Java/C#/GO: Use instanceof in more places

java/ql/lib/semmle/code/java/dataflow/FlowSources.qll

@@ -172,9 +172,7 @@ abstract class UserInput extends DataFlow::Node { }
 /**
  * Input that may be controlled by a remote user.
  */
-private class RemoteUserInput extends UserInput {
-  RemoteUserInput() { this instanceof RemoteFlowSource }
-}
+private class RemoteUserInput extends UserInput instanceof RemoteFlowSource { }
 
 /** A node with input that may be controlled by a local user. */
 abstract class LocalUserInput extends UserInput { }

java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll

@@ -58,9 +58,7 @@ abstract class WhitelistedLiveCallable extends CallableEntryPoint { }
 /**
  * A `public static void main(String[] args)` method.
  */
-class MainMethodEntry extends CallableEntryPoint {
-  MainMethodEntry() { this instanceof MainMethod }
-}
+class MainMethodEntry extends CallableEntryPoint instanceof MainMethod { }
 
 /**
  * A method that overrides a library method -- the result is
@@ -96,9 +94,7 @@ abstract class ReflectivelyConstructedClass extends EntryPoint, Class {
 /**
  * Classes that are deserialized by Jackson are reflectively constructed.
  */
-library class JacksonReflectivelyConstructedClass extends ReflectivelyConstructedClass {
-  JacksonReflectivelyConstructedClass() { this instanceof JacksonDeserializableType }
-
+library class JacksonReflectivelyConstructedClass extends ReflectivelyConstructedClass instanceof JacksonDeserializableType {
   override Callable getALiveCallable() {
     // Constructors may be called by Jackson, if they are a no-arg, they have a suitable annotation,
     // or inherit a suitable annotation through a mixin.
@@ -312,8 +308,7 @@ class FacesAccessibleMethodEntryPoint extends CallableEntryPoint {
  * A Java Server Faces custom component, that is reflectively constructed by the framework when
  * used in a view (JSP or facelet).
  */
-class FacesComponentReflectivelyConstructedClass extends ReflectivelyConstructedClass {
-  FacesComponentReflectivelyConstructedClass() { this instanceof FacesComponent }
+class FacesComponentReflectivelyConstructedClass extends ReflectivelyConstructedClass instanceof FacesComponent {
 }
 
 /**
@@ -400,8 +395,7 @@ class JavaxManagedBeanReflectivelyConstructed extends ReflectivelyConstructedCla
  * Classes marked as Java persistence entities can be reflectively constructed when the data is
  * loaded.
  */
-class PersistentEntityEntryPoint extends ReflectivelyConstructedClass {
-  PersistentEntityEntryPoint() { this instanceof PersistentEntity }
+class PersistentEntityEntryPoint extends ReflectivelyConstructedClass instanceof PersistentEntity {
 }
 
 /**
@@ -465,6 +459,5 @@ class ArbitraryXmlEntryPoint extends ReflectivelyConstructedClass {
 deprecated class ArbitraryXMLEntryPoint = ArbitraryXmlEntryPoint;
 
 /** A Selenium PageObject, created by a call to PageFactory.initElements(..). */
-class SeleniumPageObjectEntryPoint extends ReflectivelyConstructedClass {
-  SeleniumPageObjectEntryPoint() { this instanceof SeleniumPageObject }
+class SeleniumPageObjectEntryPoint extends ReflectivelyConstructedClass instanceof SeleniumPageObject {
 }

java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll

@@ -50,9 +50,7 @@ class SpringBeanAnnotatedMethod extends CallableEntryPoint {
 /**
  * A live entry point within a Spring controller.
  */
-class SpringControllerEntryPoint extends CallableEntryPoint {
-  SpringControllerEntryPoint() { this instanceof SpringControllerMethod }
-}
+class SpringControllerEntryPoint extends CallableEntryPoint instanceof SpringControllerMethod { }
 
