Merge branch 'main' into azure_python_sdk_url_summary_upstream

2026-02-12 13:11:20 +01:00 · 2026-02-02 09:00:35 -05:00
parent 26b8a394b3 8b03608a4f
commit 7ddfa80399
5287 changed files with 495117 additions and 207887 deletions
--- a/python/ql/test/2/extractor-tests/import_depth/test.ql
+++ b/python/ql/test/2/extractor-tests/import_depth/test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m
 /* Exclude the builtins module as it has a different name under 2 and 3. */
--- a/python/ql/test/2/extractor-tests/normalise/Numbers.ql
+++ b/python/ql/test/2/extractor-tests/normalise/Numbers.ql
@@ -7,10 +7,11 @@
 */

 import python
+private import LegacyPointsTo

 from NumericObject n
 where
-  exists(IntegerLiteral i | i.getLiteralObject() = n |
+  exists(IntegerLiteral i | getLiteralObject(i) = n |
    i.getEnclosingModule().getFile().getShortName() = "test.py"
  )
 select n.toString(), n.repr()
--- a/python/ql/test/2/extractor-tests/object_hash/Success.ql
+++ b/python/ql/test/2/extractor-tests/object_hash/Success.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 where exists(theSysModuleObject())
 select 1
--- a/python/ql/test/2/library-tests/ControlFlow/Exceptions/Handles.ql
+++ b/python/ql/test/2/library-tests/ControlFlow/Exceptions/Handles.ql
@@ -1,5 +1,6 @@
 import python
+private import LegacyPointsTo

-from ExceptFlowNode ex, Value val
+from ExceptFlowNodeWithPointsTo ex, Value val
 where ex.handledException(val, _, _)
 select ex.getLocation().getStartLine(), ex.toString(), val.toString()
--- a/python/ql/test/2/library-tests/ControlFlow/Exceptions/Known.ql
+++ b/python/ql/test/2/library-tests/ControlFlow/Exceptions/Known.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from RaisingNode r
 select r.getLocation().getStartLine(), r.toString(), r.getARaisedType().toString()
--- a/python/ql/test/2/library-tests/ControlFlow/Exceptions/Likely.ql
+++ b/python/ql/test/2/library-tests/ControlFlow/Exceptions/Likely.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ControlFlowNode r, ControlFlowNode s
 where
--- a/python/ql/test/2/library-tests/ControlFlow/Exceptions/Unknown.ql
+++ b/python/ql/test/2/library-tests/ControlFlow/Exceptions/Unknown.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from RaisingNode r
 where r.raisesUnknownType()
--- a/python/ql/test/2/library-tests/PointsTo/class_properties/ClassValues.ql
+++ b/python/ql/test/2/library-tests/PointsTo/class_properties/ClassValues.ql
@@ -1,10 +1,11 @@
 import python
+private import LegacyPointsTo

 from ClassValue cls, string res
 where
  exists(CallNode call |
    call.getFunction().(NameNode).getId() = "test" and
-    call.getAnArg().pointsTo(cls)
+    call.getAnArg().(ControlFlowNodeWithPointsTo).pointsTo(cls)
  ) and
  (
    cls.isSequence() and
--- a/python/ql/test/2/library-tests/PointsTo/import_time/Pruned.ql
+++ b/python/ql/test/2/library-tests/PointsTo/import_time/Pruned.ql
@@ -1,6 +1,5 @@
 import python
-import semmle.python.pointsto.PointsTo
-import semmle.python.pointsto.PointsToContext
+private import LegacyPointsTo

 from ControlFlowNode f, Location l, Context c
 where
--- a/python/ql/test/2/library-tests/PointsTo/imports/Runtime.ql
+++ b/python/ql/test/2/library-tests/PointsTo/imports/Runtime.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo

-from int line, ControlFlowNode f, Object o, ControlFlowNode orig
+from int line, ControlFlowNodeWithPointsTo f, Object o, ControlFlowNode orig
 where
  not f.getLocation().getFile().inStdlib() and
  f.refersTo(o, orig) and
--- a/python/ql/test/2/library-tests/PointsTo/imports2/Runtime.ql
+++ b/python/ql/test/2/library-tests/PointsTo/imports2/Runtime.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo

-from int line, ControlFlowNode f, Object o, ControlFlowNode orig
+from int line, ControlFlowNodeWithPointsTo f, Object o, ControlFlowNode orig
 where
  not f.getLocation().getFile().inStdlib() and
  f.refersTo(o, orig) and
--- a/python/ql/test/2/library-tests/PointsTo/imports2/RuntimeWithType.ql
+++ b/python/ql/test/2/library-tests/PointsTo/imports2/RuntimeWithType.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo

-from int line, ControlFlowNode f, Object o, ClassObject cls, ControlFlowNode orig
+from int line, ControlFlowNodeWithPointsTo f, Object o, ClassObject cls, ControlFlowNode orig
 where
  not f.getLocation().getFile().inStdlib() and
  f.refersTo(o, cls, orig) and
--- a/python/ql/test/2/library-tests/PointsTo/metaclass/test.ql
+++ b/python/ql/test/2/library-tests/PointsTo/metaclass/test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls
 where not cls.isC()
--- a/python/ql/test/2/library-tests/PointsTo/origin_uniqueness/Origin.ql
+++ b/python/ql/test/2/library-tests/PointsTo/origin_uniqueness/Origin.ql
@@ -1,8 +1,9 @@
 import python
+private import LegacyPointsTo

 string short_loc(Location l) { result = l.getFile().getShortName() + ":" + l.getStartLine() }

-from ControlFlowNode use, Object obj, ControlFlowNode orig, int line
+from ControlFlowNodeWithPointsTo use, Object obj, ControlFlowNode orig, int line
 where
  use.refersTo(obj, orig) and
  use.getLocation().getFile().getShortName() = "test.py" and
--- a/python/ql/test/2/library-tests/classes/attr/class_attr.ql
+++ b/python/ql/test/2/library-tests/classes/attr/class_attr.ql
@@ -5,6 +5,7 @@
 */

 import python
+private import LegacyPointsTo

 from ClassObject cls, int line, string name, Object obj
 where
--- a/python/ql/test/2/library-tests/classes/attr/class_has_attr.ql
+++ b/python/ql/test/2/library-tests/classes/attr/class_has_attr.ql
@@ -5,6 +5,7 @@
 */

 import python
+private import LegacyPointsTo

 from ClassObject cls, int line, string name
 where
--- a/python/ql/test/2/library-tests/classes/attr/list_attr.ql
+++ b/python/ql/test/2/library-tests/classes/attr/list_attr.ql
@@ -5,6 +5,7 @@
 */

 import python
+private import LegacyPointsTo

 from ClassObject cls, string name, Object what
 where
--- a/python/ql/test/2/library-tests/classes/mro/mro.ql
+++ b/python/ql/test/2/library-tests/classes/mro/mro.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls, ClassObject l, ClassObject r
 where
--- a/python/ql/test/2/library-tests/modules/general/moduleobject_test.ql
+++ b/python/ql/test/2/library-tests/modules/general/moduleobject_test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where m.getName() = "package" or m.getName() = "confused_elements"
--- a/python/ql/test/2/library-tests/modules/package_members/module_attributes.ql
+++ b/python/ql/test/2/library-tests/modules/package_members/module_attributes.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where not m.isC()
--- a/python/ql/test/2/library-tests/modules/package_members/module_exports.ql
+++ b/python/ql/test/2/library-tests/modules/package_members/module_exports.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where not m.isC() and m.exports(name)
--- a/python/ql/test/2/library-tests/modules/package_members/module_import_as.ql
+++ b/python/ql/test/2/library-tests/modules/package_members/module_import_as.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where not m.isC() and m.importedAs(name)
--- a/python/ql/test/2/library-tests/modules/usage/ModuleUsage.ql
+++ b/python/ql/test/2/library-tests/modules/usage/ModuleUsage.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleValue mv, string usage
 where
--- a/python/ql/test/2/library-tests/objects/Literals.ql
+++ b/python/ql/test/2/library-tests/objects/Literals.ql
@@ -1,5 +1,6 @@
 /* Test that there are no literals that do not have a corresponding object. */
 import python
+private import LegacyPointsTo

 string repr(Expr e) {
  result = e.(Num).getN() or
@@ -8,5 +9,5 @@ string repr(Expr e) {
 }

 from ImmutableLiteral l
-where not exists(l.getLiteralObject())
+where not exists(getLiteralObject(l))
 select l.getLocation().getStartLine(), repr(l)
--- a/python/ql/test/2/library-tests/six/pointsto.ql
+++ b/python/ql/test/2/library-tests/six/pointsto.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 string longname(Expr e) {
  result = e.(Name).getId()
@@ -6,6 +7,6 @@ string longname(Expr e) {
  exists(Attribute a | a = e | result = longname(a.getObject()) + "." + a.getName())
 }

