diff --git a/go/ql/test/example-tests/snippets/typeinfo.expected b/go/ql/test/example-tests/snippets/typeinfo.expected
index 91ea716693f..c3a0ff5dacb 100644
--- a/go/ql/test/example-tests/snippets/typeinfo.expected
+++ b/go/ql/test/example-tests/snippets/typeinfo.expected
@@ -2,7 +2,7 @@
 | file://:0:0:0:0 | [summary param] -1 in Clone |
 | file://:0:0:0:0 | [summary param] -1 in Write |
 | file://:0:0:0:0 | [summary param] -1 in WriteProxy |
+| main.go:18:12:18:14 | SSA def(req) |
 | main.go:18:12:18:14 | argument corresponding to req |
-| main.go:18:12:18:14 | definition of req |
 | main.go:20:5:20:7 | req |
 | main.go:20:5:20:7 | req [postupdate] |
diff --git a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected
index 46bccc77a97..c770dc825d7 100644
--- a/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected
+++ b/go/ql/test/experimental/CWE-522-DecompressionBombs/DecompressionBombs.expected
@@ -47,27 +47,27 @@
 | test.go:621:25:621:31 | tarRead | test.go:93:5:93:16 | selection of Body | test.go:621:25:621:31 | tarRead | This decompression is $@. | test.go:93:5:93:16 | selection of Body | decompressing compressed data without managing output size |
 | test.go:629:2:629:8 | tarRead | test.go:93:5:93:16 | selection of Body | test.go:629:2:629:8 | tarRead | This decompression is $@. | test.go:93:5:93:16 | selection of Body | decompressing compressed data without managing output size |
 edges
-| test.go:59:16:59:44 | call to FormValue | test.go:128:20:128:27 | definition of filename | provenance | Src:MaD:2  |
-| test.go:60:15:60:26 | selection of Body | test.go:158:19:158:22 | definition of file | provenance | Src:MaD:1  |
-| test.go:61:24:61:35 | selection of Body | test.go:169:28:169:31 | definition of file | provenance | Src:MaD:1  |
-| test.go:62:13:62:24 | selection of Body | test.go:181:17:181:20 | definition of file | provenance | Src:MaD:1  |
-| test.go:64:8:64:19 | selection of Body | test.go:208:12:208:15 | definition of file | provenance | Src:MaD:1  |
-| test.go:66:8:66:19 | selection of Body | test.go:233:12:233:15 | definition of file | provenance | Src:MaD:1  |
-| test.go:68:17:68:28 | selection of Body | test.go:258:21:258:24 | definition of file | provenance | Src:MaD:1  |
-| test.go:70:13:70:24 | selection of Body | test.go:283:17:283:20 | definition of file | provenance | Src:MaD:1  |
-| test.go:72:16:72:27 | selection of Body | test.go:308:20:308:23 | definition of file | provenance | Src:MaD:1  |
-| test.go:74:7:74:18 | selection of Body | test.go:333:11:333:14 | definition of file | provenance | Src:MaD:1  |
-| test.go:76:9:76:20 | selection of Body | test.go:358:13:358:16 | definition of file | provenance | Src:MaD:1  |
-| test.go:78:18:78:29 | selection of Body | test.go:384:22:384:25 | definition of file | provenance | Src:MaD:1  |
-| test.go:80:5:80:16 | selection of Body | test.go:412:9:412:12 | definition of file | provenance | Src:MaD:1  |
-| test.go:82:7:82:18 | selection of Body | test.go:447:11:447:14 | definition of file | provenance | Src:MaD:1  |
-| test.go:84:15:84:26 | selection of Body | test.go:440:19:440:21 | definition of src | provenance | Src:MaD:1  |
-| test.go:85:16:85:27 | selection of Body | test.go:472:20:472:23 | definition of file | provenance | Src:MaD:1  |
-| test.go:87:16:87:27 | selection of Body | test.go:499:20:499:23 | definition of file | provenance | Src:MaD:1  |
-| test.go:89:17:89:28 | selection of Body | test.go:526:21:526:24 | definition of file | provenance | Src:MaD:1  |
-| test.go:91:15:91:26 | selection of Body | test.go:555:19:555:22 | definition of file | provenance | Src:MaD:1  |
-| test.go:93:5:93:16 | selection of Body | test.go:580:9:580:12 | definition of file | provenance | Src:MaD:1  |
-| test.go:128:20:128:27 | definition of filename | test.go:130:33:130:40 | filename | provenance |  |
+| test.go:59:16:59:44 | call to FormValue | test.go:128:20:128:27 | SSA def(filename) | provenance | Src:MaD:2  |
+| test.go:60:15:60:26 | selection of Body | test.go:158:19:158:22 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:61:24:61:35 | selection of Body | test.go:169:28:169:31 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:62:13:62:24 | selection of Body | test.go:181:17:181:20 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:64:8:64:19 | selection of Body | test.go:208:12:208:15 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:66:8:66:19 | selection of Body | test.go:233:12:233:15 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:68:17:68:28 | selection of Body | test.go:258:21:258:24 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:70:13:70:24 | selection of Body | test.go:283:17:283:20 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:72:16:72:27 | selection of Body | test.go:308:20:308:23 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:74:7:74:18 | selection of Body | test.go:333:11:333:14 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:76:9:76:20 | selection of Body | test.go:358:13:358:16 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:78:18:78:29 | selection of Body | test.go:384:22:384:25 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:80:5:80:16 | selection of Body | test.go:412:9:412:12 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:82:7:82:18 | selection of Body | test.go:447:11:447:14 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:84:15:84:26 | selection of Body | test.go:440:19:440:21 | SSA def(src) | provenance | Src:MaD:1  |
+| test.go:85:16:85:27 | selection of Body | test.go:472:20:472:23 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:87:16:87:27 | selection of Body | test.go:499:20:499:23 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:89:17:89:28 | selection of Body | test.go:526:21:526:24 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:91:15:91:26 | selection of Body | test.go:555:19:555:22 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:93:5:93:16 | selection of Body | test.go:580:9:580:12 | SSA def(file) | provenance | Src:MaD:1  |
+| test.go:128:20:128:27 | SSA def(filename) | test.go:130:33:130:40 | filename | provenance |  |
 | test.go:130:2:130:41 | ... := ...[0] | test.go:132:12:132:12 | f | provenance |  |
 | test.go:130:33:130:40 | filename | test.go:130:2:130:41 | ... := ...[0] | provenance | Config |
 | test.go:130:33:130:40 | filename | test.go:143:51:143:58 | filename | provenance |  |
@@ -77,7 +77,7 @@ edges
 | test.go:143:51:143:58 | filename | test.go:143:2:143:59 | ... := ...[0] | provenance | Config |
 | test.go:145:12:145:12 | f | test.go:145:12:145:19 | call to Open | provenance | Config |
 | test.go:145:12:145:19 | call to Open | test.go:147:37:147:38 | rc | provenance |  |
-| test.go:158:19:158:22 | definition of file | test.go:159:25:159:28 | file | provenance |  |
+| test.go:158:19:158:22 | SSA def(file) | test.go:159:25:159:28 | file | provenance |  |
 | test.go:159:2:159:29 | ... := ...[0] | test.go:160:48:160:52 | file1 | provenance |  |
 | test.go:159:25:159:28 | file | test.go:159:2:159:29 | ... := ...[0] | provenance | MaD:6 |
 | test.go:160:2:160:69 | ... := ...[0] | test.go:163:26:163:29 | file | provenance |  |
@@ -85,7 +85,7 @@ edges
 | test.go:160:48:160:52 | file1 | test.go:160:32:160:53 | call to NewReader | provenance | MaD:5 |
 | test.go:163:3:163:36 | ... := ...[0] | test.go:164:36:164:51 | fileReaderCloser | provenance |  |
 | test.go:163:26:163:29 | file | test.go:163:3:163:36 | ... := ...[0] | provenance | MaD:4 |
-| test.go:169:28:169:31 | definition of file | test.go:170:25:170:28 | file | provenance |  |
+| test.go:169:28:169:31 | SSA def(file) | test.go:170:25:170:28 | file | provenance |  |
 | test.go:170:2:170:29 | ... := ...[0] | test.go:171:57:171:61 | file2 | provenance |  |
 | test.go:170:25:170:28 | file | test.go:170:2:170:29 | ... := ...[0] | provenance | MaD:6 |
 | test.go:171:2:171:78 | ... := ...[0] | test.go:175:26:175:29 | file | provenance |  |
@@ -93,64 +93,64 @@ edges
 | test.go:171:57:171:61 | file2 | test.go:171:41:171:62 | call to NewReader | provenance | MaD:5 |
 | test.go:175:26:175:29 | file | test.go:175:26:175:36 | call to Open | provenance | Config |
 | test.go:175:26:175:36 | call to Open | test.go:176:36:176:51 | fileReaderCloser | provenance |  |
-| test.go:181:17:181:20 | definition of file | test.go:184:41:184:44 | file | provenance |  |
+| test.go:181:17:181:20 | SSA def(file) | test.go:184:41:184:44 | file | provenance |  |
 | test.go:184:2:184:73 | ... := ...[0] | test.go:186:2:186:12 | bzip2Reader | provenance |  |
 | test.go:184:2:184:73 | ... := ...[0] | test.go:187:26:187:36 | bzip2Reader | provenance |  |
 | test.go:184:41:184:44 | file | test.go:184:2:184:73 | ... := ...[0] | provenance | Config |
 | test.go:187:12:187:37 | call to NewReader | test.go:189:18:189:24 | tarRead | provenance |  |
 | test.go:187:26:187:36 | bzip2Reader | test.go:187:12:187:37 | call to NewReader | provenance | MaD:3 |
-| test.go:189:18:189:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:208:12:208:15 | definition of file | test.go:211:33:211:36 | file | provenance |  |
+| test.go:189:18:189:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:208:12:208:15 | SSA def(file) | test.go:211:33:211:36 | file | provenance |  |
 | test.go:211:17:211:37 | call to NewReader | test.go:213:2:213:12 | bzip2Reader | provenance |  |
 | test.go:211:17:211:37 | call to NewReader | test.go:214:26:214:36 | bzip2Reader | provenance |  |
 | test.go:211:33:211:36 | file | test.go:211:17:211:37 | call to NewReader | provenance | Config |
 | test.go:214:12:214:37 | call to NewReader | test.go:216:18:216:24 | tarRead | provenance |  |
 | test.go:214:26:214:36 | bzip2Reader | test.go:214:12:214:37 | call to NewReader | provenance | MaD:3 |
-| test.go:216:18:216:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:233:12:233:15 | definition of file | test.go:236:33:236:36 | file | provenance |  |
+| test.go:216:18:216:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:233:12:233:15 | SSA def(file) | test.go:236:33:236:36 | file | provenance |  |
 | test.go:236:17:236:37 | call to NewReader | test.go:238:2:238:12 | flateReader | provenance |  |
 | test.go:236:17:236:37 | call to NewReader | test.go:239:26:239:36 | flateReader | provenance |  |
 | test.go:236:33:236:36 | file | test.go:236:17:236:37 | call to NewReader | provenance | Config |
 | test.go:239:12:239:37 | call to NewReader | test.go:241:18:241:24 | tarRead | provenance |  |
 | test.go:239:26:239:36 | flateReader | test.go:239:12:239:37 | call to NewReader | provenance | MaD:3 |
-| test.go:241:18:241:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:258:21:258:24 | definition of file | test.go:261:42:261:45 | file | provenance |  |
+| test.go:241:18:241:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:258:21:258:24 | SSA def(file) | test.go:261:42:261:45 | file | provenance |  |
 | test.go:261:17:261:46 | call to NewReader | test.go:263:2:263:12 | flateReader | provenance |  |
 | test.go:261:17:261:46 | call to NewReader | test.go:264:26:264:36 | flateReader | provenance |  |
 | test.go:261:42:261:45 | file | test.go:261:17:261:46 | call to NewReader | provenance | Config |
 | test.go:264:12:264:37 | call to NewReader | test.go:266:18:266:24 | tarRead | provenance |  |
 | test.go:264:26:264:36 | flateReader | test.go:264:12:264:37 | call to NewReader | provenance | MaD:3 |
-| test.go:266:18:266:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:283:17:283:20 | definition of file | test.go:286:41:286:44 | file | provenance |  |
+| test.go:266:18:266:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:283:17:283:20 | SSA def(file) | test.go:286:41:286:44 | file | provenance |  |
 | test.go:286:2:286:73 | ... := ...[0] | test.go:288:2:288:12 | flateReader | provenance |  |
 | test.go:286:2:286:73 | ... := ...[0] | test.go:289:26:289:36 | flateReader | provenance |  |
 | test.go:286:41:286:44 | file | test.go:286:2:286:73 | ... := ...[0] | provenance | Config |
 | test.go:289:12:289:37 | call to NewReader | test.go:291:18:291:24 | tarRead | provenance |  |
 | test.go:289:26:289:36 | flateReader | test.go:289:12:289:37 | call to NewReader | provenance | MaD:3 |
-| test.go:291:18:291:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:308:20:308:23 | definition of file | test.go:311:43:311:46 | file | provenance |  |
+| test.go:291:18:291:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:308:20:308:23 | SSA def(file) | test.go:311:43:311:46 | file | provenance |  |
 | test.go:311:2:311:47 | ... := ...[0] | test.go:313:2:313:11 | zlibReader | provenance |  |
 | test.go:311:2:311:47 | ... := ...[0] | test.go:314:26:314:35 | zlibReader | provenance |  |
 | test.go:311:43:311:46 | file | test.go:311:2:311:47 | ... := ...[0] | provenance | Config |
 | test.go:314:12:314:36 | call to NewReader | test.go:316:18:316:24 | tarRead | provenance |  |
 | test.go:314:26:314:35 | zlibReader | test.go:314:12:314:36 | call to NewReader | provenance | MaD:3 |
-| test.go:316:18:316:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:333:11:333:14 | definition of file | test.go:336:34:336:37 | file | provenance |  |
+| test.go:316:18:316:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:333:11:333:14 | SSA def(file) | test.go:336:34:336:37 | file | provenance |  |
 | test.go:336:2:336:38 | ... := ...[0] | test.go:338:2:338:11 | zlibReader | provenance |  |
 | test.go:336:2:336:38 | ... := ...[0] | test.go:339:26:339:35 | zlibReader | provenance |  |
 | test.go:336:34:336:37 | file | test.go:336:2:336:38 | ... := ...[0] | provenance | Config |
 | test.go:339:12:339:36 | call to NewReader | test.go:341:18:341:24 | tarRead | provenance |  |
 | test.go:339:26:339:35 | zlibReader | test.go:339:12:339:36 | call to NewReader | provenance | MaD:3 |
-| test.go:341:18:341:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:358:13:358:16 | definition of file | test.go:361:35:361:38 | file | provenance |  |
+| test.go:341:18:341:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:358:13:358:16 | SSA def(file) | test.go:361:35:361:38 | file | provenance |  |
 | test.go:361:18:361:39 | call to NewReader | test.go:363:2:363:13 | snappyReader | provenance |  |
 | test.go:361:18:361:39 | call to NewReader | test.go:364:2:364:13 | snappyReader | provenance |  |
 | test.go:361:18:361:39 | call to NewReader | test.go:365:26:365:37 | snappyReader | provenance |  |
 | test.go:361:35:361:38 | file | test.go:361:18:361:39 | call to NewReader | provenance | Config |
 | test.go:365:12:365:38 | call to NewReader | test.go:367:18:367:24 | tarRead | provenance |  |
 | test.go:365:26:365:37 | snappyReader | test.go:365:12:365:38 | call to NewReader | provenance | MaD:3 |
-| test.go:367:18:367:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:384:22:384:25 | definition of file | test.go:387:44:387:47 | file | provenance |  |
+| test.go:367:18:367:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:384:22:384:25 | SSA def(file) | test.go:387:44:387:47 | file | provenance |  |
 | test.go:387:18:387:48 | call to NewReader | test.go:389:2:389:13 | snappyReader | provenance |  |
 | test.go:387:18:387:48 | call to NewReader | test.go:391:2:391:13 | snappyReader | provenance |  |
 | test.go:387:18:387:48 | call to NewReader | test.go:392:2:392:13 | snappyReader | provenance |  |
@@ -158,8 +158,8 @@ edges
 | test.go:387:44:387:47 | file | test.go:387:18:387:48 | call to NewReader | provenance | Config |
 | test.go:393:12:393:38 | call to NewReader | test.go:395:18:395:24 | tarRead | provenance |  |
 | test.go:393:26:393:37 | snappyReader | test.go:393:12:393:38 | call to NewReader | provenance | MaD:3 |
-| test.go:395:18:395:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:412:9:412:12 | definition of file | test.go:415:27:415:30 | file | provenance |  |
+| test.go:395:18:395:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:412:9:412:12 | SSA def(file) | test.go:415:27:415:30 | file | provenance |  |
 | test.go:415:14:415:31 | call to NewReader | test.go:417:2:417:9 | s2Reader | provenance |  |
 | test.go:415:14:415:31 | call to NewReader | test.go:418:2:418:9 | s2Reader | provenance |  |
 | test.go:415:14:415:31 | call to NewReader | test.go:420:2:420:9 | s2Reader | provenance |  |
@@ -167,35 +167,35 @@ edges
 | test.go:415:27:415:30 | file | test.go:415:14:415:31 | call to NewReader | provenance | Config |
 | test.go:421:12:421:34 | call to NewReader | test.go:423:18:423:24 | tarRead | provenance |  |
 | test.go:421:26:421:33 | s2Reader | test.go:421:12:421:34 | call to NewReader | provenance | MaD:3 |
-| test.go:423:18:423:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:440:19:440:21 | definition of src | test.go:441:34:441:36 | src | provenance |  |
+| test.go:423:18:423:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:440:19:440:21 | SSA def(src) | test.go:441:34:441:36 | src | provenance |  |
 | test.go:441:2:441:37 | ... := ...[0] | test.go:444:12:444:32 | type conversion | provenance |  |
 | test.go:441:34:441:36 | src | test.go:441:2:441:37 | ... := ...[0] | provenance | Config |
 | test.go:444:12:444:32 | type conversion | test.go:445:23:445:28 | newSrc | provenance |  |
-| test.go:447:11:447:14 | definition of file | test.go:450:34:450:37 | file | provenance |  |
+| test.go:447:11:447:14 | SSA def(file) | test.go:450:34:450:37 | file | provenance |  |
 | test.go:450:2:450:38 | ... := ...[0] | test.go:452:2:452:11 | gzipReader | provenance |  |
 | test.go:450:2:450:38 | ... := ...[0] | test.go:453:26:453:35 | gzipReader | provenance |  |
 | test.go:450:34:450:37 | file | test.go:450:2:450:38 | ... := ...[0] | provenance | Config |
 | test.go:453:12:453:36 | call to NewReader | test.go:455:18:455:24 | tarRead | provenance |  |
 | test.go:453:26:453:35 | gzipReader | test.go:453:12:453:36 | call to NewReader | provenance | MaD:3 |
-| test.go:455:18:455:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:472:20:472:23 | definition of file | test.go:475:43:475:46 | file | provenance |  |
+| test.go:455:18:455:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:472:20:472:23 | SSA def(file) | test.go:475:43:475:46 | file | provenance |  |
 | test.go:475:2:475:47 | ... := ...[0] | test.go:477:2:477:11 | gzipReader | provenance |  |
 | test.go:475:2:475:47 | ... := ...[0] | test.go:479:2:479:11 | gzipReader | provenance |  |
 | test.go:475:2:475:47 | ... := ...[0] | test.go:480:26:480:35 | gzipReader | provenance |  |
 | test.go:475:43:475:46 | file | test.go:475:2:475:47 | ... := ...[0] | provenance | Config |
 | test.go:480:12:480:36 | call to NewReader | test.go:482:18:482:24 | tarRead | provenance |  |
 | test.go:480:26:480:35 | gzipReader | test.go:480:12:480:36 | call to NewReader | provenance | MaD:3 |
-| test.go:482:18:482:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:499:20:499:23 | definition of file | test.go:502:45:502:48 | file | provenance |  |
+| test.go:482:18:482:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:499:20:499:23 | SSA def(file) | test.go:502:45:502:48 | file | provenance |  |
 | test.go:502:2:502:49 | ... := ...[0] | test.go:504:2:504:12 | pgzipReader | provenance |  |
 | test.go:502:2:502:49 | ... := ...[0] | test.go:506:2:506:12 | pgzipReader | provenance |  |
 | test.go:502:2:502:49 | ... := ...[0] | test.go:507:26:507:36 | pgzipReader | provenance |  |
 | test.go:502:45:502:48 | file | test.go:502:2:502:49 | ... := ...[0] | provenance | Config |
 | test.go:507:12:507:37 | call to NewReader | test.go:509:18:509:24 | tarRead | provenance |  |
 | test.go:507:26:507:36 | pgzipReader | test.go:507:12:507:37 | call to NewReader | provenance | MaD:3 |
-| test.go:509:18:509:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:526:21:526:24 | definition of file | test.go:529:43:529:46 | file | provenance |  |
+| test.go:509:18:509:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:526:21:526:24 | SSA def(file) | test.go:529:43:529:46 | file | provenance |  |
 | test.go:529:2:529:47 | ... := ...[0] | test.go:531:2:531:11 | zstdReader | provenance |  |
 | test.go:529:2:529:47 | ... := ...[0] | test.go:533:2:533:11 | zstdReader | provenance |  |
 | test.go:529:2:529:47 | ... := ...[0] | test.go:535:2:535:11 | zstdReader | provenance |  |
@@ -203,33 +203,33 @@ edges
 | test.go:529:43:529:46 | file | test.go:529:2:529:47 | ... := ...[0] | provenance | Config |
 | test.go:536:12:536:36 | call to NewReader | test.go:538:18:538:24 | tarRead | provenance |  |
 | test.go:536:26:536:35 | zstdReader | test.go:536:12:536:36 | call to NewReader | provenance | MaD:3 |
-| test.go:538:18:538:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:555:19:555:22 | definition of file | test.go:558:38:558:41 | file | provenance |  |
+| test.go:538:18:538:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:555:19:555:22 | SSA def(file) | test.go:558:38:558:41 | file | provenance |  |
 | test.go:558:16:558:42 | call to NewReader | test.go:560:2:560:11 | zstdReader | provenance |  |
 | test.go:558:16:558:42 | call to NewReader | test.go:561:26:561:35 | zstdReader | provenance |  |
 | test.go:558:38:558:41 | file | test.go:558:16:558:42 | call to NewReader | provenance | Config |
 | test.go:561:12:561:36 | call to NewReader | test.go:563:18:563:24 | tarRead | provenance |  |
 | test.go:561:26:561:35 | zstdReader | test.go:561:12:561:36 | call to NewReader | provenance | MaD:3 |
-| test.go:563:18:563:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:580:9:580:12 | definition of file | test.go:583:30:583:33 | file | provenance |  |
+| test.go:563:18:563:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:580:9:580:12 | SSA def(file) | test.go:583:30:583:33 | file | provenance |  |
 | test.go:583:2:583:34 | ... := ...[0] | test.go:585:2:585:9 | xzReader | provenance |  |
