decl.asNominalTypeDecl() = nomTypeDecl
    )
  )
 }
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
@@ -1487,6 +1487,10 @@ private module MkStage<StageSig PrevStage> {
      PrevStage::readStepCand(node1, _, _, config)
    }
    bindingset[ap, c]
    pragma[inline_late]
    private predicate hasHeadContent(Ap ap, Content c) { getHeadContent(ap) = c }
    pragma[nomagic]
    private predicate fwdFlowRead(
      Ap ap, Content c, NodeEx node1, NodeEx node2, FlowState state, Cc cc,
@@ -1494,7 +1498,7 @@ private module MkStage<StageSig PrevStage> {
    ) {
      fwdFlowRead0(node1, state, cc, summaryCtx, argAp, ap, config) and
      PrevStage::readStepCand(node1, c, node2, config) and
-      getHeadContent(ap) = c
+      hasHeadContent(ap, c)
    }
    pragma[nomagic]
--- a/swift/ql/lib/codeql/swift/elements.qll
+++ b/swift/ql/lib/codeql/swift/elements.qll
@@ -35,7 +35,6 @@ import codeql.swift.elements.decl.GenericTypeParamDecl
 import codeql.swift.elements.decl.IfConfigDecl
 import codeql.swift.elements.decl.ImportDecl
 import codeql.swift.elements.decl.InfixOperatorDecl
 import codeql.swift.elements.decl.IterableDeclContext
 import codeql.swift.elements.decl.MissingMemberDecl
 import codeql.swift.elements.decl.ModuleDecl
 import codeql.swift.elements.decl.NominalTypeDecl
--- a/swift/ql/lib/codeql/swift/elements/decl/Decl.qll
+++ b/swift/ql/lib/codeql/swift/elements/decl/Decl.qll
@@ -1,5 +1,22 @@
 private import codeql.swift.generated.decl.Decl
 private import codeql.swift.elements.decl.NominalTypeDecl
 private import codeql.swift.elements.decl.ExtensionDecl
 class Decl extends Generated::Decl {
  override string toString() { result = super.toString() }
  /**
   * Gets the `NominalTypeDecl` corresponding to this `Decl`, if any. This
   * resolves an `ExtensionDecl` to the `NominalTypeDecl` that it extends.
   */
  NominalTypeDecl asNominalTypeDecl() {
    result = this
    or
    result = this.(ExtensionDecl).getExtendedTypeDecl()
  }
  /**
   * Gets the declaration that declares this declaration as a member, if any.
   */
  Decl getDeclaringDecl() { this = result.getAMember() }
 }
--- a/swift/ql/lib/codeql/swift/elements/decl/IterableDeclContext.qll
+++ b/swift/ql/lib/codeql/swift/elements/decl/IterableDeclContext.qll
@@ -1,18 +0,0 @@
 private import codeql.swift.generated.decl.IterableDeclContext
 private import codeql.swift.elements.decl.NominalTypeDecl
 private import codeql.swift.elements.decl.ExtensionDecl
 /**
 * A nominal type (class, struct, enum or protocol) or extension.
 */
 class IterableDeclContext extends Generated::IterableDeclContext {
  /**
   * Gets the `NominalTypeDecl` corresponding to this `IterableDeclContext`
   * resolving an extension to the extended type declaration.