-from Expr e, Value v
+from ExprWithPointsTo e, Value v
 where e.pointsTo(v) and e.getLocation().getFile().getShortName() = "test.py"
 select longname(e), v.toString()
--- a/python/ql/test/2/library-tests/types/classes/mro_test.ql
+++ b/python/ql/test/2/library-tests/types/classes/mro_test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls
 where not cls.isC()
--- a/python/ql/test/2/library-tests/types/classes/new_style.ql
+++ b/python/ql/test/2/library-tests/types/classes/new_style.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls, string style
 where
--- a/python/ql/test/2/library-tests/types/exceptions/ExitRaises.ql
+++ b/python/ql/test/2/library-tests/types/exceptions/ExitRaises.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from RaisingNode r, Scope s, ClassObject cls
 where r.viableExceptionalExit_objectapi(s, cls)
--- a/python/ql/test/2/library-tests/types/exceptions/Raises.ql
+++ b/python/ql/test/2/library-tests/types/exceptions/Raises.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from PyFunctionObject f, string type
 where
--- a/python/ql/test/2/library-tests/types/functions/Calls.ql
+++ b/python/ql/test/2/library-tests/types/functions/Calls.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from FunctionObject func, ControlFlowNode call
 where func.getACall() = call
--- a/python/ql/test/2/library-tests/types/functions/Never.ql
+++ b/python/ql/test/2/library-tests/types/functions/Never.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from FunctionObject func
 where func.neverReturns()
--- a/python/ql/test/2/library-tests/types/functions/ReturnTypes.ql
+++ b/python/ql/test/2/library-tests/types/functions/ReturnTypes.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from PyFunctionObject func, ClassObject ret_type
 where func.getAnInferredReturnType() = ret_type
--- a/python/ql/test/2/library-tests/types/properties/BuiltinProperties.ql
+++ b/python/ql/test/2/library-tests/types/properties/BuiltinProperties.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls, string name, BuiltinPropertyObject p
 where
--- a/python/ql/test/3/extractor-tests/import_depth/test.ql
+++ b/python/ql/test/3/extractor-tests/import_depth/test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m
 /* Exclude the builtins module as it has a different name under 2 and 3. */
--- a/python/ql/test/3/library-tests/ControlFlow/Exceptions/Handles.ql
+++ b/python/ql/test/3/library-tests/ControlFlow/Exceptions/Handles.ql
@@ -1,5 +1,6 @@
 import python
+private import LegacyPointsTo

-from ExceptFlowNode ex, Value val
+from ExceptFlowNodeWithPointsTo ex, Value val
 where ex.handledException(val, _, _)
 select ex.getLocation().getStartLine(), ex.toString(), val.toString()
--- a/python/ql/test/3/library-tests/ControlFlow/Exceptions/Known.ql
+++ b/python/ql/test/3/library-tests/ControlFlow/Exceptions/Known.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from RaisingNode r
 select r.getLocation().getStartLine(), r.toString(), r.getARaisedType().toString()
--- a/python/ql/test/3/library-tests/ControlFlow/Exceptions/Likely.ql
+++ b/python/ql/test/3/library-tests/ControlFlow/Exceptions/Likely.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ControlFlowNode r, ControlFlowNode s
 where
--- a/python/ql/test/3/library-tests/ControlFlow/Exceptions/Unknown.ql
+++ b/python/ql/test/3/library-tests/ControlFlow/Exceptions/Unknown.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from RaisingNode r
 where r.raisesUnknownType()
--- a/python/ql/test/3/library-tests/PointsTo/attributes/Test.ql
+++ b/python/ql/test/3/library-tests/PointsTo/attributes/Test.ql
@@ -1,5 +1,6 @@
 import python
+private import LegacyPointsTo

-from ControlFlowNode f, Object o, ControlFlowNode x
+from ControlFlowNodeWithPointsTo f, Object o, ControlFlowNode x
 where f.refersTo(o, x)
 select f.getLocation().getStartLine(), f.toString(), o.toString(), x.getLocation().getStartLine()
--- a/python/ql/test/3/library-tests/PointsTo/attributes/TestWithType.ql
+++ b/python/ql/test/3/library-tests/PointsTo/attributes/TestWithType.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo

-from ControlFlowNode f, Object o, ClassObject c, ControlFlowNode x
+from ControlFlowNodeWithPointsTo f, Object o, ClassObject c, ControlFlowNode x
 where f.refersTo(o, c, x)
 select f.getLocation().getStartLine(), f.toString(), o.toString(), c.toString(),
  x.getLocation().getStartLine()
--- a/python/ql/test/3/library-tests/PointsTo/class_properties/ClassValues.ql
+++ b/python/ql/test/3/library-tests/PointsTo/class_properties/ClassValues.ql
@@ -1,10 +1,11 @@
 import python
+private import LegacyPointsTo

 from ClassValue cls, string res
 where
  exists(CallNode call |
    call.getFunction().(NameNode).getId() = "test" and
-    call.getAnArg().pointsTo(cls)
+    call.getAnArg().(ControlFlowNodeWithPointsTo).pointsTo(cls)
  ) and
  (
    cls.isSequence() and
--- a/python/ql/test/3/library-tests/PointsTo/consts/BooleanConstants.ql
+++ b/python/ql/test/3/library-tests/PointsTo/consts/BooleanConstants.ql
@@ -1,5 +1,5 @@
 import python
-import semmle.python.pointsto.PointsTo
+private import LegacyPointsTo

 from ControlFlowNode f, Context c, boolean b
 where
--- a/python/ql/test/3/library-tests/PointsTo/imports/Runtime.ql
+++ b/python/ql/test/3/library-tests/PointsTo/imports/Runtime.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo

-from int line, ControlFlowNode f, Object o, ControlFlowNode orig
+from int line, ControlFlowNodeWithPointsTo f, Object o, ControlFlowNode orig
 where
  not f.getLocation().getFile().inStdlib() and
  f.refersTo(o, orig) and
--- a/python/ql/test/3/library-tests/PointsTo/imports/RuntimeWithType.ql
+++ b/python/ql/test/3/library-tests/PointsTo/imports/RuntimeWithType.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo

-from int line, ControlFlowNode f, Object o, ClassObject cls, ControlFlowNode orig
+from int line, ControlFlowNodeWithPointsTo f, Object o, ClassObject cls, ControlFlowNode orig
 where
  not f.getLocation().getFile().inStdlib() and
  f.refersTo(o, cls, orig) and
--- a/python/ql/test/3/library-tests/PointsTo/inheritance/Calls.ql
+++ b/python/ql/test/3/library-tests/PointsTo/inheritance/Calls.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from Call c, FunctionObject f
 where f.getACall().getNode() = c
--- a/python/ql/test/3/library-tests/PointsTo/metaclass/test.ql
+++ b/python/ql/test/3/library-tests/PointsTo/metaclass/test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls
 where not cls.isC()
--- a/python/ql/test/3/library-tests/PointsTo/regressions/subprocess-assert/ClassValue.ql
+++ b/python/ql/test/3/library-tests/PointsTo/regressions/subprocess-assert/ClassValue.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 // as used in semmle.python.filters.Tests
 from ClassValue c, string base
--- a/python/ql/test/3/library-tests/PointsTo/typehints/Values.ql
+++ b/python/ql/test/3/library-tests/PointsTo/typehints/Values.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo

-from ControlFlowNode f, Context ctx, Value v, ControlFlowNode origin
+from ControlFlowNodeWithPointsTo f, Context ctx, Value v, ControlFlowNode origin
 where
  f.pointsTo(ctx, v, origin) and
  f.getLocation().getFile().getBaseName() = "test.py"
--- a/python/ql/test/3/library-tests/classes/attr/class_attr.ql
+++ b/python/ql/test/3/library-tests/classes/attr/class_attr.ql
@@ -5,6 +5,7 @@
 */

 import python
+private import LegacyPointsTo

 from ClassObject cls, int line, string name, Object obj
 where
--- a/python/ql/test/3/library-tests/classes/attr/class_has_attr.ql
+++ b/python/ql/test/3/library-tests/classes/attr/class_has_attr.ql
@@ -5,6 +5,7 @@
 */

 import python
+private import LegacyPointsTo

 from ClassObject cls, int line, string name
 where
--- a/python/ql/test/3/library-tests/classes/meta/meta_obj.ql
+++ b/python/ql/test/3/library-tests/classes/meta/meta_obj.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls
 where not cls.isC()
--- a/python/ql/test/3/library-tests/classes/mro/mro.ql
+++ b/python/ql/test/3/library-tests/classes/mro/mro.ql
@@ -5,6 +5,7 @@
 */

 import python
+private import LegacyPointsTo

 from ClassObject cls, ClassObject l, ClassObject r
 where
--- a/python/ql/test/3/library-tests/classes/mro/mro_index.ql
+++ b/python/ql/test/3/library-tests/classes/mro/mro_index.ql
@@ -5,6 +5,7 @@
 */

 import python
+private import LegacyPointsTo

 from ClassObject cls, ClassObject sup, int index
 where
--- a/python/ql/test/3/library-tests/modules/general/moduleobject_test.ql
+++ b/python/ql/test/3/library-tests/modules/general/moduleobject_test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where not m.isC() and not m.getName() = "__future__"
--- a/python/ql/test/3/library-tests/modules/package_members/module_attributes.ql
+++ b/python/ql/test/3/library-tests/modules/package_members/module_attributes.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where not m.isC()
--- a/python/ql/test/3/library-tests/modules/package_members/module_exports.ql
+++ b/python/ql/test/3/library-tests/modules/package_members/module_exports.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where not m.isC() and m.exports(name)
--- a/python/ql/test/3/library-tests/modules/package_members/module_import_as.ql
+++ b/python/ql/test/3/library-tests/modules/package_members/module_import_as.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleObject m, string name
 where not m.isC() and m.importedAs(name)
--- a/python/ql/test/3/library-tests/modules/usage/ModuleUsage.ql
+++ b/python/ql/test/3/library-tests/modules/usage/ModuleUsage.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ModuleValue mv, string usage
 where
--- a/python/ql/test/3/library-tests/six/pointsto.ql
+++ b/python/ql/test/3/library-tests/six/pointsto.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 string longname(Expr e) {
  result = e.(Name).getId()
@@ -6,6 +7,6 @@ string longname(Expr e) {
  exists(Attribute a | a = e | result = longname(a.getObject()) + "." + a.getName())
 }

-from Expr e, Value v
+from ExprWithPointsTo e, Value v
 where e.pointsTo(v) and e.getLocation().getFile().getShortName() = "test.py"
 select longname(e), v.toString()
--- a/python/ql/test/3/library-tests/types/classes/mro_test.ql
+++ b/python/ql/test/3/library-tests/types/classes/mro_test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls, ClassObject sup
 where not cls.isC()
--- a/python/ql/test/3/library-tests/types/exceptions/Raises.ql
+++ b/python/ql/test/3/library-tests/types/exceptions/Raises.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from PyFunctionObject f, string type
 where
--- a/python/ql/test/3/library-tests/types/exceptions/Viable.ql
+++ b/python/ql/test/3/library-tests/types/exceptions/Viable.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from RaisingNode r, ControlFlowNode n, ClassObject ex
 where r.viableExceptionEdge_objectapi(n, ex)
--- a/python/ql/test/3/library-tests/types/functions/Calls.ql
+++ b/python/ql/test/3/library-tests/types/functions/Calls.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from FunctionObject func, ControlFlowNode call
 where func.getACall() = call
--- a/python/ql/test/3/library-tests/types/functions/Never.ql
+++ b/python/ql/test/3/library-tests/types/functions/Never.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from FunctionObject func
 where func.neverReturns()
--- a/python/ql/test/3/library-tests/types/functions/ReturnTypes.ql
+++ b/python/ql/test/3/library-tests/types/functions/ReturnTypes.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from PyFunctionObject func, ClassObject ret_type
 where func.getAnInferredReturnType() = ret_type
--- a/python/ql/test/3/library-tests/types/namespaces/NameSpace.ql
+++ b/python/ql/test/3/library-tests/types/namespaces/NameSpace.ql
@@ -6,6 +6,7 @@
 */

 import python
+private import LegacyPointsTo

 from Scope s, string name, Object val
 where
--- a/python/ql/test/3/library-tests/types/properties/BuiltinProperties.ql
+++ b/python/ql/test/3/library-tests/types/properties/BuiltinProperties.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from ClassObject cls, string name, BuiltinPropertyObject p
 where
--- a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql
+++ b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql
@@ -1,6 +1,7 @@
 import python
 import utils.test.InlineExpectationsTest
 private import semmle.python.dataflow.new.internal.DataFlowDispatch as TT
+private import LegacyPointsTo