 | test.go:583:2:583:34 | ... := ...[0] | test.go:586:26:586:33 | xzReader | provenance |  |
 | test.go:583:30:583:33 | file | test.go:583:2:583:34 | ... := ...[0] | provenance | Config |
 | test.go:586:12:586:34 | call to NewReader | test.go:589:18:589:24 | tarRead | provenance |  |
 | test.go:586:12:586:34 | call to NewReader | test.go:590:19:590:25 | tarRead | provenance |  |
 | test.go:586:26:586:33 | xzReader | test.go:586:12:586:34 | call to NewReader | provenance | MaD:3 |
-| test.go:589:18:589:24 | tarRead | test.go:611:22:611:28 | definition of tarRead | provenance |  |
-| test.go:590:19:590:25 | tarRead | test.go:627:23:627:29 | definition of tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:611:22:611:28 | definition of tarRead | test.go:621:25:621:31 | tarRead | provenance |  |
-| test.go:627:23:627:29 | definition of tarRead | test.go:629:2:629:8 | tarRead | provenance |  |
+| test.go:589:18:589:24 | tarRead | test.go:611:22:611:28 | SSA def(tarRead) | provenance |  |
+| test.go:590:19:590:25 | tarRead | test.go:627:23:627:29 | SSA def(tarRead) | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:611:22:611:28 | SSA def(tarRead) | test.go:621:25:621:31 | tarRead | provenance |  |
+| test.go:627:23:627:29 | SSA def(tarRead) | test.go:629:2:629:8 | tarRead | provenance |  |
 models
 | 1 | Source: net/http; Request; true; Body; ; ; ; remote; manual |
 | 2 | Source: net/http; Request; true; FormValue; ; ; ReturnValue; remote; manual |
@@ -258,7 +258,7 @@ nodes
 | test.go:89:17:89:28 | selection of Body | semmle.label | selection of Body |
 | test.go:91:15:91:26 | selection of Body | semmle.label | selection of Body |
 | test.go:93:5:93:16 | selection of Body | semmle.label | selection of Body |
-| test.go:128:20:128:27 | definition of filename | semmle.label | definition of filename |
+| test.go:128:20:128:27 | SSA def(filename) | semmle.label | SSA def(filename) |
 | test.go:130:2:130:41 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:130:33:130:40 | filename | semmle.label | filename |
 | test.go:132:3:132:19 | ... := ...[0] | semmle.label | ... := ...[0] |
@@ -269,7 +269,7 @@ nodes
 | test.go:145:12:145:12 | f | semmle.label | f |
 | test.go:145:12:145:19 | call to Open | semmle.label | call to Open |
 | test.go:147:37:147:38 | rc | semmle.label | rc |
-| test.go:158:19:158:22 | definition of file | semmle.label | definition of file |
+| test.go:158:19:158:22 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:159:2:159:29 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:159:25:159:28 | file | semmle.label | file |
 | test.go:160:2:160:69 | ... := ...[0] | semmle.label | ... := ...[0] |
@@ -278,7 +278,7 @@ nodes
 | test.go:163:3:163:36 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:163:26:163:29 | file | semmle.label | file |
 | test.go:164:36:164:51 | fileReaderCloser | semmle.label | fileReaderCloser |
-| test.go:169:28:169:31 | definition of file | semmle.label | definition of file |
+| test.go:169:28:169:31 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:170:2:170:29 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:170:25:170:28 | file | semmle.label | file |
 | test.go:171:2:171:78 | ... := ...[0] | semmle.label | ... := ...[0] |
@@ -287,56 +287,56 @@ nodes
 | test.go:175:26:175:29 | file | semmle.label | file |
 | test.go:175:26:175:36 | call to Open | semmle.label | call to Open |
 | test.go:176:36:176:51 | fileReaderCloser | semmle.label | fileReaderCloser |
-| test.go:181:17:181:20 | definition of file | semmle.label | definition of file |
+| test.go:181:17:181:20 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:184:2:184:73 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:184:41:184:44 | file | semmle.label | file |
 | test.go:186:2:186:12 | bzip2Reader | semmle.label | bzip2Reader |
 | test.go:187:12:187:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:187:26:187:36 | bzip2Reader | semmle.label | bzip2Reader |
 | test.go:189:18:189:24 | tarRead | semmle.label | tarRead |
-| test.go:208:12:208:15 | definition of file | semmle.label | definition of file |
+| test.go:208:12:208:15 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:211:17:211:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:211:33:211:36 | file | semmle.label | file |
 | test.go:213:2:213:12 | bzip2Reader | semmle.label | bzip2Reader |
 | test.go:214:12:214:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:214:26:214:36 | bzip2Reader | semmle.label | bzip2Reader |
 | test.go:216:18:216:24 | tarRead | semmle.label | tarRead |
-| test.go:233:12:233:15 | definition of file | semmle.label | definition of file |
+| test.go:233:12:233:15 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:236:17:236:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:236:33:236:36 | file | semmle.label | file |
 | test.go:238:2:238:12 | flateReader | semmle.label | flateReader |
 | test.go:239:12:239:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:239:26:239:36 | flateReader | semmle.label | flateReader |
 | test.go:241:18:241:24 | tarRead | semmle.label | tarRead |
-| test.go:258:21:258:24 | definition of file | semmle.label | definition of file |
+| test.go:258:21:258:24 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:261:17:261:46 | call to NewReader | semmle.label | call to NewReader |
 | test.go:261:42:261:45 | file | semmle.label | file |
 | test.go:263:2:263:12 | flateReader | semmle.label | flateReader |
 | test.go:264:12:264:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:264:26:264:36 | flateReader | semmle.label | flateReader |
 | test.go:266:18:266:24 | tarRead | semmle.label | tarRead |
-| test.go:283:17:283:20 | definition of file | semmle.label | definition of file |
+| test.go:283:17:283:20 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:286:2:286:73 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:286:41:286:44 | file | semmle.label | file |
 | test.go:288:2:288:12 | flateReader | semmle.label | flateReader |
 | test.go:289:12:289:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:289:26:289:36 | flateReader | semmle.label | flateReader |
 | test.go:291:18:291:24 | tarRead | semmle.label | tarRead |
-| test.go:308:20:308:23 | definition of file | semmle.label | definition of file |
+| test.go:308:20:308:23 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:311:2:311:47 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:311:43:311:46 | file | semmle.label | file |
 | test.go:313:2:313:11 | zlibReader | semmle.label | zlibReader |
 | test.go:314:12:314:36 | call to NewReader | semmle.label | call to NewReader |
 | test.go:314:26:314:35 | zlibReader | semmle.label | zlibReader |
 | test.go:316:18:316:24 | tarRead | semmle.label | tarRead |
-| test.go:333:11:333:14 | definition of file | semmle.label | definition of file |
+| test.go:333:11:333:14 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:336:2:336:38 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:336:34:336:37 | file | semmle.label | file |
 | test.go:338:2:338:11 | zlibReader | semmle.label | zlibReader |
 | test.go:339:12:339:36 | call to NewReader | semmle.label | call to NewReader |
 | test.go:339:26:339:35 | zlibReader | semmle.label | zlibReader |
 | test.go:341:18:341:24 | tarRead | semmle.label | tarRead |
-| test.go:358:13:358:16 | definition of file | semmle.label | definition of file |
+| test.go:358:13:358:16 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:361:18:361:39 | call to NewReader | semmle.label | call to NewReader |
 | test.go:361:35:361:38 | file | semmle.label | file |
 | test.go:363:2:363:13 | snappyReader | semmle.label | snappyReader |
@@ -344,7 +344,7 @@ nodes
 | test.go:365:12:365:38 | call to NewReader | semmle.label | call to NewReader |
 | test.go:365:26:365:37 | snappyReader | semmle.label | snappyReader |
 | test.go:367:18:367:24 | tarRead | semmle.label | tarRead |
-| test.go:384:22:384:25 | definition of file | semmle.label | definition of file |
+| test.go:384:22:384:25 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:387:18:387:48 | call to NewReader | semmle.label | call to NewReader |
 | test.go:387:44:387:47 | file | semmle.label | file |
 | test.go:389:2:389:13 | snappyReader | semmle.label | snappyReader |
@@ -353,7 +353,7 @@ nodes
 | test.go:393:12:393:38 | call to NewReader | semmle.label | call to NewReader |
 | test.go:393:26:393:37 | snappyReader | semmle.label | snappyReader |
 | test.go:395:18:395:24 | tarRead | semmle.label | tarRead |
-| test.go:412:9:412:12 | definition of file | semmle.label | definition of file |
+| test.go:412:9:412:12 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:415:14:415:31 | call to NewReader | semmle.label | call to NewReader |
 | test.go:415:27:415:30 | file | semmle.label | file |
 | test.go:417:2:417:9 | s2Reader | semmle.label | s2Reader |
@@ -362,19 +362,19 @@ nodes
 | test.go:421:12:421:34 | call to NewReader | semmle.label | call to NewReader |
 | test.go:421:26:421:33 | s2Reader | semmle.label | s2Reader |
 | test.go:423:18:423:24 | tarRead | semmle.label | tarRead |
-| test.go:440:19:440:21 | definition of src | semmle.label | definition of src |
+| test.go:440:19:440:21 | SSA def(src) | semmle.label | SSA def(src) |
 | test.go:441:2:441:37 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:441:34:441:36 | src | semmle.label | src |
 | test.go:444:12:444:32 | type conversion | semmle.label | type conversion |
 | test.go:445:23:445:28 | newSrc | semmle.label | newSrc |
-| test.go:447:11:447:14 | definition of file | semmle.label | definition of file |
+| test.go:447:11:447:14 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:450:2:450:38 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:450:34:450:37 | file | semmle.label | file |
 | test.go:452:2:452:11 | gzipReader | semmle.label | gzipReader |
 | test.go:453:12:453:36 | call to NewReader | semmle.label | call to NewReader |
 | test.go:453:26:453:35 | gzipReader | semmle.label | gzipReader |
 | test.go:455:18:455:24 | tarRead | semmle.label | tarRead |
-| test.go:472:20:472:23 | definition of file | semmle.label | definition of file |
+| test.go:472:20:472:23 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:475:2:475:47 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:475:43:475:46 | file | semmle.label | file |
 | test.go:477:2:477:11 | gzipReader | semmle.label | gzipReader |
@@ -382,7 +382,7 @@ nodes
 | test.go:480:12:480:36 | call to NewReader | semmle.label | call to NewReader |
 | test.go:480:26:480:35 | gzipReader | semmle.label | gzipReader |
 | test.go:482:18:482:24 | tarRead | semmle.label | tarRead |
-| test.go:499:20:499:23 | definition of file | semmle.label | definition of file |
+| test.go:499:20:499:23 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:502:2:502:49 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:502:45:502:48 | file | semmle.label | file |
 | test.go:504:2:504:12 | pgzipReader | semmle.label | pgzipReader |
@@ -390,7 +390,7 @@ nodes
 | test.go:507:12:507:37 | call to NewReader | semmle.label | call to NewReader |
 | test.go:507:26:507:36 | pgzipReader | semmle.label | pgzipReader |
 | test.go:509:18:509:24 | tarRead | semmle.label | tarRead |
-| test.go:526:21:526:24 | definition of file | semmle.label | definition of file |
+| test.go:526:21:526:24 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:529:2:529:47 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:529:43:529:46 | file | semmle.label | file |
 | test.go:531:2:531:11 | zstdReader | semmle.label | zstdReader |
@@ -399,14 +399,14 @@ nodes
 | test.go:536:12:536:36 | call to NewReader | semmle.label | call to NewReader |
 | test.go:536:26:536:35 | zstdReader | semmle.label | zstdReader |
 | test.go:538:18:538:24 | tarRead | semmle.label | tarRead |
-| test.go:555:19:555:22 | definition of file | semmle.label | definition of file |
+| test.go:555:19:555:22 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:558:16:558:42 | call to NewReader | semmle.label | call to NewReader |
 | test.go:558:38:558:41 | file | semmle.label | file |
 | test.go:560:2:560:11 | zstdReader | semmle.label | zstdReader |
 | test.go:561:12:561:36 | call to NewReader | semmle.label | call to NewReader |
 | test.go:561:26:561:35 | zstdReader | semmle.label | zstdReader |
 | test.go:563:18:563:24 | tarRead | semmle.label | tarRead |
-| test.go:580:9:580:12 | definition of file | semmle.label | definition of file |
+| test.go:580:9:580:12 | SSA def(file) | semmle.label | SSA def(file) |
 | test.go:583:2:583:34 | ... := ...[0] | semmle.label | ... := ...[0] |
 | test.go:583:30:583:33 | file | semmle.label | file |
 | test.go:585:2:585:9 | xzReader | semmle.label | xzReader |
@@ -414,15 +414,15 @@ nodes
 | test.go:586:26:586:33 | xzReader | semmle.label | xzReader |
 | test.go:589:18:589:24 | tarRead | semmle.label | tarRead |
 | test.go:590:19:590:25 | tarRead | semmle.label | tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
-| test.go:611:22:611:28 | definition of tarRead | semmle.label | definition of tarRead |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
+| test.go:611:22:611:28 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
 | test.go:621:25:621:31 | tarRead | semmle.label | tarRead |
 | test.go:621:25:621:31 | tarRead | semmle.label | tarRead |
 | test.go:621:25:621:31 | tarRead | semmle.label | tarRead |
@@ -432,6 +432,6 @@ nodes
 | test.go:621:25:621:31 | tarRead | semmle.label | tarRead |
 | test.go:621:25:621:31 | tarRead | semmle.label | tarRead |
 | test.go:621:25:621:31 | tarRead | semmle.label | tarRead |
-| test.go:627:23:627:29 | definition of tarRead | semmle.label | definition of tarRead |
+| test.go:627:23:627:29 | SSA def(tarRead) | semmle.label | SSA def(tarRead) |
 | test.go:629:2:629:8 | tarRead | semmle.label | tarRead |
 subpaths
diff --git a/go/ql/test/experimental/Unsafe/WrongUsageOfUnsafe.expected b/go/ql/test/experimental/Unsafe/WrongUsageOfUnsafe.expected
index 3c7e02eea26..ca825481143 100644
--- a/go/ql/test/experimental/Unsafe/WrongUsageOfUnsafe.expected
+++ b/go/ql/test/experimental/Unsafe/WrongUsageOfUnsafe.expected
@@ -10,8 +10,8 @@ edges
 | WrongUsageOfUnsafe.go:166:33:166:57 | type conversion | WrongUsageOfUnsafe.go:166:16:166:58 | type conversion | provenance |  |
 | WrongUsageOfUnsafe.go:189:31:189:55 | type conversion | WrongUsageOfUnsafe.go:189:16:189:56 | type conversion | provenance |  |
 | WrongUsageOfUnsafe.go:211:31:211:60 | type conversion | WrongUsageOfUnsafe.go:211:16:211:61 | type conversion | provenance |  |
-| WrongUsageOfUnsafe.go:227:31:227:55 | type conversion | WrongUsageOfUnsafe.go:236:21:236:23 | definition of req | provenance |  |
-| WrongUsageOfUnsafe.go:236:21:236:23 | definition of req | WrongUsageOfUnsafe.go:243:9:243:27 | type conversion | provenance |  |
+| WrongUsageOfUnsafe.go:227:31:227:55 | type conversion | WrongUsageOfUnsafe.go:236:21:236:23 | SSA def(req) | provenance |  |
+| WrongUsageOfUnsafe.go:236:21:236:23 | SSA def(req) | WrongUsageOfUnsafe.go:243:9:243:27 | type conversion | provenance |  |
 | WrongUsageOfUnsafe.go:256:28:256:52 | type conversion | WrongUsageOfUnsafe.go:256:16:256:53 | type conversion | provenance |  |
 | WrongUsageOfUnsafe.go:274:25:274:49 | type conversion | WrongUsageOfUnsafe.go:274:16:274:50 | type conversion | provenance |  |
 | WrongUsageOfUnsafe.go:292:23:292:47 | type conversion | WrongUsageOfUnsafe.go:292:16:292:48 | type conversion | provenance |  |
@@ -39,7 +39,7 @@ nodes
 | WrongUsageOfUnsafe.go:211:16:211:61 | type conversion | semmle.label | type conversion |
 | WrongUsageOfUnsafe.go:211:31:211:60 | type conversion | semmle.label | type conversion |
 | WrongUsageOfUnsafe.go:227:31:227:55 | type conversion | semmle.label | type conversion |
-| WrongUsageOfUnsafe.go:236:21:236:23 | definition of req | semmle.label | definition of req |
+| WrongUsageOfUnsafe.go:236:21:236:23 | SSA def(req) | semmle.label | SSA def(req) |
 | WrongUsageOfUnsafe.go:243:9:243:27 | type conversion | semmle.label | type conversion |
 | WrongUsageOfUnsafe.go:256:16:256:53 | type conversion | semmle.label | type conversion |
 | WrongUsageOfUnsafe.go:256:28:256:52 | type conversion | semmle.label | type conversion |
diff --git a/go/ql/test/library-tests/semmle/go/concepts/Regexp/RegexpPattern.expected b/go/ql/test/library-tests/semmle/go/concepts/Regexp/RegexpPattern.expected
index 1890c5c4ad9..63adab35d7b 100644
--- a/go/ql/test/library-tests/semmle/go/concepts/Regexp/RegexpPattern.expected
+++ b/go/ql/test/library-tests/semmle/go/concepts/Regexp/RegexpPattern.expected
@@ -3,7 +3,7 @@
 | stdlib.go:13:21:13:24 | "ab" | ab | stdlib.go:13:21:13:24 | "ab" |
 | stdlib.go:15:26:15:39 | "[so]me\|regex" | [so]me\|regex | stdlib.go:15:2:15:40 | ... := ...[0] |
 | stdlib.go:15:26:15:39 | "[so]me\|regex" | [so]me\|regex | stdlib.go:15:26:15:39 | "[so]me\|regex" |
-| stdlib.go:16:30:16:37 | "posix?" | posix? | stdlib.go:16:2:16:3 | definition of re |
+| stdlib.go:16:30:16:37 | "posix?" | posix? | stdlib.go:16:2:16:3 | SSA def(re) |
 | stdlib.go:16:30:16:37 | "posix?" | posix? | stdlib.go:16:2:16:38 | ... = ...[0] |
 | stdlib.go:16:30:16:37 | "posix?" | posix? | stdlib.go:16:30:16:37 | "posix?" |
 | stdlib.go:16:30:16:37 | "posix?" | posix? | stdlib.go:17:2:17:3 | re |
diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected
index e04fcf75309..dac98957550 100644
--- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected
+++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow/srcs.expected
@@ -22,4 +22,4 @@ invalidModelRow
 | test.go:187:24:187:31 | call to Src1 | qltest |
 | test.go:191:24:191:31 | call to Src1 | qltest |
 | test.go:201:10:201:28 | selection of SourceVariable | qltest |
-| test.go:208:15:208:17 | definition of src | qltest |
+| test.go:208:15:208:17 | SSA def(src) | qltest |
diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected
index f5768d49d1b..87ca46d4c13 100644
--- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected
+++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow/srcs.expected
@@ -22,4 +22,4 @@ invalidModelRow
 | test.go:187:24:187:31 | call to Src1 | qltest |
 | test.go:191:24:191:31 | call to Src1 | qltest |
 | test.go:209:10:209:28 | selection of SourceVariable | qltest |
-| test.go:216:15:216:17 | definition of src | qltest |
+| test.go:216:15:216:17 | SSA def(src) | qltest |
diff --git a/go/ql/test/library-tests/semmle/go/dataflow/FlowSteps/LocalFlowStep.expected b/go/ql/test/library-tests/semmle/go/dataflow/FlowSteps/LocalFlowStep.expected
index fcbb78716a4..dcb4a63d128 100644
--- a/go/ql/test/library-tests/semmle/go/dataflow/FlowSteps/LocalFlowStep.expected
+++ b/go/ql/test/library-tests/semmle/go/dataflow/FlowSteps/LocalFlowStep.expected
@@ -47,174 +47,174 @@
 | file://:0:0:0:0 | function max | main.go:65:7:65:9 | max |
 | file://:0:0:0:0 | function min | main.go:64:7:64:9 | min |
 | main.go:3:6:3:10 | function test1 | main.go:34:2:34:6 | test1 |
-| main.go:3:12:3:12 | argument corresponding to x | main.go:3:12:3:12 | definition of x |
-| main.go:3:12:3:12 | definition of x | main.go:5:5:5:5 | x |
-| main.go:3:19:3:20 | argument corresponding to fn | main.go:3:19:3:20 | definition of fn |
-| main.go:3:19:3:20 | definition of fn | main.go:10:24:10:25 | fn |
+| main.go:3:12:3:12 | SSA def(x) | main.go:5:5:5:5 | x |
+| main.go:3:12:3:12 | argument corresponding to x | main.go:3:12:3:12 | SSA def(x) |
+| main.go:3:19:3:20 | SSA def(fn) | main.go:10:24:10:25 | fn |
+| main.go:3:19:3:20 | argument corresponding to fn | main.go:3:19:3:20 | SSA def(fn) |
 | main.go:5:5:5:5 | x | main.go:6:7:6:7 | x |
 | main.go:5:5:5:5 | x | main.go:8:8:8:8 | x |
-| main.go:6:3:6:3 | definition of y | main.go:10:12:10:12 | y |
-| main.go:6:7:6:7 | x | main.go:6:3:6:3 | definition of y |
+| main.go:6:3:6:3 | SSA def(y) | main.go:10:12:10:12 | y |
+| main.go:6:7:6:7 | x | main.go:6:3:6:3 | SSA def(y) |
 | main.go:6:7:6:7 | x | main.go:10:7:10:7 | x |
-| main.go:8:3:8:3 | definition of y | main.go:10:12:10:12 | y |
-| main.go:8:7:8:8 | -... | main.go:8:3:8:3 | definition of y |
+| main.go:8:3:8:3 | SSA def(y) | main.go:10:12:10:12 | y |
+| main.go:8:7:8:8 | -... | main.go:8:3:8:3 | SSA def(y) |
 | main.go:8:8:8:8 | x | main.go:10:7:10:7 | x |
-| main.go:10:2:10:2 | definition of z | main.go:11:14:11:14 | z |
+| main.go:10:2:10:2 | SSA def(z) | main.go:11:14:11:14 | z |
 | main.go:10:7:10:7 | x | main.go:10:22:10:22 | x |
 | main.go:10:7:10:12 | ...<=... | main.go:10:7:10:27 | ...&&... |
-| main.go:10:7:10:27 | ...&&... | main.go:10:2:10:2 | definition of z |
+| main.go:10:7:10:27 | ...&&... | main.go:10:2:10:2 | SSA def(z) |
 | main.go:10:12:10:12 | y | main.go:10:17:10:17 | y |
 | main.go:10:17:10:27 | ...>=... | main.go:10:7:10:27 | ...&&... |
 | main.go:11:14:11:14 | z | main.go:11:9:11:15 | type conversion |
 | main.go:14:6:14:10 | function test2 | main.go:34:8:34:12 | test2 |
 | main.go:14:6:14:10 | function test2 | main.go:34:19:34:23 | test2 |
-| main.go:15:9:15:9 | 0 | main.go:15:2:15:4 | definition of acc |
-| main.go:16:9:19:2 | capture variable acc | main.go:17:3:17:5 | acc |
-| main.go:17:3:17:7 | definition of acc | main.go:18:10:18:12 | acc |
-| main.go:17:3:17:7 | rhs of increment statement | main.go:17:3:17:7 | definition of acc |
-| main.go:22:12:22:12 | argument corresponding to b | main.go:22:12:22:12 | definition of b |
-| main.go:22:12:22:12 | definition of b | main.go:23:5:23:5 | b |
-| main.go:22:20:22:20 | argument corresponding to x | main.go:22:20:22:20 | definition of x |
-| main.go:22:20:22:20 | definition of x | main.go:24:10:24:10 | x |
-| main.go:22:20:22:20 | definition of x | main.go:26:11:26:11 | x |
+| main.go:15:9:15:9 | 0 | main.go:15:2:15:4 | SSA def(acc) |
