Anders Schack-Mulligen

Hmm, looks like we might actually introduce ~alert duplication~ potential false positives when the source is correlated with the sink state and the sink state is incorporated in the alert.

Generally looks reasonable, but I do have several stylistic and algorithmic comments. I don't like the code duplication introduced in the queries and the way that they shadow the flow...

> > There's some confusion about whether to calculate the restriction for only relevant locations or for all locations, which results in both things happening at the moment. It might...

> The problem was due to `FilteredStateConfig` missing pass-through aliases for some default predicates in `StateConfigSig`. I added the missing predicate pass-throughs and also verified that `FilteredConfig` has the appropriate...

I had a lot of comments about things to tweak and simplify, so I ended up just pushing a commit.

Dca looks fine, although there is a slight indication that something might be up with `java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql`. But if we simply revert the change to that query (and others like it),...

Commented offline.

Code change looks good. If you haven't already, then it's probably good to triage a few results from a MRVA run to check that the latest version still looks good....

> Not sure if the failing test is simply unrelated? I think it's unrelated. I just tried to rerun, so let's see if that helps.

> * skip library files that end with `Query.qll` or `Config.qll` if they contain `implements DataFlow::ConfigSig` This is currently a fairly incomplete heuristic (there are other places that invoke global...