Move tree-sitter-extrator project to ruby/extractor/codeql-extractor.

I investigated porting our ruby extractor build to bazel, and unfortunately,
bazels `rules_rust` only support local dependencies inside a workspace,
c.f. https://github.com/bazelbuild/rules_rust/issues/1525.

Therefore, to be able to build the ruby extractor with bazel,
I had to move the `tree-sitter-extractor` project out of `shared/`, where
it morally belongs, into the ruby extractor workspace.
Alternatives considered:
- Provide a symlink from inside the workspace into `shared/`. This is possible,
  but due to the poor symlink support on Windows, it'd make working with
  the entire codeql repo on Windows more difficult.
  Our internal developers all (have to) have developer mode enabled, so that
  we can use symlinks in Bazel, but all external contributers on Windows would
  presumably run into trouble while cloning the repo. Imo, that's not acceptable.
- Fake an environment that looks like it's a workspace using advanced
  bazel magic. That's possible, but would make the build much harder to understand.
  In particular, bazel doesn't (easily) allow writing to the source tree,
  so this is not an easy/quick hack. It's important to me that the build system
  can be understood by non-bazel experts, so this isn't acceptable either.
- Fix the upstream issue. I don't have a good enough understanding of the issue
  or the code to do that.
- Drop the `Cargo.toml` for the ruby extractor, and model all dependencies only
  on the bazel side. This'd break IDE support, and the bazel<->cargo integration
  is actually quite good (besides its limitations), so I don't want to do that.

Out of all these alternatives, moving the shared code into the ruby workspace
seemed the least bad option.
Note that this works, because we want to build the ruby language pack with bazel,
but not the ql-for-ql one - for now, I don't see an advantage of porting that to
bazel anyways, so it's okay that it's blocked from being ported to bazel right now.

I'm happy to discuss this change and alternatives further.
If we agree that this is the way forward, then this needs to be merged together
with a simple corresponding change in the internal repo.

.bazelrc

@@ -1,12 +1,4 @@
 common --enable_platform_specific_config
-common --enable_bzlmod
-# because we use --override_module with `%workspace%`, the lock file is not stable
-common --lockfile_mode=off
-
-# when building from this repository in isolation, the internal repository will not be found at ..
-# where `MODULE.bazel` looks for it. The following will get us past the module loading phase, so
-# that we can build things that do not rely on that
-common --override_module=semmle_code=%workspace%/misc/bazel/semmle_code_stub
 
 build --repo_env=CC=clang --repo_env=CXX=clang++
 

.bazelversion

@@ -1 +1 @@
-7.1.0
+6.3.1

.gitattributes

@@ -74,7 +74,3 @@ javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/auto
 
 # Auto-generated modeling for Python
 python/ql/lib/semmle/python/frameworks/data/internal/subclass-capture/*.yml linguist-generated=true
-
-# auto-generated bazel lock file
-ruby/extractor/cargo-bazel-lock.json linguist-generated=true
-ruby/extractor/cargo-bazel-lock.json -merge

.github/labeler.yml

@@ -20,7 +20,7 @@ JS:
 
 Kotlin:
   - java/kotlin-extractor/**/*
-  - java/ql/test-kotlin*/**/*
+  - java/ql/test/kotlin/**/*
 
 Python:
   - python/**/*

.github/workflows/check-change-note.yml

@@ -1,8 +1,5 @@
 name: Check change note
 
-permissions:
-  pull-requests: read
-
 on:
   pull_request_target:
     types: [labeled, unlabeled, opened, synchronize, reopened, ready_for_review]

.github/workflows/check-implicit-this.yml

@@ -9,9 +9,6 @@ on:
       - main
       - "rc/*"
 
-permissions:
-  contents: read
-
 jobs:
   check:
     runs-on: ubuntu-latest

.github/workflows/check-qldoc.yml

@@ -10,9 +10,6 @@ on:
       - main
       - "rc/*"
 
-permissions:
-  contents: read
-
 jobs:
   qldoc:
     runs-on: ubuntu-latest

.github/workflows/check-query-ids.yml

@@ -11,9 +11,6 @@ on:
       - "rc/*"
   workflow_dispatch:
 
-permissions:
-  contents: read
-
 jobs:
   check:
     name: Check query IDs

.github/workflows/close-stale.yml

@@ -5,9 +5,6 @@ on:
   schedule:
     - cron: "30 1 * * *"
 
-permissions:
-  issues: write
-
 jobs:
   stale:
     if: github.repository == 'github/codeql'

.github/workflows/compile-queries.yml

@@ -8,12 +8,8 @@ on:
       - "codeql-cli-*"
   pull_request:
 
-permissions:
-  contents: read
-
 jobs:
   compile-queries:
-    if: github.repository_owner == 'github'
     runs-on: ubuntu-latest-xl
 
     steps:
@@ -28,7 +24,7 @@ jobs:
         with: 
           key: all-queries
       - name: check formatting
-        run: find shared */ql -type f \( -name "*.qll" -o -name "*.ql" \) -print0 | xargs -0 -n 3000 -P 10 codeql query format -q --check-only
+        run: find */ql -type f \( -name "*.qll" -o -name "*.ql" \) -print0 | xargs -0 -n 3000 -P 10 codeql query format -q --check-only
       - name: compile queries - check-only
         # run with --check-only if running in a PR (github.sha != main)
         if : ${{ github.event_name == 'pull_request' }}

.github/workflows/cpp-swift-analysis.yml

@@ -1,55 +0,0 @@
-name: "Code scanning - C++"
-
-on:
-  push:
-    branches:
-      - main
-      - 'rc/*'
-  pull_request:
-    branches:
-      - main
-      - 'rc/*'
-    paths:
-      - 'swift/**'
-      - '.github/codeql/**'
-      - '.github/workflows/cpp-swift-analysis.yml'
-  schedule:
-    - cron: '0 9 * * 1'
-
-jobs:
-  CodeQL-Build:
-
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: read
-      security-events: write
-      pull-requests: read
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@main
-      # Override language selection by uncommenting this and choosing your languages
-      with:
-        languages: cpp
-        config-file: ./.github/codeql/codeql-config.yml
-  
-    - name: "[Ubuntu] Remove GCC 13 from runner image"
-      shell: bash
-      run: |
-        sudo rm -f /etc/apt/sources.list.d/ubuntu-toolchain-r-ubuntu-test-jammy.list
-        sudo apt-get update
-        sudo apt-get install -y --allow-downgrades libc6=2.35-* libc6-dev=2.35-* libstdc++6=12.3.0-* libgcc-s1=12.3.0-*
-
-    - name: "Build Swift extractor using Bazel"
-      run: |
-        bazel clean --expunge
-        bazel run //swift:create-extractor-pack --nouse_action_cache --noremote_accept_cached --noremote_upload_local_results --spawn_strategy=local --features=-layering_check
-        bazel shutdown
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@main

.github/workflows/csharp-qltest.yml

@@ -25,9 +25,6 @@ defaults:
   run:
     working-directory: csharp
 
-permissions:
-  contents: read
-
 jobs:
   qlupgrade:
     runs-on: ubuntu-latest
@@ -49,7 +46,6 @@ jobs:
            xargs codeql execute upgrades testdb
           diff -q testdb/semmlecode.csharp.dbscheme downgrades/initial/semmlecode.csharp.dbscheme
   qltest:
-    if: github.repository_owner == 'github'
     runs-on: ubuntu-latest-xl
     strategy:
       fail-fast: false

.github/workflows/csv-coverage-metrics.yml

@@ -14,10 +14,6 @@ on:
       - ".github/workflows/csv-coverage-metrics.yml"
       - ".github/actions/fetch-codeql/action.yml"
 
-permissions:
-  contents: read
-  security-events: write
-
 jobs:
   publish-java:
     runs-on: ubuntu-latest

.github/workflows/csv-coverage-pr-artifacts.yml

@@ -19,10 +19,6 @@ on:
       - main
       - "rc/*"
 
-permissions:
-  contents: read
-  pull-requests: read
-
 jobs:
   generate:
     name: Generate framework coverage artifacts

.github/workflows/csv-coverage-pr-comment.yml

@@ -6,10 +6,6 @@ on:
     types:
       - completed
 
-permissions:
-  contents: read
-  pull-requests: write
-
 jobs:
   check:
     name: Check framework coverage differences and comment

.github/workflows/csv-coverage-timeseries.yml

@@ -3,9 +3,6 @@ name: Build framework coverage timeseries reports
 on:
   workflow_dispatch:
 
-permissions:
-  contents: read
-
 jobs:
   build:
     runs-on: ubuntu-latest

.github/workflows/csv-coverage-update.yml

@@ -5,10 +5,6 @@ on:
   schedule:
     - cron: "0 0 * * *"
 
-permissions:
-  contents: write
-  pull-requests: write
-
 jobs:
   update:
     name: Update framework coverage report

.github/workflows/csv-coverage.yml

@@ -7,9 +7,6 @@ on:
         description: "github/codeql repo SHA used for looking up the CSV models"
         required: false
 
-permissions:
-  contents: read
-
 jobs:
   build:
     runs-on: ubuntu-latest

.github/workflows/fast-forward.yml

@@ -7,14 +7,13 @@ name: Fast-forward tracking branch for selected CodeQL version
 on:
   workflow_dispatch:
 
-permissions:
-  contents: write
-
 jobs:
   fast-forward:
     name: Fast-forward tracking branch for selected CodeQL version
     runs-on: ubuntu-latest
     if: github.repository == 'github/codeql'
+    permissions:
+      contents: write
     env:
       BRANCH_NAME: 'lgtm.com'
     steps:

.github/workflows/go-tests-other-os.yml

@@ -8,11 +8,7 @@ on:
       - .github/actions/**
       - codeql-workspace.yml
 env:
-  GO_VERSION: '~1.22.0'
-
-permissions:
-  contents: read
-
+  GO_VERSION: '~1.21.0'
 jobs:
   test-mac:
     name: Test MacOS
@@ -22,7 +18,6 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
-          cache: false
         id: go
 
       - name: Check out code
@@ -51,7 +46,6 @@ jobs:
           make test cache="${{ steps.query-cache.outputs.cache-dir }}"
 
   test-win:
-    if: github.repository_owner == 'github'
     name: Test Windows
     runs-on: windows-latest-xl
     steps:
@@ -59,7 +53,6 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
-          cache: false
         id: go
 
