diff --git a/config/identical-files.json b/config/identical-files.json index c56fbb40f8f5..cde68f43caf3 100644 --- a/config/identical-files.json +++ b/config/identical-files.json @@ -473,10 +473,6 @@ "ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll", "python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll" ], - "Typo database": [ - "javascript/ql/src/Expressions/TypoDatabase.qll", - "ql/ql/src/codeql_ql/style/TypoDatabase.qll" - ], "Swift declarations test file": [ "swift/ql/test/extractor-tests/declarations/declarations.swift", "swift/ql/test/library-tests/ast/declarations.swift" diff --git a/cpp/ql/lib/change-notes/2024-01-22-outdated-deprecations.md b/cpp/ql/lib/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..37cec4ea7770 --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `XML`, `SSA`, `SAL`, `SQL`, etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated `StrcatFunction` class, use `semmle.code.cpp.models.implementations.Strcat.qll` instead. diff --git a/cpp/ql/lib/semmle/code/cpp/Class.qll b/cpp/ql/lib/semmle/code/cpp/Class.qll index 5f79ceefd264..44863a6645be 100644 --- a/cpp/ql/lib/semmle/code/cpp/Class.qll +++ b/cpp/ql/lib/semmle/code/cpp/Class.qll @@ -380,9 +380,6 @@ class Class extends UserType { */ predicate isPod() { is_pod_class(underlyingElement(this)) } - /** DEPRECATED: Alias for isPod */ - deprecated predicate isPOD() { this.isPod() } - /** * Holds if this class, struct or union is a standard-layout class * [N4140 9(7)]. Also holds for structs in C programs. diff --git a/cpp/ql/lib/semmle/code/cpp/PODType03.qll b/cpp/ql/lib/semmle/code/cpp/PODType03.qll index 4d6e52622132..0356e11ba9f0 100644 --- a/cpp/ql/lib/semmle/code/cpp/PODType03.qll +++ b/cpp/ql/lib/semmle/code/cpp/PODType03.qll @@ -104,9 +104,6 @@ predicate isPodClass03(Class c) { ) } -/** DEPRECATED: Alias for isPodClass03 */ -deprecated predicate isPODClass03 = isPodClass03/1; - /** * Holds if `t` is a POD type, according to the rules specified in * C++03 3.9(10): @@ -126,6 +123,3 @@ predicate isPodType03(Type t) { isPodType03(ut.(SpecifiedType).getUnspecifiedType()) ) } - -/** DEPRECATED: Alias for isPodType03 */ -deprecated predicate isPODType03 = isPodType03/1; diff --git a/cpp/ql/lib/semmle/code/cpp/XML.qll b/cpp/ql/lib/semmle/code/cpp/XML.qll index 33f4cd9e9e6a..65bdd7b7cc16 100644 --- a/cpp/ql/lib/semmle/code/cpp/XML.qll +++ b/cpp/ql/lib/semmle/code/cpp/XML.qll @@ -32,9 +32,6 @@ class XmlLocatable extends @xmllocatable, TXmlLocatable { string toString() { none() } // overridden in subclasses } -/** DEPRECATED: Alias for XmlLocatable */ -deprecated class XMLLocatable = XmlLocatable; - /** * An `XmlParent` is either an `XmlElement` or an `XmlFile`, * both of which can contain other elements. @@ -95,9 +92,6 @@ class XmlParent extends @xmlparent { string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlParent */ -deprecated class XMLParent = XmlParent; - /** An XML file. */ class XmlFile extends XmlParent, File { XmlFile() { xmlEncoding(this, _) } @@ -119,14 +113,8 @@ class XmlFile extends XmlParent, File { /** Gets a DTD associated with this XML file. */ XmlDtd getADtd() { xmlDTDs(result, _, _, _, this) } - - /** DEPRECATED: Alias for getADtd */ - deprecated XmlDtd getADTD() { result = this.getADtd() } } -/** DEPRECATED: Alias for XmlFile */ -deprecated class XMLFile = XmlFile; - /** * An XML document type definition (DTD). * @@ -163,9 +151,6 @@ class XmlDtd extends XmlLocatable, @xmldtd { } } -/** DEPRECATED: Alias for XmlDtd */ -deprecated class XMLDTD = XmlDtd; - /** * An XML element in an XML file. * @@ -221,9 +206,6 @@ class XmlElement extends @xmlelement, XmlParent, XmlLocatable { override string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlElement */ -deprecated class XMLElement = XmlElement; - /** * An attribute that occurs inside an XML element. * @@ -254,9 +236,6 @@ class XmlAttribute extends @xmlattribute, XmlLocatable { override string toString() { result = this.getName() + "=" + this.getValue() } } -/** DEPRECATED: Alias for XmlAttribute */ -deprecated class XMLAttribute = XmlAttribute; - /** * A namespace used in an XML file. * @@ -273,9 +252,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { /** Gets the URI of this namespace. */ string getUri() { xmlNs(this, _, result, _) } - /** DEPRECATED: Alias for getUri */ - deprecated string getURI() { result = this.getUri() } - /** Holds if this namespace has no prefix. */ predicate isDefault() { this.getPrefix() = "" } @@ -286,9 +262,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { } } -/** DEPRECATED: Alias for XmlNamespace */ -deprecated class XMLNamespace = XmlNamespace; - /** * A comment in an XML file. * @@ -309,9 +282,6 @@ class XmlComment extends @xmlcomment, XmlLocatable { override string toString() { result = this.getText() } } -/** DEPRECATED: Alias for XmlComment */ -deprecated class XMLComment = XmlComment; - /** * A sequence of characters that occurs between opening and * closing tags of an XML element, excluding other elements. @@ -335,6 +305,3 @@ class XmlCharacters extends @xmlcharacters, XmlLocatable { /** Gets a printable representation of this XML character sequence. */ override string toString() { result = this.getCharacters() } } - -/** DEPRECATED: Alias for XmlCharacters */ -deprecated class XMLCharacters = XmlCharacters; diff --git a/cpp/ql/lib/semmle/code/cpp/commons/NULL.qll b/cpp/ql/lib/semmle/code/cpp/commons/NULL.qll index 549815482456..3713dd36941e 100644 --- a/cpp/ql/lib/semmle/code/cpp/commons/NULL.qll +++ b/cpp/ql/lib/semmle/code/cpp/commons/NULL.qll @@ -5,9 +5,6 @@ class NullMacro extends Macro { NullMacro() { this.getHead() = "NULL" } } -/** DEPRECATED: Alias for NullMacro */ -deprecated class NULLMacro = NullMacro; - /** A use of the NULL macro. */ class NULL extends Literal { NULL() { exists(NullMacro nm | this = nm.getAnInvocation().getAnExpandedElement()) } diff --git a/cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll b/cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll deleted file mode 100644 index 472de0c34b1e..000000000000 --- a/cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll +++ /dev/null @@ -1,22 +0,0 @@ -import cpp - -/** - * DEPRECATED: use `semmle.code.cpp.models.implementations.Strcat.qll` instead. - * - * A function that concatenates the string from its second argument - * to the string from its first argument, for example `strcat`. - */ -deprecated class StrcatFunction extends Function { - StrcatFunction() { - this.getName() = - [ - "strcat", // strcat(dst, src) - "strncat", // strncat(dst, src, max_amount) - "wcscat", // wcscat(dst, src) - "_mbscat", // _mbscat(dst, src) - "wcsncat", // wcsncat(dst, src, max_amount) - "_mbsncat", // _mbsncat(dst, src, max_amount) - "_mbsncat_l" // _mbsncat_l(dst, src, max_amount, locale) - ] - } -} diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll index 63dc4142a133..04522e4fe187 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll @@ -1068,6 +1068,3 @@ module Ssa { predicate hasUnreachedInstruction = Cached::hasUnreachedInstructionCached/1; } - -/** DEPRECATED: Alias for Ssa */ -deprecated module SSA = Ssa; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstructionInternal.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstructionInternal.qll index 6c0c1c1f9314..b6cb4ea3d209 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstructionInternal.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstructionInternal.qll @@ -3,13 +3,6 @@ import semmle.code.cpp.ir.implementation.unaliased_ssa.internal.reachability.Rea import semmle.code.cpp.ir.implementation.unaliased_ssa.internal.reachability.Dominance as Dominance import semmle.code.cpp.ir.implementation.aliased_ssa.IR as NewIR import semmle.code.cpp.ir.implementation.internal.TInstruction::AliasedSsaInstructions as SsaInstructions - -/** DEPRECATED: Alias for SsaInstructions */ -deprecated module SSAInstructions = SsaInstructions; - import semmle.code.cpp.ir.internal.IRCppLanguage as Language import AliasedSSA as Alias import semmle.code.cpp.ir.implementation.internal.TOperand::AliasedSsaOperands as SsaOperands - -/** DEPRECATED: Alias for SsaOperands */ -deprecated module SSAOperands = SsaOperands; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstructionInternal.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstructionInternal.qll index ddf9979cd70a..b81eca5aafe7 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstructionInternal.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstructionInternal.qll @@ -2,6 +2,3 @@ import semmle.code.cpp.ir.internal.IRCppLanguage as Language import semmle.code.cpp.ir.implementation.raw.internal.IRConstruction as IRConstruction import semmle.code.cpp.ir.implementation.unaliased_ssa.internal.SSAConstruction as UnaliasedSsa import semmle.code.cpp.ir.implementation.aliased_ssa.internal.SSAConstruction as AliasedSsa - -/** DEPRECATED: Alias for AliasedSsa */ -deprecated module AliasedSSA = AliasedSsa; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll index 63dc4142a133..04522e4fe187 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll @@ -1068,6 +1068,3 @@ module Ssa { predicate hasUnreachedInstruction = Cached::hasUnreachedInstructionCached/1; } - -/** DEPRECATED: Alias for Ssa */ -deprecated module SSA = Ssa; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll index ab0f6262e1b2..d9c75551d598 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll @@ -4,13 +4,6 @@ import semmle.code.cpp.ir.implementation.raw.internal.reachability.Dominance as import semmle.code.cpp.ir.implementation.unaliased_ssa.IR as NewIR import semmle.code.cpp.ir.implementation.raw.internal.IRConstruction as RawStage import semmle.code.cpp.ir.implementation.internal.TInstruction::UnaliasedSsaInstructions as SsaInstructions - -/** DEPRECATED: Alias for SsaInstructions */ -deprecated module SSAInstructions = SsaInstructions; - import semmle.code.cpp.ir.internal.IRCppLanguage as Language import SimpleSSA as Alias import semmle.code.cpp.ir.implementation.internal.TOperand::UnaliasedSsaOperands as SsaOperands - -/** DEPRECATED: Alias for SsaOperands */ -deprecated module SSAOperands = SsaOperands; diff --git a/cpp/ql/src/Microsoft/SAL.qll b/cpp/ql/src/Microsoft/SAL.qll index 1e5bb9ac0f19..903fea8189c0 100644 --- a/cpp/ql/src/Microsoft/SAL.qll +++ b/cpp/ql/src/Microsoft/SAL.qll @@ -22,9 +22,6 @@ class SalMacro extends Macro { } } -/** DEPRECATED: Alias for SalMacro */ -deprecated class SALMacro = SalMacro; - pragma[noinline] private predicate isTopLevelMacroAccess(MacroAccess ma) { not exists(ma.getParentInvocation()) } @@ -50,9 +47,6 @@ class SalAnnotation extends MacroInvocation { } } -/** DEPRECATED: Alias for SalAnnotation */ -deprecated class SALAnnotation = SalAnnotation; - /** * A SAL macro indicating that the return value of a function should always be * checked. @@ -63,9 +57,6 @@ class SalCheckReturn extends SalAnnotation { } } -/** DEPRECATED: Alias for SalCheckReturn */ -deprecated class SALCheckReturn = SalCheckReturn; - /** * A SAL macro indicating that a pointer variable or return value should not be * `NULL`. @@ -89,9 +80,6 @@ class SalNotNull extends SalAnnotation { } } -/** DEPRECATED: Alias for SalNotNull */ -deprecated class SALNotNull = SalNotNull; - /** * A SAL macro indicating that a value may be `NULL`. */ @@ -105,9 +93,6 @@ class SalMaybeNull extends SalAnnotation { } } -/** DEPRECATED: Alias for SalMaybeNull */ -deprecated class SALMaybeNull = SalMaybeNull; - /** * A parameter annotated by one or more SAL annotations. */ @@ -124,9 +109,6 @@ class SalParameter extends Parameter { predicate isInOut() { a.getMacroName().toLowerCase().matches("%\\_inout%") } } -/** DEPRECATED: Alias for SalParameter */ -deprecated class SALParameter = SalParameter; - /////////////////////////////////////////////////////////////////////////////// // Implementation details /** @@ -199,9 +181,6 @@ class SalElement extends Element { } } -/** DEPRECATED: Alias for SalElement */ -deprecated class SALElement = SalElement; - /** Holds if `file` contains a SAL annotation. */ pragma[noinline] private predicate containsSalAnnotation(File file) { any(SalAnnotation a).getFile() = file } diff --git a/cpp/ql/src/Security/CWE/CWE-497/SystemData.qll b/cpp/ql/src/Security/CWE/CWE-497/SystemData.qll index 9cc5515198bb..a8f918550f56 100644 --- a/cpp/ql/src/Security/CWE/CWE-497/SystemData.qll +++ b/cpp/ql/src/Security/CWE/CWE-497/SystemData.qll @@ -55,9 +55,6 @@ class SqlClientInfo extends SystemData { override predicate isSensitive() { any() } } -/** DEPRECATED: Alias for SqlClientInfo */ -deprecated class SQLClientInfo = SqlClientInfo; - private predicate sqlConnectInfo(FunctionCall source, Expr use) { ( source.getTarget().hasName("mysql_connect") or @@ -77,9 +74,6 @@ class SqlConnectInfo extends SystemData { override predicate isSensitive() { any() } } -/** DEPRECATED: Alias for SqlConnectInfo */ -deprecated class SQLConnectInfo = SqlConnectInfo; - private predicate posixSystemInfo(FunctionCall source, DataFlow::Node use) { // size_t confstr(int name, char *buf, size_t len) // - various OS / system strings, such as the libc version diff --git a/csharp/ql/lib/change-notes/2024-01-22-outdated-deprecations.md b/csharp/ql/lib/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..385e9748e5a8 --- /dev/null +++ b/csharp/ql/lib/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,9 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `SSL`, `XML`, `URI`, `SSA` etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated `getALocalFlowSucc` predicate and `TaintType` class from the dataflow library. +* Deleted the deprecated `Newobj` and `Rethrow` classes, use `NewObj` and `ReThrow` instead. +* Deleted the deprecated `getAFirstRead`, `hasAdjacentReads`, `lastRefBeforeRedef`, and `hasLastInputRef` predicates from the SSA library. +* Deleted the deprecated `getAReachableRead` predicate from the `AssignableRead` and `VariableRead` classes. +* Deleted the deprecated `hasQualifiedName` predicate from the `NamedElement` class. diff --git a/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll b/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll index 520e7bd52442..0f22f7726202 100644 --- a/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll +++ b/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll @@ -39,9 +39,6 @@ predicate maybeUsedInFnvFunction(Variable v, Operation xor, Operation mul, LoopS loop.getAChild*() = xor.getEnclosingStmt() } -/** DEPRECATED: Alias for maybeUsedInFnvFunction */ -deprecated predicate maybeUsedInFNVFunction = maybeUsedInFnvFunction/4; - /** * Holds if the arguments are used in a way that resembles an Elf-Hash hash function * where there is a loop statement `loop` where the variable `v` is used in an xor `xor` expression diff --git a/csharp/ql/lib/semmle/code/asp/WebConfig.qll b/csharp/ql/lib/semmle/code/asp/WebConfig.qll index fdc251b42429..f9106bcd1afd 100644 --- a/csharp/ql/lib/semmle/code/asp/WebConfig.qll +++ b/csharp/ql/lib/semmle/code/asp/WebConfig.qll @@ -89,16 +89,10 @@ class FormsElement extends XmlElement { result = this.getAttribute("requireSSL").getValue().trim().toLowerCase() } - /** DEPRECATED: Alias for getRequireSsl */ - deprecated string getRequireSSL() { result = this.getRequireSsl() } - /** * Holds if `requireSSL` value is true. */ predicate isRequireSsl() { this.getRequireSsl() = "true" } - - /** DEPRECATED: Alias for isRequireSsl */ - deprecated predicate isRequireSSL() { this.isRequireSsl() } } /** A `` tag in an ASP.NET configuration file. */ @@ -124,9 +118,6 @@ class HttpCookiesElement extends XmlElement { result = this.getAttribute("requireSSL").getValue().trim().toLowerCase() } - /** DEPRECATED: Alias for getRequireSsl */ - deprecated string getRequireSSL() { result = this.getRequireSsl() } - /** * Holds if there is any chance that `requireSSL` is set to `true` either globally or for Forms. */ @@ -136,9 +127,6 @@ class HttpCookiesElement extends XmlElement { not this.getRequireSsl() = "false" and // not set all, i.e. default exists(FormsElement forms | forms.getFile() = this.getFile() | forms.isRequireSsl()) } - - /** DEPRECATED: Alias for isRequireSsl */ - deprecated predicate isRequireSSL() { this.isRequireSsl() } } /** A `Transform` attribute in a Web.config transformation file. */ diff --git a/csharp/ql/lib/semmle/code/cil/DataFlow.qll b/csharp/ql/lib/semmle/code/cil/DataFlow.qll index 9057cccf49be..9b0e45569585 100644 --- a/csharp/ql/lib/semmle/code/cil/DataFlow.qll +++ b/csharp/ql/lib/semmle/code/cil/DataFlow.qll @@ -16,23 +16,6 @@ class DataFlowNode extends @cil_dataflow_node { /** Gets the type of this data flow node. */ Type getType() { none() } - /** - * Holds if this node flows to `sink` in one step. - * `tt` is the tainting that occurs during this step. - */ - deprecated predicate getALocalFlowSucc(DataFlowNode sink, TaintType tt) { - localExactStep(this, sink) and tt = TExactValue() - or - localTaintStep(this, sink) and tt = TTaintedValue() - } - - deprecated private predicate flowsToStep(DataFlowNode sink) { - this.getALocalFlowSucc(sink, TExactValue()) - } - - /** Holds if this node flows to `sink` in zero or more steps. */ - deprecated predicate flowsTo(DataFlowNode sink) { this.flowsToStep*(sink) } - /** Gets the method that contains this dataflow node. */ Method getMethod() { none() } @@ -40,77 +23,6 @@ class DataFlowNode extends @cil_dataflow_node { Location getLocation() { none() } } -deprecated private newtype TTaintType = - TExactValue() or - TTaintedValue() - -/** Describes how data is tainted. */ -deprecated class TaintType extends TTaintType { - string toString() { - this = TExactValue() and result = "exact" - or - this = TTaintedValue() and result = "tainted" - } -} - -/** A taint type where the data is untainted. */ -deprecated class Untainted extends TaintType, TExactValue { } - -/** A taint type where the data is tainted. */ -deprecated class Tainted extends TaintType, TTaintedValue { } - -deprecated private predicate localFlowPhiInput(DataFlowNode input, Ssa::PhiNode phi) { - exists(Ssa::Definition def, BasicBlock bb, int i | phi.hasLastInputRef(def, bb, i) | - def.definesAt(_, bb, i) and - input = def.getVariableUpdate().getSource() - or - input = - any(ReadAccess ra | - bb.getNode(i) = ra and - ra.getTarget() = def.getSourceVariable() - ) - ) - or - exists(Ssa::PhiNode mid, BasicBlock bb, int i | - localFlowPhiInput(input, mid) and - phi.hasLastInputRef(mid, bb, i) and - mid.definesAt(_, bb, i) - ) -} - -deprecated private predicate localExactStep(DataFlowNode src, DataFlowNode sink) { - src = sink.(Opcodes::Dup).getAnOperand() - or - exists(Ssa::Definition def, VariableUpdate vu | - vu = def.getVariableUpdate() and - src = vu.getSource() and - sink = def.getAFirstRead() - ) - or - any(Ssa::Definition def).hasAdjacentReads(src, sink) - or - exists(Ssa::PhiNode phi | - localFlowPhiInput(src, phi) and - sink = phi.getAFirstRead() - ) - or - src = sink.(Conversion).getExpr() - or - src = sink.(WriteAccess).getExpr() - or - src = sink.(Method).getAnImplementation().getAnInstruction().(Return) - or - src = sink.(Return).getExpr() - or - src = sink.(ConditionalBranch).getAnOperand() -} - -deprecated private predicate localTaintStep(DataFlowNode src, DataFlowNode sink) { - src = sink.(BinaryArithmeticExpr).getAnOperand() or - src = sink.(Opcodes::Neg).getOperand() or - src = sink.