patch upper-case acronyms to be PascalCase

2025-12-21 03:06:31 +01:00 · 2022-03-11 11:10:33 +01:00
parent e3a15792fa
commit 69353bb014
422 changed files with 3532 additions and 2244 deletions
--- a/java/ql/src/Frameworks/Spring/Architecture/Refactoring
+++ b/java/ql/src/Frameworks/Spring/Architecture/Refactoring
@@ -100,7 +100,7 @@ class SpringPureClass extends Class {
      // Setter method by autowiring, either in the XML or by annotation
      c = this.getAMethod().(SpringBeanAutowiredCallable)
      or
-      c = this.getAMethod().(SpringBeanXMLAutowiredSetterMethod)
+      c = this.getAMethod().(SpringBeanXmlAutowiredSetterMethod)
    )
  }
 }
@@ -189,7 +189,7 @@ class LiveSpringBean extends SpringBean {
      )
      or
      // Injected by autowired specified in XML
-      exists(SpringBeanXMLAutowiredSetterMethod setterMethod |
+      exists(SpringBeanXmlAutowiredSetterMethod setterMethod |
        // The config method must be on a live bean
        setterMethod.getDeclaringType().(SpringBeanRefType).getSpringBean() instanceof
          LiveSpringBean
--- a/java/ql/src/Frameworks/Spring/Violations
+++ b/java/ql/src/Frameworks/Spring/Violations
@@ -51,7 +51,7 @@ class SpringPropertyUseShortcut extends SpringProperty {
  }
 }

-from SpringXMLElement springElement, string msg
+from SpringXmlElement springElement, string msg
 where
  exists(SpringConstructorArgUseShortcut cons | cons = springElement and msg = cons.getMessage())
  or
--- a/Bugs/Termination/ConstantLoopCondition.ql
+++ b/Bugs/Termination/ConstantLoopCondition.ql
@@ -74,8 +74,8 @@ where
  ) and
  // None of the ssa variables in `cond` are updated inside the loop.
  forex(SsaVariable ssa, RValue use | ssa.getAUse() = use and use.getParent*() = cond |
-    not ssa.getCFGNode().getEnclosingStmt().getEnclosingStmt*() = loop or
-    ssa.getCFGNode().(Expr).getParent*() = loop.(ForStmt).getAnInit()
+    not ssa.getCfgNode().getEnclosingStmt().getEnclosingStmt*() = loop or
+    ssa.getCfgNode().(Expr).getParent*() = loop.(ForStmt).getAnInit()
  ) and
  // And `cond` does not use method calls, field reads, or array reads.
  not exists(MethodAccess ma | ma.getParent*() = cond) and
--- a/java/ql/src/Security/CWE/CWE-020/ExternalAPIsUsedWithUntrustedData.ql
+++ b/java/ql/src/Security/CWE/CWE-020/ExternalAPIsUsedWithUntrustedData.ql
@@ -12,7 +12,7 @@ import java
 import semmle.code.java.security.ExternalAPIs
 import semmle.code.java.dataflow.DataFlow

-from ExternalAPIUsedWithUntrustedData externalAPI
-select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses,
-  externalAPI.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
+from ExternalApiUsedWithUntrustedData externalApi
+select externalApi, count(externalApi.getUntrustedDataNode()) as numberOfUses,
+  externalApi.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
    numberOfUntrustedSources desc
--- a/java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql
+++ b/java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql
@@ -15,8 +15,8 @@ import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.security.ExternalAPIs
 import DataFlow::PathGraph

-from UntrustedDataToExternalAPIConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
+from UntrustedDataToExternalApiConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
 where config.hasFlowPath(source, sink)
 select sink, source, sink,
-  "Call to " + sink.getNode().(ExternalAPIDataNode).getMethodDescription() +
+  "Call to " + sink.getNode().(ExternalApiDataNode).getMethodDescription() +
    " with untrusted data from $@.", source, source.toString()
--- a/java/ql/src/Security/CWE/CWE-079/XSS.ql
+++ b/java/ql/src/Security/CWE/CWE-079/XSS.ql
@@ -16,8 +16,8 @@ import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.security.XSS
 import DataFlow::PathGraph

-class XSSConfig extends TaintTracking::Configuration {
-  XSSConfig() { this = "XSSConfig" }
+class XssConfig extends TaintTracking::Configuration {
+  XssConfig() { this = "XSSConfig" }