 /** Holds when `call` is resolved to `callable` using points-to based call-graph. */
 predicate pointsToCallEdge(CallNode call, Function callable) {
--- a/python/ql/test/experimental/meta/MaDTest.qll
+++ b/python/ql/test/experimental/meta/MaDTest.qll
@@ -17,7 +17,7 @@ module MadSinkTest implements TestSig {
  predicate hasActualResult(Location location, string element, string tag, string value) {
    exists(location.getFile().getRelativePath()) and
    exists(DataFlow::Node sink, string kind |
-      sink = ModelOutput::getASinkNode(kind).asSink() and
+      ModelOutput::sinkNode(sink, kind) and
      location = sink.getLocation() and
      element = sink.toString() and
      value = prettyNodeForInlineTest(sink) and
@@ -34,7 +34,7 @@ module MadSourceTest implements TestSig {
  predicate hasActualResult(Location location, string element, string tag, string value) {
    exists(location.getFile().getRelativePath()) and
    exists(DataFlow::Node source, string kind |
-      source = ModelOutput::getASourceNode(kind).asSource() and
+      ModelOutput::sourceNode(source, kind) and
      location = source.getLocation() and
      element = source.toString() and
      value = prettyNodeForInlineTest(source) and
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-UnsafeUnpacking/UnsafeUnpack.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-UnsafeUnpacking/UnsafeUnpack.expected
@@ -1,3 +1,17 @@
+#select
+| UnsafeUnpack.py:19:35:19:41 | ControlFlowNode for tarpath | UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for ImportMember | UnsafeUnpack.py:19:35:19:41 | ControlFlowNode for tarpath | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:34:23:34:38 | ControlFlowNode for local_ziped_path | UnsafeUnpack.py:33:50:33:65 | ControlFlowNode for local_ziped_path | UnsafeUnpack.py:34:23:34:38 | ControlFlowNode for local_ziped_path | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:48:23:48:37 | ControlFlowNode for compressed_file | UnsafeUnpack.py:47:20:47:34 | ControlFlowNode for compressed_file | UnsafeUnpack.py:48:23:48:37 | ControlFlowNode for compressed_file | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:52:23:52:37 | ControlFlowNode for compressed_file | UnsafeUnpack.py:51:19:51:36 | ControlFlowNode for Attribute() | UnsafeUnpack.py:52:23:52:37 | ControlFlowNode for compressed_file | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:66:23:66:37 | ControlFlowNode for compressed_file | UnsafeUnpack.py:65:19:65:31 | ControlFlowNode for Attribute | UnsafeUnpack.py:66:23:66:37 | ControlFlowNode for compressed_file | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:87:23:87:29 | ControlFlowNode for tarpath | UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | UnsafeUnpack.py:87:23:87:29 | ControlFlowNode for tarpath | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:105:35:105:42 | ControlFlowNode for savepath | UnsafeUnpack.py:103:32:103:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:105:35:105:42 | ControlFlowNode for savepath | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path | UnsafeUnpack.py:108:22:108:34 | ControlFlowNode for Attribute | UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:120:41:120:58 | ControlFlowNode for uploaded_file_path | UnsafeUnpack.py:116:27:116:39 | ControlFlowNode for Attribute | UnsafeUnpack.py:120:41:120:58 | ControlFlowNode for uploaded_file_path | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:142:49:142:51 | ControlFlowNode for tar | UnsafeUnpack.py:140:23:140:35 | ControlFlowNode for Attribute | UnsafeUnpack.py:142:49:142:51 | ControlFlowNode for tar | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | UnsafeUnpack.py:158:32:158:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() | UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() | Unsafe extraction from a malicious tarball retrieved from a remote location. |
+| UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute | UnsafeUnpack.py:194:53:194:55 | ControlFlowNode for tmp | UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute | Unsafe extraction from a malicious tarball retrieved from a remote location. |
 edges
 | UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for ImportMember | UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for request | provenance |  |
 | UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for request | UnsafeUnpack.py:11:18:11:24 | ControlFlowNode for request | provenance |  |
@@ -75,7 +89,7 @@ edges
 | UnsafeUnpack.py:161:19:161:21 | ControlFlowNode for tar | UnsafeUnpack.py:163:33:163:35 | ControlFlowNode for tar | provenance |  |
 | UnsafeUnpack.py:161:25:161:46 | ControlFlowNode for Attribute() | UnsafeUnpack.py:161:19:161:21 | ControlFlowNode for tar | provenance |  |
 | UnsafeUnpack.py:161:38:161:45 | ControlFlowNode for savepath | UnsafeUnpack.py:161:25:161:46 | ControlFlowNode for Attribute() | provenance | Config |
-| UnsafeUnpack.py:161:38:161:45 | ControlFlowNode for savepath | UnsafeUnpack.py:161:25:161:46 | ControlFlowNode for Attribute() | provenance | MaD:69 |
+| UnsafeUnpack.py:161:38:161:45 | ControlFlowNode for savepath | UnsafeUnpack.py:161:25:161:46 | ControlFlowNode for Attribute() | provenance | MaD:1 |
 | UnsafeUnpack.py:163:23:163:28 | ControlFlowNode for member | UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member | provenance |  |
 | UnsafeUnpack.py:163:33:163:35 | ControlFlowNode for tar | UnsafeUnpack.py:163:23:163:28 | ControlFlowNode for member | provenance |  |
 | UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result | UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | provenance |  |
@@ -92,6 +106,8 @@ edges
 | UnsafeUnpack.py:176:17:176:23 | ControlFlowNode for tarpath | UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() | provenance | Config |
 | UnsafeUnpack.py:194:53:194:55 | ControlFlowNode for tmp | UnsafeUnpack.py:201:29:201:31 | ControlFlowNode for tmp | provenance |  |
 | UnsafeUnpack.py:201:29:201:31 | ControlFlowNode for tmp | UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute | provenance | Config |
+models
+| 1 | Summary: tarfile; Member[open]; Argument[0,name:,2,fileobj:]; ReturnValue; taint |
 nodes
 | UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
 | UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
@@ -188,17 +204,3 @@ nodes
 | UnsafeUnpack.py:201:29:201:31 | ControlFlowNode for tmp | semmle.label | ControlFlowNode for tmp |
 | UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
 subpaths
-#select
-| UnsafeUnpack.py:19:35:19:41 | ControlFlowNode for tarpath | UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for ImportMember | UnsafeUnpack.py:19:35:19:41 | ControlFlowNode for tarpath | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:34:23:34:38 | ControlFlowNode for local_ziped_path | UnsafeUnpack.py:33:50:33:65 | ControlFlowNode for local_ziped_path | UnsafeUnpack.py:34:23:34:38 | ControlFlowNode for local_ziped_path | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:48:23:48:37 | ControlFlowNode for compressed_file | UnsafeUnpack.py:47:20:47:34 | ControlFlowNode for compressed_file | UnsafeUnpack.py:48:23:48:37 | ControlFlowNode for compressed_file | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:52:23:52:37 | ControlFlowNode for compressed_file | UnsafeUnpack.py:51:19:51:36 | ControlFlowNode for Attribute() | UnsafeUnpack.py:52:23:52:37 | ControlFlowNode for compressed_file | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:66:23:66:37 | ControlFlowNode for compressed_file | UnsafeUnpack.py:65:19:65:31 | ControlFlowNode for Attribute | UnsafeUnpack.py:66:23:66:37 | ControlFlowNode for compressed_file | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:87:23:87:29 | ControlFlowNode for tarpath | UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | UnsafeUnpack.py:87:23:87:29 | ControlFlowNode for tarpath | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:105:35:105:42 | ControlFlowNode for savepath | UnsafeUnpack.py:103:32:103:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:105:35:105:42 | ControlFlowNode for savepath | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path | UnsafeUnpack.py:108:22:108:34 | ControlFlowNode for Attribute | UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:120:41:120:58 | ControlFlowNode for uploaded_file_path | UnsafeUnpack.py:116:27:116:39 | ControlFlowNode for Attribute | UnsafeUnpack.py:120:41:120:58 | ControlFlowNode for uploaded_file_path | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:142:49:142:51 | ControlFlowNode for tar | UnsafeUnpack.py:140:23:140:35 | ControlFlowNode for Attribute | UnsafeUnpack.py:142:49:142:51 | ControlFlowNode for tar | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | UnsafeUnpack.py:158:32:158:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() | UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() | Unsafe extraction from a malicious tarball retrieved from a remote location. |
-| UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute | UnsafeUnpack.py:194:53:194:55 | ControlFlowNode for tmp | UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute | Unsafe extraction from a malicious tarball retrieved from a remote location. |
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-UnsafeUnpacking/UnsafeUnpack.qlref
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-UnsafeUnpacking/UnsafeUnpack.qlref
@@ -1 +1,2 @@
-experimental/Security/CWE-022bis/UnsafeUnpack.ql
+query: experimental/Security/CWE-022bis/UnsafeUnpack.ql
+postprocess: utils/test/PrettyPrintModels.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/PromptInjection.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/PromptInjection.expected
@@ -0,0 +1,94 @@
+#select
+| agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| agent_instructions.py:25:28:25:32 | ControlFlowNode for input | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:25:28:25:32 | ControlFlowNode for input | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| agent_instructions.py:35:28:35:32 | ControlFlowNode for input | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:35:28:35:32 | ControlFlowNode for input | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:18:15:18:19 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:18:15:18:19 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:33:33:33:37 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:33:33:33:37 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:42:15:42:19 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:42:15:42:19 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:53:33:53:37 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:53:33:53:37 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:67:28:67:32 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:67:28:67:32 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:71:28:71:32 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:71:28:71:32 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:84:28:84:32 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:84:28:84:32 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+| openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
+edges
+| agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:2:26:2:32 | ControlFlowNode for request | provenance |  |
+| agent_instructions.py:2:26:2:32 | ControlFlowNode for request | agent_instructions.py:7:13:7:19 | ControlFlowNode for request | provenance |  |
+| agent_instructions.py:2:26:2:32 | ControlFlowNode for request | agent_instructions.py:17:13:17:19 | ControlFlowNode for request | provenance |  |
+| agent_instructions.py:7:5:7:9 | ControlFlowNode for input | agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:94 |
+| agent_instructions.py:7:13:7:19 | ControlFlowNode for request | agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
+| agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | provenance | dict.get |
+| agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | agent_instructions.py:7:5:7:9 | ControlFlowNode for input | provenance |  |
+| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | agent_instructions.py:25:28:25:32 | ControlFlowNode for input | provenance |  |
+| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | agent_instructions.py:35:28:35:32 | ControlFlowNode for input | provenance |  |
+| agent_instructions.py:17:13:17:19 | ControlFlowNode for request | agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
+| agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | provenance | dict.get |
+| agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | agent_instructions.py:17:5:17:9 | ControlFlowNode for input | provenance |  |
+| openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:2:26:2:32 | ControlFlowNode for request | provenance |  |
+| openai_test.py:2:26:2:32 | ControlFlowNode for request | openai_test.py:12:15:12:21 | ControlFlowNode for request | provenance |  |
+| openai_test.py:2:26:2:32 | ControlFlowNode for request | openai_test.py:13:13:13:19 | ControlFlowNode for request | provenance |  |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | provenance |  |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | provenance |  |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | provenance |  |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | provenance |  |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | provenance |  |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | provenance |  |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:58614 |
+| openai_test.py:12:15:12:21 | ControlFlowNode for request | openai_test.py:12:15:12:26 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
+| openai_test.py:12:15:12:21 | ControlFlowNode for request | openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
+| openai_test.py:12:15:12:26 | ControlFlowNode for Attribute | openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | provenance | dict.get |
+| openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | openai_test.py:12:5:12:11 | ControlFlowNode for persona | provenance |  |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:18:15:18:19 | ControlFlowNode for query | provenance |  |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:33:33:33:37 | ControlFlowNode for query | provenance |  |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:42:15:42:19 | ControlFlowNode for query | provenance |  |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:53:33:53:37 | ControlFlowNode for query | provenance |  |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:67:28:67:32 | ControlFlowNode for query | provenance |  |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:71:28:71:32 | ControlFlowNode for query | provenance |  |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:84:28:84:32 | ControlFlowNode for query | provenance |  |
+| openai_test.py:13:13:13:19 | ControlFlowNode for request | openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
+| openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | provenance | dict.get |
+| openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | openai_test.py:13:5:13:9 | ControlFlowNode for query | provenance |  |
+nodes
+| agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
+| agent_instructions.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
+| agent_instructions.py:7:5:7:9 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
+| agent_instructions.py:7:13:7:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
+| agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
+| agent_instructions.py:17:13:17:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
+| agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| agent_instructions.py:25:28:25:32 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
+| agent_instructions.py:35:28:35:32 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
+| openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
+| openai_test.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
+| openai_test.py:12:5:12:11 | ControlFlowNode for persona | semmle.label | ControlFlowNode for persona |
+| openai_test.py:12:15:12:21 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
+| openai_test.py:12:15:12:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| openai_test.py:13:5:13:9 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:13:13:13:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
+| openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| openai_test.py:18:15:18:19 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| openai_test.py:33:33:33:37 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| openai_test.py:42:15:42:19 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:53:33:53:37 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| openai_test.py:67:28:67:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:71:28:71:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| openai_test.py:84:28:84:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
+| openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+subpaths
--- a/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/PromptInjection.qlref
+++ b/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/PromptInjection.qlref
@@ -0,0 +1,2 @@
+query: experimental/Security/CWE-1427/PromptInjection.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/agent_instructions.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/agent_instructions.py
@@ -0,0 +1,38 @@
+from agents import Agent, Runner
+from flask import Flask, request # $ Source
+app = Flask(__name__)
+
+@app.route("/parameter-route")
+def get_input1():
+    input = request.args.get("input")
+
+    agent = Agent(name="Assistant", instructions="This prompt is customized for " + input) # $Alert[py/prompt-injection]
+
+    result = Runner.run_sync(agent, "This is a user message.")
+    print(result.final_output)
+
+
+@app.route("/parameter-route")
+def get_input2():
+    input = request.args.get("input")
+
+    agent = Agent(name="Assistant", instructions="This prompt is not customized.")
+    result = Runner.run_sync(
+        agent=agent,
+        input=[
+            {
+                "role": "user",
+                "content": input, # $Alert[py/prompt-injection]
+            }
+        ] 
+    )
+
+    result2 = Runner.run_sync(
+        agent,
+        [
+            {
+                "role": "user",
+                "content": input, # $Alert[py/prompt-injection]
+            }
+        ] 
+    )
--- a/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/openai_test.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-1427-PromptInjection/openai_test.py
@@ -0,0 +1,93 @@
+from openai import OpenAI, AsyncOpenAI, AzureOpenAI
+from flask import Flask, request  # $ Source
+app = Flask(__name__)
+
+client = OpenAI()
+async_client = AsyncOpenAI()
+azure_client = AzureOpenAI()
+
+
+@app.route("/openai")
+async def get_input_openai():
+    persona = request.args.get("persona")
+    query = request.args.get("query")
+    role = request.args.get("role")
+
+    response1 = client.responses.create(
+        instructions="Talks like a " + persona,  # $ Alert[py/prompt-injection]
+        input=query,  # $ Alert[py/prompt-injection]
+    )
+
+    response2 = client.responses.create(
+        instructions="Talks like a " + persona,  # $ Alert[py/prompt-injection]
+        input=[
+            {
+                "role": "developer",
+                "content": "Talk like a " + persona  # $ Alert[py/prompt-injection]
+            },
+            {
+                "role": "user",
+                "content": [
+                    {
+                        "type": "input_text",
+                        "text": query  # $ Alert[py/prompt-injection]
+                    }
+                ]
+            }
+        ]
+    )
+
+    response3 = await async_client.responses.create(
+        instructions="Talks like a " + persona,  # $ Alert[py/prompt-injection]
+        input=query,  # $ Alert[py/prompt-injection]
+    )
+
+    async with client.realtime.connect(model="gpt-realtime") as connection:
+        await connection.conversation.item.create(
+            item={
+                "type": "message",
+                "role": role,
+                "content": [
+                    {
+                        "type": "input_text",
+                        "text": query  # $ Alert[py/prompt-injection]
+                    }
+                ],
+            }
+        )
+
+    completion1 = client.chat.completions.create(
+        messages=[
+            {
+                "role": "developer",
+                "content": "Talk like a " + persona # $ Alert[py/prompt-injection]
+            },
+            {
+                "role": "user",
+                "content": query,  # $ Alert[py/prompt-injection]
+            },
+            {
+                "role": role,
+                "content": query,  # $ Alert[py/prompt-injection]
+            }
+        ]
+    )
+
+    completion2 = azure_client.chat.completions.create(
+        messages=[
+            {
+                "role": "developer",
+                "content": "Talk like a " + persona  # $ Alert[py/prompt-injection]
+            },
+            {
+                "role": "user",
+                "content": query,  # $ Alert[py/prompt-injection]
+            }
+        ]
+    )
+
+    assistant = client.beta.assistants.create(
+        name="Test Agent",
+        model="gpt-4.1",
+        instructions="Talks like a " + persona  # $ Alert[py/prompt-injection]
+    )
--- a/python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.expected
@@ -1,23 +1,52 @@
+#select
+| test.py:11:5:11:52 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:11:5:11:52 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:12:5:12:48 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:12:5:12:48 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:15:14:15:29 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:15:14:15:29 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:19:14:19:39 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:19:14:19:39 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:22:5:22:60 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:22:5:22:60 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:24:5:24:52 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:24:5:24:52 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:25:5:25:55 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:25:5:25:55 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:26:5:26:57 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:26:5:26:57 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:27:5:27:50 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:27:5:27:50 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:28:5:28:60 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:28:5:28:60 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:35:27:35:35 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:35:27:35:35 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:39:15:39:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:39:15:39:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:40:19:40:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:40:19:40:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:44:14:44:22 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:44:14:44:22 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:45:17:45:25 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:45:17:45:25 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:49:15:49:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:49:15:49:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:50:19:50:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:50:19:50:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:54:15:54:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:54:15:54:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:55:19:55:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:55:19:55:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:59:40:59:48 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:59:40:59:48 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:61:23:61:31 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:61:23:61:31 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:62:21:62:29 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:62:21:62:29 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:64:40:64:48 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:64:40:64:48 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:65:22:65:30 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:65:22:65:30 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:66:21:66:29 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:66:21:66:29 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:67:42:67:50 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:67:42:67:50 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:68:23:68:31 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:68:23:68:31 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
