github · asgerf · Aug 29, 2025 · Oct 3, 2025 · Oct 10, 2025 · Oct 10, 2025
@@ -276,5 +276,12 @@
   "Python model summaries test extension": [
     "python/ql/test/library-tests/dataflow/model-summaries/InlineTaintTest.ext.yml",
     "python/ql/test/library-tests/dataflow/model-summaries/NormalDataflowTest.ext.yml"
+  ],
+  "XML discard predicates": [
+    "javascript/ql/lib/semmle/javascript/internal/OverlayXml.qll",
+    "java/ql/lib/semmle/code/java/internal/OverlayXml.qll",
+    "go/ql/lib/semmle/go/internal/OverlayXml.qll",
+    "python/ql/lib/semmle/python/internal/OverlayXml.qll",
+    "csharp/ql/lib/semmle/code/csharp/internal/OverlayXml.qll"
   ]
 }
@@ -2,6 +2,8 @@
  * Defines entity discard predicates for C# overlay analysis.
  */
 
+private import OverlayXml
+
 /**
  * Holds always for the overlay variant and never for the base variant.
  * This local predicate is used to define local predicates that behave
@@ -110,36 +112,6 @@ private predicate discardLocation(@location_default loc) {
   exists(string path | discardableLocation(loc, path) | overlayChangedFiles(path))
 }
 
-/**
- * A class of Xml locatables that can be discarded from the base.
- */
-overlay[local]
-private class DiscardableXmlEntity extends DiscardableEntityBase instanceof @xmllocatable {
-  /** Gets the path to the file in which this element occurs. */
-  override string getFilePath() {
-    exists(@location_default loc | result = getLocationFilePath(loc) | xmllocations(this, loc))
-  }
-}
-
-overlay[local]
-private predicate overlayXmlExtracted(string file) {
-  exists(DiscardableXmlEntity dxe |
-    dxe.existsInOverlay() and
-    file = dxe.getFilePath() and
-    not files(dxe, _) and
-    not xmlNs(dxe, _, _, _)
-  )
-}
-
-overlay[discard_entity]
-private predicate discardXmlEntity(@xmllocatable xml) {
-  overlayChangedFiles(xml.(DiscardableXmlEntity).getFilePath())
-  or
-  // The XML extractor is not incremental and may extract more
-  // XML files than those included in overlayChangedFiles.
-  overlayXmlExtracted(xml.(DiscardableXmlEntity).getFilePath())
-}
-
 overlay[local]
 private class DiscardableAspEntity extends DiscardableEntityBase instanceof @asp_element {
   /** Gets the path to the file in which this element occurs. */

@@ -0,0 +1,45 @@
+overlay[local]
+module;
+
+/**
+ * A local predicate that always holds for the overlay variant and never holds for the base variant.
+ * This is used to define local predicates that behave differently for the base and overlay variant.
+ */
+private predicate isOverlay() { databaseMetadata("isOverlay", "true") }
+
+private @file getXmlFile(@xmllocatable locatable) {
+  exists(@location_default location | xmllocations(locatable, location) |
+    locations_default(location, result, _, _, _, _)
+  )
+}
+
+private @file getXmlFileInBase(@xmllocatable locatable) {
+  not isOverlay() and
+  result = getXmlFile(locatable)
+}
+
+/**
+ * Holds if the given `file` was extracted as part of the overlay and was extracted by the HTML/XML
+ * extractor.
+ */
+private predicate overlayXmlExtracted(@file file) {
+  isOverlay() and
+  exists(@xmllocatable locatable |
+    not files(locatable, _) and not xmlNs(locatable, _, _, _) and file = getXmlFile(locatable)
+  )
+}
+
+/**
+ * Holds if the given XML `locatable` should be discarded, because it is part of the overlay base
+ * and is in a file that was also extracted as part of the overlay database.
+ */
+overlay[discard_entity]
+private predicate discardXmlLocatable(@xmllocatable locatable) {
+  exists(@file file | file = getXmlFileInBase(locatable) |
+    exists(string path | files(file, path) | overlayChangedFiles(path))
+    or
+    // The HTML/XML extractor is currently not incremental and may extract more files than those
+    // included in overlayChangedFiles.
+    overlayXmlExtracted(file)
+  )
+}
@@ -4,6 +4,8 @@
 overlay[local]
 module;
 
