JS: Remove use of deprecated API

Author: asgerf

javascript/ql/examples/queries/dataflow/StoredXss/StoredXss.ql

@@ -9,7 +9,7 @@
 
 import javascript
 import DataFlow
-import semmle.javascript.security.dataflow.StoredXss
+import semmle.javascript.security.dataflow.StoredXssQuery
 import DataFlow::PathGraph
 
 /**
@@ -21,7 +21,7 @@ import DataFlow::PathGraph
  * connection.query(..., (e, data) => { ... });
  * ```
  */
-class MysqlSource extends StoredXss::Source {
+class MysqlSource extends Source {
   MysqlSource() {
     this =
       moduleImport("mysql")
@@ -32,6 +32,6 @@ class MysqlSource extends StoredXss::Source {
   }
 }
 
-from StoredXss::Configuration cfg, PathNode source, PathNode sink
+from Configuration cfg, PathNode source, PathNode sink
 where cfg.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "Stored XSS from $@.", source.getNode(), "database value."

javascript/ql/examples/queries/dataflow/StoredXss/StoredXssTypeTracking.ql

@@ -10,7 +10,7 @@
 
 import javascript
 import DataFlow
-import semmle.javascript.security.dataflow.StoredXss
+import semmle.javascript.security.dataflow.StoredXssQuery
 import DataFlow::PathGraph
 
 /**
@@ -42,10 +42,10 @@ DataFlow::SourceNode mysqlConnection() { result = mysqlConnection(DataFlow::Type
  * }
  * ```
  */
-class MysqlSource extends StoredXss::Source {
+class MysqlSource extends Source {
   MysqlSource() { this = mysqlConnection().getAMethodCall("query").getCallback(1).getParameter(1) }
 }
 
-from StoredXss::Configuration cfg, PathNode source, PathNode sink
+from Configuration cfg, PathNode source, PathNode sink
 where cfg.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "Stored XSS from $@.", source.getNode(), "database value."

javascript/ql/src/Security/CWE-089/SqlInjection.ql

@@ -12,8 +12,8 @@
  */
 
 import javascript
-import semmle.javascript.security.dataflow.SqlInjection
-import semmle.javascript.security.dataflow.NosqlInjection
+import semmle.javascript.security.dataflow.SqlInjectionQuery as SqlInjection
+import semmle.javascript.security.dataflow.NosqlInjectionQuery as NosqlInjection
 import DataFlow::PathGraph
 
 from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink

javascript/ql/src/semmle/javascript/heuristics/AdditionalSinks.qll

@@ -8,8 +8,7 @@ import javascript
 private import SyntacticHeuristics
 private import semmle.javascript.security.dataflow.CodeInjectionCustomizations
 private import semmle.javascript.security.dataflow.CommandInjectionCustomizations
-private import semmle.javascript.security.dataflow.DomBasedXss as DomBasedXss
-private import semmle.javascript.security.dataflow.ReflectedXss as ReflectedXss
+private import semmle.javascript.security.dataflow.Xss as Xss
 private import semmle.javascript.security.dataflow.SqlInjectionCustomizations
 private import semmle.javascript.security.dataflow.NosqlInjectionCustomizations
 private import semmle.javascript.security.dataflow.TaintedPathCustomizations
@@ -31,7 +30,7 @@ private class HeuristicCommandInjectionSink extends HeuristicSink, CommandInject
   }
 }
 
-private class HeuristicDomBasedXssSink extends HeuristicSink, DomBasedXss::DomBasedXss::Sink {
+private class HeuristicDomBasedXssSink extends HeuristicSink, Xss::DomBasedXss::Sink {
   HeuristicDomBasedXssSink() {
     isAssignedToOrConcatenatedWith(this, "(?i)(html|innerhtml)") or
     isArgTo(this, "(?i)(html|render)") or
@@ -40,7 +39,7 @@ private class HeuristicDomBasedXssSink extends HeuristicSink, DomBasedXss::DomBa
   }
 }
 
-private class HeuristicReflectedXssSink extends HeuristicSink, ReflectedXss::ReflectedXss::Sink {
+private class HeuristicReflectedXssSink extends HeuristicSink, Xss::ReflectedXss::Sink {
   HeuristicReflectedXssSink() {
     isAssignedToOrConcatenatedWith(this, "(?i)(html|innerhtml)") or
     isArgTo(this, "(?i)(html|render)") or

javascript/ql/test/library-tests/Security/CWE-338/InsecureRandomnessSource.ql

@@ -1,5 +1,5 @@
 import javascript
-import semmle.javascript.security.dataflow.InsecureRandomness::InsecureRandomness
+import semmle.javascript.security.dataflow.InsecureRandomnessQuery
 
 from Source s
 select s

javascript/ql/test/library-tests/frameworks/Vue/tests.ql

@@ -1,4 +1,5 @@
 import javascript
+import semmle.javascript.security.dataflow.Xss
 
 query predicate instance_getAPropertyValue(Vue::Instance i, string name, DataFlow::Node prop) {
   i.getAPropertyValue(name) = prop
@@ -18,14 +19,10 @@ query predicate instance_heapStep(
 
 query predicate templateElement(Vue::Template::Element template) { any() }
 
-import semmle.javascript.security.dataflow.DomBasedXss
-
 query predicate vhtmlSourceWrite(Vue::VHtmlSourceWrite w, DataFlow::Node pred, DataFlow::Node succ) {
   w.step(pred, succ)
 }
 
-import semmle.javascript.security.dataflow.DomBasedXss
-
 query predicate xssSink(DomBasedXss::Sink s) { any() }
 
 query RemoteFlowSource remoteFlowSource() { any() }

javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/Consistency.ql

@@ -1,3 +1,3 @@
 import javascript
-import semmle.javascript.security.dataflow.TaintedPath::TaintedPath
+import semmle.javascript.security.dataflow.TaintedPathQuery
 import testUtilities.ConsistencyChecking

javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.ql

@@ -1,3 +1,3 @@
 import javascript
 import testUtilities.ConsistencyChecking
-import semmle.javascript.security.dataflow.DomBasedXss as DomXss
+import semmle.javascript.security.dataflow.DomBasedXssQuery as DomXss

javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.ql

@@ -12,7 +12,7 @@
  */
 
 import javascript
-import semmle.javascript.security.dataflow.DomBasedXss::DomBasedXss
+import semmle.javascript.security.dataflow.DomBasedXssQuery
 import DataFlow::PathGraph
 import semmle.javascript.heuristics.AdditionalSources
 

javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXssWithCustomSanitizer.ql

@@ -2,7 +2,7 @@
 // Modern version of ReflectedXssWithCustomSanitizer_old.ql
 //
 import javascript
-import semmle.javascript.security.dataflow.ReflectedXss::ReflectedXss
+import semmle.javascript.security.dataflow.ReflectedXssQuery
 
 class IsVarNameSanitizer extends TaintTracking::AdditionalSanitizerGuardNode, DataFlow::CallNode {
   IsVarNameSanitizer() { getCalleeName() = "isVarName" }