Refactor to DataFlow::Global

egregius313 · egregius313 · commit e7bad4cd90ff · 2023-03-24T10:04:46.000-04:00
diff --git a/java/ql/lib/semmle/code/java/security/GroovyInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/GroovyInjectionQuery.qll
@@ -41,4 +41,4 @@ module GroovyInjectionConfig implements DataFlow::ConfigSig {
  * Detect taint flow of unsafe user input
  * that is used to evaluate a Groovy expression.
  */
-module GroovyInjectionFlow = TaintTracking::Make<GroovyInjectionConfig>;
+module GroovyInjectionFlow = TaintTracking::Global<GroovyInjectionConfig>;
diff --git a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll
@@ -76,7 +76,7 @@ module JexlInjectionConfig implements DataFlow::ConfigSig {
  * Tracks unsafe user input that is used to construct and evaluate a JEXL expression.
  * It supports both JEXL 2 and 3.
  */
-module JexlInjectionFlow = TaintTracking::Make<JexlInjectionConfig>;
+module JexlInjectionFlow = TaintTracking::Global<JexlInjectionConfig>;
 
 /**
  * Holds if `n1` to `n2` is a dataflow step that creates a JEXL script using an unsafe engine
@@ -122,7 +122,7 @@ private predicate createJexlTemplateStep(DataFlow::Node n1, DataFlow::Node n2) {
 /**
  * Holds if `expr` is a JEXL engine that is configured with a sandbox.
  */
-private predicate isSafeEngine(Expr expr) { SandboxedJexlFlow::hasFlowToExpr(expr) }
+private predicate isSafeEngine(Expr expr) { SandboxedJexlFlow::flowToExpr(expr) }
 
 /**
  * A configuration for tracking sandboxed JEXL engines.
@@ -145,7 +145,7 @@ private module SandboxedJexlFlowConfig implements DataFlow::ConfigSig {
   }
 }
 
-private module SandboxedJexlFlow = DataFlow::Make<SandboxedJexlFlowConfig>;
+private module SandboxedJexlFlow = DataFlow::Global<SandboxedJexlFlowConfig>;
 
 /**
  * Defines a data flow source for JEXL engines configured with a sandbox.
diff --git a/java/ql/lib/semmle/code/java/security/JndiInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/JndiInjectionQuery.qll
@@ -47,14 +47,14 @@ module JndiInjectionFlowConfig implements DataFlow::ConfigSig {
 }
 
 /** Tracks flow of unvalidated user input that is used in JNDI lookup */
-module JndiInjectionFlow = TaintTracking::Make<JndiInjectionFlowConfig>;
+module JndiInjectionFlow = TaintTracking::Global<JndiInjectionFlowConfig>;
 
 /**
  * A method that does a JNDI lookup when it receives a `SearchControls` argument with `setReturningObjFlag` = `true`
  */
 private class UnsafeSearchControlsSink extends JndiInjectionSink {
   UnsafeSearchControlsSink() {
-    exists(MethodAccess ma | UnsafeSearchControlsFlow::hasFlowToExpr(ma.getAnArgument()) |
+    exists(MethodAccess ma | UnsafeSearchControlsFlow::flowToExpr(ma.getAnArgument()) |
       this.asExpr() = ma.getArgument(0)
     )
   }
@@ -70,7 +70,7 @@ private module UnsafeSearchControlsConfig implements DataFlow::ConfigSig {
   predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeSearchControlsArgument }
 }
 
-private module UnsafeSearchControlsFlow = DataFlow::Make<UnsafeSearchControlsConfig>;
+private module UnsafeSearchControlsFlow = DataFlow::Global<UnsafeSearchControlsConfig>;
 
 /**
  * An argument of type `SearchControls` of an `LdapOperations.search` or `DirContext.search` call.
diff --git a/java/ql/lib/semmle/code/java/security/MvelInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/MvelInjectionQuery.qll
@@ -44,4 +44,4 @@ module MvelInjectionFlowConfig implements DataFlow::ConfigSig {
 }
 
