set compileForOverlayEval true everywhere

.bazelrc

@@ -37,6 +37,5 @@ build --java_language_version=17
 build --tool_java_language_version=17
 build --tool_java_runtime_version=remotejdk_17
 build --java_runtime_version=remotejdk_17
-build --@rules_python//python/config_settings:python_version=3.12
 
 try-import %workspace%/local.bazelrc

.bazelrc.internal

@@ -8,5 +8,3 @@ common --registry=https://bcr.bazel.build
 # its implementation packages without providing any code itself.
 # We either can depend on internal implementation details, or turn of strict deps.
 common --@rules_dotnet//dotnet/settings:strict_deps=false
-
-build --@rules_python//python/config_settings:python_version=3.12

.github/workflows/build-ripunzip.yml

@@ -17,7 +17,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-22.04, macos-13, windows-2019]
+        os: [ubuntu-20.04, macos-13, windows-2019]
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4

.github/workflows/go-tests-rtjo.yml

@@ -1,22 +0,0 @@
-name: "Go: Run RTJO Tests"
-on:
-  pull_request:
-    types:
-      - labeled
-
-permissions:
-  contents: read
-
-jobs:
-  test-linux:
-    if: "github.repository_owner == 'github' && github.event.label.name == 'Run: RTJO Language Tests'"
-    name: RTJO Test Linux (Ubuntu)
-    runs-on: ubuntu-latest-xl
-    steps:
-      - name: Check out code
-        uses: actions/checkout@v4
-      - name: Run tests
-        uses: ./go/actions/test
-        with:
-          run-code-checks: true
-          dynamic-join-order-mode: all

.github/workflows/ruby-qltest-rtjo.yml

@@ -1,40 +0,0 @@
-name: "Ruby: Run RTJO Language Tests"
-
-on:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-      - reopened
-      - labeled
-
-env:
-  CARGO_TERM_COLOR: always
-
-defaults:
-  run:
-    working-directory: ruby
-
-permissions:
-  contents: read
-
-jobs:
-  qltest-rtjo:
-    if: "github.repository_owner == 'github' && github.event.label.name == 'Run: RTJO Language Tests'"
-    runs-on: ubuntu-latest-xl
-    strategy:
-      fail-fast: false
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/fetch-codeql
-      - uses: ./ruby/actions/create-extractor-pack
-      - name: Cache compilation cache
-        id: query-cache
-        uses: ./.github/actions/cache-query-compilation
-        with:
-          key: ruby-qltest
-      - name: Run QL tests
-        run: |
-          codeql test run --dynamic-join-order-mode=all --threads=0 --ram 50000 --search-path "${{ github.workspace }}" --check-databases --check-undefined-labels --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
-        env:
-          GITHUB_TOKEN: ${{ github.token }}

.pre-commit-config.yaml

@@ -72,7 +72,7 @@ repos:
 
       - id: rust-codegen
         name: Run Rust checked in code generation
-        files: ^misc/codegen/|^rust/(prefix\.dbscheme|schema/|codegen/|.*/generated/|ql/lib/(rust\.dbscheme$|codeql/rust/elements)|\.generated.list|ast-generator/)
+        files: ^misc/codegen/|^rust/(prefix\.dbscheme|schema/|codegen/|.*/generated/|ql/lib/(rust\.dbscheme$|codeql/rust/elements)|\.generated.list)
         language: system
         entry: bazel run //rust/codegen -- --quiet
         pass_filenames: false

Cargo.lock

@@ -18,10 +18,13 @@ dependencies = [
 ]
 
 [[package]]
-name = "allocator-api2"
-version = "0.2.21"
+name = "always-assert"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923"
+checksum = "a1078fa1ce1e34b1872d8611ad921196d76bdd7027e949fbe31231abde201892"
+dependencies = [
+ "tracing",
+]
 
 [[package]]
 name = "android-tzdata"
@@ -90,9 +93,9 @@ dependencies = [
 
 [[package]]
 name = "anyhow"
-version = "1.0.97"
+version = "1.0.96"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dcfed56ad506cb2c684a14971b8861fdc3baaaae314b9e5f9bb532cbe3ba7a4f"
+checksum = "6b964d184e89d9b6b67dd2715bc8e74cf3107fb2b529990c90cf517326150bf4"
 
 [[package]]
 name = "argfile"
@@ -167,15 +170,6 @@ dependencies = [
  "cfg_aliases",
 ]
 
-[[package]]
-name = "boxcar"
-version = "0.2.11"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6740c6e2fc6360fa57c35214c7493826aee95993926092606f27c983b40837be"
-dependencies = [
- "loom",
-]
-
 [[package]]
 name = "bstr"
 version = "1.11.3"
@@ -259,9 +253,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
 
 [[package]]
 name = "chalk-derive"
-version = "0.100.0"
+version = "0.99.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ab2d131019373f0d0d1f2af0abd4f719739f6583c1b33965112455f643a910af"
+checksum = "572583d9b97f9d277e5c7607f8239a30e2e04d3ed3b47c87d1cb2152ae724073"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -271,9 +265,9 @@ dependencies = [
 
 [[package]]
 name = "chalk-ir"
-version = "0.100.0"
+version = "0.99.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4f114996bda14c0213f014a4ef31a7867dcf5f539a3900477fc6b20138e7a17b"
+checksum = "e60e0ef9c81dce1336a9ed3c76f08775f5b623151d96d85ba45f7b10de76d1c7"
 dependencies = [
  "bitflags 2.8.0",
  "chalk-derive",
@@ -281,9 +275,9 @@ dependencies = [
 
 [[package]]
 name = "chalk-recursive"
-version = "0.100.0"
+version = "0.99.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "551e956e031c09057c7b21f17d48d91de99c9b6b6e34bceaf5e7202d71021268"
+checksum = "5a06350d614e22b03a69b8105e3541614450a7ea48bc58ecc6c6bd92731a3995"
 dependencies = [
  "chalk-derive",
  "chalk-ir",
@@ -294,9 +288,9 @@ dependencies = [
 
 [[package]]
 name = "chalk-solve"
-version = "0.100.0"
+version = "0.99.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cd7ca50181156ce649efe8e5dd00580f573651554e4dcd11afa4e2ac93f53324"
+checksum = "0e428761e9b55bee516bfe2457caed8b6d1b86353f92ae825bbe438a36ce91e8"
 dependencies = [
  "chalk-derive",
  "chalk-ir",
@@ -310,9 +304,9 @@ dependencies = [
 
 [[package]]
 name = "chrono"
-version = "0.4.40"
+version = "0.4.39"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1a7964611d71df112cb1730f2ee67324fcf4d0fc6606acbbe9bfe06df124637c"
+checksum = "7e36cc9d416881d2e24f9a963be5fb1cd90966419ac844274161d10488b3e825"
 dependencies = [
  "android-tzdata",
  "iana-time-zone",
@@ -320,14 +314,14 @@ dependencies = [
  "num-traits",
  "serde",
  "wasm-bindgen",
- "windows-link",
+ "windows-targets 0.52.6",
 ]
 
 [[package]]
 name = "clap"
-version = "4.5.32"
+version = "4.5.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6088f3ae8c3608d19260cd7445411865a485688711b78b5be70d78cd96136f83"
+checksum = "027bb0d98429ae334a8698531da7077bdf906419543a35a55c2cb1b66437d767"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -335,9 +329,9 @@ dependencies = [
 
 [[package]]
 name = "clap_builder"
-version = "4.5.32"
+version = "4.5.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22a7ef7f676155edfb82daa97f99441f3ebf4a58d5e32f295a56259f1b6facc8"
+checksum = "5589e0cba072e0f3d23791efac0fd8627b49c829c196a492e88168e6a669d863"
 dependencies = [
  "anstream",
  "anstyle",
@@ -347,11 +341,11 @@ dependencies = [
 
 [[package]]
 name = "clap_derive"
-version = "4.5.32"
+version = "4.5.28"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "09176aae279615badda0765c0c0b3f6ed53f4709118af73cf4655d85d1530cd7"
+checksum = "bf4ced95c6f4a675af3da73304b9ac4ed991640c36374e4b46795c49e17cf1ed"
 dependencies = [
- "heck",
+ "heck 0.5.0",
  "proc-macro2",
  "quote",
  "syn",
@@ -511,15 +505,6 @@ dependencies = [
  "crossbeam-utils",
 ]
 
-[[package]]
-name = "crossbeam-queue"
-version = "0.3.12"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0f58bbc28f91df819d0aa2a2c00cd19754769c2fad90579b3592b1c9ba7a3115"
-dependencies = [
- "crossbeam-utils",
-]
-
 [[package]]
 name = "crossbeam-utils"
 version = "0.8.21"
@@ -574,20 +559,6 @@ dependencies = [
  "parking_lot_core",
 ]
 
-[[package]]
-name = "dashmap"
-version = "6.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5041cc499144891f3790297212f32a74fb938e5136a14943f338ef9e0ae276cf"
-dependencies = [
- "cfg-if",
- "crossbeam-utils",
- "hashbrown 0.14.5",
- "lock_api",
- "once_cell",
- "parking_lot_core",
-]
-
 [[package]]
 name = "deranged"
 version = "0.3.11"
@@ -612,9 +583,9 @@ checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813"
 
 [[package]]
 name = "either"
-version = "1.15.0"
+version = "1.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719"
+checksum = "b7914353092ddf589ad78f25c5c1c21b7f80b0ff8621e7c814c3485b5306da9d"
 
 [[package]]
 name = "ena"
@@ -743,12 +714,6 @@ version = "1.0.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
 
-[[package]]
-name = "foldhash"
-version = "0.1.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
-
 [[package]]
 name = "fs-err"
 version = "2.11.0"
@@ -773,19 +738,6 @@ version = "0.4.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7ab85b9b05e3978cc9a9cf8fea7f01b494e1a09ed3037e16ba39edc7a29eb61a"
 
-[[package]]
-name = "generator"
-version = "0.8.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cc6bd114ceda131d3b1d665eba35788690ad37f5916457286b32ab6fd3c438dd"
-dependencies = [
- "cfg-if",
- "libc",
- "log 0.4.25",
- "rustversion",
- "windows",
-]
-
 [[package]]
 name = "getrandom"
 version = "0.3.1"
@@ -834,20 +786,12 @@ name = "hashbrown"
 version = "0.15.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289"
-dependencies = [
- "allocator-api2",
- "equivalent",
- "foldhash",
-]
 
 [[package]]
-name = "hashlink"
-version = "0.10.0"
+name = "heck"
+version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7382cf6263419f2d8df38c55d7da83da5c18aef87fc7a7fc1fb1e344edfe14c1"
-dependencies = [
- "hashbrown 0.15.2",
-]
+checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8"
 
 [[package]]
 name = "heck"
@@ -887,7 +831,7 @@ dependencies = [
  "iana-time-zone-haiku",
  "js-sys",
  "wasm-bindgen",
- "windows-core 0.52.0",
+ "windows-core",
 ]
 
 [[package]]
@@ -1083,19 +1027,6 @@ version = "0.4.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "04cbf5b083de1c7e0222a7a51dbfdba1cbe1c6ab0b15e29fff3f6c077fd9cd9f"
 
-[[package]]
-name = "loom"
-version = "0.7.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "419e0dc8046cb947daa77eb95ae174acfbddb7673b4151f56d1eed8e93fbfaca"
-dependencies = [
- "cfg-if",
- "generator",
- "scoped-tls",
- "tracing",
- "tracing-subscriber",
-]
-
 [[package]]
 name = "lz4_flex"
 version = "0.11.3"
@@ -1340,12 +1271,6 @@ version = "0.2.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3b3cff922bd51709b605d9ead9aa71031d81447142d828eb4a6eba76fe619f9b"
 
-[[package]]
-name = "portable-atomic"
-version = "1.11.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "350e9b48cbc6b0e028b0473b114454c6316e57336ee184ceab6e53f72c178b3e"
-
 [[package]]
 name = "powerfmt"
 version = "0.2.0"
@@ -1363,9 +1288,9 @@ dependencies = [
 
 [[package]]
 name = "proc-macro2"
-version = "1.0.94"
+version = "1.0.93"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84"
+checksum = "60946a68e5f9d28b0dc1c21bb8a97ee7d018a8b322fa57838ba31cc878e22d99"
 dependencies = [
  "unicode-ident",
 ]
@@ -1385,18 +1310,18 @@ dependencies = [
 
 [[package]]
 name = "quote"
-version = "1.0.40"
+version = "1.0.38"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d"
+checksum = "0e4dccaaaf89514f546c693ddc140f729f958c247918a13380cccc6078391acc"
 dependencies = [
  "proc-macro2",
 ]
 
 [[package]]
 name = "ra-ap-rustc_abi"
-version = "0.100.0"
+version = "0.97.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f1651b0f7e8c3eb7c27a88f39d277e69c32bfe58e3be174d286c1a24d6a7a4d8"
+checksum = "3829c3355d1681ffeaf1450ec71edcdace6820fe2e86469d8fc1ad45e2c96460"
 dependencies = [
  "bitflags 2.8.0",
  "ra-ap-rustc_hashes",
@@ -1406,18 +1331,18 @@ dependencies = [
 
 [[package]]
 name = "ra-ap-rustc_hashes"
-version = "0.100.0"
+version = "0.97.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2bcd85e93dc0ea850bcfe7957a115957df799ccbc9eea488bdee5ec6780d212b"
+checksum = "1bd4d6d4c434bec08e02370a4f64a4985312097215a62e82d0f757f3a98e502e"
 dependencies = [
  "rustc-stable-hash",
 ]
 
 [[package]]
 name = "ra-ap-rustc_index"
-version = "0.100.0"
+version = "0.97.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "62b295fc0640cd9fe0ecab872ee4a17a96f90a3998ec9f0c4765e9b8415c12cc"
+checksum = "bad6fc4bd7522e31096e2de5b0351144fe0684b608791ee26c842bf2da1b19ae"
 dependencies = [
  "ra-ap-rustc_index_macros",
  "smallvec",
@@ -1425,9 +1350,9 @@ dependencies = [
 
 [[package]]
 name = "ra-ap-rustc_index_macros"
-version = "0.100.0"
+version = "0.97.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c675f4257023aa933882906f13802cae287e88cc39ab13cbb96809083db0c801"
+checksum = "cfb234e1f84b92be45276c3025bee18789e9bc95bec8789bec961e78edb01c52"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -1436,9 +1361,9 @@ dependencies = [
 
 [[package]]
 name = "ra-ap-rustc_lexer"
-version = "0.100.0"
+version = "0.97.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c8358702c2a510ea84ba5801ddc047d9ad9520902cfb0e6173277610cdce2c9c"
+checksum = "7a3a40bd11dc43d1cb110e730b80620cf8102f4cca8920a02b65954da0ed931f"
 dependencies = [
  "memchr",
  "unicode-properties",
@@ -1447,9 +1372,9 @@ dependencies = [
 
 [[package]]
 name = "ra-ap-rustc_parse_format"
-version = "0.100.0"
+version = "0.97.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b98f402011d46732c35c47bfd111dec0495747fef2ec900ddee7fe15d78449a7"
+checksum = "5feb877478994cb4c0c0c7a5116a352eefc0634aefc8636feb00a893fa5b7135"
 dependencies = [
  "ra-ap-rustc_index",
  "ra-ap-rustc_lexer",
@@ -1457,9 +1382,9 @@ dependencies = [
 
 [[package]]
 name = "ra-ap-rustc_pattern_analysis"
-version = "0.100.0"
+version = "0.97.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bef3ff73fa4653252ffe1d1e9177a446f49ef46d97140e4816b7ff2dad59ed53"
+checksum = "a76774d35934d464c4115908cde16f76a4f7e540fe1eea6b79336c556e37bdd3"
 dependencies = [
  "ra-ap-rustc_index",
  "rustc-hash 2.1.1",
@@ -1470,22 +1395,20 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_base_db"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4baa9734d254af14fd603528ad594650dea601b1764492bd39988da38598ae67"
+checksum = "5d8e4a327f1a8ace5afced54ebaa1a34f8cf0bb535a28aefb8300e8ea49a7d6e"
 dependencies = [
- "dashmap 5.5.3",
  "la-arena",
  "lz4_flex",
  "ra_ap_cfg",
  "ra_ap_intern",
- "ra_ap_query-group-macro",
+ "ra_ap_salsa",
  "ra_ap_span",
  "ra_ap_stdx",
  "ra_ap_syntax",
  "ra_ap_vfs",
  "rustc-hash 2.1.1",
- "salsa",
  "semver",
  "tracing",
  "triomphe",
@@ -1493,9 +1416,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_cfg"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0ef2ba45636c5e585040c0c4bee640737a6001b08309f1a25ca78cf04abfbf90"
+checksum = "4d974450788b1f90243c5f2231875ed4d7087444975c0190a1c2cb02c3ed465d"
 dependencies = [
  "ra_ap_intern",
  "ra_ap_tt",
@@ -1505,15 +1428,15 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_edition"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8955c1484d5e7274f755187788ba0d51eb149f870c69cdf0d87c3b7edea20ea0"
+checksum = "c3b1b961a84cb09a4e06e44d06b2e77bcf546d0c2623df9545ba9cc694880989"
 