  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }

@@ -32,7 +32,7 @@ class XSSConfig extends TaintTracking::Configuration {
  }
 }

-from DataFlow::PathNode source, DataFlow::PathNode sink, XSSConfig conf
+from DataFlow::PathNode source, DataFlow::PathNode sink, XssConfig conf
 where conf.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "Cross-site scripting vulnerability due to $@.",
  source.getNode(), "user-provided value"
--- a/java/ql/src/Security/CWE/CWE-079/XSSLocal.ql
+++ b/java/ql/src/Security/CWE/CWE-079/XSSLocal.ql
@@ -16,15 +16,15 @@ import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.security.XSS
 import DataFlow::PathGraph

-class XSSLocalConfig extends TaintTracking::Configuration {
-  XSSLocalConfig() { this = "XSSLocalConfig" }
+class XssLocalConfig extends TaintTracking::Configuration {
+  XssLocalConfig() { this = "XSSLocalConfig" }

  override predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }

  override predicate isSink(DataFlow::Node sink) { sink instanceof XssSink }
 }

-from DataFlow::PathNode source, DataFlow::PathNode sink, XSSLocalConfig conf
+from DataFlow::PathNode source, DataFlow::PathNode sink, XssLocalConfig conf
 where conf.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "Cross-site scripting vulnerability due to $@.",
  source.getNode(), "user-provided value"
--- a/java/ql/src/Security/CWE/CWE-319/UseSSL.ql
+++ b/java/ql/src/Security/CWE/CWE-319/UseSSL.ql
@@ -14,8 +14,8 @@ import java
 import semmle.code.java.dataflow.TypeFlow
 import semmle.code.java.security.Encryption

-class URLConnection extends RefType {
-  URLConnection() {
+class UrlConnection extends RefType {
+  UrlConnection() {
    this.getAnAncestor().hasQualifiedName("java.net", "URLConnection") and
    not this.hasName("JarURLConnection")
  }
@@ -29,7 +29,7 @@ from MethodAccess m, Class c, string type
 where
  m.getQualifier().getType() = c and
  (
-    c instanceof URLConnection and type = "connection"
+    c instanceof UrlConnection and type = "connection"
    or
    c instanceof Socket and type = "socket"
  ) and
--- a/java/ql/src/Security/CWE/CWE-611/XXE.ql
+++ b/java/ql/src/Security/CWE/CWE-611/XXE.ql
@@ -19,10 +19,10 @@ import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.dataflow.TaintTracking2
 import DataFlow::PathGraph

-class SafeSAXSourceFlowConfig extends TaintTracking2::Configuration {
-  SafeSAXSourceFlowConfig() { this = "XmlParsers::SafeSAXSourceFlowConfig" }
+class SafeSaxSourceFlowConfig extends TaintTracking2::Configuration {
+  SafeSaxSourceFlowConfig() { this = "XmlParsers::SafeSAXSourceFlowConfig" }

-  override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeSAXSource }
+  override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeSaxSource }

  override predicate isSink(DataFlow::Node sink) {
    sink.asExpr() = any(XmlParserCall parse).getSink()
@@ -33,7 +33,7 @@ class SafeSAXSourceFlowConfig extends TaintTracking2::Configuration {

 class UnsafeXxeSink extends DataFlow::ExprNode {
  UnsafeXxeSink() {
-    not exists(SafeSAXSourceFlowConfig safeSource | safeSource.hasFlowTo(this)) and
+    not exists(SafeSaxSourceFlowConfig safeSource | safeSource.hasFlowTo(this)) and
    exists(XmlParserCall parse |
      parse.getSink() = this.getExpr() and
      not parse.isSafe()
--- a/java/ql/src/Telemetry/ExternalAPI.qll
+++ b/java/ql/src/Telemetry/ExternalAPI.qll
@@ -12,8 +12,8 @@ private import semmle.code.java.dataflow.TaintTracking
 /**
 * An external API from either the Java Standard Library or a 3rd party library.
 */
-class ExternalAPI extends Callable {
-  ExternalAPI() { not this.fromSource() }
+class ExternalApi extends Callable {
+  ExternalApi() { not this.fromSource() }

  /** Holds if this API is not worth supporting */
  predicate isUninteresting() { this.isTestLibrary() or this.isParameterlessConstructor() }
@@ -80,6 +80,9 @@ class ExternalAPI extends Callable {
  predicate isSupported() { this.hasSummary() or this.isSource() or this.isSink() }
 }

