diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql
index 032f2f4ce3c..c723e7d7067 100644
--- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql
+++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstruction.ql
@@ -13,25 +13,28 @@
 import java
 import ArraySizing
 import semmle.code.java.dataflow.FlowSources
-import DataFlow::PathGraph
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "RemoteUserInputTocanThrowOutOfBoundsDueToEmptyArrayConfig" }
+private module ImproperValidationOfArrayConstructionConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     any(CheckableArrayAccess caa).canThrowOutOfBoundsDueToEmptyArray(sink.asExpr(), _)
   }
 }
 
+module ImproperValidationOfArrayConstructionFlow =
+  TaintTracking::Make<ImproperValidationOfArrayConstructionConfig>;
+
+import ImproperValidationOfArrayConstructionFlow::PathGraph
+
 from
-  DataFlow::PathNode source, DataFlow::PathNode sink, Expr sizeExpr,
+  ImproperValidationOfArrayConstructionFlow::PathNode source,
+  ImproperValidationOfArrayConstructionFlow::PathNode sink, Expr sizeExpr,
   ArrayCreationExpr arrayCreation, CheckableArrayAccess arrayAccess
 where
   arrayAccess.canThrowOutOfBoundsDueToEmptyArray(sizeExpr, arrayCreation) and
   sizeExpr = sink.getNode().asExpr() and
-  any(Conf conf).hasFlowPath(source, sink)
+  ImproperValidationOfArrayConstructionFlow::hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
   "This accesses the $@, but the array is initialized using a $@ which may be zero.", arrayCreation,
   "array", source.getNode(), "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql
index 3d07f044a7c..321479e9f38 100644
--- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql
+++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.ql
@@ -13,30 +13,33 @@
 
 import java
 import ArraySizing
-import DataFlow::PathGraph
+import semmle.code.java.dataflow.TaintTracking
 
-class BoundedFlowSourceConf extends DataFlow::Configuration {
-  BoundedFlowSourceConf() { this = "BoundedFlowSource" }
-
-  override predicate isSource(DataFlow::Node source) {
+private module BoundedFlowSourceConf implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) {
     source instanceof BoundedFlowSource and
     // There is not a fixed lower bound which is greater than zero.
     not source.(BoundedFlowSource).lowerBound() > 0
   }
 
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     any(CheckableArrayAccess caa).canThrowOutOfBoundsDueToEmptyArray(sink.asExpr(), _)
   }
 }
 
+module BoundedFlowSourceFlow = DataFlow::Make<BoundedFlowSourceConf>;
+
+import BoundedFlowSourceFlow::PathGraph
+
 from
-  DataFlow::PathNode source, DataFlow::PathNode sink, BoundedFlowSource boundedsource,
-  Expr sizeExpr, ArrayCreationExpr arrayCreation, CheckableArrayAccess arrayAccess
+  BoundedFlowSourceFlow::PathNode source, BoundedFlowSourceFlow::PathNode sink,
+  BoundedFlowSource boundedsource, Expr sizeExpr, ArrayCreationExpr arrayCreation,
+  CheckableArrayAccess arrayAccess
 where
   arrayAccess.canThrowOutOfBoundsDueToEmptyArray(sizeExpr, arrayCreation) and
   sizeExpr = sink.getNode().asExpr() and
   boundedsource = source.getNode() and
-  any(BoundedFlowSourceConf conf).hasFlowPath(source, sink)
+  BoundedFlowSourceFlow::hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
   "This accesses the $@, but the array is initialized using $@ which may be zero.", arrayCreation,
   "array", boundedsource, boundedsource.getDescription().toLowerCase()
diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql
index ebb91acbc24..34dcc99613d 100644
--- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql
+++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionLocal.ql
@@ -14,25 +14,28 @@
 import java
 import ArraySizing
 import semmle.code.java.dataflow.FlowSources
-import DataFlow::PathGraph
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "LocalUserInputTocanThrowOutOfBoundsDueToEmptyArrayConfig" }
+private module ImproperValidationOfArrayConstructionLocalConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     any(CheckableArrayAccess caa).canThrowOutOfBoundsDueToEmptyArray(sink.asExpr(), _)
   }
 }
 
+module ImproperValidationOfArrayConstructionLocalFlow =
+  TaintTracking::Make<ImproperValidationOfArrayConstructionLocalConfig>;
+
+import ImproperValidationOfArrayConstructionLocalFlow::PathGraph
+
 from
-  DataFlow::PathNode source, DataFlow::PathNode sink, Expr sizeExpr,
+  ImproperValidationOfArrayConstructionLocalFlow::PathNode source,
+  ImproperValidationOfArrayConstructionLocalFlow::PathNode sink, Expr sizeExpr,
   ArrayCreationExpr arrayCreation, CheckableArrayAccess arrayAccess
 where
   arrayAccess.canThrowOutOfBoundsDueToEmptyArray(sizeExpr, arrayCreation) and
   sizeExpr = sink.getNode().asExpr() and
-  any(Conf conf).hasFlowPath(source, sink)
+  ImproperValidationOfArrayConstructionLocalFlow::hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
   "This accesses the $@, but the array is initialized using a $@ which may be zero.", arrayCreation,
   "array", source.getNode(), "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql
index d3a78f1ab96..afc52fb7f2a 100644
--- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql
+++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndex.ql
@@ -13,24 +13,28 @@
 import java
 import ArraySizing
 import semmle.code.java.dataflow.FlowSources
-import DataFlow::PathGraph
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "RemoteUserInputTocanThrowOutOfBoundsDueToEmptyArrayConfig" }
+private module ImproperValidationOfArrayIndexConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     any(CheckableArrayAccess caa).canThrowOutOfBounds(sink.asExpr())
   }
 