 /** Tracks flow of unsafe user input that is used to construct and evaluate a MVEL expression. */
-module MvelInjectionFlow = TaintTracking::Make<MvelInjectionFlowConfig>;
+module MvelInjectionFlow = TaintTracking::Global<MvelInjectionFlowConfig>;
diff --git a/java/ql/lib/semmle/code/java/security/OgnlInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/OgnlInjectionQuery.qll
@@ -43,4 +43,4 @@ module OgnlInjectionFlowConfig implements DataFlow::ConfigSig {
 }
 
 /** Tracks flow of unvalidated user input that is used in OGNL EL evaluation. */
-module OgnlInjectionFlow = TaintTracking::Make<OgnlInjectionFlowConfig>;
+module OgnlInjectionFlow = TaintTracking::Global<OgnlInjectionFlowConfig>;
diff --git a/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll
@@ -39,15 +39,15 @@ module SpelInjectionConfig implements DataFlow::ConfigSig {
 }
 
 /** Tracks flow of unsafe user input that is used to construct and evaluate a SpEL expression. */
-module SpelInjectionFlow = TaintTracking::Make<SpelInjectionConfig>;
+module SpelInjectionFlow = TaintTracking::Global<SpelInjectionConfig>;
 
 /** Default sink for SpEL injection vulnerabilities. */
 private class DefaultSpelExpressionEvaluationSink extends SpelExpressionEvaluationSink {
   DefaultSpelExpressionEvaluationSink() {
     exists(MethodAccess ma |
       ma.getMethod() instanceof ExpressionEvaluationMethod and
       ma.getQualifier() = this.asExpr() and
-      not SafeEvaluationContextFlow::hasFlowToExpr(ma.getArgument(0))
+      not SafeEvaluationContextFlow::flowToExpr(ma.getArgument(0))
     )
   }
 }
@@ -68,7 +68,7 @@ private module SafeEvaluationContextFlowConfig implements DataFlow::ConfigSig {
   int fieldFlowBranchLimit() { result = 0 }
 }
 
-private module SafeEvaluationContextFlow = DataFlow::Make<SafeEvaluationContextFlowConfig>;
+private module SafeEvaluationContextFlow = DataFlow::Global<SafeEvaluationContextFlowConfig>;
 
 /**
  * A `ContextSource` that is safe from SpEL injection.
diff --git a/java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
@@ -53,7 +53,7 @@ module QueryInjectionFlowConfig implements DataFlow::ConfigSig {
 }
 
 /** Tracks flow of unvalidated user input that is used in SQL queries. */
-module QueryInjectionFlow = TaintTracking::Make<QueryInjectionFlowConfig>;
+module QueryInjectionFlow = TaintTracking::Global<QueryInjectionFlowConfig>;
 
 /**
  * Implementation of `SqlTainted.ql`. This is extracted to a QLL so that it
@@ -62,5 +62,5 @@ module QueryInjectionFlow = TaintTracking::Make<QueryInjectionFlowConfig>;
 predicate queryTaintedBy(
   QueryInjectionSink query, QueryInjectionFlow::PathNode source, QueryInjectionFlow::PathNode sink
 ) {
-  QueryInjectionFlow::hasFlowPath(source, sink) and sink.getNode() = query
+  QueryInjectionFlow::flowPath(source, sink) and sink.getNode() = query
 }
diff --git a/java/ql/lib/semmle/code/java/security/TemplateInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/TemplateInjectionQuery.qll
@@ -71,4 +71,4 @@ module TemplateInjectionFlowConfig implements DataFlow::StateConfigSig {
 }
 
 /** Tracks server-side template injection (SST) vulnerabilities */
-module TemplateInjectionFlow = TaintTracking::MakeWithState<TemplateInjectionFlowConfig>;
+module TemplateInjectionFlow = TaintTracking::GlobalWithState<TemplateInjectionFlowConfig>;
diff --git a/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll
@@ -47,7 +47,7 @@ module XsltInjectionFlowConfig implements DataFlow::ConfigSig {
 /**
  * Tracks flow from unvalidated user input to XSLT transformation.
  */
-module XsltInjectionFlow = TaintTracking::Make<XsltInjectionFlowConfig>;
+module XsltInjectionFlow = TaintTracking::Global<XsltInjectionFlowConfig>;
 
