Merge pull request #160 from microsoft/dilan/remove-js-dataflow-depre…

…cation-labels

TEMPORARY: Remove JavaScript Deprecation Labels

javascript/ql/lib/semmle/javascript/dataflow/AdditionalFlowSteps.qll

@@ -152,7 +152,7 @@ class LegacyFlowStep extends Unit {
    * Holds if `pred` → `succ` should be considered a data flow edge
    * transforming values with label `predlbl` to have label `succlbl`.
    */
-  deprecated predicate step(
+  predicate step(
     DataFlow::Node pred, DataFlow::Node succ, DataFlow::FlowLabel predlbl,
     DataFlow::FlowLabel succlbl
   ) {
@@ -207,7 +207,7 @@ module LegacyFlowStep {
    * transforming values with label `predlbl` to have label `succlbl`.
    */
   cached
-  deprecated predicate step(
+  predicate step(
     DataFlow::Node pred, DataFlow::Node succ, DataFlow::FlowLabel predlbl,
     DataFlow::FlowLabel succlbl
   ) {
@@ -282,7 +282,7 @@ class SharedFlowStep extends Unit {
    * Holds if `pred` → `succ` should be considered a data flow edge
    * transforming values with label `predlbl` to have label `succlbl`.
    */
-  deprecated predicate step(
+  predicate step(
     DataFlow::Node pred, DataFlow::Node succ, DataFlow::FlowLabel predlbl,
     DataFlow::FlowLabel succlbl
   ) {
@@ -364,7 +364,7 @@ module SharedFlowStep {
    * Holds if `pred` → `succ` should be considered a data flow edge
    * transforming values with label `predlbl` to have label `succlbl`.
    */
-  deprecated predicate step(
+  predicate step(
     DataFlow::Node pred, DataFlow::Node succ, DataFlow::FlowLabel predlbl,
     DataFlow::FlowLabel succlbl
   ) {

javascript/ql/lib/semmle/javascript/dataflow/BackwardExploration.qll

@@ -1,6 +1,6 @@
 /**
  * Alias for the library `semmle.javascript.explore.BackwardDataFlow`.
  */
-deprecated module;
+// deprecated module;
 
 import semmle.javascript.explore.BackwardDataFlow

javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll

@@ -1929,7 +1929,7 @@ module DataFlow {
   import Nodes
   import Sources
   import TypeInference
-  deprecated import Configuration
+  import Configuration
   import TypeTracking
   import AdditionalFlowSteps
   import internal.FunctionWrapperSteps

javascript/ql/lib/semmle/javascript/dataflow/ForwardExploration.qll

@@ -1,6 +1,6 @@
 /**
  * Alias for the library `semmle.javascript.explore.ForwardDataFlow`.
  */
-deprecated module;
+// deprecated module;
 
 import semmle.javascript.explore.ForwardDataFlow

javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll

@@ -37,7 +37,7 @@ module TaintTracking {
    * If a different set of flow edges is desired, extend this class and override
    * `isAdditionalTaintStep`.
    */
-  abstract deprecated class Configuration extends DataFlow::Configuration {
+  abstract class Configuration extends DataFlow::Configuration {
     bindingset[this]
     Configuration() { any() }
 
@@ -210,16 +210,16 @@ module TaintTracking {
   abstract private class LegacyAdditionalBarrierGuard extends AdditionalBarrierGuard,
     AdditionalSanitizerGuardNodeDeprecated
   {
-    deprecated override predicate sanitizes(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
+    override predicate sanitizes(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
 
-    deprecated override predicate appliesTo(Configuration cfg) { any() }
+    override predicate appliesTo(Configuration cfg) { any() }
   }
 
   /**
    * DEPRECATED. This class was part of the old data flow library which is now deprecated.
    * Use `TaintTracking::AdditionalBarrierGuard` instead.
    */
-  deprecated class AdditionalSanitizerGuardNode = AdditionalSanitizerGuardNodeDeprecated;
+  class AdditionalSanitizerGuardNode = AdditionalSanitizerGuardNodeDeprecated;
 
   cached
   abstract private class AdditionalSanitizerGuardNodeDeprecated extends DataFlow::Node {
@@ -229,20 +229,20 @@ module TaintTracking {
      * Holds if this node blocks expression `e`, provided it evaluates to `outcome`.
      */
     cached
-    deprecated predicate blocks(boolean outcome, Expr e) { none() }
+    predicate blocks(boolean outcome, Expr e) { none() }
 
     /**
      * Holds if this node sanitizes expression `e`, provided it evaluates
      * to `outcome`.
      */
     cached
-    abstract deprecated predicate sanitizes(boolean outcome, Expr e);
+    abstract predicate sanitizes(boolean outcome, Expr e);
 