 /**
  * A method that is accessible in a response, because it is part of the returned model,

java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll

@@ -33,23 +33,18 @@ class Struts1ActionEntryPoint extends EntryPoint, Class {
 /**
  * A struts 2 action class that is reflectively constructed.
  */
-class Struts2ReflectivelyConstructedAction extends ReflectivelyConstructedClass {
-  Struts2ReflectivelyConstructedAction() { this instanceof Struts2ActionClass }
+class Struts2ReflectivelyConstructedAction extends ReflectivelyConstructedClass instanceof Struts2ActionClass {
 }
 
 /**
  * A method called on a struts 2 action class when the action is activated.
  */
-class Struts2ActionMethodEntryPoint extends CallableEntryPoint {
-  Struts2ActionMethodEntryPoint() { this instanceof Struts2ActionMethod }
-}
+class Struts2ActionMethodEntryPoint extends CallableEntryPoint instanceof Struts2ActionMethod { }
 
 /**
  * A method called on a struts 2 action class before an action is activated.
  */
-class Struts2PrepareMethodEntryPoint extends CallableEntryPoint {
-  Struts2PrepareMethodEntryPoint() { this instanceof Struts2PrepareMethod }
-}
+class Struts2PrepareMethodEntryPoint extends CallableEntryPoint instanceof Struts2PrepareMethod { }
 
 /**
  * A class which is accessible - directly or indirectly - from a struts action.

java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll

@@ -78,13 +78,10 @@ class JUnitCategory extends WhitelistedLiveClass {
 /**
  * A listener that will be reflectively constructed by TestNG.
  */
-class TestNGReflectivelyConstructedListener extends ReflectivelyConstructedClass {
-  TestNGReflectivelyConstructedListener() {
-    // Consider any class that implements a TestNG listener interface to be live. Listeners can be
-    // specified on the command line, in `testng.xml` files and in Ant build files, so it is safest
-    // to assume that all such listeners are live.
-    this instanceof TestNGListenerImpl
-  }
+class TestNGReflectivelyConstructedListener extends ReflectivelyConstructedClass instanceof TestNGListenerImpl {
+  // Consider any class that implements a TestNG listener interface to be live. Listeners can be
+  // specified on the command line, in `testng.xml` files and in Ant build files, so it is safest
+  // to assume that all such listeners are live.
 }
 
 /**
@@ -99,9 +96,7 @@ class TestNGDataProvidersEntryPoint extends CallableEntryPoint {
 /**
  * A `@Factory` TestNG method or constructor which is live.
  */
-class TestNGFactoryEntryPoint extends CallableEntryPoint {
-  TestNGFactoryEntryPoint() { this instanceof TestNGFactoryCallable }
-}
+class TestNGFactoryEntryPoint extends CallableEntryPoint instanceof TestNGFactoryCallable { }
 
 class TestRefectivelyConstructedClass extends ReflectivelyConstructedClass {
   TestRefectivelyConstructedClass() {
@@ -159,6 +154,5 @@ class CucumberConstructedClass extends ReflectivelyConstructedClass {
 /**
  * A "step definition" that may be called by Cucumber when executing an acceptance test.
  */
-class CucumberStepDefinitionEntryPoint extends CallableEntryPoint {
-  CucumberStepDefinitionEntryPoint() { this instanceof CucumberStepDefinition }
+class CucumberStepDefinitionEntryPoint extends CallableEntryPoint instanceof CucumberStepDefinition {
 }

java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll

@@ -7,17 +7,12 @@ import semmle.code.java.frameworks.Servlets
  * Any class which extends the `Servlet` interface is intended to be constructed reflectively by a
  * servlet container.
  */
-class ServletConstructedClass extends ReflectivelyConstructedClass {
+class ServletConstructedClass extends ReflectivelyConstructedClass instanceof ServletClass {
   ServletConstructedClass() {
-    this instanceof ServletClass and
     // If we have seen any `web.xml` files, this servlet will be considered to be live only if it is
     // referred to as a servlet-class in at least one. If no `web.xml` files are found, we assume
     // that XML extraction was not enabled, and therefore consider all `Servlet` classes as live.
-    (
-      isWebXmlIncluded()
-      implies
-      exists(WebServletClass servletClass | this = servletClass.getClass())
-    )
+    isWebXmlIncluded() implies exists(WebServletClass servletClass | this = servletClass.getClass())
   }
 }
 