 /**
  * A set of additional taint steps to consider when taint tracking XSLT related data flows.
@@ -70,7 +70,7 @@ private predicate newTransformerOrTemplatesStep(DataFlow::Node n1, DataFlow::Nod
     n2.asExpr() = ma and
     m.getDeclaringType() instanceof TransformerFactory and
     m.hasName(["newTransformer", "newTemplates"]) and
-    not TransformerFactoryWithSecureProcessingFeatureFlow::hasFlowToExpr(ma.getQualifier())
+    not TransformerFactoryWithSecureProcessingFeatureFlow::flowToExpr(ma.getQualifier())
   )
 }
 
@@ -99,7 +99,7 @@ private module TransformerFactoryWithSecureProcessingFeatureFlowConfig implement
 }
 
 private module TransformerFactoryWithSecureProcessingFeatureFlow =
-  DataFlow::Make<TransformerFactoryWithSecureProcessingFeatureFlowConfig>;
+  DataFlow::Global<TransformerFactoryWithSecureProcessingFeatureFlowConfig>;
 
 /** A `ParserConfig` specific to `TransformerFactory`. */
 private class TransformerFactoryFeatureConfig extends ParserConfig {
diff --git a/java/ql/lib/semmle/code/java/security/regexp/RegexInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/regexp/RegexInjectionQuery.qll
@@ -31,4 +31,4 @@ module RegexInjectionConfig implements DataFlow::ConfigSig {
   predicate isBarrier(DataFlow::Node node) { node instanceof RegexInjectionSanitizer }
 }
 
-module RegexInjectionFlow = TaintTracking::Make<RegexInjectionConfig>;
+module RegexInjectionFlow = TaintTracking::Global<RegexInjectionConfig>;
diff --git a/java/ql/src/Security/CWE/CWE-074/JndiInjection.ql b/java/ql/src/Security/CWE/CWE-074/JndiInjection.ql
@@ -16,6 +16,6 @@ import semmle.code.java.security.JndiInjectionQuery
 import JndiInjectionFlow::PathGraph
 
 from JndiInjectionFlow::PathNode source, JndiInjectionFlow::PathNode sink
-where JndiInjectionFlow::hasFlowPath(source, sink)
+where JndiInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "JNDI lookup might include name from $@.", source.getNode(),
   "this user input"
diff --git a/java/ql/src/Security/CWE/CWE-074/XsltInjection.ql b/java/ql/src/Security/CWE/CWE-074/XsltInjection.ql
@@ -16,6 +16,6 @@ import semmle.code.java.security.XsltInjectionQuery
 import XsltInjectionFlow::PathGraph
 
 from XsltInjectionFlow::PathNode source, XsltInjectionFlow::PathNode sink
-where XsltInjectionFlow::hasFlowPath(source, sink)
+where XsltInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "XSLT transformation might include stylesheet from $@.",
   source.getNode(), "this user input"
diff --git a/java/ql/src/Security/CWE/CWE-094/GroovyInjection.ql b/java/ql/src/Security/CWE/CWE-094/GroovyInjection.ql
@@ -16,6 +16,6 @@ import semmle.code.java.security.GroovyInjectionQuery
 import GroovyInjectionFlow::PathGraph
 
 from GroovyInjectionFlow::PathNode source, GroovyInjectionFlow::PathNode sink
-where GroovyInjectionFlow::hasFlowPath(source, sink)
+where GroovyInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Groovy script depends on a $@.", source.getNode(),
   "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-094/JexlInjection.ql b/java/ql/src/Security/CWE/CWE-094/JexlInjection.ql
@@ -16,6 +16,6 @@ import semmle.code.java.security.JexlInjectionQuery
 import JexlInjectionFlow::PathGraph
 
 from JexlInjectionFlow::PathNode source, JexlInjectionFlow::PathNode sink
-where JexlInjectionFlow::hasFlowPath(source, sink)
+where JexlInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "JEXL expression depends on a $@.", source.getNode(),
   "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-094/MvelInjection.ql b/java/ql/src/Security/CWE/CWE-094/MvelInjection.ql
@@ -16,6 +16,6 @@ import semmle.code.java.security.MvelInjectionQuery
 import MvelInjectionFlow::PathGraph
 
