github
diff --git a/‎javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected‎
Lines changed: 84 additions & 35 deletions b/‎javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected‎
Lines changed: 84 additions & 35 deletions
diff --git a/‎javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql‎
Lines changed: 28 additions & 27 deletions b/‎javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql‎
Lines changed: 28 additions & 27 deletions
diff --git a/‎javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected‎
Lines changed: 80 additions & 16 deletions b/‎javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected‎
Lines changed: 80 additions & 16 deletions
diff --git a/‎javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.ql‎
Lines changed: 28 additions & 10 deletions b/‎javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.ql‎
Lines changed: 28 additions & 10 deletions
@@ -1,59 +1,60 @@
 import javascript
 import semmle.javascript.dataflow.InferredTypes
+import testUtilities.ConsistencyChecking
 
 DataFlow::CallNode getACall(string name) {
   result.getCalleeName() = name
   or
   result.getCalleeNode().getALocalSource() = DataFlow::globalVarRef(name)
 }
 
-class Sink extends DataFlow::Node {
-  Sink() { this = getACall("sink").getAnArgument() }
-}
+module TestConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) { node = getACall("source") }
+
+  predicate isSink(DataFlow::Node node) { node = getACall("sink").getAnArgument() }
 
-/**
- * A node that shouldn't be taintable according to the type inference,
- * as it claims to be neither an object nor a string.
- */
-class UntaintableNode extends DataFlow::Node {
-  UntaintableNode() {
-    not this.analyze().getAType() = TTObject() and
-    not this.analyze().getAType() = TTString()
+  predicate isBarrier(DataFlow::Node node) {
+    node.(DataFlow::InvokeNode).getCalleeName().matches("sanitizer_%") or
+    node = DataFlow::MakeBarrierGuard<BasicSanitizerGuard>::getABarrierNode() or
+    node = TaintTracking::AdHocWhitelistCheckSanitizer::getABarrierNode()
   }
 }
 
-class BasicConfig extends TaintTracking::Configuration {
-  BasicConfig() { this = "BasicConfig" }
+module TestFlow = TaintTracking::Global<TestConfig>;
 
-  override predicate isSource(DataFlow::Node node) { node = getACall("source") }
+class LegacyConfig extends TaintTracking::Configuration {
+  LegacyConfig() { this = "LegacyConfig" }
 
-  override predicate isSink(DataFlow::Node node) {
-    node instanceof Sink
-    or
-    node instanceof UntaintableNode
-  }
+  override predicate isSource(DataFlow::Node node) { TestConfig::isSource(node) }
+
+  override predicate isSink(DataFlow::Node node) { TestConfig::isSink(node) }
 
   override predicate isSanitizer(DataFlow::Node node) {
     node.(DataFlow::InvokeNode).getCalleeName().matches("sanitizer_%")
   }
 
   override predicate isSanitizerGuard(TaintTracking::SanitizerGuardNode node) {
-    node instanceof BasicSanitizerGuard
+    node instanceof BasicSanitizerGuard or
+    node instanceof TaintTracking::AdHocWhitelistCheckSanitizer
   }
 }
 
+import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>
+
 class BasicSanitizerGuard extends TaintTracking::SanitizerGuardNode, DataFlow::CallNode {
   BasicSanitizerGuard() { this = getACall("isSafe") }
 
-  override predicate sanitizes(boolean outcome, Expr e) {
+  override predicate sanitizes(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
+
+  predicate blocksExpr(boolean outcome, Expr e) {
     outcome = true and e = this.getArgument(0).asExpr()
   }
 }
 
-query predicate typeInferenceMismatch(DataFlow::Node source, UntaintableNode sink) {
-  any(BasicConfig cfg).hasFlow(source, sink)
-}
+query predicate flow = TestFlow::flow/2;
 