(UnaryBitwiseOperation).getOperand() -} - /** A node that updates a variable. */ abstract class VariableUpdate extends DataFlowNode { /** Gets the value assigned, if any. */ diff --git a/csharp/ql/lib/semmle/code/cil/Instructions.qll b/csharp/ql/lib/semmle/code/cil/Instructions.qll index 331ae699910c..8828e8e4e42a 100644 --- a/csharp/ql/lib/semmle/code/cil/Instructions.qll +++ b/csharp/ql/lib/semmle/code/cil/Instructions.qll @@ -788,9 +788,6 @@ module Opcodes { } } - /** DEPRECATED: Alias for NewObj */ - deprecated class Newobj = NewObj; - /** An `initobj` instruction. */ class Initobj extends Instruction, @cil_initobj { override string getOpcodeName() { result = "initobj" } @@ -854,9 +851,6 @@ module Opcodes { override string getOpcodeName() { result = "rethrow" } } - /** DEPRECATED: Alias for ReThrow */ - deprecated class Rethrow = ReThrow; - /** A `ldlen` instruction. */ class Ldlen extends UnaryExpr, @cil_ldlen { override string getOpcodeName() { result = "ldlen" } diff --git a/csharp/ql/lib/semmle/code/cil/Ssa.qll b/csharp/ql/lib/semmle/code/cil/Ssa.qll index ec419c1773ad..b9c56763a3d6 100644 --- a/csharp/ql/lib/semmle/code/cil/Ssa.qll +++ b/csharp/ql/lib/semmle/code/cil/Ssa.qll @@ -23,14 +23,6 @@ module Ssa { ) } - /** Gets a first read of this SSA definition. */ - deprecated final ReadAccess getAFirstRead() { result = SsaImpl::getAFirstRead(this) } - - /** Holds if `first` and `second` are adjacent reads of this SSA definition. */ - deprecated final predicate hasAdjacentReads(ReadAccess first, ReadAccess second) { - SsaImpl::hasAdjacentReads(this, first, second) - } - private Definition getAPhiInput() { result = this.(PhiNode).getAnInput() } /** @@ -52,15 +44,5 @@ module Ssa { /** Gets an input to this phi node. */ final Definition getAnInput() { result = SsaImpl::getAPhiInput(this) } - - /** - * Holds if if `def` is an input to this phi node, and a reference to `def` at - * index `i` in basic block `bb` can reach this phi node without going through - * other references. - */ - deprecated final predicate hasLastInputRef(Definition def, BasicBlock bb, int i) { - SsaImpl::lastRefRedef(def, bb, i, this) and - def = SsaImpl::getAPhiInput(this) - } } } diff --git a/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll b/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll index 3aafaa00baac..460b40ac227a 100644 --- a/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll +++ b/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll @@ -77,26 +77,6 @@ import Cached private module Deprecated { private import CIL - - deprecated ReadAccess getAFirstRead(Definition def) { - exists(BasicBlock bb1, int i1, BasicBlock bb2, int i2 | - def.definesAt(_, bb1, i1) and - adjacentDefRead(def, bb1, i1, bb2, i2) and - result = bb2.getNode(i2) - ) - } - - deprecated predicate hasAdjacentReads(Definition def, ReadAccess first, ReadAccess second) { - exists(BasicBlock bb1, int i1, BasicBlock bb2, int i2 | - first = bb1.getNode(i1) and - adjacentDefRead(def, bb1, i1, bb2, i2) and - second = bb2.getNode(i2) - ) - } - - deprecated predicate lastRefBeforeRedef(Definition def, BasicBlock bb, int i, Definition next) { - lastRefRedef(def, bb, i, next) - } } import Deprecated diff --git a/csharp/ql/lib/semmle/code/csharp/Assignable.qll b/csharp/ql/lib/semmle/code/csharp/Assignable.qll index 975f69edaa93..297a4fbd4a21 100644 --- a/csharp/ql/lib/semmle/code/csharp/Assignable.qll +++ b/csharp/ql/lib/semmle/code/csharp/Assignable.qll @@ -117,15 +117,6 @@ class AssignableRead extends AssignableAccess { cfn = this.getAnAdjacentReadSameVar() ) } - - /** - * Gets a reachable read of the same underlying assignable. That is, a read - * that can be reached from this read, and which is guaranteed to read the - * same value. - * - * This is the transitive closure of `getANextRead()`. - */ - deprecated AssignableRead getAReachableRead() { result = this.getANextRead+() } } /** @@ -489,15 +480,6 @@ class AssignableDefinition extends TAssignableDefinition { ) } - /** - * Gets a reachable read of the same underlying assignable. That is, a read - * that can be reached from this definition, and which is guaranteed to read - * the value assigned in this definition. - * - * This is the equivalent with `getAFirstRead().getANextRead*()`. - */ - deprecated AssignableRead getAReachableRead() { result = this.getAFirstRead().getANextRead*() } - /** Gets a textual representation of this assignable definition. */ string toString() { none() } diff --git a/csharp/ql/lib/semmle/code/csharp/XML.qll b/csharp/ql/lib/semmle/code/csharp/XML.qll index 33f4cd9e9e6a..65bdd7b7cc16 100644 --- a/csharp/ql/lib/semmle/code/csharp/XML.qll +++ b/csharp/ql/lib/semmle/code/csharp/XML.qll @@ -32,9 +32,6 @@ class XmlLocatable extends @xmllocatable, TXmlLocatable { string toString() { none() } // overridden in subclasses } -/** DEPRECATED: Alias for XmlLocatable */ -deprecated class XMLLocatable = XmlLocatable; - /** * An `XmlParent` is either an `XmlElement` or an `XmlFile`, * both of which can contain other elements. @@ -95,9 +92,6 @@ class XmlParent extends @xmlparent { string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlParent */ -deprecated class XMLParent = XmlParent; - /** An XML file. */ class XmlFile extends XmlParent, File { XmlFile() { xmlEncoding(this, _) } @@ -119,14 +113,8 @@ class XmlFile extends XmlParent, File { /** Gets a DTD associated with this XML file. */ XmlDtd getADtd() { xmlDTDs(result, _, _, _, this) } - - /** DEPRECATED: Alias for getADtd */ - deprecated XmlDtd getADTD() { result = this.getADtd() } } -/** DEPRECATED: Alias for XmlFile */ -deprecated class XMLFile = XmlFile; - /** * An XML document type definition (DTD). * @@ -163,9 +151,6 @@ class XmlDtd extends XmlLocatable, @xmldtd { } } -/** DEPRECATED: Alias for XmlDtd */ -deprecated class XMLDTD = XmlDtd; - /** * An XML element in an XML file. * @@ -221,9 +206,6 @@ class XmlElement extends @xmlelement, XmlParent, XmlLocatable { override string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlElement */ -deprecated class XMLElement = XmlElement; - /** * An attribute that occurs inside an XML element. * @@ -254,9 +236,6 @@ class XmlAttribute extends @xmlattribute, XmlLocatable { override string toString() { result = this.getName() + "=" + this.getValue() } } -/** DEPRECATED: Alias for XmlAttribute */ -deprecated class XMLAttribute = XmlAttribute; - /** * A namespace used in an XML file. * @@ -273,9 +252,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { /** Gets the URI of this namespace. */ string getUri() { xmlNs(this, _, result, _) } - /** DEPRECATED: Alias for getUri */ - deprecated string getURI() { result = this.getUri() } - /** Holds if this namespace has no prefix. */ predicate isDefault() { this.getPrefix() = "" } @@ -286,9 +262,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { } } -/** DEPRECATED: Alias for XmlNamespace */ -deprecated class XMLNamespace = XmlNamespace; - /** * A comment in an XML file. * @@ -309,9 +282,6 @@ class XmlComment extends @xmlcomment, XmlLocatable { override string toString() { result = this.getText() } } -/** DEPRECATED: Alias for XmlComment */ -deprecated class XMLComment = XmlComment; - /** * A sequence of characters that occurs between opening and * closing tags of an XML element, excluding other elements. @@ -335,6 +305,3 @@ class XmlCharacters extends @xmlcharacters, XmlLocatable { /** Gets a printable representation of this XML character sequence. */ override string toString() { result = this.getCharacters() } } - -/** DEPRECATED: Alias for XmlCharacters */ -deprecated class XMLCharacters = XmlCharacters; diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll index 5d276e5bdc5b..eafc4fac491f 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Access.qll @@ -173,10 +173,6 @@ class VariableAccess extends AssignableAccess, @variable_access_expr { */ class VariableRead extends VariableAccess, AssignableRead { override VariableRead getANextRead() { result = AssignableRead.super.getANextRead() } - - deprecated override VariableRead getAReachableRead() { - result = AssignableRead.super.getAReachableRead() - } } /** @@ -201,10 +197,6 @@ class LocalScopeVariableAccess extends VariableAccess, @local_scope_variable_acc */ class LocalScopeVariableRead extends LocalScopeVariableAccess, VariableRead { override LocalScopeVariableRead getANextRead() { result = VariableRead.super.getANextRead() } - - deprecated override LocalScopeVariableRead getAReachableRead() { - result = VariableRead.super.getAReachableRead() - } } /** @@ -243,10 +235,6 @@ class ParameterAccess extends LocalScopeVariableAccess, @parameter_access_expr { */ class ParameterRead extends ParameterAccess, LocalScopeVariableRead { override ParameterRead getANextRead() { result = LocalScopeVariableRead.super.getANextRead() } - - deprecated override ParameterRead getAReachableRead() { - result = LocalScopeVariableRead.super.getAReachableRead() - } } /** @@ -298,10 +286,6 @@ class LocalVariableAccess extends LocalScopeVariableAccess, @local_variable_acce */ class LocalVariableRead extends LocalVariableAccess, LocalScopeVariableRead { override LocalVariableRead getANextRead() { result = LocalScopeVariableRead.super.getANextRead() } - - deprecated override LocalVariableRead getAReachableRead() { - result = LocalScopeVariableRead.super.getAReachableRead() - } } /** @@ -443,10 +427,6 @@ class PropertyAccess extends AssignableMemberAccess, PropertyAccessExpr { */ class PropertyRead extends PropertyAccess, AssignableRead { override PropertyRead getANextRead() { result = AssignableRead.super.getANextRead() } - - deprecated override PropertyRead getAReachableRead() { - result = AssignableRead.super.getAReachableRead() - } } /** @@ -584,10 +564,6 @@ class IndexerAccess extends AssignableMemberAccess, ElementAccess, IndexerAccess */ class IndexerRead extends IndexerAccess, ElementRead { override IndexerRead getANextRead() { result = ElementRead.super.getANextRead() } - - deprecated override IndexerRead getAReachableRead() { - result = ElementRead.super.getAReachableRead() - } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/Owin.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/Owin.qll index 9d9bf11f91c8..2bd31bc4357f 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/Owin.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/Owin.qll @@ -123,9 +123,6 @@ class MicrosoftOwinIOwinRequestClass extends Class { result = this.getAProperty() and result.hasName("Uri") } - - /** DEPRECATED: Alias for getUriProperty */ - deprecated Property getURIProperty() { result = this.getUriProperty() } } /** A `Microsoft.Owin.*String` class. */ diff --git a/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll index 06c46854f5b3..31670bce3055 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll @@ -5,11 +5,6 @@ import csharp private import semmle.code.csharp.frameworks.system.security.cryptography.SymmetricAlgorithm -/** Array of type Byte */ -deprecated class ByteArray extends ArrayType { - ByteArray() { this.getElementType() instanceof ByteType } -} - /** Abstract class for all sources of keys */ abstract class KeySource extends DataFlow::Node { } diff --git a/csharp/ql/lib/semmle/code/dotnet/Element.qll b/csharp/ql/lib/semmle/code/dotnet/Element.qll index 3858b1a58d96..d0ebce3f7e42 100644 --- a/csharp/ql/lib/semmle/code/dotnet/Element.qll +++ b/csharp/ql/lib/semmle/code/dotnet/Element.qll @@ -118,15 +118,6 @@ class NamedElement extends Element, @dotnet_named_element { ) } - /** - * DEPRECATED: Use `hasQualifiedName/2` instead. - * Holds if this element has qualified name `qualifiedName`, for example - * `System.Console.WriteLine`. - */ - deprecated final predicate hasQualifiedName(string qualifiedName) { - qualifiedName = this.getQualifiedName() - } - /** * DEPRECATED: Use `hasFullyQualifiedName` instead. * diff --git a/csharp/ql/src/experimental/ir/implementation/internal/AliasedSSAStub.qll b/csharp/ql/src/experimental/ir/implementation/internal/AliasedSSAStub.qll index 6fca9e3b9746..1efb71371470 100644 --- a/csharp/ql/src/experimental/ir/implementation/internal/AliasedSSAStub.qll +++ b/csharp/ql/src/experimental/ir/implementation/internal/AliasedSSAStub.qll @@ -17,6 +17,3 @@ module Ssa { predicate hasUnreachedInstruction(IRFunctionBase irFunc) { none() } } - -/** DEPRECATED: Alias for Ssa */ -deprecated module SSA = Ssa; diff --git a/csharp/ql/src/experimental/ir/implementation/internal/TInstructionInternal.qll b/csharp/ql/src/experimental/ir/implementation/internal/TInstructionInternal.qll index 039e024e82d2..3778e532cefc 100644 --- a/csharp/ql/src/experimental/ir/implementation/internal/TInstructionInternal.qll +++ b/csharp/ql/src/experimental/ir/implementation/internal/TInstructionInternal.qll @@ -2,6 +2,3 @@ import experimental.ir.internal.IRCSharpLanguage as Language import experimental.ir.implementation.raw.internal.IRConstruction as IRConstruction import experimental.ir.implementation.unaliased_ssa.internal.SSAConstruction as UnaliasedSsa import AliasedSSAStub as AliasedSsa - -/** DEPRECATED: Alias for AliasedSsa */ -deprecated module AliasedSSA = AliasedSsa; diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll index 63dc4142a133..04522e4fe187 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll @@ -1068,6 +1068,3 @@ module Ssa { predicate hasUnreachedInstruction = Cached::hasUnreachedInstructionCached/1; } - -/** DEPRECATED: Alias for Ssa */ -deprecated module SSA = Ssa; diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll index c0c0a8614b2f..cad1a3dd2dee 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll @@ -4,13 +4,6 @@ import experimental.ir.implementation.raw.internal.reachability.Dominance as Dom import experimental.ir.implementation.unaliased_ssa.IR as NewIR import experimental.ir.implementation.raw.internal.IRConstruction as RawStage import experimental.ir.implementation.internal.TInstruction::UnaliasedSsaInstructions as SsaInstructions - -/** DEPRECATED: Alias for SsaInstructions */ -deprecated module SSAInstructions = SsaInstructions; - import experimental.ir.internal.IRCSharpLanguage as Language import SimpleSSA as Alias import experimental.ir.implementation.internal.TOperand::UnaliasedSsaOperands as SsaOperands - -/** DEPRECATED: Alias for SsaOperands */ -deprecated module SSAOperands = SsaOperands; diff --git a/go/ql/lib/change-notes/2024-01-22-outdated-deprecations.md b/go/ql/lib/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..f92c003ddead --- /dev/null +++ b/go/ql/lib/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `TLD`, `HTTP`, `SQL`, `URL` etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated and unused `Source` class from the `SharedXss` module of `Xss.qll` diff --git a/go/ql/lib/semmle/go/Util.qll b/go/ql/lib/semmle/go/Util.qll index 8c089054d90b..02175f2d66ad 100644 --- a/go/ql/lib/semmle/go/Util.qll +++ b/go/ql/lib/semmle/go/Util.qll @@ -16,6 +16,3 @@ string commonTld() { // according to ranking by http://google.com/search?q=site:.<> result = "(?:com|org|edu|gov|uk|net|io)(?![a-z0-9])" } - -/** DEPRECATED: Alias for commonTld */ -deprecated string commonTLD() { result = commonTld() } diff --git a/go/ql/lib/semmle/go/concepts/HTTP.qll b/go/ql/lib/semmle/go/concepts/HTTP.qll index 770f577b1ff4..8337f2ca0d01 100644 --- a/go/ql/lib/semmle/go/concepts/HTTP.qll +++ b/go/ql/lib/semmle/go/concepts/HTTP.qll @@ -346,6 +346,3 @@ module Http { predicate guardedBy(DataFlow::Node check) { super.guardedBy(check) } } } - -/** DEPRECATED: Alias for Http */ -deprecated module HTTP = Http; diff --git a/go/ql/lib/semmle/go/frameworks/NoSQL.qll b/go/ql/lib/semmle/go/frameworks/NoSQL.qll index ff8190d854d5..9209a52fb99e 100644 --- a/go/ql/lib/semmle/go/frameworks/NoSQL.qll +++ b/go/ql/lib/semmle/go/frameworks/NoSQL.qll @@ -115,6 +115,3 @@ module NoSql { ) } } - -/** DEPRECATED: Alias for NoSql */ -deprecated module NoSQL = NoSql; diff --git a/go/ql/lib/semmle/go/frameworks/Stdlib.qll b/go/ql/lib/semmle/go/frameworks/Stdlib.qll index 259b03009d45..19938ce73c2a 100644 --- a/go/ql/lib/semmle/go/frameworks/Stdlib.qll +++ b/go/ql/lib/semmle/go/frameworks/Stdlib.qll @@ -154,6 +154,3 @@ module Url { } } } - -/** DEPRECATED: Alias for Url */ -deprecated module URL = Url; diff --git a/go/ql/lib/semmle/go/security/ExternalAPIs.qll b/go/ql/lib/semmle/go/security/ExternalAPIs.qll index 4d2f780d2ff2..78b59eca3180 100644 --- a/go/ql/lib/semmle/go/security/ExternalAPIs.qll +++ b/go/ql/lib/semmle/go/security/ExternalAPIs.qll @@ -17,9 +17,6 @@ private import Logrus */ abstract class SafeExternalApiFunction extends Function { } -/** DEPRECATED: Alias for SafeExternalApiFunction */ -deprecated class SafeExternalAPIFunction = SafeExternalApiFunction; - /** * A `Function` with one or more arguments that are considered "safe" from a security perspective. */ @@ -128,9 +125,6 @@ class ExternalApiDataNode extends DataFlow::Node { } } -/** DEPRECATED: Alias for ExternalApiDataNode */ -deprecated class ExternalAPIDataNode = ExternalApiDataNode; - /** Gets the name of a method in package `p` which has a function model. */ TaintTracking::FunctionModel getAMethodModelInPackage(Package p) { p = result.getPackage() and @@ -185,9 +179,6 @@ class UnknownExternalApiDataNode extends ExternalApiDataNode { } } -/** DEPRECATED: Alias for UnknownExternalApiDataNode */ -deprecated class UnknownExternalAPIDataNode = UnknownExternalApiDataNode; - /** * DEPRECATED: Use `UntrustedDataToExternalApiFlow` instead. * @@ -212,9 +203,6 @@ private module UntrustedDataConfig implements DataFlow::ConfigSig { */ module UntrustedDataToExternalApiFlow = DataFlow::Global; -/** DEPRECATED: Alias for UntrustedDataToExternalApiConfig */ -deprecated class UntrustedDataToExternalAPIConfig = UntrustedDataToExternalApiConfig; - /** * DEPRECATED: Use `UntrustedDataToUnknownExternalApiFlow` instead. * @@ -228,9 +216,6 @@ deprecated class UntrustedDataToUnknownExternalApiConfig extends TaintTracking:: override predicate isSink(DataFlow::Node sink) { sink instanceof UnknownExternalApiDataNode } } -/** DEPRECATED: Alias for UntrustedDataToUnknownExternalApiConfig */ -deprecated class UntrustedDataToUnknownExternalAPIConfig = UntrustedDataToUnknownExternalApiConfig; - private module UntrustedDataToUnknownExternalApiConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } @@ -251,9 +236,6 @@ class UntrustedExternalApiDataNode extends ExternalApiDataNode { DataFlow::Node getAnUntrustedSource() { UntrustedDataToExternalApiFlow::flow(result, this) } } -/** DEPRECATED: Alias for UntrustedExternalApiDataNode */ -deprecated class UntrustedExternalAPIDataNode = UntrustedExternalApiDataNode; - /** An external API which is used with untrusted data. */ private newtype TExternalApi = /** An untrusted API method `m` where untrusted data is passed at `index`. */ @@ -288,6 +270,3 @@ class ExternalApiUsedWithUntrustedData extends TExternalApi { ) } } - -/** DEPRECATED: Alias for ExternalApiUsedWithUntrustedData */ -deprecated class ExternalAPIUsedWithUntrustedData = ExternalApiUsedWithUntrustedData; diff --git a/go/ql/lib/semmle/go/security/Xss.qll b/go/ql/lib/semmle/go/security/Xss.qll index 4bd2665eda96..3c76ffbeea2e 100644 --- a/go/ql/lib/semmle/go/security/Xss.qll +++ b/go/ql/lib/semmle/go/security/Xss.qll @@ -6,12 +6,6 @@ import go /** Provides classes and predicates shared between the XSS queries. */ module SharedXss { - /** - * DEPRECATED: This class is not used. - * A data flow source for XSS vulnerabilities. - */ - abstract deprecated class Source extends DataFlow::Node { } - /** A data flow sink for XSS vulnerabilities. */ abstract class Sink extends DataFlow::Node { /** diff --git a/java/ql/lib/change-notes/2024-01-22-outdated-deprecations.md b/java/ql/lib/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..c723457668d0 --- /dev/null +++ b/java/ql/lib/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `EJB`, `JMX`, `NFE`, `DNS` etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated `semmle/code/java/security/OverlyLargeRangeQuery.qll`, `semmle/code/java/security/regexp/ExponentialBackTracking.qll`, `semmle/code/java/security/regexp/NfaUtils.qll`, and `semmle/code/java/security/regexp/NfaUtils.qll` files. diff --git a/java/ql/lib/semmle/code/java/J2EE.qll b/java/ql/lib/semmle/code/java/J2EE.qll index 15b0281e4d13..70c207a35794 100644 --- a/java/ql/lib/semmle/code/java/J2EE.qll +++ b/java/ql/lib/semmle/code/java/J2EE.qll @@ -25,9 +25,6 @@ class LocalEjbHomeInterface extends Interface { } } -/** DEPRECATED: Alias for LocalEjbHomeInterface */ -deprecated class LocalEJBHomeInterface = LocalEjbHomeInterface; - /** A remote EJB home interface. */ class RemoteEjbHomeInterface extends Interface { RemoteEjbHomeInterface() { @@ -35,9 +32,6 @@ class RemoteEjbHomeInterface extends Interface { } } -/** DEPRECATED: Alias for RemoteEjbHomeInterface */ -deprecated class RemoteEJBHomeInterface = RemoteEjbHomeInterface; - /** A local EJB interface. */ class LocalEjbInterface extends Interface { LocalEjbInterface() { @@ -45,9 +39,6 @@ class LocalEjbInterface extends Interface { } } -/** DEPRECATED: Alias for LocalEjbInterface */ -deprecated class LocalEJBInterface = LocalEjbInterface; - /** A remote EJB interface. */ class RemoteEjbInterface extends Interface { RemoteEjbInterface() { @@ -55,9 +46,6 @@ class RemoteEjbInterface extends Interface { } } -/** DEPRECATED: Alias for RemoteEjbInterface */ -deprecated class RemoteEJBInterface = RemoteEjbInterface; - /** A message bean. */ class MessageBean extends Class { MessageBean() { diff --git a/java/ql/lib/semmle/code/java/JMX.qll b/java/ql/lib/semmle/code/java/JMX.qll index 5b4860e64e30..11849be0beee 100644 --- a/java/ql/lib/semmle/code/java/JMX.qll +++ b/java/ql/lib/semmle/code/java/JMX.qll @@ -50,9 +50,6 @@ class JmxRegistrationCall extends MethodCall { } } -/** DEPRECATED: Alias for JmxRegistrationCall */ -deprecated class JMXRegistrationCall = JmxRegistrationCall; - /** * A method used to register `MBean` and `MXBean` instances with the `MBeanServer`. * @@ -90,9 +87,6 @@ class JmxRegistrationMethod extends Method { } } -/** DEPRECATED: Alias for JmxRegistrationMethod */ -deprecated class JMXRegistrationMethod = JmxRegistrationMethod; - /** The class `javax.management.remote.JMXConnectorFactory`. */ class TypeJmxConnectorFactory extends Class { TypeJmxConnectorFactory() { @@ -100,21 +94,12 @@ class TypeJmxConnectorFactory extends Class { } } -/** DEPRECATED: Alias for TypeJmxConnectorFactory */ -deprecated class TypeJMXConnectorFactory = TypeJmxConnectorFactory; - /** The class `javax.management.remote.JMXServiceURL`. */ class TypeJmxServiceUrl extends Class { TypeJmxServiceUrl() { this.hasQualifiedName("javax.management.remote", "JMXServiceURL") } } -/** DEPRECATED: Alias for TypeJmxServiceUrl */ -deprecated class TypeJMXServiceURL = TypeJmxServiceUrl; - /** The class `javax.management.remote.rmi.RMIConnector`. */ class TypeRmiConnector extends Class { TypeRmiConnector() { this.hasQualifiedName("javax.management.remote.rmi", "RMIConnector") } } - -/** DEPRECATED: Alias for TypeRmiConnector */ -deprecated class TypeRMIConnector = TypeRmiConnector; diff --git a/java/ql/lib/semmle/code/java/NumberFormatException.qll b/java/ql/lib/semmle/code/java/NumberFormatException.qll index 2c47eafaa5e4..841d64b0098d 100644 --- a/java/ql/lib/semmle/code/java/NumberFormatException.qll +++ b/java/ql/lib/semmle/code/java/NumberFormatException.qll @@ -33,9 +33,6 @@ private class SpecialMethodCall extends MethodCall { this.isValueOfMethod("Float") or this.isValueOfMethod("Double") } - - /** DEPRECATED: Alias for throwsNfe */ - deprecated predicate throwsNFE() { this.throwsNfe() } } /** A `ClassInstanceExpr` that constructs a number from its string representation. */ @@ -54,9 +51,6 @@ private class SpecialClassInstanceExpr extends ClassInstanceExpr { this.isStringConstructor("Float") or this.isStringConstructor("Double") } - - /** DEPRECATED: Alias for throwsNfe */ - deprecated predicate throwsNFE() { this.throwsNfe() } } /** The class `java.lang.NumberFormatException`. */ @@ -73,13 +67,7 @@ predicate catchesNfe(TryStmt t) { ) } -/** DEPRECATED: Alias for catchesNfe */ -deprecated predicate catchesNFE = catchesNfe/1; - /** Holds if `java.lang.NumberFormatException` can be thrown. */ predicate throwsNfe(Expr e) { e.(SpecialClassInstanceExpr).throwsNfe() or e.(SpecialMethodCall).throwsNfe() } - -/** DEPRECATED: Alias for throwsNfe */ -deprecated predicate throwsNFE = throwsNfe/1; diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index 4a329e0cd193..425eb3ccaa60 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -313,9 +313,6 @@ class ReverseDnsMethod extends Method { } } -/** DEPRECATED: Alias for ReverseDnsMethod */ -deprecated class ReverseDNSMethod = ReverseDnsMethod; - /** Android `Intent` that may have come from a hostile application. */ class AndroidIntentInput extends DataFlow::Node { Type receiverType; diff --git a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll index 231a81758048..48cfd945375a 100644 --- a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll +++ b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll @@ -97,9 +97,6 @@ class SerialVersionUidField extends ReflectivelyReadField { } } -/** DEPRECATED: Alias for SerialVersionUidField */ -deprecated class SerialVersionUIDField = SerialVersionUidField; - /** * A field is read by the JAXB during serialization if it is a JAXB bound field, and if the * containing class is considered "live". @@ -173,6 +170,3 @@ class JpaReadField extends ReflectivelyReadField { ) } } - -/** DEPRECATED: Alias for JpaReadField */ -deprecated class JPAReadField = JpaReadField; diff --git a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll index e2323e738eb5..d3fb138bef23 100644 --- a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll @@ -135,10 +135,6 @@ class JaxAnnotationReflectivelyConstructedClass extends ReflectivelyConstructedC } } -/** DEPRECATED: Alias for JaxAnnotationReflectivelyConstructedClass */ -deprecated class JAXAnnotationReflectivelyConstructedClass = - JaxAnnotationReflectivelyConstructedClass; - class DeserializedClass extends ReflectivelyConstructedClass { DeserializedClass() { exists(CastingExpr cast, ReadObjectMethod readObject | @@ -324,9 +320,6 @@ class EjbHome extends Interface, EntryPoint { override Callable getALiveCallable() { result = this.getACallable() } } -/** DEPRECATED: Alias for EjbHome */ -deprecated class EJBHome = EjbHome; - /** * Entry point for EJB object interfaces. */ @@ -336,9 +329,6 @@ class EjbObject extends Interface, EntryPoint { override Callable getALiveCallable() { result = this.getACallable() } } -/** DEPRECATED: Alias for EjbObject */ -deprecated class EJBObject = EjbObject; - class GsonDeserializationEntryPoint extends ReflectivelyConstructedClass { GsonDeserializationEntryPoint() { // Assume any class with a gson annotated field can be deserialized. @@ -361,9 +351,6 @@ class JaxbDeserializationEntryPoint extends ReflectivelyConstructedClass { } } -/** DEPRECATED: Alias for JaxbDeserializationEntryPoint */ -deprecated class JAXBDeserializationEntryPoint = JaxbDeserializationEntryPoint; - /** * A `javax.annotation` for a method that is called after or before dependency injection on a type. * diff --git a/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll index 37c21e571aa0..f280d9bf8285 100644 --- a/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll @@ -115,9 +115,6 @@ class SpringCli extends CallableEntryPoint { } } -/** DEPRECATED: Alias for SpringCli */ -deprecated class SpringCLI = SpringCli; - /** * An entry point which acts as a remote API for a Flex application to access a Spring application. */ diff --git a/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll index d25b07d1999e..fc2d5f69df9a 100644 --- a/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll @@ -57,9 +57,6 @@ class GwtEntryPointConstructedClass extends ReflectivelyConstructedClass { GwtEntryPointConstructedClass() { this.(GwtEntryPointClass).isLive() } } -/** DEPRECATED: Alias for GwtEntryPointConstructedClass */ -deprecated class GWTEntryPointConstructedClass = GwtEntryPointConstructedClass; - /** * Servlets referred to from a GWT module config file. */ @@ -79,9 +76,6 @@ class GwtServletClass extends ReflectivelyConstructedClass { } } -/** DEPRECATED: Alias for GwtServletClass */ -deprecated class GWTServletClass = GwtServletClass; - /** * Methods that may be called reflectively by the UiHandler framework. */ diff --git a/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll b/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll index 2510149141fd..78bf1ad0bdc1 100644 --- a/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll +++ b/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll @@ -302,8 +302,3 @@ private module Dispatch { } import Dispatch - -/** - * DEPRECATED: Use `TypeFlow` instead. - */ -deprecated Expr variableTrack(Expr use) { result = use } diff --git a/java/ql/lib/semmle/code/java/frameworks/Camel.qll b/java/ql/lib/semmle/code/java/frameworks/Camel.qll index 0548cc58122f..381ee3cb28e2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Camel.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Camel.qll @@ -17,9 +17,6 @@ class CamelToUri extends string { } } -/** DEPRECATED: Alias for CamelToUri */ -deprecated class CamelToURI = CamelToUri; - /** * A string describing a URI specified in an Apache Camel "to" declaration that maps to a * SpringBean. @@ -54,9 +51,6 @@ class CamelToBeanUri extends CamelToUri { SpringBean getRefBean() { result.getBeanIdentifier() = this.getBeanIdentifier() } } -/** DEPRECATED: Alias for CamelToBeanUri */ -deprecated class CamelToBeanURI = CamelToBeanUri; - /** * A Class whose methods may be called in response to an Apache Camel message. */ diff --git a/java/ql/lib/semmle/code/java/frameworks/JAXB.qll b/java/ql/lib/semmle/code/java/frameworks/JAXB.qll index 62d1004aa4e0..7d60673508d4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JAXB.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JAXB.qll @@ -9,9 +9,6 @@ class JaxbElement extends Class { } } -/** DEPRECATED: Alias for JaxbElement */ -deprecated class JAXBElement = JaxbElement; - class JaxbMarshalMethod extends Method { JaxbMarshalMethod() { this.getDeclaringType().getQualifiedName() = "javax.xml.bind.Marshaller" and @@ -19,9 +16,6 @@ class JaxbMarshalMethod extends Method { } } -/** DEPRECATED: Alias for JaxbMarshalMethod */ -deprecated class JAXBMarshalMethod = JaxbMarshalMethod; - class JaxbAnnotationType extends AnnotationType { JaxbAnnotationType() { this.getPackage().getName() = "javax.xml.bind.annotation" } } diff --git a/java/ql/lib/semmle/code/java/frameworks/Servlets.qll b/java/ql/lib/semmle/code/java/frameworks/Servlets.qll index cb4e5c1bba7f..db8f8768d5a2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Servlets.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Servlets.qll @@ -139,9 +139,6 @@ class HttpServletRequestGetRequestUriMethod extends Method { } } -/** DEPRECATED: Alias for HttpServletRequestGetRequestUriMethod */ -deprecated class HttpServletRequestGetRequestURIMethod = HttpServletRequestGetRequestUriMethod; - /** * The method `getRemoteUser()` declared in `javax.servlet.http.HttpServletRequest`. */ diff --git a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll index 8bab6dfe581e..bfb7a6604246 100644 --- a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll +++ b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll @@ -62,9 +62,6 @@ class MethodUnboundIdFilterCreateAndFilter extends Method { } } -/** DEPRECATED: Alias for MethodUnboundIdFilterCreateAndFilter */ -deprecated class MethodUnboundIdFilterCreateANDFilter = MethodUnboundIdFilterCreateAndFilter; - /** A method with the name `createORFilter` declared in `com.unboundid.ldap.sdk.Filter`. */ class MethodUnboundIdFilterCreateORFilter extends Method { MethodUnboundIdFilterCreateORFilter() { @@ -73,9 +70,6 @@ class MethodUnboundIdFilterCreateORFilter extends Method { } } -/** DEPRECATED: Alias for MethodUnboundIdFilterCreateNOTFilter */ -deprecated class MethodUnboundIdFilterCreateNOTFilter = MethodUnboundIdFilterCreateNotFilter; - /** A method with the name `createNOTFilter` declared in `com.unboundid.ldap.sdk.Filter`. */ class MethodUnboundIdFilterCreateNotFilter extends Method { MethodUnboundIdFilterCreateNotFilter() { diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll index 58767a2d9bfb..6e321b0ad900 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll @@ -65,18 +65,6 @@ class AndroidServiceIntentMethod extends Method { } } -/** - * The method `Context.startActivity` or `startActivities`. - * - * DEPRECATED: Use `StartActivityMethod` instead. - */ -deprecated class ContextStartActivityMethod extends Method { - ContextStartActivityMethod() { - (this.hasName("startActivity") or this.hasName("startActivities")) and - this.getDeclaringType() instanceof TypeContext - } -} - /** * The method `Context.startActivity`, `Context.startActivities`, * `Activity.startActivity`,`Activity.startActivities`, diff --git a/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll b/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll index a7747857fdd6..79c476cdf207 100644 --- a/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll +++ b/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll @@ -47,9 +47,6 @@ class CamelJavaDslToDecl extends ProcessorDefinitionElement { deprecated string getURI() { result = this.getUri() } } -/** DEPRECATED: Alias for CamelJavaDslToDecl */ -deprecated class CamelJavaDSLToDecl = CamelJavaDslToDecl; - /** * A declaration of a "bean" target in the Apache Camel Java DSL. * @@ -74,9 +71,6 @@ class CamelJavaDslBeanDecl extends ProcessorDefinitionElement { } } -/** DEPRECATED: Alias for CamelJavaDslBeanDecl */ -deprecated class CamelJavaDSLBeanDecl = CamelJavaDslBeanDecl; - /** * A declaration of a "beanRef" target in the Apache Camel Java DSL. * @@ -106,9 +100,6 @@ class CamelJavaDslBeanRefDecl extends ProcessorDefinitionElement { } } -/** DEPRECATED: Alias for CamelJavaDslBeanRefDecl */ -deprecated class CamelJavaDSLBeanRefDecl = CamelJavaDslBeanRefDecl; - /** * A "method" Camel expression in the Apache Camel Java DSL. * @@ -140,6 +131,3 @@ class CamelJavaDslMethodDecl extends MethodCall { else result = this.getArgument(0).getType() } } - -/** DEPRECATED: Alias for CamelJavaDslMethodDecl */ -deprecated class CamelJavaDSLMethodDecl = CamelJavaDslMethodDecl; diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll index d96e91e010ad..6780a9261b9b 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll @@ -99,9 +99,6 @@ class JsniComment extends Javadoc { Method getImplementedMethod() { jsniComment(this, result) } } -/** DEPRECATED: Alias for JsniComment */ -deprecated class JSNIComment = JsniComment; - /** * A JavaScript Native Interface (JSNI) method. */ @@ -111,6 +108,3 @@ class JsniMethod extends Method { /** Gets the comment containing the JavaScript code for this method. */ JsniComment getImplementation() { jsniComment(result, this) } } - -/** DEPRECATED: Alias for JsniMethod */ -deprecated class JSNIMethod = JsniMethod; diff --git a/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll b/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll index 43325fef90e3..2e9b04d6a8ce 100644 --- a/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll +++ b/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll @@ -16,9 +16,6 @@ class OcniComment extends Javadoc { } } -/** DEPRECATED: Alias for OcniComment */ -deprecated class OCNIComment = OcniComment; - /** Auxiliary predicate: `ocni` is an OCNI comment associated with method `m`. */ private predicate ocniComment(OcniComment ocni, Method m) { // The associated callable must be marked as `native` ... @@ -40,9 +37,6 @@ class OcniMethodComment extends OcniComment { Method getImplementedMethod() { ocniComment(this, result) } } -/** DEPRECATED: Alias for OcniMethodComment */ -deprecated class OCNIMethodComment = OcniMethodComment; - /** * An Objective-C Native Interface (OCNI) native import comment. */ @@ -54,6 +48,3 @@ class OcniImport extends OcniComment { ) } } - -/** DEPRECATED: Alias for OcniImport */ -deprecated class OCNIImport = OcniImport; diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll index de8b0387ee0c..d165370d1391 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll @@ -112,9 +112,6 @@ class SessionEjb extends EJB { EjbAnnotatedInitMethod getAnAnnotatedInitMethod() { this.inherits(result) } } -/** DEPRECATED: Alias for SessionEjb */ -deprecated class SessionEJB = SessionEjb; - /** * A stateful session EJB. */ @@ -132,9 +129,6 @@ class StatefulSessionEjb extends SessionEjb { } } -/** DEPRECATED: Alias for StatefulSessionEjb */ -deprecated class StatefulSessionEJB = StatefulSessionEjb; - /** * A stateless session EJB. */ @@ -152,9 +146,6 @@ class StatelessSessionEjb extends SessionEjb { } } -/** DEPRECATED: Alias for StatelessSessionEjb */ -deprecated class StatelessSessionEJB = StatelessSessionEjb; - /** * A message-driven EJB. */ @@ -190,9 +181,6 @@ class EntityEjb extends EJB { } } -/** DEPRECATED: Alias for EntityEjb */ -deprecated class EntityEJB = EntityEjb; - /* * Business interfaces (applicable to session beans). */ @@ -245,9 +233,6 @@ abstract class BusinessInterface extends Interface { /** Gets an EJB to which this business interface belongs. */ abstract SessionEjb getAnEjb(); - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } - /** Holds if this business interface is declared local. */ abstract predicate isDeclaredLocal(); @@ -274,9 +259,6 @@ class XmlSpecifiedBusinessInterface extends BusinessInterface { ) } - /** DEPRECATED: Alias for getAnEjb */ - deprecated override SessionEJB getAnEJB() { result = this.getAnEjb() } - override predicate isDeclaredLocal() { exists(EjbJarXmlFile f | this.getQualifiedName() = @@ -313,9 +295,6 @@ class AnnotatedBusinessInterface extends BusinessInterface { result.getAnAnnotation().(BusinessInterfaceAnnotation).getANamedType() = this } - /** DEPRECATED: Alias for getAnEjb */ - deprecated override SessionEJB getAnEJB() { result = this.getAnEjb() } - override predicate isDeclaredLocal() { this instanceof LocalAnnotatedBusinessInterface } override predicate isDeclaredRemote() { this instanceof RemoteAnnotatedBusinessInterface } @@ -449,9 +428,6 @@ class XmlSpecifiedRemoteInterface extends LegacyEjbRemoteInterface { result.getQualifiedName() = se.getAnEjbClassElement().getACharactersSet().getCharacters() ) } - - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } } /** A legacy remote home interface. */ @@ -470,9 +446,6 @@ class AnnotatedRemoteHomeInterface extends LegacyEjbRemoteHomeInterface { /** Gets an EJB to which this interface belongs. */ SessionEjb getAnEjb() { result.getAnAnnotation().(RemoteHomeAnnotation).getANamedType() = this } - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } - /** Gets a remote interface associated with this legacy remote home interface. */ Interface getAnAssociatedRemoteInterface() { result = this.getACreateMethod().getReturnType() } } @@ -494,9 +467,6 @@ class XmlSpecifiedRemoteHomeInterface extends LegacyEjbRemoteHomeInterface { result.getQualifiedName() = se.getAnEjbClassElement().getACharactersSet().getCharacters() ) } - - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } } /** A legacy local interface. */ @@ -522,9 +492,6 @@ class XmlSpecifiedLocalInterface extends LegacyEjbLocalInterface { result.getQualifiedName() = se.getAnEjbClassElement().getACharactersSet().getCharacters() ) } - - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } } /** A legacy local home interface. */ @@ -543,9 +510,6 @@ class AnnotatedLocalHomeInterface extends LegacyEjbLocalHomeInterface { /** Gets an EJB to which this interface belongs. */ SessionEjb getAnEjb() { result.getAnAnnotation().