Use flowFrom.

csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll

@@ -52,7 +52,7 @@ class IDbCommandConstructionSqlExpr extends SqlExpr, ObjectCreation {
 class DapperCommandDefinitionMethodCallSqlExpr extends SqlExpr, ObjectCreation {
   DapperCommandDefinitionMethodCallSqlExpr() {
     this.getObjectType() instanceof Dapper::CommandDefinitionStruct and
-    DapperCommandDefinitionMethodCallSql::flow(DataFlow::exprNode(this), _)
+    DapperCommandDefinitionMethodCallSql::flowFromExpr(this)
   }
 
   override Expr getSql() { result = this.getArgumentForName("commandText") }

csharp/ql/src/Security Features/CWE-614/CookieWithoutSecure.ql

@@ -46,10 +46,7 @@ predicate insecureCookieOptionsCreation(ObjectCreation oc) {
   // `Secure` property in `CookieOptions` passed to IResponseCookies.Append(...) wasn't set
   oc.getType() instanceof MicrosoftAspNetCoreHttpCookieOptions and
   secureFalseOrNotSet(oc) and
-  exists(DataFlow::Node creation |
-    CookieOptionsTracking::flow(creation, _) and
-    creation.asExpr() = oc
-  )
+  CookieOptionsTracking::flowFromExpr(oc)
 }
 
 predicate insecureCookieAppend(Expr sink) {