Update to DataFlow::Global

java/ql/lib/semmle/code/java/security/AndroidCertificatePinningQuery.qll

@@ -118,7 +118,7 @@ private module UntrustedUrlConfig implements DataFlow::ConfigSig {
   predicate isSink(DataFlow::Node node) { node instanceof MissingPinningSink }
 }
 
-private module UntrustedUrlFlow = TaintTracking::Make<UntrustedUrlConfig>;
+private module UntrustedUrlFlow = TaintTracking::Global<UntrustedUrlConfig>;
 
 /** Holds if `node` is a network communication call for which certificate pinning is not implemented. */
 predicate missingPinning(DataFlow::Node node, string domain) {
@@ -128,7 +128,7 @@ predicate missingPinning(DataFlow::Node node, string domain) {
     not trustedDomain(_) and domain = ""
     or
     exists(DataFlow::Node src |
-      UntrustedUrlFlow::hasFlow(src, node) and
+      UntrustedUrlFlow::flow(src, node) and
       domain = getDomain(src.asExpr())
     )
   )

java/ql/lib/semmle/code/java/security/AndroidIntentRedirectionQuery.qll

@@ -42,14 +42,14 @@ module IntentRedirectionConfig implements DataFlow::ConfigSig {
 }
 
 /** Tracks the flow of tainted Intents being used to start Android components. */
-module IntentRedirectionFlow = TaintTracking::Make<IntentRedirectionConfig>;
+module IntentRedirectionFlow = TaintTracking::Global<IntentRedirectionConfig>;
 
 /**
  * A sanitizer for sinks that receive the original incoming Intent,
  * since its component cannot be arbitrarily set.
  */
 private class OriginalIntentSanitizer extends IntentRedirectionSanitizer {
-  OriginalIntentSanitizer() { SameIntentBeingRelaunchedFlow::hasFlowTo(this) }
+  OriginalIntentSanitizer() { SameIntentBeingRelaunchedFlow::flowTo(this) }
 }
 
 /**
@@ -77,14 +77,14 @@ private module SameIntentBeingRelaunchedConfig implements DataFlow::ConfigSig {
   }
 }
 
-private module SameIntentBeingRelaunchedFlow = DataFlow::Make<SameIntentBeingRelaunchedConfig>;
+private module SameIntentBeingRelaunchedFlow = DataFlow::Global<SameIntentBeingRelaunchedConfig>;
 
 /** An `Intent` with a tainted component. */
 private class IntentWithTaintedComponent extends DataFlow::Node {
   IntentWithTaintedComponent() {
     exists(IntentSetComponent setExpr |
       setExpr.getQualifier() = this.asExpr() and
-      TaintedIntentComponentFlow::hasFlowTo(DataFlow::exprNode(setExpr.getSink()))
+      TaintedIntentComponentFlow::flowTo(DataFlow::exprNode(setExpr.getSink()))
     )
   }
 }
@@ -100,7 +100,7 @@ private module TaintedIntentComponentConfig implements DataFlow::ConfigSig {
   }
 }
 
-private module TaintedIntentComponentFlow = TaintTracking::Make<TaintedIntentComponentConfig>;
+private module TaintedIntentComponentFlow = TaintTracking::Global<TaintedIntentComponentConfig>;
 
 /** A call to a method that changes the component of an `Intent`. */
 private class IntentSetComponent extends MethodAccess {

java/ql/lib/semmle/code/java/security/ImproperIntentVerificationQuery.qll

@@ -27,12 +27,12 @@ private module VerifiedIntentConfig implements DataFlow::ConfigSig {
   }
 }
 
-private module VerifiedIntentFlow = DataFlow::Make<VerifiedIntentConfig>;
+private module VerifiedIntentFlow = DataFlow::Global<VerifiedIntentConfig>;
 
 /** An `onReceive` method that doesn't verify the action of the intent it receives. */
 private class UnverifiedOnReceiveMethod extends OnReceiveMethod {
   UnverifiedOnReceiveMethod() {
-    not VerifiedIntentFlow::hasFlow(DataFlow::parameterNode(this.getIntentParameter()), _)
+    not VerifiedIntentFlow::flow(DataFlow::parameterNode(this.getIntentParameter()), _)
   }
 }
 

java/ql/lib/semmle/code/java/security/SensitiveKeyboardCacheQuery.qll

@@ -106,7 +106,7 @@ private module GoodInputTypeConfig implements DataFlow::ConfigSig {
   }
 }
 