@@ -112,6 +107,4 @@ class GwtUiBinderEntryPoint extends CallableEntryPoint {
 /**
  * Fields that may be reflectively read or written to by the UiBinder framework.
  */
-class GwtUiBinderReflectivelyReadField extends ReflectivelyReadField {
-  GwtUiBinderReflectivelyReadField() { this instanceof GwtUiField }
-}
+class GwtUiBinderReflectivelyReadField extends ReflectivelyReadField instanceof GwtUiField { }

java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll

@@ -75,14 +75,11 @@ class ForbiddenSecurityConfigurationCallable extends ForbiddenCallable {
 }
 
 /** A method or constructor involving serialization that may not be called by an EJB. */
-class ForbiddenSerializationCallable extends ForbiddenCallable {
-  ForbiddenSerializationCallable() { this instanceof ForbiddenSerializationMethod }
+class ForbiddenSerializationCallable extends ForbiddenCallable instanceof ForbiddenSerializationMethod {
 }
 
 /** A method or constructor involving network factory operations that may not be called by an EJB. */
-class ForbiddenSetFactoryCallable extends ForbiddenCallable {
-  ForbiddenSetFactoryCallable() { this instanceof ForbiddenSetFactoryMethod }
-}
+class ForbiddenSetFactoryCallable extends ForbiddenCallable instanceof ForbiddenSetFactoryMethod { }
 
 /** A method or constructor involving server socket operations that may not be called by an EJB. */
 class ForbiddenServerSocketCallable extends ForbiddenCallable {

java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll

@@ -73,9 +73,8 @@ abstract class AlwaysEnabledSpringProfile extends string {
  *
  * Includes all `SpringProfile`s that are not specified as always enabled or never enabled.
  */
-class SometimesEnabledSpringProfile extends string {
+class SometimesEnabledSpringProfile extends string instanceof SpringProfile {
   SometimesEnabledSpringProfile() {
-    this instanceof SpringProfile and
     not (
       this instanceof AlwaysEnabledSpringProfile or
       this instanceof NeverEnabledSpringProfile

java/ql/lib/semmle/code/java/security/Encryption.qll

@@ -290,9 +290,7 @@ string getSecureAlgorithmRegex() {
  * algorithm. For example, methods returning ciphers, decryption methods,
  * constructors of cipher classes, etc.
  */
-abstract class CryptoAlgoSpec extends Top {
-  CryptoAlgoSpec() { this instanceof Call }
-
+abstract class CryptoAlgoSpec extends Top instanceof Call {
   abstract Expr getAlgoSpec();
 }
 

java/ql/lib/semmle/code/java/security/ResponseSplitting.qll

@@ -15,9 +15,7 @@ private class DefaultHeaderSplittingSink extends HeaderSplittingSink {
 }
 
 /** A source that introduces data considered safe to use by a header splitting source. */
-abstract class SafeHeaderSplittingSource extends DataFlow::Node {
-  SafeHeaderSplittingSource() { this instanceof RemoteFlowSource }
-}
+abstract class SafeHeaderSplittingSource extends DataFlow::Node instanceof RemoteFlowSource { }
 
 /** A default source that introduces data considered safe to use by a header splitting source. */
 private class DefaultSafeHeaderSplittingSource extends SafeHeaderSplittingSource {

java/ql/src/AlertSuppression.ql

@@ -53,9 +53,7 @@ class SuppressionComment extends Javadoc {
 /**
  * The scope of an alert suppression comment.
  */
-class SuppressionScope extends @javadoc {
-  SuppressionScope() { this instanceof SuppressionComment }
-
+class SuppressionScope extends @javadoc instanceof SuppressionComment {
   /** Gets a suppression comment with this scope. */
   SuppressionComment getSuppressionComment() { result = this }
 
