Merge branch 'main' into logsinks

2026-04-24 08:15:14 +02:00 · 2025-05-21 17:40:06 +01:00
parent b89560878e f660bcdd25
commit 3551d4488f
92 changed files with 1175 additions and 396 deletions
--- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticCFG.qll
+++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticCFG.qll
@@ -10,7 +10,7 @@ private import SemanticExprSpecific::SemanticExprConfig as Specific
 */
 class SemBasicBlock extends Specific::BasicBlock {
  /** Holds if this block (transitively) dominates `otherblock`. */
-  final predicate bbDominates(SemBasicBlock otherBlock) { Specific::bbDominates(this, otherBlock) }
+  final predicate dominates(SemBasicBlock otherBlock) { Specific::bbDominates(this, otherBlock) }

  /** Gets an expression that is evaluated in this basic block. */
  final SemExpr getAnExpr() { result.getBasicBlock() = this }
--- a/csharp/ql/integration-tests/posix/query-suite/csharp-security-and-quality.qls.expected
+++ b/csharp/ql/integration-tests/posix/query-suite/csharp-security-and-quality.qls.expected
@@ -38,7 +38,6 @@ ql/csharp/ql/src/Concurrency/SynchSetUnsynchGet.ql
 ql/csharp/ql/src/Concurrency/UnsafeLazyInitialization.ql
 ql/csharp/ql/src/Concurrency/UnsynchronizedStaticAccess.ql
 ql/csharp/ql/src/Configuration/EmptyPasswordInConfigurationFile.ql
-ql/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
 ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
 ql/csharp/ql/src/Diagnostics/CompilerError.ql
 ql/csharp/ql/src/Diagnostics/CompilerMessage.ql
@@ -146,8 +145,6 @@ ql/csharp/ql/src/Security Features/CWE-639/InsecureDirectObjectReference.ql
 ql/csharp/ql/src/Security Features/CWE-643/XPathInjection.ql
 ql/csharp/ql/src/Security Features/CWE-730/ReDoS.ql
 ql/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql
-ql/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql
-ql/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql
 ql/csharp/ql/src/Security Features/CWE-807/ConditionalBypass.ql
 ql/csharp/ql/src/Security Features/CookieWithOverlyBroadDomain.ql
 ql/csharp/ql/src/Security Features/CookieWithOverlyBroadPath.ql
--- a/csharp/ql/integration-tests/posix/query-suite/csharp-security-extended.qls.expected
+++ b/csharp/ql/integration-tests/posix/query-suite/csharp-security-extended.qls.expected
@@ -1,5 +1,4 @@
 ql/csharp/ql/src/Configuration/EmptyPasswordInConfigurationFile.ql
-ql/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
 ql/csharp/ql/src/Diagnostics/CompilerError.ql
 ql/csharp/ql/src/Diagnostics/CompilerMessage.ql
 ql/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql
@@ -49,8 +48,6 @@ ql/csharp/ql/src/Security Features/CWE-639/InsecureDirectObjectReference.ql
 ql/csharp/ql/src/Security Features/CWE-643/XPathInjection.ql
 ql/csharp/ql/src/Security Features/CWE-730/ReDoS.ql
 ql/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql
-ql/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql
-ql/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql
 ql/csharp/ql/src/Security Features/CWE-807/ConditionalBypass.ql
 ql/csharp/ql/src/Security Features/CookieWithOverlyBroadDomain.ql
 ql/csharp/ql/src/Security Features/CookieWithOverlyBroadPath.ql
--- a/csharp/ql/integration-tests/posix/query-suite/not_included_in_qls.expected
+++ b/csharp/ql/integration-tests/posix/query-suite/not_included_in_qls.expected
@@ -26,6 +26,7 @@ ql/csharp/ql/src/Bad Practices/Naming Conventions/DefaultControlNames.ql
 ql/csharp/ql/src/Bad Practices/Naming Conventions/VariableNameTooShort.ql
 ql/csharp/ql/src/Bad Practices/UseOfHtmlInputHidden.ql
 ql/csharp/ql/src/Bad Practices/UseOfSystemOutputStream.ql
+ql/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
 ql/csharp/ql/src/Dead Code/DeadRefTypes.ql
 ql/csharp/ql/src/Dead Code/NonAssignedFields.ql
 ql/csharp/ql/src/Dead Code/UnusedField.ql
@@ -89,6 +90,8 @@ ql/csharp/ql/src/Security Features/CWE-321/HardcodedSymmetricEncryptionKey.ql
 ql/csharp/ql/src/Security Features/CWE-327/DontInstallRootCert.ql
 ql/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.ql
 ql/csharp/ql/src/Security Features/CWE-611/UseXmlSecureResolver.ql
+ql/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql
+ql/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql
 ql/csharp/ql/src/Security Features/CWE-838/InappropriateEncoding.ql
 ql/csharp/ql/src/Useless code/PointlessForwardingMethod.ql
 ql/csharp/ql/src/definitions.ql
--- a/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
+++ b/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
@@ -4,7 +4,7 @@
 * @kind problem
 * @problem.severity warning
 * @security-severity 7.5
- * @precision medium
+ * @precision low
 * @id cs/password-in-configuration
 * @tags security
 *       external/cwe/cwe-013
--- a/Features/CWE-798/HardcodedConnectionString.ql
+++ b/Features/CWE-798/HardcodedConnectionString.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id cs/hardcoded-connection-string-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/Features/CWE-798/HardcodedCredentials.ql
+++ b/Features/CWE-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id cs/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/csharp/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/csharp/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The queries `cs/password-in-configuration`, `cs/hardcoded-credentials` and `cs/hardcoded-connection-string-credentials` have been removed from all query suites.
--- a/go/ql/integration-tests/query-suite/go-security-and-quality.qls.expected
+++ b/go/ql/integration-tests/query-suite/go-security-and-quality.qls.expected
@@ -50,6 +50,5 @@ ql/go/ql/src/Security/CWE-640/EmailInjection.ql
 ql/go/ql/src/Security/CWE-643/XPathInjection.ql
 ql/go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.ql
 ql/go/ql/src/Security/CWE-770/UncontrolledAllocationSize.ql
-ql/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/go/ql/src/Security/CWE-918/RequestForgery.ql
 ql/go/ql/src/Summary/LinesOfCode.ql
--- a/go/ql/integration-tests/query-suite/go-security-extended.qls.expected
+++ b/go/ql/integration-tests/query-suite/go-security-extended.qls.expected
@@ -28,6 +28,5 @@ ql/go/ql/src/Security/CWE-640/EmailInjection.ql
 ql/go/ql/src/Security/CWE-643/XPathInjection.ql
 ql/go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.ql
 ql/go/ql/src/Security/CWE-770/UncontrolledAllocationSize.ql
-ql/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/go/ql/src/Security/CWE-918/RequestForgery.ql
 ql/go/ql/src/Summary/LinesOfCode.ql
--- a/go/ql/integration-tests/query-suite/not_included_in_qls.expected
+++ b/go/ql/integration-tests/query-suite/not_included_in_qls.expected
@@ -6,6 +6,7 @@ ql/go/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql
 ql/go/ql/src/Security/CWE-020/UntrustedDataToUnknownExternalAPI.ql
 ql/go/ql/src/Security/CWE-078/StoredCommand.ql
 ql/go/ql/src/Security/CWE-079/StoredXss.ql
+ql/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/go/ql/src/definitions.ql
 ql/go/ql/src/experimental/CWE-090/LDAPInjection.ql
 ql/go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql
--- a/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -5,7 +5,7 @@
 * @kind problem
 * @problem.severity warning
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id go/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/go/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/go/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The query `go/hardcoded-credentials` has been removed from all query suites.
--- a/java/ql/integration-tests/java/query-suite/java-security-and-quality.qls.expected
+++ b/java/ql/integration-tests/java/query-suite/java-security-and-quality.qls.expected
@@ -196,7 +196,6 @@ ql/java/ql/src/Security/CWE/CWE-730/RegexInjection.ql
 ql/java/ql/src/Security/CWE/CWE-732/ReadingFromWorldWritableFile.ql
 ql/java/ql/src/Security/CWE/CWE-749/UnsafeAndroidAccess.ql
 ql/java/ql/src/Security/CWE/CWE-780/RsaWithoutOaep.ql
-ql/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
 ql/java/ql/src/Security/CWE/CWE-807/ConditionalBypass.ql
 ql/java/ql/src/Security/CWE/CWE-807/TaintedPermissionsCheck.ql
 ql/java/ql/src/Security/CWE/CWE-829/InsecureDependencyResolution.ql
--- a/java/ql/integration-tests/java/query-suite/java-security-extended.qls.expected
+++ b/java/ql/integration-tests/java/query-suite/java-security-extended.qls.expected
@@ -99,7 +99,6 @@ ql/java/ql/src/Security/CWE/CWE-730/RegexInjection.ql
 ql/java/ql/src/Security/CWE/CWE-732/ReadingFromWorldWritableFile.ql
 ql/java/ql/src/Security/CWE/CWE-749/UnsafeAndroidAccess.ql
 ql/java/ql/src/Security/CWE/CWE-780/RsaWithoutOaep.ql
-ql/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
 ql/java/ql/src/Security/CWE/CWE-807/ConditionalBypass.ql
 ql/java/ql/src/Security/CWE/CWE-807/TaintedPermissionsCheck.ql
 ql/java/ql/src/Security/CWE/CWE-829/InsecureDependencyResolution.ql
--- a/java/ql/integration-tests/java/query-suite/not_included_in_qls.expected
+++ b/java/ql/integration-tests/java/query-suite/not_included_in_qls.expected
@@ -158,6 +158,7 @@ ql/java/ql/src/Security/CWE/CWE-312/CleartextStorageClass.ql
 ql/java/ql/src/Security/CWE/CWE-319/HttpsUrls.ql
 ql/java/ql/src/Security/CWE/CWE-319/UseSSL.ql
 ql/java/ql/src/Security/CWE/CWE-319/UseSSLSocketFactories.ql
+ql/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
 ql/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsComparison.ql
 ql/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsSourceCall.ql
 ql/java/ql/src/Security/CWE/CWE-798/HardcodedPasswordField.ql
--- a/java/ql/lib/change-notes/2025-05-16-shared-basicblocks.md
+++ b/java/ql/lib/change-notes/2025-05-16-shared-basicblocks.md
@@ -0,0 +1,4 @@
+---
+category: deprecated
+---
+* Java now uses the shared `BasicBlock` library. This means that the names of several member predicates have been changed to align with the names used in other languages. The old predicates have been deprecated. The `BasicBlock` class itself no longer extends `ControlFlowNode` - the predicate `getFirstNode` can be used to fix any QL code that somehow relied on this.
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -6,6 +6,7 @@ extractor: java
 library: true
 upgrades: upgrades
 dependencies:
+  codeql/controlflow: ${workspace}
  codeql/dataflow: ${workspace}
  codeql/mad: ${workspace}
  codeql/quantum: ${workspace}
--- a/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
+++ b/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
@@ -4,91 +4,128 @@

 import java
 import Dominance
+private import codeql.controlflow.BasicBlock as BB

-cached
-private module BasicBlockStage {
-  cached
-  predicate ref() { any() }
+private module Input implements BB::InputSig<Location> {
+  import SuccessorType

-  cached
-  predicate backref() {
-    (exists(any(BasicBlock bb).getABBSuccessor()) implies any()) and
-    (exists(any(BasicBlock bb).getNode(_)) implies any()) and
-    (exists(any(BasicBlock bb).length()) implies any())
+  /** Hold if `t` represents a conditional successor type. */
+  predicate successorTypeIsCondition(SuccessorType t) { none() }
+
+  /** A delineated part of the AST with its own CFG. */
+  class CfgScope = Callable;
+
+  /** The class of control flow nodes. */
+  class Node = ControlFlowNode;
+
+  /** Gets the CFG scope in which this node occurs. */
+  CfgScope nodeGetCfgScope(Node node) { node.getEnclosingCallable() = result }
+
+  private Node getASpecificSuccessor(Node node, SuccessorType t) {
+    node.(ConditionNode).getABranchSuccessor(t.(BooleanSuccessor).getValue()) = result
+    or
+    node.getAnExceptionSuccessor() = result and t instanceof ExceptionSuccessor
  }
+
+  /** Gets an immediate successor of this node. */
+  Node nodeGetASuccessor(Node node, SuccessorType t) {
+    result = getASpecificSuccessor(node, t)
+    or
+    node.getASuccessor() = result and
+    t instanceof NormalSuccessor and
+    not result = getASpecificSuccessor(node, _)
+  }
+
+  /**
+   * Holds if `node` represents an entry node to be used when calculating
+   * dominance.
+   */
+  predicate nodeIsDominanceEntry(Node node) {
+    exists(Stmt entrystmt | entrystmt = node.asStmt() |
+      exists(Callable c | entrystmt = c.getBody())
+      or
+      // This disjunct is technically superfluous, but safeguards against extractor problems.
+      entrystmt instanceof BlockStmt and
+      not exists(entrystmt.getEnclosingCallable()) and
+      not entrystmt.getParent() instanceof Stmt
+    )
+  }
+
+  /**
+   * Holds if `node` represents an exit node to be used when calculating
+   * post dominance.
+   */
+  predicate nodeIsPostDominanceExit(Node node) { node instanceof ControlFlow::ExitNode }
+}
+
+private module BbImpl = BB::Make<Location, Input>;
+
+import BbImpl
+
+/** Holds if the dominance relation is calculated for `bb`. */
+predicate hasDominanceInformation(BasicBlock bb) {
+  exists(BasicBlock entry |
+    Input::nodeIsDominanceEntry(entry.getFirstNode()) and entry.getASuccessor*() = bb
+  )
 }

 /**
- * A control-flow node that represents the start of a basic block.
- *
- * A basic block is a series of nodes with no control-flow branching, which can
- * often be treated as a unit in analyses.
+ * A basic block, that is, a maximal straight-line sequence of control flow nodes
+ * without branches or joins.
 */
-class BasicBlock extends ControlFlowNode {
-  cached
-  BasicBlock() {
-    BasicBlockStage::ref() and
-    not exists(this.getAPredecessor()) and
-    exists(this.getASuccessor())
-    or
-    strictcount(this.getAPredecessor()) > 1
-    or
-    exists(ControlFlowNode pred | pred = this.getAPredecessor() |
-      strictcount(pred.getASuccessor()) > 1
-    )
-  }
+class BasicBlock extends BbImpl::BasicBlock {
+  /** Gets the immediately enclosing callable whose body contains this node. */
+  Callable getEnclosingCallable() { result = this.getScope() }