+/** DEPRECATED: Alias for ExternalApi */
+deprecated class ExternalAPI = ExternalApi;
+
 private class TestLibrary extends RefType {
  TestLibrary() {
    this.getPackage()
--- a/java/ql/src/Telemetry/ExternalLibraryUsage.ql
+++ b/java/ql/src/Telemetry/ExternalLibraryUsage.ql
@@ -12,7 +12,7 @@ import ExternalAPI
 from int usages, string jarname
 where
  usages =
-    strictcount(Call c, ExternalAPI a |
+    strictcount(Call c, ExternalApi a |
      c.getCallee().getSourceDeclaration() = a and
      not c.getFile() instanceof GeneratedFile and
      a.jarContainer() = jarname and
--- a/java/ql/src/Telemetry/SupportedExternalSinks.ql
+++ b/java/ql/src/Telemetry/SupportedExternalSinks.ql
@@ -10,7 +10,7 @@ import java
 import ExternalAPI
 import semmle.code.java.GeneratedFiles

-from ExternalAPI api, int usages
+from ExternalApi api, int usages
 where
  not api.isUninteresting() and
  api.isSink() and
--- a/java/ql/src/Telemetry/SupportedExternalSources.ql
+++ b/java/ql/src/Telemetry/SupportedExternalSources.ql
@@ -10,7 +10,7 @@ import java
 import ExternalAPI
 import semmle.code.java.GeneratedFiles

-from ExternalAPI api, int usages
+from ExternalApi api, int usages
 where
  not api.isUninteresting() and
  api.isSource() and
--- a/java/ql/src/Telemetry/SupportedExternalTaint.ql
+++ b/java/ql/src/Telemetry/SupportedExternalTaint.ql
@@ -10,7 +10,7 @@ import java
 import ExternalAPI
 import semmle.code.java.GeneratedFiles

-from ExternalAPI api, int usages
+from ExternalApi api, int usages
 where
  not api.isUninteresting() and
  api.hasSummary() and
--- a/java/ql/src/Telemetry/UnsupportedExternalAPIs.ql
+++ b/java/ql/src/Telemetry/UnsupportedExternalAPIs.ql
@@ -10,7 +10,7 @@ import java
 import ExternalAPI
 import semmle.code.java.GeneratedFiles

-from ExternalAPI api, int usages
+from ExternalApi api, int usages
 where
  not api.isUninteresting() and
  not api.isSupported() and
--- a/java/ql/src/Violations
+++ b/java/ql/src/Violations
@@ -44,8 +44,8 @@ predicate overwritten(SsaExplicitUpdate ssa) {
    not deadLocal(overwrite) and
    not overwrite.getDefiningExpr() instanceof LocalVariableDeclExpr and
    exists(BasicBlock bb1, BasicBlock bb2, int i, int j |
-      bb1.getNode(i) = ssa.getCFGNode() and
-      bb2.getNode(j) = overwrite.getCFGNode()
+      bb1.getNode(i) = ssa.getCfgNode() and
+      bb2.getNode(j) = overwrite.getCfgNode()
    |
      bb1.getABBSuccessor+() = bb2
      or
--- a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql
@@ -16,8 +16,8 @@ import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.dataflow.ExternalFlow
 import DataFlow::PathGraph

-class URLConstructor extends ClassInstanceExpr {
-  URLConstructor() { this.getConstructor().getDeclaringType() instanceof TypeUrl }
+class UrlConstructor extends ClassInstanceExpr {
+  UrlConstructor() { this.getConstructor().getDeclaringType() instanceof TypeUrl }

  Expr stringArg() {
    // Query only in URL's that were constructed by calling the single parameter string constructor.
@@ -27,28 +27,28 @@ class URLConstructor extends ClassInstanceExpr {
  }
 }

-class URLOpenStreamMethod extends Method {
-  URLOpenStreamMethod() {
+class UrlOpenStreamMethod extends Method {
+  UrlOpenStreamMethod() {
    this.getDeclaringType() instanceof TypeUrl and
    this.getName() = "openStream"
  }
 }

-class RemoteURLToOpenStreamFlowConfig extends TaintTracking::Configuration {
-  RemoteURLToOpenStreamFlowConfig() { this = "OpenStream::RemoteURLToOpenStreamFlowConfig" }
+class RemoteUrlToOpenStreamFlowConfig extends TaintTracking::Configuration {
+  RemoteUrlToOpenStreamFlowConfig() { this = "OpenStream::RemoteURLToOpenStreamFlowConfig" }

