From bc9fa6ba131fab239bffeaefec6d374664fd10bb Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Mon, 15 Jun 2026 21:06:03 +0100
Subject: [PATCH 1/5] Fix bug in inline expectations test implementation

This was stopping trailing comments, as in `// $ Alert // some comment`, from working.
---
 swift/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll b/swift/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll
index af84a908633b..b96f27c42ac2 100644
--- a/swift/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll
+++ b/swift/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll
@@ -15,7 +15,7 @@ module Impl implements InlineExpectationsTestSig {
     ExpectationComment() { this = MkExpectationComment(comment) }
 
     /** Returns the contents of the given comment, _without_ the preceding comment marker (`//`). */
-    string getContents() { result = comment.getText().suffix(2) }
+    string getContents() { result = comment.getText().suffix(2).trim() }
 
     /** Gets a textual representation of this element. */
     string toString() { result = comment.toString() }

From 44e23638a40e5accc29f4c8ed41921ce17f6a5c8 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 11 Jun 2026 22:48:07 +0000
Subject: [PATCH 2/5] Convert Swift .qlref tests to inline expectation tests

---
 .../CWE-020/IncompleteHostnameRegex.qlref     |   3 +-
 .../Security/CWE-020/MissingRegexAnchor.qlref |   3 +-
 .../Security/CWE-020/SemiAnchoredRegex.swift  |  64 ++--
 .../Security/CWE-020/UnanchoredUrlRegex.swift |  32 +-
 .../query-tests/Security/CWE-020/test.swift   |  44 +--
 .../CWE-022/UnsafeUnpack/UnsafeUnpack.qlref   |   3 +-
 .../CWE-022/UnsafeUnpack/UnsafeUnpack.swift   |   6 +-
 .../CWE-079/UnsafeWebViewFetch.expected       |  38 +--
 .../Security/CWE-079/UnsafeWebViewFetch.qlref |   3 +-
 .../Security/CWE-079/UnsafeWebViewFetch.swift |  40 +--
 .../query-tests/Security/CWE-089/GRDB.swift   | 192 ++++++------
 .../query-tests/Security/CWE-089/SQLite.swift |  32 +-
 .../Security/CWE-089/SqlInjection.qlref       |   3 +-
 .../query-tests/Security/CWE-089/other.swift  |  14 +-
 .../Security/CWE-089/sqlite3_c_api.swift      |  20 +-
 .../Security/CWE-116/BadTagFilter.qlref       |   3 +-
 .../query-tests/Security/CWE-116/test.swift   |  64 ++--
 .../CWE-1204/StaticInitializationVector.qlref |   3 +-
 .../Security/CWE-1204/rncryptor.swift         |  24 +-
 .../query-tests/Security/CWE-1204/test.swift  |  46 +--
 .../query-tests/Security/CWE-1333/ReDoS.qlref |   3 +-
 .../query-tests/Security/CWE-1333/ReDoS.swift |  16 +-
 .../CWE-134/UncontrolledFormatString.qlref    |   3 +-
 .../CWE-134/UncontrolledFormatString.swift    |  48 +--
 .../Security/CWE-259/ConstantPassword.qlref   |   3 +-
 .../Security/CWE-259/rncryptor.swift          |  38 +--
 .../query-tests/Security/CWE-259/test.swift   |  20 +-
 .../CWE-311/CleartextStorageDatabase.expected | 280 +++++++++---------
 .../CWE-311/CleartextStorageDatabase.qlref    |   3 +-
 .../CWE-311/CleartextTransmission.qlref       |   3 +-
 .../query-tests/Security/CWE-311/SQLite.swift |  74 ++---
 .../Security/CWE-311/sqlite3_c_api.swift      |  10 +-
 .../Security/CWE-311/testAlamofire.swift      |   6 +-
 .../Security/CWE-311/testCoreData.swift       |  40 +--
 .../Security/CWE-311/testCoreData2.swift      |  56 ++--
 .../Security/CWE-311/testGRDB.swift           | 102 +++----
 .../Security/CWE-311/testRealm.swift          |  10 +-
 .../Security/CWE-311/testRealm2.swift         |  14 +-
 .../Security/CWE-311/testSend.swift           |  36 +--
 .../Security/CWE-311/testURL.swift            |  30 +-
 .../CleartextStoragePreferences.expected      |  32 +-
 .../CWE-312/CleartextStoragePreferences.qlref |   3 +-
 .../CWE-312/cleartextLoggingTest.swift        | 136 ++++-----
 .../testNSUbiquitousKeyValueStore.swift       |  24 +-
 .../Security/CWE-312/testUserDefaults.swift   |  26 +-
 .../Security/CWE-327/ECBEncryption.qlref      |   3 +-
 .../query-tests/Security/CWE-327/test.swift   |  22 +-
 .../CWE-328/WeakPasswordHashing.expected      |  98 +++---
 .../CWE-328/WeakPasswordHashing.qlref         |   3 +-
 .../CWE-328/WeakSensitiveDataHashing.qlref    |   3 +-
 .../Security/CWE-328/testCryptoKit.swift      | 110 +++----
 .../Security/CWE-328/testCryptoSwift.swift    |  68 ++---
 .../Security/CWE-730/RegexInjection.expected  |  48 +--
 .../Security/CWE-730/RegexInjection.qlref     |   3 +-
 .../query-tests/Security/CWE-730/tests.swift  |  48 +--
 .../Security/CWE-760/ConstantSalt.qlref       |   3 +-
 .../Security/CWE-760/rncryptor.swift          |  24 +-
 .../query-tests/Security/CWE-760/test.swift   |  20 +-
 .../CWE-916/InsufficientHashIterations.qlref  |   3 +-
 .../query-tests/Security/CWE-916/test.swift   |  10 +-
 60 files changed, 1069 insertions(+), 1050 deletions(-)

diff --git a/swift/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegex.qlref b/swift/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegex.qlref
index b80ac364258b..6b46d67a8493 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegex.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegex.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-020/IncompleteHostnameRegex.ql
+query: queries/Security/CWE-020/IncompleteHostnameRegex.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-020/MissingRegexAnchor.qlref b/swift/ql/test/query-tests/Security/CWE-020/MissingRegexAnchor.qlref
index 9b1f04d1a7a2..4e76e1995e9c 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/MissingRegexAnchor.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-020/MissingRegexAnchor.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-020/MissingRegexAnchor.ql
+query: queries/Security/CWE-020/MissingRegexAnchor.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift b/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift
index 3b0abe53048d..d5d2f68be48f 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift
+++ b/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift
@@ -47,63 +47,63 @@ class NSString : NSObject {
 
 func tests(input: String) throws {
 	_ = try Regex("^a|").firstMatch(in: input)
-	_ = try Regex("^a|b").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("^a|b").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex("a|^b").firstMatch(in: input)
 	_ = try Regex("^a|^b").firstMatch(in: input)
-	_ = try Regex("^a|b|c").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("^a|b|c").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex("a|^b|c").firstMatch(in: input)
 	_ = try Regex("a|b|^c").firstMatch(in: input)
 	_ = try Regex("^a|^b|c").firstMatch(in: input)
 
 	_ = try Regex("(^a)|b").firstMatch(in: input)
-	_ = try Regex("^a|(b)").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("^a|(b)").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex("^a|(^b)").firstMatch(in: input)
-	_ = try Regex("^(a)|(b)").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("^(a)|(b)").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 
-	_ = try Regex("a|b$").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("a|b$").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex("a$|b").firstMatch(in: input)
 	_ = try Regex("a$|b$").firstMatch(in: input)
-	_ = try Regex("a|b|c$").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("a|b|c$").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex("a|b$|c").firstMatch(in: input)
 	_ = try Regex("a$|b|c").firstMatch(in: input)
 	_ = try Regex("a|b$|c$").firstMatch(in: input)
 
 	_ = try Regex("a|(b$)").firstMatch(in: input)
-	_ = try Regex("(a)|b$").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("(a)|b$").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex("(a$)|b$").firstMatch(in: input)
-	_ = try Regex("(a)|(b)$").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("(a)|(b)$").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 
-	_ = try Regex(#"^good.com|better.com"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^good\.com|better\.com"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^good\\.com|better\\.com"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^good\\\.com|better\\\.com"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^good\\\\.com|better\\\\.com"#).firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex(#"^good.com|better.com"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^good\.com|better\.com"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^good\\.com|better\\.com"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^good\\\.com|better\\\.com"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^good\\\\.com|better\\\\.com"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 
-	_ = try Regex("^foo|bar|baz$").firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex("^foo|bar|baz$").firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex("^foo|%").firstMatch(in: input)
 }
 
 func realWorld(input: String) throws {
 	// real-world examples that have been anonymized a bit
 	// the following are bad:
-	_ = try Regex(#"(\.xxx)|(\.yyy)|(\.zzz)$"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"(^left|right|center)\sbottom$"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"\.xxx|\.yyy|\.zzz$"#).ignoresCase().firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"\.xxx|\.yyy|\.zzz$"#).ignoresCase().firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"\.xxx|\.yyy|zzz$"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^([A-Z]|xxx[XY]$)"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^(xxx yyy zzz)|(xxx yyy)"#).ignoresCase().firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^(xxx yyy zzz)|(xxx yyy)|(1st( xxx)? yyy)|xxx|1st"#).ignoresCase().firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^(xxx:)|(yyy:)|(zzz:)"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^(xxx?:)|(yyy:zzz\/)"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^@media|@page"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^\s*(xxx?|yyy|zzz):|xxx:yyy"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^click|mouse|touch"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^http://good\.com|http://better\.com"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^https?://good\.com|https?://better\.com"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^mouse|touch|click|contextmenu|drop|dragover|dragend"#).firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"^xxx:|yyy:"#).ignoresCase().firstMatch(in: input) // BAD (missing anchor)
-	_ = try Regex(#"_xxx|_yyy|_zzz$"#).firstMatch(in: input) // BAD (missing anchor)
+	_ = try Regex(#"(\.xxx)|(\.yyy)|(\.zzz)$"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"(^left|right|center)\sbottom$"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"\.xxx|\.yyy|\.zzz$"#).ignoresCase().firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"\.xxx|\.yyy|\.zzz$"#).ignoresCase().firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"\.xxx|\.yyy|zzz$"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^([A-Z]|xxx[XY]$)"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^(xxx yyy zzz)|(xxx yyy)"#).ignoresCase().firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^(xxx yyy zzz)|(xxx yyy)|(1st( xxx)? yyy)|xxx|1st"#).ignoresCase().firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^(xxx:)|(yyy:)|(zzz:)"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^(xxx?:)|(yyy:zzz\/)"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^@media|@page"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^\s*(xxx?|yyy|zzz):|xxx:yyy"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^click|mouse|touch"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^http://good\.com|http://better\.com"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^https?://good\.com|https?://better\.com"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^mouse|touch|click|contextmenu|drop|dragover|dragend"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^xxx:|yyy:"#).ignoresCase().firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"_xxx|_yyy|_zzz$"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex(#"em|%$"#).firstMatch(in: input) // BAD (missing anchor) [NOT DETECTED] - not flagged at the moment due to the anchor not being for letters
 
 	// the following are MAYBE OK due to apparent complexity; not flagged
diff --git a/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift b/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
index b2e8810e7b75..d096338401f6 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
+++ b/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
@@ -59,36 +59,36 @@ func tests(url: String, secure: Bool) throws {
 	let input = "http://evil.com/?http://good.com"
 	let inputRange = NSMakeRange(0, input.utf16.count)
 
-	_ = try NSRegularExpression(pattern: "https?://good.com").matches(in: input, range: inputRange) // BAD (missing anchor)
-	_ = try NSRegularExpression(pattern: "https?://good.com").matches(in: input, range: inputRange) // BAD (missing anchor)
-	_ = try NSRegularExpression(pattern: "^https?://good.com").matches(in: input, range: inputRange) // BAD (missing post-anchor)
-	_ = try NSRegularExpression(pattern: "(^https?://good1.com)|(^https?://good2.com)").matches(in: input, range: inputRange) // BAD (missing post-anchor)
-	_ = try NSRegularExpression(pattern: "(https?://good.com)|(^https?://goodie.com)").matches(in: input, range: inputRange) // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: "https?://good.com").matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: "https?://good.com").matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: "^https?://good.com").matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing post-anchor)
+	_ = try NSRegularExpression(pattern: "(^https?://good1.com)|(^https?://good2.com)").matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing post-anchor)
+	_ = try NSRegularExpression(pattern: "(https?://good.com)|(^https?://goodie.com)").matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 
-	_ = try NSRegularExpression(pattern: #"https?:\/\/good.com"#).matches(in: input, range: inputRange) // BAD (missing anchor)
-	_ = try NSRegularExpression(pattern: "https?://good.com").matches(in: input, range: inputRange) // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: #"https?:\/\/good.com"#).matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: "https?://good.com").matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 
-	if let _ = try NSRegularExpression(pattern: "https?://good.com").firstMatch(in: input, range: inputRange) { } // BAD (missing anchor)
+	if let _ = try NSRegularExpression(pattern: "https?://good.com").firstMatch(in: input, range: inputRange) { } // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 
 	let input2 = "something"
 	let input2Range = NSMakeRange(0, input2.utf16.count)
 	_ = try NSRegularExpression(pattern: "other").firstMatch(in: input2, range: input2Range) // OK
 	_ = try NSRegularExpression(pattern: "x.commissary").firstMatch(in: input2, range: input2Range) // OK
 
-	_ = try NSRegularExpression(pattern: #"https?://good.com"#).firstMatch(in: input, range: inputRange) // BAD (missing anchor)
-	_ = try NSRegularExpression(pattern: #"https?://good.com:8080"#).firstMatch(in: input, range: inputRange) // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: #"https?://good.com"#).firstMatch(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: #"https?://good.com:8080"#).firstMatch(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 
 	let trustedUrlRegexs = [
-		"https?://good.com", // BAD (missing anchor), referenced below
-		#"https?:\/\/good.com"#, // BAD (missing anchor), referenced below
-		"^https?://good.com" // BAD (missing post-anchor), referenced below
+		"https?://good.com", // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor), referenced below
+		#"https?:\/\/good.com"#, // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor), referenced below
+		"^https?://good.com" // $ Alert[swift/missing-regexp-anchor] // BAD (missing post-anchor), referenced below
 	]
 	for trustedUrlRegex in trustedUrlRegexs {
 		if let _ = try NSRegularExpression(pattern: trustedUrlRegex).firstMatch(in: input, range: inputRange) { }
 	}
 
 	let trustedUrlRegexs2 = [
-		"https?://good.com", // BAD (missing anchor), referenced below
+		"https?://good.com", // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor), referenced below
 	]
 	if let _ = try NSRegularExpression(pattern: trustedUrlRegexs2[0]).firstMatch(in: input, range: inputRange) { }
 
@@ -98,13 +98,13 @@ func tests(url: String, secure: Bool) throws {
 	for _ in notUsedUrlRegexs {
 	}
 
-	_ = try NSRegularExpression(pattern: #"https?:\/\/good.com\/([0-9]+)"#).matches(in: url, range: urlRange) // BAD (missing anchor)
+	_ = try NSRegularExpression(pattern: #"https?:\/\/good.com\/([0-9]+)"#).matches(in: url, range: urlRange) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try NSRegularExpression(pattern: "https://verygood.com/?id=" + #"https?:\/\/good.com\/([0-9]+)"#).matches(in: url, range: urlRange)[0] // OK
 	_ = try NSRegularExpression(pattern: "http" + (secure ? "s" : "") + "://" + "verygood.com/?id=" + #"https?:\/\/good.com\/([0-9]+)"#).matches(in: url, range: urlRange)[0] // OK
 	_ = try NSRegularExpression(pattern: "verygood.com/?id=" + #"https?:\/\/good.com\/([0-9]+)"#).matches(in: url, range: urlRange)[0] // OK
 
 	_ = try NSRegularExpression(pattern: #"\.com|\.org"#).matches(in: input, range: inputRange) // OK, has no domain name
-	_ = try NSRegularExpression(pattern: #"example\.com|whatever"#).matches(in: input, range: inputRange) // OK, the other disjunction doesn't match a hostname [FALSE POSITIVE]
+	_ = try NSRegularExpression(pattern: #"example\.com|whatever"#).matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // OK, the other disjunction doesn't match a hostname [FALSE POSITIVE]
 
 	// tests for the `isLineAnchoredHostnameRegExp` case
 
diff --git a/swift/ql/test/query-tests/Security/CWE-020/test.swift b/swift/ql/test/query-tests/Security/CWE-020/test.swift
index e19af9050fd3..321f5fcd56c8 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-020/test.swift
@@ -53,49 +53,49 @@ func testHostnames(myUrl: URL) throws {
 
 	_ = try Regex(#"^http://example\.com/"#).firstMatch(in: tainted) // GOOD
 	_ = try Regex(#"^http://example.com/"#).firstMatch(in: tainted) // GOOD (only '.' here gives a valid top-level domain)
-	_ = try Regex(#"^http://example.com"#).firstMatch(in: tainted) // BAD (missing anchor)
+	_ = try Regex(#"^http://example.com"#).firstMatch(in: tainted) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex(#"^http://test\.example\.com/"#).firstMatch(in: tainted) // GOOD
 	_ = try Regex(#"^http://test\.example.com/"#).firstMatch(in: tainted) // GOOD (only '.' here gives a valid top-level domain)
-	_ = try Regex(#"^http://test\.example.com"#).firstMatch(in: tainted) // BAD (missing anchor)
-	_ = try Regex(#"^http://test.example.com/"#).firstMatch(in: tainted) // BAD (incomplete hostname)
+	_ = try Regex(#"^http://test\.example.com"#).firstMatch(in: tainted) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^http://test.example.com/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 	_ = try Regex(#"^http://test[.]example[.]com/"#).firstMatch(in: tainted) // GOOD (alternative method of escaping)
 
-	_ = try Regex(#"^http://test.example.net/"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^http://test.(example-a|example-b).com/"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^http://(.+).example.com/"#).firstMatch(in: tainted) // BAD (incomplete hostname x 2)
+	_ = try Regex(#"^http://test.example.net/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^http://test.(example-a|example-b).com/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^http://(.+).example.com/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname x 2)
 	_ = try Regex(#"^http://(\.+)\.example.com/"#).firstMatch(in: tainted) // GOOD
-	_ = try Regex(#"^http://(?:.+)\.test\.example.com/"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^http://test.example.com/(?:.*)"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^(.+\.(?:example-a|example-b)\.com)/"#).firstMatch(in: tainted) // BAD (missing anchor)
-	_ = try Regex(#"^(https?:)?//((service|www).)?example.com(?=$|/)"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^(http|https)://www.example.com/p/f/"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^(http://sub.example.com/)"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^https?://api.example.com/"#).firstMatch(in: tainted) // BAD (incomplete hostname)
+	_ = try Regex(#"^http://(?:.+)\.test\.example.com/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^http://test.example.com/(?:.*)"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^(.+\.(?:example-a|example-b)\.com)/"#).firstMatch(in: tainted) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
+	_ = try Regex(#"^(https?:)?//((service|www).)?example.com(?=$|/)"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^(http|https)://www.example.com/p/f/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^(http://sub.example.com/)"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^https?://api.example.com/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 	_ = try Regex(#"^http[s]?://?sub1\.sub2\.example\.com/f/(.+)"#).firstMatch(in: tainted) // GOOD (it has a capture group after the TLD, so should be ignored)
-	_ = try Regex(#"^https://[a-z]*.example.com$"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"^(example.dev|example.com)"#).firstMatch(in: tainted) // GOOD (any extended hostname wouldn't be included in the capture group) [FALSE POSITIVE]
-	_ = try Regex(#"^protos?://(localhost|.+.example.net|.+.example-a.com|.+.example-b.com|.+.example.internal)"#).firstMatch(in: tainted) // BAD (incomplete hostname x3, missing anchor x 1)
+	_ = try Regex(#"^https://[a-z]*.example.com$"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"^(example.dev|example.com)"#).firstMatch(in: tainted) // $ Alert[swift/missing-regexp-anchor] // GOOD (any extended hostname wouldn't be included in the capture group) [FALSE POSITIVE]
+	_ = try Regex(#"^protos?://(localhost|.+.example.net|.+.example-a.com|.+.example-b.com|.+.example.internal)"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] Alert[swift/incomplete-hostname-regexp] Alert[swift/incomplete-hostname-regexp] Alert[swift/missing-regexp-anchor] // BAD (incomplete hostname x3, missing anchor x 1)
 
 	_ = try Regex(#"^http://(..|...)\.example\.com/index\.html"#).firstMatch(in: tainted) // GOOD (wildcards are intentional)
 	_ = try Regex(#"^http://.\.example\.com/index\.html"#).firstMatch(in: tainted) // GOOD (the wildcard is intentional)
-	_ = try Regex(#"^(foo.example\.com|whatever)$"#).firstMatch(in: tainted) // DUBIOUS (one disjunction doesn't even look like a hostname) [DETECTED incomplete hostname, missing anchor]
+	_ = try Regex(#"^(foo.example\.com|whatever)$"#).firstMatch(in: tainted) // $ Alert // DUBIOUS (one disjunction doesn't even look like a hostname) [DETECTED incomplete hostname, missing anchor]
 
-	_ = try Regex(#"^test.example.com$"#).firstMatch(in: tainted) // BAD (incomplete hostname)
-	_ = try Regex(#"test.example.com"#).wholeMatch(in: tainted) // BAD (incomplete hostname, missing anchor)
+	_ = try Regex(#"^test.example.com$"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
+	_ = try Regex(#"test.example.com"#).wholeMatch(in: tainted) // $ Alert // BAD (incomplete hostname, missing anchor)
 
-	_ = try Regex(id(id(id(#"test.example.com$"#)))).firstMatch(in: tainted) // BAD (incomplete hostname)
+	_ = try Regex(id(id(id(#"test.example.com$"#)))).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 
 	let hostname = #"test.example.com$"# // BAD (incomplete hostname) [NOT DETECTED]
 	_ = try Regex("\(hostname)").firstMatch(in: tainted)
 
 	var domain = MyDomain("")
-	domain.hostname = #"test.example.com$"# // BAD (incomplete hostname)
+	domain.hostname = #"test.example.com$"# // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 	_ = try Regex(domain.hostname).firstMatch(in: tainted)
 
 	func convert1(_ domain: MyDomain) throws -> Regex<AnyRegexOutput> {
 		return try Regex(domain.hostname)
 	}
-	_ = try convert1(MyDomain(#"test.example.com$"#)).firstMatch(in: tainted) // BAD (incomplete hostname)
+	_ = try convert1(MyDomain(#"test.example.com$"#)).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 
 	let domains = [ MyDomain(#"test.example.com$"#) ]  // BAD (incomplete hostname) [NOT DETECTED]
 	func convert2(_ domain: MyDomain) throws -> Regex<AnyRegexOutput> {
diff --git a/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.qlref b/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.qlref
index 1d1a5a3a84ce..f637622e3a15 100644
--- a/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.qlref
@@ -1 +1,2 @@
-experimental/Security/CWE-022/UnsafeUnpack.ql
\ No newline at end of file
+query: experimental/Security/CWE-022/UnsafeUnpack.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.swift b/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.swift
index 5d7dc6c58b44..0f6a7cc8b280 100644
--- a/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.swift
+++ b/swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.swift
@@ -59,12 +59,12 @@ func testCommandInjectionQhelpExamples() {
     let source  = URL(fileURLWithPath: "/sourcePath")
     let destination = URL(fileURLWithPath: "/destination")
 