-from BasicConfig cfg, DataFlow::Node src, Sink sink
-where cfg.hasFlow(src, sink)
-select src, sink
+class Consistency extends ConsistencyConfiguration {
+  Consistency() { this = "Consistency" }
+
+  override DataFlow::Node getAnAlert() { TestFlow::flowTo(result) }
+}
@@ -1,9 +1,34 @@
+legacyDataFlowDifference
+| arrays-init.js:2:16:2:23 | source() | arrays-init.js:38:8:38:13 | arr[5] | only flow with NEW data flow library |
+| bound-function.js:27:8:27:15 | source() | bound-function.js:30:10:30:10 | y | only flow with OLD data flow library |
+| call-apply.js:27:14:27:21 | source() | call-apply.js:34:6:34:29 | foo1_ap ... e, ""]) | only flow with NEW data flow library |
+| call-apply.js:45:8:45:15 | source() | call-apply.js:55:6:55:13 | foo(obj) | only flow with NEW data flow library |
+| callbacks.js:37:17:37:24 | source() | callbacks.js:38:35:38:35 | x | only flow with NEW data flow library |
+| callbacks.js:37:17:37:24 | source() | callbacks.js:41:10:41:10 | x | only flow with NEW data flow library |
+| callbacks.js:44:17:44:24 | source() | callbacks.js:37:37:37:37 | x | only flow with NEW data flow library |
+| callbacks.js:44:17:44:24 | source() | callbacks.js:38:35:38:35 | x | only flow with NEW data flow library |
+| capture-flow.js:89:13:89:20 | source() | capture-flow.js:89:6:89:21 | test3c(source()) | only flow with NEW data flow library |
+| capture-flow.js:101:12:101:19 | source() | capture-flow.js:102:6:102:20 | test5("safe")() | only flow with OLD data flow library |
+| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:40:8:40:14 | e.taint | only flow with NEW data flow library |
+| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:44:8:44:19 | f_safe.taint | only flow with NEW data flow library |
+| constructor-calls.js:20:15:20:22 | source() | constructor-calls.js:39:8:39:14 | e.param | only flow with NEW data flow library |
+| exceptions.js:53:14:53:21 | source() | exceptions.js:54:10:54:10 | e | only flow with NEW data flow library |
+| getters-and-setters.js:53:21:53:28 | source() | getters-and-setters.js:53:10:53:30 | getX(ne ... rce())) | only flow with NEW data flow library |
+| nested-props.js:14:15:14:22 | source() | nested-props.js:15:10:15:16 | obj.x.y | only flow with NEW data flow library |
+| nested-props.js:19:17:19:24 | source() | nested-props.js:20:10:20:18 | obj.x.y.z | only flow with NEW data flow library |
+| nested-props.js:27:18:27:25 | source() | nested-props.js:28:10:28:14 | obj.x | only flow with NEW data flow library |
+| nested-props.js:51:22:51:29 | source() | nested-props.js:52:10:52:16 | obj.x.y | only flow with NEW data flow library |
+| sanitizer-guards.js:57:11:57:18 | source() | sanitizer-guards.js:64:8:64:8 | x | only flow with NEW data flow library |
+| tst.js:2:13:2:20 | source() | tst.js:35:14:35:16 | ary | only flow with NEW data flow library |
+| tst.js:2:13:2:20 | source() | tst.js:41:14:41:16 | ary | only flow with NEW data flow library |
+flow
 | access-path-sanitizer.js:2:18:2:25 | source() | access-path-sanitizer.js:4:8:4:12 | obj.x |
 | advanced-callgraph.js:2:13:2:20 | source() | advanced-callgraph.js:6:22:6:22 | v |
 | arrays-init.js:2:16:2:23 | source() | arrays-init.js:17:8:17:13 | arr[1] |
 | arrays-init.js:2:16:2:23 | source() | arrays-init.js:22:8:22:13 | arr[6] |
 | arrays-init.js:2:16:2:23 | source() | arrays-init.js:28:8:28:13 | arr[1] |
 | arrays-init.js:2:16:2:23 | source() | arrays-init.js:34:8:34:13 | arr[1] |
+| arrays-init.js:2:16:2:23 | source() | arrays-init.js:38:8:38:13 | arr[5] |
 | arrays-init.js:2:16:2:23 | source() | arrays-init.js:43:10:43:15 | arr[i] |