  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }

  override predicate isSink(DataFlow::Node sink) {
    exists(MethodAccess m |
-      sink.asExpr() = m.getQualifier() and m.getMethod() instanceof URLOpenStreamMethod
+      sink.asExpr() = m.getQualifier() and m.getMethod() instanceof UrlOpenStreamMethod
    )
    or
    sinkNode(sink, "url-open-stream")
  }

  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
-    exists(URLConstructor u |
+    exists(UrlConstructor u |
      node1.asExpr() = u.stringArg() and
      node2.asExpr() = u
    )
@@ -58,6 +58,6 @@ class RemoteURLToOpenStreamFlowConfig extends TaintTracking::Configuration {
 from DataFlow::PathNode source, DataFlow::PathNode sink, MethodAccess call
 where
  sink.getNode().asExpr() = call.getQualifier() and
-  any(RemoteURLToOpenStreamFlowConfig c).hasFlowPath(source, sink)
+  any(RemoteUrlToOpenStreamFlowConfig c).hasFlowPath(source, sink)
 select call, source, sink,
  "URL on which openStream is called may have been constructed from remote source"
--- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
+++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
@@ -45,7 +45,7 @@ class ListType extends RefType {
 }

 /** Holds if the specified `method` uses MyBatis Mapper XMLElement `mmxx`. */
-predicate myBatisMapperXMLElementFromMethod(Method method, MyBatisMapperXMLElement mmxx) {
+predicate myBatisMapperXmlElementFromMethod(Method method, MyBatisMapperXmlElement mmxx) {
  exists(MyBatisMapperSqlOperation mbmxe | mbmxe.getMapperMethod() = method |
    mbmxe.getAChild*() = mmxx
    or
@@ -56,6 +56,9 @@ predicate myBatisMapperXMLElementFromMethod(Method method, MyBatisMapperXMLEleme
  )
 }

+/** DEPRECATED: Alias for myBatisMapperXmlElementFromMethod */
+deprecated predicate myBatisMapperXMLElementFromMethod = myBatisMapperXmlElementFromMethod/2;
+
 /** Holds if the specified `method` has Ibatis Sql operation annotation `isoa`. */
 predicate myBatisSqlOperationAnnotationFromMethod(Method method, IbatisSqlOperationAnnotation isoa) {
  exists(MyBatisSqlOperationAnnotationMethod msoam |
--- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql
@@ -45,11 +45,11 @@ private class MyBatisMapperXmlSqlInjectionConfiguration extends TaintTracking::C

 from
  MyBatisMapperXmlSqlInjectionConfiguration cfg, DataFlow::PathNode source, DataFlow::PathNode sink,
-  MyBatisMapperXMLElement mmxe, MethodAccess ma, string unsafeExpression
+  MyBatisMapperXmlElement mmxe, MethodAccess ma, string unsafeExpression
 where
  cfg.hasFlowPath(source, sink) and
  ma.getAnArgument() = sink.getNode().asExpr() and
-  myBatisMapperXMLElementFromMethod(ma.getMethod(), mmxe) and
+  myBatisMapperXmlElementFromMethod(ma.getMethod(), mmxe) and
  unsafeExpression = getAMybatisXmlSetValue(mmxe) and
  (
    isMybatisXmlOrAnnotationSqlInjection(sink.getNode(), ma, unsafeExpression)
--- a/java/ql/src/experimental/Security/CWE/CWE-1004/InsecureTomcatConfig.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-1004/InsecureTomcatConfig.ql
@@ -17,10 +17,10 @@ private class HttpOnlyConfig extends WebContextParameter {

  string getParamValueElementValue() { result = this.getParamValue().getValue() }

-  predicate isHTTPOnlySet() { this.getParamValueElementValue().toLowerCase() = "false" }
+  predicate isHttpOnlySet() { this.getParamValueElementValue().toLowerCase() = "false" }
 }

