diff --git a/cpp/change-notes/2021-11-01-isFromSystemMacroDefinition.md b/cpp/change-notes/2021-11-01-isFromSystemMacroDefinition.md
deleted file mode 100644
index 2a859824c8a..00000000000
--- a/cpp/change-notes/2021-11-01-isFromSystemMacroDefinition.md
+++ /dev/null
@@ -1,4 +0,0 @@
-lgtm,codescanning
-* The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate
-  `isFromSystemMacroDefinition` for identifying code that originates from a
-  macro outside the project being analyzed.
diff --git a/cpp/change-notes/2021-11-09-use-of-http.md b/cpp/change-notes/2021-11-09-use-of-http.md
deleted file mode 100644
index 6ae3f076634..00000000000
--- a/cpp/change-notes/2021-11-09-use-of-http.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`.
diff --git a/cpp/change-notes/2021-11-25-certificate-not-checked.md b/cpp/change-notes/2021-11-25-certificate-not-checked.md
deleted file mode 100644
index 7cd83d11a1e..00000000000
--- a/cpp/change-notes/2021-11-25-certificate-not-checked.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* A new query `cpp/certificate-not-checked` has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.
diff --git a/cpp/change-notes/2021-11-25-certificate-result-conflation.md b/cpp/change-notes/2021-11-25-certificate-result-conflation.md
deleted file mode 100644
index 14950c5dd04..00000000000
--- a/cpp/change-notes/2021-11-25-certificate-result-conflation.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* A new query `cpp/certificate-result-conflation` has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.
diff --git a/cpp/change-notes/2020-09-29-range-analysis-rollup.md b/cpp/old-change-notes/2020-09-29-range-analysis-rollup.md
similarity index 100%
rename from cpp/change-notes/2020-09-29-range-analysis-rollup.md
rename to cpp/old-change-notes/2020-09-29-range-analysis-rollup.md
diff --git a/cpp/change-notes/2020-10-21-erroneous-types.md b/cpp/old-change-notes/2020-10-21-erroneous-types.md
similarity index 100%
rename from cpp/change-notes/2020-10-21-erroneous-types.md
rename to cpp/old-change-notes/2020-10-21-erroneous-types.md
diff --git a/cpp/change-notes/2020-10-21-size-check-queries.md b/cpp/old-change-notes/2020-10-21-size-check-queries.md
similarity index 100%
rename from cpp/change-notes/2020-10-21-size-check-queries.md
rename to cpp/old-change-notes/2020-10-21-size-check-queries.md
diff --git a/cpp/change-notes/2020-11-02-unused-local-variable.md b/cpp/old-change-notes/2020-11-02-unused-local-variable.md
similarity index 100%
rename from cpp/change-notes/2020-11-02-unused-local-variable.md
rename to cpp/old-change-notes/2020-11-02-unused-local-variable.md
diff --git a/cpp/change-notes/2020-11-05-formatting-function.md b/cpp/old-change-notes/2020-11-05-formatting-function.md
similarity index 100%
rename from cpp/change-notes/2020-11-05-formatting-function.md
rename to cpp/old-change-notes/2020-11-05-formatting-function.md
diff --git a/cpp/change-notes/2020-11-05-private-models.md b/cpp/old-change-notes/2020-11-05-private-models.md
similarity index 100%
rename from cpp/change-notes/2020-11-05-private-models.md
rename to cpp/old-change-notes/2020-11-05-private-models.md
diff --git a/cpp/change-notes/2020-11-12-unsafe-use-of-this.md b/cpp/old-change-notes/2020-11-12-unsafe-use-of-this.md
similarity index 100%
rename from cpp/change-notes/2020-11-12-unsafe-use-of-this.md
rename to cpp/old-change-notes/2020-11-12-unsafe-use-of-this.md
diff --git a/cpp/change-notes/2020-11-27-downgrade-to-recommendation.md b/cpp/old-change-notes/2020-11-27-downgrade-to-recommendation.md
similarity index 100%
rename from cpp/change-notes/2020-11-27-downgrade-to-recommendation.md
rename to cpp/old-change-notes/2020-11-27-downgrade-to-recommendation.md
diff --git a/cpp/change-notes/2021-02-04-unsigned-difference-expression-compared-zero.md b/cpp/old-change-notes/2021-02-04-unsigned-difference-expression-compared-zero.md
similarity index 100%
rename from cpp/change-notes/2021-02-04-unsigned-difference-expression-compared-zero.md
rename to cpp/old-change-notes/2021-02-04-unsigned-difference-expression-compared-zero.md
diff --git a/cpp/change-notes/2021-02-24-memset-may-be-deleted.md b/cpp/old-change-notes/2021-02-24-memset-may-be-deleted.md
similarity index 100%
rename from cpp/change-notes/2021-02-24-memset-may-be-deleted.md
rename to cpp/old-change-notes/2021-02-24-memset-may-be-deleted.md
diff --git a/cpp/change-notes/2021-03-01-fluent-interface-data-flow.md b/cpp/old-change-notes/2021-03-01-fluent-interface-data-flow.md
similarity index 100%
rename from cpp/change-notes/2021-03-01-fluent-interface-data-flow.md
rename to cpp/old-change-notes/2021-03-01-fluent-interface-data-flow.md
diff --git a/cpp/change-notes/2021-03-11-failed-extractions.md b/cpp/old-change-notes/2021-03-11-failed-extractions.md
similarity index 100%
rename from cpp/change-notes/2021-03-11-failed-extractions.md
rename to cpp/old-change-notes/2021-03-11-failed-extractions.md
diff --git a/cpp/change-notes/2021-03-11-overflow-abs.md b/cpp/old-change-notes/2021-03-11-overflow-abs.md
similarity index 100%
rename from cpp/change-notes/2021-03-11-overflow-abs.md
rename to cpp/old-change-notes/2021-03-11-overflow-abs.md
diff --git a/cpp/change-notes/2021-03-17-av-rule-79.md b/cpp/old-change-notes/2021-03-17-av-rule-79.md
similarity index 100%
rename from cpp/change-notes/2021-03-17-av-rule-79.md
rename to cpp/old-change-notes/2021-03-17-av-rule-79.md
diff --git a/cpp/change-notes/2021-04-06-assign-where-compare-meant.md b/cpp/old-change-notes/2021-04-06-assign-where-compare-meant.md
similarity index 100%
rename from cpp/change-notes/2021-04-06-assign-where-compare-meant.md
rename to cpp/old-change-notes/2021-04-06-assign-where-compare-meant.md
diff --git a/cpp/change-notes/2021-04-09-unsigned-difference-expression-compared-zero.md b/cpp/old-change-notes/2021-04-09-unsigned-difference-expression-compared-zero.md
similarity index 100%
rename from cpp/change-notes/2021-04-09-unsigned-difference-expression-compared-zero.md
rename to cpp/old-change-notes/2021-04-09-unsigned-difference-expression-compared-zero.md
diff --git a/cpp/change-notes/2021-04-13-arithmetic-queries.md b/cpp/old-change-notes/2021-04-13-arithmetic-queries.md
similarity index 100%
rename from cpp/change-notes/2021-04-13-arithmetic-queries.md
rename to cpp/old-change-notes/2021-04-13-arithmetic-queries.md
diff --git a/cpp/change-notes/2021-04-21-return-stack-allocated-object.md b/cpp/old-change-notes/2021-04-21-return-stack-allocated-object.md
similarity index 100%
rename from cpp/change-notes/2021-04-21-return-stack-allocated-object.md
rename to cpp/old-change-notes/2021-04-21-return-stack-allocated-object.md
diff --git a/cpp/change-notes/2021-04-26-more-sound-expr-might-overflow.md b/cpp/old-change-notes/2021-04-26-more-sound-expr-might-overflow.md
similarity index 100%
rename from cpp/change-notes/2021-04-26-more-sound-expr-might-overflow.md
rename to cpp/old-change-notes/2021-04-26-more-sound-expr-might-overflow.md
diff --git a/cpp/change-notes/2021-05-10-comparison-with-wider-type.md b/cpp/old-change-notes/2021-05-10-comparison-with-wider-type.md
similarity index 100%
rename from cpp/change-notes/2021-05-10-comparison-with-wider-type.md
rename to cpp/old-change-notes/2021-05-10-comparison-with-wider-type.md
diff --git a/cpp/change-notes/2021-05-12-uncontrolled-arithmetic.md b/cpp/old-change-notes/2021-05-12-uncontrolled-arithmetic.md
similarity index 100%
rename from cpp/change-notes/2021-05-12-uncontrolled-arithmetic.md
rename to cpp/old-change-notes/2021-05-12-uncontrolled-arithmetic.md
diff --git a/cpp/change-notes/2021-05-14-uncontrolled-allocation-size.md b/cpp/old-change-notes/2021-05-14-uncontrolled-allocation-size.md
similarity index 100%
rename from cpp/change-notes/2021-05-14-uncontrolled-allocation-size.md
rename to cpp/old-change-notes/2021-05-14-uncontrolled-allocation-size.md
diff --git a/cpp/change-notes/2021-05-18-static-buffer-overflow.md b/cpp/old-change-notes/2021-05-18-static-buffer-overflow.md
similarity index 100%
rename from cpp/change-notes/2021-05-18-static-buffer-overflow.md
rename to cpp/old-change-notes/2021-05-18-static-buffer-overflow.md
diff --git a/cpp/change-notes/2021-05-19-weak-cryptographic-algorithm.md b/cpp/old-change-notes/2021-05-19-weak-cryptographic-algorithm.md
similarity index 100%
rename from cpp/change-notes/2021-05-19-weak-cryptographic-algorithm.md
rename to cpp/old-change-notes/2021-05-19-weak-cryptographic-algorithm.md
diff --git a/cpp/change-notes/2021-05-20-incorrect-allocation-error-handling.md b/cpp/old-change-notes/2021-05-20-incorrect-allocation-error-handling.md
similarity index 100%
rename from cpp/change-notes/2021-05-20-incorrect-allocation-error-handling.md
rename to cpp/old-change-notes/2021-05-20-incorrect-allocation-error-handling.md
diff --git a/cpp/change-notes/2021-05-20-ref-qualifiers.md b/cpp/old-change-notes/2021-05-20-ref-qualifiers.md
similarity index 100%
rename from cpp/change-notes/2021-05-20-ref-qualifiers.md
rename to cpp/old-change-notes/2021-05-20-ref-qualifiers.md
diff --git a/cpp/change-notes/2021-05-21-unsafe-strncat.md b/cpp/old-change-notes/2021-05-21-unsafe-strncat.md
similarity index 100%
rename from cpp/change-notes/2021-05-21-unsafe-strncat.md
rename to cpp/old-change-notes/2021-05-21-unsafe-strncat.md
diff --git a/cpp/change-notes/2021-06-10-cleartext-transmission.md b/cpp/old-change-notes/2021-06-10-cleartext-transmission.md
similarity index 100%
rename from cpp/change-notes/2021-06-10-cleartext-transmission.md
rename to cpp/old-change-notes/2021-06-10-cleartext-transmission.md
diff --git a/cpp/change-notes/2021-06-10-std-types.md b/cpp/old-change-notes/2021-06-10-std-types.md
similarity index 100%
rename from cpp/change-notes/2021-06-10-std-types.md
rename to cpp/old-change-notes/2021-06-10-std-types.md
diff --git a/cpp/change-notes/2021-06-21-weak-cryptographic-algorithm.md b/cpp/old-change-notes/2021-06-21-weak-cryptographic-algorithm.md
similarity index 100%
rename from cpp/change-notes/2021-06-21-weak-cryptographic-algorithm.md
rename to cpp/old-change-notes/2021-06-21-weak-cryptographic-algorithm.md
diff --git a/cpp/change-notes/2021-06-22-sql-tainted.md b/cpp/old-change-notes/2021-06-22-sql-tainted.md
similarity index 100%
rename from cpp/change-notes/2021-06-22-sql-tainted.md
rename to cpp/old-change-notes/2021-06-22-sql-tainted.md
diff --git a/cpp/change-notes/2021-06-24-dataflow-implicit-reads.md b/cpp/old-change-notes/2021-06-24-dataflow-implicit-reads.md
similarity index 100%
rename from cpp/change-notes/2021-06-24-dataflow-implicit-reads.md
rename to cpp/old-change-notes/2021-06-24-dataflow-implicit-reads.md
diff --git a/cpp/change-notes/2021-06-24-uncontrolled-arithmetic.md b/cpp/old-change-notes/2021-06-24-uncontrolled-arithmetic.md
similarity index 100%
rename from cpp/change-notes/2021-06-24-uncontrolled-arithmetic.md
rename to cpp/old-change-notes/2021-06-24-uncontrolled-arithmetic.md
diff --git a/cpp/change-notes/2021-06-30-wrong-type-format-argument.md b/cpp/old-change-notes/2021-06-30-wrong-type-format-argument.md
similarity index 100%
rename from cpp/change-notes/2021-06-30-wrong-type-format-argument.md
rename to cpp/old-change-notes/2021-06-30-wrong-type-format-argument.md
diff --git a/cpp/change-notes/2021-07-13-cleartext-storage-file.md b/cpp/old-change-notes/2021-07-13-cleartext-storage-file.md
similarity index 100%
rename from cpp/change-notes/2021-07-13-cleartext-storage-file.md
rename to cpp/old-change-notes/2021-07-13-cleartext-storage-file.md
diff --git a/cpp/change-notes/2021-07-20-toctou-race-condition.md b/cpp/old-change-notes/2021-07-20-toctou-race-condition.md
similarity index 100%
rename from cpp/change-notes/2021-07-20-toctou-race-condition.md
rename to cpp/old-change-notes/2021-07-20-toctou-race-condition.md
diff --git a/cpp/change-notes/2021-07-27-uncontrolled-arithmetic.md b/cpp/old-change-notes/2021-07-27-uncontrolled-arithmetic.md
similarity index 100%
rename from cpp/change-notes/2021-07-27-uncontrolled-arithmetic.md
rename to cpp/old-change-notes/2021-07-27-uncontrolled-arithmetic.md
diff --git a/cpp/change-notes/2021-07-29-virtual-function-declaration-specifiers.md b/cpp/old-change-notes/2021-07-29-virtual-function-declaration-specifiers.md
similarity index 100%
rename from cpp/change-notes/2021-07-29-virtual-function-declaration-specifiers.md
rename to cpp/old-change-notes/2021-07-29-virtual-function-declaration-specifiers.md
diff --git a/cpp/change-notes/2021-08-10-has-trailing-return-type.md b/cpp/old-change-notes/2021-08-10-has-trailing-return-type.md
similarity index 100%
rename from cpp/change-notes/2021-08-10-has-trailing-return-type.md
rename to cpp/old-change-notes/2021-08-10-has-trailing-return-type.md
diff --git a/cpp/change-notes/2021-08-17-has-c-linkage.md b/cpp/old-change-notes/2021-08-17-has-c-linkage.md
similarity index 100%
rename from cpp/change-notes/2021-08-17-has-c-linkage.md
rename to cpp/old-change-notes/2021-08-17-has-c-linkage.md
diff --git a/cpp/change-notes/2021-08-23-ctime-weaken-claims.md b/cpp/old-change-notes/2021-08-23-ctime-weaken-claims.md
similarity index 100%
rename from cpp/change-notes/2021-08-23-ctime-weaken-claims.md
rename to cpp/old-change-notes/2021-08-23-ctime-weaken-claims.md
diff --git a/cpp/change-notes/2021-08-23-getPrimaryQlClasses.md b/cpp/old-change-notes/2021-08-23-getPrimaryQlClasses.md
similarity index 100%
rename from cpp/change-notes/2021-08-23-getPrimaryQlClasses.md
rename to cpp/old-change-notes/2021-08-23-getPrimaryQlClasses.md
diff --git a/cpp/change-notes/2021-08-24-implicit-downcast-from-bitfield.md b/cpp/old-change-notes/2021-08-24-implicit-downcast-from-bitfield.md
similarity index 100%
rename from cpp/change-notes/2021-08-24-implicit-downcast-from-bitfield.md
rename to cpp/old-change-notes/2021-08-24-implicit-downcast-from-bitfield.md
diff --git a/cpp/change-notes/2021-08-31-range-analysis-upper-bound.md b/cpp/old-change-notes/2021-08-31-range-analysis-upper-bound.md
similarity index 100%
rename from cpp/change-notes/2021-08-31-range-analysis-upper-bound.md
rename to cpp/old-change-notes/2021-08-31-range-analysis-upper-bound.md
diff --git a/cpp/change-notes/2021-09-13-overflow-static.md b/cpp/old-change-notes/2021-09-13-overflow-static.md
similarity index 100%
rename from cpp/change-notes/2021-09-13-overflow-static.md
rename to cpp/old-change-notes/2021-09-13-overflow-static.md
diff --git a/cpp/change-notes/2021-09-27-command-line-injection.md b/cpp/old-change-notes/2021-09-27-command-line-injection.md
similarity index 100%
rename from cpp/change-notes/2021-09-27-command-line-injection.md
rename to cpp/old-change-notes/2021-09-27-command-line-injection.md
diff --git a/cpp/change-notes/2021-09-27-overflow-static.md b/cpp/old-change-notes/2021-09-27-overflow-static.md
similarity index 100%
rename from cpp/change-notes/2021-09-27-overflow-static.md
rename to cpp/old-change-notes/2021-09-27-overflow-static.md
diff --git a/cpp/change-notes/2021-10-01-improper-null-termination.md b/cpp/old-change-notes/2021-10-01-improper-null-termination.md
similarity index 100%
rename from cpp/change-notes/2021-10-01-improper-null-termination.md
rename to cpp/old-change-notes/2021-10-01-improper-null-termination.md
diff --git a/cpp/change-notes/2021-10-07-cleartext-transmission.md b/cpp/old-change-notes/2021-10-07-cleartext-transmission.md
similarity index 100%
rename from cpp/change-notes/2021-10-07-cleartext-transmission.md
rename to cpp/old-change-notes/2021-10-07-cleartext-transmission.md
diff --git a/cpp/change-notes/2021-10-07-extraction-errors.md b/cpp/old-change-notes/2021-10-07-extraction-errors.md
similarity index 100%
rename from cpp/change-notes/2021-10-07-extraction-errors.md
rename to cpp/old-change-notes/2021-10-07-extraction-errors.md
diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md
index 3b8fc34bb3f..b61316a853d 100644
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,5 @@
+## 0.0.5
+
 ## 0.0.4
 
 ### New Features
diff --git a/cpp/ql/lib/change-notes/released/0.0.5.md b/cpp/ql/lib/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/cpp/ql/lib/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml
index 95a9da48aa6..aea7c0c875f 100644
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md
index 09ad248a4f9..f56b07d8086 100644
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,10 @@
+## 0.0.5
+
+### New Queries
+
+* A new query `cpp/certificate-not-checked` has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.
+* A new query `cpp/certificate-result-conflation` has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.
+
 ## 0.0.4
 
 ### New Queries
diff --git a/cpp/ql/src/change-notes/released/0.0.5.md b/cpp/ql/src/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..d69c30f28a4
--- /dev/null
+++ b/cpp/ql/src/change-notes/released/0.0.5.md
@@ -0,0 +1,6 @@
+## 0.0.5
+
+### New Queries
+
+* A new query `cpp/certificate-not-checked` has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.
+* A new query `cpp/certificate-result-conflation` has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.
diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.cpp b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.cpp
new file mode 100644
index 00000000000..03f735911b3
--- /dev/null
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.cpp
@@ -0,0 +1,16 @@
+...
+  umask(0); // BAD
+...
+  maskOut = S_IRWXG | S_IRWXO;
+  umask(maskOut); // GOOD
+  ...
+  fchmod(fileno(fp), 0555 - maskOut); // BAD 
+  ...
+  fchmod(fileno(fp), 0555 & ~maskOut); // GOOD
+...
+  umask(0666);
+  chmod(pathname, 0666); // BAD
+...
+  umask(0022);
+  chmod(pathname, 0666); // GOOD
+...
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.qhelp b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.qhelp
new file mode 100644
index 00000000000..530f6764294
--- /dev/null
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.qhelp
@@ -0,0 +1,23 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+<overview>
+<p>Finding  for function calls that set file permissions that may have errors in use. Incorrect arithmetic for calculating the resolution mask, using the same mask in opposite functions, using a mask that is too wide.</p>
+
+</overview>
+
+<example>
+<p>The following example demonstrates erroneous and fixed ways to use functions.</p>
+<sample src="IncorrectPrivilegeAssignment.cpp" />
+
+</example>
+<references>
+
+<li>
+  CERT C Coding Standard:
+  <a href="https://wiki.sei.cmu.edu/confluence/display/c/FIO06-C.+Create+files+with+appropriate+access+permissions">FIO06-C. Create files with appropriate access permissions</a>.
+</li>
+
+</references>
+</qhelp>
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
new file mode 100644
index 00000000000..72c7f359b47
--- /dev/null
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
@@ -0,0 +1,87 @@
+/**
+ * @name Find the wrong use of the umask function.
+ * @description Incorrectly evaluated argument to the umask function may have security implications.
+ * @kind problem
+ * @id cpp/wrong-use-of-the-umask
+ * @problem.severity warning
+ * @precision medium
+ * @tags correctness
+ *       maintainability
+ *       security
+ *       external/cwe/cwe-266
+ *       external/cwe/cwe-264
+ *       external/cwe/cwe-200
+ *       external/cwe/cwe-560
+ *       external/cwe/cwe-687
+ */
+
+import cpp
+import semmle.code.cpp.exprs.BitwiseOperation
+import semmle.code.cpp.valuenumbering.GlobalValueNumbering
+
+/**
+ * An expression that is either a `BinaryArithmeticOperation` or the result of one or more `BinaryBitwiseOperation`s on a `BinaryArithmeticOperation`. For example `1 | (2 + 3)`.
+ */
+class ContainsArithmetic extends Expr {
+  ContainsArithmetic() {
+    this instanceof BinaryArithmeticOperation
+    or
+    // recursive search into `Operation`s
+    this.(BinaryBitwiseOperation).getAnOperand() instanceof ContainsArithmetic
+  }
+}
+
+/** Holds for a function `f` that has an argument at index `apos` used to set file permissions. */
+predicate numberArgumentModFunctions(Function f, int apos) {
+  f.hasGlobalOrStdName("umask") and apos = 0
+  or
+  f.hasGlobalOrStdName("fchmod") and apos = 1
+  or
+  f.hasGlobalOrStdName("chmod") and apos = 1
+}
+
+from FunctionCall fc, string msg, FunctionCall fcsnd
+where
+  fc.getTarget().hasGlobalOrStdName("umask") and
+  fc.getArgument(0).getValue() = "0" and
+  not exists(FunctionCall fctmp |
+    fctmp.getTarget().hasGlobalOrStdName("umask") and
+    not fctmp.getArgument(0).getValue() = "0"
+  ) and
+  exists(FunctionCall fctmp |
+    (
+      fctmp.getTarget().hasGlobalOrStdName("fopen") or
+      fctmp.getTarget().hasGlobalOrStdName("open")
+    ) and
+    not fctmp.getArgument(1).getValue().matches("r%") and
+    fctmp.getNumberOfArguments() = 2 and
+    not fctmp.getArgument(0).getValue() = "/dev/null" and
+    fcsnd = fctmp
+  ) and
+  not exists(FunctionCall fctmp |
+    fctmp.getTarget().hasGlobalOrStdName("chmod") or
+    fctmp.getTarget().hasGlobalOrStdName("fchmod")
+  ) and
+  msg = "Using umask(0) may not be safe with call $@."
+  or
+  fc.getTarget().hasGlobalOrStdName("umask") and
+  exists(FunctionCall fctmp |
+    (
+      fctmp.getTarget().hasGlobalOrStdName("chmod") or
+      fctmp.getTarget().hasGlobalOrStdName("fchmod")
+    ) and
+    (
+      globalValueNumber(fc.getArgument(0)) = globalValueNumber(fctmp.getArgument(1)) and
+      fc.getArgument(0).getValue() != "0"
+    ) and
+    msg = "Not use equal argument in umask and $@ functions." and
+    fcsnd = fctmp
+  )
+  or
+  exists(ContainsArithmetic exptmp, int i |
+    numberArgumentModFunctions(fc.getTarget(), i) and
+    globalValueNumber(exptmp) = globalValueNumber(fc.getArgument(i)) and
+    msg = "Using arithmetic to compute the mask in $@ may not be safe." and
+    fcsnd = fc
+  )
+select fc, msg, fcsnd, fcsnd.getTarget().getName()
diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml
index 51761e13365..ad680689af7 100644
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: cpp
 dependencies:
     codeql/cpp-all: "*"
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.expected
new file mode 100644
index 00000000000..6ae8ddb32bc
--- /dev/null
+++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.expected
@@ -0,0 +1,2 @@
+| test.cpp:9:3:9:7 | call to umask | Not use equal argument in umask and $@ functions. | test.cpp:13:3:13:7 | call to chmod | chmod |
+| test.cpp:30:3:30:7 | call to chmod | Using arithmetic to compute the mask in $@ may not be safe. | test.cpp:30:3:30:7 | call to chmod | chmod |
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.qlref b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.qlref
new file mode 100644
index 00000000000..9012747f4ba
--- /dev/null
+++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/IncorrectPrivilegeAssignment.qlref
@@ -0,0 +1 @@
+experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/test.cpp
new file mode 100644
index 00000000000..57333e8f586
--- /dev/null
+++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-266/semmle/tests/test.cpp
@@ -0,0 +1,49 @@
+typedef int FILE;
+FILE *fopen(const char *filename, const char *mode);
+int umask(int pmode);
+int chmod(char * filename,int pmode);
+int fclose(FILE *stream);
+
+void funcTest1()
+{
+  umask(0666); // BAD
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0666);
+}
+void funcTest1g()
+{
+  umask(0022);
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0666); // GOOD
+}
+
+void funcTest2(int mode)
+{
+  umask(mode);
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0555-mode); // BAD
+}
+
+void funcTest2g(int mode)
+{
+  umask(mode);
+  FILE *fe;
+  fe = fopen("myFile.txt", "wt");
+  fclose(fe);
+  chmod("myFile.txt",0555&~mode); // GOOD
+}
+
+int main(int argc, char *argv[])
+{
+  funcTest1();
+  funcTest2(27);
+  funcTest1g();
+  funcTest2g(27);
+  return 0;
+}
diff --git a/cpp/upgrades/CHANGELOG.md b/cpp/upgrades/CHANGELOG.md
index 3268fefb272..05dbc9d5f4e 100644
--- a/cpp/upgrades/CHANGELOG.md
+++ b/cpp/upgrades/CHANGELOG.md
@@ -1 +1,3 @@
+## 0.0.5
+
 ## 0.0.4
diff --git a/cpp/upgrades/change-notes/released/0.0.5.md b/cpp/upgrades/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/cpp/upgrades/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/cpp/upgrades/codeql-pack.release.yml b/cpp/upgrades/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/cpp/upgrades/codeql-pack.release.yml
+++ b/cpp/upgrades/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/cpp/upgrades/qlpack.yml b/cpp/upgrades/qlpack.yml
index 38944dfdfc5..7ee852547d2 100644
--- a/cpp/upgrades/qlpack.yml
+++ b/cpp/upgrades/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-upgrades
 groups: cpp
 upgrades: .
-version: 0.0.5-dev
+version: 0.0.6-dev
 library: true
diff --git a/csharp/change-notes/2020-08-18-ast-viewer.md b/csharp/old-change-notes/2020-08-18-ast-viewer.md
similarity index 100%
rename from csharp/change-notes/2020-08-18-ast-viewer.md
rename to csharp/old-change-notes/2020-08-18-ast-viewer.md
diff --git a/csharp/change-notes/2020-08-18-partial-method-bodies.md b/csharp/old-change-notes/2020-08-18-partial-method-bodies.md
similarity index 100%
rename from csharp/change-notes/2020-08-18-partial-method-bodies.md
rename to csharp/old-change-notes/2020-08-18-partial-method-bodies.md
diff --git a/csharp/change-notes/2020-08-26-implicit-array-lengths.md b/csharp/old-change-notes/2020-08-26-implicit-array-lengths.md
similarity index 100%
rename from csharp/change-notes/2020-08-26-implicit-array-lengths.md
rename to csharp/old-change-notes/2020-08-26-implicit-array-lengths.md
diff --git a/csharp/change-notes/2020-09-02-assembly-insensitive-trap.md b/csharp/old-change-notes/2020-09-02-assembly-insensitive-trap.md
similarity index 100%
rename from csharp/change-notes/2020-09-02-assembly-insensitive-trap.md
rename to csharp/old-change-notes/2020-09-02-assembly-insensitive-trap.md
diff --git a/csharp/change-notes/2020-09-22-weak-encryption.md b/csharp/old-change-notes/2020-09-22-weak-encryption.md
similarity index 100%
rename from csharp/change-notes/2020-09-22-weak-encryption.md
rename to csharp/old-change-notes/2020-09-22-weak-encryption.md
diff --git a/csharp/change-notes/2020-10-21-AST-printing-improvements.md b/csharp/old-change-notes/2020-10-21-AST-printing-improvements.md
similarity index 100%
rename from csharp/change-notes/2020-10-21-AST-printing-improvements.md
rename to csharp/old-change-notes/2020-10-21-AST-printing-improvements.md
diff --git a/csharp/change-notes/2020-10-21-CodeAnalysis-attributes-in-assert.md b/csharp/old-change-notes/2020-10-21-CodeAnalysis-attributes-in-assert.md
similarity index 100%
rename from csharp/change-notes/2020-10-21-CodeAnalysis-attributes-in-assert.md
rename to csharp/old-change-notes/2020-10-21-CodeAnalysis-attributes-in-assert.md
diff --git a/csharp/change-notes/2020-10-21-rework-attribute-extraction.md b/csharp/old-change-notes/2020-10-21-rework-attribute-extraction.md
similarity index 100%
rename from csharp/change-notes/2020-10-21-rework-attribute-extraction.md
rename to csharp/old-change-notes/2020-10-21-rework-attribute-extraction.md
diff --git a/csharp/change-notes/2020-10-28-cil-to-string.md b/csharp/old-change-notes/2020-10-28-cil-to-string.md
similarity index 100%
rename from csharp/change-notes/2020-10-28-cil-to-string.md
rename to csharp/old-change-notes/2020-10-28-cil-to-string.md
diff --git a/csharp/change-notes/2020-11-05-get-sourcedeclaration-rename.md b/csharp/old-change-notes/2020-11-05-get-sourcedeclaration-rename.md
similarity index 100%
rename from csharp/change-notes/2020-11-05-get-sourcedeclaration-rename.md
rename to csharp/old-change-notes/2020-11-05-get-sourcedeclaration-rename.md
diff --git a/csharp/change-notes/2020-11-18-lambda-modifiers.md b/csharp/old-change-notes/2020-11-18-lambda-modifiers.md
similarity index 100%
rename from csharp/change-notes/2020-11-18-lambda-modifiers.md
rename to csharp/old-change-notes/2020-11-18-lambda-modifiers.md
diff --git a/csharp/change-notes/2020-11-18-local-function-attributable.md b/csharp/old-change-notes/2020-11-18-local-function-attributable.md
similarity index 100%
rename from csharp/change-notes/2020-11-18-local-function-attributable.md
rename to csharp/old-change-notes/2020-11-18-local-function-attributable.md
diff --git a/csharp/change-notes/2020-12-08-cil-enum-underlying-type.md b/csharp/old-change-notes/2020-12-08-cil-enum-underlying-type.md
similarity index 100%
rename from csharp/change-notes/2020-12-08-cil-enum-underlying-type.md
rename to csharp/old-change-notes/2020-12-08-cil-enum-underlying-type.md
diff --git a/csharp/change-notes/2020-12-17-format-method-empty-overload.md b/csharp/old-change-notes/2020-12-17-format-method-empty-overload.md
similarity index 100%
rename from csharp/change-notes/2020-12-17-format-method-empty-overload.md
rename to csharp/old-change-notes/2020-12-17-format-method-empty-overload.md
diff --git a/csharp/change-notes/2020-12-18-extract-custom-modifiers.md b/csharp/old-change-notes/2020-12-18-extract-custom-modifiers.md
similarity index 100%
rename from csharp/change-notes/2020-12-18-extract-custom-modifiers.md
rename to csharp/old-change-notes/2020-12-18-extract-custom-modifiers.md
diff --git a/csharp/change-notes/2020-12-21-merge-format-queries.md b/csharp/old-change-notes/2020-12-21-merge-format-queries.md
similarity index 100%
rename from csharp/change-notes/2020-12-21-merge-format-queries.md
rename to csharp/old-change-notes/2020-12-21-merge-format-queries.md
diff --git a/csharp/change-notes/2021-01-14-Unary-pattern.md b/csharp/old-change-notes/2021-01-14-Unary-pattern.md
similarity index 100%
rename from csharp/change-notes/2021-01-14-Unary-pattern.md
rename to csharp/old-change-notes/2021-01-14-Unary-pattern.md
diff --git a/csharp/change-notes/2021-01-15-Relational-pattern.md b/csharp/old-change-notes/2021-01-15-Relational-pattern.md
similarity index 100%
rename from csharp/change-notes/2021-01-15-Relational-pattern.md
rename to csharp/old-change-notes/2021-01-15-Relational-pattern.md
diff --git a/csharp/change-notes/2021-01-19-Function-pointer.md b/csharp/old-change-notes/2021-01-19-Function-pointer.md
similarity index 100%
rename from csharp/change-notes/2021-01-19-Function-pointer.md
rename to csharp/old-change-notes/2021-01-19-Function-pointer.md
diff --git a/csharp/change-notes/2021-01-25-Function-pointer-cil.md b/csharp/old-change-notes/2021-01-25-Function-pointer-cil.md
similarity index 100%
rename from csharp/change-notes/2021-01-25-Function-pointer-cil.md
rename to csharp/old-change-notes/2021-01-25-Function-pointer-cil.md
diff --git a/csharp/change-notes/2021-01-27-Add-binary-pattern.md b/csharp/old-change-notes/2021-01-27-Add-binary-pattern.md
similarity index 100%
rename from csharp/change-notes/2021-01-27-Add-binary-pattern.md
rename to csharp/old-change-notes/2021-01-27-Add-binary-pattern.md
diff --git a/csharp/change-notes/2021-02-01-Preprocessor-directives.md b/csharp/old-change-notes/2021-02-01-Preprocessor-directives.md
similarity index 100%
rename from csharp/change-notes/2021-02-01-Preprocessor-directives.md
rename to csharp/old-change-notes/2021-02-01-Preprocessor-directives.md
diff --git a/csharp/change-notes/2021-02-02-foreach-underlying-methods.md b/csharp/old-change-notes/2021-02-02-foreach-underlying-methods.md
similarity index 100%
rename from csharp/change-notes/2021-02-02-foreach-underlying-methods.md
rename to csharp/old-change-notes/2021-02-02-foreach-underlying-methods.md
diff --git a/csharp/change-notes/2021-02-04-Records.md b/csharp/old-change-notes/2021-02-04-Records.md
similarity index 100%
rename from csharp/change-notes/2021-02-04-Records.md
rename to csharp/old-change-notes/2021-02-04-Records.md
diff --git a/csharp/change-notes/2021-02-12-with-expression.md b/csharp/old-change-notes/2021-02-12-with-expression.md
similarity index 100%
rename from csharp/change-notes/2021-02-12-with-expression.md
rename to csharp/old-change-notes/2021-02-12-with-expression.md
diff --git a/csharp/change-notes/2021-02-26-tuple-dataflow.md b/csharp/old-change-notes/2021-02-26-tuple-dataflow.md
similarity index 100%
rename from csharp/change-notes/2021-02-26-tuple-dataflow.md
rename to csharp/old-change-notes/2021-02-26-tuple-dataflow.md
diff --git a/csharp/change-notes/2021-03-01-fluent-interface-data-flow.md b/csharp/old-change-notes/2021-03-01-fluent-interface-data-flow.md
similarity index 100%
rename from csharp/change-notes/2021-03-01-fluent-interface-data-flow.md
rename to csharp/old-change-notes/2021-03-01-fluent-interface-data-flow.md
diff --git a/csharp/change-notes/2021-03-02-dotnet5.md b/csharp/old-change-notes/2021-03-02-dotnet5.md
similarity index 100%
rename from csharp/change-notes/2021-03-02-dotnet5.md
rename to csharp/old-change-notes/2021-03-02-dotnet5.md
diff --git a/csharp/change-notes/2021-03-24-cil-ssa.md b/csharp/old-change-notes/2021-03-24-cil-ssa.md
similarity index 100%
rename from csharp/change-notes/2021-03-24-cil-ssa.md
rename to csharp/old-change-notes/2021-03-24-cil-ssa.md
diff --git a/csharp/change-notes/2021-03-24-remove-legacy-queries.md b/csharp/old-change-notes/2021-03-24-remove-legacy-queries.md
similarity index 100%
rename from csharp/change-notes/2021-03-24-remove-legacy-queries.md
rename to csharp/old-change-notes/2021-03-24-remove-legacy-queries.md
diff --git a/csharp/change-notes/2021-03-24-remove-vuln-package-query.md b/csharp/old-change-notes/2021-03-24-remove-vuln-package-query.md
similarity index 100%
rename from csharp/change-notes/2021-03-24-remove-vuln-package-query.md
rename to csharp/old-change-notes/2021-03-24-remove-vuln-package-query.md
diff --git a/csharp/change-notes/2021-04-09-dapper-support.md b/csharp/old-change-notes/2021-04-09-dapper-support.md
similarity index 100%
rename from csharp/change-notes/2021-04-09-dapper-support.md
rename to csharp/old-change-notes/2021-04-09-dapper-support.md
diff --git a/csharp/change-notes/2021-04-09-default-argument-values.md b/csharp/old-change-notes/2021-04-09-default-argument-values.md
similarity index 100%
rename from csharp/change-notes/2021-04-09-default-argument-values.md
rename to csharp/old-change-notes/2021-04-09-default-argument-values.md
diff --git a/csharp/change-notes/2021-04-14-customizations.md b/csharp/old-change-notes/2021-04-14-customizations.md
similarity index 100%
rename from csharp/change-notes/2021-04-14-customizations.md
rename to csharp/old-change-notes/2021-04-14-customizations.md
diff --git a/csharp/change-notes/2021-04-22-console-read-local-source.md b/csharp/old-change-notes/2021-04-22-console-read-local-source.md
similarity index 100%
rename from csharp/change-notes/2021-04-22-console-read-local-source.md
rename to csharp/old-change-notes/2021-04-22-console-read-local-source.md
diff --git a/csharp/change-notes/2021-04-23-model-error-extraction.md b/csharp/old-change-notes/2021-04-23-model-error-extraction.md
similarity index 100%
rename from csharp/change-notes/2021-04-23-model-error-extraction.md
rename to csharp/old-change-notes/2021-04-23-model-error-extraction.md
diff --git a/csharp/change-notes/2021-04-26-string-builder-summaries.md b/csharp/old-change-notes/2021-04-26-string-builder-summaries.md
similarity index 100%
rename from csharp/change-notes/2021-04-26-string-builder-summaries.md
rename to csharp/old-change-notes/2021-04-26-string-builder-summaries.md
diff --git a/csharp/change-notes/2021-05-03-implicit-constructor-init.md b/csharp/old-change-notes/2021-05-03-implicit-constructor-init.md
similarity index 100%
rename from csharp/change-notes/2021-05-03-implicit-constructor-init.md
rename to csharp/old-change-notes/2021-05-03-implicit-constructor-init.md
diff --git a/csharp/change-notes/2021-06-04-tuple-members.md b/csharp/old-change-notes/2021-06-04-tuple-members.md
similarity index 100%
rename from csharp/change-notes/2021-06-04-tuple-members.md
rename to csharp/old-change-notes/2021-06-04-tuple-members.md
diff --git a/csharp/change-notes/2021-06-15-effective-visibility.md b/csharp/old-change-notes/2021-06-15-effective-visibility.md
similarity index 100%
rename from csharp/change-notes/2021-06-15-effective-visibility.md
rename to csharp/old-change-notes/2021-06-15-effective-visibility.md
diff --git a/csharp/change-notes/2021-06-15-unsafe-non-source-code.md b/csharp/old-change-notes/2021-06-15-unsafe-non-source-code.md
similarity index 100%
rename from csharp/change-notes/2021-06-15-unsafe-non-source-code.md
rename to csharp/old-change-notes/2021-06-15-unsafe-non-source-code.md
diff --git a/csharp/change-notes/2021-06-16-qualified-names.md b/csharp/old-change-notes/2021-06-16-qualified-names.md
similarity index 100%
rename from csharp/change-notes/2021-06-16-qualified-names.md
rename to csharp/old-change-notes/2021-06-16-qualified-names.md
diff --git a/csharp/change-notes/2021-06-24-dataflow-implicit-reads.md b/csharp/old-change-notes/2021-06-24-dataflow-implicit-reads.md
similarity index 100%
rename from csharp/change-notes/2021-06-24-dataflow-implicit-reads.md
rename to csharp/old-change-notes/2021-06-24-dataflow-implicit-reads.md
diff --git a/csharp/change-notes/2021-08-05-insecure-randomness.md b/csharp/old-change-notes/2021-08-05-insecure-randomness.md
similarity index 100%
rename from csharp/change-notes/2021-08-05-insecure-randomness.md
rename to csharp/old-change-notes/2021-08-05-insecure-randomness.md
diff --git a/csharp/change-notes/2021-08-17-callable-qualified-names.md b/csharp/old-change-notes/2021-08-17-callable-qualified-names.md
similarity index 100%
rename from csharp/change-notes/2021-08-17-callable-qualified-names.md
rename to csharp/old-change-notes/2021-08-17-callable-qualified-names.md
diff --git a/csharp/change-notes/2021-08-23-getPrimaryQlClasses.md b/csharp/old-change-notes/2021-08-23-getPrimaryQlClasses.md
similarity index 100%
rename from csharp/change-notes/2021-08-23-getPrimaryQlClasses.md
rename to csharp/old-change-notes/2021-08-23-getPrimaryQlClasses.md
diff --git a/csharp/change-notes/2021-09-09-service-stack-support.md b/csharp/old-change-notes/2021-09-09-service-stack-support.md
similarity index 100%
rename from csharp/change-notes/2021-09-09-service-stack-support.md
rename to csharp/old-change-notes/2021-09-09-service-stack-support.md
diff --git a/csharp/change-notes/2021-10-04-constand-condition.md b/csharp/old-change-notes/2021-10-04-constand-condition.md
similarity index 100%
rename from csharp/change-notes/2021-10-04-constand-condition.md
rename to csharp/old-change-notes/2021-10-04-constand-condition.md
diff --git a/csharp/change-notes/2021-10-04-dead-store-of-local.md b/csharp/old-change-notes/2021-10-04-dead-store-of-local.md
similarity index 100%
rename from csharp/change-notes/2021-10-04-dead-store-of-local.md
rename to csharp/old-change-notes/2021-10-04-dead-store-of-local.md
diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md
index 3268fefb272..05dbc9d5f4e 100644
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@@ -1 +1,3 @@
+## 0.0.5
+
 ## 0.0.4
diff --git a/csharp/ql/lib/change-notes/released/0.0.5.md b/csharp/ql/lib/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/csharp/ql/lib/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml
index 55e707fb2f5..5ec9cd49b76 100644
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll
index 4fc6ed468b5..a266e602ec9 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll
@@ -478,25 +478,6 @@ class SystemTextStringBuilderFlow extends LibraryTypeDataFlow, SystemTextStringB
 class IEnumerableFlow extends LibraryTypeDataFlow, RefType {
   IEnumerableFlow() { this.getABaseType*() instanceof SystemCollectionsIEnumerableInterface }
 
-  override predicate callableFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    SourceDeclarationCallable c, boolean preservesValue
-  ) {
-    preservesValue = true and
-    exists(string name, int arity |
-      arity = c.getNumberOfParameters() and
-      c = this.getAMethod() and
-      c.getUndecoratedName() = name
-    |
-      name = "Add" and
-      arity = 1 and
-      source = TCallableFlowSourceArg(0) and
-      sourceAp = AccessPath::empty() and
-      sink instanceof CallableFlowSinkQualifier and
-      sinkAp = AccessPath::element()
-    )
-  }
-
   override predicate clearsContent(
     CallableFlowSource source, Content content, SourceDeclarationCallable callable
   ) {
diff --git a/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll b/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
index 509bdfb5e04..1fbba72f864 100644
--- a/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
@@ -233,18 +233,23 @@ private module Internal {
   }
 
   pragma[noinline]
-  private predicate hasOverrider(OverridableCallable oc, Gvn::GvnType t) {
+  private predicate hasOverrider(Gvn::GvnType t, OverridableCallable oc) {
     exists(oc.getAnOverrider(any(ValueOrRefType t0 | Gvn::getGlobalValueNumber(t0) = t)))
   }
 
   pragma[noinline]
-  private predicate hasCallable(OverridableCallable source, Gvn::GvnType t, OverridableCallable c) {
+  private predicate hasCallable0(Gvn::GvnType t, OverridableCallable c, OverridableCallable source) {
     c.getUnboundDeclaration() = source and
     any(ValueOrRefType t0 | Gvn::getGlobalValueNumber(t0) = t).hasCallable(c) and
-    hasOverrider(c, t) and
     source = any(DispatchMethodOrAccessorCall call).getAStaticTargetExt()
   }
 
+  pragma[noinline]
+  private predicate hasCallable(Gvn::GvnType t, OverridableCallable c, OverridableCallable source) {
+    hasCallable0(t, c, source) and
+    hasOverrider(t, c)
+  }
+
   abstract private class DispatchMethodOrAccessorCall extends DispatchCallImpl {
     pragma[noinline]
     OverridableCallable getAStaticTargetExt() {
@@ -260,7 +265,7 @@ private module Internal {
 
     pragma[noinline]
     private predicate hasSubsumedQualifierType(Gvn::GvnType t) {
-      hasOverrider(_, t) and
+      hasOverrider(t, _) and
       exists(Type t0 |
         t0 = getAPossibleType(this.getQualifier(), false) and
         not t0 instanceof TypeParameter
@@ -287,7 +292,7 @@ private module Internal {
     pragma[nomagic]
     predicate hasSubsumedQualifierTypeOverridden(Gvn::GvnType t, OverridableCallable c) {
       this.hasSubsumedQualifierType(t) and
-      hasCallable(any(OverridableCallable oc | oc = this.getAStaticTargetExt()), t, c)
+      hasCallable(t, c, any(OverridableCallable oc | oc = this.getAStaticTargetExt()))
     }
 
     /**
@@ -553,7 +558,7 @@ private module Internal {
 
     pragma[nomagic]
     private predicate contextArgHasSubsumedType(DispatchCall ctx, Gvn::GvnType t) {
-      hasOverrider(_, t) and
+      hasOverrider(t, _) and
       exists(Gvn::GvnType t0 | this.contextArgHasNonTypeParameterType(ctx, t0) |
         t = t0
         or
diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md
index 3268fefb272..05dbc9d5f4e 100644
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@@ -1 +1,3 @@
+## 0.0.5
+
 ## 0.0.4
diff --git a/csharp/ql/src/Language Abuse/ForeachCapture.ql b/csharp/ql/src/Language Abuse/ForeachCapture.ql
index 47c1c79ef3f..7bef3bc3405 100644
--- a/csharp/ql/src/Language Abuse/ForeachCapture.ql	
+++ b/csharp/ql/src/Language Abuse/ForeachCapture.ql	
@@ -12,7 +12,8 @@
  */
 
 import csharp
-import semmle.code.csharp.dataflow.LibraryTypeDataFlow
+import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
+import semmle.code.csharp.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 import semmle.code.csharp.frameworks.system.Collections
 import semmle.code.csharp.frameworks.system.collections.Generic
 