 | arrays-init.js:2:16:2:23 | source() | arrays-init.js:55:10:55:15 | arr[i] |
 | arrays-init.js:2:16:2:23 | source() | arrays-init.js:61:10:61:13 | item |
@@ -13,40 +38,70 @@
 | booleanOps.js:2:11:2:18 | source() | booleanOps.js:13:10:13:10 | x |
 | booleanOps.js:2:11:2:18 | source() | booleanOps.js:19:10:19:10 | x |
 | booleanOps.js:2:11:2:18 | source() | booleanOps.js:22:10:22:10 | x |
-| bound-function.js:12:12:12:19 | source() | bound-function.js:4:10:4:10 | y |
-| bound-function.js:14:6:14:13 | source() | bound-function.js:4:10:4:10 | y |
-| bound-function.js:22:8:22:15 | source() | bound-function.js:25:10:25:10 | y |
-| bound-function.js:45:10:45:17 | source() | bound-function.js:45:6:45:18 | id3(source()) |
-| bound-function.js:49:12:49:19 | source() | bound-function.js:54:6:54:14 | source0() |
-| bound-function.js:49:12:49:19 | source() | bound-function.js:55:6:55:14 | source1() |
+| bound-function.js:17:21:17:28 | source() | bound-function.js:5:10:5:16 | y.test2 |
+| bound-function.js:19:15:19:22 | source() | bound-function.js:6:10:6:16 | y.test3 |
+| bound-function.js:50:10:50:17 | source() | bound-function.js:50:6:50:18 | id3(source()) |
+| bound-function.js:54:12:54:19 | source() | bound-function.js:59:6:59:14 | source0() |
+| bound-function.js:54:12:54:19 | source() | bound-function.js:60:6:60:14 | source1() |
 | call-apply.js:27:14:27:21 | source() | call-apply.js:24:8:24:11 | arg1 |
 | call-apply.js:27:14:27:21 | source() | call-apply.js:29:6:29:32 | foo1.ca ... ce, "") |
 | call-apply.js:27:14:27:21 | source() | call-apply.js:32:6:32:35 | foo1.ap ... e, ""]) |
-| call-apply.js:27:14:27:21 | source() | call-apply.js:46:6:46:28 | foo1_ca ... e, ""]) |
-| call-apply.js:27:14:27:21 | source() | call-apply.js:68:10:68:21 | arguments[0] |
-| call-apply.js:87:17:87:24 | source() | call-apply.js:84:8:84:11 | this |
+| call-apply.js:27:14:27:21 | source() | call-apply.js:34:6:34:29 | foo1_ap ... e, ""]) |
+| call-apply.js:27:14:27:21 | source() | call-apply.js:40:6:40:28 | foo1_ca ... e, ""]) |
+| call-apply.js:27:14:27:21 | source() | call-apply.js:62:10:62:21 | arguments[0] |
+| call-apply.js:45:8:45:15 | source() | call-apply.js:55:6:55:13 | foo(obj) |
+| call-apply.js:81:17:81:24 | source() | call-apply.js:78:8:78:11 | this |
 | callbacks.js:4:6:4:13 | source() | callbacks.js:34:27:34:27 | x |
 | callbacks.js:4:6:4:13 | source() | callbacks.js:35:27:35:27 | x |
 | callbacks.js:5:6:5:13 | source() | callbacks.js:34:27:34:27 | x |
 | callbacks.js:5:6:5:13 | source() | callbacks.js:35:27:35:27 | x |
 | callbacks.js:25:16:25:23 | source() | callbacks.js:47:26:47:26 | x |
 | callbacks.js:25:16:25:23 | source() | callbacks.js:48:26:48:26 | x |
 | callbacks.js:37:17:37:24 | source() | callbacks.js:37:37:37:37 | x |
+| callbacks.js:37:17:37:24 | source() | callbacks.js:38:35:38:35 | x |
+| callbacks.js:37:17:37:24 | source() | callbacks.js:41:10:41:10 | x |
+| callbacks.js:44:17:44:24 | source() | callbacks.js:37:37:37:37 | x |
+| callbacks.js:44:17:44:24 | source() | callbacks.js:38:35:38:35 | x |
 | callbacks.js:44:17:44:24 | source() | callbacks.js:41:10:41:10 | x |
 | callbacks.js:50:18:50:25 | source() | callbacks.js:30:29:30:29 | y |
 | callbacks.js:51:18:51:25 | source() | callbacks.js:30:29:30:29 | y |
 | callbacks.js:53:23:53:30 | source() | callbacks.js:58:10:58:10 | x |
 | capture-flow.js:9:11:9:18 | source() | capture-flow.js:14:10:14:16 | outer() |
 | capture-flow.js:9:11:9:18 | source() | capture-flow.js:19:6:19:16 | outerMost() |
 | capture-flow.js:31:14:31:21 | source() | capture-flow.js:31:6:31:22 | confuse(source()) |
+| capture-flow.js:45:12:45:19 | source() | capture-flow.js:45:6:45:20 | test3(source()) |