+private import internal.OverlayXml
+
 /**
  * A local predicate that always holds for the overlay variant and never holds for the base variant.
  * This is used to define local predicates that behave differently for the base and overlay variant.
@@ -52,40 +54,3 @@ private predicate discardLocatable(@locatable locatable) {
     discardableLocatable(file, locatable) and discardableFile(path)
   )
 }
-
-private @file getXmlFile(@xmllocatable locatable) {
-  exists(@location_default location | xmllocations(locatable, location) |
-    locations_default(location, result, _, _, _, _)
-  )
-}
-
-private @file getXmlFileInBase(@xmllocatable locatable) {
-  not isOverlay() and
-  result = getXmlFile(locatable)
-}
-
-/**
- * Holds if the given `file` was extracted as part of the overlay and was extracted by the HTML/XML
- * extractor.
- */
-private predicate overlayXmlExtracted(@file file) {
-  isOverlay() and
-  exists(@xmllocatable locatable |
-    not files(locatable, _) and not xmlNs(locatable, _, _, _) and file = getXmlFile(locatable)
-  )
-}
-
-/**
- * Holds if the given XML `locatable` should be discarded, because it is part of the overlay base
- * and is in a file that was also extracted as part of the overlay database.
- */
-overlay[discard_entity]
-private predicate discardXmlLocatable(@xmllocatable locatable) {
-  exists(@file file | file = getXmlFileInBase(locatable) |
-    exists(string path | files(file, path) | overlayChangedFiles(path))
-    or
-    // The HTML/XML extractor is currently not incremental and may extract more files than those
-    // included in overlayChangedFiles.
-    overlayXmlExtracted(file)
-  )
-}
@@ -0,0 +1,45 @@
+overlay[local]
+module;
+
+/**
+ * A local predicate that always holds for the overlay variant and never holds for the base variant.
+ * This is used to define local predicates that behave differently for the base and overlay variant.
+ */
+private predicate isOverlay() { databaseMetadata("isOverlay", "true") }
+
+private @file getXmlFile(@xmllocatable locatable) {
+  exists(@location_default location | xmllocations(locatable, location) |
+    locations_default(location, result, _, _, _, _)
+  )
+}
+
+private @file getXmlFileInBase(@xmllocatable locatable) {
+  not isOverlay() and
+  result = getXmlFile(locatable)
+}
+
+/**
+ * Holds if the given `file` was extracted as part of the overlay and was extracted by the HTML/XML
+ * extractor.
+ */
+private predicate overlayXmlExtracted(@file file) {
+  isOverlay() and
+  exists(@xmllocatable locatable |
+    not files(locatable, _) and not xmlNs(locatable, _, _, _) and file = getXmlFile(locatable)
+  )
+}
+
+/**
+ * Holds if the given XML `locatable` should be discarded, because it is part of the overlay base
+ * and is in a file that was also extracted as part of the overlay database.
+ */
+overlay[discard_entity]
+private predicate discardXmlLocatable(@xmllocatable locatable) {
+  exists(@file file | file = getXmlFileInBase(locatable) |
+    exists(string path | files(file, path) | overlayChangedFiles(path))
+    or
+    // The HTML/XML extractor is currently not incremental and may extract more files than those
+    // included in overlayChangedFiles.
+    overlayXmlExtracted(file)
+  )
+}
@@ -5,6 +5,7 @@ overlay[local?]
 module;
 