@@ -69,7 +67,7 @@ class SuppressionScope extends @javadoc {
   predicate hasLocationInfo(
     string filepath, int startline, int startcolumn, int endline, int endcolumn
   ) {
-    this.(SuppressionComment).covers(filepath, startline, startcolumn, endline, endcolumn)
+    super.covers(filepath, startline, startcolumn, endline, endcolumn)
   }
 
   /** Gets a textual representation of this element. */

java/ql/src/AlertSuppressionAnnotations.ql

@@ -69,9 +69,7 @@ class SuppressionAnnotation extends SuppressWarningsAnnotation {
 /**
  * The scope of an alert suppression annotation.
  */
-class SuppressionScope extends @annotation {
-  SuppressionScope() { this instanceof SuppressionAnnotation }
-
+class SuppressionScope extends @annotation instanceof SuppressionAnnotation {
   /** Gets a suppression annotation with this scope. */
   SuppressionAnnotation getSuppressionAnnotation() { result = this }
 
@@ -85,7 +83,7 @@ class SuppressionScope extends @annotation {
   predicate hasLocationInfo(
     string filepath, int startline, int startcolumn, int endline, int endcolumn
   ) {
-    this.(SuppressionAnnotation).covers(filepath, startline, startcolumn, endline, endcolumn)
+    super.covers(filepath, startline, startcolumn, endline, endcolumn)
   }
 
   /** Gets a textual representation of this element. */

java/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql

@@ -20,9 +20,7 @@ int leftWidth(ComparisonExpr e) { result = e.getLeftOperand().getType().(NumType
 
 int rightWidth(ComparisonExpr e) { result = e.getRightOperand().getType().(NumType).getWidthRank() }
 
-abstract class WideningComparison extends BinaryExpr {
-  WideningComparison() { this instanceof ComparisonExpr }
-
+abstract class WideningComparison extends BinaryExpr instanceof ComparisonExpr {
   abstract Expr getNarrower();
 
   abstract Expr getWider();

java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheckLib.qll

@@ -81,8 +81,7 @@ private class CompareSink extends ClientSuppliedIpUsedInSecurityCheckSink {
 }
 
 /** A data flow sink for sql operation. */
-private class SqlOperationSink extends ClientSuppliedIpUsedInSecurityCheckSink {
-  SqlOperationSink() { this instanceof QueryInjectionSink }
+private class SqlOperationSink extends ClientSuppliedIpUsedInSecurityCheckSink instanceof QueryInjectionSink {
 }
 
 /** A method that split string. */

java/ql/src/utils/stub-generator/Stubs.qll

@@ -499,11 +499,8 @@ private RefType getAReferencedType(RefType t) {
 }
 
 /** A top level type whose file should be stubbed */
-class GeneratedTopLevel extends TopLevelType {
-  GeneratedTopLevel() {
-    this = this.getSourceDeclaration() and
-    this instanceof GeneratedType
-  }
+class GeneratedTopLevel extends TopLevelType instanceof GeneratedType {
+  GeneratedTopLevel() { this = this.getSourceDeclaration() }
 
   private TopLevelType getAnImportedType() {
     result = getAReferencedType(this).getSourceDeclaration()
@@ -536,8 +533,6 @@ class GeneratedTopLevel extends TopLevelType {
 
   /** Creates a full stub for the file containing this type. */
   string stubFile() {
-    result =
-      this.stubComment() + this.stubPackage() + this.stubImports() + this.(GeneratedType).getStub() +
-        "\n"
+    result = this.stubComment() + this.stubPackage() + this.stubImports() + super.getStub() + "\n"
   }
 }

java/ql/test/library-tests/dataflow/taintsources/local.ql

@@ -2,11 +2,8 @@ import java
 import semmle.code.java.dataflow.FlowSources
 import TestUtilities.InlineExpectationsTest
 
-class LocalSource extends DataFlow::Node {
-  LocalSource() {
-    this instanceof UserInput and
-    not this instanceof RemoteFlowSource
-  }
+class LocalSource extends DataFlow::Node instanceof UserInput {
+  LocalSource() { not this instanceof RemoteFlowSource }
 }
 
 predicate isTestSink(DataFlow::Node n) {