github · kaspersv · Jun 17, 2025
diff --git a/shared/controlflow/codeql/controlflow/BasicBlock.qll b/shared/controlflow/codeql/controlflow/BasicBlock.qll
@@ -5,6 +5,8 @@
  * INTERNAL use only. This is an experimental API subject to change without
  * notice.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Location
 

diff --git a/shared/controlflow/codeql/controlflow/Cfg.qll b/shared/controlflow/codeql/controlflow/Cfg.qll
@@ -2,6 +2,8 @@
  * Provides a shared interface and implementation for constructing control-flow graphs
  * (CFGs) from abstract syntax trees (ASTs).
  */
+overlay[local?]
+module;
 
 private import codeql.util.Location
 private import codeql.util.FileSystem

diff --git a/shared/dataflow/codeql/dataflow/DataFlow.qll b/shared/dataflow/codeql/dataflow/DataFlow.qll
@@ -3,6 +3,8 @@
  * adds a global analysis, mainly exposed through the `Global` and `GlobalWithState`
  * modules.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Location
 

diff --git a/shared/dataflow/codeql/dataflow/TaintTracking.qll b/shared/dataflow/codeql/dataflow/TaintTracking.qll
@@ -2,6 +2,8 @@
  * Provides modules for performing local (intra-procedural) and
  * global (inter-procedural) taint-tracking analyses.
  */
+overlay[local?]
+module;
 
 private import DataFlow as DF
 private import internal.DataFlowImpl

diff --git a/shared/dataflow/codeql/dataflow/VariableCapture.qll b/shared/dataflow/codeql/dataflow/VariableCapture.qll
@@ -2,6 +2,8 @@
  * Provides a module for synthesizing data-flow nodes and related step relations
  * for supporting flow through captured variables.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Boolean
 private import codeql.util.Unit

diff --git a/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll b/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll
@@ -5,6 +5,8 @@
  * This file is used by the shared data flow library and by the JavaScript libraries
  * (which does not use the shared data flow libraries).
  */
+overlay[local?]
+module;
 
 /**
  * Convenience-predicate for extracting two capture groups at once.

diff --git a/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll
@@ -22,6 +22,8 @@
  * steps, followed by 0 or more stores, with value-preserving steps allowed in
  * between all other steps.
  */
+overlay[local?]
+module;
 
 private import codeql.dataflow.DataFlow
 private import codeql.util.Boolean

diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
@@ -3,6 +3,8 @@
  *
  * Provides an implementation of global (interprocedural) data flow.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Unit
 private import codeql.util.Option
@@ -792,6 +794,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
             innercc = getCallContextCall(call, inner)
           }
 
+          overlay[caller]
           pragma[inline]
           predicate fwdFlowIn(
             Call call, ArgNd arg, Callable inner, ParamNd p, Cc outercc, CcCall innercc,
@@ -2321,6 +2324,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
                * For more information, see
                * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
                */
+              overlay[caller]
               pragma[inline]
               deprecated final predicate hasLocationInfo(
                 string filepath, int startline, int startcolumn, int endline, int endcolumn
@@ -2524,6 +2528,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
 
       class ApHeadContent = Unit;
 
+      overlay[caller]
       pragma[inline]
       ApHeadContent getHeadContent(Ap ap) { exists(result) and ap = true }
 

diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import codeql.dataflow.DataFlow
 private import codeql.typetracking.TypeTracking as Tt
 private import codeql.util.Location
@@ -674,6 +677,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
 
       class CcCall = CallContextCall;
 
+      overlay[caller]
       pragma[inline]
       predicate matchesCall(CcCall cc, Call call) {
         cc = Input2::getSpecificCallContextCall(call, _) or
@@ -885,6 +889,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
     pragma[nomagic]
     private Callable getEnclosingCallable0() { nodeEnclosingCallable(this.projectToNode(), result) }
 
+    overlay[caller]
     pragma[inline]
     Callable getEnclosingCallable() {
       pragma[only_bind_out](this).getEnclosingCallable0() = pragma[only_bind_into](result)
@@ -899,6 +904,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
       isTopType(result) and this.isImplicitReadNode(_)
     }
 
+    overlay[caller]
     pragma[inline]
     Type getType() { pragma[only_bind_out](this).getType0() = pragma[only_bind_into](result) }
 
@@ -2410,12 +2416,14 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
    * predicate ensures that joins go from `n` to the result instead of the other
    * way around.
    */
+  overlay[caller]
   pragma[inline]
   Callable getNodeEnclosingCallable(Node n) {
     nodeEnclosingCallable(pragma[only_bind_out](n), pragma[only_bind_into](result))
   }
 
