Provides utility predicates to spot variable names, parameter names, and string literals that suggest deliberately insecure settings.
Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.
Provides classes representing various flow sources for taint tracking.
Provides classes and predicates for reasoning about guards and the control flow elements controlled by those guards.
Provides all default Java QL imports.
Gets a guard that represents a (likely) security feature-flag check.
A kind of flag that may indicate security expectations regarding the code it guards.