   */
  NominalTypeDecl getNominalTypeDecl() {
    result = this.(NominalTypeDecl)
    or
    result = this.(ExtensionDecl).getExtendedTypeDecl()
  }
 }
--- a/swift/ql/lib/codeql/swift/elements/decl/MethodDecl.qll
+++ b/swift/ql/lib/codeql/swift/elements/decl/MethodDecl.qll
@@ -1,6 +1,6 @@
 private import swift
-private Decl getAMember(IterableDeclContext ctx) {
+private Decl getAMember(Decl ctx) {
  ctx.getAMember() = result
  or
  exists(VarDecl var |
--- a/swift/ql/lib/codeql/swift/elements/decl/VarDecl.qll
+++ b/swift/ql/lib/codeql/swift/elements/decl/VarDecl.qll
@@ -1,6 +1,6 @@
 private import codeql.swift.generated.decl.VarDecl
 private import codeql.swift.elements.expr.DeclRefExpr
-private import codeql.swift.elements.decl.IterableDeclContext
+private import codeql.swift.elements.decl.Decl
 class VarDecl extends Generated::VarDecl {
  override string toString() { result = this.getName() }
@@ -9,5 +9,5 @@ class VarDecl extends Generated::VarDecl {
 }
 class FieldDecl extends VarDecl {
-  FieldDecl() { this = any(IterableDeclContext ctx).getAMember() }
+  FieldDecl() { this = any(Decl ctx).getAMember() }
 }
--- a/swift/ql/lib/codeql/swift/generated/ParentChild.qll
+++ b/swift/ql/lib/codeql/swift/generated/ParentChild.qll
@@ -198,14 +198,18 @@ private module Impl {
  }
  private Element getImmediateChildOfDecl(Decl e, int index, string partialPredicateCall) {
-    exists(int b, int bAstNode, int n |
+    exists(int b, int bAstNode, int n, int nMember |
      b = 0 and
      bAstNode = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfAstNode(e, i, _)) | i) and
      n = bAstNode and
      nMember = n + 1 + max(int i | i = -1 or exists(e.getImmediateMember(i)) | i) and
      (
        none()
        or
        result = getImmediateChildOfAstNode(e, index - b, partialPredicateCall)
        or
        result = e.getImmediateMember(index - n) and
        partialPredicateCall = "Member(" + (index - n).toString() + ")"
      )
    )
  }
@@ -230,25 +234,6 @@ private module Impl {
    )
  }
  private Element getImmediateChildOfIterableDeclContext(
    IterableDeclContext e, int index, string partialPredicateCall
  ) {
    exists(int b, int bElement, int n, int nMember |
      b = 0 and
      bElement = b + 1 + max(int i | i = -1 or exists(getImmediateChildOfElement(e, i, _)) | i) and
      n = bElement and
      nMember = n + 1 + max(int i | i = -1 or exists(e.getImmediateMember(i)) | i) and
      (
        none()
        or
        result = getImmediateChildOfElement(e, index - b, partialPredicateCall)
        or
        result = e.getImmediateMember(index - n) and
        partialPredicateCall = "Member(" + (index - n).toString() + ")"
      )
    )
  }
  private Element getImmediateChildOfEnumCaseDecl(
    EnumCaseDecl e, int index, string partialPredicateCall
  ) {
@@ -267,26 +252,19 @@ private module Impl {
  private Element getImmediateChildOfExtensionDecl(
    ExtensionDecl e, int index, string partialPredicateCall
  ) {
-    exists(int b, int bGenericContext, int bIterableDeclContext, int bDecl, int n |
+    exists(int b, int bGenericContext, int bDecl, int n |
      b = 0 and
      bGenericContext =
        b + 1 + max(int i | i = -1 or exists(getImmediateChildOfGenericContext(e, i, _)) | i) and
      bIterableDeclContext =
        bGenericContext + 1 +
          max(int i | i = -1 or exists(getImmediateChildOfIterableDeclContext(e, i, _)) | i) and
      bDecl =
-        bIterableDeclContext + 1 +
+        bGenericContext + 1 + max(int i | i = -1 or exists(getImmediateChildOfDecl(e, i, _)) | i) and
          max(int i | i = -1 or exists(getImmediateChildOfDecl(e, i, _)) | i) and
      n = bDecl and
      (
        none()
        or
        result = getImmediateChildOfGenericContext(e, index - b, partialPredicateCall)
        or
-        result =
+        result = getImmediateChildOfDecl(e, index - bGenericContext, partialPredicateCall)
          getImmediateChildOfIterableDeclContext(e, index - bGenericContext, partialPredicateCall)
        or
        result = getImmediateChildOfDecl(e, index - bIterableDeclContext, partialPredicateCall)
      )
    )
  }
@@ -799,21 +777,15 @@ private module Impl {