 [[package]]
 name = "ra_ap_hir"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a51d7955beff2212701b149bea36d4cf2dc0f5cd129652c9bcf0cb5c0b021078"
+checksum = "ff0672e35a6cf12333cb6b9e3fd18aba4bc724fa7c7b24c3253df4730be1f9c3"
 dependencies = [
  "arrayvec",
  "either",
@@ -1537,14 +1460,14 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_hir_def"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e5c97e617e4c585d24b3d4f668861452aedddfbe0262f4c53235dcea77e62f9b"
+checksum = "fde2fb9361257e31e73e63eb2d07445ea3fd4cd1e7bae7f45e7ba82bcfcde29a"
 dependencies = [
  "arrayvec",
  "bitflags 2.8.0",
  "cov-mark",
- "dashmap 5.5.3",
+ "dashmap",
  "drop_bomb",
  "either",
  "fst",
@@ -1560,14 +1483,12 @@ dependencies = [
  "ra_ap_hir_expand",
  "ra_ap_intern",
  "ra_ap_mbe",
- "ra_ap_query-group-macro",
  "ra_ap_span",
  "ra_ap_stdx",
  "ra_ap_syntax",
  "ra_ap_tt",
  "rustc-hash 2.1.1",
  "rustc_apfloat",
- "salsa",
  "smallvec",
  "text-size",
  "tracing",
@@ -1576,9 +1497,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_hir_expand"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "be57c0d7e3f2180dd8ea584b11447f34060eadc06f0f6d559e2a790f6e91b6c5"
+checksum = "1823b649710bf1829c894f774dfe66acb33a3e5bc7409ff7836cd19f6e09c250"
 dependencies = [
  "cov-mark",
  "either",
@@ -1590,14 +1511,12 @@ dependencies = [
  "ra_ap_intern",
  "ra_ap_mbe",
  "ra_ap_parser",
- "ra_ap_query-group-macro",
  "ra_ap_span",
  "ra_ap_stdx",
  "ra_ap_syntax",
  "ra_ap_syntax-bridge",
  "ra_ap_tt",
  "rustc-hash 2.1.1",
- "salsa",
  "smallvec",
  "tracing",
  "triomphe",
@@ -1605,9 +1524,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_hir_ty"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f260f35748f3035b46a8afcdebda7cb75d95c24750105fad86101d09a9d387c8"
+checksum = "72a591a02787bd2e938c25fceb1f831d0929b9c08726e6d831f85c4a9fba04b5"
 dependencies = [
  "arrayvec",
  "bitflags 2.8.0",
@@ -1616,7 +1535,6 @@ dependencies = [
  "chalk-recursive",
  "chalk-solve",
  "cov-mark",
- "dashmap 5.5.3",
  "either",
  "ena",
  "indexmap 2.7.0",
@@ -1625,19 +1543,18 @@ dependencies = [
  "nohash-hasher",
  "oorandom",
  "ra-ap-rustc_abi",
+ "ra-ap-rustc_hashes",
  "ra-ap-rustc_index",
  "ra-ap-rustc_pattern_analysis",
  "ra_ap_base_db",
  "ra_ap_hir_def",
  "ra_ap_hir_expand",
  "ra_ap_intern",
- "ra_ap_query-group-macro",
  "ra_ap_span",
  "ra_ap_stdx",
  "ra_ap_syntax",
  "rustc-hash 2.1.1",
  "rustc_apfloat",
- "salsa",
  "scoped-tls",
  "smallvec",
  "tracing",
@@ -1647,15 +1564,14 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_ide_db"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0426263be26e27cb55a3b9ef88b120511b66fe7d9b418a2473d6d5f3ac2fe0a6"
+checksum = "c74386061453edc3ebfd52141c7c3cde109a7427faff9792a303c3c09a762a01"
 dependencies = [
  "arrayvec",
  "bitflags 2.8.0",
  "cov-mark",
  "crossbeam-channel",
- "dashmap 5.5.3",
  "either",
  "fst",
  "indexmap 2.7.0",
@@ -1667,25 +1583,22 @@ dependencies = [
  "ra_ap_hir",
  "ra_ap_parser",
  "ra_ap_profile",
- "ra_ap_query-group-macro",
  "ra_ap_span",
  "ra_ap_stdx",
  "ra_ap_syntax",
- "ra_ap_vfs",
  "rayon",
  "rustc-hash 2.1.1",
- "salsa",
  "tracing",
  "triomphe",
 ]
 
 [[package]]
 name = "ra_ap_intern"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6ea8c9615b3b0688cf557e7310dbd9432f43860c8ea766d54f4416cbecf3571"
+checksum = "8239ffde688b558a4335f03d14fa42dcebb203f452367830554b18e17ff1c683"
 dependencies = [
- "dashmap 5.5.3",
+ "dashmap",
  "hashbrown 0.14.5",
  "rustc-hash 2.1.1",
  "triomphe",
@@ -1693,9 +1606,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_load-cargo"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "570907e16725c13a678bfd8050ce8839af2831da042a0878b75ee8c41b0f7b0c"
+checksum = "01dd50ca287042b06ca3cc62b60e6891bacee3886d39381d26f9f966e509b1c7"
 dependencies = [
  "anyhow",
  "crossbeam-channel",
@@ -1715,9 +1628,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_mbe"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e893fe03b04b30c9b5a339ac2bf39ce32ac9c05a8b50121b7d89ce658346e164"
+checksum = "c193592a0d1dcd315cf8c60f25d37a15c6b50c2b58bfbc6eac38b123e45c8c21"
 dependencies = [
  "arrayvec",
  "cov-mark",
@@ -1736,9 +1649,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_parser"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6fd9a264120968b14a66b6ba756cd7f99435385b5dbc2f0a611cf3a12221c385"
+checksum = "b380f96951dd56b8231eeb47884fea12c57b8515ac748eedd590b26cd156681c"
 dependencies = [
  "drop_bomb",
  "ra-ap-rustc_lexer",
@@ -1748,18 +1661,18 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_paths"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f47817351651e36b56ff3afc483b41600053c9cb7e67d945467c0abe93416032"
+checksum = "0801105582f532bc59a2b5714a30966c4cf9bd3e5b66f4161763c1d974d2c7d5"
 dependencies = [
  "camino",
 ]
 
 [[package]]
 name = "ra_ap_proc_macro_api"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d96da3b8b9f6b813a98f5357eef303905450741f47ba90adaab8a5371b748416"
+checksum = "da377b243e376b82819f875c1c6624125d27b682a740bd4cafc30b4f496d0ffa"
 dependencies = [
  "indexmap 2.7.0",
  "ra_ap_intern",
@@ -1776,9 +1689,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_profile"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "13637377287c84f88a628e40229d271ef0081c0d683956bd99a6c8278a4f8b14"
+checksum = "4d6d1391bee4f86e56385438a2dcb739cbb96bd0fbf49799a492332d57e6db62"
 dependencies = [
  "cfg-if",
  "libc",
@@ -1788,9 +1701,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_project_model"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "053c5207a638fc7a752c7a454bc952b28b0d02f0bf9f6d7ec785ec809579d8fa"
+checksum = "e8b1ac2712d5f6a20197b360890031e64b4ea097b511f50e2cb8ab1a0e24f577"
 dependencies = [
  "anyhow",
  "cargo_metadata",
@@ -1813,54 +1726,71 @@ dependencies = [
 ]
 
 [[package]]
-name = "ra_ap_query-group-macro"
-version = "0.0.270"
+name = "ra_ap_salsa"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0f1a38f07b442e47a234cbe2e8fd1b8a41ff0cc5123cb1cf994c5ce20edb5bd6"
+checksum = "bc3a0a272f50e2ab831452bd3f4e7f8a571ccf01282d76f4a078f661135ed0ce"
 dependencies = [
- "heck",
+ "indexmap 2.7.0",
+ "itertools 0.12.1",
+ "lock_api",
+ "oorandom",
+ "parking_lot",
+ "ra_ap_salsa-macros",
+ "rustc-hash 2.1.1",
+ "smallvec",
+ "tracing",
+ "triomphe",
+]
+
+[[package]]
+name = "ra_ap_salsa-macros"
+version = "0.0.266"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d5d59b47a54fd5468ce0dc03b146afd0932ae0f3d05a5c15ca78d29d5e85bc31"
+dependencies = [
+ "heck 0.4.1",
  "proc-macro2",
  "quote",
- "salsa",
  "syn",
 ]
 
 [[package]]
 name = "ra_ap_span"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8818680c6f7da3b32cb2bb0992940b24264b1aa90203aa94812e09ab34d362d1"
+checksum = "f10dbdd611d2546be7c400934007865e85bb37570566c715edb3aac76367a782"
 dependencies = [
  "hashbrown 0.14.5",
  "la-arena",
+ "ra_ap_salsa",
  "ra_ap_stdx",
  "ra_ap_syntax",
  "ra_ap_vfs",
  "rustc-hash 2.1.1",
- "salsa",
  "text-size",
 ]
 
 [[package]]
 name = "ra_ap_stdx"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f1c10bee1b03fc48083862c13cf06bd3ed17760463ecce2734103a2f511e5ed4"
+checksum = "b7d5c58fcda9b35d61e23f334b2b11221abf53e7f5e4344fc7eb1de18b2cbf68"
 dependencies = [
+ "always-assert",
  "crossbeam-channel",
  "itertools 0.12.1",
  "jod-thread",
  "libc",
  "miow",
- "tracing",
  "windows-sys 0.59.0",
 ]
 
 [[package]]
 name = "ra_ap_syntax"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "92bc32f3946fc5fcbdc79e61b7e26a8c2a3a56f3ef6ab27c7d298a9e21a462f2"
+checksum = "75334f45a8095223823ef1d2789c085460b7b9368c63a6430d46f6f2b9bd5cb5"
 dependencies = [
  "cov-mark",
  "either",
@@ -1878,9 +1808,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_syntax-bridge"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a42052c44c98c122c37aac476260c8f19d8fec495edc9c05835307c9ae86194d"
+checksum = "b331a50f90ae587d230b1b55b3852ebf67ab740dec33c1a4b0900005037e77c2"
 dependencies = [
  "ra_ap_intern",
  "ra_ap_parser",
@@ -1894,9 +1824,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_toolchain"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "75996e70b3a0c68cd5157ba01f018964c7c6a5d7b209047d449b393139d0b57f"
+checksum = "8d56e1b3a34eac0448e54afccf63a6b7699ef14a734b2f1b340246ccdd00c0d3"
 dependencies = [
  "camino",
  "home",
@@ -1904,9 +1834,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_tt"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0e4ee31e93bfabe83e6720b7469db88d7ad7ec5c59a1f011efec4aa1327ffc5c"
+checksum = "4b974b1211e0b1e17e44b1f256ca1b4a3734d4d98f43ba09ee0a8476fc3a5b83"
 dependencies = [
  "arrayvec",
  "ra-ap-rustc_lexer",
@@ -1917,9 +1847,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_vfs"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6aac1e277ac70bb073f40f8a3fc44e4b1bb9e4d4b1d0e0bd2f8269543560f80"
+checksum = "2b004e20f901dae213cb1673111a2b56fec4f0d1c4c894b62668a0f69ce25065"
 dependencies = [
  "crossbeam-channel",
  "fst",
@@ -1933,9 +1863,9 @@ dependencies = [
 
 [[package]]
 name = "ra_ap_vfs-notify"
-version = "0.0.270"
+version = "0.0.266"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cd95285146049621ee8f7a512c982a008bf036321fcc9b01a95c1ad7e6aeae57"
+checksum = "95f9e8df03407d76e044f99ef45fafd686d775508aa7d1ba836e9eca58b833a3"
 dependencies = [
  "crossbeam-channel",
  "notify",
@@ -2100,59 +2030,12 @@ dependencies = [
  "smallvec",
 ]
 
-[[package]]
-name = "rustversion"
-version = "1.0.20"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2"
-
 [[package]]
 name = "ryu"
 version = "1.0.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6ea1a2d0a644769cc99faa24c3ad26b379b786fe7c36fd3c546254801650e6dd"
 
-[[package]]
-name = "salsa"
-version = "0.19.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dd55c6549513b2a42884dae31e3d4f4ac8a6cc51062e68e24d162133889f327c"
-dependencies = [
- "boxcar",
- "crossbeam-queue",
- "dashmap 6.1.0",
- "hashbrown 0.15.2",
- "hashlink",
- "indexmap 2.7.0",
- "parking_lot",
- "portable-atomic",
- "rayon",
- "rustc-hash 2.1.1",
- "salsa-macro-rules",
- "salsa-macros",
- "smallvec",
- "tracing",
-]
-
-[[package]]
-name = "salsa-macro-rules"
-version = "0.19.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2619b4b451beab0a7e4364ff1e6f31950e7e418888fd9bf2f28889671563166a"
-
-[[package]]
-name = "salsa-macros"
-version = "0.19.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4be57a99b3896e8d26850428a6874fb86849e2db874e1db3528e5cee4337d277"
-dependencies = [
- "heck",
- "proc-macro2",
- "quote",
- "syn",
- "synstructure",
-]
-
 [[package]]
 name = "same-file"
 version = "1.0.6"
@@ -2185,18 +2068,18 @@ dependencies = [
 
 [[package]]
 name = "serde"
-version = "1.0.219"
+version = "1.0.218"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6"
+checksum = "e8dfc9d19bdbf6d17e22319da49161d5d0108e4188e8b680aef6299eed22df60"
 dependencies = [
  "serde_derive",
 ]
 
 [[package]]
 name = "serde_derive"
-version = "1.0.219"
+version = "1.0.218"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00"
+checksum = "f09503e191f4e797cb8aac08e9a4a4695c5edf6a2e70e376d961ddd5c969f82b"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -2205,9 +2088,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.140"
+version = "1.0.139"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373"
+checksum = "44f86c3acccc9c65b153fe1b85a3be07fe5515274ec9f0653b4a0875731c72a6"
 dependencies = [
  "itoa",
  "memchr",
@@ -2318,9 +2201,9 @@ checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
 
 [[package]]
 name = "syn"
-version = "2.0.100"
+version = "2.0.98"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0"
+checksum = "36147f1a48ae0ec2b5b3bc5b537d267457555a10dc06f3dbc8cb11ba3006d3b1"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -2753,16 +2636,6 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
 
-[[package]]
-name = "windows"
-version = "0.58.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dd04d41d93c4992d421894c18c8b43496aa748dd4c081bac0dc93eb0489272b6"
-dependencies = [
- "windows-core 0.58.0",
- "windows-targets 0.52.6",
-]
-
 [[package]]
 name = "windows-core"
 version = "0.52.0"
@@ -2772,66 +2645,6 @@ dependencies = [
  "windows-targets 0.52.6",
 ]
 
-[[package]]
-name = "windows-core"
-version = "0.58.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6ba6d44ec8c2591c134257ce647b7ea6b20335bf6379a27dac5f1641fcf59f99"
-dependencies = [
- "windows-implement",
- "windows-interface",
- "windows-result",
- "windows-strings",
- "windows-targets 0.52.6",
-]
-
-[[package]]
-name = "windows-implement"
-version = "0.58.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2bbd5b46c938e506ecbce286b6628a02171d56153ba733b6c741fc627ec9579b"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn",
-]
-
-[[package]]
-name = "windows-interface"
-version = "0.58.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "053c4c462dc91d3b1504c6fe5a726dd15e216ba718e84a0e46a88fbe5ded3515"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn",
-]
-
-[[package]]
-name = "windows-link"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38"
-
-[[package]]
-name = "windows-result"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1d1043d8214f791817bab27572aaa8af63732e11bf84aa21a45a78d6c317ae0e"
-dependencies = [
- "windows-targets 0.52.6",
-]
-
-[[package]]
-name = "windows-strings"
-version = "0.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4cd9b125c486025df0eabcb585e62173c6c9eddcec5d117d3b6e8c30e2ee4d10"
-dependencies = [
- "windows-result",
- "windows-targets 0.52.6",
-]
-
 [[package]]
 name = "windows-sys"
 version = "0.48.0"

MODULE.bazel

@@ -71,13 +71,13 @@ use_repo(
 tree_sitter_extractors_deps = use_extension("//misc/bazel/3rdparty:tree_sitter_extractors_extension.bzl", "r")
 use_repo(
     tree_sitter_extractors_deps,
-    "vendor_ts__anyhow-1.0.97",
+    "vendor_ts__anyhow-1.0.96",
     "vendor_ts__argfile-0.2.1",
-    "vendor_ts__chalk-ir-0.100.0",
-    "vendor_ts__chrono-0.4.40",
-    "vendor_ts__clap-4.5.32",
+    "vendor_ts__chalk-ir-0.99.0",
+    "vendor_ts__chrono-0.4.39",
+    "vendor_ts__clap-4.5.31",
     "vendor_ts__dunce-1.0.5",
-    "vendor_ts__either-1.15.0",
+    "vendor_ts__either-1.14.0",
     "vendor_ts__encoding-0.2.33",
     "vendor_ts__figment-0.10.19",
     "vendor_ts__flate2-1.1.0",
@@ -88,31 +88,31 @@ use_repo(
     "vendor_ts__mustache-0.9.0",
     "vendor_ts__num-traits-0.2.19",
     "vendor_ts__num_cpus-1.16.0",
-    "vendor_ts__proc-macro2-1.0.94",
-    "vendor_ts__quote-1.0.40",
-    "vendor_ts__ra_ap_base_db-0.0.270",
-    "vendor_ts__ra_ap_cfg-0.0.270",
-    "vendor_ts__ra_ap_hir-0.0.270",
-    "vendor_ts__ra_ap_hir_def-0.0.270",
-    "vendor_ts__ra_ap_hir_expand-0.0.270",
-    "vendor_ts__ra_ap_hir_ty-0.0.270",
-    "vendor_ts__ra_ap_ide_db-0.0.270",
-    "vendor_ts__ra_ap_intern-0.0.270",
-    "vendor_ts__ra_ap_load-cargo-0.0.270",
-    "vendor_ts__ra_ap_parser-0.0.270",
-    "vendor_ts__ra_ap_paths-0.0.270",
-    "vendor_ts__ra_ap_project_model-0.0.270",
-    "vendor_ts__ra_ap_span-0.0.270",
-    "vendor_ts__ra_ap_stdx-0.0.270",
-    "vendor_ts__ra_ap_syntax-0.0.270",
-    "vendor_ts__ra_ap_vfs-0.0.270",
+    "vendor_ts__proc-macro2-1.0.93",
+    "vendor_ts__quote-1.0.38",
+    "vendor_ts__ra_ap_base_db-0.0.266",
+    "vendor_ts__ra_ap_cfg-0.0.266",
+    "vendor_ts__ra_ap_hir-0.0.266",
+    "vendor_ts__ra_ap_hir_def-0.0.266",
+    "vendor_ts__ra_ap_hir_expand-0.0.266",
+    "vendor_ts__ra_ap_hir_ty-0.0.266",
+    "vendor_ts__ra_ap_ide_db-0.0.266",
+    "vendor_ts__ra_ap_intern-0.0.266",
+    "vendor_ts__ra_ap_load-cargo-0.0.266",
+    "vendor_ts__ra_ap_parser-0.0.266",
+    "vendor_ts__ra_ap_paths-0.0.266",
+    "vendor_ts__ra_ap_project_model-0.0.266",
+    "vendor_ts__ra_ap_span-0.0.266",
+    "vendor_ts__ra_ap_stdx-0.0.266",
+    "vendor_ts__ra_ap_syntax-0.0.266",
+    "vendor_ts__ra_ap_vfs-0.0.266",
     "vendor_ts__rand-0.9.0",
     "vendor_ts__rayon-1.10.0",
     "vendor_ts__regex-1.11.1",
-    "vendor_ts__serde-1.0.219",
-    "vendor_ts__serde_json-1.0.140",
+    "vendor_ts__serde-1.0.218",
+    "vendor_ts__serde_json-1.0.139",
     "vendor_ts__serde_with-3.12.0",
-    "vendor_ts__syn-2.0.100",
+    "vendor_ts__syn-2.0.98",
     "vendor_ts__toml-0.8.20",
     "vendor_ts__tracing-0.1.41",
     "vendor_ts__tracing-flame-0.2.0",
@@ -155,7 +155,7 @@ use_repo(csharp_main_extension, "paket.main")
 pip = use_extension("@rules_python//python/extensions:pip.bzl", "pip")
 pip.parse(
     hub_name = "codegen_deps",
-    python_version = "3.12",
+    python_version = "3.11",
     requirements_lock = "//misc/codegen:requirements_lock.txt",
 )
 use_repo(pip, "codegen_deps")

actions/ql/lib/CHANGELOG.md

@@ -1,10 +1,3 @@
-## 0.4.6
-
-### Bug Fixes
-
-* The query `actions/code-injection/medium` now produces alerts for injection
-  vulnerabilities on `pull_request` events.
-
 ## 0.4.5
 
 No user-facing changes.

actions/ql/lib/change-notes/released/0.4.6.md

@@ -1,6 +0,0 @@
-## 0.4.6
-
-### Bug Fixes
-
-* The query `actions/code-injection/medium` now produces alerts for injection
-  vulnerabilities on `pull_request` events.

actions/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.6
+lastReleaseVersion: 0.4.5

actions/ql/lib/ext/config/context_event_map.yml

@@ -30,9 +30,6 @@ extensions:
       - ["pull_request_review_comment", "github.event.review"] 
       - ["pull_request_review_comment", "github.head_ref"] 
       - ["pull_request_review_comment", "github.event.changes"] 
-      - ["pull_request", "github.event.pull_request"] 
-      - ["pull_request", "github.head_ref"] 
-      - ["pull_request", "github.event.changes"] 
       - ["pull_request_target", "github.event.pull_request"] 
       - ["pull_request_target", "github.head_ref"] 
       - ["pull_request_target", "github.event.changes"] 

actions/ql/lib/ext/config/externally_triggereable_events.yml

@@ -12,7 +12,6 @@ extensions:
       - ["pull_request_comment"]
       - ["pull_request_review"]
       - ["pull_request_review_comment"]
-      - ["pull_request"]
       - ["pull_request_target"]
       - ["workflow_run"] # depending on branch filter
       - ["workflow_call"] # depending on caller

actions/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.6
+version: 0.4.6-dev
 library: true
 warnOnImplicitThis: true
 dependencies:

actions/ql/src/CHANGELOG.md

@@ -1,11 +1,3 @@
-## 0.5.3
-
-### Bug Fixes
-
-* Fixed typos in the query and alert titles for the queries
-  `actions/envpath-injection/critical`, `actions/envpath-injection/medium`,
-  `actions/envvar-injection/critical`, and `actions/envvar-injection/medium`.
-
 ## 0.5.2
 
 No user-facing changes.
@@ -15,10 +7,9 @@ No user-facing changes.
 ### Bug Fixes
 
 * The `actions/unversioned-immutable-action` query will no longer report any alerts, since the
-  Immutable Actions feature is not yet available for customer use. The query has also been moved
-  to the experimental folder and will not be used in code scanning unless it is explicitly added
-  to a code scanning configuration. Once the Immutable Actions feature is available, the query will
-  be updated to report alerts again.
+  Immutable Actions feature is not yet available for customer use. The query remains in the
+  default Code Scanning suites for use internal to GitHub. Once the Immutable Actions feature is
+  available, the query will be updated to report alerts again.
 