 from HttpOnlyConfig config
-where config.isHTTPOnlySet()
+where config.isHttpOnlySet()
 select config,
  "httpOnly should be enabled in tomcat config file to help mitigate cross-site scripting (XSS) attacks"
--- a/java/ql/src/experimental/Security/CWE/CWE-548/InsecureDirectoryConfig.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-548/InsecureDirectoryConfig.ql
@@ -27,7 +27,7 @@ private class DefaultTomcatServlet extends WebServletClass {
 /**
 * The `<init-param>` element in a `web.xml` file, nested under a `<servlet>` element controlling directory listing.
 */
-class DirectoryListingInitParam extends WebXMLElement {
+class DirectoryListingInitParam extends WebXmlElement {
  DirectoryListingInitParam() {
    this.getName() = "init-param" and
    this.getAChild("param-name").getTextValue() = "listings" and
--- a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.ql
@@ -23,7 +23,7 @@ class UnsafeUrlForwardFlowConfig extends TaintTracking::Configuration {
    not exists(MethodAccess ma, Method m | ma.getMethod() = m |
      (
        m instanceof HttpServletRequestGetRequestURIMethod or
-        m instanceof HttpServletRequestGetRequestURLMethod or
+        m instanceof HttpServletRequestGetRequestUrlMethod or
        m instanceof HttpServletRequestGetPathMethod
      ) and
      ma = source.asExpr()
--- a/java/ql/src/experimental/Security/CWE/CWE-611/XXELib.qll
+++ b/java/ql/src/experimental/Security/CWE/CWE-611/XXELib.qll
@@ -204,17 +204,20 @@ private class SafeDigesterFlowConfig extends DataFlow4::Configuration {
  override int fieldFlowBranchLimit() { result = 0 }
 }

-/** The class `java.beans.XMLDecoder`. */
-class XMLDecoder extends RefType {
-  XMLDecoder() { this.hasQualifiedName("java.beans", "XMLDecoder") }
+/** The class `java.beans.XmlDecoder`. */
+class XmlDecoder extends RefType {
+  XmlDecoder() { this.hasQualifiedName("java.beans", "XMLDecoder") }
 }

-/** A call to `XMLDecoder.readObject`. */
-class XMLDecoderReadObject extends XmlParserCall {
-  XMLDecoderReadObject() {
+/** DEPRECATED: Alias for XmlDecoder */
+deprecated class XMLDecoder = XmlDecoder;
+
+/** A call to `XmlDecoder.readObject`. */
+class XmlDecoderReadObject extends XmlParserCall {
+  XmlDecoderReadObject() {
    exists(Method m |
      this.getMethod() = m and
-      m.getDeclaringType() instanceof XMLDecoder and
+      m.getDeclaringType() instanceof XmlDecoder and
      m.hasName("readObject")
    )
  }
@@ -224,6 +227,9 @@ class XMLDecoderReadObject extends XmlParserCall {
  override predicate isSafe() { none() }
 }

+/** DEPRECATED: Alias for XmlDecoderReadObject */
+deprecated class XMLDecoderReadObject = XmlDecoderReadObject;
+
 private predicate constantStringExpr(Expr e, string val) {
  e.(CompileTimeConstantExpr).getStringValue() = val
  or
@@ -235,8 +241,8 @@ private predicate constantStringExpr(Expr e, string val) {
 }

 /** A call to `SAXTransformerFactory.newTransformerHandler`. */
-class SAXTransformerFactoryNewTransformerHandler extends XmlParserCall {
-  SAXTransformerFactoryNewTransformerHandler() {
+class SaxTransformerFactoryNewTransformerHandler extends XmlParserCall {
+  SaxTransformerFactoryNewTransformerHandler() {
    exists(Method m |
      this.getMethod() = m and
      m.getDeclaringType().hasQualifiedName("javax.xml.transform.sax", "SAXTransformerFactory") and
@@ -251,6 +257,10 @@ class SAXTransformerFactoryNewTransformerHandler extends XmlParserCall {
  }
 }