(LocalHomeAnnotation).getANamedType() = this } - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } - /** Gets a local interface associated with this legacy local home interface. */ Interface getAnAssociatedLocalInterface() { result = this.getACreateMethod().getReturnType() } } @@ -567,9 +531,6 @@ class XmlSpecifiedLocalHomeInterface extends LegacyEjbLocalHomeInterface { result.getQualifiedName() = se.getAnEjbClassElement().getACharactersSet().getCharacters() ) } - - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } } /** @@ -593,9 +554,6 @@ class RemoteInterface extends Interface { result.getARemoteInterface() = this } - /** DEPRECATED: Alias for getAnEjb */ - deprecated SessionEJB getAnEJB() { result = this.getAnEjb() } - /** * A "remote method" is a method that is available on the remote * interface (either because it's declared or inherited). @@ -860,9 +818,6 @@ class EjbAnnotation extends Annotation { EjbAnnotation() { this.getType().hasQualifiedName("javax.ejb", "EJB") } } -/** DEPRECATED: Alias for EjbAnnotation */ -deprecated class EJBAnnotation = EjbAnnotation; - /** * A `@javax.ejb.EJBs` annotation. */ diff --git a/java/ql/lib/semmle/code/java/security/Encryption.qll b/java/ql/lib/semmle/code/java/security/Encryption.qll index 3ed66bf4d28b..a3973d3efad6 100644 --- a/java/ql/lib/semmle/code/java/security/Encryption.qll +++ b/java/ql/lib/semmle/code/java/security/Encryption.qll @@ -13,9 +13,6 @@ class SslClass extends RefType { } } -/** DEPRECATED: Alias for SslClass */ -deprecated class SSLClass = SslClass; - class X509TrustManager extends RefType { X509TrustManager() { this.hasQualifiedName("javax.net.ssl", "X509TrustManager") } } @@ -29,48 +26,30 @@ class SslSocketFactory extends RefType { SslSocketFactory() { this.hasQualifiedName("javax.net.ssl", "SSLSocketFactory") } } -/** DEPRECATED: Alias for SslSocketFactory */ -deprecated class SSLSocketFactory = SslSocketFactory; - class SslContext extends RefType { SslContext() { this.hasQualifiedName("javax.net.ssl", "SSLContext") } } -/** DEPRECATED: Alias for SslContext */ -deprecated class SSLContext = SslContext; - /** The `javax.net.ssl.SslSession` class. */ class SslSession extends RefType { SslSession() { this.hasQualifiedName("javax.net.ssl", "SSLSession") } } -/** DEPRECATED: Alias for SslSession */ -deprecated class SSLSession = SslSession; - /** The `javax.net.ssl.SslEngine` class. */ class SslEngine extends RefType { SslEngine() { this.hasQualifiedName("javax.net.ssl", "SSLEngine") } } -/** DEPRECATED: Alias for SslEngine */ -deprecated class SSLEngine = SslEngine; - /** The `javax.net.ssl.SslSocket` class. */ class SslSocket extends RefType { SslSocket() { this.hasQualifiedName("javax.net.ssl", "SSLSocket") } } -/** DEPRECATED: Alias for SslSocket */ -deprecated class SSLSocket = SslSocket; - /** The `javax.net.ssl.SslParameters` class. */ class SslParameters extends RefType { SslParameters() { this.hasQualifiedName("javax.net.ssl", "SSLParameters") } } -/** DEPRECATED: Alias for SslParameters */ -deprecated class SSLParameters = SslParameters; - class HostnameVerifier extends RefType { HostnameVerifier() { this.hasQualifiedName("javax.net.ssl", "HostnameVerifier") } } diff --git a/java/ql/lib/semmle/code/java/security/OverlyLargeRangeQuery.qll b/java/ql/lib/semmle/code/java/security/OverlyLargeRangeQuery.qll deleted file mode 100644 index 06b538d4a63a..000000000000 --- a/java/ql/lib/semmle/code/java/security/OverlyLargeRangeQuery.qll +++ /dev/null @@ -1,8 +0,0 @@ -/** - * Classes and predicates for working with suspicious character ranges. - */ - -private import semmle.code.java.regex.RegexTreeView::RegexTreeView as TreeView -// OverlyLargeRangeQuery should be used directly from the shared pack, and not from this file. -deprecated import codeql.regex.OverlyLargeRangeQuery::Make as Dep -import Dep diff --git a/java/ql/lib/semmle/code/java/security/XmlParsers.qll b/java/ql/lib/semmle/code/java/security/XmlParsers.qll index 60e8138db951..565efb4f59ae 100644 --- a/java/ql/lib/semmle/code/java/security/XmlParsers.qll +++ b/java/ql/lib/semmle/code/java/security/XmlParsers.qll @@ -265,9 +265,6 @@ Expr configOptionSupportDtd() { ) } -/** DEPRECATED: Alias for configOptionSupportDtd */ -deprecated Expr configOptionSupportDTD() { result = configOptionSupportDtd() } - /** * A safely configured `XmlInputFactory`. */ @@ -747,9 +744,6 @@ Expr configAccessExternalDtd() { ) } -/** DEPRECATED: Alias for configAccessExternalDtd */ -deprecated Expr configAccessExternalDTD() { result = configAccessExternalDtd() } - /** A configuration specific for transformers. */ Expr configAccessExternalStyleSheet() { result.(ConstantStringExpr).getStringValue() = diff --git a/java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll b/java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll deleted file mode 100644 index 0a948ff6d982..000000000000 --- a/java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll +++ /dev/null @@ -1,68 +0,0 @@ -/** - * This library implements the analysis described in the following two papers: - * - * James Kirrage, Asiri Rathnayake, Hayo Thielecke: Static Analysis for - * Regular Expression Denial-of-Service Attacks. NSS 2013. - * (https://arxiv.org/abs/1301.0849) - * Asiri Rathnayake, Hayo Thielecke: Static Analysis for Regular Expression - * Exponential Runtime via Substructural Logics. 2014. - * (https://www.cs.bham.ac.uk/~hxt/research/redos_full.pdf) - * - * The basic idea is to search for overlapping cycles in the NFA, that is, - * states `q` such that there are two distinct paths from `q` to itself - * that consume the same word `w`. - * - * For any such state `q`, an attack string can be constructed as follows: - * concatenate a prefix `v` that takes the NFA to `q` with `n` copies of - * the word `w` that leads back to `q` along two different paths, followed - * by a suffix `x` that is _not_ accepted in state `q`. A backtracking - * implementation will need to explore at least 2^n different ways of going - * from `q` back to itself while trying to match the `n` copies of `w` - * before finally giving up. - * - * Now in order to identify overlapping cycles, all we have to do is find - * pumpable forks, that is, states `q` that can transition to two different - * states `r1` and `r2` on the same input symbol `c`, such that there are - * paths from both `r1` and `r2` to `q` that consume the same word. The latter - * condition is equivalent to saying that `(q, q)` is reachable from `(r1, r2)` - * in the product NFA. - * - * This is what the library does. It makes a simple attempt to construct a - * prefix `v` leading into `q`, but only to improve the alert message. - * And the library tries to prove the existence of a suffix that ensures - * rejection. This check might fail, which can cause false positives. - * - * Finally, sometimes it depends on the translation whether the NFA generated - * for a regular expression has a pumpable fork or not. We implement one - * particular translation, which may result in false positives or negatives - * relative to some particular JavaScript engine. - * - * More precisely, the library constructs an NFA from a regular expression `r` - * as follows: - * - * * Every sub-term `t` gives rise to an NFA state `Match(t,i)`, representing - * the state of the automaton before attempting to match the `i`th character in `t`. - * * There is one accepting state `Accept(r)`. - * * There is a special `AcceptAnySuffix(r)` state, which accepts any suffix string - * by using an epsilon transition to `Accept(r)` and an any transition to itself. - * * Transitions between states may be labelled with epsilon, or an abstract - * input symbol. - * * Each abstract input symbol represents a set of concrete input characters: - * either a single character, a set of characters represented by a - * character class, or the set of all characters. - * * The product automaton is constructed lazily, starting with pair states - * `(q, q)` where `q` is a fork, and proceeding along an over-approximate - * step relation. - * * The over-approximate step relation allows transitions along pairs of - * abstract input symbols where the symbols have overlap in the characters they accept. - * * Once a trace of pairs of abstract input symbols that leads from a fork - * back to itself has been identified, we attempt to construct a concrete - * string corresponding to it, which may fail. - * * Lastly we ensure that any state reached by repeating `n` copies of `w` has - * a suffix `x` (possible empty) that is most likely __not__ accepted. - */ - -private import semmle.code.java.regex.RegexTreeView::RegexTreeView as TreeView -// ExponentialBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.ExponentialBackTracking::Make as Dep -import Dep diff --git a/java/ql/lib/semmle/code/java/security/regexp/NfaUtils.qll b/java/ql/lib/semmle/code/java/security/regexp/NfaUtils.qll deleted file mode 100644 index 3b69ecc71200..000000000000 --- a/java/ql/lib/semmle/code/java/security/regexp/NfaUtils.qll +++ /dev/null @@ -1,13 +0,0 @@ -/** - * Provides classes and predicates for constructing an NFA from - * a regular expression, and various utilities for reasoning about - * the resulting NFA. - * - * These utilities are used both by the ReDoS queries and by - * other queries that benefit from reasoning about NFAs. - */ - -private import semmle.code.java.regex.RegexTreeView::RegexTreeView as TreeView -// NfaUtils should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.NfaUtils::Make as Dep -import Dep diff --git a/java/ql/lib/semmle/code/java/security/regexp/SuperlinearBackTracking.qll b/java/ql/lib/semmle/code/java/security/regexp/SuperlinearBackTracking.qll deleted file mode 100644 index 623b1540ef17..000000000000 --- a/java/ql/lib/semmle/code/java/security/regexp/SuperlinearBackTracking.qll +++ /dev/null @@ -1,41 +0,0 @@ -/** - * This module implements the analysis described in the paper: - * Valentin Wustholz, Oswaldo Olivo, Marijn J. H. Heule, and Isil Dillig: - * Static Detection of DoS Vulnerabilities in - * Programs that use Regular Expressions - * (Extended Version). - * (https://arxiv.org/pdf/1701.04045.pdf) - * - * Theorem 3 from the paper describes the basic idea. - * - * The following explains the idea using variables and predicate names that are used in the implementation: - * We consider a pair of repetitions, which we will call `pivot` and `succ`. - * - * We create a product automaton of 3-tuples of states (see `StateTuple`). - * There exists a transition `(a,b,c) -> (d,e,f)` in the product automaton - * iff there exists three transitions in the NFA `a->d, b->e, c->f` where those three - * transitions all match a shared character `char`. (see `getAThreewayIntersect`) - * - * We start a search in the product automaton at `(pivot, pivot, succ)`, - * and search for a series of transitions (a `Trace`), such that we end - * at `(pivot, succ, succ)` (see `isReachableFromStartTuple`). - * - * For example, consider the regular expression `/^\d*5\w*$/`. - * The search will start at the tuple `(\d*, \d*, \w*)` and search - * for a path to `(\d*, \w*, \w*)`. - * This path exists, and consists of a single transition in the product automaton, - * where the three corresponding NFA edges all match the character `"5"`. - * - * The start-state in the NFA has an any-transition to itself, this allows us to - * flag regular expressions such as `/a*$/` - which does not have a start anchor - - * and can thus start matching anywhere. - * - * The implementation is not perfect. - * It has the same suffix detection issue as the `js/redos` query, which can cause false positives. - * It also doesn't find all transitions in the product automaton, which can cause false negatives. - */ - -private import semmle.code.java.regex.RegexTreeView::RegexTreeView as TreeView -// SuperlinearBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.SuperlinearBackTracking::Make as Dep -import Dep diff --git a/java/ql/lib/semmle/code/xml/XML.qll b/java/ql/lib/semmle/code/xml/XML.qll index 33f4cd9e9e6a..65bdd7b7cc16 100644 --- a/java/ql/lib/semmle/code/xml/XML.qll +++ b/java/ql/lib/semmle/code/xml/XML.qll @@ -32,9 +32,6 @@ class XmlLocatable extends @xmllocatable, TXmlLocatable { string toString() { none() } // overridden in subclasses } -/** DEPRECATED: Alias for XmlLocatable */ -deprecated class XMLLocatable = XmlLocatable; - /** * An `XmlParent` is either an `XmlElement` or an `XmlFile`, * both of which can contain other elements. @@ -95,9 +92,6 @@ class XmlParent extends @xmlparent { string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlParent */ -deprecated class XMLParent = XmlParent; - /** An XML file. */ class XmlFile extends XmlParent, File { XmlFile() { xmlEncoding(this, _) } @@ -119,14 +113,8 @@ class XmlFile extends XmlParent, File { /** Gets a DTD associated with this XML file. */ XmlDtd getADtd() { xmlDTDs(result, _, _, _, this) } - - /** DEPRECATED: Alias for getADtd */ - deprecated XmlDtd getADTD() { result = this.getADtd() } } -/** DEPRECATED: Alias for XmlFile */ -deprecated class XMLFile = XmlFile; - /** * An XML document type definition (DTD). * @@ -163,9 +151,6 @@ class XmlDtd extends XmlLocatable, @xmldtd { } } -/** DEPRECATED: Alias for XmlDtd */ -deprecated class XMLDTD = XmlDtd; - /** * An XML element in an XML file. * @@ -221,9 +206,6 @@ class XmlElement extends @xmlelement, XmlParent, XmlLocatable { override string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlElement */ -deprecated class XMLElement = XmlElement; - /** * An attribute that occurs inside an XML element. * @@ -254,9 +236,6 @@ class XmlAttribute extends @xmlattribute, XmlLocatable { override string toString() { result = this.getName() + "=" + this.getValue() } } -/** DEPRECATED: Alias for XmlAttribute */ -deprecated class XMLAttribute = XmlAttribute; - /** * A namespace used in an XML file. * @@ -273,9 +252,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { /** Gets the URI of this namespace. */ string getUri() { xmlNs(this, _, result, _) } - /** DEPRECATED: Alias for getUri */ - deprecated string getURI() { result = this.getUri() } - /** Holds if this namespace has no prefix. */ predicate isDefault() { this.getPrefix() = "" } @@ -286,9 +262,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { } } -/** DEPRECATED: Alias for XmlNamespace */ -deprecated class XMLNamespace = XmlNamespace; - /** * A comment in an XML file. * @@ -309,9 +282,6 @@ class XmlComment extends @xmlcomment, XmlLocatable { override string toString() { result = this.getText() } } -/** DEPRECATED: Alias for XmlComment */ -deprecated class XMLComment = XmlComment; - /** * A sequence of characters that occurs between opening and * closing tags of an XML element, excluding other elements. @@ -335,6 +305,3 @@ class XmlCharacters extends @xmlcharacters, XmlLocatable { /** Gets a printable representation of this XML character sequence. */ override string toString() { result = this.getCharacters() } } - -/** DEPRECATED: Alias for XmlCharacters */ -deprecated class XMLCharacters = XmlCharacters; diff --git a/javascript/ql/lib/change-notes/2024-01-22-outdated-deprecations.md b/javascript/ql/lib/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..98eb2f1d8f4c --- /dev/null +++ b/javascript/ql/lib/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,9 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `CPU`, `TLD`, `SSA`, `ASM` etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated `getMessageSuffix` predicates in `CodeInjectionCustomizations.qll`. +* Deleted the deprecated `semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedData.qll` file. +* Deleted the deprecated `getANonHtmlHeaderDefinition` and `nonHtmlContentTypeHeader` predicates from `ReflectedXssCustomizations.qll`. +* Deleted the deprecated `semmle/javascript/security/OverlyLargeRangeQuery.qll`, `semmle/javascript/security/regexp/ExponentialBackTracking.qll`, `semmle/javascript/security/regexp/NfaUtils.qll`, and `semmle/javascript/security/regexp/NfaUtils.qll` files. +* Deleted the deprecated `Expressions/TypoDatabase.qll` file. diff --git a/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll b/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll index d128dd9a653d..f573c1364378 100644 --- a/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll +++ b/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll @@ -59,9 +59,6 @@ class Json2CsvTaintStep extends TaintTracking::SharedTaintStep { } } -/** DEPRECATED: Alias for Json2CsvTaintStep */ -deprecated class JSON2CSVTaintStep = Json2CsvTaintStep; - /** * A step through the [`prettyjson`](https://www.npmjs.com/package/prettyjson) library. * This is not quite a `JSON.stringify` call, as it e.g. does not wrap keys in double quotes. diff --git a/javascript/ql/lib/semmle/javascript/NPM.qll b/javascript/ql/lib/semmle/javascript/NPM.qll index 0bf92c5d29af..d25934be60b8 100644 --- a/javascript/ql/lib/semmle/javascript/NPM.qll +++ b/javascript/ql/lib/semmle/javascript/NPM.qll @@ -191,9 +191,6 @@ class PackageJson extends JsonObject { not result.matches("!%") } - /** DEPRECATED: Alias for getWhitelistedCpu */ - deprecated string getWhitelistedCPU() { result = this.getWhitelistedCpu() } - /** Gets a platform not supported by this package. */ string getBlacklistedCpu() { exists(string str | str = this.getCPUs().getElementStringValue(_) | @@ -201,9 +198,6 @@ class PackageJson extends JsonObject { ) } - /** DEPRECATED: Alias for getBlacklistedCpu */ - deprecated string getBlacklistedCPU() { result = this.getBlacklistedCpu() } - /** Holds if this package prefers to be installed globally. */ predicate isPreferGlobal() { this.getPropValue("preferGlobal").(JsonBoolean).getValue() = "true" } diff --git a/javascript/ql/lib/semmle/javascript/Regexp.qll b/javascript/ql/lib/semmle/javascript/Regexp.qll index de1a3f0d98fb..3266f1527a27 100644 --- a/javascript/ql/lib/semmle/javascript/Regexp.qll +++ b/javascript/ql/lib/semmle/javascript/Regexp.qll @@ -1036,15 +1036,6 @@ deprecated module RegExpPatterns { // according to ranking by http://google.com/search?q=site:.