michaelnebel
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CleartextLogging.qll
Lines changed: 3 additions & 11 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CleartextLogging.qll
Lines changed: 3 additions & 11 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CleartextStorage.qll
Lines changed: 3 additions & 11 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CleartextStorage.qll
Lines changed: 3 additions & 11 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CodeInjection.qll
Lines changed: 4 additions & 16 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CodeInjection.qll
Lines changed: 4 additions & 16 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CommandInjection.qll
Lines changed: 4 additions & 16 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CommandInjection.qll
Lines changed: 4 additions & 16 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/LdapInjection.qll
Lines changed: 3 additions & 15 deletions b/‎python/ql/lib/semmle/python/security/dataflow/LdapInjection.qll
Lines changed: 3 additions & 15 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/LogInjection.qll
Lines changed: 3 additions & 11 deletions b/‎python/ql/lib/semmle/python/security/dataflow/LogInjection.qll
Lines changed: 3 additions & 11 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/PathInjection.qll
Lines changed: 9 additions & 17 deletions b/‎python/ql/lib/semmle/python/security/dataflow/PathInjection.qll
Lines changed: 9 additions & 17 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/PolynomialReDoS.qll
Lines changed: 3 additions & 11 deletions b/‎python/ql/lib/semmle/python/security/dataflow/PolynomialReDoS.qll
Lines changed: 3 additions & 11 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/ReflectedXSS.qll
Lines changed: 5 additions & 17 deletions b/‎python/ql/lib/semmle/python/security/dataflow/ReflectedXSS.qll
Lines changed: 5 additions & 17 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/RegexInjection.qll
Lines changed: 3 additions & 13 deletions b/‎python/ql/lib/semmle/python/security/dataflow/RegexInjection.qll
Lines changed: 3 additions & 13 deletions
@@ -1,10 +1,4 @@
-/**
- * Provides a taint-tracking configuration for "Clear-text logging of sensitive information".
- *
- * Note, for performance reasons: only import this file if
- * `CleartextLogging::Configuration` is needed, otherwise
- * `CleartextLoggingCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `CleartextLoggingQuery` instead. */
 
 private import python
 private import semmle.python.dataflow.new.DataFlow
@@ -14,9 +8,7 @@ private import semmle.python.dataflow.new.RemoteFlowSources
 private import semmle.python.dataflow.new.BarrierGuards
 private import semmle.python.dataflow.new.SensitiveDataSources
 
-/**
- * Provides a taint-tracking configuration for detecting "Clear-text logging of sensitive information".
- */
-module CleartextLogging {
+/** DEPRECATED. Import `CleartextLoggingQuery` instead. */
+deprecated module CleartextLogging {
   import CleartextLoggingQuery // ignore-query-import
 }
@@ -1,10 +1,4 @@
-/**
- * Provides a taint-tracking configuration for "Clear-text storage of sensitive information".
- *
- * Note, for performance reasons: only import this file if
- * `CleartextStorage::Configuration` is needed, otherwise
- * `CleartextStorageCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `CleartextStorageQuery` instead. */
 
 private import python
 private import semmle.python.dataflow.new.DataFlow
@@ -14,9 +8,7 @@ private import semmle.python.dataflow.new.RemoteFlowSources
 private import semmle.python.dataflow.new.BarrierGuards
 private import semmle.python.dataflow.new.SensitiveDataSources
 
-/**
- * Provides a taint-tracking configuration for detecting "Clear-text storage of sensitive information".
- */
-module CleartextStorage {
+/** DEPRECATED. Import `CleartextStorageQuery` instead. */
+deprecated module CleartextStorage {
   import CleartextStorageQuery // ignore-query-import
 }
@@ -1,25 +1,13 @@
-/**
- * Provides a taint-tracking configuration for detecting "code injection" vulnerabilities.
- *
- * Note, for performance reasons: only import this file if
- * `CodeInjection::Configuration` is needed, otherwise
- * `CodeInjectionCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `CodeInjectionQuery` instead. */
 
 private import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 
-/**
- * Provides a taint-tracking configuration for detecting "code injection" vulnerabilities.
- */
-module CodeInjection {
+/** DEPRECATED. Import `CodeInjectionQuery` instead. */
+deprecated module CodeInjection {
   import CodeInjectionQuery // ignore-query-import
 }
 