-  /** Gets an immediate successor of this basic block. */
-  cached
-  BasicBlock getABBSuccessor() {
-    BasicBlockStage::ref() and
-    result = this.getLastNode().getASuccessor()
-  }
+  /**
+   * Holds if this basic block dominates basic block `bb`.
+   *
+   * That is, all paths reaching `bb` from the entry point basic block must
+   * go through this basic block.
+   */
+  predicate dominates(BasicBlock bb) { super.dominates(bb) }

-  /** Gets an immediate predecessor of this basic block. */
-  BasicBlock getABBPredecessor() { result.getABBSuccessor() = this }
+  /**
+   * DEPRECATED: Use `getASuccessor` instead.
+   *
+   * Gets an immediate successor of this basic block.
+   */
+  deprecated BasicBlock getABBSuccessor() { result = this.getASuccessor() }

-  /** Gets a control-flow node contained in this basic block. */
-  ControlFlowNode getANode() { result = this.getNode(_) }
+  /**
+   * DEPRECATED: Use `getAPredecessor` instead.
+   *
+   * Gets an immediate predecessor of this basic block.
+   */
+  deprecated BasicBlock getABBPredecessor() { result.getASuccessor() = this }

-  /** Gets the control-flow node at a specific (zero-indexed) position in this basic block. */
-  cached
-  ControlFlowNode getNode(int pos) {
-    BasicBlockStage::ref() and
-    result = this and
-    pos = 0
-    or
-    exists(ControlFlowNode mid, int mid_pos | pos = mid_pos + 1 |
-      this.getNode(mid_pos) = mid and
-      mid.getASuccessor() = result and
-      not result instanceof BasicBlock
-    )
-  }
+  /**
+   * DEPRECATED: Use `strictlyDominates` instead.
+   *
+   * Holds if this basic block strictly dominates `node`.
+   */
+  deprecated predicate bbStrictlyDominates(BasicBlock node) { this.strictlyDominates(node) }

-  /** Gets the first control-flow node in this basic block. */
-  ControlFlowNode getFirstNode() { result = this }
+  /**
+   * DEPRECATED: Use `dominates` instead.
+   *
+   * Holds if this basic block dominates `node`. (This is reflexive.)
+   */
+  deprecated predicate bbDominates(BasicBlock node) { this.dominates(node) }

-  /** Gets the last control-flow node in this basic block. */
-  ControlFlowNode getLastNode() { result = this.getNode(this.length() - 1) }
+  /**
+   * DEPRECATED: Use `strictlyPostDominates` instead.
+   *
+   * Holds if this basic block strictly post-dominates `node`.
+   */
+  deprecated predicate bbStrictlyPostDominates(BasicBlock node) { this.strictlyPostDominates(node) }

-  /** Gets the number of control-flow nodes contained in this basic block. */
-  cached
-  int length() {
-    BasicBlockStage::ref() and
-    result = strictcount(this.getANode())
-  }
-
-  /** Holds if this basic block strictly dominates `node`. */
-  predicate bbStrictlyDominates(BasicBlock node) { bbStrictlyDominates(this, node) }
-
-  /** Holds if this basic block dominates `node`. (This is reflexive.) */
-  predicate bbDominates(BasicBlock node) { bbDominates(this, node) }
-
-  /** Holds if this basic block strictly post-dominates `node`. */
-  predicate bbStrictlyPostDominates(BasicBlock node) { bbStrictlyPostDominates(this, node) }
-
-  /** Holds if this basic block post-dominates `node`. (This is reflexive.) */
-  predicate bbPostDominates(BasicBlock node) { bbPostDominates(this, node) }
+  /**
+   * DEPRECATED: Use `postDominates` instead.
+   *
+   * Holds if this basic block post-dominates `node`. (This is reflexive.)
+   */
+  deprecated predicate bbPostDominates(BasicBlock node) { this.postDominates(node) }
 }

 /** A basic block that ends in an exit node. */
--- a/java/ql/lib/semmle/code/java/controlflow/Dominance.qll
+++ b/java/ql/lib/semmle/code/java/controlflow/Dominance.qll
@@ -8,91 +8,75 @@ import java
 * Predicates for basic-block-level dominance.
 */

-/** Entry points for control-flow. */
-private predicate flowEntry(BasicBlock entry) {
-  exists(Stmt entrystmt | entrystmt = entry.getFirstNode().asStmt() |
-    exists(Callable c | entrystmt = c.getBody())
-    or
-    // This disjunct is technically superfluous, but safeguards against extractor problems.
-    entrystmt instanceof BlockStmt and
-    not exists(entry.getEnclosingCallable()) and
-    not entrystmt.getParent() instanceof Stmt
-  )
-}
-
-/** The successor relation for basic blocks. */
-private predicate bbSucc(BasicBlock pre, BasicBlock post) { post = pre.getABBSuccessor() }
-
-/** The immediate dominance relation for basic blocks. */
-cached
-predicate bbIDominates(BasicBlock dom, BasicBlock node) =
-  idominance(flowEntry/1, bbSucc/2)(_, dom, node)
-
-/** Holds if the dominance relation is calculated for `bb`. */
-predicate hasDominanceInformation(BasicBlock bb) {
-  exists(BasicBlock entry | flowEntry(entry) and bbSucc*(entry, bb))
+/**
+ * DEPRECATED: Use `BasicBlock::immediatelyDominates` instead.
+ *
+ * The immediate dominance relation for basic blocks.
+ */
+deprecated predicate bbIDominates(BasicBlock dom, BasicBlock node) {
+  dom.immediatelyDominates(node)
 }

 /** Exit points for basic-block control-flow. */
 private predicate bbSink(BasicBlock exit) { exit.getLastNode() instanceof ControlFlow::ExitNode }

 /** Reversed `bbSucc`. */
-private predicate bbPred(BasicBlock post, BasicBlock pre) { post = pre.getABBSuccessor() }
+private predicate bbPred(BasicBlock post, BasicBlock pre) { post = pre.getASuccessor() }

 /** The immediate post-dominance relation on basic blocks. */
-cached
-predicate bbIPostDominates(BasicBlock dominator, BasicBlock node) =
+deprecated predicate bbIPostDominates(BasicBlock dominator, BasicBlock node) =
  idominance(bbSink/1, bbPred/2)(_, dominator, node)

-/** Holds if `dom` strictly dominates `node`. */
-predicate bbStrictlyDominates(BasicBlock dom, BasicBlock node) { bbIDominates+(dom, node) }
-
-/** Holds if `dom` dominates `node`. (This is reflexive.) */
-predicate bbDominates(BasicBlock dom, BasicBlock node) {
-  bbStrictlyDominates(dom, node) or dom = node
+/**
+ * DEPRECATED: Use `BasicBlock::strictlyDominates` instead.
+ *
+ * Holds if `dom` strictly dominates `node`.
+ */
+deprecated predicate bbStrictlyDominates(BasicBlock dom, BasicBlock node) {
+  dom.strictlyDominates(node)
 }

-/** Holds if `dom` strictly post-dominates `node`. */
-predicate bbStrictlyPostDominates(BasicBlock dom, BasicBlock node) { bbIPostDominates+(dom, node) }
+/**
+ * DEPRECATED: Use `BasicBlock::dominates` instead.
+ *
+ * Holds if `dom` dominates `node`. (This is reflexive.)
+ */
+deprecated predicate bbDominates(BasicBlock dom, BasicBlock node) { dom.dominates(node) }

-/** Holds if `dom` post-dominates `node`. (This is reflexive.) */
-predicate bbPostDominates(BasicBlock dom, BasicBlock node) {
-  bbStrictlyPostDominates(dom, node) or dom = node
+/**
+ * DEPRECATED: Use `BasicBlock::strictlyPostDominates` instead.
+ *
+ * Holds if `dom` strictly post-dominates `node`.
+ */
+deprecated predicate bbStrictlyPostDominates(BasicBlock dom, BasicBlock node) {
+  dom.strictlyPostDominates(node)
 }

+/**
+ * DEPRECATED: Use `BasicBlock::postDominates` instead.
+ *
+ * Holds if `dom` post-dominates `node`. (This is reflexive.)
+ */
+deprecated predicate bbPostDominates(BasicBlock dom, BasicBlock node) { dom.postDominates(node) }
+
 /**
 * The dominance frontier relation for basic blocks.
 *
 * This is equivalent to:
 *
 * ```
- *   bbDominates(x, w.getABBPredecessor()) and not bbStrictlyDominates(x, w)
+ *   x.dominates(w.getAPredecessor()) and not x.strictlyDominates(w)
 * ```
 */
 predicate dominanceFrontier(BasicBlock x, BasicBlock w) {
-  x = w.getABBPredecessor() and not bbIDominates(x, w)
+  x = w.getAPredecessor() and not x.immediatelyDominates(w)
  or
  exists(BasicBlock prev | dominanceFrontier(prev, w) |
-    bbIDominates(x, prev) and
-    not bbIDominates(x, w)
+    x.immediatelyDominates(prev) and
+    not x.immediatelyDominates(w)
  )
 }

-/**
- * Holds if `(bb1, bb2)` is an edge that dominates `bb2`, that is, all other
- * predecessors of `bb2` are dominated by `bb2`. This implies that `bb1` is the
- * immediate dominator of `bb2`.
- *
- * This is a necessary and sufficient condition for an edge to dominate anything,
- * and in particular `dominatingEdge(bb1, bb2) and bb2.bbDominates(bb3)` means
- * that the edge `(bb1, bb2)` dominates `bb3`.
- */
-predicate dominatingEdge(BasicBlock bb1, BasicBlock bb2) {
-  bbIDominates(bb1, bb2) and
-  bb1.getABBSuccessor() = bb2 and
-  forall(BasicBlock pred | pred = bb2.getABBPredecessor() and pred != bb1 | bbDominates(bb2, pred))
-}
-
 /*
 * Predicates for expression-level dominance.
 */
@@ -102,7 +86,7 @@ predicate iDominates(ControlFlowNode dominator, ControlFlowNode node) {
  exists(BasicBlock bb, int i | dominator = bb.getNode(i) and node = bb.getNode(i + 1))
  or
  exists(BasicBlock dom, BasicBlock bb |
-    bbIDominates(dom, bb) and
+    dom.immediatelyDominates(bb) and
    dominator = dom.getLastNode() and
    node = bb.getFirstNode()
  )
@@ -112,7 +96,7 @@ predicate iDominates(ControlFlowNode dominator, ControlFlowNode node) {
 pragma[inline]
 predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) {
  // This predicate is gigantic, so it must be inlined.
-  bbStrictlyDominates(dom.getBasicBlock(), node.getBasicBlock())
+  dom.getBasicBlock().strictlyDominates(node.getBasicBlock())
  or
  exists(BasicBlock b, int i, int j | dom = b.getNode(i) and node = b.getNode(j) and i < j)
 }
@@ -121,7 +105,7 @@ predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) {
 pragma[inline]
 predicate dominates(ControlFlowNode dom, ControlFlowNode node) {
  // This predicate is gigantic, so it must be inlined.
-  bbStrictlyDominates(dom.getBasicBlock(), node.getBasicBlock())
+  dom.getBasicBlock().strictlyDominates(node.getBasicBlock())
  or
  exists(BasicBlock b, int i, int j | dom = b.getNode(i) and node = b.getNode(j) and i <= j)
 }
@@ -130,7 +114,7 @@ predicate dominates(ControlFlowNode dom, ControlFlowNode node) {
 pragma[inline]
 predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) {
  // This predicate is gigantic, so it must be inlined.
-  bbStrictlyPostDominates(dom.getBasicBlock(), node.getBasicBlock())
+  dom.getBasicBlock().strictlyPostDominates(node.getBasicBlock())
  or
  exists(BasicBlock b, int i, int j | dom = b.getNode(i) and node = b.getNode(j) and i > j)
 }
@@ -139,7 +123,7 @@ predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) {
 pragma[inline]
 predicate postDominates(ControlFlowNode dom, ControlFlowNode node) {
  // This predicate is gigantic, so it must be inlined.
-  bbStrictlyPostDominates(dom.getBasicBlock(), node.getBasicBlock())
+  dom.getBasicBlock().strictlyPostDominates(node.getBasicBlock())
  or
  exists(BasicBlock b, int i, int j | dom = b.getNode(i) and node = b.getNode(j) and i >= j)
 }
--- a/java/ql/lib/semmle/code/java/controlflow/Guards.qll
+++ b/java/ql/lib/semmle/code/java/controlflow/Guards.qll
@@ -23,7 +23,7 @@ class ConditionBlock extends BasicBlock {

  /** Gets a `true`- or `false`-successor of the last node of this basic block. */
  BasicBlock getTestSuccessor(boolean testIsTrue) {
-    result = this.getConditionNode().getABranchSuccessor(testIsTrue)
+    result.getFirstNode() = this.getConditionNode().getABranchSuccessor(testIsTrue)
  }

  /*
@@ -68,7 +68,7 @@ class ConditionBlock extends BasicBlock {
    exists(BasicBlock succ |
      succ = this.getTestSuccessor(testIsTrue) and
      dominatingEdge(this, succ) and
-      succ.bbDominates(controlled)
+      succ.dominates(controlled)
    )
  }
 }
@@ -287,7 +287,7 @@ private predicate switchCaseControls(SwitchCase sc, BasicBlock bb) {
    // Pattern cases are handled as condition blocks
    not sc instanceof PatternCase and
    caseblock.getFirstNode() = sc.getControlFlowNode() and
-    caseblock.bbDominates(bb) and
+    caseblock.dominates(bb) and
    // Check we can't fall through from a previous block:
    forall(ControlFlowNode pred | pred = sc.getControlFlowNode().getAPredecessor() |
      isNonFallThroughPredecessor(sc, pred)
@@ -300,14 +300,14 @@ private predicate preconditionBranchEdge(
 ) {
  conditionCheckArgument(ma, _, branch) and
  bb1.getLastNode() = ma.getControlFlowNode() and
-  bb2 = bb1.getLastNode().getANormalSuccessor()
+  bb2.getFirstNode() = bb1.getLastNode().getANormalSuccessor()
 }

 private predicate preconditionControls(MethodCall ma, BasicBlock controlled, boolean branch) {
  exists(BasicBlock check, BasicBlock succ |
    preconditionBranchEdge(ma, check, succ, branch) and
    dominatingEdge(check, succ) and
-    succ.bbDominates(controlled)
+    succ.dominates(controlled)
  )
 }