 ## 0.5.0
 

actions/ql/src/change-notes/2025-03-13-environment-query-names.md

@@ -1,7 +1,6 @@
-## 0.5.3
-
-### Bug Fixes
-
+---
+category: fix
+---
 * Fixed typos in the query and alert titles for the queries
   `actions/envpath-injection/critical`, `actions/envpath-injection/medium`,
-  `actions/envvar-injection/critical`, and `actions/envvar-injection/medium`.
+  `actions/envvar-injection/critical`, and `actions/envvar-injection/medium`.

actions/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.5.3
+lastReleaseVersion: 0.5.2

actions/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.5.3
+version: 0.5.3-dev
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]

actions/ql/test/query-tests/Security/CWE-094/CodeInjectionCritical.expected

@@ -400,7 +400,6 @@ nodes
 | .github/workflows/level0.yml:44:20:44:49 | github.event.issue.body | semmle.label | github.event.issue.body |
 | .github/workflows/level0.yml:69:35:69:66 | github.event.comment.body | semmle.label | github.event.comment.body |
 | .github/workflows/level1.yml:37:38:37:81 | github.event.workflow_run.head_branch | semmle.label | github.event.workflow_run.head_branch |
-| .github/workflows/priv_pull_request.yml:14:21:14:57 | github.event.pull_request.body | semmle.label | github.event.pull_request.body |
 | .github/workflows/pull_request_review.yml:7:19:7:56 | github.event.pull_request.title | semmle.label | github.event.pull_request.title |
 | .github/workflows/pull_request_review.yml:8:19:8:55 | github.event.pull_request.body | semmle.label | github.event.pull_request.body |
 | .github/workflows/pull_request_review.yml:9:19:9:61 | github.event.pull_request.head.label | semmle.label | github.event.pull_request.head.label |
@@ -630,7 +629,6 @@ nodes
 | .github/workflows/test19.yml:124:9:129:6 | Run Step: title3 [title] | semmle.label | Run Step: title3 [title] |
 | .github/workflows/test19.yml:125:14:128:50 | TITLE=$(gh issue view "$ISSUE_NUMBER" --json title,author)\nTITLE=$(echo $TITLE \| jq -r '.title')\necho "title=$TITLE" >> "$GITHUB_OUTPUT"\n | semmle.label | TITLE=$(gh issue view "$ISSUE_NUMBER" --json title,author)\nTITLE=$(echo $TITLE \| jq -r '.title')\necho "title=$TITLE" >> "$GITHUB_OUTPUT"\n |
 | .github/workflows/test19.yml:129:21:129:52 | steps.title3.outputs.title | semmle.label | steps.title3.outputs.title |
-| .github/workflows/test20.yml:15:54:15:94 | github.event.pull_request.head.ref | semmle.label | github.event.pull_request.head.ref |
 | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |
 | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |
 | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |

actions/ql/test/query-tests/Security/CWE-094/CodeInjectionMedium.expected

@@ -400,7 +400,6 @@ nodes
 | .github/workflows/level0.yml:44:20:44:49 | github.event.issue.body | semmle.label | github.event.issue.body |
 | .github/workflows/level0.yml:69:35:69:66 | github.event.comment.body | semmle.label | github.event.comment.body |
 | .github/workflows/level1.yml:37:38:37:81 | github.event.workflow_run.head_branch | semmle.label | github.event.workflow_run.head_branch |
-| .github/workflows/priv_pull_request.yml:14:21:14:57 | github.event.pull_request.body | semmle.label | github.event.pull_request.body |
 | .github/workflows/pull_request_review.yml:7:19:7:56 | github.event.pull_request.title | semmle.label | github.event.pull_request.title |
 | .github/workflows/pull_request_review.yml:8:19:8:55 | github.event.pull_request.body | semmle.label | github.event.pull_request.body |
 | .github/workflows/pull_request_review.yml:9:19:9:61 | github.event.pull_request.head.label | semmle.label | github.event.pull_request.head.label |
@@ -630,7 +629,6 @@ nodes
 | .github/workflows/test19.yml:124:9:129:6 | Run Step: title3 [title] | semmle.label | Run Step: title3 [title] |
 | .github/workflows/test19.yml:125:14:128:50 | TITLE=$(gh issue view "$ISSUE_NUMBER" --json title,author)\nTITLE=$(echo $TITLE \| jq -r '.title')\necho "title=$TITLE" >> "$GITHUB_OUTPUT"\n | semmle.label | TITLE=$(gh issue view "$ISSUE_NUMBER" --json title,author)\nTITLE=$(echo $TITLE \| jq -r '.title')\necho "title=$TITLE" >> "$GITHUB_OUTPUT"\n |
 | .github/workflows/test19.yml:129:21:129:52 | steps.title3.outputs.title | semmle.label | steps.title3.outputs.title |
-| .github/workflows/test20.yml:15:54:15:94 | github.event.pull_request.head.ref | semmle.label | github.event.pull_request.head.ref |
 | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |
 | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |
 | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |
@@ -708,7 +706,6 @@ subpaths
 | .github/workflows/inter-job2.yml:45:20:45:53 | needs.job1.outputs.job_output | .github/workflows/inter-job2.yml:22:9:26:6 | Uses Step: source | .github/workflows/inter-job2.yml:45:20:45:53 | needs.job1.outputs.job_output | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/inter-job2.yml:45:20:45:53 | needs.job1.outputs.job_output | ${{needs.job1.outputs.job_output}} |
 | .github/workflows/inter-job4.yml:44:20:44:53 | needs.job1.outputs.job_output | .github/workflows/inter-job4.yml:22:9:26:6 | Uses Step: source | .github/workflows/inter-job4.yml:44:20:44:53 | needs.job1.outputs.job_output | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/inter-job4.yml:44:20:44:53 | needs.job1.outputs.job_output | ${{needs.job1.outputs.job_output}} |
 | .github/workflows/inter-job5.yml:45:20:45:53 | needs.job1.outputs.job_output | .github/workflows/inter-job5.yml:45:20:45:53 | needs.job1.outputs.job_output | .github/workflows/inter-job5.yml:45:20:45:53 | needs.job1.outputs.job_output | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/inter-job5.yml:45:20:45:53 | needs.job1.outputs.job_output | ${{needs.job1.outputs.job_output}} |
-| .github/workflows/priv_pull_request.yml:14:21:14:57 | github.event.pull_request.body | .github/workflows/priv_pull_request.yml:14:21:14:57 | github.event.pull_request.body | .github/workflows/priv_pull_request.yml:14:21:14:57 | github.event.pull_request.body | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/priv_pull_request.yml:14:21:14:57 | github.event.pull_request.body | ${{ github.event.pull_request.body }} |
 | .github/workflows/push.yml:7:19:7:57 | github.event.commits[11].message | .github/workflows/push.yml:7:19:7:57 | github.event.commits[11].message | .github/workflows/push.yml:7:19:7:57 | github.event.commits[11].message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push.yml:7:19:7:57 | github.event.commits[11].message | ${{ github.event.commits[11].message }} |
 | .github/workflows/push.yml:8:19:8:62 | github.event.commits[11].author.email | .github/workflows/push.yml:8:19:8:62 | github.event.commits[11].author.email | .github/workflows/push.yml:8:19:8:62 | github.event.commits[11].author.email | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push.yml:8:19:8:62 | github.event.commits[11].author.email | ${{ github.event.commits[11].author.email }} |
 | .github/workflows/push.yml:9:19:9:61 | github.event.commits[11].author.name | .github/workflows/push.yml:9:19:9:61 | github.event.commits[11].author.name | .github/workflows/push.yml:9:19:9:61 | github.event.commits[11].author.name | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push.yml:9:19:9:61 | github.event.commits[11].author.name | ${{ github.event.commits[11].author.name }} |

cpp/ql/lib/CHANGELOG.md

@@ -1,9 +1,3 @@
-## 4.1.0
-
-### New Features
-
-* Added `Node.asUncertainDefinition` and `Node.asCertainDefinition` to the `DataFlow::Node` class for querying whether a definition overwrites the entire destination buffer.
-
 ## 4.0.3
 
 No user-facing changes.

cpp/ql/lib/change-notes/2025-03-13-ascertaindef.md

@@ -1,5 +1,4 @@
-## 4.1.0
-
-### New Features
-
-* Added `Node.asUncertainDefinition` and `Node.asCertainDefinition` to the `DataFlow::Node` class for querying whether a definition overwrites the entire destination buffer.
+---
+category: feature
+---
+* Added `Node.asUncertainDefinition` and `Node.asCertainDefinition` to the `DataFlow::Node` class for querying whether a definition overwrites the entire destination buffer.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 4.1.0
+lastReleaseVersion: 4.0.3

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 4.1.0
+version: 4.0.4-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll

@@ -956,6 +956,8 @@ class GlobalDef extends Definition {
 private module SsaImpl = SsaImplCommon::Make<Location, SsaInput>;
 
 private module DataFlowIntegrationInput implements SsaImpl::DataFlowIntegrationInputSig {
+  private import codeql.util.Void
+
   class Expr extends Instruction {
     Expr() {
       exists(IRBlock bb, int i |
@@ -975,7 +977,13 @@ private module DataFlowIntegrationInput implements SsaImpl::DataFlowIntegrationI
     )
   }
 
-  predicate ssaDefHasSource(SsaImpl::WriteDefinition def) { none() }
+  predicate ssaDefAssigns(SsaImpl::WriteDefinition def, Expr value) { none() }
+
+  class Parameter extends Void {
+    Location getLocation() { none() }
+  }
+
+  predicate ssaDefInitializesParam(SsaImpl::WriteDefinition def, Parameter p) { none() }
 
   predicate allowFlowIntoUncertainDef(SsaImpl::UncertainWriteDefinition def) { any() }
 
@@ -999,11 +1007,9 @@ private module DataFlowIntegrationInput implements SsaImpl::DataFlowIntegrationI
     }
   }
 
-  predicate guardDirectlyControlsBlock(Guard guard, SsaInput::BasicBlock bb, boolean branch) {
+  predicate guardControlsBlock(Guard guard, SsaInput::BasicBlock bb, boolean branch) {
     guard.(IRGuards::IRGuardCondition).controls(bb, branch)
   }
-
-  predicate keepAllPhiInputBackEdges() { any() }
 }
 
 private module DataFlowIntegrationImpl = SsaImpl::DataFlowIntegration<DataFlowIntegrationInput>;

cpp/ql/src/CHANGELOG.md

@@ -1,10 +1,3 @@
-## 1.3.7
-
-### Minor Analysis Improvements
-
-* Fixed a bug in the models for Microsoft's Active Template Library (ATL).
-* The query "Use of basic integral type" (`cpp/jpl-c/basic-int-types`) no longer produces alerts for the standard fixed width integer types (`int8_t`, `uint8_t`, etc.), and the `_Bool` and `bool` types.
-
 ## 1.3.6
 
 No user-facing changes.

cpp/ql/src/Diagnostics/ExtractionWarnings.ql

@@ -14,5 +14,5 @@ where
   or
   warning instanceof ExtractionUnknownProblem
 select warning,
-  "Extraction failed in " + warning.getFile() + " with warning " +
-    warning.getProblemMessage().replaceAll("$", "$$"), warning.getSeverity()
+  "Extraction failed in " + warning.getFile() + " with warning " + warning.getProblemMessage(),
+  warning.getSeverity()

cpp/ql/src/Diagnostics/Internal/ExtractionErrors.ql

@@ -17,6 +17,5 @@ from ExtractionError error
 where
   error instanceof ExtractionUnknownError or
   exists(error.getFile().getRelativePath())
-select error,
-  "Extraction failed in " + error.getFile() + " with error " +
-    error.getErrorMessage().replaceAll("$", "$$"), error.getSeverity()
+select error, "Extraction failed in " + error.getFile() + " with error " + error.getErrorMessage(),
+  error.getSeverity()

cpp/ql/src/change-notes/2025-03-11-basic-int-types.md

@@ -1,6 +1,4 @@
-## 1.3.7
-
-### Minor Analysis Improvements
-
-* Fixed a bug in the models for Microsoft's Active Template Library (ATL).
-* The query "Use of basic integral type" (`cpp/jpl-c/basic-int-types`) no longer produces alerts for the standard fixed width integer types (`int8_t`, `uint8_t`, etc.), and the `_Bool` and `bool` types.
+---
+category: minorAnalysis
+---
+* The query "Use of basic integral type" (`cpp/jpl-c/basic-int-types`) no longer produces alerts for the standard fixed width integer types (`int8_t`, `uint8_t`, etc.), and the `_Bool` and `bool` types.

cpp/ql/src/change-notes/2025-03-14-mad-atl-fix.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Fixed a bug in the models for Microsoft's Active Template Library (ATL).

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.3.7
+lastReleaseVersion: 1.3.6

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.3.7
+version: 1.3.7-dev
 groups:
   - cpp
   - queries
@@ -11,3 +11,4 @@ suites: codeql-suites
 extractor: cpp
 defaultSuiteFile: codeql-suites/cpp-code-scanning.qls
 warnOnImplicitThis: true
+compileForOverlayEval: true

cpp/ql/test/library-tests/dataflow/dataflow-tests/localFlow-ir.expected

@@ -68,23 +68,31 @@
 | test.cpp:10:8:10:9 | t2 | test.cpp:11:7:11:8 | [input] SSA phi read(t2) |
 | test.cpp:10:8:10:9 | t2 | test.cpp:11:7:11:8 | [input] SSA phi(*t2) |
 | test.cpp:10:8:10:9 | t2 | test.cpp:13:10:13:11 | t2 |
-| test.cpp:11:7:11:8 | [input] SSA phi read(t2) | test.cpp:15:8:15:9 | t2 |
-| test.cpp:11:7:11:8 | [input] SSA phi(*t2) | test.cpp:15:8:15:9 | t2 |
+| test.cpp:11:7:11:8 | [input] SSA phi read(t2) | test.cpp:15:3:15:6 | SSA phi read(t2) |
+| test.cpp:11:7:11:8 | [input] SSA phi(*t2) | test.cpp:15:3:15:6 | SSA phi(*t2) |
 | test.cpp:11:7:11:8 | t1 | test.cpp:21:8:21:9 | t1 |
 | test.cpp:12:5:12:10 | ... = ... | test.cpp:13:10:13:11 | t2 |
 | test.cpp:12:10:12:10 | 0 | test.cpp:12:5:12:10 | ... = ... |
-| test.cpp:13:10:13:11 | t2 | test.cpp:15:8:15:9 | t2 |
-| test.cpp:13:10:13:11 | t2 | test.cpp:15:8:15:9 | t2 |
+| test.cpp:13:5:13:8 | [input] SSA phi read(t2) | test.cpp:15:3:15:6 | SSA phi read(t2) |
+| test.cpp:13:5:13:8 | [input] SSA phi(*t2) | test.cpp:15:3:15:6 | SSA phi(*t2) |
+| test.cpp:13:10:13:11 | t2 | test.cpp:13:5:13:8 | [input] SSA phi read(t2) |
+| test.cpp:13:10:13:11 | t2 | test.cpp:13:5:13:8 | [input] SSA phi(*t2) |
+| test.cpp:15:3:15:6 | SSA phi read(t2) | test.cpp:15:8:15:9 | t2 |
+| test.cpp:15:3:15:6 | SSA phi(*t2) | test.cpp:15:8:15:9 | t2 |
 | test.cpp:15:8:15:9 | t2 | test.cpp:23:15:23:16 | [input] SSA phi read(*t2) |
 | test.cpp:15:8:15:9 | t2 | test.cpp:23:15:23:16 | [input] SSA phi read(t2) |
 | test.cpp:17:3:17:8 | ... = ... | test.cpp:21:8:21:9 | t1 |
 | test.cpp:17:8:17:8 | 0 | test.cpp:17:3:17:8 | ... = ... |
-| test.cpp:21:8:21:9 | t1 | test.cpp:23:19:23:19 | SSA phi read(t1) |
-| test.cpp:21:8:21:9 | t1 | test.cpp:23:19:23:19 | SSA phi(*t1) |
+| test.cpp:21:8:21:9 | t1 | test.cpp:23:15:23:16 | [input] SSA phi read(t1) |
+| test.cpp:21:8:21:9 | t1 | test.cpp:23:15:23:16 | [input] SSA phi(*t1) |
 | test.cpp:23:15:23:16 | 0 | test.cpp:23:15:23:16 | 0 |
-| test.cpp:23:15:23:16 | 0 | test.cpp:23:19:23:19 | SSA phi(*i) |
+| test.cpp:23:15:23:16 | 0 | test.cpp:23:15:23:16 | [input] SSA phi(*i) |
 | test.cpp:23:15:23:16 | [input] SSA phi read(*t2) | test.cpp:23:19:23:19 | SSA phi read(*t2) |
+| test.cpp:23:15:23:16 | [input] SSA phi read(i) | test.cpp:23:19:23:19 | SSA phi read(i) |
+| test.cpp:23:15:23:16 | [input] SSA phi read(t1) | test.cpp:23:19:23:19 | SSA phi read(t1) |
 | test.cpp:23:15:23:16 | [input] SSA phi read(t2) | test.cpp:23:19:23:19 | SSA phi read(t2) |
+| test.cpp:23:15:23:16 | [input] SSA phi(*i) | test.cpp:23:19:23:19 | SSA phi(*i) |
+| test.cpp:23:15:23:16 | [input] SSA phi(*t1) | test.cpp:23:19:23:19 | SSA phi(*t1) |
 | test.cpp:23:19:23:19 | SSA phi read(*t2) | test.cpp:24:10:24:11 | t2 |
 | test.cpp:23:19:23:19 | SSA phi read(i) | test.cpp:23:19:23:19 | i |
 | test.cpp:23:19:23:19 | SSA phi read(t1) | test.cpp:23:23:23:24 | t1 |

cpp/ql/test/library-tests/preprocessor/preprocessor/pp.cpp

@@ -10,7 +10,7 @@
 // semmle-extractor-options: -I${testdir}/more_headers/ "-U SOME_SYM"
 #undef BAR
 #define SCARY(a,aa,aaah) /* we ignore a */ (aa /* but we take aa */) /* and we ignore aaa */
-#define LOG(fmt, ...)  printf("Warning: %s", fmt, __VA__ARGS__)
+#define LOG(fmt, ...)  printf("Warning: %s", fmt, __VA__ARGS__)  
 #include "pp.h"
 