  private Element getImmediateChildOfNominalTypeDecl(
    NominalTypeDecl e, int index, string partialPredicateCall
  ) {
-    exists(int b, int bGenericTypeDecl, int bIterableDeclContext, int n |
+    exists(int b, int bGenericTypeDecl, int n |
      b = 0 and
      bGenericTypeDecl =
        b + 1 + max(int i | i = -1 or exists(getImmediateChildOfGenericTypeDecl(e, i, _)) | i) and
-      bIterableDeclContext =
+      n = bGenericTypeDecl and
        bGenericTypeDecl + 1 +
          max(int i | i = -1 or exists(getImmediateChildOfIterableDeclContext(e, i, _)) | i) and
      n = bIterableDeclContext and
      (
        none()
        or
        result = getImmediateChildOfGenericTypeDecl(e, index - b, partialPredicateCall)
        or
        result =
          getImmediateChildOfIterableDeclContext(e, index - bGenericTypeDecl, partialPredicateCall)
      )
    )
  }
--- a/swift/ql/lib/codeql/swift/generated/Raw.qll
+++ b/swift/ql/lib/codeql/swift/generated/Raw.qll
@@ -75,6 +75,8 @@ module Raw {
  class Decl extends @decl, AstNode {
    ModuleDecl getModule() { decls(this, result) }
    Decl getMember(int index) { decl_members(this, index, result) }
  }
  class GenericContext extends @generic_context, Element {
@@ -83,17 +85,13 @@ module Raw {
    }
  }
  class IterableDeclContext extends @iterable_decl_context, Element {
    Decl getMember(int index) { iterable_decl_context_members(this, index, result) }
  }
  class EnumCaseDecl extends @enum_case_decl, Decl {
    override string toString() { result = "EnumCaseDecl" }
    EnumElementDecl getElement(int index) { enum_case_decl_elements(this, index, result) }
  }
-  class ExtensionDecl extends @extension_decl, GenericContext, IterableDeclContext, Decl {
+  class ExtensionDecl extends @extension_decl, GenericContext, Decl {
    override string toString() { result = "ExtensionDecl" }
    NominalTypeDecl getExtendedTypeDecl() { extension_decls(this, result) }
@@ -292,7 +290,7 @@ module Raw {
    override string toString() { result = "GenericTypeParamDecl" }
  }
-  class NominalTypeDecl extends @nominal_type_decl, GenericTypeDecl, IterableDeclContext {
+  class NominalTypeDecl extends @nominal_type_decl, GenericTypeDecl {
    Type getType() { nominal_type_decls(this, result) }
  }
--- a/swift/ql/lib/codeql/swift/generated/Synth.qll
+++ b/swift/ql/lib/codeql/swift/generated/Synth.qll
@@ -338,8 +338,6 @@ module Synth {
  class TGenericTypeDecl = TNominalTypeDecl or TOpaqueTypeDecl or TTypeAliasDecl;
  class TIterableDeclContext = TExtensionDecl or TNominalTypeDecl;
  class TNominalTypeDecl = TClassDecl or TEnumDecl or TProtocolDecl or TStructDecl;
  class TOperatorDecl = TInfixOperatorDecl or TPostfixOperatorDecl or TPrefixOperatorDecl;
@@ -1381,8 +1379,6 @@ module Synth {
    or
    result = convertGenericContextFromRaw(e)
    or
    result = convertIterableDeclContextFromRaw(e)
    or
    result = convertLocatableFromRaw(e)
    or
    result = convertLocationFromRaw(e)
@@ -1519,13 +1515,6 @@ module Synth {
    result = convertTypeAliasDeclFromRaw(e)
  }
  cached
  TIterableDeclContext convertIterableDeclContextFromRaw(Raw::Element e) {
    result = convertExtensionDeclFromRaw(e)
    or
    result = convertNominalTypeDeclFromRaw(e)
  }
  cached
  TNominalTypeDecl convertNominalTypeDeclFromRaw(Raw::Element e) {
    result = convertClassDeclFromRaw(e)
@@ -3019,8 +3008,6 @@ module Synth {
    or
    result = convertGenericContextToRaw(e)
    or
    result = convertIterableDeclContextToRaw(e)
    or
    result = convertLocatableToRaw(e)
    or
    result = convertLocationToRaw(e)
@@ -3157,13 +3144,6 @@ module Synth {
    result = convertTypeAliasDeclToRaw(e)
  }
  cached
  Raw::Element convertIterableDeclContextToRaw(TIterableDeclContext e) {
    result = convertExtensionDeclToRaw(e)
    or
    result = convertNominalTypeDeclToRaw(e)
  }
  cached
  Raw::Element convertNominalTypeDeclToRaw(TNominalTypeDecl e) {
    result = convertClassDeclToRaw(e)
--- a/swift/ql/lib/codeql/swift/generated/decl/Decl.qll
+++ b/swift/ql/lib/codeql/swift/generated/decl/Decl.qll
@@ -21,5 +21,30 @@ module Generated {
     * Gets the module of this declaration.