+| test.py:69:36:69:44 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:69:36:69:44 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
 edges
 | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:11:21:11:29 | ControlFlowNode for file_path | provenance |  |
 | test.py:11:5:11:35 | ControlFlowNode for Attribute() | test.py:11:5:11:52 | ControlFlowNode for Attribute() | provenance | Config |
-| test.py:11:21:11:29 | ControlFlowNode for file_path | test.py:11:5:11:35 | ControlFlowNode for Attribute() | provenance | MaD:85 |
+| test.py:11:21:11:29 | ControlFlowNode for file_path | test.py:11:5:11:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
 | test.py:11:21:11:29 | ControlFlowNode for file_path | test.py:11:5:11:52 | ControlFlowNode for Attribute() | provenance | Config |
 | test.py:11:21:11:29 | ControlFlowNode for file_path | test.py:12:21:12:29 | ControlFlowNode for file_path | provenance |  |
 | test.py:12:5:12:35 | ControlFlowNode for Attribute() | test.py:12:5:12:48 | ControlFlowNode for Attribute() | provenance | Config |
-| test.py:12:21:12:29 | ControlFlowNode for file_path | test.py:12:5:12:35 | ControlFlowNode for Attribute() | provenance | MaD:85 |
+| test.py:12:21:12:29 | ControlFlowNode for file_path | test.py:12:5:12:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
 | test.py:12:21:12:29 | ControlFlowNode for file_path | test.py:12:5:12:48 | ControlFlowNode for Attribute() | provenance | Config |
 | test.py:12:21:12:29 | ControlFlowNode for file_path | test.py:14:26:14:34 | ControlFlowNode for file_path | provenance |  |
 | test.py:14:10:14:35 | ControlFlowNode for Attribute() | test.py:15:14:15:29 | ControlFlowNode for Attribute() | provenance | Config |
-| test.py:14:26:14:34 | ControlFlowNode for file_path | test.py:14:10:14:35 | ControlFlowNode for Attribute() | provenance | MaD:85 |
+| test.py:14:26:14:34 | ControlFlowNode for file_path | test.py:14:10:14:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
 | test.py:14:26:14:34 | ControlFlowNode for file_path | test.py:15:14:15:29 | ControlFlowNode for Attribute() | provenance | Config |
 | test.py:14:26:14:34 | ControlFlowNode for file_path | test.py:18:26:18:34 | ControlFlowNode for file_path | provenance |  |
 | test.py:18:10:18:35 | ControlFlowNode for Attribute() | test.py:19:14:19:39 | ControlFlowNode for Attribute() | provenance | Config |
-| test.py:18:26:18:34 | ControlFlowNode for file_path | test.py:18:10:18:35 | ControlFlowNode for Attribute() | provenance | MaD:85 |
+| test.py:18:26:18:34 | ControlFlowNode for file_path | test.py:18:10:18:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
 | test.py:18:26:18:34 | ControlFlowNode for file_path | test.py:19:14:19:39 | ControlFlowNode for Attribute() | provenance | Config |
 | test.py:18:26:18:34 | ControlFlowNode for file_path | test.py:22:21:22:29 | ControlFlowNode for file_path | provenance |  |
 | test.py:22:5:22:30 | ControlFlowNode for Attribute() | test.py:22:5:22:60 | ControlFlowNode for Attribute() | provenance | Config |
-| test.py:22:21:22:29 | ControlFlowNode for file_path | test.py:22:5:22:30 | ControlFlowNode for Attribute() | provenance | MaD:85 |
+| test.py:22:21:22:29 | ControlFlowNode for file_path | test.py:22:5:22:30 | ControlFlowNode for Attribute() | provenance | MaD:1 |
 | test.py:22:21:22:29 | ControlFlowNode for file_path | test.py:22:5:22:60 | ControlFlowNode for Attribute() | provenance | Config |
 | test.py:22:21:22:29 | ControlFlowNode for file_path | test.py:24:18:24:26 | ControlFlowNode for file_path | provenance |  |
 | test.py:24:18:24:26 | ControlFlowNode for file_path | test.py:24:5:24:52 | ControlFlowNode for Attribute() | provenance | Config |
@@ -36,15 +65,19 @@ edges
 | test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:45:17:45:25 | ControlFlowNode for file_path | provenance |  |
 | test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:49:15:49:23 | ControlFlowNode for file_path | provenance |  |
 | test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:50:19:50:27 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:54:40:54:48 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:56:23:56:31 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:57:21:57:29 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:54:15:54:23 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:55:19:55:27 | ControlFlowNode for file_path | provenance |  |
 | test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:59:40:59:48 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:60:22:60:30 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:61:21:61:29 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:62:42:62:50 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:63:23:63:31 | ControlFlowNode for file_path | provenance |  |
-| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:64:36:64:44 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:61:23:61:31 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:62:21:62:29 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:64:40:64:48 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:65:22:65:30 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:66:21:66:29 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:67:42:67:50 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:68:23:68:31 | ControlFlowNode for file_path | provenance |  |
+| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:69:36:69:44 | ControlFlowNode for file_path | provenance |  |
+models
+| 1 | Summary: zipfile.ZipFile!; Subclass.Call; Argument[0,file:]; ReturnValue; taint |
 nodes
 | test.py:10:16:10:24 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
 | test.py:11:5:11:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
@@ -79,40 +112,15 @@ nodes
 | test.py:45:17:45:25 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
 | test.py:49:15:49:23 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
 | test.py:50:19:50:27 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:54:40:54:48 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:56:23:56:31 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:57:21:57:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:54:15:54:23 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:55:19:55:27 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
 | test.py:59:40:59:48 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:60:22:60:30 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:61:21:61:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:62:42:62:50 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:63:23:63:31 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
-| test.py:64:36:64:44 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:61:23:61:31 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:62:21:62:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:64:40:64:48 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:65:22:65:30 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:66:21:66:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:67:42:67:50 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:68:23:68:31 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
+| test.py:69:36:69:44 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
 subpaths
-#select
-| test.py:11:5:11:52 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:11:5:11:52 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:12:5:12:48 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:12:5:12:48 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:15:14:15:29 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:15:14:15:29 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:19:14:19:39 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:19:14:19:39 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:22:5:22:60 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:22:5:22:60 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:24:5:24:52 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:24:5:24:52 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:25:5:25:55 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:25:5:25:55 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:26:5:26:57 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:26:5:26:57 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:27:5:27:50 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:27:5:27:50 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:28:5:28:60 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:28:5:28:60 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:35:27:35:35 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:35:27:35:35 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:39:15:39:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:39:15:39:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:40:19:40:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:40:19:40:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:44:14:44:22 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:44:14:44:22 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:45:17:45:25 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:45:17:45:25 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:49:15:49:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:49:15:49:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:50:19:50:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:50:19:50:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:54:40:54:48 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:54:40:54:48 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:56:23:56:31 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:56:23:56:31 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:57:21:57:29 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:57:21:57:29 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:59:40:59:48 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:59:40:59:48 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:60:22:60:30 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:60:22:60:30 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:61:21:61:29 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:61:21:61:29 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:62:42:62:50 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:62:42:62:50 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:63:23:63:31 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:63:23:63:31 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
-| test.py:64:36:64:44 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:64:36:64:44 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
--- a/python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.qlref
+++ b/python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.qlref
@@ -1 +1,2 @@
-experimental/Security/CWE-409/DecompressionBombs.ql
+query: experimental/Security/CWE-409/DecompressionBombs.ql
+postprocess: utils/test/PrettyPrintModels.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-409/test.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-409/test.py
@@ -49,6 +49,11 @@ async def bomb(file_path):
    gzip.open(file_path)  # $ result=BAD
    gzip.GzipFile(file_path)  # $ result=BAD