+/** DEPRECATED: Alias for SaxTransformerFactoryNewTransformerHandler */
+deprecated class SAXTransformerFactoryNewTransformerHandler =
+  SaxTransformerFactoryNewTransformerHandler;
+
 /** An expression that always has the same string value. */
 private class ConstantStringExpr extends Expr {
  string value;
--- a/java/ql/src/experimental/semmle/code/java/PathSanitizer.qll
+++ b/java/ql/src/experimental/semmle/code/java/PathSanitizer.qll
@@ -102,7 +102,7 @@ private class BlockListBarrierGuard extends PathTraversalBarrierGuard instanceof
 * A guard that considers a string safe because it is checked for URL encoding sequences,
 * having previously been checked against a block-list of forbidden values.
 */
-private class URLEncodingBarrierGuard extends PathTraversalBarrierGuard instanceof UrlEncodingGuard {
+private class UrlEncodingBarrierGuard extends PathTraversalBarrierGuard instanceof UrlEncodingGuard {
  override predicate checks(Expr e, boolean branch) {
    e = super.getCheckedExpr() and
    branch = false and
--- a/java/ql/src/experimental/semmle/code/xml/StrutsXML.qll
+++ b/java/ql/src/experimental/semmle/code/xml/StrutsXML.qll
@@ -3,18 +3,21 @@ import java
 /**
 * A deployment descriptor file, typically called `struts.xml`.
 */
-class StrutsXMLFile extends XMLFile {
-  StrutsXMLFile() {
+class StrutsXmlFile extends XMLFile {
+  StrutsXmlFile() {
    count(XMLElement e | e = this.getAChild()) = 1 and
    this.getAChild().getName() = "struts"
  }
 }

+/** DEPRECATED: Alias for StrutsXmlFile */
+deprecated class StrutsXMLFile = StrutsXmlFile;
+
 /**
 * An XML element in a `StrutsXMLFile`.
 */
-class StrutsXMLElement extends XMLElement {
-  StrutsXMLElement() { this.getFile() instanceof StrutsXMLFile }
+class StrutsXmlElement extends XMLElement {
+  StrutsXmlElement() { this.getFile() instanceof StrutsXmlFile }

  /**
   * Gets the value for this element, with leading and trailing whitespace trimmed.
@@ -22,10 +25,13 @@ class StrutsXMLElement extends XMLElement {
  string getValue() { result = this.allCharactersString().trim() }
 }

+/** DEPRECATED: Alias for StrutsXmlElement */
+deprecated class StrutsXMLElement = StrutsXmlElement;
+
 /**
 * A `<constant>` element in a `StrutsXMLFile`.
 */
-class ConstantParameter extends StrutsXMLElement {
+class ConstantParameter extends StrutsXmlElement {
  ConstantParameter() { this.getName() = "constant" }

  /**
--- a/java/ql/src/meta/ssa/AmbiguousToString.ql
+++ b/java/ql/src/meta/ssa/AmbiguousToString.ql
@@ -22,6 +22,6 @@ where
    or
    multipleToString(ssa) and problem = "SSA variable with multiple 'toString()' results for "
  ) and
-  n = ssa.getCFGNode() and
+  n = ssa.getCfgNode() and
  v = ssa.getSourceVariable().getVariable()
 select n, problem + v
--- a/java/ql/src/semmle/code/xml/MyBatisMapperXML.qll
+++ b/java/ql/src/semmle/code/xml/MyBatisMapperXML.qll
@@ -7,18 +7,21 @@ import java
 /**
 * MyBatis Mapper XML file.
 */
-class MyBatisMapperXMLFile extends XMLFile {
-  MyBatisMapperXMLFile() {
+class MyBatisMapperXmlFile extends XMLFile {
+  MyBatisMapperXmlFile() {
    count(XMLElement e | e = this.getAChild()) = 1 and
    this.getAChild().getName() = "mapper"
  }
 }

+/** DEPRECATED: Alias for MyBatisMapperXmlFile */
+deprecated class MyBatisMapperXMLFile = MyBatisMapperXmlFile;
+
 /**
 * An XML element in a `MyBatisMapperXMLFile`.
 */
-class MyBatisMapperXMLElement extends XMLElement {
-  MyBatisMapperXMLElement() { this.getFile() instanceof MyBatisMapperXMLFile }
+class MyBatisMapperXmlElement extends XMLElement {
+  MyBatisMapperXmlElement() { this.getFile() instanceof MyBatisMapperXmlFile }

  /**
   * Gets the value for this element, with leading and trailing whitespace trimmed.
@@ -33,10 +36,13 @@ class MyBatisMapperXMLElement extends XMLElement {
  }
 }

+/** DEPRECATED: Alias for MyBatisMapperXmlElement */
+deprecated class MyBatisMapperXMLElement = MyBatisMapperXmlElement;
+
 /**
 * An MyBatis Mapper sql operation element.
 */
-abstract class MyBatisMapperSqlOperation extends MyBatisMapperXMLElement {
+abstract class MyBatisMapperSqlOperation extends MyBatisMapperXmlElement {
  /**
   * Gets the value of the `id` attribute of MyBatis Mapper sql operation element.
   */
@@ -52,7 +58,7 @@ abstract class MyBatisMapperSqlOperation extends MyBatisMapperXMLElement {
   */
  Method getMapperMethod() {
    result.getName() = this.getId() and
-    result.getDeclaringType() = this.getParent().(MyBatisMapperXMLElement).getNamespaceRefType()
+    result.getDeclaringType() = this.getParent().(MyBatisMapperXmlElement).getNamespaceRefType()
  }
 }