 from MvelInjectionFlow::PathNode source, MvelInjectionFlow::PathNode sink
-where MvelInjectionFlow::hasFlowPath(source, sink)
+where MvelInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "MVEL expression depends on a $@.", source.getNode(),
   "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-094/SpelInjection.ql b/java/ql/src/Security/CWE/CWE-094/SpelInjection.ql
@@ -17,6 +17,6 @@ import semmle.code.java.dataflow.DataFlow
 import SpelInjectionFlow::PathGraph
 
 from SpelInjectionFlow::PathNode source, SpelInjectionFlow::PathNode sink
-where SpelInjectionFlow::hasFlowPath(source, sink)
+where SpelInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "SpEL expression depends on a $@.", source.getNode(),
   "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-094/TemplateInjection.ql b/java/ql/src/Security/CWE/CWE-094/TemplateInjection.ql
@@ -16,6 +16,6 @@ import semmle.code.java.security.TemplateInjectionQuery
 import TemplateInjectionFlow::PathGraph
 
 from TemplateInjectionFlow::PathNode source, TemplateInjectionFlow::PathNode sink
-where TemplateInjectionFlow::hasFlowPath(source, sink)
+where TemplateInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Template, which may contain code, depends on a $@.",
   source.getNode(), "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-730/RegexInjection.ql b/java/ql/src/Security/CWE/CWE-730/RegexInjection.ql
@@ -18,6 +18,6 @@ import semmle.code.java.security.regexp.RegexInjectionQuery
 import RegexInjectionFlow::PathGraph
 
 from RegexInjectionFlow::PathNode source, RegexInjectionFlow::PathNode sink
-where RegexInjectionFlow::hasFlowPath(source, sink)
+where RegexInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "This regular expression is constructed from a $@.",
   source.getNode(), "user-provided value"
diff --git a/java/ql/src/Security/CWE/CWE-917/OgnlInjection.ql b/java/ql/src/Security/CWE/CWE-917/OgnlInjection.ql
@@ -16,6 +16,6 @@ import semmle.code.java.security.OgnlInjectionQuery
 import OgnlInjectionFlow::PathGraph
 
 from OgnlInjectionFlow::PathNode source, OgnlInjectionFlow::PathNode sink
-where OgnlInjectionFlow::hasFlowPath(source, sink)
+where OgnlInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "OGNL Expression Language statement depends on a $@.",
   source.getNode(), "user-provided value"
diff --git a/java/ql/test/query-tests/security/CWE-074/JndiInjectionTest.ql b/java/ql/test/query-tests/security/CWE-074/JndiInjectionTest.ql
@@ -9,7 +9,7 @@ class HasJndiInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasJndiInjection" and
-    exists(DataFlow::Node sink | JndiInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | JndiInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-074/XsltInjectionTest.ql b/java/ql/test/query-tests/security/CWE-074/XsltInjectionTest.ql
@@ -11,7 +11,7 @@ class HasXsltInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasXsltInjection" and
-    exists(DataFlow::Node sink | XsltInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | XsltInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-094/GroovyInjectionTest.ql b/java/ql/test/query-tests/security/CWE-094/GroovyInjectionTest.ql
@@ -11,7 +11,7 @@ class HasGroovyInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasGroovyInjection" and
-    exists(DataFlow::Node sink | GroovyInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | GroovyInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-094/JexlInjectionTest.ql b/java/ql/test/query-tests/security/CWE-094/JexlInjectionTest.ql
@@ -9,7 +9,7 @@ class JexlInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasJexlInjection" and
-    exists(DataFlow::Node sink | JexlInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | JexlInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-094/MvelInjectionTest.ql b/java/ql/test/query-tests/security/CWE-094/MvelInjectionTest.ql
@@ -11,7 +11,7 @@ class HasMvelInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasMvelInjection" and
-    exists(DataFlow::Node sink | MvelInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | MvelInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-094/SpelInjectionTest.ql b/java/ql/test/query-tests/security/CWE-094/SpelInjectionTest.ql
@@ -11,7 +11,7 @@ class HasSpelInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasSpelInjection" and
-    exists(DataFlow::Node sink | SpelInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | SpelInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-094/TemplateInjectionTest.ql b/java/ql/test/query-tests/security/CWE-094/TemplateInjectionTest.ql
@@ -9,7 +9,7 @@ class TemplateInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasTemplateInjection" and
-    exists(DataFlow::Node sink | TemplateInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | TemplateInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-730/RegexInjectionTest.ql b/java/ql/test/query-tests/security/CWE-730/RegexInjectionTest.ql
@@ -9,7 +9,7 @@ class RegexInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasRegexInjection" and
-    exists(RegexInjectionFlow::PathNode sink | RegexInjectionFlow::hasFlowPath(_, sink) |
+    exists(RegexInjectionFlow::PathNode sink | RegexInjectionFlow::flowPath(_, sink) |
       location = sink.getNode().getLocation() and
       element = sink.getNode().toString() and
       value = ""
diff --git a/java/ql/test/query-tests/security/CWE-917/OgnlInjectionTest.ql b/java/ql/test/query-tests/security/CWE-917/OgnlInjectionTest.ql
@@ -9,7 +9,7 @@ class OgnlInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasOgnlInjection" and
-    exists(DataFlow::Node sink | OgnlInjectionFlow::hasFlowTo(sink) |
+    exists(DataFlow::Node sink | OgnlInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""