     */
    final ModuleDecl getModule() { result = getImmediateModule().resolve() }
    /**
     * Gets the `index`th member of this declaration (0-based).
     *
     * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the
     * behavior of both the `Immediate` and non-`Immediate` versions.
     */
    Decl getImmediateMember(int index) {
      result = Synth::convertDeclFromRaw(Synth::convertDeclToRaw(this).(Raw::Decl).getMember(index))
    }
    /**
     * Gets the `index`th member of this declaration (0-based).
     */
    final Decl getMember(int index) { result = getImmediateMember(index).resolve() }
    /**
     * Gets any of the members of this declaration.
     */
    final Decl getAMember() { result = getMember(_) }
    /**
     * Gets the number of members of this declaration.
     */
    final int getNumberOfMembers() { result = count(int i | exists(getMember(i))) }
  }
 }
--- a/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll
+++ b/swift/ql/lib/codeql/swift/generated/decl/ExtensionDecl.qll
@@ -3,12 +3,11 @@ private import codeql.swift.generated.Synth
 private import codeql.swift.generated.Raw
 import codeql.swift.elements.decl.Decl
 import codeql.swift.elements.decl.GenericContext
 import codeql.swift.elements.decl.IterableDeclContext
 import codeql.swift.elements.decl.NominalTypeDecl
 import codeql.swift.elements.decl.ProtocolDecl
 module Generated {
-  class ExtensionDecl extends Synth::TExtensionDecl, GenericContext, IterableDeclContext, Decl {
+  class ExtensionDecl extends Synth::TExtensionDecl, GenericContext, Decl {
    override string getAPrimaryQlClass() { result = "ExtensionDecl" }
    /**
--- a/swift/ql/lib/codeql/swift/generated/decl/IterableDeclContext.qll
+++ b/swift/ql/lib/codeql/swift/generated/decl/IterableDeclContext.qll
@@ -1,37 +0,0 @@
 // generated by codegen/codegen.py
 private import codeql.swift.generated.Synth
 private import codeql.swift.generated.Raw
 import codeql.swift.elements.decl.Decl
 import codeql.swift.elements.Element
 module Generated {
  class IterableDeclContext extends Synth::TIterableDeclContext, Element {
    /**
     * Gets the `index`th member of this iterable declaration context (0-based).
     *
     * This includes nodes from the "hidden" AST. It can be overridden in subclasses to change the
     * behavior of both the `Immediate` and non-`Immediate` versions.
     */
    Decl getImmediateMember(int index) {
      result =
        Synth::convertDeclFromRaw(Synth::convertIterableDeclContextToRaw(this)
              .(Raw::IterableDeclContext)
              .getMember(index))
    }
    /**
     * Gets the `index`th member of this iterable declaration context (0-based).
     */
    final Decl getMember(int index) { result = getImmediateMember(index).resolve() }
    /**
     * Gets any of the members of this iterable declaration context.
     */
    final Decl getAMember() { result = getMember(_) }
    /**
     * Gets the number of members of this iterable declaration context.
     */
    final int getNumberOfMembers() { result = count(int i | exists(getMember(i))) }
  }
 }
--- a/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll
+++ b/swift/ql/lib/codeql/swift/generated/decl/NominalTypeDecl.qll
@@ -2,11 +2,10 @@
 private import codeql.swift.generated.Synth
 private import codeql.swift.generated.Raw
 import codeql.swift.elements.decl.GenericTypeDecl
 import codeql.swift.elements.decl.IterableDeclContext
 import codeql.swift.elements.type.Type
 module Generated {
-  class NominalTypeDecl extends Synth::TNominalTypeDecl, GenericTypeDecl, IterableDeclContext {
+  class NominalTypeDecl extends Synth::TNominalTypeDecl, GenericTypeDecl {
    /**
     * Gets the type of this nominal type declaration.
     *
--- a/swift/ql/lib/codeql/swift/security/CleartextLoggingExtensions.qll
+++ b/swift/ql/lib/codeql/swift/security/CleartextLoggingExtensions.qll
@@ -25,6 +25,9 @@ class CleartextLoggingAdditionalTaintStep extends Unit {
  abstract predicate step(DataFlow::Node n1, DataFlow::Node n2);
 }
 /**
 * A sink defined in a CSV model.