--- a/java/ql/lib/semmle/code/java/controlflow/Paths.qll
+++ b/java/ql/lib/semmle/code/java/controlflow/Paths.qll
@@ -47,7 +47,7 @@ private predicate callAlwaysPerformsAction(Call call, ActionConfiguration conf)
 private predicate actionDominatesExit(Callable callable, ActionConfiguration conf) {
  exists(ExitBlock exit |
    exit.getEnclosingCallable() = callable and
-    actionBlock(conf).bbDominates(exit)
+    actionBlock(conf).dominates(exit)
  )
 }

@@ -56,12 +56,12 @@ private BasicBlock nonDominatingActionBlock(ActionConfiguration conf) {
  exists(ExitBlock exit |
    result = actionBlock(conf) and
    exit.getEnclosingCallable() = result.getEnclosingCallable() and
-    not result.bbDominates(exit)
+    not result.dominates(exit)
  )
 }

 private class JoinBlock extends BasicBlock {
-  JoinBlock() { 2 <= strictcount(this.getABBPredecessor()) }
+  JoinBlock() { 2 <= strictcount(this.getAPredecessor()) }
 }

 /**
@@ -72,8 +72,8 @@ private predicate postActionBlock(BasicBlock bb, ActionConfiguration conf) {
  bb = nonDominatingActionBlock(conf)
  or
  if bb instanceof JoinBlock
-  then forall(BasicBlock pred | pred = bb.getABBPredecessor() | postActionBlock(pred, conf))
-  else postActionBlock(bb.getABBPredecessor(), conf)
+  then forall(BasicBlock pred | pred = bb.getAPredecessor() | postActionBlock(pred, conf))
+  else postActionBlock(bb.getAPredecessor(), conf)
 }

 /** Holds if every path through `callable` goes through at least one action node. */
--- a/java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
+++ b/java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
@@ -0,0 +1,72 @@
+/**
+ * Provides different types of control flow successor types.
+ */
+
+import java
+private import codeql.util.Boolean
+
+private newtype TSuccessorType =
+  TNormalSuccessor() or
+  TBooleanSuccessor(Boolean branch) or
+  TExceptionSuccessor()
+
+/** The type of a control flow successor. */
+class SuccessorType extends TSuccessorType {
+  /** Gets a textual representation of successor type. */
+  string toString() { result = "SuccessorType" }
+}
+
+/** A normal control flow successor. */
+class NormalSuccessor extends SuccessorType, TNormalSuccessor { }
+
+/**
+ * An exceptional control flow successor.
+ *
+ * This marks control flow edges that are taken when an exception is thrown.
+ */
+class ExceptionSuccessor extends SuccessorType, TExceptionSuccessor { }
+
+/**
+ * A conditional control flow successor.
+ *
+ * This currently only includes boolean successors (`BooleanSuccessor`).
+ */
+class ConditionalSuccessor extends SuccessorType, TBooleanSuccessor {
+  /** Gets the Boolean value of this successor. */
+  boolean getValue() { this = TBooleanSuccessor(result) }
+}
+
+/**
+ * A Boolean control flow successor.
+ *
+ * For example, this program fragment:
+ *
+ * ```java
+ * if (x < 0)
+ *     return 0;
+ * else
+ *     return 1;
+ * ```
+ *
+ * has a control flow graph containing Boolean successors:
+ *
+ * ```
+ *        if
+ *        |
+ *      x < 0
+ *       / \
+ *      /   \
+ *     /     \
+ *  true    false
+ *    |        \
+ * return 0   return 1
+ * ```
+ */
+class BooleanSuccessor = ConditionalSuccessor;
+
+/**
+ * A nullness control flow successor. This is currently unused for Java.
+ */
+class NullnessSuccessor extends ConditionalSuccessor {
+  NullnessSuccessor() { none() }
+}
--- a/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll
+++ b/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll
@@ -209,7 +209,7 @@ class UnreachableBasicBlock extends BasicBlock {
    or
    // This block is not reachable in the CFG, and is not the entrypoint in a callable, an
    // expression in an assert statement, or a catch clause.
-    forall(BasicBlock bb | bb = this.getABBPredecessor() | bb instanceof UnreachableBasicBlock) and
+    forall(BasicBlock bb | bb = this.getAPredecessor() | bb instanceof UnreachableBasicBlock) and
    not exists(Callable c | c.getBody().getControlFlowNode() = this.getFirstNode()) and
    not this.getFirstNode().asExpr().getEnclosingStmt() instanceof AssertStmt and
    not this.getFirstNode().asStmt() instanceof CatchClause
@@ -219,11 +219,10 @@ class UnreachableBasicBlock extends BasicBlock {
      // Not accessible from the switch expression
      unreachableCaseBlock = constSwitchStmt.getAFailingCase().getBasicBlock() and
      // Not accessible from the successful case
-      not constSwitchStmt.getMatchingCase().getBasicBlock().getABBSuccessor*() =
-        unreachableCaseBlock
+      not constSwitchStmt.getMatchingCase().getBasicBlock().getASuccessor*() = unreachableCaseBlock
    |
      // Blocks dominated by an unreachable case block are unreachable
-      unreachableCaseBlock.bbDominates(this)
+      unreachableCaseBlock.dominates(this)
    )
  }
 }
--- a/java/ql/lib/semmle/code/java/controlflow/internal/GuardsLogic.qll
+++ b/java/ql/lib/semmle/code/java/controlflow/internal/GuardsLogic.qll
@@ -239,7 +239,7 @@ SsaVariable getADefinition(SsaVariable v, boolean fromBackEdge) {
  exists(SsaVariable inp, BasicBlock bb, boolean fbe |
    v.(SsaPhiNode).hasInputFromBlock(inp, bb) and
    result = getADefinition(inp, fbe) and
-    (if v.getBasicBlock().bbDominates(bb) then fromBackEdge = true else fromBackEdge = fbe)
+    (if v.getBasicBlock().dominates(bb) then fromBackEdge = true else fromBackEdge = fbe)
  )
 }

@@ -290,10 +290,10 @@ private predicate guardImpliesEqual(Guard guard, boolean branch, SsaVariable v,
  )
 }

-private ControlFlowNode getAGuardBranchSuccessor(Guard g, boolean branch) {
-  result = g.(Expr).getControlFlowNode().(ConditionNode).getABranchSuccessor(branch)
+private BasicBlock getAGuardBranchSuccessor(Guard g, boolean branch) {
+  result.getFirstNode() = g.(Expr).getControlFlowNode().(ConditionNode).getABranchSuccessor(branch)
  or
-  result = g.(SwitchCase).getControlFlowNode() and branch = true
+  result.getFirstNode() = g.(SwitchCase).getControlFlowNode() and branch = true
 }

 /**
@@ -306,7 +306,7 @@ private predicate guardControlsPhiBranch(
  guard.directlyControls(upd.getBasicBlock(), branch) and
  upd.getDefiningExpr().(VariableAssign).getSource() = e and
  upd = phi.getAPhiInput() and
-  guard.getBasicBlock().bbStrictlyDominates(phi.getBasicBlock())
+  guard.getBasicBlock().strictlyDominates(phi.getBasicBlock())
 }

 /**
@@ -331,7 +331,7 @@ private predicate conditionalAssign(SsaVariable v, Guard guard, boolean branch,
    forall(SsaVariable other | other != upd and other = phi.getAPhiInput() |
      guard.directlyControls(other.getBasicBlock(), branch.booleanNot())
      or
-      other.getBasicBlock().bbDominates(guard.getBasicBlock()) and
+      other.getBasicBlock().dominates(guard.getBasicBlock()) and
      not other.isLiveAtEndOfBlock(getAGuardBranchSuccessor(guard, branch))
    )
  )
--- a/java/ql/lib/semmle/code/java/dataflow/Nullness.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/Nullness.qll
@@ -298,9 +298,9 @@ private predicate impossibleEdge(BasicBlock bb1, BasicBlock bb2) {
 private predicate leavingFinally(BasicBlock bb1, BasicBlock bb2, boolean normaledge) {
  exists(TryStmt try, BlockStmt finally |
    try.getFinally() = finally and
-    bb1.getABBSuccessor() = bb2 and
-    bb1.getEnclosingStmt().getEnclosingStmt*() = finally and
-    not bb2.getEnclosingStmt().getEnclosingStmt*() = finally and
+    bb1.getASuccessor() = bb2 and
+    bb1.getFirstNode().getEnclosingStmt().getEnclosingStmt*() = finally and
+    not bb2.getFirstNode().getEnclosingStmt().getEnclosingStmt*() = finally and
    if bb1.getLastNode().getANormalSuccessor() = bb2.getFirstNode()
    then normaledge = true
    else normaledge = false
@@ -339,7 +339,7 @@ private predicate nullVarStep(
  midssa.isLiveAtEndOfBlock(mid) and
  not ensureNotNull(midssa).getBasicBlock() = mid and
  not assertFail(mid, _) and
-  bb = mid.getABBSuccessor() and
+  bb = mid.getASuccessor() and
  not impossibleEdge(mid, bb) and
  not exists(boolean branch | nullGuard(midssa, branch, false).hasBranchEdge(mid, bb, branch)) and
  not (leavingFinally(mid, bb, true) and midstoredcompletion = true) and
--- a/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll
@@ -209,13 +209,13 @@ module Sem implements Semantic<Location> {

  class BasicBlock = J::BasicBlock;

-  BasicBlock getABasicBlockSuccessor(BasicBlock bb) { result = bb.getABBSuccessor() }
+  BasicBlock getABasicBlockSuccessor(BasicBlock bb) { result = bb.getASuccessor() }

  private predicate id(ExprParent x, ExprParent y) { x = y }

  private predicate idOfAst(ExprParent x, int y) = equivalenceRelation(id/2)(x, y)

-  private predicate idOf(BasicBlock x, int y) { idOfAst(x.getAstNode(), y) }
+  private predicate idOf(BasicBlock x, int y) { idOfAst(x.getFirstNode().getAstNode(), y) }

  int getBlockId1(BasicBlock bb) { idOf(bb, result) }

--- a/java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll
@@ -321,14 +321,14 @@ private module Input implements TypeFlowInput<Location> {
   */
  private predicate instanceofDisjunct(InstanceOfExpr ioe, BasicBlock bb, BaseSsaVariable v) {
    ioe.getExpr() = v.getAUse() and
-    strictcount(bb.getABBPredecessor()) > 1 and
+    strictcount(bb.getAPredecessor()) > 1 and
    exists(ConditionBlock cb | cb.getCondition() = ioe and cb.getTestSuccessor(true) = bb)
  }

  /** Holds if `bb` is disjunctively guarded by multiple `instanceof` tests on `v`. */
  private predicate instanceofDisjunction(BasicBlock bb, BaseSsaVariable v) {
    strictcount(InstanceOfExpr ioe | instanceofDisjunct(ioe, bb, v)) =
-      strictcount(bb.getABBPredecessor())
+      strictcount(bb.getAPredecessor())
  }

  /**
@@ -338,7 +338,7 @@ private module Input implements TypeFlowInput<Location> {
  predicate instanceofDisjunctionGuarded(TypeFlowNode n, RefType t) {
    exists(BasicBlock bb, InstanceOfExpr ioe, BaseSsaVariable v, VarAccess va |
      instanceofDisjunction(bb, v) and
-      bb.bbDominates(va.getBasicBlock()) and
+      bb.dominates(va.getBasicBlock()) and
      va = v.getAUse() and
      instanceofDisjunct(ioe, bb, v) and
      t = ioe.getSyntacticCheckedType() and
--- a/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
@@ -145,7 +145,7 @@ private module BaseSsaImpl {
  /** Holds if `v` has an implicit definition at the entry, `b`, of the callable. */
  predicate hasEntryDef(BaseSsaSourceVariable v, BasicBlock b) {
    exists(LocalScopeVariable l, Callable c |
-      v = TLocalVar(c, l) and c.getBody().getControlFlowNode() = b
+      v = TLocalVar(c, l) and c.getBody().getBasicBlock() = b
    |
      l instanceof Parameter or
      l.getCallable() != c
@@ -157,15 +157,14 @@ private import BaseSsaImpl

 private module SsaInput implements SsaImplCommon::InputSig<Location> {
  private import java as J
-  private import semmle.code.java.controlflow.Dominance as Dom

  class BasicBlock = J::BasicBlock;

  class ControlFlowNode = J::ControlFlowNode;

-  BasicBlock getImmediateBasicBlockDominator(BasicBlock bb) { Dom::bbIDominates(result, bb) }
+  BasicBlock getImmediateBasicBlockDominator(BasicBlock bb) { result.immediatelyDominates(bb) }

-  BasicBlock getABasicBlockSuccessor(BasicBlock bb) { result = bb.getABBSuccessor() }
+  BasicBlock getABasicBlockSuccessor(BasicBlock bb) { result = bb.getASuccessor() }

  class SourceVariable = BaseSsaSourceVariable;

--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
@@ -83,12 +83,12 @@ private module CaptureInput implements VariableCapture::InputSig<Location> {

  class ControlFlowNode = J::ControlFlowNode;

-  BasicBlock getImmediateBasicBlockDominator(BasicBlock bb) { bbIDominates(result, bb) }
-
-  BasicBlock getABasicBlockSuccessor(BasicBlock bb) {
-    result = bb.(J::BasicBlock).getABBSuccessor()
+  BasicBlock getImmediateBasicBlockDominator(BasicBlock bb) {
+    result.(J::BasicBlock).immediatelyDominates(bb)
  }

+  BasicBlock getABasicBlockSuccessor(BasicBlock bb) { result = bb.(J::BasicBlock).getASuccessor() }
+
  //TODO: support capture of `this` in lambdas
  class CapturedVariable instanceof LocalScopeVariable {
    CapturedVariable() {
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
@@ -40,14 +40,14 @@ private module ThisFlow {

  private int lastRank(BasicBlock b) { result = max(int rankix | thisRank(_, b, rankix)) }