+| capture-flow.js:60:13:60:20 | source() | capture-flow.js:60:6:60:21 | test3a(source()) |
+| capture-flow.js:76:13:76:20 | source() | capture-flow.js:76:6:76:21 | test3b(source()) |
+| capture-flow.js:89:13:89:20 | source() | capture-flow.js:89:6:89:21 | test3c(source()) |
+| capture-flow.js:93:13:93:20 | source() | capture-flow.js:96:6:96:14 | test4()() |
+| capture-flow.js:101:12:101:19 | source() | capture-flow.js:101:6:101:22 | test5(source())() |
+| capture-flow.js:110:12:110:19 | source() | capture-flow.js:106:14:106:14 | x |
+| capture-flow.js:118:37:118:44 | source() | capture-flow.js:114:14:114:14 | x |
+| capture-flow.js:126:25:126:32 | source() | capture-flow.js:123:14:123:26 | orderingTaint |
+| capture-flow.js:126:25:126:32 | source() | capture-flow.js:129:14:129:26 | orderingTaint |
+| capture-flow.js:177:26:177:33 | source() | capture-flow.js:173:14:173:14 | x |
+| capture-flow.js:187:34:187:41 | source() | capture-flow.js:183:14:183:14 | x |
+| capture-flow.js:195:24:195:31 | source() | capture-flow.js:191:14:191:14 | x |
+| capture-flow.js:205:24:205:31 | source() | capture-flow.js:200:18:200:18 | x |
+| capture-flow.js:225:13:225:20 | source() | capture-flow.js:220:51:220:59 | fileOrDir |
+| capture-flow.js:230:9:230:16 | source() | capture-flow.js:233:14:233:14 | x |
+| capture-flow.js:259:23:259:30 | source() | capture-flow.js:243:18:243:40 | objectW ... s.field |
+| capture-flow.js:259:23:259:30 | source() | capture-flow.js:247:18:247:40 | objectW ... s.field |
+| capture-flow.js:259:23:259:30 | source() | capture-flow.js:248:18:248:27 | this.field |
+| capture-flow.js:259:23:259:30 | source() | capture-flow.js:252:14:252:36 | objectW ... s.field |
+| capture-flow.js:259:23:259:30 | source() | capture-flow.js:253:14:253:23 | this.field |
 | captured-sanitizer.js:25:3:25:10 | source() | captured-sanitizer.js:15:10:15:10 | x |
-| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:18:8:18:14 | c.taint |
-| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:22:8:22:19 | c_safe.taint |
-| constructor-calls.js:10:16:10:23 | source() | constructor-calls.js:26:8:26:14 | d.taint |
-| constructor-calls.js:10:16:10:23 | source() | constructor-calls.js:30:8:30:19 | d_safe.taint |
-| constructor-calls.js:14:15:14:22 | source() | constructor-calls.js:17:8:17:14 | c.param |
-| constructor-calls.js:14:15:14:22 | source() | constructor-calls.js:25:8:25:14 | d.param |
+| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:24:8:24:14 | c.taint |
+| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:28:8:28:19 | c_safe.taint |
+| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:40:8:40:14 | e.taint |
+| constructor-calls.js:4:18:4:25 | source() | constructor-calls.js:44:8:44:19 | f_safe.taint |
+| constructor-calls.js:10:16:10:23 | source() | constructor-calls.js:32:8:32:14 | d.taint |
+| constructor-calls.js:10:16:10:23 | source() | constructor-calls.js:36:8:36:19 | d_safe.taint |
+| constructor-calls.js:20:15:20:22 | source() | constructor-calls.js:23:8:23:14 | c.param |
+| constructor-calls.js:20:15:20:22 | source() | constructor-calls.js:31:8:31:14 | d.param |
+| constructor-calls.js:20:15:20:22 | source() | constructor-calls.js:39:8:39:14 | e.param |
 | exceptions.js:3:15:3:22 | source() | exceptions.js:5:10:5:10 | e |
+| exceptions.js:53:14:53:21 | source() | exceptions.js:54:10:54:10 | e |
 | exceptions.js:59:24:59:31 | source() | exceptions.js:61:12:61:12 | e |
 | exceptions.js:88:6:88:13 | source() | exceptions.js:11:10:11:10 | e |
 | exceptions.js:93:11:93:18 | source() | exceptions.js:95:10:95:10 | e |