+| main.go:16:9:19:2 | SSA def(acc) | main.go:17:3:17:5 | acc |
+| main.go:17:3:17:7 | SSA def(acc) | main.go:18:10:18:12 | acc |
+| main.go:17:3:17:7 | rhs of increment statement | main.go:17:3:17:7 | SSA def(acc) |
+| main.go:22:12:22:12 | SSA def(b) | main.go:23:5:23:5 | b |
+| main.go:22:12:22:12 | argument corresponding to b | main.go:22:12:22:12 | SSA def(b) |
+| main.go:22:20:22:20 | SSA def(x) | main.go:24:10:24:10 | x |
+| main.go:22:20:22:20 | SSA def(x) | main.go:26:11:26:11 | x |
+| main.go:22:20:22:20 | argument corresponding to x | main.go:22:20:22:20 | SSA def(x) |
 | main.go:24:10:24:10 | x | main.go:24:10:24:19 | type assertion |
-| main.go:26:2:26:2 | definition of n | main.go:27:11:27:11 | n |
-| main.go:26:2:26:17 | ... := ...[0] | main.go:26:2:26:2 | definition of n |
-| main.go:26:2:26:17 | ... := ...[1] | main.go:26:5:26:6 | definition of ok |
-| main.go:26:5:26:6 | definition of ok | main.go:27:5:27:6 | ok |
+| main.go:26:2:26:2 | SSA def(n) | main.go:27:11:27:11 | n |
+| main.go:26:2:26:17 | ... := ...[0] | main.go:26:2:26:2 | SSA def(n) |
+| main.go:26:2:26:17 | ... := ...[1] | main.go:26:5:26:6 | SSA def(ok) |
+| main.go:26:5:26:6 | SSA def(ok) | main.go:27:5:27:6 | ok |
 | main.go:26:11:26:11 | x | main.go:26:2:26:17 | ... := ...[0] |
-| main.go:38:2:38:2 | definition of s | main.go:39:15:39:15 | s |
-| main.go:38:7:38:20 | slice literal | main.go:38:2:38:2 | definition of s |
-| main.go:38:7:38:20 | slice literal [postupdate] | main.go:38:2:38:2 | definition of s |
-| main.go:39:2:39:3 | definition of s1 | main.go:40:18:40:19 | s1 |
-| main.go:39:8:39:25 | call to append | main.go:39:2:39:3 | definition of s1 |
+| main.go:38:2:38:2 | SSA def(s) | main.go:39:15:39:15 | s |
+| main.go:38:7:38:20 | slice literal | main.go:38:2:38:2 | SSA def(s) |
+| main.go:38:7:38:20 | slice literal [postupdate] | main.go:38:2:38:2 | SSA def(s) |
+| main.go:39:2:39:3 | SSA def(s1) | main.go:40:18:40:19 | s1 |
+| main.go:39:8:39:25 | call to append | main.go:39:2:39:3 | SSA def(s1) |
 | main.go:39:15:39:15 | s | main.go:40:15:40:15 | s |
 | main.go:39:15:39:15 | s [postupdate] | main.go:40:15:40:15 | s |
-| main.go:40:2:40:3 | definition of s2 | main.go:43:9:43:10 | s2 |
-| main.go:40:8:40:23 | call to append | main.go:40:2:40:3 | definition of s2 |
+| main.go:40:2:40:3 | SSA def(s2) | main.go:43:9:43:10 | s2 |
+| main.go:40:8:40:23 | call to append | main.go:40:2:40:3 | SSA def(s2) |
 | main.go:40:15:40:15 | s | main.go:42:7:42:7 | s |
 | main.go:40:15:40:15 | s [postupdate] | main.go:42:7:42:7 | s |
-| main.go:41:2:41:3 | definition of s4 | main.go:42:10:42:11 | s4 |
-| main.go:41:8:41:21 | call to make | main.go:41:2:41:3 | definition of s4 |
-| main.go:46:13:46:14 | argument corresponding to xs | main.go:46:13:46:14 | definition of xs |
-| main.go:46:13:46:14 | definition of xs | main.go:47:20:47:21 | xs |
-| main.go:46:24:46:27 | definition of keys | main.go:46:24:46:27 | implicit read of keys |
-| main.go:46:24:46:27 | definition of keys | main.go:49:3:49:6 | keys |
-| main.go:46:24:46:27 | zero value for keys | main.go:46:24:46:27 | definition of keys |
-| main.go:46:34:46:37 | definition of vals | main.go:46:34:46:37 | implicit read of vals |
-| main.go:46:34:46:37 | definition of vals | main.go:48:3:48:6 | vals |
-| main.go:46:34:46:37 | zero value for vals | main.go:46:34:46:37 | definition of vals |
-| main.go:47:2:50:2 | range statement[0] | main.go:47:6:47:6 | definition of k |
-| main.go:47:2:50:2 | range statement[1] | main.go:47:9:47:9 | definition of v |
-| main.go:47:6:47:6 | definition of k | main.go:49:11:49:11 | k |
-| main.go:47:9:47:9 | definition of v | main.go:48:11:48:11 | v |
-| main.go:48:3:48:6 | definition of vals | main.go:46:34:46:37 | implicit read of vals |
-| main.go:48:3:48:6 | definition of vals | main.go:48:3:48:6 | vals |
-| main.go:48:3:48:11 | ... += ... | main.go:48:3:48:6 | definition of vals |
-| main.go:49:3:49:6 | definition of keys | main.go:46:24:46:27 | implicit read of keys |
-| main.go:49:3:49:6 | definition of keys | main.go:49:3:49:6 | keys |
-| main.go:49:3:49:11 | ... += ... | main.go:49:3:49:6 | definition of keys |
-| main.go:55:6:55:7 | definition of ch | main.go:56:2:56:3 | ch |
-| main.go:55:6:55:7 | zero value for ch | main.go:55:6:55:7 | definition of ch |
+| main.go:41:2:41:3 | SSA def(s4) | main.go:42:10:42:11 | s4 |
+| main.go:41:8:41:21 | call to make | main.go:41:2:41:3 | SSA def(s4) |
+| main.go:46:13:46:14 | SSA def(xs) | main.go:47:20:47:21 | xs |
+| main.go:46:13:46:14 | argument corresponding to xs | main.go:46:13:46:14 | SSA def(xs) |
+| main.go:46:24:46:27 | SSA def(keys) | main.go:46:24:46:27 | implicit read of keys |
+| main.go:46:24:46:27 | SSA def(keys) | main.go:49:3:49:6 | keys |
+| main.go:46:24:46:27 | zero value for keys | main.go:46:24:46:27 | SSA def(keys) |
+| main.go:46:34:46:37 | SSA def(vals) | main.go:46:34:46:37 | implicit read of vals |
+| main.go:46:34:46:37 | SSA def(vals) | main.go:48:3:48:6 | vals |
+| main.go:46:34:46:37 | zero value for vals | main.go:46:34:46:37 | SSA def(vals) |
+| main.go:47:2:50:2 | range statement[0] | main.go:47:6:47:6 | SSA def(k) |
+| main.go:47:2:50:2 | range statement[1] | main.go:47:9:47:9 | SSA def(v) |
+| main.go:47:6:47:6 | SSA def(k) | main.go:49:11:49:11 | k |
+| main.go:47:9:47:9 | SSA def(v) | main.go:48:11:48:11 | v |
+| main.go:48:3:48:6 | SSA def(vals) | main.go:46:34:46:37 | implicit read of vals |
+| main.go:48:3:48:6 | SSA def(vals) | main.go:48:3:48:6 | vals |
+| main.go:48:3:48:11 | ... += ... | main.go:48:3:48:6 | SSA def(vals) |
+| main.go:49:3:49:6 | SSA def(keys) | main.go:46:24:46:27 | implicit read of keys |
+| main.go:49:3:49:6 | SSA def(keys) | main.go:49:3:49:6 | keys |
+| main.go:49:3:49:11 | ... += ... | main.go:49:3:49:6 | SSA def(keys) |
+| main.go:55:6:55:7 | SSA def(ch) | main.go:56:2:56:3 | ch |
+| main.go:55:6:55:7 | zero value for ch | main.go:55:6:55:7 | SSA def(ch) |
 | main.go:56:2:56:3 | ch | main.go:57:4:57:5 | ch |
 | main.go:56:2:56:3 | ch [postupdate] | main.go:57:4:57:5 | ch |
-| main.go:61:2:61:2 | definition of x | main.go:64:11:64:11 | x |
-| main.go:61:7:61:7 | 1 | main.go:61:2:61:2 | definition of x |
-| main.go:62:2:62:2 | definition of y | main.go:64:14:64:14 | y |
-| main.go:62:7:62:7 | 2 | main.go:62:2:62:2 | definition of y |
-| main.go:63:2:63:2 | definition of z | main.go:64:17:64:17 | z |
-| main.go:63:7:63:7 | 3 | main.go:63:2:63:2 | definition of z |
-| main.go:64:2:64:2 | definition of a | main.go:66:9:66:9 | a |
-| main.go:64:7:64:18 | call to min | main.go:64:2:64:2 | definition of a |
+| main.go:61:2:61:2 | SSA def(x) | main.go:64:11:64:11 | x |
+| main.go:61:7:61:7 | 1 | main.go:61:2:61:2 | SSA def(x) |
+| main.go:62:2:62:2 | SSA def(y) | main.go:64:14:64:14 | y |
+| main.go:62:7:62:7 | 2 | main.go:62:2:62:2 | SSA def(y) |
+| main.go:63:2:63:2 | SSA def(z) | main.go:64:17:64:17 | z |
+| main.go:63:7:63:7 | 3 | main.go:63:2:63:2 | SSA def(z) |
+| main.go:64:2:64:2 | SSA def(a) | main.go:66:9:66:9 | a |
+| main.go:64:7:64:18 | call to min | main.go:64:2:64:2 | SSA def(a) |
 | main.go:64:11:64:11 | x | main.go:64:7:64:18 | call to min |
 | main.go:64:11:64:11 | x | main.go:65:11:65:11 | x |
 | main.go:64:14:64:14 | y | main.go:64:7:64:18 | call to min |
 | main.go:64:14:64:14 | y | main.go:65:14:65:14 | y |
 | main.go:64:17:64:17 | z | main.go:64:7:64:18 | call to min |
 | main.go:64:17:64:17 | z | main.go:65:17:65:17 | z |
-| main.go:65:2:65:2 | definition of b | main.go:66:12:66:12 | b |
-| main.go:65:7:65:18 | call to max | main.go:65:2:65:2 | definition of b |
+| main.go:65:2:65:2 | SSA def(b) | main.go:66:12:66:12 | b |
+| main.go:65:7:65:18 | call to max | main.go:65:2:65:2 | SSA def(b) |
 | main.go:65:11:65:11 | x | main.go:65:7:65:18 | call to max |
 | main.go:65:14:65:14 | y | main.go:65:7:65:18 | call to max |
 | main.go:65:17:65:17 | z | main.go:65:7:65:18 | call to max |
-| strings.go:8:12:8:12 | argument corresponding to s | strings.go:8:12:8:12 | definition of s |
-| strings.go:8:12:8:12 | definition of s | strings.go:9:24:9:24 | s |
-| strings.go:9:2:9:3 | definition of s2 | strings.go:11:20:11:21 | s2 |
-| strings.go:9:8:9:38 | call to Replace | strings.go:9:2:9:3 | definition of s2 |
+| strings.go:8:12:8:12 | SSA def(s) | strings.go:9:24:9:24 | s |
+| strings.go:8:12:8:12 | argument corresponding to s | strings.go:8:12:8:12 | SSA def(s) |
+| strings.go:9:2:9:3 | SSA def(s2) | strings.go:11:20:11:21 | s2 |
+| strings.go:9:8:9:38 | call to Replace | strings.go:9:2:9:3 | SSA def(s2) |
 | strings.go:9:24:9:24 | s | strings.go:10:27:10:27 | s |
-| strings.go:10:2:10:3 | definition of s3 | strings.go:11:24:11:25 | s3 |
-| strings.go:10:8:10:42 | call to ReplaceAll | strings.go:10:2:10:3 | definition of s3 |
+| strings.go:10:2:10:3 | SSA def(s3) | strings.go:11:24:11:25 | s3 |
+| strings.go:10:8:10:42 | call to ReplaceAll | strings.go:10:2:10:3 | SSA def(s3) |
 | strings.go:11:20:11:21 | s2 | strings.go:11:48:11:49 | s2 |
 | strings.go:11:24:11:25 | s3 | strings.go:11:67:11:68 | s3 |
-| url.go:8:12:8:12 | argument corresponding to b | url.go:8:12:8:12 | definition of b |
-| url.go:8:12:8:12 | definition of b | url.go:11:5:11:5 | b |
-| url.go:8:20:8:20 | argument corresponding to s | url.go:8:20:8:20 | definition of s |
-| url.go:8:20:8:20 | definition of s | url.go:12:46:12:46 | s |
-| url.go:8:20:8:20 | definition of s | url.go:14:48:14:48 | s |
-| url.go:12:3:12:5 | definition of res | url.go:19:9:19:11 | res |
-| url.go:12:3:12:48 | ... = ...[0] | url.go:12:3:12:5 | definition of res |
-| url.go:12:3:12:48 | ... = ...[1] | url.go:12:8:12:10 | definition of err |
-| url.go:12:8:12:10 | definition of err | url.go:16:5:16:7 | err |
-| url.go:14:3:14:5 | definition of res | url.go:19:9:19:11 | res |
-| url.go:14:3:14:50 | ... = ...[0] | url.go:14:3:14:5 | definition of res |
-| url.go:14:3:14:50 | ... = ...[1] | url.go:14:8:14:10 | definition of err |
-| url.go:14:8:14:10 | definition of err | url.go:16:5:16:7 | err |
-| url.go:22:12:22:12 | argument corresponding to i | url.go:22:12:22:12 | definition of i |
-| url.go:22:12:22:12 | definition of i | url.go:24:5:24:5 | i |
-| url.go:22:19:22:19 | argument corresponding to s | url.go:22:19:22:19 | definition of s |
-| url.go:22:19:22:19 | definition of s | url.go:23:20:23:20 | s |
-| url.go:23:2:23:2 | definition of u | url.go:25:10:25:10 | u |
-| url.go:23:2:23:21 | ... := ...[0] | url.go:23:2:23:2 | definition of u |
+| url.go:8:12:8:12 | SSA def(b) | url.go:11:5:11:5 | b |
+| url.go:8:12:8:12 | argument corresponding to b | url.go:8:12:8:12 | SSA def(b) |
+| url.go:8:20:8:20 | SSA def(s) | url.go:12:46:12:46 | s |
+| url.go:8:20:8:20 | SSA def(s) | url.go:14:48:14:48 | s |
+| url.go:8:20:8:20 | argument corresponding to s | url.go:8:20:8:20 | SSA def(s) |
+| url.go:12:3:12:5 | SSA def(res) | url.go:19:9:19:11 | res |
+| url.go:12:3:12:48 | ... = ...[0] | url.go:12:3:12:5 | SSA def(res) |
+| url.go:12:3:12:48 | ... = ...[1] | url.go:12:8:12:10 | SSA def(err) |
+| url.go:12:8:12:10 | SSA def(err) | url.go:16:5:16:7 | err |
+| url.go:14:3:14:5 | SSA def(res) | url.go:19:9:19:11 | res |
+| url.go:14:3:14:50 | ... = ...[0] | url.go:14:3:14:5 | SSA def(res) |
+| url.go:14:3:14:50 | ... = ...[1] | url.go:14:8:14:10 | SSA def(err) |
+| url.go:14:8:14:10 | SSA def(err) | url.go:16:5:16:7 | err |
+| url.go:22:12:22:12 | SSA def(i) | url.go:24:5:24:5 | i |
+| url.go:22:12:22:12 | argument corresponding to i | url.go:22:12:22:12 | SSA def(i) |
+| url.go:22:19:22:19 | SSA def(s) | url.go:23:20:23:20 | s |
+| url.go:22:19:22:19 | argument corresponding to s | url.go:22:19:22:19 | SSA def(s) |
+| url.go:23:2:23:2 | SSA def(u) | url.go:25:10:25:10 | u |
+| url.go:23:2:23:21 | ... := ...[0] | url.go:23:2:23:2 | SSA def(u) |
 | url.go:23:20:23:20 | s | url.go:27:29:27:29 | s |
-| url.go:27:2:27:2 | definition of u | url.go:28:14:28:14 | u |
-| url.go:27:2:27:30 | ... = ...[0] | url.go:27:2:27:2 | definition of u |
+| url.go:27:2:27:2 | SSA def(u) | url.go:28:14:28:14 | u |
+| url.go:27:2:27:30 | ... = ...[0] | url.go:27:2:27:2 | SSA def(u) |
 | url.go:28:14:28:14 | u | url.go:29:14:29:14 | u |
 | url.go:28:14:28:14 | u [postupdate] | url.go:29:14:29:14 | u |
 | url.go:29:14:29:14 | u | url.go:30:11:30:11 | u |
 | url.go:29:14:29:14 | u [postupdate] | url.go:30:11:30:11 | u |
-| url.go:30:2:30:3 | definition of bs | url.go:31:14:31:15 | bs |
-| url.go:30:2:30:27 | ... := ...[0] | url.go:30:2:30:3 | definition of bs |
+| url.go:30:2:30:3 | SSA def(bs) | url.go:31:14:31:15 | bs |
+| url.go:30:2:30:27 | ... := ...[0] | url.go:30:2:30:3 | SSA def(bs) |
 | url.go:30:11:30:11 | u | url.go:32:9:32:9 | u |
 | url.go:30:11:30:11 | u [postupdate] | url.go:32:9:32:9 | u |
-| url.go:32:2:32:2 | definition of u | url.go:33:14:33:14 | u |
-| url.go:32:2:32:23 | ... = ...[0] | url.go:32:2:32:2 | definition of u |
+| url.go:32:2:32:2 | SSA def(u) | url.go:33:14:33:14 | u |
+| url.go:32:2:32:23 | ... = ...[0] | url.go:32:2:32:2 | SSA def(u) |
 | url.go:33:14:33:14 | u | url.go:34:14:34:14 | u |
 | url.go:33:14:33:14 | u [postupdate] | url.go:34:14:34:14 | u |
 | url.go:34:14:34:14 | u | url.go:35:14:35:14 | u |
 | url.go:34:14:34:14 | u [postupdate] | url.go:35:14:35:14 | u |
 | url.go:35:14:35:14 | u | url.go:36:6:36:6 | u |
 | url.go:35:14:35:14 | u [postupdate] | url.go:36:6:36:6 | u |
-| url.go:36:2:36:2 | definition of u | url.go:37:9:37:9 | u |
+| url.go:36:2:36:2 | SSA def(u) | url.go:37:9:37:9 | u |
 | url.go:36:6:36:6 | u | url.go:36:25:36:25 | u |
 | url.go:36:6:36:6 | u [postupdate] | url.go:36:25:36:25 | u |
-| url.go:36:6:36:26 | call to ResolveReference | url.go:36:2:36:2 | definition of u |
-| url.go:42:2:42:3 | definition of ui | url.go:43:11:43:12 | ui |
-| url.go:42:7:42:38 | call to UserPassword | url.go:42:2:42:3 | definition of ui |
-| url.go:43:2:43:3 | definition of pw | url.go:44:14:44:15 | pw |
-| url.go:43:2:43:23 | ... := ...[0] | url.go:43:2:43:3 | definition of pw |
+| url.go:36:6:36:26 | call to ResolveReference | url.go:36:2:36:2 | SSA def(u) |
+| url.go:42:2:42:3 | SSA def(ui) | url.go:43:11:43:12 | ui |
+| url.go:42:7:42:38 | call to UserPassword | url.go:42:2:42:3 | SSA def(ui) |
+| url.go:43:2:43:3 | SSA def(pw) | url.go:44:14:44:15 | pw |
+| url.go:43:2:43:23 | ... := ...[0] | url.go:43:2:43:3 | SSA def(pw) |
 | url.go:43:11:43:12 | ui | url.go:45:14:45:15 | ui |
 | url.go:43:11:43:12 | ui [postupdate] | url.go:45:14:45:15 | ui |
 | url.go:45:14:45:15 | ui | url.go:46:9:46:10 | ui |
 | url.go:45:14:45:15 | ui [postupdate] | url.go:46:9:46:10 | ui |
-| url.go:49:12:49:12 | argument corresponding to q | url.go:49:12:49:12 | definition of q |
-| url.go:49:12:49:12 | definition of q | url.go:50:25:50:25 | q |
-| url.go:50:2:50:2 | definition of v | url.go:51:14:51:14 | v |
-| url.go:50:2:50:26 | ... := ...[0] | url.go:50:2:50:2 | definition of v |
+| url.go:49:12:49:12 | SSA def(q) | url.go:50:25:50:25 | q |
+| url.go:49:12:49:12 | argument corresponding to q | url.go:49:12:49:12 | SSA def(q) |
+| url.go:50:2:50:2 | SSA def(v) | url.go:51:14:51:14 | v |
+| url.go:50:2:50:26 | ... := ...[0] | url.go:50:2:50:2 | SSA def(v) |
 | url.go:51:14:51:14 | v | url.go:52:14:52:14 | v |
 | url.go:51:14:51:14 | v [postupdate] | url.go:52:14:52:14 | v |
 | url.go:52:14:52:14 | v | url.go:53:9:53:9 | v |
 | url.go:52:14:52:14 | v [postupdate] | url.go:53:9:53:9 | v |
-| url.go:56:12:56:12 | argument corresponding to q | url.go:56:12:56:12 | definition of q |
-| url.go:56:12:56:12 | definition of q | url.go:57:29:57:29 | q |
-| url.go:57:2:57:8 | definition of joined1 | url.go:58:38:58:44 | joined1 |
-| url.go:57:2:57:39 | ... := ...[0] | url.go:57:2:57:8 | definition of joined1 |
-| url.go:58:2:58:8 | definition of joined2 | url.go:59:24:59:30 | joined2 |
-| url.go:58:2:58:45 | ... := ...[0] | url.go:58:2:58:8 | definition of joined2 |
-| url.go:59:2:59:6 | definition of asUrl | url.go:60:15:60:19 | asUrl |
-| url.go:59:2:59:31 | ... := ...[0] | url.go:59:2:59:6 | definition of asUrl |
-| url.go:60:2:60:10 | definition of joinedUrl | url.go:61:9:61:17 | joinedUrl |
-| url.go:60:15:60:37 | call to JoinPath | url.go:60:2:60:10 | definition of joinedUrl |
-| url.go:64:13:64:13 | argument corresponding to q | url.go:64:13:64:13 | definition of q |
-| url.go:64:13:64:13 | definition of q | url.go:66:27:66:27 | q |
-| url.go:65:2:65:9 | definition of cleanUrl | url.go:66:9:66:16 | cleanUrl |
-| url.go:65:2:65:48 | ... := ...[0] | url.go:65:2:65:9 | definition of cleanUrl |
+| url.go:56:12:56:12 | SSA def(q) | url.go:57:29:57:29 | q |
+| url.go:56:12:56:12 | argument corresponding to q | url.go:56:12:56:12 | SSA def(q) |
+| url.go:57:2:57:8 | SSA def(joined1) | url.go:58:38:58:44 | joined1 |
+| url.go:57:2:57:39 | ... := ...[0] | url.go:57:2:57:8 | SSA def(joined1) |
+| url.go:58:2:58:8 | SSA def(joined2) | url.go:59:24:59:30 | joined2 |
+| url.go:58:2:58:45 | ... := ...[0] | url.go:58:2:58:8 | SSA def(joined2) |
+| url.go:59:2:59:6 | SSA def(asUrl) | url.go:60:15:60:19 | asUrl |
+| url.go:59:2:59:31 | ... := ...[0] | url.go:59:2:59:6 | SSA def(asUrl) |
+| url.go:60:2:60:10 | SSA def(joinedUrl) | url.go:61:9:61:17 | joinedUrl |
+| url.go:60:15:60:37 | call to JoinPath | url.go:60:2:60:10 | SSA def(joinedUrl) |
+| url.go:64:13:64:13 | SSA def(q) | url.go:66:27:66:27 | q |
+| url.go:64:13:64:13 | argument corresponding to q | url.go:64:13:64:13 | SSA def(q) |
+| url.go:65:2:65:9 | SSA def(cleanUrl) | url.go:66:9:66:16 | cleanUrl |
+| url.go:65:2:65:48 | ... := ...[0] | url.go:65:2:65:9 | SSA def(cleanUrl) |
diff --git a/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getEntryNode.expected b/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getEntryNode.expected
index 8c3a2b043dc..a64298b6444 100644
--- a/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getEntryNode.expected
+++ b/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getEntryNode.expected
@@ -25,15 +25,15 @@
 | result | main.go:53:2:53:22 | call to op2 | main.go:53:2:53:22 | call to op2 |
 | result | main.go:53:14:53:21 | call to bump | main.go:53:14:53:21 | call to bump |
 | result | tst2.go:10:9:10:26 | call to NewEncoder | tst2.go:10:9:10:26 | call to NewEncoder |
-| result | tst2.go:10:9:10:39 | call to Encode | tst2.go:10:2:10:4 | definition of err |
-| result | tst.go:9:17:9:33 | call to new | tst.go:9:2:9:12 | definition of bytesBuffer |
+| result | tst2.go:10:9:10:39 | call to Encode | tst2.go:10:2:10:4 | SSA def(err) |
+| result | tst.go:9:17:9:33 | call to new | tst.go:9:2:9:12 | SSA def(bytesBuffer) |
 | result 0 | main.go:51:2:51:14 | call to op | main.go:51:2:51:14 | call to op |
 | result 0 | main.go:53:2:53:22 | call to op2 | main.go:53:2:53:22 | call to op2 |
 | result 0 | main.go:53:14:53:21 | call to bump | main.go:53:14:53:21 | call to bump |
-| result 0 | main.go:54:10:54:15 | call to test | main.go:54:2:54:2 | definition of x |
-| result 0 | main.go:56:9:56:15 | call to test2 | main.go:56:2:56:2 | definition of x |
+| result 0 | main.go:54:10:54:15 | call to test | main.go:54:2:54:2 | SSA def(x) |
+| result 0 | main.go:56:9:56:15 | call to test2 | main.go:56:2:56:2 | SSA def(x) |
 | result 0 | tst2.go:10:9:10:26 | call to NewEncoder | tst2.go:10:9:10:26 | call to NewEncoder |
-| result 0 | tst2.go:10:9:10:39 | call to Encode | tst2.go:10:2:10:4 | definition of err |
-| result 0 | tst.go:9:17:9:33 | call to new | tst.go:9:2:9:12 | definition of bytesBuffer |
-| result 1 | main.go:54:10:54:15 | call to test | main.go:54:5:54:5 | definition of y |
-| result 1 | main.go:56:9:56:15 | call to test2 | main.go:56:5:56:5 | definition of y |
+| result 0 | tst2.go:10:9:10:39 | call to Encode | tst2.go:10:2:10:4 | SSA def(err) |
+| result 0 | tst.go:9:17:9:33 | call to new | tst.go:9:2:9:12 | SSA def(bytesBuffer) |
+| result 1 | main.go:54:10:54:15 | call to test | main.go:54:5:54:5 | SSA def(y) |
+| result 1 | main.go:56:9:56:15 | call to test2 | main.go:56:5:56:5 | SSA def(y) |
diff --git a/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getExitNode.expected b/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getExitNode.expected
index b9878f7e169..b101ce537fc 100644
--- a/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getExitNode.expected
+++ b/go/ql/test/library-tests/semmle/go/dataflow/FunctionInputsAndOutputs/FunctionInput_getExitNode.expected
@@ -1,14 +1,14 @@
-| parameter 0 | main.go:5:1:11:1 | function declaration | main.go:5:9:5:10 | definition of op |
-| parameter 0 | main.go:13:1:20:1 | function declaration | main.go:13:10:13:11 | definition of op |
-| parameter 0 | main.go:40:1:48:1 | function declaration | main.go:40:12:40:12 | definition of b |
-| parameter 0 | reset.go:8:1:16:1 | function declaration | reset.go:8:27:8:27 | definition of r |
-| parameter 0 | tst2.go:8:1:12:1 | function declaration | tst2.go:8:12:8:15 | definition of data |
-| parameter 0 | tst.go:8:1:11:1 | function declaration | tst.go:8:12:8:17 | definition of reader |
+| parameter 0 | main.go:5:1:11:1 | function declaration | main.go:5:9:5:10 | SSA def(op) |
+| parameter 0 | main.go:13:1:20:1 | function declaration | main.go:13:10:13:11 | SSA def(op) |
+| parameter 0 | main.go:40:1:48:1 | function declaration | main.go:40:12:40:12 | SSA def(b) |
+| parameter 0 | reset.go:8:1:16:1 | function declaration | reset.go:8:27:8:27 | SSA def(r) |
+| parameter 0 | tst2.go:8:1:12:1 | function declaration | tst2.go:8:12:8:15 | SSA def(data) |
+| parameter 0 | tst.go:8:1:11:1 | function declaration | tst.go:8:12:8:17 | SSA def(reader) |
 | parameter 0 | tst.go:13:1:13:25 | function declaration | tst.go:13:12:13:13 | initialization of xs |
-| parameter 0 | tst.go:15:1:19:1 | function declaration | tst.go:15:12:15:12 | definition of x |
