Merge branch 'main' into automated-subclass-models

python/ql/test/library-tests/PointsTo/new/ImpliesDataflow.ql

@@ -10,26 +10,18 @@ predicate pointsToOrigin(DataFlow::CfgNode pointer, DataFlow::CfgNode origin) {
   origin.getNode() = pointer.getNode().pointsTo().getOrigin()
 }
 
-class PointsToConfiguration extends DataFlow::Configuration {
-  PointsToConfiguration() { this = "PointsToConfiguration" }
+module PointsToConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) { pointsToOrigin(_, node) }
 
-  override predicate isSource(DataFlow::Node node) { pointsToOrigin(_, node) }
-
-  override predicate isSink(DataFlow::Node node) { pointsToOrigin(node, _) }
+  predicate isSink(DataFlow::Node node) { pointsToOrigin(node, _) }
 }
 
-predicate hasFlow(DataFlow::Node origin, DataFlow::Node pointer) {
-  exists(PointsToConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink |
-    source.getNode() = origin and
-    sink.getNode() = pointer and
-    config.hasFlowPath(source, sink)
-  )
-}
+module PointsToFlow = DataFlow::Global<PointsToConfig>;
 
 from DataFlow::Node pointer, DataFlow::Node origin
 where
   exists(pointer.getLocation().getFile().getRelativePath()) and
   exists(origin.getLocation().getFile().getRelativePath()) and
   pointsToOrigin(pointer, origin) and
-  not hasFlow(origin, pointer)
+  not PointsToFlow::flow(origin, pointer)
 select origin, pointer

python/ql/test/library-tests/frameworks/data/test.ql

@@ -1,24 +1,22 @@
 import python
-import semmle.python.dataflow.new.internal.AccessPathSyntax as AccessPathSyntax
+private import semmle.python.frameworks.data.internal.ApiGraphModels as ApiGraphModels
 import semmle.python.frameworks.data.ModelsAsData
 import semmle.python.dataflow.new.TaintTracking
 import semmle.python.dataflow.new.DataFlow
 private import semmle.python.ApiGraphs
 
-class BasicTaintTracking extends TaintTracking::Configuration {
-  BasicTaintTracking() { this = "BasicTaintTracking" }
-
-  override predicate isSource(DataFlow::Node source) {
+module BasicTaintTrackingConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) {
     source = ModelOutput::getASourceNode("test-source").asSource()
   }
 
-  override predicate isSink(DataFlow::Node sink) {
-    sink = ModelOutput::getASinkNode("test-sink").asSink()
-  }
+  predicate isSink(DataFlow::Node sink) { sink = ModelOutput::getASinkNode("test-sink").asSink() }
 }
 
+module TestTaintTrackingFlow = TaintTracking::Global<BasicTaintTrackingConfig>;
+
 query predicate taintFlow(DataFlow::Node source, DataFlow::Node sink) {
-  any(BasicTaintTracking tr).hasFlow(source, sink)
+  TestTaintTrackingFlow::flow(source, sink)
 }
 
 query predicate isSink(DataFlow::Node node, string kind) {
@@ -29,6 +27,6 @@ query predicate isSource(DataFlow::Node node, string kind) {
   node = ModelOutput::getASourceNode(kind).asSource()
 }
 
-query predicate syntaxErrors(AccessPathSyntax::AccessPath path) { path.hasSyntaxError() }
+query predicate syntaxErrors(ApiGraphModels::AccessPath path) { path.hasSyntaxError() }
 
 query predicate warning = ModelOutput::getAWarning/0;

python/ql/test/library-tests/frameworks/data/warnings.ql

@@ -1,5 +1,4 @@
 import python
-import semmle.python.dataflow.new.internal.AccessPathSyntax as AccessPathSyntax
 import semmle.python.frameworks.data.internal.ApiGraphModels as ApiGraphModels
 import semmle.python.frameworks.data.ModelsAsData
 

python/ql/test/library-tests/frameworks/modeling-example/NaiveModel.ql

@@ -5,7 +5,7 @@
 private import python
 private import semmle.python.dataflow.new.DataFlow
 private import semmle.python.dataflow.new.TaintTracking
-import DataFlow::PathGraph
+import SharedFlow::PathGraph
 import SharedCode
 
 class MyClassGetValueAdditionalTaintStep extends TaintTracking::AdditionalTaintStep {
@@ -18,7 +18,7 @@ class MyClassGetValueAdditionalTaintStep extends TaintTracking::AdditionalTaintS
   }
 }
 
-from SharedConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
-where config.hasFlowPath(source, sink)
+from SharedFlow::PathNode source, SharedFlow::PathNode sink
+where SharedFlow::flowPath(source, sink)
 select sink.getNode(), source, sink,
   "test flow (naive): " + source.getNode().asCfgNode().getScope().getName()

python/ql/test/library-tests/frameworks/modeling-example/ProperModel.ql

@@ -5,7 +5,7 @@
 private import python
 private import semmle.python.dataflow.new.DataFlow
 private import semmle.python.dataflow.new.TaintTracking
-import DataFlow::PathGraph
+import SharedFlow::PathGraph
 import SharedCode
 
 class MyClassGetValueAdditionalTaintStep extends TaintTracking::AdditionalTaintStep {
@@ -20,7 +20,7 @@ class MyClassGetValueAdditionalTaintStep extends TaintTracking::AdditionalTaintS
   }
 }
 
-from SharedConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
-where config.hasFlowPath(source, sink)
+from SharedFlow::PathNode source, SharedFlow::PathNode sink
+where SharedFlow::flowPath(source, sink)
 select sink.getNode(), source, sink,
   "test flow (proper): " + source.getNode().asCfgNode().getScope().getName()

python/ql/test/library-tests/frameworks/modeling-example/SharedCode.qll

@@ -22,15 +22,15 @@ class SourceCall extends DataFlow::Node, MyClass {
   SourceCall() { this.asCfgNode().(CallNode).getFunction().(NameNode).getId() = "source" }
 }
 
-class SharedConfig extends TaintTracking::Configuration {
-  SharedConfig() { this = "SharedConfig" }
+private module SharedConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof SourceCall }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof SourceCall }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(CallNode call |
       call.getFunction().(NameNode).getId() = "sink" and
       call.getArg(0) = sink.asCfgNode()
     )
   }
 }
+
+module SharedFlow = TaintTracking::Global<SharedConfig>;