 #if 0
@@ -59,7 +59,7 @@ public:
 	#else
 		#define IN_TEMPLATE
 	#endif
-
+	
 	static int val;
 };
 
@@ -71,128 +71,7 @@ templateClassContext<int> tcci;
 
 #define BAR
 
-#if defined(BAR) &&\
+#if defined(BAR) && \
   defined(BAR)
 #warning BAR defined
 #endif
-
-#if defined MACROTHREE/**hello*/ && /*world*/\
-/*hw*/ (defined(MACROONE)) /* macroone */
-#endif
-
-#if defined SIMPLE_COMMENT  //this comment \
-     (defined(SIMPLE_COMMENT)) spans over multiple lines
-#endif
-
-#if defined(FOO) &&\
-    defined(BAR)
-#define CONDITIONAL_MACRO_1 1
-#endif
-
-#if defined(FOO) && \
-    defined(BAR) && \
-    !defined(BAZ)
-#define CONDITIONAL_MACRO_2 2
-#endif
-
-#define FOO 8
-#define BAR 2
-#define BAZ 4
-#if ((FOO / BAR) \
-   == 4) && ((BAZ \
-   * QUX) \
-   > 10)
-#define CONDITIONAL_MACRO_3 3
-#endif
-
-// Testing \t spaced PreprocessorIf
-#if defined(FOO)	&&	\
-	defined(BAR)	&&	\
-	defined(BAZ)
-#define CONDITIONAL_MACRO_4 4
-#endif
-
-
-#if defined /* //test */ SIMPLE_COMMENT   //this comment \
-     (defined(SIMPLE_COMMENT)) spans over multiple lines
-#endif
-
-#warning foo \
-
-#warning foo \
-\
-/* a comment */
-
-#warning foo \
-\
-
-#warning foo \
-\
-// a comment
-
-
-#define FOO 8
-#define BAR 2
-#define BAZ 4
-#if ((FOO / BAR) \
-   == 4) && ((BAZ \
-    /** comment */ \
-   * QUX) \
-   /** comment */ \
-   > 10)
-#define CONDITIONAL_MACRO_3 3
-#endif
-
-#define X 1
-#define Y 2
-#if defined(X) && \
-    /*this is a comment*/ defined(Y) \
-    // another comment
-#endif
-
-#warning FOO\
-	 \
-	 \
-	 \
-BAR
-
-
-#warning foo \
-\
-/* comment */     \
-\
-
-
-#if/** */A/* ... */&&B
-#endif
-
-
-#if/** */  /**/    A
-#endif
-
-#if \
-\
-A && B
-#endif
-
-
-#ifdef /*
-
-
-
-*/ FOOBAR
-#warning a
-#else
-#warning b
-#endif
-
-
-#if /*
-
-//test
-
-*/ FOOBAR
-#endif
-
-#if/*...*//*...*/A
-#endif

cpp/ql/test/library-tests/preprocessor/preprocessor/preproc.expected

@@ -33,64 +33,17 @@
 | pp.cpp:0:0:0:0 | pp.cpp | 50 | 2 | 50 | 48 | Macro | MACRO_TEMPLATECLASSCONTEXT_REFERENCED | 5 |
 | pp.cpp:0:0:0:0 | pp.cpp | 54 | 3 | 54 | 39 | Macro | MACRO_TEMPLATEMETHODCONTEXT | 6 |
 | pp.cpp:0:0:0:0 | pp.cpp | 57 | 1 | 57 | 21 | PreprocessorIfdef | INSTANTIATION | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 59 | 1 | 59 | 6 | PreprocessorElse |  | N/A |
+| pp.cpp:0:0:0:0 | pp.cpp | 59 | 1 | 59 | 6 | PreprocessorElse | N/A | N/A |
 | pp.cpp:0:0:0:0 | pp.cpp | 60 | 3 | 60 | 21 | Macro | IN_TEMPLATE |  |
-| pp.cpp:0:0:0:0 | pp.cpp | 61 | 1 | 61 | 7 | PreprocessorEndif |  | N/A |
+| pp.cpp:0:0:0:0 | pp.cpp | 61 | 1 | 61 | 7 | PreprocessorEndif | N/A | N/A |
 | pp.cpp:0:0:0:0 | pp.cpp | 69 | 1 | 69 | 21 | Macro | INSTANTIATION |  |
 | pp.cpp:0:0:0:0 | pp.cpp | 72 | 1 | 72 | 11 | Macro | BAR |  |
-| pp.cpp:0:0:0:0 | pp.cpp | 74 | 1 | 75 | 14 | PreprocessorIf | defined(BAR) && defined(BAR) | N/A |
+| pp.cpp:0:0:0:0 | pp.cpp | 74 | 1 | 74 | 21 | PreprocessorIf | defined(BAR) && \\ | N/A |
 | pp.cpp:0:0:0:0 | pp.cpp | 76 | 1 | 76 | 20 | PreprocessorWarning | BAR defined | N/A |
 | pp.cpp:0:0:0:0 | pp.cpp | 77 | 1 | 77 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 79 | 1 | 80 | 26 | PreprocessorIf | defined MACROTHREE && (defined(MACROONE)) | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 81 | 1 | 81 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 83 | 1 | 83 | 26 | PreprocessorIf | defined SIMPLE_COMMENT | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 85 | 1 | 85 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 87 | 1 | 88 | 16 | PreprocessorIf | defined(FOO) && defined(BAR) | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 90 | 1 | 90 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 92 | 1 | 94 | 17 | PreprocessorIf | defined(FOO) && defined(BAR) && !defined(BAZ) | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 96 | 1 | 96 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 98 | 1 | 98 | 13 | Macro | FOO | 8 |
-| pp.cpp:0:0:0:0 | pp.cpp | 99 | 1 | 99 | 13 | Macro | BAR | 2 |
-| pp.cpp:0:0:0:0 | pp.cpp | 100 | 1 | 100 | 13 | Macro | BAZ | 4 |
-| pp.cpp:0:0:0:0 | pp.cpp | 101 | 1 | 104 | 8 | PreprocessorIf | ((FOO / BAR) == 4) && ((BAZ * QUX) > 10) | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 106 | 1 | 106 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 109 | 1 | 111 | 13 | PreprocessorIf | defined(FOO) && defined(BAR) && defined(BAZ) | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 112 | 1 | 112 | 29 | Macro | CONDITIONAL_MACRO_4 | 4 |
-| pp.cpp:0:0:0:0 | pp.cpp | 113 | 1 | 113 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 116 | 1 | 116 | 39 | PreprocessorIf | defined SIMPLE_COMMENT | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 118 | 1 | 118 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 120 | 1 | 120 | 12 | PreprocessorWarning | foo | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 122 | 1 | 122 | 12 | PreprocessorWarning | foo | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 126 | 1 | 126 | 12 | PreprocessorWarning | foo | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 129 | 1 | 129 | 12 | PreprocessorWarning | foo | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 134 | 1 | 134 | 13 | Macro | FOO | 8 |
-| pp.cpp:0:0:0:0 | pp.cpp | 135 | 1 | 135 | 13 | Macro | BAR | 2 |
-| pp.cpp:0:0:0:0 | pp.cpp | 136 | 1 | 136 | 13 | Macro | BAZ | 4 |
-| pp.cpp:0:0:0:0 | pp.cpp | 137 | 1 | 142 | 8 | PreprocessorIf | ((FOO / BAR) == 4) && ((BAZ * QUX) > 10) | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 144 | 1 | 144 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 146 | 1 | 146 | 11 | Macro | X | 1 |
-| pp.cpp:0:0:0:0 | pp.cpp | 147 | 1 | 147 | 11 | Macro | Y | 2 |
-| pp.cpp:0:0:0:0 | pp.cpp | 148 | 1 | 149 | 36 | PreprocessorIf | defined(X) && defined(Y) | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 151 | 1 | 151 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 153 | 1 | 157 | 3 | PreprocessorWarning | FOO BAR | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 160 | 1 | 160 | 12 | PreprocessorWarning | foo | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 166 | 1 | 166 | 22 | PreprocessorIf | A &&B | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 167 | 1 | 167 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 170 | 1 | 170 | 20 | PreprocessorIf | A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 171 | 1 | 171 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 173 | 1 | 175 | 6 | PreprocessorIf | A && B | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 176 | 1 | 176 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 179 | 1 | 183 | 9 | PreprocessorIfdef | FOOBAR | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 185 | 1 | 185 | 5 | PreprocessorElse | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 186 | 1 | 186 | 10 | PreprocessorWarning | b | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 187 | 1 | 187 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 190 | 1 | 194 | 9 | PreprocessorIf | FOOBAR | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 195 | 1 | 195 | 6 | PreprocessorEndif | N/A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 197 | 1 | 197 | 18 | PreprocessorIf | A | N/A |
-| pp.cpp:0:0:0:0 | pp.cpp | 198 | 1 | 198 | 6 | PreprocessorEndif | N/A | N/A |
 | pp.h:0:0:0:0 | pp.h | 1 | 1 | 1 | 12 | PreprocessorPragma | once | N/A |
 | pp.h:0:0:0:0 | pp.h | 2 | 1 | 2 | 29 | PreprocessorWarning | "This should happen" | N/A |
-| pp.h:0:0:0:0 | pp.h | 3 | 1 | 3 | 27 | PreprocessorLine | 33 "emerald_city.h" | N/A |
+| pp.h:0:0:0:0 | pp.h | 3 | 1 | 3 | 27 | PreprocessorLine | 33  "emerald_city.h" | N/A |
 | pp.h:0:0:0:0 | pp.h | 4 | 1 | 4 | 30 | PreprocessorPragma | byte_order(big_endian) | N/A |
 | pp.h:0:0:0:0 | pp.h | 5 | 1 | 5 | 33 | PreprocessorWarning | "Not in Kansas any more" | N/A |
 | pp.h:0:0:0:0 | pp.h | 7 | 1 | 11 | 8 | Macro | MULTILINE | world a long |

cpp/ql/test/query-tests/Diagnostics/ExtractionErrors.expected

@@ -1,3 +1,2 @@
-| containserror.cpp:9:14:9:14 | Recoverable extraction error: 'x' has already been declared in the current scope | Extraction failed in containserror.cpp with error "containserror.cpp", line 9: error: "x" has already been declared in the current scope\n  \tconst char *x = "Foo2 $$@ bar2 $$@ baz2";\n  \t            ^\n\n | 2 |
 | doesnotcompile.cpp:4:2:4:2 | Recoverable extraction error: identifier 'This' is undefined | Extraction failed in doesnotcompile.cpp with error "doesnotcompile.cpp", line 4: error: identifier "This" is undefined\n  \tThis is not correct C/C++ code.\n  \t^\n\n | 2 |
 | doesnotcompile.cpp:4:10:4:10 | Recoverable extraction error: expected a ';' | Extraction failed in doesnotcompile.cpp with error "doesnotcompile.cpp", line 4: error: expected a ";"\n  \tThis is not correct C/C++ code.\n  \t        ^\n\n | 2 |

cpp/ql/test/query-tests/Diagnostics/ExtractionWarnings.expected

@@ -1,3 +1,2 @@
-| containserror.cpp:9:14:9:14 | Recoverable extraction error: 'x' has already been declared in the current scope | Extraction failed in containserror.cpp with warning "containserror.cpp", line 9: error: "x" has already been declared in the current scope\n  \tconst char *x = "Foo2 $$@ bar2 $$@ baz2";\n  \t            ^\n\n | 1 |
 | doesnotcompile.cpp:4:2:4:2 | Recoverable extraction error: identifier 'This' is undefined | Extraction failed in doesnotcompile.cpp with warning "doesnotcompile.cpp", line 4: error: identifier "This" is undefined\n  \tThis is not correct C/C++ code.\n  \t^\n\n | 1 |
 | doesnotcompile.cpp:4:10:4:10 | Recoverable extraction error: expected a ';' | Extraction failed in doesnotcompile.cpp with warning "doesnotcompile.cpp", line 4: error: expected a ";"\n  \tThis is not correct C/C++ code.\n  \t        ^\n\n | 1 |

cpp/ql/test/query-tests/Diagnostics/Info.expected

@@ -1,4 +1,4 @@
-| containserror.cpp:0:0:0:0 | containserror.cpp | containserror.cpp | ExtractionProblem (severity 1), fromSource, normalTermination |
+| containserror.cpp:0:0:0:0 | containserror.cpp | containserror.cpp | fromSource, normalTermination |
 | containswarning.cpp:0:0:0:0 | containswarning.cpp | containswarning.cpp | fromSource, normalTermination |
 | doesnotcompile.cpp:0:0:0:0 | doesnotcompile.cpp | doesnotcompile.cpp | ExtractionProblem (severity 1), fromSource, normalTermination |
 | file://:0:0:0:0 |  |  |  |

cpp/ql/test/query-tests/Diagnostics/containserror.cpp

@@ -3,8 +3,3 @@
 void containserror() {
 	#error An error!
 }
-
-void error_with_placeholder() {
-	const char *x = "Foo1 $@ bar1 $@ baz1";
-	const char *x = "Foo2 $@ bar2 $@ baz2";
-}

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DependabotProxy.cs

@@ -1,22 +1,14 @@
 using System;
-using System.Collections.Generic;
+using System.Diagnostics;
 using System.IO;
 using System.Security.Cryptography.X509Certificates;
 using Semmle.Util;
 using Semmle.Util.Logging;
-using Newtonsoft.Json;
 
 namespace Semmle.Extraction.CSharp.DependencyFetching
 {
     public class DependabotProxy : IDisposable
     {
-        /// <summary>
-        /// Represents configurations for package registries.
-        /// </summary>
-        /// <param name="Type">The type of package registry.</param>
-        /// <param name="URL">The URL of the package registry.</param>
-        public record class RegistryConfig(string Type, string URL);
-
         private readonly string host;
         private readonly string port;
 
@@ -25,10 +17,6 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         /// </summary>
         internal string Address { get; }
         /// <summary>
-        /// The URLs of package registries that are configured for the proxy.
-        /// </summary>
-        internal HashSet<string> RegistryURLs { get; }
-        /// <summary>
         /// The path to the temporary file where the certificate is stored.
         /// </summary>
         internal string? CertificatePath { get; private set; }
@@ -79,39 +67,6 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
                 result.Certificate = X509Certificate2.CreateFromPem(cert);
             }
 
-            // Try to obtain the list of private registry URLs.
-            var registryURLs = Environment.GetEnvironmentVariable(EnvironmentVariableNames.ProxyURLs);
-
-            if (!string.IsNullOrWhiteSpace(registryURLs))
-            {
-                try
-                {
-                    // The value of the environment variable should be a JSON array of objects, such as:
-                    // [ { "type": "nuget_feed", "url": "https://nuget.pkg.github.com/org/index.json" } ]
-                    var array = JsonConvert.DeserializeObject<List<RegistryConfig>>(registryURLs);
-                    if (array is not null)
-                    {
-                        foreach (RegistryConfig config in array)
-                        {
-                            // The array contains all configured private registries, not just ones for C#.
-                            // We ignore the non-C# ones here.
-                            if (!config.Type.Equals("nuget_feed"))
-                            {
-                                logger.LogDebug($"Ignoring registry at '{config.URL}' since it is not of type 'nuget_feed'.");
-                                continue;
-                            }
-
-                            logger.LogInfo($"Found private registry at '{config.URL}'");
-                            result.RegistryURLs.Add(config.URL);
-                        }
-                    }
-                }
-                catch (JsonException ex)
-                {
-                    logger.LogError($"Unable to parse '{EnvironmentVariableNames.ProxyURLs}': {ex.Message}");
-                }
-            }
-
             return result;
         }
 
@@ -120,7 +75,6 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             this.host = host;
             this.port = port;
             this.Address = $"http://{this.host}:{this.port}";
-            this.RegistryURLs = new HashSet<string>();
         }
 
         public void Dispose()

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNet.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.IO;
 using System.Linq;
+
 using Newtonsoft.Json.Linq;
 
 using Semmle.Util;
@@ -76,11 +77,6 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
                 args += " /p:EnableWindowsTargeting=true";
             }
 
-            if (restoreSettings.ExtraArgs is not null)
-            {
-                args += $" {restoreSettings.ExtraArgs}";
-            }
-
             return args;
         }
 

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/EnvironmentVariableNames.cs

@@ -89,10 +89,5 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         /// Contains the certificate used by the Dependabot proxy.
         /// </summary>
         public const string ProxyCertificate = "CODEQL_PROXY_CA_CERTIFICATE";
-
-        /// <summary>
-        /// Contains the URLs of private nuget registries as a JSON array.
-        /// </summary>
-        public const string ProxyURLs = "CODEQL_PROXY_URLS";
     }
 }

