microsoft
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CleartextLoggingQuery.qll
Lines changed: 0 additions & 19 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CleartextLoggingQuery.qll
Lines changed: 0 additions & 19 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CleartextStorageQuery.qll
Lines changed: 0 additions & 19 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CleartextStorageQuery.qll
Lines changed: 0 additions & 19 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CodeInjectionQuery.qll
Lines changed: 0 additions & 15 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CodeInjectionQuery.qll
Lines changed: 0 additions & 15 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/CommandInjectionQuery.qll
Lines changed: 0 additions & 15 deletions b/‎python/ql/lib/semmle/python/security/dataflow/CommandInjectionQuery.qll
Lines changed: 0 additions & 15 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/LdapInjectionQuery.qll
Lines changed: 0 additions & 32 deletions b/‎python/ql/lib/semmle/python/security/dataflow/LdapInjectionQuery.qll
Lines changed: 0 additions & 32 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/LogInjectionQuery.qll
Lines changed: 0 additions & 15 deletions b/‎python/ql/lib/semmle/python/security/dataflow/LogInjectionQuery.qll
Lines changed: 0 additions & 15 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/PamAuthorizationQuery.qll
Lines changed: 0 additions & 29 deletions b/‎python/ql/lib/semmle/python/security/dataflow/PamAuthorizationQuery.qll
Lines changed: 0 additions & 29 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/PathInjectionQuery.qll
Lines changed: 0 additions & 51 deletions b/‎python/ql/lib/semmle/python/security/dataflow/PathInjectionQuery.qll
Lines changed: 0 additions & 51 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/PolynomialReDoSQuery.qll
Lines changed: 0 additions & 15 deletions b/‎python/ql/lib/semmle/python/security/dataflow/PolynomialReDoSQuery.qll
Lines changed: 0 additions & 15 deletions
diff --git a/‎python/ql/lib/semmle/python/security/dataflow/ReflectedXssQuery.qll
Lines changed: 0 additions & 15 deletions b/‎python/ql/lib/semmle/python/security/dataflow/ReflectedXssQuery.qll
Lines changed: 0 additions & 15 deletions
@@ -15,25 +15,6 @@ private import semmle.python.dataflow.new.BarrierGuards
 private import semmle.python.dataflow.new.SensitiveDataSources
 import CleartextLoggingCustomizations::CleartextLogging
 
-/**
- * DEPRECATED: Use `CleartextLoggingFlow` module instead.
- *
- * A taint-tracking configuration for detecting "Clear-text logging of sensitive information".
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CleartextLogging" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    super.isSanitizer(node)
-    or
-    node instanceof Sanitizer
-  }
-}
-
 private module CleartextLoggingConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
 
@@ -15,25 +15,6 @@ private import semmle.python.dataflow.new.BarrierGuards
 private import semmle.python.dataflow.new.SensitiveDataSources
 import CleartextStorageCustomizations::CleartextStorage
 
-/**
- * DEPRECATED: Use `CleartextStorageFlow` module instead.
- *
- * A taint-tracking configuration for detecting "Clear-text storage of sensitive information".
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CleartextStorage" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) {
-    super.isSanitizer(node)
-    or
-    node instanceof Sanitizer
-  }
-}
-
 private module CleartextStorageConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
 
@@ -11,21 +11,6 @@ import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import CodeInjectionCustomizations::CodeInjection
 
-/**
- * DEPRECATED: Use `CodeInjectionFlow` module instead.
- *
- * A taint-tracking configuration for detecting "code injection" vulnerabilities.
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CodeInjection" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-}
-
 private module CodeInjectionConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
 
@@ -11,21 +11,6 @@ import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import CommandInjectionCustomizations::CommandInjection
 
-/**
- * DEPRECATED: Use `CommandInjectionFlow` module instead.
- *
- * A taint-tracking configuration for detecting "command injection" vulnerabilities.
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "CommandInjection" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-}
-
 /**
  * A taint-tracking configuration for detecting "command injection" vulnerabilities.
  */
 
@@ -13,22 +13,6 @@ import semmle.python.dataflow.new.TaintTracking
 import semmle.python.dataflow.new.RemoteFlowSources
 import LdapInjectionCustomizations::LdapInjection
 
-/**
- * DEPRECATED: Use `LdapInjectionDnFlow` module instead.
- *
- * A taint-tracking configuration for detecting LDAP injection vulnerabilities
- * via the distinguished name (DN) parameter of an LDAP search.
- */
-deprecated class DnConfiguration extends TaintTracking::Configuration {
-  DnConfiguration() { this = "LdapDnInjection" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof DnSink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof DnSanitizer }
-}
-
 private module LdapInjectionDnConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
@@ -40,22 +24,6 @@ private module LdapInjectionDnConfig implements DataFlow::ConfigSig {
 /** Global taint-tracking for detecting "LDAP injection via the distinguished name (DN) parameter" vulnerabilities. */
 module LdapInjectionDnFlow = TaintTracking::Global<LdapInjectionDnConfig>;
 
