Delete dead code

[erik-krogh]

Deletes all dead code.
As found by a QL-for-QL query that attempts to overapproximate what code is alive.

Code is alive if:

• It can affect a query result (the from-where-select or a query predicate imported by a .ql file).
• It is part of a public API that can be imported from another .qll file.
• Can affect or be referenced by any of the above (recursively).
• (Other edge cases, see DeadCodeQuery.qll).

Any code not marked as alive is dead, and is deleted by this PR.
No test or external code should be affected by this PR.

This PR is a followup to #8347, because I wanted to check if I had introduced dead code by deleting deprecations.
(I had not, the code was dead already).

---

There were some benign cases.
E.g. in the shared DataFlow library a lot of code is copy-pasted between stages, and not all the predicates are used in all the stages.

---

The dead code wasn't marked as unused by the CodeQL compiler for various reasons.

• Recursive predicates that depend on themself. (Or mutually recursive predicates).
• Public classes/predicates in private modules.
• Public classes in .ql files that aren't used.

---

The QL-for-QL code also contains predicate for detecting "unqueryable" code.
That is: code that cannot affect any query result (but it might be part of the public API).
I already found a bunch of interesting results using that code, but a QL-for-QL query needs more work to weed out benign results.

[smowton]

👍 Java

[esbena]

JS 👍

[intrigus-lgtm]

Regarding this part of the PR:
https://github.com/github/codeql/pull/8431/files#diff-ae052bd5f05c791a2d3f7fbb99ab3a5a7fadac51704cceefef602db27a00686c

Why is ConcreteSensitiveInsecureUrl dead code?

codeql/javascript/ql/lib/semmle/javascript/security/dataflow/InsecureDownloadQuery.qll

Lines 12 to 15 in 69353bb

	// Materialize flow labels
	private class ConcreteSensitiveInsecureUrl extends Label::SensitiveInsecureUrl {
	ConcreteSensitiveInsecureUrl() { this = this }
	}

A search for it only shows two results:
https://cs.github.com/github/codeql?q=%22ConcreteSensitiveInsecureUrl%22

But for ConcretePosixPath there are also only two results in the code search!

codeql/javascript/ql/lib/semmle/javascript/security/dataflow/ZipSlipQuery.qll

Lines 13 to 16 in 6aad8d6

	// Materialize flow labels
	private class ConcretePosixPath extends TaintedPath::Label::PosixPath {
	ConcretePosixPath() { this = this }
	}

https://cs.github.com/github/codeql?q=%22ConcretePosixPath%22

Why is the first considered dead code, while the last is not? What am I missing?

[erik-krogh]

Why is the first considered dead code, while the last is not? What am I missing?

The first extends a non-abstract class, the second extends an abstract class.
The documentation has more information about abstract classes.
Relevant snippet: an abstract class is defined as the union of its subclasses.

[hvitved]

C#/SsaImplCommon.qll 👍

[nickrolfe]

@alexrford you added this class originally. Is its deadness unintentional?

[alexrford]

Yeah, I should have removed this as part of the refactoring in #8138

[nickrolfe]

Ok, cool. Just checking we're not deleting code that we want and is only dead because of a bug.

[MathiasVP]

C++ and QL 👍.

[alexrford]

👍 Ruby

[geoffw0]

Does this change preserve identical files?

[MathiasVP]

It does because all the identical files were modified :)

[erik-krogh]

Yes, the code is dead in all copies.

[geoffw0]

... ah, and it looks like there's a PR check and it passed. :)

[RasmusWL]

Python 👍