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/IDotNet.cs

@@ -17,7 +17,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         IList<string> GetNugetFeedsFromFolder(string folderPath);
     }
 
-    public record class RestoreSettings(string File, string PackageDirectory, bool ForceDotnetRefAssemblyFetching, string? ExtraArgs = null, string? PathToNugetConfig = null, bool ForceReevaluation = false, bool TargetWindows = false);
+    public record class RestoreSettings(string File, string PackageDirectory, bool ForceDotnetRefAssemblyFetching, string? PathToNugetConfig = null, bool ForceReevaluation = false, bool TargetWindows = false);
 
     public partial record class RestoreResult(bool Success, IList<string> Output)
     {

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs

@@ -103,11 +103,10 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             compilationInfoContainer.CompilationInfos.Add(("NuGet feed responsiveness checked", checkNugetFeedResponsiveness ? "1" : "0"));
 
             HashSet<string>? explicitFeeds = null;
-            HashSet<string>? allFeeds = null;
 
             try
             {
-                if (checkNugetFeedResponsiveness && !CheckFeeds(out explicitFeeds, out allFeeds))
+                if (checkNugetFeedResponsiveness && !CheckFeeds(out explicitFeeds))
                 {
                     // todo: we could also check the reachability of the inherited nuget feeds, but to use those in the fallback we would need to handle authentication too.
                     var unresponsiveMissingPackageLocation = DownloadMissingPackagesFromSpecificFeeds([], explicitFeeds);
@@ -157,7 +156,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
 
             var restoredProjects = RestoreSolutions(out var container);
             var projects = fileProvider.Projects.Except(restoredProjects);
-            RestoreProjects(projects, allFeeds, out var containers);
+            RestoreProjects(projects, out var containers);
 
             var dependencies = containers.Flatten(container);
 
@@ -261,33 +260,8 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         /// Populates dependencies with the relative paths to the assets files generated by the restore.
         /// </summary>
         /// <param name="projects">A list of paths to project files.</param>
-        private void RestoreProjects(IEnumerable<string> projects, HashSet<string>? configuredSources, out ConcurrentBag<DependencyContainer> dependencies)
+        private void RestoreProjects(IEnumerable<string> projects, out ConcurrentBag<DependencyContainer> dependencies)
         {
-            // Conservatively, we only set this to a non-null value if a Dependabot proxy is enabled.
-            // This ensures that we continue to get the old behaviour where feeds are taken from
-            // `nuget.config` files instead of the command-line arguments.
-            string? extraArgs = null;
-
-            if (this.dependabotProxy is not null)
-            {
-                // If the Dependabot proxy is configured, then our main goal is to make `dotnet` aware
-                // of the private registry feeds. However, since providing them as command-line arguments
-                // to `dotnet` ignores other feeds that may be configured, we also need to add the feeds
-                // we have discovered from analysing `nuget.config` files.
-                var sources = configuredSources ?? new();
-                this.dependabotProxy.RegistryURLs.ForEach(url => sources.Add(url));
-
-                // Add package sources. If any are present, they override all sources specified in
-                // the configuration file(s).
-                var feedArgs = new StringBuilder();
-                foreach (string source in sources)
-                {
-                    feedArgs.Append($" -s {source}");
-                }
-
-                extraArgs = feedArgs.ToString();
-            }
-
             var successCount = 0;
             var nugetSourceFailures = 0;
             ConcurrentBag<DependencyContainer> collectedDependencies = [];
@@ -302,7 +276,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
                 foreach (var project in projectGroup)
                 {
                     logger.LogInfo($"Restoring project {project}...");
-                    var res = dotnet.Restore(new(project, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, extraArgs, TargetWindows: isWindows));
+                    var res = dotnet.Restore(new(project, PackageDirectory.DirInfo.FullName, ForceDotnetRefAssemblyFetching: true, TargetWindows: isWindows));
                     assets.AddDependenciesRange(res.AssetsFilePaths);
                     lock (sync)
                     {
@@ -706,42 +680,10 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             return (timeoutMilliSeconds, tryCount);
         }
 
-        /// <summary>
-        /// Checks that we can connect to all Nuget feeds that are explicitly configured in configuration files
-        /// as well as any private package registry feeds that are configured.
-        /// </summary>
-        /// <param name="explicitFeeds">Outputs the set of explicit feeds.</param>
-        /// <param name="allFeeds">Outputs the set of all feeds (explicit and inherited).</param>
-        /// <returns>True if all feeds are reachable or false otherwise.</returns>
-        private bool CheckFeeds(out HashSet<string> explicitFeeds, out HashSet<string> allFeeds)
+        private bool CheckFeeds(out HashSet<string> explicitFeeds)
         {
-            (explicitFeeds, allFeeds) = GetAllFeeds();
-            HashSet<string> feedsToCheck = explicitFeeds;
-
-            // If private package registries are configured for C#, then check those
-            // in addition to the ones that are configured in `nuget.config` files.
-            this.dependabotProxy?.RegistryURLs.ForEach(url => feedsToCheck.Add(url));
-
-            var allFeedsReachable = this.CheckSpecifiedFeeds(feedsToCheck);
-
-            var inheritedFeeds = allFeeds.Except(explicitFeeds).ToHashSet();
-            if (inheritedFeeds.Count > 0)
-            {
-                logger.LogInfo($"Inherited Nuget feeds (not checked for reachability): {string.Join(", ", inheritedFeeds.OrderBy(f => f))}");
-                compilationInfoContainer.CompilationInfos.Add(("Inherited Nuget feed count", inheritedFeeds.Count.ToString()));
-            }
-
-            return allFeedsReachable;
-        }
-
-        /// <summary>
-        /// Checks that we can connect to the specified Nuget feeds.
-        /// </summary>
-        /// <param name="feeds">The set of package feeds to check.</param>
-        /// <returns>True if all feeds are reachable or false otherwise.</returns>
-        private bool CheckSpecifiedFeeds(HashSet<string> feeds)
-        {
-            logger.LogInfo("Checking that Nuget feeds are reachable...");
+            logger.LogInfo("Checking Nuget feeds...");
+            (explicitFeeds, var allFeeds) = GetAllFeeds();
 
             var excludedFeeds = EnvironmentVariables.GetURLs(EnvironmentVariableNames.ExcludedNugetFeedsFromResponsivenessCheck)
                 .ToHashSet();
@@ -753,7 +695,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
 
             var (initialTimeout, tryCount) = GetFeedRequestSettings(isFallback: false);
 
-            var allFeedsReachable = feeds.All(feed => excludedFeeds.Contains(feed) || IsFeedReachable(feed, initialTimeout, tryCount));
+            var allFeedsReachable = explicitFeeds.All(feed => excludedFeeds.Contains(feed) || IsFeedReachable(feed, initialTimeout, tryCount));
             if (!allFeedsReachable)
             {
                 logger.LogWarning("Found unreachable Nuget feed in C# analysis with build-mode 'none'. This may cause missing dependencies in the analysis.");
@@ -768,6 +710,14 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             }
             compilationInfoContainer.CompilationInfos.Add(("All Nuget feeds reachable", allFeedsReachable ? "1" : "0"));
 
+
+            var inheritedFeeds = allFeeds.Except(explicitFeeds).ToHashSet();
+            if (inheritedFeeds.Count > 0)
+            {
+                logger.LogInfo($"Inherited Nuget feeds (not checked for reachability): {string.Join(", ", inheritedFeeds.OrderBy(f => f))}");
+                compilationInfoContainer.CompilationInfos.Add(("Inherited Nuget feed count", inheritedFeeds.Count.ToString()));
+            }
+
             return allFeedsReachable;
         }
 
@@ -816,33 +766,23 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             }
 
             // todo: this could be improved.
-            HashSet<string>? allFeeds = null;
-
-            if (nugetConfigs.Count > 0)
-            {
-                // We don't have to get the feeds from each of the folders from below, it would be enought to check the folders that recursively contain the others.
-                allFeeds = nugetConfigs
-                    .Select(config =>
+            // We don't have to get the feeds from each of the folders from below, it would be enought to check the folders that recursively contain the others.
+            var allFeeds = nugetConfigs
+                .Select(config =>
+                {
+                    try
                     {
-                        try
-                        {
-                            return new FileInfo(config).Directory?.FullName;
-                        }
-                        catch (Exception exc)
-                        {
-                            logger.LogWarning($"Failed to get directory of '{config}': {exc}");
-                        }
-                        return null;
-                    })
-                    .Where(folder => folder != null)
-                    .SelectMany(folder => GetFeeds(() => dotnet.GetNugetFeedsFromFolder(folder!)))
-                    .ToHashSet();
-            }
-            else
-            {
-                // If we haven't found any `nuget.config` files, then obtain a list of feeds from the root source directory.
-                allFeeds = GetFeeds(() => dotnet.GetNugetFeedsFromFolder(this.fileProvider.SourceDir.FullName)).ToHashSet();
-            }
+                        return new FileInfo(config).Directory?.FullName;
+                    }
+                    catch (Exception exc)
+                    {
+                        logger.LogWarning($"Failed to get directory of '{config}': {exc}");
+                    }
+                    return null;
+                })
+                .Where(folder => folder != null)
+                .SelectMany(folder => GetFeeds(() => dotnet.GetNugetFeedsFromFolder(folder!)))
+                .ToHashSet();
 
             logger.LogInfo($"Found {allFeeds.Count} Nuget feeds (with inherited ones) in nuget.config files: {string.Join(", ", allFeeds.OrderBy(f => f))}");
 

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/SourceGenerators/DotnetSourceGeneratorWrapper/DotnetSourceGeneratorWrapper.cs

@@ -37,8 +37,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         {
             try
             {
-                var relativePathToCsProj = Path.GetRelativePath(sourceDir, csprojFile)
-                    .Replace('\\', '/'); // Ensure we're generating the same hash regardless of the OS
+                var relativePathToCsProj = Path.GetRelativePath(sourceDir, csprojFile);
                 var name = FileUtils.ComputeHash($"{relativePathToCsProj}\n{this.GetType().Name}");
                 using var tempDir = new TemporaryDirectory(Path.Join(FileUtils.GetTemporaryWorkingDirectory(out _), "source-generator"), "source generator temporary", logger);
                 var analyzerConfigPath = Path.Combine(tempDir.DirInfo.FullName, $"{name}.txt");

csharp/extractor/Semmle.Extraction.Tests/DotNet.cs

@@ -123,7 +123,7 @@ namespace Semmle.Extraction.Tests
             var dotnet = MakeDotnet(dotnetCliInvoker);
 
             // Execute
-            var res = dotnet.Restore(new("myproject.csproj", "mypackages", false, null, "myconfig.config"));
+            var res = dotnet.Restore(new("myproject.csproj", "mypackages", false, "myconfig.config"));
 
             // Verify
             var lastArgs = dotnetCliInvoker.GetLastArgs();
@@ -141,7 +141,7 @@ namespace Semmle.Extraction.Tests
             var dotnet = MakeDotnet(dotnetCliInvoker);
 
             // Execute
-            var res = dotnet.Restore(new("myproject.csproj", "mypackages", false, null, "myconfig.config", true));
+            var res = dotnet.Restore(new("myproject.csproj", "mypackages", false, "myconfig.config", true));
 
             // Verify
             var lastArgs = dotnetCliInvoker.GetLastArgs();

csharp/paket.dependencies

@@ -4,7 +4,7 @@ source https://api.nuget.org/v3/index.json
 # behave like nuget in choosing transitive dependency versions
 strategy: max
 
-nuget Basic.CompilerLog.Util 0.9.8
+nuget Basic.CompilerLog.Util
 nuget Mono.Posix.NETStandard
 nuget Newtonsoft.Json
 nuget xunit

csharp/paket.lock

@@ -3,12 +3,12 @@ STRATEGY: MAX
 RESTRICTION: == net9.0
 NUGET
   remote: https://api.nuget.org/v3/index.json
-    Basic.CompilerLog.Util (0.9.8)
+    Basic.CompilerLog.Util (0.9.4)
       MessagePack (>= 2.5.187)
-      Microsoft.CodeAnalysis (>= 4.12)
-      Microsoft.CodeAnalysis.CSharp (>= 4.12)
-      Microsoft.CodeAnalysis.VisualBasic (>= 4.12)
-      Microsoft.Extensions.ObjectPool (>= 9.0.2)
+      Microsoft.CodeAnalysis (>= 4.11)
+      Microsoft.CodeAnalysis.CSharp (>= 4.11)
+      Microsoft.CodeAnalysis.VisualBasic (>= 4.11)
+      Microsoft.Extensions.ObjectPool (>= 9.0)
       MSBuild.StructuredLogger (>= 2.2.243)
       System.Buffers (>= 4.6)
     Humanizer.Core (2.14.1)
@@ -96,7 +96,7 @@ NUGET
       System.Reflection.Metadata (>= 8.0)
       System.Threading.Channels (>= 7.0)
     Microsoft.CodeCoverage (17.12)
-    Microsoft.Extensions.ObjectPool (9.0.3)
+    Microsoft.Extensions.ObjectPool (9.0)
     Microsoft.NET.StringTools (17.12.6)
     Microsoft.NET.Test.Sdk (17.12)
       Microsoft.CodeCoverage (>= 17.12)

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1,7 +1,3 @@
-## 1.7.37
-
-No user-facing changes.
-
 ## 1.7.36
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.37.md

@@ -1,3 +0,0 @@
-## 1.7.37
-
-No user-facing changes.

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.37
+lastReleaseVersion: 1.7.36

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.37
+version: 1.7.37-dev
 groups:
   - csharp
   - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1,7 +1,3 @@
-## 1.7.37
-
-No user-facing changes.
-
 ## 1.7.36
 
 No user-facing changes.

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.37.md

@@ -1,3 +0,0 @@
-## 1.7.37
-
-No user-facing changes.

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.37
+lastReleaseVersion: 1.7.36

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.37
+version: 1.7.37-dev
 groups:
   - csharp
   - solorigate

csharp/ql/consistency-queries/DataFlowConsistency.ql

@@ -34,18 +34,30 @@ private module Input implements InputSig<Location, CsharpDataFlow> {
     n instanceof FlowSummaryNode
     or
     n.asExpr().(ObjectCreation).hasInitializer()
-    or
-    exists(
-      n.(PostUpdateNode).getPreUpdateNode().asExprAtNode(LocalFlow::getPostUpdateReverseStep(_))
-    )
   }
 
   predicate argHasPostUpdateExclude(ArgumentNode n) {
     n instanceof FlowSummaryNode
     or
-    n instanceof ParamsArgumentNode
+    not exists(LocalFlow::getAPostUpdateNodeForArg(n.getControlFlowNode()))
     or
-    n.asExpr() = any(Expr e | not exprMayHavePostUpdateNode(e))
+    n instanceof ParamsArgumentNode
+  }
+
+  predicate postHasUniquePreExclude(PostUpdateNode n) {
+    exists(ControlFlow::Nodes::ExprNode e, ControlFlow::Nodes::ExprNode arg |
+      e = LocalFlow::getAPostUpdateNodeForArg(arg) and
+      e != arg and
+      n = TExprPostUpdateNode(e)
+    )
+  }
+
+  predicate uniquePostUpdateExclude(Node n) {
+    exists(ControlFlow::Nodes::ExprNode e, ControlFlow::Nodes::ExprNode arg |
+      e = LocalFlow::getAPostUpdateNodeForArg(arg) and
+      e != arg and
+      n.asExpr() = arg.getExpr()
+    )
   }
 
   predicate reverseReadExclude(Node n) { n.asExpr() = any(AwaitExpr ae).getExpr() }

csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/Pages/TestPage.razor

@@ -81,10 +81,6 @@
     <MyOutput Value="@InputValue6" />
 </div>
 
-<div>
-    <MyOutput Value="@QueryParam" />
-</div>
-
 @code {
 
     public class Container

csharp/ql/integration-tests/all-platforms/blazor/XSS.expected

@@ -1,18 +0,0 @@
-#select
-| BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | User-provided value |
-| BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | User-provided value |
-| BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | User-provided value |
-edges
-| BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:569:16:577:13 | call to method TypeCheck<String> : String | provenance | Src:MaD:2 MaD:3 |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:569:16:577:13 | call to method TypeCheck<String> : String | BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | provenance | Sink:MaD:1 |
-models
-| 1 | Sink: Microsoft.AspNetCore.Components; MarkupString; false; MarkupString; (System.String); ; Argument[0]; html-injection; manual |
-| 2 | Source: Microsoft.AspNetCore.Components; SupplyParameterFromQueryAttribute; false; ; ; Attribute.Getter; ReturnValue; remote; manual |
-| 3 | Summary: Microsoft.AspNetCore.Components.CompilerServices; RuntimeHelpers; false; TypeCheck<T>; (T); ; Argument[0]; ReturnValue; value; manual |
-nodes
-| BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | semmle.label | access to property Value |
-| BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | semmle.label | access to property UrlParam |
-| BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | semmle.label | access to property QueryParam |
-| BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | semmle.label | access to property QueryParam : String |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:569:16:577:13 | call to method TypeCheck<String> : String | semmle.label | call to method TypeCheck<String> : String |
-subpaths

csharp/ql/integration-tests/all-platforms/blazor/XSS.qlref

@@ -1,2 +0,0 @@
-query: Security Features/CWE-079/XSS.ql
-postprocess: utils/test/PrettyPrintModels.ql

csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor

@@ -81,10 +81,6 @@
     <MyOutput Value="@InputValue6" />
 </div>
 
-<div>
-    <MyOutput Value="@QueryParam" />
-</div>
-
 @code {
 
     public class Container

csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.expected

@@ -1,18 +0,0 @@
-#select
-| BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | User-provided value |
-| BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | User-provided value |
-| BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | User-provided value |
-edges
-| BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | test-db/working/razor/AC613014E59A413B9538FF8068364499/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:569:16:577:13 | call to method TypeCheck<String> : String | provenance | Src:MaD:2 MaD:3 |
-| test-db/working/razor/AC613014E59A413B9538FF8068364499/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:569:16:577:13 | call to method TypeCheck<String> : String | BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | provenance | Sink:MaD:1 |
-models
-| 1 | Sink: Microsoft.AspNetCore.Components; MarkupString; false; MarkupString; (System.String); ; Argument[0]; html-injection; manual |
-| 2 | Source: Microsoft.AspNetCore.Components; SupplyParameterFromQueryAttribute; false; ; ; Attribute.Getter; ReturnValue; remote; manual |
-| 3 | Summary: Microsoft.AspNetCore.Components.CompilerServices; RuntimeHelpers; false; TypeCheck<T>; (T); ; Argument[0]; ReturnValue; value; manual |
-nodes
-| BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | semmle.label | access to property Value |
-| BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | semmle.label | access to property UrlParam |
-| BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | semmle.label | access to property QueryParam |
-| BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | semmle.label | access to property QueryParam : String |
-| test-db/working/razor/AC613014E59A413B9538FF8068364499/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:569:16:577:13 | call to method TypeCheck<String> : String | semmle.label | call to method TypeCheck<String> : String |
-subpaths

csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref

@@ -1,2 +0,0 @@
-query: Security Features/CWE-079/XSS.ql
-postprocess: utils/test/PrettyPrintModels.ql

csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/Pages/TestPage.razor

@@ -81,10 +81,6 @@
     <MyOutput Value="@InputValue6" />
 </div>
 
-<div>
-    <MyOutput Value="@QueryParam" />
-</div>
-
 @code {
 
     public class Container

csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.expected

@@ -1,8 +0,0 @@
-#select
-| BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | User-provided value |
-| BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | User-provided value |
-edges
-nodes
-| BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | semmle.label | access to property UrlParam |
-| BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | semmle.label | access to property QueryParam |
-subpaths

csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.qlref

@@ -1,2 +0,0 @@
-query: Security Features/CWE-079/XSS.ql
-postprocess: utils/test/PrettyPrintModels.ql

csharp/ql/integration-tests/all-platforms/standalone_resx/CompilationInfo.expected