-  override predicate isSanitizer(DataFlow::Node node) { node.getType() instanceof BooleanType }
+  predicate isBarrier(DataFlow::Node node) { node.getType() instanceof BooleanType }
 }
 
-from DataFlow::PathNode source, DataFlow::PathNode sink, CheckableArrayAccess arrayAccess
+module ImproperValidationOfArrayIndexFlow =
+  TaintTracking::Make<ImproperValidationOfArrayIndexConfig>;
+
+import ImproperValidationOfArrayIndexFlow::PathGraph
+
+from
+  ImproperValidationOfArrayIndexFlow::PathNode source,
+  ImproperValidationOfArrayIndexFlow::PathNode sink, CheckableArrayAccess arrayAccess
 where
   arrayAccess.canThrowOutOfBounds(sink.getNode().asExpr()) and
-  any(Conf conf).hasFlowPath(source, sink)
+  ImproperValidationOfArrayIndexFlow::hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
   "This index depends on a $@ which can cause an ArrayIndexOutOfBoundsException.", source.getNode(),
   "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql
index 79911f5422d..65883677aa0 100644
--- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql
+++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexCodeSpecified.ql
@@ -14,25 +14,27 @@
 import java
 import ArraySizing
 import BoundingChecks
-import DataFlow::PathGraph
+import semmle.code.java.dataflow.TaintTracking
 
-class BoundedFlowSourceConf extends DataFlow::Configuration {
-  BoundedFlowSourceConf() { this = "BoundedFlowSource" }
+private module BoundedFlowSourceConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof BoundedFlowSource }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof BoundedFlowSource }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     exists(CheckableArrayAccess arrayAccess | arrayAccess.canThrowOutOfBounds(sink.asExpr()))
   }
 }
 
+module BoundedFlowSourceFlow = DataFlow::Make<BoundedFlowSourceConfig>;
+
+import BoundedFlowSourceFlow::PathGraph
+
 from
-  DataFlow::PathNode source, DataFlow::PathNode sink, BoundedFlowSource boundedsource,
-  CheckableArrayAccess arrayAccess
+  BoundedFlowSourceFlow::PathNode source, BoundedFlowSourceFlow::PathNode sink,
+  BoundedFlowSource boundedsource, CheckableArrayAccess arrayAccess
 where
   arrayAccess.canThrowOutOfBounds(sink.getNode().asExpr()) and
   boundedsource = source.getNode() and
-  any(BoundedFlowSourceConf conf).hasFlowPath(source, sink) and
+  BoundedFlowSourceFlow::hasFlowPath(source, sink) and
   boundedsource != sink.getNode() and
   not (
     (
diff --git a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql
index 1b5576f14e8..6cbc26eb372 100644
--- a/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql
+++ b/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayIndexLocal.ql
@@ -14,22 +14,26 @@
 import java
 import ArraySizing
 import semmle.code.java.dataflow.FlowSources
-import DataFlow::PathGraph
 
-class Conf extends TaintTracking::Configuration {
-  Conf() { this = "LocalUserInputTocanThrowOutOfBoundsDueToEmptyArrayConfig" }
+private module ImproperValidationOfArrayIndexLocalConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
-
-  override predicate isSink(DataFlow::Node sink) {
+  predicate isSink(DataFlow::Node sink) {
     any(CheckableArrayAccess caa).canThrowOutOfBounds(sink.asExpr())
   }
 }
 
-from DataFlow::PathNode source, DataFlow::PathNode sink, CheckableArrayAccess arrayAccess
+module ImproperValidationOfArrayIndexLocalFlow =
+  TaintTracking::Make<ImproperValidationOfArrayIndexLocalConfig>;
+
+import ImproperValidationOfArrayIndexLocalFlow::PathGraph
+
+from
+  ImproperValidationOfArrayIndexLocalFlow::PathNode source,
+  ImproperValidationOfArrayIndexLocalFlow::PathNode sink, CheckableArrayAccess arrayAccess
 where
   arrayAccess.canThrowOutOfBounds(sink.getNode().asExpr()) and
-  any(Conf conf).hasFlowPath(source, sink)
+  ImproperValidationOfArrayIndexLocalFlow::hasFlowPath(source, sink)
 select arrayAccess.getIndexExpr(), source, sink,
   "This index depends on a $@ which can cause an ArrayIndexOutOfBoundsException.", source.getNode(),
   "user-provided value"