-    try Data(contentsOf: remoteURL, options: []).write(to: source) 
+    try Data(contentsOf: remoteURL, options: []).write(to: source)  // $ Source
     do {
-        try Zip.unzipFile(source, destination: destination, overwrite: true, password: nil) // BAD
+        try Zip.unzipFile(source, destination: destination, overwrite: true, password: nil) // $ Alert
 
         let fileManager = FileManager()
-        try fileManager.unzipItem(at: source, to: destination) // BAD
+        try fileManager.unzipItem(at: source, to: destination) // $ Alert
     } catch {
         print("Error: \(error)")
     }
diff --git a/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.expected b/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.expected
index c2fefc171e64..d796aa2da25e 100644
--- a/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.expected
+++ b/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.expected
@@ -1,3 +1,22 @@
+#select
+| UnsafeWebViewFetch.swift:103:25:103:84 | try! ... | UnsafeWebViewFetch.swift:103:30:103:84 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:103:25:103:84 | try! ... | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:106:25:106:25 | data | UnsafeWebViewFetch.swift:105:18:105:72 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:106:25:106:25 | data | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:109:25:109:53 | try! ... | UnsafeWebViewFetch.swift:109:30:109:53 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:109:25:109:53 | try! ... | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:120:25:120:39 | call to getRemoteData() | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:120:25:120:39 | call to getRemoteData() | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:121:25:121:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:121:25:121:25 | remoteString | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:124:25:124:51 | ... .+(_:_:) ... | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:124:25:124:51 | ... .+(_:_:) ... | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:127:25:127:25 | "..." | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:127:25:127:25 | "..." | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:139:25:139:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:139:25:139:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
+| UnsafeWebViewFetch.swift:141:25:141:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:141:25:141:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
+| UnsafeWebViewFetch.swift:154:15:154:15 | remoteData | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:154:15:154:15 | remoteData | Tainted data is used in a WebView fetch with a tainted base URL. |
+| UnsafeWebViewFetch.swift:167:25:167:39 | call to getRemoteData() | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:167:25:167:39 | call to getRemoteData() | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:168:25:168:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:168:25:168:25 | remoteString | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:171:25:171:51 | ... .+(_:_:) ... | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:171:25:171:51 | ... .+(_:_:) ... | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:174:25:174:25 | "..." | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:174:25:174:25 | "..." | Tainted data is used in a WebView fetch without restricting the base URL. |
+| UnsafeWebViewFetch.swift:186:25:186:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:186:25:186:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
+| UnsafeWebViewFetch.swift:188:25:188:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:188:25:188:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
+| UnsafeWebViewFetch.swift:201:15:201:15 | remoteData | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:201:15:201:15 | remoteData | Tainted data is used in a WebView fetch with a tainted base URL. |
+| UnsafeWebViewFetch.swift:210:25:210:25 | htmlData | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:210:25:210:25 | htmlData | Tainted data is used in a WebView fetch without restricting the base URL. |
 edges
 | UnsafeWebViewFetch.swift:94:10:94:37 | try ... | UnsafeWebViewFetch.swift:117:21:117:35 | call to getRemoteData() | provenance |  |
 | UnsafeWebViewFetch.swift:94:10:94:37 | try ... | UnsafeWebViewFetch.swift:120:25:120:39 | call to getRemoteData() | provenance |  |
@@ -135,22 +154,3 @@ nodes
 | UnsafeWebViewFetch.swift:210:25:210:25 | htmlData | semmle.label | htmlData |
 | UnsafeWebViewFetch.swift:211:25:211:25 | htmlData | semmle.label | htmlData |
 subpaths
-#select
-| UnsafeWebViewFetch.swift:103:25:103:84 | try! ... | UnsafeWebViewFetch.swift:103:30:103:84 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:103:25:103:84 | try! ... | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:106:25:106:25 | data | UnsafeWebViewFetch.swift:105:18:105:72 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:106:25:106:25 | data | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:109:25:109:53 | try! ... | UnsafeWebViewFetch.swift:109:30:109:53 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:109:25:109:53 | try! ... | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:120:25:120:39 | call to getRemoteData() | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:120:25:120:39 | call to getRemoteData() | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:121:25:121:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:121:25:121:25 | remoteString | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:124:25:124:51 | ... .+(_:_:) ... | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:124:25:124:51 | ... .+(_:_:) ... | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:127:25:127:25 | "..." | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:127:25:127:25 | "..." | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:139:25:139:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:139:25:139:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
-| UnsafeWebViewFetch.swift:141:25:141:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:141:25:141:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
-| UnsafeWebViewFetch.swift:154:15:154:15 | remoteData | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:154:15:154:15 | remoteData | Tainted data is used in a WebView fetch with a tainted base URL. |
-| UnsafeWebViewFetch.swift:167:25:167:39 | call to getRemoteData() | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:167:25:167:39 | call to getRemoteData() | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:168:25:168:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:168:25:168:25 | remoteString | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:171:25:171:51 | ... .+(_:_:) ... | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:171:25:171:51 | ... .+(_:_:) ... | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:174:25:174:25 | "..." | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:174:25:174:25 | "..." | Tainted data is used in a WebView fetch without restricting the base URL. |
-| UnsafeWebViewFetch.swift:186:25:186:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:186:25:186:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
-| UnsafeWebViewFetch.swift:188:25:188:25 | remoteString | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:188:25:188:25 | remoteString | Tainted data is used in a WebView fetch with a tainted base URL. |
-| UnsafeWebViewFetch.swift:201:15:201:15 | remoteData | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:201:15:201:15 | remoteData | Tainted data is used in a WebView fetch with a tainted base URL. |
-| UnsafeWebViewFetch.swift:210:25:210:25 | htmlData | UnsafeWebViewFetch.swift:94:14:94:37 | call to String.init(contentsOf:) | UnsafeWebViewFetch.swift:210:25:210:25 | htmlData | Tainted data is used in a WebView fetch without restricting the base URL. |
diff --git a/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.qlref b/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.qlref
index a5c8cb457a03..18d2fc0a49df 100644
--- a/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-079/UnsafeWebViewFetch.ql
\ No newline at end of file
+query: queries/Security/CWE-079/UnsafeWebViewFetch.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.swift b/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.swift
index 1b687ade014b..cba21bcc4554 100644
--- a/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.swift
+++ b/swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.swift
@@ -91,7 +91,7 @@ func getRemoteData() -> String {
 	let url = URL(string: "http://example.com/")
 	do
 	{
-		return try String(contentsOf: url!)
+		return try String(contentsOf: url!) // $ Source
 	} catch {
 		return ""
 	}
@@ -100,13 +100,13 @@ func getRemoteData() -> String {
 func testSimpleFlows() {
 	let webview = UIWebView()
 
-	webview.loadHTMLString(try! String(contentsOf: URL(string: "http://example.com/")!), baseURL: nil) // BAD
+	webview.loadHTMLString(try! String(contentsOf: URL(string: "http://example.com/")!), baseURL: nil) // $ Alert
 
-	let data = try! String(contentsOf: URL(string: "http://example.com/")!)
-	webview.loadHTMLString(data, baseURL: nil) // BAD
+	let data = try! String(contentsOf: URL(string: "http://example.com/")!) // $ Source
+	webview.loadHTMLString(data, baseURL: nil) // $ Alert
 
 	let url = URL(string: "http://example.com/")
-	webview.loadHTMLString(try! String(contentsOf: url!), baseURL: nil) // BAD
+	webview.loadHTMLString(try! String(contentsOf: url!), baseURL: nil) // $ Alert
 }
 
 func testUIWebView() {
@@ -117,14 +117,14 @@ func testUIWebView() {
 	let remoteString = getRemoteData()
 
 	webview.loadHTMLString(localString, baseURL: nil) // GOOD: the HTML data is local
-	webview.loadHTMLString(getRemoteData(), baseURL: nil) // BAD: HTML contains remote input, may access local secrets
-	webview.loadHTMLString(remoteString, baseURL: nil) // BAD
+	webview.loadHTMLString(getRemoteData(), baseURL: nil) // $ Alert // BAD: HTML contains remote input, may access local secrets
+	webview.loadHTMLString(remoteString, baseURL: nil) // $ Alert
 
 	webview.loadHTMLString("<html>" + localStringFragment + "</html>", baseURL: nil) // GOOD: the HTML data is local
-	webview.loadHTMLString("<html>" + remoteString + "</html>", baseURL: nil) // BAD
+	webview.loadHTMLString("<html>" + remoteString + "</html>", baseURL: nil) // $ Alert
 
 	webview.loadHTMLString("<html>\(localStringFragment)</html>", baseURL: nil) // GOOD: the HTML data is local
-	webview.loadHTMLString("<html>\(remoteString)</html>", baseURL: nil) // BAD
+	webview.loadHTMLString("<html>\(remoteString)</html>", baseURL: nil) // $ Alert
 
 	let localSafeURL = URL(string: "about:blank")
 	let localURL = URL(string: "http://example.com/")
@@ -136,9 +136,9 @@ func testUIWebView() {
 	webview.loadHTMLString(localString, baseURL: localURL!) // GOOD: a presumed safe baseURL is specified
 	webview.loadHTMLString(remoteString, baseURL: localURL!) // GOOD: a presumed safe baseURL is specified
 	webview.loadHTMLString(localString, baseURL: remoteURL!) // GOOD: the HTML data is local
-	webview.loadHTMLString(remoteString, baseURL: remoteURL!) // BAD
+	webview.loadHTMLString(remoteString, baseURL: remoteURL!) // $ Alert
 	webview.loadHTMLString(localString, baseURL: remoteURL2!) // GOOD: the HTML data is local
-	webview.loadHTMLString(remoteString, baseURL: remoteURL2!) // BAD
+	webview.loadHTMLString(remoteString, baseURL: remoteURL2!) // $ Alert
 
 	let localRequest = URLRequest(url: localURL!)
 	let remoteRequest = URLRequest(url: remoteURL!)
@@ -151,7 +151,7 @@ func testUIWebView() {
 	webview.load(localData, mimeType: "text/html", textEncodingName: "utf-8", baseURL: localSafeURL!) // GOOD: the data is local
 	webview.load(remoteData, mimeType: "text/html", textEncodingName: "utf-8", baseURL: localSafeURL!) // GOOD: a safe baseURL is specified
 	webview.load(localData, mimeType: "text/html", textEncodingName: "utf-8", baseURL: remoteURL!) // GOOD: the HTML data is local
-	webview.load(remoteData, mimeType: "text/html", textEncodingName: "utf-8", baseURL: remoteURL!) // BAD
+	webview.load(remoteData, mimeType: "text/html", textEncodingName: "utf-8", baseURL: remoteURL!) // $ Alert
 }
 
 func testWKWebView() {
@@ -164,14 +164,14 @@ func testWKWebView() {
 	let remoteString = getRemoteData()
 
 	webview.loadHTMLString(localString, baseURL: nil) // GOOD: the HTML data is local
-	webview.loadHTMLString(getRemoteData(), baseURL: nil) // BAD
-	webview.loadHTMLString(remoteString, baseURL: nil) // BAD
+	webview.loadHTMLString(getRemoteData(), baseURL: nil) // $ Alert
+	webview.loadHTMLString(remoteString, baseURL: nil) // $ Alert
 
 	webview.loadHTMLString("<html>" + localStringFragment + "</html>", baseURL: nil) // GOOD: the HTML data is local
-	webview.loadHTMLString("<html>" + remoteString + "</html>", baseURL: nil) // BAD
+	webview.loadHTMLString("<html>" + remoteString + "</html>", baseURL: nil) // $ Alert
 
 	webview.loadHTMLString("<html>\(localStringFragment)</html>", baseURL: nil) // GOOD: the HTML data is local
-	webview.loadHTMLString("<html>\(remoteString)</html>", baseURL: nil) // BAD
+	webview.loadHTMLString("<html>\(remoteString)</html>", baseURL: nil) // $ Alert
 
 	let localSafeURL = URL(string: "about:blank")
 	let localURL = URL(string: "http://example.com/")
@@ -183,9 +183,9 @@ func testWKWebView() {
 	webview.loadHTMLString(localString, baseURL: localURL!) // GOOD: a presumed safe baseURL is specified
 	webview.loadHTMLString(remoteString, baseURL: localURL!) // GOOD: a presumed safe baseURL is specified
 	webview.loadHTMLString(localString, baseURL: remoteURL!) // GOOD: the HTML data is local
-	webview.loadHTMLString(remoteString, baseURL: remoteURL!) // BAD
+	webview.loadHTMLString(remoteString, baseURL: remoteURL!) // $ Alert
 	webview.loadHTMLString(localString, baseURL: remoteURL2!) // GOOD: the HTML data is local
-	webview.loadHTMLString(remoteString, baseURL: remoteURL2!) // BAD
+	webview.loadHTMLString(remoteString, baseURL: remoteURL2!) // $ Alert
 
 	let localRequest = URLRequest(url: localURL!)
 	let remoteRequest = URLRequest(url: remoteURL!)
@@ -198,7 +198,7 @@ func testWKWebView() {
 	webview.load(localData, mimeType: "text/html", characterEncodingName: "utf-8", baseURL: localSafeURL!) // GOOD: the data is local
 	webview.load(remoteData, mimeType: "text/html", characterEncodingName: "utf-8", baseURL: localSafeURL!) // GOOD: a safe baseURL is specified
 	webview.load(localData, mimeType: "text/html", characterEncodingName: "utf-8", baseURL: remoteURL!) // GOOD: the HTML data is local
-	webview.load(remoteData, mimeType: "text/html", characterEncodingName: "utf-8", baseURL: remoteURL!) // BAD
+	webview.load(remoteData, mimeType: "text/html", characterEncodingName: "utf-8", baseURL: remoteURL!) // $ Alert
 }
 
 func testQHelpExamples() {
@@ -207,7 +207,7 @@ func testQHelpExamples() {
 
 	// ...
 
-	webview.loadHTMLString(htmlData, baseURL: nil) // BAD
+	webview.loadHTMLString(htmlData, baseURL: nil) // $ Alert
 	webview.loadHTMLString(htmlData, baseURL: URL(string: "about:blank")) // GOOD
 }
 
diff --git a/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift b/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift
index b0319c84eb5a..3bdffaa272b4 100644
--- a/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift
+++ b/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift
@@ -101,54 +101,54 @@ class CommonTableExpression {
 
 func test(database: Database) throws {
     let localString = "user"
-	let remoteString = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    let _ = database.allStatements(sql: remoteString) // BAD
+    let _ = database.allStatements(sql: remoteString) // $ Alert
     let _ = database.allStatements(sql: localString) // GOOD
-    let _ = database.allStatements(sql: remoteString, arguments: nil) // BAD
+    let _ = database.allStatements(sql: remoteString, arguments: nil) // $ Alert
     let _ = database.allStatements(sql: localString, arguments: nil) // GOOD
 
-    let _ = database.cachedStatement(sql: remoteString) // BAD
+    let _ = database.cachedStatement(sql: remoteString) // $ Alert
     let _ = database.cachedStatement(sql: localString) // GOOD
 
-    let _ = database.internalCachedStatement(sql: remoteString) // BAD
+    let _ = database.internalCachedStatement(sql: remoteString) // $ Alert
     let _ = database.internalCachedStatement(sql: localString) // GOOD
 
-    database.execute(sql: remoteString) // BAD
+    database.execute(sql: remoteString) // $ Alert
     database.execute(sql: localString) // GOOD
-    database.execute(sql: remoteString, arguments: StatementArguments()) // BAD
+    database.execute(sql: remoteString, arguments: StatementArguments()) // $ Alert
     database.execute(sql: localString, arguments: StatementArguments()) // GOOD
     
-    let _ = database.makeStatement(sql: remoteString) // BAD
+    let _ = database.makeStatement(sql: remoteString) // $ Alert
     let _ = database.makeStatement(sql: localString) // GOOD
-    let _ = database.makeStatement(sql: remoteString, prepFlags: 0) // BAD
+    let _ = database.makeStatement(sql: remoteString, prepFlags: 0) // $ Alert
     let _ = database.makeStatement(sql: localString, prepFlags: 0) // GOOD
 }
 
 func testSqlRequest() throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    let _ = SQLRequest(stringLiteral: remoteString) // BAD
+    let _ = SQLRequest(stringLiteral: remoteString) // $ Alert
     let _ = SQLRequest(stringLiteral: localString) // GOOD
 
-    let _ = SQLRequest(unicodeScalarLiteral: remoteString) // BAD
+    let _ = SQLRequest(unicodeScalarLiteral: remoteString) // $ Alert
     let _ = SQLRequest(unicodeScalarLiteral: localString) // GOOD
 
-    let _ = SQLRequest(extendedGraphemeClusterLiteral: remoteString) // BAD
+    let _ = SQLRequest(extendedGraphemeClusterLiteral: remoteString) // $ Alert
     let _ = SQLRequest(extendedGraphemeClusterLiteral: localString) // GOOD
 
-    let _ = SQLRequest(stringInterpolation: remoteString) // BAD
+    let _ = SQLRequest(stringInterpolation: remoteString) // $ Alert
     let _ = SQLRequest(stringInterpolation: localString) // GOOD
 
-    let _ = SQLRequest(sql: remoteString) // BAD
-    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments()) // BAD
-    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
-    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), cached: false) // BAD
-    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), adapter: nil, cached: false) // BAD
-    let _ = SQLRequest(sql: remoteString, adapter: nil) // BAD
-    let _ = SQLRequest(sql: remoteString, adapter: nil, cached: false) // BAD
-    let _ = SQLRequest(sql: remoteString, cached: false) // BAD
+    let _ = SQLRequest(sql: remoteString) // $ Alert
+    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments()) // $ Alert
+    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
+    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), cached: false) // $ Alert
+    let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), adapter: nil, cached: false) // $ Alert
+    let _ = SQLRequest(sql: remoteString, adapter: nil) // $ Alert
+    let _ = SQLRequest(sql: remoteString, adapter: nil, cached: false) // $ Alert
+    let _ = SQLRequest(sql: remoteString, cached: false) // $ Alert
     let _ = SQLRequest(sql: localString) // GOOD
     let _ = SQLRequest(sql: localString, arguments: StatementArguments()) // GOOD
     let _ = SQLRequest(sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD
@@ -161,15 +161,15 @@ func testSqlRequest() throws {
 
 func testSql() throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    let _ = SQL(stringLiteral: remoteString) // BAD
-    let _ = SQL(unicodeScalarLiteral: remoteString) // BAD
-    let _ = SQL(extendedGraphemeClusterLiteral: remoteString) // BAD
-    let _ = SQL(stringInterpolation: remoteString) // BAD
-    let _ = SQL(sql: remoteString) // BAD
+    let _ = SQL(stringLiteral: remoteString) // $ Alert
+    let _ = SQL(unicodeScalarLiteral: remoteString) // $ Alert
+    let _ = SQL(extendedGraphemeClusterLiteral: remoteString) // $ Alert
+    let _ = SQL(stringInterpolation: remoteString) // $ Alert
+    let _ = SQL(sql: remoteString) // $ Alert
     let sql1 = SQL(stringLiteral: "")
-    sql1.append(sql: remoteString) // BAD
+    sql1.append(sql: remoteString) // $ Alert
 
     let _ = SQL(stringLiteral: localString) // GOOD
     let _ = SQL(unicodeScalarLiteral: localString) // GOOD
@@ -182,34 +182,34 @@ func testSql() throws {
 
 func test(tableDefinition: TableDefinition) throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    tableDefinition.column(sql: remoteString) // BAD
+    tableDefinition.column(sql: remoteString) // $ Alert
     tableDefinition.column(sql: localString) // GOOD
     
-    tableDefinition.check(sql: remoteString) // BAD
+    tableDefinition.check(sql: remoteString) // $ Alert
     tableDefinition.check(sql: localString) // GOOD
 
-    tableDefinition.constraint(sql: remoteString) // BAD
+    tableDefinition.constraint(sql: remoteString) // $ Alert
     tableDefinition.constraint(sql: localString) // GOOD
 }
 
 func test(tableAlteration: TableAlteration) throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    tableAlteration.addColumn(sql: remoteString) // BAD
+    tableAlteration.addColumn(sql: remoteString) // $ Alert
     tableAlteration.addColumn(sql: localString) // GOOD
 }
 
 func test(columnDefinition: ColumnDefinition) throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    let _ = columnDefinition.check(sql: remoteString) // BAD
-    let _ = columnDefinition.defaults(sql: remoteString) // BAD
-    let _ = columnDefinition.generatedAs(sql: remoteString) // BAD
-    let _ = columnDefinition.generatedAs(sql: remoteString, .virtual) // BAD
+    let _ = columnDefinition.check(sql: remoteString) // $ Alert
+    let _ = columnDefinition.defaults(sql: remoteString) // $ Alert
+    let _ = columnDefinition.generatedAs(sql: remoteString) // $ Alert
+    let _ = columnDefinition.generatedAs(sql: remoteString, .virtual) // $ Alert
     
     let _ = columnDefinition.check(sql: localString) // GOOD
     let _ = columnDefinition.defaults(sql: localString) // GOOD
@@ -219,67 +219,67 @@ func test(columnDefinition: ColumnDefinition) throws {
 
 func testTableRecord() throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
     
-    let _ = TableRecord.select(sql: remoteString) // BAD
-    let _ = TableRecord.select(sql: remoteString, arguments: StatementArguments()) // BAD
+    let _ = TableRecord.select(sql: remoteString) // $ Alert
+    let _ = TableRecord.select(sql: remoteString, arguments: StatementArguments()) // $ Alert
     let _ = TableRecord.select(sql: localString) // GOOD
     let _ = TableRecord.select(sql: localString, arguments: StatementArguments()) // GOOD
     
-    let _ = TableRecord.filter(sql: remoteString) // BAD
-    let _ = TableRecord.filter(sql: remoteString, arguments: StatementArguments()) // BAD
+    let _ = TableRecord.filter(sql: remoteString) // $ Alert
+    let _ = TableRecord.filter(sql: remoteString, arguments: StatementArguments()) // $ Alert
     let _ = TableRecord.filter(sql: localString) // GOOD
     let _ = TableRecord.filter(sql: localString, arguments: StatementArguments()) // GOOD
     
-    let _ = TableRecord.order(sql: remoteString) // BAD
-    let _ = TableRecord.order(sql: remoteString, arguments: StatementArguments()) // BAD
+    let _ = TableRecord.order(sql: remoteString) // $ Alert
+    let _ = TableRecord.order(sql: remoteString, arguments: StatementArguments()) // $ Alert
     let _ = TableRecord.order(sql: localString) // GOOD
     let _ = TableRecord.order(sql: localString, arguments: StatementArguments()) // GOOD
 }
 
 func test(statementCache: StatementCache) throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    let _ = statementCache.statement(remoteString) // BAD
+    let _ = statementCache.statement(remoteString) // $ Alert
     let _ = statementCache.statement(localString) // GOOD
 }
 
 func test(row: Row, stmt: Statement) throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    row.fetchCursor(stmt, sql: remoteString) // BAD
-    row.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    row.fetchCursor(stmt, sql: remoteString, adapter: nil) // BAD
-    row.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    row.fetchCursor(stmt, sql: remoteString) // $ Alert
+    row.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    row.fetchCursor(stmt, sql: remoteString, adapter: nil) // $ Alert
+    row.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     row.fetchCursor(stmt, sql: localString) // GOOD
     row.fetchCursor(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     row.fetchCursor(stmt, sql: localString, adapter: nil) // GOOD
     row.fetchCursor(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD
 
-    row.fetchAll(stmt, sql: remoteString) // BAD
-    row.fetchAll(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    row.fetchAll(stmt, sql: remoteString, adapter: nil) // BAD
-    row.fetchAll(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    row.fetchAll(stmt, sql: remoteString) // $ Alert
+    row.fetchAll(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    row.fetchAll(stmt, sql: remoteString, adapter: nil) // $ Alert
+    row.fetchAll(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     row.fetchAll(stmt, sql: localString) // GOOD
     row.fetchAll(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     row.fetchAll(stmt, sql: localString, adapter: nil) // GOOD
     row.fetchAll(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD
 
-    row.fetchOne(stmt, sql: remoteString) // BAD
-    row.fetchOne(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    row.fetchOne(stmt, sql: remoteString, adapter: nil) // BAD
-    row.fetchOne(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    row.fetchOne(stmt, sql: remoteString) // $ Alert
+    row.fetchOne(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    row.fetchOne(stmt, sql: remoteString, adapter: nil) // $ Alert
+    row.fetchOne(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     row.fetchOne(stmt, sql: localString) // GOOD
     row.fetchOne(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     row.fetchOne(stmt, sql: localString, adapter: nil) // GOOD
     row.fetchOne(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD
 
-    row.fetchSet(stmt, sql: remoteString) // BAD
-    row.fetchSet(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    row.fetchSet(stmt, sql: remoteString, adapter: nil) // BAD
-    row.fetchSet(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    row.fetchSet(stmt, sql: remoteString) // $ Alert
+    row.fetchSet(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    row.fetchSet(stmt, sql: remoteString, adapter: nil) // $ Alert
+    row.fetchSet(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     row.fetchSet(stmt, sql: localString) // GOOD
     row.fetchSet(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     row.fetchSet(stmt, sql: localString, adapter: nil) // GOOD
@@ -288,39 +288,39 @@ func test(row: Row, stmt: Statement) throws {
 
 func test(databaseValueConvertible: DatabaseValueConvertible, stmt: Statement) throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    databaseValueConvertible.fetchCursor(stmt, sql: remoteString) // BAD
-    databaseValueConvertible.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    databaseValueConvertible.fetchCursor(stmt, sql: remoteString, adapter: nil) // BAD
-    databaseValueConvertible.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    databaseValueConvertible.fetchCursor(stmt, sql: remoteString) // $ Alert
+    databaseValueConvertible.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    databaseValueConvertible.fetchCursor(stmt, sql: remoteString, adapter: nil) // $ Alert
+    databaseValueConvertible.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     databaseValueConvertible.fetchCursor(stmt, sql: localString) // GOOD
     databaseValueConvertible.fetchCursor(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     databaseValueConvertible.fetchCursor(stmt, sql: localString, adapter: nil) // GOOD
     databaseValueConvertible.fetchCursor(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD
 
-    databaseValueConvertible.fetchAll(stmt, sql: remoteString) // BAD
-    databaseValueConvertible.fetchAll(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    databaseValueConvertible.fetchAll(stmt, sql: remoteString, adapter: nil) // BAD
-    databaseValueConvertible.fetchAll(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    databaseValueConvertible.fetchAll(stmt, sql: remoteString) // $ Alert
+    databaseValueConvertible.fetchAll(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    databaseValueConvertible.fetchAll(stmt, sql: remoteString, adapter: nil) // $ Alert
+    databaseValueConvertible.fetchAll(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     databaseValueConvertible.fetchAll(stmt, sql: localString) // GOOD
     databaseValueConvertible.fetchAll(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     databaseValueConvertible.fetchAll(stmt, sql: localString, adapter: nil) // GOOD
     databaseValueConvertible.fetchAll(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD
 
-    databaseValueConvertible.fetchOne(stmt, sql: remoteString) // BAD
-    databaseValueConvertible.fetchOne(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    databaseValueConvertible.fetchOne(stmt, sql: remoteString, adapter: nil) // BAD
-    databaseValueConvertible.fetchOne(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    databaseValueConvertible.fetchOne(stmt, sql: remoteString) // $ Alert
+    databaseValueConvertible.fetchOne(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    databaseValueConvertible.fetchOne(stmt, sql: remoteString, adapter: nil) // $ Alert
+    databaseValueConvertible.fetchOne(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     databaseValueConvertible.fetchOne(stmt, sql: localString) // GOOD
     databaseValueConvertible.fetchOne(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     databaseValueConvertible.fetchOne(stmt, sql: localString, adapter: nil) // GOOD
     databaseValueConvertible.fetchOne(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD
 