@@ -87,7 +93,7 @@ class MyBatisMapperSelect extends MyBatisMapperSqlOperation {
 /**
 * A `<sql>` element in a `MyBatisMapperXMLElement`.
 */
-class MyBatisMapperSql extends MyBatisMapperXMLElement {
+class MyBatisMapperSql extends MyBatisMapperXmlElement {
  MyBatisMapperSql() { this.getName() = "sql" }

  /**
@@ -99,7 +105,7 @@ class MyBatisMapperSql extends MyBatisMapperXMLElement {
 /**
 * A `<include>` element in a `MyBatisMapperXMLElement`.
 */
-class MyBatisMapperInclude extends MyBatisMapperXMLElement {
+class MyBatisMapperInclude extends MyBatisMapperXmlElement {
  MyBatisMapperInclude() { this.getName() = "include" }

  /**
@@ -111,6 +117,6 @@ class MyBatisMapperInclude extends MyBatisMapperXMLElement {
 /**
 * A `<foreach>` element in a `MyBatisMapperXMLElement`.
 */
-class MyBatisMapperForeach extends MyBatisMapperXMLElement {
+class MyBatisMapperForeach extends MyBatisMapperXmlElement {
  MyBatisMapperForeach() { this.getName() = "foreach" }
 }
--- a/java/ql/src/utils/model-generator/CaptureSinkModels.ql
+++ b/java/ql/src/utils/model-generator/CaptureSinkModels.ql
@@ -43,7 +43,7 @@ string asInputArgument(DataFlow::Node source) {
  result = "Argument[-1]"
 }

-string captureSink(TargetAPI api) {
+string captureSink(TargetApi api) {
  exists(DataFlow::Node src, DataFlow::Node sink, PropagateToSinkConfiguration config, string kind |
    config.hasFlow(src, sink) and
    sinkNode(sink, kind) and
@@ -53,6 +53,6 @@ string captureSink(TargetAPI api) {
  )
 }

-from TargetAPI api, string sink
+from TargetApi api, string sink
 where sink = captureSink(api)
 select sink order by sink
--- a/java/ql/src/utils/model-generator/CaptureSourceModels.ql
+++ b/java/ql/src/utils/model-generator/CaptureSourceModels.ql
@@ -22,7 +22,7 @@ class FromSourceConfiguration extends TaintTracking::Configuration {
  override predicate isSource(DataFlow::Node source) { sourceNode(source, _) }

  override predicate isSink(DataFlow::Node sink) {
-    exists(TargetAPI c |
+    exists(TargetApi c |
      sink instanceof ReturnNodeExt and
      sink.getEnclosingCallable() = c and
      c.isPublic() and
@@ -39,7 +39,7 @@ class FromSourceConfiguration extends TaintTracking::Configuration {
  }
 }

-string captureSource(TargetAPI api) {
+string captureSource(TargetApi api) {
  exists(DataFlow::Node source, DataFlow::Node sink, FromSourceConfiguration config, string kind |
    config.hasFlow(source, sink) and
    sourceNode(source, kind) and
@@ -48,6 +48,6 @@ string captureSource(TargetAPI api) {
  )
 }

-from TargetAPI api, string sink
+from TargetApi api, string sink
 where sink = captureSource(api)
 select sink order by sink
--- a/java/ql/src/utils/model-generator/CaptureSummaryModels.ql
+++ b/java/ql/src/utils/model-generator/CaptureSummaryModels.ql
@@ -12,7 +12,7 @@ import semmle.code.java.dataflow.internal.DataFlowPrivate
 import semmle.code.java.dataflow.InstanceAccess
 import ModelGeneratorUtils