<> result = "(?:com|org|edu|gov|uk|net|io)(?![a-z0-9])" } - - /** - * Gets a pattern that matches common top-level domain names in lower case. - * DEPRECATED: use `getACommonTld` instead - */ - deprecated predicate commonTld = getACommonTld/0; - - /** DEPRECATED: Alias for commonTld */ - deprecated predicate commonTLD = commonTld/0; } /** diff --git a/javascript/ql/lib/semmle/javascript/SSA.qll b/javascript/ql/lib/semmle/javascript/SSA.qll index 304efa398ccf..a505cf5ff484 100644 --- a/javascript/ql/lib/semmle/javascript/SSA.qll +++ b/javascript/ql/lib/semmle/javascript/SSA.qll @@ -758,6 +758,3 @@ module Ssa { /** Gets the SSA variable corresponding to `d`. */ SsaVariable variable(VarDef d) { result.getDefinition() = definition(d) } } - -/** DEPRECATED: Alias for Ssa */ -deprecated module SSA = Ssa; diff --git a/javascript/ql/lib/semmle/javascript/Stmt.qll b/javascript/ql/lib/semmle/javascript/Stmt.qll index ae59c0b81eb7..c4217b093563 100644 --- a/javascript/ql/lib/semmle/javascript/Stmt.qll +++ b/javascript/ql/lib/semmle/javascript/Stmt.qll @@ -295,9 +295,6 @@ class AsmJSDirective extends KnownDirective { AsmJSDirective() { this.getDirectiveText() = "use asm" } } -/** DEPRECATED: Alias for AsmJSDirective */ -deprecated class ASMJSDirective = AsmJSDirective; - /** * A Babel directive. * diff --git a/javascript/ql/lib/semmle/javascript/XML.qll b/javascript/ql/lib/semmle/javascript/XML.qll index 33f4cd9e9e6a..65bdd7b7cc16 100644 --- a/javascript/ql/lib/semmle/javascript/XML.qll +++ b/javascript/ql/lib/semmle/javascript/XML.qll @@ -32,9 +32,6 @@ class XmlLocatable extends @xmllocatable, TXmlLocatable { string toString() { none() } // overridden in subclasses } -/** DEPRECATED: Alias for XmlLocatable */ -deprecated class XMLLocatable = XmlLocatable; - /** * An `XmlParent` is either an `XmlElement` or an `XmlFile`, * both of which can contain other elements. @@ -95,9 +92,6 @@ class XmlParent extends @xmlparent { string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlParent */ -deprecated class XMLParent = XmlParent; - /** An XML file. */ class XmlFile extends XmlParent, File { XmlFile() { xmlEncoding(this, _) } @@ -119,14 +113,8 @@ class XmlFile extends XmlParent, File { /** Gets a DTD associated with this XML file. */ XmlDtd getADtd() { xmlDTDs(result, _, _, _, this) } - - /** DEPRECATED: Alias for getADtd */ - deprecated XmlDtd getADTD() { result = this.getADtd() } } -/** DEPRECATED: Alias for XmlFile */ -deprecated class XMLFile = XmlFile; - /** * An XML document type definition (DTD). * @@ -163,9 +151,6 @@ class XmlDtd extends XmlLocatable, @xmldtd { } } -/** DEPRECATED: Alias for XmlDtd */ -deprecated class XMLDTD = XmlDtd; - /** * An XML element in an XML file. * @@ -221,9 +206,6 @@ class XmlElement extends @xmlelement, XmlParent, XmlLocatable { override string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlElement */ -deprecated class XMLElement = XmlElement; - /** * An attribute that occurs inside an XML element. * @@ -254,9 +236,6 @@ class XmlAttribute extends @xmlattribute, XmlLocatable { override string toString() { result = this.getName() + "=" + this.getValue() } } -/** DEPRECATED: Alias for XmlAttribute */ -deprecated class XMLAttribute = XmlAttribute; - /** * A namespace used in an XML file. * @@ -273,9 +252,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { /** Gets the URI of this namespace. */ string getUri() { xmlNs(this, _, result, _) } - /** DEPRECATED: Alias for getUri */ - deprecated string getURI() { result = this.getUri() } - /** Holds if this namespace has no prefix. */ predicate isDefault() { this.getPrefix() = "" } @@ -286,9 +262,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { } } -/** DEPRECATED: Alias for XmlNamespace */ -deprecated class XMLNamespace = XmlNamespace; - /** * A comment in an XML file. * @@ -309,9 +282,6 @@ class XmlComment extends @xmlcomment, XmlLocatable { override string toString() { result = this.getText() } } -/** DEPRECATED: Alias for XmlComment */ -deprecated class XMLComment = XmlComment; - /** * A sequence of characters that occurs between opening and * closing tags of an XML element, excluding other elements. @@ -335,6 +305,3 @@ class XmlCharacters extends @xmlcharacters, XmlLocatable { /** Gets a printable representation of this XML character sequence. */ override string toString() { result = this.getCharacters() } } - -/** DEPRECATED: Alias for XmlCharacters */ -deprecated class XMLCharacters = XmlCharacters; diff --git a/javascript/ql/lib/semmle/javascript/YAML.qll b/javascript/ql/lib/semmle/javascript/YAML.qll index d8a8a696d214..38bca7779002 100644 --- a/javascript/ql/lib/semmle/javascript/YAML.qll +++ b/javascript/ql/lib/semmle/javascript/YAML.qll @@ -65,48 +65,3 @@ deprecated class YAMLValue = YamlValue; /** DEPRECATED: Alias for YamlScalar */ deprecated class YAMLScalar = YamlScalar; - -/** DEPRECATED: Alias for YamlInteger */ -deprecated class YAMLInteger = YamlInteger; - -/** DEPRECATED: Alias for YamlFloat */ -deprecated class YAMLFloat = YamlFloat; - -/** DEPRECATED: Alias for YamlTimestamp */ -deprecated class YAMLTimestamp = YamlTimestamp; - -/** DEPRECATED: Alias for YamlBool */ -deprecated class YAMLBool = YamlBool; - -/** DEPRECATED: Alias for YamlNull */ -deprecated class YAMLNull = YamlNull; - -/** DEPRECATED: Alias for YamlString */ -deprecated class YAMLString = YamlString; - -/** DEPRECATED: Alias for YamlMergeKey */ -deprecated class YAMLMergeKey = YamlMergeKey; - -/** DEPRECATED: Alias for YamlInclude */ -deprecated class YAMLInclude = YamlInclude; - -/** DEPRECATED: Alias for YamlCollection */ -deprecated class YAMLCollection = YamlCollection; - -/** DEPRECATED: Alias for YamlMapping */ -deprecated class YAMLMapping = YamlMapping; - -/** DEPRECATED: Alias for YamlSequence */ -deprecated class YAMLSequence = YamlSequence; - -/** DEPRECATED: Alias for YamlAliasNode */ -deprecated class YAMLAliasNode = YamlAliasNode; - -/** DEPRECATED: Alias for YamlDocument */ -deprecated class YAMLDocument = YamlDocument; - -/** DEPRECATED: Alias for YamlParseError */ -deprecated class YAMLParseError = YamlParseError; - -/** DEPRECATED: Alias for YamlMappingLikeNode */ -deprecated class YAMLMappingLikeNode = YamlMappingLikeNode; diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Electron.qll b/javascript/ql/lib/semmle/javascript/frameworks/Electron.qll index e6480732e079..48b1875a445e 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Electron.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Electron.qll @@ -133,9 +133,6 @@ module Electron { override IpcDispatch getAReturnDispatch() { result.getCalleeName() = "sendSync" } } - /** DEPRECATED: Alias for IpcSendRegistration */ - deprecated class IPCSendRegistration = IpcSendRegistration; - /** * A dispatch of an IPC event. * An IPC event is sent from the renderer to the main process. @@ -171,9 +168,6 @@ module Electron { result.getEmitter() instanceof RendererProcess } } - - /** DEPRECATED: Alias for IpcDispatch */ - deprecated class IPCDispatch = IpcDispatch; } /** diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Emscripten.qll b/javascript/ql/lib/semmle/javascript/frameworks/Emscripten.qll index df3c7a319eb3..6d5752f769bc 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Emscripten.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Emscripten.qll @@ -17,9 +17,6 @@ class EmscriptenStartAsmComment extends EmscriptenMarkerComment { EmscriptenStartAsmComment() { this.getText().trim() = "EMSCRIPTEN_START_ASM" } } -/** DEPRECATED: Alias for EmscriptenStartAsmComment */ -deprecated class EmscriptenStartASMComment = EmscriptenStartAsmComment; - /** * An `EMSCRIPTEN_START_FUNCS` marker comment. */ @@ -34,9 +31,6 @@ class EmscriptenEndAsmComment extends EmscriptenMarkerComment { EmscriptenEndAsmComment() { this.getText().trim() = "EMSCRIPTEN_END_ASM" } } -/** DEPRECATED: Alias for EmscriptenEndAsmComment */ -deprecated class EmscriptenEndASMComment = EmscriptenEndAsmComment; - /** * An `EMSCRIPTEN_END_FUNCS` marker comment. */ diff --git a/javascript/ql/lib/semmle/javascript/frameworks/GWT.qll b/javascript/ql/lib/semmle/javascript/frameworks/GWT.qll index 749e515a4051..345873719a6a 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/GWT.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/GWT.qll @@ -11,9 +11,6 @@ class GwtVersionVariable extends GlobalVariable { GwtVersionVariable() { this.getName() = "$gwt_version" } } -/** DEPRECATED: Alias for GwtVersionVariable */ -deprecated class GWTVersionVariable = GwtVersionVariable; - /** * A GWT header script that defines the `$gwt_version` variable. */ @@ -36,15 +33,9 @@ class GwtHeader extends InlineScript { deprecated string getGWTVersion() { result = this.getGwtVersion() } } -/** DEPRECATED: Alias for GwtHeader */ -deprecated class GWTHeader = GwtHeader; - /** * A toplevel in a file that appears to be GWT-generated. */ class GwtGeneratedTopLevel extends TopLevel { GwtGeneratedTopLevel() { exists(GwtHeader h | this.getFile() = h.getFile()) } } - -/** DEPRECATED: Alias for GwtGeneratedTopLevel */ -deprecated class GWTGeneratedTopLevel = GwtGeneratedTopLevel; diff --git a/javascript/ql/lib/semmle/javascript/frameworks/HTTP.qll b/javascript/ql/lib/semmle/javascript/frameworks/HTTP.qll index 80b3ee1ff74e..61770cdb9bac 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/HTTP.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/HTTP.qll @@ -607,6 +607,3 @@ module Http { } } } - -/** DEPRECATED: Alias for Http */ -deprecated module HTTP = Http; diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Testing.qll b/javascript/ql/lib/semmle/javascript/frameworks/Testing.qll index a89ba86555ae..248d41062076 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Testing.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Testing.qll @@ -37,9 +37,6 @@ class BddTest extends Test, @call_expr { } } -/** DEPRECATED: Alias for BddTest */ -deprecated class BDDTest = BddTest; - /** * Gets the test file for `f` with stem extension `stemExt`, where `stemExt` is "test" or "spec". * That is, a file named `..` in the diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll index ce05747ec3f2..4d014768325f 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll @@ -16,12 +16,6 @@ module CodeInjection { * A data flow sink for code injection vulnerabilities. */ abstract class Sink extends DataFlow::Node { - /** - * DEPRECATED: Use `getMessagePrefix()` instead. - * Gets the substitute for `X` in the message `User-provided value flows to X`. - */ - deprecated string getMessageSuffix() { result = "this location and is interpreted as code" } - /** * Gets the prefix for the message `X depends on a user-provided value.`. */ @@ -129,11 +123,6 @@ module CodeInjection { ) } - deprecated override string getMessageSuffix() { - result = - "this location and is interpreted by " + templateType + ", which may evaluate it as code" - } - override string getMessagePrefix() { result = "This " + templateType + " template, which may contain code," } @@ -321,10 +310,6 @@ module CodeInjection { /** A sink for code injection via template injection. */ abstract private class TemplateSink extends Sink { - deprecated override string getMessageSuffix() { - result = "this location and is interpreted as a template, which may contain code" - } - override string getMessagePrefix() { result = "Template, which may contain code," } } diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll index cc4fc0c47eaa..42ea977e26c8 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll @@ -19,9 +19,6 @@ class HtmlSink extends DataFlow::Node instanceof Sink { } } -/** DEPRECATED: Alias for HtmlSink */ -deprecated class HTMLSink = HtmlSink; - /** * A taint-tracking configuration for reasoning about XSS. * Both ordinary HTML sinks, URL sinks, and JQuery selector based sinks. diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedData.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedData.qll deleted file mode 100644 index c070fdff662a..000000000000 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedData.qll +++ /dev/null @@ -1,7 +0,0 @@ -/** DEPRECATED. Import `ExternalApiUsedWithUntrustedDataQuery` instead. */ - -import javascript -private import ExternalAPIUsedWithUntrustedDataQuery as ExternalApiUsedWithUntrustedDataQuery // ignore-query-import - -/** DEPRECATED. Import `ExternalApiUsedWithUntrustedDataQuery` instead. */ -deprecated module ExternalApiUsedWithUntrustedData = ExternalApiUsedWithUntrustedDataQuery; diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll index 2f7339783a34..6ddedd4f727b 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll @@ -28,27 +28,6 @@ module ReflectedXss { HttpResponseSink() { not exists(getAXssSafeHeaderDefinition(this)) } } - /** - * DEPRECATED: Gets a HeaderDefinition that defines a non-html content-type for `send`. - */ - deprecated Http::HeaderDefinition getANonHtmlHeaderDefinition(Http::ResponseSendArgument send) { - exists(Http::RouteHandler h | - send.getRouteHandler() = h and - result = nonHtmlContentTypeHeader(h) - | - // The HeaderDefinition affects a response sent at `send`. - headerAffects(result, send) - ) - } - - /** - * DEPRECATED: Holds if `h` may send a response with a content type other than HTML. - */ - deprecated Http::HeaderDefinition nonHtmlContentTypeHeader(Http::RouteHandler h) { - result = h.getAResponseHeader("content-type") and - not exists(string tp | result.defines("content-type", tp) | tp.regexpMatch("(?i).*html.*")) - } - /** * Gets a HeaderDefinition that defines a XSS safe content-type for `send`. */ diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll index a1074e49eb20..bf38b2e2a5d1 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll @@ -87,9 +87,6 @@ module XssThroughDom { override string getPropertyName() { result = prop } } - /** DEPRECATED: Alias for JQueryDomPropertySource */ - deprecated class JQueryDOMPropertySource = JQueryDomPropertySource; - /** * A source for text from the DOM from a `d3` method call. */ diff --git a/javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll b/javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll deleted file mode 100644 index f930a7d9d3d8..000000000000 --- a/javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll +++ /dev/null @@ -1,68 +0,0 @@ -/** - * This library implements the analysis described in the following two papers: - * - * James Kirrage, Asiri Rathnayake, Hayo Thielecke: Static Analysis for - * Regular Expression Denial-of-Service Attacks. NSS 2013. - * (https://arxiv.org/abs/1301.0849) - * Asiri Rathnayake, Hayo Thielecke: Static Analysis for Regular Expression - * Exponential Runtime via Substructural Logics. 2014. - * (https://www.cs.bham.ac.uk/~hxt/research/redos_full.pdf) - * - * The basic idea is to search for overlapping cycles in the NFA, that is, - * states `q` such that there are two distinct paths from `q` to itself - * that consume the same word `w`. - * - * For any such state `q`, an attack string can be constructed as follows: - * concatenate a prefix `v` that takes the NFA to `q` with `n` copies of - * the word `w` that leads back to `q` along two different paths, followed - * by a suffix `x` that is _not_ accepted in state `q`. A backtracking - * implementation will need to explore at least 2^n different ways of going - * from `q` back to itself while trying to match the `n` copies of `w` - * before finally giving up. - * - * Now in order to identify overlapping cycles, all we have to do is find - * pumpable forks, that is, states `q` that can transition to two different - * states `r1` and `r2` on the same input symbol `c`, such that there are - * paths from both `r1` and `r2` to `q` that consume the same word. The latter - * condition is equivalent to saying that `(q, q)` is reachable from `(r1, r2)` - * in the product NFA. - * - * This is what the library does. It makes a simple attempt to construct a - * prefix `v` leading into `q`, but only to improve the alert message. - * And the library tries to prove the existence of a suffix that ensures - * rejection. This check might fail, which can cause false positives. - * - * Finally, sometimes it depends on the translation whether the NFA generated - * for a regular expression has a pumpable fork or not. We implement one - * particular translation, which may result in false positives or negatives - * relative to some particular JavaScript engine. - * - * More precisely, the library constructs an NFA from a regular expression `r` - * as follows: - * - * * Every sub-term `t` gives rise to an NFA state `Match(t,i)`, representing - * the state of the automaton before attempting to match the `i`th character in `t`. - * * There is one accepting state `Accept(r)`. - * * There is a special `AcceptAnySuffix(r)` state, which accepts any suffix string - * by using an epsilon transition to `Accept(r)` and an any transition to itself. - * * Transitions between states may be labelled with epsilon, or an abstract - * input symbol. - * * Each abstract input symbol represents a set of concrete input characters: - * either a single character, a set of characters represented by a - * character class, or the set of all characters. - * * The product automaton is constructed lazily, starting with pair states - * `(q, q)` where `q` is a fork, and proceeding along an over-approximate - * step relation. - * * The over-approximate step relation allows transitions along pairs of - * abstract input symbols where the symbols have overlap in the characters they accept. - * * Once a trace of pairs of abstract input symbols that leads from a fork - * back to itself has been identified, we attempt to construct a concrete - * string corresponding to it, which may fail. - * * Lastly we ensure that any state reached by repeating `n` copies of `w` has - * a suffix `x` (possible empty) that is most likely __not__ accepted. - */ - -private import RegExpTreeView::RegExpTreeView as TreeView -// ExponentialBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.ExponentialBackTracking::Make as Dep -import Dep diff --git a/javascript/ql/lib/semmle/javascript/security/regexp/NfaUtils.qll b/javascript/ql/lib/semmle/javascript/security/regexp/NfaUtils.qll deleted file mode 100644 index c2be46a244d5..000000000000 --- a/javascript/ql/lib/semmle/javascript/security/regexp/NfaUtils.qll +++ /dev/null @@ -1,13 +0,0 @@ -/** - * Provides classes and predicates for constructing an NFA from - * a regular expression, and various utilities for reasoning about - * the resulting NFA. - * - * These utilities are used both by the ReDoS queries and by - * other queries that benefit from reasoning about NFAs. - */ - -private import RegExpTreeView::RegExpTreeView as TreeView -// NfaUtils should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.NfaUtils::Make as Dep -import Dep diff --git a/javascript/ql/lib/semmle/javascript/security/regexp/SuperlinearBackTracking.qll b/javascript/ql/lib/semmle/javascript/security/regexp/SuperlinearBackTracking.qll deleted file mode 100644 index ec3d65ab195b..000000000000 --- a/javascript/ql/lib/semmle/javascript/security/regexp/SuperlinearBackTracking.qll +++ /dev/null @@ -1,41 +0,0 @@ -/** - * This module implements the analysis described in the paper: - * Valentin Wustholz, Oswaldo Olivo, Marijn J. H. Heule, and Isil Dillig: - * Static Detection of DoS Vulnerabilities in - * Programs that use Regular Expressions - * (Extended Version). - * (https://arxiv.org/pdf/1701.04045.pdf) - * - * Theorem 3 from the paper describes the basic idea. - * - * The following explains the idea using variables and predicate names that are used in the implementation: - * We consider a pair of repetitions, which we will call `pivot` and `succ`. - * - * We create a product automaton of 3-tuples of states (see `StateTuple`). - * There exists a transition `(a,b,c) -> (d,e,f)` in the product automaton - * iff there exists three transitions in the NFA `a->d, b->e, c->f` where those three - * transitions all match a shared character `char`. (see `getAThreewayIntersect`) - * - * We start a search in the product automaton at `(pivot, pivot, succ)`, - * and search for a series of transitions (a `Trace`), such that we end - * at `(pivot, succ, succ)` (see `isReachableFromStartTuple`). - * - * For example, consider the regular expression `/^\d*5\w*$/`. - * The search will start at the tuple `(\d*, \d*, \w*)` and search - * for a path to `(\d*, \w*, \w*)`. - * This path exists, and consists of a single transition in the product automaton, - * where the three corresponding NFA edges all match the character `"5"`. - * - * The start-state in the NFA has an any-transition to itself, this allows us to - * flag regular expressions such as `/a*$/` - which does not have a start anchor - - * and can thus start matching anywhere. - * - * The implementation is not perfect. - * It has the same suffix detection issue as the `js/redos` query, which can cause false positives. - * It also doesn't find all transitions in the product automaton, which can cause false negatives. - */ - -private import RegExpTreeView::RegExpTreeView as TreeView -// SuperlinearBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.SuperlinearBackTracking::Make as Dep -import Dep diff --git a/javascript/ql/src/Expressions/TypoDatabase.qll b/javascript/ql/src/Expressions/TypoDatabase.qll deleted file mode 