@@ -74,14 +75,9 @@ Element getAssignmentTarget(Expr e) {
 
 Element getCollectionAssignmentTarget(Expr e) {
   // Store into collection via method
-  exists(
-    MethodCall mc, Method m, LibraryTypeDataFlow ltdf, CallableFlowSource source,
-    CallableFlowSink sink
-  |
-    m = mc.getTarget().getUnboundDeclaration() and
-    ltdf.callableFlow(source, AccessPath::empty(), sink, AccessPath::element(), m, _) and
-    e = source.getSource(mc) and
-    result.(Variable).getAnAccess() = sink.getSink(mc)
+  exists(DataFlowPrivate::PostUpdateNode postNode |
+    FlowSummaryImpl::Private::Steps::summarySetterStep(DataFlow::exprNode(e), _, postNode) and
+    result.(Variable).getAnAccess() = postNode.getPreUpdateNode().asExpr()
   )
   or
   // Array initializer
diff --git a/csharp/ql/src/change-notes/released/0.0.5.md b/csharp/ql/src/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/csharp/ql/src/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml
index f928d2d09ef..a6a9e038f4e 100644
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: csharp
 suites: codeql-suites
 extractor: csharp
diff --git a/csharp/upgrades/CHANGELOG.md b/csharp/upgrades/CHANGELOG.md
index 3268fefb272..05dbc9d5f4e 100644
--- a/csharp/upgrades/CHANGELOG.md
+++ b/csharp/upgrades/CHANGELOG.md
@@ -1 +1,3 @@
+## 0.0.5
+
 ## 0.0.4
diff --git a/csharp/upgrades/change-notes/released/0.0.5.md b/csharp/upgrades/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/csharp/upgrades/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/csharp/upgrades/codeql-pack.release.yml b/csharp/upgrades/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/csharp/upgrades/codeql-pack.release.yml
+++ b/csharp/upgrades/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/csharp/upgrades/qlpack.yml b/csharp/upgrades/qlpack.yml
index 6e6379211b1..1c200ce647c 100644
--- a/csharp/upgrades/qlpack.yml
+++ b/csharp/upgrades/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-upgrades
 groups: csharp
-version: 0.0.5-dev
+version: 0.0.6-dev
 upgrades: .
 library: true
diff --git a/java/change-notes/2021-11-15-overrides.md b/java/change-notes/2021-11-15-overrides.md
deleted file mode 100644
index 24ecad0c48b..00000000000
--- a/java/change-notes/2021-11-15-overrides.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`.
diff --git a/java/change-notes/2021-11-25-surrogate-char-literals.md b/java/change-notes/2021-11-25-surrogate-char-literals.md
deleted file mode 100644
index b305bd332a1..00000000000
--- a/java/change-notes/2021-11-25-surrogate-char-literals.md
+++ /dev/null
@@ -1,3 +0,0 @@
-lgtm,codescanning
-* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
-* The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals.
diff --git a/java/change-notes/2020-05-21-mongodb-sql-injection-sinks.md b/java/old-change-notes/2020-05-21-mongodb-sql-injection-sinks.md
similarity index 100%
rename from java/change-notes/2020-05-21-mongodb-sql-injection-sinks.md
rename to java/old-change-notes/2020-05-21-mongodb-sql-injection-sinks.md
diff --git a/java/change-notes/2020-05-21-websocket-taintsource.md b/java/old-change-notes/2020-05-21-websocket-taintsource.md
similarity index 100%
rename from java/change-notes/2020-05-21-websocket-taintsource.md
rename to java/old-change-notes/2020-05-21-websocket-taintsource.md
diff --git a/java/change-notes/2020-06-30-jooq-sql-injection-sinks.md b/java/old-change-notes/2020-06-30-jooq-sql-injection-sinks.md
similarity index 100%
rename from java/change-notes/2020-06-30-jooq-sql-injection-sinks.md
rename to java/old-change-notes/2020-06-30-jooq-sql-injection-sinks.md
diff --git a/java/change-notes/2020-07-03-more-pathcreations.md b/java/old-change-notes/2020-07-03-more-pathcreations.md
similarity index 100%
rename from java/change-notes/2020-07-03-more-pathcreations.md
rename to java/old-change-notes/2020-07-03-more-pathcreations.md
diff --git a/java/change-notes/2020-07-09-untrusted-data-to-external-api.md b/java/old-change-notes/2020-07-09-untrusted-data-to-external-api.md
similarity index 100%
rename from java/change-notes/2020-07-09-untrusted-data-to-external-api.md
rename to java/old-change-notes/2020-07-09-untrusted-data-to-external-api.md
diff --git a/java/change-notes/2020-07-13-stacktraceexposure-fp-fix.md b/java/old-change-notes/2020-07-13-stacktraceexposure-fp-fix.md
similarity index 100%
rename from java/change-notes/2020-07-13-stacktraceexposure-fp-fix.md
rename to java/old-change-notes/2020-07-13-stacktraceexposure-fp-fix.md
diff --git a/java/change-notes/2020-08-11-printwriter-format-xss-sink.md b/java/old-change-notes/2020-08-11-printwriter-format-xss-sink.md
similarity index 100%
rename from java/change-notes/2020-08-11-printwriter-format-xss-sink.md
rename to java/old-change-notes/2020-08-11-printwriter-format-xss-sink.md
diff --git a/java/change-notes/2020-08-14-dataflow-dispatch-instance-arg-ctx.md b/java/old-change-notes/2020-08-14-dataflow-dispatch-instance-arg-ctx.md
similarity index 100%
rename from java/change-notes/2020-08-14-dataflow-dispatch-instance-arg-ctx.md
rename to java/old-change-notes/2020-08-14-dataflow-dispatch-instance-arg-ctx.md
diff --git a/java/change-notes/2020-08-17-string-formatted.md b/java/old-change-notes/2020-08-17-string-formatted.md
similarity index 100%
rename from java/change-notes/2020-08-17-string-formatted.md
rename to java/old-change-notes/2020-08-17-string-formatted.md
diff --git a/java/change-notes/2020-08-24-records-flow.md b/java/old-change-notes/2020-08-24-records-flow.md
similarity index 100%
rename from java/change-notes/2020-08-24-records-flow.md
rename to java/old-change-notes/2020-08-24-records-flow.md
diff --git a/java/change-notes/2020-08-31-extensible-security-queries.md b/java/old-change-notes/2020-08-31-extensible-security-queries.md
similarity index 100%
rename from java/change-notes/2020-08-31-extensible-security-queries.md
rename to java/old-change-notes/2020-08-31-extensible-security-queries.md
diff --git a/java/change-notes/2020-09-08-blockstmt.md b/java/old-change-notes/2020-09-08-blockstmt.md
similarity index 100%
rename from java/change-notes/2020-09-08-blockstmt.md
rename to java/old-change-notes/2020-09-08-blockstmt.md
diff --git a/java/change-notes/2020-09-17-exectainted-array.md b/java/old-change-notes/2020-09-17-exectainted-array.md
similarity index 100%
rename from java/change-notes/2020-09-17-exectainted-array.md
rename to java/old-change-notes/2020-09-17-exectainted-array.md
diff --git a/java/change-notes/2020-09-21-jhipster-gen-prng-query.md b/java/old-change-notes/2020-09-21-jhipster-gen-prng-query.md
similarity index 100%
rename from java/change-notes/2020-09-21-jhipster-gen-prng-query.md
rename to java/old-change-notes/2020-09-21-jhipster-gen-prng-query.md
diff --git a/java/change-notes/2020-09-22-hibernate-sql-sinks.md b/java/old-change-notes/2020-09-22-hibernate-sql-sinks.md
similarity index 100%
rename from java/change-notes/2020-09-22-hibernate-sql-sinks.md
rename to java/old-change-notes/2020-09-22-hibernate-sql-sinks.md
diff --git a/java/change-notes/2020-09-23-spring-multipart-request-sources.md b/java/old-change-notes/2020-09-23-spring-multipart-request-sources.md
similarity index 100%
rename from java/change-notes/2020-09-23-spring-multipart-request-sources.md
rename to java/old-change-notes/2020-09-23-spring-multipart-request-sources.md
diff --git a/java/change-notes/2020-10-03-android-intent-taintsource.md b/java/old-change-notes/2020-10-03-android-intent-taintsource.md
similarity index 100%
rename from java/change-notes/2020-10-03-android-intent-taintsource.md
rename to java/old-change-notes/2020-10-03-android-intent-taintsource.md
diff --git a/java/change-notes/2020-10-07-fastjson-deserialization-sink.md b/java/old-change-notes/2020-10-07-fastjson-deserialization-sink.md
similarity index 100%
rename from java/change-notes/2020-10-07-fastjson-deserialization-sink.md
rename to java/old-change-notes/2020-10-07-fastjson-deserialization-sink.md
diff --git a/java/change-notes/2020-10-16-guava-flow-steps.md b/java/old-change-notes/2020-10-16-guava-flow-steps.md
similarity index 100%
rename from java/change-notes/2020-10-16-guava-flow-steps.md
rename to java/old-change-notes/2020-10-16-guava-flow-steps.md
diff --git a/java/change-notes/2020-10-27-insecure-bean-validation.md b/java/old-change-notes/2020-10-27-insecure-bean-validation.md
similarity index 100%
rename from java/change-notes/2020-10-27-insecure-bean-validation.md
rename to java/old-change-notes/2020-10-27-insecure-bean-validation.md
diff --git a/java/change-notes/2020-11-04-commonslang-unsafe-deserialization-sinks.md b/java/old-change-notes/2020-11-04-commonslang-unsafe-deserialization-sinks.md
similarity index 100%
rename from java/change-notes/2020-11-04-commonslang-unsafe-deserialization-sinks.md
rename to java/old-change-notes/2020-11-04-commonslang-unsafe-deserialization-sinks.md
diff --git a/java/change-notes/2020-12-09-xxe-fp-fix.md b/java/old-change-notes/2020-12-09-xxe-fp-fix.md
similarity index 100%
rename from java/change-notes/2020-12-09-xxe-fp-fix.md
rename to java/old-change-notes/2020-12-09-xxe-fp-fix.md
diff --git a/java/change-notes/2021-01-12-unsafe-hostname-verification.md b/java/old-change-notes/2021-01-12-unsafe-hostname-verification.md
similarity index 100%
rename from java/change-notes/2021-01-12-unsafe-hostname-verification.md
rename to java/old-change-notes/2021-01-12-unsafe-hostname-verification.md
diff --git a/java/change-notes/2021-01-14-java-15-support.md b/java/old-change-notes/2021-01-14-java-15-support.md
similarity index 100%
rename from java/change-notes/2021-01-14-java-15-support.md
rename to java/old-change-notes/2021-01-14-java-15-support.md
diff --git a/java/change-notes/2021-01-19-struts-xml-extraction.md b/java/old-change-notes/2021-01-19-struts-xml-extraction.md
similarity index 100%
rename from java/change-notes/2021-01-19-struts-xml-extraction.md
rename to java/old-change-notes/2021-01-19-struts-xml-extraction.md
diff --git a/java/change-notes/2021-02-09-commons-string-utils.md b/java/old-change-notes/2021-02-09-commons-string-utils.md
similarity index 100%
rename from java/change-notes/2021-02-09-commons-string-utils.md
rename to java/old-change-notes/2021-02-09-commons-string-utils.md
diff --git a/java/change-notes/2021-02-15-commons-array-utils.md b/java/old-change-notes/2021-02-15-commons-array-utils.md
similarity index 100%
rename from java/change-notes/2021-02-15-commons-array-utils.md
rename to java/old-change-notes/2021-02-15-commons-array-utils.md
diff --git a/java/change-notes/2021-02-15-snakeyaml-fn-fix.md b/java/old-change-notes/2021-02-15-snakeyaml-fn-fix.md
similarity index 100%
rename from java/change-notes/2021-02-15-snakeyaml-fn-fix.md
rename to java/old-change-notes/2021-02-15-snakeyaml-fn-fix.md
diff --git a/java/change-notes/2021-02-17-apache-http.md b/java/old-change-notes/2021-02-17-apache-http.md
similarity index 100%
rename from java/change-notes/2021-02-17-apache-http.md
rename to java/old-change-notes/2021-02-17-apache-http.md
diff --git a/java/change-notes/2021-02-23-deprecated-jcenter-bintray.md b/java/old-change-notes/2021-02-23-deprecated-jcenter-bintray.md
similarity index 100%
rename from java/change-notes/2021-02-23-deprecated-jcenter-bintray.md
rename to java/old-change-notes/2021-02-23-deprecated-jcenter-bintray.md
diff --git a/java/change-notes/2021-03-01-fluent-interface-data-flow.md b/java/old-change-notes/2021-03-01-fluent-interface-data-flow.md
similarity index 100%
rename from java/change-notes/2021-03-01-fluent-interface-data-flow.md
rename to java/old-change-notes/2021-03-01-fluent-interface-data-flow.md
diff --git a/java/change-notes/2021-03-02-apache-text-misc.md b/java/old-change-notes/2021-03-02-apache-text-misc.md
similarity index 100%
rename from java/change-notes/2021-03-02-apache-text-misc.md
rename to java/old-change-notes/2021-03-02-apache-text-misc.md
diff --git a/java/change-notes/2021-03-02-guava-io.md b/java/old-change-notes/2021-03-02-guava-io.md
similarity index 100%
rename from java/change-notes/2021-03-02-guava-io.md
rename to java/old-change-notes/2021-03-02-guava-io.md
diff --git a/java/change-notes/2021-03-05-commons-lang-randomutils.md b/java/old-change-notes/2021-03-05-commons-lang-randomutils.md
similarity index 100%
rename from java/change-notes/2021-03-05-commons-lang-randomutils.md
rename to java/old-change-notes/2021-03-05-commons-lang-randomutils.md
diff --git a/java/change-notes/2021-03-05-commons-object-utils.md b/java/old-change-notes/2021-03-05-commons-object-utils.md
similarity index 100%
rename from java/change-notes/2021-03-05-commons-object-utils.md
rename to java/old-change-notes/2021-03-05-commons-object-utils.md
diff --git a/java/change-notes/2021-03-05-play-framework.md b/java/old-change-notes/2021-03-05-play-framework.md
similarity index 100%
rename from java/change-notes/2021-03-05-play-framework.md
rename to java/old-change-notes/2021-03-05-play-framework.md
diff --git a/java/change-notes/2021-03-05-regex-utils.md b/java/old-change-notes/2021-03-05-regex-utils.md
similarity index 100%
rename from java/change-notes/2021-03-05-regex-utils.md
rename to java/old-change-notes/2021-03-05-regex-utils.md
diff --git a/java/change-notes/2021-03-10-guava-base.md b/java/old-change-notes/2021-03-10-guava-base.md
similarity index 100%
rename from java/change-notes/2021-03-10-guava-base.md
rename to java/old-change-notes/2021-03-10-guava-base.md
diff --git a/java/change-notes/2021-03-11-commons-strbuilder.md b/java/old-change-notes/2021-03-11-commons-strbuilder.md
similarity index 100%
rename from java/change-notes/2021-03-11-commons-strbuilder.md
rename to java/old-change-notes/2021-03-11-commons-strbuilder.md
diff --git a/java/change-notes/2021-03-18-commons-tostring-builder.md b/java/old-change-notes/2021-03-18-commons-tostring-builder.md
similarity index 100%
rename from java/change-notes/2021-03-18-commons-tostring-builder.md
rename to java/old-change-notes/2021-03-18-commons-tostring-builder.md
diff --git a/java/change-notes/2021-03-22-jax-rs-improvements.md b/java/old-change-notes/2021-03-22-jax-rs-improvements.md
similarity index 100%
rename from java/change-notes/2021-03-22-jax-rs-improvements.md
rename to java/old-change-notes/2021-03-22-jax-rs-improvements.md
diff --git a/java/change-notes/2021-03-23-guava-collections-and-preconditions.md b/java/old-change-notes/2021-03-23-guava-collections-and-preconditions.md
similarity index 100%
rename from java/change-notes/2021-03-23-guava-collections-and-preconditions.md
rename to java/old-change-notes/2021-03-23-guava-collections-and-preconditions.md
diff --git a/java/change-notes/2021-03-25-remove-legacy-code-duplication-library.md b/java/old-change-notes/2021-03-25-remove-legacy-code-duplication-library.md
similarity index 100%
rename from java/change-notes/2021-03-25-remove-legacy-code-duplication-library.md
rename to java/old-change-notes/2021-03-25-remove-legacy-code-duplication-library.md
diff --git a/java/change-notes/2021-03-25-remove-legacy-filter-queries.md b/java/old-change-notes/2021-03-25-remove-legacy-filter-queries.md
similarity index 100%
rename from java/change-notes/2021-03-25-remove-legacy-filter-queries.md
rename to java/old-change-notes/2021-03-25-remove-legacy-filter-queries.md
diff --git a/java/change-notes/2021-04-02-add-spring-validation-errors.md b/java/old-change-notes/2021-04-02-add-spring-validation-errors.md
similarity index 100%
rename from java/change-notes/2021-04-02-add-spring-validation-errors.md
rename to java/old-change-notes/2021-04-02-add-spring-validation-errors.md
diff --git a/java/change-notes/2021-04-06-ssrf-query.md b/java/old-change-notes/2021-04-06-ssrf-query.md
similarity index 100%
rename from java/change-notes/2021-04-06-ssrf-query.md
rename to java/old-change-notes/2021-04-06-ssrf-query.md
diff --git a/java/change-notes/2021-04-14-membertype.md b/java/old-change-notes/2021-04-14-membertype.md
similarity index 100%
rename from java/change-notes/2021-04-14-membertype.md
rename to java/old-change-notes/2021-04-14-membertype.md
diff --git a/java/change-notes/2021-04-26-xpath-injection-query.md b/java/old-change-notes/2021-04-26-xpath-injection-query.md
similarity index 100%
rename from java/change-notes/2021-04-26-xpath-injection-query.md
rename to java/old-change-notes/2021-04-26-xpath-injection-query.md
diff --git a/java/change-notes/2021-05-03-guava-first-non-null.md b/java/old-change-notes/2021-05-03-guava-first-non-null.md
similarity index 100%
rename from java/change-notes/2021-05-03-guava-first-non-null.md
rename to java/old-change-notes/2021-05-03-guava-first-non-null.md
diff --git a/java/change-notes/2021-05-03-jackson-dataflow-deserialization.md b/java/old-change-notes/2021-05-03-jackson-dataflow-deserialization.md
similarity index 100%
rename from java/change-notes/2021-05-03-jackson-dataflow-deserialization.md
rename to java/old-change-notes/2021-05-03-jackson-dataflow-deserialization.md
diff --git a/java/change-notes/2021-05-04-jexl-injection-query.md b/java/old-change-notes/2021-05-04-jexl-injection-query.md
similarity index 100%
rename from java/change-notes/2021-05-04-jexl-injection-query.md
rename to java/old-change-notes/2021-05-04-jexl-injection-query.md
diff --git a/java/change-notes/2021-05-05-kryo-improvements.md b/java/old-change-notes/2021-05-05-kryo-improvements.md
similarity index 100%
rename from java/change-notes/2021-05-05-kryo-improvements.md
rename to java/old-change-notes/2021-05-05-kryo-improvements.md
diff --git a/java/change-notes/2021-05-06-unsafe-android-access-query.md b/java/old-change-notes/2021-05-06-unsafe-android-access-query.md
similarity index 100%
rename from java/change-notes/2021-05-06-unsafe-android-access-query.md
rename to java/old-change-notes/2021-05-06-unsafe-android-access-query.md
diff --git a/java/change-notes/2021-05-11-apache-tuples.md b/java/old-change-notes/2021-05-11-apache-tuples.md
similarity index 100%
rename from java/change-notes/2021-05-11-apache-tuples.md
rename to java/old-change-notes/2021-05-11-apache-tuples.md
diff --git a/java/change-notes/2021-05-11-ratpack-support.md b/java/old-change-notes/2021-05-11-ratpack-support.md
similarity index 100%
rename from java/change-notes/2021-05-11-ratpack-support.md
rename to java/old-change-notes/2021-05-11-ratpack-support.md
diff --git a/java/change-notes/2021-05-12-hardcoded-azure-credentials-in-api-call.md b/java/old-change-notes/2021-05-12-hardcoded-azure-credentials-in-api-call.md
similarity index 100%
rename from java/change-notes/2021-05-12-hardcoded-azure-credentials-in-api-call.md
rename to java/old-change-notes/2021-05-12-hardcoded-azure-credentials-in-api-call.md
diff --git a/java/change-notes/2021-05-12-xxe-fp-fix.md b/java/old-change-notes/2021-05-12-xxe-fp-fix.md
similarity index 100%
rename from java/change-notes/2021-05-12-xxe-fp-fix.md
rename to java/old-change-notes/2021-05-12-xxe-fp-fix.md
diff --git a/java/change-notes/2021-05-13-ognl-injection-query.md b/java/old-change-notes/2021-05-13-ognl-injection-query.md
similarity index 100%
rename from java/change-notes/2021-05-13-ognl-injection-query.md
rename to java/old-change-notes/2021-05-13-ognl-injection-query.md
diff --git a/java/change-notes/2021-05-14-close-resource-leaks-improvements.md b/java/old-change-notes/2021-05-14-close-resource-leaks-improvements.md
similarity index 100%
rename from java/change-notes/2021-05-14-close-resource-leaks-improvements.md
rename to java/old-change-notes/2021-05-14-close-resource-leaks-improvements.md
diff --git a/java/change-notes/2021-05-17-add-unsafe-deserialization-sinks.md b/java/old-change-notes/2021-05-17-add-unsafe-deserialization-sinks.md
similarity index 100%
rename from java/change-notes/2021-05-17-add-unsafe-deserialization-sinks.md
rename to java/old-change-notes/2021-05-17-add-unsafe-deserialization-sinks.md
diff --git a/java/change-notes/2021-05-17-jackson-deserialization-sink.md b/java/old-change-notes/2021-05-17-jackson-deserialization-sink.md
similarity index 100%
rename from java/change-notes/2021-05-17-jackson-deserialization-sink.md
rename to java/old-change-notes/2021-05-17-jackson-deserialization-sink.md
diff --git a/java/change-notes/2021-05-17-missing-jwt-signature-check-query.md b/java/old-change-notes/2021-05-17-missing-jwt-signature-check-query.md
similarity index 100%
rename from java/change-notes/2021-05-17-missing-jwt-signature-check-query.md
rename to java/old-change-notes/2021-05-17-missing-jwt-signature-check-query.md
diff --git a/java/change-notes/2021-05-20-jndi-injection-query.md b/java/old-change-notes/2021-05-20-jndi-injection-query.md
similarity index 100%
rename from java/change-notes/2021-05-20-jndi-injection-query.md
rename to java/old-change-notes/2021-05-20-jndi-injection-query.md
diff --git a/java/change-notes/2021-05-20-savedrequest-taintsources.md b/java/old-change-notes/2021-05-20-savedrequest-taintsources.md
similarity index 100%
rename from java/change-notes/2021-05-20-savedrequest-taintsources.md
rename to java/old-change-notes/2021-05-20-savedrequest-taintsources.md
diff --git a/java/change-notes/2021-05-24-hardcoded-shiro-key-in-api-call.md b/java/old-change-notes/2021-05-24-hardcoded-shiro-key-in-api-call.md
similarity index 100%
rename from java/change-notes/2021-05-24-hardcoded-shiro-key-in-api-call.md
rename to java/old-change-notes/2021-05-24-hardcoded-shiro-key-in-api-call.md
diff --git a/java/change-notes/2021-05-28-remove-senderror-xss-sink.md b/java/old-change-notes/2021-05-28-remove-senderror-xss-sink.md
similarity index 100%
rename from java/change-notes/2021-05-28-remove-senderror-xss-sink.md
rename to java/old-change-notes/2021-05-28-remove-senderror-xss-sink.md
diff --git a/java/change-notes/2021-05-31-add-spring-stringutils.md b/java/old-change-notes/2021-05-31-add-spring-stringutils.md
similarity index 100%
rename from java/change-notes/2021-05-31-add-spring-stringutils.md
rename to java/old-change-notes/2021-05-31-add-spring-stringutils.md
diff --git a/java/change-notes/2021-06-01-collection-flow.md b/java/old-change-notes/2021-06-01-collection-flow.md
similarity index 100%
rename from java/change-notes/2021-06-01-collection-flow.md
rename to java/old-change-notes/2021-06-01-collection-flow.md
diff --git a/java/change-notes/2021-06-01-insecure-basic-auth-query.md b/java/old-change-notes/2021-06-01-insecure-basic-auth-query.md
similarity index 100%
rename from java/change-notes/2021-06-01-insecure-basic-auth-query.md
rename to java/old-change-notes/2021-06-01-insecure-basic-auth-query.md
diff --git a/java/change-notes/2021-06-01-statement-toString.md b/java/old-change-notes/2021-06-01-statement-toString.md
similarity index 100%
rename from java/change-notes/2021-06-01-statement-toString.md
rename to java/old-change-notes/2021-06-01-statement-toString.md
diff --git a/java/change-notes/2021-06-02-mvel-injection-query.md b/java/old-change-notes/2021-06-02-mvel-injection-query.md
similarity index 100%
rename from java/change-notes/2021-06-02-mvel-injection-query.md
rename to java/old-change-notes/2021-06-02-mvel-injection-query.md
diff --git a/java/change-notes/2021-06-08-spel-injection-query.md b/java/old-change-notes/2021-06-08-spel-injection-query.md
similarity index 100%
rename from java/change-notes/2021-06-08-spel-injection-query.md
rename to java/old-change-notes/2021-06-08-spel-injection-query.md
diff --git a/java/change-notes/2021-06-08-spring-http.md b/java/old-change-notes/2021-06-08-spring-http.md
similarity index 100%
rename from java/change-notes/2021-06-08-spring-http.md
rename to java/old-change-notes/2021-06-08-spring-http.md
diff --git a/java/change-notes/2021-06-08-spring-propertyvalues.md b/java/old-change-notes/2021-06-08-spring-propertyvalues.md
similarity index 100%
rename from java/change-notes/2021-06-08-spring-propertyvalues.md
rename to java/old-change-notes/2021-06-08-spring-propertyvalues.md
diff --git a/java/change-notes/2021-06-11-tainted-key-read-steps.md b/java/old-change-notes/2021-06-11-tainted-key-read-steps.md
similarity index 100%
rename from java/change-notes/2021-06-11-tainted-key-read-steps.md
rename to java/old-change-notes/2021-06-11-tainted-key-read-steps.md
diff --git a/java/change-notes/2021-06-14-groovy-code-injection-query.md b/java/old-change-notes/2021-06-14-groovy-code-injection-query.md
similarity index 100%
rename from java/change-notes/2021-06-14-groovy-code-injection-query.md
rename to java/old-change-notes/2021-06-14-groovy-code-injection-query.md
diff --git a/java/change-notes/2021-06-16-xslt-injection-query.md b/java/old-change-notes/2021-06-16-xslt-injection-query.md
similarity index 100%
rename from java/change-notes/2021-06-16-xslt-injection-query.md
rename to java/old-change-notes/2021-06-16-xslt-injection-query.md
diff --git a/java/change-notes/2021-06-18-apache-mutable.md b/java/old-change-notes/2021-06-18-apache-mutable.md
similarity index 100%
rename from java/change-notes/2021-06-18-apache-mutable.md
rename to java/old-change-notes/2021-06-18-apache-mutable.md
diff --git a/java/change-notes/2021-06-18-insecure-java-mail-query.md b/java/old-change-notes/2021-06-18-insecure-java-mail-query.md
similarity index 100%
rename from java/change-notes/2021-06-18-insecure-java-mail-query.md
rename to java/old-change-notes/2021-06-18-insecure-java-mail-query.md
diff --git a/java/change-notes/2021-06-22-more-steps-for-bytebuffer-inputstream.md b/java/old-change-notes/2021-06-22-more-steps-for-bytebuffer-inputstream.md
similarity index 100%
rename from java/change-notes/2021-06-22-more-steps-for-bytebuffer-inputstream.md
rename to java/old-change-notes/2021-06-22-more-steps-for-bytebuffer-inputstream.md
diff --git a/java/change-notes/2021-06-22-util-optional.md b/java/old-change-notes/2021-06-22-util-optional.md
similarity index 100%
rename from java/change-notes/2021-06-22-util-optional.md
rename to java/old-change-notes/2021-06-22-util-optional.md
diff --git a/java/change-notes/2021-06-23-generic-type-names.md b/java/old-change-notes/2021-06-23-generic-type-names.md
similarity index 100%
rename from java/change-notes/2021-06-23-generic-type-names.md
rename to java/old-change-notes/2021-06-23-generic-type-names.md
diff --git a/java/change-notes/2021-06-24-dataflow-implicit-reads.md b/java/old-change-notes/2021-06-24-dataflow-implicit-reads.md
similarity index 100%
rename from java/change-notes/2021-06-24-dataflow-implicit-reads.md
rename to java/old-change-notes/2021-06-24-dataflow-implicit-reads.md
diff --git a/java/change-notes/2021-06-25-apache-collections-maputils-keyvalue.md b/java/old-change-notes/2021-06-25-apache-collections-maputils-keyvalue.md
similarity index 100%
rename from java/change-notes/2021-06-25-apache-collections-maputils-keyvalue.md
rename to java/old-change-notes/2021-06-25-apache-collections-maputils-keyvalue.md
diff --git a/java/change-notes/2021-06-25-jax-rs-content-types.md b/java/old-change-notes/2021-06-25-jax-rs-content-types.md
similarity index 100%
rename from java/change-notes/2021-06-25-jax-rs-content-types.md
rename to java/old-change-notes/2021-06-25-jax-rs-content-types.md
diff --git a/java/change-notes/2021-06-29-javax-json-models.md b/java/old-change-notes/2021-06-29-javax-json-models.md
similarity index 100%
rename from java/change-notes/2021-06-29-javax-json-models.md
rename to java/old-change-notes/2021-06-29-javax-json-models.md
diff --git a/java/change-notes/2021-07-01-spring-collections.md b/java/old-change-notes/2021-07-01-spring-collections.md
similarity index 100%
rename from java/change-notes/2021-07-01-spring-collections.md
rename to java/old-change-notes/2021-07-01-spring-collections.md
diff --git a/java/change-notes/2021-07-01-spring-webmultipart.md b/java/old-change-notes/2021-07-01-spring-webmultipart.md
similarity index 100%
rename from java/change-notes/2021-07-01-spring-webmultipart.md
rename to java/old-change-notes/2021-07-01-spring-webmultipart.md
diff --git a/java/change-notes/2021-07-01-spring-webutil.md b/java/old-change-notes/2021-07-01-spring-webutil.md
similarity index 100%
rename from java/change-notes/2021-07-01-spring-webutil.md
rename to java/old-change-notes/2021-07-01-spring-webutil.md
diff --git a/java/change-notes/2021-07-01-url-classloader-reactive-webclient.md b/java/old-change-notes/2021-07-01-url-classloader-reactive-webclient.md
similarity index 100%
rename from java/change-notes/2021-07-01-url-classloader-reactive-webclient.md
rename to java/old-change-notes/2021-07-01-url-classloader-reactive-webclient.md
diff --git a/java/change-notes/2021-07-02-split-queries.md b/java/old-change-notes/2021-07-02-split-queries.md
similarity index 100%
rename from java/change-notes/2021-07-02-split-queries.md
rename to java/old-change-notes/2021-07-02-split-queries.md
diff --git a/java/change-notes/2021-07-14-spring-jdbc.md b/java/old-change-notes/2021-07-14-spring-jdbc.md
similarity index 100%
rename from java/change-notes/2021-07-14-spring-jdbc.md
rename to java/old-change-notes/2021-07-14-spring-jdbc.md
diff --git a/java/change-notes/2021-07-19-json-java.md b/java/old-change-notes/2021-07-19-json-java.md
similarity index 100%
rename from java/change-notes/2021-07-19-json-java.md
rename to java/old-change-notes/2021-07-19-json-java.md
diff --git a/java/change-notes/2021-07-22-model-collection-constructors.md b/java/old-change-notes/2021-07-22-model-collection-constructors.md
similarity index 100%
rename from java/change-notes/2021-07-22-model-collection-constructors.md
rename to java/old-change-notes/2021-07-22-model-collection-constructors.md
diff --git a/java/change-notes/2021-07-27-apache-collections-base-package.md b/java/old-change-notes/2021-07-27-apache-collections-base-package.md
similarity index 100%
rename from java/change-notes/2021-07-27-apache-collections-base-package.md
rename to java/old-change-notes/2021-07-27-apache-collections-base-package.md
diff --git a/java/change-notes/2021-07-28-guava-cache.md b/java/old-change-notes/2021-07-28-guava-cache.md
similarity index 100%
rename from java/change-notes/2021-07-28-guava-cache.md
rename to java/old-change-notes/2021-07-28-guava-cache.md
diff --git a/java/change-notes/2021-08-02-android-intent-redirect-query.md b/java/old-change-notes/2021-08-02-android-intent-redirect-query.md
similarity index 100%
rename from java/change-notes/2021-08-02-android-intent-redirect-query.md
rename to java/old-change-notes/2021-08-02-android-intent-redirect-query.md
diff --git a/java/change-notes/2021-08-02-guava-collections.md b/java/old-change-notes/2021-08-02-guava-collections.md
similarity index 100%
rename from java/change-notes/2021-08-02-guava-collections.md
rename to java/old-change-notes/2021-08-02-guava-collections.md
diff --git a/java/change-notes/2021-08-03-spring-content-types.md b/java/old-change-notes/2021-08-03-spring-content-types.md
similarity index 100%
rename from java/change-notes/2021-08-03-spring-content-types.md
rename to java/old-change-notes/2021-08-03-spring-content-types.md
diff --git a/java/change-notes/2021-08-04-jabsorb-unsafe-deserialization.md b/java/old-change-notes/2021-08-04-jabsorb-unsafe-deserialization.md
similarity index 100%
rename from java/change-notes/2021-08-04-jabsorb-unsafe-deserialization.md
rename to java/old-change-notes/2021-08-04-jabsorb-unsafe-deserialization.md
diff --git a/java/change-notes/2021-08-05-jodd-unsafe-deserialization.md b/java/old-change-notes/2021-08-05-jodd-unsafe-deserialization.md
similarity index 100%
rename from java/change-notes/2021-08-05-jodd-unsafe-deserialization.md
rename to java/old-change-notes/2021-08-05-jodd-unsafe-deserialization.md
diff --git a/java/change-notes/2021-08-09-flexjson-unsafe-deserialization.md b/java/old-change-notes/2021-08-09-flexjson-unsafe-deserialization.md
similarity index 100%
rename from java/change-notes/2021-08-09-flexjson-unsafe-deserialization.md
rename to java/old-change-notes/2021-08-09-flexjson-unsafe-deserialization.md
diff --git a/java/change-notes/2021-08-10-gson-unsafe-deserialization.md b/java/old-change-notes/2021-08-10-gson-unsafe-deserialization.md
similarity index 100%
rename from java/change-notes/2021-08-10-gson-unsafe-deserialization.md
rename to java/old-change-notes/2021-08-10-gson-unsafe-deserialization.md
diff --git a/java/change-notes/2021-08-12-jax-rs-filter-sources.md b/java/old-change-notes/2021-08-12-jax-rs-filter-sources.md
similarity index 100%
rename from java/change-notes/2021-08-12-jax-rs-filter-sources.md
rename to java/old-change-notes/2021-08-12-jax-rs-filter-sources.md
diff --git a/java/change-notes/2021-08-23-getPrimaryQlClasses.md b/java/old-change-notes/2021-08-23-getPrimaryQlClasses.md
similarity index 100%
rename from java/change-notes/2021-08-23-getPrimaryQlClasses.md
rename to java/old-change-notes/2021-08-23-getPrimaryQlClasses.md
diff --git a/java/change-notes/2021-08-23-local-interfaces-enums.md b/java/old-change-notes/2021-08-23-local-interfaces-enums.md
similarity index 100%
rename from java/change-notes/2021-08-23-local-interfaces-enums.md
rename to java/old-change-notes/2021-08-23-local-interfaces-enums.md
diff --git a/java/change-notes/2021-08-24-downgrade-sql-unescaped.md b/java/old-change-notes/2021-08-24-downgrade-sql-unescaped.md
similarity index 100%
rename from java/change-notes/2021-08-24-downgrade-sql-unescaped.md
rename to java/old-change-notes/2021-08-24-downgrade-sql-unescaped.md
diff --git a/java/change-notes/2021-09-03-android-sensitive-broadcast.md b/java/old-change-notes/2021-09-03-android-sensitive-broadcast.md
similarity index 100%
rename from java/change-notes/2021-09-03-android-sensitive-broadcast.md
rename to java/old-change-notes/2021-09-03-android-sensitive-broadcast.md
diff --git a/java/change-notes/2021-09-13-android-uri.md b/java/old-change-notes/2021-09-13-android-uri.md
similarity index 100%
rename from java/change-notes/2021-09-13-android-uri.md
rename to java/old-change-notes/2021-09-13-android-uri.md
diff --git a/java/change-notes/2021-09-13-javadoc-type-parameters.md b/java/old-change-notes/2021-09-13-javadoc-type-parameters.md
similarity index 100%
rename from java/change-notes/2021-09-13-javadoc-type-parameters.md
rename to java/old-change-notes/2021-09-13-javadoc-type-parameters.md
diff --git a/java/change-notes/2021-09-13-location-toString.md b/java/old-change-notes/2021-09-13-location-toString.md
similarity index 100%
rename from java/change-notes/2021-09-13-location-toString.md
rename to java/old-change-notes/2021-09-13-location-toString.md
diff --git a/java/change-notes/2021-09-14-conditional-bypass-improvements.md b/java/old-change-notes/2021-09-14-conditional-bypass-improvements.md
similarity index 100%
rename from java/change-notes/2021-09-14-conditional-bypass-improvements.md
rename to java/old-change-notes/2021-09-14-conditional-bypass-improvements.md
diff --git a/java/change-notes/2021-09-14-jsf-support.md b/java/old-change-notes/2021-09-14-jsf-support.md
similarity index 100%
rename from java/change-notes/2021-09-14-jsf-support.md
rename to java/old-change-notes/2021-09-14-jsf-support.md
diff --git a/java/change-notes/2021-09-27-apache-collections-subpackages.md b/java/old-change-notes/2021-09-27-apache-collections-subpackages.md
similarity index 100%
rename from java/change-notes/2021-09-27-apache-collections-subpackages.md
rename to java/old-change-notes/2021-09-27-apache-collections-subpackages.md
diff --git a/java/change-notes/2021-10-07-java-util-stream.md b/java/old-change-notes/2021-10-07-java-util-stream.md
similarity index 100%
rename from java/change-notes/2021-10-07-java-util-stream.md
rename to java/old-change-notes/2021-10-07-java-util-stream.md
diff --git a/java/change-notes/2021-10-20-more-specific-types.md b/java/old-change-notes/2021-10-20-more-specific-types.md
similarity index 100%
rename from java/change-notes/2021-10-20-more-specific-types.md
rename to java/old-change-notes/2021-10-20-more-specific-types.md
diff --git a/java/change-notes/2021-10-29-deprecate-String-getRepresentedString.md b/java/old-change-notes/2021-10-29-deprecate-String-getRepresentedString.md
similarity index 100%
rename from java/change-notes/2021-10-29-deprecate-String-getRepresentedString.md
rename to java/old-change-notes/2021-10-29-deprecate-String-getRepresentedString.md
diff --git a/java/change-notes/2021-10-29-improved-ratpack-support.md b/java/old-change-notes/2021-10-29-improved-ratpack-support.md
similarity index 100%
rename from java/change-notes/2021-10-29-improved-ratpack-support.md
rename to java/old-change-notes/2021-10-29-improved-ratpack-support.md
diff --git a/java/change-notes/2021-10-29-optional-lambda-flow.md b/java/old-change-notes/2021-10-29-optional-lambda-flow.md
similarity index 100%
rename from java/change-notes/2021-10-29-optional-lambda-flow.md
rename to java/old-change-notes/2021-10-29-optional-lambda-flow.md
diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md
index 5dec32d6688..054184eb7e5 100644
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,10 @@
+## 0.0.5
+
+### Bug Fixes
+
+* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
+* The `RangeAnalysis` module now properly handles comparisons with Unicode surrogate character literals.
+
 ## 0.0.4
 