@@ -1,7 +1,6 @@
 | All Nuget feeds reachable | 1.0 |
 | Failed project restore with package source error | 0.0 |
 | Failed solution restore with package source error | 0.0 |
-| Inherited Nuget feed count | 1.0 |
 | NuGet feed responsiveness checked | 1.0 |
 | Project files on filesystem | 1.0 |
 | Reachable fallback Nuget feed count | 1.0 |

csharp/ql/integration-tests/all-platforms/standalone_winforms/CompilationInfo.expected

@@ -1,7 +1,6 @@
 | All Nuget feeds reachable | 1.0 |
 | Failed project restore with package source error | 0.0 |
 | Failed solution restore with package source error | 0.0 |
-| Inherited Nuget feed count | 1.0 |
 | NuGet feed responsiveness checked | 1.0 |
 | Project files on filesystem | 1.0 |
 | Reachable fallback Nuget feed count | 1.0 |

csharp/ql/lib/CHANGELOG.md

@@ -1,10 +1,3 @@
-## 5.1.3
-
-### Minor Analysis Improvements
-
-* The models for `System.Uri` have been modified to better model the flow of tainted URIs.
-* Modeled parameter passing between Blazor parent and child components.
-
 ## 5.1.2
 
 No user-facing changes.

csharp/ql/lib/change-notes/released/5.1.3.md

@@ -1,6 +0,0 @@
-## 5.1.3
-
-### Minor Analysis Improvements
-
-* The models for `System.Uri` have been modified to better model the flow of tainted URIs.
-* Modeled parameter passing between Blazor parent and child components.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.1.3
+lastReleaseVersion: 5.1.2

csharp/ql/lib/ext/System.model.yml

@@ -778,23 +778,9 @@ extensions:
       - ["System", "TupleExtensions", False, "Deconstruct<T1,T2>", "(System.Tuple<T1,T2>,T1,T2)", "", "Argument[0].Property[System.Tuple`2.Item2]", "Argument[2]", "value", "manual"]
       - ["System", "TupleExtensions", False, "Deconstruct<T1>", "(System.Tuple<T1>,T1)", "", "Argument[0].Property[System.Tuple`1.Item1]", "Argument[1]", "value", "manual"]
       - ["System", "Uri", False, "ToString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["System", "Uri", False, "TryCreate", "(System.String,System.UriCreationOptions,System.Uri)", "", "Argument[0]", "Argument[2]", "taint", "manual"]
-      - ["System", "Uri", False, "TryCreate", "(System.String,System.UriKind,System.Uri)", "", "Argument[0]", "Argument[2]", "taint", "manual"]
-      - ["System", "Uri", False, "TryCreate", "(System.Uri,System.String,System.Uri)", "", "Argument[0]", "Argument[2]", "taint", "manual"]
-      - ["System", "Uri", False, "TryCreate", "(System.Uri,System.String,System.Uri)", "", "Argument[1]", "Argument[2]", "taint", "manual"]
-      - ["System", "Uri", False, "TryCreate", "(System.Uri,System.Uri,System.Uri)", "", "Argument[0]", "Argument[2]", "taint", "manual"]
-      - ["System", "Uri", False, "TryCreate", "(System.Uri,System.Uri,System.Uri)", "", "Argument[1]", "Argument[2]", "taint", "manual"]
       - ["System", "Uri", False, "Uri", "(System.String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
       - ["System", "Uri", False, "Uri", "(System.String,System.Boolean)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
       - ["System", "Uri", False, "Uri", "(System.String,System.UriKind)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
-      - ["System", "Uri", False, "Uri", "(System.String,System.UriCreationOptions)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
-      - ["System", "Uri", False, "Uri", "(System.Uri,System.String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
-      - ["System", "Uri", False, "Uri", "(System.Uri,System.String)", "", "Argument[1]", "Argument[this]", "taint", "manual"]
-      - ["System", "Uri", False, "Uri", "(System.Uri,System.String,System.Boolean)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
-      - ["System", "Uri", False, "Uri", "(System.Uri,System.String,System.Boolean)", "", "Argument[1]", "Argument[this]", "taint", "manual"]
-      - ["System", "Uri", False, "get_AbsoluteUri", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["System", "Uri", False, "get_DnsSafeHost", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["System", "Uri", False, "get_LocalPath", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["System", "Uri", False, "get_OriginalString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["System", "Uri", False, "get_PathAndQuery", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["System", "Uri", False, "get_Query", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 5.1.3
+version: 5.1.3-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll

@@ -506,7 +506,7 @@ module SsaFlow {
     result.(Impl::ExprPostUpdateNode).getExpr() =
       n.(PostUpdateNode).getPreUpdateNode().(ExprNode).getControlFlowNode()
     or
-    result.(Impl::WriteDefSourceNode).getDefinition() = n.(ExplicitParameterNode).getSsaDefinition()
+    result.(Impl::ParameterNode).getParameter() = n.(ExplicitParameterNode).getSsaDefinition()
   }
 
   predicate localFlowStep(Ssa::SourceVariable v, Node nodeFrom, Node nodeTo, boolean isUseStep) {
@@ -691,22 +691,19 @@ module LocalFlow {
     )
   }
 
-  /**
-   * Holds if a reverse local flow step should be added from the post-update node
-   * for `e` to the post-update node for the result.
-   *
-   * This is needed to allow for side-effects on compound expressions to propagate
-   * to sub components. For example, in
-   *
-   * ```csharp
-   * m(b ? x : y)
-   * ```
-   *
-   * we add a reverse flow step from `[post] b ? x : y` to `[post] x` and to
-   * `[post] y`, in order for the side-effect of `m` to reach both `x` and `y`.
-   */
-  ControlFlow::Nodes::ExprNode getPostUpdateReverseStep(ControlFlow::Nodes::ExprNode e) {
-    result = getALastEvalNode(e)
+  /** Gets a node for which to construct a post-update node for argument `arg`. */
+  ControlFlow::Nodes::ExprNode getAPostUpdateNodeForArg(ControlFlow::Nodes::ExprNode arg) {
+    arg.getExpr() instanceof Argument and
+    result = getALastEvalNode*(arg) and
+    exists(Expr e, Type t | result.getExpr() = e and t = e.stripCasts().getType() |
+      t instanceof RefType and
+      not t instanceof NullType
+      or
+      t = any(TypeParameter tp | not tp.isValueType())
+      or
+      t.isRefLikeType()
+    ) and
+    not exists(getALastEvalNode(result))
   }
 
   /**
@@ -766,13 +763,6 @@ predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo, string model) {
     VariableCapture::valueStep(nodeFrom, nodeTo)
     or
     nodeTo = nodeFrom.(LocalFunctionCreationNode).getAnAccess(true)
-    or
-    nodeTo.(PostUpdateNode).getPreUpdateNode().(ExprNode).getControlFlowNode() =
-      LocalFlow::getPostUpdateReverseStep(nodeFrom
-            .(PostUpdateNode)
-            .getPreUpdateNode()
-            .(ExprNode)
-            .getControlFlowNode())
   ) and
   model = ""
   or
@@ -1071,20 +1061,6 @@ private class FieldOrPropertyUsedInSource extends FieldOrProperty {
   }
 }
 
-/**
- * Hold if `e` has a type that allows for it to have a post-update node.
- */
-predicate exprMayHavePostUpdateNode(Expr e) {
-  exists(Type t | t = e.stripCasts().getType() |
-    t instanceof RefType and
-    not t instanceof NullType
-    or
-    t = any(TypeParameter tp | not tp.isValueType())
-    or
-    t.isRefLikeType()
-  )
-}
-
 /** A collection of cached types and predicates to be evaluated in the same stage. */
 cached
 private module Cached {
@@ -1130,15 +1106,7 @@ private module Cached {
       cfn.getAstNode().(ObjectCreation).hasInitializer()
     } or
     TExprPostUpdateNode(ControlFlow::Nodes::ExprNode cfn) {
-      (
-        cfn.getExpr() instanceof Argument
-        or
-        cfn =
-          LocalFlow::getPostUpdateReverseStep(any(ControlFlow::Nodes::ExprNode e |
-              exists(any(SourcePostUpdateNode p).getPreUpdateNode().asExprAtNode(e))
-            ))
-      ) and
-      exprMayHavePostUpdateNode(cfn.getExpr())
+      cfn = LocalFlow::getAPostUpdateNodeForArg(_)
       or
       exists(Expr e | e = cfn.getExpr() |
         fieldOrPropertyStore(_, _, _, e, true)
@@ -2754,23 +2722,17 @@ abstract class PostUpdateNode extends Node {
 }
 
 module PostUpdateNodes {
-  abstract class SourcePostUpdateNode extends PostUpdateNode {
-    abstract Node getPreUpdateSourceNode();
-
-    final override Node getPreUpdateNode() { result = this.getPreUpdateSourceNode() }
-  }
-
-  class ObjectCreationNode extends SourcePostUpdateNode, ExprNode, TExprNode {
+  class ObjectCreationNode extends PostUpdateNode, ExprNode, TExprNode {
     private ObjectCreation oc;
 
     ObjectCreationNode() { this = TExprNode(oc.getAControlFlowNode()) }
 
-    override Node getPreUpdateSourceNode() {
+    override Node getPreUpdateNode() {
       exists(ControlFlow::Nodes::ElementNode cfn | this = TExprNode(cfn) |
-        result = TObjectInitializerNode(cfn)
+        result.(ObjectInitializerNode).getControlFlowNode() = cfn
         or
         not oc.hasInitializer() and
-        result = TMallocNode(cfn)
+        result.(MallocNode).getControlFlowNode() = cfn
       )
     }
   }
@@ -2782,7 +2744,7 @@ module PostUpdateNodes {
    * Such a node acts as both a post-update node for the `MallocNode`, as well as
    * a pre-update node for the `ObjectCreationNode`.
    */
-  class ObjectInitializerNode extends SourcePostUpdateNode, NodeImpl, ArgumentNodeImpl,
+  class ObjectInitializerNode extends PostUpdateNode, NodeImpl, ArgumentNodeImpl,
     TObjectInitializerNode
   {
     private ObjectCreation oc;
@@ -2796,7 +2758,7 @@ module PostUpdateNodes {
     /** Gets the initializer to which this initializer node belongs. */
     ObjectOrCollectionInitializer getInitializer() { result = oc.getInitializer() }
 
-    override MallocNode getPreUpdateSourceNode() { result = TMallocNode(cfn) }
+    override MallocNode getPreUpdateNode() { result.getControlFlowNode() = cfn }
 
     override predicate argumentOf(DataFlowCall call, ArgumentPosition pos) {
       pos.isQualifier() and
@@ -2819,12 +2781,23 @@ module PostUpdateNodes {
     override string toStringImpl() { result = "[pre-initializer] " + cfn }
   }
 
-  class ExprPostUpdateNode extends SourcePostUpdateNode, NodeImpl, TExprPostUpdateNode {
+  class ExprPostUpdateNode extends PostUpdateNode, NodeImpl, TExprPostUpdateNode {
     private ControlFlow::Nodes::ElementNode cfn;
 
     ExprPostUpdateNode() { this = TExprPostUpdateNode(cfn) }
 
-    override ExprNode getPreUpdateSourceNode() { result = TExprNode(cfn) }
+    override ExprNode getPreUpdateNode() {
+      // For compound arguments, such as `m(b ? x : y)`, we want the leaf nodes
+      // `[post] x` and `[post] y` to have two pre-update nodes: (1) the compound argument,
+      // `if b then x else y`; and the (2) the underlying expressions; `x` and `y`,
+      // respectively.
+      //
+      // This ensures that we get flow out of the call into both leafs (1), while still
+      // maintaining the invariant that the underlying expression is a pre-update node (2).
+      cfn = LocalFlow::getAPostUpdateNodeForArg(result.getControlFlowNode())
+      or
+      cfn = result.getControlFlowNode()
+    }
 
     override DataFlowCallable getEnclosingCallableImpl() {
       result.getAControlFlowNode() = cfn
@@ -2852,41 +2825,41 @@ module PostUpdateNodes {
     override Node getPreUpdateNode() { result.(FlowSummaryNode).getSummaryNode() = preUpdateNode }
   }
 
-  private class InstanceParameterAccessPostUpdateNode extends SourcePostUpdateNode,
+  private class InstanceParameterAccessPostUpdateNode extends PostUpdateNode,
     InstanceParameterAccessNode
   {
     InstanceParameterAccessPostUpdateNode() { isPostUpdate = true }
 
-    override InstanceParameterAccessPreNode getPreUpdateSourceNode() {
+    override InstanceParameterAccessPreNode getPreUpdateNode() {
       result = TInstanceParameterAccessNode(cfn, false)
     }
 
     override string toStringImpl() { result = "[post] this" }
   }
 
-  private class PrimaryConstructorThisAccessPostUpdateNode extends SourcePostUpdateNode,
+  private class PrimaryConstructorThisAccessPostUpdateNode extends PostUpdateNode,
     PrimaryConstructorThisAccessNode
   {
     PrimaryConstructorThisAccessPostUpdateNode() { isPostUpdate = true }
 
-    override PrimaryConstructorThisAccessPreNode getPreUpdateSourceNode() {
+    override PrimaryConstructorThisAccessPreNode getPreUpdateNode() {
       result = TPrimaryConstructorThisAccessNode(p, false, callable)
     }
 
     override string toStringImpl() { result = "[post] this" }
   }
 
-  class LocalFunctionCreationPostUpdateNode extends LocalFunctionCreationNode, SourcePostUpdateNode {
+  class LocalFunctionCreationPostUpdateNode extends LocalFunctionCreationNode, PostUpdateNode {
     LocalFunctionCreationPostUpdateNode() { isPostUpdate = true }
 
-    override LocalFunctionCreationPreNode getPreUpdateSourceNode() {
+    override LocalFunctionCreationPreNode getPreUpdateNode() {
       result = TLocalFunctionCreationNode(cfn, false)
     }
 
     override string toStringImpl() { result = "[post] " + cfn }
   }
 
-  private class CapturePostUpdateNode extends SourcePostUpdateNode, CaptureNode {
+  private class CapturePostUpdateNode extends PostUpdateNode, CaptureNode {
     private CaptureNode pre;
 
     CapturePostUpdateNode() {
@@ -2894,7 +2867,7 @@ module PostUpdateNodes {
         pre.getSynthesizedCaptureNode())
     }
 
-    override CaptureNode getPreUpdateSourceNode() { result = pre }
+    override CaptureNode getPreUpdateNode() { result = pre }
 
     override string toStringImpl() { result = "[post] " + cn }
   }

csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll

@@ -147,16 +147,6 @@ predicate localFlow(Node source, Node sink) { localFlowStep*(source, sink) }
 pragma[inline]
 predicate localExprFlow(Expr e1, Expr e2) { localFlow(exprNode(e1), exprNode(e2)) }
 
-/**
- * A module importing the modules that provide non local jump node declarations,
- * ensuring that they are visible to the taint tracking / data flow library.
- */
-private module JumpNodes {
-  private import semmle.code.csharp.frameworks.microsoft.aspnetcore.Components
-  private import semmle.code.csharp.frameworks.Razor
-  private import semmle.code.csharp.frameworks.NHibernate
-}
-
 /**
  * A data flow node that jumps between callables. This can be extended in
  * framework code to add additional data flow steps.

csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll

@@ -1023,12 +1023,16 @@ private module DataFlowIntegrationInput implements Impl::DataFlowIntegrationInpu
 
   Expr getARead(Definition def) { exists(getAReadAtNode(def, result)) }
 
-  predicate ssaDefHasSource(WriteDefinition def) {
+  predicate ssaDefAssigns(WriteDefinition def, Expr value) {
     // exclude flow directly from RHS to SSA definition, as we instead want to
-    // go from RHS to matching assignable definition, and from there to SSA definition
-    def instanceof Ssa::ImplicitParameterDefinition
+    // go from RHS to matching assingnable definition, and from there to SSA definition
+    none()
   }
 
+  class Parameter = Ssa::ImplicitParameterDefinition;
+
+  predicate ssaDefInitializesParam(WriteDefinition def, Parameter p) { def = p }
+
   /**
    * Allows for flow into uncertain defintions that are not call definitions,
    * as we, conservatively, consider such definitions to be certain.
@@ -1058,7 +1062,7 @@ private module DataFlowIntegrationInput implements Impl::DataFlowIntegrationInpu
   }
 
   /** Holds if the guard `guard` controls block `bb` upon evaluating to `branch`. */
-  predicate guardDirectlyControlsBlock(Guard guard, ControlFlow::BasicBlock bb, boolean branch) {
+  predicate guardControlsBlock(Guard guard, ControlFlow::BasicBlock bb, boolean branch) {
     exists(ConditionBlock conditionBlock, ControlFlow::SuccessorTypes::ConditionalSuccessor s |
       guard.getAControlFlowNode() = conditionBlock.getLastNode() and
       s.getValue() = branch and

csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/aspnetcore/Components.qll

@@ -112,16 +112,6 @@ class MicrosoftAspNetCoreComponentsComponent extends Class {
   }
 }
 
-/**
- * The `Microsoft.AspNetCore.Components.Rendering.RenderTreeBuilder::AddComponentParameter` method.
- */
-private class MicrosoftAspNetCoreComponentsAddComponentParameterMethod extends Method {
-  MicrosoftAspNetCoreComponentsAddComponentParameterMethod() {
-    this.hasFullyQualifiedName("Microsoft.AspNetCore.Components.Rendering", "RenderTreeBuilder",
-      "AddComponentParameter")
-  }
-}
-
 private module Sources {
   private import semmle.code.csharp.security.dataflow.flowsources.Remote
 