-| parameter 1 | main.go:5:1:11:1 | function declaration | main.go:5:20:5:20 | definition of x |
-| parameter 1 | main.go:13:1:20:1 | function declaration | main.go:13:21:13:21 | definition of x |
-| parameter 1 | tst.go:15:1:19:1 | function declaration | tst.go:15:15:15:15 | definition of y |
-| parameter 2 | main.go:5:1:11:1 | function declaration | main.go:5:27:5:27 | definition of y |
-| parameter 2 | main.go:13:1:20:1 | function declaration | main.go:13:28:13:28 | definition of y |
-| receiver | main.go:26:1:29:1 | function declaration | main.go:26:7:26:7 | definition of c |
+| parameter 0 | tst.go:15:1:19:1 | function declaration | tst.go:15:12:15:12 | SSA def(x) |
+| parameter 1 | main.go:5:1:11:1 | function declaration | main.go:5:20:5:20 | SSA def(x) |
+| parameter 1 | main.go:13:1:20:1 | function declaration | main.go:13:21:13:21 | SSA def(x) |
+| parameter 1 | tst.go:15:1:19:1 | function declaration | tst.go:15:15:15:15 | SSA def(y) |
+| parameter 2 | main.go:5:1:11:1 | function declaration | main.go:5:27:5:27 | SSA def(y) |
+| parameter 2 | main.go:13:1:20:1 | function declaration | main.go:13:28:13:28 | SSA def(y) |
+| receiver | main.go:26:1:29:1 | function declaration | main.go:26:7:26:7 | SSA def(c) |
diff --git a/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/LocalFlowStep.expected b/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/LocalFlowStep.expected
index 5908aa8d113..660e3b62b70 100644
--- a/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/LocalFlowStep.expected
+++ b/go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/LocalFlowStep.expected
@@ -78,135 +78,135 @@
 | main.go:7:6:7:9 | function sink | main.go:148:2:148:5 | sink |
 | main.go:7:6:7:9 | function sink | main.go:149:2:149:5 | sink |
 | main.go:7:6:7:9 | function sink | main.go:150:2:150:5 | sink |
-| main.go:22:2:22:6 | definition of outer | main.go:25:7:25:11 | outer |
-| main.go:22:11:24:2 | struct literal | main.go:22:2:22:6 | definition of outer |
-| main.go:22:11:24:2 | struct literal [postupdate] | main.go:22:2:22:6 | definition of outer |
+| main.go:22:2:22:6 | SSA def(outer) | main.go:25:7:25:11 | outer |
+| main.go:22:11:24:2 | struct literal | main.go:22:2:22:6 | SSA def(outer) |
+| main.go:22:11:24:2 | struct literal [postupdate] | main.go:22:2:22:6 | SSA def(outer) |
 | main.go:25:7:25:11 | outer | main.go:26:7:26:11 | outer |
 | main.go:26:7:26:11 | outer | main.go:27:7:27:11 | outer |
 | main.go:27:7:27:11 | outer | main.go:28:7:28:11 | outer |
-| main.go:30:2:30:7 | definition of outerp | main.go:33:7:33:12 | outerp |
-| main.go:30:12:32:2 | &... | main.go:30:2:30:7 | definition of outerp |
-| main.go:30:12:32:2 | &... [postupdate] | main.go:30:2:30:7 | definition of outerp |
+| main.go:30:2:30:7 | SSA def(outerp) | main.go:33:7:33:12 | outerp |
+| main.go:30:12:32:2 | &... | main.go:30:2:30:7 | SSA def(outerp) |
+| main.go:30:12:32:2 | &... [postupdate] | main.go:30:2:30:7 | SSA def(outerp) |
 | main.go:33:7:33:12 | outerp | main.go:34:7:34:12 | outerp |
 | main.go:33:7:33:12 | outerp [postupdate] | main.go:34:7:34:12 | outerp |
 | main.go:34:7:34:12 | outerp | main.go:35:7:35:12 | outerp |
 | main.go:34:7:34:12 | outerp [postupdate] | main.go:35:7:35:12 | outerp |
 | main.go:35:7:35:12 | outerp | main.go:36:7:36:12 | outerp |
 | main.go:35:7:35:12 | outerp [postupdate] | main.go:36:7:36:12 | outerp |
-| main.go:40:2:40:6 | definition of outer | main.go:41:7:41:11 | outer |
-| main.go:40:11:40:40 | struct literal | main.go:40:2:40:6 | definition of outer |
-| main.go:40:11:40:40 | struct literal [postupdate] | main.go:40:2:40:6 | definition of outer |
+| main.go:40:2:40:6 | SSA def(outer) | main.go:41:7:41:11 | outer |
+| main.go:40:11:40:40 | struct literal | main.go:40:2:40:6 | SSA def(outer) |
+| main.go:40:11:40:40 | struct literal [postupdate] | main.go:40:2:40:6 | SSA def(outer) |
 | main.go:41:7:41:11 | outer | main.go:42:7:42:11 | outer |
 | main.go:42:7:42:11 | outer | main.go:43:7:43:11 | outer |
 | main.go:43:7:43:11 | outer | main.go:44:7:44:11 | outer |
-| main.go:46:2:46:7 | definition of outerp | main.go:47:7:47:12 | outerp |
-| main.go:46:12:46:42 | &... | main.go:46:2:46:7 | definition of outerp |
-| main.go:46:12:46:42 | &... [postupdate] | main.go:46:2:46:7 | definition of outerp |
+| main.go:46:2:46:7 | SSA def(outerp) | main.go:47:7:47:12 | outerp |
+| main.go:46:12:46:42 | &... | main.go:46:2:46:7 | SSA def(outerp) |
+| main.go:46:12:46:42 | &... [postupdate] | main.go:46:2:46:7 | SSA def(outerp) |
 | main.go:47:7:47:12 | outerp | main.go:48:7:48:12 | outerp |
 | main.go:47:7:47:12 | outerp [postupdate] | main.go:48:7:48:12 | outerp |
 | main.go:48:7:48:12 | outerp | main.go:49:7:49:12 | outerp |
 | main.go:48:7:48:12 | outerp [postupdate] | main.go:49:7:49:12 | outerp |
 | main.go:49:7:49:12 | outerp | main.go:50:7:50:12 | outerp |
 | main.go:49:7:49:12 | outerp [postupdate] | main.go:50:7:50:12 | outerp |
-| main.go:54:2:54:6 | definition of inner | main.go:55:19:55:23 | inner |
-| main.go:54:11:54:25 | struct literal | main.go:54:2:54:6 | definition of inner |
-| main.go:54:11:54:25 | struct literal [postupdate] | main.go:54:2:54:6 | definition of inner |
-| main.go:55:2:55:7 | definition of middle | main.go:56:17:56:22 | middle |
-| main.go:55:12:55:24 | struct literal | main.go:55:2:55:7 | definition of middle |
-| main.go:55:12:55:24 | struct literal [postupdate] | main.go:55:2:55:7 | definition of middle |
-| main.go:56:2:56:6 | definition of outer | main.go:57:7:57:11 | outer |
-| main.go:56:11:56:23 | struct literal | main.go:56:2:56:6 | definition of outer |
-| main.go:56:11:56:23 | struct literal [postupdate] | main.go:56:2:56:6 | definition of outer |
+| main.go:54:2:54:6 | SSA def(inner) | main.go:55:19:55:23 | inner |
+| main.go:54:11:54:25 | struct literal | main.go:54:2:54:6 | SSA def(inner) |
+| main.go:54:11:54:25 | struct literal [postupdate] | main.go:54:2:54:6 | SSA def(inner) |
+| main.go:55:2:55:7 | SSA def(middle) | main.go:56:17:56:22 | middle |
+| main.go:55:12:55:24 | struct literal | main.go:55:2:55:7 | SSA def(middle) |
+| main.go:55:12:55:24 | struct literal [postupdate] | main.go:55:2:55:7 | SSA def(middle) |
+| main.go:56:2:56:6 | SSA def(outer) | main.go:57:7:57:11 | outer |
+| main.go:56:11:56:23 | struct literal | main.go:56:2:56:6 | SSA def(outer) |
+| main.go:56:11:56:23 | struct literal [postupdate] | main.go:56:2:56:6 | SSA def(outer) |
 | main.go:57:7:57:11 | outer | main.go:58:7:58:11 | outer |
 | main.go:58:7:58:11 | outer | main.go:59:7:59:11 | outer |
 | main.go:59:7:59:11 | outer | main.go:60:7:60:11 | outer |
-| main.go:62:2:62:7 | definition of innerp | main.go:63:20:63:25 | innerp |
-| main.go:62:12:62:26 | struct literal | main.go:62:2:62:7 | definition of innerp |
-| main.go:62:12:62:26 | struct literal [postupdate] | main.go:62:2:62:7 | definition of innerp |
-| main.go:63:2:63:8 | definition of middlep | main.go:64:18:64:24 | middlep |
-| main.go:63:13:63:26 | struct literal | main.go:63:2:63:8 | definition of middlep |
-| main.go:63:13:63:26 | struct literal [postupdate] | main.go:63:2:63:8 | definition of middlep |
-| main.go:64:2:64:7 | definition of outerp | main.go:65:7:65:12 | outerp |
-| main.go:64:12:64:25 | struct literal | main.go:64:2:64:7 | definition of outerp |
-| main.go:64:12:64:25 | struct literal [postupdate] | main.go:64:2:64:7 | definition of outerp |
+| main.go:62:2:62:7 | SSA def(innerp) | main.go:63:20:63:25 | innerp |
+| main.go:62:12:62:26 | struct literal | main.go:62:2:62:7 | SSA def(innerp) |
+| main.go:62:12:62:26 | struct literal [postupdate] | main.go:62:2:62:7 | SSA def(innerp) |
+| main.go:63:2:63:8 | SSA def(middlep) | main.go:64:18:64:24 | middlep |
+| main.go:63:13:63:26 | struct literal | main.go:63:2:63:8 | SSA def(middlep) |
+| main.go:63:13:63:26 | struct literal [postupdate] | main.go:63:2:63:8 | SSA def(middlep) |
+| main.go:64:2:64:7 | SSA def(outerp) | main.go:65:7:65:12 | outerp |
+| main.go:64:12:64:25 | struct literal | main.go:64:2:64:7 | SSA def(outerp) |
+| main.go:64:12:64:25 | struct literal [postupdate] | main.go:64:2:64:7 | SSA def(outerp) |
 | main.go:65:7:65:12 | outerp | main.go:66:7:66:12 | outerp |
 | main.go:66:7:66:12 | outerp | main.go:67:7:67:12 | outerp |
 | main.go:67:7:67:12 | outerp | main.go:68:7:68:12 | outerp |
-| main.go:72:2:72:6 | definition of inner | main.go:73:26:73:30 | inner |
-| main.go:72:11:72:25 | struct literal | main.go:72:2:72:6 | definition of inner |
-| main.go:72:11:72:25 | struct literal [postupdate] | main.go:72:2:72:6 | definition of inner |
-| main.go:73:2:73:7 | definition of middle | main.go:74:25:74:30 | middle |
-| main.go:73:12:73:31 | struct literal | main.go:73:2:73:7 | definition of middle |
-| main.go:73:12:73:31 | struct literal [postupdate] | main.go:73:2:73:7 | definition of middle |
-| main.go:74:2:74:6 | definition of outer | main.go:75:7:75:11 | outer |
-| main.go:74:11:74:31 | struct literal | main.go:74:2:74:6 | definition of outer |
-| main.go:74:11:74:31 | struct literal [postupdate] | main.go:74:2:74:6 | definition of outer |
+| main.go:72:2:72:6 | SSA def(inner) | main.go:73:26:73:30 | inner |
+| main.go:72:11:72:25 | struct literal | main.go:72:2:72:6 | SSA def(inner) |
+| main.go:72:11:72:25 | struct literal [postupdate] | main.go:72:2:72:6 | SSA def(inner) |
+| main.go:73:2:73:7 | SSA def(middle) | main.go:74:25:74:30 | middle |
+| main.go:73:12:73:31 | struct literal | main.go:73:2:73:7 | SSA def(middle) |
+| main.go:73:12:73:31 | struct literal [postupdate] | main.go:73:2:73:7 | SSA def(middle) |
+| main.go:74:2:74:6 | SSA def(outer) | main.go:75:7:75:11 | outer |
+| main.go:74:11:74:31 | struct literal | main.go:74:2:74:6 | SSA def(outer) |
+| main.go:74:11:74:31 | struct literal [postupdate] | main.go:74:2:74:6 | SSA def(outer) |
 | main.go:75:7:75:11 | outer | main.go:76:7:76:11 | outer |
 | main.go:76:7:76:11 | outer | main.go:77:7:77:11 | outer |
 | main.go:77:7:77:11 | outer | main.go:78:7:78:11 | outer |
-| main.go:80:2:80:7 | definition of innerp | main.go:81:27:81:32 | innerp |
-| main.go:80:12:80:26 | struct literal | main.go:80:2:80:7 | definition of innerp |
-| main.go:80:12:80:26 | struct literal [postupdate] | main.go:80:2:80:7 | definition of innerp |
-| main.go:81:2:81:8 | definition of middlep | main.go:82:26:82:32 | middlep |
-| main.go:81:13:81:33 | struct literal | main.go:81:2:81:8 | definition of middlep |
-| main.go:81:13:81:33 | struct literal [postupdate] | main.go:81:2:81:8 | definition of middlep |
-| main.go:82:2:82:7 | definition of outerp | main.go:83:7:83:12 | outerp |
-| main.go:82:12:82:33 | struct literal | main.go:82:2:82:7 | definition of outerp |
-| main.go:82:12:82:33 | struct literal [postupdate] | main.go:82:2:82:7 | definition of outerp |
+| main.go:80:2:80:7 | SSA def(innerp) | main.go:81:27:81:32 | innerp |
+| main.go:80:12:80:26 | struct literal | main.go:80:2:80:7 | SSA def(innerp) |
+| main.go:80:12:80:26 | struct literal [postupdate] | main.go:80:2:80:7 | SSA def(innerp) |
+| main.go:81:2:81:8 | SSA def(middlep) | main.go:82:26:82:32 | middlep |
+| main.go:81:13:81:33 | struct literal | main.go:81:2:81:8 | SSA def(middlep) |
+| main.go:81:13:81:33 | struct literal [postupdate] | main.go:81:2:81:8 | SSA def(middlep) |
+| main.go:82:2:82:7 | SSA def(outerp) | main.go:83:7:83:12 | outerp |
+| main.go:82:12:82:33 | struct literal | main.go:82:2:82:7 | SSA def(outerp) |
+| main.go:82:12:82:33 | struct literal [postupdate] | main.go:82:2:82:7 | SSA def(outerp) |
 | main.go:83:7:83:12 | outerp | main.go:84:7:84:12 | outerp |
 | main.go:84:7:84:12 | outerp | main.go:85:7:85:12 | outerp |
 | main.go:85:7:85:12 | outerp | main.go:86:7:86:12 | outerp |
-| main.go:90:6:90:10 | definition of outer | main.go:91:2:91:6 | outer |
-| main.go:90:6:90:10 | zero value for outer | main.go:90:6:90:10 | definition of outer |
+| main.go:90:6:90:10 | SSA def(outer) | main.go:91:2:91:6 | outer |
+| main.go:90:6:90:10 | zero value for outer | main.go:90:6:90:10 | SSA def(outer) |
 | main.go:91:2:91:6 | outer | main.go:92:7:92:11 | outer |
 | main.go:91:2:91:6 | outer [postupdate] | main.go:92:7:92:11 | outer |
 | main.go:92:7:92:11 | outer | main.go:93:7:93:11 | outer |
 | main.go:93:7:93:11 | outer | main.go:94:7:94:11 | outer |
 | main.go:94:7:94:11 | outer | main.go:95:7:95:11 | outer |
-| main.go:97:6:97:11 | definition of outerp | main.go:98:2:98:7 | outerp |
-| main.go:97:6:97:11 | zero value for outerp | main.go:97:6:97:11 | definition of outerp |
+| main.go:97:6:97:11 | SSA def(outerp) | main.go:98:2:98:7 | outerp |
+| main.go:97:6:97:11 | zero value for outerp | main.go:97:6:97:11 | SSA def(outerp) |
 | main.go:98:2:98:7 | outerp | main.go:99:7:99:12 | outerp |
 | main.go:98:2:98:7 | outerp [postupdate] | main.go:99:7:99:12 | outerp |
 | main.go:99:7:99:12 | outerp | main.go:100:7:100:12 | outerp |
 | main.go:100:7:100:12 | outerp | main.go:101:7:101:12 | outerp |
 | main.go:101:7:101:12 | outerp | main.go:102:7:102:12 | outerp |
-| main.go:106:6:106:10 | definition of outer | main.go:107:2:107:6 | outer |
-| main.go:106:6:106:10 | zero value for outer | main.go:106:6:106:10 | definition of outer |
+| main.go:106:6:106:10 | SSA def(outer) | main.go:107:2:107:6 | outer |
+| main.go:106:6:106:10 | zero value for outer | main.go:106:6:106:10 | SSA def(outer) |
 | main.go:107:2:107:6 | outer | main.go:108:7:108:11 | outer |
 | main.go:107:2:107:6 | outer [postupdate] | main.go:108:7:108:11 | outer |
 | main.go:108:7:108:11 | outer | main.go:109:7:109:11 | outer |
 | main.go:109:7:109:11 | outer | main.go:110:7:110:11 | outer |
 | main.go:110:7:110:11 | outer | main.go:111:7:111:11 | outer |
-| main.go:113:6:113:11 | definition of outerp | main.go:114:2:114:7 | outerp |
-| main.go:113:6:113:11 | zero value for outerp | main.go:113:6:113:11 | definition of outerp |
+| main.go:113:6:113:11 | SSA def(outerp) | main.go:114:2:114:7 | outerp |
+| main.go:113:6:113:11 | zero value for outerp | main.go:113:6:113:11 | SSA def(outerp) |
 | main.go:114:2:114:7 | outerp | main.go:115:7:115:12 | outerp |
 | main.go:114:2:114:7 | outerp [postupdate] | main.go:115:7:115:12 | outerp |
 | main.go:115:7:115:12 | outerp | main.go:116:7:116:12 | outerp |
 | main.go:116:7:116:12 | outerp | main.go:117:7:117:12 | outerp |
 | main.go:117:7:117:12 | outerp | main.go:118:7:118:12 | outerp |
-| main.go:122:6:122:10 | definition of outer | main.go:123:2:123:6 | outer |
-| main.go:122:6:122:10 | zero value for outer | main.go:122:6:122:10 | definition of outer |
+| main.go:122:6:122:10 | SSA def(outer) | main.go:123:2:123:6 | outer |
+| main.go:122:6:122:10 | zero value for outer | main.go:122:6:122:10 | SSA def(outer) |
 | main.go:123:2:123:6 | outer | main.go:124:7:124:11 | outer |
 | main.go:123:2:123:6 | outer [postupdate] | main.go:124:7:124:11 | outer |
 | main.go:124:7:124:11 | outer | main.go:125:7:125:11 | outer |
 | main.go:125:7:125:11 | outer | main.go:126:7:126:11 | outer |
 | main.go:126:7:126:11 | outer | main.go:127:7:127:11 | outer |
-| main.go:129:6:129:11 | definition of outerp | main.go:130:2:130:7 | outerp |
-| main.go:129:6:129:11 | zero value for outerp | main.go:129:6:129:11 | definition of outerp |
+| main.go:129:6:129:11 | SSA def(outerp) | main.go:130:2:130:7 | outerp |
+| main.go:129:6:129:11 | zero value for outerp | main.go:129:6:129:11 | SSA def(outerp) |
 | main.go:130:2:130:7 | outerp | main.go:131:7:131:12 | outerp |
 | main.go:130:2:130:7 | outerp [postupdate] | main.go:131:7:131:12 | outerp |
 | main.go:131:7:131:12 | outerp | main.go:132:7:132:12 | outerp |
 | main.go:132:7:132:12 | outerp | main.go:133:7:133:12 | outerp |
 | main.go:133:7:133:12 | outerp | main.go:134:7:134:12 | outerp |
-| main.go:138:6:138:10 | definition of outer | main.go:139:2:139:6 | outer |
-| main.go:138:6:138:10 | zero value for outer | main.go:138:6:138:10 | definition of outer |
+| main.go:138:6:138:10 | SSA def(outer) | main.go:139:2:139:6 | outer |
+| main.go:138:6:138:10 | zero value for outer | main.go:138:6:138:10 | SSA def(outer) |
 | main.go:139:2:139:6 | outer | main.go:140:7:140:11 | outer |
 | main.go:139:2:139:6 | outer [postupdate] | main.go:140:7:140:11 | outer |
 | main.go:140:7:140:11 | outer | main.go:141:7:141:11 | outer |
 | main.go:141:7:141:11 | outer | main.go:142:7:142:11 | outer |
 | main.go:142:7:142:11 | outer | main.go:143:7:143:11 | outer |
-| main.go:145:6:145:11 | definition of outerp | main.go:146:2:146:7 | outerp |
-| main.go:145:6:145:11 | zero value for outerp | main.go:145:6:145:11 | definition of outerp |
+| main.go:145:6:145:11 | SSA def(outerp) | main.go:146:2:146:7 | outerp |
+| main.go:145:6:145:11 | zero value for outerp | main.go:145:6:145:11 | SSA def(outerp) |
 | main.go:146:2:146:7 | outerp | main.go:147:7:147:12 | outerp |
 | main.go:146:2:146:7 | outerp [postupdate] | main.go:147:7:147:12 | outerp |
 | main.go:147:7:147:12 | outerp | main.go:148:7:148:12 | outerp |
diff --git a/go/ql/test/library-tests/semmle/go/dataflow/SSA/DefUse.expected b/go/ql/test/library-tests/semmle/go/dataflow/SSA/DefUse.expected
index 9fe33491cfd..775eff4a49e 100644
--- a/go/ql/test/library-tests/semmle/go/dataflow/SSA/DefUse.expected
+++ b/go/ql/test/library-tests/semmle/go/dataflow/SSA/DefUse.expected
@@ -1,42 +1,42 @@
-| main.go:15:12:15:12 | x | main.go:13:6:13:6 | definition of x | main.go:13:6:13:6 | x |
-| main.go:15:15:15:15 | y | main.go:14:2:14:2 | definition of y | main.go:14:2:14:2 | y |
-| main.go:17:3:17:3 | y | main.go:14:2:14:2 | definition of y | main.go:14:2:14:2 | y |
-| main.go:19:12:19:12 | x | main.go:13:6:13:6 | definition of x | main.go:13:6:13:6 | x |
-| main.go:19:15:19:15 | y | main.go:19:2:19:10 | y = phi(def@14:2, def@17:3) | main.go:14:2:14:2 | y |
-| main.go:21:7:21:7 | y | main.go:19:2:19:10 | y = phi(def@14:2, def@17:3) | main.go:14:2:14:2 | y |
-| main.go:23:12:23:12 | x | main.go:23:2:23:10 | x = phi(def@13:6, def@21:3) | main.go:13:6:13:6 | x |
-| main.go:23:15:23:15 | y | main.go:19:2:19:10 | y = phi(def@14:2, def@17:3) | main.go:14:2:14:2 | y |
-| main.go:27:10:27:10 | x | main.go:26:10:26:10 | definition of x | main.go:26:10:26:10 | x |
-| main.go:29:10:29:10 | b | main.go:27:5:27:5 | definition of b | main.go:27:5:27:5 | b |
-| main.go:29:13:29:13 | a | main.go:27:2:27:2 | definition of a | main.go:27:2:27:2 | a |
-| main.go:31:9:31:9 | a | main.go:31:9:31:9 | a = phi(def@27:2, def@29:3) | main.go:27:2:27:2 | a |
-| main.go:31:12:31:12 | b | main.go:31:9:31:9 | b = phi(def@27:5, def@29:6) | main.go:27:5:27:5 | b |
-| main.go:35:3:35:3 | x | main.go:34:11:34:11 | definition of x | main.go:34:11:34:11 | x |
-| main.go:40:10:40:10 | x | main.go:39:2:39:2 | definition of x | main.go:39:2:39:2 | x |
-| main.go:42:8:42:10 | ptr | main.go:40:2:40:4 | definition of ptr | main.go:40:2:40:4 | ptr |
-| main.go:44:12:44:12 | x | main.go:39:2:39:2 | definition of x | main.go:39:2:39:2 | x |
-| main.go:47:13:47:18 | implicit read of result | main.go:48:2:48:7 | definition of result | main.go:47:13:47:18 | result |
-| main.go:52:14:52:19 | implicit read of result | main.go:52:14:52:19 | definition of result | main.go:52:14:52:19 | result |
-| main.go:61:12:61:12 | x | main.go:58:6:58:9 | x = phi(def@57:6, def@59:3) | main.go:57:6:57:6 | x |
-| main.go:64:16:64:16 | i | main.go:65:6:65:9 | i = phi(def@64:16, def@64:6) | main.go:64:6:64:6 | i |
-| main.go:70:12:70:12 | y | main.go:65:6:65:9 | y = phi(def@63:2, def@68:3) | main.go:63:2:63:2 | y |
-| main.go:73:16:73:16 | i | main.go:74:3:74:3 | i = phi(def@73:16, def@73:6) | main.go:73:6:73:6 | i |
-| main.go:79:12:79:12 | z | main.go:74:3:74:3 | definition of z | main.go:72:2:72:2 | z |
-| main.go:82:18:82:18 | implicit read of a | main.go:84:5:84:5 | definition of a | main.go:82:18:82:18 | a |
-| main.go:82:25:82:25 | implicit read of b | main.go:82:25:82:25 | definition of b | main.go:82:25:82:25 | b |
-| main.go:84:9:84:9 | x | main.go:83:2:83:2 | definition of x | main.go:83:2:83:2 | x |
-| main.go:84:15:84:15 | x | main.go:83:2:83:2 | definition of x | main.go:83:2:83:2 | x |
-| main.go:97:2:97:8 | wrapper | main.go:95:22:95:28 | definition of wrapper | main.go:95:22:95:28 | wrapper |
-| main.go:100:9:100:9 | x | main.go:97:2:99:3 | capture variable x | main.go:96:2:96:2 | x |
-| main.go:105:2:105:8 | wrapper | main.go:103:20:103:26 | definition of wrapper | main.go:103:20:103:26 | wrapper |
-| main.go:106:8:106:8 | x | main.go:105:16:108:2 | capture variable x | main.go:104:2:104:2 | x |
-| main.go:107:7:107:7 | y | main.go:106:3:106:3 | definition of y | main.go:106:3:106:3 | y |
-| main.go:109:9:109:9 | x | main.go:104:2:104:2 | definition of x | main.go:104:2:104:2 | x |
-| main.go:114:2:114:8 | wrapper | main.go:112:29:112:35 | definition of wrapper | main.go:112:29:112:35 | wrapper |
-| main.go:115:8:115:8 | x | main.go:114:16:117:2 | capture variable x | main.go:113:2:113:2 | x |
-| main.go:116:7:116:7 | y | main.go:115:3:115:3 | definition of y | main.go:115:3:115:3 | y |
-| main.go:118:9:118:9 | x | main.go:114:2:117:3 | capture variable x | main.go:113:2:113:2 | x |
-| main.go:135:2:135:2 | p | main.go:135:2:135:2 | p = phi(def@130:3, def@132:3) | main.go:128:6:128:6 | p |
-| main.go:137:12:137:12 | p | main.go:135:2:135:2 | p = phi(def@130:3, def@132:3) | main.go:128:6:128:6 | p |
-| main.go:137:17:137:17 | p | main.go:135:2:135:2 | p = phi(def@130:3, def@132:3) | main.go:128:6:128:6 | p |
-| main.go:137:24:137:24 | p | main.go:135:2:135:2 | p = phi(def@130:3, def@132:3) | main.go:128:6:128:6 | p |
+| main.go:15:12:15:12 | x | main.go:13:6:13:6 | SSA def(x) | main.go:13:6:13:6 | x |
+| main.go:15:15:15:15 | y | main.go:14:2:14:2 | SSA def(y) | main.go:14:2:14:2 | y |
+| main.go:17:3:17:3 | y | main.go:14:2:14:2 | SSA def(y) | main.go:14:2:14:2 | y |