 ### Bug Fixes
diff --git a/java/ql/lib/change-notes/released/0.0.5.md b/java/ql/lib/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..4d056321c28
--- /dev/null
+++ b/java/ql/lib/change-notes/released/0.0.5.md
@@ -0,0 +1,6 @@
+## 0.0.5
+
+### Bug Fixes
+
+* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
+* The `RangeAnalysis` module now properly handles comparisons with Unicode surrogate character literals.
diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml
index c2b157b1ad5..13bd8b93fe9 100644
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md
index 3268fefb272..f6dd930d629 100644
--- a/java/ql/src/CHANGELOG.md
+++ b/java/ql/src/CHANGELOG.md
@@ -1 +1,7 @@
+## 0.0.5
+
+### Minor Analysis Improvements
+
+* The `java/constant-comparison` query no longer raises false alerts regarding comparisons with Unicode surrogate character literals.
+
 ## 0.0.4
diff --git a/java/ql/src/change-notes/released/0.0.5.md b/java/ql/src/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..632fad94c8c
--- /dev/null
+++ b/java/ql/src/change-notes/released/0.0.5.md
@@ -0,0 +1,5 @@
+## 0.0.5
+
+### Minor Analysis Improvements
+
+* The `java/constant-comparison` query no longer raises false alerts regarding comparisons with Unicode surrogate character literals.
diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/java/ql/src/codeql-pack.release.yml
+++ b/java/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml
index 8152e4d1d5c..4362018759a 100644
--- a/java/ql/src/qlpack.yml
+++ b/java/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-queries
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: java
 suites: codeql-suites
 extractor: java
diff --git a/java/upgrades/CHANGELOG.md b/java/upgrades/CHANGELOG.md
index 3268fefb272..05dbc9d5f4e 100644
--- a/java/upgrades/CHANGELOG.md
+++ b/java/upgrades/CHANGELOG.md
@@ -1 +1,3 @@
+## 0.0.5
+
 ## 0.0.4
diff --git a/java/upgrades/change-notes/released/0.0.5.md b/java/upgrades/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/java/upgrades/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/java/upgrades/codeql-pack.release.yml b/java/upgrades/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/java/upgrades/codeql-pack.release.yml
+++ b/java/upgrades/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/java/upgrades/qlpack.yml b/java/upgrades/qlpack.yml
index 75cc8f06721..ab52a2d7488 100644
--- a/java/upgrades/qlpack.yml
+++ b/java/upgrades/qlpack.yml
@@ -2,4 +2,4 @@ name: codeql/java-upgrades
 groups: java
 upgrades: .
 library: true
-version: 0.0.5-dev
+version: 0.0.6-dev
diff --git a/javascript/change-notes/2021-11-02-insufficient-key-size.md b/javascript/change-notes/2021-11-02-insufficient-key-size.md
deleted file mode 100644
index be0f3bcddb7..00000000000
--- a/javascript/change-notes/2021-11-02-insufficient-key-size.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size.
diff --git a/javascript/change-notes/2021-11-02-session-fixation.md b/javascript/change-notes/2021-11-02-session-fixation.md
deleted file mode 100644
index 6c74b6a229a..00000000000
--- a/javascript/change-notes/2021-11-02-session-fixation.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in.
diff --git a/javascript/change-notes/2021-11-04-sensitive-get-query.md b/javascript/change-notes/2021-11-04-sensitive-get-query.md
deleted file mode 100644
index 389f088e7bb..00000000000
--- a/javascript/change-notes/2021-11-04-sensitive-get-query.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string.
diff --git a/javascript/change-notes/2020-05-17-prototype-assignment.md b/javascript/old-change-notes/2020-05-17-prototype-assignment.md
similarity index 100%
rename from javascript/change-notes/2020-05-17-prototype-assignment.md
rename to javascript/old-change-notes/2020-05-17-prototype-assignment.md
diff --git a/javascript/change-notes/2020-11-06-date-functions.md b/javascript/old-change-notes/2020-11-06-date-functions.md
similarity index 100%
rename from javascript/change-notes/2020-11-06-date-functions.md
rename to javascript/old-change-notes/2020-11-06-date-functions.md
diff --git a/javascript/change-notes/2020-11-09-jwt.md b/javascript/old-change-notes/2020-11-09-jwt.md
similarity index 100%
rename from javascript/change-notes/2020-11-09-jwt.md
rename to javascript/old-change-notes/2020-11-09-jwt.md
diff --git a/javascript/change-notes/2020-11-11-react-hot-loader.md b/javascript/old-change-notes/2020-11-11-react-hot-loader.md
similarity index 100%
rename from javascript/change-notes/2020-11-11-react-hot-loader.md
rename to javascript/old-change-notes/2020-11-11-react-hot-loader.md
diff --git a/javascript/change-notes/2020-11-25-prototype-pollution.md b/javascript/old-change-notes/2020-11-25-prototype-pollution.md
similarity index 100%
rename from javascript/change-notes/2020-11-25-prototype-pollution.md
rename to javascript/old-change-notes/2020-11-25-prototype-pollution.md
diff --git a/javascript/change-notes/2020-11-30-loginjection.md b/javascript/old-change-notes/2020-11-30-loginjection.md
similarity index 100%
rename from javascript/change-notes/2020-11-30-loginjection.md
rename to javascript/old-change-notes/2020-11-30-loginjection.md
diff --git a/javascript/change-notes/2020-11-30-nosql.md b/javascript/old-change-notes/2020-11-30-nosql.md
similarity index 100%
rename from javascript/change-notes/2020-11-30-nosql.md
rename to javascript/old-change-notes/2020-11-30-nosql.md
diff --git a/javascript/change-notes/2020-12-02-typescript-4.1.md b/javascript/old-change-notes/2020-12-02-typescript-4.1.md
similarity index 100%
rename from javascript/change-notes/2020-12-02-typescript-4.1.md
rename to javascript/old-change-notes/2020-12-02-typescript-4.1.md
diff --git a/javascript/change-notes/2020-12-09-external-flow-sources.md b/javascript/old-change-notes/2020-12-09-external-flow-sources.md
similarity index 100%
rename from javascript/change-notes/2020-12-09-external-flow-sources.md
rename to javascript/old-change-notes/2020-12-09-external-flow-sources.md
diff --git a/javascript/change-notes/2020-12-16-build-artifact-leak.md b/javascript/old-change-notes/2020-12-16-build-artifact-leak.md
similarity index 100%
rename from javascript/change-notes/2020-12-16-build-artifact-leak.md
rename to javascript/old-change-notes/2020-12-16-build-artifact-leak.md
diff --git a/javascript/change-notes/2020-12-16-indirect-cmd-libraries.md b/javascript/old-change-notes/2020-12-16-indirect-cmd-libraries.md
similarity index 100%
rename from javascript/change-notes/2020-12-16-indirect-cmd-libraries.md
rename to javascript/old-change-notes/2020-12-16-indirect-cmd-libraries.md
diff --git a/javascript/change-notes/2020-12-22-execa.md b/javascript/old-change-notes/2020-12-22-execa.md
similarity index 100%
rename from javascript/change-notes/2020-12-22-execa.md
rename to javascript/old-change-notes/2020-12-22-execa.md
diff --git a/javascript/change-notes/2021-01-04-superliniar-redos.md b/javascript/old-change-notes/2021-01-04-superliniar-redos.md
similarity index 100%
rename from javascript/change-notes/2021-01-04-superliniar-redos.md
rename to javascript/old-change-notes/2021-01-04-superliniar-redos.md
diff --git a/javascript/change-notes/2021-01-08-js-incomplete-multi-character-sanitization.md b/javascript/old-change-notes/2021-01-08-js-incomplete-multi-character-sanitization.md
similarity index 100%
rename from javascript/change-notes/2021-01-08-js-incomplete-multi-character-sanitization.md
rename to javascript/old-change-notes/2021-01-08-js-incomplete-multi-character-sanitization.md
diff --git a/javascript/change-notes/2021-01-14-polynomial-redos.md b/javascript/old-change-notes/2021-01-14-polynomial-redos.md
similarity index 100%
rename from javascript/change-notes/2021-01-14-polynomial-redos.md
rename to javascript/old-change-notes/2021-01-14-polynomial-redos.md
diff --git a/javascript/change-notes/2021-01-18-angular-templates.md b/javascript/old-change-notes/2021-01-18-angular-templates.md
similarity index 100%
rename from javascript/change-notes/2021-01-18-angular-templates.md
rename to javascript/old-change-notes/2021-01-18-angular-templates.md
diff --git a/javascript/change-notes/2021-01-18-server-crash.md b/javascript/old-change-notes/2021-01-18-server-crash.md
similarity index 100%
rename from javascript/change-notes/2021-01-18-server-crash.md
rename to javascript/old-change-notes/2021-01-18-server-crash.md
diff --git a/javascript/change-notes/2021-01-21-type-inference-compound.md b/javascript/old-change-notes/2021-01-21-type-inference-compound.md
similarity index 100%
rename from javascript/change-notes/2021-01-21-type-inference-compound.md
rename to javascript/old-change-notes/2021-01-21-type-inference-compound.md
diff --git a/javascript/change-notes/2021-01-21-unneeded-defensive-code.md b/javascript/old-change-notes/2021-01-21-unneeded-defensive-code.md
similarity index 100%
rename from javascript/change-notes/2021-01-21-unneeded-defensive-code.md
rename to javascript/old-change-notes/2021-01-21-unneeded-defensive-code.md
diff --git a/javascript/change-notes/2021-02-08-immutable.md b/javascript/old-change-notes/2021-02-08-immutable.md
similarity index 100%
rename from javascript/change-notes/2021-02-08-immutable.md
rename to javascript/old-change-notes/2021-02-08-immutable.md
diff --git a/javascript/change-notes/2021-02-08-xml-parser-taint.md b/javascript/old-change-notes/2021-02-08-xml-parser-taint.md
similarity index 100%
rename from javascript/change-notes/2021-02-08-xml-parser-taint.md
rename to javascript/old-change-notes/2021-02-08-xml-parser-taint.md
diff --git a/javascript/change-notes/2021-02-08-xss-through-dom-forms.md b/javascript/old-change-notes/2021-02-08-xss-through-dom-forms.md
similarity index 100%
rename from javascript/change-notes/2021-02-08-xss-through-dom-forms.md
rename to javascript/old-change-notes/2021-02-08-xss-through-dom-forms.md
diff --git a/javascript/change-notes/2021-02-09-form-parsers.md b/javascript/old-change-notes/2021-02-09-form-parsers.md
similarity index 100%
rename from javascript/change-notes/2021-02-09-form-parsers.md
rename to javascript/old-change-notes/2021-02-09-form-parsers.md
diff --git a/javascript/change-notes/2021-02-10-markdown.md b/javascript/old-change-notes/2021-02-10-markdown.md
similarity index 100%
rename from javascript/change-notes/2021-02-10-markdown.md
rename to javascript/old-change-notes/2021-02-10-markdown.md
diff --git a/javascript/change-notes/2021-02-11-apollo-client.md b/javascript/old-change-notes/2021-02-11-apollo-client.md
similarity index 100%
rename from javascript/change-notes/2021-02-11-apollo-client.md
rename to javascript/old-change-notes/2021-02-11-apollo-client.md
diff --git a/javascript/change-notes/2021-02-16-vue-router.md b/javascript/old-change-notes/2021-02-16-vue-router.md
similarity index 100%
rename from javascript/change-notes/2021-02-16-vue-router.md
rename to javascript/old-change-notes/2021-02-16-vue-router.md
diff --git a/javascript/change-notes/2021-02-18-next-js.md b/javascript/old-change-notes/2021-02-18-next-js.md
similarity index 100%
rename from javascript/change-notes/2021-02-18-next-js.md
rename to javascript/old-change-notes/2021-02-18-next-js.md
diff --git a/javascript/change-notes/2021-02-18-typescript-4.2.md b/javascript/old-change-notes/2021-02-18-typescript-4.2.md
similarity index 100%
rename from javascript/change-notes/2021-02-18-typescript-4.2.md
rename to javascript/old-change-notes/2021-02-18-typescript-4.2.md
diff --git a/javascript/change-notes/2021-02-25-event-handler-receiver-is-dom-element.md b/javascript/old-change-notes/2021-02-25-event-handler-receiver-is-dom-element.md
similarity index 100%
rename from javascript/change-notes/2021-02-25-event-handler-receiver-is-dom-element.md
rename to javascript/old-change-notes/2021-02-25-event-handler-receiver-is-dom-element.md
diff --git a/javascript/change-notes/2021-02-25-http-proxy.md b/javascript/old-change-notes/2021-02-25-http-proxy.md
similarity index 100%
rename from javascript/change-notes/2021-02-25-http-proxy.md
rename to javascript/old-change-notes/2021-02-25-http-proxy.md
diff --git a/javascript/change-notes/2021-02-26-form-data.md b/javascript/old-change-notes/2021-02-26-form-data.md
similarity index 100%
rename from javascript/change-notes/2021-02-26-form-data.md
rename to javascript/old-change-notes/2021-02-26-form-data.md
diff --git a/javascript/change-notes/2021-03-01-ajv.md b/javascript/old-change-notes/2021-03-01-ajv.md
similarity index 100%
rename from javascript/change-notes/2021-03-01-ajv.md
rename to javascript/old-change-notes/2021-03-01-ajv.md
diff --git a/javascript/change-notes/2021-03-09-template-object-injection.md b/javascript/old-change-notes/2021-03-09-template-object-injection.md
similarity index 100%
rename from javascript/change-notes/2021-03-09-template-object-injection.md
rename to javascript/old-change-notes/2021-03-09-template-object-injection.md
diff --git a/javascript/change-notes/2021-03-10-d3.md b/javascript/old-change-notes/2021-03-10-d3.md
similarity index 100%
rename from javascript/change-notes/2021-03-10-d3.md
rename to javascript/old-change-notes/2021-03-10-d3.md
diff --git a/javascript/change-notes/2021-03-15-client-side-remote-flow-sources.md b/javascript/old-change-notes/2021-03-15-client-side-remote-flow-sources.md
similarity index 100%
rename from javascript/change-notes/2021-03-15-client-side-remote-flow-sources.md
rename to javascript/old-change-notes/2021-03-15-client-side-remote-flow-sources.md
diff --git a/javascript/change-notes/2021-03-17-koa-route.md b/javascript/old-change-notes/2021-03-17-koa-route.md
similarity index 100%
rename from javascript/change-notes/2021-03-17-koa-route.md
rename to javascript/old-change-notes/2021-03-17-koa-route.md
diff --git a/javascript/change-notes/2021-03-17-precise-regex-replace.md b/javascript/old-change-notes/2021-03-17-precise-regex-replace.md
similarity index 100%
rename from javascript/change-notes/2021-03-17-precise-regex-replace.md
rename to javascript/old-change-notes/2021-03-17-precise-regex-replace.md
diff --git a/javascript/change-notes/2021-03-17-puppeteer.md b/javascript/old-change-notes/2021-03-17-puppeteer.md
similarity index 100%
rename from javascript/change-notes/2021-03-17-puppeteer.md
rename to javascript/old-change-notes/2021-03-17-puppeteer.md
diff --git a/javascript/change-notes/2021-03-19-async-execute.md b/javascript/old-change-notes/2021-03-19-async-execute.md
similarity index 100%
rename from javascript/change-notes/2021-03-19-async-execute.md
rename to javascript/old-change-notes/2021-03-19-async-execute.md
diff --git a/javascript/change-notes/2021-03-23-accessor-calls.md b/javascript/old-change-notes/2021-03-23-accessor-calls.md
similarity index 100%
rename from javascript/change-notes/2021-03-23-accessor-calls.md
rename to javascript/old-change-notes/2021-03-23-accessor-calls.md
diff --git a/javascript/change-notes/2021-03-25-remove-legacy-code-duplication-library.md b/javascript/old-change-notes/2021-03-25-remove-legacy-code-duplication-library.md
similarity index 100%
rename from javascript/change-notes/2021-03-25-remove-legacy-code-duplication-library.md
rename to javascript/old-change-notes/2021-03-25-remove-legacy-code-duplication-library.md
diff --git a/javascript/change-notes/2021-03-25-remove-legacy-filter-queries.md b/javascript/old-change-notes/2021-03-25-remove-legacy-filter-queries.md
similarity index 100%
rename from javascript/change-notes/2021-03-25-remove-legacy-filter-queries.md
rename to javascript/old-change-notes/2021-03-25-remove-legacy-filter-queries.md
diff --git a/javascript/change-notes/2021-03-29-misc-steps.md b/javascript/old-change-notes/2021-03-29-misc-steps.md
similarity index 100%
rename from javascript/change-notes/2021-03-29-misc-steps.md
rename to javascript/old-change-notes/2021-03-29-misc-steps.md
diff --git a/javascript/change-notes/2021-03-29-pg-promise.md b/javascript/old-change-notes/2021-03-29-pg-promise.md
similarity index 100%
rename from javascript/change-notes/2021-03-29-pg-promise.md
rename to javascript/old-change-notes/2021-03-29-pg-promise.md
diff --git a/javascript/change-notes/2021-03-30-sql-models.md b/javascript/old-change-notes/2021-03-30-sql-models.md
similarity index 100%
rename from javascript/change-notes/2021-03-30-sql-models.md
rename to javascript/old-change-notes/2021-03-30-sql-models.md
diff --git a/javascript/change-notes/2021-04-01-tsconfig-file-inclusion-handling.md b/javascript/old-change-notes/2021-04-01-tsconfig-file-inclusion-handling.md
similarity index 100%
rename from javascript/change-notes/2021-04-01-tsconfig-file-inclusion-handling.md
rename to javascript/old-change-notes/2021-04-01-tsconfig-file-inclusion-handling.md
diff --git a/javascript/change-notes/2021-04-08-redux.md b/javascript/old-change-notes/2021-04-08-redux.md
similarity index 100%
rename from javascript/change-notes/2021-04-08-redux.md
rename to javascript/old-change-notes/2021-04-08-redux.md
diff --git a/javascript/change-notes/2021-04-12-disabling-certificate-validation.md b/javascript/old-change-notes/2021-04-12-disabling-certificate-validation.md
similarity index 100%
rename from javascript/change-notes/2021-04-12-disabling-certificate-validation.md
rename to javascript/old-change-notes/2021-04-12-disabling-certificate-validation.md
diff --git a/javascript/change-notes/2021-04-15-fs-promises.md b/javascript/old-change-notes/2021-04-15-fs-promises.md
similarity index 100%
rename from javascript/change-notes/2021-04-15-fs-promises.md
rename to javascript/old-change-notes/2021-04-15-fs-promises.md
diff --git a/javascript/change-notes/2021-04-15-markdownit.md b/javascript/old-change-notes/2021-04-15-markdownit.md
similarity index 100%
rename from javascript/change-notes/2021-04-15-markdownit.md
rename to javascript/old-change-notes/2021-04-15-markdownit.md
diff --git a/javascript/change-notes/2021-04-15-nestjs.md b/javascript/old-change-notes/2021-04-15-nestjs.md
similarity index 100%
rename from javascript/change-notes/2021-04-15-nestjs.md
rename to javascript/old-change-notes/2021-04-15-nestjs.md
diff --git a/javascript/change-notes/2021-04-15-typescript-template-literal-type-crash.md b/javascript/old-change-notes/2021-04-15-typescript-template-literal-type-crash.md
similarity index 100%
rename from javascript/change-notes/2021-04-15-typescript-template-literal-type-crash.md
rename to javascript/old-change-notes/2021-04-15-typescript-template-literal-type-crash.md
diff --git a/javascript/change-notes/2021-04-21-rate-limiting-fixes.md b/javascript/old-change-notes/2021-04-21-rate-limiting-fixes.md
similarity index 100%
rename from javascript/change-notes/2021-04-21-rate-limiting-fixes.md
rename to javascript/old-change-notes/2021-04-21-rate-limiting-fixes.md
diff --git a/javascript/change-notes/2021-04-26-unsafe-html-construction.md b/javascript/old-change-notes/2021-04-26-unsafe-html-construction.md
similarity index 100%
rename from javascript/change-notes/2021-04-26-unsafe-html-construction.md
rename to javascript/old-change-notes/2021-04-26-unsafe-html-construction.md
diff --git a/javascript/change-notes/2021-04-27-anser.md b/javascript/old-change-notes/2021-04-27-anser.md
similarity index 100%
rename from javascript/change-notes/2021-04-27-anser.md
rename to javascript/old-change-notes/2021-04-27-anser.md
diff --git a/javascript/change-notes/2021-05-10-sqlite3-chaining.md b/javascript/old-change-notes/2021-05-10-sqlite3-chaining.md
similarity index 100%
rename from javascript/change-notes/2021-05-10-sqlite3-chaining.md
rename to javascript/old-change-notes/2021-05-10-sqlite3-chaining.md
diff --git a/javascript/change-notes/2021-05-18-clone.md b/javascript/old-change-notes/2021-05-18-clone.md
similarity index 100%
rename from javascript/change-notes/2021-05-18-clone.md
rename to javascript/old-change-notes/2021-05-18-clone.md
diff --git a/javascript/change-notes/2021-05-31-typescript-4.3.md b/javascript/old-change-notes/2021-05-31-typescript-4.3.md
similarity index 100%
rename from javascript/change-notes/2021-05-31-typescript-4.3.md
rename to javascript/old-change-notes/2021-05-31-typescript-4.3.md
diff --git a/javascript/change-notes/2021-06-02-debug.md b/javascript/old-change-notes/2021-06-02-debug.md
similarity index 100%
rename from javascript/change-notes/2021-06-02-debug.md
rename to javascript/old-change-notes/2021-06-02-debug.md
diff --git a/javascript/change-notes/2021-06-02-prettier.md b/javascript/old-change-notes/2021-06-02-prettier.md
similarity index 100%
rename from javascript/change-notes/2021-06-02-prettier.md
rename to javascript/old-change-notes/2021-06-02-prettier.md
diff --git a/javascript/change-notes/2021-06-02-webpack-merge.md b/javascript/old-change-notes/2021-06-02-webpack-merge.md
similarity index 100%
rename from javascript/change-notes/2021-06-02-webpack-merge.md
rename to javascript/old-change-notes/2021-06-02-webpack-merge.md
diff --git a/javascript/change-notes/2021-06-03-history.md b/javascript/old-change-notes/2021-06-03-history.md
similarity index 100%
rename from javascript/change-notes/2021-06-03-history.md
rename to javascript/old-change-notes/2021-06-03-history.md
diff --git a/javascript/change-notes/2021-06-04-resolve.md b/javascript/old-change-notes/2021-06-04-resolve.md
similarity index 100%
rename from javascript/change-notes/2021-06-04-resolve.md
rename to javascript/old-change-notes/2021-06-04-resolve.md
diff --git a/javascript/change-notes/2021-06-04-whatwg-fetch.md b/javascript/old-change-notes/2021-06-04-whatwg-fetch.md
similarity index 100%
rename from javascript/change-notes/2021-06-04-whatwg-fetch.md
rename to javascript/old-change-notes/2021-06-04-whatwg-fetch.md
diff --git a/javascript/change-notes/2021-06-06-serialize-javascript.md b/javascript/old-change-notes/2021-06-06-serialize-javascript.md
similarity index 100%
rename from javascript/change-notes/2021-06-06-serialize-javascript.md
rename to javascript/old-change-notes/2021-06-06-serialize-javascript.md
diff --git a/javascript/change-notes/2021-06-06-serve-handler.md b/javascript/old-change-notes/2021-06-06-serve-handler.md
similarity index 100%
rename from javascript/change-notes/2021-06-06-serve-handler.md
rename to javascript/old-change-notes/2021-06-06-serve-handler.md
diff --git a/javascript/change-notes/2021-06-07-joi.md b/javascript/old-change-notes/2021-06-07-joi.md
similarity index 100%
rename from javascript/change-notes/2021-06-07-joi.md
rename to javascript/old-change-notes/2021-06-07-joi.md
diff --git a/javascript/change-notes/2021-06-07-serverless.md b/javascript/old-change-notes/2021-06-07-serverless.md
similarity index 100%
rename from javascript/change-notes/2021-06-07-serverless.md
rename to javascript/old-change-notes/2021-06-07-serverless.md
diff --git a/javascript/change-notes/2021-06-09-graphql.md b/javascript/old-change-notes/2021-06-09-graphql.md
similarity index 100%
rename from javascript/change-notes/2021-06-09-graphql.md
rename to javascript/old-change-notes/2021-06-09-graphql.md
diff --git a/javascript/change-notes/2021-06-11-knex.md b/javascript/old-change-notes/2021-06-11-knex.md
similarity index 100%
rename from javascript/change-notes/2021-06-11-knex.md
rename to javascript/old-change-notes/2021-06-11-knex.md
diff --git a/javascript/change-notes/2021-06-14-script-with-tsx-lang.md b/javascript/old-change-notes/2021-06-14-script-with-tsx-lang.md
similarity index 100%
rename from javascript/change-notes/2021-06-14-script-with-tsx-lang.md
rename to javascript/old-change-notes/2021-06-14-script-with-tsx-lang.md
diff --git a/javascript/change-notes/2021-06-18-promises.md b/javascript/old-change-notes/2021-06-18-promises.md
similarity index 100%
rename from javascript/change-notes/2021-06-18-promises.md
rename to javascript/old-change-notes/2021-06-18-promises.md
diff --git a/javascript/change-notes/2021-06-21-dates.md b/javascript/old-change-notes/2021-06-21-dates.md
similarity index 100%
rename from javascript/change-notes/2021-06-21-dates.md
rename to javascript/old-change-notes/2021-06-21-dates.md
diff --git a/javascript/change-notes/2021-06-21-promisify.md b/javascript/old-change-notes/2021-06-21-promisify.md
similarity index 100%
rename from javascript/change-notes/2021-06-21-promisify.md
rename to javascript/old-change-notes/2021-06-21-promisify.md
diff --git a/javascript/change-notes/2021-06-21-sharpen-match-calls.md b/javascript/old-change-notes/2021-06-21-sharpen-match-calls.md
similarity index 100%
rename from javascript/change-notes/2021-06-21-sharpen-match-calls.md
rename to javascript/old-change-notes/2021-06-21-sharpen-match-calls.md
diff --git a/javascript/change-notes/2021-06-22-chokidar.md b/javascript/old-change-notes/2021-06-22-chokidar.md
similarity index 100%
rename from javascript/change-notes/2021-06-22-chokidar.md
rename to javascript/old-change-notes/2021-06-22-chokidar.md
diff --git a/javascript/change-notes/2021-06-22-colors.md b/javascript/old-change-notes/2021-06-22-colors.md
similarity index 100%
rename from javascript/change-notes/2021-06-22-colors.md
rename to javascript/old-change-notes/2021-06-22-colors.md
diff --git a/javascript/change-notes/2021-06-22-templates.md b/javascript/old-change-notes/2021-06-22-templates.md
similarity index 100%
rename from javascript/change-notes/2021-06-22-templates.md
rename to javascript/old-change-notes/2021-06-22-templates.md
diff --git a/javascript/change-notes/2021-06-24-json.md b/javascript/old-change-notes/2021-06-24-json.md
similarity index 100%
rename from javascript/change-notes/2021-06-24-json.md
rename to javascript/old-change-notes/2021-06-24-json.md
diff --git a/javascript/change-notes/2021-06-30-mootools.md b/javascript/old-change-notes/2021-06-30-mootools.md
similarity index 100%
rename from javascript/change-notes/2021-06-30-mootools.md
rename to javascript/old-change-notes/2021-06-30-mootools.md
diff --git a/javascript/change-notes/2021-06-30-recompose.md b/javascript/old-change-notes/2021-06-30-recompose.md
similarity index 100%
rename from javascript/change-notes/2021-06-30-recompose.md
rename to javascript/old-change-notes/2021-06-30-recompose.md
diff --git a/javascript/change-notes/2021-06-30-vuex.md b/javascript/old-change-notes/2021-06-30-vuex.md
similarity index 100%
rename from javascript/change-notes/2021-06-30-vuex.md
rename to javascript/old-change-notes/2021-06-30-vuex.md
diff --git a/javascript/change-notes/2021-07-12-case.md b/javascript/old-change-notes/2021-07-12-case.md
similarity index 100%
rename from javascript/change-notes/2021-07-12-case.md
rename to javascript/old-change-notes/2021-07-12-case.md
diff --git a/javascript/change-notes/2021-07-12-logs.md b/javascript/old-change-notes/2021-07-12-logs.md
similarity index 100%
rename from javascript/change-notes/2021-07-12-logs.md
rename to javascript/old-change-notes/2021-07-12-logs.md
diff --git a/javascript/change-notes/2021-07-12-more-precise-capture-steps.md b/javascript/old-change-notes/2021-07-12-more-precise-capture-steps.md
similarity index 100%
rename from javascript/change-notes/2021-07-12-more-precise-capture-steps.md
rename to javascript/old-change-notes/2021-07-12-more-precise-capture-steps.md
diff --git a/javascript/change-notes/2021-07-12-read-pkg.md b/javascript/old-change-notes/2021-07-12-read-pkg.md
similarity index 100%
rename from javascript/change-notes/2021-07-12-read-pkg.md
rename to javascript/old-change-notes/2021-07-12-read-pkg.md
diff --git a/javascript/change-notes/2021-07-12-slash.md b/javascript/old-change-notes/2021-07-12-slash.md
similarity index 100%
rename from javascript/change-notes/2021-07-12-slash.md
rename to javascript/old-change-notes/2021-07-12-slash.md
diff --git a/javascript/change-notes/2021-07-14-mkdirp.md b/javascript/old-change-notes/2021-07-14-mkdirp.md
similarity index 100%
rename from javascript/change-notes/2021-07-14-mkdirp.md
rename to javascript/old-change-notes/2021-07-14-mkdirp.md
diff --git a/javascript/change-notes/2021-07-14-querystring.md b/javascript/old-change-notes/2021-07-14-querystring.md
similarity index 100%
rename from javascript/change-notes/2021-07-14-querystring.md
rename to javascript/old-change-notes/2021-07-14-querystring.md
diff --git a/javascript/change-notes/2021-07-14-react-tooltip.md b/javascript/old-change-notes/2021-07-14-react-tooltip.md
similarity index 100%
rename from javascript/change-notes/2021-07-14-react-tooltip.md
rename to javascript/old-change-notes/2021-07-14-react-tooltip.md
diff --git a/javascript/change-notes/2021-07-15-ansi-to-html.md b/javascript/old-change-notes/2021-07-15-ansi-to-html.md
similarity index 100%
rename from javascript/change-notes/2021-07-15-ansi-to-html.md
rename to javascript/old-change-notes/2021-07-15-ansi-to-html.md
diff --git a/javascript/change-notes/2021-07-15-array-libs.md b/javascript/old-change-notes/2021-07-15-array-libs.md
similarity index 100%
rename from javascript/change-notes/2021-07-15-array-libs.md
rename to javascript/old-change-notes/2021-07-15-array-libs.md
diff --git a/javascript/change-notes/2021-07-15-sort-keys.md b/javascript/old-change-notes/2021-07-15-sort-keys.md
similarity index 100%
rename from javascript/change-notes/2021-07-15-sort-keys.md
rename to javascript/old-change-notes/2021-07-15-sort-keys.md
diff --git a/javascript/change-notes/2021-07-16-dom-element-methods.md b/javascript/old-change-notes/2021-07-16-dom-element-methods.md
similarity index 100%
rename from javascript/change-notes/2021-07-16-dom-element-methods.md
rename to javascript/old-change-notes/2021-07-16-dom-element-methods.md
diff --git a/javascript/change-notes/2021-08-02-handlebars-extraction.md b/javascript/old-change-notes/2021-08-02-handlebars-extraction.md
similarity index 100%
rename from javascript/change-notes/2021-08-02-handlebars-extraction.md
rename to javascript/old-change-notes/2021-08-02-handlebars-extraction.md
diff --git a/javascript/change-notes/2021-08-03-hardcoded-auth-headers.md b/javascript/old-change-notes/2021-08-03-hardcoded-auth-headers.md
similarity index 100%
rename from javascript/change-notes/2021-08-03-hardcoded-auth-headers.md
rename to javascript/old-change-notes/2021-08-03-hardcoded-auth-headers.md
diff --git a/javascript/change-notes/2021-08-05-tainted-url-suffix.md b/javascript/old-change-notes/2021-08-05-tainted-url-suffix.md
similarity index 100%
rename from javascript/change-notes/2021-08-05-tainted-url-suffix.md
rename to javascript/old-change-notes/2021-08-05-tainted-url-suffix.md
diff --git a/javascript/change-notes/2021-08-16-query-suffix-convention2.md b/javascript/old-change-notes/2021-08-16-query-suffix-convention2.md
similarity index 100%
rename from javascript/change-notes/2021-08-16-query-suffix-convention2.md
rename to javascript/old-change-notes/2021-08-16-query-suffix-convention2.md
diff --git a/javascript/change-notes/2021-08-17-incomplete-multi-char-sanitization.md b/javascript/old-change-notes/2021-08-17-incomplete-multi-char-sanitization.md
similarity index 100%
rename from javascript/change-notes/2021-08-17-incomplete-multi-char-sanitization.md
rename to javascript/old-change-notes/2021-08-17-incomplete-multi-char-sanitization.md
diff --git a/javascript/change-notes/2021-08-17-vue-component-renaming.md b/javascript/old-change-notes/2021-08-17-vue-component-renaming.md
similarity index 100%
rename from javascript/change-notes/2021-08-17-vue-component-renaming.md
rename to javascript/old-change-notes/2021-08-17-vue-component-renaming.md
diff --git a/javascript/change-notes/2021-08-23-getPrimaryQlClasses.md b/javascript/old-change-notes/2021-08-23-getPrimaryQlClasses.md
similarity index 100%
rename from javascript/change-notes/2021-08-23-getPrimaryQlClasses.md
rename to javascript/old-change-notes/2021-08-23-getPrimaryQlClasses.md
diff --git a/javascript/change-notes/2021-08-24-tainted-path-cwd.md b/javascript/old-change-notes/2021-08-24-tainted-path-cwd.md
similarity index 100%
rename from javascript/change-notes/2021-08-24-tainted-path-cwd.md
rename to javascript/old-change-notes/2021-08-24-tainted-path-cwd.md
diff --git a/javascript/change-notes/2021-08-26-bad-tag-filter.md b/javascript/old-change-notes/2021-08-26-bad-tag-filter.md
similarity index 100%
rename from javascript/change-notes/2021-08-26-bad-tag-filter.md
rename to javascript/old-change-notes/2021-08-26-bad-tag-filter.md
diff --git a/javascript/change-notes/2021-08-30-live-server.md b/javascript/old-change-notes/2021-08-30-live-server.md
similarity index 100%
rename from javascript/change-notes/2021-08-30-live-server.md
rename to javascript/old-change-notes/2021-08-30-live-server.md
diff --git a/javascript/change-notes/2021-09-01-clipboard-data.md b/javascript/old-change-notes/2021-09-01-clipboard-data.md
similarity index 100%
rename from javascript/change-notes/2021-09-01-clipboard-data.md
rename to javascript/old-change-notes/2021-09-01-clipboard-data.md
diff --git a/javascript/change-notes/2021-09-01-typescript-4.4.md b/javascript/old-change-notes/2021-09-01-typescript-4.4.md
similarity index 100%
rename from javascript/change-notes/2021-09-01-typescript-4.4.md
rename to javascript/old-change-notes/2021-09-01-typescript-4.4.md
diff --git a/javascript/change-notes/2021-09-07-static-initializer.md b/javascript/old-change-notes/2021-09-07-static-initializer.md
similarity index 100%
rename from javascript/change-notes/2021-09-07-static-initializer.md
rename to javascript/old-change-notes/2021-09-07-static-initializer.md
diff --git a/javascript/change-notes/2021-10-01-ldap.md b/javascript/old-change-notes/2021-10-01-ldap.md
similarity index 100%
rename from javascript/change-notes/2021-10-01-ldap.md
rename to javascript/old-change-notes/2021-10-01-ldap.md
diff --git a/javascript/change-notes/2021-10-26-cookie-queries.md b/javascript/old-change-notes/2021-10-26-cookie-queries.md
similarity index 100%
rename from javascript/change-notes/2021-10-26-cookie-queries.md
rename to javascript/old-change-notes/2021-10-26-cookie-queries.md
diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md
index 259776640e3..894fb54ef75 100644
--- a/javascript/ql/lib/CHANGELOG.md
+++ b/javascript/ql/lib/CHANGELOG.md
@@ -1 +1,7 @@
+## 0.0.6
+
+### New Features
+
+* TypeScript 4.5 is now supported.
+
 ## 0.0.5
diff --git a/javascript/change-notes/2021-11-23-typescript-4.5.md b/javascript/ql/lib/change-notes/released/0.0.6.md
similarity index 55%
rename from javascript/change-notes/2021-11-23-typescript-4.5.md
rename to javascript/ql/lib/change-notes/released/0.0.6.md
index 2f20913f6fe..d6b2cd58b65 100644
--- a/javascript/change-notes/2021-11-23-typescript-4.5.md
+++ b/javascript/ql/lib/change-notes/released/0.0.6.md
@@ -1,2 +1,5 @@
-lgtm,codescanning
+## 0.0.6
+
+### New Features
+
 * TypeScript 4.5 is now supported.
diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml
index bb45a1ab018..cf398ce02aa 100644
--- a/javascript/ql/lib/codeql-pack.release.yml
+++ b/javascript/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.5
+lastReleaseVersion: 0.0.6
diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml
index edececa2335..ad2e8f16464 100644
--- a/javascript/ql/lib/qlpack.yml
+++ b/javascript/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-all
-version: 0.0.5
+version: 0.0.7-dev
 groups: javascript
 dbscheme: semmlecode.javascript.dbscheme
 extractor: javascript
diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md
index ccd1b78a045..de6fd0ef3a0 100644
--- a/javascript/ql/src/CHANGELOG.md
+++ b/javascript/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.0.6
+
+### Major Analysis Improvements
+
+* TypeScript 4.5 is now supported.
+
 ## 0.0.5
 
 ### New Queries
diff --git a/javascript/ql/src/Security/CWE-116/BadTagFilter.ql b/javascript/ql/src/Security/CWE-116/BadTagFilter.ql
index 609690982bb..5eadd33ff40 100644
--- a/javascript/ql/src/Security/CWE-116/BadTagFilter.ql
+++ b/javascript/ql/src/Security/CWE-116/BadTagFilter.ql
@@ -10,6 +10,8 @@
  *       security
  *       external/cwe/cwe-116
  *       external/cwe/cwe-020
+ *       external/cwe/cwe-185
+ *       external/cwe/cwe-186
  */
 
 import semmle.javascript.security.BadTagFilterQuery
diff --git a/javascript/change-notes/2021-11-08-routing-trees.md b/javascript/ql/src/change-notes/2021-11-08-routing-trees.md
similarity index 89%
rename from javascript/change-notes/2021-11-08-routing-trees.md
rename to javascript/ql/src/change-notes/2021-11-08-routing-trees.md
index 5fa13a1bef6..e51ce23f70f 100644
--- a/javascript/change-notes/2021-11-08-routing-trees.md
+++ b/javascript/ql/src/change-notes/2021-11-08-routing-trees.md
@@ -1,3 +1,5 @@
-lgtm,codescanning
+---
+category: minorAnalysis
+---
 * Data flow is now tracked across middleware functions in more cases, leading to more security results in general. Affected packages are `express` and `fastify`.
 * `js/missing-token-validation` has been made more precise, yielding both fewer false positives and more true positives.
diff --git a/javascript/change-notes/2021-12-07-handlebars-more-raw-interpolation.md b/javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md
similarity index 84%
rename from javascript/change-notes/2021-12-07-handlebars-more-raw-interpolation.md
rename to javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md
index 7eb075550fa..e72b4adc2a6 100644
--- a/javascript/change-notes/2021-12-07-handlebars-more-raw-interpolation.md
+++ b/javascript/ql/src/change-notes/2021-12-07-handlebars-more-raw-interpolation.md
@@ -1,3 +1,5 @@
-lgtm,codescanning
+---
+category: minorAnalysis
+---
 * Support for handlebars templates has improved. Raw interpolation tags of the form `{{& ... }}` are now recognized,
   as well as whitespace-trimming tags like `{{~ ... }}`.
diff --git a/javascript/ql/src/change-notes/released/0.0.6.md b/javascript/ql/src/change-notes/released/0.0.6.md
new file mode 100644
index 00000000000..7121ef23816
--- /dev/null
+++ b/javascript/ql/src/change-notes/released/0.0.6.md
@@ -0,0 +1,5 @@
+## 0.0.6
+
+### Major Analysis Improvements
+
+* TypeScript 4.5 is now supported.
diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml
index bb45a1ab018..cf398ce02aa 100644
--- a/javascript/ql/src/codeql-pack.release.yml
+++ b/javascript/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.5
+lastReleaseVersion: 0.0.6
diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml
index 6fdbcf3432c..7d03e6f372d 100644
--- a/javascript/ql/src/qlpack.yml
+++ b/javascript/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-queries
-version: 0.0.5
+version: 0.0.7-dev
 groups: javascript
 suites: codeql-suites
 extractor: javascript
diff --git a/javascript/upgrades/CHANGELOG.md b/javascript/upgrades/CHANGELOG.md
index 259776640e3..21e20e1bd27 100644
--- a/javascript/upgrades/CHANGELOG.md
+++ b/javascript/upgrades/CHANGELOG.md
@@ -1 +1,3 @@
+## 0.0.6
+
 ## 0.0.5
diff --git a/javascript/upgrades/change-notes/released/0.0.6.md b/javascript/upgrades/change-notes/released/0.0.6.md
new file mode 100644
index 00000000000..7cad4d986e5
--- /dev/null
+++ b/javascript/upgrades/change-notes/released/0.0.6.md
@@ -0,0 +1 @@
+## 0.0.6
diff --git a/javascript/upgrades/codeql-pack.release.yml b/javascript/upgrades/codeql-pack.release.yml
index bb45a1ab018..cf398ce02aa 100644
--- a/javascript/upgrades/codeql-pack.release.yml
+++ b/javascript/upgrades/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.5
+lastReleaseVersion: 0.0.6
diff --git a/javascript/upgrades/qlpack.yml b/javascript/upgrades/qlpack.yml
index 35cc49e190a..970854465c7 100644
--- a/javascript/upgrades/qlpack.yml
+++ b/javascript/upgrades/qlpack.yml
@@ -2,4 +2,4 @@ name: codeql/javascript-upgrades
 groups: javascript
 upgrades: .
 library: true
-version: 0.0.5
+version: 0.0.7-dev
diff --git a/python/change-notes/2021-11-02-flask_admin.md b/python/change-notes/2021-11-02-flask_admin.md
deleted file mode 100644
index 528a422c45d..00000000000
--- a/python/change-notes/2021-11-02-flask_admin.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources.
diff --git a/python/change-notes/2021-11-02-toml.md b/python/change-notes/2021-11-02-toml.md
deleted file mode 100644
index 676f0c44157..00000000000
--- a/python/change-notes/2021-11-02-toml.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.
diff --git a/python/change-notes/2021-11-09-model-aiopg.md b/python/change-notes/2021-11-09-model-aiopg.md
deleted file mode 100644
index 7bf78a8de01..00000000000
--- a/python/change-notes/2021-11-09-model-aiopg.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Added modeling of `aiopg` for sinks executing SQL.
diff --git a/python/change-notes/2021-11-12-fix-pyhton-query-ids.md b/python/change-notes/2021-11-12-fix-pyhton-query-ids.md
deleted file mode 100644
index 584b6d13237..00000000000
--- a/python/change-notes/2021-11-12-fix-pyhton-query-ids.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`.
diff --git a/python/change-notes/2021-11-15-model-wsgiref-simple-server-app.md b/python/change-notes/2021-11-15-model-wsgiref-simple-server-app.md
deleted file mode 100644
index c8424097b8b..00000000000
--- a/python/change-notes/2021-11-15-model-wsgiref-simple-server-app.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
diff --git a/python/change-notes/2021-11-16-posixpath.md b/python/change-notes/2021-11-16-posixpath.md
deleted file mode 100644
index d9103dd6115..00000000000
--- a/python/change-notes/2021-11-16-posixpath.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
diff --git a/python/change-notes/2021-11-24-FastAPI-Custom-APIRouter-Subclass.md b/python/change-notes/2021-11-24-FastAPI-Custom-APIRouter-Subclass.md
deleted file mode 100644
index d08247cc08a..00000000000
--- a/python/change-notes/2021-11-24-FastAPI-Custom-APIRouter-Subclass.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Extended the modeling of FastAPI such that custom subclasses of `fastapi.APIRouter` are recognized.
diff --git a/python/change-notes/2021-11-24-FastAPI-FileResponse-FileSystemAccess copy.md b/python/change-notes/2021-11-24-FastAPI-FileResponse-FileSystemAccess copy.md
deleted file mode 100644
index a8b72fdf82e..00000000000
--- a/python/change-notes/2021-11-24-FastAPI-FileResponse-FileSystemAccess copy.md	
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Extended the modeling of FastAPI such that `fastapi.responses.FileResponse` are considered `FileSystemAccess`, making them sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
diff --git a/python/change-notes/2021-11-26-os-file-access.md b/python/change-notes/2021-11-26-os-file-access.md
deleted file mode 100644
index e9f95c34abe..00000000000
--- a/python/change-notes/2021-11-26-os-file-access.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Added modeling of many functions from the `os` module that uses file system paths, such as `os.stat`, `os.chdir`, `os.mkdir`, and so on. All of these are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
diff --git a/python/change-notes/2021-11-26-tempfile-file-access.md b/python/change-notes/2021-11-26-tempfile-file-access.md
deleted file mode 100644
index 4ef8bfaefe9..00000000000
--- a/python/change-notes/2021-11-26-tempfile-file-access.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* Added modeling of the `tempfile` module for creating temporary files and directories, such as the functions `tempfile.NamedTemporaryFile` and `tempfile.TemporaryDirectory`. The `suffix`, `prefix`, and `dir` arguments are all vulnerable to path-injection, and these are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
diff --git a/python/change-notes/2020-11-25-better-open-models.md b/python/old-change-notes/2020-11-25-better-open-models.md
similarity index 100%
rename from python/change-notes/2020-11-25-better-open-models.md
rename to python/old-change-notes/2020-11-25-better-open-models.md
diff --git a/python/change-notes/2020-12-03-model-realpath-abspath.md b/python/old-change-notes/2020-12-03-model-realpath-abspath.md
similarity index 100%
rename from python/change-notes/2020-12-03-model-realpath-abspath.md
rename to python/old-change-notes/2020-12-03-model-realpath-abspath.md
diff --git a/python/change-notes/2020-12-04-django-class-based-view-handlers.md b/python/old-change-notes/2020-12-04-django-class-based-view-handlers.md
similarity index 100%
rename from python/change-notes/2020-12-04-django-class-based-view-handlers.md
rename to python/old-change-notes/2020-12-04-django-class-based-view-handlers.md
diff --git a/python/change-notes/2020-12-08-stdlib-http-source-modeling.md b/python/old-change-notes/2020-12-08-stdlib-http-source-modeling.md
similarity index 100%
rename from python/change-notes/2020-12-08-stdlib-http-source-modeling.md
rename to python/old-change-notes/2020-12-08-stdlib-http-source-modeling.md
diff --git a/python/change-notes/2020-12-09-add-sqlite3-model.md b/python/old-change-notes/2020-12-09-add-sqlite3-model.md
similarity index 100%
rename from python/change-notes/2020-12-09-add-sqlite3-model.md
rename to python/old-change-notes/2020-12-09-add-sqlite3-model.md
diff --git a/python/change-notes/2020-12-14-add-PyMySQL-model.md b/python/old-change-notes/2020-12-14-add-PyMySQL-model.md
similarity index 100%
rename from python/change-notes/2020-12-14-add-PyMySQL-model.md
rename to python/old-change-notes/2020-12-14-add-PyMySQL-model.md
diff --git a/python/change-notes/2020-12-21-django-with-unknown-route.md b/python/old-change-notes/2020-12-21-django-with-unknown-route.md
similarity index 100%
rename from python/change-notes/2020-12-21-django-with-unknown-route.md
rename to python/old-change-notes/2020-12-21-django-with-unknown-route.md
diff --git a/python/change-notes/2020-12-22-tornado-source-modeling.md b/python/old-change-notes/2020-12-22-tornado-source-modeling.md
similarity index 100%
rename from python/change-notes/2020-12-22-tornado-source-modeling.md
rename to python/old-change-notes/2020-12-22-tornado-source-modeling.md
diff --git a/python/change-notes/2021-01-12-flask-class-based-view-handlers.md b/python/old-change-notes/2021-01-12-flask-class-based-view-handlers.md
similarity index 100%
rename from python/change-notes/2021-01-12-flask-class-based-view-handlers.md
rename to python/old-change-notes/2021-01-12-flask-class-based-view-handlers.md
diff --git a/python/change-notes/2021-01-19-port-url-redirect-query.md b/python/old-change-notes/2021-01-19-port-url-redirect-query.md
similarity index 100%
rename from python/change-notes/2021-01-19-port-url-redirect-query.md
rename to python/old-change-notes/2021-01-19-port-url-redirect-query.md
diff --git a/python/change-notes/2021-02-02-port-weak-crypto-key-query.md b/python/old-change-notes/2021-02-02-port-weak-crypto-key-query.md
similarity index 100%
rename from python/change-notes/2021-02-02-port-weak-crypto-key-query.md
rename to python/old-change-notes/2021-02-02-port-weak-crypto-key-query.md
diff --git a/python/change-notes/2021-02-03-flask-add-blueprint-modeling.md b/python/old-change-notes/2021-02-03-flask-add-blueprint-modeling.md
similarity index 100%
rename from python/change-notes/2021-02-03-flask-add-blueprint-modeling.md
rename to python/old-change-notes/2021-02-03-flask-add-blueprint-modeling.md
diff --git a/python/change-notes/2021-02-04-api-graphs.md b/python/old-change-notes/2021-02-04-api-graphs.md
similarity index 100%
rename from python/change-notes/2021-02-04-api-graphs.md
rename to python/old-change-notes/2021-02-04-api-graphs.md
diff --git a/python/change-notes/2021-02-10-django-improvements.md b/python/old-change-notes/2021-02-10-django-improvements.md
similarity index 100%
rename from python/change-notes/2021-02-10-django-improvements.md
rename to python/old-change-notes/2021-02-10-django-improvements.md
diff --git a/python/change-notes/2021-02-10-yaml-more-loading-functions.md b/python/old-change-notes/2021-02-10-yaml-more-loading-functions.md
similarity index 100%
rename from python/change-notes/2021-02-10-yaml-more-loading-functions.md
rename to python/old-change-notes/2021-02-10-yaml-more-loading-functions.md
diff --git a/python/change-notes/2021-02-12-django-get_redirect_url.md b/python/old-change-notes/2021-02-12-django-get_redirect_url.md
similarity index 100%
rename from python/change-notes/2021-02-12-django-get_redirect_url.md
rename to python/old-change-notes/2021-02-12-django-get_redirect_url.md
diff --git a/python/change-notes/2021-02-18-type-backtrackers.md b/python/old-change-notes/2021-02-18-type-backtrackers.md
similarity index 100%
rename from python/change-notes/2021-02-18-type-backtrackers.md
rename to python/old-change-notes/2021-02-18-type-backtrackers.md
diff --git a/python/change-notes/2021-02-23-port-bind-to-all-interfaces.md b/python/old-change-notes/2021-02-23-port-bind-to-all-interfaces.md
similarity index 100%
rename from python/change-notes/2021-02-23-port-bind-to-all-interfaces.md
rename to python/old-change-notes/2021-02-23-port-bind-to-all-interfaces.md
diff --git a/python/change-notes/2021-02-23-port-insecure-default-protocol.md b/python/old-change-notes/2021-02-23-port-insecure-default-protocol.md
similarity index 100%
rename from python/change-notes/2021-02-23-port-insecure-default-protocol.md
rename to python/old-change-notes/2021-02-23-port-insecure-default-protocol.md
diff --git a/python/change-notes/2021-02-24-port-flask-debug.md b/python/old-change-notes/2021-02-24-port-flask-debug.md
similarity index 100%
rename from python/change-notes/2021-02-24-port-flask-debug.md
rename to python/old-change-notes/2021-02-24-port-flask-debug.md
diff --git a/python/change-notes/2021-02-25-port-stactrace-exposure-query.md b/python/old-change-notes/2021-02-25-port-stactrace-exposure-query.md
similarity index 100%
rename from python/change-notes/2021-02-25-port-stactrace-exposure-query.md
rename to python/old-change-notes/2021-02-25-port-stactrace-exposure-query.md
diff --git a/python/change-notes/2021-03-01-fluent-interface-data-flow.md b/python/old-change-notes/2021-03-01-fluent-interface-data-flow.md
similarity index 100%
rename from python/change-notes/2021-03-01-fluent-interface-data-flow.md
rename to python/old-change-notes/2021-03-01-fluent-interface-data-flow.md
diff --git a/python/change-notes/2021-03-11-api-graph-builtins.md b/python/old-change-notes/2021-03-11-api-graph-builtins.md
similarity index 100%
rename from python/change-notes/2021-03-11-api-graph-builtins.md
rename to python/old-change-notes/2021-03-11-api-graph-builtins.md
diff --git a/python/change-notes/2021-03-12-small-api-enhancements.md b/python/old-change-notes/2021-03-12-small-api-enhancements.md
similarity index 100%
rename from python/change-notes/2021-03-12-small-api-enhancements.md
rename to python/old-change-notes/2021-03-12-small-api-enhancements.md
diff --git a/python/change-notes/2021-03-15-port-insecure-protocol.md b/python/old-change-notes/2021-03-15-port-insecure-protocol.md
similarity index 100%
rename from python/change-notes/2021-03-15-port-insecure-protocol.md
rename to python/old-change-notes/2021-03-15-port-insecure-protocol.md
diff --git a/python/change-notes/2021-03-18-yaml-handle-C-based-loaders.md b/python/old-change-notes/2021-03-18-yaml-handle-C-based-loaders.md
similarity index 100%
rename from python/change-notes/2021-03-18-yaml-handle-C-based-loaders.md
rename to python/old-change-notes/2021-03-18-yaml-handle-C-based-loaders.md
diff --git a/python/change-notes/2021-03-22-django-queryset-chains.md b/python/old-change-notes/2021-03-22-django-queryset-chains.md
similarity index 100%
rename from python/change-notes/2021-03-22-django-queryset-chains.md
rename to python/old-change-notes/2021-03-22-django-queryset-chains.md
diff --git a/python/change-notes/2021-03-22-getacall-callcfgnode.md b/python/old-change-notes/2021-03-22-getacall-callcfgnode.md
similarity index 100%
rename from python/change-notes/2021-03-22-getacall-callcfgnode.md
rename to python/old-change-notes/2021-03-22-getacall-callcfgnode.md
diff --git a/python/change-notes/2021-03-23-django-forms-fields-classes.md b/python/old-change-notes/2021-03-23-django-forms-fields-classes.md
similarity index 100%
rename from python/change-notes/2021-03-23-django-forms-fields-classes.md
rename to python/old-change-notes/2021-03-23-django-forms-fields-classes.md
diff --git a/python/change-notes/2021-03-25-remove-legacy.md b/python/old-change-notes/2021-03-25-remove-legacy.md
similarity index 100%
rename from python/change-notes/2021-03-25-remove-legacy.md
rename to python/old-change-notes/2021-03-25-remove-legacy.md
diff --git a/python/change-notes/2021-04-09-split-weak-crypto-query.md b/python/old-change-notes/2021-04-09-split-weak-crypto-query.md
similarity index 100%
rename from python/change-notes/2021-04-09-split-weak-crypto-query.md
rename to python/old-change-notes/2021-04-09-split-weak-crypto-query.md
diff --git a/python/change-notes/2021-04-13-pep249-api-graphs.md b/python/old-change-notes/2021-04-13-pep249-api-graphs.md
similarity index 100%
rename from python/change-notes/2021-04-13-pep249-api-graphs.md
rename to python/old-change-notes/2021-04-13-pep249-api-graphs.md
diff --git a/python/change-notes/2021-04-13-werkzeug-api-graphs.md b/python/old-change-notes/2021-04-13-werkzeug-api-graphs.md
similarity index 100%
rename from python/change-notes/2021-04-13-werkzeug-api-graphs.md
rename to python/old-change-notes/2021-04-13-werkzeug-api-graphs.md
diff --git a/python/change-notes/2021-04-15-pathlib-Paths.md b/python/old-change-notes/2021-04-15-pathlib-Paths.md
similarity index 100%
rename from python/change-notes/2021-04-15-pathlib-Paths.md
rename to python/old-change-notes/2021-04-15-pathlib-Paths.md
diff --git a/python/change-notes/2021-04-20-stepsummary-localsourcenode.md b/python/old-change-notes/2021-04-20-stepsummary-localsourcenode.md
similarity index 100%
rename from python/change-notes/2021-04-20-stepsummary-localsourcenode.md
rename to python/old-change-notes/2021-04-20-stepsummary-localsourcenode.md
diff --git a/python/change-notes/2021-04-21-django-v3.2.md b/python/old-change-notes/2021-04-21-django-v3.2.md
similarity index 100%
rename from python/change-notes/2021-04-21-django-v3.2.md
rename to python/old-change-notes/2021-04-21-django-v3.2.md
diff --git a/python/change-notes/2021-05-10-idna-add-modeling.md b/python/old-change-notes/2021-05-10-idna-add-modeling.md
similarity index 100%
rename from python/change-notes/2021-05-10-idna-add-modeling.md
rename to python/old-change-notes/2021-05-10-idna-add-modeling.md
diff --git a/python/change-notes/2021-05-10-simplejson-add-modeling.md b/python/old-change-notes/2021-05-10-simplejson-add-modeling.md
similarity index 100%
rename from python/change-notes/2021-05-10-simplejson-add-modeling.md
rename to python/old-change-notes/2021-05-10-simplejson-add-modeling.md
diff --git a/python/change-notes/2021-05-10-ujson-add-modeling.md b/python/old-change-notes/2021-05-10-ujson-add-modeling.md
similarity index 100%
rename from python/change-notes/2021-05-10-ujson-add-modeling.md
rename to python/old-change-notes/2021-05-10-ujson-add-modeling.md
diff --git a/python/change-notes/2021-05-21-api-graph-await.md b/python/old-change-notes/2021-05-21-api-graph-await.md
similarity index 100%
rename from python/change-notes/2021-05-21-api-graph-await.md
rename to python/old-change-notes/2021-05-21-api-graph-await.md
diff --git a/python/change-notes/2021-05-25-add-ClickHouse-sql-libs.md b/python/old-change-notes/2021-05-25-add-ClickHouse-sql-libs.md
similarity index 100%
rename from python/change-notes/2021-05-25-add-ClickHouse-sql-libs.md
rename to python/old-change-notes/2021-05-25-add-ClickHouse-sql-libs.md
diff --git a/python/change-notes/2021-06-03-aiohttp-webserver-modeling.md b/python/old-change-notes/2021-06-03-aiohttp-webserver-modeling.md
similarity index 100%
rename from python/change-notes/2021-06-03-aiohttp-webserver-modeling.md
rename to python/old-change-notes/2021-06-03-aiohttp-webserver-modeling.md
diff --git a/python/change-notes/2021-06-04-sensitive-data-modeling-expanded.md b/python/old-change-notes/2021-06-04-sensitive-data-modeling-expanded.md
similarity index 100%
rename from python/change-notes/2021-06-04-sensitive-data-modeling-expanded.md
rename to python/old-change-notes/2021-06-04-sensitive-data-modeling-expanded.md
diff --git a/python/change-notes/2021-06-08-twisted-add-modeling.md b/python/old-change-notes/2021-06-08-twisted-add-modeling.md
similarity index 100%
rename from python/change-notes/2021-06-08-twisted-add-modeling.md
rename to python/old-change-notes/2021-06-08-twisted-add-modeling.md
diff --git a/python/change-notes/2021-06-09-add-jmespath-modeling.md b/python/old-change-notes/2021-06-09-add-jmespath-modeling.md
similarity index 100%
rename from python/change-notes/2021-06-09-add-jmespath-modeling.md
rename to python/old-change-notes/2021-06-09-add-jmespath-modeling.md
diff --git a/python/change-notes/2021-06-09-rsa-add-modeling.md b/python/old-change-notes/2021-06-09-rsa-add-modeling.md
similarity index 100%
rename from python/change-notes/2021-06-09-rsa-add-modeling.md
rename to python/old-change-notes/2021-06-09-rsa-add-modeling.md
diff --git a/python/change-notes/2021-06-15-add-method-call-conveniences.md b/python/old-change-notes/2021-06-15-add-method-call-conveniences.md
similarity index 100%
rename from python/change-notes/2021-06-15-add-method-call-conveniences.md
rename to python/old-change-notes/2021-06-15-add-method-call-conveniences.md
diff --git a/python/change-notes/2021-06-16-MarkupSafe-add-modeling.md b/python/old-change-notes/2021-06-16-MarkupSafe-add-modeling.md
similarity index 100%
rename from python/change-notes/2021-06-16-MarkupSafe-add-modeling.md
rename to python/old-change-notes/2021-06-16-MarkupSafe-add-modeling.md
diff --git a/python/change-notes/2021-06-24-add-CookieWrite-concept.md b/python/old-change-notes/2021-06-24-add-CookieWrite-concept.md
similarity index 100%
rename from python/change-notes/2021-06-24-add-CookieWrite-concept.md
rename to python/old-change-notes/2021-06-24-add-CookieWrite-concept.md
diff --git a/python/change-notes/2021-06-24-dataflow-implicit-reads.md b/python/old-change-notes/2021-06-24-dataflow-implicit-reads.md
similarity index 100%
rename from python/change-notes/2021-06-24-dataflow-implicit-reads.md
rename to python/old-change-notes/2021-06-24-dataflow-implicit-reads.md
diff --git a/python/change-notes/2021-06-25-add-peewee-modeling.md b/python/old-change-notes/2021-06-25-add-peewee-modeling.md
similarity index 100%
rename from python/change-notes/2021-06-25-add-peewee-modeling.md
rename to python/old-change-notes/2021-06-25-add-peewee-modeling.md
diff --git a/python/change-notes/2021-07-12-add-typetrackingnode.md b/python/old-change-notes/2021-07-12-add-typetrackingnode.md
similarity index 100%
rename from python/change-notes/2021-07-12-add-typetrackingnode.md
rename to python/old-change-notes/2021-07-12-add-typetrackingnode.md
diff --git a/python/change-notes/2021-07-13-path-problem-customization.md b/python/old-change-notes/2021-07-13-path-problem-customization.md
similarity index 100%
rename from python/change-notes/2021-07-13-path-problem-customization.md
rename to python/old-change-notes/2021-07-13-path-problem-customization.md
diff --git a/python/change-notes/2021-07-16-deprecate-importnode.md b/python/old-change-notes/2021-07-16-deprecate-importnode.md
similarity index 100%
rename from python/change-notes/2021-07-16-deprecate-importnode.md
rename to python/old-change-notes/2021-07-16-deprecate-importnode.md
diff --git a/python/change-notes/2021-07-28-port-RoDoS-queries.md b/python/old-change-notes/2021-07-28-port-RoDoS-queries.md
similarity index 100%
rename from python/change-notes/2021-07-28-port-RoDoS-queries.md
rename to python/old-change-notes/2021-07-28-port-RoDoS-queries.md
diff --git a/python/change-notes/2021-08-26-bad-tag-filter.md b/python/old-change-notes/2021-08-26-bad-tag-filter.md
similarity index 100%
rename from python/change-notes/2021-08-26-bad-tag-filter.md
rename to python/old-change-notes/2021-08-26-bad-tag-filter.md
diff --git a/python/change-notes/2021-08-30-port-modifying-default-query.md b/python/old-change-notes/2021-08-30-port-modifying-default-query.md
similarity index 100%
rename from python/change-notes/2021-08-30-port-modifying-default-query.md
rename to python/old-change-notes/2021-08-30-port-modifying-default-query.md
diff --git a/python/change-notes/2021-09-02-add-Flask-SQLAlchemy-modeling.md b/python/old-change-notes/2021-09-02-add-Flask-SQLAlchemy-modeling.md
similarity index 100%
rename from python/change-notes/2021-09-02-add-Flask-SQLAlchemy-modeling.md
rename to python/old-change-notes/2021-09-02-add-Flask-SQLAlchemy-modeling.md
diff --git a/python/change-notes/2021-09-02-add-SQLAlchemy-modeling.md b/python/old-change-notes/2021-09-02-add-SQLAlchemy-modeling.md
similarity index 100%
rename from python/change-notes/2021-09-02-add-SQLAlchemy-modeling.md
rename to python/old-change-notes/2021-09-02-add-SQLAlchemy-modeling.md
diff --git a/python/change-notes/2021-09-02-add-SQLAlchemyTextClauseInjection.md b/python/old-change-notes/2021-09-02-add-SQLAlchemyTextClauseInjection.md
similarity index 100%
rename from python/change-notes/2021-09-02-add-SQLAlchemyTextClauseInjection.md
rename to python/old-change-notes/2021-09-02-add-SQLAlchemyTextClauseInjection.md
diff --git a/python/change-notes/2021-09-08-add-flow-from-default-values.md b/python/old-change-notes/2021-09-08-add-flow-from-default-values.md
similarity index 100%
rename from python/change-notes/2021-09-08-add-flow-from-default-values.md
rename to python/old-change-notes/2021-09-08-add-flow-from-default-values.md
diff --git a/python/change-notes/2021-09-14-promote-regex-injection.md b/python/old-change-notes/2021-09-14-promote-regex-injection.md
similarity index 100%
rename from python/change-notes/2021-09-14-promote-regex-injection.md
rename to python/old-change-notes/2021-09-14-promote-regex-injection.md
diff --git a/python/change-notes/2021-09-29-model-asyncpg.md b/python/old-change-notes/2021-09-29-model-asyncpg.md
similarity index 100%
rename from python/change-notes/2021-09-29-model-asyncpg.md
rename to python/old-change-notes/2021-09-29-model-asyncpg.md
diff --git a/python/change-notes/2021-10-08-add-dataflow-for-boolean-expressions.md b/python/old-change-notes/2021-10-08-add-dataflow-for-boolean-expressions.md
similarity index 100%
rename from python/change-notes/2021-10-08-add-dataflow-for-boolean-expressions.md
rename to python/old-change-notes/2021-10-08-add-dataflow-for-boolean-expressions.md
diff --git a/python/change-notes/2021-10-08-improve-pickle-dill-shelve-modeling.md b/python/old-change-notes/2021-10-08-improve-pickle-dill-shelve-modeling.md
similarity index 100%
rename from python/change-notes/2021-10-08-improve-pickle-dill-shelve-modeling.md
rename to python/old-change-notes/2021-10-08-improve-pickle-dill-shelve-modeling.md
diff --git a/python/change-notes/2021-10-11-model-aiomysql.md b/python/old-change-notes/2021-10-11-model-aiomysql.md
similarity index 100%
rename from python/change-notes/2021-10-11-model-aiomysql.md
rename to python/old-change-notes/2021-10-11-model-aiomysql.md
diff --git a/python/change-notes/2021-10-20-extraction-errors-as-warnings.md b/python/old-change-notes/2021-10-20-extraction-errors-as-warnings.md
similarity index 100%
rename from python/change-notes/2021-10-20-extraction-errors-as-warnings.md
rename to python/old-change-notes/2021-10-20-extraction-errors-as-warnings.md
diff --git a/python/change-notes/2021-10-25-add-FastAPI-modeling.md b/python/old-change-notes/2021-10-25-add-FastAPI-modeling.md
similarity index 100%
rename from python/change-notes/2021-10-25-add-FastAPI-modeling.md
rename to python/old-change-notes/2021-10-25-add-FastAPI-modeling.md
diff --git a/python/change-notes/2021-10-26-ruamel.yaml-modeling.md b/python/old-change-notes/2021-10-26-ruamel.yaml-modeling.md
similarity index 100%
rename from python/change-notes/2021-10-26-ruamel.yaml-modeling.md
rename to python/old-change-notes/2021-10-26-ruamel.yaml-modeling.md
diff --git a/python/change-notes/2021-10-28-flask-send_file.md b/python/old-change-notes/2021-10-28-flask-send_file.md
similarity index 100%
rename from python/change-notes/2021-10-28-flask-send_file.md
rename to python/old-change-notes/2021-10-28-flask-send_file.md
diff --git a/python/change-notes/2021-10-28-promote-ReDoS-queries.md b/python/old-change-notes/2021-10-28-promote-ReDoS-queries.md
similarity index 100%
rename from python/change-notes/2021-10-28-promote-ReDoS-queries.md
rename to python/old-change-notes/2021-10-28-promote-ReDoS-queries.md
diff --git a/python/change-notes/2021-10-29-django-REST-framework-modeling.md b/python/old-change-notes/2021-10-29-django-REST-framework-modeling.md
similarity index 100%
rename from python/change-notes/2021-10-29-django-REST-framework-modeling.md
rename to python/old-change-notes/2021-10-29-django-REST-framework-modeling.md
diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md
index a555fec2cae..fe8deb57f81 100644
--- a/python/ql/lib/CHANGELOG.md
+++ b/python/ql/lib/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 0.0.5
+
+### Minor Analysis Improvements
+
+* Added modeling of many functions from the `os` module that uses file system paths, such as `os.stat`, `os.chdir`, `os.mkdir`, and so on.
+* Added modeling of the `tempfile` module for creating temporary files and directories, such as the functions `tempfile.NamedTemporaryFile` and `tempfile.TemporaryDirectory`.
+* Extended the modeling of FastAPI such that custom subclasses of `fastapi.APIRouter` are recognized.
+* Extended the modeling of FastAPI such that `fastapi.responses.FileResponse` are considered `FileSystemAccess`.
+* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks.
+* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
+
 ## 0.0.4
 