 */
 private class DefaultCleartextLoggingSink extends CleartextLoggingSink {
  DefaultCleartextLoggingSink() { sinkNode(this, "logging") }
 }
--- a/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll
+++ b/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll
@@ -6,7 +6,7 @@
 import swift
 private import codeql.swift.dataflow.DataFlow
 private import codeql.swift.dataflow.TaintTracking
-private import codeql.swift.security.CleartextLogging
+private import codeql.swift.security.CleartextLoggingExtensions
 private import codeql.swift.security.SensitiveExprs
 /**
--- a/swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
+++ b/swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
@@ -29,6 +29,9 @@ class PathInjectionAdditionalTaintStep extends Unit {
  abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
 }
 /**
 * A sink defined in a CSV model.
 */
 private class DefaultPathInjectionSink extends PathInjectionSink {
  DefaultPathInjectionSink() { sinkNode(this, "path-injection") }
 }
--- a/swift/ql/lib/codeql/swift/security/PathInjectionQuery.qll
+++ b/swift/ql/lib/codeql/swift/security/PathInjectionQuery.qll
@@ -8,7 +8,7 @@ private import codeql.swift.dataflow.DataFlow
 private import codeql.swift.dataflow.ExternalFlow
 private import codeql.swift.dataflow.FlowSources
 private import codeql.swift.dataflow.TaintTracking
-private import codeql.swift.security.PathInjection
+private import codeql.swift.security.PathInjectionExtensions
 /**
 * A taint-tracking configuration for path injection vulnerabilities.
--- a/swift/ql/lib/codeql/swift/security/PredicateInjectionExtensions.qll
+++ b/swift/ql/lib/codeql/swift/security/PredicateInjectionExtensions.qll
@@ -24,6 +24,9 @@ class PredicateInjectionAdditionalTaintStep extends Unit {
  abstract predicate step(DataFlow::Node n1, DataFlow::Node n2);
 }
 /**
 * A sink defined in a CSV model.
 */
 private class DefaultPredicateInjectionSink extends PredicateInjectionSink {
  DefaultPredicateInjectionSink() { sinkNode(this, "predicate-injection") }
 }
--- a/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll
+++ b/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll
@@ -7,7 +7,7 @@ import swift
 private import codeql.swift.dataflow.DataFlow
 private import codeql.swift.dataflow.FlowSources
 private import codeql.swift.dataflow.TaintTracking
-private import codeql.swift.security.PredicateInjection
+private import codeql.swift.security.PredicateInjectionExtensions
 /**
 * A taint-tracking configuration for predicate injection vulnerabilities.
--- a/swift/ql/lib/codeql/swift/security/SqlInjectionExtensions.qll
+++ b/swift/ql/lib/codeql/swift/security/SqlInjectionExtensions.qll
@@ -0,0 +1,151 @@
 /**
 * Provides classes and predicates for reasoning about database
 * queries built from user-controlled sources (that is, SQL injection
 * vulnerabilities).
 */
 import swift
 import codeql.swift.dataflow.DataFlow
 private import codeql.swift.dataflow.ExternalFlow
 /**
 * A dataflow sink for SQL injection vulnerabilities.
 */
 abstract class SqlInjectionSink extends DataFlow::Node { }
 /**
 * A sanitizer for SQL injection vulnerabilities.
 */
 abstract class SqlInjectionSanitizer extends DataFlow::Node { }
 /**
 * A unit class for adding additional taint steps.
 */
 class SqlInjectionAdditionalTaintStep extends Unit {
  abstract predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo);
 }
 /**
 * A default SQL injection sink for the sqlite3 C API.
 */
 private class CApiDefaultSqlInjectionSink extends SqlInjectionSink {
  CApiDefaultSqlInjectionSink() {
    // `sqlite3_exec` and variants of `sqlite3_prepare`.
    exists(CallExpr call |
      call.getStaticTarget()
          .(FreeFunctionDecl)
          .hasName([
              "sqlite3_exec(_:_:_:_:_:)", "sqlite3_prepare(_:_:_:_:_:)",
              "sqlite3_prepare_v2(_:_:_:_:_:)", "sqlite3_prepare_v3(_:_:_:_:_:_:)",
              "sqlite3_prepare16(_:_:_:_:_:)", "sqlite3_prepare16_v2(_:_:_:_:_:)",
              "sqlite3_prepare16_v3(_:_:_:_:_:_:)"
            ]) and
      call.getArgument(1).getExpr() = this.asExpr()
    )
  }
 }
 /**
 * A default SQL injection sink for the `SQLite.swift` library.