-  private predicate blockPrecedesThisAccess(BasicBlock b) { thisAccess(_, b.getABBSuccessor*(), _) }
+  private predicate blockPrecedesThisAccess(BasicBlock b) { thisAccess(_, b.getASuccessor*(), _) }

  private predicate thisAccessBlockReaches(BasicBlock b1, BasicBlock b2) {
-    thisAccess(_, b1, _) and b2 = b1.getABBSuccessor()
+    thisAccess(_, b1, _) and b2 = b1.getASuccessor()
    or
    exists(BasicBlock mid |
      thisAccessBlockReaches(b1, mid) and
-      b2 = mid.getABBSuccessor() and
+      b2 = mid.getASuccessor() and
      not thisAccess(_, mid, _) and
      blockPrecedesThisAccess(b2)
    )
--- a/java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
@@ -144,13 +144,13 @@ private predicate certainVariableUpdate(TrackedVar v, ControlFlowNode n, BasicBl
 pragma[nomagic]
 private predicate hasEntryDef(TrackedVar v, BasicBlock b) {
  exists(LocalScopeVariable l, Callable c |
-    v = TLocalVar(c, l) and c.getBody().getControlFlowNode() = b
+    v = TLocalVar(c, l) and c.getBody().getBasicBlock() = b
  |
    l instanceof Parameter or
    l.getCallable() != c
  )
  or
-  v instanceof SsaSourceField and v.getEnclosingCallable().getBody().getControlFlowNode() = b
+  v instanceof SsaSourceField and v.getEnclosingCallable().getBody().getBasicBlock() = b
 }

 /** Holds if `n` might update the locally tracked variable `v`. */
@@ -165,15 +165,14 @@ private predicate uncertainVariableUpdate(TrackedVar v, ControlFlowNode n, Basic

 private module SsaInput implements SsaImplCommon::InputSig<Location> {
  private import java as J
-  private import semmle.code.java.controlflow.Dominance as Dom

  class BasicBlock = J::BasicBlock;

  class ControlFlowNode = J::ControlFlowNode;

-  BasicBlock getImmediateBasicBlockDominator(BasicBlock bb) { Dom::bbIDominates(result, bb) }
+  BasicBlock getImmediateBasicBlockDominator(BasicBlock bb) { result.immediatelyDominates(bb) }

-  BasicBlock getABasicBlockSuccessor(BasicBlock bb) { result = bb.getABBSuccessor() }
+  BasicBlock getABasicBlockSuccessor(BasicBlock bb) { result = bb.getASuccessor() }

  class SourceVariable = SsaSourceVariable;

--- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionSpecific.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionSpecific.qll
@@ -19,7 +19,7 @@ private predicate id(BB::ExprParent x, BB::ExprParent y) { x = y }

 private predicate idOfAst(BB::ExprParent x, int y) = equivalenceRelation(id/2)(x, y)

-private predicate idOf(BasicBlock x, int y) { idOfAst(x.getAstNode(), y) }
+private predicate idOf(BasicBlock x, int y) { idOfAst(x.getFirstNode().getAstNode(), y) }

 private int getId(BasicBlock bb) { idOf(bb, result) }

--- a/java/ql/lib/semmle/code/java/security/AndroidWebViewCertificateValidationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/AndroidWebViewCertificateValidationQuery.qll
@@ -24,6 +24,6 @@ private class SslProceedCall extends MethodCall {
 /** Holds if `m` trusts all certificates by calling `SslErrorHandler.proceed` unconditionally. */
 predicate trustsAllCerts(OnReceivedSslErrorMethod m) {
  exists(SslProceedCall pr | pr.getQualifier().(VarAccess).getVariable() = m.handlerArg() |
-    pr.getBasicBlock().bbPostDominates(m.getBody().getBasicBlock())
+    pr.getBasicBlock().postDominates(m.getBody().getBasicBlock())
  )
 }
--- a/java/ql/lib/semmle/code/java/security/PathSanitizer.qll
+++ b/java/ql/lib/semmle/code/java/security/PathSanitizer.qll
@@ -21,7 +21,7 @@ private module ValidationMethod<DataFlow::guardChecksSig/3 validationGuard> {
      validationMethod(ma.getMethod(), pos) and
      ma.getArgument(pos) = rv and
      adjacentUseUseSameVar(rv, result.asExpr()) and
-      ma.getBasicBlock().bbDominates(result.asExpr().getBasicBlock())
+      ma.getBasicBlock().dominates(result.asExpr().getBasicBlock())
    )
  }

--- a/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll
@@ -168,7 +168,7 @@ private class FullyDecodesUrlBarrier extends DataFlow::Node {
    exists(Variable v, Expr e | this.asExpr() = v.getAnAccess() |
      fullyDecodesUrlGuard(e) and
      e = v.getAnAccess() and
-      e.getBasicBlock().bbDominates(this.asExpr().getBasicBlock())
+      e.getBasicBlock().dominates(this.asExpr().getBasicBlock())
    )
  }
 }
--- a/java/ql/lib/semmle/code/java/security/Validation.qll
+++ b/java/ql/lib/semmle/code/java/security/Validation.qll
@@ -40,16 +40,16 @@ private predicate validatedAccess(VarAccess va) {
      guardcall.getControlFlowNode() = node
    |
      exists(BasicBlock succ |
-        succ = node.getANormalSuccessor() and
+        succ.getFirstNode() = node.getANormalSuccessor() and
        dominatingEdge(node.getBasicBlock(), succ) and
-        succ.bbDominates(va.getBasicBlock())
+        succ.dominates(va.getBasicBlock())
      )
      or
      exists(BasicBlock bb, int i |
        bb.getNode(i) = node and
        bb.getNode(i + 1) = node.getANormalSuccessor()
      |
-        bb.bbStrictlyDominates(va.getBasicBlock()) or
+        bb.strictlyDominates(va.getBasicBlock()) or
        bb.getNode(any(int j | j > i)).asExpr() = va
      )
    )
--- a/Bugs/Concurrency/UnreleasedLock.ql
+++ b/Bugs/Concurrency/UnreleasedLock.ql
@@ -99,8 +99,8 @@ predicate failedLock(LockType t, BasicBlock lockblock, BasicBlock exblock) {
      )
    ) and
    (
-      lock.getAnExceptionSuccessor() = exblock or
-      lock.(ConditionNode).getAFalseSuccessor() = exblock
+      lock.getAnExceptionSuccessor() = exblock.getFirstNode() or
+      lock.(ConditionNode).getAFalseSuccessor() = exblock.getFirstNode()
    )
  )
 }
@@ -113,7 +113,7 @@ predicate heldByCurrentThreadCheck(LockType t, BasicBlock checkblock, BasicBlock
  exists(ConditionBlock conditionBlock |
    conditionBlock.getCondition() = t.getIsHeldByCurrentThreadAccess()
  |
-    conditionBlock.getBasicBlock() = checkblock and
+    conditionBlock = checkblock and
    conditionBlock.getTestSuccessor(false) = falsesucc
  )
 }
@@ -133,7 +133,7 @@ predicate variableLockStateCheck(LockType t, BasicBlock checkblock, BasicBlock f
    conditionBlock.getTestSuccessor(true) = t.getUnlockAccess().getBasicBlock() and
    conditionBlock.getCondition() = v
  |
-    conditionBlock.getBasicBlock() = checkblock and
+    conditionBlock = checkblock and
    conditionBlock.getTestSuccessor(false) = falsesucc
  )
 }
@@ -145,9 +145,7 @@ predicate variableLockStateCheck(LockType t, BasicBlock checkblock, BasicBlock f
 predicate blockIsLocked(LockType t, BasicBlock src, BasicBlock b, int locks) {
  lockUnlockBlock(t, b, locks) and src = b and locks > 0
  or
-  exists(BasicBlock pred, int predlocks, int curlocks, int failedlock |
-    pred = b.getABBPredecessor()
-  |
+  exists(BasicBlock pred, int predlocks, int curlocks, int failedlock | pred = b.getAPredecessor() |
    // The number of net locks from the `src` block to the predecessor block `pred` is `predlocks`.
    blockIsLocked(t, src, pred, predlocks) and
    // The recursive call ensures that at least one lock is held, so do not consider the false
--- a/Typos/NestedLoopsSameVariable.ql
+++ b/Typos/NestedLoopsSameVariable.ql
@@ -18,6 +18,6 @@ where
  iteration = inner.getAnIterationVariable() and
  iteration = outer.getAnIterationVariable() and
  inner.getEnclosingStmt+() = outer and
-  inner.getBasicBlock().getABBSuccessor+() = outer.getCondition().getBasicBlock()
+  inner.getBasicBlock().getASuccessor+() = outer.getCondition().getBasicBlock()
 select inner.getCondition(), "Nested for statement uses loop variable $@ of enclosing $@.",
  iteration, iteration.getName(), outer, "for statement"
--- a/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
+++ b/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id java/hardcoded-credential-api-call
 * @tags security
 *       external/cwe/cwe-798
--- a/java/ql/src/Violations
+++ b/java/ql/src/Violations
@@ -37,7 +37,7 @@ predicate overwritten(VariableUpdate upd) {
      bb1.getNode(i) = upd.getControlFlowNode() and
      bb2.getNode(j) = overwrite.getControlFlowNode()
    |
-      bb1.getABBSuccessor+() = bb2
+      bb1.getASuccessor+() = bb2
      or
      bb1 = bb2 and i < j
    )
--- a/Practice/Declarations/Common.qll
+++ b/Practice/Declarations/Common.qll
@@ -14,7 +14,7 @@ private predicate blockInSwitch(SwitchStmt s, BasicBlock b) {

 private predicate switchCaseControlFlow(SwitchStmt switch, BasicBlock b1, BasicBlock b2) {
  blockInSwitch(switch, b1) and
-  b1.getABBSuccessor() = b2 and
+  b1.getASuccessor() = b2 and
  blockInSwitch(switch, b2)
 }

--- a/java/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/java/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The query `java/hardcoded-credential-api-call` has been removed from all query suites.
--- a/java/ql/src/meta/ssa/UseWithoutUniqueSsaVariable.ql
+++ b/java/ql/src/meta/ssa/UseWithoutUniqueSsaVariable.ql
@@ -13,7 +13,7 @@ import semmle.code.java.dataflow.SSA

 class SsaConvertibleReadAccess extends VarRead {
  SsaConvertibleReadAccess() {
-    this.getEnclosingCallable().getBody().getBasicBlock().getABBSuccessor*() = this.getBasicBlock() and
+    this.getEnclosingCallable().getBody().getBasicBlock().getASuccessor*() = this.getBasicBlock() and
    (
      not exists(this.getQualifier())
      or
--- a/java/ql/test-kotlin1/library-tests/controlflow/basic/bbStrictDominance.ql
+++ b/java/ql/test-kotlin1/library-tests/controlflow/basic/bbStrictDominance.ql
@@ -1,6 +1,6 @@
-import default
+import java
 import semmle.code.java.controlflow.Dominance

 from BasicBlock b, BasicBlock b2
-where bbStrictlyDominates(b, b2)
+where b.strictlyDominates(b2)
 select b, b2
--- a/java/ql/test-kotlin1/library-tests/controlflow/basic/bbSuccessor.ql
+++ b/java/ql/test-kotlin1/library-tests/controlflow/basic/bbSuccessor.ql
@@ -1,5 +1,5 @@
-import default
+import java

 from BasicBlock b, BasicBlock b2
-where b.getABBSuccessor() = b2
+where b.getASuccessor() = b2
 select b, b2
--- a/java/ql/test-kotlin1/library-tests/controlflow/dominance/dominanceWrong.ql
+++ b/java/ql/test-kotlin1/library-tests/controlflow/dominance/dominanceWrong.ql
@@ -16,6 +16,6 @@ predicate dominanceCounterExample(ControlFlowNode entry, ControlFlowNode dom, Co

 from Callable c, ControlFlowNode dom, ControlFlowNode node
 where
-  (strictlyDominates(dom, node) or bbStrictlyDominates(dom, node)) and
+  strictlyDominates(dom, node) and
  dominanceCounterExample(c.getBody().getControlFlowNode(), dom, node)
 select c, dom, node
--- a/java/ql/test-kotlin2/library-tests/controlflow/basic/bbStrictDominance.ql
+++ b/java/ql/test-kotlin2/library-tests/controlflow/basic/bbStrictDominance.ql
@@ -1,6 +1,6 @@
-import default
+import java
 import semmle.code.java.controlflow.Dominance

 from BasicBlock b, BasicBlock b2
-where bbStrictlyDominates(b, b2)
+where b.strictlyDominates(b2)
 select b, b2
--- a/java/ql/test-kotlin2/library-tests/controlflow/basic/bbSuccessor.ql
+++ b/java/ql/test-kotlin2/library-tests/controlflow/basic/bbSuccessor.ql
@@ -1,5 +1,5 @@
-import default
+import java

 from BasicBlock b, BasicBlock b2
-where b.getABBSuccessor() = b2
+where b.getASuccessor() = b2
 select b, b2
--- a/java/ql/test-kotlin2/library-tests/controlflow/dominance/dominanceWrong.ql
+++ b/java/ql/test-kotlin2/library-tests/controlflow/dominance/dominanceWrong.ql
@@ -16,6 +16,6 @@ predicate dominanceCounterExample(ControlFlowNode entry, ControlFlowNode dom, Co

 from Callable c, ControlFlowNode dom, ControlFlowNode node
 where
-  (strictlyDominates(dom, node) or bbStrictlyDominates(dom, node)) and
+  strictlyDominates(dom, node) and
  dominanceCounterExample(c.getBody().getControlFlowNode(), dom, node)
 select c, dom, node
--- a/java/ql/test/library-tests/controlflow/basic/bbStrictDominance.ql
+++ b/java/ql/test/library-tests/controlflow/basic/bbStrictDominance.ql
@@ -1,6 +1,6 @@
-import default
+import java
 import semmle.code.java.controlflow.Dominance

 from BasicBlock b, BasicBlock b2
-where bbStrictlyDominates(b, b2)
+where b.strictlyDominates(b2)
 select b, b2
--- a/java/ql/test/library-tests/controlflow/basic/bbSuccessor.ql
+++ b/java/ql/test/library-tests/controlflow/basic/bbSuccessor.ql
@@ -1,5 +1,5 @@
-import default
+import java

 from BasicBlock b, BasicBlock b2
-where b.getABBSuccessor() = b2
+where b.getASuccessor() = b2
 select b, b2
--- a/java/ql/test/library-tests/controlflow/dominance/dominanceWrong.ql
+++ b/java/ql/test/library-tests/controlflow/dominance/dominanceWrong.ql
@@ -16,6 +16,6 @@ predicate dominanceCounterExample(ControlFlowNode entry, ControlFlowNode dom, Co