@@ -143,44 +133,3 @@ private module Sources {
     override string getSourceType() { result = "ASP.NET Core component route parameter" }
   }
 }
-
-private module JumpNodes {
-  /**
-   * A call to `Microsoft.AspNetCore.Components.Rendering.RenderTreeBuilder::AddComponentParameter` which
-   * sets the value of a parameter.
-   */
-  private class ParameterPassingCall extends Call {
-    ParameterPassingCall() {
-      this.getTarget() instanceof MicrosoftAspNetCoreComponentsAddComponentParameterMethod
-    }
-
-    /**
-     * Gets the property whose value is being set.
-     */
-    Property getParameterProperty() {
-      result.getAnAttribute() instanceof MicrosoftAspNetCoreComponentsParameterAttribute and
-      exists(NameOfExpr ne | ne = this.getArgument(1) | result.getAnAccess() = ne.getAccess())
-    }
-
-    /**
-     * Gets the value being set.
-     */
-    Expr getParameterValue() { result = this.getArgument(2) }
-  }
-
-  private class ComponentParameterJump extends DataFlow::NonLocalJumpNode {
-    Property prop;
-
-    ComponentParameterJump() {
-      exists(ParameterPassingCall call |
-        prop = call.getParameterProperty() and
-        this.asExpr() = call.getParameterValue()
-      )
-    }
-
-    override DataFlow::Node getAJumpSuccessor(boolean preservesValue) {
-      preservesValue = true and
-      result.asExpr() = prop.getAnAccess()
-    }
-  }
-}

csharp/ql/src/CHANGELOG.md

@@ -1,18 +1,3 @@
-## 1.1.0
-
-### New Queries
-
-* Added a new query, `csharp/path-combine`, to recommend against the `Path.Combine` method due to it silently discarding its earlier parameters if later parameters are rooted.
-
-### Minor Analysis Improvements
-
-* Improved dependency resolution in `build-mode: none` extraction to handle failing `dotnet restore` processes that managed to download a subset of the dependencies before the failure.
-* Increase query precision for `cs/useless-gethashcode-call` by not flagging calls to `GetHashCode` on `uint`, `long` and `ulong`.
-* Increase query precision for `cs/constant-condition` and allow the use of discards in switch/case statements and also take the condition (if any) into account.
-* The `cs/local-not-disposed` query no longer flags un-disposed tasks as this is often not needed (explained [here](https://devblogs.microsoft.com/pfxteam/do-i-need-to-dispose-of-tasks/)).
-* Increase query precision for `cs/useless-assignment-to-local` and `cs/constant-condition` when *unknown* types are involved (mostly relevant for `build-mode: none` databases).
-* Don't consider an if-statement to be *useless* in `cs/useless-if-statement` if there is at least a comment.
-
 ## 1.0.19
 
 No user-facing changes.

csharp/ql/src/change-notes/2025-02-26-path-combine.md

@@ -0,0 +1,4 @@
+---
+category: newQuery
+---
+* Added a new query, `csharp/path-combine`, to recommend against the `Path.Combine` method due to it silently discarding its earlier parameters if later parameters are rooted.

csharp/ql/src/change-notes/2025-03-05-useless-if-statement.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Don't consider an if-statement to be *useless* in `cs/useless-if-statement` if there is at least a comment.

csharp/ql/src/change-notes/2025-03-10-task-not-disposed.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The `cs/local-not-disposed` query no longer flags un-disposed tasks as this is often not needed (explained [here](https://devblogs.microsoft.com/pfxteam/do-i-need-to-dispose-of-tasks/)).

csharp/ql/src/change-notes/2025-03-10-unknown-type-matching.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Increase query precision for `cs/useless-assignment-to-local` and `cs/constant-condition` when *unknown* types are involved (mostly relevant for `build-mode: none` databases).

csharp/ql/src/change-notes/2025-03-11-constant-condition.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Increase query precision for `cs/constant-condition` and allow the use of discards in switch/case statements and also take the condition (if any) into account.

csharp/ql/src/change-notes/2025-03-13-useless-gethashcode-call.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Increase query precision for `cs/useless-gethashcode-call` by not flagging calls to `GetHashCode` on `uint`, `long` and `ulong`.

csharp/ql/src/change-notes/2025-03-21-dependency-fetching.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Improved dependency resolution in `build-mode: none` extraction to handle failing `dotnet restore` processes that managed to download a subset of the dependencies before the failure.

csharp/ql/src/change-notes/released/1.1.0.md

@@ -1,14 +0,0 @@
-## 1.1.0
-
-### New Queries
-
-* Added a new query, `csharp/path-combine`, to recommend against the `Path.Combine` method due to it silently discarding its earlier parameters if later parameters are rooted.
-
-### Minor Analysis Improvements
-
-* Improved dependency resolution in `build-mode: none` extraction to handle failing `dotnet restore` processes that managed to download a subset of the dependencies before the failure.
-* Increase query precision for `cs/useless-gethashcode-call` by not flagging calls to `GetHashCode` on `uint`, `long` and `ulong`.
-* Increase query precision for `cs/constant-condition` and allow the use of discards in switch/case statements and also take the condition (if any) into account.
-* The `cs/local-not-disposed` query no longer flags un-disposed tasks as this is often not needed (explained [here](https://devblogs.microsoft.com/pfxteam/do-i-need-to-dispose-of-tasks/)).
-* Increase query precision for `cs/useless-assignment-to-local` and `cs/constant-condition` when *unknown* types are involved (mostly relevant for `build-mode: none` databases).
-* Don't consider an if-statement to be *useless* in `cs/useless-if-statement` if there is at least a comment.

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.1.0
+lastReleaseVersion: 1.0.19

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.1.0
+version: 1.0.20-dev
 groups:
   - csharp
   - queries
@@ -11,3 +11,4 @@ dependencies:
   codeql/suite-helpers: ${workspace}
   codeql/util: ${workspace}
 warnOnImplicitThis: true
+compileForOverlayEval: true

csharp/ql/src/utils/modelgenerator/internal/CaptureModels.qll

@@ -233,10 +233,6 @@ module ModelGeneratorInput implements ModelGeneratorInputSig<Location, CsharpDat
     result = ParamReturnNodeAsOutput<parameterContentAccess/1>::paramReturnNodeAsOutput(c, pos)
   }
 
-  ParameterPosition getReturnKindParamPosition(ReturnKind kind) {
-    kind.(OutRefReturnKind).getPosition() = result.getPosition()
-  }
-
   Callable returnNodeEnclosingCallable(DataFlow::Node ret) {
     result = DataFlowImplCommon::getNodeEnclosingCallable(ret).asCallable(_)
   }

csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected

@@ -252,7 +252,7 @@
 | CSharp7.cs:233:28:233:29 | access to local variable i1 | CSharp7.cs:235:38:235:39 | access to local variable i1 |
 | CSharp7.cs:233:28:233:33 | ... > ... | CSharp7.cs:233:13:233:33 | [false] ... && ... |
 | CSharp7.cs:233:28:233:33 | ... > ... | CSharp7.cs:233:13:233:33 | [true] ... && ... |
-| CSharp7.cs:235:13:235:42 | [input] SSA phi read(o) | CSharp7.cs:248:17:248:17 | access to local variable o |
+| CSharp7.cs:235:13:235:42 | [input] SSA phi read(o) | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
 | CSharp7.cs:235:33:235:36 | "int " | CSharp7.cs:235:31:235:41 | $"..." |
 | CSharp7.cs:235:38:235:39 | access to local variable i1 | CSharp7.cs:235:31:235:41 | $"..." |
 | CSharp7.cs:237:18:237:18 | access to local variable o | CSharp7.cs:237:23:237:31 | String s1 |
@@ -260,17 +260,18 @@
 | CSharp7.cs:237:18:237:18 | access to local variable o | CSharp7.cs:241:18:241:18 | access to local variable o |
 | CSharp7.cs:237:23:237:31 | SSA def(s1) | CSharp7.cs:239:41:239:42 | access to local variable s1 |
 | CSharp7.cs:237:23:237:31 | String s1 | CSharp7.cs:237:23:237:31 | SSA def(s1) |
-| CSharp7.cs:239:13:239:45 | [input] SSA phi read(o) | CSharp7.cs:248:17:248:17 | access to local variable o |
+| CSharp7.cs:239:13:239:45 | [input] SSA phi read(o) | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
 | CSharp7.cs:239:33:239:39 | "string " | CSharp7.cs:239:31:239:44 | $"..." |
 | CSharp7.cs:239:41:239:42 | access to local variable s1 | CSharp7.cs:239:31:239:44 | $"..." |
 | CSharp7.cs:241:18:241:18 | access to local variable o | CSharp7.cs:242:9:243:9 | [input] SSA phi read(o) |
 | CSharp7.cs:241:18:241:18 | access to local variable o | CSharp7.cs:244:18:244:18 | access to local variable o |
-| CSharp7.cs:242:9:243:9 | [input] SSA phi read(o) | CSharp7.cs:248:17:248:17 | access to local variable o |
+| CSharp7.cs:242:9:243:9 | [input] SSA phi read(o) | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
 | CSharp7.cs:244:18:244:18 | access to local variable o | CSharp7.cs:244:18:244:28 | [input] SSA phi read(o) |
 | CSharp7.cs:244:18:244:18 | access to local variable o | CSharp7.cs:244:23:244:28 | Object v1 |
 | CSharp7.cs:244:18:244:18 | access to local variable o | CSharp7.cs:245:9:246:9 | [input] SSA phi read(o) |
-| CSharp7.cs:244:18:244:28 | [input] SSA phi read(o) | CSharp7.cs:248:17:248:17 | access to local variable o |
-| CSharp7.cs:245:9:246:9 | [input] SSA phi read(o) | CSharp7.cs:248:17:248:17 | access to local variable o |
+| CSharp7.cs:244:18:244:28 | [input] SSA phi read(o) | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
+| CSharp7.cs:245:9:246:9 | [input] SSA phi read(o) | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
+| CSharp7.cs:248:9:274:9 | SSA phi read(o) | CSharp7.cs:248:17:248:17 | access to local variable o |
 | CSharp7.cs:248:17:248:17 | access to local variable o | CSharp7.cs:254:27:254:27 | access to local variable o |
 | CSharp7.cs:248:17:248:17 | access to local variable o | CSharp7.cs:257:18:257:23 | Int32 i2 |
 | CSharp7.cs:248:17:248:17 | access to local variable o | CSharp7.cs:260:18:260:23 | Int32 i3 |
@@ -311,8 +312,10 @@
 | CSharp7.cs:285:39:285:42 | access to local variable list | CSharp7.cs:287:36:287:39 | access to local variable list |
 | CSharp7.cs:287:36:287:39 | access to local variable list | CSharp7.cs:289:32:289:35 | access to local variable list |
 | CSharp7.cs:297:18:297:18 | access to local variable x | CSharp7.cs:297:18:297:22 | SSA def(x) |
-| CSharp7.cs:297:18:297:22 | SSA def(x) | CSharp7.cs:297:25:297:25 | access to local variable x |
+| CSharp7.cs:297:18:297:22 | SSA def(x) | CSharp7.cs:297:18:297:22 | [input] SSA phi(x) |
+| CSharp7.cs:297:18:297:22 | [input] SSA phi(x) | CSharp7.cs:297:25:297:25 | SSA phi(x) |
 | CSharp7.cs:297:22:297:22 | 0 | CSharp7.cs:297:18:297:18 | access to local variable x |
+| CSharp7.cs:297:25:297:25 | SSA phi(x) | CSharp7.cs:297:25:297:25 | access to local variable x |
 | CSharp7.cs:297:25:297:25 | access to local variable x | CSharp7.cs:297:25:297:30 | ... < ... |
 | CSharp7.cs:297:25:297:25 | access to local variable x | CSharp7.cs:297:35:297:35 | access to local variable x |
 | CSharp7.cs:297:25:297:30 | ... < ... | CSharp7.cs:297:25:297:44 | [false] ... && ... |
@@ -323,5 +326,6 @@
 | CSharp7.cs:297:35:297:44 | [true] ... is ... | CSharp7.cs:297:25:297:44 | [true] ... && ... |
 | CSharp7.cs:297:40:297:44 | Int32 y | CSharp7.cs:297:40:297:44 | SSA def(y) |
 | CSharp7.cs:297:40:297:44 | SSA def(y) | CSharp7.cs:299:31:299:31 | access to local variable y |
-| CSharp7.cs:297:47:297:49 | SSA def(x) | CSharp7.cs:297:25:297:25 | access to local variable x |
+| CSharp7.cs:297:47:297:49 | SSA def(x) | CSharp7.cs:297:47:297:49 | [input] SSA phi(x) |
+| CSharp7.cs:297:47:297:49 | [input] SSA phi(x) | CSharp7.cs:297:25:297:25 | SSA phi(x) |
 | CSharp7.cs:297:49:297:49 | access to local variable x | CSharp7.cs:297:47:297:49 | SSA def(x) |

csharp/ql/test/library-tests/dataflow/global/DataFlowPath.expected

@@ -421,40 +421,46 @@ edges
 | GlobalDataFlow.cs:469:21:469:21 | s : String | GlobalDataFlow.cs:469:32:469:32 | access to parameter s | provenance |  |
 | GlobalDataFlow.cs:470:15:470:17 | access to parameter arg : String | GlobalDataFlow.cs:469:21:469:21 | s : String | provenance |  |
 | GlobalDataFlow.cs:473:28:473:41 | "taint source" : String | GlobalDataFlow.cs:466:53:466:55 | arg : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:508:20:508:33 | [post] (...) ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:538:20:538:22 | [post] ...! : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:546:20:546:24 | [post] ... = ... : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:490:25:490:26 | [post] access to local variable x1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:490:30:490:31 | [post] access to local variable x2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:31:497:32 | [post] access to local variable y1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:36:497:37 | [post] access to local variable y2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:42:497:43 | [post] access to local variable y3 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:508:33:508:33 | [post] access to local variable x : SubSimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:515:20:515:20 | [post] access to parameter x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:515:25:515:25 | [post] access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:527:20:527:20 | [post] access to local variable x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:528:20:528:20 | [post] access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:529:18:529:18 | [post] access to local variable z : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:538:20:538:21 | [post] access to parameter sc : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:546:24:546:24 | [post] access to local variable x : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:483:9:483:10 | [post] access to parameter sc : SimpleClass [field field] : String | GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:483:20:483:33 | "taint source" : String | GlobalDataFlow.cs:483:9:483:10 | [post] access to parameter sc : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:490:25:490:26 | [post] access to local variable x1 : SimpleClass [field field] : String | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:490:30:490:31 | [post] access to local variable x2 : SimpleClass [field field] : String | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | GlobalDataFlow.cs:491:15:491:22 | access to field field | provenance |  |
 | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | GlobalDataFlow.cs:492:15:492:22 | access to field field | provenance |  |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:497:31:497:32 | [post] access to local variable y1 : SimpleClass [field field] : String | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:497:36:497:37 | [post] access to local variable y2 : SimpleClass [field field] : String | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:497:42:497:43 | [post] access to local variable y3 : SimpleClass [field field] : String | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | GlobalDataFlow.cs:498:15:498:22 | access to field field | provenance |  |
 | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | GlobalDataFlow.cs:499:15:499:22 | access to field field | provenance |  |
 | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | GlobalDataFlow.cs:500:15:500:22 | access to field field | provenance |  |
-| GlobalDataFlow.cs:508:20:508:33 | [post] (...) ... : SimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:21 | access to field field | provenance |  |
-| GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:508:33:508:33 | [post] access to local variable x : SubSimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SubSimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SubSimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:21 | access to field field | provenance |  |
+| GlobalDataFlow.cs:515:20:515:20 | [post] access to parameter x : SimpleClass [field field] : String | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:515:25:515:25 | [post] access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | GlobalDataFlow.cs:516:15:516:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:517:15:517:21 | access to field field | provenance |  |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:527:20:527:20 | [post] access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:528:20:528:20 | [post] access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:529:18:529:18 | [post] access to local variable z : SimpleClass [field field] : String | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:531:15:531:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:532:15:532:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | GlobalDataFlow.cs:533:15:533:21 | access to field field | provenance |  |
-| GlobalDataFlow.cs:538:20:538:22 | [post] ...! : SimpleClass [field field] : String | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:538:20:538:21 | [post] access to parameter sc : SimpleClass [field field] : String | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | GlobalDataFlow.cs:539:15:539:22 | access to field field | provenance |  |
-| GlobalDataFlow.cs:546:20:546:24 | [post] ... = ... : SimpleClass [field field] : String | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:546:24:546:24 | [post] access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:547:15:547:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:553:71:553:71 | e : null [element] : String | GlobalDataFlow.cs:556:27:556:27 | access to parameter e : null [element] : String | provenance |  |
 | GlobalDataFlow.cs:556:27:556:27 | access to parameter e : null [element] : String | GlobalDataFlow.cs:558:46:558:46 | access to local variable x : String | provenance |  |
@@ -874,37 +880,43 @@ nodes
 | GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | semmle.label | sc [Return] : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:483:9:483:10 | [post] access to parameter sc : SimpleClass [field field] : String | semmle.label | [post] access to parameter sc : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:483:20:483:33 | "taint source" : String | semmle.label | "taint source" : String |
-| GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | semmle.label | [post] ... ? ... : ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:490:25:490:26 | [post] access to local variable x1 : SimpleClass [field field] : String | semmle.label | [post] access to local variable x1 : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:490:30:490:31 | [post] access to local variable x2 : SimpleClass [field field] : String | semmle.label | [post] access to local variable x2 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | semmle.label | access to local variable x1 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:491:15:491:22 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | semmle.label | access to local variable x2 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:492:15:492:22 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | semmle.label | [post] ... ? ... : ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:497:31:497:32 | [post] access to local variable y1 : SimpleClass [field field] : String | semmle.label | [post] access to local variable y1 : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:497:36:497:37 | [post] access to local variable y2 : SimpleClass [field field] : String | semmle.label | [post] access to local variable y2 : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:497:42:497:43 | [post] access to local variable y3 : SimpleClass [field field] : String | semmle.label | [post] access to local variable y3 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | semmle.label | access to local variable y1 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:498:15:498:22 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | semmle.label | access to local variable y2 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:499:15:499:22 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | semmle.label | access to local variable y3 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:500:15:500:22 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:508:20:508:33 | [post] (...) ... : SimpleClass [field field] : String | semmle.label | [post] (...) ... : SimpleClass [field field] : String |
-| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SimpleClass [field field] : String | semmle.label | access to local variable x : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:508:33:508:33 | [post] access to local variable x : SubSimpleClass [field field] : String | semmle.label | [post] access to local variable x : SubSimpleClass [field field] : String |
+| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SubSimpleClass [field field] : String | semmle.label | access to local variable x : SubSimpleClass [field field] : String |
 | GlobalDataFlow.cs:509:15:509:21 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | semmle.label | [post] ... ?? ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:515:20:515:20 | [post] access to parameter x : SimpleClass [field field] : String | semmle.label | [post] access to parameter x : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:515:25:515:25 | [post] access to local variable y : SimpleClass [field field] : String | semmle.label | [post] access to local variable y : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | semmle.label | access to parameter x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:516:15:516:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | semmle.label | access to local variable y : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:517:15:517:21 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | semmle.label | [post] ... switch { ... } : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:527:20:527:20 | [post] access to local variable x : SimpleClass [field field] : String | semmle.label | [post] access to local variable x : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:528:20:528:20 | [post] access to local variable y : SimpleClass [field field] : String | semmle.label | [post] access to local variable y : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:529:18:529:18 | [post] access to local variable z : SimpleClass [field field] : String | semmle.label | [post] access to local variable z : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | semmle.label | access to local variable x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:531:15:531:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | semmle.label | access to local variable y : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:532:15:532:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | semmle.label | access to local variable z : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:533:15:533:21 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:538:20:538:22 | [post] ...! : SimpleClass [field field] : String | semmle.label | [post] ...! : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:538:20:538:21 | [post] access to parameter sc : SimpleClass [field field] : String | semmle.label | [post] access to parameter sc : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | semmle.label | access to parameter sc : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:539:15:539:22 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:546:20:546:24 | [post] ... = ... : SimpleClass [field field] : String | semmle.label | [post] ... = ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:546:24:546:24 | [post] access to local variable x : SimpleClass [field field] : String | semmle.label | [post] access to local variable x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | semmle.label | access to local variable x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:547:15:547:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:553:71:553:71 | e : null [element] : String | semmle.label | e : null [element] : String |

