Python: rebless second round after shared-CFG dataflow migration

Second batch of test reblessings, capturing changes in result content
(not just toString labels):

- Framework taint/concept tests (fastapi, sqlalchemy, aiohttp, lxml,
  stdlib, django-orm): mostly gained MISSING-tainted annotations where
  the new dataflow no longer reaches sinks. Some are real taint
  regressions; left as documented failures for follow-up.

- Exception-handler tests (CWE-209-StackTraceExposure, EmptyExcept,
  CatchingBaseException, IncorrectExceptOrder, FileNotAlwaysClosed,
  FindSubclass/Find, Statements/exit/UseOfExit): the no-raise shared CFG
  abstraction does not emit ExceptionSuccessor abrupt-completion edges
  from arbitrary expressions, so except-handler bodies (and their
  exception target Names) are statically dead. Tracked separately under
  cfg-modelling-exceptions.

- Dataflow-path / control-flow node toString polish across the security
  query suite (PathInjection, CodeInjection, UnsafeUnpacking,
  UnsafeUsageOfClientSideEncryptionVersion, RequestWithoutValidation,
  ReflectedXss, CallGraph): simple-leaf nodes now stringify as their
  AST text instead of 'After X'.

- SSA / call-graph improvements (CmpTest, CallGraph/InlineCallGraphTest):
  fewer SSA mismatches between new and old; two previously-MISSING tt=
  annotations resolved.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: yoff

python/ql/test/2/extractor-tests/hidden/test.expected

@@ -1,5 +1,7 @@
+| .hidden/inner |
 | .hidden/inner/test.py |
 | .hidden/module.py |
+| folder |
 | folder/module.py |
 | package |
 | package/__init__.py |

python/ql/test/2/query-tests/Exceptions/generators/UnguardedNextInGenerator.expected

@@ -1,2 +1,5 @@
 | test.py:5:15:5:22 | ControlFlowNode for next() | Call to 'next()' in a generator. |
 | test.py:10:20:10:27 | ControlFlowNode for next() | Call to 'next()' in a generator. |
+| test.py:34:15:34:24 | ControlFlowNode for next() | Call to 'next()' in a generator. |
+| test.py:41:19:41:28 | ControlFlowNode for next() | Call to 'next()' in a generator. |
+| test.py:62:19:62:28 | ControlFlowNode for next() | Call to 'next()' in a generator. |

python/ql/test/experimental/library-tests/CallGraph-type-annotations/InlineCallGraphTest.expected

@@ -1,6 +1,8 @@
 testFailures
+| type_annotations.py:6:16:6:32 | Comment # $ tt=Foo.method | Missing result: tt=Foo.method |
+| type_annotations.py:16:16:16:32 | Comment # $ tt=Foo.method | Missing result: tt=Foo.method |
+| type_annotations.py:29:5:29:14 | Attribute() | Fixed missing result: tt=Foo.method |
 debug_callableNotUnique
 pointsTo_found_typeTracker_notFound
 typeTracker_found_pointsTo_notFound
-| type_annotations.py:6:5:6:14 | ControlFlowNode for Attribute() | Foo.method |
-| type_annotations.py:16:5:16:14 | ControlFlowNode for Attribute() | Foo.method |
+| type_annotations.py:29:5:29:14 | Attribute() | Foo.method |