Original file line number	Diff line number	Diff line change
`@@ -47,14 +47,14 @@ module JndiInjectionFlowConfig implements DataFlow::ConfigSig {`
`47`	`47`	`}`
`48`	`48`
`49`	`49`	`/** Tracks flow of unvalidated user input that is used in JNDI lookup */`
`50`		`-module JndiInjectionFlow = TaintTracking::Make<JndiInjectionFlowConfig>;`
	`50`	`+module JndiInjectionFlow = TaintTracking::Global<JndiInjectionFlowConfig>;`
`51`	`51`
`52`	`52`	`/**`
`53`	`53`	* A method that does a JNDI lookup when it receives a `SearchControls` argument with `setReturningObjFlag` = `true`
`54`	`54`	`*/`
`55`	`55`	`private class UnsafeSearchControlsSink extends JndiInjectionSink {`
`56`	`56`	`UnsafeSearchControlsSink() {`
`57`		`- exists(MethodAccess ma \| UnsafeSearchControlsFlow::hasFlowToExpr(ma.getAnArgument()) \|`
	`57`	`+ exists(MethodAccess ma \| UnsafeSearchControlsFlow::flowToExpr(ma.getAnArgument()) \|`
`58`	`58`	`this.asExpr() = ma.getArgument(0)`
`59`	`59`	`)`
`60`	`60`	`}`
`@@ -70,7 +70,7 @@ private module UnsafeSearchControlsConfig implements DataFlow::ConfigSig {`
`70`	`70`	`predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeSearchControlsArgument }`
`71`	`71`	`}`
`72`	`72`
`73`		`-private module UnsafeSearchControlsFlow = DataFlow::Make<UnsafeSearchControlsConfig>;`
	`73`	`+private module UnsafeSearchControlsFlow = DataFlow::Global<UnsafeSearchControlsConfig>;`
`74`	`74`
`75`	`75`	`/**`
`76`	`76`	* An argument of type `SearchControls` of an `LdapOperations.search` or `DirContext.search` call.
Original file line number	Diff line number	Diff line change
`@@ -44,4 +44,4 @@ module MvelInjectionFlowConfig implements DataFlow::ConfigSig {`
`44`	`44`	`}`
`45`	`45`
`46`	`46`	`/** Tracks flow of unsafe user input that is used to construct and evaluate a MVEL expression. */`
`47`		`-module MvelInjectionFlow = TaintTracking::Make<MvelInjectionFlowConfig>;`
	`47`	`+module MvelInjectionFlow = TaintTracking::Global<MvelInjectionFlowConfig>;`
Original file line number	Diff line number	Diff line change
`@@ -43,4 +43,4 @@ module OgnlInjectionFlowConfig implements DataFlow::ConfigSig {`
`43`	`43`	`}`
`44`	`44`
`45`	`45`	`/** Tracks flow of unvalidated user input that is used in OGNL EL evaluation. */`
`46`		`-module OgnlInjectionFlow = TaintTracking::Make<OgnlInjectionFlowConfig>;`
	`46`	`+module OgnlInjectionFlow = TaintTracking::Global<OgnlInjectionFlowConfig>;`
Original file line number	Diff line number	Diff line change
`@@ -39,15 +39,15 @@ module SpelInjectionConfig implements DataFlow::ConfigSig {`
`39`	`39`	`}`
`40`	`40`
`41`	`41`	`/** Tracks flow of unsafe user input that is used to construct and evaluate a SpEL expression. */`
`42`		`-module SpelInjectionFlow = TaintTracking::Make<SpelInjectionConfig>;`
	`42`	`+module SpelInjectionFlow = TaintTracking::Global<SpelInjectionConfig>;`
`43`	`43`