 from Callable c, ControlFlowNode dom, ControlFlowNode node
 where
-  (strictlyDominates(dom, node) or bbStrictlyDominates(dom, node)) and
+  strictlyDominates(dom, node) and
  dominanceCounterExample(c.getBody().getControlFlowNode(), dom, node)
 select c, dom, node
--- a/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected
+++ b/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected
@@ -75,7 +75,6 @@ ql/javascript/ql/src/Security/CWE-754/UnvalidatedDynamicMethodCall.ql
 ql/javascript/ql/src/Security/CWE-770/MissingRateLimiting.ql
 ql/javascript/ql/src/Security/CWE-770/ResourceExhaustion.ql
 ql/javascript/ql/src/Security/CWE-776/XmlBomb.ql
-ql/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/javascript/ql/src/Security/CWE-829/InsecureDownload.ql
 ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedDomain.ql
 ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedSource.ql
--- a/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
+++ b/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
@@ -144,7 +144,6 @@ ql/javascript/ql/src/Security/CWE-312/ActionsArtifactLeak.ql
 ql/javascript/ql/src/Security/CWE-312/BuildArtifactLeak.ql
 ql/javascript/ql/src/Security/CWE-312/CleartextLogging.ql
 ql/javascript/ql/src/Security/CWE-312/CleartextStorage.ql
-ql/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
 ql/javascript/ql/src/Security/CWE-326/InsufficientKeySize.ql
 ql/javascript/ql/src/Security/CWE-327/BadRandomness.ql
 ql/javascript/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql
@@ -173,7 +172,6 @@ ql/javascript/ql/src/Security/CWE-754/UnvalidatedDynamicMethodCall.ql
 ql/javascript/ql/src/Security/CWE-770/MissingRateLimiting.ql
 ql/javascript/ql/src/Security/CWE-770/ResourceExhaustion.ql
 ql/javascript/ql/src/Security/CWE-776/XmlBomb.ql
-ql/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/javascript/ql/src/Security/CWE-807/ConditionalBypass.ql
 ql/javascript/ql/src/Security/CWE-829/InsecureDownload.ql
 ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedDomain.ql
--- a/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected
+++ b/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected
@@ -59,7 +59,6 @@ ql/javascript/ql/src/Security/CWE-312/ActionsArtifactLeak.ql
 ql/javascript/ql/src/Security/CWE-312/BuildArtifactLeak.ql
 ql/javascript/ql/src/Security/CWE-312/CleartextLogging.ql
 ql/javascript/ql/src/Security/CWE-312/CleartextStorage.ql
-ql/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
 ql/javascript/ql/src/Security/CWE-326/InsufficientKeySize.ql
 ql/javascript/ql/src/Security/CWE-327/BadRandomness.ql
 ql/javascript/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql
@@ -88,7 +87,6 @@ ql/javascript/ql/src/Security/CWE-754/UnvalidatedDynamicMethodCall.ql
 ql/javascript/ql/src/Security/CWE-770/MissingRateLimiting.ql
 ql/javascript/ql/src/Security/CWE-770/ResourceExhaustion.ql
 ql/javascript/ql/src/Security/CWE-776/XmlBomb.ql
-ql/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/javascript/ql/src/Security/CWE-807/ConditionalBypass.ql
 ql/javascript/ql/src/Security/CWE-829/InsecureDownload.ql
 ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedDomain.ql
--- a/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected
+++ b/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected
@@ -53,7 +53,9 @@ ql/javascript/ql/src/RegExp/BackspaceEscape.ql
 ql/javascript/ql/src/RegExp/MalformedRegExp.ql
 ql/javascript/ql/src/Security/CWE-020/ExternalAPIsUsedWithUntrustedData.ql
 ql/javascript/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql
+ql/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
 ql/javascript/ql/src/Security/CWE-451/MissingXFrameOptions.ql
+ql/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/javascript/ql/src/Security/CWE-807/DifferentKindsComparisonBypass.ql
 ql/javascript/ql/src/Security/trest/test.ql
 ql/javascript/ql/src/Statements/EphemeralLoop.ql
--- a/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
+++ b/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
@@ -4,7 +4,7 @@
 * @kind problem
 * @problem.severity warning
 * @security-severity 7.5
- * @precision medium
+ * @precision low
 * @id js/password-in-configuration-file
 * @tags security
 *       external/cwe/cwe-256
--- a/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -5,7 +5,7 @@
 * @kind path-problem
 * @problem.severity warning
 * @security-severity 9.8
- * @precision high
+ * @precision low
 * @id js/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/javascript/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/javascript/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The queries `js/hardcoded-credentials` and `js/password-in-configuration-file` have been removed from all query suites.
--- a/python/ql/integration-tests/query-suite/not_included_in_qls.expected
+++ b/python/ql/integration-tests/query-suite/not_included_in_qls.expected
@@ -58,6 +58,7 @@ ql/python/ql/src/Metrics/NumberOfStatements.ql
 ql/python/ql/src/Metrics/TransitiveImports.ql
 ql/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.ql
 ql/python/ql/src/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.ql
+ql/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/python/ql/src/Statements/AssertLiteralConstant.ql
 ql/python/ql/src/Statements/C_StyleParentheses.ql
 ql/python/ql/src/Statements/DocStrings.ql
--- a/python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
+++ b/python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
@@ -133,7 +133,6 @@ ql/python/ql/src/Security/CWE-730/ReDoS.ql
 ql/python/ql/src/Security/CWE-730/RegexInjection.ql
 ql/python/ql/src/Security/CWE-732/WeakFilePermissions.ql
 ql/python/ql/src/Security/CWE-776/XmlBomb.ql
-ql/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/python/ql/src/Security/CWE-918/FullServerSideRequestForgery.ql
 ql/python/ql/src/Security/CWE-918/PartialServerSideRequestForgery.ql
 ql/python/ql/src/Security/CWE-943/NoSqlInjection.ql
--- a/python/ql/integration-tests/query-suite/python-security-extended.qls.expected
+++ b/python/ql/integration-tests/query-suite/python-security-extended.qls.expected
@@ -43,7 +43,6 @@ ql/python/ql/src/Security/CWE-730/ReDoS.ql
 ql/python/ql/src/Security/CWE-730/RegexInjection.ql
 ql/python/ql/src/Security/CWE-732/WeakFilePermissions.ql
 ql/python/ql/src/Security/CWE-776/XmlBomb.ql
-ql/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
 ql/python/ql/src/Security/CWE-918/FullServerSideRequestForgery.ql
 ql/python/ql/src/Security/CWE-918/PartialServerSideRequestForgery.ql
 ql/python/ql/src/Security/CWE-943/NoSqlInjection.ql
--- a/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id py/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/python/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/python/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The query `py/hardcoded-credentials` has been removed from all query suites.
--- a/ruby/ql/integration-tests/query-suite/not_included_in_qls.expected
+++ b/ruby/ql/integration-tests/query-suite/not_included_in_qls.expected
@@ -30,6 +30,7 @@ ql/ruby/ql/src/queries/metrics/FLinesOfCode.ql
 ql/ruby/ql/src/queries/metrics/FLinesOfComments.ql
 ql/ruby/ql/src/queries/modeling/GenerateModel.ql
 ql/ruby/ql/src/queries/security/cwe-732/WeakFilePermissions.ql
+ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
 ql/ruby/ql/src/queries/variables/UnusedParameter.ql
 ql/ruby/ql/src/utils/modeleditor/ApplicationModeEndpoints.ql
 ql/ruby/ql/src/utils/modeleditor/FrameworkModeAccessPaths.ql
--- a/ruby/ql/integration-tests/query-suite/ruby-security-and-quality.qls.expected
+++ b/ruby/ql/integration-tests/query-suite/ruby-security-and-quality.qls.expected
@@ -41,7 +41,6 @@ ql/ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql
 ql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql
 ql/ruby/ql/src/queries/security/cwe-611/Xxe.ql
 ql/ruby/ql/src/queries/security/cwe-732/WeakCookieConfiguration.ql
-ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
 ql/ruby/ql/src/queries/security/cwe-829/InsecureDownload.ql
 ql/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
 ql/ruby/ql/src/queries/security/cwe-915/MassAssignment.ql
--- a/ruby/ql/integration-tests/query-suite/ruby-security-extended.qls.expected
+++ b/ruby/ql/integration-tests/query-suite/ruby-security-extended.qls.expected
@@ -40,7 +40,6 @@ ql/ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql
 ql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql
 ql/ruby/ql/src/queries/security/cwe-611/Xxe.ql
 ql/ruby/ql/src/queries/security/cwe-732/WeakCookieConfiguration.ql
-ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
 ql/ruby/ql/src/queries/security/cwe-829/InsecureDownload.ql
 ql/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
 ql/ruby/ql/src/queries/security/cwe-915/MassAssignment.ql
--- a/ruby/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/ruby/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The query `rb/hardcoded-credentials` has been removed from all query suites.
--- a/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
+++ b/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id rb/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml
@@ -3,7 +3,7 @@ extensions:
      pack: codeql/rust-all
      extensible: sourceModel
    data:
-      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "crate::get", "ReturnValue.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "crate::get", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "crate::blocking::get", "ReturnValue.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
  - addsTo:
      pack: codeql/rust-all
@@ -15,10 +15,13 @@ extensions:
      pack: codeql/rust-all
      extensible: summaryModel
    data:
-      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::text", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
-      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::text_with_charset", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
-      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::bytes", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
-      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::chunk", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)]", "taint", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::text", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::text_with_charset", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::bytes", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::response::Response>::chunk", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)]", "taint", "manual"]
      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::blocking::response::Response>::text", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::blocking::response::Response>::text_with_charset", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::blocking::response::Response>::bytes", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::async_impl::response::Response>::text", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::async_impl::response::Response>::bytes", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "<crate::async_impl::response::Response>::chunk", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)]", "taint", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml
@@ -36,3 +36,4 @@ extensions:
      - ["lang:std", "crate::io::Read::chain", "Argument[0]", "ReturnValue", "taint", "manual"]
      - ["lang:std", "crate::io::Read::take", "Argument[self]", "ReturnValue", "taint", "manual"]
      - ["lang:std", "<crate::io::stdio::Stdin>::lock", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "<crate::io::Split as crate::iter::traits::iterator::Iterator>::next", "Argument[self]", "ReturnValue.Field[crate::option::Option::Some(0)].Field[crate::result::Result::Ok(0)]", "taint", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/stdlib/net.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/net.model.yml
@@ -0,0 +1,16 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["lang:std", "<crate::net::tcp::TcpStream>::connect", "ReturnValue.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
+      - ["lang:std", "<crate::net::tcp::TcpStream>::connect_timeout", "ReturnValue.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: summaryModel
+    data:
+      - ["lang:std", "<crate::net::tcp::TcpStream>::try_clone", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["lang:std", "<crate::net::tcp::TcpStream as crate::io::Read>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::net::tcp::TcpStream as crate::io::Read>::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::net::tcp::TcpStream as crate::io::Read>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::net::tcp::TcpStream as crate::io::Read>::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
@@ -0,0 +1,11 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::fs::read::read", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "file", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::fs::read_to_string::read_to_string", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "file", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::fs::read_link::read_link", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "file", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::fs::read_dir::DirEntry>::path", "ReturnValue", "file", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::fs::read_dir::DirEntry>::file_name", "ReturnValue", "file", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::fs::file::File>::open", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "file", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/tokio/io.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/tokio/io.model.yml
@@ -0,0 +1,51 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::stdin::stdin", "ReturnValue", "stdin", "manual"]
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: summaryModel
+    data:
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::buf_reader::BufReader>::new", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::fill_buf", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::buf_reader::BufReader>::buffer", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_line", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_until", "Argument[self]", "Argument[1].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::split", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::split::Split>::next_segment", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::lines", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::lines::Lines>::next_line", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_buf", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u8", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u8_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u16", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u16_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u32", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u32_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u64", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u64_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u128", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u128_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i8", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i8_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i16", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i16_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i32", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i32_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i64", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i64_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i128", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i128_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f32", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f32_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f64", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f64_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::chain", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::chain", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::take", "Argument[self]", "ReturnValue", "taint", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/tokio/net.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/tokio/net.model.yml
@@ -0,0 +1,14 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::net::tcp::stream::TcpStream>::connect", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "remote", "manual"]
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: summaryModel
+    data:
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::net::tcp::stream::TcpStream>::peek", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::net::tcp::stream::TcpStream>::try_read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::net::tcp::stream::TcpStream>::try_read_buf", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
--- a/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
+++ b/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
@@ -900,6 +900,10 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::<crate::io::stdio::StdinLock as crate::io::Read>::read | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::<crate::io::stdio::StdinLock as crate::io::Read>::read |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::<crate::io::stdio::StdinLock as crate::io::Read>::read_exact | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::<crate::io::stdio::StdinLock as crate::io::Read>::read_exact |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::<crate::io::stdio::StdinLock as crate::io::Read>::read_to_string | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::<crate::io::stdio::StdinLock as crate::io::Read>::read_to_string |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read_exact | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read_exact |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read_to_end | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read_to_end |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read_to_string | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::<crate::net::tcp::TcpStream as crate::io::Read>::read_to_string |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::crate::io::BufRead::read_line | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::crate::io::BufRead::read_line |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::crate::io::Read::read | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::crate::io::Read::read |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::crate::io::Read::read_exact | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::crate::io::Read::read_exact |
@@ -907,6 +911,15 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:std::_::crate::io::Read::read_to_string | &ref | file://:0:0:0:0 | [post] [summary param] 0 in lang:std::_::crate::io::Read::read_to_string |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/BurntSushi/memchr:memchr::_::crate::arch::generic::memchr::count_byte_by_byte | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/BurntSushi/memchr:memchr::_::crate::arch::generic::memchr::count_byte_by_byte |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/BurntSushi/memchr:memchr::_::crate::arch::generic::memchr::fwd_byte_by_byte | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/BurntSushi/memchr:memchr::_::crate::arch::generic::memchr::fwd_byte_by_byte |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::net::tcp::stream::TcpStream>::peek | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::net::tcp::stream::TcpStream>::peek |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::net::tcp::stream::TcpStream>::try_read | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::net::tcp::stream::TcpStream>::try_read |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::net::tcp::stream::TcpStream>::try_read_buf | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::net::tcp::stream::TcpStream>::try_read_buf |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_line | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_line |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_buf | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_buf |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_exact | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_exact |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_to_end | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_to_end |
+| file://:0:0:0:0 | [summary] to write: Argument[0].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_to_string | &ref | file://:0:0:0:0 | [post] [summary param] 0 in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_to_string |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference.Reference in lang:proc_macro::_::<&[u8] as crate::bridge::rpc::DecodeMut>::decode | &ref | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:proc_macro::_::<&[u8] as crate::bridge::rpc::DecodeMut>::decode |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference.Reference in lang:proc_macro::_::<u8 as crate::bridge::rpc::DecodeMut>::decode | &ref | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:proc_macro::_::<u8 as crate::bridge::rpc::DecodeMut>::decode |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Reference.Reference in lang:proc_macro::_::<u32 as crate::bridge::rpc::DecodeMut>::decode | &ref | file://:0:0:0:0 | [summary] to write: Argument[0].Reference in lang:proc_macro::_::<u32 as crate::bridge::rpc::DecodeMut>::decode |
@@ -950,6 +963,7 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: Argument[1].Reference in lang:core::_::<_ as crate::clone::uninit::CopySpec>::clone_one | &ref | file://:0:0:0:0 | [post] [summary param] 1 in lang:core::_::<_ as crate::clone::uninit::CopySpec>::clone_one |
 | file://:0:0:0:0 | [summary] to write: Argument[1].Reference in lang:std::_::crate::io::BufRead::read_until | &ref | file://:0:0:0:0 | [post] [summary param] 1 in lang:std::_::crate::io::BufRead::read_until |
