github
diff --git a/‎docs/codeql/codeql-language-guides/customizing-library-models-for-cpp.rst‎
Lines changed: 5 additions & 5 deletions b/‎docs/codeql/codeql-language-guides/customizing-library-models-for-cpp.rst‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎docs/codeql/codeql-language-guides/customizing-library-models-for-csharp.rst‎
Lines changed: 16 additions & 16 deletions b/‎docs/codeql/codeql-language-guides/customizing-library-models-for-csharp.rst‎
Lines changed: 16 additions & 16 deletions
@@ -77,7 +77,7 @@ This example shows how the CPP query pack models the return value from the ``rea
 
    boost::asio::read_until(socket, recv_buffer, '\0', error);
 
-We need to add a tuple to the ``sourceModel``\(namespace, type, subtypes, name, signature, ext, output, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
@@ -113,7 +113,7 @@ This example shows how the CPP query pack models the second argument of the ``bo
 
    boost::asio::write(socket, send_buffer, error);
 
-We need to add a tuple to the ``sinkModel``\(namespace, type, subtypes, name, signature, ext, input, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
@@ -149,7 +149,7 @@ This example shows how the CPP query pack models flow through a function for a s
 
    boost::asio::write(socket, boost::asio::buffer(send_str), error);
 
-We need to add tuples to the ``summaryModel``\(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) extensible predicate by updating a data extension file:
+We need to add tuples to the ``summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance)`` extensible predicate by updating a data extension file:
 
 .. code-block:: yaml
 
@@ -192,7 +192,7 @@ This function escapes special characters in a string for use in an SQL statement
    mysql_real_escape_string(mysql, escaped_name, name, strlen(name)); // The escaped_name is safe for SQL injection.
    sprintf(query_buffer, query, escaped_name);
 
-We need to add a tuple to the ``barrierModel``\(namespace, type, subtypes, name, signature, ext, output, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``barrierModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
@@ -232,7 +232,7 @@ Consider a function called ``is_safe`` which returns ``true`` when the data is c
        mysql_query(user_input); // This is safe.
    }
 
-We need to add a tuple to the ``barrierGuardModel``\(namespace, type, subtypes, name, signature, ext, input, acceptingvalue, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``barrierGuardModel(namespace, type, subtypes, name, signature, ext, input, acceptingvalue, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
 
@@ -82,7 +82,7 @@ This is the constructor of the ``SqlCommand`` class, which is located in the ``S
         ...
    }
 
-We need to add a tuple to the ``sinkModel``\(namespace, type, subtypes, name, signature, ext, input, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
@@ -103,9 +103,9 @@ The first five values identify the callable (in this case a method) to be modele
 - The fifth value ``(System.String,System.Data.SqlClient.SqlConnection)`` is the method input type signature. The type names must be fully qualified.
 
 The sixth value should be left empty and is out of scope for this documentation.
-The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the sink.
+The remaining values are used to define the access path, the ``kind``, and the ``provenance`` (origin) of the sink.
 
-- The seventh value ``Argument[0]`` is the ``access path`` to the first argument passed to the method, which means that this is the location of the sink.
+- The seventh value ``Argument[0]`` is the access path to the first argument passed to the method, which means that this is the location of the sink.
 - The eighth value ``sql-injection`` is the kind of the sink. The sink kind is used to define the queries where the sink is in scope. In this case - the SQL injection queries.
 - The ninth value ``manual`` is the provenance of the sink, which is used to identify the origin of the sink.
 
@@ -121,7 +121,7 @@ This is the ``GetStream`` method in the ``TcpClient`` class, which is located in
        ...
    }
 
-We need to add a tuple to the ``sourceModel``\(namespace, type, subtypes, name, signature, ext, output, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
@@ -143,7 +143,7 @@ The first five values identify the callable (in this case a method) to be modele
 - The fifth value ``()`` is the method input type signature.
 
 The sixth value should be left empty and is out of scope for this documentation.
-The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the source.
+The remaining values are used to define the access path, the ``kind``, and the ``provenance`` (origin) of the source.
 
 - The seventh value ``ReturnValue`` is the access path to the return of the method, which means that it is the return value that should be considered a source of tainted input.
 - The eighth value ``remote`` is the kind of the source. The source kind is used to define the threat model where the source is in scope. ``remote`` applies to many of the security related queries as it means a remote source of untrusted data. As an example the SQL injection query uses ``remote`` sources. For more information, see ":ref:`Threat models <threat-models-csharp>`."
@@ -161,7 +161,7 @@ This pattern covers many of the cases where we need to summarize flow through a
        ...
    }
 
-We need to add tuples to the ``summaryModel``\(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) extensible predicate by updating a data extension file:
+We need to add tuples to the ``summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance)`` extensible predicate by updating a data extension file:
 
 .. code-block:: yaml
 
@@ -187,7 +187,7 @@ These are the same for both of the rows above as we are adding two summaries for
 - The fifth value ``(System.Object,System.Object)`` is the method input type signature.
 