+    from compression import zstd
+
+    zstd.open(file_path)  # $ result=BAD
+    zstd.ZstdFile(file_path).read()  # $ result=BAD
+
    import pandas

    pandas.read_csv(filepath_or_buffer=file_path)  # $ result=BAD
--- a/python/ql/test/extractor-tests/double-import/ModuleNames.ql
+++ b/python/ql/test/extractor-tests/double-import/ModuleNames.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from Container path, string name
 where exists(ModuleValue m | m.getPath() = path and m.getName() = name)
--- a/python/ql/test/extractor-tests/exports/Test.ql
+++ b/python/ql/test/extractor-tests/exports/Test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

-from Module m
+from ModuleWithPointsTo m
 select m.toString(), m.getAnExport().toString()
--- a/python/ql/test/extractor-tests/overlay/basic-full-eval/greeting.py
+++ b/python/ql/test/extractor-tests/overlay/basic-full-eval/greeting.py
@@ -0,0 +1,5 @@
+from new import *
+from lib import *
+
+def get_greeting():
+    return combine("Goodbye", get_new_target())
--- a/python/ql/test/extractor-tests/overlay/basic-full-eval/hello.py
+++ b/python/ql/test/extractor-tests/overlay/basic-full-eval/hello.py
@@ -0,0 +1,4 @@
+from greeting import *
+
+if __name__ == "__main__":
+    print(get_greeting())
--- a/python/ql/test/extractor-tests/overlay/basic-full-eval/lib/init.py
+++ b/python/ql/test/extractor-tests/overlay/basic-full-eval/lib/init.py
@@ -0,0 +1 @@
+def combine(a, b): return f"{a}, {b}!"
--- a/python/ql/test/extractor-tests/overlay/basic-full-eval/new.py
+++ b/python/ql/test/extractor-tests/overlay/basic-full-eval/new.py
@@ -0,0 +1,2 @@
+def get_new_target():
+    return "世界"
--- a/python/ql/test/extractor-tests/overlay/basic-full-eval/options
+++ b/python/ql/test/extractor-tests/overlay/basic-full-eval/options
@@ -0,0 +1 @@
+semmle-extractor-options: -R . -m hello.py --filter exclude:**/*.testproj/**
--- a/python/ql/test/extractor-tests/overlay/basic-full-eval/test.expected
+++ b/python/ql/test/extractor-tests/overlay/basic-full-eval/test.expected
@@ -0,0 +1,152 @@
+testStringLiterals
+| greeting.py:5:20:5:28 | StringLiteral | Goodbye |
+| hello.py:3:16:3:25 | StringLiteral | __main__ |
+| lib/__init__.py:1:27:1:29 | StringLiteral |  |
+| lib/__init__.py:1:31:1:34 | StringLiteral | ,  |
+| lib/__init__.py:1:36:1:38 | StringLiteral | ! |
+| new.py:2:12:2:15 | StringLiteral | \u4e16\u754c |
+testModules
+| greeting.py:0:0:0:0 | Module greeting |
+| hello.py:0:0:0:0 | Module hello |
+| lib/__init__.py:0:0:0:0 | Module lib.__init__ |
+| lib:0:0:0:0 | Package lib |
+| new.py:0:0:0:0 | Module new |
+testFunctions
+| greeting.py:4:1:4:19 | Function get_greeting |
+| lib/__init__.py:1:1:1:18 | Function combine |
+| new.py:1:1:1:21 | Function get_new_target |
+testClasses
+testLocations
+| greeting.py:0:0:0:0 | greeting.py:0 |
+| greeting.py:1:1:1:17 | greeting.py:1 |
+| greeting.py:1:6:1:8 | greeting.py:1 |
+| greeting.py:2:1:2:17 | greeting.py:2 |
+| greeting.py:2:6:2:8 | greeting.py:2 |
+| greeting.py:4:1:4:19 | greeting.py:4 |
+| greeting.py:4:1:4:19 | greeting.py:4 |
+| greeting.py:4:1:4:19 | greeting.py:4 |
+| greeting.py:4:5:4:16 | greeting.py:4 |
+| greeting.py:5:5:5:47 | greeting.py:5 |
+| greeting.py:5:12:5:18 | greeting.py:5 |
+| greeting.py:5:12:5:47 | greeting.py:5 |
+| greeting.py:5:20:5:28 | greeting.py:5 |
+| greeting.py:5:31:5:44 | greeting.py:5 |
+| greeting.py:5:31:5:46 | greeting.py:5 |
+| hello.py:0:0:0:0 | hello.py:0 |
+| hello.py:1:1:1:22 | hello.py:1 |
+| hello.py:1:6:1:13 | hello.py:1 |
+| hello.py:3:1:3:26 | hello.py:3 |
+| hello.py:3:4:3:11 | hello.py:3 |
+| hello.py:3:4:3:25 | hello.py:3 |
+| hello.py:3:16:3:25 | hello.py:3 |
+| hello.py:4:5:4:9 | hello.py:4 |
+| hello.py:4:5:4:25 | hello.py:4 |
+| hello.py:4:5:4:25 | hello.py:4 |
+| hello.py:4:11:4:22 | hello.py:4 |
+| hello.py:4:11:4:24 | hello.py:4 |
+| lib/__init__.py:0:0:0:0 | lib/__init__.py:0 |
+| lib/__init__.py:1:1:1:18 | lib/__init__.py:1 |
+| lib/__init__.py:1:1:1:18 | lib/__init__.py:1 |
+| lib/__init__.py:1:1:1:18 | lib/__init__.py:1 |
+| lib/__init__.py:1:5:1:11 | lib/__init__.py:1 |
+| lib/__init__.py:1:13:1:13 | lib/__init__.py:1 |
+| lib/__init__.py:1:16:1:16 | lib/__init__.py:1 |
+| lib/__init__.py:1:20:1:38 | lib/__init__.py:1 |
+| lib/__init__.py:1:27:1:29 | lib/__init__.py:1 |
+| lib/__init__.py:1:27:1:38 | lib/__init__.py:1 |
+| lib/__init__.py:1:30:1:30 | lib/__init__.py:1 |
+| lib/__init__.py:1:31:1:34 | lib/__init__.py:1 |
+| lib/__init__.py:1:35:1:35 | lib/__init__.py:1 |
+| lib/__init__.py:1:36:1:38 | lib/__init__.py:1 |
+| lib:0:0:0:0 | lib:0 |
+| new.py:0:0:0:0 | new.py:0 |
+| new.py:1:1:1:21 | new.py:1 |
+| new.py:1:1:1:21 | new.py:1 |
+| new.py:1:1:1:21 | new.py:1 |
+| new.py:1:5:1:18 | new.py:1 |
+| new.py:2:5:2:15 | new.py:2 |
+| new.py:2:12:2:15 | new.py:2 |
+testFiles
+| greeting.py:0:0:0:0 | greeting.py |
+| hello.py:0:0:0:0 | hello.py |
+| lib/__init__.py:0:0:0:0 | lib/__init__.py |
+| new.py:0:0:0:0 | new.py |
+testCfgNodes
+| greeting.py:0:0:0:0 | Entry node for Module greeting |
+| greeting.py:0:0:0:0 | Exit node for Module greeting |
+| greeting.py:1:1:1:17 | ControlFlowNode for from new import * |
+| greeting.py:1:6:1:8 | ControlFlowNode for ImportExpr |
+| greeting.py:2:1:2:17 | ControlFlowNode for from lib import * |
+| greeting.py:2:6:2:8 | ControlFlowNode for ImportExpr |
+| greeting.py:4:1:4:19 | ControlFlowNode for FunctionExpr |
+| greeting.py:4:1:4:19 | Entry node for Function get_greeting |
+| greeting.py:4:1:4:19 | Exit node for Function get_greeting |
+| greeting.py:4:5:4:16 | ControlFlowNode for get_greeting |
+| greeting.py:5:5:5:47 | ControlFlowNode for Return |
+| greeting.py:5:12:5:18 | ControlFlowNode for combine |
+| greeting.py:5:12:5:47 | ControlFlowNode for combine() |
+| greeting.py:5:20:5:28 | ControlFlowNode for StringLiteral |
+| greeting.py:5:31:5:44 | ControlFlowNode for get_new_target |
+| greeting.py:5:31:5:46 | ControlFlowNode for get_new_target() |
+| hello.py:0:0:0:0 | Entry node for Module hello |
+| hello.py:0:0:0:0 | Exit node for Module hello |
+| hello.py:1:1:1:22 | ControlFlowNode for from greeting import * |
+| hello.py:1:6:1:13 | ControlFlowNode for ImportExpr |
+| hello.py:3:4:3:11 | ControlFlowNode for __name__ |
+| hello.py:3:4:3:25 | ControlFlowNode for Compare |
+| hello.py:3:16:3:25 | ControlFlowNode for StringLiteral |
+| hello.py:4:5:4:9 | ControlFlowNode for print |
+| hello.py:4:5:4:25 | ControlFlowNode for print() |
+| hello.py:4:11:4:22 | ControlFlowNode for get_greeting |
+| hello.py:4:11:4:24 | ControlFlowNode for get_greeting() |
+| lib/__init__.py:0:0:0:0 | Entry node for Module lib.__init__ |
+| lib/__init__.py:0:0:0:0 | Exit node for Module lib.__init__ |
+| lib/__init__.py:1:1:1:18 | ControlFlowNode for FunctionExpr |
+| lib/__init__.py:1:1:1:18 | Entry node for Function combine |
+| lib/__init__.py:1:1:1:18 | Exit node for Function combine |
+| lib/__init__.py:1:5:1:11 | ControlFlowNode for combine |
+| lib/__init__.py:1:13:1:13 | ControlFlowNode for a |
+| lib/__init__.py:1:16:1:16 | ControlFlowNode for b |
+| lib/__init__.py:1:20:1:38 | ControlFlowNode for Return |
+| lib/__init__.py:1:27:1:29 | ControlFlowNode for StringLiteral |
+| lib/__init__.py:1:27:1:38 | ControlFlowNode for Fstring |
+| lib/__init__.py:1:30:1:30 | ControlFlowNode for a |
+| lib/__init__.py:1:31:1:34 | ControlFlowNode for StringLiteral |
+| lib/__init__.py:1:35:1:35 | ControlFlowNode for b |
+| lib/__init__.py:1:36:1:38 | ControlFlowNode for StringLiteral |
+| lib:0:0:0:0 | Entry node for Package lib |
+| new.py:0:0:0:0 | Entry node for Module new |
+| new.py:0:0:0:0 | Exit node for Module new |
+| new.py:1:1:1:21 | ControlFlowNode for FunctionExpr |
+| new.py:1:1:1:21 | Entry node for Function get_new_target |
+| new.py:1:1:1:21 | Exit node for Function get_new_target |
+| new.py:1:5:1:18 | ControlFlowNode for get_new_target |
+| new.py:2:5:2:15 | ControlFlowNode for Return |
+| new.py:2:12:2:15 | ControlFlowNode for StringLiteral |
+testSsaVars
+| file://:0:0:0:0 | SSA Variable __name__ |
+| file://:0:0:0:0 | SSA Variable get_greeting |
+| file://:0:0:0:0 | SSA Variable print |
+| greeting.py:4:5:4:16 | SSA Variable get_greeting |
+| lib/__init__.py:1:5:1:11 | SSA Variable combine |
+| lib/__init__.py:1:13:1:13 | SSA Variable a |
+| lib/__init__.py:1:16:1:16 | SSA Variable b |
+| new.py:1:5:1:18 | SSA Variable get_new_target |
+testVars
+| Global Variable __name__ | greeting.py:0:0:0:0 | Module greeting |
+| Global Variable __name__ | hello.py:0:0:0:0 | Module hello |
+| Global Variable __name__ | lib/__init__.py:0:0:0:0 | Module lib.__init__ |
+| Global Variable __name__ | new.py:0:0:0:0 | Module new |
+| Global Variable __package__ | greeting.py:0:0:0:0 | Module greeting |
+| Global Variable __package__ | hello.py:0:0:0:0 | Module hello |
+| Global Variable __package__ | lib/__init__.py:0:0:0:0 | Module lib.__init__ |
+| Global Variable __package__ | new.py:0:0:0:0 | Module new |
+| Global Variable combine | greeting.py:0:0:0:0 | Module greeting |
+| Global Variable combine | lib/__init__.py:0:0:0:0 | Module lib.__init__ |
+| Global Variable get_greeting | greeting.py:0:0:0:0 | Module greeting |
+| Global Variable get_greeting | hello.py:0:0:0:0 | Module hello |
+| Global Variable get_new_target | greeting.py:0:0:0:0 | Module greeting |
+| Global Variable get_new_target | new.py:0:0:0:0 | Module new |
+| Global Variable print | hello.py:0:0:0:0 | Module hello |
+| Local Variable a | lib/__init__.py:1:1:1:18 | Function combine |
+| Local Variable b | lib/__init__.py:1:1:1:18 | Function combine |
--- a/python/ql/test/extractor-tests/overlay/basic-full-eval/test.ql
+++ b/python/ql/test/extractor-tests/overlay/basic-full-eval/test.ql
@@ -0,0 +1,19 @@
+import python
+
+query predicate testStringLiterals(StringLiteral l, string text) { l.getText() = text }
+
+query predicate testModules(Module m) { any() }
+
+query predicate testFunctions(Function f) { any() }
+
+query predicate testClasses(Class c) { any() }
+
+query predicate testLocations(Location l) { any() }
+
+query predicate testFiles(File f) { any() }
+
+query predicate testCfgNodes(ControlFlowNode n) { any() }
+
+query predicate testSsaVars(SsaVariable var) { any() }
+
+query predicate testVars(Variable var, Scope s) { s = var.getScope() }
--- a/python/ql/test/extractor-tests/overlay/basic-overlay-eval/codeql-test.yml
+++ b/python/ql/test/extractor-tests/overlay/basic-overlay-eval/codeql-test.yml
@@ -0,0 +1,3 @@
+overlay:
+  base: "orig_src"
+  overlay: "../basic-full-eval"
--- a/python/ql/test/extractor-tests/overlay/basic-overlay-eval/options
+++ b/python/ql/test/extractor-tests/overlay/basic-overlay-eval/options
@@ -0,0 +1 @@
+semmle-extractor-options: -R . -m hello.py --filter exclude:**/*.testproj/**
--- a/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/greeting.py
+++ b/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/greeting.py
@@ -0,0 +1,5 @@
+from old import *
+from lib import *
+
+def get_greeting():
+    return combine("Hello", get_old_target())
--- a/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/hello.py
+++ b/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/hello.py
@@ -0,0 +1,4 @@
+from greeting import *
+
+if __name__ == "__main__":
+    print(get_greeting())
--- a/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/lib/init.py
+++ b/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/lib/init.py
@@ -0,0 +1 @@
+def combine(a, b): return f"{a}, {b}!"
--- a/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/old.py
+++ b/python/ql/test/extractor-tests/overlay/basic-overlay-eval/orig_src/old.py
@@ -0,0 +1,2 @@
+def get_old_target():
+    return "World"
--- a/python/ql/test/extractor-tests/overlay/basic-overlay-eval/test.qlref
+++ b/python/ql/test/extractor-tests/overlay/basic-overlay-eval/test.qlref
@@ -0,0 +1 @@
+../basic-full-eval/test.ql
--- a/python/ql/test/extractor-tests/unicode_decoding/test.ql
+++ b/python/ql/test/extractor-tests/unicode_decoding/test.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