       - name: Check out code

.github/workflows/go-tests.yml

@@ -15,16 +15,10 @@ on:
       - .github/workflows/go-tests.yml
       - .github/actions/**
       - codeql-workspace.yml
-
 env:
-  GO_VERSION: '~1.22.0'
-
-permissions:
-  contents: read
-
+  GO_VERSION: '~1.21.0'
 jobs:
   test-linux:
-    if: github.repository_owner == 'github'
     name: Test Linux (Ubuntu)
     runs-on: ubuntu-latest-xl
     steps:
@@ -32,7 +26,6 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
-          cache: false
         id: go
 
       - name: Check out code

.github/workflows/labeler.yml

@@ -2,12 +2,11 @@ name: "Pull Request Labeler"
 on:
 - pull_request_target
 
-permissions:
-  contents: read
-  pull-requests: write
-
 jobs:
   triage:
+    permissions:
+      contents: read
+      pull-requests: write
     runs-on: ubuntu-latest
     steps:
     - uses: actions/labeler@v4

.github/workflows/mad_regenerate-models.yml

@@ -11,9 +11,6 @@ on:
       - ".github/workflows/mad_regenerate-models.yml"
       - ".github/actions/fetch-codeql/action.yml"
 
-permissions:
-  contents: read
-
 jobs:
   regenerate-models:
     runs-on: ubuntu-latest

.github/workflows/ql-for-ql-build.yml

@@ -9,13 +9,8 @@ on:
 env:
   CARGO_TERM_COLOR: always
 
-permissions:
-  contents: read
-  security-events: write
-
 jobs:
   analyze:
-    if: github.repository_owner == 'github'
     runs-on: ubuntu-latest-xl
     steps:
       ### Build the queries ###
@@ -24,7 +19,7 @@ jobs:
           fetch-depth: 0
       - name: Find codeql
         id: find-codeql
-        uses: github/codeql-action/init@main
+        uses: github/codeql-action/init@v2
         with:
           languages: javascript # does not matter
       - uses: ./.github/actions/os-version
@@ -37,7 +32,7 @@ jobs:
           path: |
             ql/extractor-pack/
             ql/target/release/buramu
-          key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('shared/tree-sitter-extractor') }}-${{ hashFiles('ql/**/*.rs') }}
+          key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ruby/extractor/codeql-extractor') }}-${{ hashFiles('ql/**/*.rs') }}
       - name: Cache cargo
         if: steps.cache-extractor.outputs.cache-hit != 'true'
         uses: actions/cache@v3
@@ -49,20 +44,20 @@ jobs:
           key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-rust-cargo-${{ hashFiles('ql/**/Cargo.lock') }}
       - name: Release build
         if: steps.cache-extractor.outputs.cache-hit != 'true'
-        run: cd ql; ./scripts/create-extractor-pack.sh       
+        run: cd ql; ./scripts/create-extractor-pack.sh
         env:
-          GH_TOKEN: ${{ github.token }}   
+          GH_TOKEN: ${{ github.token }}
       - name: Cache compilation cache
         id: query-cache
         uses: ./.github/actions/cache-query-compilation
-        with: 
+        with:
           key: run-ql-for-ql
       - name: Make database and analyze
         run: |
           ./ql/target/release/buramu | tee deprecated.blame # Add a blame file for the extractor to parse.
           ${CODEQL} database create -l=ql --search-path ql/extractor-pack ${DB}
           ${CODEQL} database analyze -j0 --format=sarif-latest --output=ql-for-ql.sarif ${DB} ql/ql/src/codeql-suites/ql-code-scanning.qls  --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
-        env: 
+        env:
           CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
           DB: ${{ runner.temp }}/DB
           LGTM_INDEX_FILTERS: |
@@ -70,7 +65,7 @@ jobs:
             exclude:*/ql/lib/upgrades/
             exclude:java/ql/integration-tests
       - name: Upload sarif to code-scanning
-        uses: github/codeql-action/upload-sarif@main
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: ql-for-ql.sarif
           category: ql-for-ql

.github/workflows/ql-for-ql-dataset_measure.yml

@@ -11,10 +11,6 @@ on:
       - ql/ql/src/ql.dbscheme
   workflow_dispatch:
 
-permissions:
-  contents: read
-  security-events: read
-
 jobs:
   measure:
     env:
@@ -29,7 +25,7 @@ jobs:
 
       - name: Find codeql
         id: find-codeql
-        uses: github/codeql-action/init@main
+        uses: github/codeql-action/init@v2
         with:
           languages: javascript # does not matter
       - uses: ./.github/actions/os-version

.github/workflows/ql-for-ql-tests.yml

@@ -17,9 +17,6 @@ on:
 env:
   CARGO_TERM_COLOR: always
 
-permissions:
-  contents: read
-
 jobs:
   qltest:
     runs-on: ubuntu-latest
@@ -27,7 +24,7 @@ jobs:
       - uses: actions/checkout@v4
       - name: Find codeql
         id: find-codeql
-        uses: github/codeql-action/init@main
+        uses: github/codeql-action/init@v2
         with:
           languages: javascript # does not matter
       - uses: ./.github/actions/os-version
@@ -72,7 +69,7 @@ jobs:
           echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
       - name: Find codeql
         id: find-codeql
-        uses: github/codeql-action/init@main
+        uses: github/codeql-action/init@v2
         with:
           languages: javascript # does not matter
       - uses: ./.github/actions/os-version

.github/workflows/query-list.yml

@@ -13,9 +13,6 @@ on:
       - '.github/actions/fetch-codeql/action.yml'
       - 'misc/scripts/generate-code-scanning-query-list.py'
 
-permissions:
-  contents: read
-
 jobs:
   build:
 

.github/workflows/ruby-build.yml

@@ -32,9 +32,6 @@ defaults:
   run:
     working-directory: ruby
 
-permissions:
-  contents: read
-
 jobs:
   build:
     strategy:
@@ -51,11 +48,9 @@ jobs:
         run: |
           brew install gnu-tar
           echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
-      - name: Prepare Windows
-        if: runner.os == 'Windows'
-        shell: powershell
-        run: |
-          git config --global core.longpaths true
+      - name: Install cargo-cross
+        if: runner.os == 'Linux'
+        run: cargo install cross --version 0.2.5
       - uses: ./.github/actions/os-version
         id: os_version
       - name: Cache entire extractor
@@ -66,7 +61,7 @@ jobs:
             ruby/extractor/target/release/codeql-extractor-ruby
             ruby/extractor/target/release/codeql-extractor-ruby.exe
             ruby/extractor/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
-          key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-extractor-${{ hashFiles('ruby/extractor/rust-toolchain.toml', 'ruby/extractor/Cargo.lock') }}-${{ hashFiles('shared/tree-sitter-extractor') }}-${{ hashFiles('ruby/extractor/**/*.rs') }}
+          key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-extractor-${{ hashFiles('ruby/extractor/rust-toolchain.toml', 'ruby/extractor/Cargo.lock') }}-${{ hashFiles('ruby/extractor/codeql-extractor') }}-${{ hashFiles('ruby/extractor/**/*.rs') }}
       - uses: actions/cache@v3
         if: steps.cache-extractor.outputs.cache-hit != 'true'
         with:
@@ -84,8 +79,16 @@ jobs:
       - name: Run tests
         if: steps.cache-extractor.outputs.cache-hit != 'true'
         run: cd extractor && cargo test --verbose
-      - name: Release build
-        if: steps.cache-extractor.outputs.cache-hit != 'true'
+      # On linux, build the extractor via cross in a centos7 container.
+      # This ensures we don't depend on glibc > 2.17.
+      - name: Release build (linux)
+        if: steps.cache-extractor.outputs.cache-hit != 'true' && runner.os == 'Linux'
+        run: |
+          cd extractor
+          cross build --release
+          mv target/x86_64-unknown-linux-gnu/release/codeql-extractor-ruby target/release/
+      - name: Release build (windows and macos)
+        if: steps.cache-extractor.outputs.cache-hit != 'true' && runner.os != 'Linux'
         run: cd extractor && cargo build --release
       - name: Generate dbscheme
         if: ${{ matrix.os == 'ubuntu-latest' && steps.cache-extractor.outputs.cache-hit != 'true'}}
@@ -108,7 +111,6 @@ jobs:
             ruby/extractor/target/release/codeql-extractor-ruby.exe
           retention-days: 1
   compile-queries:
-    if: github.repository_owner == 'github'
     runs-on: ubuntu-latest-xl
     steps:
       - uses: actions/checkout@v4
@@ -229,3 +231,54 @@ jobs:
         shell: bash
         run: |
           codeql database analyze --search-path "${{ runner.temp }}/ruby-bundle" --format=sarifv2.1.0 --output=out.sarif ../database ruby-code-scanning.qls
+
+  # This is a copy of the 'test' job that runs in a centos7 container.
+  # This tests that the extractor works correctly on systems with an old glibc.
+  test-centos7:
+    defaults:
+      run:
+        working-directory: ${{ github.workspace }}
+    strategy:
+      fail-fast: false
+    runs-on: ubuntu-latest
+    container:
+      image: centos:centos7
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    needs: [package]
+    steps:
+      - name: Install gh cli
+        run: |
+          yum-config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo
+          # fetch-codeql requires unzip and jq
+          # jq is available in epel-release (https://docs.fedoraproject.org/en-US/epel/)
+          yum install -y gh unzip epel-release
+          yum install -y jq
+      - uses: actions/checkout@v3
+      - name: Fetch CodeQL
+        uses: ./.github/actions/fetch-codeql
+
+      # Due to a bug in Actions, we can't use runner.temp in the run blocks here.
+      # https://github.com/actions/runner/issues/2185
+
+      - name: Download Ruby bundle
+        uses: actions/download-artifact@v3
+        with:
+          name: codeql-ruby-bundle
+          path: ${{ runner.temp }}
+      - name: Unzip Ruby bundle
+        shell: bash
+        run: unzip -q -d "$RUNNER_TEMP"/ruby-bundle "$RUNNER_TEMP"/codeql-ruby-bundle.zip
+
+      - name: Run QL test
+        shell: bash
+        run: |
+          codeql test run --search-path "$RUNNER_TEMP"/ruby-bundle --additional-packs "$RUNNER_TEMP"/ruby-bundle ruby/ql/test/library-tests/ast/constants/
+      - name: Create database
+        shell: bash
+        run: |
+          codeql database create --search-path "$RUNNER_TEMP"/ruby-bundle --language ruby --source-root ruby/ql/test/library-tests/ast/constants/ ../database
+      - name: Analyze database
+        shell: bash
+        run: |
+          codeql database analyze --search-path "$RUNNER_TEMP"/ruby-bundle --format=sarifv2.1.0 --output=out.sarif ../database ruby-code-scanning.qls