 ### Major Analysis Improvements
diff --git a/python/ql/lib/change-notes/released/0.0.5.md b/python/ql/lib/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..e68a6991246
--- /dev/null
+++ b/python/ql/lib/change-notes/released/0.0.5.md
@@ -0,0 +1,10 @@
+## 0.0.5
+
+### Minor Analysis Improvements
+
+* Added modeling of many functions from the `os` module that uses file system paths, such as `os.stat`, `os.chdir`, `os.mkdir`, and so on.
+* Added modeling of the `tempfile` module for creating temporary files and directories, such as the functions `tempfile.NamedTemporaryFile` and `tempfile.TemporaryDirectory`.
+* Extended the modeling of FastAPI such that custom subclasses of `fastapi.APIRouter` are recognized.
+* Extended the modeling of FastAPI such that `fastapi.responses.FileResponse` are considered `FileSystemAccess`.
+* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks.
+* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/python/ql/lib/codeql-pack.release.yml
+++ b/python/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml
index b55f847bcb6..a95190890fa 100644
--- a/python/ql/lib/qlpack.yml
+++ b/python/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-all
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: python
 dbscheme: semmlecode.python.dbscheme
 extractor: python
diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md
index 21fcb7c1ee4..35f7b59a781 100644
--- a/python/ql/src/CHANGELOG.md
+++ b/python/ql/src/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 0.0.5
+
+### Minor Analysis Improvements
+
+* Added modeling of many functions from the `os` module that uses file system paths, such as `os.stat`, `os.chdir`, `os.mkdir`, and so on. All of these are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Added modeling of the `tempfile` module for creating temporary files and directories, such as the functions `tempfile.NamedTemporaryFile` and `tempfile.TemporaryDirectory`. The `suffix`, `prefix`, and `dir` arguments are all vulnerable to path-injection, and these are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Extended the modeling of FastAPI such that `fastapi.responses.FileResponse` are considered `FileSystemAccess`, making them sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
+
 ## 0.0.4
 
 ### Query Metadata Changes
diff --git a/python/ql/src/Security/CWE-116/BadTagFilter.ql b/python/ql/src/Security/CWE-116/BadTagFilter.ql
index 56990590b22..44305bff876 100644
--- a/python/ql/src/Security/CWE-116/BadTagFilter.ql
+++ b/python/ql/src/Security/CWE-116/BadTagFilter.ql
@@ -10,6 +10,8 @@
  *       security
  *       external/cwe/cwe-116
  *       external/cwe/cwe-020
+ *       external/cwe/cwe-185
+ *       external/cwe/cwe-186
  */
 
 import semmle.python.security.BadTagFilterQuery
diff --git a/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md b/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md
new file mode 100644
index 00000000000..1b50aa9ace8
--- /dev/null
+++ b/python/ql/src/change-notes/2021-12-17-add-SSRF-analysis.md
@@ -0,0 +1,4 @@
+---
+catgegory: minorAnalysis
+---
+* To support the new SSRF queries, the PyPI package `requests` has been modeled, along with `http.client.HTTP[S]Connection` from the standard library.
diff --git a/python/change-notes/2021-12-17-add-SSRF-queries.md b/python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md
similarity index 67%
rename from python/change-notes/2021-12-17-add-SSRF-queries.md
rename to python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md
index d2a5e3b5312..aec0df66aa0 100644
--- a/python/change-notes/2021-12-17-add-SSRF-queries.md
+++ b/python/ql/src/change-notes/2021-12-17-add-SSRF-queries.md
@@ -1,3 +1,4 @@
-lgtm,codescanning
+---
+category: newQuery
+---
 * Two new queries have been added for detecting Server-side request forgery (SSRF). _Full server-side request forgery_ (`py/full-ssrf`) will only alert when the URL is fully user-controlled, and _Partial server-side request forgery_ (`py/partial-ssrf`) will alert when any part of the URL is user-controlled. Only `py/full-ssrf` will be run by default.
-* To support the new SSRF queries, the PyPI package `requests` have been modeled, along with `http.client.HTTP[S]Connection` from the standard library.
diff --git a/python/ql/src/change-notes/released/0.0.5.md b/python/ql/src/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..0da6129f52e
--- /dev/null
+++ b/python/ql/src/change-notes/released/0.0.5.md
@@ -0,0 +1,9 @@
+## 0.0.5
+
+### Minor Analysis Improvements
+
+* Added modeling of many functions from the `os` module that uses file system paths, such as `os.stat`, `os.chdir`, `os.mkdir`, and so on. All of these are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Added modeling of the `tempfile` module for creating temporary files and directories, such as the functions `tempfile.NamedTemporaryFile` and `tempfile.TemporaryDirectory`. The `suffix`, `prefix`, and `dir` arguments are all vulnerable to path-injection, and these are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Extended the modeling of FastAPI such that `fastapi.responses.FileResponse` are considered `FileSystemAccess`, making them sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
+* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/python/ql/src/codeql-pack.release.yml
+++ b/python/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml
index d7dad13d0cc..cd47a35e967 100644
--- a/python/ql/src/qlpack.yml
+++ b/python/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/python-queries
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: python
 dependencies:
     codeql/python-all: "*"
diff --git a/python/upgrades/CHANGELOG.md b/python/upgrades/CHANGELOG.md
index 3268fefb272..05dbc9d5f4e 100644
--- a/python/upgrades/CHANGELOG.md
+++ b/python/upgrades/CHANGELOG.md
@@ -1 +1,3 @@
+## 0.0.5
+
 ## 0.0.4
diff --git a/python/upgrades/change-notes/released/0.0.5.md b/python/upgrades/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/python/upgrades/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/python/upgrades/codeql-pack.release.yml b/python/upgrades/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/python/upgrades/codeql-pack.release.yml
+++ b/python/upgrades/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/python/upgrades/qlpack.yml b/python/upgrades/qlpack.yml
index 9053f986dcf..c2cb763786e 100644
--- a/python/upgrades/qlpack.yml
+++ b/python/upgrades/qlpack.yml
@@ -2,4 +2,4 @@ name: codeql/python-upgrades
 groups: python
 upgrades: .
 library: true
-version: 0.0.5-dev
+version: 0.0.6-dev
diff --git a/ql/Cargo.lock b/ql/Cargo.lock
index 1a49563fcb8..bfb99e71cbe 100644
Binary files a/ql/Cargo.lock and b/ql/Cargo.lock differ
diff --git a/ql/extractor/Cargo.toml b/ql/extractor/Cargo.toml
index cafaef144a5..c1bf39941f4 100644
--- a/ql/extractor/Cargo.toml
+++ b/ql/extractor/Cargo.toml
@@ -10,7 +10,7 @@ edition = "2018"
 flate2 = "1.0"
 node-types = { path = "../node-types" }
 tree-sitter = "0.19"
-tree-sitter-ql = { git = "https://github.com/tausbn/tree-sitter-ql.git", rev = "36bdc0eae196f9833182ce3f8932be63534121b3" }
+tree-sitter-ql = { git = "https://github.com/tausbn/tree-sitter-ql.git", rev = "725395405e65814f10095a451404b0ced5dc6289" }
 clap = "2.33"
 tracing = "0.1"
 tracing-subscriber = { version = "0.3.3", features = ["env-filter"] }
diff --git a/ql/generator/Cargo.toml b/ql/generator/Cargo.toml
index 4ff796cb218..49dfff1352b 100644
--- a/ql/generator/Cargo.toml
+++ b/ql/generator/Cargo.toml
@@ -11,4 +11,4 @@ clap = "2.33"
 node-types = { path = "../node-types" }
 tracing = "0.1"
 tracing-subscriber = { version = "0.3.3", features = ["env-filter"] }
-tree-sitter-ql = { git = "https://github.com/tausbn/tree-sitter-ql.git", rev = "36bdc0eae196f9833182ce3f8932be63534121b3" }
+tree-sitter-ql = { git = "https://github.com/tausbn/tree-sitter-ql.git", rev = "725395405e65814f10095a451404b0ced5dc6289" }
diff --git a/ruby/change-notes/2021-11-04-csrf-protection-disabled.md b/ruby/change-notes/2021-11-04-csrf-protection-disabled.md
deleted file mode 100644
index 1a6d246494d..00000000000
--- a/ruby/change-notes/2021-11-04-csrf-protection-disabled.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled.
diff --git a/ruby/change-notes/2021-11-08-hardcoded-credentials-downgrade.md b/ruby/change-notes/2021-11-08-hardcoded-credentials-downgrade.md
deleted file mode 100644
index 47b1dfe6157..00000000000
--- a/ruby/change-notes/2021-11-08-hardcoded-credentials-downgrade.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM.
diff --git a/ruby/change-notes/2021-11-09-request-forgery.md b/ruby/change-notes/2021-11-09-request-forgery.md
deleted file mode 100644
index 60082b76958..00000000000
--- a/ruby/change-notes/2021-11-09-request-forgery.md
+++ /dev/null
@@ -1,2 +0,0 @@
-lgtm,codescanning
-* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.
diff --git a/ruby/change-notes/2021-10-14-codeql-ruby-beta.md b/ruby/old-change-notes/2021-10-14-codeql-ruby-beta.md
similarity index 100%
rename from ruby/change-notes/2021-10-14-codeql-ruby-beta.md
rename to ruby/old-change-notes/2021-10-14-codeql-ruby-beta.md
diff --git a/ruby/change-notes/2021-10-20-path-injection.md b/ruby/old-change-notes/2021-10-20-path-injection.md
similarity index 100%
rename from ruby/change-notes/2021-10-20-path-injection.md
rename to ruby/old-change-notes/2021-10-20-path-injection.md
diff --git a/ruby/change-notes/2021-10-29-regexp-injection.md b/ruby/old-change-notes/2021-10-29-regexp-injection.md
similarity index 100%
rename from ruby/change-notes/2021-10-29-regexp-injection.md
rename to ruby/old-change-notes/2021-10-29-regexp-injection.md
diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md
index 3268fefb272..1c670691d2b 100644
--- a/ruby/ql/lib/CHANGELOG.md
+++ b/ruby/ql/lib/CHANGELOG.md
@@ -1 +1,7 @@
+## 0.0.5
+
+### New Features
+
+* A new library, `Customizations.qll`, has been added, which allows for global customizations that affect all queries.
+
 ## 0.0.4
diff --git a/ruby/change-notes/2021-12-21-constants.md b/ruby/ql/lib/change-notes/2021-12-21-constants.md
similarity index 86%
rename from ruby/change-notes/2021-12-21-constants.md
rename to ruby/ql/lib/change-notes/2021-12-21-constants.md
index 29ee123d914..331078917e9 100644
--- a/ruby/change-notes/2021-12-21-constants.md
+++ b/ruby/ql/lib/change-notes/2021-12-21-constants.md
@@ -1,2 +1,4 @@
-lgtm,codescanning
+---
+category: deprecated
+---
 * `ConstantWriteAccess.getQualifiedName()` has been deprecated in favor of `getAQualifiedName()` which can return multiple possible qualified names for a given constant write access.
diff --git a/ruby/change-notes/2021-12-07-customizations.md b/ruby/ql/lib/change-notes/released/0.0.5.md
similarity index 80%
rename from ruby/change-notes/2021-12-07-customizations.md
rename to ruby/ql/lib/change-notes/released/0.0.5.md
index d15d9abd952..bfa8799eac6 100644
--- a/ruby/change-notes/2021-12-07-customizations.md
+++ b/ruby/ql/lib/change-notes/released/0.0.5.md
@@ -1,2 +1,5 @@
-lgtm,codescanning
+## 0.0.5
+
+### New Features
+
 * A new library, `Customizations.qll`, has been added, which allows for global customizations that affect all queries.
diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/ruby/ql/lib/codeql-pack.release.yml
+++ b/ruby/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/ruby/ql/lib/codeql/ruby/ApiGraphs.qll b/ruby/ql/lib/codeql/ruby/ApiGraphs.qll
index d0b8a7e352d..a93f39de196 100644
--- a/ruby/ql/lib/codeql/ruby/ApiGraphs.qll
+++ b/ruby/ql/lib/codeql/ruby/ApiGraphs.qll
@@ -98,7 +98,7 @@ module API {
     /**
      * Gets a `new` call to the function represented by this API component.
      */
-    DataFlow::Node getAnInstantiation() { result = this.getInstance().getAnImmediateUse() }
+    DataFlow::ExprNode getAnInstantiation() { result = this.getInstance().getAnImmediateUse() }
 
     /**
      * Gets a node representing a subclass of the class represented by this node.
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/FlowSummary.qll b/ruby/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
index 05c01429fb8..1139bcd1f17 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
@@ -4,6 +4,7 @@ import ruby
 import codeql.ruby.DataFlow
 private import internal.FlowSummaryImpl as Impl
 private import internal.DataFlowDispatch
+private import internal.DataFlowPrivate
 
 // import all instances below
 private module Summaries {
@@ -22,12 +23,34 @@ module SummaryComponent {
 
   predicate content = SC::content/1;
 
-  /** Gets a summary component that represents a qualifier. */
-  SummaryComponent qualifier() { result = argument(any(ParameterPosition pos | pos.isSelf())) }
+  /** Gets a summary component that represents a receiver. */
+  SummaryComponent receiver() { result = argument(any(ParameterPosition pos | pos.isSelf())) }
 
   /** Gets a summary component that represents a block argument. */
   SummaryComponent block() { result = argument(any(ParameterPosition pos | pos.isBlock())) }
 
+  /** Gets a summary component that represents an element in an array at an unknown index. */
+  SummaryComponent arrayElementUnknown() { result = SC::content(TUnknownArrayElementContent()) }
+
+  /** Gets a summary component that represents an element in an array at a known index. */
+  bindingset[i]
+  SummaryComponent arrayElementKnown(int i) {
+    result = SC::content(TKnownArrayElementContent(i))
+    or
+    // `i` may be out of range
+    not exists(TKnownArrayElementContent(i)) and
+    result = arrayElementUnknown()
+  }
+
+  /**
+   * Gets a summary component that represents an element in an array at either an unknown
+   * index or known index. This predicate should never be used in the output specification
+   * of a flow summary; use `arrayElementUnknown()` instead.
+   */
+  SummaryComponent arrayElementAny() {
+    result in [arrayElementUnknown(), SC::content(TKnownArrayElementContent(_))]
+  }
+
   /** Gets a summary component that represents the return value of a call. */
   SummaryComponent return() { result = SC::return(any(NormalReturnKind rk)) }
 }
@@ -44,8 +67,8 @@ module SummaryComponentStack {
 
   predicate argument = SCS::argument/1;
 
-  /** Gets a singleton stack representing a qualifier. */
-  SummaryComponentStack qualifier() { result = singleton(SummaryComponent::qualifier()) }
+  /** Gets a singleton stack representing a receiver. */
+  SummaryComponentStack receiver() { result = singleton(SummaryComponent::receiver()) }
 
   /** Gets a singleton stack representing a block argument. */
   SummaryComponentStack block() { result = singleton(SummaryComponent::block()) }
@@ -108,6 +131,17 @@ abstract class SummarizedCallable extends LibraryCallable {
   predicate clearsContent(ParameterPosition pos, DataFlow::Content content) { none() }
 }
 
+/**
+ * A callable with a flow summary, identified by a unique string, where all
+ * calls to a method with the same name are considered relevant.
+ */
+abstract class SimpleSummarizedCallable extends SummarizedCallable {
+  bindingset[this]
+  SimpleSummarizedCallable() { any() }
+
+  final override MethodCall getACall() { result.getMethodName() = this }
+}
+
 private class SummarizedCallableAdapter extends Impl::Public::SummarizedCallable {
   private SummarizedCallable sc;
 
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll
index aec9a7237ab..46e0e4ea6ad 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll
@@ -250,7 +250,7 @@ private module Cached {
     TPositionalParameterPosition(int pos) {
       pos = any(Parameter p).getPosition()
       or
-      pos in [0 .. 10] // TODO: remove once `Argument[_]` summaries are replaced with `Argument[i..]`
+      pos in [0 .. 100] // TODO: remove once `Argument[_]` summaries are replaced with `Argument[i..]`
       or
       FlowSummaryImplSpecific::ParsePositions::isParsedArgumentPosition(_, pos)
     } or
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
index 285cdf40b65..da4cce90cdf 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
@@ -294,9 +294,13 @@ private module Cached {
   }
 
   cached
-  newtype TContent = TTodoContent() // stub
+  newtype TContent =
+    TKnownArrayElementContent(int i) { i in [0 .. 10] } or
+    TUnknownArrayElementContent()
 }
 
+class TArrayElementContent = TKnownArrayElementContent or TUnknownArrayElementContent;
+
 import Cached
 
 /** Holds if `n` should be hidden from path explanations. */
@@ -741,8 +745,6 @@ predicate readStep(Node node1, Content c, Node node2) {
  * in `x.f = newValue`.
  */
 predicate clearsContent(Node n, Content c) {
-  storeStep(_, c, n)
-  or
   FlowSummaryImpl::Private::Steps::summaryClearsContent(n, c)
 }
 
@@ -886,4 +888,6 @@ predicate additionalLambdaFlowStep(Node nodeFrom, Node nodeTo, boolean preserves
  * One example would be to allow flow like `p.foo = p.bar;`, which is disallowed
  * by default as a heuristic.
  */
-predicate allowParameterReturnInSelf(ParameterNode p) { none() }
+predicate allowParameterReturnInSelf(ParameterNode p) {
+  FlowSummaryImpl::Private::summaryAllowParameterReturnInSelf(p)
+}
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll
index 4717d4995e6..432c3d8f977 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll
@@ -45,19 +45,19 @@ class Node extends TNode {
 }
 
 /** A data-flow node corresponding to a call in the control-flow graph. */
-class CallNode extends LocalSourceNode {
+class CallNode extends LocalSourceNode, ExprNode {
   private CfgNodes::ExprNodes::CallCfgNode node;
 
-  CallNode() { node = this.asExpr() }
+  CallNode() { node = this.getExprNode() }
 
   /** Gets the data-flow node corresponding to the receiver of the call corresponding to this data-flow node */
-  Node getReceiver() { result.asExpr() = node.getReceiver() }
+  ExprNode getReceiver() { result.getExprNode() = node.getReceiver() }
 
   /** Gets the data-flow node corresponding to the `n`th argument of the call corresponding to this data-flow node */
-  Node getArgument(int n) { result.asExpr() = node.getArgument(n) }
+  ExprNode getArgument(int n) { result.getExprNode() = node.getArgument(n) }
 
   /** Gets the data-flow node corresponding to the named argument of the call corresponding to this data-flow node */
-  Node getKeywordArgument(string name) { result.asExpr() = node.getKeywordArgument(name) }
+  ExprNode getKeywordArgument(string name) { result.getExprNode() = node.getKeywordArgument(name) }
 
   /** Gets the name of the the method called by the method call (if any) corresponding to this data-flow node */
   string getMethodName() { result = node.getExpr().(MethodCall).getMethodName() }
@@ -161,10 +161,7 @@ predicate localExprFlow(CfgNodes::ExprCfgNode e1, CfgNodes::ExprCfgNode e2) {
   localFlow(exprNode(e1), exprNode(e2))
 }
 
-/**
- * A reference contained in an object. This is either a field, a property,
- * or an element in a collection.
- */
+/** A reference contained in an object. */
 class Content extends TContent {
   /** Gets a textual representation of this content. */
   string toString() { none() }
@@ -173,6 +170,31 @@ class Content extends TContent {
   Location getLocation() { none() }
 }
 
+/** Provides different sub classes of `Content`. */
+module Content {
+  /** An element in an array. */
+  class ArrayElementContent extends Content, TArrayElementContent { }
+
+  /** An element in an array at a known index. */
+  class KnownArrayElementContent extends ArrayElementContent, TKnownArrayElementContent {
+    private int i;
+
+    KnownArrayElementContent() { this = TKnownArrayElementContent(i) }
+
+    /** Gets the index in the array. */
+    int getIndex() { result = i }
+
+    override string toString() { result = "array element " + i }
+  }
+
+  /** An element in an array at an unknown index. */
+  class UnknownArrayElementContent extends ArrayElementContent, TUnknownArrayElementContent {
+    UnknownArrayElementContent() { this = TUnknownArrayElementContent() }
+
+    override string toString() { result = "array element" }
+  }
+}
+
 /**
  * A guard that validates some expression.
  *
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll
index dee26f0b4d3..defcccdef06 100644
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll
@@ -58,12 +58,33 @@ predicate summaryElement(DataFlowCallable c, string input, string output, string
  * This covers all the Ruby-specific components of a flow summary, and
  * is currently restricted to `"BlockArgument"`.
  */
+bindingset[c]
 SummaryComponent interpretComponentSpecific(string c) {
+  c = "Receiver" and
+  result = FlowSummary::SummaryComponent::receiver()
+  or
   c = "BlockArgument" and
   result = FlowSummary::SummaryComponent::block()
   or
   c = "Argument[_]" and
   result = FlowSummary::SummaryComponent::argument(any(ParameterPosition pos | pos.isPositional(_)))
+  or
+  c = "ArrayElement" and
+  result = FlowSummary::SummaryComponent::arrayElementAny()
+  or
+  c = "ArrayElement[?]" and
+  result = FlowSummary::SummaryComponent::arrayElementUnknown()
+  or
+  exists(int i |
+    c.regexpCapture("ArrayElement\\[([0-9]+)\\]", 1).toInt() = i and
+    result = FlowSummary::SummaryComponent::arrayElementKnown(i)
+  )
+  or
+  exists(int i1, int i2 |
+    c.regexpCapture("ArrayElement\\[([-0-9]+)\\.\\.([0-9]+)\\]", 1).toInt() = i1 and
+    c.regexpCapture("ArrayElement\\[([-0-9]+)\\.\\.([0-9]+)\\]", 2).toInt() = i2 and
+    result = FlowSummary::SummaryComponent::arrayElementKnown([i1 .. i2])
+  )
 }
 
 /** Gets the textual representation of a summary component in the format used for flow summaries. */
diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingPrivate.qll
index 86c8ffb7f50..b3e04e7a3dc 100755
--- a/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingPrivate.qll
+++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/TaintTrackingPrivate.qll
@@ -1,4 +1,5 @@
 private import ruby
+private import DataFlowPrivate
 private import TaintTrackingPublic
 private import codeql.ruby.CFG
 private import codeql.ruby.DataFlow
@@ -34,8 +35,10 @@ predicate defaultAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nod
   nodeFrom.asExpr() =
     nodeTo.asExpr().(CfgNodes::ExprNodes::StringlikeLiteralCfgNode).getAComponent()
   or
-  // element reference from nodeFrom
-  nodeFrom.asExpr() = nodeTo.asExpr().(CfgNodes::ExprNodes::ElementReferenceCfgNode).getReceiver()
-  or
   FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom, nodeTo, false)
+  or
+  // Although flow through arrays is modelled precisely using stores/reads, we still
+  // allow flow out of a _tainted_ array. This is needed in order to support taint-
+  // tracking configurations where the source is an array.
+  readStep(nodeFrom, any(DataFlow::Content::ArrayElementContent c), nodeTo)
 }
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/StandardLibrary.qll b/ruby/ql/lib/codeql/ruby/frameworks/StandardLibrary.qll
index 547f0f74287..ce8c443dda2 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/StandardLibrary.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/StandardLibrary.qll
@@ -449,3 +449,1105 @@ private class LoggerSetPrognameCall extends LoggerLoggingCall {
     )
   }
 }
+
+private class SplatSummary extends SummarizedCallable {
+  SplatSummary() { this = "*(splat)" }
+
+  override SplatExpr getACall() { any() }
+
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+    (
+      // *1 = [1]
+      input = "Receiver" and
+      output = "ArrayElement[0] of ReturnValue"
+      or
+      // *[1] = [1]
+      input = "Receiver" and
+      output = "ReturnValue"
+    ) and
+    preservesValue = true
+  }
+}
+
+private class ArrayIndex extends int {
+  ArrayIndex() { this = any(DataFlow::Content::KnownArrayElementContent c).getIndex() }
+}
+
+/**
+ * Provides flow summaries for the `Array` class.
+ *
+ * The summaries are ordered (and implemented) based on
+ * https://ruby-doc.org/core-2.7.0/Array.html, however for methods that have the
+ * more general `Enumerable` scope, they are implemented in the `Enumerable`
+ * module instead.
+ */
+module Array {
+  bindingset[arg]
+  private DataFlow::Content::KnownArrayElementContent getKnownArrayElementContent(Expr arg) {
+    result.getIndex() = arg.getValueText().toInt()
+  }
+
+  bindingset[arg]
+  private predicate isUnknownArrayElementContent(Expr arg) {
+    not exists(getKnownArrayElementContent(arg)) and
+    not arg instanceof RangeLiteral
+  }
+
+  private class ArrayLiteralSummary extends SummarizedCallable {
+    ArrayLiteralSummary() { this = "Array.[]" }
+
+    override MethodCall getACall() {
+      result = API::getTopLevelMember("Array").getAMethodCall("[]").getExprNode().getExpr()
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      exists(ArrayIndex i |
+        input = "Argument[" + i + "]" and
+        output = "ArrayElement[" + i + "] of ReturnValue" and
+        preservesValue = true
+      )
+    }
+  }
+
+  private class NewSummary extends SummarizedCallable {
+    NewSummary() { this = "Array.new" }
+
+    override MethodCall getACall() {
+      result = API::getTopLevelMember("Array").getAnInstantiation().getExprNode().getExpr()
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "Argument[1]" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Argument[0]" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+        or
+        input = "ArrayElement[?] of Argument[0]" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        input = "ReturnValue of BlockArgument" and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class TryConvertSummary extends SummarizedCallable {
+    TryConvertSummary() { this = "Array.try_convert" }
+
+    override MethodCall getACall() {
+      result = API::getTopLevelMember("Array").getAMethodCall("try_convert").getExprNode().getExpr()
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Argument[0]" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+        or
+        input = "ArrayElement[?] of Argument[0]" and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class SetIntersectionSummary extends SummarizedCallable {
+    SetIntersectionSummary() { this = "&" }
+
+    override BitwiseAndExpr getACall() { any() }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = ["ArrayElement of Receiver", "ArrayElement of Argument[0]"] and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class RepetitionSummary extends SummarizedCallable {
+    RepetitionSummary() { this = "*" }
+
+    override MulExpr getACall() { any() }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class ConcatenationSummary extends SummarizedCallable {
+    ConcatenationSummary() { this = "+" }
+
+    override AddExpr getACall() { any() }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+        or
+        input = ["ArrayElement[?] of Receiver", "ArrayElement of Argument[0]"] and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class SetDifferenceSummary extends SummarizedCallable {
+    SetDifferenceSummary() { this = "-" }
+
+    override SubExpr getACall() { any() }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class AppendSummary extends SummarizedCallable {
+    AppendSummary() { this = "<<" }
+
+    override LShiftExpr getACall() { any() }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+        or
+        input = ["ArrayElement[?] of Receiver", "Argument[0]"] and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  /** A call to `[]`. */
+  abstract private class ElementReferenceReadSummary extends SummarizedCallable {
+    MethodCall mc;
+
+    bindingset[this]
+    ElementReferenceReadSummary() { mc.getMethodName() = "[]" }
+
+    override MethodCall getACall() { result = mc }
+  }
+
+  /** A call to `[]` with a known index. */
+  private class ElementReferenceReadKnownSummary extends ElementReferenceReadSummary {
+    private int i;
+
+    ElementReferenceReadKnownSummary() {
+      this = "[" + i + "]" and
+      mc.getNumberOfArguments() = 1 and
+      i = getKnownArrayElementContent(mc.getArgument(0)).getIndex()
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement[" + [i.toString(), "?"] + "] of Receiver" and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  /** A call to `[]` with an unknown index. */
+  private class ElementReferenceReadUnknownSummary extends ElementReferenceReadSummary {
+    ElementReferenceReadUnknownSummary() {
+      this = "[](index)" and
+      mc.getNumberOfArguments() = 1 and
+      isUnknownArrayElementContent(mc.getArgument(0))
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  /** A call to `[]` with two arguments or a range argument. */
+  private class ElementReferenceSliceReadSummary extends ElementReferenceReadSummary {
+    ElementReferenceSliceReadSummary() {
+      this = "[](slice)" and
+      (
+        mc.getNumberOfArguments() = 2
+        or
+        mc.getNumberOfArguments() = 1 and
+        mc.getArgument(0) instanceof RangeLiteral
+      )
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  /** A call to `[]=`. */
+  abstract private class ElementReferenceStoreSummary extends SummarizedCallable {
+    MethodCall mc;
+
+    bindingset[this]
+    ElementReferenceStoreSummary() { mc.getMethodName() = "[]=" }
+
+    final override MethodCall getACall() { result = mc }
+  }
+
+  /** A call to `[]=` with a known index. */
+  private class ElementReferenceStoreKnownSummary extends ElementReferenceStoreSummary {
+    private DataFlow::Content::KnownArrayElementContent c;
+
+    ElementReferenceStoreKnownSummary() {
+      mc.getNumberOfArguments() = 2 and
+      c = getKnownArrayElementContent(mc.getArgument(0)) and
+      this = "[" + c.getIndex() + "]="
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "Argument[1]" and
+      output = "ArrayElement[" + c.getIndex() + "] of Receiver" and
+      preservesValue = true
+    }
+
+    override predicate clearsContent(ParameterPosition pos, DataFlow::Content content) {
+      pos.isSelf() and
+      content = c
+    }
+  }
+
+  /** A call to `[]=` with an unknown index. */
+  private class ElementReferenceStoreUnknownSummary extends ElementReferenceStoreSummary {
+    ElementReferenceStoreUnknownSummary() {
+      mc.getNumberOfArguments() = 2 and
+      isUnknownArrayElementContent(mc.getArgument(0)) and
+      this = "[]="
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "Argument[1]" and
+      output = "ArrayElement[?] of Receiver" and
+      preservesValue = true
+    }
+  }
+
+  /** A call to `[]=` with two arguments or a range argument. */
+  private class ElementReferenceSliceStoreUnknownSummary extends ElementReferenceStoreSummary {
+    ElementReferenceSliceStoreUnknownSummary() {
+      this = "[]=(slice)" and
+      (
+        mc.getNumberOfArguments() > 2
+        or
+        mc.getNumberOfArguments() = 2 and
+        mc.getArgument(0) instanceof RangeLiteral
+      )
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      exists(string arg |
+        arg = "Argument[" + (mc.getNumberOfArguments() - 1) + "]" and
+        input = ["ArrayElement of " + arg, arg, "ArrayElement of Receiver"] and
+        output = "ArrayElement[?] of Receiver" and
+        preservesValue = true
+      )
+    }
+
+    override predicate clearsContent(ParameterPosition pos, DataFlow::Content content) {
+      pos.isSelf() and
+      content instanceof DataFlow::Content::KnownArrayElementContent
+    }
+  }
+
+  private class AssocSummary extends SimpleSummarizedCallable {
+    AssocSummary() { this = "assoc" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of ArrayElement of Receiver" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  abstract private class AtSummary extends SummarizedCallable {
+    MethodCall mc;
+
+    bindingset[this]
+    AtSummary() { mc.getMethodName() = "at" }
+
+    override MethodCall getACall() { result = mc }
+  }
+
+  private class AtKnownSummary extends AtSummary {
+    private int i;
+
+    AtKnownSummary() {
+      this = "at(" + i + "]" and
+      mc.getNumberOfArguments() = 1 and
+      i = getKnownArrayElementContent(mc.getArgument(0)).getIndex()
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement[" + [i.toString(), "?"] + "] of Receiver" and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class AtUnknownSummary extends AtSummary {
+    AtUnknownSummary() {
+      this = "at" and
+      mc.getNumberOfArguments() = 1 and
+      isUnknownArrayElementContent(mc.getArgument(0))
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class BSearchSummary extends SimpleSummarizedCallable {
+    BSearchSummary() { this = "bsearch" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = ["Parameter[0] of BlockArgument", "ReturnValue"] and
+      preservesValue = true
+    }
+  }
+
+  private class BSearchIndexSummary extends SimpleSummarizedCallable {
+    BSearchIndexSummary() { this = "bsearch_index" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+    }
+  }
+
+  private class ClearSummary extends SimpleSummarizedCallable {
+    ClearSummary() { this = "clear" }
+
+    override predicate clearsContent(ParameterPosition pos, DataFlow::Content content) {
+      pos.isSelf() and
+      content instanceof DataFlow::Content::ArrayElementContent
+    }
+  }
+
+  private class CombinationSummary extends SimpleSummarizedCallable {
+    CombinationSummary() { this = "combination" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of Parameter[0] of BlockArgument" and
+      preservesValue = true
+    }
+  }
+
+  private class CompactSummary extends SimpleSummarizedCallable {
+    CompactSummary() { this = "compact" + ["", "!"] }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class ConcatSummary extends SimpleSummarizedCallable {
+    ConcatSummary() { this = "concat" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Argument[_]" and
+      output = "ArrayElement[?] of Receiver" and
+      preservesValue = true
+    }
+  }
+
+  private class DeleteSummary extends SimpleSummarizedCallable {
+    DeleteSummary() { this = "delete" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = ["ArrayElement of Receiver", "ReturnValue of BlockArgument"] and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class DeleteAtSummary extends SimpleSummarizedCallable {
+    DeleteAtSummary() { this = "delete_at" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class DeleteIfSummary extends SimpleSummarizedCallable {
+    DeleteIfSummary() { this = "delete_if" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = ["Parameter[0] of BlockArgument", "ArrayElement[?] of ReturnValue"] and
+      preservesValue = true
+    }
+  }
+
+  private class DifferenceSummary extends SimpleSummarizedCallable {
+    DifferenceSummary() { this = "difference" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      any(SetDifferenceSummary s).propagatesFlowExt(input, output, preservesValue)
+    }
+  }
+
+  private string getDigArg(MethodCall dig, int i) {
+    dig.getMethodName() = "dig" and
+    exists(Expr arg | arg = dig.getArgument(i) |
+      result = arg.getValueText().toInt().toString()
+      or
+      not exists(arg.getValueText()) and
+      result = "?"
+    )
+  }
+
+  private class RelevantDigMethodCall extends MethodCall {
+    RelevantDigMethodCall() {
+      forall(int i | i in [0 .. this.getNumberOfArguments() - 1] | exists(getDigArg(this, i)))
+    }
+  }
+
+  private string buildDigInputSpecComponent(RelevantDigMethodCall dig, int i) {
+    exists(string s |
+      s = getDigArg(dig, i) and
+      if s = "?" then result = "" else result = "[" + [s, "?"] + "]"
+    )
+  }
+
+  language[monotonicAggregates]
+  private string buildDigInputSpec(RelevantDigMethodCall dig) {
+    result =
+      strictconcat(int i |
+        i in [0 .. dig.getNumberOfArguments() - 1]
+      |
+        "ArrayElement" + buildDigInputSpecComponent(dig, i) + " of " order by i desc
+      )
+  }
+
+  private class DigSummary extends SummarizedCallable {
+    private RelevantDigMethodCall dig;
+
+    DigSummary() {
+      this =
+        "dig(" +
+          strictconcat(int i |
+            i in [0 .. dig.getNumberOfArguments() - 1]
+          |
+            getDigArg(dig, i), "," order by i
+          ) + ")"
+    }
+
+    override MethodCall getACall() { result = dig }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = buildDigInputSpec(dig) + "Receiver" and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class EachSummary extends SimpleSummarizedCallable {
+    EachSummary() { this = "each" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "Parameter[0] of BlockArgument"
+        or
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class EachIndexSummary extends SimpleSummarizedCallable {
+    EachIndexSummary() { this = "each_index" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class FetchSummary extends SimpleSummarizedCallable {
+    FetchSummary() { this = "fetch" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "ReturnValue"
+        or
+        input = "Argument[0]" and
+        output = "Parameter[0] of BlockArgument"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  abstract private class FillSummary extends SummarizedCallable {
+    MethodCall mc;
+
+    bindingset[this]
+    FillSummary() { mc.getMethodName() = "fill" }
+
+    override MethodCall getACall() { result = mc }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = ["Argument[0]", "ReturnValue of BlockArgument"] and
+      output = "ArrayElement[?] of Receiver" and
+      preservesValue = true
+    }
+  }
+
+  private class FillAllSummary extends FillSummary {
+    FillAllSummary() {
+      this = "fill(all)" and
+      if exists(mc.getBlock()) then mc.getNumberOfArguments() = 0 else mc.getNumberOfArguments() = 1
+    }
+
+    override predicate clearsContent(ParameterPosition pos, DataFlow::Content content) {
+      pos.isSelf() and
+      content instanceof DataFlow::Content::ArrayElementContent
+    }
+  }
+
+  private class FillSomeSummary extends FillSummary {
+    FillSomeSummary() {
+      this = "fill(some)" and
+      if exists(mc.getBlock()) then mc.getNumberOfArguments() > 0 else mc.getNumberOfArguments() > 1
+    }
+  }
+
+  private class FilterBangSummary extends SimpleSummarizedCallable {
+    FilterBangSummary() { this = "filter!" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = ["Parameter[0] of BlockArgument", "ArrayElement[?] of ReturnValue"] and
+      preservesValue = true
+    }
+  }
+
+  private class FlattenSummary extends SimpleSummarizedCallable {
+    FlattenSummary() { this = "flatten" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input =
+          [
+            "ArrayElement of Receiver", "ArrayElement of ArrayElement of Receiver",
+            "ArrayElement of ArrayElement of ArrayElement of Receiver"
+          ] and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class FlattenBangSummary extends SimpleSummarizedCallable {
+    FlattenBangSummary() { this = "flatten!" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input =
+          [
+            "ArrayElement of Receiver", "ArrayElement of ArrayElement of Receiver",
+            "ArrayElement of ArrayElement of ArrayElement of Receiver"
+          ] and
+        output = "ArrayElement[?] of Receiver"
+      ) and
+      preservesValue = true
+    }
+
+    override predicate clearsContent(ParameterPosition pos, DataFlow::Content content) {
+      pos.isSelf() and
+      content instanceof DataFlow::Content::ArrayElementContent
+    }
+  }
+
+  private class IndexSummary extends SimpleSummarizedCallable {
+    IndexSummary() { this = "index" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+    }
+  }
+
+  private class ReplaceSummary extends SimpleSummarizedCallable {
+    ReplaceSummary() { this = "replace" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement[?] of Argument[0]" and
+        output = "ArrayElement[?] of Receiver"
+        or
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Argument[0]" and
+          output = "ArrayElement[" + i + "] of Receiver"
+        )
+      ) and
+      preservesValue = true
+    }
+
+    override predicate clearsContent(ParameterPosition pos, DataFlow::Content content) {
+      pos.isSelf() and
+      content instanceof DataFlow::Content::ArrayElementContent
+    }
+  }
+
+  private class PrependSummary extends SummarizedCallable {
+    private MethodCall mc;
+
+    PrependSummary() {
+      mc.getMethodName() = "prepend" and
+      this = "prepend(" + mc.getNumberOfArguments() + ")"
+    }
+
+    override MethodCall getACall() { result = mc }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      exists(ArrayIndex i, int num | num = mc.getNumberOfArguments() and preservesValue = true |
+        input = "ArrayElement[" + i + "] of Receiver" and
+        output = "ArrayElement[" + (i + num) + "] of Receiver"
+        or
+        input = "Argument[" + i + "]" and
+        output = "ArrayElement[" + i + "] of Receiver"
+      )
+    }
+
+    override predicate clearsContent(ParameterPosition pos, DataFlow::Content content) {
+      pos.isSelf() and
+      content instanceof DataFlow::Content::KnownArrayElementContent
+    }
+  }
+}
+
+/**
+ * Provides flow summaries for the `Enumerable` class.
+ *
+ * The summaries are ordered (and implemented) based on
+ * https://ruby-doc.org/core-2.7.0/Enumerable.html.
+ */
+module Enumerable {
+  private class AllSummary extends SimpleSummarizedCallable {
+    AllSummary() { this = "all?" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+      or
+      input = "ReturnValue of BlockArgument" and
+      output = "ReturnValue" and
+      preservesValue = false
+    }
+  }
+
+  private class AnySummary extends SimpleSummarizedCallable {
+    AnySummary() { this = "any?" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+      or
+      input = "ReturnValue of BlockArgument" and
+      output = "ReturnValue" and
+      preservesValue = false
+    }
+  }
+
+  private class CollectSummary extends SimpleSummarizedCallable {
+    CollectSummary() { this = ["collect", "collect!"] }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+      or
+      input = "ReturnValue of BlockArgument" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class CollectConcatSummary extends SimpleSummarizedCallable {
+    CollectConcatSummary() { this = "collect_concat" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+      or
+      input = "ArrayElement of ReturnValue of BlockArgument" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class CountSummary extends SimpleSummarizedCallable {
+    CountSummary() { this = "count" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+    }
+  }
+
+  private class CycleSummary extends SimpleSummarizedCallable {
+    CycleSummary() { this = "cycle" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+    }
+  }
+
+  private class DetectSummary extends SimpleSummarizedCallable {
+    DetectSummary() { this = "detect" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = ["Parameter[0] of BlockArgument", "ReturnValue"]
+        or
+        input = "ReturnValue of Argument[0]" and
+        output = "ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  abstract private class DropSummary extends SummarizedCallable {
+    MethodCall mc;
+
+    bindingset[this]
+    DropSummary() { mc.getMethodName() = "drop" }
+
+    override MethodCall getACall() { result = mc }
+  }
+
+  private class DropKnownSummary extends DropSummary {
+    private int i;
+
+    DropKnownSummary() {
+      this = "drop(" + i + ")" and
+      i = mc.getArgument(0).getValueText().toInt()
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        exists(ArrayIndex j |
+          input = "ArrayElement[" + j + "] of Receiver" and
+          output = "ArrayElement[" + (j - i) + "] of ReturnValue"
+        )
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class DropUnknownSummary extends DropSummary {
+    DropUnknownSummary() {
+      this = "drop(index)" and
+      not exists(mc.getArgument(0).getValueText().toInt())
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class DropWhileSummary extends SimpleSummarizedCallable {
+    DropWhileSummary() { this = "drop_while" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = ["ArrayElement[?] of ReturnValue", "Parameter[0] of BlockArgument"] and
+      preservesValue = true
+    }
+  }
+
+  private class EachConsSummary extends SimpleSummarizedCallable {
+    EachConsSummary() { this = "each_cons" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of Parameter[0] of BlockArgument" and
+      preservesValue = true
+    }
+  }
+
+  private class EachEntrySummary extends SimpleSummarizedCallable {
+    EachEntrySummary() { this = "each_entry" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "Parameter[0] of BlockArgument"
+        or
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class EachSliceSummary extends SimpleSummarizedCallable {
+    EachSliceSummary() { this = "each_slice" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "ArrayElement[?] of Parameter[0] of BlockArgument"
+        or
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class EachWithIndexSummary extends SimpleSummarizedCallable {
+    EachWithIndexSummary() { this = "each_with_index" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "Parameter[0] of BlockArgument"
+        or
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+        or
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class EachWithObjectSummary extends SimpleSummarizedCallable {
+    EachWithObjectSummary() { this = "each_with_object" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "Parameter[0] of BlockArgument"
+        or
+        input = "Argument[0]" and
+        output = ["Parameter[1] of BlockArgument", "ReturnValue"]
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class FilterSummary extends SimpleSummarizedCallable {
+    FilterSummary() { this = ["filter", "filter_map"] }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = ["Parameter[0] of BlockArgument", "ArrayElement[?] of ReturnValue"] and
+      preservesValue = true
+    }
+  }
+
+  private class FindSummary extends SimpleSummarizedCallable {
+    FindSummary() { this = "find" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = ["Parameter[0] of BlockArgument", "ReturnValue"]
+        or
+        input = "ReturnValue of Argument[0]" and
+        output = "ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class FindAllSummary extends SimpleSummarizedCallable {
+    FindAllSummary() { this = "find_all" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      any(FilterSummary f).propagatesFlowExt(input, output, preservesValue)
+    }
+  }
+
+  private class FindIndexSummary extends SimpleSummarizedCallable {
+    FindIndexSummary() { this = "find_index" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "Parameter[0] of BlockArgument" and
+      preservesValue = true
+    }
+  }
+
+  abstract private class FirstSummary extends SummarizedCallable {
+    MethodCall mc;
+
+    bindingset[this]
+    FirstSummary() { mc.getMethodName() = "first" }
+
+    override MethodCall getACall() { result = mc }
+  }
+
+  private class FirstNoArgSummary extends FirstSummary {
+    FirstNoArgSummary() { this = "first(no_arg)" and mc.getNumberOfArguments() = 0 }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = ["ArrayElement[0] of Receiver", "ArrayElement[?] of Receiver"] and
+      output = "ReturnValue" and
+      preservesValue = true
+    }
+  }
+
+  private class FirstArgKnownSummary extends FirstSummary {
+    private int n;
+
+    FirstArgKnownSummary() {
+      this = "first(" + n + ")" and n = mc.getArgument(0).getValueText().toInt()
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        exists(ArrayIndex i |
+          i < n and
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+        or
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class FirstArgUnknownSummary extends FirstSummary {
+    FirstArgUnknownSummary() {
+      this = "first(?)" and
+      mc.getNumberOfArguments() > 0 and
+      not exists(mc.getArgument(0).getValueText().toInt())
+    }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        exists(ArrayIndex i |
+          input = "ArrayElement[" + i + "] of Receiver" and
+          output = "ArrayElement[" + i + "] of ReturnValue"
+        )
+        or
+        input = "ArrayElement[?] of Receiver" and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class FlatMapSummary extends SimpleSummarizedCallable {
+    FlatMapSummary() { this = "flat_map" }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "Parameter[0] of BlockArgument"
+        or
+        input = "ArrayElement of ReturnValue of BlockArgument" and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  abstract private class GrepSummary extends SummarizedCallable {
+    MethodCall mc;
+
+    bindingset[this]
+    GrepSummary() { mc.getMethodName() = ["grep", "grep_v"] }
+
+    override MethodCall getACall() { result = mc }
+  }
+
+  private class GrepBlockSummary extends GrepSummary {
+    GrepBlockSummary() { this = "grep(block)" and exists(mc.getBlock()) }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      (
+        input = "ArrayElement of Receiver" and
+        output = "Parameter[0] of BlockArgument"
+        or
+        input = "ReturnValue of BlockArgument" and
+        output = "ArrayElement[?] of ReturnValue"
+      ) and
+      preservesValue = true
+    }
+  }
+
+  private class GrepNoBlockSummary extends GrepSummary {
+    GrepNoBlockSummary() { this = "grep(no_block)" and not exists(mc.getBlock()) }
+
+    override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+      input = "ArrayElement of Receiver" and
+      output = "ArrayElement[?] of ReturnValue" and
+      preservesValue = true
+    }
+  }
+  // TODO: Implement `group_by` when we have flow through hashes
+}
diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml
index 463960b41c3..78a396f3910 100644
--- a/ruby/ql/lib/qlpack.yml
+++ b/ruby/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme
diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md
index e406cd11ae8..6946f97e5a9 100644
--- a/ruby/ql/src/CHANGELOG.md
+++ b/ruby/ql/src/CHANGELOG.md
@@ -1,3 +1,5 @@
+## 0.0.5
+
 ## 0.0.4
 