 | file://:0:0:0:0 | [summary] to write: Argument[1].Reference in repo:https://github.com/tokio-rs/tokio:tokio-stream::_::<crate::result::Result as crate::stream_ext::collect::sealed::FromStreamPriv>::extend | &ref | file://:0:0:0:0 | [post] [summary param] 1 in repo:https://github.com/tokio-rs/tokio:tokio-stream::_::<crate::result::Result as crate::stream_ext::collect::sealed::FromStreamPriv>::extend |
+| file://:0:0:0:0 | [summary] to write: Argument[1].Reference in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_until | &ref | file://:0:0:0:0 | [post] [summary param] 1 in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_until |
 | file://:0:0:0:0 | [summary] to write: Argument[1].Reference.Field[crate::result::Result::Err(0)] in repo:https://github.com/tokio-rs/tokio:tokio-stream::_::<crate::result::Result as crate::stream_ext::collect::sealed::FromStreamPriv>::extend | Err | file://:0:0:0:0 | [summary] to write: Argument[1].Reference in repo:https://github.com/tokio-rs/tokio:tokio-stream::_::<crate::result::Result as crate::stream_ext::collect::sealed::FromStreamPriv>::extend |
 | file://:0:0:0:0 | [summary] to write: Argument[2].Parameter[0].Reference in lang:core::_::crate::cmp::max_by | &ref | file://:0:0:0:0 | [summary] to write: Argument[2].Parameter[0] in lang:core::_::crate::cmp::max_by |
 | file://:0:0:0:0 | [summary] to write: Argument[2].Parameter[0].Reference in lang:core::_::crate::cmp::max_by_key | &ref | file://:0:0:0:0 | [summary] to write: Argument[2].Parameter[0] in lang:core::_::crate::cmp::max_by_key |
@@ -1095,6 +1109,7 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::crate::iter::traits::iterator::Iterator::next | Some | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:core::_::crate::iter::traits::iterator::Iterator::next |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::crate::iter::traits::iterator::Iterator::nth | Some | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:core::_::crate::iter::traits::iterator::Iterator::nth |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:proc_macro::_::<crate::diagnostic::Children as crate::iter::traits::iterator::Iterator>::next | Some | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:proc_macro::_::<crate::diagnostic::Children as crate::iter::traits::iterator::Iterator>::next |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:std::_::<crate::io::Split as crate::iter::traits::iterator::Iterator>::next | Some | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:std::_::<crate::io::Split as crate::iter::traits::iterator::Iterator>::next |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in repo:https://github.com/BurntSushi/memchr:memchr::_::<crate::arch::aarch64::neon::memchr::One>::find_raw | Some | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/BurntSushi/memchr:memchr::_::<crate::arch::aarch64::neon::memchr::One>::find_raw |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in repo:https://github.com/BurntSushi/memchr:memchr::_::<crate::arch::aarch64::neon::memchr::Three>::find_raw | Some | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/BurntSushi/memchr:memchr::_::<crate::arch::aarch64::neon::memchr::Three>::find_raw |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in repo:https://github.com/BurntSushi/memchr:memchr::_::<crate::arch::aarch64::neon::memchr::Two>::find_raw | Some | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/BurntSushi/memchr:memchr::_::<crate::arch::aarch64::neon::memchr::Two>::find_raw |
@@ -1112,6 +1127,7 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)].Field[1] in lang:core::_::<crate::str::pattern::MatchOnly as crate::str::pattern::TwoWayStrategy>::matching | tuple.1 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::<crate::str::pattern::MatchOnly as crate::str::pattern::TwoWayStrategy>::matching |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)].Field[crate::result::Result::Err(0)] in lang:core::_::<crate::result::Result>::transpose | Err | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::<crate::result::Result>::transpose |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)].Field[crate::result::Result::Ok(0)] in lang:core::_::<crate::result::Result>::transpose | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::<crate::result::Result>::transpose |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)].Field[crate::result::Result::Ok(0)] in lang:std::_::<crate::io::Split as crate::iter::traits::iterator::Iterator>::next | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:std::_::<crate::io::Split as crate::iter::traits::iterator::Iterator>::next |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)].Reference in lang:core::_::<crate::option::Option as crate::convert::From>::from | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::<crate::option::Option as crate::convert::From>::from |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)].Reference in lang:core::_::<crate::option::Option>::as_mut | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::<crate::option::Option>::as_mut |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)].Reference in lang:core::_::<crate::option::Option>::as_ref | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::option::Option::Some(0)] in lang:core::_::<crate::option::Option>::as_ref |
@@ -1253,6 +1269,7 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:core::_::<str>::parse | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:core::_::<str>::parse |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:std::_::<&[u8] as crate::io::BufRead>::fill_buf | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:std::_::<&[u8] as crate::io::BufRead>::fill_buf |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:std::_::<crate::io::buffered::bufreader::BufReader as crate::io::BufRead>::fill_buf | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:std::_::<crate::io::buffered::bufreader::BufReader as crate::io::BufRead>::fill_buf |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:std::_::<crate::net::tcp::TcpStream>::try_clone | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:std::_::<crate::net::tcp::TcpStream>::try_clone |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:std::_::<crate::path::Path>::canonicalize | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:std::_::<crate::path::Path>::canonicalize |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:std::_::<crate::sync::poison::condvar::Condvar>::wait | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:std::_::<crate::sync::poison::condvar::Condvar>::wait |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:std::_::<crate::sync::poison::condvar::Condvar>::wait_timeout | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:std::_::<crate::sync::poison::condvar::Condvar>::wait_timeout |
@@ -1294,10 +1311,6 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text_with_charset | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text_with_charset |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::proxy::ProxyScheme as crate::proxy::IntoProxyScheme>::into_proxy_scheme | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::proxy::ProxyScheme as crate::proxy::IntoProxyScheme>::into_proxy_scheme |
-| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::bytes | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::bytes |
-| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk |
-| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text |
-| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text_with_charset | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text_with_charset |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/serde-rs/serde:serde::_::<crate::de::impls::BoolVisitor as crate::de::Visitor>::visit_bool | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/serde-rs/serde:serde::_::<crate::de::impls::BoolVisitor as crate::de::Visitor>::visit_bool |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/serde-rs/serde:serde::_::<crate::de::impls::BytesVisitor as crate::de::Visitor>::visit_borrowed_bytes | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/serde-rs/serde:serde::_::<crate::de::impls::BytesVisitor as crate::de::Visitor>::visit_borrowed_bytes |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/serde-rs/serde:serde::_::<crate::de::impls::CharVisitor as crate::de::Visitor>::visit_char | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/serde-rs/serde:serde::_::<crate::de::impls::CharVisitor as crate::de::Visitor>::visit_char |
@@ -1323,10 +1336,81 @@ storeStep
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)].Field[0] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::loom::std::parking_lot::Condvar>::wait_timeout | tuple.0 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::loom::std::parking_lot::Condvar>::wait_timeout |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)].Field[1] in repo::serde_test_suite::_::<crate::Enum as crate::de::EnumAccess>::variant_seed | tuple.1 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo::serde_test_suite::_::<crate::Enum as crate::de::EnumAccess>::variant_seed |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)] in lang:core::_::<crate::option::Option>::transpose | Some | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:core::_::<crate::option::Option>::transpose |
-| file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk | Some | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)].Reference in lang:core::_::<crate::result::Result>::as_mut | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:core::_::<crate::result::Result>::as_mut |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)].Reference in lang:core::_::<crate::result::Result>::as_ref | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in lang:core::_::<crate::result::Result>::as_ref |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)].Reference in repo:https://github.com/matklad/once_cell:once_cell::_::<crate::unsync::OnceCell>::try_insert | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue.Field[crate::result::Result::Ok(0)] in repo:https://github.com/matklad/once_cell:once_cell::_::<crate::unsync::OnceCell>::try_insert |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::bytes | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::bytes |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::chunk | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::chunk |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::text | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::text |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::bytes | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::bytes |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text_with_charset | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text_with_charset |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::lines::Lines>::next_line | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::lines::Lines>::next_line |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::split::Split>::next_segment | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::split::Split>::next_segment |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::fill_buf | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::fill_buf |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128 | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128_le | future | file://:0:0:0:0 | [summary] to write: ReturnValue in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::bytes | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::bytes |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::chunk | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::chunk |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::text | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::text |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::bytes | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::bytes |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text_with_charset | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::text_with_charset |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::lines::Lines>::next_line | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::lines::Lines>::next_line |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::split::Split>::next_segment | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::split::Split>::next_segment |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::fill_buf | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_buf_read_ext::AsyncBufReadExt::fill_buf |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f32_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_f64_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i8_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i16_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i32_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i64_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_i128_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u8_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u16_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u32_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u64_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128 | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128 |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128_le | Ok | file://:0:0:0:0 | [summary] to write: ReturnValue.Future in repo:https://github.com/tokio-rs/tokio:tokio::_::crate::io::util::async_read_ext::AsyncReadExt::read_u128_le |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::chunk | Some | file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::async_impl::response::Response>::chunk |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk | Some | file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::response::Response>::chunk |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::lines::Lines>::next_line | Some | file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::lines::Lines>::next_line |
+| file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::split::Split>::next_segment | Some | file://:0:0:0:0 | [summary] to write: ReturnValue.Future.Field[crate::result::Result::Ok(0)] in repo:https://github.com/tokio-rs/tokio:tokio::_::<crate::io::util::split::Split>::next_segment |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Reference in lang:alloc::_::<crate::borrow::Cow as crate::borrow::Borrow>::borrow | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:alloc::_::<crate::borrow::Cow as crate::borrow::Borrow>::borrow |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Reference in lang:alloc::_::<crate::boxed::Box as crate::borrow::Borrow>::borrow | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:alloc::_::<crate::boxed::Box as crate::borrow::Borrow>::borrow |
 | file://:0:0:0:0 | [summary] to write: ReturnValue.Reference in lang:alloc::_::<crate::boxed::Box as crate::borrow::BorrowMut>::borrow_mut | &ref | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:alloc::_::<crate::boxed::Box as crate::borrow::BorrowMut>::borrow_mut |
--- a/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/ExtractionConsistency.expected
+++ b/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/ExtractionConsistency.expected
--- a/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
+++ b/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
--- a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
+++ b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
@@ -20,34 +20,63 @@
 | test.rs:74:26:74:37 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | test.rs:77:26:77:37 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | test.rs:80:24:80:35 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
-| test.rs:112:35:112:46 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
-| test.rs:119:31:119:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
-| test.rs:205:31:205:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:210:31:210:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:215:22:215:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:221:22:221:25 | path | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:222:27:222:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:228:22:228:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:243:22:243:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:249:22:249:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:255:22:255:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:261:9:261:22 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:265:17:265:30 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:271:20:271:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:304:50:304:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:310:50:310:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:317:50:317:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:324:50:324:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:331:56:331:69 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:338:50:338:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:345:50:345:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:351:50:351:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:360:25:360:43 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:361:25:361:43 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:369:25:369:43 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:377:22:377:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:386:16:386:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
-| test.rs:386:16:386:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
+| test.rs:99:18:99:47 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:113:31:113:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:120:31:120:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:210:22:210:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:216:22:216:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:222:22:222:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:228:22:228:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:234:9:234:22 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:238:17:238:30 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:245:50:245:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:251:46:251:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:258:50:258:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:265:50:265:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:272:56:272:69 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:280:46:280:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:287:46:287:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:293:46:293:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:308:25:308:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:315:25:315:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:322:25:322:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:329:25:329:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:336:25:336:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:348:25:348:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:357:52:357:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:363:48:363:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:370:52:370:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:377:52:377:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:384:58:384:73 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:392:48:392:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:407:31:407:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:412:31:412:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:417:22:417:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:423:22:423:25 | path | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:424:27:424:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:430:22:430:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:439:31:439:45 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:444:31:444:45 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:449:22:449:46 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:455:26:455:29 | path | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:455:26:455:29 | path | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:456:31:456:39 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:456:31:456:39 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:462:22:462:41 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:472:20:472:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:506:21:506:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:507:21:507:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:515:21:515:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:527:20:527:40 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:574:21:574:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:575:21:575:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:583:21:583:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:600:26:600:53 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:619:26:619:61 | ...::connect_timeout | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:671:28:671:57 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:753:22:753:49 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
+| test.rs:775:16:775:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
+| test.rs:775:16:775:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
 | web_frameworks.rs:12:31:12:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | web_frameworks.rs:12:31:12:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | web_frameworks.rs:21:31:21:35 | TuplePat | Flow source 'RemoteSource' of type remote (DEFAULT). |
--- a/rust/ql/test/library-tests/dataflow/sources/options.yml
+++ b/rust/ql/test/library-tests/dataflow/sources/options.yml
@@ -7,6 +7,7 @@ qltest_dependencies:
    - http = { version = "1.2.0" }
    - tokio = { version = "1.43.0", features = ["full"] }
    - futures = { version = "0.3" }
+    - bytes = { version = "1.10.1" }
    - poem = { version = "3.1.10" }
    - serde = { version = "1.0.219" }
    - actix-web = { version = "4.10.2" }
--- a/rust/ql/test/library-tests/dataflow/sources/test.rs
+++ b/rust/ql/test/library-tests/dataflow/sources/test.rs
@@ -72,14 +72,15 @@ async fn test_reqwest() -> Result<(), reqwest::Error> {
    sink(remote_string4); // $ hasTaintFlow="example.com"