.github/workflows/ruby-dataset-measure.yml

@@ -17,9 +17,6 @@ on:
       - .github/workflows/ruby-dataset-measure.yml
   workflow_dispatch:
 
-permissions:
-  contents: read
-
 jobs:
   measure:
     env:

.github/workflows/ruby-qltest.yml

@@ -29,9 +29,6 @@ defaults:
   run:
     working-directory: ruby
 
-permissions:
-  contents: read
-
 jobs:
   qlupgrade:
     runs-on: ubuntu-latest
@@ -53,7 +50,6 @@ jobs:
            xargs codeql execute upgrades testdb
           diff -q testdb/ruby.dbscheme downgrades/initial/ruby.dbscheme
   qltest:
-    if: github.repository_owner == 'github'
     runs-on: ubuntu-latest-xl
     strategy:
       fail-fast: false

.github/workflows/swift.yml

@@ -33,47 +33,40 @@ on:
       - rc/*
       - codeql-cli-*
 
-permissions:
-  contents: read
-
 jobs:
   # not using a matrix as you cannot depend on a specific job in a matrix, and we want to start linux checks
   # without waiting for the macOS build
   build-and-test-macos:
-    if: github.repository_owner == 'github'
     runs-on: macos-12-xl
     steps:
       - uses: actions/checkout@v4
       - uses: ./swift/actions/build-and-test
   build-and-test-linux:
-    if: github.repository_owner == 'github'
     runs-on: ubuntu-latest-xl
     steps:
       - uses: actions/checkout@v4
       - uses: ./swift/actions/build-and-test
   qltests-linux:
-    if: github.repository_owner == 'github'
     needs: build-and-test-linux
     runs-on: ubuntu-latest-xl
     steps:
       - uses: actions/checkout@v4
       - uses: ./swift/actions/run-ql-tests
   qltests-macos:
-    if: ${{ github.repository_owner == 'github' && github.event_name == 'pull_request' }}
+    if : ${{ github.event_name == 'pull_request' }}
     needs: build-and-test-macos
     runs-on: macos-12-xl
     steps:
       - uses: actions/checkout@v4
       - uses: ./swift/actions/run-ql-tests
   integration-tests-linux:
-    if: github.repository_owner == 'github'
     needs: build-and-test-linux
     runs-on: ubuntu-latest-xl
     steps:
       - uses: actions/checkout@v4
       - uses: ./swift/actions/run-integration-tests
   integration-tests-macos:
-    if: ${{ github.repository_owner == 'github' && github.event_name == 'pull_request' }}
+    if : ${{ github.event_name == 'pull_request' }}
     needs: build-and-test-macos
     runs-on: macos-12-xl
     timeout-minutes: 60

.github/workflows/sync-files.yml

@@ -10,9 +10,6 @@ on:
       - main
       - 'rc/*'
 
-permissions:
-  contents: read
-
 jobs:
   sync:
     runs-on: ubuntu-latest

.github/workflows/tree-sitter-extractor-test.yml

@@ -3,14 +3,14 @@ name: Test tree-sitter-extractor
 on:
   push:
     paths:
-      - "shared/tree-sitter-extractor/**"
+      - "ruby/extractor/codeql-extractor/**"
       - .github/workflows/tree-sitter-extractor-test.yml
     branches:
       - main
       - "rc/*"
   pull_request:
     paths:
-      - "shared/tree-sitter-extractor/**"
+      - "ruby/extractor/codeql-extractor/**"
       - .github/workflows/tree-sitter-extractor-test.yml
     branches:
       - main
@@ -21,10 +21,7 @@ env:
 
 defaults:
   run:
-    working-directory: shared/tree-sitter-extractor
-
-permissions:
-  contents: read
+    working-directory: ruby/extractor/codeql-extractor
 
 jobs:
   test:
@@ -36,13 +33,13 @@ jobs:
       - name: Run tests
         run: cargo test --verbose
   fmt:
-    runs-on: ubuntu-latest  
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - name: Check formatting
         run: cargo fmt --check
   clippy:
-    runs-on: ubuntu-latest  
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - name: Run clippy

.github/workflows/validate-change-notes.yml

@@ -15,9 +15,6 @@ on:
       - ".github/workflows/validate-change-notes.yml"
       - ".github/actions/fetch-codeql/action.yml"
 
-permissions:
-  contents: read
-
 jobs:
   check-change-note:
     runs-on: ubuntu-latest

.gitignore

@@ -39,9 +39,6 @@
 # local bazel options
 /local.bazelrc
 
-# generated cmake directory
-/.bazel-cmake
-
 # CLion project files
 /.clwb
 

CODEOWNERS

@@ -1,5 +1,4 @@
 /cpp/ @github/codeql-c-analysis
-/cpp/autobuilder/ @github/codeql-c-extractor
 /csharp/ @github/codeql-csharp
 /go/ @github/codeql-go
 /java/ @github/codeql-java
@@ -26,7 +25,6 @@
 
 # Bazel (excluding BUILD.bazel files)
 WORKSPACE.bazel @github/codeql-ci-reviewers
-MODULE.bazel @github/codeql-ci-reviewers
 .bazelversion @github/codeql-ci-reviewers
 .bazelrc @github/codeql-ci-reviewers
 **/*.bzl @github/codeql-ci-reviewers

MODULE.bazel

@@ -1,53 +0,0 @@
-module(
-    name = "codeql",
-    version = "0.0",
-)
-
-# this points to our internal repository when `codeql` is checked out as a submodule thereof
-# when building things from `codeql` independently this is stubbed out in `.bazelrc`
-bazel_dep(name = "semmle_code", version = "0.0")
-local_path_override(
-    module_name = "semmle_code",
-    path = "..",
-)
-
-# see https://registry.bazel.build/ for a list of available packages
-
-bazel_dep(name = "platforms", version = "0.0.8")
-bazel_dep(name = "rules_pkg", version = "0.9.1")
-bazel_dep(name = "rules_nodejs", version = "6.0.3")
-bazel_dep(name = "rules_python", version = "0.31.0")
-bazel_dep(name = "bazel_skylib", version = "1.5.0")
-bazel_dep(name = "abseil-cpp", version = "20240116.0", repo_name = "absl")
-bazel_dep(name = "nlohmann_json", version = "3.11.3", repo_name = "json")
-bazel_dep(name = "fmt", version = "10.0.0")
-
-pip = use_extension("@rules_python//python/extensions:pip.bzl", "pip")
-pip.parse(
-    hub_name = "codegen_deps",
-    python_version = "3.11",
-    requirements_lock = "//misc/codegen:requirements_lock.txt",
-)
-use_repo(pip, "codegen_deps")
-
-swift_deps = use_extension("//swift/third_party:load.bzl", "swift_deps")
-use_repo(
-    swift_deps,
-    "binlog",
-    "picosha2",
-    "swift_prebuilt_darwin_x86_64",
-    "swift_prebuilt_linux",
-    "swift_toolchain_linux",
-    "swift_toolchain_macos",
-)
-
-node = use_extension("@rules_nodejs//nodejs:extensions.bzl", "node")
-node.toolchain(
-    name = "nodejs",
-    node_version = "18.15.0",
-)
-use_repo(node, "nodejs", "nodejs_toolchains")
-
-register_toolchains(
-    "@nodejs_toolchains//:all",
-)

WORKSPACE.bazel

@@ -1,2 +1,12 @@
-# please use MODULE.bazel to add dependencies
-# this empty file is required by internal repositories, don't remove it
+# Please notice that any bazel targets and definitions in this repository are currently experimental
+# and for internal use only.
+
+workspace(name = "codeql")
+
+load("//misc/bazel:workspace.bzl", "codeql_workspace")
+
+codeql_workspace()
+
+load("//misc/bazel:workspace_deps.bzl", "codeql_workspace_deps")
+
+codeql_workspace_deps()

codeql-workspace.yml

@@ -6,7 +6,6 @@ provide:
   - "*/ql/consistency-queries/qlpack.yml"
   - "*/ql/automodel/src/qlpack.yml"
   - "*/ql/automodel/test/qlpack.yml"
-  - "python/extractor/qlpack.yml"
   - "shared/**/qlpack.yml"
   - "cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/qlpack.yml"
   - "go/ql/config/legacy-support/qlpack.yml"
@@ -28,6 +27,7 @@ provide:
   - "misc/suite-helpers/qlpack.yml"
   - "ruby/extractor-pack/codeql-extractor.yml"
   - "swift/extractor-pack/codeql-extractor.yml"
+  - "swift/integration-tests/qlpack.yml"
   - "ql/extractor-pack/codeql-extractor.yml"
   - ".github/codeql/extensions/**/codeql-pack.yml"
 