 ### New Queries
diff --git a/ruby/ql/src/change-notes/released/0.0.5.md b/ruby/ql/src/change-notes/released/0.0.5.md
new file mode 100644
index 00000000000..259776640e3
--- /dev/null
+++ b/ruby/ql/src/change-notes/released/0.0.5.md
@@ -0,0 +1 @@
+## 0.0.5
diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml
index ec411a674bc..bb45a1ab018 100644
--- a/ruby/ql/src/codeql-pack.release.yml
+++ b/ruby/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.4
+lastReleaseVersion: 0.0.5
diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml
index ecb9f446bba..052787da6da 100644
--- a/ruby/ql/src/qlpack.yml
+++ b/ruby/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.0.5-dev
+version: 0.0.6-dev
 groups: ruby
 suites: codeql-suites
 defaultSuiteFile: codeql-suites/ruby-code-scanning.qls
diff --git a/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql b/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql
index 066c5f86cf8..47587c7af4f 100644
--- a/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql
+++ b/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql
@@ -10,6 +10,8 @@
  *       security
  *       external/cwe/cwe-116
  *       external/cwe/cwe-020
+ *       external/cwe/cwe-185
+ *       external/cwe/cwe-186
  */
 
 import codeql.ruby.security.BadTagFilterQuery
diff --git a/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected b/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected
new file mode 100644
index 00000000000..36b0ae5b7b2
--- /dev/null
+++ b/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected
@@ -0,0 +1,1071 @@
+failures
+edges
+| array_flow.rb:2:9:2:18 | * ... [array element 0] :  | array_flow.rb:3:10:3:10 | a [array element 0] :  |
+| array_flow.rb:2:9:2:18 | * ... [array element 0] :  | array_flow.rb:5:10:5:10 | a [array element 0] :  |
+| array_flow.rb:2:10:2:18 | call to source :  | array_flow.rb:2:9:2:18 | * ... [array element 0] :  |
+| array_flow.rb:3:10:3:10 | a [array element 0] :  | array_flow.rb:3:10:3:13 | ...[...] |
+| array_flow.rb:5:10:5:10 | a [array element 0] :  | array_flow.rb:5:10:5:13 | ...[...] |
+| array_flow.rb:9:13:9:21 | call to source :  | array_flow.rb:11:10:11:10 | a [array element 1] :  |
+| array_flow.rb:9:13:9:21 | call to source :  | array_flow.rb:13:10:13:10 | a [array element 1] :  |
+| array_flow.rb:11:10:11:10 | a [array element 1] :  | array_flow.rb:11:10:11:13 | ...[...] |
+| array_flow.rb:13:10:13:10 | a [array element 1] :  | array_flow.rb:13:10:13:13 | ...[...] |
+| array_flow.rb:17:9:17:33 | call to new [array element] :  | array_flow.rb:18:10:18:10 | a [array element] :  |
+| array_flow.rb:17:9:17:33 | call to new [array element] :  | array_flow.rb:19:10:19:10 | a [array element] :  |
+| array_flow.rb:17:9:17:33 | call to new [array element] :  | array_flow.rb:21:19:21:19 | a [array element] :  |
+| array_flow.rb:17:22:17:32 | call to source :  | array_flow.rb:17:9:17:33 | call to new [array element] :  |
+| array_flow.rb:18:10:18:10 | a [array element] :  | array_flow.rb:18:10:18:13 | ...[...] |
+| array_flow.rb:19:10:19:10 | a [array element] :  | array_flow.rb:19:10:19:13 | ...[...] |
+| array_flow.rb:21:9:21:20 | call to new [array element] :  | array_flow.rb:22:10:22:10 | b [array element] :  |
+| array_flow.rb:21:9:21:20 | call to new [array element] :  | array_flow.rb:23:10:23:10 | b [array element] :  |
+| array_flow.rb:21:19:21:19 | a [array element] :  | array_flow.rb:21:9:21:20 | call to new [array element] :  |
+| array_flow.rb:22:10:22:10 | b [array element] :  | array_flow.rb:22:10:22:13 | ...[...] |
+| array_flow.rb:23:10:23:10 | b [array element] :  | array_flow.rb:23:10:23:13 | ...[...] |
+| array_flow.rb:25:9:27:7 | call to new [array element] :  | array_flow.rb:28:10:28:10 | c [array element] :  |
+| array_flow.rb:25:9:27:7 | call to new [array element] :  | array_flow.rb:29:10:29:10 | c [array element] :  |
+| array_flow.rb:26:9:26:19 | call to source :  | array_flow.rb:25:9:27:7 | call to new [array element] :  |
+| array_flow.rb:28:10:28:10 | c [array element] :  | array_flow.rb:28:10:28:13 | ...[...] |
+| array_flow.rb:29:10:29:10 | c [array element] :  | array_flow.rb:29:10:29:13 | ...[...] |
+| array_flow.rb:33:10:33:18 | call to source :  | array_flow.rb:34:27:34:27 | a [array element 0] :  |
+| array_flow.rb:34:9:34:28 | call to try_convert [array element 0] :  | array_flow.rb:35:10:35:10 | b [array element 0] :  |
+| array_flow.rb:34:27:34:27 | a [array element 0] :  | array_flow.rb:34:9:34:28 | call to try_convert [array element 0] :  |
+| array_flow.rb:35:10:35:10 | b [array element 0] :  | array_flow.rb:35:10:35:13 | ...[...] |
+| array_flow.rb:40:10:40:20 | call to source :  | array_flow.rb:42:9:42:9 | a [array element 0] :  |
+| array_flow.rb:41:16:41:26 | call to source :  | array_flow.rb:42:13:42:13 | b [array element 2] :  |
+| array_flow.rb:42:9:42:9 | a [array element 0] :  | array_flow.rb:42:9:42:13 | ... & ... [array element] :  |
+| array_flow.rb:42:9:42:13 | ... & ... [array element] :  | array_flow.rb:43:10:43:10 | c [array element] :  |
+| array_flow.rb:42:9:42:13 | ... & ... [array element] :  | array_flow.rb:44:10:44:10 | c [array element] :  |
+| array_flow.rb:42:13:42:13 | b [array element 2] :  | array_flow.rb:42:9:42:13 | ... & ... [array element] :  |
+| array_flow.rb:43:10:43:10 | c [array element] :  | array_flow.rb:43:10:43:13 | ...[...] |
+| array_flow.rb:44:10:44:10 | c [array element] :  | array_flow.rb:44:10:44:13 | ...[...] |
+| array_flow.rb:48:10:48:18 | call to source :  | array_flow.rb:49:9:49:9 | a [array element 0] :  |
+| array_flow.rb:49:9:49:9 | a [array element 0] :  | array_flow.rb:49:9:49:13 | ... * ... [array element] :  |
+| array_flow.rb:49:9:49:13 | ... * ... [array element] :  | array_flow.rb:50:10:50:10 | b [array element] :  |
+| array_flow.rb:49:9:49:13 | ... * ... [array element] :  | array_flow.rb:51:10:51:10 | b [array element] :  |
+| array_flow.rb:50:10:50:10 | b [array element] :  | array_flow.rb:50:10:50:13 | ...[...] |
+| array_flow.rb:51:10:51:10 | b [array element] :  | array_flow.rb:51:10:51:13 | ...[...] |
+| array_flow.rb:55:10:55:20 | call to source :  | array_flow.rb:57:9:57:9 | a [array element 0] :  |
+| array_flow.rb:56:13:56:23 | call to source :  | array_flow.rb:57:13:57:13 | b [array element 1] :  |
+| array_flow.rb:57:9:57:9 | a [array element 0] :  | array_flow.rb:57:9:57:13 | ... + ... [array element 0] :  |
+| array_flow.rb:57:9:57:13 | ... + ... [array element 0] :  | array_flow.rb:58:10:58:10 | c [array element 0] :  |
+| array_flow.rb:57:9:57:13 | ... + ... [array element] :  | array_flow.rb:58:10:58:10 | c [array element] :  |
+| array_flow.rb:57:9:57:13 | ... + ... [array element] :  | array_flow.rb:59:10:59:10 | c [array element] :  |
+| array_flow.rb:57:13:57:13 | b [array element 1] :  | array_flow.rb:57:9:57:13 | ... + ... [array element] :  |
+| array_flow.rb:58:10:58:10 | c [array element 0] :  | array_flow.rb:58:10:58:13 | ...[...] |
+| array_flow.rb:58:10:58:10 | c [array element] :  | array_flow.rb:58:10:58:13 | ...[...] |
+| array_flow.rb:59:10:59:10 | c [array element] :  | array_flow.rb:59:10:59:13 | ...[...] |
+| array_flow.rb:63:10:63:20 | call to source :  | array_flow.rb:65:9:65:9 | a [array element 0] :  |
+| array_flow.rb:65:9:65:9 | a [array element 0] :  | array_flow.rb:65:9:65:13 | ... - ... [array element] :  |
+| array_flow.rb:65:9:65:13 | ... - ... [array element] :  | array_flow.rb:66:10:66:10 | c [array element] :  |
+| array_flow.rb:65:9:65:13 | ... - ... [array element] :  | array_flow.rb:67:10:67:10 | c [array element] :  |
+| array_flow.rb:66:10:66:10 | c [array element] :  | array_flow.rb:66:10:66:13 | ...[...] |
+| array_flow.rb:67:10:67:10 | c [array element] :  | array_flow.rb:67:10:67:13 | ...[...] |
+| array_flow.rb:71:10:71:20 | call to source :  | array_flow.rb:72:9:72:9 | a [array element 0] :  |
+| array_flow.rb:72:9:72:9 | a [array element 0] :  | array_flow.rb:72:9:72:24 | ... << ... [array element 0] :  |
+| array_flow.rb:72:9:72:24 | ... << ... [array element 0] :  | array_flow.rb:73:10:73:10 | b [array element 0] :  |
+| array_flow.rb:72:9:72:24 | ... << ... [array element] :  | array_flow.rb:73:10:73:10 | b [array element] :  |
+| array_flow.rb:72:9:72:24 | ... << ... [array element] :  | array_flow.rb:74:10:74:10 | b [array element] :  |
+| array_flow.rb:72:14:72:24 | call to source :  | array_flow.rb:72:9:72:24 | ... << ... [array element] :  |
+| array_flow.rb:73:10:73:10 | b [array element 0] :  | array_flow.rb:73:10:73:13 | ...[...] |
+| array_flow.rb:73:10:73:10 | b [array element] :  | array_flow.rb:73:10:73:13 | ...[...] |
+| array_flow.rb:74:10:74:10 | b [array element] :  | array_flow.rb:74:10:74:13 | ...[...] |
+| array_flow.rb:78:13:78:21 | call to source :  | array_flow.rb:79:15:79:15 | a [array element 1] :  |
+| array_flow.rb:79:15:79:15 | a [array element 1] :  | array_flow.rb:81:10:81:10 | c |
+| array_flow.rb:86:13:86:22 | call to source :  | array_flow.rb:87:9:87:9 | a [array element 1] :  |
+| array_flow.rb:87:9:87:9 | a [array element 1] :  | array_flow.rb:87:9:87:15 | ...[...] [array element] :  |
+| array_flow.rb:87:9:87:15 | ...[...] [array element] :  | array_flow.rb:88:10:88:10 | b [array element] :  |
+| array_flow.rb:87:9:87:15 | ...[...] [array element] :  | array_flow.rb:89:10:89:10 | b [array element] :  |
+| array_flow.rb:87:9:87:15 | ...[...] [array element] :  | array_flow.rb:90:10:90:10 | b [array element] :  |
+| array_flow.rb:88:10:88:10 | b [array element] :  | array_flow.rb:88:10:88:13 | ...[...] |
+| array_flow.rb:89:10:89:10 | b [array element] :  | array_flow.rb:89:10:89:13 | ...[...] |
+| array_flow.rb:90:10:90:10 | b [array element] :  | array_flow.rb:90:10:90:13 | ...[...] |
+| array_flow.rb:94:13:94:22 | call to source :  | array_flow.rb:95:9:95:9 | a [array element 1] :  |
+| array_flow.rb:95:9:95:9 | a [array element 1] :  | array_flow.rb:95:9:95:15 | ...[...] [array element] :  |
+| array_flow.rb:95:9:95:15 | ...[...] [array element] :  | array_flow.rb:96:10:96:10 | b [array element] :  |
+| array_flow.rb:95:9:95:15 | ...[...] [array element] :  | array_flow.rb:97:10:97:10 | b [array element] :  |
+| array_flow.rb:95:9:95:15 | ...[...] [array element] :  | array_flow.rb:98:10:98:10 | b [array element] :  |
+| array_flow.rb:96:10:96:10 | b [array element] :  | array_flow.rb:96:10:96:13 | ...[...] |
+| array_flow.rb:97:10:97:10 | b [array element] :  | array_flow.rb:97:10:97:13 | ...[...] |
+| array_flow.rb:98:10:98:10 | b [array element] :  | array_flow.rb:98:10:98:13 | ...[...] |
+| array_flow.rb:103:5:103:5 | [post] a [array element] :  | array_flow.rb:104:10:104:10 | a [array element] :  |
+| array_flow.rb:103:5:103:5 | [post] a [array element] :  | array_flow.rb:105:10:105:10 | a [array element] :  |
+| array_flow.rb:103:5:103:5 | [post] a [array element] :  | array_flow.rb:106:10:106:10 | a [array element] :  |
+| array_flow.rb:103:15:103:24 | call to source :  | array_flow.rb:103:5:103:5 | [post] a [array element] :  |
+| array_flow.rb:104:10:104:10 | a [array element] :  | array_flow.rb:104:10:104:13 | ...[...] |
+| array_flow.rb:105:10:105:10 | a [array element] :  | array_flow.rb:105:10:105:13 | ...[...] |
+| array_flow.rb:106:10:106:10 | a [array element] :  | array_flow.rb:106:10:106:13 | ...[...] |
+| array_flow.rb:111:5:111:5 | [post] a [array element] :  | array_flow.rb:112:10:112:10 | a [array element] :  |
+| array_flow.rb:111:5:111:5 | [post] a [array element] :  | array_flow.rb:113:10:113:10 | a [array element] :  |
+| array_flow.rb:111:5:111:5 | [post] a [array element] :  | array_flow.rb:114:10:114:10 | a [array element] :  |
+| array_flow.rb:111:19:111:28 | call to source :  | array_flow.rb:111:5:111:5 | [post] a [array element] :  |
+| array_flow.rb:112:10:112:10 | a [array element] :  | array_flow.rb:112:10:112:13 | ...[...] |
+| array_flow.rb:113:10:113:10 | a [array element] :  | array_flow.rb:113:10:113:13 | ...[...] |
+| array_flow.rb:114:10:114:10 | a [array element] :  | array_flow.rb:114:10:114:13 | ...[...] |
+| array_flow.rb:119:5:119:5 | [post] a [array element] :  | array_flow.rb:120:10:120:10 | a [array element] :  |
+| array_flow.rb:119:5:119:5 | [post] a [array element] :  | array_flow.rb:121:10:121:10 | a [array element] :  |
+| array_flow.rb:119:5:119:5 | [post] a [array element] :  | array_flow.rb:122:10:122:10 | a [array element] :  |
+| array_flow.rb:119:15:119:24 | call to source :  | array_flow.rb:119:5:119:5 | [post] a [array element] :  |
+| array_flow.rb:120:10:120:10 | a [array element] :  | array_flow.rb:120:10:120:13 | ...[...] |
+| array_flow.rb:121:10:121:10 | a [array element] :  | array_flow.rb:121:10:121:13 | ...[...] |
+| array_flow.rb:122:10:122:10 | a [array element] :  | array_flow.rb:122:10:122:13 | ...[...] |
+| array_flow.rb:127:5:127:5 | [post] a [array element] :  | array_flow.rb:128:10:128:10 | a [array element] :  |
+| array_flow.rb:127:5:127:5 | [post] a [array element] :  | array_flow.rb:129:10:129:10 | a [array element] :  |
+| array_flow.rb:127:5:127:5 | [post] a [array element] :  | array_flow.rb:130:10:130:10 | a [array element] :  |
+| array_flow.rb:127:19:127:28 | call to source :  | array_flow.rb:127:5:127:5 | [post] a [array element] :  |
+| array_flow.rb:128:10:128:10 | a [array element] :  | array_flow.rb:128:10:128:13 | ...[...] |
+| array_flow.rb:129:10:129:10 | a [array element] :  | array_flow.rb:129:10:129:13 | ...[...] |
+| array_flow.rb:130:10:130:10 | a [array element] :  | array_flow.rb:130:10:130:13 | ...[...] |
+| array_flow.rb:134:16:134:25 | call to source :  | array_flow.rb:135:5:135:5 | a [array element 2] :  |
+| array_flow.rb:135:5:135:5 | a [array element 2] :  | array_flow.rb:135:16:135:16 | x :  |
+| array_flow.rb:135:16:135:16 | x :  | array_flow.rb:136:14:136:14 | x |
+| array_flow.rb:141:16:141:25 | call to source :  | array_flow.rb:142:5:142:5 | a [array element 2] :  |
+| array_flow.rb:142:5:142:5 | a [array element 2] :  | array_flow.rb:142:16:142:16 | x :  |
+| array_flow.rb:142:16:142:16 | x :  | array_flow.rb:143:14:143:14 | x |
+| array_flow.rb:150:15:150:24 | call to source :  | array_flow.rb:151:16:151:16 | c [array element 1] :  |
+| array_flow.rb:151:16:151:16 | c [array element 1] :  | array_flow.rb:152:11:152:11 | d [array element 2, array element 1] :  |
+| array_flow.rb:151:16:151:16 | c [array element 1] :  | array_flow.rb:153:11:153:11 | d [array element 2, array element 1] :  |
+| array_flow.rb:152:11:152:11 | d [array element 2, array element 1] :  | array_flow.rb:152:11:152:22 | call to assoc [array element] :  |
+| array_flow.rb:152:11:152:22 | call to assoc [array element] :  | array_flow.rb:152:11:152:25 | ...[...] :  |
+| array_flow.rb:152:11:152:25 | ...[...] :  | array_flow.rb:152:10:152:26 | ( ... ) |
+| array_flow.rb:153:11:153:11 | d [array element 2, array element 1] :  | array_flow.rb:153:11:153:22 | call to assoc [array element] :  |
+| array_flow.rb:153:11:153:22 | call to assoc [array element] :  | array_flow.rb:153:11:153:25 | ...[...] :  |
+| array_flow.rb:153:11:153:25 | ...[...] :  | array_flow.rb:153:10:153:26 | ( ... ) |
+| array_flow.rb:157:13:157:22 | call to source :  | array_flow.rb:159:10:159:10 | a [array element 1] :  |
+| array_flow.rb:157:13:157:22 | call to source :  | array_flow.rb:161:10:161:10 | a [array element 1] :  |
+| array_flow.rb:159:10:159:10 | a [array element 1] :  | array_flow.rb:159:10:159:16 | call to at |
+| array_flow.rb:161:10:161:10 | a [array element 1] :  | array_flow.rb:161:10:161:16 | call to at |
+| array_flow.rb:165:16:165:25 | call to source :  | array_flow.rb:166:9:166:9 | a [array element 2] :  |
+| array_flow.rb:166:9:166:9 | a [array element 2] :  | array_flow.rb:166:9:168:7 | call to bsearch :  |
+| array_flow.rb:166:9:166:9 | a [array element 2] :  | array_flow.rb:166:23:166:23 | x :  |
+| array_flow.rb:166:9:168:7 | call to bsearch :  | array_flow.rb:169:10:169:10 | b |
+| array_flow.rb:166:23:166:23 | x :  | array_flow.rb:167:14:167:14 | x |
+| array_flow.rb:173:16:173:25 | call to source :  | array_flow.rb:174:9:174:9 | a [array element 2] :  |
+| array_flow.rb:174:9:174:9 | a [array element 2] :  | array_flow.rb:174:29:174:29 | x :  |
+| array_flow.rb:174:29:174:29 | x :  | array_flow.rb:175:14:175:14 | x |
+| array_flow.rb:187:16:187:25 | call to source :  | array_flow.rb:188:9:188:9 | a [array element 2] :  |
+| array_flow.rb:188:9:188:9 | a [array element 2] :  | array_flow.rb:188:9:191:7 | call to collect [array element] :  |
+| array_flow.rb:188:9:188:9 | a [array element 2] :  | array_flow.rb:188:23:188:23 | x :  |
+| array_flow.rb:188:9:191:7 | call to collect [array element] :  | array_flow.rb:192:10:192:10 | b [array element] :  |
+| array_flow.rb:188:23:188:23 | x :  | array_flow.rb:189:14:189:14 | x |
+| array_flow.rb:192:10:192:10 | b [array element] :  | array_flow.rb:192:10:192:13 | ...[...] |
+| array_flow.rb:196:16:196:25 | call to source :  | array_flow.rb:197:9:197:9 | a [array element 2] :  |
+| array_flow.rb:197:9:197:9 | a [array element 2] :  | array_flow.rb:197:9:200:7 | call to collect_concat [array element] :  |
+| array_flow.rb:197:9:197:9 | a [array element 2] :  | array_flow.rb:197:30:197:30 | x :  |
+| array_flow.rb:197:9:200:7 | call to collect_concat [array element] :  | array_flow.rb:201:10:201:10 | b [array element] :  |
+| array_flow.rb:197:30:197:30 | x :  | array_flow.rb:198:14:198:14 | x |
+| array_flow.rb:201:10:201:10 | b [array element] :  | array_flow.rb:201:10:201:13 | ...[...] |
+| array_flow.rb:205:16:205:25 | call to source :  | array_flow.rb:206:5:206:5 | a [array element 2] :  |
+| array_flow.rb:206:5:206:5 | a [array element 2] :  | array_flow.rb:206:26:206:26 | x [array element] :  |
+| array_flow.rb:206:26:206:26 | x [array element] :  | array_flow.rb:207:14:207:14 | x [array element] :  |
+| array_flow.rb:207:14:207:14 | x [array element] :  | array_flow.rb:207:14:207:17 | ...[...] |
+| array_flow.rb:212:16:212:25 | call to source :  | array_flow.rb:213:9:213:9 | a [array element 2] :  |
+| array_flow.rb:213:9:213:9 | a [array element 2] :  | array_flow.rb:213:9:213:17 | call to compact [array element] :  |
+| array_flow.rb:213:9:213:17 | call to compact [array element] :  | array_flow.rb:214:10:214:10 | b [array element] :  |
+| array_flow.rb:214:10:214:10 | b [array element] :  | array_flow.rb:214:10:214:13 | ...[...] |
+| array_flow.rb:218:16:218:27 | call to source :  | array_flow.rb:222:10:222:10 | a [array element 2] :  |
+| array_flow.rb:219:16:219:27 | call to source :  | array_flow.rb:220:14:220:14 | b [array element 2] :  |
+| array_flow.rb:220:5:220:5 | [post] a [array element] :  | array_flow.rb:221:10:221:10 | a [array element] :  |
+| array_flow.rb:220:5:220:5 | [post] a [array element] :  | array_flow.rb:222:10:222:10 | a [array element] :  |
+| array_flow.rb:220:14:220:14 | b [array element 2] :  | array_flow.rb:220:5:220:5 | [post] a [array element] :  |
+| array_flow.rb:221:10:221:10 | a [array element] :  | array_flow.rb:221:10:221:13 | ...[...] |
+| array_flow.rb:222:10:222:10 | a [array element 2] :  | array_flow.rb:222:10:222:13 | ...[...] |
+| array_flow.rb:222:10:222:10 | a [array element] :  | array_flow.rb:222:10:222:13 | ...[...] |
+| array_flow.rb:226:16:226:25 | call to source :  | array_flow.rb:227:5:227:5 | a [array element 2] :  |
+| array_flow.rb:227:5:227:5 | a [array element 2] :  | array_flow.rb:227:17:227:17 | x :  |
+| array_flow.rb:227:17:227:17 | x :  | array_flow.rb:228:14:228:14 | x |
+| array_flow.rb:233:16:233:25 | call to source :  | array_flow.rb:234:5:234:5 | a [array element 2] :  |
+| array_flow.rb:234:5:234:5 | a [array element 2] :  | array_flow.rb:234:20:234:20 | x :  |
+| array_flow.rb:234:20:234:20 | x :  | array_flow.rb:235:14:235:14 | x |
+| array_flow.rb:240:16:240:27 | call to source :  | array_flow.rb:241:9:241:9 | a [array element 2] :  |
+| array_flow.rb:241:9:241:9 | a [array element 2] :  | array_flow.rb:241:9:241:36 | call to delete :  |
+| array_flow.rb:241:9:241:36 | call to delete :  | array_flow.rb:242:10:242:10 | b |
+| array_flow.rb:241:23:241:34 | call to source :  | array_flow.rb:241:9:241:36 | call to delete :  |
+| array_flow.rb:246:16:246:25 | call to source :  | array_flow.rb:247:9:247:9 | a [array element 2] :  |
+| array_flow.rb:247:9:247:9 | a [array element 2] :  | array_flow.rb:247:9:247:22 | call to delete_at :  |
+| array_flow.rb:247:9:247:22 | call to delete_at :  | array_flow.rb:248:10:248:10 | b |
+| array_flow.rb:252:16:252:25 | call to source :  | array_flow.rb:253:9:253:9 | a [array element 2] :  |
+| array_flow.rb:253:9:253:9 | a [array element 2] :  | array_flow.rb:253:9:255:7 | call to delete_if [array element] :  |
+| array_flow.rb:253:9:253:9 | a [array element 2] :  | array_flow.rb:253:25:253:25 | x :  |
+| array_flow.rb:253:9:255:7 | call to delete_if [array element] :  | array_flow.rb:256:10:256:10 | b [array element] :  |
+| array_flow.rb:253:25:253:25 | x :  | array_flow.rb:254:14:254:14 | x |
+| array_flow.rb:256:10:256:10 | b [array element] :  | array_flow.rb:256:10:256:13 | ...[...] |
+| array_flow.rb:260:16:260:25 | call to source :  | array_flow.rb:261:9:261:9 | a [array element 2] :  |
+| array_flow.rb:261:9:261:9 | a [array element 2] :  | array_flow.rb:261:9:261:25 | call to difference [array element] :  |
+| array_flow.rb:261:9:261:25 | call to difference [array element] :  | array_flow.rb:262:10:262:10 | b [array element] :  |
+| array_flow.rb:262:10:262:10 | b [array element] :  | array_flow.rb:262:10:262:13 | ...[...] |
+| array_flow.rb:266:16:266:27 | call to source :  | array_flow.rb:268:10:268:10 | a [array element 2] :  |
+| array_flow.rb:266:16:266:27 | call to source :  | array_flow.rb:269:10:269:10 | a [array element 2] :  |
+| array_flow.rb:266:34:266:45 | call to source :  | array_flow.rb:271:10:271:10 | a [array element 3, array element 1] :  |
+| array_flow.rb:268:10:268:10 | a [array element 2] :  | array_flow.rb:268:10:268:17 | call to dig |
+| array_flow.rb:269:10:269:10 | a [array element 2] :  | array_flow.rb:269:10:269:17 | call to dig |
+| array_flow.rb:271:10:271:10 | a [array element 3, array element 1] :  | array_flow.rb:271:10:271:19 | call to dig |
+| array_flow.rb:275:16:275:27 | call to source :  | array_flow.rb:276:9:276:9 | a [array element 2] :  |
+| array_flow.rb:276:9:276:9 | a [array element 2] :  | array_flow.rb:276:9:278:7 | call to detect :  |
+| array_flow.rb:276:9:276:9 | a [array element 2] :  | array_flow.rb:276:43:276:43 | x :  |
+| array_flow.rb:276:9:278:7 | call to detect :  | array_flow.rb:279:10:279:10 | b |
+| array_flow.rb:276:23:276:34 | call to source :  | array_flow.rb:276:9:278:7 | call to detect :  |
+| array_flow.rb:276:43:276:43 | x :  | array_flow.rb:277:14:277:14 | x |
+| array_flow.rb:283:16:283:27 | call to source :  | array_flow.rb:284:9:284:9 | a [array element 2] :  |
+| array_flow.rb:283:16:283:27 | call to source :  | array_flow.rb:286:9:286:9 | a [array element 2] :  |
+| array_flow.rb:283:16:283:27 | call to source :  | array_flow.rb:291:9:291:9 | a [array element 2] :  |
+| array_flow.rb:283:30:283:41 | call to source :  | array_flow.rb:284:9:284:9 | a [array element 3] :  |
+| array_flow.rb:283:30:283:41 | call to source :  | array_flow.rb:286:9:286:9 | a [array element 3] :  |
+| array_flow.rb:284:9:284:9 | a [array element 2] :  | array_flow.rb:284:9:284:17 | call to drop [array element] :  |
+| array_flow.rb:284:9:284:9 | a [array element 3] :  | array_flow.rb:284:9:284:17 | call to drop [array element] :  |
+| array_flow.rb:284:9:284:17 | call to drop [array element] :  | array_flow.rb:285:10:285:10 | b [array element] :  |
+| array_flow.rb:285:10:285:10 | b [array element] :  | array_flow.rb:285:10:285:13 | ...[...] |
+| array_flow.rb:286:9:286:9 | a [array element 2] :  | array_flow.rb:286:9:286:17 | call to drop [array element 1] :  |
+| array_flow.rb:286:9:286:9 | a [array element 3] :  | array_flow.rb:286:9:286:17 | call to drop [array element 2] :  |
+| array_flow.rb:286:9:286:17 | call to drop [array element 1] :  | array_flow.rb:288:10:288:10 | b [array element 1] :  |
+| array_flow.rb:286:9:286:17 | call to drop [array element 1] :  | array_flow.rb:289:10:289:10 | b [array element 1] :  |
+| array_flow.rb:286:9:286:17 | call to drop [array element 2] :  | array_flow.rb:289:10:289:10 | b [array element 2] :  |
+| array_flow.rb:288:10:288:10 | b [array element 1] :  | array_flow.rb:288:10:288:13 | ...[...] |
+| array_flow.rb:289:10:289:10 | b [array element 1] :  | array_flow.rb:289:10:289:13 | ...[...] |
+| array_flow.rb:289:10:289:10 | b [array element 2] :  | array_flow.rb:289:10:289:13 | ...[...] |
+| array_flow.rb:290:5:290:5 | [post] a [array element] :  | array_flow.rb:291:9:291:9 | a [array element] :  |
+| array_flow.rb:290:12:290:23 | call to source :  | array_flow.rb:290:5:290:5 | [post] a [array element] :  |
+| array_flow.rb:291:9:291:9 | a [array element 2] :  | array_flow.rb:291:9:291:17 | call to drop [array element 1] :  |
+| array_flow.rb:291:9:291:9 | a [array element] :  | array_flow.rb:291:9:291:17 | call to drop [array element] :  |
+| array_flow.rb:291:9:291:17 | call to drop [array element 1] :  | array_flow.rb:292:10:292:10 | b [array element 1] :  |
+| array_flow.rb:291:9:291:17 | call to drop [array element] :  | array_flow.rb:292:10:292:10 | b [array element] :  |
+| array_flow.rb:291:9:291:17 | call to drop [array element] :  | array_flow.rb:293:9:293:9 | b [array element] :  |
+| array_flow.rb:292:10:292:10 | b [array element 1] :  | array_flow.rb:292:10:292:13 | ...[...] |
+| array_flow.rb:292:10:292:10 | b [array element] :  | array_flow.rb:292:10:292:13 | ...[...] |
+| array_flow.rb:293:9:293:9 | b [array element] :  | array_flow.rb:293:9:293:19 | call to drop [array element] :  |
+| array_flow.rb:293:9:293:19 | call to drop [array element] :  | array_flow.rb:294:10:294:10 | c [array element] :  |
+| array_flow.rb:294:10:294:10 | c [array element] :  | array_flow.rb:294:10:294:13 | ...[...] |
+| array_flow.rb:298:16:298:27 | call to source :  | array_flow.rb:299:9:299:9 | a [array element 2] :  |
+| array_flow.rb:298:30:298:41 | call to source :  | array_flow.rb:299:9:299:9 | a [array element 3] :  |
+| array_flow.rb:299:9:299:9 | a [array element 2] :  | array_flow.rb:299:9:301:7 | call to drop_while [array element] :  |
+| array_flow.rb:299:9:299:9 | a [array element 2] :  | array_flow.rb:299:26:299:26 | x :  |
+| array_flow.rb:299:9:299:9 | a [array element 3] :  | array_flow.rb:299:9:301:7 | call to drop_while [array element] :  |
+| array_flow.rb:299:9:299:9 | a [array element 3] :  | array_flow.rb:299:26:299:26 | x :  |
+| array_flow.rb:299:9:301:7 | call to drop_while [array element] :  | array_flow.rb:302:10:302:10 | b [array element] :  |
+| array_flow.rb:299:26:299:26 | x :  | array_flow.rb:300:14:300:14 | x |
+| array_flow.rb:302:10:302:10 | b [array element] :  | array_flow.rb:302:10:302:13 | ...[...] |
+| array_flow.rb:306:16:306:25 | call to source :  | array_flow.rb:307:9:307:9 | a [array element 2] :  |
+| array_flow.rb:307:9:307:9 | a [array element 2] :  | array_flow.rb:307:9:309:7 | call to each [array element 2] :  |
+| array_flow.rb:307:9:307:9 | a [array element 2] :  | array_flow.rb:307:20:307:20 | x :  |
+| array_flow.rb:307:9:309:7 | call to each [array element 2] :  | array_flow.rb:310:10:310:10 | b [array element 2] :  |
+| array_flow.rb:307:20:307:20 | x :  | array_flow.rb:308:14:308:14 | x |
+| array_flow.rb:310:10:310:10 | b [array element 2] :  | array_flow.rb:310:10:310:13 | ...[...] |
+| array_flow.rb:314:16:314:25 | call to source :  | array_flow.rb:315:18:315:18 | a [array element 2] :  |
+| array_flow.rb:315:9:317:7 | ... = ... :  | array_flow.rb:315:9:317:7 | call to each :  |
+| array_flow.rb:315:9:317:7 | __synth__0__1 :  | array_flow.rb:315:9:317:7 | ... = ... :  |
+| array_flow.rb:315:9:317:7 | __synth__0__1 :  | array_flow.rb:316:14:316:14 | x |
+| array_flow.rb:315:9:317:7 | call to each :  | array_flow.rb:318:10:318:10 | x |
+| array_flow.rb:315:18:315:18 | a [array element 2] :  | array_flow.rb:315:9:317:7 | __synth__0__1 :  |
+| array_flow.rb:315:18:315:18 | a [array element 2] :  | array_flow.rb:319:10:319:10 | b [array element 2] :  |
+| array_flow.rb:319:10:319:10 | b [array element 2] :  | array_flow.rb:319:10:319:13 | ...[...] |
+| array_flow.rb:323:16:323:25 | call to source :  | array_flow.rb:324:5:324:5 | a [array element 2] :  |
+| array_flow.rb:324:5:324:5 | a [array element 2] :  | array_flow.rb:324:24:324:24 | x [array element] :  |
+| array_flow.rb:324:24:324:24 | x [array element] :  | array_flow.rb:325:15:325:15 | x [array element] :  |
+| array_flow.rb:325:15:325:15 | x [array element] :  | array_flow.rb:325:15:325:18 | ...[...] :  |
+| array_flow.rb:325:15:325:18 | ...[...] :  | array_flow.rb:325:14:325:19 | ( ... ) |
+| array_flow.rb:330:16:330:25 | call to source :  | array_flow.rb:331:9:331:9 | a [array element 2] :  |
+| array_flow.rb:331:9:331:9 | a [array element 2] :  | array_flow.rb:331:9:333:7 | call to each_entry [array element 2] :  |
+| array_flow.rb:331:9:331:9 | a [array element 2] :  | array_flow.rb:331:26:331:26 | x :  |
+| array_flow.rb:331:9:333:7 | call to each_entry [array element 2] :  | array_flow.rb:334:10:334:10 | b [array element 2] :  |
+| array_flow.rb:331:26:331:26 | x :  | array_flow.rb:332:14:332:14 | x |
+| array_flow.rb:334:10:334:10 | b [array element 2] :  | array_flow.rb:334:10:334:13 | ...[...] |
+| array_flow.rb:338:16:338:25 | call to source :  | array_flow.rb:339:9:339:9 | a [array element 2] :  |
+| array_flow.rb:339:9:339:9 | a [array element 2] :  | array_flow.rb:339:9:341:7 | call to each_index [array element 2] :  |
+| array_flow.rb:339:9:341:7 | call to each_index [array element 2] :  | array_flow.rb:342:10:342:10 | b [array element 2] :  |
+| array_flow.rb:342:10:342:10 | b [array element 2] :  | array_flow.rb:342:10:342:13 | ...[...] |
+| array_flow.rb:346:19:346:28 | call to source :  | array_flow.rb:347:5:347:5 | a [array element 3] :  |
+| array_flow.rb:347:5:347:5 | a [array element 3] :  | array_flow.rb:347:25:347:25 | x [array element] :  |
+| array_flow.rb:347:25:347:25 | x [array element] :  | array_flow.rb:348:14:348:14 | x [array element] :  |
+| array_flow.rb:348:14:348:14 | x [array element] :  | array_flow.rb:348:14:348:17 | ...[...] |
+| array_flow.rb:353:19:353:28 | call to source :  | array_flow.rb:354:9:354:9 | a [array element 3] :  |
+| array_flow.rb:354:9:354:9 | a [array element 3] :  | array_flow.rb:354:9:357:7 | call to each_with_index [array element 3] :  |
+| array_flow.rb:354:9:354:9 | a [array element 3] :  | array_flow.rb:354:31:354:31 | x :  |
+| array_flow.rb:354:9:357:7 | call to each_with_index [array element 3] :  | array_flow.rb:358:10:358:10 | b [array element 3] :  |
+| array_flow.rb:354:31:354:31 | x :  | array_flow.rb:355:14:355:14 | x |
+| array_flow.rb:358:10:358:10 | b [array element 3] :  | array_flow.rb:358:10:358:13 | ...[...] |
+| array_flow.rb:362:19:362:30 | call to source :  | array_flow.rb:363:9:363:9 | a [array element 3] :  |
+| array_flow.rb:363:9:363:9 | a [array element 3] :  | array_flow.rb:363:46:363:46 | x :  |
+| array_flow.rb:363:9:366:7 | call to each_with_object :  | array_flow.rb:367:10:367:10 | b |
+| array_flow.rb:363:28:363:39 | call to source :  | array_flow.rb:363:9:366:7 | call to each_with_object :  |
+| array_flow.rb:363:28:363:39 | call to source :  | array_flow.rb:363:48:363:48 | a :  |
+| array_flow.rb:363:46:363:46 | x :  | array_flow.rb:364:14:364:14 | x |
+| array_flow.rb:363:48:363:48 | a :  | array_flow.rb:365:14:365:14 | a |
+| array_flow.rb:371:19:371:30 | call to source :  | array_flow.rb:372:9:372:9 | a [array element 3] :  |
+| array_flow.rb:372:9:372:9 | a [array element 3] :  | array_flow.rb:372:9:374:7 | call to fetch :  |
+| array_flow.rb:372:9:374:7 | call to fetch :  | array_flow.rb:375:10:375:10 | b |
+| array_flow.rb:372:17:372:28 | call to source :  | array_flow.rb:372:35:372:35 | x :  |
+| array_flow.rb:372:35:372:35 | x :  | array_flow.rb:373:14:373:14 | x |
+| array_flow.rb:379:19:379:30 | call to source :  | array_flow.rb:381:10:381:10 | a [array element 3] :  |
+| array_flow.rb:380:5:380:5 | [post] a [array element] :  | array_flow.rb:381:10:381:10 | a [array element] :  |
+| array_flow.rb:380:12:380:23 | call to source :  | array_flow.rb:380:5:380:5 | [post] a [array element] :  |
+| array_flow.rb:381:10:381:10 | a [array element 3] :  | array_flow.rb:381:10:381:13 | ...[...] |
+| array_flow.rb:381:10:381:10 | a [array element] :  | array_flow.rb:381:10:381:13 | ...[...] |
+| array_flow.rb:382:5:382:5 | [post] a [array element] :  | array_flow.rb:383:10:383:10 | a [array element] :  |
+| array_flow.rb:382:12:382:23 | call to source :  | array_flow.rb:382:5:382:5 | [post] a [array element] :  |
+| array_flow.rb:383:10:383:10 | a [array element] :  | array_flow.rb:383:10:383:13 | ...[...] |
+| array_flow.rb:384:5:384:5 | [post] a [array element] :  | array_flow.rb:387:10:387:10 | a [array element] :  |
+| array_flow.rb:384:5:384:5 | [post] a [array element] :  | array_flow.rb:391:10:391:10 | a [array element] :  |
+| array_flow.rb:385:9:385:20 | call to source :  | array_flow.rb:384:5:384:5 | [post] a [array element] :  |
+| array_flow.rb:387:10:387:10 | a [array element] :  | array_flow.rb:387:10:387:13 | ...[...] |
+| array_flow.rb:388:5:388:5 | [post] a [array element] :  | array_flow.rb:391:10:391:10 | a [array element] :  |
+| array_flow.rb:389:9:389:20 | call to source :  | array_flow.rb:388:5:388:5 | [post] a [array element] :  |
+| array_flow.rb:391:10:391:10 | a [array element] :  | array_flow.rb:391:10:391:13 | ...[...] |
+| array_flow.rb:395:19:395:28 | call to source :  | array_flow.rb:396:9:396:9 | a [array element 3] :  |
+| array_flow.rb:396:9:396:9 | a [array element 3] :  | array_flow.rb:396:9:398:7 | call to filter [array element] :  |
+| array_flow.rb:396:9:396:9 | a [array element 3] :  | array_flow.rb:396:22:396:22 | x :  |
+| array_flow.rb:396:9:398:7 | call to filter [array element] :  | array_flow.rb:399:10:399:10 | b [array element] :  |
+| array_flow.rb:396:22:396:22 | x :  | array_flow.rb:397:14:397:14 | x |
+| array_flow.rb:399:10:399:10 | b [array element] :  | array_flow.rb:399:10:399:13 | ...[...] |
+| array_flow.rb:403:19:403:28 | call to source :  | array_flow.rb:404:9:404:9 | a [array element 3] :  |
+| array_flow.rb:404:9:404:9 | a [array element 3] :  | array_flow.rb:404:9:406:7 | call to filter_map [array element] :  |
+| array_flow.rb:404:9:404:9 | a [array element 3] :  | array_flow.rb:404:26:404:26 | x :  |
+| array_flow.rb:404:9:406:7 | call to filter_map [array element] :  | array_flow.rb:407:10:407:10 | b [array element] :  |
+| array_flow.rb:404:26:404:26 | x :  | array_flow.rb:405:14:405:14 | x |
+| array_flow.rb:407:10:407:10 | b [array element] :  | array_flow.rb:407:10:407:13 | ...[...] |
+| array_flow.rb:411:19:411:28 | call to source :  | array_flow.rb:412:9:412:9 | a [array element 3] :  |
+| array_flow.rb:412:9:412:9 | a [array element 3] :  | array_flow.rb:412:9:415:7 | call to filter! [array element] :  |
+| array_flow.rb:412:9:412:9 | a [array element 3] :  | array_flow.rb:412:23:412:23 | x :  |
+| array_flow.rb:412:9:415:7 | call to filter! [array element] :  | array_flow.rb:416:10:416:10 | b [array element] :  |
+| array_flow.rb:412:23:412:23 | x :  | array_flow.rb:413:14:413:14 | x |
+| array_flow.rb:416:10:416:10 | b [array element] :  | array_flow.rb:416:10:416:13 | ...[...] |
+| array_flow.rb:420:19:420:30 | call to source :  | array_flow.rb:421:9:421:9 | a [array element 3] :  |
+| array_flow.rb:421:9:421:9 | a [array element 3] :  | array_flow.rb:421:9:423:7 | call to find :  |
+| array_flow.rb:421:9:421:9 | a [array element 3] :  | array_flow.rb:421:41:421:41 | x :  |
+| array_flow.rb:421:9:423:7 | call to find :  | array_flow.rb:424:10:424:10 | b |
+| array_flow.rb:421:21:421:32 | call to source :  | array_flow.rb:421:9:423:7 | call to find :  |
+| array_flow.rb:421:41:421:41 | x :  | array_flow.rb:422:14:422:14 | x |
+| array_flow.rb:428:19:428:28 | call to source :  | array_flow.rb:429:9:429:9 | a [array element 3] :  |
+| array_flow.rb:429:9:429:9 | a [array element 3] :  | array_flow.rb:429:9:431:7 | call to find_all [array element] :  |
+| array_flow.rb:429:9:429:9 | a [array element 3] :  | array_flow.rb:429:24:429:24 | x :  |
+| array_flow.rb:429:9:431:7 | call to find_all [array element] :  | array_flow.rb:432:10:432:10 | b [array element] :  |
+| array_flow.rb:429:24:429:24 | x :  | array_flow.rb:430:14:430:14 | x |
+| array_flow.rb:432:10:432:10 | b [array element] :  | array_flow.rb:432:10:432:13 | ...[...] |
+| array_flow.rb:436:19:436:28 | call to source :  | array_flow.rb:437:5:437:5 | a [array element 3] :  |
+| array_flow.rb:437:5:437:5 | a [array element 3] :  | array_flow.rb:437:22:437:22 | x :  |
+| array_flow.rb:437:22:437:22 | x :  | array_flow.rb:438:14:438:14 | x |
+| array_flow.rb:443:10:443:21 | call to source :  | array_flow.rb:445:10:445:10 | a [array element 0] :  |
+| array_flow.rb:443:10:443:21 | call to source :  | array_flow.rb:446:9:446:9 | a [array element 0] :  |
+| array_flow.rb:443:10:443:21 | call to source :  | array_flow.rb:449:9:449:9 | a [array element 0] :  |
+| array_flow.rb:443:30:443:41 | call to source :  | array_flow.rb:449:9:449:9 | a [array element 3] :  |
+| array_flow.rb:444:5:444:5 | [post] a [array element] :  | array_flow.rb:445:10:445:10 | a [array element] :  |
+| array_flow.rb:444:5:444:5 | [post] a [array element] :  | array_flow.rb:446:9:446:9 | a [array element] :  |
+| array_flow.rb:444:5:444:5 | [post] a [array element] :  | array_flow.rb:449:9:449:9 | a [array element] :  |
+| array_flow.rb:444:12:444:23 | call to source :  | array_flow.rb:444:5:444:5 | [post] a [array element] :  |
+| array_flow.rb:445:10:445:10 | a [array element 0] :  | array_flow.rb:445:10:445:16 | call to first |
+| array_flow.rb:445:10:445:10 | a [array element] :  | array_flow.rb:445:10:445:16 | call to first |
+| array_flow.rb:446:9:446:9 | a [array element 0] :  | array_flow.rb:446:9:446:18 | call to first [array element 0] :  |
+| array_flow.rb:446:9:446:9 | a [array element] :  | array_flow.rb:446:9:446:18 | call to first [array element] :  |
+| array_flow.rb:446:9:446:18 | call to first [array element 0] :  | array_flow.rb:447:10:447:10 | b [array element 0] :  |
+| array_flow.rb:446:9:446:18 | call to first [array element] :  | array_flow.rb:447:10:447:10 | b [array element] :  |
+| array_flow.rb:446:9:446:18 | call to first [array element] :  | array_flow.rb:448:10:448:10 | b [array element] :  |
+| array_flow.rb:447:10:447:10 | b [array element 0] :  | array_flow.rb:447:10:447:13 | ...[...] |
+| array_flow.rb:447:10:447:10 | b [array element] :  | array_flow.rb:447:10:447:13 | ...[...] |
+| array_flow.rb:448:10:448:10 | b [array element] :  | array_flow.rb:448:10:448:13 | ...[...] |
+| array_flow.rb:449:9:449:9 | a [array element 0] :  | array_flow.rb:449:9:449:18 | call to first [array element 0] :  |
+| array_flow.rb:449:9:449:9 | a [array element 3] :  | array_flow.rb:449:9:449:18 | call to first [array element 3] :  |
+| array_flow.rb:449:9:449:9 | a [array element] :  | array_flow.rb:449:9:449:18 | call to first [array element] :  |
+| array_flow.rb:449:9:449:18 | call to first [array element 0] :  | array_flow.rb:450:10:450:10 | c [array element 0] :  |
+| array_flow.rb:449:9:449:18 | call to first [array element 3] :  | array_flow.rb:451:10:451:10 | c [array element 3] :  |
+| array_flow.rb:449:9:449:18 | call to first [array element] :  | array_flow.rb:450:10:450:10 | c [array element] :  |
+| array_flow.rb:449:9:449:18 | call to first [array element] :  | array_flow.rb:451:10:451:10 | c [array element] :  |
+| array_flow.rb:450:10:450:10 | c [array element 0] :  | array_flow.rb:450:10:450:13 | ...[...] |
+| array_flow.rb:450:10:450:10 | c [array element] :  | array_flow.rb:450:10:450:13 | ...[...] |
+| array_flow.rb:451:10:451:10 | c [array element 3] :  | array_flow.rb:451:10:451:13 | ...[...] |
+| array_flow.rb:451:10:451:10 | c [array element] :  | array_flow.rb:451:10:451:13 | ...[...] |
+| array_flow.rb:455:19:455:30 | call to source :  | array_flow.rb:456:9:456:9 | a [array element 3] :  |
+| array_flow.rb:456:9:456:9 | a [array element 3] :  | array_flow.rb:456:9:459:7 | call to flat_map [array element] :  |
+| array_flow.rb:456:9:456:9 | a [array element 3] :  | array_flow.rb:456:24:456:24 | x :  |
+| array_flow.rb:456:9:459:7 | call to flat_map [array element] :  | array_flow.rb:460:10:460:10 | b [array element] :  |
+| array_flow.rb:456:24:456:24 | x :  | array_flow.rb:457:14:457:14 | x |
+| array_flow.rb:458:13:458:24 | call to source :  | array_flow.rb:456:9:459:7 | call to flat_map [array element] :  |
+| array_flow.rb:460:10:460:10 | b [array element] :  | array_flow.rb:460:10:460:13 | ...[...] |
+| array_flow.rb:464:20:464:29 | call to source :  | array_flow.rb:465:9:465:9 | a [array element 2, array element 1] :  |
+| array_flow.rb:465:9:465:9 | a [array element 2, array element 1] :  | array_flow.rb:465:9:465:17 | call to flatten [array element] :  |
+| array_flow.rb:465:9:465:17 | call to flatten [array element] :  | array_flow.rb:466:10:466:10 | b [array element] :  |
+| array_flow.rb:466:10:466:10 | b [array element] :  | array_flow.rb:466:10:466:13 | ...[...] |
+| array_flow.rb:470:20:470:29 | call to source :  | array_flow.rb:471:10:471:10 | a [array element 2, array element 1] :  |
+| array_flow.rb:470:20:470:29 | call to source :  | array_flow.rb:472:5:472:5 | a [array element 2, array element 1] :  |
+| array_flow.rb:471:10:471:10 | a [array element 2, array element 1] :  | array_flow.rb:471:10:471:13 | ...[...] [array element 1] :  |
+| array_flow.rb:471:10:471:13 | ...[...] [array element 1] :  | array_flow.rb:471:10:471:16 | ...[...] |
+| array_flow.rb:472:5:472:5 | [post] a [array element, array element 1] :  | array_flow.rb:474:10:474:10 | a [array element, array element 1] :  |
+| array_flow.rb:472:5:472:5 | [post] a [array element] :  | array_flow.rb:473:10:473:10 | a [array element] :  |
+| array_flow.rb:472:5:472:5 | a [array element 2, array element 1] :  | array_flow.rb:472:5:472:5 | [post] a [array element, array element 1] :  |
+| array_flow.rb:472:5:472:5 | a [array element 2, array element 1] :  | array_flow.rb:472:5:472:5 | [post] a [array element] :  |
+| array_flow.rb:473:10:473:10 | a [array element] :  | array_flow.rb:473:10:473:13 | ...[...] |
+| array_flow.rb:474:10:474:10 | a [array element, array element 1] :  | array_flow.rb:474:10:474:13 | ...[...] [array element 1] :  |
+| array_flow.rb:474:10:474:13 | ...[...] [array element 1] :  | array_flow.rb:474:10:474:16 | ...[...] |
+| array_flow.rb:478:19:478:30 | call to source :  | array_flow.rb:479:9:479:9 | a [array element 3] :  |
+| array_flow.rb:478:19:478:30 | call to source :  | array_flow.rb:481:9:481:9 | a [array element 3] :  |
+| array_flow.rb:479:9:479:9 | a [array element 3] :  | array_flow.rb:479:9:479:20 | call to grep [array element] :  |
+| array_flow.rb:479:9:479:20 | call to grep [array element] :  | array_flow.rb:480:10:480:10 | b [array element] :  |
+| array_flow.rb:480:10:480:10 | b [array element] :  | array_flow.rb:480:10:480:13 | ...[...] |
+| array_flow.rb:481:9:481:9 | a [array element 3] :  | array_flow.rb:481:26:481:26 | x :  |
+| array_flow.rb:481:9:484:7 | call to grep [array element] :  | array_flow.rb:485:10:485:10 | b [array element] :  |
+| array_flow.rb:481:26:481:26 | x :  | array_flow.rb:482:14:482:14 | x |
+| array_flow.rb:483:9:483:20 | call to source :  | array_flow.rb:481:9:484:7 | call to grep [array element] :  |
+| array_flow.rb:485:10:485:10 | b [array element] :  | array_flow.rb:485:10:485:13 | ...[...] |
+| array_flow.rb:489:19:489:30 | call to source :  | array_flow.rb:490:9:490:9 | a [array element 3] :  |
+| array_flow.rb:489:19:489:30 | call to source :  | array_flow.rb:492:9:492:9 | a [array element 3] :  |
+| array_flow.rb:490:9:490:9 | a [array element 3] :  | array_flow.rb:490:9:490:21 | call to grep_v [array element] :  |
+| array_flow.rb:490:9:490:21 | call to grep_v [array element] :  | array_flow.rb:491:10:491:10 | b [array element] :  |
+| array_flow.rb:491:10:491:10 | b [array element] :  | array_flow.rb:491:10:491:13 | ...[...] |
+| array_flow.rb:492:9:492:9 | a [array element 3] :  | array_flow.rb:492:27:492:27 | x :  |
+| array_flow.rb:492:9:495:7 | call to grep_v [array element] :  | array_flow.rb:496:10:496:10 | b [array element] :  |
+| array_flow.rb:492:27:492:27 | x :  | array_flow.rb:493:14:493:14 | x |
+| array_flow.rb:494:9:494:20 | call to source :  | array_flow.rb:492:9:495:7 | call to grep_v [array element] :  |
+| array_flow.rb:496:10:496:10 | b [array element] :  | array_flow.rb:496:10:496:13 | ...[...] |
+| array_flow.rb:500:19:500:28 | call to source :  | array_flow.rb:501:5:501:5 | a [array element 3] :  |
+| array_flow.rb:501:5:501:5 | a [array element 3] :  | array_flow.rb:501:17:501:17 | x :  |
+| array_flow.rb:501:17:501:17 | x :  | array_flow.rb:502:14:502:14 | x |
+| array_flow.rb:508:5:508:5 | [post] a [array element 0] :  | array_flow.rb:509:10:509:10 | a [array element 0] :  |
+| array_flow.rb:508:16:508:27 | call to source :  | array_flow.rb:508:5:508:5 | [post] a [array element 0] :  |
+| array_flow.rb:509:10:509:10 | a [array element 0] :  | array_flow.rb:509:10:509:13 | ...[...] |
+| array_flow.rb:515:16:515:29 | call to source :  | array_flow.rb:516:5:516:5 | a [array element 2] :  |
+| array_flow.rb:516:5:516:5 | [post] a [array element 2] :  | array_flow.rb:519:10:519:10 | a [array element 2] :  |
+| array_flow.rb:516:5:516:5 | [post] a [array element 5] :  | array_flow.rb:522:10:522:10 | a [array element 5] :  |
+| array_flow.rb:516:5:516:5 | a [array element 2] :  | array_flow.rb:516:5:516:5 | [post] a [array element 5] :  |
+| array_flow.rb:516:21:516:34 | call to source :  | array_flow.rb:516:5:516:5 | [post] a [array element 2] :  |
+| array_flow.rb:519:10:519:10 | a [array element 2] :  | array_flow.rb:519:10:519:13 | ...[...] |
+| array_flow.rb:522:10:522:10 | a [array element 5] :  | array_flow.rb:522:10:522:13 | ...[...] |
+nodes
+| array_flow.rb:2:9:2:18 | * ... [array element 0] :  | semmle.label | * ... [array element 0] :  |
+| array_flow.rb:2:10:2:18 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:3:10:3:10 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:3:10:3:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:5:10:5:10 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:5:10:5:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:9:13:9:21 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:11:10:11:10 | a [array element 1] :  | semmle.label | a [array element 1] :  |
+| array_flow.rb:11:10:11:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:13:10:13:10 | a [array element 1] :  | semmle.label | a [array element 1] :  |
+| array_flow.rb:13:10:13:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:17:9:17:33 | call to new [array element] :  | semmle.label | call to new [array element] :  |
+| array_flow.rb:17:22:17:32 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:18:10:18:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:18:10:18:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:19:10:19:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:19:10:19:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:21:9:21:20 | call to new [array element] :  | semmle.label | call to new [array element] :  |
+| array_flow.rb:21:19:21:19 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:22:10:22:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:22:10:22:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:23:10:23:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:23:10:23:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:25:9:27:7 | call to new [array element] :  | semmle.label | call to new [array element] :  |
+| array_flow.rb:26:9:26:19 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:28:10:28:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:28:10:28:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:29:10:29:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:29:10:29:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:33:10:33:18 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:34:9:34:28 | call to try_convert [array element 0] :  | semmle.label | call to try_convert [array element 0] :  |
+| array_flow.rb:34:27:34:27 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:35:10:35:10 | b [array element 0] :  | semmle.label | b [array element 0] :  |
+| array_flow.rb:35:10:35:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:40:10:40:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:41:16:41:26 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:42:9:42:9 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:42:9:42:13 | ... & ... [array element] :  | semmle.label | ... & ... [array element] :  |
+| array_flow.rb:42:13:42:13 | b [array element 2] :  | semmle.label | b [array element 2] :  |
+| array_flow.rb:43:10:43:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:43:10:43:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:44:10:44:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:44:10:44:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:48:10:48:18 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:49:9:49:9 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:49:9:49:13 | ... * ... [array element] :  | semmle.label | ... * ... [array element] :  |
+| array_flow.rb:50:10:50:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:50:10:50:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:51:10:51:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:51:10:51:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:55:10:55:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:56:13:56:23 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:57:9:57:9 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:57:9:57:13 | ... + ... [array element 0] :  | semmle.label | ... + ... [array element 0] :  |
+| array_flow.rb:57:9:57:13 | ... + ... [array element] :  | semmle.label | ... + ... [array element] :  |
+| array_flow.rb:57:13:57:13 | b [array element 1] :  | semmle.label | b [array element 1] :  |
+| array_flow.rb:58:10:58:10 | c [array element 0] :  | semmle.label | c [array element 0] :  |
+| array_flow.rb:58:10:58:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:58:10:58:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:59:10:59:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:59:10:59:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:63:10:63:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:65:9:65:9 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:65:9:65:13 | ... - ... [array element] :  | semmle.label | ... - ... [array element] :  |
+| array_flow.rb:66:10:66:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:66:10:66:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:67:10:67:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:67:10:67:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:71:10:71:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:72:9:72:9 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:72:9:72:24 | ... << ... [array element 0] :  | semmle.label | ... << ... [array element 0] :  |
+| array_flow.rb:72:9:72:24 | ... << ... [array element] :  | semmle.label | ... << ... [array element] :  |
+| array_flow.rb:72:14:72:24 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:73:10:73:10 | b [array element 0] :  | semmle.label | b [array element 0] :  |
+| array_flow.rb:73:10:73:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:73:10:73:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:74:10:74:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:74:10:74:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:78:13:78:21 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:79:15:79:15 | a [array element 1] :  | semmle.label | a [array element 1] :  |
+| array_flow.rb:81:10:81:10 | c | semmle.label | c |
+| array_flow.rb:86:13:86:22 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:87:9:87:9 | a [array element 1] :  | semmle.label | a [array element 1] :  |
+| array_flow.rb:87:9:87:15 | ...[...] [array element] :  | semmle.label | ...[...] [array element] :  |
+| array_flow.rb:88:10:88:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:88:10:88:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:89:10:89:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:89:10:89:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:90:10:90:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:90:10:90:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:94:13:94:22 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:95:9:95:9 | a [array element 1] :  | semmle.label | a [array element 1] :  |
+| array_flow.rb:95:9:95:15 | ...[...] [array element] :  | semmle.label | ...[...] [array element] :  |
+| array_flow.rb:96:10:96:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:96:10:96:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:97:10:97:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:97:10:97:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:98:10:98:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:98:10:98:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:103:5:103:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:103:15:103:24 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:104:10:104:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:104:10:104:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:105:10:105:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:105:10:105:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:106:10:106:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:106:10:106:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:111:5:111:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:111:19:111:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:112:10:112:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:112:10:112:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:113:10:113:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:113:10:113:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:114:10:114:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:114:10:114:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:119:5:119:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:119:15:119:24 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:120:10:120:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:120:10:120:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:121:10:121:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:121:10:121:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:122:10:122:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:122:10:122:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:127:5:127:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:127:19:127:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:128:10:128:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:128:10:128:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:129:10:129:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:129:10:129:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:130:10:130:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:130:10:130:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:134:16:134:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:135:5:135:5 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:135:16:135:16 | x :  | semmle.label | x :  |
+| array_flow.rb:136:14:136:14 | x | semmle.label | x |
+| array_flow.rb:141:16:141:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:142:5:142:5 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:142:16:142:16 | x :  | semmle.label | x :  |
+| array_flow.rb:143:14:143:14 | x | semmle.label | x |
+| array_flow.rb:150:15:150:24 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:151:16:151:16 | c [array element 1] :  | semmle.label | c [array element 1] :  |
+| array_flow.rb:152:10:152:26 | ( ... ) | semmle.label | ( ... ) |
+| array_flow.rb:152:11:152:11 | d [array element 2, array element 1] :  | semmle.label | d [array element 2, array element 1] :  |
+| array_flow.rb:152:11:152:22 | call to assoc [array element] :  | semmle.label | call to assoc [array element] :  |
+| array_flow.rb:152:11:152:25 | ...[...] :  | semmle.label | ...[...] :  |
+| array_flow.rb:153:10:153:26 | ( ... ) | semmle.label | ( ... ) |
+| array_flow.rb:153:11:153:11 | d [array element 2, array element 1] :  | semmle.label | d [array element 2, array element 1] :  |
+| array_flow.rb:153:11:153:22 | call to assoc [array element] :  | semmle.label | call to assoc [array element] :  |
+| array_flow.rb:153:11:153:25 | ...[...] :  | semmle.label | ...[...] :  |
+| array_flow.rb:157:13:157:22 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:159:10:159:10 | a [array element 1] :  | semmle.label | a [array element 1] :  |
+| array_flow.rb:159:10:159:16 | call to at | semmle.label | call to at |
+| array_flow.rb:161:10:161:10 | a [array element 1] :  | semmle.label | a [array element 1] :  |
+| array_flow.rb:161:10:161:16 | call to at | semmle.label | call to at |
+| array_flow.rb:165:16:165:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:166:9:166:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:166:9:168:7 | call to bsearch :  | semmle.label | call to bsearch :  |
+| array_flow.rb:166:23:166:23 | x :  | semmle.label | x :  |
+| array_flow.rb:167:14:167:14 | x | semmle.label | x |
+| array_flow.rb:169:10:169:10 | b | semmle.label | b |
+| array_flow.rb:173:16:173:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:174:9:174:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:174:29:174:29 | x :  | semmle.label | x :  |
+| array_flow.rb:175:14:175:14 | x | semmle.label | x |
+| array_flow.rb:187:16:187:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:188:9:188:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:188:9:191:7 | call to collect [array element] :  | semmle.label | call to collect [array element] :  |
+| array_flow.rb:188:23:188:23 | x :  | semmle.label | x :  |
+| array_flow.rb:189:14:189:14 | x | semmle.label | x |
+| array_flow.rb:192:10:192:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:192:10:192:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:196:16:196:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:197:9:197:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:197:9:200:7 | call to collect_concat [array element] :  | semmle.label | call to collect_concat [array element] :  |
+| array_flow.rb:197:30:197:30 | x :  | semmle.label | x :  |
+| array_flow.rb:198:14:198:14 | x | semmle.label | x |
+| array_flow.rb:201:10:201:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:201:10:201:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:205:16:205:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:206:5:206:5 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:206:26:206:26 | x [array element] :  | semmle.label | x [array element] :  |
+| array_flow.rb:207:14:207:14 | x [array element] :  | semmle.label | x [array element] :  |
+| array_flow.rb:207:14:207:17 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:212:16:212:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:213:9:213:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:213:9:213:17 | call to compact [array element] :  | semmle.label | call to compact [array element] :  |
+| array_flow.rb:214:10:214:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:214:10:214:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:218:16:218:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:219:16:219:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:220:5:220:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:220:14:220:14 | b [array element 2] :  | semmle.label | b [array element 2] :  |
+| array_flow.rb:221:10:221:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:221:10:221:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:222:10:222:10 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:222:10:222:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:222:10:222:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:226:16:226:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:227:5:227:5 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:227:17:227:17 | x :  | semmle.label | x :  |
+| array_flow.rb:228:14:228:14 | x | semmle.label | x |
+| array_flow.rb:233:16:233:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:234:5:234:5 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:234:20:234:20 | x :  | semmle.label | x :  |
+| array_flow.rb:235:14:235:14 | x | semmle.label | x |
+| array_flow.rb:240:16:240:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:241:9:241:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:241:9:241:36 | call to delete :  | semmle.label | call to delete :  |
+| array_flow.rb:241:23:241:34 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:242:10:242:10 | b | semmle.label | b |
+| array_flow.rb:246:16:246:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:247:9:247:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:247:9:247:22 | call to delete_at :  | semmle.label | call to delete_at :  |
+| array_flow.rb:248:10:248:10 | b | semmle.label | b |
+| array_flow.rb:252:16:252:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:253:9:253:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:253:9:255:7 | call to delete_if [array element] :  | semmle.label | call to delete_if [array element] :  |
+| array_flow.rb:253:25:253:25 | x :  | semmle.label | x :  |
+| array_flow.rb:254:14:254:14 | x | semmle.label | x |
+| array_flow.rb:256:10:256:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:256:10:256:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:260:16:260:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:261:9:261:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:261:9:261:25 | call to difference [array element] :  | semmle.label | call to difference [array element] :  |
+| array_flow.rb:262:10:262:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:262:10:262:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:266:16:266:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:266:34:266:45 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:268:10:268:10 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:268:10:268:17 | call to dig | semmle.label | call to dig |