-    databaseValueConvertible.fetchSet(stmt, sql: remoteString) // BAD
-    databaseValueConvertible.fetchSet(stmt, sql: remoteString, arguments: StatementArguments()) // BAD
-    databaseValueConvertible.fetchSet(stmt, sql: remoteString, adapter: nil) // BAD
-    databaseValueConvertible.fetchSet(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD
+    databaseValueConvertible.fetchSet(stmt, sql: remoteString) // $ Alert
+    databaseValueConvertible.fetchSet(stmt, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    databaseValueConvertible.fetchSet(stmt, sql: remoteString, adapter: nil) // $ Alert
+    databaseValueConvertible.fetchSet(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // $ Alert
     databaseValueConvertible.fetchSet(stmt, sql: localString) // GOOD
     databaseValueConvertible.fetchSet(stmt, sql: localString, arguments: StatementArguments()) // GOOD
     databaseValueConvertible.fetchSet(stmt, sql: localString, adapter: nil) // GOOD
@@ -329,26 +329,26 @@ func test(databaseValueConvertible: DatabaseValueConvertible, stmt: Statement) t
 
 func testSqlStatementCursor(database: Database) throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
-    let _ = SQLStatementCursor(database: database, sql: remoteString, arguments: StatementArguments()) // BAD
-    let _ = SQLStatementCursor(database: database, sql: remoteString, arguments: StatementArguments(), prepFlags: 0) // BAD
+    let _ = SQLStatementCursor(database: database, sql: remoteString, arguments: StatementArguments()) // $ Alert
+    let _ = SQLStatementCursor(database: database, sql: remoteString, arguments: StatementArguments(), prepFlags: 0) // $ Alert
     let _ = SQLStatementCursor(database: database, sql: localString, arguments: StatementArguments()) // GOOD
     let _ = SQLStatementCursor(database: database, sql: localString, arguments: StatementArguments(), prepFlags: 0) // GOOD
 }
 
 func testCommonTableExpression() throws {
     let localString = "user"
-	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!)
-
-    let _ = CommonTableExpression(named: "", sql: remoteString) // BAD
-    let _ = CommonTableExpression(named: "", sql: remoteString, arguments: StatementArguments()) // BAD
-    let _ = CommonTableExpression(named: "", columns: [""], sql: remoteString) // BAD
-    let _ = CommonTableExpression(named: "", columns: [""], sql: remoteString, arguments: StatementArguments()) // BAD
-    let _ = CommonTableExpression(recursive: false, named: "", sql: remoteString) // BAD
-    let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: remoteString) // BAD
-    let _ = CommonTableExpression(recursive: false, named: "", sql: remoteString, arguments: StatementArguments()) // BAD
-    let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: remoteString, arguments: StatementArguments()) // BAD
+	let remoteString  = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
+
+    let _ = CommonTableExpression(named: "", sql: remoteString) // $ Alert
+    let _ = CommonTableExpression(named: "", sql: remoteString, arguments: StatementArguments()) // $ Alert
+    let _ = CommonTableExpression(named: "", columns: [""], sql: remoteString) // $ Alert
+    let _ = CommonTableExpression(named: "", columns: [""], sql: remoteString, arguments: StatementArguments()) // $ Alert
+    let _ = CommonTableExpression(recursive: false, named: "", sql: remoteString) // $ Alert
+    let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: remoteString) // $ Alert
+    let _ = CommonTableExpression(recursive: false, named: "", sql: remoteString, arguments: StatementArguments()) // $ Alert
+    let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: remoteString, arguments: StatementArguments()) // $ Alert
     let _ = CommonTableExpression(named: "", sql: localString) // GOOD
     let _ = CommonTableExpression(named: "", sql: localString, arguments: StatementArguments()) // GOOD
     let _ = CommonTableExpression(named: "", columns: [""], sql: localString) // GOOD
diff --git a/swift/ql/test/query-tests/Security/CWE-089/SQLite.swift b/swift/ql/test/query-tests/Security/CWE-089/SQLite.swift
index f9a6b41340ce..5973866fb250 100644
--- a/swift/ql/test/query-tests/Security/CWE-089/SQLite.swift
+++ b/swift/ql/test/query-tests/Security/CWE-089/SQLite.swift
@@ -59,7 +59,7 @@ class Connection {
 
 func test_sqlite_swift_api(db: Connection) throws {
 	let localString = "user"
-	let remoteString = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 	let remoteNumber = Int(remoteString) ?? 0
 
 	let unsafeQuery1 = remoteString
@@ -70,9 +70,9 @@ func test_sqlite_swift_api(db: Connection) throws {
 
 	// --- execute ---
 
-	try db.execute(unsafeQuery1) // BAD
-	try db.execute(unsafeQuery2) // BAD
-	try db.execute(unsafeQuery3) // BAD
+	try db.execute(unsafeQuery1) // $ Alert
+	try db.execute(unsafeQuery2) // $ Alert
+	try db.execute(unsafeQuery3) // $ Alert
 	try db.execute(safeQuery1) // GOOD
 	try db.execute(safeQuery2) // GOOD
 
@@ -80,7 +80,7 @@ func test_sqlite_swift_api(db: Connection) throws {
 
 	let varQuery = "SELECT * FROM users WHERE username=?"
 
-	let stmt1 = try db.prepare(unsafeQuery3) // BAD
+	let stmt1 = try db.prepare(unsafeQuery3) // $ Alert
 	try stmt1.run()
 
 	let stmt2 = try db.prepare(varQuery, localString) // GOOD
@@ -92,31 +92,31 @@ func test_sqlite_swift_api(db: Connection) throws {
 	let stmt4 = try Statement(db, localString) // GOOD
 	try stmt4.run()
 
-	let stmt5 = try Statement(db, remoteString) // BAD
+	let stmt5 = try Statement(db, remoteString) // $ Alert
 	try stmt5.run()
 
 	// --- more variants ---
 
-	let stmt6 = try db.prepare(unsafeQuery1, "") // BAD
+	let stmt6 = try db.prepare(unsafeQuery1, "") // $ Alert
 	try stmt6.run()
 
-	let stmt7 = try db.prepare(unsafeQuery1, [""]) // BAD
+	let stmt7 = try db.prepare(unsafeQuery1, [""]) // $ Alert
 	try stmt7.run()
 
-	let stmt8 = try db.prepare(unsafeQuery1, ["username": ""]) // BAD
+	let stmt8 = try db.prepare(unsafeQuery1, ["username": ""]) // $ Alert
 	try stmt8.run()
 
-	try db.run(unsafeQuery1, "") // BAD
+	try db.run(unsafeQuery1, "") // $ Alert
 
-	try db.run(unsafeQuery1, [""]) // BAD
+	try db.run(unsafeQuery1, [""]) // $ Alert
 
-	try db.run(unsafeQuery1, ["username": ""]) // BAD
+	try db.run(unsafeQuery1, ["username": ""]) // $ Alert
 
-	try db.scalar(unsafeQuery1, "") // BAD
+	try db.scalar(unsafeQuery1, "") // $ Alert
 
-	try db.scalar(unsafeQuery1, [""]) // BAD
+	try db.scalar(unsafeQuery1, [""]) // $ Alert
 
-	try db.scalar(unsafeQuery1, ["username": ""]) // BAD
+	try db.scalar(unsafeQuery1, ["username": ""]) // $ Alert
 
 	let stmt9 = try db.prepare(varQuery) // GOOD
 	try stmt9.bind(remoteString) // GOOD
@@ -129,5 +129,5 @@ func test_sqlite_swift_api(db: Connection) throws {
 	try stmt9.scalar([remoteString]) // GOOD
 	try stmt9.scalar(["username": remoteString]) // GOOD
 
-	try Statement(db, remoteString).run() // BAD
+	try Statement(db, remoteString).run() // $ Alert
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.qlref b/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.qlref
index eaf19a94546e..654631d8a094 100644
--- a/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-089/SqlInjection.ql
\ No newline at end of file
+query: queries/Security/CWE-089/SqlInjection.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-089/other.swift b/swift/ql/test/query-tests/Security/CWE-089/other.swift
index 52cafbb15456..cb36c8f8828e 100644
--- a/swift/ql/test/query-tests/Security/CWE-089/other.swift
+++ b/swift/ql/test/query-tests/Security/CWE-089/other.swift
@@ -43,18 +43,18 @@ class MyDatabase {
 // --- tests ---
 
 func test_heuristic(db: MyDatabase) throws {
-	let remoteString = try String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 
 	_ = MyDatabase() // GOOD
 	_ = MyDatabase(sql: "some_fixed_sql") // GOOD
-	_ = MyDatabase(sql: remoteString) // BAD
+	_ = MyDatabase(sql: remoteString) // $ Alert
 
-	db.execute1(remoteString) // BAD
-	db.execute2(remoteString) // BAD
-	db.execute3(NSString(string: remoteString)) // BAD
-	db.execute4(remoteString as! Sql) // BAD
+	db.execute1(remoteString) // $ Alert
+	db.execute2(remoteString) // $ Alert
+	db.execute3(NSString(string: remoteString)) // $ Alert
+	db.execute4(remoteString as! Sql) // $ Alert
 
-	db.query(sql: remoteString) // BAD
+	db.query(sql: remoteString) // $ Alert
 	db.query(sqlLiteral: remoteString) // BAD [NOT DETECTED]
 	db.query(sqlStatement: remoteString) // BAD [NOT DETECTED]
 	db.query(sqliteStatement: remoteString) // BAD [NOT DETECTED]
diff --git a/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift b/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift
index 8498d89d68da..b4e7451b9163 100644
--- a/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift
+++ b/swift/ql/test/query-tests/Security/CWE-089/sqlite3_c_api.swift
@@ -119,7 +119,7 @@ func sqlite3_finalize(
 
 func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>) {
 	let localString = "user"
-	let remoteString = try! String(contentsOf: URL(string: "http://example.com/")!)
+	let remoteString = try! String(contentsOf: URL(string: "http://example.com/")!) // $ Source
 	let remoteNumber = Int(remoteString) ?? 0
 
 	let unsafeQuery1 = remoteString
@@ -130,9 +130,9 @@ func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>)
 
 	// --- exec ---
 
-	let result1 = sqlite3_exec(db, unsafeQuery1, nil, nil, nil) // BAD
-	let result2 = sqlite3_exec(db, unsafeQuery2, nil, nil, nil) // BAD
-	let result3 = sqlite3_exec(db, unsafeQuery3, nil, nil, nil) // BAD
+	let result1 = sqlite3_exec(db, unsafeQuery1, nil, nil, nil) // $ Alert
+	let result2 = sqlite3_exec(db, unsafeQuery2, nil, nil, nil) // $ Alert
+	let result3 = sqlite3_exec(db, unsafeQuery3, nil, nil, nil) // $ Alert
 	let result4 = sqlite3_exec(db, safeQuery1, nil, nil, nil) // GOOD
 	let result5 = sqlite3_exec(db, safeQuery2, nil, nil, nil) // GOOD
 
@@ -142,7 +142,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>)
 
 	var stmt1: OpaquePointer?
 
-	if (sqlite3_prepare(db, unsafeQuery3, -1, &stmt1, nil) == SQLITE_OK) { // BAD
+	if (sqlite3_prepare(db, unsafeQuery3, -1, &stmt1, nil) == SQLITE_OK) { // $ Alert
 		let result = sqlite3_step(stmt1)
 		// ...
 	}
@@ -172,7 +172,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>)
 
 	var stmt4: OpaquePointer?
 
-	if (sqlite3_prepare_v2(db, unsafeQuery3, -1, &stmt4, nil) == SQLITE_OK) { // BAD
+	if (sqlite3_prepare_v2(db, unsafeQuery3, -1, &stmt4, nil) == SQLITE_OK) { // $ Alert
 		let result = sqlite3_step(stmt4)
 		// ...
 	}
@@ -180,7 +180,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>)
 
 	var stmt5: OpaquePointer?
 
-	if (sqlite3_prepare_v3(db, unsafeQuery3, -1, 0, &stmt5, nil) == SQLITE_OK) { // BAD
+	if (sqlite3_prepare_v3(db, unsafeQuery3, -1, 0, &stmt5, nil) == SQLITE_OK) { // $ Alert
 		let result = sqlite3_step(stmt5)
 		// ...
 	}
@@ -191,7 +191,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>)
 
 	var stmt6: OpaquePointer?
 
-	if (sqlite3_prepare16(db, buffer, Int32(data.count), &stmt6, nil) == SQLITE_OK) { // BAD
+	if (sqlite3_prepare16(db, buffer, Int32(data.count), &stmt6, nil) == SQLITE_OK) { // $ Alert
 		let result = sqlite3_step(stmt6)
 		// ...
 	}
@@ -199,7 +199,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>)
 
 	var stmt7: OpaquePointer?
 
-	if (sqlite3_prepare16_v2(db, buffer, Int32(data.count), &stmt7, nil) == SQLITE_OK) { // BAD
+	if (sqlite3_prepare16_v2(db, buffer, Int32(data.count), &stmt7, nil) == SQLITE_OK) { // $ Alert
 		let result = sqlite3_step(stmt7)
 		// ...
 	}
@@ -207,7 +207,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, buffer: UnsafeMutablePointer<UInt8>)
 
 	var stmt8: OpaquePointer?
 
-	if (sqlite3_prepare16_v3(db, buffer, Int32(data.count), 0, &stmt8, nil) == SQLITE_OK) { // BAD
+	if (sqlite3_prepare16_v3(db, buffer, Int32(data.count), 0, &stmt8, nil) == SQLITE_OK) { // $ Alert
 		let result = sqlite3_step(stmt8)
 		// ...
 	}
diff --git a/swift/ql/test/query-tests/Security/CWE-116/BadTagFilter.qlref b/swift/ql/test/query-tests/Security/CWE-116/BadTagFilter.qlref
index 8186dfa236f1..67e973ba99e6 100644
--- a/swift/ql/test/query-tests/Security/CWE-116/BadTagFilter.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-116/BadTagFilter.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-116/BadTagFilter.ql
\ No newline at end of file
+query: queries/Security/CWE-116/BadTagFilter.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-116/test.swift b/swift/ql/test/query-tests/Security/CWE-116/test.swift
index e2e88135dd6f..be6cbc0dcdd2 100644
--- a/swift/ql/test/query-tests/Security/CWE-116/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-116/test.swift
@@ -76,18 +76,18 @@ func myRegexpVariantsTests(myUrl: URL) throws {
     let tainted = String(contentsOf: myUrl) // tainted
 
     // BAD - doesn't match newlines or `</script >`
-    let re1 = try Regex(#"<script.*?>.*?<\/script>"#).ignoresCase(true)
+    let re1 = try Regex(#"<script.*?>.*?<\/script>"#).ignoresCase(true) // $ Alert
     _ = try re1.firstMatch(in: tainted)
 
     // BAD - doesn't match `</script >`
-    let re2a = try Regex(#"(?is)<script.*?>.*?<\/script>"#)
+    let re2a = try Regex(#"(?is)<script.*?>.*?<\/script>"#) // $ Alert
     _ = try re2a.firstMatch(in: tainted)
     // BAD - doesn't match `</script >`
-    let re2b = try Regex(#"<script.*?>.*?<\/script>"#).ignoresCase(true).dotMatchesNewlines(true)
+    let re2b = try Regex(#"<script.*?>.*?<\/script>"#).ignoresCase(true).dotMatchesNewlines(true) // $ Alert
     _ = try re2b.firstMatch(in: tainted)
     // BAD - doesn't match `</script >`
     let options2c: NSRegularExpression.Options = [.caseInsensitive, .dotMatchesLineSeparators]
-    let ns2c = try NSRegularExpression(pattern: #"<script.*?>.*?<\/script>"#, options: options2c)
+    let ns2c = try NSRegularExpression(pattern: #"<script.*?>.*?<\/script>"#, options: options2c) // $ Alert
     _ = ns2c.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // GOOD
@@ -110,71 +110,71 @@ func myRegexpVariantsTests(myUrl: URL) throws {
     _ = try re5.firstMatch(in: tainted)
 
     // BAD, does not match newlines
-    let re6 = try Regex(#"<!--.*--!?>"#).ignoresCase(true)
+    let re6 = try Regex(#"<!--.*--!?>"#).ignoresCase(true) // $ Alert
     _ = try re6.firstMatch(in: tainted)
 
     // BAD - doesn't match newlines inside the script tag
-    let re7 = try Regex(#"<script.*?>(.|\s)*?<\/script[^>]*>"#).ignoresCase(true)
+    let re7 = try Regex(#"<script.*?>(.|\s)*?<\/script[^>]*>"#).ignoresCase(true) // $ Alert
     _ = try re7.firstMatch(in: tainted)
 
     // BAD - doesn't match newlines inside the content
-    let re8 = try Regex(#"<script[^>]*?>.*?<\/script[^>]*>"#).ignoresCase(true)
+    let re8 = try Regex(#"<script[^>]*?>.*?<\/script[^>]*>"#).ignoresCase(true) // $ Alert
     _ = try re8.firstMatch(in: tainted)
 
     // BAD - does not match single quotes for attribute values
-    let re9 = try Regex(#"<script(\s|\w|=|")*?>.*?<\/script[^>]*>"#).ignoresCase(true).dotMatchesNewlines(true)
+    let re9 = try Regex(#"<script(\s|\w|=|")*?>.*?<\/script[^>]*>"#).ignoresCase(true).dotMatchesNewlines(true) // $ Alert
     _ = try re9.firstMatch(in: tainted)
 
     // BAD - does not match double quotes for attribute values
-    let re10a = try Regex(#"(?is)<script(\s|\w|=|')*?>.*?<\/script[^>]*>"#)
+    let re10a = try Regex(#"(?is)<script(\s|\w|=|')*?>.*?<\/script[^>]*>"#) // $ Alert
     _ = try re10a.firstMatch(in: tainted)
     // BAD - does not match double quotes for attribute values
-    let re10b = try Regex(#"<script(\s|\w|=|')*?>.*?<\/script[^>]*>"#).ignoresCase(true).dotMatchesNewlines(true)
+    let re10b = try Regex(#"<script(\s|\w|=|')*?>.*?<\/script[^>]*>"#).ignoresCase(true).dotMatchesNewlines(true) // $ Alert
     _ = try re10b.firstMatch(in: tainted)
     // BAD - does not match double quotes for attribute values
     let options10: NSRegularExpression.Options = [.caseInsensitive, .dotMatchesLineSeparators]
-    let ns10 = try NSRegularExpression(pattern: #"<script(\s|\w|=|')*?>.*?<\/script[^>]*>"#, options: options10)
+    let ns10 = try NSRegularExpression(pattern: #"<script(\s|\w|=|')*?>.*?<\/script[^>]*>"#, options: options10) // $ Alert
     _ = ns10.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - does not match tabs between attributes
-    let re11a = try Regex(#"(?is)<script( |\n|\w|=|'|")*?>.*?<\/script[^>]*>"#)
+    let re11a = try Regex(#"(?is)<script( |\n|\w|=|'|")*?>.*?<\/script[^>]*>"#) // $ Alert
     _ = try re11a.firstMatch(in: tainted)
     // BAD - does not match tabs between attributes
-    let re11b = try Regex(#"<script( |\n|\w|=|'|")*?>.*?<\/script[^>]*>"#).ignoresCase(true).dotMatchesNewlines(true)
+    let re11b = try Regex(#"<script( |\n|\w|=|'|")*?>.*?<\/script[^>]*>"#).ignoresCase(true).dotMatchesNewlines(true) // $ Alert
     _ = try re11b.firstMatch(in: tainted)
     // BAD - does not match tabs between attributes
     let options11: NSRegularExpression.Options = [.caseInsensitive, .dotMatchesLineSeparators]
-    let ns11 = try NSRegularExpression(pattern: #"<script( |\n|\w|=|'|")*?>.*?<\/script[^>]*>"#, options: options11)
+    let ns11 = try NSRegularExpression(pattern: #"<script( |\n|\w|=|'|")*?>.*?<\/script[^>]*>"#, options: options11) // $ Alert
     _ = ns11.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - does not match uppercase SCRIPT tags
-    let re12a = try Regex(#"(?s)<script.*?>.*?<\/script[^>]*>"#)
+    let re12a = try Regex(#"(?s)<script.*?>.*?<\/script[^>]*>"#) // $ Alert
     _ = try re12a.firstMatch(in: tainted)
     // BAD - does not match uppercase SCRIPT tags
-    let re12b = try Regex(#"<script.*?>.*?<\/script[^>]*>"#).dotMatchesNewlines(true)
+    let re12b = try Regex(#"<script.*?>.*?<\/script[^>]*>"#).dotMatchesNewlines(true) // $ Alert
     _ = try re12b.firstMatch(in: tainted)
     // BAD - does not match uppercase SCRIPT tags
-    let ns12 = try NSRegularExpression(pattern: #"<script.*?>.*?<\/script[^>]*>"#, options: .dotMatchesLineSeparators)
+    let ns12 = try NSRegularExpression(pattern: #"<script.*?>.*?<\/script[^>]*>"#, options: .dotMatchesLineSeparators) // $ Alert
     _ = ns12.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - does not match mixed case script tags
-    let re13a = try Regex(#"(?s)<(script|SCRIPT).*?>.*?<\/(script|SCRIPT)[^>]*>"#)
+    let re13a = try Regex(#"(?s)<(script|SCRIPT).*?>.*?<\/(script|SCRIPT)[^>]*>"#) // $ Alert
     _ = try re13a.firstMatch(in: tainted)
     // BAD - does not match mixed case script tags
-    let re13b = try Regex(#"<(script|SCRIPT).*?>.*?<\/(script|SCRIPT)[^>]*>"#).dotMatchesNewlines(true)
+    let re13b = try Regex(#"<(script|SCRIPT).*?>.*?<\/(script|SCRIPT)[^>]*>"#).dotMatchesNewlines(true) // $ Alert
     _ = try re13b.firstMatch(in: tainted)
     // BAD - does not match mixed case script tags
-    let ns13 = try NSRegularExpression(pattern: #"<(script|SCRIPT).*?>.*?<\/(script|SCRIPT)[^>]*>"#, options: .dotMatchesLineSeparators)
+    let ns13 = try NSRegularExpression(pattern: #"<(script|SCRIPT).*?>.*?<\/(script|SCRIPT)[^>]*>"#, options: .dotMatchesLineSeparators) // $ Alert
     _ = ns13.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - doesn't match newlines in the end tag
-    let re14a = try Regex(#"(?i)<script[^>]*?>[\s\S]*?<\/script.*>"#)
+    let re14a = try Regex(#"(?i)<script[^>]*?>[\s\S]*?<\/script.*>"#) // $ Alert
     _ = try re14a.firstMatch(in: tainted)
     // BAD - doesn't match newlines in the end tag
-    let re14b = try Regex(#"<script[^>]*?>[\s\S]*?<\/script.*>"#).ignoresCase(true)
+    let re14b = try Regex(#"<script[^>]*?>[\s\S]*?<\/script.*>"#).ignoresCase(true) // $ Alert
     _ = try re14b.firstMatch(in: tainted)
     // BAD - doesn't match newlines in the end tag
-    let ns14 = try NSRegularExpression(pattern: #"<script[^>]*?>[\s\S]*?<\/script.*>"#, options: .caseInsensitive)
+    let ns14 = try NSRegularExpression(pattern: #"<script[^>]*?>[\s\S]*?<\/script.*>"#, options: .caseInsensitive) // $ Alert
     _ = ns14.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // GOOD
@@ -188,33 +188,33 @@ func myRegexpVariantsTests(myUrl: URL) throws {
     _ = ns15.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - doesn't match comments with the right capture groups
-    let re16 = try Regex(#"<(?:!--([\S|\s]*?)-->)|([^\/\s>]+)[\S\s]*?>"#)
+    let re16 = try Regex(#"<(?:!--([\S|\s]*?)-->)|([^\/\s>]+)[\S\s]*?>"#) // $ Alert
     _ = try re16.firstMatch(in: tainted)
     // BAD - doesn't match comments with the right capture groups
-    let ns16 = try NSRegularExpression(pattern: #"<(?:!--([\S|\s]*?)-->)|([^\/\s>]+)[\S\s]*?>"#)
+    let ns16 = try NSRegularExpression(pattern: #"<(?:!--([\S|\s]*?)-->)|([^\/\s>]+)[\S\s]*?>"#) // $ Alert
     _ = ns16.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - capture groups
-    let re17 = try Regex(#"<(?:(?:\/([^>]+)>)|(?:!--([\S|\s]*?)-->)|(?:([^\/\s>]+)((?:\s+[\w\-:.]+(?:\s*=\s*?(?:(?:"[^"]*")|(?:'[^']*')|[^\s"'\/>]+))?)*)[\S\s]*?(\/?)>))"#)
+    let re17 = try Regex(#"<(?:(?:\/([^>]+)>)|(?:!--([\S|\s]*?)-->)|(?:([^\/\s>]+)((?:\s+[\w\-:.]+(?:\s*=\s*?(?:(?:"[^"]*")|(?:'[^']*')|[^\s"'\/>]+))?)*)[\S\s]*?(\/?)>))"#) // $ Alert
     _ = try re17.firstMatch(in: tainted)
     // BAD - capture groups
-    let ns17 = try NSRegularExpression(pattern: #"<(?:(?:\/([^>]+)>)|(?:!--([\S|\s]*?)-->)|(?:([^\/\s>]+)((?:\s+[\w\-:.]+(?:\s*=\s*?(?:(?:"[^"]*")|(?:'[^']*')|[^\s"'\/>]+))?)*)[\S\s]*?(\/?)>))"#, options: .caseInsensitive)
+    let ns17 = try NSRegularExpression(pattern: #"<(?:(?:\/([^>]+)>)|(?:!--([\S|\s]*?)-->)|(?:([^\/\s>]+)((?:\s+[\w\-:.]+(?:\s*=\s*?(?:(?:"[^"]*")|(?:'[^']*')|[^\s"'\/>]+))?)*)[\S\s]*?(\/?)>))"#, options: .caseInsensitive) // $ Alert
     _ = ns17.firstMatch(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - too strict matching on the end tag
-    let ns2_1 = try NSRegularExpression(pattern: #"<script\b[^>]*>([\s\S]*?)<\/script>"#, options: .caseInsensitive)
+    let ns2_1 = try NSRegularExpression(pattern: #"<script\b[^>]*>([\s\S]*?)<\/script>"#, options: .caseInsensitive) // $ Alert
     _ = ns2_1.matches(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - capture groups
-    let ns2_2 = try NSRegularExpression(pattern: #"(<[a-z\/!$]("[^"]*"|'[^']*'|[^'">])*>|<!(--.*?--\s*)+>)"#, options: .caseInsensitive)
+    let ns2_2 = try NSRegularExpression(pattern: #"(<[a-z\/!$]("[^"]*"|'[^']*'|[^'">])*>|<!(--.*?--\s*)+>)"#, options: .caseInsensitive) // $ Alert
     _ = ns2_2.matches(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - capture groups
-    let ns2_3 = try NSRegularExpression(pattern: #"<(?:(?:!--([\w\W]*?)-->)|(?:!\[CDATA\[([\w\W]*?)\]\]>)|(?:!DOCTYPE([\w\W]*?)>)|(?:\?([^\s\/<>]+) ?([\w\W]*?)[?/]>)|(?:\/([A-Za-z][A-Za-z0-9\-_\:\.]*)>)|(?:([A-Za-z][A-Za-z0-9\-_\:\.]*)((?:\s+[^"'>]+(?:(?:"[^"]*")|(?:'[^']*')|[^>]*))*|\/|\s+)>))"#)
+    let ns2_3 = try NSRegularExpression(pattern: #"<(?:(?:!--([\w\W]*?)-->)|(?:!\[CDATA\[([\w\W]*?)\]\]>)|(?:!DOCTYPE([\w\W]*?)>)|(?:\?([^\s\/<>]+) ?([\w\W]*?)[?/]>)|(?:\/([A-Za-z][A-Za-z0-9\-_\:\.]*)>)|(?:([A-Za-z][A-Za-z0-9\-_\:\.]*)((?:\s+[^"'>]+(?:(?:"[^"]*")|(?:'[^']*')|[^>]*))*|\/|\s+)>))"#) // $ Alert
     _ = ns2_3.matches(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - capture groups
-    let ns2_4 = try NSRegularExpression(pattern: #"<!--([\w\W]*?)-->|<([^>]*?)>"#)
+    let ns2_4 = try NSRegularExpression(pattern: #"<!--([\w\W]*?)-->|<([^>]*?)>"#) // $ Alert
     _ = ns2_4.matches(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // GOOD - it's used with the ignorecase flag
@@ -222,7 +222,7 @@ func myRegexpVariantsTests(myUrl: URL) throws {
     _ = ns2_5.matches(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // BAD - doesn't match --!>
-    let ns2_6 = try NSRegularExpression(pattern: #"-->"#)
+    let ns2_6 = try NSRegularExpression(pattern: #"-->"#) // $ Alert
     _ = ns2_6.matches(in: tainted, range: NSMakeRange(0, tainted.utf16.count))
 