 import java
+private import internal.OverlayXml
 
 /**
  * A local predicate that always holds for the overlay variant and
@@ -18,7 +19,7 @@ predicate isOverlay() { databaseMetadata("isOverlay", "true") }
 overlay[local]
 string getRawFile(@locatable el) {
   exists(@location loc, @file file |
-    (hasLocation(el, loc) or xmllocations(el, loc)) and
+    hasLocation(el, loc) and
     locations_default(loc, file, _, _, _, _) and
     files(file, result)
   )
@@ -102,31 +103,3 @@ private predicate discardBaseConfigLocatable(@configLocatable el) {
   // property files than those included in overlayChangedFiles.
   overlayConfigExtracted(baseConfigLocatable(el))
 }
-
-/**
- * An `@xmllocatable` that should be discarded in the base variant if its file is
- * extracted in the overlay variant.
- */
-overlay[local]
-abstract class DiscardableXmlLocatable extends @xmllocatable {
-  /** Gets the raw file for an xmllocatable in base. */
-  string getRawFileInBase() { not isOverlay() and result = getRawFile(this) }
-
-  /** Gets a textual representation of this discardable xmllocatable. */
-  string toString() { none() }
-}
-
-overlay[local]
-private predicate overlayXmlExtracted(string file) {
-  isOverlay() and
-  exists(@xmllocatable el | not files(el, _) and not xmlNs(el, _, _, _) and file = getRawFile(el))
-}
-
-overlay[discard_entity]
-private predicate discardXmlLocatable(@xmllocatable el) {
-  overlayChangedFiles(el.(DiscardableXmlLocatable).getRawFileInBase())
-  or
-  // The XML extractor is currently not incremental and may extract more
-  // XML files than those included in overlayChangedFiles.
-  overlayXmlExtracted(el.(DiscardableXmlLocatable).getRawFileInBase())
-}
@@ -0,0 +1,45 @@
+overlay[local]
+module;
+
+/**
+ * A local predicate that always holds for the overlay variant and never holds for the base variant.
+ * This is used to define local predicates that behave differently for the base and overlay variant.
+ */
+private predicate isOverlay() { databaseMetadata("isOverlay", "true") }
+
+private @file getXmlFile(@xmllocatable locatable) {
+  exists(@location_default location | xmllocations(locatable, location) |
+    locations_default(location, result, _, _, _, _)
+  )
+}
+
+private @file getXmlFileInBase(@xmllocatable locatable) {
+  not isOverlay() and
+  result = getXmlFile(locatable)
+}
+
+/**
+ * Holds if the given `file` was extracted as part of the overlay and was extracted by the HTML/XML
+ * extractor.
+ */
+private predicate overlayXmlExtracted(@file file) {
+  isOverlay() and
+  exists(@xmllocatable locatable |
+    not files(locatable, _) and not xmlNs(locatable, _, _, _) and file = getXmlFile(locatable)
+  )
+}
+
+/**
+ * Holds if the given XML `locatable` should be discarded, because it is part of the overlay base
+ * and is in a file that was also extracted as part of the overlay database.
+ */
+overlay[discard_entity]
+private predicate discardXmlLocatable(@xmllocatable locatable) {
+  exists(@file file | file = getXmlFileInBase(locatable) |
+    exists(string path | files(file, path) | overlayChangedFiles(path))
+    or
+    // The HTML/XML extractor is currently not incremental and may extract more files than those
+    // included in overlayChangedFiles.
+    overlayXmlExtracted(file)
+  )
+}
@@ -6,7 +6,6 @@ module;
 
 import semmle.files.FileSystem
 private import codeql.xml.Xml
-private import semmle.code.java.Overlay
 
 private module Input implements InputSig<File, Location> {
   class XmlLocatableBase = @xmllocatable or @xmlnamespaceable;
@@ -70,13 +69,3 @@ private module Input implements InputSig<File, Location> {
 }
 
 import Make<File, Location, Input>
-
-private class DiscardableXmlAttribute extends DiscardableXmlLocatable, @xmlattribute { }
-
-private class DiscardableXmlElement extends DiscardableXmlLocatable, @xmlelement { }
-
-private class DiscardableXmlComment extends DiscardableXmlLocatable, @xmlcomment { }
-
-private class DiscardableXmlCharacters extends DiscardableXmlLocatable, @xmlcharacters { }
-
-private class DiscardableXmlDtd extends DiscardableXmlLocatable, @xmldtd { }
@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for the 'js/useless-expression' query.
  */
+overlay[local]
+module;
 
 import javascript
 import DOMProperties
@@ -60,6 +62,7 @@ predicate isDeclaration(Expr e) {
 /**
  * Holds if there exists a getter for a property called `name` anywhere in the program.
  */
+overlay[global]
 predicate isGetterProperty(string name) {
   // there is a call of the form `Object.defineProperty(..., name, descriptor)` ...
   exists(CallToObjectDefineProperty defProp | name = defProp.getPropertyName() |
@@ -85,6 +88,7 @@ predicate isGetterProperty(string name) {
 /**
  * A property access that may invoke a getter.
  */
+overlay[global]
 class GetterPropertyAccess extends PropAccess {
   override predicate isImpure() { isGetterProperty(this.getPropertyName()) }
 }
@@ -123,6 +127,7 @@ predicate isReceiverSuppressingCall(CallExpr c, Expr dummy, PropAccess callee) {
  * even if they do, the call itself is useless and should be flagged by this
  * query.
  */
+overlay[global]
 predicate noSideEffects(Expr e) {
   e.isPure()
   or
@@ -148,6 +153,7 @@ predicate isCompoundExpression(Expr e) {
 /**
  * Holds if the expression `e` should be reported as having no effect.
  */
+overlay[global]
 predicate hasNoEffect(Expr e) {
   noSideEffects(e) and
   inVoidContext(e) and

@@ -1,6 +1,8 @@
 /**
  * Provides a predicate for identifying unused index variables in loops.
  */
+overlay[local]
+module;
 
 import javascript