   /** Gets the type of `n` used for type pruning. */
+  overlay[caller]
   pragma[inline]
   Type getNodeDataFlowType(Node n) {
     nodeType(pragma[only_bind_out](n), pragma[only_bind_into](result))

diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll
@@ -2,6 +2,8 @@
  * Provides consistency queries for checking invariants in the language-specific
  * data-flow classes and predicates.
  */
+overlay[local?]
+module;
 
 private import codeql.dataflow.DataFlow as DF
 private import codeql.dataflow.TaintTracking as TT

diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll
@@ -4,6 +4,8 @@
  * Provides an implementation of a fast initial pruning of global
  * (interprocedural) data flow reachability (Stage 1).
  */
+overlay[local?]
+module;
 
 private import codeql.util.Unit
 private import codeql.util.Location
@@ -1784,6 +1786,7 @@ module MakeImplStage1<LocationSig Location, InputSig<Location> Lang> {
            * For more information, see
            * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
            */
+          overlay[caller]
           pragma[inline]
           deprecated predicate hasLocationInfo(
             string filepath, int startline, int startcolumn, int endline, int endcolumn

diff --git a/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll b/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll
@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for defining flow summaries.
  */
+overlay[local?]
+module;
 
 private import codeql.dataflow.DataFlow as DF
 private import codeql.util.Location

diff --git a/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll b/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll
@@ -5,6 +5,8 @@
  * In addition to the `PathGraph`, a `query predicate models` is provided to
  * list the contents of the referenced MaD rows.
  */
+overlay[local?]
+module;
 
 private import codeql.dataflow.DataFlow as DF
 

diff --git a/shared/mad/codeql/mad/ModelValidation.qll b/shared/mad/codeql/mad/ModelValidation.qll
@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates related to validating models-as-data rows.
  */
+overlay[local?]
+module;
 
 /** Provides predicates for determining if a model exists for a given `kind`. */
 signature module KindValidationConfigSig {

diff --git a/shared/mad/codeql/mad/dynamic/GraphExport.qll b/shared/mad/codeql/mad/dynamic/GraphExport.qll
@@ -1,6 +1,8 @@
 /**
  * Contains predicates for converting an arbitrary graph to a set of `typeModel` rows.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Location
 

diff --git a/shared/mad/codeql/mad/modelgenerator/internal/ModelGeneratorImpl.qll b/shared/mad/codeql/mad/modelgenerator/internal/ModelGeneratorImpl.qll
@@ -4,6 +4,8 @@
  * Provides classes and predicates related to capturing summary, source,
  * and sink models of the Standard or a 3rd party library.
  */
+overlay[local?]
+module;
 
 private import codeql.dataflow.DataFlow
 private import codeql.dataflow.TaintTracking as Tt

diff --git a/shared/mad/codeql/mad/modelgenerator/internal/ModelPrinting.qll b/shared/mad/codeql/mad/modelgenerator/internal/ModelPrinting.qll
@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 signature module ModelPrintingLangSig {
   /**
    * A class of callables.

diff --git a/shared/quantum/codeql/quantum/experimental/Model.qll b/shared/quantum/codeql/quantum/experimental/Model.qll
@@ -1,6 +1,8 @@
 /**
  * A language-independent library for reasoning about cryptography.
  */
+overlay[local?]
+module;
 
 import codeql.util.Location
 

diff --git a/shared/rangeanalysis/codeql/rangeanalysis/ModulusAnalysis.qll b/shared/rangeanalysis/codeql/rangeanalysis/ModulusAnalysis.qll
@@ -3,6 +3,8 @@
  * an expression, `b` is a `Bound` (typically zero or the value of an SSA
  * variable), and `v` is an integer in the range `[0 .. m-1]`.
  */
+overlay[local?]
+module;
 
 /*
  * The main recursion has base cases in both `ssaModulus` (for guarded reads) and `exprModulus`

diff --git a/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll b/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll
@@ -8,6 +8,8 @@
  * If an inferred bound relies directly on a condition, then this condition is
  * reported as the reason for the bound.
  */
+overlay[local?]
+module;
 
 /*
  * This library tackles range analysis as a flow problem. Consider e.g.:

diff --git a/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll b/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll
@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import codeql.rangeanalysis.RangeAnalysis
 private import codeql.util.Location
 

diff --git a/shared/regex/codeql/regex/HostnameRegexp.qll b/shared/regex/codeql/regex/HostnameRegexp.qll
@@ -2,6 +2,8 @@
  * Provides predicates for reasoning about regular expressions
  * that match URLs and hostname patterns.
  */
+overlay[local?]
+module;
 
 private import RegexTreeView
 

diff --git a/shared/regex/codeql/regex/MissingRegExpAnchor.qll b/shared/regex/codeql/regex/MissingRegExpAnchor.qll
@@ -2,6 +2,8 @@
  * Provides predicates for reasoning about regular expressions
  * without anchors.
  */
+overlay[local?]
+module;
 
 private import RegexTreeView
 import HostnameRegexp as HostnameShared

diff --git a/shared/regex/codeql/regex/OverlyLargeRangeQuery.qll b/shared/regex/codeql/regex/OverlyLargeRangeQuery.qll
@@ -1,6 +1,8 @@
 /**
  * Classes and predicates for working with suspicious character ranges.
  */
+overlay[local?]
+module;
 
 private import RegexTreeView
 

diff --git a/shared/regex/codeql/regex/RegexTreeView.qll b/shared/regex/codeql/regex/RegexTreeView.qll
@@ -1,6 +1,8 @@
 /**
  * This file contains a `RegexTreeViewSig` module describing the syntax tree of regular expressions.
  */
+overlay[local?]
+module;
 