python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected

@@ -1,54 +1,54 @@
 testFailures
+| code/conditional_in_argument.py:18:5:18:11 | Attribute() | Fixed missing result: tt=X.bar |
+| code/funky_regression.py:15:9:15:17 | Attribute() | Fixed missing result: tt=Wat.f2 |
 debug_callableNotUnique
 pointsTo_found_typeTracker_notFound
-| code/class_attr_assign.py:10:9:10:27 | ControlFlowNode for Attribute() | my_func |
-| code/class_attr_assign.py:11:9:11:25 | ControlFlowNode for Attribute() | my_func |
-| code/class_attr_assign.py:26:9:26:25 | ControlFlowNode for Attribute() | DummyObject.method |
-| code/class_super.py:50:1:50:6 | ControlFlowNode for Attribute() | outside_def |
-| code/conditional_in_argument.py:18:5:18:11 | ControlFlowNode for Attribute() | X.bar |
-| code/func_defined_outside_class.py:21:1:21:11 | ControlFlowNode for Attribute() | A.foo |
-| code/func_defined_outside_class.py:22:1:22:15 | ControlFlowNode for Attribute() | outside |
-| code/func_defined_outside_class.py:24:1:24:14 | ControlFlowNode for Attribute() | outside_sm |
-| code/func_defined_outside_class.py:25:1:25:14 | ControlFlowNode for Attribute() | outside_cm |
-| code/func_defined_outside_class.py:38:11:38:21 | ControlFlowNode for _gen() | B._gen |
-| code/func_defined_outside_class.py:39:11:39:21 | ControlFlowNode for _gen() | B._gen |
-| code/func_defined_outside_class.py:42:1:42:7 | ControlFlowNode for Attribute() | B._gen.func |
-| code/func_defined_outside_class.py:43:1:43:7 | ControlFlowNode for Attribute() | B._gen.func |
-| code/funky_regression.py:15:9:15:17 | ControlFlowNode for Attribute() | Wat.f2 |
-| code/type_tracking_limitation.py:8:1:8:3 | ControlFlowNode for x() | my_func |
+| code/class_attr_assign.py:10:9:10:27 | Attribute() | my_func |
+| code/class_attr_assign.py:11:9:11:25 | Attribute() | my_func |
+| code/class_attr_assign.py:26:9:26:25 | Attribute() | DummyObject.method |
+| code/class_super.py:50:1:50:6 | Attribute() | outside_def |
+| code/func_defined_outside_class.py:21:1:21:11 | Attribute() | A.foo |
+| code/func_defined_outside_class.py:22:1:22:15 | Attribute() | outside |
+| code/func_defined_outside_class.py:24:1:24:14 | Attribute() | outside_sm |
+| code/func_defined_outside_class.py:25:1:25:14 | Attribute() | outside_cm |
+| code/func_defined_outside_class.py:38:11:38:21 | _gen() | B._gen |
+| code/func_defined_outside_class.py:39:11:39:21 | _gen() | B._gen |
+| code/func_defined_outside_class.py:42:1:42:7 | Attribute() | B._gen.func |
+| code/func_defined_outside_class.py:43:1:43:7 | Attribute() | B._gen.func |
+| code/type_tracking_limitation.py:8:1:8:3 | x() | my_func |
 typeTracker_found_pointsTo_notFound
-| code/callable_as_argument.py:29:5:29:12 | ControlFlowNode for Attribute() | test_class.InsideTestFunc.sm |
-| code/class_construction.py:44:9:44:26 | ControlFlowNode for Attribute() | WithNew.some_method |
-| code/class_construction.py:61:9:61:26 | ControlFlowNode for Attribute() | WithNew.some_method |
-| code/class_construction.py:75:9:75:27 | ControlFlowNode for Attribute() | ExtraCallToInit.__init__ |
-| code/class_special_methods.py:22:9:22:16 | ControlFlowNode for self() | Base.__call__ |
-| code/class_special_methods.py:22:9:22:16 | ControlFlowNode for self() | Sub.__call__ |
-| code/class_special_methods.py:33:1:33:5 | ControlFlowNode for b() | Base.__call__ |
-| code/class_special_methods.py:59:1:59:7 | ControlFlowNode for sub() | Sub.__call__ |
-| code/class_super.py:43:9:43:21 | ControlFlowNode for Attribute() | A.bar |
-| code/class_super.py:44:9:44:27 | ControlFlowNode for Attribute() | A.bar |
-| code/class_super.py:63:1:63:18 | ControlFlowNode for Attribute() | A.foo |
-| code/class_super.py:78:9:78:28 | ControlFlowNode for Attribute() | A.foo |
-| code/class_super.py:81:1:81:12 | ControlFlowNode for Attribute() | C.foo_on_A |
-| code/class_super.py:92:9:92:21 | ControlFlowNode for Attribute() | X.foo |
-| code/class_super.py:97:9:97:21 | ControlFlowNode for Attribute() | X.foo |
-| code/class_super.py:97:9:97:21 | ControlFlowNode for Attribute() | Y.foo |
-| code/class_super.py:101:1:101:7 | ControlFlowNode for Attribute() | Z.foo |
-| code/class_super.py:108:1:108:8 | ControlFlowNode for Attribute() | Z.foo |