    let remote_string5 = reqwest::get("example.com").await?.text().await?; // $ Alert[rust/summary/taint-sources]
-    sink(remote_string5); // $ MISSING: hasTaintFlow
+    sink(remote_string5); // $ hasTaintFlow="example.com"

    let remote_string6 = reqwest::get("example.com").await?.bytes().await?; // $ Alert[rust/summary/taint-sources]
-    sink(remote_string6); // $ MISSING: hasTaintFlow
+    sink(remote_string6); // $ hasTaintFlow="example.com"

    let mut request1 = reqwest::get("example.com").await?; // $ Alert[rust/summary/taint-sources]
+    sink(request1.chunk().await?.unwrap()); // $ hasTaintFlow="example.com"
    while let Some(chunk) = request1.chunk().await? {
-        sink(chunk); // $ MISSING: hasTaintFlow
+        sink(chunk); // $ MISSING: hasTaintFlow="example.com"
    }

    Ok(())
@@ -95,7 +96,7 @@ async fn test_hyper_http(case: i64) -> Result<(), Box<dyn std::error::Error>> {

    // create the connection
    println!("connecting to {}...", address);
-    let stream = tokio::net::TcpStream::connect(address).await?;
+    let stream = tokio::net::TcpStream::connect(address).await?; // $ Alert[rust/summary/taint-sources]
    let io = hyper_util::rt::TokioIo::new(stream);
    let (mut sender, conn) = hyper::client::conn::http1::handshake(io).await?;

@@ -106,10 +107,10 @@ async fn test_hyper_http(case: i64) -> Result<(), Box<dyn std::error::Error>> {

    // make the request
    println!("sending request...");
-    if (case == 0) {
+    if case == 0 {
        // simple flow case
        let request = http::Request::builder().uri(url).body(String::from(""))?;
-        let mut response = sender.send_request(request).await?; // $ Alert[rust/summary/taint-sources]
+        let response = sender.send_request(request).await?; // $ Alert[rust/summary/taint-sources]
        sink(&response); // $ hasTaintFlow=request
        sink(response); // $ hasTaintFlow=request
        return Ok(())
@@ -198,6 +199,207 @@ async fn test_hyper_http(case: i64) -> Result<(), Box<dyn std::error::Error>> {
    Ok(())
 }

+use std::io::Read;
+use std::io::BufRead;
+
+fn test_io_stdin() -> std::io::Result<()> {
+    // --- stdin ---
+
+    {
+        let mut buffer = [0u8; 100];
+        let _bytes = std::io::stdin().read(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let _bytes = std::io::stdin().read_to_end(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let _bytes = std::io::stdin().read_to_string(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let _bytes = std::io::stdin().lock().read_to_string(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut buffer = [0; 100];
+        std::io::stdin().read_exact(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    for byte in std::io::stdin().bytes() { // $ Alert[rust/summary/taint-sources]
+        sink(byte); // $ hasTaintFlow
+    }
+
+    // --- BufReader ---
+
+    {
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        let data = reader.fill_buf()?;
+        sink(&data); // $ hasTaintFlow
+    }
+
+    {
+        let reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        let data = reader.buffer();
+        sink(&data); // $ hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        reader.read_line(&mut buffer)?;
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        reader.read_until(b',', &mut buffer)?;
+        sink(&buffer); // $ hasTaintFlow
+        sink(buffer[0]); // $ hasTaintFlow
+    }
+
+    {
+        let mut reader_split = std::io::BufReader::new(std::io::stdin()).split(b','); // $ Alert[rust/summary/taint-sources]
+        sink(reader_split.next().unwrap().unwrap()); // $ hasTaintFlow
+        while let Some(chunk) = reader_split.next() {
+            sink(chunk.unwrap()); // $ MISSING: hasTaintFlow
+        }
+    }
+
+    {
+        let reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        for line in reader.lines() {
+            sink(line); // $ hasTaintFlow
+        }
+    }
+
+    {
+        let reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        let line = reader.lines().nth(1).unwrap();
+        sink(line.unwrap().clone()); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        let lines: Vec<_> = reader.lines().collect();
+        sink(lines[1].as_ref().unwrap().clone()); // $ MISSING: hasTaintFlow
+    }
+
+    Ok(())
+}
+
+use tokio::io::{AsyncReadExt, AsyncBufReadExt};
+
+async fn test_tokio_stdin() -> Result<(), Box<dyn std::error::Error>> {
+
+    // --- async reading from stdin ---
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
+        let mut buffer = [0u8; 100];
+        let _bytes = stdin.read(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
+        let mut buffer = Vec::<u8>::new();
+        let _bytes = stdin.read_to_end(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
+        let mut buffer = String::new();
+        let _bytes = stdin.read_to_string(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
+        let mut buffer = [0; 100];
+        stdin.read_exact(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
+        let v1 = stdin.read_u8().await?;
+        let v2 = stdin.read_i16().await?;
+        let v3 = stdin.read_f32().await?;
+        let v4 = stdin.read_i64_le().await?;
+        sink(v1); // $ hasTaintFlow
+        sink(v2); // $ hasTaintFlow
+        sink(v3); // $ hasTaintFlow
+        sink(v4); // $ hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
+        let mut buffer = bytes::BytesMut::new();
+        stdin.read_buf(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    // --- async reading from stdin (BufReader) ---
+
+    {
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        let data = reader.fill_buf().await?;
+        sink(&data); // $ hasTaintFlow
+    }
+
+    {
+        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        let data = reader.buffer();
+        sink(&data); // $ hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        reader.read_line(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        reader.read_until(b',', &mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow
+        sink(buffer[0]); // $ hasTaintFlow
+    }
+
+    {
+        let mut reader_split = tokio::io::BufReader::new(tokio::io::stdin()).split(b','); // $ Alert[rust/summary/taint-sources]
+        sink(reader_split.next_segment().await?.unwrap()); // $ hasTaintFlow
+        while let Some(chunk) = reader_split.next_segment().await? {
+            sink(chunk); // $ MISSING: hasTaintFlow
+        }
+    }
+
+    {
+        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
+        let mut lines = reader.lines();
+        sink(lines.next_line().await?.unwrap()); // $ hasTaintFlow
+        while let Some(line) = lines.next_line().await? {
+            sink(line); // $ MISSING: hasTaintFlow
+        }
+    }
+
+    Ok(())
+}
+
 use std::fs;

 fn test_fs() -> Result<(), Box<dyn std::error::Error>> {
@@ -232,40 +434,39 @@ fn test_fs() -> Result<(), Box<dyn std::error::Error>> {
    Ok(())
 }

-use std::io::Read;
-use std::io::BufRead;
-
-fn test_io_fs() -> std::io::Result<()> {
-    // --- stdin ---
-
+async fn test_tokio_fs() -> Result<(), Box<dyn std::error::Error>> {
    {
-        let mut buffer = [0u8; 100];
-        let _bytes = std::io::stdin().read(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
-        sink(&buffer); // $ hasTaintFlow
+        let buffer: Vec<u8> = tokio::fs::read("file.bin").await?; // $ Alert[rust/summary/taint-sources]
+        sink(buffer); // $ hasTaintFlow="file.bin"
    }

    {
-        let mut buffer = Vec::<u8>::new();
-        let _bytes = std::io::stdin().read_to_end(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        let buffer: Vec<u8> = tokio::fs::read("file.bin").await?; // $ Alert[rust/summary/taint-sources]
+        sink(buffer); // $ hasTaintFlow="file.bin"
    }

    {
-        let mut buffer = String::new();
-        let _bytes = std::io::stdin().read_to_string(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
-        sink(&buffer); // $ hasTaintFlow
+        let buffer = tokio::fs::read_to_string("file.txt").await?; // $ Alert[rust/summary/taint-sources]
+        sink(buffer); // $ hasTaintFlow="file.txt"
+    }
+
+    let mut read_dir = tokio::fs::read_dir("directory").await?;
+    for entry in read_dir.next_entry().await? {
+        let path = entry.path(); // $ Alert[rust/summary/taint-sources]
+        let file_name = entry.file_name(); // $ Alert[rust/summary/taint-sources]
+        sink(path); // $ hasTaintFlow
+        sink(file_name); // $ hasTaintFlow
    }

    {
-        let mut buffer = [0; 100];
-        std::io::stdin().read_exact(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
-        sink(&buffer); // $ hasTaintFlow
+        let target = tokio::fs::read_link("symlink.txt").await?; // $ Alert[rust/summary/taint-sources]
+        sink(target); // $ hasTaintFlow="symlink.txt"
    }

-    for byte in std::io::stdin().bytes() { // $ Alert[rust/summary/taint-sources]
-        sink(byte); // $ hasTaintFlow
-    }
+    Ok(())
+}

+fn test_io_file() -> std::io::Result<()> {
    // --- file ---

    let mut file = std::fs::File::open("file.txt")?; // $ Alert[rust/summary/taint-sources]
@@ -298,67 +499,12 @@ fn test_io_fs() -> std::io::Result<()> {
        sink(byte); // $ hasTaintFlow="file.txt"
    }

-    // --- BufReader ---
-
-    {
-        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
-        let data = reader.fill_buf()?;
-        sink(&data); // $ hasTaintFlow
-    }
-
-    {
-        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
-        let data = reader.buffer();
-        sink(&data); // $ hasTaintFlow
-    }
-
-    {
-        let mut buffer = String::new();
-        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
-        reader.read_line(&mut buffer)?;
-        sink(&buffer); // $ hasTaintFlow
-    }
-
-    {
-        let mut buffer = Vec::<u8>::new();
-        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
-        reader.read_until(b',', &mut buffer)?;
-        sink(&buffer); // $ hasTaintFlow
-    }
-
-    {
-        let mut buffer = Vec::<u8>::new();
-        let mut reader_split = std::io::BufReader::new(std::io::stdin()).split(b','); // $ Alert[rust/summary/taint-sources]
-        while let Some(chunk) = reader_split.next() {
-            sink(chunk.unwrap()); // $ MISSING: hasTaintFlow
-        }
-    }
-
-    {
-        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
-        for line in reader.lines() {
-            sink(line); // $ hasTaintFlow
-        }
-    }
-
-    {
-        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
-        let line = reader.lines().nth(1).unwrap();
-        sink(line.unwrap().clone()); // $ MISSING: hasTaintFlow
-    }
-
-    {
-        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
-        let lines: Vec<_> = reader.lines().collect();
-        sink(lines[1].as_ref().unwrap().clone()); // $ MISSING: hasTaintFlow
-    }
-
    // --- misc operations ---

    {
        let mut buffer = String::new();
-        let mut file1 = std::fs::File::open("file.txt")?; // $ Alert[rust/summary/taint-sources]
-        let mut file2 = std::fs::File::open("another_file.txt")?; // $ Alert[rust/summary/taint-sources]
+        let file1 = std::fs::File::open("file.txt")?; // $ Alert[rust/summary/taint-sources]
+        let file2 = std::fs::File::open("another_file.txt")?; // $ Alert[rust/summary/taint-sources]
        let mut reader = file1.chain(file2);
        reader.read_to_string(&mut buffer)?;
        sink(&buffer); // $ hasTaintFlow="file.txt" hasTaintFlow="another_file.txt"
@@ -366,18 +512,261 @@ fn test_io_fs() -> std::io::Result<()> {

    {
        let mut buffer = String::new();
-        let mut file1 = std::fs::File::open("file.txt")?; // $ Alert[rust/summary/taint-sources]
+        let file1 = std::fs::File::open("file.txt")?; // $ Alert[rust/summary/taint-sources]
        let mut reader = file1.take(100);
        reader.read_to_string(&mut buffer)?;
        sink(&buffer); // $ hasTaintFlow="file.txt"
    }

+    Ok(())
+}
+
+async fn test_tokio_file() -> std::io::Result<()> {
+    // --- file ---
+
+    let mut file = tokio::fs::File::open("file.txt").await?; // $ Alert[rust/summary/taint-sources]
+
+    {
+        let mut buffer = [0u8; 100];
+        let _bytes = file.read(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow="file.txt"
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let _bytes = file.read_to_end(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow="file.txt"
+    }
+
    {
        let mut buffer = String::new();
-        let _bytes = std::io::stdin().lock().read_to_string(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
-        sink(&buffer); // $ hasTaintFlow
+        let _bytes = file.read_to_string(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow="file.txt"
    }