config/identical-files.json

@@ -88,46 +88,123 @@
   "IR Instruction": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll"
   ],
   "IR IRBlock": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/IRBlock.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRBlock.qll"
   ],
   "IR IRVariable": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRVariable.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRVariable.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRVariable.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRVariable.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/IRVariable.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRVariable.qll"
   ],
   "IR IRFunction": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRFunction.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRFunction.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRFunction.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRFunction.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/IRFunction.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRFunction.qll"
   ],
   "IR Operand": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Operand.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Operand.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Operand.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/Operand.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Operand.qll"
+  ],
+  "IR IRType": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/IRType.qll",
+    "csharp/ql/src/experimental/ir/implementation/IRType.qll"
+  ],
+  "IR IRConfiguration": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/IRConfiguration.qll",
+    "csharp/ql/src/experimental/ir/implementation/IRConfiguration.qll"
+  ],
+  "IR UseSoundEscapeAnalysis": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/UseSoundEscapeAnalysis.qll",
+    "csharp/ql/src/experimental/ir/implementation/UseSoundEscapeAnalysis.qll"
+  ],
+  "IR IRFunctionBase": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/IRFunctionBase.qll",
+    "csharp/ql/src/experimental/ir/implementation/internal/IRFunctionBase.qll"
+  ],
+  "IR Operand Tag": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/OperandTag.qll",
+    "csharp/ql/src/experimental/ir/implementation/internal/OperandTag.qll"
+  ],
+  "IR TInstruction": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstruction.qll",
+    "csharp/ql/src/experimental/ir/implementation/internal/TInstruction.qll"
+  ],
+  "IR TIRVariable": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TIRVariable.qll",
+    "csharp/ql/src/experimental/ir/implementation/internal/TIRVariable.qll"
   ],
   "IR IR": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IR.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IR.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IR.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IR.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/IR.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IR.qll"
   ],
   "IR IRConsistency": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRConsistency.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRConsistency.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRConsistency.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRConsistency.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/IRConsistency.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRConsistency.qll"
   ],
   "IR PrintIR": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/PrintIR.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/PrintIR.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/PrintIR.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/PrintIR.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/PrintIR.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/PrintIR.qll"
+  ],
+  "IR IntegerConstant": [
+    "cpp/ql/lib/semmle/code/cpp/ir/internal/IntegerConstant.qll",
+    "csharp/ql/src/experimental/ir/internal/IntegerConstant.qll"
+  ],
+  "IR IntegerInteval": [
+    "cpp/ql/lib/semmle/code/cpp/ir/internal/IntegerInterval.qll",
+    "csharp/ql/src/experimental/ir/internal/IntegerInterval.qll"
+  ],
+  "IR IntegerPartial": [
+    "cpp/ql/lib/semmle/code/cpp/ir/internal/IntegerPartial.qll",
+    "csharp/ql/src/experimental/ir/internal/IntegerPartial.qll"
+  ],
+  "IR Overlap": [
+    "cpp/ql/lib/semmle/code/cpp/ir/internal/Overlap.qll",
+    "csharp/ql/src/experimental/ir/internal/Overlap.qll"
+  ],
+  "IR EdgeKind": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll",
+    "csharp/ql/src/experimental/ir/implementation/EdgeKind.qll"
+  ],
+  "IR MemoryAccessKind": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/MemoryAccessKind.qll",
+    "csharp/ql/src/experimental/ir/implementation/MemoryAccessKind.qll"
+  ],
+  "IR TempVariableTag": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/TempVariableTag.qll",
+    "csharp/ql/src/experimental/ir/implementation/TempVariableTag.qll"
+  ],
+  "IR Opcode": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll",
+    "csharp/ql/src/experimental/ir/implementation/Opcode.qll"
   ],
   "IR SSAConsistency": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConsistency.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConsistency.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConsistency.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConsistency.qll"
   ],
   "C++ IR InstructionImports": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionImports.qll",
@@ -175,7 +252,8 @@
   ],
   "SSA AliasAnalysis": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/AliasAnalysis.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasAnalysis.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasAnalysis.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasAnalysis.qll"
   ],
   "SSA PrintAliasAnalysis": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/PrintAliasAnalysis.qll",
@@ -190,28 +268,44 @@
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/internal/ValueNumberingImports.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/internal/ValueNumberingImports.qll"
   ],
+  "IR SSA SimpleSSA": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll"
+  ],
+  "IR AliasConfiguration (unaliased_ssa)": [
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll"
+  ],
   "IR SSA SSAConstruction": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll"
   ],
   "IR SSA PrintSSA": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/PrintSSA.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/PrintSSA.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/PrintSSA.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/PrintSSA.qll"
   ],
   "IR ValueNumberInternal": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/internal/ValueNumberingInternal.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/internal/ValueNumberingInternal.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/internal/ValueNumberingInternal.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/internal/ValueNumberingInternal.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/gvn/internal/ValueNumberingInternal.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/internal/ValueNumberingInternal.qll"
   ],
   "C++ IR ValueNumber": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/gvn/ValueNumbering.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll"
   ],
   "C++ IR PrintValueNumbering": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/PrintValueNumbering.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/PrintValueNumbering.qll",
-    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/PrintValueNumbering.qll"
+    "cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/PrintValueNumbering.qll",
+    "csharp/ql/src/experimental/ir/implementation/raw/gvn/PrintValueNumbering.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/PrintValueNumbering.qll"
   ],
   "C++ IR ConstantAnalysis": [
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/constant/ConstantAnalysis.qll",
@@ -239,6 +333,38 @@
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/reachability/PrintDominance.qll",
     "cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/reachability/PrintDominance.qll"
   ],
+  "C# IR InstructionImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/internal/InstructionImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/InstructionImports.qll"
+  ],
+  "C# IR IRImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/internal/IRImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/IRImports.qll"
+  ],
+  "C# IR IRBlockImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/internal/IRBlockImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/IRBlockImports.qll"
+  ],
+  "C# IR IRFunctionImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/internal/IRFunctionImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/IRFunctionImports.qll"
+  ],
+  "C# IR IRVariableImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/internal/IRVariableImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/IRVariableImports.qll"
+  ],
+  "C# IR OperandImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/internal/OperandImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/OperandImports.qll"
+  ],
+  "C# IR PrintIRImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/internal/PrintIRImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/PrintIRImports.qll"
+  ],
+  "C# IR ValueNumberingImports": [
+    "csharp/ql/src/experimental/ir/implementation/raw/gvn/internal/ValueNumberingImports.qll",
+    "csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/internal/ValueNumberingImports.qll"
+  ],
   "C# ControlFlowReachability": [
     "csharp/ql/lib/semmle/code/csharp/dataflow/internal/ControlFlowReachability.qll",
     "csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ControlFlowReachability.qll"
@@ -251,6 +377,13 @@
     "cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll",
     "cpp/ql/src/Security/CWE/CWE-020/ir/SafeExternalAPIFunction.qll"
   ],
+  "XML": [
+    "cpp/ql/lib/semmle/code/cpp/XML.qll",
+    "csharp/ql/lib/semmle/code/csharp/XML.qll",
+    "java/ql/lib/semmle/code/xml/XML.qll",
+    "javascript/ql/lib/semmle/javascript/XML.qll",
+    "python/ql/lib/semmle/python/xml/XML.qll"
+  ],
   "DuplicationProblems.inc.qhelp": [
     "cpp/ql/src/Metrics/Files/DuplicationProblems.inc.qhelp",
     "javascript/ql/src/Metrics/DuplicationProblems.inc.qhelp",
@@ -298,6 +431,13 @@
     "java/ql/src/experimental/Security/CWE/CWE-400/LocalThreadResourceAbuse.qhelp",
     "java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qhelp"
   ],
+  "IDE Contextual Queries": [
+    "cpp/ql/lib/IDEContextual.qll",
+    "csharp/ql/lib/IDEContextual.qll",
+    "java/ql/lib/IDEContextual.qll",
+    "javascript/ql/lib/IDEContextual.qll",
+    "python/ql/lib/analysis/IDEContextual.qll"
+  ],
   "CryptoAlgorithms Python/JS/Ruby": [
     "javascript/ql/lib/semmle/javascript/security/CryptoAlgorithms.qll",
     "python/ql/lib/semmle/python/concepts/CryptoAlgorithms.qll",

cpp/autobuilder/Semmle.Autobuild.Cpp.Tests/BuildScripts.cs

@@ -203,8 +203,6 @@ namespace Semmle.Autobuild.Cpp.Tests
         public IList<DiagnosticMessage> Diagnostics { get; } = new List<DiagnosticMessage>();
 
         public void AddEntry(DiagnosticMessage message) => this.Diagnostics.Add(message);
-
-        public void Dispose() { }
     }
 
     /// <summary>
@@ -252,7 +250,12 @@ namespace Semmle.Autobuild.Cpp.Tests
             EndCallbackIn.Add(s);
         }
 
-        CppAutobuilder CreateAutoBuilder(bool isWindows, string? dotnetVersion = null, string cwd = @"C:\Project")
+        CppAutobuilder CreateAutoBuilder(bool isWindows,
+            string? buildless = null, string? solution = null, string? buildCommand = null, string? ignoreErrors = null,
+            string? msBuildArguments = null, string? msBuildPlatform = null, string? msBuildConfiguration = null, string? msBuildTarget = null,
+            string? dotnetArguments = null, string? dotnetVersion = null, string? vsToolsVersion = null,
+            string? nugetRestore = null, string? allSolutions = null,
+            string cwd = @"C:\Project")
         {
             string codeqlUpperLanguage = Language.Cpp.UpperCaseName;
             Actions.GetEnvironmentVariable[$"CODEQL_AUTOBUILDER_{codeqlUpperLanguage}_NO_INDEXING"] = "false";
@@ -262,7 +265,22 @@ namespace Semmle.Autobuild.Cpp.Tests
             Actions.GetEnvironmentVariable[$"CODEQL_EXTRACTOR_{codeqlUpperLanguage}_DIAGNOSTIC_DIR"] = "";
             Actions.GetEnvironmentVariable["CODEQL_JAVA_HOME"] = @"C:\codeql\tools\java";
             Actions.GetEnvironmentVariable["CODEQL_PLATFORM"] = "win64";
-            Actions.GetEnvironmentVariable["CODEQL_EXTRACTOR_CSHARP_OPTION_DOTNET_VERSION"] = dotnetVersion;
+            Actions.GetEnvironmentVariable["SEMMLE_DIST"] = @"C:\odasa";
+            Actions.GetEnvironmentVariable["SEMMLE_JAVA_HOME"] = @"C:\odasa\tools\java";
+            Actions.GetEnvironmentVariable["SEMMLE_PLATFORM_TOOLS"] = @"C:\odasa\tools";
+            Actions.GetEnvironmentVariable["LGTM_INDEX_VSTOOLS_VERSION"] = vsToolsVersion;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_MSBUILD_ARGUMENTS"] = msBuildArguments;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_MSBUILD_PLATFORM"] = msBuildPlatform;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_MSBUILD_CONFIGURATION"] = msBuildConfiguration;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_MSBUILD_TARGET"] = msBuildTarget;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_DOTNET_ARGUMENTS"] = dotnetArguments;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_DOTNET_VERSION"] = dotnetVersion;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_BUILD_COMMAND"] = buildCommand;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_SOLUTION"] = solution;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_IGNORE_ERRORS"] = ignoreErrors;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_BUILDLESS"] = buildless;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_ALL_SOLUTIONS"] = allSolutions;
+            Actions.GetEnvironmentVariable["LGTM_INDEX_NUGET_RESTORE"] = nugetRestore;
             Actions.GetEnvironmentVariable["ProgramFiles(x86)"] = isWindows ? @"C:\Program Files (x86)" : null;
             Actions.GetCurrentDirectory = cwd;
             Actions.IsWindows = isWindows;

cpp/autobuilder/Semmle.Autobuild.Cpp/CppAutobuilder.cs

@@ -26,6 +26,9 @@ namespace Semmle.Autobuild.Cpp
 
         public override BuildScript GetBuildScript()
         {
+            if (Options.BuildCommand != null)
+                return new BuildCommandRule((_, f) => f(null)).Analyse(this, false);
+
             return
                 // First try MSBuild
                 new MsBuildRule().Analyse(this, true) |

cpp/autobuilder/Semmle.Autobuild.Cpp/Program.cs

@@ -1,7 +1,5 @@
 using System;
-
 using Semmle.Autobuild.Shared;
-using Semmle.Util;
 