     // GOOD
diff --git a/swift/ql/test/query-tests/Security/CWE-1204/StaticInitializationVector.qlref b/swift/ql/test/query-tests/Security/CWE-1204/StaticInitializationVector.qlref
index 36f922580f70..6106d4b12ad9 100644
--- a/swift/ql/test/query-tests/Security/CWE-1204/StaticInitializationVector.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-1204/StaticInitializationVector.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-1204/StaticInitializationVector.ql
+query: queries/Security/CWE-1204/StaticInitializationVector.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-1204/rncryptor.swift b/swift/ql/test/query-tests/Security/CWE-1204/rncryptor.swift
index 253804cabf15..319c4c927ed0 100644
--- a/swift/ql/test/query-tests/Security/CWE-1204/rncryptor.swift
+++ b/swift/ql/test/query-tests/Security/CWE-1204/rncryptor.swift
@@ -57,28 +57,28 @@ func test(myPassword: String) {
 	let myKeyDerivationSettings = RNCryptorKeyDerivationSettings()
 	let myHandler = {}
 	let myRandomIV = Data(getRandomArray())
-	let myConstIV1 = Data(0)
-	let myConstIV2 = Data(123)
-	let myConstIV3 = Data([1,2,3,4,5])
-	let myConstIV4 = Data("iv")
+	let myConstIV1 = Data(0) // $ Source
+	let myConstIV2 = Data(123) // $ Source
+	let myConstIV3 = Data([1,2,3,4,5]) // $ Source
+	let myConstIV4 = Data("iv") // $ Source
 	let mySalt = Data(0)
 	let mySalt2 = Data(0)
 
 	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, encryptionKey: myKey, hmacKey: myHMACKey, iv: myRandomIV, handler: myHandler) // GOOD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, encryptionKey: myKey, hmacKey: myHMACKey, iv: myConstIV1, handler: myHandler) // BAD
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, encryptionKey: myKey, hmacKey: myHMACKey, iv: myConstIV1, handler: myHandler) // $ Alert
 	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, encryptionKey: myKey, HMACKey: myHMACKey, IV: myRandomIV, handler: myHandler) // GOOD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, encryptionKey: myKey, HMACKey: myHMACKey, IV: myConstIV2, handler: myHandler) // BAD
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, encryptionKey: myKey, HMACKey: myHMACKey, IV: myConstIV2, handler: myHandler) // $ Alert
 	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myRandomIV, encryptionSalt: mySalt, hmacSalt: mySalt2, handler: myHandler) // GOOD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myConstIV3, encryptionSalt: mySalt, hmacSalt: mySalt2, handler: myHandler) // BAD
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myConstIV3, encryptionSalt: mySalt, hmacSalt: mySalt2, handler: myHandler) // $ Alert
 	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myRandomIV, encryptionSalt: mySalt, HMACSalt: mySalt2, handler: myHandler) // GOOD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myConstIV4, encryptionSalt: mySalt, HMACSalt: mySalt2, handler: myHandler) // BAD
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myConstIV4, encryptionSalt: mySalt, HMACSalt: mySalt2, handler: myHandler) // $ Alert
 
 	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, encryptionKey: myKey, hmacKey: myHMACKey, iv: myRandomIV) // GOOD
-	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, encryptionKey: myKey, hmacKey: myHMACKey, iv: myConstIV1) // BAD
+	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, encryptionKey: myKey, hmacKey: myHMACKey, iv: myConstIV1) // $ Alert
 	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, encryptionKey: myKey, HMACKey: myHMACKey, IV: myRandomIV) // GOOD
-	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, encryptionKey: myKey, HMACKey: myHMACKey, IV: myConstIV2) // BAD
+	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, encryptionKey: myKey, HMACKey: myHMACKey, IV: myConstIV2) // $ Alert
 	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myRandomIV, encryptionSalt: mySalt, hmacSalt: mySalt2) // GOOD
-	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myConstIV3, encryptionSalt: mySalt, hmacSalt: mySalt2) // BAD
+	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myConstIV3, encryptionSalt: mySalt, hmacSalt: mySalt2) // $ Alert
 	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myRandomIV, encryptionSalt: mySalt, HMACSalt: mySalt2) // GOOD
-	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myConstIV4, encryptionSalt: mySalt, HMACSalt: mySalt2) // BAD
+	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myConstIV4, encryptionSalt: mySalt, HMACSalt: mySalt2) // $ Alert
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-1204/test.swift b/swift/ql/test/query-tests/Security/CWE-1204/test.swift
index 273556ce5bba..8536996ca3a5 100644
--- a/swift/ql/test/query-tests/Security/CWE-1204/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-1204/test.swift
@@ -51,7 +51,7 @@ final class GCM: BlockMode {
 	enum Mode { case combined, detached }
 	init(iv: Array<UInt8>, additionalAuthenticatedData: Array<UInt8>? = nil, tagLength: Int = 16, mode: Mode = .detached) { }
 	convenience init(iv: Array<UInt8>, authenticationTag: Array<UInt8>, additionalAuthenticatedData: Array<UInt8>? = nil, mode: Mode = .detached) {
-		self.init(iv: iv, additionalAuthenticatedData: additionalAuthenticatedData, tagLength: authenticationTag.count, mode: mode)
+		self.init(iv: iv, additionalAuthenticatedData: additionalAuthenticatedData, tagLength: authenticationTag.count, mode: mode) // $ Alert
 	}
 }
 
@@ -82,7 +82,7 @@ enum Padding: PaddingProtocol {
 
 // Helper functions
 func getConstantString() -> String {
-  "this string is constant"
+  "this string is constant" // $ Source
 }
 
 func getConstantArray() -> Array<UInt8> {
@@ -96,7 +96,7 @@ func getRandomArray() -> Array<UInt8> {
 // --- tests ---
 
 func test() {
-	let iv: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05, 0xaf, 0x46, 0x58, 0x2d, 0x66, 0x52, 0x10, 0xae, 0x86, 0xd3, 0x8e, 0x8f]
+	let iv: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05, 0xaf, 0x46, 0x58, 0x2d, 0x66, 0x52, 0x10, 0xae, 0x86, 0xd3, 0x8e, 0x8f] // $ Source
 	let iv2 = getConstantArray()
 	let ivString = getConstantString()
 
@@ -109,63 +109,63 @@ func test() {
 	let keyString = String(cString: key)
 
 	// AES test cases
-	let ab1 = AES(key: keyString, iv: ivString) // BAD
-	let ab2 = AES(key: keyString, iv: ivString, padding: padding) // BAD
+	let ab1 = AES(key: keyString, iv: ivString) // $ Alert
+	let ab2 = AES(key: keyString, iv: ivString, padding: padding) // $ Alert
 	let ag1 = AES(key: keyString, iv: randomIvString) // GOOD
 	let ag2 = AES(key: keyString, iv: randomIvString, padding: padding) // GOOD
 
 	// ChaCha20 test cases
-	let cb1 = ChaCha20(key: keyString, iv: ivString) // BAD
+	let cb1 = ChaCha20(key: keyString, iv: ivString) // $ Alert
 	let cg1 = ChaCha20(key: keyString, iv: randomIvString) // GOOD
 
 	// Blowfish test cases
-	let bb1 = Blowfish(key: keyString, iv: ivString) // BAD
-	let bb2 = Blowfish(key: keyString, iv: ivString, padding: padding) // BAD
+	let bb1 = Blowfish(key: keyString, iv: ivString) // $ Alert
+	let bb2 = Blowfish(key: keyString, iv: ivString, padding: padding) // $ Alert
 	let bg1 = Blowfish(key: keyString, iv: randomIvString) // GOOD
 	let bg2 = Blowfish(key: keyString, iv: randomIvString, padding: padding) // GOOD
 
 	// Rabbit
-	let rb1 = Rabbit(key: key, iv: iv) // BAD
-	let rb2 = Rabbit(key: key, iv: iv2) // BAD
-	let rb3 = Rabbit(key: keyString, iv: ivString) // BAD
+	let rb1 = Rabbit(key: key, iv: iv) // $ Alert
+	let rb2 = Rabbit(key: key, iv: iv2) // $ Alert
+	let rb3 = Rabbit(key: keyString, iv: ivString) // $ Alert
 	let rg1 = Rabbit(key: key, iv: randomIv) // GOOD
 	let rg2 = Rabbit(key: keyString, iv: randomIvString) // GOOD
 
 	// CBC
-	let cbcb1 = CBC(iv: iv) // BAD
+	let cbcb1 = CBC(iv: iv) // $ Alert
 	let cbcg1 = CBC(iv: randomIv) // GOOD
 
 	// CFB
-	let cfbb1 = CFB(iv: iv) // BAD
-	let cfbb2 = CFB(iv: iv, segmentSize: CFB.SegmentSize.cfb8) // BAD
+	let cfbb1 = CFB(iv: iv) // $ Alert
+	let cfbb2 = CFB(iv: iv, segmentSize: CFB.SegmentSize.cfb8) // $ Alert
 	let cfbg1 = CFB(iv: randomIv) // GOOD
 	let cfbg2 = CFB(iv: randomIv, segmentSize: CFB.SegmentSize.cfb8) // GOOD
 
 	// GCM
-	let cgmb1 = GCM(iv: iv) // BAD
-	let cgmb2 = GCM(iv: iv, additionalAuthenticatedData: randomArray, tagLength: 8, mode: GCM.Mode.combined) // BAD
-	let cgmb3 = GCM(iv: iv, authenticationTag: randomArray, additionalAuthenticatedData: randomArray, mode: GCM.Mode.combined) // BAD
+	let cgmb1 = GCM(iv: iv) // $ Alert
+	let cgmb2 = GCM(iv: iv, additionalAuthenticatedData: randomArray, tagLength: 8, mode: GCM.Mode.combined) // $ Alert
+	let cgmb3 = GCM(iv: iv, authenticationTag: randomArray, additionalAuthenticatedData: randomArray, mode: GCM.Mode.combined) // $ Alert
 	let cgmg1 = GCM(iv: randomIv) // GOOD
 	let cgmg2 = GCM(iv: randomIv, additionalAuthenticatedData: randomArray, tagLength: 8, mode: GCM.Mode.combined) // GOOD
 	let cgmg3 = GCM(iv: randomIv, authenticationTag: randomArray, additionalAuthenticatedData: randomArray, mode: GCM.Mode.combined) // GOOD
 
 	// OFB
-	let ofbb1 = OFB(iv: iv) // BAD
+	let ofbb1 = OFB(iv: iv) // $ Alert
 	let ofbg1 = OFB(iv: randomIv) // GOOD
 
 	// PCBC
-	let pcbcb1 = PCBC(iv: iv) // BAD
+	let pcbcb1 = PCBC(iv: iv) // $ Alert
 	let pcbcg1 = PCBC(iv: randomIv) // GOOD
 
 	// CCM
-	let ccmb1 = CCM(iv: iv, tagLength: 0, messageLength: 0, additionalAuthenticatedData: randomArray) // BAD
-	let ccmb2 = CCM(iv: iv, tagLength: 0, messageLength: 0, authenticationTag: randomArray, additionalAuthenticatedData: randomArray) // BAD
+	let ccmb1 = CCM(iv: iv, tagLength: 0, messageLength: 0, additionalAuthenticatedData: randomArray) // $ Alert
+	let ccmb2 = CCM(iv: iv, tagLength: 0, messageLength: 0, authenticationTag: randomArray, additionalAuthenticatedData: randomArray) // $ Alert
 	let ccmg1 = CCM(iv: randomIv, tagLength: 0, messageLength: 0, additionalAuthenticatedData: randomArray) // GOOD
 	let ccmg2 = CCM(iv: randomIv, tagLength: 0, messageLength: 0, authenticationTag: randomArray, additionalAuthenticatedData: randomArray) // GOOD
 
 	// CTR
-	let ctrb1 = CTR(iv: iv) // BAD
-	let ctrb2 = CTR(iv: iv, counter: 0) // BAD
+	let ctrb1 = CTR(iv: iv) // $ Alert
+	let ctrb2 = CTR(iv: iv, counter: 0) // $ Alert
 	let ctrg1 = CTR(iv: randomIv) // GOOD
 	let ctrg2 = CTR(iv: randomIv, counter: 0) // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.qlref b/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.qlref
index a0bdcd8a864c..5294bedca639 100644
--- a/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-1333/ReDoS.ql
\ No newline at end of file
+query: queries/Security/CWE-1333/ReDoS.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.swift b/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.swift
index 0349bac0669d..c7489a6e0679 100644
--- a/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.swift
+++ b/swift/ql/test/query-tests/Security/CWE-1333/ReDoS.swift
@@ -61,25 +61,25 @@ func myRegexpTests(myUrl: URL) throws {
     // Regex
 
     _ = "((a*)*b)" // GOOD (never used)
-    _ = try Regex("((a*)*b)") // DUBIOUS (never used) [FLAGGED]
-    _ = try Regex("((a*)*b)").firstMatch(in: untainted) // DUBIOUS (never used on tainted input) [FLAGGED]
-    _ = try Regex("((a*)*b)").firstMatch(in: tainted) // BAD
+    _ = try Regex("((a*)*b)") // $ Alert // DUBIOUS (never used) [FLAGGED]
+    _ = try Regex("((a*)*b)").firstMatch(in: untainted) // $ Alert // DUBIOUS (never used on tainted input) [FLAGGED]
+    _ = try Regex("((a*)*b)").firstMatch(in: tainted) // $ Alert
     _ = try Regex(".*").firstMatch(in: tainted) // GOOD (safe regex)
 
-    let str = "((a*)*b)" // BAD
+    let str = "((a*)*b)" // $ Alert
     let regex = try Regex(str)
     _ = try regex.firstMatch(in: tainted)
 
-    _ = try Regex(#"(?is)X(?:.|\n)*Y"#) // BAD - suggested attack should begin with 'x' or 'X', *not* 'isx' or 'isX'
+    _ = try Regex(#"(?is)X(?:.|\n)*Y"#) // $ Alert // BAD - suggested attack should begin with 'x' or 'X', *not* 'isx' or 'isX'
 
     // NSRegularExpression
 
-    _ = try? NSRegularExpression(pattern: "((a*)*b)") // DUBIOUS (never used) [FLAGGED]
+    _ = try? NSRegularExpression(pattern: "((a*)*b)") // $ Alert // DUBIOUS (never used) [FLAGGED]
 
-    let nsregex1 = try? NSRegularExpression(pattern: "((a*)*b)") // DUBIOUS (never used on tainted input) [FLAGGED]
+    let nsregex1 = try? NSRegularExpression(pattern: "((a*)*b)") // $ Alert // DUBIOUS (never used on tainted input) [FLAGGED]
     _ = nsregex1?.stringByReplacingMatches(in: untainted, range: NSRange(location: 0, length: untainted.utf16.count), withTemplate: "")
 
-    let nsregex2 = try? NSRegularExpression(pattern: "((a*)*b)") // BAD
+    let nsregex2 = try? NSRegularExpression(pattern: "((a*)*b)") // $ Alert
     _ = nsregex2?.stringByReplacingMatches(in: tainted, range: NSRange(location: 0, length: tainted.utf16.count), withTemplate: "")
 
     let nsregex3 = try? NSRegularExpression(pattern: ".*") // GOOD (safe regex)
diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref
index 115fef47e47e..62b791e5d6f7 100644
--- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-134/UncontrolledFormatString.ql
\ No newline at end of file
+query: queries/Security/CWE-134/UncontrolledFormatString.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
index 2e3b082c63ea..dd82c70ab683 100644
--- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
+++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
@@ -76,7 +76,7 @@ func vasprintf_l(_ ret: UnsafeMutablePointer<UnsafeMutablePointer<CChar>?>?, _ l
 
 func MyLog(_ format: String, _ args: CVarArg...) {
     withVaList(args) { arglist in
-        NSLogv(format, arglist) // BAD
+        NSLogv(format, arglist) // $ Alert
     }
 }
 
@@ -88,34 +88,34 @@ class MyString {
 }
 
 func tests() throws {
-    let tainted = try! String(contentsOf: URL(string: "http://example.com")!)
+    let tainted = try! String(contentsOf: URL(string: "http://example.com")!) // $ Source
 
     _ = String("abc") // GOOD: not a format string
     _ = String(tainted) // GOOD: not a format string
 
     _ = String(format: "abc") // GOOD: not tainted
-    _ = String(format: tainted) // BAD
+    _ = String(format: tainted) // $ Alert
     _ = String(format: "%s", "abc") // GOOD: not tainted
     _ = String(format: "%s", tainted) // GOOD: format string itself is not tainted
-    _ = String(format: tainted, "abc") // BAD
-    _ = String(format: tainted, tainted) // BAD
+    _ = String(format: tainted, "abc") // $ Alert
+    _ = String(format: tainted, tainted) // $ Alert
 
-    _ = String(format: tainted, arguments: []) // BAD
-    _ = String(format: tainted, locale: nil) // BAD
-    _ = String(format: tainted, locale: nil, arguments: []) // BAD
-    _ = String.localizedStringWithFormat(tainted) // BAD
+    _ = String(format: tainted, arguments: []) // $ Alert
+    _ = String(format: tainted, locale: nil) // $ Alert
+    _ = String(format: tainted, locale: nil, arguments: []) // $ Alert
+    _ = String.localizedStringWithFormat(tainted) // $ Alert
 
-    _ = NSString(format: NSString(string: tainted), "abc") // BAD
-    NSString.localizedStringWithFormat(NSString(string: tainted)) // BAD
+    _ = NSString(format: NSString(string: tainted), "abc") // $ Alert
+    NSString.localizedStringWithFormat(NSString(string: tainted)) // $ Alert
 
-    _ = NSMutableString(format: NSString(string: tainted), "abc") // BAD
-    NSMutableString.localizedStringWithFormat(NSString(string: tainted)) // BAD
+    _ = NSMutableString(format: NSString(string: tainted), "abc") // $ Alert
+    NSMutableString.localizedStringWithFormat(NSString(string: tainted)) // $ Alert
 
     NSLog("abc") // GOOD: not tainted
-    NSLog(tainted) // BAD
-    MyLog(tainted) // BAD
+    NSLog(tainted) // $ Alert
+    MyLog(tainted) // $ Alert
 
-    NSException.raise(NSExceptionName("exception"), format: tainted, arguments: getVaList([])) // BAD
+    NSException.raise(NSExceptionName("exception"), format: tainted, arguments: getVaList([])) // $ Alert
 
     let taintedVal = Int(tainted)!
     let taintedSan = "\(taintedVal)"
@@ -127,32 +127,32 @@ func tests() throws {
 
     _ = String("abc").appendingFormat("%s", "abc") // GOOD: not tainted
     _ = String("abc").appendingFormat("%s", tainted) // GOOD: format not tainted
-    _ = String("abc").appendingFormat(tainted, "abc") // BAD
+    _ = String("abc").appendingFormat(tainted, "abc") // $ Alert
     _ = String(tainted).appendingFormat("%s", "abc") // GOOD: format not tainted
 
     let s = NSMutableString(string: "foo")
     s.appendFormat(NSString(string: "%s"), "abc") // GOOD: not tainted
-    s.appendFormat(NSString(string: tainted), "abc") // BAD
+    s.appendFormat(NSString(string: tainted), "abc") // $ Alert
 
     _ = NSPredicate(format: tainted) // GOOD: this should be flagged by `swift/predicate-injection`, not `swift/uncontrolled-format-string`
 
     tainted.withCString({
         cstr in
-        _ = dprintf(0, cstr, "abc") // BAD
+        _ = dprintf(0, cstr, "abc") // $ Alert
         _ = dprintf(0, "%s", cstr) // GOOD: format not tainted
-        _ = vprintf(cstr, getVaList(["abc"])) // BAD
+        _ = vprintf(cstr, getVaList(["abc"])) // $ Alert
         _ = vprintf("%s", getVaList([cstr])) // GOOD: format not tainted
-        _ = vfprintf(nil, cstr, getVaList(["abc"])) // BAD
+        _ = vfprintf(nil, cstr, getVaList(["abc"])) // $ Alert
         _ = vfprintf(nil, "%s", getVaList([cstr])) // GOOD: format not tainted
-        _ = vasprintf_l(nil, nil, cstr, getVaList(["abc"])) // BAD
+        _ = vasprintf_l(nil, nil, cstr, getVaList(["abc"])) // $ Alert
         _ = vasprintf_l(nil, nil, "%s", getVaList([cstr])) // GOOD: format not tainted
     })
 
     myFormatMessage(string: tainted, "abc") // BAD [NOT DETECTED]
     myFormatMessage(string: "%s", tainted) // GOOD: format not tainted
 
-    _ = MyString(format: tainted, "abc") // BAD
+    _ = MyString(format: tainted, "abc") // $ Alert
     _ = MyString(format: "%s", tainted) // GOOD: format not tainted
-    _ = MyString(formatString: tainted, "abc") // BAD
+    _ = MyString(formatString: tainted, "abc") // $ Alert
     _ = MyString(formatString: "%s", tainted) // GOOD: format not tainted
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-259/ConstantPassword.qlref b/swift/ql/test/query-tests/Security/CWE-259/ConstantPassword.qlref
index 0613f1926315..57f452daecff 100644
--- a/swift/ql/test/query-tests/Security/CWE-259/ConstantPassword.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-259/ConstantPassword.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-259/ConstantPassword.ql
+query: queries/Security/CWE-259/ConstantPassword.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift b/swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift
index 6de5873c459e..b115bb6750b3 100644
--- a/swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift
+++ b/swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift
@@ -66,7 +66,7 @@ func test(cond: Bool) {
 	let myData = Data(0)
 
 	let myRandomPassword = getARandomPassword()
-	let myConstPassword = "abc123"
+	let myConstPassword = "abc123" // $ Source
 	let myMaybePassword = cond ? myRandomPassword : myConstPassword
 