100644 index f480b9ebc8b8..000000000000 --- a/javascript/ql/src/Expressions/TypoDatabase.qll +++ /dev/null @@ -1,4 +0,0 @@ -import codeql.typos.TypoDatabase as DB - -/** DEPRECATED: Use the `codeql/typos` pack instead. */ -deprecated predicate typos = DB::typos/2; diff --git a/python/ql/lib/change-notes/2024-01-22-outdated-deprecations.md b/python/ql/lib/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..e3dce6a5ccd3 --- /dev/null +++ b/python/ql/lib/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,8 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `LDAP`, `HTTP`, `URL`, `CGI` etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated `localSourceStoreStep` predicate, use `flowsToStoreStep` instead. +* Deleted the deprecated `iteration_defined_variable` predicate from the `SSA` library. +* Deleted various deprecated predicates from the points-to libraries. +* Deleted the deprecated `semmle/python/security/OverlyLargeRangeQuery.qll`, `semmle/python/security/regexp/ExponentialBackTracking.qll`, `semmle/python/security/regexp/NfaUtils.qll`, and `semmle/python/security/regexp/NfaUtils.qll` files. diff --git a/python/ql/lib/python.qll b/python/ql/lib/python.qll index 9a34be8ebcc3..24744d005a17 100644 --- a/python/ql/lib/python.qll +++ b/python/ql/lib/python.qll @@ -26,7 +26,6 @@ import semmle.python.types.FunctionObject import semmle.python.types.ModuleObject import semmle.python.types.Version import semmle.python.types.Descriptors -import semmle.python.protocols import semmle.python.SSA import semmle.python.SelfAttribute import semmle.python.types.Properties diff --git a/python/ql/lib/semmle/python/Concepts.qll b/python/ql/lib/semmle/python/Concepts.qll index f7acd89bd625..92f94abf0d66 100644 --- a/python/ql/lib/semmle/python/Concepts.qll +++ b/python/ql/lib/semmle/python/Concepts.qll @@ -685,9 +685,6 @@ module Ldap { } } -/** DEPRECATED: Alias for Ldap */ -deprecated module LDAP = Ldap; - /** * A data-flow node that escapes meta-characters, which could be used to prevent * injection attacks. @@ -1157,9 +1154,6 @@ module Http { // remote-flow-sources in general. } -/** DEPRECATED: Alias for Http */ -deprecated module HTTP = Http; - /** * Provides models for cryptographic things. * diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll b/python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll index 8e0feb50c704..0f6ff8bd3bd2 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll @@ -386,8 +386,6 @@ deprecated module StepSummary { smallstepCall(nodeFrom, nodeTo, summary) } - deprecated predicate localSourceStoreStep = flowsToStoreStep/3; - /** Gets the step summary for a level step. */ StepSummary levelStep() { result = LevelStep() } diff --git a/python/ql/lib/semmle/python/essa/SsaDefinitions.qll b/python/ql/lib/semmle/python/essa/SsaDefinitions.qll index 8d9de6116593..0c1c8836f4e5 100644 --- a/python/ql/lib/semmle/python/essa/SsaDefinitions.qll +++ b/python/ql/lib/semmle/python/essa/SsaDefinitions.qll @@ -88,15 +88,6 @@ module SsaSource { lhs.getBasicBlock().dominates(defn.getBasicBlock()) } - /** Holds if `v` is defined by a `for` statement, the definition being `defn` */ - cached - deprecated predicate iteration_defined_variable( - Variable v, ControlFlowNode defn, ControlFlowNode sequence - ) { - exists(ForNode for | for.iterates(defn, sequence)) and - defn.(NameNode).defines(v) - } - /** Holds if `v` is a parameter variable and `defn` is the CFG node for that parameter. */ cached predicate parameter_definition(Variable v, ControlFlowNode defn) { diff --git a/python/ql/lib/semmle/python/frameworks/Django.qll b/python/ql/lib/semmle/python/frameworks/Django.qll index b64404243076..3e9fd8030ffe 100644 --- a/python/ql/lib/semmle/python/frameworks/Django.qll +++ b/python/ql/lib/semmle/python/frameworks/Django.qll @@ -1154,9 +1154,6 @@ module PrivateDjango { /** Gets a reference to the `django.http` module. */ API::Node http() { result = django().getMember("http") } - /** DEPRECATED: Alias for `DjangoHttp` */ - deprecated module http = DjangoHttp; - /** Provides models for the `django.http` module */ module DjangoHttp { // --------------------------------------------------------------------------- diff --git a/python/ql/lib/semmle/python/frameworks/Starlette.qll b/python/ql/lib/semmle/python/frameworks/Starlette.qll index c35d709401ef..ec62888ecb0c 100644 --- a/python/ql/lib/semmle/python/frameworks/Starlette.qll +++ b/python/ql/lib/semmle/python/frameworks/Starlette.qll @@ -166,9 +166,6 @@ module Starlette { } } - /** DEPRECATED: Alias for Url */ - deprecated module URL = Url; - /** * A call to the `starlette.responses.FileResponse` constructor as a sink for Filesystem access. */ diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll index 9c9f0d3d0d20..e9e66cf4be2a 100644 --- a/python/ql/lib/semmle/python/frameworks/Stdlib.qll +++ b/python/ql/lib/semmle/python/frameworks/Stdlib.qll @@ -1967,14 +1967,8 @@ module StdlibPrivate { result = cgiHttpServer().getMember("CGIHTTPRequestHandler") } } - - /** DEPRECATED: Alias for CgiHttpRequestHandler */ - deprecated module CGIHTTPRequestHandler = CgiHttpRequestHandler; } - /** DEPRECATED: Alias for CgiHttpServer */ - deprecated module CGIHTTPServer = CgiHttpServer; - // --------------------------------------------------------------------------- // http (Python 3 only) // --------------------------------------------------------------------------- @@ -2042,9 +2036,6 @@ module StdlibPrivate { */ deprecated API::Node classRef() { result = server().getMember("CGIHTTPRequestHandler") } } - - /** DEPRECATED: Alias for CgiHttpRequestHandler */ - deprecated module CGIHTTPRequestHandler = CgiHttpRequestHandler; } } @@ -2233,9 +2224,6 @@ module StdlibPrivate { } } - /** DEPRECATED: Alias for WsgiEnvirontParameter */ - deprecated class WSGIEnvirontParameter = WsgiEnvirontParameter; - /** * Gets a reference to the parameter of a `WsgirefSimpleServerApplication` that * takes the `start_response` function. diff --git a/python/ql/lib/semmle/python/objects/TObject.qll b/python/ql/lib/semmle/python/objects/TObject.qll index 58be33ddd913..55f5bb0215f8 100644 --- a/python/ql/lib/semmle/python/objects/TObject.qll +++ b/python/ql/lib/semmle/python/objects/TObject.qll @@ -333,36 +333,6 @@ predicate call3( arg2 = call.getArg(2) } -bindingset[self, function] -deprecated predicate method_binding( - AttrNode instantiation, ObjectInternal self, CallableObjectInternal function, - PointsToContext context -) { - exists(ObjectInternal obj, string name | receiver(instantiation, context, obj, name) | - exists(ObjectInternal cls | - cls = obj.getClass() and - cls != ObjectInternal::superType() and - cls.attribute(name, function, _) and - self = obj - ) - or - exists(SuperInstance sup, ClassObjectInternal decl | - sup = obj and - decl = Types::getMro(self.getClass()).startingAt(sup.getStartClass()).findDeclaringClass(name) and - Types::declaredAttribute(decl, name, function, _) and - self = sup.getSelf() - ) - ) -} - -/** Helper for method_binding */ -pragma[noinline] -deprecated predicate receiver( - AttrNode instantiation, PointsToContext context, ObjectInternal obj, string name -) { - PointsToInternal::pointsTo(instantiation.getObject(name), context, obj, _) -} - /** Helper self parameters: `def meth(self, ...): ...`. */ pragma[noinline] private predicate self_parameter( diff --git a/python/ql/lib/semmle/python/pointsto/Base.qll b/python/ql/lib/semmle/python/pointsto/Base.qll index 96437cfed7e9..56dc633eb9c8 100644 --- a/python/ql/lib/semmle/python/pointsto/Base.qll +++ b/python/ql/lib/semmle/python/pointsto/Base.qll @@ -13,123 +13,6 @@ import semmle.python.essa.SsaDefinitions private import semmle.python.types.Builtins private import semmle.python.internal.CachedStages -deprecated module BasePointsTo { - /** INTERNAL -- Use n.refersTo(value, _, origin) instead */ - pragma[noinline] - predicate points_to(ControlFlowNode f, Object value, ControlFlowNode origin) { - ( - f.isLiteral() and value = f and not f.getNode() instanceof ImmutableLiteral - or - f.isFunction() and value = f - ) and - origin = f - } -} - -/** Gets the kwargs parameter (`**kwargs`). In a function definition this is always a dict. */ -deprecated predicate kwargs_points_to(ControlFlowNode f, ClassObject cls) { - exists(Function func | func.getKwarg() = f.getNode()) and - cls = theDictType() -} - -/** Gets the varargs parameter (`*varargs`). In a function definition this is always a tuple. */ -deprecated predicate varargs_points_to(ControlFlowNode f, ClassObject cls) { - exists(Function func | func.getVararg() = f.getNode()) and - cls = theTupleType() -} - -/** - * Gets the class of the object for simple cases, namely constants, functions, - * comprehensions and built-in objects. - * - * This exists primarily for internal use. Use getAnInferredType() instead. - */ -pragma[noinline] -deprecated ClassObject simple_types(Object obj) { - result = comprehension(obj.getOrigin()) - or - result = collection_literal(obj.getOrigin()) - or - obj.getOrigin() instanceof CallableExpr and result = thePyFunctionType() - or - obj.getOrigin() instanceof Module and result = theModuleType() - or - result.asBuiltin() = obj.asBuiltin().getClass() - or - obj = unknownValue() and result = theUnknownType() -} - -deprecated private ClassObject comprehension(Expr e) { - e instanceof ListComp and result = theListType() - or - e instanceof SetComp and result = theSetType() - or - e instanceof DictComp and result = theDictType() - or - e instanceof GeneratorExp and result = theGeneratorType() -} - -deprecated private ClassObject collection_literal(Expr e) { - e instanceof List and result = theListType() - or - e instanceof Set and result = theSetType() - or - e instanceof Dict and result = theDictType() - or - e instanceof Tuple and result = theTupleType() -} - -deprecated private int tuple_index_value(Object t, int i) { - result = t.(TupleNode).getElement(i).getNode().(Num).getN().toInt() - or - exists(Object item | - py_citems(t, i, item) and - result = item.(NumericObject).intValue() - ) -} - -pragma[noinline] -deprecated int version_tuple_value(Object t) { - not exists(tuple_index_value(t, 1)) and result = tuple_index_value(t, 0) * 10 - or - not exists(tuple_index_value(t, 2)) and - result = tuple_index_value(t, 0) * 10 + tuple_index_value(t, 1) - or - tuple_index_value(t, 2) = 0 and result = tuple_index_value(t, 0) * 10 + tuple_index_value(t, 1) - or - tuple_index_value(t, 2) > 0 and - result = tuple_index_value(t, 0) * 10 + tuple_index_value(t, 1) + 1 -} - -/** Choose a version numbers that represent the extreme of supported versions. */ -deprecated private int major_minor() { - if major_version() = 3 - then ( - result = 33 or result = 37 - ) else ( - // 3.3 to 3.7 - result = 25 or result = 27 - ) // 2.5 to 2.7 -} - -/** Compares the given tuple object to both the maximum and minimum possible sys.version_info values */ -deprecated int version_tuple_compare(Object t) { - version_tuple_value(t) < major_minor() and result = -1 - or - version_tuple_value(t) = major_minor() and result = 0 - or - version_tuple_value(t) > major_minor() and result = 1 -} - -/** Holds if `cls` is a new-style class if it were to have no explicit base classes */ -deprecated predicate baseless_is_new_style(ClassObject cls) { - cls.isBuiltin() - or - major_version() = 3 and exists(cls) - or - exists(cls.declaredMetaClass()) -} - /* * The following predicates exist in order to provide * more precise type information than the underlying @@ -159,49 +42,6 @@ private predicate class_defines_name(Class cls, string name) { exists(SsaVariable var | name = var.getId() and var.getAUse() = cls.getANormalExit()) } -/** Gets a return value CFG node, provided that is safe to track across returns */ -deprecated ControlFlowNode safe_return_node(PyFunctionObject func) { - result = func.getAReturnedNode() and - // Not a parameter - not exists(Parameter p, SsaVariable pvar | - p.asName().getAFlowNode() = pvar.getDefinition() and - result = pvar.getAUse() - ) and - // No alternatives - not exists(ControlFlowNode branch | branch.isBranch() and branch.getScope() = func.getFunction()) -} - -/** Holds if it can be determined from the control flow graph alone that this function can never return */ -deprecated predicate function_can_never_return(FunctionObject func) { - /* - * A Python function never returns if it has no normal exits that are not dominated by a - * call to a function which itself never returns. - */ - - exists(Function f | - f = func.getFunction() and - not exists(f.getAnExitNode()) - ) - or - func = ModuleObject::named("sys").attr("exit") -} - -/** Hold if outer contains inner, both are contained within a test and inner is a use is a plain use or an attribute lookup */ -pragma[noinline] -deprecated predicate contains_interesting_expression_within_test( - ControlFlowNode outer, ControlFlowNode inner -) { - inner.isLoad() and - exists(ControlFlowNode test | - outer.getAChild*() = inner and - test_contains(test, outer) and - test_contains(test, inner) - | - inner instanceof NameNode or - inner instanceof AttrNode - ) -} - /** Hold if `expr` is a test (a branch) and `use` is within that test */ predicate test_contains(ControlFlowNode expr, ControlFlowNode use) { expr.getNode() instanceof Expr and @@ -209,31 +49,6 @@ predicate test_contains(ControlFlowNode expr, ControlFlowNode use) { expr.getAChild*() = use } -/** Holds if `test` is a test (a branch), `use` is within that test and `def` is an edge from that test with `sense` */ -deprecated predicate refinement_test( - ControlFlowNode test, ControlFlowNode use, boolean sense, PyEdgeRefinement def -) { - /* - * Because calls such as `len` may create a new variable, we need to go via the source variable - * That is perfectly safe as we are only dealing with calls that do not mutate their arguments. - */ - - use = def.getInput().getSourceVariable().(Variable).getAUse() and - test = def.getPredecessor().getLastNode() and - test_contains(test, use) and - sense = def.getSense() -} - -/** Holds if `f` is an import of the form `from .[...] import name` and the enclosing scope is an __init__ module */ -pragma[noinline] -deprecated predicate live_import_from_dot_in_init(ImportMemberNode f, EssaVariable var) { - exists(string name | - import_from_dot_in_init(f.getModule(name)) and - var.getSourceVariable().getName() = name and - var.getAUse() = f - ) -} - /** Holds if `f` is an import of the form `from .[...] import ...` and the enclosing scope is an __init__ module */ predicate import_from_dot_in_init(ImportExprNode f) { f.getScope() = any(Module m).getInitModule() and @@ -251,30 +66,6 @@ Object undefinedVariable() { py_special_objects(result, "_semmle_undefined_value /** Gets the pseudo-object representing an unknown value */ Object unknownValue() { result.asBuiltin() = Builtin::unknown() } -deprecated BuiltinCallable theTypeNewMethod() { - result.asBuiltin() = theTypeType().asBuiltin().getMember("__new__") -} - -/** Gets the `value, cls, origin` that `f` would refer to if it has not been assigned some other value */ -pragma[noinline] -deprecated predicate potential_builtin_points_to( - NameNode f, Object value, ClassObject cls, ControlFlowNode origin -) { - f.isGlobal() and - f.isLoad() and - origin = f and - ( - builtin_name_points_to(f.getId(), value, cls) - or - not exists(Object::builtin(f.getId())) and value = unknownValue() and cls = theUnknownType() - ) -} - -pragma[noinline] -deprecated predicate builtin_name_points_to(string name, Object value, ClassObject cls) { - value = Object::builtin(name) and cls.asBuiltin() = value.asBuiltin().getClass() -} - pragma[nomagic] private predicate essa_var_scope(SsaSourceVariable var, Scope pred_scope, EssaVariable pred_var) { BaseFlow::reaches_exit(pred_var) and @@ -331,48 +122,3 @@ module BaseFlow { scope_entry_value_transfer_through_init(pred_var, pred_scope, succ_def, succ_scope) } } - -/** Points-to for syntactic elements where context is not relevant */ -deprecated predicate simple_points_to( - ControlFlowNode f, Object value, ClassObject cls, ControlFlowNode origin -) { - kwargs_points_to(f, cls) and value = f and origin = f - or - varargs_points_to(f, cls) and value = f and origin = f - or - BasePointsTo::points_to(f, value, origin) and cls = simple_types(value) - or - value = f.getNode().(ImmutableLiteral).getLiteralObject() and - cls = simple_types(value) and - origin = f -} - -/** - * Holds if `bit` is a binary expression node with a bitwise operator. - * Helper for `this_binary_expr_points_to`. - */ -deprecated predicate bitwise_expression_node( - BinaryExprNode bit, ControlFlowNode left, ControlFlowNode right -) { - exists(Operator op | op = bit.getNode().getOp() | - op instanceof BitAnd or - op instanceof BitOr or - op instanceof BitXor - ) and - left = bit.getLeft() and - right = bit.getRight() -} - -deprecated private Module theCollectionsAbcModule() { - result.getName() = "_abcoll" - or - result.getName() = "_collections_abc" -} - -deprecated ClassObject collectionsAbcClass(string name) { - exists(Class cls | - result.getPyClass() = cls and - cls.getName() = name and - cls.getScope() = theCollectionsAbcModule() - ) -} diff --git a/python/ql/lib/semmle/python/pointsto/Filters.qll b/python/ql/lib/semmle/python/pointsto/Filters.qll index dbf9baf52793..4ae756857301 100644 --- a/python/ql/lib/semmle/python/pointsto/Filters.qll +++ b/python/ql/lib/semmle/python/pointsto/Filters.qll @@ -12,12 +12,6 @@ predicate hasattr(CallNode c, ControlFlowNode obj, string attr) { c.getArg(1).getNode().(StrConst).getText() = attr } -/** Holds if `c` is a call to `callable(obj)`. */ -deprecated predicate is_callable(CallNode c, ControlFlowNode obj) { - c.getFunction().(NameNode).getId() = "callable" and - obj = c.getArg(0) -} - /** Holds if `c` is a call to `isinstance(use, cls)`. */ predicate isinstance(CallNode fc, ControlFlowNode cls, ControlFlowNode use) { fc.getFunction().(NameNode).getId() = "isinstance" and @@ -25,13 +19,6 @@ predicate isinstance(CallNode fc, ControlFlowNode cls, ControlFlowNode use) { fc.getArg(0) = use } -/** Holds if `c` is a call to `issubclass(use, cls)`. */ -deprecated predicate issubclass(CallNode fc, ControlFlowNode cls, ControlFlowNode use) { - fc.getFunction().(NameNode).getId() = "issubclass" and - fc.getArg(0) = use and - cls = fc.getArg(1) -} - /** Holds if `c` is a test comparing `x` and `y`. `is` is true if the operator is `is` or `==`, it is false if the operator is `is not` or `!