`44`	`44`	`/** Default sink for SpEL injection vulnerabilities. */`
`45`	`45`	`private class DefaultSpelExpressionEvaluationSink extends SpelExpressionEvaluationSink {`
`46`	`46`	`DefaultSpelExpressionEvaluationSink() {`
`47`	`47`	`exists(MethodAccess ma \|`
`48`	`48`	`ma.getMethod() instanceof ExpressionEvaluationMethod and`
`49`	`49`	`ma.getQualifier() = this.asExpr() and`
`50`		`- not SafeEvaluationContextFlow::hasFlowToExpr(ma.getArgument(0))`
	`50`	`+ not SafeEvaluationContextFlow::flowToExpr(ma.getArgument(0))`
`51`	`51`	`)`
`52`	`52`	`}`
`53`	`53`	`}`
`@@ -68,7 +68,7 @@ private module SafeEvaluationContextFlowConfig implements DataFlow::ConfigSig {`
`68`	`68`	`int fieldFlowBranchLimit() { result = 0 }`
`69`	`69`	`}`
`70`	`70`
`71`		`-private module SafeEvaluationContextFlow = DataFlow::Make<SafeEvaluationContextFlowConfig>;`
	`71`	`+private module SafeEvaluationContextFlow = DataFlow::Global<SafeEvaluationContextFlowConfig>;`
`72`	`72`
`73`	`73`	`/**`
`74`	`74`	* A `ContextSource` that is safe from SpEL injection.
Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ module QueryInjectionFlowConfig implements DataFlow::ConfigSig {`
`53`	`53`	`}`
`54`	`54`
`55`	`55`	`/** Tracks flow of unvalidated user input that is used in SQL queries. */`
`56`		`-module QueryInjectionFlow = TaintTracking::Make<QueryInjectionFlowConfig>;`
	`56`	`+module QueryInjectionFlow = TaintTracking::Global<QueryInjectionFlowConfig>;`
`57`	`57`
`58`	`58`	`/**`
`59`	`59`	* Implementation of `SqlTainted.ql`. This is extracted to a QLL so that it
`@@ -62,5 +62,5 @@ module QueryInjectionFlow = TaintTracking::Make<QueryInjectionFlowConfig>;`
`62`	`62`	`predicate queryTaintedBy(`
`63`	`63`	`QueryInjectionSink query, QueryInjectionFlow::PathNode source, QueryInjectionFlow::PathNode sink`
`64`	`64`	`) {`
`65`		`- QueryInjectionFlow::hasFlowPath(source, sink) and sink.getNode() = query`
	`65`	`+ QueryInjectionFlow::flowPath(source, sink) and sink.getNode() = query`
`66`	`66`	`}`
Original file line number	Diff line number	Diff line change
`@@ -71,4 +71,4 @@ module TemplateInjectionFlowConfig implements DataFlow::StateConfigSig {`
`71`	`71`	`}`
`72`	`72`
`73`	`73`	`/** Tracks server-side template injection (SST) vulnerabilities */`
`74`		`-module TemplateInjectionFlow = TaintTracking::MakeWithState<TemplateInjectionFlowConfig>;`
	`74`	`+module TemplateInjectionFlow = TaintTracking::GlobalWithState<TemplateInjectionFlowConfig>;`
Original file line number	Diff line number	Diff line change
`@@ -31,4 +31,4 @@ module RegexInjectionConfig implements DataFlow::ConfigSig {`
`31`	`31`	`predicate isBarrier(DataFlow::Node node) { node instanceof RegexInjectionSanitizer }`
`32`	`32`	`}`
`33`	`33`
`34`		`-module RegexInjectionFlow = TaintTracking::Make<RegexInjectionConfig>;`
	`34`	`+module RegexInjectionFlow = TaintTracking::Global<RegexInjectionConfig>;`