-/**
- * DEPRECATED: Use `LdapInjectionFilterFlow` module instead.
- *
- * A taint-tracking configuration for detecting LDAP injection vulnerabilities
- * via the filter parameter of an LDAP search.
- */
-deprecated class FilterConfiguration extends TaintTracking::Configuration {
-  FilterConfiguration() { this = "LdapFilterInjection" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof FilterSink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof FilterSanitizer }
-}
-
 private module LdapInjectionFilterConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
 
@@ -11,21 +11,6 @@ import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import LogInjectionCustomizations::LogInjection
 
-/**
- * DEPRECATED: Use `LogInjectionFlow` module instead.
- *
- * A taint-tracking configuration for tracking untrusted user input used in log entries.
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "LogInjection" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-}
-
 private module LogInjectionConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
 
@@ -11,35 +11,6 @@ import semmle.python.ApiGraphs
 import semmle.python.dataflow.new.TaintTracking
 import PamAuthorizationCustomizations::PamAuthorizationCustomizations
 
-/**
- * DEPRECATED: Use `PamAuthorizationFlow` module instead.
- *
- * A taint-tracking configuration for detecting "PAM Authorization" vulnerabilities.
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "PamAuthorization" }
-
-  override predicate isSource(DataFlow::Node node) { node instanceof Source }
-
-  override predicate isSink(DataFlow::Node node) { node instanceof Sink }
-
-  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
-    // Models flow from a remotely supplied username field to a PAM `handle`.
-    // `retval = pam_start(service, username, byref(conv), byref(handle))`
-    exists(API::CallNode pamStart, DataFlow::Node handle, API::CallNode pointer |
-      pointer = API::moduleImport("ctypes").getMember(["pointer", "byref"]).getACall() and
-      pamStart = libPam().getMember("pam_start").getACall() and
-      pointer = pamStart.getArg(3) and
-      handle = pointer.getArg(0) and
-      pamStart.getArg(1) = node1 and
-      handle = node2
-    )
-    or
-    // Flow from handle to the authenticate call in the final step
-    exists(VulnPamAuthCall c | c.getArg(0) = node1 | node2 = c)
-  }
-}
-
 private module PamAuthorizationConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
 
@@ -12,57 +12,6 @@ import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import PathInjectionCustomizations::PathInjection
 
-/**
- * DEPRECATED: Use `PathInjectionFlow` module instead.
- *
- * A taint-tracking configuration for detecting "path injection" vulnerabilities.
- *
- * This configuration uses two flow states, `NotNormalized` and `NormalizedUnchecked`,
- * to track the requirement that a file path must be first normalized and then checked
- * before it is safe to use.
- *
- * At sources, paths are assumed not normalized. At normalization points, they change
- * state to `NormalizedUnchecked` after which they can be made safe by an appropriate
- * check of the prefix.
- *
- * Such checks are ineffective in the `NotNormalized` state.
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "PathInjection" }
-
-  override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) {
-    source instanceof Source and state instanceof NotNormalized
-  }
-
-  override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) {
-    sink instanceof Sink and
-    (
-      state instanceof NotNormalized or
-      state instanceof NormalizedUnchecked
-    )
-  }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-
-  override predicate isSanitizer(DataFlow::Node node, DataFlow::FlowState state) {
-    // Block `NotNormalized` paths here, since they change state to `NormalizedUnchecked`
-    node instanceof Path::PathNormalization and
-    state instanceof NotNormalized
-    or
-    node instanceof Path::SafeAccessCheck and
-    state instanceof NormalizedUnchecked
-  }
-
-  override predicate isAdditionalTaintStep(
-    DataFlow::Node nodeFrom, DataFlow::FlowState stateFrom, DataFlow::Node nodeTo,
-    DataFlow::FlowState stateTo
-  ) {
-    nodeFrom = nodeTo.(Path::PathNormalization).getPathArg() and
-    stateFrom instanceof NotNormalized and
-    stateTo instanceof NormalizedUnchecked
-  }
-}
-
 abstract private class NormalizationState extends string {
   bindingset[this]
   NormalizationState() { any() }
 
@@ -11,21 +11,6 @@ import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import PolynomialReDoSCustomizations::PolynomialReDoS
 
-/**
- * DEPRECATED: Use `PolynomialReDoSFlow` module instead.
- *
- * A taint-tracking configuration for detecting "polynomial regular expression denial of service (ReDoS)" vulnerabilities.
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "PolynomialReDoS" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-}
-
 private module PolynomialReDoSConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }
 
 
@@ -11,21 +11,6 @@ import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import ReflectedXSSCustomizations::ReflectedXss
 
-/**
- * DEPRECATED: Use `ReflectedXssFlow` module instead.
- *
- * A taint-tracking configuration for detecting "reflected server-side cross-site scripting" vulnerabilities.
- */
-deprecated class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "ReflectedXSS" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
-
-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
-}
-
 private module ReflectedXssConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof Source }