+    {
+        let mut buffer = [0; 100];
+        file.read_exact(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow="file.txt"
+    }
+
+    {
+        let v1 = file.read_u8().await?;
+        let v2 = file.read_i16().await?;
+        let v3 = file.read_f32().await?;
+        let v4 = file.read_i64_le().await?;
+        sink(v1); // $ hasTaintFlow="file.txt"
+        sink(v2); // $ hasTaintFlow="file.txt"
+        sink(v3); // $ hasTaintFlow="file.txt"
+        sink(v4); // $ hasTaintFlow="file.txt"
+    }
+
+    {
+        let mut buffer = bytes::BytesMut::new();
+        file.read_buf(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow="file.txt"
+    }
+
+    // --- misc operations ---
+
+    {
+        let mut buffer = String::new();
+        let file1 = tokio::fs::File::open("file.txt").await?; // $ Alert[rust/summary/taint-sources]
+        let file2 = tokio::fs::File::open("another_file.txt").await?; // $ Alert[rust/summary/taint-sources]
+        let mut reader = file1.chain(file2);
+        reader.read_to_string(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow="file.txt" hasTaintFlow="another_file.txt"
+    }
+
+    {
+        let mut buffer = String::new();
+        let file1 = tokio::fs::File::open("file.txt").await?; // $ Alert[rust/summary/taint-sources]
+        let mut reader = file1.take(100);
+        reader.read_to_string(&mut buffer).await?;
+        sink(&buffer); // $ hasTaintFlow="file.txt"
+    }
+
+    Ok(())
+}
+
+use std::net::ToSocketAddrs;
+
+async fn test_std_tcpstream(case: i64) -> std::io::Result<()> {
+    // using std::net to fetch a web page
+    let address = "example.com:80";
+
+    if case == 1 {
+        // create the connection
+        let mut stream = std::net::TcpStream::connect(address)?; // $ Alert[rust/summary/taint-sources]
+
+        // send request
+        let _ = stream.write_all(b"GET / HTTP/1.1\nHost:example.com\n\n");
+
+        // read response
+        let mut buffer = vec![0; 32 * 1024];
+        let _ = stream.read(&mut buffer);
+
+        println!("data = {:?}", buffer);
+        sink(&buffer); // $ hasTaintFlow=address
+        sink(buffer[0]); // $ hasTaintFlow=address
+
+        let buffer_string = String::from_utf8_lossy(&buffer);
+        println!("string = {}", buffer_string);
+        sink(buffer_string); // $ MISSING: hasTaintFlow
+    } else {
+        // create the connection
+        let sock_addr = address.to_socket_addrs().unwrap().next().unwrap();
+        let mut stream = std::net::TcpStream::connect_timeout(&sock_addr, std::time::Duration::new(1, 0))?; // $ Alert[rust/summary/taint-sources]
+
+        // send request
+        let _ = stream.write_all(b"GET / HTTP/1.1\nHost:example.com\n\n");
+
+        // read response
+        match case {
+            2 => {
+                let mut reader = std::io::BufReader::new(stream).take(256);
+                let mut line = String::new();
+                loop {
+                    match reader.read_line(&mut line) {
+                        Ok(0) => {
+                            println!("end");
+                            break;
+                        }
+                        Ok(_n) => {
+                            println!("line = {}", line);
+                            sink(&line); // $ hasTaintFlow=&sock_addr
+                            line.clear();
+                        }
+                        Err(e) => {
+                            println!("error: {}", e);
+                            break;
+                        }
+                    }
+                }
+            }
+            3 => {
+                let reader = std::io::BufReader::new(stream.try_clone()?).take(256);
+                for line in reader.lines() { // $ MISSING: Alert[rust/summary/taint-sources]
+                    if let Ok(string) = line {
+                        println!("line = {}", string);
+                        sink(string); // $ MISSING: hasTaintFlow
+                    }
+                }
+            }
+            _ => {}
+        }
+    }
+
+    Ok(())
+}
+
+use tokio::io::AsyncWriteExt;
+
+async fn test_tokio_tcpstream(case: i64) -> std::io::Result<()> {
+    // using tokio::io to fetch a web page
+    let address = "example.com:80";
+
+    // create the connection
+    println!("connecting to {}...", address);
+    let mut tokio_stream = tokio::net::TcpStream::connect(address).await?; // $ Alert[rust/summary/taint-sources]
+
+    // send request
+    tokio_stream.write_all(b"GET / HTTP/1.1\nHost:example.com\n\n").await?;
+
+    if case == 1 {
+        // peek response
+        let mut buffer1 = vec![0; 2 * 1024];
+        let _ = tokio_stream.peek(&mut buffer1).await?;
+
+        // read response
+        let mut buffer2 = vec![0; 2 * 1024];
+        let n2 = tokio_stream.read(&mut buffer2).await?;
+
+        println!("buffer1 = {:?}", buffer1);
+        sink(&buffer1); // $ hasTaintFlow=address
+        sink(buffer1[0]); // $ hasTaintFlow=address
+
+        println!("buffer2 = {:?}", buffer2);
+        sink(&buffer2); // $ hasTaintFlow=address
+        sink(buffer2[0]); // $ hasTaintFlow=address
+
+        let buffer_string = String::from_utf8_lossy(&buffer2[..n2]);
+        println!("string = {}", buffer_string);
+        sink(buffer_string); // $ MISSING: hasTaintFlow
+    } else if case == 2 {
+        let mut buffer = [0; 2 * 1024];
+        loop {
+            match tokio_stream.try_read(&mut buffer) {
+                Ok(0) => {
+                    println!("end");
+                    break;
+                }
+                Ok(_n) => {
+                    println!("buffer = {:?}", buffer);
+                    sink(&buffer); // $ hasTaintFlow=address
+                    break; // (or we could wait for more data)
+                }
+                Err(ref e) if e.kind() == std::io::ErrorKind::WouldBlock => {
+                    // wait...
+                    continue;
+                }
+                Err(e) => {
+                    println!("error: {}", e);
+                    break;
+                }
+            }
+        }
+    } else {
+        let mut buffer = Vec::new();
+        loop {
+            match tokio_stream.try_read_buf(&mut buffer) {
+                Ok(0) => {
+                    println!("end");
+                    break;
+                }
+                Ok(_n) => {
+                    println!("buffer = {:?}", buffer);
+                    sink(&buffer); // $ hasTaintFlow=address
+                    break; // (or we could wait for more data)
+                }
+                Err(ref e) if e.kind() == std::io::ErrorKind::WouldBlock => {
+                    // wait...
+                    continue;
+                }
+                Err(e) => {
+                    println!("error: {}", e);
+                    break;
+                }
+            }
+        }
+    }
+
+    Ok(())
+}
+
+async fn test_std_to_tokio_tcpstream() -> std::io::Result<()> {
+    // using tokio::io to fetch a web page
+    let address = "example.com:80";
+
+    // create the connection
+    println!("connecting to {}...", address);
+    let std_stream = std::net::TcpStream::connect(address)?; // $ Alert[rust/summary/taint-sources]
+
+    // convert to tokio stream
+    std_stream.set_nonblocking(true)?;
+    let mut tokio_stream = tokio::net::TcpStream::from_std(std_stream)?;
+
+    // send request
+    tokio_stream.write_all(b"GET / HTTP/1.1\nHost:example.com\n\n").await?;
+
+    // read response
+    let mut buffer = vec![0; 32 * 1024];
+    let _n = tokio_stream.read(&mut buffer).await?; // $ MISSING: Alert[rust/summary/taint-sources]
+
+    println!("data = {:?}", buffer);
+    sink(&buffer); // $ MISSING: hasTaintFlow
+    sink(buffer[0]); // $ MISSING: hasTaintFlow
+
    Ok(())
 }

@@ -385,12 +774,80 @@ fn test_io_fs() -> std::io::Result<()> {
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let case = std::env::args().nth(1).unwrap_or(String::from("1")).parse::<i64>().unwrap(); // $ Alert[rust/summary/taint-sources]

+    println!("test_env_vars...");
+    test_env_vars();
+
+    println!("test_env_args...");
+    test_env_args();
+
+    println!("test_env_dirs...");
+    test_env_dirs();
+
+    println!("test_reqwest...");
+    match futures::executor::block_on(test_reqwest()) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
    println!("test_hyper_http...");
    match futures::executor::block_on(test_hyper_http(case)) {
        Ok(_) => println!("complete"),
        Err(e) => println!("error: {}", e),
    }
-    println!("");
+
+    println!("test_io_stdin...");
+    match test_io_stdin() {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_tokio_stdin...");
+    match futures::executor::block_on(test_tokio_stdin()) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_fs...");
+    match test_fs() {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_tokio_fs...");
+    match futures::executor::block_on(test_tokio_fs()) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_io_file...");
+    match test_io_file() {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_tokio_file...");
+    match futures::executor::block_on(test_tokio_file()) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_std_tcpstream...");
+    match futures::executor::block_on(test_std_tcpstream(case)) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_tokio_tcpstream...");
+    match futures::executor::block_on(test_tokio_tcpstream(case)) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_std_to_tokio_tcpstream...");
+    match futures::executor::block_on(test_std_to_tokio_tcpstream()) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
+    }

    Ok(())
 }
--- a/shared/controlflow/codeql/controlflow/BasicBlock.qll
+++ b/shared/controlflow/codeql/controlflow/BasicBlock.qll
@@ -51,23 +51,11 @@ signature module InputSig<LocationSig Location> {
 module Make<LocationSig Location, InputSig<Location> Input> {
  private import Input

-  final class BasicBlock = BasicBlockImpl;
-
-  private Node nodeGetAPredecessor(Node node, SuccessorType s) {
-    nodeGetASuccessor(result, s) = node
-  }
-
-  /** Holds if this node has more than one predecessor. */
-  private predicate nodeIsJoin(Node node) { strictcount(nodeGetAPredecessor(node, _)) > 1 }
-
-  /** Holds if this node has more than one successor. */
-  private predicate nodeIsBranch(Node node) { strictcount(nodeGetASuccessor(node, _)) > 1 }
-
  /**
   * A basic block, that is, a maximal straight-line sequence of control flow nodes
   * without branches or joins.
   */
-  private class BasicBlockImpl extends TBasicBlockStart {
+  final class BasicBlock extends TBasicBlockStart {
    /** Gets the CFG scope of this basic block. */
    CfgScope getScope() { result = nodeGetCfgScope(this.getFirstNode()) }

@@ -78,9 +66,7 @@ module Make<LocationSig Location, InputSig<Location> Input> {
    BasicBlock getASuccessor() { result = this.getASuccessor(_) }

    /** Gets an immediate successor of this basic block of a given type, if any. */
-    BasicBlock getASuccessor(SuccessorType t) {
-      result.getFirstNode() = nodeGetASuccessor(this.getLastNode(), t)
-    }
+    BasicBlock getASuccessor(SuccessorType t) { bbSuccessor(this, result, t) }

    /** Gets an immediate predecessor of this basic block, if any. */
    BasicBlock getAPredecessor() { result.getASuccessor(_) = this }
@@ -259,6 +245,10 @@ module Make<LocationSig Location, InputSig<Location> Input> {
   * only be reached from the entry block by going through `(bb1, bb2)`. This
   * implies that `(bb1, bb2)` dominates its endpoint `bb2`. I.e., `bb2` can
   * only be reached from the entry block by going via `(bb1, bb2)`.
+   *
+   * This is a necessary and sufficient condition for an edge to dominate some
+   * block, and therefore `dominatingEdge(bb1, bb2) and bb2.dominates(bb3)`
+   * means that the edge `(bb1, bb2)` dominates `bb3`.
   */
  pragma[nomagic]
  predicate dominatingEdge(BasicBlock bb1, BasicBlock bb2) {
@@ -285,6 +275,16 @@ module Make<LocationSig Location, InputSig<Location> Input> {

  cached
  private module Cached {
+    private Node nodeGetAPredecessor(Node node, SuccessorType s) {
+      nodeGetASuccessor(result, s) = node
+    }
+
+    /** Holds if this node has more than one predecessor. */
+    private predicate nodeIsJoin(Node node) { strictcount(nodeGetAPredecessor(node, _)) > 1 }
+
+    /** Holds if this node has more than one successor. */
+    private predicate nodeIsBranch(Node node) { strictcount(nodeGetASuccessor(node, _)) > 1 }
+
    /**
     * Internal representation of basic blocks. A basic block is represented
     * by its first CFG node.
@@ -341,11 +341,19 @@ module Make<LocationSig Location, InputSig<Location> Input> {
    cached
    Node getNode(BasicBlock bb, int pos) { bbIndex(bb.getFirstNode(), result, pos) }

+    /** Holds if `bb` is an entry basic block. */
+    private predicate entryBB(BasicBlock bb) { nodeIsDominanceEntry(bb.getFirstNode()) }
+
+    cached
+    predicate bbSuccessor(BasicBlock bb1, BasicBlock bb2, SuccessorType t) {
+      bb2.getFirstNode() = nodeGetASuccessor(bb1.getLastNode(), t)
+    }
+
    /**
     * Holds if the first node of basic block `succ` is a control flow
     * successor of the last node of basic block `pred`.
     */
-    private predicate succBB(BasicBlock pred, BasicBlock succ) { pred.getASuccessor(_) = succ }
+    private predicate succBB(BasicBlock pred, BasicBlock succ) { bbSuccessor(pred, succ, _) }

    /** Holds if `dom` is an immediate dominator of `bb`. */
    cached
@@ -365,7 +373,4 @@ module Make<LocationSig Location, InputSig<Location> Input> {
  }

  private import Cached
-
-  /** Holds if `bb` is an entry basic block. */
-  private predicate entryBB(BasicBlock bb) { nodeIsDominanceEntry(bb.getFirstNode()) }
 }
--- a/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll
+++ b/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll
@@ -146,7 +146,7 @@ signature module Semantic<LocationSig Location> {

  class BasicBlock {
    /** Holds if this block (transitively) dominates `otherblock`. */
-    predicate bbDominates(BasicBlock otherBlock);
+    predicate dominates(BasicBlock otherBlock);
  }

  /** Gets an immediate successor of basic block `bb`, if any. */
--- a/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll
+++ b/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll
@@ -205,7 +205,7 @@ module MakeUtils<LocationSig Location, Semantic<Location> Lang, DeltaSig D> {
  predicate backEdge(SsaPhiNode phi, SsaVariable inp, SsaReadPositionPhiInputEdge edge) {
    edge.phiInput(phi, inp) and
    (
-      phi.getBasicBlock().bbDominates(edge.getOrigBlock()) or
+      phi.getBasicBlock().dominates(edge.getOrigBlock()) or
      irreducibleSccEdge(edge.getOrigBlock(), phi.getBasicBlock())
    )
  }
@@ -227,7 +227,7 @@ module MakeUtils<LocationSig Location, Semantic<Location> Lang, DeltaSig D> {

  private predicate trimmedEdge(BasicBlock pred, BasicBlock succ) {
    getABasicBlockSuccessor(pred) = succ and
-    not succ.bbDominates(pred)
+    not succ.dominates(pred)
  }

  /**
--- a/swift/ql/integration-tests/posix/query-suite/not_included_in_qls.expected
+++ b/swift/ql/integration-tests/posix/query-suite/not_included_in_qls.expected
@@ -1,5 +1,7 @@
 ql/swift/ql/src/AlertSuppression.ql
 ql/swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.ql
+ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
+ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
 ql/swift/ql/src/queries/Summary/FlowSources.ql
 ql/swift/ql/src/queries/Summary/QuerySinks.ql
 ql/swift/ql/src/queries/Summary/RegexEvals.ql
--- a/swift/ql/integration-tests/posix/query-suite/swift-code-scanning.qls.expected
+++ b/swift/ql/integration-tests/posix/query-suite/swift-code-scanning.qls.expected
@@ -14,12 +14,10 @@ ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
 ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
 ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
 ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
-ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
 ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
 ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
 ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
 ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
-ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
 ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
 ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
 ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
--- a/swift/ql/integration-tests/posix/query-suite/swift-security-and-quality.qls.expected
+++ b/swift/ql/integration-tests/posix/query-suite/swift-security-and-quality.qls.expected
@@ -15,12 +15,10 @@ ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
 ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
 ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
 ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
-ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
 ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
 ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
 ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
 ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
-ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
 ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
 ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
 ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
--- a/swift/ql/integration-tests/posix/query-suite/swift-security-extended.qls.expected
+++ b/swift/ql/integration-tests/posix/query-suite/swift-security-extended.qls.expected
@@ -15,12 +15,10 @@ ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
 ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
 ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
 ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
-ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
 ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
 ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
 ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
 ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
-ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
 ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
 ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
 ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
--- a/swift/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/swift/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The queries `swift/hardcoded-key` and `swift/constant-password` have been removed from all query suites.
--- a/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
+++ b/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 6.8
- * @precision high
+ * @precision low
 * @id swift/constant-password
 * @tags security
 *       external/cwe/cwe-259
--- a/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
+++ b/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 8.1
- * @precision high
+ * @precision low
 * @id swift/hardcoded-key
 * @tags security
 *       external/cwe/cwe-321