     /**
      * Holds if this node blocks expression `e` from flow of type `label`, provided it evaluates to `outcome`.
      */
     cached
-    deprecated predicate blocks(boolean outcome, Expr e, DataFlow::FlowLabel label) {
+    predicate blocks(boolean outcome, Expr e, DataFlow::FlowLabel label) {
       this.sanitizes(outcome, e) and label.isTaint()
       or
       this.sanitizes(outcome, e, label)
@@ -253,13 +253,13 @@ module TaintTracking {
      * to `outcome`.
      */
     cached
-    deprecated predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel label) { none() }
+    predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel label) { none() }
 
     /**
      * Holds if this guard applies to the flow in `cfg`.
      */
     cached
-    abstract deprecated predicate appliesTo(Configuration cfg);
+    abstract predicate appliesTo(Configuration cfg);
   }
 
   /**
@@ -274,7 +274,7 @@ module TaintTracking {
    * implementations of `sanitizes` will _both_ apply to any configuration that includes either of
    * them.
    */
-  abstract deprecated class SanitizerGuardNode extends DataFlow::BarrierGuardNode {
+  abstract class SanitizerGuardNode extends DataFlow::BarrierGuardNode {
     override predicate blocks(boolean outcome, Expr e) { none() }
 
     /**
@@ -299,7 +299,7 @@ module TaintTracking {
   /**
    * A sanitizer guard node that only blocks specific flow labels.
    */
-  abstract deprecated class LabeledSanitizerGuardNode extends SanitizerGuardNode,
+  abstract class LabeledSanitizerGuardNode extends SanitizerGuardNode,
     DataFlow::BarrierGuardNode
   {
     override predicate sanitizes(boolean outcome, Expr e) { none() }
@@ -902,7 +902,7 @@ module TaintTracking {
     }
   }
 
-  deprecated private class AdHocWhitelistCheckSanitizerAsSanitizerGuardNode extends SanitizerGuardNode instanceof AdHocWhitelistCheckSanitizer
+  private class AdHocWhitelistCheckSanitizerAsSanitizerGuardNode extends SanitizerGuardNode instanceof AdHocWhitelistCheckSanitizer
   {
     override predicate sanitizes(boolean outcome, Expr e) { super.blocksExpr(outcome, e) }
   }

javascript/ql/lib/semmle/javascript/dataflow/internal/BarrierGuards.qll

@@ -36,7 +36,7 @@ module MakeBarrierGuard<BarrierGuardSig BaseGuard> {
   }
 }
 
-deprecated private module DeprecationWrapper {
+private module DeprecationWrapper {
   signature class LabeledBarrierGuardSig extends DataFlow::Node {
     /**
      * Holds if this node acts as a barrier for `label`, blocking further flow from `e` if `this` evaluates to `outcome`.
@@ -48,7 +48,7 @@ deprecated private module DeprecationWrapper {
 /**
  * Converts a barrier guard class to a set of nodes to include in an implementation of `isBarrier(node, label)`.
  */
-deprecated module MakeLabeledBarrierGuard<DeprecationWrapper::LabeledBarrierGuardSig BaseGuard> {
+module MakeLabeledBarrierGuard<DeprecationWrapper::LabeledBarrierGuardSig BaseGuard> {
   final private class FinalBaseGuard = BaseGuard;
 
   private class Adapter extends FinalBaseGuard {
@@ -71,15 +71,15 @@ deprecated module MakeLabeledBarrierGuard<DeprecationWrapper::LabeledBarrierGuar
  * This module is a workaround for the fact that deprecated signatures can't refer to deprecated classes
  * without getting a deprecation warning
  */
-deprecated private module DeprecatedSigs {
+private module DeprecatedSigs {
   signature predicate isBarrierGuardSig(DataFlow::BarrierGuardNode node);
 }
 
 /**
  * Converts a labeled barrier guard class to a set of nodes to include in an implementation of `isBarrier(node)` and `isBarrier(node, label)`
  * in a `DataFlow::StateConfigSig` implementation.
  */
-deprecated module MakeLegacyBarrierGuardLabeled<DeprecatedSigs::isBarrierGuardSig/1 isBarrierGuard> {
+module MakeLegacyBarrierGuardLabeled<DeprecatedSigs::isBarrierGuardSig/1 isBarrierGuard> {
   final private class FinalNode = DataFlow::Node;
 