@@ -64,18 +119,24 @@
 | getters-and-setters.js:6:20:6:27 | source() | getters-and-setters.js:13:18:13:20 | c.x |
 | getters-and-setters.js:27:15:27:22 | source() | getters-and-setters.js:23:18:23:18 | v |
 | getters-and-setters.js:47:23:47:30 | source() | getters-and-setters.js:45:14:45:16 | c.x |
+| getters-and-setters.js:53:21:53:28 | source() | getters-and-setters.js:53:10:53:30 | getX(ne ... rce())) |
 | getters-and-setters.js:60:20:60:27 | source() | getters-and-setters.js:66:10:66:14 | obj.x |
 | getters-and-setters.js:67:13:67:20 | source() | getters-and-setters.js:63:18:63:22 | value |
 | getters-and-setters.js:79:20:79:27 | source() | getters-and-setters.js:88:10:88:18 | new C().x |
 | getters-and-setters.js:79:20:79:27 | source() | getters-and-setters.js:92:14:92:16 | c.x |
 | getters-and-setters.js:79:20:79:27 | source() | getters-and-setters.js:100:10:100:22 | getX(new C()) |
 | getters-and-setters.js:89:17:89:24 | source() | getters-and-setters.js:82:18:82:22 | value |
+| implied-receiver.js:4:16:4:23 | source() | implied-receiver.js:7:18:7:25 | this.foo |
 | indexOf.js:4:11:4:18 | source() | indexOf.js:9:10:9:10 | x |
 | indexOf.js:4:11:4:18 | source() | indexOf.js:13:10:13:10 | x |
 | nested-props.js:4:13:4:20 | source() | nested-props.js:5:10:5:14 | obj.x |
 | nested-props.js:9:18:9:25 | source() | nested-props.js:10:10:10:16 | obj.x.y |
+| nested-props.js:14:15:14:22 | source() | nested-props.js:15:10:15:16 | obj.x.y |
+| nested-props.js:19:17:19:24 | source() | nested-props.js:20:10:20:18 | obj.x.y.z |
+| nested-props.js:27:18:27:25 | source() | nested-props.js:28:10:28:14 | obj.x |
 | nested-props.js:35:13:35:20 | source() | nested-props.js:36:10:36:20 | doLoad(obj) |
 | nested-props.js:43:13:43:20 | source() | nested-props.js:44:10:44:18 | id(obj).x |
+| nested-props.js:51:22:51:29 | source() | nested-props.js:52:10:52:16 | obj.x.y |
 | nested-props.js:67:31:67:38 | source() | nested-props.js:68:10:68:10 | x |
 | object-bypass-sanitizer.js:32:21:32:28 | source() | object-bypass-sanitizer.js:15:10:15:24 | sanitizer_id(x) |
 | object-bypass-sanitizer.js:35:29:35:36 | source() | object-bypass-sanitizer.js:27:10:27:30 | sanitiz ... bj.foo) |
@@ -97,10 +158,11 @@
 | sanitizer-guards.js:43:11:43:18 | source() | sanitizer-guards.js:45:8:45:8 | x |
 | sanitizer-guards.js:43:11:43:18 | source() | sanitizer-guards.js:48:10:48:10 | x |
 | sanitizer-guards.js:43:11:43:18 | source() | sanitizer-guards.js:52:10:52:10 | x |
+| sanitizer-guards.js:57:11:57:18 | source() | sanitizer-guards.js:64:8:64:8 | x |
 | sanitizer-guards.js:68:11:68:18 | source() | sanitizer-guards.js:75:8:75:8 | x |
 | sanitizer-guards.js:79:11:79:18 | source() | sanitizer-guards.js:81:8:81:8 | x |
 | sanitizer-guards.js:79:11:79:18 | source() | sanitizer-guards.js:84:10:84:10 | x |
-| sanitizer-guards.js:79:11:79:18 | source() | sanitizer-guards.js:86:7:86:7 | x |
+| sanitizer-guards.js:79:11:79:18 | source() | sanitizer-guards.js:86:9:86:9 | x |
 | sanitizer-guards.js:91:11:91:18 | source() | sanitizer-guards.js:93:8:93:8 | x |
 | sanitizer-guards.js:91:11:91:18 | source() | sanitizer-guards.js:96:10:96:10 | x |
 | sanitizer-guards.js:91:11:91:18 | source() | sanitizer-guards.js:98:7:98:7 | x |
@@ -109,3 +171,5 @@
 | thisAssignments.js:4:17:4:24 | source() | thisAssignments.js:5:10:5:18 | obj.field |
 | thisAssignments.js:7:19:7:26 | source() | thisAssignments.js:8:10:8:20 | this.field2 |
 | tst.js:2:13:2:20 | source() | tst.js:4:10:4:10 | x |
+| tst.js:2:13:2:20 | source() | tst.js:35:14:35:16 | ary |
+| tst.js:2:13:2:20 | source() | tst.js:41:14:41:16 | ary |
@@ -2,26 +2,44 @@ import javascript
 