+| array_flow.rb:269:10:269:10 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:269:10:269:17 | call to dig | semmle.label | call to dig |
+| array_flow.rb:271:10:271:10 | a [array element 3, array element 1] :  | semmle.label | a [array element 3, array element 1] :  |
+| array_flow.rb:271:10:271:19 | call to dig | semmle.label | call to dig |
+| array_flow.rb:275:16:275:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:276:9:276:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:276:9:278:7 | call to detect :  | semmle.label | call to detect :  |
+| array_flow.rb:276:23:276:34 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:276:43:276:43 | x :  | semmle.label | x :  |
+| array_flow.rb:277:14:277:14 | x | semmle.label | x |
+| array_flow.rb:279:10:279:10 | b | semmle.label | b |
+| array_flow.rb:283:16:283:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:283:30:283:41 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:284:9:284:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:284:9:284:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:284:9:284:17 | call to drop [array element] :  | semmle.label | call to drop [array element] :  |
+| array_flow.rb:285:10:285:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:285:10:285:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:286:9:286:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:286:9:286:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:286:9:286:17 | call to drop [array element 1] :  | semmle.label | call to drop [array element 1] :  |
+| array_flow.rb:286:9:286:17 | call to drop [array element 2] :  | semmle.label | call to drop [array element 2] :  |
+| array_flow.rb:288:10:288:10 | b [array element 1] :  | semmle.label | b [array element 1] :  |
+| array_flow.rb:288:10:288:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:289:10:289:10 | b [array element 1] :  | semmle.label | b [array element 1] :  |
+| array_flow.rb:289:10:289:10 | b [array element 2] :  | semmle.label | b [array element 2] :  |
+| array_flow.rb:289:10:289:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:290:5:290:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:290:12:290:23 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:291:9:291:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:291:9:291:9 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:291:9:291:17 | call to drop [array element 1] :  | semmle.label | call to drop [array element 1] :  |
+| array_flow.rb:291:9:291:17 | call to drop [array element] :  | semmle.label | call to drop [array element] :  |
+| array_flow.rb:292:10:292:10 | b [array element 1] :  | semmle.label | b [array element 1] :  |
+| array_flow.rb:292:10:292:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:292:10:292:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:293:9:293:9 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:293:9:293:19 | call to drop [array element] :  | semmle.label | call to drop [array element] :  |
+| array_flow.rb:294:10:294:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:294:10:294:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:298:16:298:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:298:30:298:41 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:299:9:299:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:299:9:299:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:299:9:301:7 | call to drop_while [array element] :  | semmle.label | call to drop_while [array element] :  |
+| array_flow.rb:299:26:299:26 | x :  | semmle.label | x :  |
+| array_flow.rb:300:14:300:14 | x | semmle.label | x |
+| array_flow.rb:302:10:302:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:302:10:302:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:306:16:306:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:307:9:307:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:307:9:309:7 | call to each [array element 2] :  | semmle.label | call to each [array element 2] :  |
+| array_flow.rb:307:20:307:20 | x :  | semmle.label | x :  |
+| array_flow.rb:308:14:308:14 | x | semmle.label | x |
+| array_flow.rb:310:10:310:10 | b [array element 2] :  | semmle.label | b [array element 2] :  |
+| array_flow.rb:310:10:310:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:314:16:314:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:315:9:317:7 | ... = ... :  | semmle.label | ... = ... :  |
+| array_flow.rb:315:9:317:7 | __synth__0__1 :  | semmle.label | __synth__0__1 :  |
+| array_flow.rb:315:9:317:7 | call to each :  | semmle.label | call to each :  |
+| array_flow.rb:315:18:315:18 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:316:14:316:14 | x | semmle.label | x |
+| array_flow.rb:318:10:318:10 | x | semmle.label | x |
+| array_flow.rb:319:10:319:10 | b [array element 2] :  | semmle.label | b [array element 2] :  |
+| array_flow.rb:319:10:319:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:323:16:323:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:324:5:324:5 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:324:24:324:24 | x [array element] :  | semmle.label | x [array element] :  |
+| array_flow.rb:325:14:325:19 | ( ... ) | semmle.label | ( ... ) |
+| array_flow.rb:325:15:325:15 | x [array element] :  | semmle.label | x [array element] :  |
+| array_flow.rb:325:15:325:18 | ...[...] :  | semmle.label | ...[...] :  |
+| array_flow.rb:330:16:330:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:331:9:331:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:331:9:333:7 | call to each_entry [array element 2] :  | semmle.label | call to each_entry [array element 2] :  |
+| array_flow.rb:331:26:331:26 | x :  | semmle.label | x :  |
+| array_flow.rb:332:14:332:14 | x | semmle.label | x |
+| array_flow.rb:334:10:334:10 | b [array element 2] :  | semmle.label | b [array element 2] :  |
+| array_flow.rb:334:10:334:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:338:16:338:25 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:339:9:339:9 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:339:9:341:7 | call to each_index [array element 2] :  | semmle.label | call to each_index [array element 2] :  |
+| array_flow.rb:342:10:342:10 | b [array element 2] :  | semmle.label | b [array element 2] :  |
+| array_flow.rb:342:10:342:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:346:19:346:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:347:5:347:5 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:347:25:347:25 | x [array element] :  | semmle.label | x [array element] :  |
+| array_flow.rb:348:14:348:14 | x [array element] :  | semmle.label | x [array element] :  |
+| array_flow.rb:348:14:348:17 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:353:19:353:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:354:9:354:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:354:9:357:7 | call to each_with_index [array element 3] :  | semmle.label | call to each_with_index [array element 3] :  |
+| array_flow.rb:354:31:354:31 | x :  | semmle.label | x :  |
+| array_flow.rb:355:14:355:14 | x | semmle.label | x |
+| array_flow.rb:358:10:358:10 | b [array element 3] :  | semmle.label | b [array element 3] :  |
+| array_flow.rb:358:10:358:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:362:19:362:30 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:363:9:363:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:363:9:366:7 | call to each_with_object :  | semmle.label | call to each_with_object :  |
+| array_flow.rb:363:28:363:39 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:363:46:363:46 | x :  | semmle.label | x :  |
+| array_flow.rb:363:48:363:48 | a :  | semmle.label | a :  |
+| array_flow.rb:364:14:364:14 | x | semmle.label | x |
+| array_flow.rb:365:14:365:14 | a | semmle.label | a |
+| array_flow.rb:367:10:367:10 | b | semmle.label | b |
+| array_flow.rb:371:19:371:30 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:372:9:372:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:372:9:374:7 | call to fetch :  | semmle.label | call to fetch :  |
+| array_flow.rb:372:17:372:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:372:35:372:35 | x :  | semmle.label | x :  |
+| array_flow.rb:373:14:373:14 | x | semmle.label | x |
+| array_flow.rb:375:10:375:10 | b | semmle.label | b |
+| array_flow.rb:379:19:379:30 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:380:5:380:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:380:12:380:23 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:381:10:381:10 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:381:10:381:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:381:10:381:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:382:5:382:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:382:12:382:23 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:383:10:383:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:383:10:383:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:384:5:384:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:385:9:385:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:387:10:387:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:387:10:387:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:388:5:388:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:389:9:389:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:391:10:391:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:391:10:391:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:395:19:395:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:396:9:396:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:396:9:398:7 | call to filter [array element] :  | semmle.label | call to filter [array element] :  |
+| array_flow.rb:396:22:396:22 | x :  | semmle.label | x :  |
+| array_flow.rb:397:14:397:14 | x | semmle.label | x |
+| array_flow.rb:399:10:399:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:399:10:399:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:403:19:403:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:404:9:404:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:404:9:406:7 | call to filter_map [array element] :  | semmle.label | call to filter_map [array element] :  |
+| array_flow.rb:404:26:404:26 | x :  | semmle.label | x :  |
+| array_flow.rb:405:14:405:14 | x | semmle.label | x |
+| array_flow.rb:407:10:407:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:407:10:407:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:411:19:411:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:412:9:412:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:412:9:415:7 | call to filter! [array element] :  | semmle.label | call to filter! [array element] :  |
+| array_flow.rb:412:23:412:23 | x :  | semmle.label | x :  |
+| array_flow.rb:413:14:413:14 | x | semmle.label | x |
+| array_flow.rb:416:10:416:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:416:10:416:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:420:19:420:30 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:421:9:421:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:421:9:423:7 | call to find :  | semmle.label | call to find :  |
+| array_flow.rb:421:21:421:32 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:421:41:421:41 | x :  | semmle.label | x :  |
+| array_flow.rb:422:14:422:14 | x | semmle.label | x |
+| array_flow.rb:424:10:424:10 | b | semmle.label | b |
+| array_flow.rb:428:19:428:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:429:9:429:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:429:9:431:7 | call to find_all [array element] :  | semmle.label | call to find_all [array element] :  |
+| array_flow.rb:429:24:429:24 | x :  | semmle.label | x :  |
+| array_flow.rb:430:14:430:14 | x | semmle.label | x |
+| array_flow.rb:432:10:432:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:432:10:432:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:436:19:436:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:437:5:437:5 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:437:22:437:22 | x :  | semmle.label | x :  |
+| array_flow.rb:438:14:438:14 | x | semmle.label | x |
+| array_flow.rb:443:10:443:21 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:443:30:443:41 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:444:5:444:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:444:12:444:23 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:445:10:445:10 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:445:10:445:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:445:10:445:16 | call to first | semmle.label | call to first |
+| array_flow.rb:446:9:446:9 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:446:9:446:9 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:446:9:446:18 | call to first [array element 0] :  | semmle.label | call to first [array element 0] :  |
+| array_flow.rb:446:9:446:18 | call to first [array element] :  | semmle.label | call to first [array element] :  |
+| array_flow.rb:447:10:447:10 | b [array element 0] :  | semmle.label | b [array element 0] :  |
+| array_flow.rb:447:10:447:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:447:10:447:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:448:10:448:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:448:10:448:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:449:9:449:9 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:449:9:449:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:449:9:449:9 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:449:9:449:18 | call to first [array element 0] :  | semmle.label | call to first [array element 0] :  |
+| array_flow.rb:449:9:449:18 | call to first [array element 3] :  | semmle.label | call to first [array element 3] :  |
+| array_flow.rb:449:9:449:18 | call to first [array element] :  | semmle.label | call to first [array element] :  |
+| array_flow.rb:450:10:450:10 | c [array element 0] :  | semmle.label | c [array element 0] :  |
+| array_flow.rb:450:10:450:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:450:10:450:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:451:10:451:10 | c [array element 3] :  | semmle.label | c [array element 3] :  |
+| array_flow.rb:451:10:451:10 | c [array element] :  | semmle.label | c [array element] :  |
+| array_flow.rb:451:10:451:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:455:19:455:30 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:456:9:456:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:456:9:459:7 | call to flat_map [array element] :  | semmle.label | call to flat_map [array element] :  |
+| array_flow.rb:456:24:456:24 | x :  | semmle.label | x :  |
+| array_flow.rb:457:14:457:14 | x | semmle.label | x |
+| array_flow.rb:458:13:458:24 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:460:10:460:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:460:10:460:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:464:20:464:29 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:465:9:465:9 | a [array element 2, array element 1] :  | semmle.label | a [array element 2, array element 1] :  |
+| array_flow.rb:465:9:465:17 | call to flatten [array element] :  | semmle.label | call to flatten [array element] :  |
+| array_flow.rb:466:10:466:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:466:10:466:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:470:20:470:29 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:471:10:471:10 | a [array element 2, array element 1] :  | semmle.label | a [array element 2, array element 1] :  |
+| array_flow.rb:471:10:471:13 | ...[...] [array element 1] :  | semmle.label | ...[...] [array element 1] :  |
+| array_flow.rb:471:10:471:16 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:472:5:472:5 | [post] a [array element, array element 1] :  | semmle.label | [post] a [array element, array element 1] :  |
+| array_flow.rb:472:5:472:5 | [post] a [array element] :  | semmle.label | [post] a [array element] :  |
+| array_flow.rb:472:5:472:5 | a [array element 2, array element 1] :  | semmle.label | a [array element 2, array element 1] :  |
+| array_flow.rb:473:10:473:10 | a [array element] :  | semmle.label | a [array element] :  |
+| array_flow.rb:473:10:473:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:474:10:474:10 | a [array element, array element 1] :  | semmle.label | a [array element, array element 1] :  |
+| array_flow.rb:474:10:474:13 | ...[...] [array element 1] :  | semmle.label | ...[...] [array element 1] :  |
+| array_flow.rb:474:10:474:16 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:478:19:478:30 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:479:9:479:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:479:9:479:20 | call to grep [array element] :  | semmle.label | call to grep [array element] :  |
+| array_flow.rb:480:10:480:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:480:10:480:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:481:9:481:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:481:9:484:7 | call to grep [array element] :  | semmle.label | call to grep [array element] :  |
+| array_flow.rb:481:26:481:26 | x :  | semmle.label | x :  |
+| array_flow.rb:482:14:482:14 | x | semmle.label | x |
+| array_flow.rb:483:9:483:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:485:10:485:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:485:10:485:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:489:19:489:30 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:490:9:490:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:490:9:490:21 | call to grep_v [array element] :  | semmle.label | call to grep_v [array element] :  |
+| array_flow.rb:491:10:491:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:491:10:491:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:492:9:492:9 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:492:9:495:7 | call to grep_v [array element] :  | semmle.label | call to grep_v [array element] :  |
+| array_flow.rb:492:27:492:27 | x :  | semmle.label | x :  |
+| array_flow.rb:493:14:493:14 | x | semmle.label | x |
+| array_flow.rb:494:9:494:20 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:496:10:496:10 | b [array element] :  | semmle.label | b [array element] :  |
+| array_flow.rb:496:10:496:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:500:19:500:28 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:501:5:501:5 | a [array element 3] :  | semmle.label | a [array element 3] :  |
+| array_flow.rb:501:17:501:17 | x :  | semmle.label | x :  |
+| array_flow.rb:502:14:502:14 | x | semmle.label | x |
+| array_flow.rb:508:5:508:5 | [post] a [array element 0] :  | semmle.label | [post] a [array element 0] :  |
+| array_flow.rb:508:16:508:27 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:509:10:509:10 | a [array element 0] :  | semmle.label | a [array element 0] :  |
+| array_flow.rb:509:10:509:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:515:16:515:29 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:516:5:516:5 | [post] a [array element 2] :  | semmle.label | [post] a [array element 2] :  |
+| array_flow.rb:516:5:516:5 | [post] a [array element 5] :  | semmle.label | [post] a [array element 5] :  |
+| array_flow.rb:516:5:516:5 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:516:21:516:34 | call to source :  | semmle.label | call to source :  |
+| array_flow.rb:519:10:519:10 | a [array element 2] :  | semmle.label | a [array element 2] :  |
+| array_flow.rb:519:10:519:13 | ...[...] | semmle.label | ...[...] |
+| array_flow.rb:522:10:522:10 | a [array element 5] :  | semmle.label | a [array element 5] :  |
+| array_flow.rb:522:10:522:13 | ...[...] | semmle.label | ...[...] |
+subpaths
+#select
+| array_flow.rb:3:10:3:13 | ...[...] | array_flow.rb:2:10:2:18 | call to source :  | array_flow.rb:3:10:3:13 | ...[...] | $@ | array_flow.rb:2:10:2:18 | call to source :  | call to source :  |
+| array_flow.rb:5:10:5:13 | ...[...] | array_flow.rb:2:10:2:18 | call to source :  | array_flow.rb:5:10:5:13 | ...[...] | $@ | array_flow.rb:2:10:2:18 | call to source :  | call to source :  |
+| array_flow.rb:11:10:11:13 | ...[...] | array_flow.rb:9:13:9:21 | call to source :  | array_flow.rb:11:10:11:13 | ...[...] | $@ | array_flow.rb:9:13:9:21 | call to source :  | call to source :  |
+| array_flow.rb:13:10:13:13 | ...[...] | array_flow.rb:9:13:9:21 | call to source :  | array_flow.rb:13:10:13:13 | ...[...] | $@ | array_flow.rb:9:13:9:21 | call to source :  | call to source :  |
+| array_flow.rb:18:10:18:13 | ...[...] | array_flow.rb:17:22:17:32 | call to source :  | array_flow.rb:18:10:18:13 | ...[...] | $@ | array_flow.rb:17:22:17:32 | call to source :  | call to source :  |
+| array_flow.rb:19:10:19:13 | ...[...] | array_flow.rb:17:22:17:32 | call to source :  | array_flow.rb:19:10:19:13 | ...[...] | $@ | array_flow.rb:17:22:17:32 | call to source :  | call to source :  |
+| array_flow.rb:22:10:22:13 | ...[...] | array_flow.rb:17:22:17:32 | call to source :  | array_flow.rb:22:10:22:13 | ...[...] | $@ | array_flow.rb:17:22:17:32 | call to source :  | call to source :  |
+| array_flow.rb:23:10:23:13 | ...[...] | array_flow.rb:17:22:17:32 | call to source :  | array_flow.rb:23:10:23:13 | ...[...] | $@ | array_flow.rb:17:22:17:32 | call to source :  | call to source :  |
+| array_flow.rb:28:10:28:13 | ...[...] | array_flow.rb:26:9:26:19 | call to source :  | array_flow.rb:28:10:28:13 | ...[...] | $@ | array_flow.rb:26:9:26:19 | call to source :  | call to source :  |
+| array_flow.rb:29:10:29:13 | ...[...] | array_flow.rb:26:9:26:19 | call to source :  | array_flow.rb:29:10:29:13 | ...[...] | $@ | array_flow.rb:26:9:26:19 | call to source :  | call to source :  |
+| array_flow.rb:35:10:35:13 | ...[...] | array_flow.rb:33:10:33:18 | call to source :  | array_flow.rb:35:10:35:13 | ...[...] | $@ | array_flow.rb:33:10:33:18 | call to source :  | call to source :  |
+| array_flow.rb:43:10:43:13 | ...[...] | array_flow.rb:40:10:40:20 | call to source :  | array_flow.rb:43:10:43:13 | ...[...] | $@ | array_flow.rb:40:10:40:20 | call to source :  | call to source :  |
+| array_flow.rb:43:10:43:13 | ...[...] | array_flow.rb:41:16:41:26 | call to source :  | array_flow.rb:43:10:43:13 | ...[...] | $@ | array_flow.rb:41:16:41:26 | call to source :  | call to source :  |
+| array_flow.rb:44:10:44:13 | ...[...] | array_flow.rb:40:10:40:20 | call to source :  | array_flow.rb:44:10:44:13 | ...[...] | $@ | array_flow.rb:40:10:40:20 | call to source :  | call to source :  |
+| array_flow.rb:44:10:44:13 | ...[...] | array_flow.rb:41:16:41:26 | call to source :  | array_flow.rb:44:10:44:13 | ...[...] | $@ | array_flow.rb:41:16:41:26 | call to source :  | call to source :  |
+| array_flow.rb:50:10:50:13 | ...[...] | array_flow.rb:48:10:48:18 | call to source :  | array_flow.rb:50:10:50:13 | ...[...] | $@ | array_flow.rb:48:10:48:18 | call to source :  | call to source :  |
+| array_flow.rb:51:10:51:13 | ...[...] | array_flow.rb:48:10:48:18 | call to source :  | array_flow.rb:51:10:51:13 | ...[...] | $@ | array_flow.rb:48:10:48:18 | call to source :  | call to source :  |
+| array_flow.rb:58:10:58:13 | ...[...] | array_flow.rb:55:10:55:20 | call to source :  | array_flow.rb:58:10:58:13 | ...[...] | $@ | array_flow.rb:55:10:55:20 | call to source :  | call to source :  |
+| array_flow.rb:58:10:58:13 | ...[...] | array_flow.rb:56:13:56:23 | call to source :  | array_flow.rb:58:10:58:13 | ...[...] | $@ | array_flow.rb:56:13:56:23 | call to source :  | call to source :  |
+| array_flow.rb:59:10:59:13 | ...[...] | array_flow.rb:56:13:56:23 | call to source :  | array_flow.rb:59:10:59:13 | ...[...] | $@ | array_flow.rb:56:13:56:23 | call to source :  | call to source :  |
+| array_flow.rb:66:10:66:13 | ...[...] | array_flow.rb:63:10:63:20 | call to source :  | array_flow.rb:66:10:66:13 | ...[...] | $@ | array_flow.rb:63:10:63:20 | call to source :  | call to source :  |
+| array_flow.rb:67:10:67:13 | ...[...] | array_flow.rb:63:10:63:20 | call to source :  | array_flow.rb:67:10:67:13 | ...[...] | $@ | array_flow.rb:63:10:63:20 | call to source :  | call to source :  |
+| array_flow.rb:73:10:73:13 | ...[...] | array_flow.rb:71:10:71:20 | call to source :  | array_flow.rb:73:10:73:13 | ...[...] | $@ | array_flow.rb:71:10:71:20 | call to source :  | call to source :  |
+| array_flow.rb:73:10:73:13 | ...[...] | array_flow.rb:72:14:72:24 | call to source :  | array_flow.rb:73:10:73:13 | ...[...] | $@ | array_flow.rb:72:14:72:24 | call to source :  | call to source :  |
+| array_flow.rb:74:10:74:13 | ...[...] | array_flow.rb:72:14:72:24 | call to source :  | array_flow.rb:74:10:74:13 | ...[...] | $@ | array_flow.rb:72:14:72:24 | call to source :  | call to source :  |
+| array_flow.rb:81:10:81:10 | c | array_flow.rb:78:13:78:21 | call to source :  | array_flow.rb:81:10:81:10 | c | $@ | array_flow.rb:78:13:78:21 | call to source :  | call to source :  |
+| array_flow.rb:88:10:88:13 | ...[...] | array_flow.rb:86:13:86:22 | call to source :  | array_flow.rb:88:10:88:13 | ...[...] | $@ | array_flow.rb:86:13:86:22 | call to source :  | call to source :  |
+| array_flow.rb:89:10:89:13 | ...[...] | array_flow.rb:86:13:86:22 | call to source :  | array_flow.rb:89:10:89:13 | ...[...] | $@ | array_flow.rb:86:13:86:22 | call to source :  | call to source :  |
+| array_flow.rb:90:10:90:13 | ...[...] | array_flow.rb:86:13:86:22 | call to source :  | array_flow.rb:90:10:90:13 | ...[...] | $@ | array_flow.rb:86:13:86:22 | call to source :  | call to source :  |
+| array_flow.rb:96:10:96:13 | ...[...] | array_flow.rb:94:13:94:22 | call to source :  | array_flow.rb:96:10:96:13 | ...[...] | $@ | array_flow.rb:94:13:94:22 | call to source :  | call to source :  |
+| array_flow.rb:97:10:97:13 | ...[...] | array_flow.rb:94:13:94:22 | call to source :  | array_flow.rb:97:10:97:13 | ...[...] | $@ | array_flow.rb:94:13:94:22 | call to source :  | call to source :  |
+| array_flow.rb:98:10:98:13 | ...[...] | array_flow.rb:94:13:94:22 | call to source :  | array_flow.rb:98:10:98:13 | ...[...] | $@ | array_flow.rb:94:13:94:22 | call to source :  | call to source :  |
+| array_flow.rb:104:10:104:13 | ...[...] | array_flow.rb:103:15:103:24 | call to source :  | array_flow.rb:104:10:104:13 | ...[...] | $@ | array_flow.rb:103:15:103:24 | call to source :  | call to source :  |
+| array_flow.rb:105:10:105:13 | ...[...] | array_flow.rb:103:15:103:24 | call to source :  | array_flow.rb:105:10:105:13 | ...[...] | $@ | array_flow.rb:103:15:103:24 | call to source :  | call to source :  |
+| array_flow.rb:106:10:106:13 | ...[...] | array_flow.rb:103:15:103:24 | call to source :  | array_flow.rb:106:10:106:13 | ...[...] | $@ | array_flow.rb:103:15:103:24 | call to source :  | call to source :  |
+| array_flow.rb:112:10:112:13 | ...[...] | array_flow.rb:111:19:111:28 | call to source :  | array_flow.rb:112:10:112:13 | ...[...] | $@ | array_flow.rb:111:19:111:28 | call to source :  | call to source :  |
+| array_flow.rb:113:10:113:13 | ...[...] | array_flow.rb:111:19:111:28 | call to source :  | array_flow.rb:113:10:113:13 | ...[...] | $@ | array_flow.rb:111:19:111:28 | call to source :  | call to source :  |
+| array_flow.rb:114:10:114:13 | ...[...] | array_flow.rb:111:19:111:28 | call to source :  | array_flow.rb:114:10:114:13 | ...[...] | $@ | array_flow.rb:111:19:111:28 | call to source :  | call to source :  |
+| array_flow.rb:120:10:120:13 | ...[...] | array_flow.rb:119:15:119:24 | call to source :  | array_flow.rb:120:10:120:13 | ...[...] | $@ | array_flow.rb:119:15:119:24 | call to source :  | call to source :  |
+| array_flow.rb:121:10:121:13 | ...[...] | array_flow.rb:119:15:119:24 | call to source :  | array_flow.rb:121:10:121:13 | ...[...] | $@ | array_flow.rb:119:15:119:24 | call to source :  | call to source :  |
+| array_flow.rb:122:10:122:13 | ...[...] | array_flow.rb:119:15:119:24 | call to source :  | array_flow.rb:122:10:122:13 | ...[...] | $@ | array_flow.rb:119:15:119:24 | call to source :  | call to source :  |
+| array_flow.rb:128:10:128:13 | ...[...] | array_flow.rb:127:19:127:28 | call to source :  | array_flow.rb:128:10:128:13 | ...[...] | $@ | array_flow.rb:127:19:127:28 | call to source :  | call to source :  |
+| array_flow.rb:129:10:129:13 | ...[...] | array_flow.rb:127:19:127:28 | call to source :  | array_flow.rb:129:10:129:13 | ...[...] | $@ | array_flow.rb:127:19:127:28 | call to source :  | call to source :  |
+| array_flow.rb:130:10:130:13 | ...[...] | array_flow.rb:127:19:127:28 | call to source :  | array_flow.rb:130:10:130:13 | ...[...] | $@ | array_flow.rb:127:19:127:28 | call to source :  | call to source :  |
+| array_flow.rb:136:14:136:14 | x | array_flow.rb:134:16:134:25 | call to source :  | array_flow.rb:136:14:136:14 | x | $@ | array_flow.rb:134:16:134:25 | call to source :  | call to source :  |
+| array_flow.rb:143:14:143:14 | x | array_flow.rb:141:16:141:25 | call to source :  | array_flow.rb:143:14:143:14 | x | $@ | array_flow.rb:141:16:141:25 | call to source :  | call to source :  |
+| array_flow.rb:152:10:152:26 | ( ... ) | array_flow.rb:150:15:150:24 | call to source :  | array_flow.rb:152:10:152:26 | ( ... ) | $@ | array_flow.rb:150:15:150:24 | call to source :  | call to source :  |
+| array_flow.rb:153:10:153:26 | ( ... ) | array_flow.rb:150:15:150:24 | call to source :  | array_flow.rb:153:10:153:26 | ( ... ) | $@ | array_flow.rb:150:15:150:24 | call to source :  | call to source :  |
+| array_flow.rb:159:10:159:16 | call to at | array_flow.rb:157:13:157:22 | call to source :  | array_flow.rb:159:10:159:16 | call to at | $@ | array_flow.rb:157:13:157:22 | call to source :  | call to source :  |
+| array_flow.rb:161:10:161:16 | call to at | array_flow.rb:157:13:157:22 | call to source :  | array_flow.rb:161:10:161:16 | call to at | $@ | array_flow.rb:157:13:157:22 | call to source :  | call to source :  |
+| array_flow.rb:167:14:167:14 | x | array_flow.rb:165:16:165:25 | call to source :  | array_flow.rb:167:14:167:14 | x | $@ | array_flow.rb:165:16:165:25 | call to source :  | call to source :  |
+| array_flow.rb:169:10:169:10 | b | array_flow.rb:165:16:165:25 | call to source :  | array_flow.rb:169:10:169:10 | b | $@ | array_flow.rb:165:16:165:25 | call to source :  | call to source :  |
+| array_flow.rb:175:14:175:14 | x | array_flow.rb:173:16:173:25 | call to source :  | array_flow.rb:175:14:175:14 | x | $@ | array_flow.rb:173:16:173:25 | call to source :  | call to source :  |
+| array_flow.rb:189:14:189:14 | x | array_flow.rb:187:16:187:25 | call to source :  | array_flow.rb:189:14:189:14 | x | $@ | array_flow.rb:187:16:187:25 | call to source :  | call to source :  |
+| array_flow.rb:192:10:192:13 | ...[...] | array_flow.rb:187:16:187:25 | call to source :  | array_flow.rb:192:10:192:13 | ...[...] | $@ | array_flow.rb:187:16:187:25 | call to source :  | call to source :  |
+| array_flow.rb:198:14:198:14 | x | array_flow.rb:196:16:196:25 | call to source :  | array_flow.rb:198:14:198:14 | x | $@ | array_flow.rb:196:16:196:25 | call to source :  | call to source :  |
+| array_flow.rb:201:10:201:13 | ...[...] | array_flow.rb:196:16:196:25 | call to source :  | array_flow.rb:201:10:201:13 | ...[...] | $@ | array_flow.rb:196:16:196:25 | call to source :  | call to source :  |
+| array_flow.rb:207:14:207:17 | ...[...] | array_flow.rb:205:16:205:25 | call to source :  | array_flow.rb:207:14:207:17 | ...[...] | $@ | array_flow.rb:205:16:205:25 | call to source :  | call to source :  |
+| array_flow.rb:214:10:214:13 | ...[...] | array_flow.rb:212:16:212:25 | call to source :  | array_flow.rb:214:10:214:13 | ...[...] | $@ | array_flow.rb:212:16:212:25 | call to source :  | call to source :  |
+| array_flow.rb:221:10:221:13 | ...[...] | array_flow.rb:219:16:219:27 | call to source :  | array_flow.rb:221:10:221:13 | ...[...] | $@ | array_flow.rb:219:16:219:27 | call to source :  | call to source :  |
+| array_flow.rb:222:10:222:13 | ...[...] | array_flow.rb:218:16:218:27 | call to source :  | array_flow.rb:222:10:222:13 | ...[...] | $@ | array_flow.rb:218:16:218:27 | call to source :  | call to source :  |
+| array_flow.rb:222:10:222:13 | ...[...] | array_flow.rb:219:16:219:27 | call to source :  | array_flow.rb:222:10:222:13 | ...[...] | $@ | array_flow.rb:219:16:219:27 | call to source :  | call to source :  |
+| array_flow.rb:228:14:228:14 | x | array_flow.rb:226:16:226:25 | call to source :  | array_flow.rb:228:14:228:14 | x | $@ | array_flow.rb:226:16:226:25 | call to source :  | call to source :  |
+| array_flow.rb:235:14:235:14 | x | array_flow.rb:233:16:233:25 | call to source :  | array_flow.rb:235:14:235:14 | x | $@ | array_flow.rb:233:16:233:25 | call to source :  | call to source :  |
+| array_flow.rb:242:10:242:10 | b | array_flow.rb:240:16:240:27 | call to source :  | array_flow.rb:242:10:242:10 | b | $@ | array_flow.rb:240:16:240:27 | call to source :  | call to source :  |
+| array_flow.rb:242:10:242:10 | b | array_flow.rb:241:23:241:34 | call to source :  | array_flow.rb:242:10:242:10 | b | $@ | array_flow.rb:241:23:241:34 | call to source :  | call to source :  |
+| array_flow.rb:248:10:248:10 | b | array_flow.rb:246:16:246:25 | call to source :  | array_flow.rb:248:10:248:10 | b | $@ | array_flow.rb:246:16:246:25 | call to source :  | call to source :  |
+| array_flow.rb:254:14:254:14 | x | array_flow.rb:252:16:252:25 | call to source :  | array_flow.rb:254:14:254:14 | x | $@ | array_flow.rb:252:16:252:25 | call to source :  | call to source :  |
+| array_flow.rb:256:10:256:13 | ...[...] | array_flow.rb:252:16:252:25 | call to source :  | array_flow.rb:256:10:256:13 | ...[...] | $@ | array_flow.rb:252:16:252:25 | call to source :  | call to source :  |
+| array_flow.rb:262:10:262:13 | ...[...] | array_flow.rb:260:16:260:25 | call to source :  | array_flow.rb:262:10:262:13 | ...[...] | $@ | array_flow.rb:260:16:260:25 | call to source :  | call to source :  |
+| array_flow.rb:268:10:268:17 | call to dig | array_flow.rb:266:16:266:27 | call to source :  | array_flow.rb:268:10:268:17 | call to dig | $@ | array_flow.rb:266:16:266:27 | call to source :  | call to source :  |
+| array_flow.rb:269:10:269:17 | call to dig | array_flow.rb:266:16:266:27 | call to source :  | array_flow.rb:269:10:269:17 | call to dig | $@ | array_flow.rb:266:16:266:27 | call to source :  | call to source :  |
+| array_flow.rb:271:10:271:19 | call to dig | array_flow.rb:266:34:266:45 | call to source :  | array_flow.rb:271:10:271:19 | call to dig | $@ | array_flow.rb:266:34:266:45 | call to source :  | call to source :  |
+| array_flow.rb:277:14:277:14 | x | array_flow.rb:275:16:275:27 | call to source :  | array_flow.rb:277:14:277:14 | x | $@ | array_flow.rb:275:16:275:27 | call to source :  | call to source :  |
+| array_flow.rb:279:10:279:10 | b | array_flow.rb:275:16:275:27 | call to source :  | array_flow.rb:279:10:279:10 | b | $@ | array_flow.rb:275:16:275:27 | call to source :  | call to source :  |
+| array_flow.rb:279:10:279:10 | b | array_flow.rb:276:23:276:34 | call to source :  | array_flow.rb:279:10:279:10 | b | $@ | array_flow.rb:276:23:276:34 | call to source :  | call to source :  |
+| array_flow.rb:285:10:285:13 | ...[...] | array_flow.rb:283:16:283:27 | call to source :  | array_flow.rb:285:10:285:13 | ...[...] | $@ | array_flow.rb:283:16:283:27 | call to source :  | call to source :  |
+| array_flow.rb:285:10:285:13 | ...[...] | array_flow.rb:283:30:283:41 | call to source :  | array_flow.rb:285:10:285:13 | ...[...] | $@ | array_flow.rb:283:30:283:41 | call to source :  | call to source :  |
+| array_flow.rb:288:10:288:13 | ...[...] | array_flow.rb:283:16:283:27 | call to source :  | array_flow.rb:288:10:288:13 | ...[...] | $@ | array_flow.rb:283:16:283:27 | call to source :  | call to source :  |
+| array_flow.rb:289:10:289:13 | ...[...] | array_flow.rb:283:16:283:27 | call to source :  | array_flow.rb:289:10:289:13 | ...[...] | $@ | array_flow.rb:283:16:283:27 | call to source :  | call to source :  |
+| array_flow.rb:289:10:289:13 | ...[...] | array_flow.rb:283:30:283:41 | call to source :  | array_flow.rb:289:10:289:13 | ...[...] | $@ | array_flow.rb:283:30:283:41 | call to source :  | call to source :  |
+| array_flow.rb:292:10:292:13 | ...[...] | array_flow.rb:283:16:283:27 | call to source :  | array_flow.rb:292:10:292:13 | ...[...] | $@ | array_flow.rb:283:16:283:27 | call to source :  | call to source :  |
+| array_flow.rb:292:10:292:13 | ...[...] | array_flow.rb:290:12:290:23 | call to source :  | array_flow.rb:292:10:292:13 | ...[...] | $@ | array_flow.rb:290:12:290:23 | call to source :  | call to source :  |
+| array_flow.rb:294:10:294:13 | ...[...] | array_flow.rb:290:12:290:23 | call to source :  | array_flow.rb:294:10:294:13 | ...[...] | $@ | array_flow.rb:290:12:290:23 | call to source :  | call to source :  |
+| array_flow.rb:300:14:300:14 | x | array_flow.rb:298:16:298:27 | call to source :  | array_flow.rb:300:14:300:14 | x | $@ | array_flow.rb:298:16:298:27 | call to source :  | call to source :  |
+| array_flow.rb:300:14:300:14 | x | array_flow.rb:298:30:298:41 | call to source :  | array_flow.rb:300:14:300:14 | x | $@ | array_flow.rb:298:30:298:41 | call to source :  | call to source :  |
+| array_flow.rb:302:10:302:13 | ...[...] | array_flow.rb:298:16:298:27 | call to source :  | array_flow.rb:302:10:302:13 | ...[...] | $@ | array_flow.rb:298:16:298:27 | call to source :  | call to source :  |
+| array_flow.rb:302:10:302:13 | ...[...] | array_flow.rb:298:30:298:41 | call to source :  | array_flow.rb:302:10:302:13 | ...[...] | $@ | array_flow.rb:298:30:298:41 | call to source :  | call to source :  |
+| array_flow.rb:308:14:308:14 | x | array_flow.rb:306:16:306:25 | call to source :  | array_flow.rb:308:14:308:14 | x | $@ | array_flow.rb:306:16:306:25 | call to source :  | call to source :  |
+| array_flow.rb:310:10:310:13 | ...[...] | array_flow.rb:306:16:306:25 | call to source :  | array_flow.rb:310:10:310:13 | ...[...] | $@ | array_flow.rb:306:16:306:25 | call to source :  | call to source :  |
+| array_flow.rb:316:14:316:14 | x | array_flow.rb:314:16:314:25 | call to source :  | array_flow.rb:316:14:316:14 | x | $@ | array_flow.rb:314:16:314:25 | call to source :  | call to source :  |
+| array_flow.rb:318:10:318:10 | x | array_flow.rb:314:16:314:25 | call to source :  | array_flow.rb:318:10:318:10 | x | $@ | array_flow.rb:314:16:314:25 | call to source :  | call to source :  |
+| array_flow.rb:319:10:319:13 | ...[...] | array_flow.rb:314:16:314:25 | call to source :  | array_flow.rb:319:10:319:13 | ...[...] | $@ | array_flow.rb:314:16:314:25 | call to source :  | call to source :  |
+| array_flow.rb:325:14:325:19 | ( ... ) | array_flow.rb:323:16:323:25 | call to source :  | array_flow.rb:325:14:325:19 | ( ... ) | $@ | array_flow.rb:323:16:323:25 | call to source :  | call to source :  |
+| array_flow.rb:332:14:332:14 | x | array_flow.rb:330:16:330:25 | call to source :  | array_flow.rb:332:14:332:14 | x | $@ | array_flow.rb:330:16:330:25 | call to source :  | call to source :  |
+| array_flow.rb:334:10:334:13 | ...[...] | array_flow.rb:330:16:330:25 | call to source :  | array_flow.rb:334:10:334:13 | ...[...] | $@ | array_flow.rb:330:16:330:25 | call to source :  | call to source :  |
+| array_flow.rb:342:10:342:13 | ...[...] | array_flow.rb:338:16:338:25 | call to source :  | array_flow.rb:342:10:342:13 | ...[...] | $@ | array_flow.rb:338:16:338:25 | call to source :  | call to source :  |
+| array_flow.rb:348:14:348:17 | ...[...] | array_flow.rb:346:19:346:28 | call to source :  | array_flow.rb:348:14:348:17 | ...[...] | $@ | array_flow.rb:346:19:346:28 | call to source :  | call to source :  |
+| array_flow.rb:355:14:355:14 | x | array_flow.rb:353:19:353:28 | call to source :  | array_flow.rb:355:14:355:14 | x | $@ | array_flow.rb:353:19:353:28 | call to source :  | call to source :  |
+| array_flow.rb:358:10:358:13 | ...[...] | array_flow.rb:353:19:353:28 | call to source :  | array_flow.rb:358:10:358:13 | ...[...] | $@ | array_flow.rb:353:19:353:28 | call to source :  | call to source :  |
+| array_flow.rb:364:14:364:14 | x | array_flow.rb:362:19:362:30 | call to source :  | array_flow.rb:364:14:364:14 | x | $@ | array_flow.rb:362:19:362:30 | call to source :  | call to source :  |
+| array_flow.rb:365:14:365:14 | a | array_flow.rb:363:28:363:39 | call to source :  | array_flow.rb:365:14:365:14 | a | $@ | array_flow.rb:363:28:363:39 | call to source :  | call to source :  |
+| array_flow.rb:367:10:367:10 | b | array_flow.rb:363:28:363:39 | call to source :  | array_flow.rb:367:10:367:10 | b | $@ | array_flow.rb:363:28:363:39 | call to source :  | call to source :  |
+| array_flow.rb:373:14:373:14 | x | array_flow.rb:372:17:372:28 | call to source :  | array_flow.rb:373:14:373:14 | x | $@ | array_flow.rb:372:17:372:28 | call to source :  | call to source :  |
+| array_flow.rb:375:10:375:10 | b | array_flow.rb:371:19:371:30 | call to source :  | array_flow.rb:375:10:375:10 | b | $@ | array_flow.rb:371:19:371:30 | call to source :  | call to source :  |
+| array_flow.rb:381:10:381:13 | ...[...] | array_flow.rb:379:19:379:30 | call to source :  | array_flow.rb:381:10:381:13 | ...[...] | $@ | array_flow.rb:379:19:379:30 | call to source :  | call to source :  |
+| array_flow.rb:381:10:381:13 | ...[...] | array_flow.rb:380:12:380:23 | call to source :  | array_flow.rb:381:10:381:13 | ...[...] | $@ | array_flow.rb:380:12:380:23 | call to source :  | call to source :  |
+| array_flow.rb:383:10:383:13 | ...[...] | array_flow.rb:382:12:382:23 | call to source :  | array_flow.rb:383:10:383:13 | ...[...] | $@ | array_flow.rb:382:12:382:23 | call to source :  | call to source :  |
+| array_flow.rb:387:10:387:13 | ...[...] | array_flow.rb:385:9:385:20 | call to source :  | array_flow.rb:387:10:387:13 | ...[...] | $@ | array_flow.rb:385:9:385:20 | call to source :  | call to source :  |
+| array_flow.rb:391:10:391:13 | ...[...] | array_flow.rb:385:9:385:20 | call to source :  | array_flow.rb:391:10:391:13 | ...[...] | $@ | array_flow.rb:385:9:385:20 | call to source :  | call to source :  |
+| array_flow.rb:391:10:391:13 | ...[...] | array_flow.rb:389:9:389:20 | call to source :  | array_flow.rb:391:10:391:13 | ...[...] | $@ | array_flow.rb:389:9:389:20 | call to source :  | call to source :  |
+| array_flow.rb:397:14:397:14 | x | array_flow.rb:395:19:395:28 | call to source :  | array_flow.rb:397:14:397:14 | x | $@ | array_flow.rb:395:19:395:28 | call to source :  | call to source :  |
+| array_flow.rb:399:10:399:13 | ...[...] | array_flow.rb:395:19:395:28 | call to source :  | array_flow.rb:399:10:399:13 | ...[...] | $@ | array_flow.rb:395:19:395:28 | call to source :  | call to source :  |
+| array_flow.rb:405:14:405:14 | x | array_flow.rb:403:19:403:28 | call to source :  | array_flow.rb:405:14:405:14 | x | $@ | array_flow.rb:403:19:403:28 | call to source :  | call to source :  |
+| array_flow.rb:407:10:407:13 | ...[...] | array_flow.rb:403:19:403:28 | call to source :  | array_flow.rb:407:10:407:13 | ...[...] | $@ | array_flow.rb:403:19:403:28 | call to source :  | call to source :  |
+| array_flow.rb:413:14:413:14 | x | array_flow.rb:411:19:411:28 | call to source :  | array_flow.rb:413:14:413:14 | x | $@ | array_flow.rb:411:19:411:28 | call to source :  | call to source :  |
+| array_flow.rb:416:10:416:13 | ...[...] | array_flow.rb:411:19:411:28 | call to source :  | array_flow.rb:416:10:416:13 | ...[...] | $@ | array_flow.rb:411:19:411:28 | call to source :  | call to source :  |
+| array_flow.rb:422:14:422:14 | x | array_flow.rb:420:19:420:30 | call to source :  | array_flow.rb:422:14:422:14 | x | $@ | array_flow.rb:420:19:420:30 | call to source :  | call to source :  |
+| array_flow.rb:424:10:424:10 | b | array_flow.rb:420:19:420:30 | call to source :  | array_flow.rb:424:10:424:10 | b | $@ | array_flow.rb:420:19:420:30 | call to source :  | call to source :  |
+| array_flow.rb:424:10:424:10 | b | array_flow.rb:421:21:421:32 | call to source :  | array_flow.rb:424:10:424:10 | b | $@ | array_flow.rb:421:21:421:32 | call to source :  | call to source :  |
+| array_flow.rb:430:14:430:14 | x | array_flow.rb:428:19:428:28 | call to source :  | array_flow.rb:430:14:430:14 | x | $@ | array_flow.rb:428:19:428:28 | call to source :  | call to source :  |
+| array_flow.rb:432:10:432:13 | ...[...] | array_flow.rb:428:19:428:28 | call to source :  | array_flow.rb:432:10:432:13 | ...[...] | $@ | array_flow.rb:428:19:428:28 | call to source :  | call to source :  |
+| array_flow.rb:438:14:438:14 | x | array_flow.rb:436:19:436:28 | call to source :  | array_flow.rb:438:14:438:14 | x | $@ | array_flow.rb:436:19:436:28 | call to source :  | call to source :  |
+| array_flow.rb:445:10:445:16 | call to first | array_flow.rb:443:10:443:21 | call to source :  | array_flow.rb:445:10:445:16 | call to first | $@ | array_flow.rb:443:10:443:21 | call to source :  | call to source :  |
+| array_flow.rb:445:10:445:16 | call to first | array_flow.rb:444:12:444:23 | call to source :  | array_flow.rb:445:10:445:16 | call to first | $@ | array_flow.rb:444:12:444:23 | call to source :  | call to source :  |
+| array_flow.rb:447:10:447:13 | ...[...] | array_flow.rb:443:10:443:21 | call to source :  | array_flow.rb:447:10:447:13 | ...[...] | $@ | array_flow.rb:443:10:443:21 | call to source :  | call to source :  |
+| array_flow.rb:447:10:447:13 | ...[...] | array_flow.rb:444:12:444:23 | call to source :  | array_flow.rb:447:10:447:13 | ...[...] | $@ | array_flow.rb:444:12:444:23 | call to source :  | call to source :  |
+| array_flow.rb:448:10:448:13 | ...[...] | array_flow.rb:444:12:444:23 | call to source :  | array_flow.rb:448:10:448:13 | ...[...] | $@ | array_flow.rb:444:12:444:23 | call to source :  | call to source :  |
+| array_flow.rb:450:10:450:13 | ...[...] | array_flow.rb:443:10:443:21 | call to source :  | array_flow.rb:450:10:450:13 | ...[...] | $@ | array_flow.rb:443:10:443:21 | call to source :  | call to source :  |
+| array_flow.rb:450:10:450:13 | ...[...] | array_flow.rb:444:12:444:23 | call to source :  | array_flow.rb:450:10:450:13 | ...[...] | $@ | array_flow.rb:444:12:444:23 | call to source :  | call to source :  |
+| array_flow.rb:451:10:451:13 | ...[...] | array_flow.rb:443:30:443:41 | call to source :  | array_flow.rb:451:10:451:13 | ...[...] | $@ | array_flow.rb:443:30:443:41 | call to source :  | call to source :  |
+| array_flow.rb:451:10:451:13 | ...[...] | array_flow.rb:444:12:444:23 | call to source :  | array_flow.rb:451:10:451:13 | ...[...] | $@ | array_flow.rb:444:12:444:23 | call to source :  | call to source :  |
+| array_flow.rb:457:14:457:14 | x | array_flow.rb:455:19:455:30 | call to source :  | array_flow.rb:457:14:457:14 | x | $@ | array_flow.rb:455:19:455:30 | call to source :  | call to source :  |
+| array_flow.rb:460:10:460:13 | ...[...] | array_flow.rb:455:19:455:30 | call to source :  | array_flow.rb:460:10:460:13 | ...[...] | $@ | array_flow.rb:455:19:455:30 | call to source :  | call to source :  |
+| array_flow.rb:460:10:460:13 | ...[...] | array_flow.rb:458:13:458:24 | call to source :  | array_flow.rb:460:10:460:13 | ...[...] | $@ | array_flow.rb:458:13:458:24 | call to source :  | call to source :  |
+| array_flow.rb:466:10:466:13 | ...[...] | array_flow.rb:464:20:464:29 | call to source :  | array_flow.rb:466:10:466:13 | ...[...] | $@ | array_flow.rb:464:20:464:29 | call to source :  | call to source :  |
+| array_flow.rb:471:10:471:16 | ...[...] | array_flow.rb:470:20:470:29 | call to source :  | array_flow.rb:471:10:471:16 | ...[...] | $@ | array_flow.rb:470:20:470:29 | call to source :  | call to source :  |
+| array_flow.rb:473:10:473:13 | ...[...] | array_flow.rb:470:20:470:29 | call to source :  | array_flow.rb:473:10:473:13 | ...[...] | $@ | array_flow.rb:470:20:470:29 | call to source :  | call to source :  |
+| array_flow.rb:474:10:474:16 | ...[...] | array_flow.rb:470:20:470:29 | call to source :  | array_flow.rb:474:10:474:16 | ...[...] | $@ | array_flow.rb:470:20:470:29 | call to source :  | call to source :  |
+| array_flow.rb:480:10:480:13 | ...[...] | array_flow.rb:478:19:478:30 | call to source :  | array_flow.rb:480:10:480:13 | ...[...] | $@ | array_flow.rb:478:19:478:30 | call to source :  | call to source :  |
+| array_flow.rb:482:14:482:14 | x | array_flow.rb:478:19:478:30 | call to source :  | array_flow.rb:482:14:482:14 | x | $@ | array_flow.rb:478:19:478:30 | call to source :  | call to source :  |
+| array_flow.rb:485:10:485:13 | ...[...] | array_flow.rb:483:9:483:20 | call to source :  | array_flow.rb:485:10:485:13 | ...[...] | $@ | array_flow.rb:483:9:483:20 | call to source :  | call to source :  |
+| array_flow.rb:491:10:491:13 | ...[...] | array_flow.rb:489:19:489:30 | call to source :  | array_flow.rb:491:10:491:13 | ...[...] | $@ | array_flow.rb:489:19:489:30 | call to source :  | call to source :  |
+| array_flow.rb:493:14:493:14 | x | array_flow.rb:489:19:489:30 | call to source :  | array_flow.rb:493:14:493:14 | x | $@ | array_flow.rb:489:19:489:30 | call to source :  | call to source :  |
+| array_flow.rb:496:10:496:13 | ...[...] | array_flow.rb:494:9:494:20 | call to source :  | array_flow.rb:496:10:496:13 | ...[...] | $@ | array_flow.rb:494:9:494:20 | call to source :  | call to source :  |
+| array_flow.rb:502:14:502:14 | x | array_flow.rb:500:19:500:28 | call to source :  | array_flow.rb:502:14:502:14 | x | $@ | array_flow.rb:500:19:500:28 | call to source :  | call to source :  |
+| array_flow.rb:509:10:509:13 | ...[...] | array_flow.rb:508:16:508:27 | call to source :  | array_flow.rb:509:10:509:13 | ...[...] | $@ | array_flow.rb:508:16:508:27 | call to source :  | call to source :  |
+| array_flow.rb:519:10:519:13 | ...[...] | array_flow.rb:516:21:516:34 | call to source :  | array_flow.rb:519:10:519:13 | ...[...] | $@ | array_flow.rb:516:21:516:34 | call to source :  | call to source :  |
+| array_flow.rb:522:10:522:13 | ...[...] | array_flow.rb:515:16:515:29 | call to source :  | array_flow.rb:522:10:522:13 | ...[...] | $@ | array_flow.rb:515:16:515:29 | call to source :  | call to source :  |
diff --git a/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.ql b/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.ql
new file mode 100644
index 00000000000..842d591a3e5
--- /dev/null
+++ b/ruby/ql/test/library-tests/dataflow/array-flow/array-flow.ql
@@ -0,0 +1,15 @@
+/**
+ * @kind path-problem
+ */
+
+import ruby
+import TestUtilities.InlineFlowTest
+import PathGraph
+
+class HasFlowTest extends InlineFlowTest {
+  override DataFlow::Configuration getTaintFlowConfig() { none() }
+}
+
+from DataFlow::PathNode source, DataFlow::PathNode sink, DefaultValueFlowConf conf
+where conf.hasFlowPath(source, sink)
+select sink, source, sink, "$@", source, source.toString()
diff --git a/ruby/ql/test/library-tests/dataflow/array-flow/array_flow.rb b/ruby/ql/test/library-tests/dataflow/array-flow/array_flow.rb
new file mode 100644
index 00000000000..e457108f0d4
--- /dev/null
+++ b/ruby/ql/test/library-tests/dataflow/array-flow/array_flow.rb
@@ -0,0 +1,523 @@
+def m0(i)
+    a = *source(0)
+    sink(a[0]) # $ hasValueFlow=0
+    sink(a[1])
+    sink(a[i]) # $ hasValueFlow=0
+end
+
+def m1(i)
+    a = [0, source(1), 2]
+    sink(a[0])
+    sink(a[1]) # $ hasValueFlow=1
+    sink(a[2])
+    sink(a[i]) # $ hasValueFlow=1
+end
+
+def m2(i)
+    a = Array.new(1, source(2.1))
+    sink(a[0]) # $ hasValueFlow=2.1
+    sink(a[i]) # $ hasValueFlow=2.1
+
+    b = Array.new(a)
+    sink(b[0]) # $ hasValueFlow=2.1
+    sink(b[i]) # $ hasValueFlow=2.1
+
+    c = Array.new(1) do |x|
+        source(2.2)
+    end
+    sink(c[0]) # $ hasValueFlow=2.2
+    sink(c[i]) # $ hasValueFlow=2.2
+end
+
+def m3
+    a = [source(3), 1]
+    b = Array.try_convert(a)
+    sink(b[0]) # $ hasValueFlow=3
+    sink(b[1])
+end
+
+def m4
+    a = [source(4.1), 1]
+    b = [2, 3, source(4.2)]
+    c = a & b
+    sink(c[0]) # $ hasValueFlow=4.1 $ hasValueFlow=4.2
+    sink(c[1]) # $ hasValueFlow=4.1 $ hasValueFlow=4.2
+end
+
+def m5
+    a = [source(5), 1]
+    b = a * 3
+    sink(b[0]) # $ hasValueFlow=5
+    sink(b[1]) # $ hasValueFlow=5
+end
+
+def m6
+    a = [source(6.1), 1]
+    b = [2, source(6.2)]
+    c = a + b
+    sink(c[0]) # $ hasValueFlow=6.1 $ hasValueFlow=6.2
+    sink(c[1]) # $ hasValueFlow=6.2
+end
+
+def m7
+    a = [source(7.1), 1]
+    b = [2, source(7.2)]
+    c = a - b
+    sink(c[0]) # $ hasValueFlow=7.1
+    sink(c[1]) # $ hasValueFlow=7.1
+end
+
+def m8
+    a = [source(8.1), 1]
+    b = a << source(8.2)
+    sink(b[0]) # $ hasValueFlow=8.1 $ hasValueFlow=8.2
+    sink(b[1]) # $ hasValueFlow=8.2
+end
+
+def m9(i)
+    a = [0, source(9), 2]
+    b, c, d = a
+    sink(b)
+    sink(c) # $ hasValueFlow=9
+    sink(d)
+end
+
+def m10(i)
+    a = [0, source(10), 2]
+    b = a[0, 2]
+    sink(b[0]) # $ hasValueFlow=10
+    sink(b[1]) # $ hasValueFlow=10
+    sink(b[i]) # $ hasValueFlow=10
+end
+
+def m11(i)
+    a = [0, source(11), 2]
+    b = a[0..2]
+    sink(b[0]) # $ hasValueFlow=11
+    sink(b[1]) # $ hasValueFlow=11
+    sink(b[i]) # $ hasValueFlow=11
+end
+
+def m12(i)
+    a = [0, 1]
+    a[0, 1] = source(12)
+    sink(a[0]) # $ hasValueFlow=12
+    sink(a[1]) # $ hasValueFlow=12
+    sink(a[i]) # $ hasValueFlow=12
+end
+
+def m13(i)
+    a = [0, 1]
+    a[0, 1] = [0, source(13), 2]
+    sink(a[0]) # $ hasValueFlow=13
+    sink(a[1]) # $ hasValueFlow=13
+    sink(a[i]) # $ hasValueFlow=13
+end
+
+def m14(i)
+    a = [0, 1]
+    a[0..1] = source(14)
+    sink(a[0]) # $ hasValueFlow=14
+    sink(a[1]) # $ hasValueFlow=14
+    sink(a[i]) # $ hasValueFlow=14
+end
+
+def m15(i)
+    a = [0, 1]
+    a[0..1] = [0, source(15), 2]
+    sink(a[0]) # $ hasValueFlow=15
+    sink(a[1]) # $ hasValueFlow=15
+    sink(a[i]) # $ hasValueFlow=15
+end
+
+def m16
+    a = [0, 1, source(16)]
+    a.all? do |x|
+        sink x # $ hasValueFlow=16
+    end
+end
+
+def m17
+    a = [0, 1, source(17)]
+    a.any? do |x|
+        sink x # $ hasValueFlow=17
+    end
+end
+
+def m18
+    a = ["a", 0]
+    b = ["b", 1]
+    c = ["c", source(18)]
+    d = [a, b, c]
+    sink (d.assoc("a")[0]) # $ hasValueFlow=18
+    sink (d.assoc("c")[0]) # $ hasValueFlow=18
+end
+
+def m19(i)
+    a = [0, source(19), 2]
+    sink(a.at(0))
+    sink(a.at(1)) # $ hasValueFlow=19
+    sink(a.at(2))
+    sink(a.at(i)) # $ hasValueFlow=19
+end
+
+def m20
+    a = [0, 1, source(20)]
+    b = a.bsearch do |x|
+        sink x # $ hasValueFlow=20
+    end
+    sink b # $ hasValueFlow=20
+end
+
+def m21
+    a = [0, 1, source(21)]
+    b = a.bsearch_index do |x|
+        sink x # $ hasValueFlow=21
+    end
+    sink b
+end
+
+def m22
+    a = [0, 1, source(22)]
+    a.clear()
+    sink(a[2])
+end
+
+def m23
+    a = [0, 1, source(23)]
+    b = a.collect do |x|
+        sink x # $ hasValueFlow=23
+        x
+    end
+    sink(b[0]) # $ hasValueFlow=23
+end
+
+def m24
+    a = [0, 1, source(24)]
+    b = a.collect_concat do |x|
+        sink x # $ hasValueFlow=24
+        [x, x]
+    end
+    sink(b[0]) # $ hasValueFlow=24
+end
+
+def m25
+    a = [0, 1, source(25)]
+    a.combination(1) do |x|
+        sink(x[0]) # $ hasValueFlow=25
+    end
+end
+
+def m26
+    a = [0, 1, source(26)]
+    b = a.compact
+    sink(b[0]) # $ hasValueFlow=26
+end
+
+def m27
+    a = [0, 1, source(27.1)]
+    b = [0, 1, source(27.2)]
+    a.concat(b)
+    sink(a[0]) # $ hasValueFlow=27.2
+    sink(a[2]) # $ hasValueFlow=27.1 $ hasValueFlow=27.2
+end
+
+def m28
+    a = [0, 1, source(28)]
+    a.count do |x|
+        sink x # $ hasValueFlow=28
+    end
+end
+
+def m29
+    a = [0, 1, source(29)]
+    a.cycle(2) do |x|
+        sink x # $ hasValueFlow=29
+    end
+end
+
+def m30
+    a = [0, 1, source(30.1)]
+    b = a.delete(2) { source(30.2) }
+    sink b # $ hasValueFlow=30.1 $ hasValueFlow=30.2
+end
+
+def m31
+    a = [0, 1, source(31)]
+    b = a.delete_at(2)
+    sink b # $ hasValueFlow=31
+end
+
+def m32
+    a = [0, 1, source(32)]
+    b = a.delete_if do |x|
+        sink x # $ hasValueFlow=32
+    end
+    sink(b[0]) # $ hasValueFlow=32
+end
+
+def m33
+    a = [0, 1, source(33)]
+    b = a.difference([1])
+    sink(b[0]) # $ hasValueFlow=33
+end
+
+def m34(i)
+    a = [0, 1, source(34.1), [0, source(34.2)]]
+    sink(a.dig(0))
+    sink(a.dig(2)) # $ hasValueFlow=34.1
+    sink(a.dig(i)) # $ hasValueFlow=34.1
+    sink(a.dig(3,0))
+    sink(a.dig(3,1)) # $ hasValueFlow=34.2
+end
+
+def m35
+    a = [0, 1, source(35.1)]
+    b = a.detect(-> { source(35.2) }) do |x|
+        sink x # $ hasValueFlow=35.1
+    end
+    sink b # $ hasValueFlow=35.1 $ hasValueFlow=35.2
+end
+
+def m36(i)
+    a = [0, 1, source(36.1), source(36.2)]
+    b = a.drop(i)
+    sink(b[0]) # $ hasValueFlow=36.1 # $ hasValueFlow=36.2
+    b = a.drop(1)
+    sink(b[0])
+    sink(b[1]) # $ hasValueFlow=36.1
+    sink(b[i]) # $ hasValueFlow=36.1 # $ hasValueFlow=36.2
+    a[i] = source(36.3)
+    b = a.drop(1)
+    sink(b[1]) # $ hasValueFlow=36.1 # $ hasValueFlow=36.3
+    c = b.drop(100)
+    sink(c[1]) # $ hasValueFlow=36.3
+end
+
+def m37
+    a = [0, 1, source(37.1), source(37.2)]
+    b = a.drop_while do |x|
+        sink x # $ hasValueFlow=37.1 # $ hasValueFlow=37.2
+    end
+    sink(b[0]) # $ hasValueFlow=37.1 # $ hasValueFlow=37.2
+end
+
+def m38
+    a = [0, 1, source(38)]
+    b = a.each do |x|
+        sink x # $ hasValueFlow=38
+    end
+    sink(b[2]) # $ hasValueFlow=38
+end
+
+def m39
+    a = [0, 1, source(39)]
+    b = for x in a # desugars to an `each` call
+        sink x # $ hasValueFlow=39
+    end
+    sink x # $ hasValueFlow=39
+    sink(b[2]) # $ hasValueFlow=39
+end
+
+def m40
+    a = [0, 1, source(40)]
+    a.each_cons(2) do |x|
+        sink (x[0]) # $ hasValueFlow=40
+    end
+end
+
+def m41
+    a = [0, 1, source(41)]
+    b = a.each_entry do |x|
+        sink x # $ hasValueFlow=41
+    end
+    sink(b[2]) # $ hasValueFlow=41
+end
+
+def m42
+    a = [0, 1, source(42)]
+    b = a.each_index do |x|
+        sink x
+    end
+    sink(b[2]) # $ hasValueFlow=42
+end
+
+def m43
+    a = [0, 1, 2, source(43)]
+    a.each_slice(1) do |x|
+        sink(x[0]) # $ hasValueFlow=43
+    end
+end
+
+def m44
+    a = [0, 1, 2, source(44)]
+    b = a.each_with_index do |x,i|
+        sink(x) # $ hasValueFlow=44
+        sink(i)
+    end
+    sink(b[3]) # $ hasValueFlow=44
+end
+
+def m45
+    a = [0, 1, 2, source(45.1)]
+    b = a.each_with_object(source(45.2)) do |x,a|
+        sink(x) # $ hasValueFlow=45.1
+        sink(a) # $ hasValueFlow=45.2
+    end
+    sink(b) # $ hasValueFlow=45.2
+end
+
+def m46(i)
+    a = [0, 1, 2, source(46.1)]
+    b = a.fetch(source(46.2)) do |x|
+        sink(x) # $ hasValueFlow=46.2
+    end
+    sink(b) # $ hasValueFlow=46.1
+end
+
+def m47
+    a = [0, 1, 2, source(47.1)]
+    a.fill(source(47.2), 1, 1)
+    sink(a[3]) # $ hasValueFlow=47.1 $ hasValueFlow=47.2
+    a.fill(source(47.3))
+    sink(a[0]) # $ hasValueFlow=47.3
+    a.fill do |i|
+        source(47.4)
+    end
+    sink(a[0]) # $ hasValueFlow=47.4
+    a.fill(2) do |i|
+        source(47.5)
+    end
+    sink(a[0]) # $ hasValueFlow=47.4 $ hasValueFlow=47.5
+end
+
+def m48
+    a = [0, 1, 2, source(48)]
+    b = a.filter do |x|
+        sink(x) # $ hasValueFlow=48
+    end
+    sink(b[0]) # $ hasValueFlow=48
+end
+
+def m49
+    a = [0, 1, 2, source(49)]
+    b = a.filter_map do |x|
+        sink(x) # $ hasValueFlow=49
+    end
+    sink(b[0]) # $ hasValueFlow=49
+end
+
+def m50
+    a = [0, 1, 2, source(50)]
+    b = a.filter! do |x|
+        sink(x) # $ hasValueFlow=50
+        x > 2
+    end
+    sink(b[0]) # $ hasValueFlow=50
+end
+
+def m51
+    a = [0, 1, 2, source(51.1)]
+    b = a.find(-> { source(51.2) }) do |x|
+        sink(x) # $ hasValueFlow=51.1
+    end
+    sink(b) # $ hasValueFlow=51.1 $ hasValueFlow=51.2
+end
+
+def m52
+    a = [0, 1, 2, source(52)]
+    b = a.find_all do |x|
+        sink(x) # $ hasValueFlow=52
+    end
+    sink(b[0]) # $ hasValueFlow=52
+end
+
+def m53
+    a = [0, 1, 2, source(53)]
+    a.find_index do |x|
+        sink(x) # $ hasValueFlow=53
+    end
+end
+
+def m54(i)
+    a = [source(54.1), 1, 2, source(54.2)]
+    a[i] = source(54.3)
+    sink(a.first) # $ hasValueFlow=54.1 $ hasValueFlow=54.3
+    b = a.first(2)
+    sink(b[0]) # $ hasValueFlow=54.1 $ hasValueFlow=54.3
+    sink(b[4]) # $ hasValueFlow=54.3
+    c = a.first(i)
+    sink(c[0]) # $ hasValueFlow=54.1 $ hasValueFlow=54.3
+    sink(c[3]) # $ hasValueFlow=54.2 $ hasValueFlow=54.3
+end
+
+def m55
+    a = [0, 1, 2, source(55.1)]
+    b = a.flat_map do |x|
+        sink(x) # $ hasValueFlow=55.1
+        [x, source(55.2)]
+    end
+    sink(b[0]) # $ hasValueFlow=55.1 $ hasValueFlow=55.2
+end
+
+def m56
+    a = [0, 1, [2, source(56)]]
+    b = a.flatten
+    sink(b[0]) # $ hasValueFlow=56
+end
+
+def m57
+    a = [0, 1, [2, source(57)]]
+    sink(a[2][1]) # $ hasValueFlow=57
+    a.flatten!
+    sink(a[0]) # $ hasValueFlow=57
+    sink(a[2][1]) # $ SPURIOUS: hasValueFlow=57
+end
+
+def m58
+    a = [0, 1, 2, source(58.1)]
+    b = a.grep(/.*/)
+    sink(b[0]) # $ hasValueFlow=58.1
+    b = a.grep(/.*/) do |x|
+        sink x # $ hasValueFlow=58.1
+        source(58.2)
+    end
+    sink(b[0]) # $ hasValueFlow=58.2
+end
+
+def m59
+    a = [0, 1, 2, source(59.1)]
+    b = a.grep_v(/A/)
+    sink(b[0]) # $ hasValueFlow=59.1
+    b = a.grep_v(/A/) do |x|
+        sink x # $ hasValueFlow=59.1
+        source(59.2)
+    end
+    sink(b[0]) # $ hasValueFlow=59.2
+end
+
+def m60
+    a = [0, 1, 2, source(60)]
+    a.index do |x|
+        sink x # $ hasValueFlow=60
+    end
+end
+
+def m61
+    a = [0, 1, 2, source(61.1)]
+    a.replace([source(61.2)])
+    sink(a[0]) # $ hasValueFlow=61.2
+end
+
+
+# TODO: assign appropriate number when reached in the alphabetical ordering
+def m2600
+    a = [0, 1, source(2600.1)]
+    a.prepend(2, 3, source(2600.2))
+    sink(a[0])
+    sink(a[1])
+    sink(a[2]) # $ hasValueFlow=2600.2
+    sink(a[3])
+    sink(a[4])
+    sink(a[5]) # $ hasValueFlow=2600.1
+end
diff --git a/ruby/ql/test/library-tests/dataflow/local/Nodes.ql b/ruby/ql/test/library-tests/dataflow/local/Nodes.ql
index c676f125f79..23476a4a195 100644
--- a/ruby/ql/test/library-tests/dataflow/local/Nodes.ql
+++ b/ruby/ql/test/library-tests/dataflow/local/Nodes.ql
@@ -5,5 +5,6 @@ import codeql.ruby.dataflow.internal.DataFlowDispatch
 query predicate ret(ReturningNode node) { any() }
 