-/**
- * DEPRECATED: Don't extend this class for customization, since this will lead to bad
- * performance, instead use the new `CodeInjectionCustomizations.qll` file, and extend
- * its' classes.
- */
+/** DEPRECATED. Import `CodeInjectionQuery` instead. */
 deprecated class CodeInjectionConfiguration = CodeInjection::Configuration;
@@ -1,25 +1,13 @@
-/**
- * Provides a taint-tracking configuration for detecting "command injection" vulnerabilities.
- *
- * Note, for performance reasons: only import this file if
- * `CommandInjection::Configuration` is needed, otherwise
- * `CommandInjectionCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `CommandInjectionQuery` instead. */
 
 private import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 
-/**
- * Provides a taint-tracking configuration for detecting "command injection" vulnerabilities.
- */
-module CommandInjection {
+/** DEPRECATED. Import `CommandInjectionQuery` instead. */
+deprecated module CommandInjection {
   import CommandInjectionQuery // ignore-query-import
 }
 
-/**
- * DEPRECATED: Don't extend this class for customization, since this will lead to bad
- * performance, instead use the new `CommandInjectionCustomizations.qll` file, and extend
- * its' classes.
- */
+/** DEPRECATED. Import `CommandInjectionQuery` instead. */
 deprecated class CommandInjectionConfiguration = CommandInjection::Configuration;
@@ -1,24 +1,12 @@
-/**
- * Provides taint-tracking configurations for detecting LDAP injection vulnerabilities
- *
- * Note, for performance reasons: only import this file if
- * `LdapInjection::Configuration` is needed, otherwise
- * `LdapInjectionCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `LdapInjectionQuery` instead. */
 
 import python
 import semmle.python.Concepts
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import semmle.python.dataflow.new.RemoteFlowSources
 
-/**
- * Provides aint-tracking configurations for detecting LDAP injection vulnerabilities.class
- *
- * Two configurations are provided. One is for detecting LDAP injection
- * via the distinguished name (DN). The other is for detecting LDAP injection
- * via the filter. These require different escapings.
- */
-module LdapInjection {
+/** DEPRECATED. Import `LdapInjectionQuery` instead. */
+deprecated module LdapInjection {
   import LdapInjectionQuery // ignore-query-import
 }
@@ -1,18 +1,10 @@
-/**
- * Provides a taint-tracking configuration for tracking untrusted user input used in log entries.
- *
- * Note, for performance reasons: only import this file if
- * `LogInjection::Configuration` is needed, otherwise
- * `LogInjectionCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `LogInjectionQuery` instead. */
 
 import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 
-/**
- * Provides a taint-tracking configuration for tracking untrusted user input used in log entries.
- */
-module LogInjection {
+/** DEPRECATED. Import `LogInjectionQuery` instead. */
+deprecated module LogInjection {
   import LogInjectionQuery // ignore-query-import
 }
@@ -1,20 +1,12 @@
-/**
- * Provides taint-tracking configurations for detecting "path injection" vulnerabilities.
- *
- * Note, for performance reasons: only import this file if
- * `PathInjection::Configuration` is needed, otherwise
- * `PathInjectionCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `PathInjectionQuery` instead. */
 
 private import python
 private import semmle.python.Concepts
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 
-/**
- * Provides a taint-tracking configuration for detecting "path injection" vulnerabilities.
- */
-module PathInjection {
+/** DEPRECATED. Import `PathInjectionQuery` instead. */
+deprecated module PathInjection {
   import PathInjectionQuery // ignore-query-import
 }
 
@@ -30,7 +22,7 @@ import PathInjectionCustomizations::PathInjection
 // Case 1. The path is never normalized.
 // ---------------------------------------------------------------------------
 /**
- * DEPRECATED: Use `PathInjection::Configuration` instead
+ * DEPRECATED: Import `PathInjectionQuery` instead.
  *
  * Configuration to find paths from sources to sinks that contain no normalization.
  */
@@ -53,7 +45,7 @@ deprecated class PathNotNormalizedConfiguration extends TaintTracking::Configura
 }
 
