From dd57d9fd550d0351a225d9ae5559d210285cf140 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Wed, 14 Jun 2023 14:27:58 +0100
Subject: [PATCH 1/6] Add flowCheckNodeSpecific

This allows individual languages to specify `FlowCheckNode`s, which
break up the big step relation and make sure that those nodes appear in
path summaries.
---
 go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 

From e0f7437d40630621b32b437338f8cd7fb9040202 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Wed, 14 Jun 2023 14:29:56 +0100
Subject: [PATCH 2/6] Sync dataflow library

---
 cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll  | 3 ++-
 .../lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll  | 3 ++-
 .../lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll  | 3 ++-
 .../ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll | 3 ++-
 .../lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll   | 3 ++-
 ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll     | 3 ++-
 swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll   | 3 ++-
 7 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 
diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 
diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
index 984c5ae2018..41341c6be5c 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
@@ -2021,7 +2021,8 @@ module Impl<FullStateConfigSig Config> {
       FlowCheckNode() {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
-        expectsContentCached(this.asNode(), _)
+        expectsContentCached(this.asNode(), _) or
+        flowCheckNodeSpecific(this.asNode())
       }
     }
 

From 5f72ce093594c5af730e16069d392a0d92d41751 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Wed, 14 Jun 2023 14:36:45 +0100
Subject: [PATCH 3/6] Add stub implementations of flowCheckNodeSpecific

---
 .../semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll    | 5 +++++
 .../semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll | 5 +++++
 .../semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll | 5 +++++
 go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll    | 5 +++++
 .../semmle/code/java/dataflow/internal/DataFlowPrivate.qll   | 5 +++++
 .../semmle/python/dataflow/new/internal/DataFlowPrivate.qll  | 5 +++++
 .../ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll | 5 +++++
 .../lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll   | 5 +++++
 8 files changed, 40 insertions(+)

diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
index 115989e3dea..9b7b92f6fb8 100644
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
@@ -235,6 +235,11 @@ class CastNode extends Node {
   CastNode() { none() } // stub implementation
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 class DataFlowCallable = Function;
 
 class DataFlowExpr = Expr;
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
index 33ff6f74775..dfd8fcbaccf 100644
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
@@ -783,6 +783,11 @@ class CastNode extends Node {
   CastNode() { none() } // stub implementation
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 /**
  * A function that may contain code or a variable that may contain itself. When
  * flow crosses from one _enclosing callable_ to another, the interprocedural
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
index a3aed9f9097..27d35568e09 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
@@ -2147,6 +2147,11 @@ class CastNode extends Node {
   }
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 class DataFlowExpr = DotNet::Expr;
 
 /** Holds if `e` is an expression that always has the same Boolean value `val`. */
diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll
index ee146fc2aba..c014e89e397 100644
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll
@@ -228,6 +228,11 @@ class CastNode extends ExprNode {
   override ConversionExpr expr;
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 class DataFlowExpr = Expr;
 
 private newtype TDataFlowType =
diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
index ea393dad0bf..eabfa3ecfc5 100644
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
@@ -242,6 +242,11 @@ class CastNode extends ExprNode {
   CastNode() { this.getExpr() instanceof CastingExpr }
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 private newtype TDataFlowCallable =
   TSrcCallable(Callable c) or
   TSummarizedCallable(SummarizedCallable c) or
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
index 7f907ca84e8..98c262375e1 100644
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
@@ -497,6 +497,11 @@ class CastNode extends Node {
   CastNode() { readStep(_, _, this) or storeStep(_, _, this) }
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 /**
  * Holds if `t1` and `t2` are compatible, that is, whether data can flow from
  * a node of type `t1` to a node of type `t2`.
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
index 0fb0bac0462..313c76dfab7 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
@@ -1296,6 +1296,11 @@ class CastNode extends Node {
   }
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 class DataFlowExpr = CfgNodes::ExprCfgNode;
 
 int accessPathLimit() { result = 5 }
diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index 02ae10b83af..b18f38cbb65 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -849,6 +849,11 @@ class CastNode extends Node {
   CastNode() { none() }
 }
 
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) { none() }
+
 class DataFlowExpr = Expr;
 
 class DataFlowParameter = ParamDecl;

From ee185ae204691b78ff58358045717e19ae342912 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Wed, 14 Jun 2023 14:41:16 +0100
Subject: [PATCH 4/6] Python: Move hack from CastNode into
 flowCheckNodeSpecific

---
 .../dataflow/new/internal/DataFlowPrivate.qll      | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
index 98c262375e1..8df16662e07 100644
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
@@ -486,6 +486,13 @@ class DataFlowType extends TDataFlowType {
 
 /** A node that performs a type cast. */
 class CastNode extends Node {
+  CastNode() { none() }
+}
+
+/**
+ * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ */
+predicate flowCheckNodeSpecific(Node n) {
   // We include read- and store steps here to force them to be
   // shown in path explanations.
   // This hack is necessary, because we have included some of these
@@ -494,14 +501,9 @@ class CastNode extends Node {
   // We should revert this once, we can remove this steps from the
   // default taint steps; this should be possible once we have
   // implemented flow summaries and recursive content.
-  CastNode() { readStep(_, _, this) or storeStep(_, _, this) }
+  readStep(_, _, n) or storeStep(_, _, n)
 }
 
-/**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
- */
-predicate flowCheckNodeSpecific(Node n) { none() }
-
 /**
  * Holds if `t1` and `t2` are compatible, that is, whether data can flow from
  * a node of type `t1` to a node of type `t2`.