 The sixth value should be left empty and is out of scope for this documentation.
-The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the summary.
+The remaining values are used to define the access path, the ``kind``, and the ``provenance`` (origin) of the summary.
 
 - The seventh value is the access path to the input (where data flows from). ``Argument[0]`` is the access path to the first argument (``s1`` in the example) and ``Argument[1]`` is the access path to the second argument (``s2`` in the example).
 - The eighth value ``ReturnValue`` is the access path to the output (where data flows to), in this case ``ReturnValue``, which means that the input flows to the return value.
@@ -218,7 +218,7 @@ This example shows how the C# query pack models flow through a method for a simp
        ...
    }
 
-We need to add a tuple to the ``summaryModel``\(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) extensible predicate by updating a data extension file:
+We need to add a tuple to the ``summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance)`` extensible predicate by updating a data extension file:
 
 .. code-block:: yaml
 
@@ -243,7 +243,7 @@ These are the same for both of the rows above as we are adding two summaries for
 - The fifth value ``()`` is the method input type signature.
 
 The sixth value should be left empty and is out of scope for this documentation.
-The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the summary.
+The remaining values are used to define the access path, the ``kind``, and the ``provenance`` (origin) of the summary.
 
 - The seventh value is the access path to the input (where data flows from). ``Argument[this]`` is the access path to the qualifier (``s`` in the example).
 - The eighth value ``ReturnValue`` is the access path to the output (where data flows to), in this case ``ReturnValue``, which means that the input flows to the return value.
@@ -262,7 +262,7 @@ Here we model flow through higher order methods and collection types, as well as
      ...
    }
 
-We need to add tuples to the ``summaryModel``\(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) extensible predicate by updating a data extension file:
+We need to add tuples to the ``summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance)`` extensible predicate by updating a data extension file:
 
 .. code-block:: yaml
 
@@ -287,7 +287,7 @@ These are the same for both of the rows above as we are adding two summaries for
 - The fifth value ``(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,TResult>)`` is the method input type signature. The generics in the signature must match the generics in the method signature in the source code.
 
 The sixth value should be left empty and is out of scope for this documentation.
-The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the summary definition.
+The remaining values are used to define the access path, the ``kind``, and the ``provenance`` (origin) of the summary definition.
 
 - The seventh value is the access path to the ``input`` (where data flows from).
 - The eighth value is the access path to the ``output`` (where data flows to).
@@ -323,7 +323,7 @@ The ``RawUrl`` property returns the raw URL of the current request, which is con
        Response.Redirect(url); // This is not a URL redirection vulnerability.
    }
 
-We need to add a tuple to the ``barrierModel``\(namespace, type, subtypes, name, signature, ext, output, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``barrierModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
@@ -344,7 +344,7 @@ The first five values identify the callable (in this case the getter of a proper
 - The fifth value ``()`` is the method input type signature.
 
 The sixth value should be left empty and is out of scope for this documentation.
-The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the barrier.
+The remaining values are used to define the access path, the ``kind``, and the ``provenance`` (origin) of the barrier.
 
 - The seventh value ``ReturnValue`` is the access path to the return value of the property getter, which means that the return value is considered safe.
 - The eighth value ``url-redirection`` is the kind of the barrier. The barrier kind is used to define the queries where the barrier is in scope. In this case - the URL redirection queries.
@@ -365,7 +365,7 @@ When the ``IsAbsoluteUri`` property returns ``false``, the URL is relative and t
        }
    }
 
-We need to add a tuple to the ``barrierGuardModel``\(namespace, type, subtypes, name, signature, ext, input, acceptingvalue, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``barrierGuardModel(namespace, type, subtypes, name, signature, ext, input, acceptingvalue, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml
 
@@ -386,7 +386,7 @@ The first five values identify the callable (in this case the getter of a proper
 - The fifth value ``()`` is the method input type signature.
 
 The sixth value should be left empty and is out of scope for this documentation.
-The remaining values are used to define the ``access path``, the ``accepting value``, the ``kind``, and the ``provenance`` (origin) of the barrier guard.
+The remaining values are used to define the access path, the ``accepting value``, the ``kind``, and the ``provenance`` (origin) of the barrier guard.
 
 - The seventh value ``Argument[this]`` is the access path to the input whose flow is blocked. In this case, the qualifier of the property access (``uri`` in the example).
 - The eighth value ``false`` is the accepting value of the barrier guard. This is the value that the conditional check must return for the barrier to apply. In this case, when ``IsAbsoluteUri`` is ``false``, the URL is relative and considered safe.
@@ -405,7 +405,7 @@ A neutral model is used to define that there is no flow through a method.
        ...
    }
 
-We need to add a tuple to the ``neutralModel``\(namespace, type, name, signature, kind, provenance) extensible predicate by updating a data extension file.
+We need to add a tuple to the ``neutralModel(namespace, type, name, signature, kind, provenance)`` extensible predicate by updating a data extension file.
 
 .. code-block:: yaml