 */
 private class SQLiteSwiftDefaultSqlInjectionSink extends SqlInjectionSink {
  SQLiteSwiftDefaultSqlInjectionSink() {
    // Variants of `Connection.execute`, `connection.prepare` and `connection.scalar`.
    exists(CallExpr call |
      call.getStaticTarget()
          .(MethodDecl)
          .hasQualifiedName("Connection",
            ["execute(_:)", "prepare(_:_:)", "run(_:_:)", "scalar(_:_:)"]) and
      call.getArgument(0).getExpr() = this.asExpr()
    )
    or
    // String argument to the `Statement` constructor.
    exists(CallExpr call |
      call.getStaticTarget().(MethodDecl).hasQualifiedName("Statement", "init(_:_:)") and
      call.getArgument(1).getExpr() = this.asExpr()
    )
  }
 }
 /**
 * A default SQL injection sink for the GRDB library.
 */
 private class GrdbDefaultSqlInjectionSink extends SqlInjectionSink {
  GrdbDefaultSqlInjectionSink() {
    exists(CallExpr call, MethodDecl method |
      call.getStaticTarget() = method and
      call.getArgument(0).getExpr() = this.asExpr()
    |
      method
          .hasQualifiedName("Database",
            [
              "allStatements(sql:arguments:)", "cachedStatement(sql:)",
              "internalCachedStatement(sql:)", "execute(sql:arguments:)", "makeStatement(sql:)",
              "makeStatement(sql:prepFlags:)"
            ])
      or
      method
          .hasQualifiedName("SQLRequest",
            [
              "init(stringLiteral:)", "init(unicodeScalarLiteral:)",
              "init(extendedGraphemeClusterLiteral:)", "init(stringInterpolation:)",
              "init(sql:arguments:adapter:cached:)"
            ])
      or
      method
          .hasQualifiedName("SQL",
            [
              "init(stringLiteral:)", "init(unicodeScalarLiteral:)",
              "init(extendedGraphemeClusterLiteral:)", "init(stringInterpolation:)",
              "init(sql:arguments:)", "append(sql:arguments:)"
            ])
      or
      method
          .hasQualifiedName("TableDefinition", ["column(sql:)", "check(sql:)", "constraint(sql:)"])
      or
      method.hasQualifiedName("TableAlteration", "addColumn(sql:)")
      or
      method
          .hasQualifiedName("ColumnDefinition",
            ["check(sql:)", "defaults(sql:)", "generatedAs(sql:_:)"])
      or
      method
          .hasQualifiedName("TableRecord",
            [
              "select(sql:arguments:)", "select(sql:arguments:as:)", "filter(sql:arguments:)",
              "order(sql:arguments:)"
            ])
      or
      method.hasQualifiedName("StatementCache", "statement(_:)")
    )
    or
    exists(CallExpr call, MethodDecl method |
      call.getStaticTarget() = method and
      call.getArgument(1).getExpr() = this.asExpr()
    |
      method
          .hasQualifiedName(["Row", "DatabaseValueConvertible"],
            [
              "fetchCursor(_:sql:arguments:adapter:)", "fetchAll(_:sql:arguments:adapter:)",
              "fetchSet(_:sql:arguments:adapter:)", "fetchOne(_:sql:arguments:adapter:)"
            ])
      or
      method.hasQualifiedName("SQLStatementCursor", "init(database:sql:arguments:prepFlags:)")
    )
    or
    exists(CallExpr call, MethodDecl method |
      call.getStaticTarget() = method and
      call.getArgument(3).getExpr() = this.asExpr()
    |
      method
          .hasQualifiedName("CommonTableExpression", "init(recursive:named:columns:sql:arguments:)")
    )
  }
 }
 /**
 * A sink defined in a CSV model.
 */
 private class DefaultSqlInjectionSink extends SqlInjectionSink {
  DefaultSqlInjectionSink() { sinkNode(this, "sql") }
 }
--- a/Show More
+++ b/Show More
`@@ -27,7 +27,7 @@ def foo`

	`convert1({ hostname: 'test.example.com$' }); # NOT OK`	`convert1({ hostname: 'test.example.com$' }); # NOT OK`

	`domains = [ { hostname: 'test.example.com$' } ]; # NOT OK`	`domains = [ { hostname: 'test.example.com$' } ]; # NOT OK - but not flagged due to limitations of TypeTracking.`