   private class Adapter extends FinalNode instanceof DataFlow::BarrierGuardNode {
@@ -110,7 +110,7 @@ deprecated module MakeLegacyBarrierGuardLabeled<DeprecatedSigs::isBarrierGuardSi
 /**
  * Converts a barrier guard class to a set of nodes to include in an implementation of `isBarrier(node)` in a `DataFlow::ConfigSig` implementation.
  */
-deprecated module MakeLegacyBarrierGuard<DeprecatedSigs::isBarrierGuardSig/1 isBarrierGuard> {
+module MakeLegacyBarrierGuard<DeprecatedSigs::isBarrierGuardSig/1 isBarrierGuard> {
   final private class FinalNode = DataFlow::Node;
 
   private class Adapter extends FinalNode instanceof DataFlow::BarrierGuardNode {

javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll

@@ -1084,7 +1084,7 @@ abstract private class BarrierGuardAdapter extends DataFlow::Node {
   predicate blocksExpr(boolean outcome, Expr e) { none() }
 }
 
-deprecated private class BarrierGuardAdapterSubclass extends BarrierGuardAdapter instanceof DataFlow::AdditionalBarrierGuardNode
+private class BarrierGuardAdapterSubclass extends BarrierGuardAdapter instanceof DataFlow::AdditionalBarrierGuardNode
 {
   override predicate blocksExpr(boolean outcome, Expr e) { super.blocks(outcome, e) }
 }

javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSteps.qll

@@ -5,7 +5,7 @@
  */
 
 import javascript
-deprecated import semmle.javascript.dataflow.Configuration
+import semmle.javascript.dataflow.Configuration
 import semmle.javascript.dataflow.internal.CallGraphs
 private import semmle.javascript.internal.CachedStages
 
@@ -49,7 +49,7 @@ private predicate legacyPostUpdateStep(DataFlow::Node pred, DataFlow::Node succ)
  * additional steps from the configuration into account.
  */
 pragma[inline]
-deprecated predicate localFlowStep(
+predicate localFlowStep(
   DataFlow::Node pred, DataFlow::Node succ, DataFlow::Configuration configuration,
   FlowLabel predlbl, FlowLabel succlbl
 ) {
@@ -545,9 +545,9 @@ class Boolean extends boolean {
 /**
  * A summary of an inter-procedural data flow path.
  */
-deprecated newtype TPathSummary =
+newtype TPathSummary =
   /** A summary of an inter-procedural data flow path. */
-  deprecated MkPathSummary(Boolean hasReturn, Boolean hasCall, FlowLabel start, FlowLabel end)
+  MkPathSummary(Boolean hasReturn, Boolean hasCall, FlowLabel start, FlowLabel end)
 
 /**
  * A summary of an inter-procedural data flow path.
@@ -560,7 +560,7 @@ deprecated newtype TPathSummary =
  * We only want to build properly matched call/return sequences, so if a path has both
  * call steps and return steps, all return steps must precede all call steps.
  */
-deprecated class PathSummary extends TPathSummary {
+class PathSummary extends TPathSummary {
   Boolean hasReturn;
   Boolean hasCall;
   FlowLabel start;
@@ -634,7 +634,7 @@ deprecated class PathSummary extends TPathSummary {
   }
 }
 
-deprecated module PathSummary {
+module PathSummary {
   /**
    * Gets a summary describing a path without any calls or returns.
    */

javascript/ql/lib/semmle/javascript/explore/BackwardDataFlow.qll

@@ -12,11 +12,11 @@
  * Backward exploration in particular does not scale on non-trivial code bases and hence is of limited
  * usefulness as it stands.
  */
-deprecated module;
+module;
 
 import javascript
 
-deprecated private class BackwardExploringConfiguration extends DataFlow::Configuration {
+private class BackwardExploringConfiguration extends DataFlow::Configuration {
   BackwardExploringConfiguration() { this = any(DataFlow::Configuration cfg) }
 
   override predicate isSource(DataFlow::Node node) { any() }

javascript/ql/lib/semmle/javascript/explore/ForwardDataFlow.qll

@@ -10,11 +10,11 @@
  *
  * NOTE: This library should only be used for debugging and exploration, not in production code.
  */
-deprecated module;
+module;
 
 import javascript
 
-deprecated private class ForwardExploringConfiguration extends DataFlow::Configuration {
+private class ForwardExploringConfiguration extends DataFlow::Configuration {
   ForwardExploringConfiguration() { this = any(DataFlow::Configuration cfg) }
 
   override predicate isSink(DataFlow::Node node) { any() }

javascript/ql/lib/semmle/javascript/security/CommonFlowState.qll

@@ -50,7 +50,7 @@ class FlowState extends TFlowState {
   }
 
   /** DEPRECATED. Gets the corresponding flow label. */
-  deprecated DataFlow::FlowLabel toFlowLabel() {
+  DataFlow::FlowLabel toFlowLabel() {
     this.isTaint() and result.isTaint()
     or
     this.isTaintedUrlSuffix() and result = TaintedUrlSuffix::label()
@@ -86,5 +86,5 @@ module FlowState {
   FlowState taintedObject() { result.isTaintedObject() }
 