 	// reasonable usage
@@ -74,11 +74,11 @@ func test(cond: Bool) {
 	let a = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myRandomPassword) // GOOD
 	let _ = try? myDecryptor.decryptData(a, withPassword: myRandomPassword) // GOOD
 
-	let b = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // BAD
-	let _ = try? myDecryptor.decryptData(b, withPassword: myConstPassword) // BAD
+	let b = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // $ Alert
+	let _ = try? myDecryptor.decryptData(b, withPassword: myConstPassword) // $ Alert
 
-	let c = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myMaybePassword) // BAD
-	let _ = try? myDecryptor.decryptData(c, withPassword: myMaybePassword) // BAD
+	let c = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myMaybePassword) // $ Alert
+	let _ = try? myDecryptor.decryptData(c, withPassword: myMaybePassword) // $ Alert
 
 	// all methods
 
@@ -88,22 +88,22 @@ func test(cond: Bool) {
 	let mySalt = Data(0)
 	let mySalt2 = Data(0)
 
-	let _ = myEncryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
-	let _ = myEncryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
-	let _ = myDecryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
-	let _ = myDecryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
+	let _ = myEncryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // $ Alert
+	let _ = myEncryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // $ Alert
+	let _ = myDecryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // $ Alert
+	let _ = myDecryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // $ Alert
 
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, handler: myHandler) // BAD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2, handler: myHandler) // BAD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2, handler: myHandler) // BAD
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, handler: myHandler) // $ Alert
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2, handler: myHandler) // $ Alert
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2, handler: myHandler) // $ Alert
 
-	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // BAD
-	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // BAD
-	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2) // BAD
-	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2) // BAD
+	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // $ Alert
+	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // $ Alert
+	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2) // $ Alert
+	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2) // $ Alert
 
-	let _ = RNDecryptor(password: myConstPassword, handler: myHandler) // BAD
+	let _ = RNDecryptor(password: myConstPassword, handler: myHandler) // $ Alert
 
-	let _ = try? myDecryptor.decryptData(myData, withPassword: myConstPassword) // BAD
-	let _ = try? myDecryptor.decryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // BAD
+	let _ = try? myDecryptor.decryptData(myData, withPassword: myConstPassword) // $ Alert
+	let _ = try? myDecryptor.decryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // $ Alert
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-259/test.swift b/swift/ql/test/query-tests/Security/CWE-259/test.swift
index 923c49bffbd3..da657b95b6af 100644
--- a/swift/ql/test/query-tests/Security/CWE-259/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-259/test.swift
@@ -26,7 +26,7 @@ final class Scrypt {
 
 // Helper functions
 func getConstantString() -> String {
-  "this string is constant"
+  "this string is constant" // $ Source
 }
 
 func getConstantArray() -> Array<UInt8> {
@@ -40,7 +40,7 @@ func getRandomArray() -> Array<UInt8> {
 // --- tests ---
 
 func test() {
-	let constantPassword: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05, 0xaf, 0x46, 0x58, 0x2d, 0x66, 0x52, 0x10, 0xae, 0x86, 0xd3, 0x8e, 0x8f]
+	let constantPassword: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05, 0xaf, 0x46, 0x58, 0x2d, 0x66, 0x52, 0x10, 0xae, 0x86, 0xd3, 0x8e, 0x8f] // $ Source
 	let constantStringPassword = getConstantArray()
 	let randomPassword = getRandomArray()
 	let randomArray = getRandomArray()
@@ -48,23 +48,23 @@ func test() {
 	let iterations = 120120
 
 	// HKDF test cases
-	let hkdfb1 = HKDF(password: constantPassword, salt: randomArray, info: randomArray, keyLength: 0, variant: variant) // BAD
-	let hkdfb2 = HKDF(password: constantStringPassword, salt: randomArray, info: randomArray, keyLength: 0, variant: variant) // BAD
+	let hkdfb1 = HKDF(password: constantPassword, salt: randomArray, info: randomArray, keyLength: 0, variant: variant) // $ Alert
+	let hkdfb2 = HKDF(password: constantStringPassword, salt: randomArray, info: randomArray, keyLength: 0, variant: variant) // $ Alert
 	let hkdfg1 = HKDF(password: randomPassword, salt: randomArray, info: randomArray, keyLength: 0, variant: variant) // GOOD
 
 	// PBKDF1 test cases
-	let pbkdf1b1 = PKCS5.PBKDF1(password: constantPassword, salt: randomArray, iterations: iterations, keyLength: 0) // BAD
-	let pbkdf1b2 = PKCS5.PBKDF1(password: constantStringPassword, salt: randomArray, iterations: iterations, keyLength: 0) // BAD
+	let pbkdf1b1 = PKCS5.PBKDF1(password: constantPassword, salt: randomArray, iterations: iterations, keyLength: 0) // $ Alert
+	let pbkdf1b2 = PKCS5.PBKDF1(password: constantStringPassword, salt: randomArray, iterations: iterations, keyLength: 0) // $ Alert
 	let pbkdf1g1 = PKCS5.PBKDF1(password: randomPassword, salt: randomArray, iterations: iterations, keyLength: 0) // GOOD
 
 
 	// PBKDF2 test cases
-	let pbkdf2b1 = PKCS5.PBKDF2(password: constantPassword, salt: randomArray, iterations: iterations, keyLength: 0) // BAD
-	let pbkdf2b2 = PKCS5.PBKDF2(password: constantStringPassword, salt: randomArray, iterations: iterations, keyLength: 0) // BAD
+	let pbkdf2b1 = PKCS5.PBKDF2(password: constantPassword, salt: randomArray, iterations: iterations, keyLength: 0) // $ Alert
+	let pbkdf2b2 = PKCS5.PBKDF2(password: constantStringPassword, salt: randomArray, iterations: iterations, keyLength: 0) // $ Alert
 	let pbkdf2g1 = PKCS5.PBKDF2(password: randomPassword, salt: randomArray, iterations: iterations, keyLength: 0) // GOOD
 