From e34bcef2bd2527d7ab5c77af534fe3d0ab76bb72 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Wed, 14 Jun 2023 14:41:58 +0100
Subject: [PATCH 5/6] Ruby: Move path summary visibility code into
 flowCheckNodeSpecific

---
 .../codeql/ruby/dataflow/internal/DataFlowPrivate.qll  | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
index 313c76dfab7..6cabe899d5a 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
@@ -1290,16 +1290,16 @@ private import PostUpdateNodes
 
 /** A node that performs a type cast. */
 class CastNode extends Node {
-  CastNode() {
-    // ensure that all variable assignments are included in the path graph
-    this.(SsaDefinitionExtNode).getDefinitionExt() instanceof Ssa::WriteDefinition
-  }
+  CastNode() { none() }
 }
 
 /**
  * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
  */
-predicate flowCheckNodeSpecific(Node n) { none() }
+predicate flowCheckNodeSpecific(Node n) {
+  // ensure that all variable assignments are included in the path graph
+  n.(SsaDefinitionExtNode).getDefinitionExt() instanceof Ssa::WriteDefinition
+}
 
 class DataFlowExpr = CfgNodes::ExprCfgNode;
 

From 3ff6d033d3def3e8781e8cd09bb2b471de580c1d Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Wed, 14 Jun 2023 15:25:49 +0100
Subject: [PATCH 6/6] Rename to `neverSkipInPathGraph`

---
 .../lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll   | 2 +-
 .../semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll    | 5 +++--
 .../semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll    | 2 +-
 .../semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll | 5 +++--
 .../semmle/code/csharp/dataflow/internal/DataFlowImpl.qll    | 2 +-
 .../semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll | 5 +++--
 go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll       | 2 +-
 go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll    | 5 +++--
 .../lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll  | 2 +-
 .../semmle/code/java/dataflow/internal/DataFlowPrivate.qll   | 5 +++--
 .../lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll | 2 +-
 .../semmle/python/dataflow/new/internal/DataFlowPrivate.qll  | 5 +++--
 ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll   | 2 +-
 .../ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll | 5 +++--
 swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll | 2 +-
 .../lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll   | 5 +++--
 16 files changed, 32 insertions(+), 24 deletions(-)

diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
index 9b7b92f6fb8..b380748fb3c 100644
--- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
+++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
@@ -236,9 +236,10 @@ class CastNode extends Node {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) { none() }
+predicate neverSkipInPathGraph(Node n) { none() }
 
 class DataFlowCallable = Function;
 
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
index dfd8fcbaccf..ef006bbff0a 100644
--- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
@@ -784,9 +784,10 @@ class CastNode extends Node {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) { none() }
+predicate neverSkipInPathGraph(Node n) { none() }
 
 /**
  * A function that may contain code or a variable that may contain itself. When
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
index 27d35568e09..c8287255f4f 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
@@ -2148,9 +2148,10 @@ class CastNode extends Node {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) { none() }
+predicate neverSkipInPathGraph(Node n) { none() }
 
 class DataFlowExpr = DotNet::Expr;
 
diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll
index c014e89e397..277c92703e7 100644
--- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll
+++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll
@@ -229,9 +229,10 @@ class CastNode extends ExprNode {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) { none() }
+predicate neverSkipInPathGraph(Node n) { none() }
 
 class DataFlowExpr = Expr;
 
diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
index eabfa3ecfc5..216523023d9 100644
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
@@ -243,9 +243,10 @@ class CastNode extends ExprNode {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) { none() }
+predicate neverSkipInPathGraph(Node n) { none() }
 
 private newtype TDataFlowCallable =
   TSrcCallable(Callable c) or
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
index 8df16662e07..29504b6aa38 100644
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
@@ -490,9 +490,10 @@ class CastNode extends Node {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) {
+predicate neverSkipInPathGraph(Node n) {
   // We include read- and store steps here to force them to be
   // shown in path explanations.
   // This hack is necessary, because we have included some of these
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
index 6cabe899d5a..f8469e99a23 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
@@ -1294,9 +1294,10 @@ class CastNode extends Node {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) {
+predicate neverSkipInPathGraph(Node n) {
   // ensure that all variable assignments are included in the path graph
   n.(SsaDefinitionExtNode).getDefinitionExt() instanceof Ssa::WriteDefinition
 }
diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
index 41341c6be5c..284fff191ae 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImpl.qll
@@ -2022,7 +2022,7 @@ module Impl<FullStateConfigSig Config> {
         castNode(this.asNode()) or
         clearsContentCached(this.asNode(), _) or
         expectsContentCached(this.asNode(), _) or
-        flowCheckNodeSpecific(this.asNode())
+        neverSkipInPathGraph(this.asNode())
       }
     }
 
diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index b18f38cbb65..c0f01a67df3 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -850,9 +850,10 @@ class CastNode extends Node {
 }
 
 /**
- * Holds if `n` should be a FlowCheckNode, which will appear in path summaries.
+ * Holds if `n` should never be skipped over in the `PathGraph` and in path
+ * explanations.
  */
-predicate flowCheckNodeSpecific(Node n) { none() }
+predicate neverSkipInPathGraph(Node n) { none() }
 
 class DataFlowExpr = Expr;