   /** DEPRECATED. Gets the flow state corresponding to `label`. */
-  deprecated FlowState fromFlowLabel(DataFlow::FlowLabel label) { result.toFlowLabel() = label }
+  FlowState fromFlowLabel(DataFlow::FlowLabel label) { result.toFlowLabel() = label }
 }

javascript/ql/lib/semmle/javascript/security/TaintedObject.qll

@@ -22,14 +22,14 @@ module TaintedObject {
   import TaintedObjectCustomizations::TaintedObject
 
   // Materialize flow labels
-  deprecated private class ConcreteTaintedObjectLabel extends TaintedObjectLabel {
+  private class ConcreteTaintedObjectLabel extends TaintedObjectLabel {
     ConcreteTaintedObjectLabel() { this = this }
   }
 
   /**
    * DEPRECATED. Use `isAdditionalFlowStep(node1, state1, node2, state2)` instead.
    */
-  deprecated predicate step(Node src, Node trg, FlowLabel inlbl, FlowLabel outlbl) {
+  predicate step(Node src, Node trg, FlowLabel inlbl, FlowLabel outlbl) {
     isAdditionalFlowStep(src, FlowState::fromFlowLabel(inlbl), trg, FlowState::fromFlowLabel(outlbl))
   }
 
@@ -80,7 +80,7 @@ module TaintedObject {
    *
    * Holds if `node` is a source of JSON taint and label is the JSON taint label.
    */
-  deprecated predicate isSource(Node source, FlowLabel label) {
+  predicate isSource(Node source, FlowLabel label) {
     source instanceof Source and label = label()
   }
 
@@ -100,21 +100,21 @@ module TaintedObject {
     predicate blocksExpr(boolean outcome, Expr e, FlowState state) { none() }
 
     /** DEPRECATED. Use `blocksExpr` instead. */
-    deprecated predicate sanitizes(boolean outcome, Expr e, FlowLabel label) {
+    predicate sanitizes(boolean outcome, Expr e, FlowLabel label) {
       this.blocksExpr(outcome, e, FlowState::fromFlowLabel(label))
     }
 
     /** DEPRECATED. Use `blocksExpr` instead. */
-    deprecated predicate sanitizes(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
+    predicate sanitizes(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
   }
 
-  deprecated private class SanitizerGuardLegacy extends TaintTracking::LabeledSanitizerGuardNode instanceof SanitizerGuard
+  private class SanitizerGuardLegacy extends TaintTracking::LabeledSanitizerGuardNode instanceof SanitizerGuard
   {
-    deprecated override predicate sanitizes(boolean outcome, Expr e, FlowLabel label) {
+    override predicate sanitizes(boolean outcome, Expr e, FlowLabel label) {
       SanitizerGuard.super.sanitizes(outcome, e, label)
     }
 
-    deprecated override predicate sanitizes(boolean outcome, Expr e) {
+    override predicate sanitizes(boolean outcome, Expr e) {
       SanitizerGuard.super.sanitizes(outcome, e)
     }
   }

javascript/ql/lib/semmle/javascript/security/TaintedObjectCustomizations.qll

@@ -10,7 +10,7 @@ module TaintedObject {
   import CommonFlowState
 
   /** A flow label representing a deeply tainted object. */
-  abstract deprecated class TaintedObjectLabel extends DataFlow::FlowLabel {
+  abstract class TaintedObjectLabel extends DataFlow::FlowLabel {
     TaintedObjectLabel() { this = "tainted-object" }
   }
 
@@ -21,7 +21,7 @@ module TaintedObject {
    *
    * Note that the presence of the this label generally implies the presence of the `taint` label as well.
    */
-  deprecated DataFlow::FlowLabel label() { result instanceof TaintedObjectLabel }
+  DataFlow::FlowLabel label() { result instanceof TaintedObjectLabel }
 
   /**
    * A source of a user-controlled deep object.

javascript/ql/lib/semmle/javascript/security/TaintedUrlSuffix.qll

@@ -12,7 +12,7 @@ import javascript
 module TaintedUrlSuffix {
   import TaintedUrlSuffixCustomizations::TaintedUrlSuffix
 
-  deprecated private class ConcreteTaintedUrlSuffixLabel extends TaintedUrlSuffixLabel {
+  private class ConcreteTaintedUrlSuffixLabel extends TaintedUrlSuffixLabel {
     ConcreteTaintedUrlSuffixLabel() { this = this }
   }
 }