 	// Scrypt test cases
-	let scryptb1 = Scrypt(password: constantPassword, salt: randomArray, dkLen: 64, N: 16384, r: 8, p: 1) // BAD
-	let scryptb2 = Scrypt(password: constantStringPassword, salt: randomArray, dkLen: 64, N: 16384, r: 8, p: 1) // BAD
+	let scryptb1 = Scrypt(password: constantPassword, salt: randomArray, dkLen: 64, N: 16384, r: 8, p: 1) // $ Alert
+	let scryptb2 = Scrypt(password: constantStringPassword, salt: randomArray, dkLen: 64, N: 16384, r: 8, p: 1) // $ Alert
 	let scryptg1 = Scrypt(password: randomPassword, salt: randomArray, dkLen: 64, N: 16384, r: 8, p: 1) // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected
index 204e2486cc2f..e3517d648265 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected
+++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected
@@ -1,3 +1,143 @@
+#select
+| SQLite.swift:123:17:123:17 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:123:17:123:17 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:124:17:124:17 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:124:17:124:17 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:127:21:127:21 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:127:21:127:21 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:128:21:128:21 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:128:21:128:21 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:131:17:131:17 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:131:17:131:17 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:132:17:132:17 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:132:17:132:17 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:135:20:135:20 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:135:20:135:20 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:136:20:136:20 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:136:20:136:20 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:139:24:139:24 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:139:24:139:24 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:140:24:140:24 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:140:24:140:24 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:147:32:147:32 | [...] | SQLite.swift:147:32:147:32 | mobilePhoneNumber | SQLite.swift:147:32:147:32 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:147:32:147:32 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:148:28:148:28 | [...] | SQLite.swift:148:28:148:28 | mobilePhoneNumber | SQLite.swift:148:28:148:28 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:148:28:148:28 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:149:31:149:31 | [...] | SQLite.swift:149:31:149:31 | mobilePhoneNumber | SQLite.swift:149:31:149:31 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:149:31:149:31 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:152:21:152:21 | [...] | SQLite.swift:152:21:152:21 | mobilePhoneNumber | SQLite.swift:152:21:152:21 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:152:21:152:21 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:153:20:153:20 | [...] | SQLite.swift:153:20:153:20 | mobilePhoneNumber | SQLite.swift:153:20:153:20 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:153:20:153:20 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:154:23:154:23 | [...] | SQLite.swift:154:23:154:23 | mobilePhoneNumber | SQLite.swift:154:23:154:23 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:154:23:154:23 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:158:32:158:54 | [...] | SQLite.swift:158:33:158:33 | mobilePhoneNumber | SQLite.swift:158:32:158:54 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:158:33:158:33 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:159:28:159:50 | [...] | SQLite.swift:159:29:159:29 | mobilePhoneNumber | SQLite.swift:159:28:159:50 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:159:29:159:29 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:160:31:160:53 | [...] | SQLite.swift:160:32:160:32 | mobilePhoneNumber | SQLite.swift:160:31:160:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:160:32:160:32 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:163:21:163:43 | [...] | SQLite.swift:163:22:163:22 | mobilePhoneNumber | SQLite.swift:163:21:163:43 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:163:22:163:22 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:164:20:164:42 | [...] | SQLite.swift:164:21:164:21 | mobilePhoneNumber | SQLite.swift:164:20:164:42 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:164:21:164:21 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:165:23:165:45 | [...] | SQLite.swift:165:24:165:24 | mobilePhoneNumber | SQLite.swift:165:23:165:45 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:165:24:165:24 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:169:32:169:70 | [...] | SQLite.swift:169:53:169:53 | mobilePhoneNumber | SQLite.swift:169:32:169:70 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:169:53:169:53 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:170:28:170:66 | [...] | SQLite.swift:170:49:170:49 | mobilePhoneNumber | SQLite.swift:170:28:170:66 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:170:49:170:49 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:171:31:171:69 | [...] | SQLite.swift:171:52:171:52 | mobilePhoneNumber | SQLite.swift:171:31:171:69 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:171:52:171:52 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:174:21:174:59 | [...] | SQLite.swift:174:42:174:42 | mobilePhoneNumber | SQLite.swift:174:21:174:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:174:42:174:42 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:175:20:175:58 | [...] | SQLite.swift:175:41:175:41 | mobilePhoneNumber | SQLite.swift:175:20:175:58 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:175:41:175:41 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:176:23:176:61 | [...] | SQLite.swift:176:44:176:44 | mobilePhoneNumber | SQLite.swift:176:23:176:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:176:44:176:44 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:186:40:186:54 | [...] | SQLite.swift:186:54:186:54 | mobilePhoneNumber | SQLite.swift:186:40:186:54 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:186:54:186:54 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:189:26:189:40 | [...] | SQLite.swift:189:40:189:40 | mobilePhoneNumber | SQLite.swift:189:26:189:40 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:189:40:189:40 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:191:27:191:41 | [...] | SQLite.swift:191:41:191:41 | mobilePhoneNumber | SQLite.swift:191:27:191:41 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:191:41:191:41 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:193:26:193:89 | [...] | SQLite.swift:193:72:193:72 | mobilePhoneNumber | SQLite.swift:193:26:193:89 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:193:72:193:72 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:199:30:199:30 | badMany | SQLite.swift:197:32:197:32 | mobilePhoneNumber | SQLite.swift:199:30:199:30 | badMany | This operation stores 'badMany' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:197:32:197:32 | mobilePhoneNumber | mobilePhoneNumber |
+| SQLite.swift:201:54:201:54 | badMany | SQLite.swift:197:32:197:32 | mobilePhoneNumber | SQLite.swift:201:54:201:54 | badMany | This operation stores 'badMany' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:197:32:197:32 | mobilePhoneNumber | mobilePhoneNumber |
+| sqlite3_c_api.swift:46:27:46:27 | insertQuery | sqlite3_c_api.swift:42:69:42:69 | medicalNotes | sqlite3_c_api.swift:46:27:46:27 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:42:69:42:69 | medicalNotes | medicalNotes |
+| sqlite3_c_api.swift:47:27:47:27 | updateQuery | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:47:27:47:27 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | medicalNotes |
+| sqlite3_c_api.swift:58:36:58:36 | medicalNotes | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | This operation stores 'medicalNotes' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | medicalNotes |
+| testCoreData2.swift:37:2:37:2 | obj | testCoreData2.swift:37:16:37:16 | bankAccountNo | testCoreData2.swift:37:2:37:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:37:16:37:16 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:39:2:39:2 | obj | testCoreData2.swift:39:28:39:28 | bankAccountNo | testCoreData2.swift:39:2:39:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:39:28:39:28 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:41:2:41:2 | obj | testCoreData2.swift:41:29:41:29 | bankAccountNo | testCoreData2.swift:41:2:41:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:41:29:41:29 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:43:2:43:2 | obj | testCoreData2.swift:43:35:43:35 | bankAccountNo | testCoreData2.swift:43:2:43:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:43:35:43:35 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:46:2:46:10 | ...? | testCoreData2.swift:46:22:46:22 | bankAccountNo | testCoreData2.swift:46:2:46:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:46:22:46:22 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:48:2:48:10 | ...? | testCoreData2.swift:48:34:48:34 | bankAccountNo | testCoreData2.swift:48:2:48:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:48:34:48:34 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:50:2:50:10 | ...? | testCoreData2.swift:50:35:50:35 | bankAccountNo | testCoreData2.swift:50:2:50:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:50:35:50:35 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:52:2:52:10 | ...? | testCoreData2.swift:52:41:52:41 | bankAccountNo | testCoreData2.swift:52:2:52:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:52:41:52:41 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:57:3:57:3 | obj | testCoreData2.swift:57:29:57:29 | bankAccountNo | testCoreData2.swift:57:3:57:3 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:57:29:57:29 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:60:4:60:4 | obj | testCoreData2.swift:60:30:60:30 | bankAccountNo | testCoreData2.swift:60:4:60:4 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:60:30:60:30 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:62:4:62:4 | obj | testCoreData2.swift:62:30:62:30 | bankAccountNo | testCoreData2.swift:62:4:62:4 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:62:30:62:30 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:65:3:65:3 | obj | testCoreData2.swift:65:29:65:29 | bankAccountNo | testCoreData2.swift:65:3:65:3 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:65:29:65:29 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:79:2:79:2 | dbObj | testCoreData2.swift:79:18:79:28 | .bankAccountNo | testCoreData2.swift:79:2:79:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:79:18:79:28 | .bankAccountNo | .bankAccountNo |
+| testCoreData2.swift:80:2:80:2 | dbObj | testCoreData2.swift:80:18:80:28 | .bankAccountNo2 | testCoreData2.swift:80:2:80:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:80:18:80:28 | .bankAccountNo2 | .bankAccountNo2 |
+| testCoreData2.swift:82:2:82:2 | dbObj | testCoreData2.swift:82:18:82:18 | bankAccountNo | testCoreData2.swift:82:2:82:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:82:18:82:18 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:83:2:83:2 | dbObj | testCoreData2.swift:83:18:83:18 | bankAccountNo | testCoreData2.swift:83:2:83:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:83:18:83:18 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:84:2:84:2 | dbObj | testCoreData2.swift:84:18:84:18 | bankAccountNo2 | testCoreData2.swift:84:2:84:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:84:18:84:18 | bankAccountNo2 | bankAccountNo2 |
+| testCoreData2.swift:85:2:85:2 | dbObj | testCoreData2.swift:85:18:85:18 | bankAccountNo2 | testCoreData2.swift:85:2:85:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:85:18:85:18 | bankAccountNo2 | bankAccountNo2 |
+| testCoreData2.swift:87:2:87:10 | ...? | testCoreData2.swift:87:22:87:32 | .bankAccountNo | testCoreData2.swift:87:2:87:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:87:22:87:32 | .bankAccountNo | .bankAccountNo |
+| testCoreData2.swift:88:2:88:10 | ...? | testCoreData2.swift:88:22:88:22 | bankAccountNo | testCoreData2.swift:88:2:88:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:88:22:88:22 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:89:2:89:10 | ...? | testCoreData2.swift:89:22:89:22 | bankAccountNo2 | testCoreData2.swift:89:2:89:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:89:22:89:22 | bankAccountNo2 | bankAccountNo2 |
+| testCoreData2.swift:93:2:93:2 | dbObj | testCoreData2.swift:91:10:91:10 | bankAccountNo | testCoreData2.swift:93:2:93:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:91:10:91:10 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:98:2:98:2 | dbObj | testCoreData2.swift:95:10:95:10 | bankAccountNo | testCoreData2.swift:98:2:98:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:95:10:95:10 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:104:2:104:2 | dbObj | testCoreData2.swift:101:10:101:10 | bankAccountNo | testCoreData2.swift:104:2:104:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:101:10:101:10 | bankAccountNo | bankAccountNo |
+| testCoreData2.swift:105:2:105:2 | dbObj | testCoreData2.swift:101:10:101:10 | bankAccountNo | testCoreData2.swift:105:2:105:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:101:10:101:10 | bankAccountNo | bankAccountNo |
+| testCoreData.swift:19:12:19:12 | value | testCoreData.swift:61:25:61:25 | password | testCoreData.swift:19:12:19:12 | value | This operation stores 'value' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:61:25:61:25 | password | password |
+| testCoreData.swift:32:13:32:13 | newValue | testCoreData.swift:64:16:64:16 | password | testCoreData.swift:32:13:32:13 | newValue | This operation stores 'newValue' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:64:16:64:16 | password | password |
+| testCoreData.swift:48:15:48:15 | password | testCoreData.swift:48:15:48:15 | password | testCoreData.swift:48:15:48:15 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:48:15:48:15 | password | password |
+| testCoreData.swift:51:24:51:24 | password | testCoreData.swift:51:24:51:24 | password | testCoreData.swift:51:24:51:24 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:51:24:51:24 | password | password |
+| testCoreData.swift:58:15:58:15 | password | testCoreData.swift:58:15:58:15 | password | testCoreData.swift:58:15:58:15 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:58:15:58:15 | password | password |
+| testCoreData.swift:64:2:64:2 | obj | testCoreData.swift:64:16:64:16 | password | testCoreData.swift:64:2:64:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:64:16:64:16 | password | password |
+| testCoreData.swift:78:15:78:15 | x | testCoreData.swift:77:24:77:24 | x | testCoreData.swift:78:15:78:15 | x | This operation stores 'x' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:77:24:77:24 | x | x |
+| testCoreData.swift:81:15:81:15 | y | testCoreData.swift:80:10:80:22 | call to getPassword() | testCoreData.swift:81:15:81:15 | y | This operation stores 'y' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:80:10:80:22 | call to getPassword() | call to getPassword() |
+| testCoreData.swift:85:15:85:17 | .password | testCoreData.swift:85:15:85:17 | .password | testCoreData.swift:85:15:85:17 | .password | This operation stores '.password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:85:15:85:17 | .password | .password |
+| testCoreData.swift:95:15:95:15 | x | testCoreData.swift:91:10:91:10 | passwd | testCoreData.swift:95:15:95:15 | x | This operation stores 'x' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:91:10:91:10 | passwd | passwd |
+| testCoreData.swift:96:15:96:15 | y | testCoreData.swift:92:10:92:10 | passwd | testCoreData.swift:96:15:96:15 | y | This operation stores 'y' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:92:10:92:10 | passwd | passwd |
+| testCoreData.swift:97:15:97:15 | z | testCoreData.swift:93:10:93:10 | passwd | testCoreData.swift:97:15:97:15 | z | This operation stores 'z' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:93:10:93:10 | passwd | passwd |
+| testCoreData.swift:128:15:128:33 | call to generateSecretKey() | testCoreData.swift:128:15:128:33 | call to generateSecretKey() | testCoreData.swift:128:15:128:33 | call to generateSecretKey() | This operation stores 'call to generateSecretKey()' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:128:15:128:33 | call to generateSecretKey() | call to generateSecretKey() |
+| testCoreData.swift:129:15:129:30 | call to getCertificate() | testCoreData.swift:129:15:129:30 | call to getCertificate() | testCoreData.swift:129:15:129:30 | call to getCertificate() | This operation stores 'call to getCertificate()' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:129:15:129:30 | call to getCertificate() | call to getCertificate() |
+| testGRDB.swift:73:56:73:65 | [...] | testGRDB.swift:73:57:73:57 | password | testGRDB.swift:73:56:73:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:73:57:73:57 | password | password |
+| testGRDB.swift:76:42:76:51 | [...] | testGRDB.swift:76:43:76:43 | password | testGRDB.swift:76:42:76:51 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:76:43:76:43 | password | password |
+| testGRDB.swift:81:44:81:53 | [...] | testGRDB.swift:81:45:81:45 | password | testGRDB.swift:81:44:81:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:81:45:81:45 | password | password |
+| testGRDB.swift:83:44:83:53 | [...] | testGRDB.swift:83:45:83:45 | password | testGRDB.swift:83:44:83:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:83:45:83:45 | password | password |
+| testGRDB.swift:85:44:85:53 | [...] | testGRDB.swift:85:45:85:45 | password | testGRDB.swift:85:44:85:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:85:45:85:45 | password | password |
+| testGRDB.swift:87:44:87:53 | [...] | testGRDB.swift:87:45:87:45 | password | testGRDB.swift:87:44:87:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:87:45:87:45 | password | password |
+| testGRDB.swift:92:37:92:46 | [...] | testGRDB.swift:92:38:92:38 | password | testGRDB.swift:92:37:92:46 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:92:38:92:38 | password | password |
+| testGRDB.swift:95:36:95:45 | [...] | testGRDB.swift:95:37:95:37 | password | testGRDB.swift:95:36:95:45 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:95:37:95:37 | password | password |
+| testGRDB.swift:100:72:100:81 | [...] | testGRDB.swift:100:73:100:73 | password | testGRDB.swift:100:72:100:81 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:100:73:100:73 | password | password |
+| testGRDB.swift:101:72:101:81 | [...] | testGRDB.swift:101:73:101:73 | password | testGRDB.swift:101:72:101:81 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:101:73:101:73 | password | password |
+| testGRDB.swift:107:52:107:61 | [...] | testGRDB.swift:107:53:107:53 | password | testGRDB.swift:107:52:107:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:107:53:107:53 | password | password |
+| testGRDB.swift:109:52:109:61 | [...] | testGRDB.swift:109:53:109:53 | password | testGRDB.swift:109:52:109:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:109:53:109:53 | password | password |
+| testGRDB.swift:111:51:111:60 | [...] | testGRDB.swift:111:52:111:52 | password | testGRDB.swift:111:51:111:60 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:111:52:111:52 | password | password |
+| testGRDB.swift:116:47:116:56 | [...] | testGRDB.swift:116:48:116:48 | password | testGRDB.swift:116:47:116:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:116:48:116:48 | password | password |
+| testGRDB.swift:118:47:118:56 | [...] | testGRDB.swift:118:48:118:48 | password | testGRDB.swift:118:47:118:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:118:48:118:48 | password | password |
+| testGRDB.swift:121:44:121:53 | [...] | testGRDB.swift:121:45:121:45 | password | testGRDB.swift:121:44:121:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:121:45:121:45 | password | password |
+| testGRDB.swift:123:44:123:53 | [...] | testGRDB.swift:123:45:123:45 | password | testGRDB.swift:123:44:123:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:123:45:123:45 | password | password |
+| testGRDB.swift:126:44:126:53 | [...] | testGRDB.swift:126:45:126:45 | password | testGRDB.swift:126:44:126:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:126:45:126:45 | password | password |
+| testGRDB.swift:128:44:128:53 | [...] | testGRDB.swift:128:45:128:45 | password | testGRDB.swift:128:44:128:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:128:45:128:45 | password | password |
+| testGRDB.swift:131:44:131:53 | [...] | testGRDB.swift:131:45:131:45 | password | testGRDB.swift:131:44:131:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:131:45:131:45 | password | password |
+| testGRDB.swift:133:44:133:53 | [...] | testGRDB.swift:133:45:133:45 | password | testGRDB.swift:133:44:133:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:133:45:133:45 | password | password |
+| testGRDB.swift:138:68:138:77 | [...] | testGRDB.swift:138:69:138:69 | password | testGRDB.swift:138:68:138:77 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:138:69:138:69 | password | password |
+| testGRDB.swift:140:68:140:77 | [...] | testGRDB.swift:140:69:140:69 | password | testGRDB.swift:140:68:140:77 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:140:69:140:69 | password | password |
+| testGRDB.swift:143:65:143:74 | [...] | testGRDB.swift:143:66:143:66 | password | testGRDB.swift:143:65:143:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:143:66:143:66 | password | password |
+| testGRDB.swift:145:65:145:74 | [...] | testGRDB.swift:145:66:145:66 | password | testGRDB.swift:145:65:145:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:145:66:145:66 | password | password |
+| testGRDB.swift:148:65:148:74 | [...] | testGRDB.swift:148:66:148:66 | password | testGRDB.swift:148:65:148:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:148:66:148:66 | password | password |
+| testGRDB.swift:150:65:150:74 | [...] | testGRDB.swift:150:66:150:66 | password | testGRDB.swift:150:65:150:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:150:66:150:66 | password | password |
+| testGRDB.swift:153:65:153:74 | [...] | testGRDB.swift:153:66:153:66 | password | testGRDB.swift:153:65:153:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:153:66:153:66 | password | password |
+| testGRDB.swift:155:65:155:74 | [...] | testGRDB.swift:155:66:155:66 | password | testGRDB.swift:155:65:155:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:155:66:155:66 | password | password |
+| testGRDB.swift:160:59:160:68 | [...] | testGRDB.swift:160:60:160:60 | password | testGRDB.swift:160:59:160:68 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:160:60:160:60 | password | password |
+| testGRDB.swift:161:50:161:59 | [...] | testGRDB.swift:161:51:161:51 | password | testGRDB.swift:161:50:161:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:161:51:161:51 | password | password |
+| testGRDB.swift:164:59:164:68 | [...] | testGRDB.swift:164:60:164:60 | password | testGRDB.swift:164:59:164:68 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:164:60:164:60 | password | password |
+| testGRDB.swift:165:50:165:59 | [...] | testGRDB.swift:165:51:165:51 | password | testGRDB.swift:165:50:165:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:165:51:165:51 | password | password |
+| testGRDB.swift:169:56:169:65 | [...] | testGRDB.swift:169:57:169:57 | password | testGRDB.swift:169:56:169:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:169:57:169:57 | password | password |
+| testGRDB.swift:170:47:170:56 | [...] | testGRDB.swift:170:48:170:48 | password | testGRDB.swift:170:47:170:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:170:48:170:48 | password | password |
+| testGRDB.swift:173:56:173:65 | [...] | testGRDB.swift:173:57:173:57 | password | testGRDB.swift:173:56:173:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:173:57:173:57 | password | password |
+| testGRDB.swift:174:47:174:56 | [...] | testGRDB.swift:174:48:174:48 | password | testGRDB.swift:174:47:174:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:174:48:174:48 | password | password |
+| testGRDB.swift:178:56:178:65 | [...] | testGRDB.swift:178:57:178:57 | password | testGRDB.swift:178:56:178:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:178:57:178:57 | password | password |
+| testGRDB.swift:179:47:179:56 | [...] | testGRDB.swift:179:48:179:48 | password | testGRDB.swift:179:47:179:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:179:48:179:48 | password | password |
+| testGRDB.swift:182:56:182:65 | [...] | testGRDB.swift:182:57:182:57 | password | testGRDB.swift:182:56:182:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:182:57:182:57 | password | password |
+| testGRDB.swift:183:47:183:56 | [...] | testGRDB.swift:183:48:183:48 | password | testGRDB.swift:183:47:183:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:183:48:183:48 | password | password |
+| testGRDB.swift:187:56:187:65 | [...] | testGRDB.swift:187:57:187:57 | password | testGRDB.swift:187:56:187:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:187:57:187:57 | password | password |
+| testGRDB.swift:188:47:188:56 | [...] | testGRDB.swift:188:48:188:48 | password | testGRDB.swift:188:47:188:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:188:48:188:48 | password | password |
+| testGRDB.swift:191:56:191:65 | [...] | testGRDB.swift:191:57:191:57 | password | testGRDB.swift:191:56:191:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:191:57:191:57 | password | password |
+| testGRDB.swift:192:47:192:56 | [...] | testGRDB.swift:192:48:192:48 | password | testGRDB.swift:192:47:192:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:192:48:192:48 | password | password |
+| testGRDB.swift:198:29:198:38 | [...] | testGRDB.swift:198:30:198:30 | password | testGRDB.swift:198:29:198:38 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:198:30:198:30 | password | password |
+| testGRDB.swift:201:23:201:32 | [...] | testGRDB.swift:201:24:201:24 | password | testGRDB.swift:201:23:201:32 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:201:24:201:24 | password | password |
+| testGRDB.swift:206:66:206:75 | [...] | testGRDB.swift:206:67:206:67 | password | testGRDB.swift:206:66:206:75 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:206:67:206:67 | password | password |
+| testGRDB.swift:208:80:208:89 | [...] | testGRDB.swift:208:81:208:81 | password | testGRDB.swift:208:80:208:89 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:208:81:208:81 | password | password |
+| testGRDB.swift:210:84:210:93 | [...] | testGRDB.swift:210:85:210:85 | password | testGRDB.swift:210:84:210:93 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:210:85:210:85 | password | password |
+| testGRDB.swift:212:98:212:107 | [...] | testGRDB.swift:212:99:212:99 | password | testGRDB.swift:212:98:212:107 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:212:99:212:99 | password | password |
+| testRealm2.swift:18:2:18:2 | o | testRealm2.swift:18:11:18:11 | myPassword | testRealm2.swift:18:2:18:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:18:11:18:11 | myPassword | myPassword |
+| testRealm2.swift:24:2:24:2 | o | testRealm2.swift:24:11:24:11 | socialSecurityNumber | testRealm2.swift:24:2:24:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:24:11:24:11 | socialSecurityNumber | socialSecurityNumber |
+| testRealm2.swift:25:2:25:2 | o | testRealm2.swift:25:11:25:11 | ssn | testRealm2.swift:25:2:25:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:25:11:25:11 | ssn | ssn |
+| testRealm2.swift:26:2:26:2 | o | testRealm2.swift:26:18:26:18 | ssn_int | testRealm2.swift:26:2:26:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:26:18:26:18 | ssn_int | ssn_int |
+| testRealm2.swift:32:2:32:2 | o | testRealm2.swift:32:11:32:11 | creditCardNumber | testRealm2.swift:32:2:32:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:32:11:32:11 | creditCardNumber | creditCardNumber |
+| testRealm2.swift:33:2:33:2 | o | testRealm2.swift:33:11:33:11 | CCN | testRealm2.swift:33:2:33:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:33:11:33:11 | CCN | CCN |
+| testRealm2.swift:34:2:34:2 | o | testRealm2.swift:34:18:34:18 | int_ccn | testRealm2.swift:34:2:34:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:34:18:34:18 | int_ccn | int_ccn |
+| testRealm.swift:41:2:41:2 | a | testRealm.swift:41:11:41:11 | myPassword | testRealm.swift:41:2:41:2 | [post] a | This operation stores 'a' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:41:11:41:11 | myPassword | myPassword |
+| testRealm.swift:49:2:49:2 | c | testRealm.swift:49:11:49:11 | myPassword | testRealm.swift:49:2:49:2 | [post] c | This operation stores 'c' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:49:11:49:11 | myPassword | myPassword |
+| testRealm.swift:59:2:59:3 | ...! | testRealm.swift:59:12:59:12 | myPassword | testRealm.swift:59:2:59:3 | [post] ...! | This operation stores '...!' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:59:12:59:12 | myPassword | myPassword |
+| testRealm.swift:66:2:66:2 | g | testRealm.swift:66:11:66:11 | myPassword | testRealm.swift:66:2:66:2 | [post] g | This operation stores 'g' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:66:11:66:11 | myPassword | myPassword |
+| testRealm.swift:73:2:73:2 | h | testRealm.swift:73:15:73:15 | myPassword | testRealm.swift:73:2:73:2 | [post] h | This operation stores 'h' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:73:15:73:15 | myPassword | myPassword |
 edges
 | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:123:17:123:17 | insertQuery | provenance |  |
 | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:127:21:127:21 | insertQuery | provenance |  |
@@ -622,143 +762,3 @@ subpaths
 | testRealm.swift:59:12:59:12 | myPassword | testRealm.swift:27:6:27:6 | value | testRealm.swift:27:6:27:6 | self [Return] [data] | testRealm.swift:59:2:59:3 | [post] ...! |
 | testRealm.swift:66:11:66:11 | myPassword | testRealm.swift:27:6:27:6 | value | testRealm.swift:27:6:27:6 | self [Return] [data] | testRealm.swift:66:2:66:2 | [post] g |
 | testRealm.swift:73:15:73:15 | myPassword | testRealm.swift:34:6:34:6 | value | testRealm.swift:34:6:34:6 | self [Return] [password] | testRealm.swift:73:2:73:2 | [post] h |
-#select
-| SQLite.swift:123:17:123:17 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:123:17:123:17 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:124:17:124:17 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:124:17:124:17 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:127:21:127:21 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:127:21:127:21 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:128:21:128:21 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:128:21:128:21 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:131:17:131:17 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:131:17:131:17 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:132:17:132:17 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:132:17:132:17 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:135:20:135:20 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:135:20:135:20 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:136:20:136:20 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:136:20:136:20 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:139:24:139:24 | insertQuery | SQLite.swift:119:70:119:70 | mobilePhoneNumber | SQLite.swift:139:24:139:24 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:119:70:119:70 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:140:24:140:24 | updateQuery | SQLite.swift:120:50:120:50 | mobilePhoneNumber | SQLite.swift:140:24:140:24 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:120:50:120:50 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:147:32:147:32 | [...] | SQLite.swift:147:32:147:32 | mobilePhoneNumber | SQLite.swift:147:32:147:32 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:147:32:147:32 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:148:28:148:28 | [...] | SQLite.swift:148:28:148:28 | mobilePhoneNumber | SQLite.swift:148:28:148:28 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:148:28:148:28 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:149:31:149:31 | [...] | SQLite.swift:149:31:149:31 | mobilePhoneNumber | SQLite.swift:149:31:149:31 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:149:31:149:31 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:152:21:152:21 | [...] | SQLite.swift:152:21:152:21 | mobilePhoneNumber | SQLite.swift:152:21:152:21 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:152:21:152:21 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:153:20:153:20 | [...] | SQLite.swift:153:20:153:20 | mobilePhoneNumber | SQLite.swift:153:20:153:20 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:153:20:153:20 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:154:23:154:23 | [...] | SQLite.swift:154:23:154:23 | mobilePhoneNumber | SQLite.swift:154:23:154:23 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:154:23:154:23 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:158:32:158:54 | [...] | SQLite.swift:158:33:158:33 | mobilePhoneNumber | SQLite.swift:158:32:158:54 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:158:33:158:33 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:159:28:159:50 | [...] | SQLite.swift:159:29:159:29 | mobilePhoneNumber | SQLite.swift:159:28:159:50 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:159:29:159:29 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:160:31:160:53 | [...] | SQLite.swift:160:32:160:32 | mobilePhoneNumber | SQLite.swift:160:31:160:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:160:32:160:32 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:163:21:163:43 | [...] | SQLite.swift:163:22:163:22 | mobilePhoneNumber | SQLite.swift:163:21:163:43 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:163:22:163:22 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:164:20:164:42 | [...] | SQLite.swift:164:21:164:21 | mobilePhoneNumber | SQLite.swift:164:20:164:42 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:164:21:164:21 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:165:23:165:45 | [...] | SQLite.swift:165:24:165:24 | mobilePhoneNumber | SQLite.swift:165:23:165:45 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:165:24:165:24 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:169:32:169:70 | [...] | SQLite.swift:169:53:169:53 | mobilePhoneNumber | SQLite.swift:169:32:169:70 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:169:53:169:53 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:170:28:170:66 | [...] | SQLite.swift:170:49:170:49 | mobilePhoneNumber | SQLite.swift:170:28:170:66 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:170:49:170:49 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:171:31:171:69 | [...] | SQLite.swift:171:52:171:52 | mobilePhoneNumber | SQLite.swift:171:31:171:69 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:171:52:171:52 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:174:21:174:59 | [...] | SQLite.swift:174:42:174:42 | mobilePhoneNumber | SQLite.swift:174:21:174:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:174:42:174:42 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:175:20:175:58 | [...] | SQLite.swift:175:41:175:41 | mobilePhoneNumber | SQLite.swift:175:20:175:58 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:175:41:175:41 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:176:23:176:61 | [...] | SQLite.swift:176:44:176:44 | mobilePhoneNumber | SQLite.swift:176:23:176:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:176:44:176:44 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:186:40:186:54 | [...] | SQLite.swift:186:54:186:54 | mobilePhoneNumber | SQLite.swift:186:40:186:54 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:186:54:186:54 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:189:26:189:40 | [...] | SQLite.swift:189:40:189:40 | mobilePhoneNumber | SQLite.swift:189:26:189:40 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:189:40:189:40 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:191:27:191:41 | [...] | SQLite.swift:191:41:191:41 | mobilePhoneNumber | SQLite.swift:191:27:191:41 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:191:41:191:41 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:193:26:193:89 | [...] | SQLite.swift:193:72:193:72 | mobilePhoneNumber | SQLite.swift:193:26:193:89 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:193:72:193:72 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:199:30:199:30 | badMany | SQLite.swift:197:32:197:32 | mobilePhoneNumber | SQLite.swift:199:30:199:30 | badMany | This operation stores 'badMany' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:197:32:197:32 | mobilePhoneNumber | mobilePhoneNumber |
-| SQLite.swift:201:54:201:54 | badMany | SQLite.swift:197:32:197:32 | mobilePhoneNumber | SQLite.swift:201:54:201:54 | badMany | This operation stores 'badMany' in a database. It may contain unencrypted sensitive data from $@. | SQLite.swift:197:32:197:32 | mobilePhoneNumber | mobilePhoneNumber |
-| sqlite3_c_api.swift:46:27:46:27 | insertQuery | sqlite3_c_api.swift:42:69:42:69 | medicalNotes | sqlite3_c_api.swift:46:27:46:27 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:42:69:42:69 | medicalNotes | medicalNotes |
-| sqlite3_c_api.swift:47:27:47:27 | updateQuery | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:47:27:47:27 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | medicalNotes |
-| sqlite3_c_api.swift:58:36:58:36 | medicalNotes | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | This operation stores 'medicalNotes' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | medicalNotes |
-| testCoreData2.swift:37:2:37:2 | obj | testCoreData2.swift:37:16:37:16 | bankAccountNo | testCoreData2.swift:37:2:37:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:37:16:37:16 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:39:2:39:2 | obj | testCoreData2.swift:39:28:39:28 | bankAccountNo | testCoreData2.swift:39:2:39:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:39:28:39:28 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:41:2:41:2 | obj | testCoreData2.swift:41:29:41:29 | bankAccountNo | testCoreData2.swift:41:2:41:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:41:29:41:29 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:43:2:43:2 | obj | testCoreData2.swift:43:35:43:35 | bankAccountNo | testCoreData2.swift:43:2:43:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:43:35:43:35 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:46:2:46:10 | ...? | testCoreData2.swift:46:22:46:22 | bankAccountNo | testCoreData2.swift:46:2:46:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:46:22:46:22 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:48:2:48:10 | ...? | testCoreData2.swift:48:34:48:34 | bankAccountNo | testCoreData2.swift:48:2:48:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:48:34:48:34 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:50:2:50:10 | ...? | testCoreData2.swift:50:35:50:35 | bankAccountNo | testCoreData2.swift:50:2:50:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:50:35:50:35 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:52:2:52:10 | ...? | testCoreData2.swift:52:41:52:41 | bankAccountNo | testCoreData2.swift:52:2:52:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:52:41:52:41 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:57:3:57:3 | obj | testCoreData2.swift:57:29:57:29 | bankAccountNo | testCoreData2.swift:57:3:57:3 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:57:29:57:29 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:60:4:60:4 | obj | testCoreData2.swift:60:30:60:30 | bankAccountNo | testCoreData2.swift:60:4:60:4 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:60:30:60:30 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:62:4:62:4 | obj | testCoreData2.swift:62:30:62:30 | bankAccountNo | testCoreData2.swift:62:4:62:4 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:62:30:62:30 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:65:3:65:3 | obj | testCoreData2.swift:65:29:65:29 | bankAccountNo | testCoreData2.swift:65:3:65:3 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:65:29:65:29 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:79:2:79:2 | dbObj | testCoreData2.swift:79:18:79:28 | .bankAccountNo | testCoreData2.swift:79:2:79:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:79:18:79:28 | .bankAccountNo | .bankAccountNo |
-| testCoreData2.swift:80:2:80:2 | dbObj | testCoreData2.swift:80:18:80:28 | .bankAccountNo2 | testCoreData2.swift:80:2:80:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:80:18:80:28 | .bankAccountNo2 | .bankAccountNo2 |
-| testCoreData2.swift:82:2:82:2 | dbObj | testCoreData2.swift:82:18:82:18 | bankAccountNo | testCoreData2.swift:82:2:82:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:82:18:82:18 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:83:2:83:2 | dbObj | testCoreData2.swift:83:18:83:18 | bankAccountNo | testCoreData2.swift:83:2:83:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:83:18:83:18 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:84:2:84:2 | dbObj | testCoreData2.swift:84:18:84:18 | bankAccountNo2 | testCoreData2.swift:84:2:84:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:84:18:84:18 | bankAccountNo2 | bankAccountNo2 |
-| testCoreData2.swift:85:2:85:2 | dbObj | testCoreData2.swift:85:18:85:18 | bankAccountNo2 | testCoreData2.swift:85:2:85:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:85:18:85:18 | bankAccountNo2 | bankAccountNo2 |
-| testCoreData2.swift:87:2:87:10 | ...? | testCoreData2.swift:87:22:87:32 | .bankAccountNo | testCoreData2.swift:87:2:87:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:87:22:87:32 | .bankAccountNo | .bankAccountNo |
-| testCoreData2.swift:88:2:88:10 | ...? | testCoreData2.swift:88:22:88:22 | bankAccountNo | testCoreData2.swift:88:2:88:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:88:22:88:22 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:89:2:89:10 | ...? | testCoreData2.swift:89:22:89:22 | bankAccountNo2 | testCoreData2.swift:89:2:89:10 | [post] ...? | This operation stores '...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:89:22:89:22 | bankAccountNo2 | bankAccountNo2 |
-| testCoreData2.swift:93:2:93:2 | dbObj | testCoreData2.swift:91:10:91:10 | bankAccountNo | testCoreData2.swift:93:2:93:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:91:10:91:10 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:98:2:98:2 | dbObj | testCoreData2.swift:95:10:95:10 | bankAccountNo | testCoreData2.swift:98:2:98:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:95:10:95:10 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:104:2:104:2 | dbObj | testCoreData2.swift:101:10:101:10 | bankAccountNo | testCoreData2.swift:104:2:104:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:101:10:101:10 | bankAccountNo | bankAccountNo |
-| testCoreData2.swift:105:2:105:2 | dbObj | testCoreData2.swift:101:10:101:10 | bankAccountNo | testCoreData2.swift:105:2:105:2 | [post] dbObj | This operation stores 'dbObj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:101:10:101:10 | bankAccountNo | bankAccountNo |
-| testCoreData.swift:19:12:19:12 | value | testCoreData.swift:61:25:61:25 | password | testCoreData.swift:19:12:19:12 | value | This operation stores 'value' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:61:25:61:25 | password | password |
-| testCoreData.swift:32:13:32:13 | newValue | testCoreData.swift:64:16:64:16 | password | testCoreData.swift:32:13:32:13 | newValue | This operation stores 'newValue' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:64:16:64:16 | password | password |
-| testCoreData.swift:48:15:48:15 | password | testCoreData.swift:48:15:48:15 | password | testCoreData.swift:48:15:48:15 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:48:15:48:15 | password | password |
-| testCoreData.swift:51:24:51:24 | password | testCoreData.swift:51:24:51:24 | password | testCoreData.swift:51:24:51:24 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:51:24:51:24 | password | password |
-| testCoreData.swift:58:15:58:15 | password | testCoreData.swift:58:15:58:15 | password | testCoreData.swift:58:15:58:15 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:58:15:58:15 | password | password |
-| testCoreData.swift:64:2:64:2 | obj | testCoreData.swift:64:16:64:16 | password | testCoreData.swift:64:2:64:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:64:16:64:16 | password | password |
-| testCoreData.swift:78:15:78:15 | x | testCoreData.swift:77:24:77:24 | x | testCoreData.swift:78:15:78:15 | x | This operation stores 'x' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:77:24:77:24 | x | x |
-| testCoreData.swift:81:15:81:15 | y | testCoreData.swift:80:10:80:22 | call to getPassword() | testCoreData.swift:81:15:81:15 | y | This operation stores 'y' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:80:10:80:22 | call to getPassword() | call to getPassword() |
-| testCoreData.swift:85:15:85:17 | .password | testCoreData.swift:85:15:85:17 | .password | testCoreData.swift:85:15:85:17 | .password | This operation stores '.password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:85:15:85:17 | .password | .password |
-| testCoreData.swift:95:15:95:15 | x | testCoreData.swift:91:10:91:10 | passwd | testCoreData.swift:95:15:95:15 | x | This operation stores 'x' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:91:10:91:10 | passwd | passwd |
-| testCoreData.swift:96:15:96:15 | y | testCoreData.swift:92:10:92:10 | passwd | testCoreData.swift:96:15:96:15 | y | This operation stores 'y' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:92:10:92:10 | passwd | passwd |
-| testCoreData.swift:97:15:97:15 | z | testCoreData.swift:93:10:93:10 | passwd | testCoreData.swift:97:15:97:15 | z | This operation stores 'z' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:93:10:93:10 | passwd | passwd |
-| testCoreData.swift:128:15:128:33 | call to generateSecretKey() | testCoreData.swift:128:15:128:33 | call to generateSecretKey() | testCoreData.swift:128:15:128:33 | call to generateSecretKey() | This operation stores 'call to generateSecretKey()' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:128:15:128:33 | call to generateSecretKey() | call to generateSecretKey() |
-| testCoreData.swift:129:15:129:30 | call to getCertificate() | testCoreData.swift:129:15:129:30 | call to getCertificate() | testCoreData.swift:129:15:129:30 | call to getCertificate() | This operation stores 'call to getCertificate()' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:129:15:129:30 | call to getCertificate() | call to getCertificate() |
-| testGRDB.swift:73:56:73:65 | [...] | testGRDB.swift:73:57:73:57 | password | testGRDB.swift:73:56:73:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:73:57:73:57 | password | password |
-| testGRDB.swift:76:42:76:51 | [...] | testGRDB.swift:76:43:76:43 | password | testGRDB.swift:76:42:76:51 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:76:43:76:43 | password | password |
-| testGRDB.swift:81:44:81:53 | [...] | testGRDB.swift:81:45:81:45 | password | testGRDB.swift:81:44:81:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:81:45:81:45 | password | password |
-| testGRDB.swift:83:44:83:53 | [...] | testGRDB.swift:83:45:83:45 | password | testGRDB.swift:83:44:83:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:83:45:83:45 | password | password |
-| testGRDB.swift:85:44:85:53 | [...] | testGRDB.swift:85:45:85:45 | password | testGRDB.swift:85:44:85:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:85:45:85:45 | password | password |
-| testGRDB.swift:87:44:87:53 | [...] | testGRDB.swift:87:45:87:45 | password | testGRDB.swift:87:44:87:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:87:45:87:45 | password | password |
-| testGRDB.swift:92:37:92:46 | [...] | testGRDB.swift:92:38:92:38 | password | testGRDB.swift:92:37:92:46 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:92:38:92:38 | password | password |
-| testGRDB.swift:95:36:95:45 | [...] | testGRDB.swift:95:37:95:37 | password | testGRDB.swift:95:36:95:45 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:95:37:95:37 | password | password |
-| testGRDB.swift:100:72:100:81 | [...] | testGRDB.swift:100:73:100:73 | password | testGRDB.swift:100:72:100:81 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:100:73:100:73 | password | password |
-| testGRDB.swift:101:72:101:81 | [...] | testGRDB.swift:101:73:101:73 | password | testGRDB.swift:101:72:101:81 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:101:73:101:73 | password | password |
-| testGRDB.swift:107:52:107:61 | [...] | testGRDB.swift:107:53:107:53 | password | testGRDB.swift:107:52:107:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:107:53:107:53 | password | password |
-| testGRDB.swift:109:52:109:61 | [...] | testGRDB.swift:109:53:109:53 | password | testGRDB.swift:109:52:109:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:109:53:109:53 | password | password |
-| testGRDB.swift:111:51:111:60 | [...] | testGRDB.swift:111:52:111:52 | password | testGRDB.swift:111:51:111:60 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:111:52:111:52 | password | password |
-| testGRDB.swift:116:47:116:56 | [...] | testGRDB.swift:116:48:116:48 | password | testGRDB.swift:116:47:116:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:116:48:116:48 | password | password |
-| testGRDB.swift:118:47:118:56 | [...] | testGRDB.swift:118:48:118:48 | password | testGRDB.swift:118:47:118:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:118:48:118:48 | password | password |
-| testGRDB.swift:121:44:121:53 | [...] | testGRDB.swift:121:45:121:45 | password | testGRDB.swift:121:44:121:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:121:45:121:45 | password | password |
-| testGRDB.swift:123:44:123:53 | [...] | testGRDB.swift:123:45:123:45 | password | testGRDB.swift:123:44:123:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:123:45:123:45 | password | password |
-| testGRDB.swift:126:44:126:53 | [...] | testGRDB.swift:126:45:126:45 | password | testGRDB.swift:126:44:126:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:126:45:126:45 | password | password |
-| testGRDB.swift:128:44:128:53 | [...] | testGRDB.swift:128:45:128:45 | password | testGRDB.swift:128:44:128:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:128:45:128:45 | password | password |
-| testGRDB.swift:131:44:131:53 | [...] | testGRDB.swift:131:45:131:45 | password | testGRDB.swift:131:44:131:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:131:45:131:45 | password | password |
-| testGRDB.swift:133:44:133:53 | [...] | testGRDB.swift:133:45:133:45 | password | testGRDB.swift:133:44:133:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:133:45:133:45 | password | password |
-| testGRDB.swift:138:68:138:77 | [...] | testGRDB.swift:138:69:138:69 | password | testGRDB.swift:138:68:138:77 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:138:69:138:69 | password | password |
-| testGRDB.swift:140:68:140:77 | [...] | testGRDB.swift:140:69:140:69 | password | testGRDB.swift:140:68:140:77 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:140:69:140:69 | password | password |
-| testGRDB.swift:143:65:143:74 | [...] | testGRDB.swift:143:66:143:66 | password | testGRDB.swift:143:65:143:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:143:66:143:66 | password | password |
-| testGRDB.swift:145:65:145:74 | [...] | testGRDB.swift:145:66:145:66 | password | testGRDB.swift:145:65:145:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:145:66:145:66 | password | password |
-| testGRDB.swift:148:65:148:74 | [...] | testGRDB.swift:148:66:148:66 | password | testGRDB.swift:148:65:148:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:148:66:148:66 | password | password |
-| testGRDB.swift:150:65:150:74 | [...] | testGRDB.swift:150:66:150:66 | password | testGRDB.swift:150:65:150:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:150:66:150:66 | password | password |
-| testGRDB.swift:153:65:153:74 | [...] | testGRDB.swift:153:66:153:66 | password | testGRDB.swift:153:65:153:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:153:66:153:66 | password | password |
-| testGRDB.swift:155:65:155:74 | [...] | testGRDB.swift:155:66:155:66 | password | testGRDB.swift:155:65:155:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:155:66:155:66 | password | password |
-| testGRDB.swift:160:59:160:68 | [...] | testGRDB.swift:160:60:160:60 | password | testGRDB.swift:160:59:160:68 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:160:60:160:60 | password | password |
-| testGRDB.swift:161:50:161:59 | [...] | testGRDB.swift:161:51:161:51 | password | testGRDB.swift:161:50:161:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:161:51:161:51 | password | password |
-| testGRDB.swift:164:59:164:68 | [...] | testGRDB.swift:164:60:164:60 | password | testGRDB.swift:164:59:164:68 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:164:60:164:60 | password | password |
-| testGRDB.swift:165:50:165:59 | [...] | testGRDB.swift:165:51:165:51 | password | testGRDB.swift:165:50:165:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:165:51:165:51 | password | password |
-| testGRDB.swift:169:56:169:65 | [...] | testGRDB.swift:169:57:169:57 | password | testGRDB.swift:169:56:169:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:169:57:169:57 | password | password |
-| testGRDB.swift:170:47:170:56 | [...] | testGRDB.swift:170:48:170:48 | password | testGRDB.swift:170:47:170:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:170:48:170:48 | password | password |
-| testGRDB.swift:173:56:173:65 | [...] | testGRDB.swift:173:57:173:57 | password | testGRDB.swift:173:56:173:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:173:57:173:57 | password | password |
-| testGRDB.swift:174:47:174:56 | [...] | testGRDB.swift:174:48:174:48 | password | testGRDB.swift:174:47:174:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:174:48:174:48 | password | password |
-| testGRDB.swift:178:56:178:65 | [...] | testGRDB.swift:178:57:178:57 | password | testGRDB.swift:178:56:178:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:178:57:178:57 | password | password |
-| testGRDB.swift:179:47:179:56 | [...] | testGRDB.swift:179:48:179:48 | password | testGRDB.swift:179:47:179:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:179:48:179:48 | password | password |
-| testGRDB.swift:182:56:182:65 | [...] | testGRDB.swift:182:57:182:57 | password | testGRDB.swift:182:56:182:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:182:57:182:57 | password | password |
-| testGRDB.swift:183:47:183:56 | [...] | testGRDB.swift:183:48:183:48 | password | testGRDB.swift:183:47:183:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:183:48:183:48 | password | password |
-| testGRDB.swift:187:56:187:65 | [...] | testGRDB.swift:187:57:187:57 | password | testGRDB.swift:187:56:187:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:187:57:187:57 | password | password |
-| testGRDB.swift:188:47:188:56 | [...] | testGRDB.swift:188:48:188:48 | password | testGRDB.swift:188:47:188:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:188:48:188:48 | password | password |
-| testGRDB.swift:191:56:191:65 | [...] | testGRDB.swift:191:57:191:57 | password | testGRDB.swift:191:56:191:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:191:57:191:57 | password | password |
-| testGRDB.swift:192:47:192:56 | [...] | testGRDB.swift:192:48:192:48 | password | testGRDB.swift:192:47:192:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:192:48:192:48 | password | password |
-| testGRDB.swift:198:29:198:38 | [...] | testGRDB.swift:198:30:198:30 | password | testGRDB.swift:198:29:198:38 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:198:30:198:30 | password | password |
-| testGRDB.swift:201:23:201:32 | [...] | testGRDB.swift:201:24:201:24 | password | testGRDB.swift:201:23:201:32 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:201:24:201:24 | password | password |
-| testGRDB.swift:206:66:206:75 | [...] | testGRDB.swift:206:67:206:67 | password | testGRDB.swift:206:66:206:75 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:206:67:206:67 | password | password |
-| testGRDB.swift:208:80:208:89 | [...] | testGRDB.swift:208:81:208:81 | password | testGRDB.swift:208:80:208:89 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:208:81:208:81 | password | password |
-| testGRDB.swift:210:84:210:93 | [...] | testGRDB.swift:210:85:210:85 | password | testGRDB.swift:210:84:210:93 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:210:85:210:85 | password | password |
-| testGRDB.swift:212:98:212:107 | [...] | testGRDB.swift:212:99:212:99 | password | testGRDB.swift:212:98:212:107 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:212:99:212:99 | password | password |
-| testRealm2.swift:18:2:18:2 | o | testRealm2.swift:18:11:18:11 | myPassword | testRealm2.swift:18:2:18:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:18:11:18:11 | myPassword | myPassword |
-| testRealm2.swift:24:2:24:2 | o | testRealm2.swift:24:11:24:11 | socialSecurityNumber | testRealm2.swift:24:2:24:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:24:11:24:11 | socialSecurityNumber | socialSecurityNumber |
-| testRealm2.swift:25:2:25:2 | o | testRealm2.swift:25:11:25:11 | ssn | testRealm2.swift:25:2:25:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:25:11:25:11 | ssn | ssn |
-| testRealm2.swift:26:2:26:2 | o | testRealm2.swift:26:18:26:18 | ssn_int | testRealm2.swift:26:2:26:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:26:18:26:18 | ssn_int | ssn_int |
-| testRealm2.swift:32:2:32:2 | o | testRealm2.swift:32:11:32:11 | creditCardNumber | testRealm2.swift:32:2:32:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:32:11:32:11 | creditCardNumber | creditCardNumber |
-| testRealm2.swift:33:2:33:2 | o | testRealm2.swift:33:11:33:11 | CCN | testRealm2.swift:33:2:33:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:33:11:33:11 | CCN | CCN |
-| testRealm2.swift:34:2:34:2 | o | testRealm2.swift:34:18:34:18 | int_ccn | testRealm2.swift:34:2:34:2 | [post] o | This operation stores 'o' in a database. It may contain unencrypted sensitive data from $@. | testRealm2.swift:34:18:34:18 | int_ccn | int_ccn |
-| testRealm.swift:41:2:41:2 | a | testRealm.swift:41:11:41:11 | myPassword | testRealm.swift:41:2:41:2 | [post] a | This operation stores 'a' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:41:11:41:11 | myPassword | myPassword |
-| testRealm.swift:49:2:49:2 | c | testRealm.swift:49:11:49:11 | myPassword | testRealm.swift:49:2:49:2 | [post] c | This operation stores 'c' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:49:11:49:11 | myPassword | myPassword |
-| testRealm.swift:59:2:59:3 | ...! | testRealm.swift:59:12:59:12 | myPassword | testRealm.swift:59:2:59:3 | [post] ...! | This operation stores '...!' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:59:12:59:12 | myPassword | myPassword |
-| testRealm.swift:66:2:66:2 | g | testRealm.swift:66:11:66:11 | myPassword | testRealm.swift:66:2:66:2 | [post] g | This operation stores 'g' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:66:11:66:11 | myPassword | myPassword |
-| testRealm.swift:73:2:73:2 | h | testRealm.swift:73:15:73:15 | myPassword | testRealm.swift:73:2:73:2 | [post] h | This operation stores 'h' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:73:15:73:15 | myPassword | myPassword |
diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.qlref b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.qlref
index d73f4fc4bc29..0d588f51e615 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-311/CleartextStorageDatabase.ql
\ No newline at end of file
+query: queries/Security/CWE-311/CleartextStorageDatabase.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.qlref b/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.qlref
index f4c5a561e617..3b301c53e7fd 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-311/CleartextTransmission.ql
\ No newline at end of file
+query: queries/Security/CWE-311/CleartextTransmission.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-311/SQLite.swift b/swift/ql/test/query-tests/Security/CWE-311/SQLite.swift
index 6874683d8730..4b2f09237849 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/SQLite.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/SQLite.swift
@@ -116,64 +116,64 @@ func ==<V>(lhs: Expression<V>, rhs: V) -> Expression<Bool> { return Expression<B
 func test_sqlite_swift_api(db: Connection, id: Int, mobilePhoneNumber: String) throws {
 	// --- sensitive data in SQL (in practice these cases may also be SQL injection) ---
 