 namespace Semmle.Autobuild.Cpp
 {
@@ -17,7 +15,7 @@ namespace Semmle.Autobuild.Cpp
                 try
                 {
                     Console.WriteLine("CodeQL C++ autobuilder");
-                    using var builder = new CppAutobuilder(actions, options);
+                    var builder = new CppAutobuilder(actions, options);
                     return builder.AttemptBuild();
                 }
                 catch (InvalidEnvironmentException ex)

cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/exprparents.ql

@@ -1,19 +0,0 @@
-class Element extends @element {
-  string toString() { none() }
-}
-
-class Expr extends @expr {
-  string toString() { none() }
-}
-
-class Stmt extends @stmt {
-  string toString() { none() }
-}
-
-predicate isStmtWithInitializer(Stmt stmt) { exists(int kind | stmts(stmt, kind, _) | kind = 29) }
-
-from Expr child, int index, int index_new, Element parent
-where
-  exprparents(child, index, parent) and
-  if isStmtWithInitializer(parent) then index_new = index - 1 else index_new = index
-select child, index_new, parent

cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/for_initialization.ql

@@ -1,9 +0,0 @@
-class Stmt extends @stmt {
-  string toString() { none() }
-}
-
-from Stmt f, Stmt i
-where
-  for_initialization(f, i) and
-  f instanceof @stmt_for
-select f, i

cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/stmtparents.ql

@@ -1,20 +0,0 @@
-class Element extends @element {
-  string toString() { none() }
-}
-
-class Stmt extends @stmt {
-  string toString() { none() }
-}
-
-predicate isStmtWithInitializer(Stmt stmt) { exists(int kind | stmts(stmt, kind, _) | kind = 29) }
-
-from Stmt child, int index, int index_new, Element parent
-where
-  stmtparents(child, index, parent) and
-  (
-    not isStmtWithInitializer(parent)
-    or
-    index > 0
-  ) and
-  if isStmtWithInitializer(parent) then index_new = index - 1 else index_new = index
-select child, index_new, parent

cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/upgrade.properties

@@ -1,5 +0,0 @@
-description: Support C++20 range-based for initializers
-compatibility: partial
-exprparents.rel: run exprparents.qlo
-stmtparents.rel: run stmtparents.qlo
-for_initialization.rel: run for_initialization.qlo

cpp/downgrades/aa7ff0ab32cd4674f6ab731d32fea64116997b05/exprs.ql

@@ -1,13 +0,0 @@
-class Expr extends @expr {
-  string toString() { none() }
-}
-
-class Location extends @location_expr {
-  string toString() { none() }
-}
-
-from Expr expr, int kind, int kind_new, Location loc
-where
-  exprs(expr, kind, loc) and
-  if kind = 363 then kind_new = 1 else kind_new = kind
-select expr, kind_new, loc

cpp/downgrades/aa7ff0ab32cd4674f6ab731d32fea64116997b05/upgrade.properties

@@ -1,4 +0,0 @@
-description: Introduce re-use expressions
-compatibility: partial
-expr_reuse.rel: delete
-exprs.rel: run exprs.qlo

cpp/downgrades/abfce5c170f93e281948f7689ece373464fdaf87/expr_reuse.ql

@@ -1,7 +0,0 @@
-class Expr extends @expr {
-  string toString() { none() }
-}
-
-from Expr reuse, Expr original
-where expr_reuse(reuse, original, _)
-select reuse, original

cpp/downgrades/abfce5c170f93e281948f7689ece373464fdaf87/expr_types.ql

@@ -1,22 +0,0 @@
-class Expr extends @expr {
-  string toString() { none() }
-}
-
-class Type extends @type {
-  string toString() { none() }
-}
-
-predicate existingType(Expr expr, Type type, int value_category) {
-  expr_types(expr, type, value_category)
-}
-
-predicate reuseType(Expr reuse, Type type, int value_category) {
-  exists(Expr original |
-    expr_reuse(reuse, original, value_category) and
-    expr_types(original, type, _)
-  )
-}
-
-from Expr expr, Type type, int value_category
-where existingType(expr, type, value_category) or reuseType(expr, type, value_category)
-select expr, type, value_category

cpp/downgrades/abfce5c170f93e281948f7689ece373464fdaf87/upgrade.properties

@@ -1,4 +0,0 @@
-description: Add value category to expr_reuse table
-compatibility: full
-expr_reuse.rel: run expr_reuse.qlo
-expr_types.rel: run expr_types.qlo

cpp/ql/lib/CHANGELOG.md

@@ -1,38 +1,3 @@
-## 0.12.10
-
-### New Features
-
-* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field.
-* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant. 
-* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant.
-* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant. 
-* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant.
-* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement.
-
-### Minor Analysis Improvements
-
-* Added destructors for temporary objects with extended lifetimes to the intermediate representation.
-
-## 0.12.9
-
-No user-facing changes.
-
-## 0.12.8
-
-No user-facing changes.
-
-## 0.12.7
-
-### Minor Analysis Improvements
-
-* Added destructors for named objects to the intermediate representation.
-
-## 0.12.6
-
-### New Features
-
-* A `getInitialization` predicate was added to the `RangeBasedForStmt` class that yields the C++20-style initializer of the range-based `for` statement when it exists.
-
 ## 0.12.5
 
 ### New Features

cpp/ql/lib/IDEContextual.qll

@@ -3,7 +3,6 @@
  */
 
 import semmle.files.FileSystem
-private import codeql.util.FileSystem
 
 /**
  * Returns the `File` matching the given source file name as encoded by the VS
@@ -11,5 +10,13 @@ private import codeql.util.FileSystem
  */
 cached
 File getFileBySourceArchiveName(string name) {
-  result = IdeContextual<File>::getFileBySourceArchiveName(name)
+  // The name provided for a file in the source archive by the VS Code extension
+  // has some differences from the absolute path in the database:
+  // 1. colons are replaced by underscores
+  // 2. there's a leading slash, even for Windows paths: "C:/foo/bar" ->
+  //    "/C_/foo/bar"
+  // 3. double slashes in UNC prefixes are replaced with a single slash
+  // We can handle 2 and 3 together by unconditionally adding a leading slash
+  // before replacing double slashes.
+  name = ("/" + result.getAbsolutePath().replaceAll(":", "_")).replaceAll("//", "/")
 }

cpp/ql/lib/change-notes/2024-02-06-flow-out-barrier-function.md

@@ -0,0 +1,4 @@
+---
+category: feature
+---
+* Added an abstract class `FlowOutBarrierFunction` that can be used to block flow out of a function.

cpp/ql/lib/change-notes/released/0.12.10.md

@@ -1,14 +0,0 @@
-## 0.12.10
-
-### New Features
-
-* Added a `TaintInheritingContent` class that can be extended to model taint flowing from a qualifier to a field.
-* Added a predicate `GuardCondition.comparesEq/4` to query whether an expression is compared to a constant. 
-* Added a predicate `GuardCondition.ensuresEq/4` to query whether a basic block is guarded by an expression being equal to a constant.
-* Added a predicate `GuardCondition.comparesLt/4` to query whether an expression is compared to a constant. 
-* Added a predicate `GuardCondition.ensuresLt/4` to query whether a basic block is guarded by an expression being less than a constant.
-* Added a predicate `GuardCondition.valueControls` to query whether a basic block is guarded by a particular `case` of a `switch` statement.
-
-### Minor Analysis Improvements
-
-* Added destructors for temporary objects with extended lifetimes to the intermediate representation.

cpp/ql/lib/change-notes/released/0.12.6.md

@@ -1,5 +0,0 @@
-## 0.12.6
-
-### New Features
-
-* A `getInitialization` predicate was added to the `RangeBasedForStmt` class that yields the C++20-style initializer of the range-based `for` statement when it exists.

cpp/ql/lib/change-notes/released/0.12.7.md

@@ -1,5 +0,0 @@
-## 0.12.7
-
-### Minor Analysis Improvements
-
-* Added destructors for named objects to the intermediate representation.

cpp/ql/lib/change-notes/released/0.12.8.md

@@ -1,3 +0,0 @@
-## 0.12.8
-
-No user-facing changes.

cpp/ql/lib/change-notes/released/0.12.9.md

@@ -1,3 +0,0 @@
-## 0.12.9
-
-No user-facing changes.

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.12.10
+lastReleaseVersion: 0.12.5

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.12.11-dev
+version: 0.12.6-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
@@ -11,5 +11,4 @@ dependencies:
   codeql/ssa: ${workspace}
   codeql/tutorial: ${workspace}
   codeql/util: ${workspace}
-  codeql/xml: ${workspace}
 warnOnImplicitThis: true

cpp/ql/lib/semmle/code/cpp/Enclosing.qll

@@ -60,6 +60,4 @@ Element exprEnclosingElement(Expr e) {
       )
     else result = de.getDeclaration()
   )
-  or
-  result.(Stmt).getAnImplicitDestructorCall() = e
 }

cpp/ql/lib/semmle/code/cpp/PrintAST.qll

@@ -309,12 +309,9 @@ class ExprNode extends AstNode {
   override AstNode getChildInternal(int childIndex) {
     result.getAst() = expr.getChild(childIndex)
     or
-    childIndex = max(int index | exists(expr.getChild(index)) or index = 0) + 1 and
-    result.getAst() = expr.(ConditionDeclExpr).getInitializingExpr()
-    or
     exists(int destructorIndex |
       result.getAst() = expr.getImplicitDestructorCall(destructorIndex) and
-      childIndex = destructorIndex + max(int index | exists(expr.getChild(index)) or index = 0) + 2
+      childIndex = destructorIndex + max(int index | exists(expr.getChild(index)) or index = 0) + 1
     )
   }
 