-| code/def_in_function.py:22:5:22:11 | ControlFlowNode for Attribute() | test.A.foo |
-| code/func_ref_in_content.py:32:1:32:4 | ControlFlowNode for f4() | func |
-| code/func_ref_in_content.py:46:1:46:4 | ControlFlowNode for f5() | func |
-| code/func_ref_in_content.py:48:1:48:15 | ControlFlowNode for Subscript() | func2 |
-| code/func_ref_in_content.py:50:1:50:19 | ControlFlowNode for Subscript() | func2 |
-| code/isinstance.py:9:13:9:22 | ControlFlowNode for Attribute() | A.foo |
-| code/isinstance.py:9:13:9:22 | ControlFlowNode for Attribute() | ASub.foo |
-| code/isinstance.py:14:13:14:22 | ControlFlowNode for Attribute() | A.foo |
-| code/isinstance.py:14:13:14:22 | ControlFlowNode for Attribute() | ASub.foo |
-| code/isinstance.py:14:13:14:22 | ControlFlowNode for Attribute() | B.foo |
-| code/isinstance.py:17:13:17:22 | ControlFlowNode for Attribute() | A.foo |
-| code/nested_class.py:83:9:83:16 | ControlFlowNode for Attribute() | X.class_def_in_func.Y.meth |
-| code/self_passing.py:16:9:16:18 | ControlFlowNode for Attribute() | A.foo |
-| code/self_passing.py:16:9:16:18 | ControlFlowNode for Attribute() | B.foo |
-| code/self_passing.py:67:9:67:16 | ControlFlowNode for Attribute() | Y.cm |
-| code/self_passing.py:69:9:69:17 | ControlFlowNode for Attribute() | X.foo |
-| code/underscore_prefix_func_name.py:14:5:14:19 | ControlFlowNode for some_function() | some_function |
+| code/callable_as_argument.py:29:5:29:12 | Attribute() | test_class.InsideTestFunc.sm |
+| code/class_construction.py:44:9:44:26 | Attribute() | WithNew.some_method |
+| code/class_construction.py:61:9:61:26 | Attribute() | WithNew.some_method |
+| code/class_construction.py:75:9:75:27 | Attribute() | ExtraCallToInit.__init__ |
+| code/class_special_methods.py:22:9:22:16 | self() | Base.__call__ |
+| code/class_special_methods.py:22:9:22:16 | self() | Sub.__call__ |
+| code/class_special_methods.py:33:1:33:5 | b() | Base.__call__ |
+| code/class_special_methods.py:59:1:59:7 | sub() | Sub.__call__ |
+| code/class_super.py:43:9:43:21 | Attribute() | A.bar |
+| code/class_super.py:44:9:44:27 | Attribute() | A.bar |
+| code/class_super.py:63:1:63:18 | Attribute() | A.foo |
+| code/class_super.py:78:9:78:28 | Attribute() | A.foo |
+| code/class_super.py:81:1:81:12 | Attribute() | C.foo_on_A |
+| code/class_super.py:92:9:92:21 | Attribute() | X.foo |
+| code/class_super.py:97:9:97:21 | Attribute() | X.foo |
+| code/class_super.py:97:9:97:21 | Attribute() | Y.foo |
+| code/class_super.py:101:1:101:7 | Attribute() | Z.foo |
+| code/class_super.py:108:1:108:8 | Attribute() | Z.foo |
+| code/def_in_function.py:22:5:22:11 | Attribute() | test.A.foo |
+| code/func_ref_in_content.py:32:1:32:4 | f4() | func |
+| code/func_ref_in_content.py:46:1:46:4 | f5() | func |
+| code/func_ref_in_content.py:48:1:48:15 | Subscript() | func2 |
+| code/func_ref_in_content.py:50:1:50:19 | Subscript() | func2 |
+| code/isinstance.py:9:13:9:22 | Attribute() | A.foo |
+| code/isinstance.py:9:13:9:22 | Attribute() | ASub.foo |
+| code/isinstance.py:14:13:14:22 | Attribute() | A.foo |
+| code/isinstance.py:14:13:14:22 | Attribute() | ASub.foo |
+| code/isinstance.py:14:13:14:22 | Attribute() | B.foo |
+| code/isinstance.py:17:13:17:22 | Attribute() | A.foo |
+| code/nested_class.py:83:9:83:16 | Attribute() | X.class_def_in_func.Y.meth |
+| code/self_passing.py:16:9:16:18 | Attribute() | A.foo |
+| code/self_passing.py:16:9:16:18 | Attribute() | B.foo |
+| code/self_passing.py:67:9:67:16 | Attribute() | Y.cm |
+| code/self_passing.py:69:9:69:17 | Attribute() | X.foo |
+| code/underscore_prefix_func_name.py:14:5:14:19 | some_function() | some_function |

python/ql/test/experimental/library-tests/FindSubclass/Find.expected

@@ -4,7 +4,6 @@
 | flask.MethodView~Subclass | find_subclass_test | Member[C] |
 | flask.View~Subclass | find_subclass_test | Member[A] |
 | flask.View~Subclass | find_subclass_test | Member[B] |
-| flask.View~Subclass | find_subclass_test | Member[ViewAliasInExcept] |
 | flask.View~Subclass | find_subclass_test | Member[ViewAliasInTry] |
 | flask.View~Subclass | find_subclass_test | Member[ViewAlias] |
 | flask.View~Subclass | find_subclass_test | Member[ViewAlias_no_use] |