-	let insertQuery = "INSERT INTO CONTACTS(ID, NUMBER) VALUES(\(id), \(mobilePhoneNumber));"
-	let updateQuery = "UPDATE CONTACTS SET NUMBER=\(mobilePhoneNumber) WHERE ID=\(id);"
+	let insertQuery = "INSERT INTO CONTACTS(ID, NUMBER) VALUES(\(id), \(mobilePhoneNumber));" // $ Source[swift/cleartext-storage-database]
+	let updateQuery = "UPDATE CONTACTS SET NUMBER=\(mobilePhoneNumber) WHERE ID=\(id);" // $ Source[swift/cleartext-storage-database]
 	let deleteQuery = "DELETE FROM CONTACTS WHERE ID=\(id);"
 
-	try db.execute(insertQuery) // BAD (sensitive data)
-	try db.execute(updateQuery) // BAD (sensitive data)
+	try db.execute(insertQuery) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	try db.execute(updateQuery) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	try db.execute(deleteQuery) // GOOD
 
-	_ = try db.prepare(insertQuery).run() // BAD (sensitive data)
-	_ = try db.prepare(updateQuery).run() // BAD (sensitive data)
+	_ = try db.prepare(insertQuery).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.prepare(updateQuery).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	_ = try db.prepare(deleteQuery).run() // GOOD
 
-	_ = try db.run(insertQuery) // BAD (sensitive data)
-	_ = try db.run(updateQuery) // BAD (sensitive data)
+	_ = try db.run(insertQuery) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.run(updateQuery) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	_ = try db.run(deleteQuery) // GOOD
 
-	_ = try db.scalar(insertQuery) // BAD (sensitive data)
-	_ = try db.scalar(updateQuery) // BAD (sensitive data)
+	_ = try db.scalar(insertQuery) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.scalar(updateQuery) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	_ = try db.scalar(deleteQuery) // GOOD
 
-	_ = try Statement(db, insertQuery).run() // BAD (sensitive data)
-	_ = try Statement(db, updateQuery).run() // BAD (sensitive data)
+	_ = try Statement(db, insertQuery).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try Statement(db, updateQuery).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	_ = try Statement(db, deleteQuery).run() // GOOD
 
 	// --- sensitive data in bindings ---
 
 	let varQuery1 = "UPDATE CONTACTS SET NUMBER=?;"
 
-	_ = try db.prepare(varQuery1, mobilePhoneNumber).run() // BAD (sensitive data)
-	_ = try db.run(varQuery1, mobilePhoneNumber) // BAD (sensitive data)
-	_ = try db.scalar(varQuery1, mobilePhoneNumber) // BAD (sensitive data)
+	_ = try db.prepare(varQuery1, mobilePhoneNumber).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.run(varQuery1, mobilePhoneNumber) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.scalar(varQuery1, mobilePhoneNumber) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 
 	let stmt1 = try db.prepare(varQuery1) // GOOD
-	_ = try stmt1.bind(mobilePhoneNumber).run() // BAD (sensitive data)
-	_ = try stmt1.run(mobilePhoneNumber) // BAD (sensitive data)
-	_ = try stmt1.scalar(mobilePhoneNumber) // BAD (sensitive data)
+	_ = try stmt1.bind(mobilePhoneNumber).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try stmt1.run(mobilePhoneNumber) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try stmt1.scalar(mobilePhoneNumber) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 
 	let varQuery2 = "UPDATE CONTACTS SET NUMBER=? WHERE ID=?;"
 
-	_ = try db.prepare(varQuery2, [mobilePhoneNumber, id]).run() // BAD (sensitive data)
-	_ = try db.run(varQuery2, [mobilePhoneNumber, id]) // BAD (sensitive data)
-	_ = try db.scalar(varQuery2, [mobilePhoneNumber, id]) // BAD (sensitive data)
+	_ = try db.prepare(varQuery2, [mobilePhoneNumber, id]).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.run(varQuery2, [mobilePhoneNumber, id]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.scalar(varQuery2, [mobilePhoneNumber, id]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 
 	let stmt2 = try db.prepare(varQuery2) // GOOD
-	_ = try stmt2.bind([mobilePhoneNumber, id]).run() // BAD (sensitive data)
-	_ = try stmt2.run([mobilePhoneNumber, id]) // BAD (sensitive data)
-	_ = try stmt2.scalar([mobilePhoneNumber, id]) // BAD (sensitive data)
+	_ = try stmt2.bind([mobilePhoneNumber, id]).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try stmt2.run([mobilePhoneNumber, id]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try stmt2.scalar([mobilePhoneNumber, id]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 
 	let varQuery3 = "UPDATE CONTACTS SET NUMBER=$number WHERE ID=$id;"
 
-	_ = try db.prepare(varQuery3, ["id": id, "number": mobilePhoneNumber]).run() // BAD (sensitive data)
-	_ = try db.run(varQuery3, ["id": id, "number": mobilePhoneNumber]) // BAD (sensitive data)
-	_ = try db.scalar(varQuery3, ["id": id, "number": mobilePhoneNumber]) // BAD (sensitive data)
+	_ = try db.prepare(varQuery3, ["id": id, "number": mobilePhoneNumber]).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.run(varQuery3, ["id": id, "number": mobilePhoneNumber]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try db.scalar(varQuery3, ["id": id, "number": mobilePhoneNumber]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 
 	let stmt3 = try db.prepare(varQuery3) // GOOD
-	_ = try stmt3.bind(["id": id, "number": mobilePhoneNumber]).run() // BAD (sensitive data)
-	_ = try stmt3.run(["id": id, "number": mobilePhoneNumber]) // BAD (sensitive data)
-	_ = try stmt3.scalar(["id": id, "number": mobilePhoneNumber]) // BAD (sensitive data)
+	_ = try stmt3.bind(["id": id, "number": mobilePhoneNumber]).run() // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try stmt3.run(["id": id, "number": mobilePhoneNumber]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	_ = try stmt3.scalar(["id": id, "number": mobilePhoneNumber]) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 
 	// --- higher level insert / update ---
 
@@ -183,20 +183,20 @@ func test_sqlite_swift_api(db: Connection, id: Int, mobilePhoneNumber: String) t
 	let filter = table.filter(idExpr == id) // GOOD
 
 	try db.run(table.insert(idExpr <- id, numberExpr <- "123")) // GOOD
-	try db.run(table.insert(idExpr <- id, numberExpr <- mobilePhoneNumber)) // BAD (sensitive data)
+	try db.run(table.insert(idExpr <- id, numberExpr <- mobilePhoneNumber)) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 
 	try db.run(table.update(numberExpr <- "123")) // GOOD
-	try db.run(table.update(numberExpr <- mobilePhoneNumber)) // BAD (sensitive data)
+	try db.run(table.update(numberExpr <- mobilePhoneNumber)) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	try db.run(filter.update(numberExpr <- "123")) // GOOD
-	try db.run(filter.update(numberExpr <- mobilePhoneNumber)) // BAD (sensitive data)
+	try db.run(filter.update(numberExpr <- mobilePhoneNumber)) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	try db.run(table.update(numberExpr <- numberExpr.replace("123", with: "456"))) // GOOD
-	try db.run(table.update(numberExpr <- numberExpr.replace("123", with: mobilePhoneNumber))) // BAD (sensitive data)
+	try db.run(table.update(numberExpr <- numberExpr.replace("123", with: mobilePhoneNumber))) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	// (much more complex query construction is possible in SQLite.swift)
 
 	let goodMany = [[numberExpr <- "456"]]
-	let badMany = [[numberExpr <- mobilePhoneNumber]]
+	let badMany = [[numberExpr <- mobilePhoneNumber]] // $ Source[swift/cleartext-storage-database]
 	try db.run(table.insertMany(goodMany)) // GOOD
-	try db.run(table.insertMany(badMany)) // BAD (sensitive data)
+	try db.run(table.insertMany(badMany)) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	try db.run(table.insertMany(or: OnConflict.replace, goodMany)) // GOOD
-	try db.run(table.insertMany(or: OnConflict.replace, badMany)) // BAD (sensitive data)
+	try db.run(table.insertMany(or: OnConflict.replace, badMany)) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/sqlite3_c_api.swift b/swift/ql/test/query-tests/Security/CWE-311/sqlite3_c_api.swift
index 6c4561c09297..55863e13e1f0 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/sqlite3_c_api.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/sqlite3_c_api.swift
@@ -39,12 +39,12 @@ func sqlite3_bind_text(
 func test_sqlite3_c_api(db: OpaquePointer?, id: Int32, medicalNotes: String) {
 	// --- sensitive data in SQL (in practice these cases may also be SQL injection) ---
 
-	let insertQuery = "INSERT INTO PATIENTS(ID, NOTES) VALUES(\(id), \(medicalNotes));"
-	let updateQuery = "UPDATE PATIENTS SET NOTES=\(medicalNotes) WHERE ID=\(id);"
+	let insertQuery = "INSERT INTO PATIENTS(ID, NOTES) VALUES(\(id), \(medicalNotes));" // $ Source[swift/cleartext-storage-database]
+	let updateQuery = "UPDATE PATIENTS SET NOTES=\(medicalNotes) WHERE ID=\(id);" // $ Source[swift/cleartext-storage-database]
 	let deleteQuery = "DELETE FROM PATIENTS WHERE ID=\(id);"
 
-	let _ = sqlite3_exec(db, insertQuery, nil, nil, nil) // BAD (sensitive data)
-	let _ = sqlite3_exec(db, updateQuery, nil, nil, nil) // BAD (sensitive data)
+	let _ = sqlite3_exec(db, insertQuery, nil, nil, nil) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
+	let _ = sqlite3_exec(db, updateQuery, nil, nil, nil) // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 	let _ = sqlite3_exec(db, deleteQuery, nil, nil, nil) // GOOD
 
 	// --- sensitive data in bindings ---
@@ -55,7 +55,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, id: Int32, medicalNotes: String) {
 
 	if (sqlite3_prepare(db, varQuery, -1, &stmt1, nil) == SQLITE_OK) { // GOOD
 		if (sqlite3_bind_int(stmt1, 1, id) == SQLITE_OK) { // GOOD
-			if (sqlite3_bind_text(stmt1, 2, medicalNotes, -1, SQLITE_TRANSIENT) == SQLITE_OK) { // BAD (sensitive data)
+			if (sqlite3_bind_text(stmt1, 2, medicalNotes, -1, SQLITE_TRANSIENT) == SQLITE_OK) { // $ Alert[swift/cleartext-storage-database] // BAD (sensitive data)
 				// ...
 			}
 		}
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
index 3a50c2cf2495..0bbb43d732c7 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
@@ -147,11 +147,11 @@ struct MyEncodable: Encodable {
 func test1(username: String, password: String, email: String, harmless: String) {
 	// sensitive data in URL
 
-	AF.request("http://example.com/login?p=" + password) // BAD
+	AF.request("http://example.com/login?p=" + password) // $ Alert[swift/cleartext-transmission]
 	AF.request("http://example.com/login?h=" + harmless) // GOOD (not sensitive)
-	AF.streamRequest("http://example.com/login?p=" + password) // BAD
+	AF.streamRequest("http://example.com/login?p=" + password) // $ Alert[swift/cleartext-transmission]
 	AF.streamRequest("http://example.com/login?h=" + harmless) // GOOD (not sensitive)
-	AF.download("http://example.com/" + email + ".html") // BAD
+	AF.download("http://example.com/" + email + ".html") // $ Alert[swift/cleartext-transmission]
 	AF.download("http://example.com/" + harmless + ".html") // GOOD (not sensitive)
 
 	// sensitive data in parameters
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift
index 22e345b306c3..50eac08b47c4 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift
@@ -16,7 +16,7 @@ class NSManagedObject : NSObject
 class MyManagedObject : NSManagedObject
 {
 	func setIndirect(value: String) {
-		setValue(value, forKey: "myKey")
+		setValue(value, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 	}
 
 	var myValue: String {
@@ -29,7 +29,7 @@ class MyManagedObject : NSManagedObject
 			}
 		}
 		set {
-			setValue(newValue, forKey: "myKey") // [additional result reported here]
+			setValue(newValue, forKey: "myKey") // $ Alert[swift/cleartext-storage-database] // [additional result reported here]
 		}
 	}
 }
@@ -45,23 +45,23 @@ func doSomething(password: String) { }
 func test1(obj : NSManagedObject, password : String, password_hash : String) {
 	// NSManagedObject methods...
 
-	obj.setValue(password, forKey: "myKey") // BAD
+	obj.setValue(password, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 	obj.setValue(password_hash, forKey: "myKey") // GOOD (not sensitive)
 
-	obj.setPrimitiveValue(password, forKey: "myKey") // BAD
+	obj.setPrimitiveValue(password, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 	obj.setPrimitiveValue(password_hash, forKey: "myKey") // GOOD (not sensitive)
 }
 
 func test2(obj : MyManagedObject, password : String, password_file : String) {
 	// MyManagedObject methods...
 
-	obj.setValue(password, forKey: "myKey") // BAD
+	obj.setValue(password, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 	obj.setValue(password_file, forKey: "myKey") // GOOD (not sensitive)
 
-	obj.setIndirect(value: password) // BAD [reported on line 19]
+	obj.setIndirect(value: password) // $ Source[swift/cleartext-storage-database] // BAD [reported on line 19]
 	obj.setIndirect(value: password_file) // GOOD (not sensitive)
 
-	obj.myValue = password // BAD [also reported on line 32]
+	obj.myValue = password // $ Alert[swift/cleartext-storage-database] Source[swift/cleartext-storage-database] // BAD [also reported on line 32]
 	obj.myValue = password_file // GOOD (not sensitive)
 }
 
@@ -74,27 +74,27 @@ func test3(obj : NSManagedObject, x : String) {
 	// alternative evidence of sensitivity...
 
 	obj.setValue(x, forKey: "myKey") // BAD [NOT REPORTED]
-	doSomething(password: x);
-	obj.setValue(x, forKey: "myKey") // BAD
+	doSomething(password: x); // $ Source[swift/cleartext-storage-database]
+	obj.setValue(x, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 
-	let y = getPassword();
-	obj.setValue(y, forKey: "myKey") // BAD
+	let y = getPassword(); // $ Source[swift/cleartext-storage-database]
+	obj.setValue(y, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 
 	let z = MyClass()
 	obj.setValue(z.harmless, forKey: "myKey") // GOOD (not sensitive)
-	obj.setValue(z.password, forKey: "myKey") // BAD
+	obj.setValue(z.password, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 }
 
 func test4(obj : NSManagedObject, passwd : String) {
 	// sanitizers...
 