+| main.go:19:12:19:12 | x | main.go:13:6:13:6 | SSA def(x) | main.go:13:6:13:6 | x |
+| main.go:19:15:19:15 | y | main.go:19:2:19:10 | SSA phi(y) | main.go:14:2:14:2 | y |
+| main.go:21:7:21:7 | y | main.go:19:2:19:10 | SSA phi(y) | main.go:14:2:14:2 | y |
+| main.go:23:12:23:12 | x | main.go:23:2:23:10 | SSA phi(x) | main.go:13:6:13:6 | x |
+| main.go:23:15:23:15 | y | main.go:19:2:19:10 | SSA phi(y) | main.go:14:2:14:2 | y |
+| main.go:27:10:27:10 | x | main.go:26:10:26:10 | SSA def(x) | main.go:26:10:26:10 | x |
+| main.go:29:10:29:10 | b | main.go:27:5:27:5 | SSA def(b) | main.go:27:5:27:5 | b |
+| main.go:29:13:29:13 | a | main.go:27:2:27:2 | SSA def(a) | main.go:27:2:27:2 | a |
+| main.go:31:9:31:9 | a | main.go:31:9:31:9 | SSA phi(a) | main.go:27:2:27:2 | a |
+| main.go:31:12:31:12 | b | main.go:31:9:31:9 | SSA phi(b) | main.go:27:5:27:5 | b |
+| main.go:35:3:35:3 | x | main.go:34:11:34:11 | SSA def(x) | main.go:34:11:34:11 | x |
+| main.go:40:10:40:10 | x | main.go:39:2:39:2 | SSA def(x) | main.go:39:2:39:2 | x |
+| main.go:42:8:42:10 | ptr | main.go:40:2:40:4 | SSA def(ptr) | main.go:40:2:40:4 | ptr |
+| main.go:44:12:44:12 | x | main.go:39:2:39:2 | SSA def(x) | main.go:39:2:39:2 | x |
+| main.go:47:13:47:18 | implicit read of result | main.go:48:2:48:7 | SSA def(result) | main.go:47:13:47:18 | result |
+| main.go:52:14:52:19 | implicit read of result | main.go:52:14:52:19 | SSA def(result) | main.go:52:14:52:19 | result |
+| main.go:61:12:61:12 | x | main.go:58:6:58:9 | SSA phi(x) | main.go:57:6:57:6 | x |
+| main.go:64:16:64:16 | i | main.go:65:6:65:9 | SSA phi(i) | main.go:64:6:64:6 | i |
+| main.go:70:12:70:12 | y | main.go:65:6:65:9 | SSA phi(y) | main.go:63:2:63:2 | y |
+| main.go:73:16:73:16 | i | main.go:74:3:74:3 | SSA phi(i) | main.go:73:6:73:6 | i |
+| main.go:79:12:79:12 | z | main.go:74:3:74:3 | SSA def(z) | main.go:72:2:72:2 | z |
+| main.go:82:18:82:18 | implicit read of a | main.go:84:5:84:5 | SSA def(a) | main.go:82:18:82:18 | a |
+| main.go:82:25:82:25 | implicit read of b | main.go:82:25:82:25 | SSA def(b) | main.go:82:25:82:25 | b |
+| main.go:84:9:84:9 | x | main.go:83:2:83:2 | SSA def(x) | main.go:83:2:83:2 | x |
+| main.go:84:15:84:15 | x | main.go:83:2:83:2 | SSA def(x) | main.go:83:2:83:2 | x |
+| main.go:97:2:97:8 | wrapper | main.go:95:22:95:28 | SSA def(wrapper) | main.go:95:22:95:28 | wrapper |
+| main.go:100:9:100:9 | x | main.go:97:2:99:3 | SSA def(x) | main.go:96:2:96:2 | x |
+| main.go:105:2:105:8 | wrapper | main.go:103:20:103:26 | SSA def(wrapper) | main.go:103:20:103:26 | wrapper |
+| main.go:106:8:106:8 | x | main.go:105:16:108:2 | SSA def(x) | main.go:104:2:104:2 | x |
+| main.go:107:7:107:7 | y | main.go:106:3:106:3 | SSA def(y) | main.go:106:3:106:3 | y |
+| main.go:109:9:109:9 | x | main.go:104:2:104:2 | SSA def(x) | main.go:104:2:104:2 | x |
+| main.go:114:2:114:8 | wrapper | main.go:112:29:112:35 | SSA def(wrapper) | main.go:112:29:112:35 | wrapper |
+| main.go:115:8:115:8 | x | main.go:114:16:117:2 | SSA def(x) | main.go:113:2:113:2 | x |
+| main.go:116:7:116:7 | y | main.go:115:3:115:3 | SSA def(y) | main.go:115:3:115:3 | y |
+| main.go:118:9:118:9 | x | main.go:114:2:117:3 | SSA def(x) | main.go:113:2:113:2 | x |
+| main.go:135:2:135:2 | p | main.go:135:2:135:2 | SSA phi(p) | main.go:128:6:128:6 | p |
+| main.go:137:12:137:12 | p | main.go:135:2:135:2 | SSA phi(p) | main.go:128:6:128:6 | p |
+| main.go:137:17:137:17 | p | main.go:135:2:135:2 | SSA phi(p) | main.go:128:6:128:6 | p |
+| main.go:137:24:137:24 | p | main.go:135:2:135:2 | SSA phi(p) | main.go:128:6:128:6 | p |
diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected
index 30a38580f78..76c71bdea20 100644
--- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected
+++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected
@@ -1,73 +1,73 @@
 #select
-| test.go:154:14:154:21 | password | test.go:153:17:153:24 | definition of password | test.go:154:14:154:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:155:17:155:24 | password | test.go:153:17:153:24 | definition of password | test.go:155:17:155:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:156:14:156:21 | password | test.go:153:17:153:24 | definition of password | test.go:156:14:156:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:157:18:157:25 | password | test.go:153:17:153:24 | definition of password | test.go:157:18:157:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:158:14:158:21 | password | test.go:153:17:153:24 | definition of password | test.go:158:14:158:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:159:13:159:20 | password | test.go:153:17:153:24 | definition of password | test.go:159:13:159:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:160:22:160:29 | password | test.go:153:17:153:24 | definition of password | test.go:160:22:160:29 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:161:15:161:22 | password | test.go:153:17:153:24 | definition of password | test.go:161:15:161:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:162:14:162:21 | password | test.go:153:17:153:24 | definition of password | test.go:162:14:162:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:163:13:163:20 | password | test.go:153:17:153:24 | definition of password | test.go:163:13:163:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:164:16:164:23 | password | test.go:153:17:153:24 | definition of password | test.go:164:16:164:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:165:13:165:20 | password | test.go:153:17:153:24 | definition of password | test.go:165:13:165:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:166:16:166:23 | password | test.go:153:17:153:24 | definition of password | test.go:166:16:166:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:167:13:167:20 | password | test.go:153:17:153:24 | definition of password | test.go:167:13:167:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:168:17:168:24 | password | test.go:153:17:153:24 | definition of password | test.go:168:17:168:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:169:13:169:20 | password | test.go:153:17:153:24 | definition of password | test.go:169:13:169:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:170:12:170:19 | password | test.go:153:17:153:24 | definition of password | test.go:170:12:170:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:171:21:171:28 | password | test.go:153:17:153:24 | definition of password | test.go:171:21:171:28 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:172:14:172:21 | password | test.go:153:17:153:24 | definition of password | test.go:172:14:172:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:173:13:173:20 | password | test.go:153:17:153:24 | definition of password | test.go:173:13:173:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:174:12:174:19 | password | test.go:153:17:153:24 | definition of password | test.go:174:12:174:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:175:15:175:22 | password | test.go:153:17:153:24 | definition of password | test.go:175:15:175:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:176:15:176:22 | password | test.go:153:17:153:24 | definition of password | test.go:176:15:176:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:177:18:177:25 | password | test.go:153:17:153:24 | definition of password | test.go:177:18:177:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:178:15:178:22 | password | test.go:153:17:153:24 | definition of password | test.go:178:15:178:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:179:19:179:26 | password | test.go:153:17:153:24 | definition of password | test.go:179:19:179:26 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:180:15:180:22 | password | test.go:153:17:153:24 | definition of password | test.go:180:15:180:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:181:14:181:21 | password | test.go:153:17:153:24 | definition of password | test.go:181:14:181:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:182:23:182:30 | password | test.go:153:17:153:24 | definition of password | test.go:182:23:182:30 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:183:16:183:23 | password | test.go:153:17:153:24 | definition of password | test.go:183:16:183:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:184:15:184:22 | password | test.go:153:17:153:24 | definition of password | test.go:184:15:184:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:185:14:185:21 | password | test.go:153:17:153:24 | definition of password | test.go:185:14:185:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:186:17:186:24 | password | test.go:153:17:153:24 | definition of password | test.go:186:17:186:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
-| test.go:187:16:187:23 | password | test.go:153:17:153:24 | definition of password | test.go:187:16:187:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password |
+| test.go:154:14:154:21 | password | test.go:153:17:153:24 | SSA def(password) | test.go:154:14:154:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:155:17:155:24 | password | test.go:153:17:153:24 | SSA def(password) | test.go:155:17:155:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:156:14:156:21 | password | test.go:153:17:153:24 | SSA def(password) | test.go:156:14:156:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:157:18:157:25 | password | test.go:153:17:153:24 | SSA def(password) | test.go:157:18:157:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:158:14:158:21 | password | test.go:153:17:153:24 | SSA def(password) | test.go:158:14:158:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:159:13:159:20 | password | test.go:153:17:153:24 | SSA def(password) | test.go:159:13:159:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:160:22:160:29 | password | test.go:153:17:153:24 | SSA def(password) | test.go:160:22:160:29 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:161:15:161:22 | password | test.go:153:17:153:24 | SSA def(password) | test.go:161:15:161:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:162:14:162:21 | password | test.go:153:17:153:24 | SSA def(password) | test.go:162:14:162:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:163:13:163:20 | password | test.go:153:17:153:24 | SSA def(password) | test.go:163:13:163:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:164:16:164:23 | password | test.go:153:17:153:24 | SSA def(password) | test.go:164:16:164:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:165:13:165:20 | password | test.go:153:17:153:24 | SSA def(password) | test.go:165:13:165:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:166:16:166:23 | password | test.go:153:17:153:24 | SSA def(password) | test.go:166:16:166:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:167:13:167:20 | password | test.go:153:17:153:24 | SSA def(password) | test.go:167:13:167:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:168:17:168:24 | password | test.go:153:17:153:24 | SSA def(password) | test.go:168:17:168:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:169:13:169:20 | password | test.go:153:17:153:24 | SSA def(password) | test.go:169:13:169:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:170:12:170:19 | password | test.go:153:17:153:24 | SSA def(password) | test.go:170:12:170:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:171:21:171:28 | password | test.go:153:17:153:24 | SSA def(password) | test.go:171:21:171:28 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:172:14:172:21 | password | test.go:153:17:153:24 | SSA def(password) | test.go:172:14:172:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:173:13:173:20 | password | test.go:153:17:153:24 | SSA def(password) | test.go:173:13:173:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:174:12:174:19 | password | test.go:153:17:153:24 | SSA def(password) | test.go:174:12:174:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:175:15:175:22 | password | test.go:153:17:153:24 | SSA def(password) | test.go:175:15:175:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:176:15:176:22 | password | test.go:153:17:153:24 | SSA def(password) | test.go:176:15:176:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:177:18:177:25 | password | test.go:153:17:153:24 | SSA def(password) | test.go:177:18:177:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:178:15:178:22 | password | test.go:153:17:153:24 | SSA def(password) | test.go:178:15:178:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:179:19:179:26 | password | test.go:153:17:153:24 | SSA def(password) | test.go:179:19:179:26 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:180:15:180:22 | password | test.go:153:17:153:24 | SSA def(password) | test.go:180:15:180:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:181:14:181:21 | password | test.go:153:17:153:24 | SSA def(password) | test.go:181:14:181:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:182:23:182:30 | password | test.go:153:17:153:24 | SSA def(password) | test.go:182:23:182:30 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:183:16:183:23 | password | test.go:153:17:153:24 | SSA def(password) | test.go:183:16:183:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:184:15:184:22 | password | test.go:153:17:153:24 | SSA def(password) | test.go:184:15:184:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:185:14:185:21 | password | test.go:153:17:153:24 | SSA def(password) | test.go:185:14:185:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:186:17:186:24 | password | test.go:153:17:153:24 | SSA def(password) | test.go:186:17:186:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
+| test.go:187:16:187:23 | password | test.go:153:17:153:24 | SSA def(password) | test.go:187:16:187:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | SSA def(password) | Sensitive data returned by an access to password |
 edges
-| test.go:153:17:153:24 | definition of password | test.go:154:14:154:21 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:155:17:155:24 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:156:14:156:21 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:157:18:157:25 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:158:14:158:21 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:159:13:159:20 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:160:22:160:29 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:161:15:161:22 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:162:14:162:21 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:163:13:163:20 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:164:16:164:23 | password | provenance |  |
-| test.go:153:17:153:24 | definition of password | test.go:165:13:165:20 | password | provenance | Sink:MaD:1 |
-| test.go:153:17:153:24 | definition of password | test.go:166:16:166:23 | password | provenance | Sink:MaD:2 |
-| test.go:153:17:153:24 | definition of password | test.go:167:13:167:20 | password | provenance | Sink:MaD:3 |
-| test.go:153:17:153:24 | definition of password | test.go:168:17:168:24 | password | provenance | Sink:MaD:4 |
-| test.go:153:17:153:24 | definition of password | test.go:169:13:169:20 | password | provenance | Sink:MaD:5 |
-| test.go:153:17:153:24 | definition of password | test.go:170:12:170:19 | password | provenance | Sink:MaD:6 |
-| test.go:153:17:153:24 | definition of password | test.go:171:21:171:28 | password | provenance | Sink:MaD:7 |
-| test.go:153:17:153:24 | definition of password | test.go:172:14:172:21 | password | provenance | Sink:MaD:8 |
-| test.go:153:17:153:24 | definition of password | test.go:173:13:173:20 | password | provenance | Sink:MaD:9 |
-| test.go:153:17:153:24 | definition of password | test.go:174:12:174:19 | password | provenance | Sink:MaD:10 |
-| test.go:153:17:153:24 | definition of password | test.go:175:15:175:22 | password | provenance | Sink:MaD:11 |
-| test.go:153:17:153:24 | definition of password | test.go:176:15:176:22 | password | provenance | Sink:MaD:12 |
-| test.go:153:17:153:24 | definition of password | test.go:177:18:177:25 | password | provenance | Sink:MaD:13 |
-| test.go:153:17:153:24 | definition of password | test.go:178:15:178:22 | password | provenance | Sink:MaD:14 |
-| test.go:153:17:153:24 | definition of password | test.go:179:19:179:26 | password | provenance | Sink:MaD:15 |
-| test.go:153:17:153:24 | definition of password | test.go:180:15:180:22 | password | provenance | Sink:MaD:16 |
-| test.go:153:17:153:24 | definition of password | test.go:181:14:181:21 | password | provenance | Sink:MaD:17 |
-| test.go:153:17:153:24 | definition of password | test.go:182:23:182:30 | password | provenance | Sink:MaD:18 |
-| test.go:153:17:153:24 | definition of password | test.go:183:16:183:23 | password | provenance | Sink:MaD:19 |
-| test.go:153:17:153:24 | definition of password | test.go:184:15:184:22 | password | provenance | Sink:MaD:20 |
-| test.go:153:17:153:24 | definition of password | test.go:185:14:185:21 | password | provenance | Sink:MaD:21 |
-| test.go:153:17:153:24 | definition of password | test.go:186:17:186:24 | password | provenance | Sink:MaD:22 |
-| test.go:153:17:153:24 | definition of password | test.go:187:16:187:23 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:154:14:154:21 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:155:17:155:24 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:156:14:156:21 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:157:18:157:25 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:158:14:158:21 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:159:13:159:20 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:160:22:160:29 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:161:15:161:22 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:162:14:162:21 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:163:13:163:20 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:164:16:164:23 | password | provenance |  |
+| test.go:153:17:153:24 | SSA def(password) | test.go:165:13:165:20 | password | provenance | Sink:MaD:1 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:166:16:166:23 | password | provenance | Sink:MaD:2 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:167:13:167:20 | password | provenance | Sink:MaD:3 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:168:17:168:24 | password | provenance | Sink:MaD:4 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:169:13:169:20 | password | provenance | Sink:MaD:5 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:170:12:170:19 | password | provenance | Sink:MaD:6 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:171:21:171:28 | password | provenance | Sink:MaD:7 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:172:14:172:21 | password | provenance | Sink:MaD:8 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:173:13:173:20 | password | provenance | Sink:MaD:9 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:174:12:174:19 | password | provenance | Sink:MaD:10 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:175:15:175:22 | password | provenance | Sink:MaD:11 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:176:15:176:22 | password | provenance | Sink:MaD:12 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:177:18:177:25 | password | provenance | Sink:MaD:13 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:178:15:178:22 | password | provenance | Sink:MaD:14 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:179:19:179:26 | password | provenance | Sink:MaD:15 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:180:15:180:22 | password | provenance | Sink:MaD:16 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:181:14:181:21 | password | provenance | Sink:MaD:17 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:182:23:182:30 | password | provenance | Sink:MaD:18 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:183:16:183:23 | password | provenance | Sink:MaD:19 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:184:15:184:22 | password | provenance | Sink:MaD:20 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:185:14:185:21 | password | provenance | Sink:MaD:21 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:186:17:186:24 | password | provenance | Sink:MaD:22 |
+| test.go:153:17:153:24 | SSA def(password) | test.go:187:16:187:23 | password | provenance |  |
 models
 | 1 | Sink: group:beego-logs; ; false; Alert; ; ; Argument[0..1]; log-injection; manual |
 | 2 | Sink: group:beego-logs; ; false; Critical; ; ; Argument[0..1]; log-injection; manual |
@@ -92,7 +92,7 @@ models
 | 21 | Sink: group:beego-logs; BeeLogger; true; Warn; ; ; Argument[0..1]; log-injection; manual |
 | 22 | Sink: group:beego-logs; BeeLogger; true; Warning; ; ; Argument[0..1]; log-injection; manual |
 nodes
-| test.go:153:17:153:24 | definition of password | semmle.label | definition of password |
+| test.go:153:17:153:24 | SSA def(password) | semmle.label | SSA def(password) |
 | test.go:154:14:154:21 | password | semmle.label | password |
 | test.go:155:17:155:24 | password | semmle.label | password |
 | test.go:156:14:156:21 | password | semmle.label | password |
diff --git a/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.expected b/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.expected
index 703066d6449..18fbba68ceb 100644
--- a/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.expected
+++ b/go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.expected
@@ -1,8 +1,8 @@
 edges
-| main.go:18:46:18:48 | definition of req | main.go:21:28:21:31 | name | provenance |  |