@@ -689,8 +686,6 @@ private string getChildAccessorWithoutConversions(Locatable parent, Element chil
       not namedExprChildPredicates(expr, child, _) and
       exists(int n | expr.getChild(n) = child and result = "getChild(" + n + ")")
       or
-      expr.(ConditionDeclExpr).getInitializingExpr() = child and result = "getInitializingExpr()"
-      or
       exists(int n |
         expr.getImplicitDestructorCall(n) = child and
         result = "getImplicitDestructorCall(" + n + ")"
@@ -740,9 +735,7 @@ private predicate namedStmtChildPredicates(Locatable s, Element e, string pred)
     or
     s.(ForStmt).getStmt() = e and pred = "getStmt()"
     or
-    s.(RangeBasedForStmt).getInitialization() = e and pred = "getInitialization()"
-    or
-    s.(RangeBasedForStmt).getChild(1) = e and pred = "getChild(1)"
+    s.(RangeBasedForStmt).getChild(0) = e and pred = "getChild(0)"
     or
     s.(RangeBasedForStmt).getBeginEndDeclaration() = e and pred = "getBeginEndDeclaration()"
     or
@@ -750,7 +743,7 @@ private predicate namedStmtChildPredicates(Locatable s, Element e, string pred)
     or
     s.(RangeBasedForStmt).getUpdate() = e and pred = "getUpdate()"
     or
-    s.(RangeBasedForStmt).getChild(5) = e and pred = "getChild(5)"
+    s.(RangeBasedForStmt).getChild(4) = e and pred = "getChild(4)"
     or
     s.(RangeBasedForStmt).getStmt() = e and pred = "getStmt()"
     or
@@ -842,11 +835,7 @@ private predicate namedExprChildPredicates(Expr expr, Element ele, string pred)
     or
     expr.(OverloadedArrayExpr).getArrayOffset() = ele and pred = "getArrayOffset()"
     or
-    // OverloadedPointerDereferenceExpr::getExpr/0 also considers qualifiers, which are already handled above for all Call classes.
-    not expr.(OverloadedPointerDereferenceExpr).getQualifier() =
-      expr.(OverloadedPointerDereferenceExpr).getExpr() and
-    expr.(OverloadedPointerDereferenceExpr).getExpr() = ele and
-    pred = "getExpr()"
+    expr.(OverloadedPointerDereferenceExpr).getExpr() = ele and pred = "getExpr()"
     or
     expr.(CommaExpr).getLeftOperand() = ele and pred = "getLeftOperand()"
     or
@@ -862,7 +851,7 @@ private predicate namedExprChildPredicates(Expr expr, Element ele, string pred)
     or
     expr.(DeleteOrDeleteArrayExpr).getDestructorCall() = ele and pred = "getDestructorCall()"
     or
-    expr.(DeleteOrDeleteArrayExpr).getExprWithReuse() = ele and pred = "getExprWithReuse()"
+    expr.(DeleteOrDeleteArrayExpr).getExpr() = ele and pred = "getExpr()"
     or
     expr.(DestructorFieldDestruction).getExpr() = ele and pred = "getExpr()"
     or

cpp/ql/lib/semmle/code/cpp/Variable.qll

@@ -234,16 +234,7 @@ class VariableDeclarationEntry extends DeclarationEntry, @var_decl {
    * int f(int y) { return y; }
    * ```
    */
-  override string getName() {
-    exists(string name |
-      var_decls(underlyingElement(this), _, _, name, _) and
-      (
-        name != "" and result = name
-        or
-        name = "" and result = this.getVariable().(LocalVariable).getName()
-      )
-    )
-  }
+  override string getName() { var_decls(underlyingElement(this), _, _, result, _) and result != "" }
 
   /**
    * Gets the type of the variable which is being declared or defined.
@@ -590,33 +581,6 @@ class TemplateVariable extends Variable {
   Variable getAnInstantiation() { result.isConstructedFrom(this) }
 }
 
-/**
- * A variable that is an instantiation of a template. For example
- * the instantiation `myTemplateVariable<int>` in the following code:
- * ```
- * template<class T>
- * T myTemplateVariable;
- *
- * void caller(int i) {
- *   myTemplateVariable<int> = i;
- * }
- * ```
- */
-class VariableTemplateInstantiation extends Variable {
-  TemplateVariable tv;
-
-  VariableTemplateInstantiation() { tv.getAnInstantiation() = this }
-
-  override string getAPrimaryQlClass() { result = "VariableTemplateInstantiation" }
-
-  /**
-   * Gets the variable template from which this instantiation was instantiated.
-   *
-   * Example: For `int x<int>`, returns `T x`.
-   */
-  TemplateVariable getTemplate() { result = tv }
-}
-
 /**
  * A non-static local variable or parameter that is not part of an
  * uninstantiated template. Uninstantiated templates are purely syntax, and

cpp/ql/lib/semmle/code/cpp/XML.qll

@@ -3,67 +3,305 @@
  */
 
 import semmle.files.FileSystem
-private import codeql.xml.Xml
 
-private module Input implements InputSig<File, Location> {
-  class XmlLocatableBase = @xmllocatable or @xmlnamespaceable;
+private class TXmlLocatable =
+  @xmldtd or @xmlelement or @xmlattribute or @xmlnamespace or @xmlcomment or @xmlcharacters;
 
-  predicate xmllocations_(XmlLocatableBase e, Location loc) { xmllocations(e, loc) }
+/** An XML element that has a location. */
+class XmlLocatable extends @xmllocatable, TXmlLocatable {
+  /** Gets the source location for this element. */
+  Location getLocation() { xmllocations(this, result) }
 
-  class XmlParentBase = @xmlparent;
-
-  class XmlNamespaceableBase = @xmlnamespaceable;
-
-  class XmlElementBase = @xmlelement;
-
-  class XmlFileBase = File;
-
-  predicate xmlEncoding_(XmlFileBase f, string enc) { xmlEncoding(f, enc) }
-
-  class XmlDtdBase = @xmldtd;
-
-  predicate xmlDTDs_(XmlDtdBase e, string root, string publicId, string systemId, XmlFileBase file) {
-    xmlDTDs(e, root, publicId, systemId, file)
-  }
-
-  predicate xmlElements_(
-    XmlElementBase e, string name, XmlParentBase parent, int idx, XmlFileBase file
+  /**
+   * Holds if this element is at the specified location.
+   * The location spans column `startcolumn` of line `startline` to
+   * column `endcolumn` of line `endline` in file `filepath`.
+   * For more information, see
+   * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
+   */
+  predicate hasLocationInfo(
+    string filepath, int startline, int startcolumn, int endline, int endcolumn
   ) {
-    xmlElements(e, name, parent, idx, file)
+    exists(File f, Location l | l = this.getLocation() |
+      locations_default(l, f, startline, startcolumn, endline, endcolumn) and
+      filepath = f.getAbsolutePath()
+    )
   }
 
-  class XmlAttributeBase = @xmlattribute;
+  /** Gets a textual representation of this element. */
+  string toString() { none() } // overridden in subclasses
+}
 
-  predicate xmlAttrs_(
-    XmlAttributeBase e, XmlElementBase elementid, string name, string value, int idx,
-    XmlFileBase file
-  ) {
-    xmlAttrs(e, elementid, name, value, idx, file)
+/**
+ * An `XmlParent` is either an `XmlElement` or an `XmlFile`,
+ * both of which can contain other elements.
+ */
+class XmlParent extends @xmlparent {
+  XmlParent() {
+    // explicitly restrict `this` to be either an `XmlElement` or an `XmlFile`;
+    // the type `@xmlparent` currently also includes non-XML files
+    this instanceof @xmlelement or xmlEncoding(this, _)
   }
 
-  class XmlNamespaceBase = @xmlnamespace;
+  /**
+   * Gets a printable representation of this XML parent.
+   * (Intended to be overridden in subclasses.)
+   */
+  string getName() { none() } // overridden in subclasses
 
-  predicate xmlNs_(XmlNamespaceBase e, string prefixName, string uri, XmlFileBase file) {
-    xmlNs(e, prefixName, uri, file)
+  /** Gets the file to which this XML parent belongs. */
+  XmlFile getFile() { result = this or xmlElements(this, _, _, _, result) }
+
+  /** Gets the child element at a specified index of this XML parent. */
+  XmlElement getChild(int index) { xmlElements(result, _, this, index, _) }
+
+  /** Gets a child element of this XML parent. */
+  XmlElement getAChild() { xmlElements(result, _, this, _, _) }
+
+  /** Gets a child element of this XML parent with the given `name`. */
+  XmlElement getAChild(string name) { xmlElements(result, _, this, _, _) and result.hasName(name) }
+
+  /** Gets a comment that is a child of this XML parent. */
+  XmlComment getAComment() { xmlComments(result, _, this, _) }
+
+  /** Gets a character sequence that is a child of this XML parent. */
+  XmlCharacters getACharactersSet() { xmlChars(result, _, this, _, _, _) }
+
+  /** Gets the depth in the tree. (Overridden in XmlElement.) */
+  int getDepth() { result = 0 }
+
+  /** Gets the number of child XML elements of this XML parent. */
+  int getNumberOfChildren() { result = count(XmlElement e | xmlElements(e, _, this, _, _)) }
+
+  /** Gets the number of places in the body of this XML parent where text occurs. */
+  int getNumberOfCharacterSets() { result = count(int pos | xmlChars(_, _, this, pos, _, _)) }
+
+  /**
+   * Gets the result of appending all the character sequences of this XML parent from
+   * left to right, separated by a space.
+   */
+  string allCharactersString() {
+    result =
+      concat(string chars, int pos | xmlChars(_, chars, this, pos, _, _) | chars, " " order by pos)
   }
 
-  predicate xmlHasNs_(XmlNamespaceableBase e, XmlNamespaceBase ns, XmlFileBase file) {
-    xmlHasNs(e, ns, file)
-  }
+  /** Gets the text value contained in this XML parent. */
+  string getTextValue() { result = this.allCharactersString() }
 
-  class XmlCommentBase = @xmlcomment;
+  /** Gets a printable representation of this XML parent. */
+  string toString() { result = this.getName() }
+}
 
-  predicate xmlComments_(XmlCommentBase e, string text, XmlParentBase parent, XmlFileBase file) {
-    xmlComments(e, text, parent, file)
-  }
+/** An XML file. */
+class XmlFile extends XmlParent, File {
+  XmlFile() { xmlEncoding(this, _) }
 
-  class XmlCharactersBase = @xmlcharacters;
+  /** Gets a printable representation of this XML file. */
+  override string toString() { result = this.getName() }
 