csharp/ql/test/library-tests/dataflow/global/TaintTrackingPath.expected

@@ -461,40 +461,46 @@ edges
 | GlobalDataFlow.cs:469:21:469:21 | s : String | GlobalDataFlow.cs:469:32:469:32 | access to parameter s | provenance |  |
 | GlobalDataFlow.cs:470:15:470:17 | access to parameter arg : String | GlobalDataFlow.cs:469:21:469:21 | s : String | provenance |  |
 | GlobalDataFlow.cs:473:28:473:41 | "taint source" : String | GlobalDataFlow.cs:466:53:466:55 | arg : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:508:20:508:33 | [post] (...) ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:538:20:538:22 | [post] ...! : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:546:20:546:24 | [post] ... = ... : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:490:25:490:26 | [post] access to local variable x1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:490:30:490:31 | [post] access to local variable x2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:31:497:32 | [post] access to local variable y1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:36:497:37 | [post] access to local variable y2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:497:42:497:43 | [post] access to local variable y3 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:508:33:508:33 | [post] access to local variable x : SubSimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:515:20:515:20 | [post] access to parameter x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:515:25:515:25 | [post] access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:527:20:527:20 | [post] access to local variable x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:528:20:528:20 | [post] access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:529:18:529:18 | [post] access to local variable z : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:538:20:538:21 | [post] access to parameter sc : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | GlobalDataFlow.cs:546:24:546:24 | [post] access to local variable x : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:483:9:483:10 | [post] access to parameter sc : SimpleClass [field field] : String | GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:483:20:483:33 | "taint source" : String | GlobalDataFlow.cs:483:9:483:10 | [post] access to parameter sc : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:490:25:490:26 | [post] access to local variable x1 : SimpleClass [field field] : String | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:490:30:490:31 | [post] access to local variable x2 : SimpleClass [field field] : String | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | GlobalDataFlow.cs:491:15:491:22 | access to field field | provenance |  |
 | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | GlobalDataFlow.cs:492:15:492:22 | access to field field | provenance |  |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:497:31:497:32 | [post] access to local variable y1 : SimpleClass [field field] : String | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:497:36:497:37 | [post] access to local variable y2 : SimpleClass [field field] : String | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:497:42:497:43 | [post] access to local variable y3 : SimpleClass [field field] : String | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | GlobalDataFlow.cs:498:15:498:22 | access to field field | provenance |  |
 | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | GlobalDataFlow.cs:499:15:499:22 | access to field field | provenance |  |
 | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | GlobalDataFlow.cs:500:15:500:22 | access to field field | provenance |  |
-| GlobalDataFlow.cs:508:20:508:33 | [post] (...) ... : SimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:21 | access to field field | provenance |  |
-| GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:508:33:508:33 | [post] access to local variable x : SubSimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SubSimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SubSimpleClass [field field] : String | GlobalDataFlow.cs:509:15:509:21 | access to field field | provenance |  |
+| GlobalDataFlow.cs:515:20:515:20 | [post] access to parameter x : SimpleClass [field field] : String | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:515:25:515:25 | [post] access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | GlobalDataFlow.cs:516:15:516:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:517:15:517:21 | access to field field | provenance |  |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:527:20:527:20 | [post] access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:528:20:528:20 | [post] access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:529:18:529:18 | [post] access to local variable z : SimpleClass [field field] : String | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:531:15:531:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | GlobalDataFlow.cs:532:15:532:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | GlobalDataFlow.cs:533:15:533:21 | access to field field | provenance |  |
-| GlobalDataFlow.cs:538:20:538:22 | [post] ...! : SimpleClass [field field] : String | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:538:20:538:21 | [post] access to parameter sc : SimpleClass [field field] : String | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | GlobalDataFlow.cs:539:15:539:22 | access to field field | provenance |  |
-| GlobalDataFlow.cs:546:20:546:24 | [post] ... = ... : SimpleClass [field field] : String | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
+| GlobalDataFlow.cs:546:24:546:24 | [post] access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | provenance |  |
 | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | GlobalDataFlow.cs:547:15:547:21 | access to field field | provenance |  |
 | GlobalDataFlow.cs:553:71:553:71 | e : null [element] : String | GlobalDataFlow.cs:556:27:556:27 | access to parameter e : null [element] : String | provenance |  |
 | GlobalDataFlow.cs:556:27:556:27 | access to parameter e : null [element] : String | GlobalDataFlow.cs:558:46:558:46 | access to local variable x : String | provenance |  |
@@ -977,37 +983,43 @@ nodes
 | GlobalDataFlow.cs:481:41:481:42 | sc [Return] : SimpleClass [field field] : String | semmle.label | sc [Return] : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:483:9:483:10 | [post] access to parameter sc : SimpleClass [field field] : String | semmle.label | [post] access to parameter sc : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:483:20:483:33 | "taint source" : String | semmle.label | "taint source" : String |
-| GlobalDataFlow.cs:490:20:490:31 | [post] ... ? ... : ... : SimpleClass [field field] : String | semmle.label | [post] ... ? ... : ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:490:25:490:26 | [post] access to local variable x1 : SimpleClass [field field] : String | semmle.label | [post] access to local variable x1 : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:490:30:490:31 | [post] access to local variable x2 : SimpleClass [field field] : String | semmle.label | [post] access to local variable x2 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:491:15:491:16 | access to local variable x1 : SimpleClass [field field] : String | semmle.label | access to local variable x1 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:491:15:491:22 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:492:15:492:16 | access to local variable x2 : SimpleClass [field field] : String | semmle.label | access to local variable x2 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:492:15:492:22 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:497:20:497:43 | [post] ... ? ... : ... : SimpleClass [field field] : String | semmle.label | [post] ... ? ... : ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:497:31:497:32 | [post] access to local variable y1 : SimpleClass [field field] : String | semmle.label | [post] access to local variable y1 : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:497:36:497:37 | [post] access to local variable y2 : SimpleClass [field field] : String | semmle.label | [post] access to local variable y2 : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:497:42:497:43 | [post] access to local variable y3 : SimpleClass [field field] : String | semmle.label | [post] access to local variable y3 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:498:15:498:16 | access to local variable y1 : SimpleClass [field field] : String | semmle.label | access to local variable y1 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:498:15:498:22 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:499:15:499:16 | access to local variable y2 : SimpleClass [field field] : String | semmle.label | access to local variable y2 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:499:15:499:22 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:500:15:500:16 | access to local variable y3 : SimpleClass [field field] : String | semmle.label | access to local variable y3 : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:500:15:500:22 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:508:20:508:33 | [post] (...) ... : SimpleClass [field field] : String | semmle.label | [post] (...) ... : SimpleClass [field field] : String |
-| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SimpleClass [field field] : String | semmle.label | access to local variable x : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:508:33:508:33 | [post] access to local variable x : SubSimpleClass [field field] : String | semmle.label | [post] access to local variable x : SubSimpleClass [field field] : String |
+| GlobalDataFlow.cs:509:15:509:15 | access to local variable x : SubSimpleClass [field field] : String | semmle.label | access to local variable x : SubSimpleClass [field field] : String |
 | GlobalDataFlow.cs:509:15:509:21 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:515:20:515:25 | [post] ... ?? ... : SimpleClass [field field] : String | semmle.label | [post] ... ?? ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:515:20:515:20 | [post] access to parameter x : SimpleClass [field field] : String | semmle.label | [post] access to parameter x : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:515:25:515:25 | [post] access to local variable y : SimpleClass [field field] : String | semmle.label | [post] access to local variable y : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:516:15:516:15 | access to parameter x : SimpleClass [field field] : String | semmle.label | access to parameter x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:516:15:516:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:517:15:517:15 | access to local variable y : SimpleClass [field field] : String | semmle.label | access to local variable y : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:517:15:517:21 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:525:20:530:9 | [post] ... switch { ... } : SimpleClass [field field] : String | semmle.label | [post] ... switch { ... } : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:527:20:527:20 | [post] access to local variable x : SimpleClass [field field] : String | semmle.label | [post] access to local variable x : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:528:20:528:20 | [post] access to local variable y : SimpleClass [field field] : String | semmle.label | [post] access to local variable y : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:529:18:529:18 | [post] access to local variable z : SimpleClass [field field] : String | semmle.label | [post] access to local variable z : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:531:15:531:15 | access to local variable x : SimpleClass [field field] : String | semmle.label | access to local variable x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:531:15:531:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:532:15:532:15 | access to local variable y : SimpleClass [field field] : String | semmle.label | access to local variable y : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:532:15:532:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:533:15:533:15 | access to local variable z : SimpleClass [field field] : String | semmle.label | access to local variable z : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:533:15:533:21 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:538:20:538:22 | [post] ...! : SimpleClass [field field] : String | semmle.label | [post] ...! : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:538:20:538:21 | [post] access to parameter sc : SimpleClass [field field] : String | semmle.label | [post] access to parameter sc : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:539:15:539:16 | access to parameter sc : SimpleClass [field field] : String | semmle.label | access to parameter sc : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:539:15:539:22 | access to field field | semmle.label | access to field field |
-| GlobalDataFlow.cs:546:20:546:24 | [post] ... = ... : SimpleClass [field field] : String | semmle.label | [post] ... = ... : SimpleClass [field field] : String |
+| GlobalDataFlow.cs:546:24:546:24 | [post] access to local variable x : SimpleClass [field field] : String | semmle.label | [post] access to local variable x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:547:15:547:15 | access to local variable x : SimpleClass [field field] : String | semmle.label | access to local variable x : SimpleClass [field field] : String |
 | GlobalDataFlow.cs:547:15:547:21 | access to field field | semmle.label | access to field field |
 | GlobalDataFlow.cs:553:71:553:71 | e : null [element] : String | semmle.label | e : null [element] : String |

csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected

@@ -23466,33 +23466,29 @@ summary
 | System;Uri;ToString;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;ToString;(System.String,System.IFormatProvider);Argument[this].SyntheticField[System.Uri._string];ReturnValue;value;dfc-generated |
 | System;Uri;ToString;(System.String,System.IFormatProvider);Argument[this];ReturnValue;taint;dfc-generated |
-| System;Uri;TryCreate;(System.String,System.UriCreationOptions,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.String,System.UriKind,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.String,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.String,System.Uri);Argument[1];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[1];Argument[2];taint;manual |
+| System;Uri;TryCreate;(System.String,System.UriCreationOptions,System.Uri);Argument[0];ReturnValue.SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;TryCreate;(System.String,System.UriKind,System.Uri);Argument[0];ReturnValue.SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;TryCreate;(System.Uri,System.String,System.Uri);Argument[1];ReturnValue.SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[0];ReturnValue;taint;df-generated |
+| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[1];ReturnValue;taint;df-generated |
 | System;Uri;TryEscapeDataString;(System.ReadOnlySpan<System.Char>,System.Span<System.Char>,System.Int32);Argument[0].Element;Argument[1].Element;value;dfc-generated |
 | System;Uri;TryUnescapeDataString;(System.ReadOnlySpan<System.Char>,System.Span<System.Char>,System.Int32);Argument[0].Element;Argument[1].Element;value;dfc-generated |
 | System;Uri;UnescapeDataString;(System.ReadOnlySpan<System.Char>);Argument[0].Element;ReturnValue;taint;dfc-generated |
 | System;Uri;UnescapeDataString;(System.String);Argument[0];ReturnValue;value;dfc-generated |
 | System;Uri;Uri;(System.String);Argument[0];Argument[this];taint;manual |
 | System;Uri;Uri;(System.String,System.Boolean);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.String,System.UriCreationOptions);Argument[0];Argument[this];taint;manual |
+| System;Uri;Uri;(System.String,System.UriCreationOptions);Argument[0];Argument[this].SyntheticField[System.Uri._string];value;dfc-generated |
 | System;Uri;Uri;(System.String,System.UriKind);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String);Argument[1];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String,System.Boolean);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String,System.Boolean);Argument[1];Argument[this];taint;manual |
+| System;Uri;Uri;(System.Uri,System.String);Argument[1];Argument[this].SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;Uri;(System.Uri,System.String,System.Boolean);Argument[1];Argument[this].SyntheticField[System.Uri._string];value;dfc-generated |
 | System;Uri;Uri;(System.Uri,System.Uri);Argument[0];Argument[this];taint;df-generated |
 | System;Uri;Uri;(System.Uri,System.Uri);Argument[1];Argument[this];taint;df-generated |
 | System;Uri;get_AbsolutePath;();Argument[this];ReturnValue;taint;df-generated |
-| System;Uri;get_AbsoluteUri;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;get_Authority;();Argument[this];ReturnValue;taint;df-generated |
-| System;Uri;get_DnsSafeHost;();Argument[this];ReturnValue;taint;manual |
+| System;Uri;get_DnsSafeHost;();Argument[this].Property[System.Uri.IdnHost];ReturnValue;value;dfc-generated |
 | System;Uri;get_Host;();Argument[this];ReturnValue;taint;df-generated |
 | System;Uri;get_IdnHost;();Argument[this];ReturnValue;taint;df-generated |
-| System;Uri;get_LocalPath;();Argument[this];ReturnValue;taint;manual |
+| System;Uri;get_LocalPath;();Argument[this].SyntheticField[System.Uri._string];ReturnValue;value;dfc-generated |
 | System;Uri;get_OriginalString;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;get_PathAndQuery;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;get_Query;();Argument[this];ReturnValue;taint;manual |

csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected

@@ -18122,33 +18122,29 @@
 | System;Uri;MakeRelativeUri;(System.Uri);Argument[0];ReturnValue;taint;df-generated |
 | System;Uri;ToString;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;ToString;(System.String,System.IFormatProvider);Argument[this].SyntheticField[System.Uri._string];ReturnValue;value;dfc-generated |
-| System;Uri;TryCreate;(System.String,System.UriCreationOptions,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.String,System.UriKind,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.String,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.String,System.Uri);Argument[1];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[0];Argument[2];taint;manual |
-| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[1];Argument[2];taint;manual |
+| System;Uri;TryCreate;(System.String,System.UriCreationOptions,System.Uri);Argument[0];ReturnValue.SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;TryCreate;(System.String,System.UriKind,System.Uri);Argument[0];ReturnValue.SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;TryCreate;(System.Uri,System.String,System.Uri);Argument[1];ReturnValue.SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[0];ReturnValue;taint;df-generated |
+| System;Uri;TryCreate;(System.Uri,System.Uri,System.Uri);Argument[1];ReturnValue;taint;df-generated |
 | System;Uri;TryEscapeDataString;(System.ReadOnlySpan<System.Char>,System.Span<System.Char>,System.Int32);Argument[0].Element;Argument[1].Element;value;dfc-generated |
 | System;Uri;TryUnescapeDataString;(System.ReadOnlySpan<System.Char>,System.Span<System.Char>,System.Int32);Argument[0].Element;Argument[1].Element;value;dfc-generated |
 | System;Uri;UnescapeDataString;(System.ReadOnlySpan<System.Char>);Argument[0].Element;ReturnValue;taint;dfc-generated |
 | System;Uri;UnescapeDataString;(System.String);Argument[0];ReturnValue;value;dfc-generated |
 | System;Uri;Uri;(System.String);Argument[0];Argument[this];taint;manual |
 | System;Uri;Uri;(System.String,System.Boolean);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.String,System.UriCreationOptions);Argument[0];Argument[this];taint;manual |
+| System;Uri;Uri;(System.String,System.UriCreationOptions);Argument[0];Argument[this].SyntheticField[System.Uri._string];value;dfc-generated |
 | System;Uri;Uri;(System.String,System.UriKind);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String);Argument[1];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String,System.Boolean);Argument[0];Argument[this];taint;manual |
-| System;Uri;Uri;(System.Uri,System.String,System.Boolean);Argument[1];Argument[this];taint;manual |
+| System;Uri;Uri;(System.Uri,System.String);Argument[1];Argument[this].SyntheticField[System.Uri._string];value;dfc-generated |
+| System;Uri;Uri;(System.Uri,System.String,System.Boolean);Argument[1];Argument[this].SyntheticField[System.Uri._string];value;dfc-generated |
 | System;Uri;Uri;(System.Uri,System.Uri);Argument[0];Argument[this];taint;df-generated |
 | System;Uri;Uri;(System.Uri,System.Uri);Argument[1];Argument[this];taint;df-generated |
 | System;Uri;get_AbsolutePath;();Argument[this];ReturnValue;taint;df-generated |
-| System;Uri;get_AbsoluteUri;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;get_Authority;();Argument[this];ReturnValue;taint;df-generated |
-| System;Uri;get_DnsSafeHost;();Argument[this];ReturnValue;taint;manual |
+| System;Uri;get_DnsSafeHost;();Argument[this].Property[System.Uri.IdnHost];ReturnValue;value;dfc-generated |
 | System;Uri;get_Host;();Argument[this];ReturnValue;taint;df-generated |
 | System;Uri;get_IdnHost;();Argument[this];ReturnValue;taint;df-generated |
-| System;Uri;get_LocalPath;();Argument[this];ReturnValue;taint;manual |
+| System;Uri;get_LocalPath;();Argument[this].SyntheticField[System.Uri._string];ReturnValue;value;dfc-generated |
 | System;Uri;get_OriginalString;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;get_PathAndQuery;();Argument[this];ReturnValue;taint;manual |
 | System;Uri;get_Query;();Argument[this];ReturnValue;taint;manual |