+| main.go:18:46:18:48 | SSA def(req) | main.go:21:28:21:31 | name | provenance |  |
 nodes
-| main.go:18:46:18:48 | definition of req | semmle.label | definition of req |
+| main.go:18:46:18:48 | SSA def(req) | semmle.label | SSA def(req) |
 | main.go:21:28:21:31 | name | semmle.label | name |
 subpaths
 #select
-| main.go:21:28:21:31 | name | main.go:18:46:18:48 | definition of req | main.go:21:28:21:31 | name | This log entry depends on a $@. | main.go:18:46:18:48 | definition of req | user-provided value |
+| main.go:21:28:21:31 | name | main.go:18:46:18:48 | SSA def(req) | main.go:21:28:21:31 | name | This log entry depends on a $@. | main.go:18:46:18:48 | SSA def(req) | user-provided value |
diff --git a/go/ql/test/query-tests/InconsistentCode/MissingErrorCheck/MissingErrorCheck.expected b/go/ql/test/query-tests/InconsistentCode/MissingErrorCheck/MissingErrorCheck.expected
index b4bd7b815d5..9db748ebabd 100644
--- a/go/ql/test/query-tests/InconsistentCode/MissingErrorCheck/MissingErrorCheck.expected
+++ b/go/ql/test/query-tests/InconsistentCode/MissingErrorCheck/MissingErrorCheck.expected
@@ -1,2 +1,2 @@
-| tests.go:61:30:61:35 | result | $@ may be nil at this dereference because $@ may not have been checked. | tests.go:59:2:59:7 | definition of result | result | tests.go:59:10:59:12 | definition of err | err |
-| tests.go:243:27:243:32 | result | $@ may be nil at this dereference because $@ may not have been checked. | tests.go:241:2:241:7 | definition of result | result | tests.go:241:10:241:12 | definition of err | err |
+| tests.go:61:30:61:35 | result | $@ may be nil at this dereference because $@ may not have been checked. | tests.go:59:2:59:7 | SSA def(result) | result | tests.go:59:10:59:12 | SSA def(err) | err |
+| tests.go:243:27:243:32 | result | $@ may be nil at this dereference because $@ may not have been checked. | tests.go:241:2:241:7 | SSA def(result) | result | tests.go:241:10:241:12 | SSA def(err) | err |
diff --git a/go/ql/test/query-tests/InconsistentCode/UnhandledCloseWritableHandle/UnhandledCloseWritableHandle.expected b/go/ql/test/query-tests/InconsistentCode/UnhandledCloseWritableHandle/UnhandledCloseWritableHandle.expected
index 41034c55796..183026e9b88 100644
--- a/go/ql/test/query-tests/InconsistentCode/UnhandledCloseWritableHandle/UnhandledCloseWritableHandle.expected
+++ b/go/ql/test/query-tests/InconsistentCode/UnhandledCloseWritableHandle/UnhandledCloseWritableHandle.expected
@@ -9,17 +9,17 @@
 | tests.go:130:3:130:3 | f | tests.go:126:5:126:78 | ... := ...[0] | tests.go:130:3:130:3 | f | File handle may be writable as a result of data flow from a $@ and closing it may result in data loss upon failure, which is not handled explicitly. | tests.go:126:15:126:78 | call to OpenFile | call to OpenFile |
 | tests.go:151:8:151:8 | f | tests.go:147:2:147:74 | ... := ...[0] | tests.go:151:8:151:8 | f | File handle may be writable as a result of data flow from a $@ and closing it may result in data loss upon failure, which is not handled explicitly. | tests.go:147:12:147:74 | call to OpenFile | call to OpenFile |
 edges
-| tests.go:9:24:9:24 | definition of f | tests.go:10:8:10:8 | f | provenance |  |
-| tests.go:13:32:13:32 | definition of f | tests.go:14:13:16:2 | capture variable f | provenance |  |
-| tests.go:14:13:16:2 | capture variable f | tests.go:15:3:15:3 | f | provenance |  |
+| tests.go:9:24:9:24 | SSA def(f) | tests.go:10:8:10:8 | f | provenance |  |
+| tests.go:13:32:13:32 | SSA def(f) | tests.go:14:13:16:2 | SSA def(f) | provenance |  |
+| tests.go:14:13:16:2 | SSA def(f) | tests.go:15:3:15:3 | f | provenance |  |
 | tests.go:32:5:32:78 | ... := ...[0] | tests.go:33:21:33:21 | f | provenance | Src:MaD:1  |
 | tests.go:32:5:32:78 | ... := ...[0] | tests.go:34:29:34:29 | f | provenance | Src:MaD:1  |
-| tests.go:33:21:33:21 | f | tests.go:9:24:9:24 | definition of f | provenance |  |
-| tests.go:34:29:34:29 | f | tests.go:13:32:13:32 | definition of f | provenance |  |
+| tests.go:33:21:33:21 | f | tests.go:9:24:9:24 | SSA def(f) | provenance |  |
+| tests.go:34:29:34:29 | f | tests.go:13:32:13:32 | SSA def(f) | provenance |  |
 | tests.go:46:5:46:76 | ... := ...[0] | tests.go:47:21:47:21 | f | provenance | Src:MaD:1  |
 | tests.go:46:5:46:76 | ... := ...[0] | tests.go:48:29:48:29 | f | provenance | Src:MaD:1  |
-| tests.go:47:21:47:21 | f | tests.go:9:24:9:24 | definition of f | provenance |  |
-| tests.go:48:29:48:29 | f | tests.go:13:32:13:32 | definition of f | provenance |  |
+| tests.go:47:21:47:21 | f | tests.go:9:24:9:24 | SSA def(f) | provenance |  |
+| tests.go:48:29:48:29 | f | tests.go:13:32:13:32 | SSA def(f) | provenance |  |
 | tests.go:55:5:55:78 | ... := ...[0] | tests.go:57:3:57:3 | f | provenance | Src:MaD:1  |
 | tests.go:67:5:67:76 | ... := ...[0] | tests.go:69:3:69:3 | f | provenance | Src:MaD:1  |
 | tests.go:109:5:109:78 | ... := ...[0] | tests.go:111:9:111:9 | f | provenance | Src:MaD:1  |
@@ -28,10 +28,10 @@ edges
 models
 | 1 | Source: os; ; false; OpenFile; ; ; ReturnValue[0]; file; manual |
 nodes
-| tests.go:9:24:9:24 | definition of f | semmle.label | definition of f |
+| tests.go:9:24:9:24 | SSA def(f) | semmle.label | SSA def(f) |
 | tests.go:10:8:10:8 | f | semmle.label | f |
-| tests.go:13:32:13:32 | definition of f | semmle.label | definition of f |
-| tests.go:14:13:16:2 | capture variable f | semmle.label | capture variable f |
+| tests.go:13:32:13:32 | SSA def(f) | semmle.label | SSA def(f) |
+| tests.go:14:13:16:2 | SSA def(f) | semmle.label | SSA def(f) |
 | tests.go:15:3:15:3 | f | semmle.label | f |
 | tests.go:32:5:32:78 | ... := ...[0] | semmle.label | ... := ...[0] |
 | tests.go:33:21:33:21 | f | semmle.label | f |
diff --git a/go/ql/test/query-tests/Security/CWE-022/UnsafeUnzipSymlink.expected b/go/ql/test/query-tests/Security/CWE-022/UnsafeUnzipSymlink.expected
index 3276c077109..73e5f0aa503 100644
--- a/go/ql/test/query-tests/Security/CWE-022/UnsafeUnzipSymlink.expected
+++ b/go/ql/test/query-tests/Security/CWE-022/UnsafeUnzipSymlink.expected
@@ -5,18 +5,18 @@
 | UnsafeUnzipSymlink.go:126:17:126:31 | selection of Linkname | UnsafeUnzipSymlink.go:126:17:126:31 | selection of Linkname | UnsafeUnzipSymlink.go:112:13:112:20 | linkName | Unresolved path from an archive header, which may point outside the archive root, is used in $@. | UnsafeUnzipSymlink.go:112:13:112:20 | linkName | symlink creation |
 | UnsafeUnzipSymlink.go:126:34:126:44 | selection of Name | UnsafeUnzipSymlink.go:126:34:126:44 | selection of Name | UnsafeUnzipSymlink.go:112:23:112:30 | fileName | Unresolved path from an archive header, which may point outside the archive root, is used in $@. | UnsafeUnzipSymlink.go:112:23:112:30 | fileName | symlink creation |
 edges
-| UnsafeUnzipSymlink.go:111:19:111:26 | definition of linkName | UnsafeUnzipSymlink.go:112:13:112:20 | linkName | provenance | Sink:MaD:1 |
-| UnsafeUnzipSymlink.go:111:29:111:36 | definition of fileName | UnsafeUnzipSymlink.go:112:23:112:30 | fileName | provenance | Sink:MaD:1 |
-| UnsafeUnzipSymlink.go:126:17:126:31 | selection of Linkname | UnsafeUnzipSymlink.go:111:19:111:26 | definition of linkName | provenance |  |
-| UnsafeUnzipSymlink.go:126:34:126:44 | selection of Name | UnsafeUnzipSymlink.go:111:29:111:36 | definition of fileName | provenance |  |
+| UnsafeUnzipSymlink.go:111:19:111:26 | SSA def(linkName) | UnsafeUnzipSymlink.go:112:13:112:20 | linkName | provenance | Sink:MaD:1 |
+| UnsafeUnzipSymlink.go:111:29:111:36 | SSA def(fileName) | UnsafeUnzipSymlink.go:112:23:112:30 | fileName | provenance | Sink:MaD:1 |
+| UnsafeUnzipSymlink.go:126:17:126:31 | selection of Linkname | UnsafeUnzipSymlink.go:111:19:111:26 | SSA def(linkName) | provenance |  |
+| UnsafeUnzipSymlink.go:126:34:126:44 | selection of Name | UnsafeUnzipSymlink.go:111:29:111:36 | SSA def(fileName) | provenance |  |
 models
 | 1 | Sink: os; ; false; Symlink; ; ; Argument[0..1]; path-injection; manual |
 nodes
 | UnsafeUnzipSymlink.go:31:15:31:29 | selection of Linkname | semmle.label | selection of Linkname |
 | UnsafeUnzipSymlink.go:31:32:31:42 | selection of Name | semmle.label | selection of Name |
 | UnsafeUnzipSymlink.go:43:25:43:35 | selection of Name | semmle.label | selection of Name |
-| UnsafeUnzipSymlink.go:111:19:111:26 | definition of linkName | semmle.label | definition of linkName |
-| UnsafeUnzipSymlink.go:111:29:111:36 | definition of fileName | semmle.label | definition of fileName |
+| UnsafeUnzipSymlink.go:111:19:111:26 | SSA def(linkName) | semmle.label | SSA def(linkName) |
+| UnsafeUnzipSymlink.go:111:29:111:36 | SSA def(fileName) | semmle.label | SSA def(fileName) |
 | UnsafeUnzipSymlink.go:112:13:112:20 | linkName | semmle.label | linkName |
 | UnsafeUnzipSymlink.go:112:23:112:30 | fileName | semmle.label | fileName |
 | UnsafeUnzipSymlink.go:126:17:126:31 | selection of Linkname | semmle.label | selection of Linkname |
diff --git a/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected b/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected
index 7cb981667da..3bfd80a120c 100644
--- a/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected
+++ b/go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected
@@ -4,12 +4,12 @@
 | tarslip.go:15:2:15:30 | ... := ...[0] | tarslip.go:15:2:15:30 | ... := ...[0] | tarslip.go:16:14:16:34 | call to Dir | Unsanitized archive entry, which may contain '..', is used in a $@. | tarslip.go:16:14:16:34 | call to Dir | file system operation |
 | tst.go:23:2:43:2 | range statement[1] | tst.go:23:2:43:2 | range statement[1] | tst.go:29:20:29:23 | path | Unsanitized archive entry, which may contain '..', is used in a $@. | tst.go:29:20:29:23 | path | file system operation |
 edges
-| UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | UnsafeUnzipSymlinkGood.go:61:53:61:61 | candidate | provenance |  |
+| UnsafeUnzipSymlinkGood.go:52:24:52:32 | SSA def(candidate) | UnsafeUnzipSymlinkGood.go:61:53:61:61 | candidate | provenance |  |
 | UnsafeUnzipSymlinkGood.go:61:53:61:61 | candidate | UnsafeUnzipSymlinkGood.go:61:31:61:62 | call to Join | provenance | FunctionModel Sink:MaD:3 |
 | UnsafeUnzipSymlinkGood.go:72:3:72:25 | ... := ...[0] | UnsafeUnzipSymlinkGood.go:76:24:76:38 | selection of Linkname | provenance |  |
 | UnsafeUnzipSymlinkGood.go:72:3:72:25 | ... := ...[0] | UnsafeUnzipSymlinkGood.go:76:70:76:80 | selection of Name | provenance |  |
-| UnsafeUnzipSymlinkGood.go:76:24:76:38 | selection of Linkname | UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | provenance |  |
-| UnsafeUnzipSymlinkGood.go:76:70:76:80 | selection of Name | UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | provenance |  |
+| UnsafeUnzipSymlinkGood.go:76:24:76:38 | selection of Linkname | UnsafeUnzipSymlinkGood.go:52:24:52:32 | SSA def(candidate) | provenance |  |
+| UnsafeUnzipSymlinkGood.go:76:70:76:80 | selection of Name | UnsafeUnzipSymlinkGood.go:52:24:52:32 | SSA def(candidate) | provenance |  |
 | ZipSlip.go:11:2:15:2 | range statement[1] | ZipSlip.go:12:24:12:29 | selection of Name | provenance |  |
 | ZipSlip.go:12:3:12:30 | ... := ...[0] | ZipSlip.go:14:20:14:20 | p | provenance | Sink:MaD:1 |
 | ZipSlip.go:12:24:12:29 | selection of Name | ZipSlip.go:12:3:12:30 | ... := ...[0] | provenance | MaD:4 |
@@ -23,7 +23,7 @@ models
 | 4 | Summary: path/filepath; ; false; Abs; ; ; Argument[0]; ReturnValue[0]; taint; manual |
 | 5 | Summary: path; ; false; Dir; ; ; Argument[0]; ReturnValue; taint; manual |
 nodes
-| UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | semmle.label | definition of candidate |
+| UnsafeUnzipSymlinkGood.go:52:24:52:32 | SSA def(candidate) | semmle.label | SSA def(candidate) |
 | UnsafeUnzipSymlinkGood.go:61:31:61:62 | call to Join | semmle.label | call to Join |
 | UnsafeUnzipSymlinkGood.go:61:53:61:61 | candidate | semmle.label | candidate |
 | UnsafeUnzipSymlinkGood.go:72:3:72:25 | ... := ...[0] | semmle.label | ... := ...[0] |
diff --git a/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected b/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
index 78dde84a947..b029c6d2b84 100644
--- a/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
+++ b/go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
@@ -48,14 +48,14 @@ edges
 | GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:17:36:17:42 | tainted | provenance |  |
 | GitSubcommands.go:33:13:33:19 | selection of URL | GitSubcommands.go:33:13:33:27 | call to Query | provenance | Src:MaD:2 MaD:7 |
 | GitSubcommands.go:33:13:33:27 | call to Query | GitSubcommands.go:38:32:38:38 | tainted | provenance |  |
-| SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | SanitizingDoubleDash.go:13:25:13:31 | tainted | provenance |  |
-| SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | SanitizingDoubleDash.go:14:23:14:33 | slice expression | provenance |  |
-| SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | SanitizingDoubleDash.go:39:31:39:37 | tainted | provenance | Config |
-| SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | SanitizingDoubleDash.go:52:24:52:30 | tainted | provenance | Config |
-| SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | SanitizingDoubleDash.go:68:31:68:37 | tainted | provenance | Config |
-| SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | SanitizingDoubleDash.go:80:23:80:29 | tainted | provenance | Config |
+| SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | SanitizingDoubleDash.go:13:25:13:31 | tainted | provenance |  |
+| SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | SanitizingDoubleDash.go:14:23:14:33 | slice expression | provenance |  |
+| SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | SanitizingDoubleDash.go:39:31:39:37 | tainted | provenance | Config |
+| SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | SanitizingDoubleDash.go:52:24:52:30 | tainted | provenance | Config |
+| SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | SanitizingDoubleDash.go:68:31:68:37 | tainted | provenance | Config |
+| SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | SanitizingDoubleDash.go:80:23:80:29 | tainted | provenance | Config |
 | SanitizingDoubleDash.go:9:13:9:19 | selection of URL | SanitizingDoubleDash.go:9:13:9:27 | call to Query | provenance | Src:MaD:2 MaD:7 |
-| SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | provenance |  |
+| SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | provenance |  |
 | SanitizingDoubleDash.go:13:15:13:32 | array literal [array] | SanitizingDoubleDash.go:14:23:14:30 | arrayLit [array] | provenance |  |
 | SanitizingDoubleDash.go:13:25:13:31 | tainted | SanitizingDoubleDash.go:13:15:13:32 | array literal [array] | provenance |  |
 | SanitizingDoubleDash.go:14:23:14:30 | arrayLit [array] | SanitizingDoubleDash.go:14:23:14:33 | slice element node | provenance |  |
@@ -181,7 +181,7 @@ nodes
 | GitSubcommands.go:33:13:33:19 | selection of URL | semmle.label | selection of URL |
 | GitSubcommands.go:33:13:33:27 | call to Query | semmle.label | call to Query |
 | GitSubcommands.go:38:32:38:38 | tainted | semmle.label | tainted |
-| SanitizingDoubleDash.go:9:2:9:8 | definition of tainted | semmle.label | definition of tainted |
+| SanitizingDoubleDash.go:9:2:9:8 | SSA def(tainted) | semmle.label | SSA def(tainted) |
 | SanitizingDoubleDash.go:9:13:9:19 | selection of URL | semmle.label | selection of URL |
 | SanitizingDoubleDash.go:9:13:9:27 | call to Query | semmle.label | call to Query |
 | SanitizingDoubleDash.go:13:15:13:32 | array literal [array] | semmle.label | array literal [array] |
diff --git a/go/ql/test/query-tests/Security/CWE-079/StoredXss.expected b/go/ql/test/query-tests/Security/CWE-079/StoredXss.expected
index 41ec62706d0..c7f959372ee 100644
--- a/go/ql/test/query-tests/Security/CWE-079/StoredXss.expected
+++ b/go/ql/test/query-tests/Security/CWE-079/StoredXss.expected
@@ -1,11 +1,11 @@
 #select
 | stored.go:30:22:30:25 | name | stored.go:18:3:18:28 | ... := ...[0] | stored.go:30:22:30:25 | name | Stored cross-site scripting vulnerability due to $@. | stored.go:18:3:18:28 | ... := ...[0] | stored value |
-| stored.go:61:22:61:25 | path | stored.go:59:30:59:33 | definition of path | stored.go:61:22:61:25 | path | Stored cross-site scripting vulnerability due to $@. | stored.go:59:30:59:33 | definition of path | stored value |
+| stored.go:61:22:61:25 | path | stored.go:59:30:59:33 | SSA def(path) | stored.go:61:22:61:25 | path | Stored cross-site scripting vulnerability due to $@. | stored.go:59:30:59:33 | SSA def(path) | stored value |
 edges
 | stored.go:18:3:18:28 | ... := ...[0] | stored.go:25:14:25:17 | rows | provenance | Src:MaD:1  |
 | stored.go:25:14:25:17 | rows | stored.go:25:29:25:33 | &... [postupdate] | provenance | FunctionModel |
 | stored.go:25:29:25:33 | &... [postupdate] | stored.go:30:22:30:25 | name | provenance |  |
-| stored.go:59:30:59:33 | definition of path | stored.go:61:22:61:25 | path | provenance |  |
+| stored.go:59:30:59:33 | SSA def(path) | stored.go:61:22:61:25 | path | provenance |  |
 models
 | 1 | Source: database/sql; DB; true; Query; ; ; ReturnValue[0]; database; manual |
 nodes
@@ -13,7 +13,7 @@ nodes
 | stored.go:25:14:25:17 | rows | semmle.label | rows |
 | stored.go:25:29:25:33 | &... [postupdate] | semmle.label | &... [postupdate] |
 | stored.go:30:22:30:25 | name | semmle.label | name |
-| stored.go:59:30:59:33 | definition of path | semmle.label | definition of path |
+| stored.go:59:30:59:33 | SSA def(path) | semmle.label | SSA def(path) |
 | stored.go:61:22:61:25 | path | semmle.label | path |
 subpaths
 testFailures
diff --git a/go/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected b/go/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
index f748c7a7773..565fedba467 100644
--- a/go/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
+++ b/go/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
@@ -1,80 +1,80 @@
 #select
 | klog.go:23:15:23:20 | header | klog.go:21:30:21:37 | selection of Header | klog.go:23:15:23:20 | header | $@ flows to a logging call. | klog.go:21:30:21:37 | selection of Header | Sensitive data returned by HTTP request headers |
 | klog.go:29:13:29:41 | call to Get | klog.go:29:13:29:20 | selection of Header | klog.go:29:13:29:41 | call to Get | $@ flows to a logging call. | klog.go:29:13:29:20 | selection of Header | Sensitive data returned by HTTP request headers |
-| main.go:19:12:19:19 | password | main.go:17:2:17:9 | definition of password | main.go:19:12:19:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:20:19:20:26 | password | main.go:17:2:17:9 | definition of password | main.go:20:19:20:26 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:21:13:21:20 | password | main.go:17:2:17:9 | definition of password | main.go:21:13:21:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:22:14:22:21 | password | main.go:17:2:17:9 | definition of password | main.go:22:14:22:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:24:13:24:20 | password | main.go:17:2:17:9 | definition of password | main.go:24:13:24:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:27:20:27:27 | password | main.go:17:2:17:9 | definition of password | main.go:27:20:27:27 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:30:14:30:21 | password | main.go:17:2:17:9 | definition of password | main.go:30:14:30:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:33:15:33:22 | password | main.go:17:2:17:9 | definition of password | main.go:33:15:33:22 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:36:13:36:20 | password | main.go:17:2:17:9 | definition of password | main.go:36:13:36:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:39:20:39:27 | password | main.go:17:2:17:9 | definition of password | main.go:39:20:39:27 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:42:14:42:21 | password | main.go:17:2:17:9 | definition of password | main.go:42:14:42:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:45:15:45:22 | password | main.go:17:2:17:9 | definition of password | main.go:45:15:45:22 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:47:16:47:23 | password | main.go:17:2:17:9 | definition of password | main.go:47:16:47:23 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:51:10:51:17 | password | main.go:17:2:17:9 | definition of password | main.go:51:10:51:17 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:52:17:52:24 | password | main.go:17:2:17:9 | definition of password | main.go:52:17:52:24 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:53:11:53:18 | password | main.go:17:2:17:9 | definition of password | main.go:53:11:53:18 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:54:12:54:19 | password | main.go:17:2:17:9 | definition of password | main.go:54:12:54:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:56:11:56:18 | password | main.go:17:2:17:9 | definition of password | main.go:56:11:56:18 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:59:18:59:25 | password | main.go:17:2:17:9 | definition of password | main.go:59:18:59:25 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:62:12:62:19 | password | main.go:17:2:17:9 | definition of password | main.go:62:12:62:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:65:13:65:20 | password | main.go:17:2:17:9 | definition of password | main.go:65:13:65:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:68:11:68:18 | password | main.go:17:2:17:9 | definition of password | main.go:68:11:68:18 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:71:18:71:25 | password | main.go:17:2:17:9 | definition of password | main.go:71:18:71:25 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:74:12:74:19 | password | main.go:17:2:17:9 | definition of password | main.go:74:12:74:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:77:13:77:20 | password | main.go:17:2:17:9 | definition of password | main.go:77:13:77:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:79:14:79:21 | password | main.go:17:2:17:9 | definition of password | main.go:79:14:79:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:82:12:82:19 | password | main.go:17:2:17:9 | definition of password | main.go:82:12:82:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:83:17:83:24 | password | main.go:17:2:17:9 | definition of password | main.go:83:17:83:24 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:87:29:87:34 | fields | main.go:17:2:17:9 | definition of password | main.go:87:29:87:34 | fields | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| main.go:90:35:90:42 | password | main.go:17:2:17:9 | definition of password | main.go:90:35:90:42 | password | $@ flows to a logging call. | main.go:17:2:17:9 | definition of password | Sensitive data returned by an access to password |