=`. */ predicate equality_test(CompareNode c, ControlFlowNode x, boolean is, ControlFlowNode y) { exists(Cmpop op | diff --git a/python/ql/lib/semmle/python/pointsto/PointsToContext.qll b/python/ql/lib/semmle/python/pointsto/PointsToContext.qll index a63381e5e20e..4bbc4001b4d0 100644 --- a/python/ql/lib/semmle/python/pointsto/PointsToContext.qll +++ b/python/ql/lib/semmle/python/pointsto/PointsToContext.qll @@ -122,10 +122,6 @@ private newtype TPointsToContext = } or TObjectContext(SelfInstanceInternal object) -deprecated module Context { - PointsToContext forObject(ObjectInternal object) { result = TObjectContext(object) } -} - /** * A points-to context. Context can be one of: * * "main": Used for scripts. diff --git a/python/ql/lib/semmle/python/protocols.qll b/python/ql/lib/semmle/python/protocols.qll deleted file mode 100644 index fc341dadc335..000000000000 --- a/python/ql/lib/semmle/python/protocols.qll +++ /dev/null @@ -1,19 +0,0 @@ -import python - -/** Retained for backwards compatibility use ClassObject.isIterator() instead. */ -deprecated predicate is_iterator(ClassObject c) { c.isIterator() } - -/** Retained for backwards compatibility use ClassObject.isIterable() instead. */ -deprecated predicate is_iterable(ClassObject c) { c.isIterable() } - -/** Retained for backwards compatibility use ClassObject.isCollection() instead. */ -deprecated predicate is_collection(ClassObject c) { c.isCollection() } - -/** Retained for backwards compatibility use ClassObject.isMapping() instead. */ -deprecated predicate is_mapping(ClassObject c) { c.isMapping() } - -/** Retained for backwards compatibility use ClassObject.isSequence() instead. */ -deprecated predicate is_sequence(ClassObject c) { c.isSequence() } - -/** Retained for backwards compatibility use ClassObject.isContextManager() instead. */ -deprecated predicate is_context_manager(ClassObject c) { c.isContextManager() } diff --git a/python/ql/lib/semmle/python/security/BadTagFilterQuery.qll b/python/ql/lib/semmle/python/security/BadTagFilterQuery.qll deleted file mode 100644 index 446e4487a0f4..000000000000 --- a/python/ql/lib/semmle/python/security/BadTagFilterQuery.qll +++ /dev/null @@ -1,8 +0,0 @@ -/** - * Provides predicates for reasoning about bad tag filter vulnerabilities. - */ - -private import semmle.python.RegexTreeView::RegexTreeView as TreeView -// BadTagFilterQuery should be used directly from the shared pack, and not from this file. -deprecated import codeql.regex.nfa.BadTagFilterQuery::Make as Dep -import Dep diff --git a/python/ql/lib/semmle/python/security/OverlyLargeRangeQuery.qll b/python/ql/lib/semmle/python/security/OverlyLargeRangeQuery.qll deleted file mode 100644 index 49ec333161cf..000000000000 --- a/python/ql/lib/semmle/python/security/OverlyLargeRangeQuery.qll +++ /dev/null @@ -1,8 +0,0 @@ -/** - * Classes and predicates for working with suspicious character ranges. - */ - -private import semmle.python.RegexTreeView::RegexTreeView as TreeView -// OverlyLargeRangeQuery should be used directly from the shared pack, and not from this file. -deprecated import codeql.regex.OverlyLargeRangeQuery::Make as Dep -import Dep diff --git a/python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll b/python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll deleted file mode 100644 index 263bf0f53451..000000000000 --- a/python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll +++ /dev/null @@ -1,68 +0,0 @@ -/** - * This library implements the analysis described in the following two papers: - * - * James Kirrage, Asiri Rathnayake, Hayo Thielecke: Static Analysis for - * Regular Expression Denial-of-Service Attacks. NSS 2013. - * (https://arxiv.org/abs/1301.0849) - * Asiri Rathnayake, Hayo Thielecke: Static Analysis for Regular Expression - * Exponential Runtime via Substructural Logics. 2014. - * (https://www.cs.bham.ac.uk/~hxt/research/redos_full.pdf) - * - * The basic idea is to search for overlapping cycles in the NFA, that is, - * states `q` such that there are two distinct paths from `q` to itself - * that consume the same word `w`. - * - * For any such state `q`, an attack string can be constructed as follows: - * concatenate a prefix `v` that takes the NFA to `q` with `n` copies of - * the word `w` that leads back to `q` along two different paths, followed - * by a suffix `x` that is _not_ accepted in state `q`. A backtracking - * implementation will need to explore at least 2^n different ways of going - * from `q` back to itself while trying to match the `n` copies of `w` - * before finally giving up. - * - * Now in order to identify overlapping cycles, all we have to do is find - * pumpable forks, that is, states `q` that can transition to two different - * states `r1` and `r2` on the same input symbol `c`, such that there are - * paths from both `r1` and `r2` to `q` that consume the same word. The latter - * condition is equivalent to saying that `(q, q)` is reachable from `(r1, r2)` - * in the product NFA. - * - * This is what the library does. It makes a simple attempt to construct a - * prefix `v` leading into `q`, but only to improve the alert message. - * And the library tries to prove the existence of a suffix that ensures - * rejection. This check might fail, which can cause false positives. - * - * Finally, sometimes it depends on the translation whether the NFA generated - * for a regular expression has a pumpable fork or not. We implement one - * particular translation, which may result in false positives or negatives - * relative to some particular JavaScript engine. - * - * More precisely, the library constructs an NFA from a regular expression `r` - * as follows: - * - * * Every sub-term `t` gives rise to an NFA state `Match(t,i)`, representing - * the state of the automaton before attempting to match the `i`th character in `t`. - * * There is one accepting state `Accept(r)`. - * * There is a special `AcceptAnySuffix(r)` state, which accepts any suffix string - * by using an epsilon transition to `Accept(r)` and an any transition to itself. - * * Transitions between states may be labelled with epsilon, or an abstract - * input symbol. - * * Each abstract input symbol represents a set of concrete input characters: - * either a single character, a set of characters represented by a - * character class, or the set of all characters. - * * The product automaton is constructed lazily, starting with pair states - * `(q, q)` where `q` is a fork, and proceeding along an over-approximate - * step relation. - * * The over-approximate step relation allows transitions along pairs of - * abstract input symbols where the symbols have overlap in the characters they accept. - * * Once a trace of pairs of abstract input symbols that leads from a fork - * back to itself has been identified, we attempt to construct a concrete - * string corresponding to it, which may fail. - * * Lastly we ensure that any state reached by repeating `n` copies of `w` has - * a suffix `x` (possible empty) that is most likely __not__ accepted. - */ - -private import semmle.python.RegexTreeView::RegexTreeView as TreeView -// ExponentialBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.ExponentialBackTracking::Make as Dep -import Dep diff --git a/python/ql/lib/semmle/python/security/regexp/NfaUtils.qll b/python/ql/lib/semmle/python/security/regexp/NfaUtils.qll deleted file mode 100644 index 942830d95b22..000000000000 --- a/python/ql/lib/semmle/python/security/regexp/NfaUtils.qll +++ /dev/null @@ -1,13 +0,0 @@ -/** - * Provides classes and predicates for constructing an NFA from - * a regular expression, and various utilities for reasoning about - * the resulting NFA. - * - * These utilities are used both by the ReDoS queries and by - * other queries that benefit from reasoning about NFAs. - */ - -private import semmle.python.RegexTreeView::RegexTreeView as TreeView -// NfaUtils should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.NfaUtils::Make as Dep -import Dep diff --git a/python/ql/lib/semmle/python/security/regexp/RegexpMatching.qll b/python/ql/lib/semmle/python/security/regexp/RegexpMatching.qll deleted file mode 100644 index d73a67add169..000000000000 --- a/python/ql/lib/semmle/python/security/regexp/RegexpMatching.qll +++ /dev/null @@ -1,9 +0,0 @@ -/** - * Provides predicates for reasoning about which strings are matched by a regular expression, - * and for testing which capture groups are filled when a particular regexp matches a string. - */ - -private import semmle.python.RegexTreeView::RegexTreeView as TreeView -// RegexpMatching should be used directly from the shared pack, and not from this file. -deprecated import codeql.regex.nfa.RegexpMatching::Make as Dep -import Dep diff --git a/python/ql/lib/semmle/python/security/regexp/SuperlinearBackTracking.qll b/python/ql/lib/semmle/python/security/regexp/SuperlinearBackTracking.qll deleted file mode 100644 index 6eca3722e09d..000000000000 --- a/python/ql/lib/semmle/python/security/regexp/SuperlinearBackTracking.qll +++ /dev/null @@ -1,41 +0,0 @@ -/** - * This module implements the analysis described in the paper: - * Valentin Wustholz, Oswaldo Olivo, Marijn J. H. Heule, and Isil Dillig: - * Static Detection of DoS Vulnerabilities in - * Programs that use Regular Expressions - * (Extended Version). - * (https://arxiv.org/pdf/1701.04045.pdf) - * - * Theorem 3 from the paper describes the basic idea. - * - * The following explains the idea using variables and predicate names that are used in the implementation: - * We consider a pair of repetitions, which we will call `pivot` and `succ`. - * - * We create a product automaton of 3-tuples of states (see `StateTuple`). - * There exists a transition `(a,b,c) -> (d,e,f)` in the product automaton - * iff there exists three transitions in the NFA `a->d, b->e, c->f` where those three - * transitions all match a shared character `char`. (see `getAThreewayIntersect`) - * - * We start a search in the product automaton at `(pivot, pivot, succ)`, - * and search for a series of transitions (a `Trace`), such that we end - * at `(pivot, succ, succ)` (see `isReachableFromStartTuple`). - * - * For example, consider the regular expression `/^\d*5\w*$/`. - * The search will start at the tuple `(\d*, \d*, \w*)` and search - * for a path to `(\d*, \w*, \w*)`. - * This path exists, and consists of a single transition in the product automaton, - * where the three corresponding NFA edges all match the character `"5"`. - * - * The start-state in the NFA has an any-transition to itself, this allows us to - * flag regular expressions such as `/a*$/` - which does not have a start anchor - - * and can thus start matching anywhere. - * - * The implementation is not perfect. - * It has the same suffix detection issue as the `js/redos` query, which can cause false positives. - * It also doesn't find all transitions in the product automaton, which can cause false negatives. - */ - -private import semmle.python.RegexTreeView::RegexTreeView as TreeView -// SuperlinearBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.SuperlinearBackTracking::Make as Dep -import Dep diff --git a/python/ql/lib/semmle/python/xml/XML.qll b/python/ql/lib/semmle/python/xml/XML.qll index 33f4cd9e9e6a..65bdd7b7cc16 100644 --- a/python/ql/lib/semmle/python/xml/XML.qll +++ b/python/ql/lib/semmle/python/xml/XML.qll @@ -32,9 +32,6 @@ class XmlLocatable extends @xmllocatable, TXmlLocatable { string toString() { none() } // overridden in subclasses } -/** DEPRECATED: Alias for XmlLocatable */ -deprecated class XMLLocatable = XmlLocatable; - /** * An `XmlParent` is either an `XmlElement` or an `XmlFile`, * both of which can contain other elements. @@ -95,9 +92,6 @@ class XmlParent extends @xmlparent { string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlParent */ -deprecated class XMLParent = XmlParent; - /** An XML file. */ class XmlFile extends XmlParent, File { XmlFile() { xmlEncoding(this, _) } @@ -119,14 +113,8 @@ class XmlFile extends XmlParent, File { /** Gets a DTD associated with this XML file. */ XmlDtd getADtd() { xmlDTDs(result, _, _, _, this) } - - /** DEPRECATED: Alias for getADtd */ - deprecated XmlDtd getADTD() { result = this.getADtd() } } -/** DEPRECATED: Alias for XmlFile */ -deprecated class XMLFile = XmlFile; - /** * An XML document type definition (DTD). * @@ -163,9 +151,6 @@ class XmlDtd extends XmlLocatable, @xmldtd { } } -/** DEPRECATED: Alias for XmlDtd */ -deprecated class XMLDTD = XmlDtd; - /** * An XML element in an XML file. * @@ -221,9 +206,6 @@ class XmlElement extends @xmlelement, XmlParent, XmlLocatable { override string toString() { result = this.getName() } } -/** DEPRECATED: Alias for XmlElement */ -deprecated class XMLElement = XmlElement; - /** * An attribute that occurs inside an XML element. * @@ -254,9 +236,6 @@ class XmlAttribute extends @xmlattribute, XmlLocatable { override string toString() { result = this.getName() + "=" + this.getValue() } } -/** DEPRECATED: Alias for XmlAttribute */ -deprecated class XMLAttribute = XmlAttribute; - /** * A namespace used in an XML file. * @@ -273,9 +252,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { /** Gets the URI of this namespace. */ string getUri() { xmlNs(this, _, result, _) } - /** DEPRECATED: Alias for getUri */ - deprecated string getURI() { result = this.getUri() } - /** Holds if this namespace has no prefix. */ predicate isDefault() { this.getPrefix() = "" } @@ -286,9 +262,6 @@ class XmlNamespace extends XmlLocatable, @xmlnamespace { } } -/** DEPRECATED: Alias for XmlNamespace */ -deprecated class XMLNamespace = XmlNamespace; - /** * A comment in an XML file. * @@ -309,9 +282,6 @@ class XmlComment extends @xmlcomment, XmlLocatable { override string toString() { result = this.getText() } } -/** DEPRECATED: Alias for XmlComment */ -deprecated class XMLComment = XmlComment; - /** * A sequence of characters that occurs between opening and * closing tags of an XML element, excluding other elements. @@ -335,6 +305,3 @@ class XmlCharacters extends @xmlcharacters, XmlLocatable { /** Gets a printable representation of this XML character sequence. */ override string toString() { result = this.getCharacters() } } - -/** DEPRECATED: Alias for XmlCharacters */ -deprecated class XMLCharacters = XmlCharacters; diff --git a/python/ql/src/experimental/semmle/python/frameworks/Django.qll b/python/ql/src/experimental/semmle/python/frameworks/Django.qll index f5156d2eb5cc..47b05cc95fd5 100644 --- a/python/ql/src/experimental/semmle/python/frameworks/Django.qll +++ b/python/ql/src/experimental/semmle/python/frameworks/Django.qll @@ -27,9 +27,6 @@ private module ExperimentalPrivateDjango { override string getSourceType() { result = "django.http.request.GET.get" } } - - /** DEPRECATED: Alias for DjangoGetParameter */ - deprecated class DjangoGETParameter = DjangoGetParameter; } } diff --git a/python/ql/src/experimental/semmle/python/frameworks/LDAP.qll b/python/ql/src/experimental/semmle/python/frameworks/LDAP.qll index eb2cf86b3383..8102de27149d 100644 --- a/python/ql/src/experimental/semmle/python/frameworks/LDAP.qll +++ b/python/ql/src/experimental/semmle/python/frameworks/LDAP.qll @@ -124,9 +124,6 @@ private module Ldap { ) ) } - - /** DEPRECATED: Alias for useSsl */ - deprecated override predicate useSSL() { this.useSsl() } } /** @@ -219,9 +216,6 @@ private module Ldap { startTls.getObject().getALocalSource() = this ) } - - /** DEPRECATED: Alias for useSsl */ - deprecated override predicate useSSL() { this.useSsl() } } /** diff --git a/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll b/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll index d62262cec98f..51516faac8af 100644 --- a/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll +++ b/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll @@ -32,6 +32,3 @@ query predicate missingAnnotationOnSink(Location location, string error, string ) ) } - -/** DEPRECATED: Alias for missingAnnotationOnSink */ -deprecated predicate missingAnnotationOnSINK = missingAnnotationOnSink/3; diff --git a/python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll b/python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll index 4d0c11fa3fd1..55015ea5998e 100644 --- a/python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll +++ b/python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll @@ -10,18 +10,12 @@ class XmlRecordedCall extends XmlElement { /** Gets the XML data for the call. */ XmlCall getXmlCall() { result.getParent() = this } - /** DEPRECATED: Alias for getXmlCall */ - deprecated XMLCall getXMLCall() { result = this.getXmlCall() } - /** Gets a call matching the recorded information. */ Call getACall() { result = this.getXmlCall().getACall() } /** Gets the XML data for the callee. */ XmlCallee getXmlCallee() { result.getParent() = this } - /** DEPRECATED: Alias for getXmlCallee */ - deprecated XMLCallee getXMLCallee() { result = this.getXmlCallee() } - /** Gets a python function matching the recorded information of the callee. */ Function getAPythonCallee() { result = this.getXmlCallee().(XmlPythonCallee).getACallee() } diff --git a/ql/ql/src/codeql_ql/style/TypoDatabase.qll b/ql/ql/src/codeql_ql/style/TypoDatabase.qll deleted file mode 100644 index f480b9ebc8b8..000000000000 --- a/ql/ql/src/codeql_ql/style/TypoDatabase.qll +++ /dev/null @@ -1,4 +0,0 @@ -import codeql.typos.TypoDatabase as DB - -/** DEPRECATED: Use the `codeql/typos` pack instead. */ -deprecated predicate typos = DB::typos/2; diff --git a/ruby/ql/lib/change-notes/2024-01-22-outdated-deprecations.md b/ruby/ql/lib/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..c57e54712f67 --- /dev/null +++ b/ruby/ql/lib/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,11 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `HTTP`, `CSRF`, ``, `` etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated `getAUse` and `getARhs` predicates from `API::Node`, use `getASource` and `getASink` instead. +* Deleted the deprecated `disablesCertificateValidation` predicate from the `Http` module. +* Deleted the deprecated `ParamsCall`, `CookiesCall`, and `ActionControllerControllerClass` classes from `ActionController.qll`, use the simarly named classes from `codeql.ruby.frameworks.Rails::Rails` instead. +* Deleted the deprecated `HtmlSafeCall`, `HtmlEscapeCall`, `RenderCall`, and `RenderToCall` classes from `ActionView.qll`, use the simarly named classes from `codeql.ruby.frameworks.Rails::Rails` instead. +* Deleted the deprecated `HtmlSafeCall` class from `Rails.qll`. +* Deleted the deprecated `codeql/ruby/security/BadTagFilterQuery.qll`, `codeql/ruby/security/OverlyLargeRangeQuery.qll`, `codeql/ruby/security/regexp/ExponentialBackTracking.qll`, `codeql/ruby/security/regexp/NfaUtils.qll`, `codeql/ruby/security/regexp/RegexpMatching.qll`, and `codeql/ruby/security/regexp/SuperlinearBackTracking.qll` files. +* Deleted the deprecated `localSourceStoreStep` predicate from `TypeTracker.qll`, use `flowsToStoreStep` instead. \ No newline at end of file diff --git a/ruby/ql/lib/codeql/ruby/ApiGraphs.qll b/ruby/ql/lib/codeql/ruby/ApiGraphs.qll index 6a494845e2d8..cc887a9a05c7 100644 --- a/ruby/ql/lib/codeql/ruby/ApiGraphs.qll +++ b/ruby/ql/lib/codeql/ruby/ApiGraphs.qll @@ -801,12 +801,6 @@ module API { bindingset[this] EntryPoint() { any() } - /** DEPRECATED. This predicate has been renamed to `getASource`. */ - deprecated DataFlow::LocalSourceNode getAUse() { none() } - - /** DEPRECATED. This predicate has been renamed to `getASink`. */ - deprecated DataFlow::Node getARhs() { none() } - /** Gets a data-flow node corresponding to a use-node for this entry point. */ DataFlow::LocalSourceNode getASource() { none() } diff --git a/ruby/ql/lib/codeql/ruby/Concepts.qll b/ruby/ql/lib/codeql/ruby/Concepts.qll index 38d3a72285b9..68a9eee8ff1d 100644 --- a/ruby/ql/lib/codeql/ruby/Concepts.qll +++ b/ruby/ql/lib/codeql/ruby/Concepts.qll @@ -701,17 +701,6 @@ module Http { * Depending on the framework, a request may have multiple nodes which contribute to the URL. */ deprecated DataFlow::Node getURL() { result = Request::Range.super.getAUrlPart() } - - /** - * Holds if this request is made using a mode that disables SSL/TLS - * certificate validation, where `disablingNode` represents the point at - * which the validation was disabled. - */ - deprecated predicate disablesCertificateValidation(DataFlow::Node disablingNode) { - Request::Range.super.disablesCertificateValidation(disablingNode, _) - or - Request::Range.super.disablesCertificateValidation(disablingNode) - } } /** Provides a class for modeling new HTTP requests. */ @@ -725,15 +714,6 @@ module Http { abstract class Range extends SC::Request::Range { /** Gets a node which returns the body of the response */ abstract DataFlow::Node getResponseBody(); - - /** - * DEPRECATED: override `disablesCertificateValidation/2` instead. - * - * Holds if this request is made using a mode that disables SSL/TLS - * certificate validation, where `disablingNode` represents the point at - * which the validation was disabled. - */ - deprecated predicate disablesCertificateValidation(DataFlow::Node disablingNode) { none() } } } @@ -748,9 +728,6 @@ module Http { } } -/** DEPRECATED: Alias for Http */ -deprecated module HTTP = Http; - /** * A data flow node that executes an operating system command, * for instance by spawning a new process. @@ -967,9 +944,6 @@ class CsrfProtectionSetting extends DataFlow::Node instanceof CsrfProtectionSett boolean getVerificationSetting() { result = super.getVerificationSetting() } } -/** DEPRECATED: Alias for CsrfProtectionSetting */ -deprecated class CSRFProtectionSetting = CsrfProtectionSetting; - /** Provides a class for modeling new CSRF protection setting APIs. */ module CsrfProtectionSetting { /** @@ -987,9 +961,6 @@ module CsrfProtectionSetting { } } -/** DEPRECATED: Alias for CsrfProtectionSetting */ -deprecated module CSRFProtectionSetting = CsrfProtectionSetting; - /** Provides classes for modeling path-related APIs. */ module Path { /** diff --git a/ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll b/ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll index b690d6fad5b9..7ac82dae1b32 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll @@ -23,16 +23,6 @@ module ActionController { import codeql.ruby.frameworks.actioncontroller.Filters } -/** - * DEPRECATED: Import `codeql.ruby.frameworks.Rails` and use `Rails::ParamsCall` instead. - */ -deprecated class ParamsCall = Rails::ParamsCall; - -/** - * DEPRECATED: Import `codeql.ruby.frameworks.Rails` and use `Rails::CookiesCall` instead. - */ -deprecated class CookiesCall = Rails::CookiesCall; - /** * A class that extends `ActionController::Base`. * For example, @@ -87,22 +77,6 @@ private API::Node actionControllerInstance() { result = any(ActionControllerClass cls).getSelf().track() } -/** - * DEPRECATED. Use `ActionControllerClass` instead. - * - * A `ClassDeclaration` corresponding to an `ActionControllerClass`. - */ -deprecated class ActionControllerControllerClass extends ClassDeclaration { - ActionControllerControllerClass() { this = any(ActionControllerClass cls).getADeclaration() } - - /** - * Gets a `ActionControllerActionMethod` defined in this class. - */ - ActionControllerActionMethod getAnAction() { - result = this.getAMethod().