 /**
  * A signature describing the syntax tree of regular expressions.

diff --git a/shared/regex/codeql/regex/nfa/BadTagFilterQuery.qll b/shared/regex/codeql/regex/nfa/BadTagFilterQuery.qll
@@ -1,6 +1,8 @@
 /**
  * Provides predicates for reasoning about bad tag filter vulnerabilities.
  */
+overlay[local?]
+module;
 
 private import NfaUtils as NfaUtils
 private import RegexpMatching as RM

diff --git a/shared/regex/codeql/regex/nfa/ExponentialBackTracking.qll b/shared/regex/codeql/regex/nfa/ExponentialBackTracking.qll
@@ -61,6 +61,8 @@
  *   * Lastly we ensure that any state reached by repeating `n` copies of `w` has
  *     a suffix `x` (possible empty) that is most likely __not__ accepted.
  */
+overlay[local?]
+module;
 
 private import NfaUtils as NfaUtils
 private import codeql.regex.RegexTreeView

diff --git a/shared/regex/codeql/regex/nfa/NfaUtils.qll b/shared/regex/codeql/regex/nfa/NfaUtils.qll
@@ -1,6 +1,8 @@
 /**
  * A shared library for creating and reasoning about NFA's.
  */
+overlay[local?]
+module;
 
 private import codeql.regex.RegexTreeView
 private import codeql.util.Numbers

diff --git a/shared/regex/codeql/regex/nfa/RegexpMatching.qll b/shared/regex/codeql/regex/nfa/RegexpMatching.qll
@@ -2,6 +2,8 @@
  * Provides predicates for reasoning about which strings are matched by a regular expression,
  * and for testing which capture groups are filled when a particular regexp matches a string.
  */
+overlay[local?]
+module;
 
 private import NfaUtils as NfaUtils
 private import codeql.regex.RegexTreeView

diff --git a/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll b/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll
@@ -34,6 +34,8 @@
  * It has the same suffix detection issue as the `js/redos` query, which can cause false positives.
  * It also doesn't find all transitions in the product automaton, which can cause false negatives.
  */
+overlay[local?]
+module;
 
 private import NfaUtils as NfaUtils
 private import codeql.regex.RegexTreeView
@@ -99,6 +101,7 @@ module Make<RegexTreeViewSig TreeImpl> {
     /**
      * Holds if the tuple `(r1, r2, r3)` might be on path from a start-state to an end-state in the product automaton.
      */
+    overlay[caller]
     pragma[inline]
     predicate isFeasibleTuple(State r1, State r2, State r3) {
       // The first element is either inside a repetition (or the start state itself)

diff --git a/shared/ssa/codeql/ssa/Ssa.qll b/shared/ssa/codeql/ssa/Ssa.qll
@@ -2,6 +2,8 @@
  * Provides a language-independent implementation of static single assignment
  * (SSA) form.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Location
 private import codeql.util.Unit

diff --git a/shared/threat-models/codeql/threatmodels/ThreatModels.qll b/shared/threat-models/codeql/threatmodels/ThreatModels.qll
@@ -4,6 +4,8 @@
  * This module provides extensible predicates for configuring which kinds of MaD models
  * are applicable to generic queries.
  */
+overlay[local?]
+module;
 
 /**
  * Holds configuration entries to specify which threat models are enabled.

diff --git a/shared/typeflow/codeql/typeflow/TypeFlow.qll b/shared/typeflow/codeql/typeflow/TypeFlow.qll
@@ -7,6 +7,8 @@
  * type has a subtype or if an inferred upper bound passed through at least one
  * explicit or implicit cast that lost type information.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Location
 

diff --git a/shared/typeflow/codeql/typeflow/UniversalFlow.qll b/shared/typeflow/codeql/typeflow/UniversalFlow.qll
@@ -25,6 +25,8 @@
  * that subsequently calculated properties hold under the assumption that the
  * value is not null.
  */
+overlay[local?]
+module;
 
 private import codeql.util.Location
 private import codeql.util.Unit

diff --git a/shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll b/shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll
@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import codeql.typeflow.TypeFlow
 private import codeql.typeflow.UniversalFlow as UniversalFlow
 private import codeql.util.Location