-string captureFlow(TargetAPI api) {
+string captureFlow(TargetApi api) {
  result = captureQualifierFlow(api) or
  result = captureThroughFlow(api)
 }
@@ -29,7 +29,7 @@ string captureFlow(TargetAPI api) {
 * }
 * ```
 */
-string captureQualifierFlow(TargetAPI api) {
+string captureQualifierFlow(TargetApi api) {
  exists(ReturnStmt rtn |
    rtn.getEnclosingCallable() = api and
    rtn.getResult().(ThisAccess).isOwnInstanceAccess()
@@ -50,7 +50,7 @@ class ThroughFlowConfig extends TaintTracking::Configuration {

  override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) {
    source instanceof DataFlow::ParameterNode and
-    source.getEnclosingCallable() instanceof TargetAPI and
+    source.getEnclosingCallable() instanceof TargetApi and
    state instanceof TaintRead
  }

@@ -145,7 +145,7 @@ class ThroughFlowConfig extends TaintTracking::Configuration {
 * Captured Model:
 * `p;Foo;true;addToList;;Argument[0];Argument[1];taint`
 */
-string captureThroughFlow(TargetAPI api) {
+string captureThroughFlow(TargetApi api) {
  exists(
    ThroughFlowConfig config, DataFlow::ParameterNode p, ReturnNodeExt returnNodeExt, string input,
    string output
@@ -159,6 +159,6 @@ string captureThroughFlow(TargetAPI api) {
  )
 }

-from TargetAPI api, string flow
+from TargetApi api, string flow
 where flow = captureFlow(api)
 select flow order by flow
--- a/java/ql/src/utils/model-generator/ModelGeneratorUtils.qll
+++ b/java/ql/src/utils/model-generator/ModelGeneratorUtils.qll
@@ -11,8 +11,8 @@ Method superImpl(Method m) {
  not m instanceof ToStringMethod
 }

-class TargetAPI extends Callable {
-  TargetAPI() {
+class TargetApi extends Callable {
+  TargetApi() {
    this.isPublic() and
    this.fromSource() and
    (
@@ -23,6 +23,9 @@ class TargetAPI extends Callable {
  }
 }

+/** DEPRECATED: Alias for TargetApi */
+deprecated class TargetAPI = TargetApi;
+
 private string isExtensible(RefType ref) {
  if ref.isFinal() then result = "false" else result = "true"
 }
@@ -59,17 +62,17 @@ private predicate isJdkInternal(CompilationUnit cu) {
 }

 bindingset[input, output]
-string asTaintModel(TargetAPI api, string input, string output) {
+string asTaintModel(TargetApi api, string input, string output) {
  result = asSummaryModel(api, input, output, "taint")
 }

 bindingset[input, output]
-string asValueModel(TargetAPI api, string input, string output) {
+string asValueModel(TargetApi api, string input, string output) {
  result = asSummaryModel(api, input, output, "value")
 }

 bindingset[input, output, kind]
-string asSummaryModel(TargetAPI api, string input, string output, string kind) {
+string asSummaryModel(TargetApi api, string input, string output, string kind) {
  result =
    asPartialModel(api) + input + ";" //
      + output + ";" //
@@ -77,19 +80,19 @@ string asSummaryModel(TargetAPI api, string input, string output, string kind) {
 }

 bindingset[input, kind]
-string asSinkModel(TargetAPI api, string input, string kind) {
+string asSinkModel(TargetApi api, string input, string kind) {
  result = asPartialModel(api) + input + ";" + kind
 }

 bindingset[output, kind]
-string asSourceModel(TargetAPI api, string output, string kind) {
+string asSourceModel(TargetApi api, string output, string kind) {
  result = asPartialModel(api) + output + ";" + kind
 }

 /**
 * Computes the first 6 columns for CSV rows.
 */
-private string asPartialModel(TargetAPI api) {
+private string asPartialModel(TargetApi api) {
  result =
    typeAsSummaryModel(api) + ";" //
      + isExtensible(bestTypeForModel(api)) + ";" //
@@ -102,9 +105,9 @@ private string asPartialModel(TargetAPI api) {
 * Returns the appropriate type name for the model. Either the type
 * declaring the method or the supertype introducing the method.
 */
-private string typeAsSummaryModel(TargetAPI api) { result = typeAsModel(bestTypeForModel(api)) }
+private string typeAsSummaryModel(TargetApi api) { result = typeAsModel(bestTypeForModel(api)) }

-private RefType bestTypeForModel(TargetAPI api) {
+private RefType bestTypeForModel(TargetApi api) {
  if exists(superImpl(api))
  then superImpl(api).fromSource() and result = superImpl(api).getDeclaringType()
  else result = api.getDeclaringType()