 DataFlow::CallNode getACall(string name) { result.getCalleeName() = name }
 
-class BasicConfig extends DataFlow::Configuration {
-  BasicConfig() { this = "BasicConfig" }
+module TestConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) { node = getACall("source") }
 
-  override predicate isSource(DataFlow::Node node) { node = getACall("source") }
+  predicate isSink(DataFlow::Node node) { node = getACall("sink").getAnArgument() }
 
-  override predicate isSink(DataFlow::Node node) { node = getACall("sink").getAnArgument() }
-
-  override predicate isBarrierGuard(DataFlow::BarrierGuardNode node) {
+  additional predicate isBarrierGuard(DataFlow::BarrierGuardNode node) {
     node instanceof BasicBarrierGuard
   }
+
+  predicate isBarrier(DataFlow::Node node) {
+    node = DataFlow::MakeLegacyBarrierGuard<isBarrierGuard/1>::getABarrierNode()
+  }
 }
 
+module TestFlow = DataFlow::Global<TestConfig>;
+
 class BasicBarrierGuard extends DataFlow::BarrierGuardNode, DataFlow::CallNode {
   BasicBarrierGuard() { this = getACall("isSafe") }
 
-  override predicate blocks(boolean outcome, Expr e) {
+  override predicate blocks(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
+
+  predicate blocksExpr(boolean outcome, Expr e) {
     outcome = true and e = this.getArgument(0).asExpr()
   }
 }
 
-from BasicConfig cfg, DataFlow::Node src, DataFlow::Node sink
-where cfg.hasFlow(src, sink)
-select src, sink
+class LegacyConfig extends DataFlow::Configuration {
+  LegacyConfig() { this = "LegacyConfig" }
+
+  override predicate isSource(DataFlow::Node source) { TestConfig::isSource(source) }
+
+  override predicate isSink(DataFlow::Node sink) { TestConfig::isSink(sink) }
+
+  override predicate isBarrierGuard(DataFlow::BarrierGuardNode node) {
+    TestConfig::isBarrierGuard(node)
+  }
+}
+
+import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>
+
+query predicate flow = TestFlow::flow/2;