 query predicate arg(ArgumentNode n, DataFlowCall call, ArgumentPosition pos) {
-  n.argumentOf(call, pos)
+  n.argumentOf(call, pos) and
+  not n instanceof SummaryNode
 }
diff --git a/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected b/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
index a3536938432..96e5fdf8355 100644
--- a/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
+++ b/ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
@@ -27,6 +27,7 @@ nodes
 | summaries.rb:18:6:18:13 | tainted3 | semmle.label | tainted3 |
 subpaths
 invalidSpecComponent
+invalidOutputSpecComponent
 #select
 | summaries.rb:2:6:2:12 | tainted | summaries.rb:1:20:1:26 | "taint" :  | summaries.rb:2:6:2:12 | tainted | $@ | summaries.rb:1:20:1:26 | "taint" :  | "taint" :  |
 | summaries.rb:5:8:5:8 | x | summaries.rb:1:20:1:26 | "taint" :  | summaries.rb:5:8:5:8 | x | $@ | summaries.rb:1:20:1:26 | "taint" :  | "taint" :  |
diff --git a/ruby/ql/test/library-tests/dataflow/summaries/Summaries.ql b/ruby/ql/test/library-tests/dataflow/summaries/Summaries.ql
index 6d9db3f5c82..7c16273aa97 100644
--- a/ruby/ql/test/library-tests/dataflow/summaries/Summaries.ql
+++ b/ruby/ql/test/library-tests/dataflow/summaries/Summaries.ql
@@ -13,6 +13,12 @@ query predicate invalidSpecComponent(SummarizedCallable sc, string s, string c)
   Private::External::invalidSpecComponent(s, c)
 }
 