(Method) and result.isPrivate() - } -} - /** * A public instance method defined within an `ActionController` controller class. * This may be the target of a route handler, if such a route is defined. diff --git a/ruby/ql/lib/codeql/ruby/frameworks/ActionView.qll b/ruby/ql/lib/codeql/ruby/frameworks/ActionView.qll index 36b460c2f73f..29e0b299f3e5 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/ActionView.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/ActionView.qll @@ -11,26 +11,6 @@ private import codeql.ruby.dataflow.RemoteFlowSources private import codeql.ruby.frameworks.internal.Rails private import codeql.ruby.frameworks.Rails -/** - * DEPRECATED: Import `codeql.ruby.frameworks.Rails` and use `Rails::HtmlSafeCall` instead. - */ -deprecated class HtmlSafeCall = Rails::HtmlSafeCall; - -/** - * DEPRECATED: Import `codeql.ruby.frameworks.Rails` and use `Rails::HtmlEscapeCall` instead. - */ -deprecated class HtmlEscapeCall = Rails::HtmlEscapeCall; - -/** - * DEPRECATED: Import `codeql.ruby.frameworks.Rails` and use `Rails::RenderCall` instead. - */ -deprecated class RenderCall = Rails::RenderCall; - -/** - * DEPRECATED: Import `codeql.ruby.frameworks.Rails` and use `Rails::RenderToCall` instead. - */ -deprecated class RenderToCall = Rails::RenderToCall; - /** * Holds if this AST node is in a context where `ActionView` methods are available. */ diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Rails.qll b/ruby/ql/lib/codeql/ruby/frameworks/Rails.qll index a4de348af32a..8b657c17ec7d 100644 --- a/ruby/ql/lib/codeql/ruby/frameworks/Rails.qll +++ b/ruby/ql/lib/codeql/ruby/frameworks/Rails.qll @@ -49,15 +49,6 @@ private module RenderCallUtils { * Provides classes for working with Rails. */ module Rails { - /** - * DEPRECATED: Any call to `html_safe` is considered an XSS sink. - * A method call on a string to mark it as HTML safe for Rails. Strings marked - * as such will not be automatically escaped when inserted into HTML. - */ - deprecated class HtmlSafeCall extends MethodCall { - HtmlSafeCall() { this.getMethodName() = "html_safe" } - } - /** A call to a Rails method to escape HTML. */ class HtmlEscapeCall extends MethodCall instanceof HtmlEscapeCallImpl { } diff --git a/ruby/ql/lib/codeql/ruby/security/BadTagFilterQuery.qll b/ruby/ql/lib/codeql/ruby/security/BadTagFilterQuery.qll deleted file mode 100644 index 370baaf3a5d0..000000000000 --- a/ruby/ql/lib/codeql/ruby/security/BadTagFilterQuery.qll +++ /dev/null @@ -1,8 +0,0 @@ -/** - * Provides predicates for reasoning about bad tag filter vulnerabilities. - */ - -private import codeql.ruby.regexp.RegExpTreeView::RegexTreeView as TreeView -// BadTagFilterQuery should be used directly from the shared pack, and not from this file. -deprecated import codeql.regex.nfa.BadTagFilterQuery::Make as Dep -import Dep diff --git a/ruby/ql/lib/codeql/ruby/security/OpenSSL.qll b/ruby/ql/lib/codeql/ruby/security/OpenSSL.qll index 0b57184bda9a..26f6d996f144 100644 --- a/ruby/ql/lib/codeql/ruby/security/OpenSSL.qll +++ b/ruby/ql/lib/codeql/ruby/security/OpenSSL.qll @@ -139,9 +139,6 @@ module Ciphers { ] } - /** DEPRECATED: Alias for isOpenSslCipher */ - deprecated predicate isOpenSSLCipher = isOpenSslCipher/1; - /** * Gets the canonical cipher name in cases where this isn't simply an * upcased version of the provided name. This may be because a default block @@ -269,9 +266,6 @@ module Ciphers { name.toUpperCase().regexpMatch(getInsecureAlgorithmRegex()) } - /** DEPRECATED: Alias for isWeakOpenSslCipher */ - deprecated predicate isWeakOpenSSLCipher = isWeakOpenSslCipher/1; - /** * Holds if `name` is the name of an OpenSSL cipher that is known to be strong. */ @@ -281,9 +275,6 @@ module Ciphers { // exclude algorithms that include a weak component not name.toUpperCase().regexpMatch(getInsecureAlgorithmRegex()) } - - /** DEPRECATED: Alias for isStrongOpenSslCipher */ - deprecated predicate isStrongOpenSSLCipher = isStrongOpenSslCipher/1; } private import Ciphers @@ -334,9 +325,6 @@ class OpenSslCipher extends MkOpenSslCipher { Cryptography::EncryptionAlgorithm getAlgorithm() { result.matchesName(this.getCanonicalName()) } } -/** DEPRECATED: Alias for OpenSslCipher */ -deprecated class OpenSSLCipher = OpenSslCipher; - /** `OpenSSL::Cipher` or `OpenSSL::Cipher::Cipher` */ private API::Node cipherApi() { result = API::getTopLevelMember("OpenSSL").getMember("Cipher") or diff --git a/ruby/ql/lib/codeql/ruby/security/OverlyLargeRangeQuery.qll b/ruby/ql/lib/codeql/ruby/security/OverlyLargeRangeQuery.qll deleted file mode 100644 index d9a8d80e09a9..000000000000 --- a/ruby/ql/lib/codeql/ruby/security/OverlyLargeRangeQuery.qll +++ /dev/null @@ -1,8 +0,0 @@ -/** - * Classes and predicates for working with suspicious character ranges. - */ - -private import codeql.ruby.regexp.RegExpTreeView::RegexTreeView as TreeView -// OverlyLargeRangeQuery should be used directly from the shared pack, and not from this file. -deprecated import codeql.regex.OverlyLargeRangeQuery::Make as Dep -import Dep diff --git a/ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll b/ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll deleted file mode 100644 index c8d21b0bd31b..000000000000 --- a/ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll +++ /dev/null @@ -1,68 +0,0 @@ -/** - * This library implements the analysis described in the following two papers: - * - * James Kirrage, Asiri Rathnayake, Hayo Thielecke: Static Analysis for - * Regular Expression Denial-of-Service Attacks. NSS 2013. - * (https://arxiv.org/abs/1301.0849) - * Asiri Rathnayake, Hayo Thielecke: Static Analysis for Regular Expression - * Exponential Runtime via Substructural Logics. 2014. - * (https://www.cs.bham.ac.uk/~hxt/research/redos_full.pdf) - * - * The basic idea is to search for overlapping cycles in the NFA, that is, - * states `q` such that there are two distinct paths from `q` to itself - * that consume the same word `w`. - * - * For any such state `q`, an attack string can be constructed as follows: - * concatenate a prefix `v` that takes the NFA to `q` with `n` copies of - * the word `w` that leads back to `q` along two different paths, followed - * by a suffix `x` that is _not_ accepted in state `q`. A backtracking - * implementation will need to explore at least 2^n different ways of going - * from `q` back to itself while trying to match the `n` copies of `w` - * before finally giving up. - * - * Now in order to identify overlapping cycles, all we have to do is find - * pumpable forks, that is, states `q` that can transition to two different - * states `r1` and `r2` on the same input symbol `c`, such that there are - * paths from both `r1` and `r2` to `q` that consume the same word. The latter - * condition is equivalent to saying that `(q, q)` is reachable from `(r1, r2)` - * in the product NFA. - * - * This is what the library does. It makes a simple attempt to construct a - * prefix `v` leading into `q`, but only to improve the alert message. - * And the library tries to prove the existence of a suffix that ensures - * rejection. This check might fail, which can cause false positives. - * - * Finally, sometimes it depends on the translation whether the NFA generated - * for a regular expression has a pumpable fork or not. We implement one - * particular translation, which may result in false positives or negatives - * relative to some particular JavaScript engine. - * - * More precisely, the library constructs an NFA from a regular expression `r` - * as follows: - * - * * Every sub-term `t` gives rise to an NFA state `Match(t,i)`, representing - * the state of the automaton before attempting to match the `i`th character in `t`. - * * There is one accepting state `Accept(r)`. - * * There is a special `AcceptAnySuffix(r)` state, which accepts any suffix string - * by using an epsilon transition to `Accept(r)` and an any transition to itself. - * * Transitions between states may be labelled with epsilon, or an abstract - * input symbol. - * * Each abstract input symbol represents a set of concrete input characters: - * either a single character, a set of characters represented by a - * character class, or the set of all characters. - * * The product automaton is constructed lazily, starting with pair states - * `(q, q)` where `q` is a fork, and proceeding along an over-approximate - * step relation. - * * The over-approximate step relation allows transitions along pairs of - * abstract input symbols where the symbols have overlap in the characters they accept. - * * Once a trace of pairs of abstract input symbols that leads from a fork - * back to itself has been identified, we attempt to construct a concrete - * string corresponding to it, which may fail. - * * Lastly we ensure that any state reached by repeating `n` copies of `w` has - * a suffix `x` (possible empty) that is most likely __not__ accepted. - */ - -private import codeql.ruby.regexp.RegExpTreeView::RegexTreeView as TreeView -// ExponentialBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.ExponentialBackTracking::Make as Dep -import Dep diff --git a/ruby/ql/lib/codeql/ruby/security/regexp/NfaUtils.qll b/ruby/ql/lib/codeql/ruby/security/regexp/NfaUtils.qll deleted file mode 100644 index 721905a34bf9..000000000000 --- a/ruby/ql/lib/codeql/ruby/security/regexp/NfaUtils.qll +++ /dev/null @@ -1,13 +0,0 @@ -/** - * Provides classes and predicates for constructing an NFA from - * a regular expression, and various utilities for reasoning about - * the resulting NFA. - * - * These utilities are used both by the ReDoS queries and by - * other queries that benefit from reasoning about NFAs. - */ - -private import codeql.ruby.regexp.RegExpTreeView::RegexTreeView as TreeView -// NfaUtils should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.NfaUtils::Make as Dep -import Dep diff --git a/ruby/ql/lib/codeql/ruby/security/regexp/RegexpMatching.qll b/ruby/ql/lib/codeql/ruby/security/regexp/RegexpMatching.qll deleted file mode 100644 index 572d42d96174..000000000000 --- a/ruby/ql/lib/codeql/ruby/security/regexp/RegexpMatching.qll +++ /dev/null @@ -1,9 +0,0 @@ -/** - * Provides predicates for reasoning about which strings are matched by a regular expression, - * and for testing which capture groups are filled when a particular regexp matches a string. - */ - -private import codeql.ruby.regexp.RegExpTreeView::RegexTreeView as TreeView -// RegexpMatching should be used directly from the shared pack, and not from this file. -deprecated import codeql.regex.nfa.RegexpMatching::Make as Dep -import Dep diff --git a/ruby/ql/lib/codeql/ruby/security/regexp/SuperlinearBackTracking.qll b/ruby/ql/lib/codeql/ruby/security/regexp/SuperlinearBackTracking.qll deleted file mode 100644 index eb19b0cc7721..000000000000 --- a/ruby/ql/lib/codeql/ruby/security/regexp/SuperlinearBackTracking.qll +++ /dev/null @@ -1,41 +0,0 @@ -/** - * This module implements the analysis described in the paper: - * Valentin Wustholz, Oswaldo Olivo, Marijn J. H. Heule, and Isil Dillig: - * Static Detection of DoS Vulnerabilities in - * Programs that use Regular Expressions - * (Extended Version). - * (https://arxiv.org/pdf/1701.04045.pdf) - * - * Theorem 3 from the paper describes the basic idea. - * - * The following explains the idea using variables and predicate names that are used in the implementation: - * We consider a pair of repetitions, which we will call `pivot` and `succ`. - * - * We create a product automaton of 3-tuples of states (see `StateTuple`). - * There exists a transition `(a,b,c) -> (d,e,f)` in the product automaton - * iff there exists three transitions in the NFA `a->d, b->e, c->f` where those three - * transitions all match a shared character `char`. (see `getAThreewayIntersect`) - * - * We start a search in the product automaton at `(pivot, pivot, succ)`, - * and search for a series of transitions (a `Trace`), such that we end - * at `(pivot, succ, succ)` (see `isReachableFromStartTuple`). - * - * For example, consider the regular expression `/^\d*5\w*$/`. - * The search will start at the tuple `(\d*, \d*, \w*)` and search - * for a path to `(\d*, \w*, \w*)`. - * This path exists, and consists of a single transition in the product automaton, - * where the three corresponding NFA edges all match the character `"5"`. - * - * The start-state in the NFA has an any-transition to itself, this allows us to - * flag regular expressions such as `/a*$/` - which does not have a start anchor - - * and can thus start matching anywhere. - * - * The implementation is not perfect. - * It has the same suffix detection issue as the `js/redos` query, which can cause false positives. - * It also doesn't find all transitions in the product automaton, which can cause false negatives. - */ - -private import codeql.ruby.regexp.RegExpTreeView::RegexTreeView as TreeView -// SuperlinearBackTracking should be used directly from the shared pack, and not from this file. -deprecated private import codeql.regex.nfa.SuperlinearBackTracking::Make as Dep -import Dep diff --git a/ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll b/ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll index a9ae8fbf60e8..cc79cdb26996 100644 --- a/ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll +++ b/ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll @@ -391,8 +391,6 @@ deprecated module StepSummary { smallstepCall(nodeFrom, nodeTo, summary) } - deprecated predicate localSourceStoreStep = flowsToStoreStep/3; - /** Gets the step summary for a level step. */ StepSummary levelStep() { result = LevelStep() } diff --git a/shared/regex/codeql/regex/nfa/NfaUtils.qll b/shared/regex/codeql/regex/nfa/NfaUtils.qll index 5f2e57cb20d7..d074081b6ac2 100644 --- a/shared/regex/codeql/regex/nfa/NfaUtils.qll +++ b/shared/regex/codeql/regex/nfa/NfaUtils.qll @@ -64,9 +64,6 @@ module Make { } } - /** DEPRECATED: Use `EmptyPositiveSubPattern` instead. */ - deprecated class EmptyPositiveSubPatttern = EmptyPositiveSubPattern; - final private class FinalRegExpTerm = RegExpTerm; /** diff --git a/shared/ssa/change-notes/2024-01-22-outdated-deprecations.md b/shared/ssa/change-notes/2024-01-22-outdated-deprecations.md new file mode 100644 index 000000000000..c1a3deabd2de --- /dev/null +++ b/shared/ssa/change-notes/2024-01-22-outdated-deprecations.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Deleted the deprecated `adjacentDefNoUncertainReads`, `lastRefRedefNoUncertainReads`, and `lastRefNoUncertainReads` predicates. \ No newline at end of file diff --git a/shared/ssa/codeql/ssa/Ssa.qll b/shared/ssa/codeql/ssa/Ssa.qll index 40ee155b6180..5445a71296b4 100644 --- a/shared/ssa/codeql/ssa/Ssa.qll +++ b/shared/ssa/codeql/ssa/Ssa.qll @@ -741,43 +741,6 @@ module Make Input> { defAdjacentRead(def, bb1, bb2, i2) } - pragma[noinline] - deprecated private predicate adjacentDefRead( - Definition def, BasicBlock bb1, int i1, BasicBlock bb2, int i2, SourceVariable v - ) { - adjacentDefRead(def, bb1, i1, bb2, i2) and - v = def.getSourceVariable() - } - - deprecated private predicate adjacentDefReachesRead( - Definition def, BasicBlock bb1, int i1, BasicBlock bb2, int i2 - ) { - exists(SourceVariable v | adjacentDefRead(def, bb1, i1, bb2, i2, v) | - ssaRef(bb1, i1, v, SsaDef()) - or - variableRead(bb1, i1, v, true) - ) - or - exists(BasicBlock bb3, int i3 | - adjacentDefReachesRead(def, bb1, i1, bb3, i3) and - variableRead(bb3, i3, _, false) and - adjacentDefRead(def, bb3, i3, bb2, i2) - ) - } - - /** - * NB: If this predicate is exposed, it should be cached. - * - * Same as `adjacentDefRead`, but ignores uncertain reads. - */ - pragma[nomagic] - deprecated predicate adjacentDefNoUncertainReads( - Definition def, BasicBlock bb1, int i1, BasicBlock bb2, int i2 - ) { - adjacentDefReachesRead(def, bb1, i1, bb2, i2) and - variableRead(bb2, i2, _, true) - } - /** * NB: If this predicate is exposed, it should be cached. * @@ -838,31 +801,6 @@ module Make Input> { lastRefRedef(inp, _, _, def) } - deprecated private predicate adjacentDefReachesUncertainRead( - Definition def, BasicBlock bb1, int i1, BasicBlock bb2, int i2 - ) { - adjacentDefReachesRead(def, bb1, i1, bb2, i2) and - variableRead(bb2, i2, _, false) - } - - /** - * NB: If this predicate is exposed, it should be cached. - * - * Same as `lastRefRedef`, but ignores uncertain reads. - */ - pragma[nomagic] - deprecated predicate lastRefRedefNoUncertainReads( - Definition def, BasicBlock bb, int i, Definition next - ) { - lastRefRedef(def, bb, i, next) and - not variableRead(bb, i, def.getSourceVariable(), false) - or - exists(BasicBlock bb0, int i0 | - lastRefRedef(def, bb0, i0, next) and - adjacentDefReachesUncertainRead(def, bb, i, bb0, i0) - ) - } - /** * NB: If this predicate is exposed, it should be cached. * @@ -908,22 +846,6 @@ module Make Input> { ) } - /** - * NB: If this predicate is exposed, it should be cached. - * - * Same as `lastRefRedef`, but ignores uncertain reads. - */ - pragma[nomagic] - deprecated predicate lastRefNoUncertainReads(Definition def, BasicBlock bb, int i) { - lastRef(def, bb, i) and - not variableRead(bb, i, def.getSourceVariable(), false) - or - exists(BasicBlock bb0, int i0 | - lastRef(def, bb0, i0) and - adjacentDefReachesUncertainRead(def, bb, i, bb0, i0) - ) - } - /** A static single assignment (SSA) definition. */ class Definition extends TDefinition { /** Gets the source variable underlying this SSA definition. */