-  predicate xmlChars_(
-    XmlCharactersBase e, string text, XmlParentBase parent, int idx, int isCDATA, XmlFileBase file
-  ) {
-    xmlChars(e, text, parent, idx, isCDATA, file)
+  /** Gets the name of this XML file. */
+  override string getName() { result = File.super.getAbsolutePath() }
+
+  /** Gets the encoding of this XML file. */
+  string getEncoding() { xmlEncoding(this, result) }
+
+  /** Gets the XML file itself. */
+  override XmlFile getFile() { result = this }
+
+  /** Gets a top-most element in an XML file. */
+  XmlElement getARootElement() { result = this.getAChild() }
+
+  /** Gets a DTD associated with this XML file. */
+  XmlDtd getADtd() { xmlDTDs(result, _, _, _, this) }
+}
+
+/**
+ * An XML document type definition (DTD).
+ *
+ * Example:
+ *
+ * ```
+ * <!ELEMENT person (firstName, lastName?)>
+ * <!ELEMENT firstName (#PCDATA)>
+ * <!ELEMENT lastName (#PCDATA)>
+ * ```
+ */
+class XmlDtd extends XmlLocatable, @xmldtd {
+  /** Gets the name of the root element of this DTD. */
+  string getRoot() { xmlDTDs(this, result, _, _, _) }
+
+  /** Gets the public ID of this DTD. */
+  string getPublicId() { xmlDTDs(this, _, result, _, _) }
+
+  /** Gets the system ID of this DTD. */
+  string getSystemId() { xmlDTDs(this, _, _, result, _) }
+
+  /** Holds if this DTD is public. */
+  predicate isPublic() { not xmlDTDs(this, _, "", _, _) }
+
+  /** Gets the parent of this DTD. */
+  XmlParent getParent() { xmlDTDs(this, _, _, _, result) }
+
+  override string toString() {
+    this.isPublic() and
+    result = this.getRoot() + " PUBLIC '" + this.getPublicId() + "' '" + this.getSystemId() + "'"
+    or
+    not this.isPublic() and
+    result = this.getRoot() + " SYSTEM '" + this.getSystemId() + "'"
   }
 }
 
-import Make<File, Location, Input>
+/**
+ * An XML element in an XML file.
+ *
+ * Example:
+ *
+ * ```
+ * <manifest xmlns:android="http://schemas.android.com/apk/res/android"
+ *           package="com.example.exampleapp" android:versionCode="1">
+ * </manifest>
+ * ```
+ */
+class XmlElement extends @xmlelement, XmlParent, XmlLocatable {
+  /** Holds if this XML element has the given `name`. */
+  predicate hasName(string name) { name = this.getName() }
+
+  /** Gets the name of this XML element. */
+  override string getName() { xmlElements(this, result, _, _, _) }
+
+  /** Gets the XML file in which this XML element occurs. */
+  override XmlFile getFile() { xmlElements(this, _, _, _, result) }
+
+  /** Gets the parent of this XML element. */
+  XmlParent getParent() { xmlElements(this, _, result, _, _) }
+
+  /** Gets the index of this XML element among its parent's children. */
+  int getIndex() { xmlElements(this, _, _, result, _) }
+
+  /** Holds if this XML element has a namespace. */
+  predicate hasNamespace() { xmlHasNs(this, _, _) }
+
+  /** Gets the namespace of this XML element, if any. */
+  XmlNamespace getNamespace() { xmlHasNs(this, result, _) }
+
+  /** Gets the index of this XML element among its parent's children. */
+  int getElementPositionIndex() { xmlElements(this, _, _, result, _) }
+
+  /** Gets the depth of this element within the XML file tree structure. */
+  override int getDepth() { result = this.getParent().getDepth() + 1 }
+
+  /** Gets an XML attribute of this XML element. */
+  XmlAttribute getAnAttribute() { result.getElement() = this }
+
+  /** Gets the attribute with the specified `name`, if any. */
+  XmlAttribute getAttribute(string name) { result.getElement() = this and result.getName() = name }
+
+  /** Holds if this XML element has an attribute with the specified `name`. */
+  predicate hasAttribute(string name) { exists(this.getAttribute(name)) }
+
+  /** Gets the value of the attribute with the specified `name`, if any. */
+  string getAttributeValue(string name) { result = this.getAttribute(name).getValue() }
+
+  /** Gets a printable representation of this XML element. */
+  override string toString() { result = this.getName() }
+}
+
+/**
+ * An attribute that occurs inside an XML element.
+ *
+ * Examples:
+ *
+ * ```
+ * package="com.example.exampleapp"
+ * android:versionCode="1"
+ * ```
+ */
+class XmlAttribute extends @xmlattribute, XmlLocatable {
+  /** Gets the name of this attribute. */
+  string getName() { xmlAttrs(this, _, result, _, _, _) }
+
+  /** Gets the XML element to which this attribute belongs. */
+  XmlElement getElement() { xmlAttrs(this, result, _, _, _, _) }
+
+  /** Holds if this attribute has a namespace. */
+  predicate hasNamespace() { xmlHasNs(this, _, _) }
+
+  /** Gets the namespace of this attribute, if any. */
+  XmlNamespace getNamespace() { xmlHasNs(this, result, _) }
+
+  /** Gets the value of this attribute. */
+  string getValue() { xmlAttrs(this, _, _, result, _, _) }
+
+  /** Gets a printable representation of this XML attribute. */
+  override string toString() { result = this.getName() + "=" + this.getValue() }
+}
+
+/**
+ * A namespace used in an XML file.
+ *
+ * Example:
+ *
+ * ```
+ * xmlns:android="http://schemas.android.com/apk/res/android"
+ * ```
+ */
+class XmlNamespace extends XmlLocatable, @xmlnamespace {
+  /** Gets the prefix of this namespace. */
+  string getPrefix() { xmlNs(this, result, _, _) }
+
+  /** Gets the URI of this namespace. */
+  string getUri() { xmlNs(this, _, result, _) }
+
+  /** Holds if this namespace has no prefix. */
+  predicate isDefault() { this.getPrefix() = "" }
+
+  override string toString() {
+    this.isDefault() and result = this.getUri()
+    or
+    not this.isDefault() and result = this.getPrefix() + ":" + this.getUri()
+  }
+}
+
+/**
+ * A comment in an XML file.
+ *
+ * Example:
+ *
+ * ```
+ * <!-- This is a comment. -->
+ * ```
+ */
+class XmlComment extends @xmlcomment, XmlLocatable {
+  /** Gets the text content of this XML comment. */
+  string getText() { xmlComments(this, result, _, _) }
+
+  /** Gets the parent of this XML comment. */
+  XmlParent getParent() { xmlComments(this, _, result, _) }
+
+  /** Gets a printable representation of this XML comment. */
+  override string toString() { result = this.getText() }
+}
+
+/**
+ * A sequence of characters that occurs between opening and
+ * closing tags of an XML element, excluding other elements.
+ *
+ * Example:
+ *
+ * ```
+ * <content>This is a sequence of characters.</content>
+ * ```
+ */
+class XmlCharacters extends @xmlcharacters, XmlLocatable {
+  /** Gets the content of this character sequence. */
+  string getCharacters() { xmlChars(this, result, _, _, _, _) }
+
+  /** Gets the parent of this character sequence. */
+  XmlParent getParent() { xmlChars(this, _, result, _, _, _) }
+
+  /** Holds if this character sequence is CDATA. */
+  predicate isCDATA() { xmlChars(this, _, _, _, 1, _) }
+
+  /** Gets a printable representation of this XML character sequence. */
+  override string toString() { result = this.getCharacters() }
+}

cpp/ql/lib/semmle/code/cpp/controlflow/SubBasicBlocks.qll

@@ -1,6 +1,6 @@
 // NOTE: There are two copies of this file, and they must be kept identical:
 // - semmle/code/cpp/controlflow/SubBasicBlocks.qll
-// - semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll [now DEPRECATED]
+// - semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
 //
 // The second one is a private copy of the `SubBasicBlocks` library for
 // internal use by the data flow library. Having an extra copy prevents

cpp/ql/lib/semmle/code/cpp/controlflow/internal/CFG.qll

@@ -637,10 +637,8 @@ private predicate straightLineSparse(Node scope, int i, Node ni, Spec spec) {
     any(RangeBasedForStmt for |
       i = -1 and ni = for and spec.isAt()
       or
-      i = 0 and ni = for.getInitialization() and spec.isAround()
-      or
       exists(DeclStmt s | s.getADeclaration() = for.getRangeVariable() |
-        i = 1 and ni = s and spec.isAround()
+        i = 0 and ni = s and spec.isAround()
       )
       or
       exists(DeclStmt s |
@@ -651,22 +649,22 @@ private predicate straightLineSparse(Node scope, int i, Node ni, Spec spec) {
         // DeclStmt in that case.
         exists(s.getADeclaration())
       |
-        i = 2 and ni = s and spec.isAround()
+        i = 1 and ni = s and spec.isAround()
       )
       or
-      i = 3 and ni = for.getCondition() and spec.isBefore()
+      i = 2 and ni = for.getCondition() and spec.isBefore()
       or
-      i = 4 and /* BARRIER */ ni = for and spec.isBarrier()
+      i = 3 and /* BARRIER */ ni = for and spec.isBarrier()
       or
       exists(DeclStmt declStmt | declStmt.getADeclaration() = for.getVariable() |
-        i = 5 and ni = declStmt and spec.isAfter()
+        i = 4 and ni = declStmt and spec.isAfter()
       )
       or
-      i = 6 and ni = for.getStmt() and spec.isAround()
+      i = 5 and ni = for.getStmt() and spec.isAround()
       or
-      i = 7 and ni = for.getUpdate() and spec.isAround()
+      i = 6 and ni = for.getUpdate() and spec.isAround()
       or
-      i = 8 and ni = for.getCondition() and spec.isBefore()
+      i = 7 and ni = for.getCondition() and spec.isBefore()
     )
   or
   scope =

cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll

@@ -28,6 +28,6 @@ import cpp
 deprecated module DataFlow {
   private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific
   private import codeql.dataflow.DataFlow
-  import DataFlowMake<Location, CppOldDataFlow>
+  import DataFlowMake<CppOldDataFlow>
   import semmle.code.cpp.dataflow.internal.DataFlowImpl1
 }

cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll

@@ -29,6 +29,6 @@ deprecated module TaintTracking {
   private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific
   private import semmle.code.cpp.dataflow.internal.TaintTrackingImplSpecific
   private import codeql.dataflow.TaintTracking
-  import TaintFlowMake<Location, CppOldDataFlow, CppOldTaintTracking>
+  import TaintFlowMake<CppOldDataFlow, CppOldTaintTracking>
   import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingImpl
 }

cpp/ql/lib/semmle/code/cpp/dataflow/internal/AddressFlow.qll

@@ -1,6 +1,4 @@
 /**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- *
  * Provides a local analysis for identifying where a variable address
  * is effectively taken. Array-like offsets are allowed to pass through but
  * not field-like offsets.