 /**
- * DEPRECATED: Use `PathInjection::Configuration` instead
+ * DEPRECATED: Import `PathInjectionQuery` instead.
  *
  * Holds if there is a path injection from source to sink, where the (python) path is
  * not normalized.
@@ -66,7 +58,7 @@ deprecated predicate pathNotNormalized(CustomPathNode source, CustomPathNode sin
 // Case 2. The path is normalized at least once, but never checked afterwards.
 // ---------------------------------------------------------------------------
 /**
- * DEPRECATED: Use `PathInjection::Configuration` instead
+ * DEPRECATED: Import `PathInjectionQuery` instead.
  *
  * Configuration to find paths from sources to normalizations that contain no prior normalizations.
  */
@@ -87,7 +79,7 @@ deprecated class FirstNormalizationConfiguration extends TaintTracking::Configur
 }
 
 /**
- * DEPRECATED: Use `PathInjection::Configuration` instead
+ * DEPRECATED: Import `PathInjectionQuery` instead.
  *
  * Configuration to find paths from normalizations to sinks that do not go through a check.
  */
@@ -108,7 +100,7 @@ deprecated class NormalizedPathNotCheckedConfiguration extends TaintTracking2::C
 }
 
 /**
- * DEPRECATED: Use `PathInjection::Configuration` instead
+ * DEPRECATED: Import `PathInjectionQuery` instead.
  *
  * Holds if there is a path injection from source to sink, where the (python) path is
  * normalized at least once, but never checked afterwards.
@@ -128,7 +120,7 @@ deprecated predicate pathNotCheckedAfterNormalization(CustomPathNode source, Cus
 // Query: Either case 1 or case 2.
 // ---------------------------------------------------------------------------
 /**
- * DEPRECATED: Use `PathInjection::Configuration` instead
+ * DEPRECATED: Import `PathInjectionQuery` instead.
  *
  * Holds if there is a path injection from source to sink
  */
 
@@ -1,18 +1,10 @@
-/**
- * Provides a taint-tracking configuration for detecting "polynomial regular expression denial of service (ReDoS)" vulnerabilities.
- *
- * Note, for performance reasons: only import this file if
- * `PolynomialReDoS::Configuration` is needed, otherwise
- * `PolynomialReDoSCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `PolynomialReDoSQuery` instead. */
 
 private import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 
-/**
- * Provides a taint-tracking configuration for detecting "polynomial regular expression denial of service (ReDoS)" vulnerabilities.
- */
-module PolynomialReDoS {
+/** DEPRECATED. Import `PolynomialReDoSQuery` instead. */
+deprecated module PolynomialReDoS {
   import PolynomialReDoSQuery // ignore-query-import
 }
@@ -1,28 +1,16 @@
-/**
- * Provides a taint-tracking configuration for detecting "reflected server-side cross-site scripting" vulnerabilities.
- *
- * Note, for performance reasons: only import this file if
- * `ReflectedXSS::Configuration` is needed, otherwise
- * `ReflectedXSSCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `ReflectedXSSQuery` instead. */
 
 private import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 
-/**
- * Provides a taint-tracking configuration for detecting "reflected server-side cross-site scripting" vulnerabilities.
- */
-module ReflectedXss {
+/** DEPRECATED. Import `ReflectedXSSQuery` instead. */
+deprecated module ReflectedXss {
   import ReflectedXSSQuery // ignore-query-import
 }
 
-/** DEPRECATED: Alias for ReflectedXss */
+/** DEPRECATED. Import `ReflectedXSSQuery` instead. */
 deprecated module ReflectedXSS = ReflectedXss;
 
-/**
- * DEPRECATED: Don't extend this class for customization, since this will lead to bad
- * performance, instead use the new `ReflectedXSSCustomizations.qll` file, and extend
- * its' classes.
- */
+/** DEPRECATED. Import `ReflectedXSSQuery` instead. */
 deprecated class ReflectedXssConfiguration = ReflectedXss::Configuration;
@@ -1,20 +1,10 @@
-/**
- * Provides a taint-tracking configuration for detecting regular expression injection
- * vulnerabilities.
- *
- * Note, for performance reasons: only import this file if
- * `RegexInjection::Configuration` is needed, otherwise
- * `RegexInjectionCustomizations` should be imported instead.
- */
+/** DEPRECATED. Import `RegexInjectionQuery` instead. */
 
 private import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 
-/**
- * Provides a taint-tracking configuration for detecting regular expression injection
- * vulnerabilities.
- */
-module RegexInjection {
+/** DEPRECATED. Import `RegexInjectionQuery` instead. */
+deprecated module RegexInjection {
   import RegexInjectionQuery // ignore-query-import
 }