-| overrides.go:13:14:13:23 | call to String | overrides.go:8:2:8:9 | definition of password | overrides.go:13:14:13:23 | call to String | $@ flows to a logging call. | overrides.go:8:2:8:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:9:14:9:14 | x | passwords.go:21:2:21:9 | definition of password | passwords.go:9:14:9:14 | x | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:25:14:25:21 | password | passwords.go:21:2:21:9 | definition of password | passwords.go:25:14:25:21 | password | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
+| main.go:19:12:19:19 | password | main.go:17:2:17:9 | SSA def(password) | main.go:19:12:19:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:20:19:20:26 | password | main.go:17:2:17:9 | SSA def(password) | main.go:20:19:20:26 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:21:13:21:20 | password | main.go:17:2:17:9 | SSA def(password) | main.go:21:13:21:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:22:14:22:21 | password | main.go:17:2:17:9 | SSA def(password) | main.go:22:14:22:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:24:13:24:20 | password | main.go:17:2:17:9 | SSA def(password) | main.go:24:13:24:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:27:20:27:27 | password | main.go:17:2:17:9 | SSA def(password) | main.go:27:20:27:27 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:30:14:30:21 | password | main.go:17:2:17:9 | SSA def(password) | main.go:30:14:30:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:33:15:33:22 | password | main.go:17:2:17:9 | SSA def(password) | main.go:33:15:33:22 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:36:13:36:20 | password | main.go:17:2:17:9 | SSA def(password) | main.go:36:13:36:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:39:20:39:27 | password | main.go:17:2:17:9 | SSA def(password) | main.go:39:20:39:27 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:42:14:42:21 | password | main.go:17:2:17:9 | SSA def(password) | main.go:42:14:42:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:45:15:45:22 | password | main.go:17:2:17:9 | SSA def(password) | main.go:45:15:45:22 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:47:16:47:23 | password | main.go:17:2:17:9 | SSA def(password) | main.go:47:16:47:23 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:51:10:51:17 | password | main.go:17:2:17:9 | SSA def(password) | main.go:51:10:51:17 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:52:17:52:24 | password | main.go:17:2:17:9 | SSA def(password) | main.go:52:17:52:24 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:53:11:53:18 | password | main.go:17:2:17:9 | SSA def(password) | main.go:53:11:53:18 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:54:12:54:19 | password | main.go:17:2:17:9 | SSA def(password) | main.go:54:12:54:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:56:11:56:18 | password | main.go:17:2:17:9 | SSA def(password) | main.go:56:11:56:18 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:59:18:59:25 | password | main.go:17:2:17:9 | SSA def(password) | main.go:59:18:59:25 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:62:12:62:19 | password | main.go:17:2:17:9 | SSA def(password) | main.go:62:12:62:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:65:13:65:20 | password | main.go:17:2:17:9 | SSA def(password) | main.go:65:13:65:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:68:11:68:18 | password | main.go:17:2:17:9 | SSA def(password) | main.go:68:11:68:18 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:71:18:71:25 | password | main.go:17:2:17:9 | SSA def(password) | main.go:71:18:71:25 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:74:12:74:19 | password | main.go:17:2:17:9 | SSA def(password) | main.go:74:12:74:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:77:13:77:20 | password | main.go:17:2:17:9 | SSA def(password) | main.go:77:13:77:20 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:79:14:79:21 | password | main.go:17:2:17:9 | SSA def(password) | main.go:79:14:79:21 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:82:12:82:19 | password | main.go:17:2:17:9 | SSA def(password) | main.go:82:12:82:19 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:83:17:83:24 | password | main.go:17:2:17:9 | SSA def(password) | main.go:83:17:83:24 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:87:29:87:34 | fields | main.go:17:2:17:9 | SSA def(password) | main.go:87:29:87:34 | fields | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| main.go:90:35:90:42 | password | main.go:17:2:17:9 | SSA def(password) | main.go:90:35:90:42 | password | $@ flows to a logging call. | main.go:17:2:17:9 | SSA def(password) | Sensitive data returned by an access to password |
+| overrides.go:13:14:13:23 | call to String | overrides.go:8:2:8:9 | SSA def(password) | overrides.go:13:14:13:23 | call to String | $@ flows to a logging call. | overrides.go:8:2:8:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:9:14:9:14 | x | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:9:14:9:14 | x | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:25:14:25:21 | password | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:25:14:25:21 | password | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
 | passwords.go:26:14:26:23 | selection of password | passwords.go:26:14:26:23 | selection of password | passwords.go:26:14:26:23 | selection of password | $@ flows to a logging call. | passwords.go:26:14:26:23 | selection of password | Sensitive data returned by an access to password |
 | passwords.go:27:14:27:26 | call to getPassword | passwords.go:27:14:27:26 | call to getPassword | passwords.go:27:14:27:26 | call to getPassword | $@ flows to a logging call. | passwords.go:27:14:27:26 | call to getPassword | Sensitive data returned by a call to getPassword |
 | passwords.go:28:14:28:28 | call to getPassword | passwords.go:28:14:28:28 | call to getPassword | passwords.go:28:14:28:28 | call to getPassword | $@ flows to a logging call. | passwords.go:28:14:28:28 | call to getPassword | Sensitive data returned by a call to getPassword |
-| passwords.go:32:12:32:19 | password | passwords.go:21:2:21:9 | definition of password | passwords.go:32:12:32:19 | password | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:34:14:34:35 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:34:14:34:35 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
+| passwords.go:32:12:32:19 | password | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:32:12:32:19 | password | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:34:14:34:35 | ...+... | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:34:14:34:35 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
 | passwords.go:39:14:39:17 | obj1 | passwords.go:37:13:37:13 | x | passwords.go:39:14:39:17 | obj1 | $@ flows to a logging call. | passwords.go:37:13:37:13 | x | Sensitive data returned by an access to password |
-| passwords.go:44:14:44:17 | obj2 | passwords.go:21:2:21:9 | definition of password | passwords.go:44:14:44:17 | obj2 | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:51:14:51:27 | fixed_password | passwords.go:50:2:50:15 | definition of fixed_password | passwords.go:51:14:51:27 | fixed_password | $@ flows to a logging call. | passwords.go:50:2:50:15 | definition of fixed_password | Sensitive data returned by an access to fixed_password |
+| passwords.go:44:14:44:17 | obj2 | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:44:14:44:17 | obj2 | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:51:14:51:27 | fixed_password | passwords.go:50:2:50:15 | SSA def(fixed_password) | passwords.go:51:14:51:27 | fixed_password | $@ flows to a logging call. | passwords.go:50:2:50:15 | SSA def(fixed_password) | Sensitive data returned by an access to fixed_password |
 | passwords.go:89:14:89:26 | utilityObject | passwords.go:87:16:87:36 | call to make | passwords.go:89:14:89:26 | utilityObject | $@ flows to a logging call. | passwords.go:87:16:87:36 | call to make | Sensitive data returned by an access to passwordSet |
-| passwords.go:92:23:92:28 | secret | passwords.go:21:2:21:9 | definition of password | passwords.go:92:23:92:28 | secret | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:102:15:102:40 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:102:15:102:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:108:16:108:41 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:108:16:108:41 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:113:15:113:40 | ...+... | passwords.go:21:2:21:9 | definition of password | passwords.go:113:15:113:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
-| passwords.go:117:14:117:45 | ...+... | passwords.go:116:6:116:14 | definition of password1 | passwords.go:117:14:117:45 | ...+... | $@ flows to a logging call. | passwords.go:116:6:116:14 | definition of password1 | Sensitive data returned by an access to password1 |
-| passwords.go:127:14:127:19 | config | passwords.go:21:2:21:9 | definition of password | passwords.go:127:14:127:19 | config | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
+| passwords.go:92:23:92:28 | secret | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:92:23:92:28 | secret | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:102:15:102:40 | ...+... | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:102:15:102:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:108:16:108:41 | ...+... | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:108:16:108:41 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:113:15:113:40 | ...+... | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:113:15:113:40 | ...+... | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
+| passwords.go:117:14:117:45 | ...+... | passwords.go:116:6:116:14 | SSA def(password1) | passwords.go:117:14:117:45 | ...+... | $@ flows to a logging call. | passwords.go:116:6:116:14 | SSA def(password1) | Sensitive data returned by an access to password1 |
+| passwords.go:127:14:127:19 | config | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:127:14:127:19 | config | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
 | passwords.go:127:14:127:19 | config | passwords.go:121:13:121:14 | x3 | passwords.go:127:14:127:19 | config | $@ flows to a logging call. | passwords.go:121:13:121:14 | x3 | Sensitive data returned by an access to password |
 | passwords.go:127:14:127:19 | config | passwords.go:124:13:124:25 | call to getPassword | passwords.go:127:14:127:19 | config | $@ flows to a logging call. | passwords.go:124:13:124:25 | call to getPassword | Sensitive data returned by a call to getPassword |
-| passwords.go:128:14:128:21 | selection of x | passwords.go:21:2:21:9 | definition of password | passwords.go:128:14:128:21 | selection of x | $@ flows to a logging call. | passwords.go:21:2:21:9 | definition of password | Sensitive data returned by an access to password |
+| passwords.go:128:14:128:21 | selection of x | passwords.go:21:2:21:9 | SSA def(password) | passwords.go:128:14:128:21 | selection of x | $@ flows to a logging call. | passwords.go:21:2:21:9 | SSA def(password) | Sensitive data returned by an access to password |
 | passwords.go:129:14:129:21 | selection of y | passwords.go:124:13:124:25 | call to getPassword | passwords.go:129:14:129:21 | selection of y | $@ flows to a logging call. | passwords.go:124:13:124:25 | call to getPassword | Sensitive data returned by a call to getPassword |
-| protobuf.go:14:14:14:35 | call to GetDescription | protobuf.go:9:2:9:9 | definition of password | protobuf.go:14:14:14:35 | call to GetDescription | $@ flows to a logging call. | protobuf.go:9:2:9:9 | definition of password | Sensitive data returned by an access to password |
+| protobuf.go:14:14:14:35 | call to GetDescription | protobuf.go:9:2:9:9 | SSA def(password) | protobuf.go:14:14:14:35 | call to GetDescription | $@ flows to a logging call. | protobuf.go:9:2:9:9 | SSA def(password) | Sensitive data returned by an access to password |
 edges
 | klog.go:21:3:26:3 | range statement[1] | klog.go:22:27:22:33 | headers | provenance |  |
 | klog.go:21:30:21:37 | selection of Header | klog.go:21:3:26:3 | range statement[1] | provenance | Src:MaD:11 Config |
 | klog.go:22:4:25:4 | range statement[1] | klog.go:23:15:23:20 | header | provenance |  |
 | klog.go:22:27:22:33 | headers | klog.go:22:4:25:4 | range statement[1] | provenance | Config |
 | klog.go:29:13:29:20 | selection of Header | klog.go:29:13:29:41 | call to Get | provenance | Src:MaD:11 Config |
-| main.go:17:2:17:9 | definition of password | main.go:19:12:19:19 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:20:19:20:26 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:21:13:21:20 | password | provenance | Sink:MaD:6 |
-| main.go:17:2:17:9 | definition of password | main.go:22:14:22:21 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:24:13:24:20 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:27:20:27:27 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:30:14:30:21 | password | provenance | Sink:MaD:3 |
-| main.go:17:2:17:9 | definition of password | main.go:33:15:33:22 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:36:13:36:20 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:39:20:39:27 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:42:14:42:21 | password | provenance | Sink:MaD:5 |
-| main.go:17:2:17:9 | definition of password | main.go:45:15:45:22 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:47:16:47:23 | password | provenance | Sink:MaD:4 |
-| main.go:17:2:17:9 | definition of password | main.go:51:10:51:17 | password | provenance |  |
-| main.go:17:2:17:9 | definition of password | main.go:51:10:51:17 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:19:12:19:19 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:20:19:20:26 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:21:13:21:20 | password | provenance | Sink:MaD:6 |
+| main.go:17:2:17:9 | SSA def(password) | main.go:22:14:22:21 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:24:13:24:20 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:27:20:27:27 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:30:14:30:21 | password | provenance | Sink:MaD:3 |
+| main.go:17:2:17:9 | SSA def(password) | main.go:33:15:33:22 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:36:13:36:20 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:39:20:39:27 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:42:14:42:21 | password | provenance | Sink:MaD:5 |
+| main.go:17:2:17:9 | SSA def(password) | main.go:45:15:45:22 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:47:16:47:23 | password | provenance | Sink:MaD:4 |
+| main.go:17:2:17:9 | SSA def(password) | main.go:51:10:51:17 | password | provenance |  |
+| main.go:17:2:17:9 | SSA def(password) | main.go:51:10:51:17 | password | provenance |  |
 | main.go:51:10:51:17 | password | main.go:52:17:52:24 | password | provenance |  |
 | main.go:51:10:51:17 | password | main.go:52:17:52:24 | password | provenance |  |
 | main.go:52:17:52:24 | password | main.go:53:11:53:18 | password | provenance |  |
@@ -177,14 +177,14 @@ edges
 | main.go:86:2:86:7 | fields [postupdate] | main.go:87:29:87:34 | fields | provenance | Sink:MaD:2 |
 | main.go:86:19:86:26 | password | main.go:86:2:86:7 | fields [postupdate] | provenance | Config |
 | main.go:86:19:86:26 | password | main.go:90:35:90:42 | password | provenance | Sink:MaD:1 |
-| overrides.go:8:2:8:9 | definition of password | overrides.go:9:9:9:16 | password | provenance |  |
+| overrides.go:8:2:8:9 | SSA def(password) | overrides.go:9:9:9:16 | password | provenance |  |
 | overrides.go:9:9:9:16 | password | overrides.go:13:14:13:23 | call to String | provenance |  |
-| passwords.go:8:12:8:12 | definition of x | passwords.go:9:14:9:14 | x | provenance |  |
-| passwords.go:21:2:21:9 | definition of password | passwords.go:25:14:25:21 | password | provenance |  |
-| passwords.go:21:2:21:9 | definition of password | passwords.go:30:8:30:15 | password | provenance |  |
-| passwords.go:21:2:21:9 | definition of password | passwords.go:32:12:32:19 | password | provenance |  |
-| passwords.go:21:2:21:9 | definition of password | passwords.go:34:28:34:35 | password | provenance |  |
-| passwords.go:30:8:30:15 | password | passwords.go:8:12:8:12 | definition of x | provenance |  |
+| passwords.go:8:12:8:12 | SSA def(x) | passwords.go:9:14:9:14 | x | provenance |  |
+| passwords.go:21:2:21:9 | SSA def(password) | passwords.go:25:14:25:21 | password | provenance |  |
+| passwords.go:21:2:21:9 | SSA def(password) | passwords.go:30:8:30:15 | password | provenance |  |
+| passwords.go:21:2:21:9 | SSA def(password) | passwords.go:32:12:32:19 | password | provenance |  |
+| passwords.go:21:2:21:9 | SSA def(password) | passwords.go:34:28:34:35 | password | provenance |  |
+| passwords.go:30:8:30:15 | password | passwords.go:8:12:8:12 | SSA def(x) | provenance |  |
 | passwords.go:34:28:34:35 | password | passwords.go:34:14:34:35 | ...+... | provenance | Config |
 | passwords.go:34:28:34:35 | password | passwords.go:42:6:42:13 | password | provenance |  |
 | passwords.go:36:10:38:2 | struct literal | passwords.go:39:14:39:17 | obj1 | provenance |  |
@@ -197,7 +197,7 @@ edges
 | passwords.go:48:11:48:18 | password | passwords.go:108:34:108:41 | password | provenance |  |
 | passwords.go:48:11:48:18 | password | passwords.go:113:33:113:40 | password | provenance |  |
 | passwords.go:48:11:48:18 | password | passwords.go:123:13:123:20 | password | provenance |  |
-| passwords.go:50:2:50:15 | definition of fixed_password | passwords.go:51:14:51:27 | fixed_password | provenance |  |
+| passwords.go:50:2:50:15 | SSA def(fixed_password) | passwords.go:51:14:51:27 | fixed_password | provenance |  |
 | passwords.go:86:19:88:2 | struct literal | passwords.go:89:14:89:26 | utilityObject | provenance |  |
 | passwords.go:87:16:87:36 | call to make | passwords.go:86:19:88:2 | struct literal | provenance | Config |
 | passwords.go:102:33:102:40 | password | passwords.go:102:15:102:40 | ...+... | provenance | Config |
@@ -209,7 +209,7 @@ edges
 | passwords.go:108:34:108:41 | password | passwords.go:123:13:123:20 | password | provenance |  |
 | passwords.go:113:33:113:40 | password | passwords.go:113:15:113:40 | ...+... | provenance | Config |
 | passwords.go:113:33:113:40 | password | passwords.go:123:13:123:20 | password | provenance |  |
-| passwords.go:116:6:116:14 | definition of password1 | passwords.go:117:28:117:36 | password1 | provenance |  |
+| passwords.go:116:6:116:14 | SSA def(password1) | passwords.go:117:28:117:36 | password1 | provenance |  |
 | passwords.go:117:28:117:36 | password1 | passwords.go:117:28:117:45 | call to String | provenance | Config |
 | passwords.go:117:28:117:45 | call to String | passwords.go:117:14:117:45 | ...+... | provenance | Config |
 | passwords.go:120:12:125:2 | struct literal | passwords.go:127:14:127:19 | config | provenance |  |
@@ -222,13 +222,13 @@ edges
 | passwords.go:124:13:124:25 | call to getPassword | passwords.go:120:12:125:2 | struct literal [y] | provenance |  |
 | passwords.go:128:14:128:19 | config [x] | passwords.go:128:14:128:21 | selection of x | provenance |  |
 | passwords.go:129:14:129:19 | config [y] | passwords.go:129:14:129:21 | selection of y | provenance |  |
-| protobuf.go:9:2:9:9 | definition of password | protobuf.go:12:22:12:29 | password | provenance |  |
+| protobuf.go:9:2:9:9 | SSA def(password) | protobuf.go:12:22:12:29 | password | provenance |  |
 | protobuf.go:12:2:12:6 | implicit dereference [postupdate] [Description] | protobuf.go:12:2:12:6 | query [postupdate] [pointer, Description] | provenance |  |
 | protobuf.go:12:2:12:6 | query [postupdate] [pointer, Description] | protobuf.go:14:14:14:18 | query [pointer, Description] | provenance |  |
 | protobuf.go:12:22:12:29 | password | protobuf.go:12:2:12:6 | implicit dereference [postupdate] [Description] | provenance |  |
 | protobuf.go:14:14:14:18 | query [pointer, Description] | protobuf.go:14:14:14:35 | call to GetDescription | provenance |  |
-| protobuf.go:14:14:14:18 | query [pointer, Description] | protos/query/query.pb.go:117:7:117:7 | definition of x [pointer, Description] | provenance |  |
-| protos/query/query.pb.go:117:7:117:7 | definition of x [pointer, Description] | protos/query/query.pb.go:119:10:119:10 | x [pointer, Description] | provenance |  |
+| protobuf.go:14:14:14:18 | query [pointer, Description] | protos/query/query.pb.go:117:7:117:7 | SSA def(x) [pointer, Description] | provenance |  |