+query predicate invalidOutputSpecComponent(SummarizedCallable sc, string s, string c) {
+  sc.propagatesFlowExt(_, s, _) and
+  Private::External::specSplit(s, c, _) and
+  c = "ArrayElement" // not allowed in output specs; use `ArrayElement[?] instead
+}
+
 private class SummarizedCallableIdentity extends SummarizedCallable {
   SummarizedCallableIdentity() { this = "identity" }
 
diff --git a/ruby/ql/test/query-tests/security/cwe-022/PathInjection.expected b/ruby/ql/test/query-tests/security/cwe-022/PathInjection.expected
index 5ac1c88d6f4..23f28e1e630 100644
--- a/ruby/ql/test/query-tests/security/cwe-022/PathInjection.expected
+++ b/ruby/ql/test/query-tests/security/cwe-022/PathInjection.expected
@@ -1,5 +1,6 @@
 edges
-| tainted_path.rb:4:12:4:17 | call to params :  | tainted_path.rb:5:26:5:29 | path |
+| tainted_path.rb:4:12:4:17 | call to params :  | tainted_path.rb:4:12:4:24 | ...[...] :  |
+| tainted_path.rb:4:12:4:24 | ...[...] :  | tainted_path.rb:5:26:5:29 | path |
 | tainted_path.rb:10:12:10:43 | call to absolute_path :  | tainted_path.rb:11:26:11:29 | path |
 | tainted_path.rb:10:31:10:36 | call to params :  | tainted_path.rb:10:31:10:43 | ...[...] :  |
 | tainted_path.rb:10:31:10:43 | ...[...] :  | tainted_path.rb:10:12:10:43 | call to absolute_path :  |
@@ -23,6 +24,7 @@ edges
 | tainted_path.rb:47:43:47:55 | ...[...] :  | tainted_path.rb:47:12:47:63 | call to join :  |
 nodes
 | tainted_path.rb:4:12:4:17 | call to params :  | semmle.label | call to params :  |
+| tainted_path.rb:4:12:4:24 | ...[...] :  | semmle.label | ...[...] :  |
 | tainted_path.rb:5:26:5:29 | path | semmle.label | path |
 | tainted_path.rb:10:12:10:43 | call to absolute_path :  | semmle.label | call to absolute_path :  |
 | tainted_path.rb:10:31:10:36 | call to params :  | semmle.label | call to params :  |
diff --git a/ruby/ql/test/query-tests/security/cwe-078/CommandInjection.expected b/ruby/ql/test/query-tests/security/cwe-078/CommandInjection.expected
index d3338f6cd56..8849322976c 100644
--- a/ruby/ql/test/query-tests/security/cwe-078/CommandInjection.expected
+++ b/ruby/ql/test/query-tests/security/cwe-078/CommandInjection.expected
@@ -1,15 +1,18 @@
 edges
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:7:10:7:15 | #{...} |
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:8:16:8:18 | cmd |
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:10:14:10:16 | cmd |
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:11:17:11:22 | #{...} |
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:13:9:13:14 | #{...} |
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:29:19:29:24 | #{...} |
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:33:24:33:36 | "echo #{...}" |
-| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:34:39:34:51 | "grep #{...}" |
-| CommandInjection.rb:46:15:46:20 | call to params :  | CommandInjection.rb:50:24:50:36 | "echo #{...}" |
+| CommandInjection.rb:6:15:6:20 | call to params :  | CommandInjection.rb:6:15:6:26 | ...[...] :  |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:7:10:7:15 | #{...} |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:8:16:8:18 | cmd |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:10:14:10:16 | cmd |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:11:17:11:22 | #{...} |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:13:9:13:14 | #{...} |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:29:19:29:24 | #{...} |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:33:24:33:36 | "echo #{...}" |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | CommandInjection.rb:34:39:34:51 | "grep #{...}" |
+| CommandInjection.rb:46:15:46:20 | call to params :  | CommandInjection.rb:46:15:46:26 | ...[...] :  |
+| CommandInjection.rb:46:15:46:26 | ...[...] :  | CommandInjection.rb:50:24:50:36 | "echo #{...}" |
 nodes
 | CommandInjection.rb:6:15:6:20 | call to params :  | semmle.label | call to params :  |
+| CommandInjection.rb:6:15:6:26 | ...[...] :  | semmle.label | ...[...] :  |
 | CommandInjection.rb:7:10:7:15 | #{...} | semmle.label | #{...} |
 | CommandInjection.rb:8:16:8:18 | cmd | semmle.label | cmd |
 | CommandInjection.rb:10:14:10:16 | cmd | semmle.label | cmd |
@@ -19,6 +22,7 @@ nodes
 | CommandInjection.rb:33:24:33:36 | "echo #{...}" | semmle.label | "echo #{...}" |
 | CommandInjection.rb:34:39:34:51 | "grep #{...}" | semmle.label | "grep #{...}" |
 | CommandInjection.rb:46:15:46:20 | call to params :  | semmle.label | call to params :  |
+| CommandInjection.rb:46:15:46:26 | ...[...] :  | semmle.label | ...[...] :  |
 | CommandInjection.rb:50:24:50:36 | "echo #{...}" | semmle.label | "echo #{...}" |
 subpaths
 #select
diff --git a/ruby/ql/test/query-tests/security/cwe-078/KernelOpen.expected b/ruby/ql/test/query-tests/security/cwe-078/KernelOpen.expected
index ccdd73f58c7..5659fceb1e7 100644
--- a/ruby/ql/test/query-tests/security/cwe-078/KernelOpen.expected
+++ b/ruby/ql/test/query-tests/security/cwe-078/KernelOpen.expected
@@ -1,8 +1,10 @@
 edges
-| KernelOpen.rb:3:12:3:17 | call to params :  | KernelOpen.rb:4:10:4:13 | file |
-| KernelOpen.rb:3:12:3:17 | call to params :  | KernelOpen.rb:5:13:5:16 | file |
+| KernelOpen.rb:3:12:3:17 | call to params :  | KernelOpen.rb:3:12:3:24 | ...[...] :  |
+| KernelOpen.rb:3:12:3:24 | ...[...] :  | KernelOpen.rb:4:10:4:13 | file |
+| KernelOpen.rb:3:12:3:24 | ...[...] :  | KernelOpen.rb:5:13:5:16 | file |
 nodes
 | KernelOpen.rb:3:12:3:17 | call to params :  | semmle.label | call to params :  |
+| KernelOpen.rb:3:12:3:24 | ...[...] :  | semmle.label | ...[...] :  |
 | KernelOpen.rb:4:10:4:13 | file | semmle.label | file |
 | KernelOpen.rb:5:13:5:16 | file | semmle.label | file |
 subpaths
diff --git a/ruby/ql/test/query-tests/security/cwe-079/ReflectedXSS.expected b/ruby/ql/test/query-tests/security/cwe-079/ReflectedXSS.expected
index 0678f3896df..503e9ec0529 100644
--- a/ruby/ql/test/query-tests/security/cwe-079/ReflectedXSS.expected
+++ b/ruby/ql/test/query-tests/security/cwe-079/ReflectedXSS.expected
@@ -1,11 +1,13 @@
 edges
 | app/controllers/foo/bars_controller.rb:9:12:9:17 | call to params :  | app/controllers/foo/bars_controller.rb:9:12:9:29 | ...[...] :  |
 | app/controllers/foo/bars_controller.rb:9:12:9:29 | ...[...] :  | app/views/foo/bars/show.html.erb:47:5:47:13 | call to user_name |
-| app/controllers/foo/bars_controller.rb:13:20:13:25 | call to params :  | app/views/foo/bars/show.html.erb:51:5:51:18 | call to user_name_memo |
+| app/controllers/foo/bars_controller.rb:13:20:13:25 | call to params :  | app/controllers/foo/bars_controller.rb:13:20:13:37 | ...[...] :  |
+| app/controllers/foo/bars_controller.rb:13:20:13:37 | ...[...] :  | app/views/foo/bars/show.html.erb:51:5:51:18 | call to user_name_memo |
 | app/controllers/foo/bars_controller.rb:17:21:17:26 | call to params :  | app/controllers/foo/bars_controller.rb:17:21:17:36 | ...[...] :  |
 | app/controllers/foo/bars_controller.rb:17:21:17:36 | ...[...] :  | app/views/foo/bars/show.html.erb:2:18:2:30 | @user_website |
-| app/controllers/foo/bars_controller.rb:18:10:18:15 | call to params :  | app/controllers/foo/bars_controller.rb:19:22:19:23 | dt :  |
-| app/controllers/foo/bars_controller.rb:18:10:18:15 | call to params :  | app/controllers/foo/bars_controller.rb:23:53:23:54 | dt :  |
+| app/controllers/foo/bars_controller.rb:18:10:18:15 | call to params :  | app/controllers/foo/bars_controller.rb:18:10:18:22 | ...[...] :  |
+| app/controllers/foo/bars_controller.rb:18:10:18:22 | ...[...] :  | app/controllers/foo/bars_controller.rb:19:22:19:23 | dt :  |
+| app/controllers/foo/bars_controller.rb:18:10:18:22 | ...[...] :  | app/controllers/foo/bars_controller.rb:23:53:23:54 | dt :  |
 | app/controllers/foo/bars_controller.rb:19:22:19:23 | dt :  | app/views/foo/bars/show.html.erb:41:3:41:16 | @instance_text |
 | app/controllers/foo/bars_controller.rb:23:53:23:54 | dt :  | app/views/foo/bars/show.html.erb:5:9:5:20 | call to display_text |
 | app/controllers/foo/bars_controller.rb:23:53:23:54 | dt :  | app/views/foo/bars/show.html.erb:8:9:8:36 | ...[...] |
@@ -21,9 +23,11 @@ nodes
 | app/controllers/foo/bars_controller.rb:9:12:9:17 | call to params :  | semmle.label | call to params :  |
 | app/controllers/foo/bars_controller.rb:9:12:9:29 | ...[...] :  | semmle.label | ...[...] :  |
 | app/controllers/foo/bars_controller.rb:13:20:13:25 | call to params :  | semmle.label | call to params :  |
+| app/controllers/foo/bars_controller.rb:13:20:13:37 | ...[...] :  | semmle.label | ...[...] :  |
 | app/controllers/foo/bars_controller.rb:17:21:17:26 | call to params :  | semmle.label | call to params :  |
 | app/controllers/foo/bars_controller.rb:17:21:17:36 | ...[...] :  | semmle.label | ...[...] :  |
 | app/controllers/foo/bars_controller.rb:18:10:18:15 | call to params :  | semmle.label | call to params :  |
+| app/controllers/foo/bars_controller.rb:18:10:18:22 | ...[...] :  | semmle.label | ...[...] :  |
 | app/controllers/foo/bars_controller.rb:19:22:19:23 | dt :  | semmle.label | dt :  |
 | app/controllers/foo/bars_controller.rb:23:53:23:54 | dt :  | semmle.label | dt :  |
 | app/views/foo/bars/_widget.html.erb:5:9:5:20 | call to display_text | semmle.label | call to display_text |
diff --git a/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected b/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected
index aca755ba998..6a9f5f771fb 100644
--- a/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected
+++ b/ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected
@@ -4,22 +4,31 @@ edges
 | ActiveRecordInjection.rb:20:22:20:30 | condition :  | ActiveRecordInjection.rb:23:16:23:24 | condition |
 | ActiveRecordInjection.rb:35:30:35:35 | call to params :  | ActiveRecordInjection.rb:35:30:35:44 | ...[...] |
 | ActiveRecordInjection.rb:39:18:39:23 | call to params :  | ActiveRecordInjection.rb:39:18:39:32 | ...[...] |
-| ActiveRecordInjection.rb:43:29:43:34 | call to params :  | ActiveRecordInjection.rb:43:20:43:42 | "id = '#{...}'" |
-| ActiveRecordInjection.rb:48:30:48:35 | call to params :  | ActiveRecordInjection.rb:48:21:48:43 | "id = '#{...}'" |
-| ActiveRecordInjection.rb:52:31:52:36 | call to params :  | ActiveRecordInjection.rb:52:22:52:44 | "id = '#{...}'" |
-| ActiveRecordInjection.rb:57:32:57:37 | call to params :  | ActiveRecordInjection.rb:57:23:57:45 | "id = '#{...}'" |
-| ActiveRecordInjection.rb:62:21:62:26 | call to params :  | ActiveRecordInjection.rb:61:16:61:21 | <<-SQL |
-| ActiveRecordInjection.rb:68:34:68:39 | call to params :  | ActiveRecordInjection.rb:68:20:68:47 | "user.id = '#{...}'" |
+| ActiveRecordInjection.rb:43:29:43:34 | call to params :  | ActiveRecordInjection.rb:43:29:43:39 | ...[...] :  |
+| ActiveRecordInjection.rb:43:29:43:39 | ...[...] :  | ActiveRecordInjection.rb:43:20:43:42 | "id = '#{...}'" |
+| ActiveRecordInjection.rb:48:30:48:35 | call to params :  | ActiveRecordInjection.rb:48:30:48:40 | ...[...] :  |
+| ActiveRecordInjection.rb:48:30:48:40 | ...[...] :  | ActiveRecordInjection.rb:48:21:48:43 | "id = '#{...}'" |
+| ActiveRecordInjection.rb:52:31:52:36 | call to params :  | ActiveRecordInjection.rb:52:31:52:41 | ...[...] :  |
+| ActiveRecordInjection.rb:52:31:52:41 | ...[...] :  | ActiveRecordInjection.rb:52:22:52:44 | "id = '#{...}'" |
+| ActiveRecordInjection.rb:57:32:57:37 | call to params :  | ActiveRecordInjection.rb:57:32:57:42 | ...[...] :  |
+| ActiveRecordInjection.rb:57:32:57:42 | ...[...] :  | ActiveRecordInjection.rb:57:23:57:45 | "id = '#{...}'" |
+| ActiveRecordInjection.rb:62:21:62:26 | call to params :  | ActiveRecordInjection.rb:62:21:62:35 | ...[...] :  |
+| ActiveRecordInjection.rb:62:21:62:35 | ...[...] :  | ActiveRecordInjection.rb:61:16:61:21 | <<-SQL |
+| ActiveRecordInjection.rb:68:34:68:39 | call to params :  | ActiveRecordInjection.rb:68:34:68:44 | ...[...] :  |
+| ActiveRecordInjection.rb:68:34:68:44 | ...[...] :  | ActiveRecordInjection.rb:68:20:68:47 | "user.id = '#{...}'" |
 | ActiveRecordInjection.rb:70:23:70:28 | call to params :  | ActiveRecordInjection.rb:70:23:70:35 | ...[...] :  |
 | ActiveRecordInjection.rb:70:23:70:35 | ...[...] :  | ActiveRecordInjection.rb:8:25:8:28 | name :  |
 | ActiveRecordInjection.rb:70:38:70:43 | call to params :  | ActiveRecordInjection.rb:70:38:70:50 | ...[...] :  |
 | ActiveRecordInjection.rb:70:38:70:50 | ...[...] :  | ActiveRecordInjection.rb:8:31:8:34 | pass :  |
-| ActiveRecordInjection.rb:74:41:74:46 | call to params :  | ActiveRecordInjection.rb:74:32:74:54 | "id = '#{...}'" |
+| ActiveRecordInjection.rb:74:41:74:46 | call to params :  | ActiveRecordInjection.rb:74:41:74:51 | ...[...] :  |
+| ActiveRecordInjection.rb:74:41:74:51 | ...[...] :  | ActiveRecordInjection.rb:74:32:74:54 | "id = '#{...}'" |
 | ActiveRecordInjection.rb:83:17:83:22 | call to params :  | ActiveRecordInjection.rb:83:17:83:31 | ...[...] |
 | ActiveRecordInjection.rb:84:19:84:24 | call to params :  | ActiveRecordInjection.rb:84:19:84:33 | ...[...] |
 | ActiveRecordInjection.rb:88:18:88:23 | call to params :  | ActiveRecordInjection.rb:88:18:88:35 | ...[...] |
 | ActiveRecordInjection.rb:92:21:92:26 | call to params :  | ActiveRecordInjection.rb:92:21:92:35 | ...[...] |
-| ActiveRecordInjection.rb:98:10:98:15 | call to params :  | ActiveRecordInjection.rb:104:20:104:32 | ... + ... |
+| ActiveRecordInjection.rb:98:10:98:15 | call to params :  | ActiveRecordInjection.rb:99:11:99:12 | ps :  |
+| ActiveRecordInjection.rb:99:11:99:12 | ps :  | ActiveRecordInjection.rb:99:11:99:17 | ...[...] :  |
+| ActiveRecordInjection.rb:99:11:99:17 | ...[...] :  | ActiveRecordInjection.rb:104:20:104:32 | ... + ... |
 | ActiveRecordInjection.rb:137:21:137:26 | call to params :  | ActiveRecordInjection.rb:137:21:137:44 | ...[...] :  |
 | ActiveRecordInjection.rb:137:21:137:44 | ...[...] :  | ActiveRecordInjection.rb:20:22:20:30 | condition :  |
 nodes
@@ -34,22 +43,29 @@ nodes
 | ActiveRecordInjection.rb:39:18:39:32 | ...[...] | semmle.label | ...[...] |
 | ActiveRecordInjection.rb:43:20:43:42 | "id = '#{...}'" | semmle.label | "id = '#{...}'" |
 | ActiveRecordInjection.rb:43:29:43:34 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:43:29:43:39 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:48:21:48:43 | "id = '#{...}'" | semmle.label | "id = '#{...}'" |
 | ActiveRecordInjection.rb:48:30:48:35 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:48:30:48:40 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:52:22:52:44 | "id = '#{...}'" | semmle.label | "id = '#{...}'" |
 | ActiveRecordInjection.rb:52:31:52:36 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:52:31:52:41 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:57:23:57:45 | "id = '#{...}'" | semmle.label | "id = '#{...}'" |
 | ActiveRecordInjection.rb:57:32:57:37 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:57:32:57:42 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:61:16:61:21 | <<-SQL | semmle.label | <<-SQL |
 | ActiveRecordInjection.rb:62:21:62:26 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:62:21:62:35 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:68:20:68:47 | "user.id = '#{...}'" | semmle.label | "user.id = '#{...}'" |
 | ActiveRecordInjection.rb:68:34:68:39 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:68:34:68:44 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:70:23:70:28 | call to params :  | semmle.label | call to params :  |
 | ActiveRecordInjection.rb:70:23:70:35 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:70:38:70:43 | call to params :  | semmle.label | call to params :  |
 | ActiveRecordInjection.rb:70:38:70:50 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:74:32:74:54 | "id = '#{...}'" | semmle.label | "id = '#{...}'" |
 | ActiveRecordInjection.rb:74:41:74:46 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:74:41:74:51 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:83:17:83:22 | call to params :  | semmle.label | call to params :  |
 | ActiveRecordInjection.rb:83:17:83:31 | ...[...] | semmle.label | ...[...] |
 | ActiveRecordInjection.rb:84:19:84:24 | call to params :  | semmle.label | call to params :  |
@@ -59,6 +75,8 @@ nodes
 | ActiveRecordInjection.rb:92:21:92:26 | call to params :  | semmle.label | call to params :  |
 | ActiveRecordInjection.rb:92:21:92:35 | ...[...] | semmle.label | ...[...] |
 | ActiveRecordInjection.rb:98:10:98:15 | call to params :  | semmle.label | call to params :  |
+| ActiveRecordInjection.rb:99:11:99:12 | ps :  | semmle.label | ps :  |
+| ActiveRecordInjection.rb:99:11:99:17 | ...[...] :  | semmle.label | ...[...] :  |
 | ActiveRecordInjection.rb:104:20:104:32 | ... + ... | semmle.label | ... + ... |
 | ActiveRecordInjection.rb:137:21:137:26 | call to params :  | semmle.label | call to params :  |
 | ActiveRecordInjection.rb:137:21:137:44 | ...[...] :  | semmle.label | ...[...] :  |
diff --git a/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.expected b/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.expected
index 834fd1d1db7..f9e4dd35642 100644
--- a/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.expected
+++ b/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.expected
@@ -1,9 +1,11 @@
 edges
-| CodeInjection.rb:3:12:3:17 | call to params :  | CodeInjection.rb:6:10:6:13 | code |
-| CodeInjection.rb:3:12:3:17 | call to params :  | CodeInjection.rb:18:20:18:23 | code |
-| CodeInjection.rb:3:12:3:17 | call to params :  | CodeInjection.rb:21:21:21:24 | code |
+| CodeInjection.rb:3:12:3:17 | call to params :  | CodeInjection.rb:3:12:3:24 | ...[...] :  |
+| CodeInjection.rb:3:12:3:24 | ...[...] :  | CodeInjection.rb:6:10:6:13 | code |
+| CodeInjection.rb:3:12:3:24 | ...[...] :  | CodeInjection.rb:18:20:18:23 | code |
+| CodeInjection.rb:3:12:3:24 | ...[...] :  | CodeInjection.rb:21:21:21:24 | code |
 nodes
 | CodeInjection.rb:3:12:3:17 | call to params :  | semmle.label | call to params :  |
+| CodeInjection.rb:3:12:3:24 | ...[...] :  | semmle.label | ...[...] :  |
 | CodeInjection.rb:6:10:6:13 | code | semmle.label | code |
 | CodeInjection.rb:9:10:9:15 | call to params | semmle.label | call to params |
 | CodeInjection.rb:18:20:18:23 | code | semmle.label | code |
diff --git a/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected b/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected
index 938758f9db1..64c0c919427 100644
--- a/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected
+++ b/ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected
@@ -1,24 +1,29 @@
 edges
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:10:5:10:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:11:5:11:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:12:5:12:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:13:5:13:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:14:5:14:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:15:5:15:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:16:5:16:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:17:5:17:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:18:5:18:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:19:5:19:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:20:5:20:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:21:5:21:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:22:5:22:8 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:23:17:23:20 | name |
-| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:24:18:24:21 | name |
-| PolynomialReDoS.rb:27:9:27:14 | call to params :  | PolynomialReDoS.rb:28:5:28:5 | a |
-| PolynomialReDoS.rb:29:9:29:14 | call to params :  | PolynomialReDoS.rb:30:5:30:5 | b |
-| PolynomialReDoS.rb:31:9:31:14 | call to params :  | PolynomialReDoS.rb:32:5:32:5 | c |
+| PolynomialReDoS.rb:4:12:4:17 | call to params :  | PolynomialReDoS.rb:4:12:4:24 | ...[...] :  |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:10:5:10:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:11:5:11:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:12:5:12:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:13:5:13:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:14:5:14:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:15:5:15:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:16:5:16:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:17:5:17:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:18:5:18:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:19:5:19:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:20:5:20:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:21:5:21:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:22:5:22:8 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:23:17:23:20 | name |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | PolynomialReDoS.rb:24:18:24:21 | name |
+| PolynomialReDoS.rb:27:9:27:14 | call to params :  | PolynomialReDoS.rb:27:9:27:18 | ...[...] :  |
+| PolynomialReDoS.rb:27:9:27:18 | ...[...] :  | PolynomialReDoS.rb:28:5:28:5 | a |
+| PolynomialReDoS.rb:29:9:29:14 | call to params :  | PolynomialReDoS.rb:29:9:29:18 | ...[...] :  |
+| PolynomialReDoS.rb:29:9:29:18 | ...[...] :  | PolynomialReDoS.rb:30:5:30:5 | b |
+| PolynomialReDoS.rb:31:9:31:14 | call to params :  | PolynomialReDoS.rb:31:9:31:18 | ...[...] :  |
+| PolynomialReDoS.rb:31:9:31:18 | ...[...] :  | PolynomialReDoS.rb:32:5:32:5 | c |
 nodes
 | PolynomialReDoS.rb:4:12:4:17 | call to params :  | semmle.label | call to params :  |
+| PolynomialReDoS.rb:4:12:4:24 | ...[...] :  | semmle.label | ...[...] :  |
 | PolynomialReDoS.rb:10:5:10:8 | name | semmle.label | name |
 | PolynomialReDoS.rb:11:5:11:8 | name | semmle.label | name |
 | PolynomialReDoS.rb:12:5:12:8 | name | semmle.label | name |
@@ -35,10 +40,13 @@ nodes
 | PolynomialReDoS.rb:23:17:23:20 | name | semmle.label | name |
 | PolynomialReDoS.rb:24:18:24:21 | name | semmle.label | name |
 | PolynomialReDoS.rb:27:9:27:14 | call to params :  | semmle.label | call to params :  |
+| PolynomialReDoS.rb:27:9:27:18 | ...[...] :  | semmle.label | ...[...] :  |
 | PolynomialReDoS.rb:28:5:28:5 | a | semmle.label | a |
 | PolynomialReDoS.rb:29:9:29:14 | call to params :  | semmle.label | call to params :  |
+| PolynomialReDoS.rb:29:9:29:18 | ...[...] :  | semmle.label | ...[...] :  |
 | PolynomialReDoS.rb:30:5:30:5 | b | semmle.label | b |
 | PolynomialReDoS.rb:31:9:31:14 | call to params :  | semmle.label | call to params :  |
+| PolynomialReDoS.rb:31:9:31:18 | ...[...] :  | semmle.label | ...[...] :  |
 | PolynomialReDoS.rb:32:5:32:5 | c | semmle.label | c |
 subpaths
 #select
diff --git a/ruby/ql/test/query-tests/security/cwe-1333-regexp-injection/RegExpInjection.expected b/ruby/ql/test/query-tests/security/cwe-1333-regexp-injection/RegExpInjection.expected
index 4f2b3af777f..5f64a891749 100644
--- a/ruby/ql/test/query-tests/security/cwe-1333-regexp-injection/RegExpInjection.expected
+++ b/ruby/ql/test/query-tests/security/cwe-1333-regexp-injection/RegExpInjection.expected
@@ -1,19 +1,29 @@
 edges
-| RegExpInjection.rb:4:12:4:17 | call to params :  | RegExpInjection.rb:5:13:5:21 | /#{...}/ |
-| RegExpInjection.rb:10:12:10:17 | call to params :  | RegExpInjection.rb:11:13:11:27 | /foo#{...}bar/ |
-| RegExpInjection.rb:16:12:16:17 | call to params :  | RegExpInjection.rb:17:24:17:27 | name |
-| RegExpInjection.rb:22:12:22:17 | call to params :  | RegExpInjection.rb:23:24:23:33 | ... + ... |
-| RegExpInjection.rb:54:12:54:17 | call to params :  | RegExpInjection.rb:55:28:55:37 | ... + ... |
+| RegExpInjection.rb:4:12:4:17 | call to params :  | RegExpInjection.rb:4:12:4:24 | ...[...] :  |
+| RegExpInjection.rb:4:12:4:24 | ...[...] :  | RegExpInjection.rb:5:13:5:21 | /#{...}/ |
+| RegExpInjection.rb:10:12:10:17 | call to params :  | RegExpInjection.rb:10:12:10:24 | ...[...] :  |
+| RegExpInjection.rb:10:12:10:24 | ...[...] :  | RegExpInjection.rb:11:13:11:27 | /foo#{...}bar/ |
+| RegExpInjection.rb:16:12:16:17 | call to params :  | RegExpInjection.rb:16:12:16:24 | ...[...] :  |
+| RegExpInjection.rb:16:12:16:24 | ...[...] :  | RegExpInjection.rb:17:24:17:27 | name |
+| RegExpInjection.rb:22:12:22:17 | call to params :  | RegExpInjection.rb:22:12:22:24 | ...[...] :  |
+| RegExpInjection.rb:22:12:22:24 | ...[...] :  | RegExpInjection.rb:23:24:23:33 | ... + ... |
+| RegExpInjection.rb:54:12:54:17 | call to params :  | RegExpInjection.rb:54:12:54:24 | ...[...] :  |
+| RegExpInjection.rb:54:12:54:24 | ...[...] :  | RegExpInjection.rb:55:28:55:37 | ... + ... |
 nodes
 | RegExpInjection.rb:4:12:4:17 | call to params :  | semmle.label | call to params :  |
+| RegExpInjection.rb:4:12:4:24 | ...[...] :  | semmle.label | ...[...] :  |
 | RegExpInjection.rb:5:13:5:21 | /#{...}/ | semmle.label | /#{...}/ |
 | RegExpInjection.rb:10:12:10:17 | call to params :  | semmle.label | call to params :  |
+| RegExpInjection.rb:10:12:10:24 | ...[...] :  | semmle.label | ...[...] :  |
 | RegExpInjection.rb:11:13:11:27 | /foo#{...}bar/ | semmle.label | /foo#{...}bar/ |
 | RegExpInjection.rb:16:12:16:17 | call to params :  | semmle.label | call to params :  |
+| RegExpInjection.rb:16:12:16:24 | ...[...] :  | semmle.label | ...[...] :  |
 | RegExpInjection.rb:17:24:17:27 | name | semmle.label | name |
 | RegExpInjection.rb:22:12:22:17 | call to params :  | semmle.label | call to params :  |
+| RegExpInjection.rb:22:12:22:24 | ...[...] :  | semmle.label | ...[...] :  |
 | RegExpInjection.rb:23:24:23:33 | ... + ... | semmle.label | ... + ... |
 | RegExpInjection.rb:54:12:54:17 | call to params :  | semmle.label | call to params :  |
+| RegExpInjection.rb:54:12:54:24 | ...[...] :  | semmle.label | ...[...] :  |
 | RegExpInjection.rb:55:28:55:37 | ... + ... | semmle.label | ... + ... |
 subpaths
 #select
diff --git a/ruby/ql/test/query-tests/security/cwe-502/oj-global-options/UnsafeDeserialization.expected b/ruby/ql/test/query-tests/security/cwe-502/oj-global-options/UnsafeDeserialization.expected
index 8e4e62d4476..c42e5e42e8c 100644
--- a/ruby/ql/test/query-tests/security/cwe-502/oj-global-options/UnsafeDeserialization.expected
+++ b/ruby/ql/test/query-tests/security/cwe-502/oj-global-options/UnsafeDeserialization.expected
@@ -1,7 +1,9 @@
 edges
-| OjGlobalOptions.rb:13:17:13:22 | call to params :  | OjGlobalOptions.rb:14:22:14:30 | json_data |
+| OjGlobalOptions.rb:13:17:13:22 | call to params :  | OjGlobalOptions.rb:13:17:13:28 | ...[...] :  |
+| OjGlobalOptions.rb:13:17:13:28 | ...[...] :  | OjGlobalOptions.rb:14:22:14:30 | json_data |
 nodes
 | OjGlobalOptions.rb:13:17:13:22 | call to params :  | semmle.label | call to params :  |
+| OjGlobalOptions.rb:13:17:13:28 | ...[...] :  | semmle.label | ...[...] :  |
 | OjGlobalOptions.rb:14:22:14:30 | json_data | semmle.label | json_data |
 subpaths
 #select
diff --git a/ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected b/ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
index b2fde305145..42cc4d0a099 100644
--- a/ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
+++ b/ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
@@ -1,27 +1,41 @@
 edges
-| UnsafeDeserialization.rb:9:39:9:44 | call to params :  | UnsafeDeserialization.rb:10:27:10:41 | serialized_data |
-| UnsafeDeserialization.rb:15:39:15:44 | call to params :  | UnsafeDeserialization.rb:16:30:16:44 | serialized_data |
-| UnsafeDeserialization.rb:21:17:21:22 | call to params :  | UnsafeDeserialization.rb:22:24:22:32 | json_data |
-| UnsafeDeserialization.rb:27:17:27:22 | call to params :  | UnsafeDeserialization.rb:28:27:28:35 | json_data |
-| UnsafeDeserialization.rb:39:17:39:22 | call to params :  | UnsafeDeserialization.rb:40:24:40:32 | yaml_data |
-| UnsafeDeserialization.rb:51:17:51:22 | call to params :  | UnsafeDeserialization.rb:52:22:52:30 | json_data |
-| UnsafeDeserialization.rb:51:17:51:22 | call to params :  | UnsafeDeserialization.rb:53:22:53:30 | json_data |
-| UnsafeDeserialization.rb:58:17:58:22 | call to params :  | UnsafeDeserialization.rb:68:23:68:31 | json_data |
+| UnsafeDeserialization.rb:9:39:9:44 | call to params :  | UnsafeDeserialization.rb:9:39:9:50 | ...[...] :  |
+| UnsafeDeserialization.rb:9:39:9:50 | ...[...] :  | UnsafeDeserialization.rb:10:27:10:41 | serialized_data |
+| UnsafeDeserialization.rb:15:39:15:44 | call to params :  | UnsafeDeserialization.rb:15:39:15:50 | ...[...] :  |
+| UnsafeDeserialization.rb:15:39:15:50 | ...[...] :  | UnsafeDeserialization.rb:16:30:16:44 | serialized_data |
+| UnsafeDeserialization.rb:21:17:21:22 | call to params :  | UnsafeDeserialization.rb:21:17:21:28 | ...[...] :  |
+| UnsafeDeserialization.rb:21:17:21:28 | ...[...] :  | UnsafeDeserialization.rb:22:24:22:32 | json_data |
+| UnsafeDeserialization.rb:27:17:27:22 | call to params :  | UnsafeDeserialization.rb:27:17:27:28 | ...[...] :  |
+| UnsafeDeserialization.rb:27:17:27:28 | ...[...] :  | UnsafeDeserialization.rb:28:27:28:35 | json_data |
+| UnsafeDeserialization.rb:39:17:39:22 | call to params :  | UnsafeDeserialization.rb:39:17:39:28 | ...[...] :  |
+| UnsafeDeserialization.rb:39:17:39:28 | ...[...] :  | UnsafeDeserialization.rb:40:24:40:32 | yaml_data |
+| UnsafeDeserialization.rb:51:17:51:22 | call to params :  | UnsafeDeserialization.rb:51:17:51:28 | ...[...] :  |
+| UnsafeDeserialization.rb:51:17:51:28 | ...[...] :  | UnsafeDeserialization.rb:52:22:52:30 | json_data |
+| UnsafeDeserialization.rb:51:17:51:28 | ...[...] :  | UnsafeDeserialization.rb:53:22:53:30 | json_data |
+| UnsafeDeserialization.rb:58:17:58:22 | call to params :  | UnsafeDeserialization.rb:58:17:58:28 | ...[...] :  |
+| UnsafeDeserialization.rb:58:17:58:28 | ...[...] :  | UnsafeDeserialization.rb:68:23:68:31 | json_data |
 nodes
 | UnsafeDeserialization.rb:9:39:9:44 | call to params :  | semmle.label | call to params :  |
+| UnsafeDeserialization.rb:9:39:9:50 | ...[...] :  | semmle.label | ...[...] :  |
 | UnsafeDeserialization.rb:10:27:10:41 | serialized_data | semmle.label | serialized_data |
 | UnsafeDeserialization.rb:15:39:15:44 | call to params :  | semmle.label | call to params :  |
+| UnsafeDeserialization.rb:15:39:15:50 | ...[...] :  | semmle.label | ...[...] :  |
 | UnsafeDeserialization.rb:16:30:16:44 | serialized_data | semmle.label | serialized_data |
 | UnsafeDeserialization.rb:21:17:21:22 | call to params :  | semmle.label | call to params :  |
+| UnsafeDeserialization.rb:21:17:21:28 | ...[...] :  | semmle.label | ...[...] :  |
 | UnsafeDeserialization.rb:22:24:22:32 | json_data | semmle.label | json_data |
 | UnsafeDeserialization.rb:27:17:27:22 | call to params :  | semmle.label | call to params :  |
+| UnsafeDeserialization.rb:27:17:27:28 | ...[...] :  | semmle.label | ...[...] :  |
 | UnsafeDeserialization.rb:28:27:28:35 | json_data | semmle.label | json_data |
 | UnsafeDeserialization.rb:39:17:39:22 | call to params :  | semmle.label | call to params :  |
+| UnsafeDeserialization.rb:39:17:39:28 | ...[...] :  | semmle.label | ...[...] :  |
 | UnsafeDeserialization.rb:40:24:40:32 | yaml_data | semmle.label | yaml_data |
 | UnsafeDeserialization.rb:51:17:51:22 | call to params :  | semmle.label | call to params :  |
+| UnsafeDeserialization.rb:51:17:51:28 | ...[...] :  | semmle.label | ...[...] :  |
 | UnsafeDeserialization.rb:52:22:52:30 | json_data | semmle.label | json_data |
 | UnsafeDeserialization.rb:53:22:53:30 | json_data | semmle.label | json_data |
 | UnsafeDeserialization.rb:58:17:58:22 | call to params :  | semmle.label | call to params :  |
+| UnsafeDeserialization.rb:58:17:58:28 | ...[...] :  | semmle.label | ...[...] :  |
 | UnsafeDeserialization.rb:68:23:68:31 | json_data | semmle.label | json_data |
 subpaths
 #select
diff --git a/ruby/ql/test/query-tests/security/cwe-601/UrlRedirect.expected b/ruby/ql/test/query-tests/security/cwe-601/UrlRedirect.expected
index 2684c3ff180..0805fd2c627 100644
--- a/ruby/ql/test/query-tests/security/cwe-601/UrlRedirect.expected
+++ b/ruby/ql/test/query-tests/security/cwe-601/UrlRedirect.expected
@@ -4,7 +4,8 @@ edges
 | UrlRedirect.rb:19:17:19:22 | call to params :  | UrlRedirect.rb:19:17:19:37 | call to to_unsafe_hash |
 | UrlRedirect.rb:24:31:24:36 | call to params :  | UrlRedirect.rb:24:17:24:37 | call to filter_params |
 | UrlRedirect.rb:24:31:24:36 | call to params :  | UrlRedirect.rb:56:21:56:32 | input_params :  |
-| UrlRedirect.rb:34:20:34:25 | call to params :  | UrlRedirect.rb:34:17:34:37 | "#{...}/foo" |
+| UrlRedirect.rb:34:20:34:25 | call to params :  | UrlRedirect.rb:34:20:34:31 | ...[...] :  |
+| UrlRedirect.rb:34:20:34:31 | ...[...] :  | UrlRedirect.rb:34:17:34:37 | "#{...}/foo" |
 | UrlRedirect.rb:56:21:56:32 | input_params :  | UrlRedirect.rb:57:5:57:29 | call to permit :  |
 nodes
 | UrlRedirect.rb:4:17:4:22 | call to params | semmle.label | call to params |
@@ -18,6 +19,7 @@ nodes
 | UrlRedirect.rb:24:31:24:36 | call to params :  | semmle.label | call to params :  |
 | UrlRedirect.rb:34:17:34:37 | "#{...}/foo" | semmle.label | "#{...}/foo" |
 | UrlRedirect.rb:34:20:34:25 | call to params :  | semmle.label | call to params :  |
+| UrlRedirect.rb:34:20:34:31 | ...[...] :  | semmle.label | ...[...] :  |
 | UrlRedirect.rb:56:21:56:32 | input_params :  | semmle.label | input_params :  |
 | UrlRedirect.rb:57:5:57:29 | call to permit :  | semmle.label | call to permit :  |
 subpaths
diff --git a/ruby/ql/test/query-tests/security/cwe-611/Xxe.expected b/ruby/ql/test/query-tests/security/cwe-611/Xxe.expected
index 0db8bb55da4..44732d9a7a7 100644
--- a/ruby/ql/test/query-tests/security/cwe-611/Xxe.expected
+++ b/ruby/ql/test/query-tests/security/cwe-611/Xxe.expected
@@ -1,29 +1,32 @@
 edges
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:4:34:4:40 | content |
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:5:32:5:38 | content |
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:6:30:6:36 | content |
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:7:32:7:38 | content |
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:8:30:8:36 | content |
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:9:28:9:34 | content |
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:11:26:11:32 | content |
-| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:12:24:12:30 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:5:26:5:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:6:26:6:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:7:26:7:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:8:26:8:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:9:26:9:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:11:26:11:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:12:26:12:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:15:26:15:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:16:26:16:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:18:26:18:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:19:26:19:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:22:26:22:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:25:26:25:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:27:26:27:32 | content |
-| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:28:26:28:32 | content |
+| LibXmlRuby.rb:3:15:3:20 | call to params :  | LibXmlRuby.rb:3:15:3:26 | ...[...] :  |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:4:34:4:40 | content |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:5:32:5:38 | content |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:6:30:6:36 | content |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:7:32:7:38 | content |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:8:30:8:36 | content |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:9:28:9:34 | content |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:11:26:11:32 | content |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | LibXmlRuby.rb:12:24:12:30 | content |
+| Nokogiri.rb:3:15:3:20 | call to params :  | Nokogiri.rb:3:15:3:26 | ...[...] :  |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:5:26:5:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:6:26:6:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:7:26:7:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:8:26:8:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:9:26:9:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:11:26:11:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:12:26:12:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:15:26:15:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:16:26:16:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:18:26:18:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:19:26:19:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:22:26:22:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:25:26:25:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:27:26:27:32 | content |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | Nokogiri.rb:28:26:28:32 | content |
 nodes
 | LibXmlRuby.rb:3:15:3:20 | call to params :  | semmle.label | call to params :  |
+| LibXmlRuby.rb:3:15:3:26 | ...[...] :  | semmle.label | ...[...] :  |
 | LibXmlRuby.rb:4:34:4:40 | content | semmle.label | content |
 | LibXmlRuby.rb:5:32:5:38 | content | semmle.label | content |
 | LibXmlRuby.rb:6:30:6:36 | content | semmle.label | content |
@@ -33,6 +36,7 @@ nodes
 | LibXmlRuby.rb:11:26:11:32 | content | semmle.label | content |
 | LibXmlRuby.rb:12:24:12:30 | content | semmle.label | content |
 | Nokogiri.rb:3:15:3:20 | call to params :  | semmle.label | call to params :  |
+| Nokogiri.rb:3:15:3:26 | ...[...] :  | semmle.label | ...[...] :  |
 | Nokogiri.rb:5:26:5:32 | content | semmle.label | content |
 | Nokogiri.rb:6:26:6:32 | content | semmle.label | content |
 | Nokogiri.rb:7:26:7:32 | content | semmle.label | content |
diff --git a/ruby/ql/test/query-tests/security/cwe-807-user-controlled-bypass/ConditionalBypass.expected b/ruby/ql/test/query-tests/security/cwe-807-user-controlled-bypass/ConditionalBypass.expected
index 489f5fa6977..3026c823650 100644
--- a/ruby/ql/test/query-tests/security/cwe-807-user-controlled-bypass/ConditionalBypass.expected
+++ b/ruby/ql/test/query-tests/security/cwe-807-user-controlled-bypass/ConditionalBypass.expected
@@ -1,12 +1,13 @@
 edges
-| ConditionalBypass.rb:3:13:3:18 | call to params :  | ConditionalBypass.rb:6:8:6:12 | check |
+| ConditionalBypass.rb:3:13:3:18 | call to params :  | ConditionalBypass.rb:3:13:3:26 | ...[...] :  |
+| ConditionalBypass.rb:3:13:3:26 | ...[...] :  | ConditionalBypass.rb:6:8:6:12 | check |
 | ConditionalBypass.rb:14:14:14:19 | call to params :  | ConditionalBypass.rb:14:14:14:27 | ...[...] |
 | ConditionalBypass.rb:25:10:25:15 | call to params :  | ConditionalBypass.rb:25:10:25:22 | ...[...] |
 | ConditionalBypass.rb:25:10:25:15 | call to params :  | ConditionalBypass.rb:25:10:25:22 | ...[...] :  |
-| ConditionalBypass.rb:25:10:25:15 | call to params :  | ConditionalBypass.rb:27:8:27:8 | p |
 | ConditionalBypass.rb:25:10:25:22 | ...[...] :  | ConditionalBypass.rb:27:8:27:8 | p |
 nodes
 | ConditionalBypass.rb:3:13:3:18 | call to params :  | semmle.label | call to params :  |
+| ConditionalBypass.rb:3:13:3:26 | ...[...] :  | semmle.label | ...[...] :  |
 | ConditionalBypass.rb:6:8:6:12 | check | semmle.label | check |
 | ConditionalBypass.rb:14:14:14:19 | call to params :  | semmle.label | call to params :  |
 | ConditionalBypass.rb:14:14:14:27 | ...[...] | semmle.label | ...[...] |
diff --git a/ruby/ql/test/query-tests/security/cwe-918/ServerSideRequestForgery.expected b/ruby/ql/test/query-tests/security/cwe-918/ServerSideRequestForgery.expected
index f019d969f37..af6ecf00059 100644
--- a/ruby/ql/test/query-tests/security/cwe-918/ServerSideRequestForgery.expected
+++ b/ruby/ql/test/query-tests/security/cwe-918/ServerSideRequestForgery.expected
@@ -1,7 +1,9 @@
 edges
-| ServerSideRequestForgery.rb:9:32:9:37 | call to params :  | ServerSideRequestForgery.rb:10:31:10:62 | "#{...}/logins" |
+| ServerSideRequestForgery.rb:9:32:9:37 | call to params :  | ServerSideRequestForgery.rb:9:32:9:60 | ...[...] :  |
+| ServerSideRequestForgery.rb:9:32:9:60 | ...[...] :  | ServerSideRequestForgery.rb:10:31:10:62 | "#{...}/logins" |
 nodes
 | ServerSideRequestForgery.rb:9:32:9:37 | call to params :  | semmle.label | call to params :  |
+| ServerSideRequestForgery.rb:9:32:9:60 | ...[...] :  | semmle.label | ...[...] :  |
 | ServerSideRequestForgery.rb:10:31:10:62 | "#{...}/logins" | semmle.label | "#{...}/logins" |
 subpaths
 #select