From 3028e5dac00e115d07d7092fc7ca57ffb40a37eb Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 2 Dec 2025 17:21:04 +0000
Subject: [PATCH] Rust: CallExpr -> Call.

---
 .../security/HardcodedCryptographicValueExtensions.qll    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll b/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll
index febb509ec02..6015e42cc74 100644
--- a/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll
+++ b/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll
@@ -107,9 +107,9 @@ module HardcodedCryptographicValue {
 
     HeuristicSinks() {
       // any argument going to a parameter whose name matches a credential name
-      exists(CallExprBase fc, Function f, int argIndex, string argName |
-        fc.getArg(argIndex) = this.asExpr() and
-        fc.getStaticTarget() = f and
+      exists(Call c, Function f, int argIndex, string argName |
+        c.getPositionalArgument(argIndex) = this.asExpr() and
+        c.getStaticTarget() = f and
         f.getParam(argIndex).getPat().(IdentPat).getName().getText() = argName and
         (
           argName = "password" and kind = "password"
@@ -123,7 +123,7 @@ module HardcodedCryptographicValue {
           // note: matching "key" results in too many false positives
         ) and
         // don't duplicate modeled sinks
-        not exists(ModelsAsDataSinks s | s.(Node::FlowSummaryNode).getSinkElement().getCall() = fc)
+        not exists(ModelsAsDataSinks s | s.(Node::FlowSummaryNode).getSinkElement().getCall() = c)
       )
     }