+| protos/query/query.pb.go:117:7:117:7 | SSA def(x) [pointer, Description] | protos/query/query.pb.go:119:10:119:10 | x [pointer, Description] | provenance |  |
 | protos/query/query.pb.go:119:10:119:10 | implicit dereference [Description] | protos/query/query.pb.go:119:10:119:22 | selection of Description | provenance |  |
 | protos/query/query.pb.go:119:10:119:10 | x [pointer, Description] | protos/query/query.pb.go:119:10:119:10 | implicit dereference [Description] | provenance |  |
 models
@@ -251,7 +251,7 @@ nodes
 | klog.go:23:15:23:20 | header | semmle.label | header |
 | klog.go:29:13:29:20 | selection of Header | semmle.label | selection of Header |
 | klog.go:29:13:29:41 | call to Get | semmle.label | call to Get |
-| main.go:17:2:17:9 | definition of password | semmle.label | definition of password |
+| main.go:17:2:17:9 | SSA def(password) | semmle.label | SSA def(password) |
 | main.go:19:12:19:19 | password | semmle.label | password |
 | main.go:20:19:20:26 | password | semmle.label | password |
 | main.go:21:13:21:20 | password | semmle.label | password |
@@ -297,12 +297,12 @@ nodes
 | main.go:86:19:86:26 | password | semmle.label | password |
 | main.go:87:29:87:34 | fields | semmle.label | fields |
 | main.go:90:35:90:42 | password | semmle.label | password |
-| overrides.go:8:2:8:9 | definition of password | semmle.label | definition of password |
+| overrides.go:8:2:8:9 | SSA def(password) | semmle.label | SSA def(password) |
 | overrides.go:9:9:9:16 | password | semmle.label | password |
 | overrides.go:13:14:13:23 | call to String | semmle.label | call to String |
-| passwords.go:8:12:8:12 | definition of x | semmle.label | definition of x |
+| passwords.go:8:12:8:12 | SSA def(x) | semmle.label | SSA def(x) |
 | passwords.go:9:14:9:14 | x | semmle.label | x |
-| passwords.go:21:2:21:9 | definition of password | semmle.label | definition of password |
+| passwords.go:21:2:21:9 | SSA def(password) | semmle.label | SSA def(password) |
 | passwords.go:25:14:25:21 | password | semmle.label | password |
 | passwords.go:26:14:26:23 | selection of password | semmle.label | selection of password |
 | passwords.go:27:14:27:26 | call to getPassword | semmle.label | call to getPassword |
@@ -318,7 +318,7 @@ nodes
 | passwords.go:42:6:42:13 | password | semmle.label | password |
 | passwords.go:44:14:44:17 | obj2 | semmle.label | obj2 |
 | passwords.go:48:11:48:18 | password | semmle.label | password |
-| passwords.go:50:2:50:15 | definition of fixed_password | semmle.label | definition of fixed_password |
+| passwords.go:50:2:50:15 | SSA def(fixed_password) | semmle.label | SSA def(fixed_password) |
 | passwords.go:51:14:51:27 | fixed_password | semmle.label | fixed_password |
 | passwords.go:86:19:88:2 | struct literal | semmle.label | struct literal |
 | passwords.go:87:16:87:36 | call to make | semmle.label | call to make |
@@ -330,7 +330,7 @@ nodes
 | passwords.go:108:34:108:41 | password | semmle.label | password |
 | passwords.go:113:15:113:40 | ...+... | semmle.label | ...+... |
 | passwords.go:113:33:113:40 | password | semmle.label | password |
-| passwords.go:116:6:116:14 | definition of password1 | semmle.label | definition of password1 |
+| passwords.go:116:6:116:14 | SSA def(password1) | semmle.label | SSA def(password1) |
 | passwords.go:117:14:117:45 | ...+... | semmle.label | ...+... |
 | passwords.go:117:28:117:36 | password1 | semmle.label | password1 |
 | passwords.go:117:28:117:45 | call to String | semmle.label | call to String |
@@ -345,15 +345,15 @@ nodes
 | passwords.go:128:14:128:21 | selection of x | semmle.label | selection of x |
 | passwords.go:129:14:129:19 | config [y] | semmle.label | config [y] |
 | passwords.go:129:14:129:21 | selection of y | semmle.label | selection of y |
-| protobuf.go:9:2:9:9 | definition of password | semmle.label | definition of password |
+| protobuf.go:9:2:9:9 | SSA def(password) | semmle.label | SSA def(password) |
 | protobuf.go:12:2:12:6 | implicit dereference [postupdate] [Description] | semmle.label | implicit dereference [postupdate] [Description] |
 | protobuf.go:12:2:12:6 | query [postupdate] [pointer, Description] | semmle.label | query [postupdate] [pointer, Description] |
 | protobuf.go:12:22:12:29 | password | semmle.label | password |
 | protobuf.go:14:14:14:18 | query [pointer, Description] | semmle.label | query [pointer, Description] |
 | protobuf.go:14:14:14:35 | call to GetDescription | semmle.label | call to GetDescription |
-| protos/query/query.pb.go:117:7:117:7 | definition of x [pointer, Description] | semmle.label | definition of x [pointer, Description] |
+| protos/query/query.pb.go:117:7:117:7 | SSA def(x) [pointer, Description] | semmle.label | SSA def(x) [pointer, Description] |
 | protos/query/query.pb.go:119:10:119:10 | implicit dereference [Description] | semmle.label | implicit dereference [Description] |
 | protos/query/query.pb.go:119:10:119:10 | x [pointer, Description] | semmle.label | x [pointer, Description] |
 | protos/query/query.pb.go:119:10:119:22 | selection of Description | semmle.label | selection of Description |
 subpaths
-| protobuf.go:14:14:14:18 | query [pointer, Description] | protos/query/query.pb.go:117:7:117:7 | definition of x [pointer, Description] | protos/query/query.pb.go:119:10:119:22 | selection of Description | protobuf.go:14:14:14:35 | call to GetDescription |
+| protobuf.go:14:14:14:18 | query [pointer, Description] | protos/query/query.pb.go:117:7:117:7 | SSA def(x) [pointer, Description] | protos/query/query.pb.go:119:10:119:22 | selection of Description | protobuf.go:14:14:14:35 | call to GetDescription |
diff --git a/go/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected b/go/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected
index b81d24f2665..b65cbbbc5db 100644
--- a/go/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected
+++ b/go/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected
@@ -3,18 +3,18 @@ edges
 | InsecureHostKeyCallbackExample.go:31:14:34:4 | type conversion | InsecureHostKeyCallbackExample.go:39:20:39:27 | callback | provenance |  |
 | InsecureHostKeyCallbackExample.go:32:3:34:3 | function literal | InsecureHostKeyCallbackExample.go:31:14:34:4 | type conversion | provenance |  |
 | InsecureHostKeyCallbackExample.go:45:3:47:3 | function literal | InsecureHostKeyCallbackExample.go:52:20:52:48 | type conversion | provenance |  |
-| InsecureHostKeyCallbackExample.go:58:39:58:46 | definition of callback | InsecureHostKeyCallbackExample.go:62:20:62:27 | callback | provenance |  |
-| InsecureHostKeyCallbackExample.go:68:48:68:55 | definition of callback | InsecureHostKeyCallbackExample.go:78:28:78:35 | callback | provenance |  |
+| InsecureHostKeyCallbackExample.go:58:39:58:46 | SSA def(callback) | InsecureHostKeyCallbackExample.go:62:20:62:27 | callback | provenance |  |
+| InsecureHostKeyCallbackExample.go:68:48:68:55 | SSA def(callback) | InsecureHostKeyCallbackExample.go:78:28:78:35 | callback | provenance |  |
 | InsecureHostKeyCallbackExample.go:94:3:94:43 | ... := ...[0] | InsecureHostKeyCallbackExample.go:95:28:95:35 | callback | provenance |  |
 | InsecureHostKeyCallbackExample.go:102:22:105:4 | type conversion | InsecureHostKeyCallbackExample.go:107:35:107:50 | insecureCallback | provenance |  |
 | InsecureHostKeyCallbackExample.go:103:3:105:3 | function literal | InsecureHostKeyCallbackExample.go:102:22:105:4 | type conversion | provenance |  |
-| InsecureHostKeyCallbackExample.go:107:35:107:50 | insecureCallback | InsecureHostKeyCallbackExample.go:58:39:58:46 | definition of callback | provenance |  |
+| InsecureHostKeyCallbackExample.go:107:35:107:50 | insecureCallback | InsecureHostKeyCallbackExample.go:58:39:58:46 | SSA def(callback) | provenance |  |
 | InsecureHostKeyCallbackExample.go:109:31:115:4 | type conversion | InsecureHostKeyCallbackExample.go:117:35:117:59 | potentiallySecureCallback | provenance |  |
 | InsecureHostKeyCallbackExample.go:109:31:115:4 | type conversion | InsecureHostKeyCallbackExample.go:120:44:120:68 | potentiallySecureCallback | provenance |  |
 | InsecureHostKeyCallbackExample.go:110:3:115:3 | function literal | InsecureHostKeyCallbackExample.go:109:31:115:4 | type conversion | provenance |  |
-| InsecureHostKeyCallbackExample.go:117:35:117:59 | potentiallySecureCallback | InsecureHostKeyCallbackExample.go:58:39:58:46 | definition of callback | provenance |  |
-| InsecureHostKeyCallbackExample.go:118:35:118:61 | call to InsecureIgnoreHostKey | InsecureHostKeyCallbackExample.go:58:39:58:46 | definition of callback | provenance |  |
-| InsecureHostKeyCallbackExample.go:120:44:120:68 | potentiallySecureCallback | InsecureHostKeyCallbackExample.go:68:48:68:55 | definition of callback | provenance |  |
+| InsecureHostKeyCallbackExample.go:117:35:117:59 | potentiallySecureCallback | InsecureHostKeyCallbackExample.go:58:39:58:46 | SSA def(callback) | provenance |  |
+| InsecureHostKeyCallbackExample.go:118:35:118:61 | call to InsecureIgnoreHostKey | InsecureHostKeyCallbackExample.go:58:39:58:46 | SSA def(callback) | provenance |  |
+| InsecureHostKeyCallbackExample.go:120:44:120:68 | potentiallySecureCallback | InsecureHostKeyCallbackExample.go:68:48:68:55 | SSA def(callback) | provenance |  |
 nodes
 | InsecureHostKeyCallbackExample.go:15:20:18:5 | type conversion | semmle.label | type conversion |
 | InsecureHostKeyCallbackExample.go:16:4:18:4 | function literal | semmle.label | function literal |
@@ -24,9 +24,9 @@ nodes
 | InsecureHostKeyCallbackExample.go:39:20:39:27 | callback | semmle.label | callback |
 | InsecureHostKeyCallbackExample.go:45:3:47:3 | function literal | semmle.label | function literal |
 | InsecureHostKeyCallbackExample.go:52:20:52:48 | type conversion | semmle.label | type conversion |
-| InsecureHostKeyCallbackExample.go:58:39:58:46 | definition of callback | semmle.label | definition of callback |
+| InsecureHostKeyCallbackExample.go:58:39:58:46 | SSA def(callback) | semmle.label | SSA def(callback) |
 | InsecureHostKeyCallbackExample.go:62:20:62:27 | callback | semmle.label | callback |
-| InsecureHostKeyCallbackExample.go:68:48:68:55 | definition of callback | semmle.label | definition of callback |
+| InsecureHostKeyCallbackExample.go:68:48:68:55 | SSA def(callback) | semmle.label | SSA def(callback) |
 | InsecureHostKeyCallbackExample.go:76:28:76:54 | call to InsecureIgnoreHostKey | semmle.label | call to InsecureIgnoreHostKey |
 | InsecureHostKeyCallbackExample.go:78:28:78:35 | callback | semmle.label | callback |
 | InsecureHostKeyCallbackExample.go:92:28:92:54 | call to InsecureIgnoreHostKey | semmle.label | call to InsecureIgnoreHostKey |
diff --git a/go/ql/test/query-tests/Security/CWE-326/InsufficientKeySize.expected b/go/ql/test/query-tests/Security/CWE-326/InsufficientKeySize.expected
index 556b1722b59..b37e3395a86 100644
--- a/go/ql/test/query-tests/Security/CWE-326/InsufficientKeySize.expected
+++ b/go/ql/test/query-tests/Security/CWE-326/InsufficientKeySize.expected
@@ -1,7 +1,7 @@
 edges
 | InsufficientKeySize.go:13:10:13:13 | 1024 | InsufficientKeySize.go:14:31:14:34 | size | provenance |  |
-| InsufficientKeySize.go:18:7:18:10 | 1024 | InsufficientKeySize.go:25:11:25:14 | definition of size | provenance |  |
-| InsufficientKeySize.go:25:11:25:14 | definition of size | InsufficientKeySize.go:26:31:26:34 | size | provenance |  |
+| InsufficientKeySize.go:18:7:18:10 | 1024 | InsufficientKeySize.go:25:11:25:14 | SSA def(size) | provenance |  |
+| InsufficientKeySize.go:25:11:25:14 | SSA def(size) | InsufficientKeySize.go:26:31:26:34 | size | provenance |  |
 | InsufficientKeySize.go:30:13:30:16 | 1024 | InsufficientKeySize.go:32:32:32:38 | keyBits | provenance |  |
 | InsufficientKeySize.go:44:13:44:16 | 1024 | InsufficientKeySize.go:47:32:47:38 | keyBits | provenance |  |
 | InsufficientKeySize.go:61:21:61:24 | 1024 | InsufficientKeySize.go:67:31:67:37 | keyBits | provenance |  |
@@ -10,7 +10,7 @@ nodes
 | InsufficientKeySize.go:13:10:13:13 | 1024 | semmle.label | 1024 |
 | InsufficientKeySize.go:14:31:14:34 | size | semmle.label | size |
 | InsufficientKeySize.go:18:7:18:10 | 1024 | semmle.label | 1024 |
-| InsufficientKeySize.go:25:11:25:14 | definition of size | semmle.label | definition of size |
+| InsufficientKeySize.go:25:11:25:14 | SSA def(size) | semmle.label | SSA def(size) |
 | InsufficientKeySize.go:26:31:26:34 | size | semmle.label | size |
 | InsufficientKeySize.go:30:13:30:16 | 1024 | semmle.label | 1024 |
 | InsufficientKeySize.go:32:32:32:38 | keyBits | semmle.label | keyBits |
diff --git a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected
index 2bfca2aa643..c1f41d118e7 100644
--- a/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected
+++ b/go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected
@@ -5,15 +5,15 @@ edges
 | go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:25:16:25:28 | call to Query | provenance | Src:MaD:3 MaD:5 |
 | go-jose.v3.go:25:16:25:28 | call to Query | go-jose.v3.go:25:16:25:47 | call to Get | provenance | MaD:6 |
 | go-jose.v3.go:25:16:25:47 | call to Get | go-jose.v3.go:26:15:26:25 | signedToken | provenance |  |
-| go-jose.v3.go:26:15:26:25 | signedToken | go-jose.v3.go:29:19:29:29 | definition of signedToken | provenance |  |
-| go-jose.v3.go:29:19:29:29 | definition of signedToken | go-jose.v3.go:31:37:31:47 | signedToken | provenance |  |
+| go-jose.v3.go:26:15:26:25 | signedToken | go-jose.v3.go:29:19:29:29 | SSA def(signedToken) | provenance |  |
+| go-jose.v3.go:29:19:29:29 | SSA def(signedToken) | go-jose.v3.go:31:37:31:47 | signedToken | provenance |  |
 | go-jose.v3.go:31:2:31:48 | ... := ...[0] | go-jose.v3.go:33:12:33:23 | DecodedToken | provenance | Sink:MaD:2 |
 | go-jose.v3.go:31:37:31:47 | signedToken | go-jose.v3.go:31:2:31:48 | ... := ...[0] | provenance | MaD:4 |
 | golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:28:16:28:28 | call to Query | provenance | Src:MaD:3 MaD:5 |
 | golang-jwt-v5.go:28:16:28:28 | call to Query | golang-jwt-v5.go:28:16:28:47 | call to Get | provenance | MaD:6 |
 | golang-jwt-v5.go:28:16:28:47 | call to Get | golang-jwt-v5.go:29:25:29:35 | signedToken | provenance |  |
-| golang-jwt-v5.go:29:25:29:35 | signedToken | golang-jwt-v5.go:32:29:32:39 | definition of signedToken | provenance |  |
-| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:1 |
+| golang-jwt-v5.go:29:25:29:35 | signedToken | golang-jwt-v5.go:32:29:32:39 | SSA def(signedToken) | provenance |  |
+| golang-jwt-v5.go:32:29:32:39 | SSA def(signedToken) | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:1 |
 models
 | 1 | Sink: github.com/golang-jwt/jwt; Parser; true; ParseUnverified; ; ; Argument[0]; jwt; manual |
 | 2 | Sink: group:go-jose/jwt; JSONWebToken; true; UnsafeClaimsWithoutVerification; ; ; Argument[receiver]; jwt; manual |
@@ -26,7 +26,7 @@ nodes
 | go-jose.v3.go:25:16:25:28 | call to Query | semmle.label | call to Query |
 | go-jose.v3.go:25:16:25:47 | call to Get | semmle.label | call to Get |
 | go-jose.v3.go:26:15:26:25 | signedToken | semmle.label | signedToken |
-| go-jose.v3.go:29:19:29:29 | definition of signedToken | semmle.label | definition of signedToken |
+| go-jose.v3.go:29:19:29:29 | SSA def(signedToken) | semmle.label | SSA def(signedToken) |
 | go-jose.v3.go:31:2:31:48 | ... := ...[0] | semmle.label | ... := ...[0] |
 | go-jose.v3.go:31:37:31:47 | signedToken | semmle.label | signedToken |
 | go-jose.v3.go:33:12:33:23 | DecodedToken | semmle.label | DecodedToken |
@@ -34,6 +34,6 @@ nodes
 | golang-jwt-v5.go:28:16:28:28 | call to Query | semmle.label | call to Query |
 | golang-jwt-v5.go:28:16:28:47 | call to Get | semmle.label | call to Get |
 | golang-jwt-v5.go:29:25:29:35 | signedToken | semmle.label | signedToken |
-| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | semmle.label | definition of signedToken |
+| golang-jwt-v5.go:32:29:32:39 | SSA def(signedToken) | semmle.label | SSA def(signedToken) |
 | golang-jwt-v5.go:34:58:34:68 | signedToken | semmle.label | signedToken |
 subpaths
diff --git a/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected b/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected
index 8d4aaba1446..9135bafbf54 100644
--- a/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected
+++ b/go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected
@@ -9,31 +9,31 @@
 | main.go:69:5:69:22 | ...!=... | main.go:76:19:76:21 | argument corresponding to url | main.go:77:25:77:39 | call to getTarget1 | This is a check that $@, which flows into a $@, has a leading slash, but not that it does not have '/' or '\\' in its second position. | main.go:76:19:76:21 | argument corresponding to url | this value | main.go:77:25:77:39 | call to getTarget1 | redirect |
 | main.go:83:5:83:20 | ...!=... | main.go:87:9:87:14 | selection of Path | main.go:91:25:91:39 | call to getTarget2 | This is a check that $@, which flows into a $@, has a leading slash, but not that it does not have '/' or '\\' in its second position. | main.go:87:9:87:14 | selection of Path | this value | main.go:91:25:91:39 | call to getTarget2 | redirect |
 edges
+| BadRedirectCheck.go:3:18:3:22 | SSA def(redir) | BadRedirectCheck.go:5:10:5:14 | redir | provenance |  |
 | BadRedirectCheck.go:3:18:3:22 | argument corresponding to redir | BadRedirectCheck.go:5:10:5:14 | redir | provenance |  |
-| BadRedirectCheck.go:3:18:3:22 | definition of redir | BadRedirectCheck.go:5:10:5:14 | redir | provenance |  |
 | BadRedirectCheck.go:5:10:5:14 | redir | main.go:11:25:11:45 | call to sanitizeUrl | provenance | Sink:MaD:1 |
 | cves.go:14:23:14:25 | argument corresponding to url | cves.go:16:26:16:28 | url | provenance | Sink:MaD:1 |
 | cves.go:33:14:33:34 | call to Get | cves.go:37:25:37:32 | redirect | provenance | Sink:MaD:1 |
 | cves.go:41:14:41:34 | call to Get | cves.go:45:25:45:32 | redirect | provenance | Sink:MaD:1 |
 | main.go:10:18:10:25 | argument corresponding to redirect | main.go:11:37:11:44 | redirect | provenance |  |
-| main.go:11:37:11:44 | redirect | BadRedirectCheck.go:3:18:3:22 | definition of redir | provenance |  |
+| main.go:11:37:11:44 | redirect | BadRedirectCheck.go:3:18:3:22 | SSA def(redir) | provenance |  |
 | main.go:11:37:11:44 | redirect | main.go:11:25:11:45 | call to sanitizeUrl | provenance | Sink:MaD:1 |
 | main.go:32:24:32:26 | argument corresponding to url | main.go:34:26:34:28 | url | provenance | Sink:MaD:1 |
+| main.go:68:17:68:24 | SSA def(redirect) | main.go:73:20:73:27 | redirect | provenance |  |
 | main.go:68:17:68:24 | argument corresponding to redirect | main.go:73:20:73:27 | redirect | provenance |  |
-| main.go:68:17:68:24 | definition of redirect | main.go:73:20:73:27 | redirect | provenance |  |
 | main.go:73:9:73:28 | call to Clean | main.go:77:25:77:39 | call to getTarget1 | provenance | Sink:MaD:1 |
 | main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:2 |
 | main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:2 |
 | main.go:76:19:76:21 | argument corresponding to url | main.go:77:36:77:38 | url | provenance |  |
-| main.go:77:36:77:38 | url | main.go:68:17:68:24 | definition of redirect | provenance |  |
+| main.go:77:36:77:38 | url | main.go:68:17:68:24 | SSA def(redirect) | provenance |  |
 | main.go:77:36:77:38 | url | main.go:77:25:77:39 | call to getTarget1 | provenance | MaD:2 Sink:MaD:1 |
 | main.go:87:9:87:14 | selection of Path | main.go:91:25:91:39 | call to getTarget2 | provenance | Sink:MaD:1 |
 models
 | 1 | Sink: net/http; ; false; Redirect; ; ; Argument[2]; url-redirection[0]; manual |
 | 2 | Summary: path; ; false; Clean; ; ; Argument[0]; ReturnValue; taint; manual |
 nodes
+| BadRedirectCheck.go:3:18:3:22 | SSA def(redir) | semmle.label | SSA def(redir) |
 | BadRedirectCheck.go:3:18:3:22 | argument corresponding to redir | semmle.label | argument corresponding to redir |
-| BadRedirectCheck.go:3:18:3:22 | definition of redir | semmle.label | definition of redir |
 | BadRedirectCheck.go:5:10:5:14 | redir | semmle.label | redir |
 | BadRedirectCheck.go:5:10:5:14 | redir | semmle.label | redir |
 | cves.go:14:23:14:25 | argument corresponding to url | semmle.label | argument corresponding to url |
@@ -47,8 +47,8 @@ nodes
 | main.go:11:37:11:44 | redirect | semmle.label | redirect |
 | main.go:32:24:32:26 | argument corresponding to url | semmle.label | argument corresponding to url |
 | main.go:34:26:34:28 | url | semmle.label | url |
+| main.go:68:17:68:24 | SSA def(redirect) | semmle.label | SSA def(redirect) |
 | main.go:68:17:68:24 | argument corresponding to redirect | semmle.label | argument corresponding to redirect |
-| main.go:68:17:68:24 | definition of redirect | semmle.label | definition of redirect |
 | main.go:73:9:73:28 | call to Clean | semmle.label | call to Clean |
 | main.go:73:9:73:28 | call to Clean | semmle.label | call to Clean |
 | main.go:73:20:73:27 | redirect | semmle.label | redirect |
@@ -59,5 +59,5 @@ nodes
 | main.go:87:9:87:14 | selection of Path | semmle.label | selection of Path |
 | main.go:91:25:91:39 | call to getTarget2 | semmle.label | call to getTarget2 |
 subpaths
-| main.go:11:37:11:44 | redirect | BadRedirectCheck.go:3:18:3:22 | definition of redir | BadRedirectCheck.go:5:10:5:14 | redir | main.go:11:25:11:45 | call to sanitizeUrl |
-| main.go:77:36:77:38 | url | main.go:68:17:68:24 | definition of redirect | main.go:73:9:73:28 | call to Clean | main.go:77:25:77:39 | call to getTarget1 |
+| main.go:11:37:11:44 | redirect | BadRedirectCheck.go:3:18:3:22 | SSA def(redir) | BadRedirectCheck.go:5:10:5:14 | redir | main.go:11:25:11:45 | call to sanitizeUrl |
+| main.go:77:36:77:38 | url | main.go:68:17:68:24 | SSA def(redirect) | main.go:73:9:73:28 | call to Clean | main.go:77:25:77:39 | call to getTarget1 |