 from Object o, string s
 where
--- a/python/ql/test/library-tests/ControlFlow/general/Comments.ql
+++ b/python/ql/test/library-tests/ControlFlow/general/Comments.ql
@@ -1,5 +1,6 @@
 import python
+private import LegacyPointsTo

-from Module m, int n
-where n = m.getMetrics().getNumberOfLinesOfComments()
+from ModuleMetrics m, int n
+where n = m.getNumberOfLinesOfComments()
 select m.toString(), n
--- a/python/ql/test/library-tests/ControlFlow/general/Cyclo.ql
+++ b/python/ql/test/library-tests/ControlFlow/general/Cyclo.ql
@@ -1,4 +1,5 @@
 import python
+private import LegacyPointsTo

-from Function func
-select func.toString(), func.getMetrics().getCyclomaticComplexity()
+from FunctionMetrics func
+select func.toString(), func.getCyclomaticComplexity()
--- a/python/ql/test/library-tests/ControlFlow/general/Lines.ql
+++ b/python/ql/test/library-tests/ControlFlow/general/Lines.ql
@@ -1,8 +1,9 @@
 import python
+private import LegacyPointsTo

 from Scope s, int n
 where
-  exists(Function f | f = s | n = f.getMetrics().getNumberOfLines())
+  exists(FunctionMetrics f | f = s | n = f.getNumberOfLines())
  or
-  exists(Module m | m = s | n = m.getMetrics().getNumberOfLines())
+  exists(ModuleMetrics m | m = s | n = m.getNumberOfLines())
 select s.toString(), n
--- a/python/ql/test/library-tests/ControlFlow/ssa/undefined/test.ql
+++ b/python/ql/test/library-tests/ControlFlow/ssa/undefined/test.ql
@@ -1,5 +1,6 @@
 import python
+private import LegacyPointsTo

-from SsaVariable var
+from SsaVariableWithPointsTo var
 where var.maybeUndefined()
 select var.getDefinition().getLocation().getStartLine(), var.toString()
--- a/python/ql/test/library-tests/PointsTo/absent/Absent.ql
+++ b/python/ql/test/library-tests/PointsTo/absent/Absent.ql
@@ -1,6 +1,7 @@
 import python
+private import LegacyPointsTo
 import semmle.python.objects.Modules

-from Value val, ControlFlowNode f
+from Value val, ControlFlowNodeWithPointsTo f
 where f.pointsTo(val)
 select f, val
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`semmle-extractor-options: -R . -m hello.py --filter exclude:*/.testproj/**`