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll

@@ -1,7 +1,3 @@
-/**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- */
-
 private import cpp
 private import DataFlowPrivate
 private import DataFlowUtil

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll

@@ -1,8 +1,3 @@
-/**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- */
-
-private import semmle.code.cpp.Location
 private import DataFlowImplSpecific
 private import codeql.dataflow.internal.DataFlowImpl
-import MakeImpl<Location, CppOldDataFlow>
+import MakeImpl<CppOldDataFlow>

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl1.qll

@@ -285,8 +285,6 @@ deprecated private module Config implements FullStateConfigSig {
 
   int fieldFlowBranchLimit() { result = min(any(Configuration config).fieldFlowBranchLimit()) }
 
-  int accessPathLimit() { result = 5 }
-
   FlowFeature getAFeature() { result = any(Configuration config).getAFeature() }
 
   predicate sourceGrouping(Node source, string sourceGroup) {

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll

@@ -285,8 +285,6 @@ deprecated private module Config implements FullStateConfigSig {
 
   int fieldFlowBranchLimit() { result = min(any(Configuration config).fieldFlowBranchLimit()) }
 
-  int accessPathLimit() { result = 5 }
-
   FlowFeature getAFeature() { result = any(Configuration config).getAFeature() }
 
   predicate sourceGrouping(Node source, string sourceGroup) {

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll

@@ -285,8 +285,6 @@ deprecated private module Config implements FullStateConfigSig {
 
   int fieldFlowBranchLimit() { result = min(any(Configuration config).fieldFlowBranchLimit()) }
 
-  int accessPathLimit() { result = 5 }
-
   FlowFeature getAFeature() { result = any(Configuration config).getAFeature() }
 
   predicate sourceGrouping(Node source, string sourceGroup) {

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll

@@ -285,8 +285,6 @@ deprecated private module Config implements FullStateConfigSig {
 
   int fieldFlowBranchLimit() { result = min(any(Configuration config).fieldFlowBranchLimit()) }
 
-  int accessPathLimit() { result = 5 }
-
   FlowFeature getAFeature() { result = any(Configuration config).getAFeature() }
 
   predicate sourceGrouping(Node source, string sourceGroup) {

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll

@@ -1,8 +1,3 @@
-/**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- */
-
-private import semmle.code.cpp.Location
 private import DataFlowImplSpecific
 private import codeql.dataflow.internal.DataFlowImplCommon
-import MakeImplCommon<Location, CppOldDataFlow>
+import MakeImplCommon<CppOldDataFlow>

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll

@@ -1,6 +1,4 @@
 /**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- *
  * Provides consistency queries for checking invariants in the language-specific
  * data-flow classes and predicates.
  */
@@ -10,7 +8,7 @@ private import DataFlowImplSpecific
 private import TaintTrackingImplSpecific
 private import codeql.dataflow.internal.DataFlowImplConsistency
 
-private module Input implements InputSig<Location, CppOldDataFlow> {
+private module Input implements InputSig<CppOldDataFlow> {
   predicate argHasPostUpdateExclude(Private::ArgumentNode n) {
     // Is the null pointer (or something that's not really a pointer)
     exists(n.asExpr().getValue())
@@ -26,4 +24,4 @@ private module Input implements InputSig<Location, CppOldDataFlow> {
   }
 }
 
-module Consistency = MakeConsistency<Location, CppOldDataFlow, CppOldTaintTracking, Input>;
+module Consistency = MakeConsistency<CppOldDataFlow, CppOldTaintTracking, Input>;

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll

@@ -285,8 +285,6 @@ deprecated private module Config implements FullStateConfigSig {
 
   int fieldFlowBranchLimit() { result = min(any(Configuration config).fieldFlowBranchLimit()) }
 
-  int accessPathLimit() { result = 5 }
-
   FlowFeature getAFeature() { result = any(Configuration config).getAFeature() }
 
   predicate sourceGrouping(Node source, string sourceGroup) {

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll

@@ -1,10 +1,7 @@
 /**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- *
  * Provides C++-specific definitions for use in the data flow library.
  */
 
-private import semmle.code.cpp.Location
 private import codeql.dataflow.DataFlow
 
 module Private {
@@ -16,7 +13,7 @@ module Public {
   import DataFlowUtil
 }
 
-module CppOldDataFlow implements InputSig<Location> {
+module CppOldDataFlow implements InputSig {
   import Private
   import Public
 

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll

@@ -1,7 +1,3 @@
-/**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- */
-
 private import cpp
 private import DataFlowUtil
 private import DataFlowDispatch

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll

@@ -1,6 +1,4 @@
 /**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- *
  * Provides C++-specific definitions for use in the data flow library.
  */
 
@@ -105,7 +103,7 @@ class Node extends TNode {
    * For more information, see
    * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
    */
-  deprecated predicate hasLocationInfo(
+  predicate hasLocationInfo(
     string filepath, int startline, int startcolumn, int endline, int endcolumn
   ) {
     this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)

cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowVar.qll

@@ -1,6 +1,4 @@
 /**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- *
  * Provides a class for handling variables in the data flow analysis.
  */
 

cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll

@@ -1,6 +1,6 @@
 // NOTE: There are two copies of this file, and they must be kept identical:
 // - semmle/code/cpp/controlflow/SubBasicBlocks.qll
-// - semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll [now DEPRECATED]
+// - semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
 //
 // The second one is a private copy of the `SubBasicBlocks` library for
 // internal use by the data flow library. Having an extra copy prevents

cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll

@@ -1,13 +1,10 @@
 /**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- *
  * Provides C++-specific definitions for use in the taint tracking library.
  */
 
-private import semmle.code.cpp.Location
 private import codeql.dataflow.TaintTracking
 private import DataFlowImplSpecific
 
-module CppOldTaintTracking implements InputSig<Location, CppOldDataFlow> {
+module CppOldTaintTracking implements InputSig<CppOldDataFlow> {
   import TaintTrackingUtil
 }

cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll

@@ -1,6 +1,4 @@
 /**
- * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead.
- *
  * Provides classes for performing local (intra-procedural) and
  * global (inter-procedural) taint-tracking analyses.
  *

cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll

@@ -1,7 +1,3 @@
-/**
- * DEPRECATED: Use `Global` and `GlobalWithState` instead.
- */
-
 import semmle.code.cpp.dataflow.internal.TaintTrackingUtil as Public
 
 module Private {

cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll

@@ -1,7 +1,3 @@
-/**
- * DEPRECATED: Use `Global` and `GlobalWithState` instead.
- */
-
 import semmle.code.cpp.dataflow.internal.TaintTrackingUtil as Public
 
 module Private {

cpp/ql/lib/semmle/code/cpp/dataflow/new/DataFlow.qll

@@ -28,6 +28,6 @@ import cpp
 module DataFlow {
   private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific
   private import codeql.dataflow.DataFlow
-  import DataFlowMake<Location, CppDataFlow>
+  import DataFlowMake<CppDataFlow>
   import semmle.code.cpp.ir.dataflow.internal.DataFlowImpl1
 }

cpp/ql/lib/semmle/code/cpp/dataflow/new/TaintTracking.qll

@@ -27,7 +27,6 @@ module TaintTracking {
   private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific
   private import semmle.code.cpp.ir.dataflow.internal.TaintTrackingImplSpecific
   private import codeql.dataflow.TaintTracking
-  private import semmle.code.cpp.Location
-  import TaintFlowMake<Location, CppDataFlow, CppTaintTracking>
+  import TaintFlowMake<CppDataFlow, CppTaintTracking>
   import semmle.code.cpp.ir.dataflow.internal.tainttracking1.TaintTrackingImpl
 }

cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll

@@ -1015,33 +1015,8 @@ class DeleteOrDeleteArrayExpr extends Expr, TDeleteOrDeleteArrayExpr {
   Expr getExpr() {
     // If there is a destructor call, the object being deleted is the qualifier
     // otherwise it is the third child.
-    exists(Expr exprWithReuse | exprWithReuse = this.getExprWithReuse() |
-      if not exprWithReuse instanceof ReuseExpr
-      then result = exprWithReuse
-      else result = this.getDestructorCall().getQualifier()
-    )
+    result = this.getChild(3) or result = this.getDestructorCall().getQualifier()
   }
-
-  /**
-   * Gets the object or array being deleted, and gets a `ReuseExpr` when there
-   * is a destructor call and the object is also the qualifier of the call.
-   *
-   * For example, given:
-   * ```
-   * struct HasDestructor { ~HasDestructor(); };
-   * struct PlainOldData { int x, char y; };
-   *
-   * void f(HasDestructor* hasDestructor, PlainOldData* pod) {
-   *   delete hasDestructor;
-   *   delete pod;
-   * }
-   * ```
-   * This predicate yields a `ReuseExpr` for `delete hasDestructor`, as the
-   * the deleted expression has a destructor, and that expression is also
-   * the qualifier of the destructor call. In the case of `delete pod` the
-   * predicate does not yield a `ReuseExpr`, as there is no destructor call.
-   */
-  Expr getExprWithReuse() { result = this.getChild(3) }
 }
 
 /**
@@ -1347,41 +1322,3 @@ class CoYieldExpr extends UnaryOperation, @co_yield {
 
   override int getPrecedence() { result = 2 }
 }
-
-/**
- * An expression representing the re-use of another expression.
- *
- * In some specific cases an expression may be referred to outside its
- * original context. A re-use expression wraps any such reference. A
- * re-use expression can for example occur as the qualifier of an implicit
- * destructor called on a temporary object, where the original use of the
- * expression is in the definition of the temporary.
- */
-class ReuseExpr extends Expr, @reuseexpr {
-  override string getAPrimaryQlClass() { result = "ReuseExpr" }
-
-  override string toString() { result = "reuse of " + this.getReusedExpr().toString() }
-
-  /**
-   * Gets the expression that is being re-used.
-   */
-  Expr getReusedExpr() {
-    // In the case of a prvalue, the extractor outputs the expression
-    // before conversion, but the converted expression is intended.
-    if this.isPRValueCategory()
-    then result = this.getBaseReusedExpr().getFullyConverted()
-    else result = this.getBaseReusedExpr()
-  }
-
-  private Expr getBaseReusedExpr() {
-    expr_reuse(underlyingElement(this), unresolveElement(result), _)
-  }
-
-  override Type getType() { result = this.getReusedExpr().getType() }
-
-  override predicate isLValueCategory() { expr_reuse(underlyingElement(this), _, 3) }
-
-  override predicate isXValueCategory() { expr_reuse(underlyingElement(this), _, 2) }
-
-  override predicate isPRValueCategory() { expr_reuse(underlyingElement(this), _, 1) }
-}

cpp/ql/lib/semmle/code/cpp/ir/dataflow/DataFlow.qll

@@ -24,6 +24,6 @@ import cpp
 module DataFlow {
   private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplSpecific
   private import codeql.dataflow.DataFlow
-  import DataFlowMake<Location, CppDataFlow>
+  import DataFlowMake<CppDataFlow>
   import semmle.code.cpp.ir.dataflow.internal.DataFlowImpl1
 }