-private module GoodInputTypeFlow = DataFlow::Make<GoodInputTypeConfig>;
+private module GoodInputTypeFlow = DataFlow::Global<GoodInputTypeConfig>;
 
 /** Gets a regex indicating that an input field may contain sensitive data. */
 private string getInputSensitiveInfoRegex() {
@@ -131,7 +131,7 @@ AndroidEditableXmlElement getASensitiveCachedInput() {
   (
     not inputTypeNotCached(result.getInputType()) and
     not exists(DataFlow::Node sink |
-      GoodInputTypeFlow::hasFlowTo(sink) and
+      GoodInputTypeFlow::flowTo(sink) and
       sink.asExpr() = setInputTypeForId(result.getId())
     )
   )

java/ql/lib/semmle/code/java/security/UnsafeAndroidAccessQuery.qll

@@ -37,4 +37,4 @@ module FetchUntrustedResourceConfig implements DataFlow::ConfigSig {
 /**
  * Detects taint flow from untrusted inputs to a resource fetching call.
  */
-module FetchUntrustedResourceFlow = TaintTracking::Make<FetchUntrustedResourceConfig>;
+module FetchUntrustedResourceFlow = TaintTracking::Global<FetchUntrustedResourceConfig>;

java/ql/lib/semmle/code/java/security/WebviewDebuggingEnabledQuery.qll

@@ -67,4 +67,4 @@ module WebviewDebugEnabledConfig implements DataFlow::ConfigSig {
 /**
  * Tracks instances of `setWebContentDebuggingEnabled` with `true` values.
  */
-module WebviewDebugEnabledFlow = DataFlow::Make<WebviewDebugEnabledConfig>;
+module WebviewDebugEnabledFlow = DataFlow::Global<WebviewDebugEnabledConfig>;

java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.ql

@@ -15,5 +15,5 @@ import semmle.code.java.security.WebviewDebuggingEnabledQuery
 import WebviewDebugEnabledFlow::PathGraph
 
 from WebviewDebugEnabledFlow::PathNode source, WebviewDebugEnabledFlow::PathNode sink
-where WebviewDebugEnabledFlow::hasFlowPath(source, sink)
+where WebviewDebugEnabledFlow::flowPath(source, sink)
 select sink, source, sink, "Webview debugging is enabled."

java/ql/src/Security/CWE/CWE-749/UnsafeAndroidAccess.ql

@@ -17,6 +17,6 @@ import semmle.code.java.security.UnsafeAndroidAccessQuery
 import FetchUntrustedResourceFlow::PathGraph
 
 from FetchUntrustedResourceFlow::PathNode source, FetchUntrustedResourceFlow::PathNode sink
-where FetchUntrustedResourceFlow::hasFlowPath(source, sink)
+where FetchUntrustedResourceFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Unsafe resource fetching in Android WebView due to $@.",
   source.getNode(), sink.getNode().(UrlResourceSink).getSinkType()

java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.ql

@@ -18,7 +18,7 @@ import semmle.code.java.security.AndroidIntentRedirectionQuery
 import IntentRedirectionFlow::PathGraph
 
 from IntentRedirectionFlow::PathNode source, IntentRedirectionFlow::PathNode sink
-where IntentRedirectionFlow::hasFlowPath(source, sink)
+where IntentRedirectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink,
   "Arbitrary Android activities or services can be started from a $@.", source.getNode(),
   "user-provided value"

java/ql/test/query-tests/security/CWE-489/webview-debugging/WebviewDebuggingEnabled.ql

@@ -6,6 +6,6 @@ class HasFlowTest extends InlineFlowTest {
   override predicate hasTaintFlow(DataFlow::Node src, DataFlow::Node sink) { none() }
 
   override predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) {
-    WebviewDebugEnabledFlow::hasFlow(src, sink)
+    WebviewDebugEnabledFlow::flow(src, sink)
   }
 }

java/ql/test/query-tests/security/CWE-749/UnsafeAndroidAccessTest.ql

@@ -9,7 +9,7 @@ class UnsafeAndroidAccessTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasUnsafeAndroidAccess" and
-    exists(DataFlow::Node sink | FetchUntrustedResourceFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | FetchUntrustedResourceFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""

java/ql/test/query-tests/security/CWE-940/AndroidIntentRedirectionTest.ql

@@ -9,7 +9,7 @@ class HasAndroidIntentRedirectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasAndroidIntentRedirection" and
-    exists(DataFlow::Node sink | IntentRedirectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | IntentRedirectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""