-	var x = passwd;
-	var y = passwd;
-	var z = passwd;
+	var x = passwd; // $ Source[swift/cleartext-storage-database]
+	var y = passwd; // $ Source[swift/cleartext-storage-database]
+	var z = passwd; // $ Source[swift/cleartext-storage-database]
 
-	obj.setValue(x, forKey: "myKey") // BAD
-	obj.setValue(y, forKey: "myKey") // BAD
-	obj.setValue(z, forKey: "myKey") // BAD
+	obj.setValue(x, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
+	obj.setValue(y, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
+	obj.setValue(z, forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 
 	x = encrypt(x);
 	hash(data: &y);
@@ -125,8 +125,8 @@ func test5(obj : NSManagedObject) {
 	// more variants...
 
 	obj.setValue(createSecureKey(), forKey: "myKey") // BAD [NOT DETECTED]
-	obj.setValue(generateSecretKey(), forKey: "myKey") // BAD
-	obj.setValue(getCertificate(), forKey: "myKey") // BAD
+	obj.setValue(generateSecretKey(), forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
+	obj.setValue(getCertificate(), forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 
 	let gen = KeyGen()
 	let v = gen.generate()
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
index 9cb61b3bd772..494f136d9095 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
@@ -34,35 +34,35 @@ func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value:
 {
 	// @NSManaged fields of an NSManagedObject...
 	obj.myValue = value // GOOD (not sensitive)
-	obj.myValue = bankAccountNo // BAD
+	obj.myValue = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	obj.myBankAccountNumber = value // BAD [NOT DETECTED]
-	obj.myBankAccountNumber = bankAccountNo // BAD
+	obj.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	obj.myBankAccountNumber2 = value // BAD [NOT DETECTED]
-	obj.myBankAccountNumber2 = bankAccountNo // BAD
+	obj.myBankAccountNumber2 = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	obj.notStoredBankAccountNumber = value // GOOD (not stored in the database)
-	obj.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) [FALSE POSITIVE]
+	obj.notStoredBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
 
 	maybeObj?.myValue = value // GOOD (not sensitive)
-	maybeObj?.myValue = bankAccountNo // BAD
+	maybeObj?.myValue = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	maybeObj?.myBankAccountNumber = value // BAD [NOT DETECTED]
-	maybeObj?.myBankAccountNumber = bankAccountNo // BAD
+	maybeObj?.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	maybeObj?.myBankAccountNumber2 = value // BAD [NOT DETECTED]
-	maybeObj?.myBankAccountNumber2 = bankAccountNo // BAD
+	maybeObj?.myBankAccountNumber2 = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	maybeObj?.notStoredBankAccountNumber = value // GOOD (not stored in the database)
-	maybeObj?.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) [FALSE POSITIVE]
+	maybeObj?.notStoredBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
 }
 
 class testCoreData2_2 {
 	func myFunc(obj: MyManagedObject2, bankAccountNo: Int) {
-		obj.myBankAccountNumber = bankAccountNo // BAD
+		obj.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 
 		if #available(iOS 10.0, *) {
-			obj.myBankAccountNumber = bankAccountNo // BAD
+			obj.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 		} else {
-			obj.myBankAccountNumber = bankAccountNo // BAD
+			obj.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 		}
 
-		obj.myBankAccountNumber = bankAccountNo // BAD
+		obj.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	}
 }
 
@@ -76,31 +76,31 @@ class MyContainer {
 func testCoreData2_3(dbObj: MyManagedObject2, maybeObj: MyManagedObject2?, container: MyContainer, bankAccountNo: MyContainer, bankAccountNo2: MyContainer!) {
 	dbObj.myValue = container.value // GOOD (not sensitive)
 	dbObj.myValue = container.value2 // GOOD (not sensitive)
-	dbObj.myValue = container.bankAccountNo // BAD
-	dbObj.myValue = container.bankAccountNo2 // BAD
+	dbObj.myValue = container.bankAccountNo // $ Alert[swift/cleartext-storage-database]
+	dbObj.myValue = container.bankAccountNo2 // $ Alert[swift/cleartext-storage-database]
 
-	dbObj.myValue = bankAccountNo.value // BAD
-	dbObj.myValue = bankAccountNo.value2 // BAD
-	dbObj.myValue = bankAccountNo2.value // BAD
-	dbObj.myValue = bankAccountNo2.value2 // BAD
+	dbObj.myValue = bankAccountNo.value // $ Alert[swift/cleartext-storage-database]
+	dbObj.myValue = bankAccountNo.value2 // $ Alert[swift/cleartext-storage-database]
+	dbObj.myValue = bankAccountNo2.value // $ Alert[swift/cleartext-storage-database]
+	dbObj.myValue = bankAccountNo2.value2 // $ Alert[swift/cleartext-storage-database]
 
-	maybeObj?.myValue = container.bankAccountNo // BAD
-	maybeObj?.myValue = bankAccountNo.value // BAD
-	maybeObj?.myValue = bankAccountNo2.value2 // BAD
+	maybeObj?.myValue = container.bankAccountNo // $ Alert[swift/cleartext-storage-database]
+	maybeObj?.myValue = bankAccountNo.value // $ Alert[swift/cleartext-storage-database]
+	maybeObj?.myValue = bankAccountNo2.value2 // $ Alert[swift/cleartext-storage-database]
 
-	var a = bankAccountNo // sensitive
+	var a = bankAccountNo // $ Source[swift/cleartext-storage-database] // sensitive
 	var b = a.value
-	dbObj.myValue = b // BAD
+	dbObj.myValue = b // $ Alert[swift/cleartext-storage-database]
 
-	let c = bankAccountNo // sensitive
+	let c = bankAccountNo // $ Source[swift/cleartext-storage-database] // sensitive
 	var d: MyContainer = MyContainer()
 	d.value = c.value
-	dbObj.myValue = d.value // BAD
+	dbObj.myValue = d.value // $ Alert[swift/cleartext-storage-database]
 	dbObj.myValue = d.value2 // GOOD
 
-	let e = bankAccountNo // sensitive
+	let e = bankAccountNo // $ Source[swift/cleartext-storage-database] // sensitive
 	var f: MyContainer?
 	f?.value = e.value
-	dbObj.myValue = e.value // BAD
-	dbObj.myValue = e.value2 // GOOD [FALSE POSITIVE]
+	dbObj.myValue = e.value // $ Alert[swift/cleartext-storage-database]
+	dbObj.myValue = e.value2 // $ Alert[swift/cleartext-storage-database] // GOOD [FALSE POSITIVE]
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift b/swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift
index e0c6d7a49073..371d17b85fba 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift
@@ -70,145 +70,145 @@ class CommonTableExpression {
 // --- tests ---
 
 func test(database: Database, password: String, harmless: String) {
-    let _ = database.allStatements(sql: "", arguments: [password]) // BAD
+    let _ = database.allStatements(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = database.allStatements(sql: "", arguments: [harmless]) // GOOD
 
-    database.execute(sql: "", arguments: [password]) // BAD
+    database.execute(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     database.execute(sql: "", arguments: [harmless]) // GOOD
 }
 
 func testSqlRequest(password: String, harmless: String) {
-    let _ = SQLRequest(sql: "", arguments: [password]) // BAD
+    let _ = SQLRequest(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = SQLRequest(sql: "", arguments: [harmless]) // GOOD
-    let _ = SQLRequest(sql: "", arguments: [password], adapter: nil) // BAD
+    let _ = SQLRequest(sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     let _ = SQLRequest(sql: "", arguments: [harmless], adapter: nil) // GOOD
-    let _ = SQLRequest(sql: "", arguments: [password], cached: false) // BAD
+    let _ = SQLRequest(sql: "", arguments: [password], cached: false) // $ Alert[swift/cleartext-storage-database]
     let _ = SQLRequest(sql: "", arguments: [harmless], cached: false) // GOOD
-    let _ = SQLRequest(sql: "", arguments: [password], adapter: nil, cached: false) // BAD
+    let _ = SQLRequest(sql: "", arguments: [password], adapter: nil, cached: false) // $ Alert[swift/cleartext-storage-database]
     let _ = SQLRequest(sql: "", arguments: [harmless], adapter: nil, cached: false) // GOOD
 }
 
 func test(sql: SQL, password: String, harmless: String) {
-    let _ = SQL(sql: "", arguments: [password]) // BAD
+    let _ = SQL(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = SQL(sql: "", arguments: [harmless]) // GOOD
     
-    sql.append(sql: "", arguments: [password]) // BAD
+    sql.append(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     sql.append(sql: "", arguments: [harmless]) // GOOD
 }
 
 func testSqlStatementCursor(database: Database, password: String, harmless: String) {
-    let _ = SQLStatementCursor(database: database, sql: "", arguments: [password]) // BAD
-    let _ = SQLStatementCursor(database: database, sql: "", arguments: [password], prepFlags: 0) // BAD
+    let _ = SQLStatementCursor(database: database, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
+    let _ = SQLStatementCursor(database: database, sql: "", arguments: [password], prepFlags: 0) // $ Alert[swift/cleartext-storage-database]
     let _ = SQLStatementCursor(database: database, sql: "", arguments: [harmless]) // GOOD
     let _ = SQLStatementCursor(database: database, sql: "", arguments: [harmless], prepFlags: 0) // GOOD
 }
 
 func testTableRecord(password: String, harmless: String) {
-    let _ = TableRecord.select(sql: "", arguments: [password]) // BAD
+    let _ = TableRecord.select(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = TableRecord.select(sql: "", arguments: [harmless]) // GOOD
-    let _ = TableRecord.filter(sql: "", arguments: [password]) // BAD
+    let _ = TableRecord.filter(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = TableRecord.filter(sql: "", arguments: [harmless]) // GOOD
-    let _ = TableRecord.order(sql: "", arguments: [password]) // BAD
+    let _ = TableRecord.order(sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = TableRecord.order(sql: "", arguments: [harmless]) // GOOD
 }
 
 func test(row: Row, stmt: Statement, password: String, harmless: String) {
-    row.fetchCursor(stmt, sql: "", arguments: [password]) // BAD
+    row.fetchCursor(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     row.fetchCursor(stmt, sql: "", arguments: [harmless]) // GOOD
-    row.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    row.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     row.fetchCursor(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 
-    row.fetchAll(stmt, sql: "", arguments: [password]) // BAD
+    row.fetchAll(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     row.fetchAll(stmt, sql: "", arguments: [harmless]) // GOOD
-    row.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    row.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     row.fetchAll(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 
-    row.fetchSet(stmt, sql: "", arguments: [password]) // BAD
+    row.fetchSet(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     row.fetchSet(stmt, sql: "", arguments: [harmless]) // GOOD
-    row.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    row.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     row.fetchSet(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 
-    row.fetchOne(stmt, sql: "", arguments: [password]) // BAD
+    row.fetchOne(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     row.fetchOne(stmt, sql: "", arguments: [harmless]) // GOOD
-    row.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    row.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     row.fetchOne(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 }
 
 func test(databaseValueConvertible: DatabaseValueConvertible, stmt: Statement, password: String, harmless: String) {
-    databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [password]) // BAD
+    databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [harmless]) // GOOD
-    databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 
-    databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [password]) // BAD
+    databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [harmless]) // GOOD
-    databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 
-    databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [password]) // BAD
+    databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [harmless]) // GOOD
-    databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 
-    databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [password]) // BAD
+    databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [harmless]) // GOOD
-    databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // BAD
+    databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
 }
 
 func test(fetchableRecord: FetchableRecord, stmt: Statement, password: String, harmless: String) {
-    fetchableRecord.fetchCursor(stmt, sql: "", arguments: [password]) // BAD
-    fetchableRecord.fetchCursor(stmt, arguments: [password]) // BAD
+    fetchableRecord.fetchCursor(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchCursor(stmt, arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchCursor(stmt, sql: "", arguments: [harmless]) // GOOD
     fetchableRecord.fetchCursor(stmt, arguments: [harmless]) // GOOD
-    fetchableRecord.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // BAD
-    fetchableRecord.fetchCursor(stmt, arguments: [password], adapter: nil) // BAD
+    fetchableRecord.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchCursor(stmt, arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchCursor(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
     fetchableRecord.fetchCursor(stmt, arguments: [harmless], adapter: nil) // GOOD
 
-    fetchableRecord.fetchAll(stmt, sql: "", arguments: [password]) // BAD
-    fetchableRecord.fetchAll(stmt, arguments: [password]) // BAD
+    fetchableRecord.fetchAll(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchAll(stmt, arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchAll(stmt, sql: "", arguments: [harmless]) // GOOD
     fetchableRecord.fetchAll(stmt, arguments: [harmless]) // GOOD
-    fetchableRecord.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // BAD
-    fetchableRecord.fetchAll(stmt, arguments: [password], adapter: nil) // BAD
+    fetchableRecord.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchAll(stmt, arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchAll(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
     fetchableRecord.fetchAll(stmt, arguments: [harmless], adapter: nil) // GOOD
 
-    fetchableRecord.fetchSet(stmt, sql: "", arguments: [password]) // BAD
-    fetchableRecord.fetchSet(stmt, arguments: [password]) // BAD
+    fetchableRecord.fetchSet(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchSet(stmt, arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchSet(stmt, sql: "", arguments: [harmless]) // GOOD
     fetchableRecord.fetchSet(stmt, arguments: [harmless]) // GOOD
-    fetchableRecord.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // BAD
-    fetchableRecord.fetchSet(stmt, arguments: [password], adapter: nil) // BAD
+    fetchableRecord.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchSet(stmt, arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchSet(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
     fetchableRecord.fetchSet(stmt, arguments: [harmless], adapter: nil) // GOOD
 
-    fetchableRecord.fetchOne(stmt, sql: "", arguments: [password]) // BAD
-    fetchableRecord.fetchOne(stmt, arguments: [password]) // BAD
+    fetchableRecord.fetchOne(stmt, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchOne(stmt, arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchOne(stmt, sql: "", arguments: [harmless]) // GOOD
     fetchableRecord.fetchOne(stmt, arguments: [harmless]) // GOOD
-    fetchableRecord.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // BAD
-    fetchableRecord.fetchOne(stmt, arguments: [password], adapter: nil) // BAD
+    fetchableRecord.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
+    fetchableRecord.fetchOne(stmt, arguments: [password], adapter: nil) // $ Alert[swift/cleartext-storage-database]
     fetchableRecord.fetchOne(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD
     fetchableRecord.fetchOne(stmt, arguments: [harmless], adapter: nil) // GOOD
 }
 
 func test(stmt: Statement, password: String, harmless: String) {
-    stmt.execute(arguments: [password]) // BAD
+    stmt.execute(arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     stmt.execute(arguments: [harmless]) // GOOD
 
-    stmt.setArguments([password]) // BAD
+    stmt.setArguments([password]) // $ Alert[swift/cleartext-storage-database]
     stmt.setArguments([harmless]) // GOOD
 }
 
 func testCommonTableExpression(password: String, harmless: String) {
-    let _ = CommonTableExpression(named: "", sql: "", arguments: [password]) // BAD
+    let _ = CommonTableExpression(named: "", sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = CommonTableExpression(named: "", sql: "", arguments: [harmless]) // GOOD
-    let _ = CommonTableExpression(named: "", columns: nil, sql: "", arguments: [password]) // BAD
+    let _ = CommonTableExpression(named: "", columns: nil, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = CommonTableExpression(named: "", columns: nil, sql: "", arguments: [harmless]) // GOOD
-    let _ = CommonTableExpression(recursive: false, named: "", sql: "", arguments: [password]) // BAD
+    let _ = CommonTableExpression(recursive: false, named: "", sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = CommonTableExpression(recursive: false, named: "", sql: "", arguments: [harmless]) // GOOD
-    let _ = CommonTableExpression(recursive: false, named: "", columns: nil, sql: "", arguments: [password]) // BAD
+    let _ = CommonTableExpression(recursive: false, named: "", columns: nil, sql: "", arguments: [password]) // $ Alert[swift/cleartext-storage-database]
     let _ = CommonTableExpression(recursive: false, named: "", columns: nil, sql: "", arguments: [harmless]) // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift b/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift
index 94bc9e07800a..9cff8e6891db 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift
@@ -38,7 +38,7 @@ func test1(realm : Realm, myHarmless: String, myPassword : String, myHashedPassw
 	// add objects (within a transaction) ...
 
 	let a = MyRealmSwiftObject()
-	a.data = myPassword // BAD
+	a.data = myPassword // $ Alert[swift/cleartext-storage-database]
 	realm.add(a)
 
 	let b = MyRealmSwiftObject()
@@ -46,7 +46,7 @@ func test1(realm : Realm, myHarmless: String, myPassword : String, myHashedPassw
 	realm.add(b) // GOOD (not sensitive)
 
 	let c = MyRealmSwiftObject()
-	c.data = myPassword // BAD
+	c.data = myPassword // $ Alert[swift/cleartext-storage-database]
 	realm.create(MyRealmSwiftObject.self, value: c)
 
 	let d = MyRealmSwiftObject()
@@ -56,21 +56,21 @@ func test1(realm : Realm, myHarmless: String, myPassword : String, myHashedPassw
 	// retrieve objects ...
 
 	var e = realm.object(ofType: MyRealmSwiftObject.self, forPrimaryKey: "key")
-	e!.data = myPassword // BAD
+	e!.data = myPassword // $ Alert[swift/cleartext-storage-database]
 
 	var f = realm.object(ofType: MyRealmSwiftObject.self, forPrimaryKey: "key")
 	f!.data = myHashedPassword // GOOD (not sensitive)
 
 	let g = MyRealmSwiftObject()
 	g.data = "" // GOOD (not sensitive)
-	g.data = myPassword // BAD
+	g.data = myPassword // $ Alert[swift/cleartext-storage-database]
 	g.data = "" // GOOD (not sensitive)
 
 	// MyRealmSwiftObject2...
 
 	let h = MyRealmSwiftObject2()
 	h.harmless = myHarmless // GOOD (not sensitive)
-	h.password = myPassword // BAD
+	h.password = myPassword // $ Alert[swift/cleartext-storage-database]
 	realm.add(h)
 }
 
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift b/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift
index f9a325c42bbd..6374467750f6 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift
@@ -15,23 +15,23 @@ class MyRealmSwiftObject3 : Object {
 
 func test1(o: MyRealmSwiftObject3, myHarmless: String, myPassword: String) {
 	// ...
-	o.data = myPassword // BAD
+	o.data = myPassword // $ Alert[swift/cleartext-storage-database]
 	o.data = myHarmless
 	// ...
 }
 
 func test2(o: MyRealmSwiftObject3, ccn: String, socialSecurityNumber: String, ssn: String, ssn_int: Int, userSSN: String, classno: String) {
-	o.data = socialSecurityNumber // BAD
-	o.data = ssn // BAD
-	o.data = String(ssn_int) // BAD
+	o.data = socialSecurityNumber // $ Alert[swift/cleartext-storage-database]
+	o.data = ssn // $ Alert[swift/cleartext-storage-database]
+	o.data = String(ssn_int) // $ Alert[swift/cleartext-storage-database]
 	o.data = userSSN // BAD [NOT DETECTED]
 	o.data = classno // GOOD
 }
 
 func test3(o: MyRealmSwiftObject3, ccn: String, creditCardNumber: String, CCN: String, int_ccn: Int, userCcn: String, succnode: String) {
-	o.data = creditCardNumber // BAD
-	o.data = CCN // BAD
-	o.data = String(int_ccn) // BAD
+	o.data = creditCardNumber // $ Alert[swift/cleartext-storage-database]
+	o.data = CCN // $ Alert[swift/cleartext-storage-database]
+	o.data = String(int_ccn) // $ Alert[swift/cleartext-storage-database]
 	o.data = userCcn // BAD [NOT DETECTED]
 	o.data = succnode // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testSend.swift b/swift/ql/test/query-tests/Security/CWE-311/testSend.swift
index bea4dfa16b63..f1a404a19ae9 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testSend.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testSend.swift
@@ -26,15 +26,15 @@ func test1(passwordPlain : String, passwordHash : String) {
 	// ...
 
 	nw.send(content: "123456", completion: .idempotent) // GOOD (not sensitive)
-	nw.send(content: passwordPlain, completion: .idempotent) // BAD
+	nw.send(content: passwordPlain, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
 	nw.send(content: passwordHash, completion: .idempotent) // GOOD (not sensitive)
 
 	let data1 = Data("123456")
-	let data2 = Data(passwordPlain)
+	let data2 = Data(passwordPlain) // $ Source[swift/cleartext-transmission]
 	let data3 = Data(passwordHash)
 
 	nw.send(content: data1, completion: .idempotent) // GOOD (not sensitive)
-	nw.send(content: data2, completion: .idempotent) // BAD
+	nw.send(content: data2, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
 	nw.send(content: data3, completion: .idempotent) // GOOD (not sensitive)
 }
 
@@ -55,30 +55,30 @@ struct MyStruct {
 }
 
 func test2(password : String, license_key: String, ms: MyStruct, connection : NWConnection) {
-	let str1 = password
-	let str2 = password + " "
-	let str3 = pad(password)
+	let str1 = password // $ Source[swift/cleartext-transmission]
+	let str2 = password + " " // $ Source[swift/cleartext-transmission]
+	let str3 = pad(password) // $ Source[swift/cleartext-transmission]
 	let str4 = aes_crypt(password)
 	let str5 = pad(aes_crypt(password))
 	let str6 = aes_crypt(pad(password))
 
-	connection.send(content: str1, completion: .idempotent) // BAD
-	connection.send(content: str2, completion: .idempotent) // BAD
-	connection.send(content: str3, completion: .idempotent) // BAD
+	connection.send(content: str1, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: str2, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: str3, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
 	connection.send(content: str4, completion: .idempotent) // GOOD (encrypted)
 	connection.send(content: str5, completion: .idempotent) // GOOD (encrypted)
 	connection.send(content: str6, completion: .idempotent) // GOOD (encrypted)
-	connection.send(content: license_key, completion: .idempotent) // BAD
-	connection.send(content: ms.mobileNumber, completion: .idempotent) // BAD
+	connection.send(content: license_key, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: ms.mobileNumber, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
 	connection.send(content: ms.mobileUrl, completion: .idempotent) // GOOD (not sensitive)
 	connection.send(content: ms.mobilePlayer, completion: .idempotent) // GOOD (not sensitive)
 	connection.send(content: ms.passwordFeatureEnabled, completion: .idempotent) // GOOD (not sensitive)
-	connection.send(content: ms.Telephone, completion: .idempotent) // BAD
-	connection.send(content: ms.birth_day, completion: .idempotent) // BAD
-	connection.send(content: ms.CarePlanID, completion: .idempotent) // BAD
-	connection.send(content: ms.BankCardNo, completion: .idempotent) // BAD
-	connection.send(content: ms.MyCreditRating, completion: .idempotent) // BAD
-	connection.send(content: ms.OneTimeCode, completion: .idempotent) // BAD
+	connection.send(content: ms.Telephone, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: ms.birth_day, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: ms.CarePlanID, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: ms.BankCardNo, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: ms.MyCreditRating, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
+	connection.send(content: ms.OneTimeCode, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
 }
 
 struct MyOuter {
@@ -91,6 +91,6 @@ struct MyOuter {
 }
 
 func test3(mo : MyOuter, connection : NWConnection) {
-	connection.send(content: mo.password.value, completion: .idempotent) // BAD
+	connection.send(content: mo.password.value, completion: .idempotent) // $ Alert[swift/cleartext-transmission]
 	connection.send(content: mo.harmless.value, completion: .idempotent) // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testURL.swift b/swift/ql/test/query-tests/Security/CWE-311/testURL.swift
index 8e6a10ce077d..d77d3a4e5dbc 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testURL.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testURL.swift
@@ -36,22 +36,22 @@ func setMyString(str: String) { myString = str }
 func getMyString() -> String { return myString }
 
 func test1(passwd : String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
-	_ = URL(string: "http://example.com/login?p=" + passwd); // BAD
+	_ = URL(string: "http://example.com/login?p=" + passwd); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "http://example.com/login?p=" + encrypted_passwd); // GOOD (not sensitive)
-	_ = URL(string: "http://example.com/login?ac=" + account_no); // BAD
-	_ = URL(string: "http://example.com/login?cc=" + credit_card_no); // BAD
+	_ = URL(string: "http://example.com/login?ac=" + account_no); // $ Alert[swift/cleartext-transmission]
+	_ = URL(string: "http://example.com/login?cc=" + credit_card_no); // $ Alert[swift/cleartext-transmission]
 
 	let base = URL(string: "http://example.com/"); // GOOD (not sensitive)
 	_ = URL(string: "abc", relativeTo: base); // GOOD (not sensitive)
-	let f = URL(string: passwd, relativeTo: base); // BAD
+	let f = URL(string: passwd, relativeTo: base); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "abc", relativeTo: f); // BAD (reported on line above)
 
 	let e_mail = myString
-	_ = URL(string: "http://example.com/login?em=" + e_mail); // BAD
+	_ = URL(string: "http://example.com/login?em=" + e_mail); // $ Alert[swift/cleartext-transmission]
 	let a_homeaddr_z = getMyString()
-	_ = URL(string: "http://example.com/login?home=" + a_homeaddr_z); // BAD
+	_ = URL(string: "http://example.com/login?home=" + a_homeaddr_z); // $ Alert[swift/cleartext-transmission]
 	let resident_ID = getMyString()
-	_ = URL(string: "http://example.com/login?id=" + resident_ID); // BAD
+	_ = URL(string: "http://example.com/login?id=" + resident_ID); // $ Alert[swift/cleartext-transmission]
 }
 
 func get_private_key() -> String { return "" }
@@ -70,9 +70,9 @@ func test2() {
 	_ = URL(string: "http://example.com/login?key=" + get_aes_key()); // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?key=" + get_aws_key()); // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?key=" + get_access_key()); // BAD [NOT DETECTED]
-	_ = URL(string: "http://example.com/login?key=" + get_secret_key()); // BAD
+	_ = URL(string: "http://example.com/login?key=" + get_secret_key()); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "http://example.com/login?key=" + get_key_press()); // GOOD (not sensitive)
-	_ = URL(string: "http://example.com/login?cert=" + get_cert_string()); // BAD
+	_ = URL(string: "http://example.com/login?cert=" + get_cert_string()); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "http://example.com/login?certain=" + get_certain()); // GOOD (not sensitive)
 }
 
@@ -93,7 +93,7 @@ func test3() {
 	_ = URL(string: "http://example.com/login?key=\(priv_key)"); // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?key=\(private_key)"); // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?key=\(pub_key)"); // GOOD (not sensitive)
-	_ = URL(string: "http://example.com/login?cert=\(certificate)"); // BAD
+	_ = URL(string: "http://example.com/login?cert=\(certificate)"); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "http://example.com/login?tok=\(secure_token)"); // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?tok=\(access_token)"); // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?tok=\(auth_token)"); // BAD [NOT DETECTED]
@@ -101,9 +101,9 @@ func test3() {
 }
 
 func test4(key: SecKey) {
-	if let data = SecKeyCopyExternalRepresentation(key, nil) as? Data {
+	if let data = SecKeyCopyExternalRepresentation(key, nil) as? Data { // $ Source[swift/cleartext-transmission]
 		if let string = String(data: data, encoding: .utf8) {
-			_ = URL(string: "http://example.com/login?tok=\(string)"); // BAD
+			_ = URL(string: "http://example.com/login?tok=\(string)"); // $ Alert[swift/cleartext-transmission]
 		}
 	}
 }
@@ -113,14 +113,14 @@ func test5() {
 	let email = get_string()
 	let secret_key = get_string()
 
-	_ = URL(string: "http://example.com/login?email=\(email)"); // BAD
+	_ = URL(string: "http://example.com/login?email=\(email)"); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "mailto:\(email)"); // GOOD (revealing your e-amil address in an e-mail is expected)
 	_ = URL(string: "mailto:info@example.com?subject=\(secret_key)"); // BAD [NOT DETECTED]
 	_ = URL(string: "mailto:info@example.com?subject=foo&cc=\(email)"); // GOOD
 
 	let phone_number = get_string()
 
-	_ = URL(string: "http://example.com/profile?tel=\(phone_number)"); // BAD
+	_ = URL(string: "http://example.com/profile?tel=\(phone_number)"); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "tel:\(phone_number)") // GOOD
 	_ = URL(string: "telprompt:\(phone_number)") // GOOD
 	_ = URL(string: "callto:\(phone_number)") // GOOD
@@ -129,5 +129,5 @@ func test5() {
 	let account_no = get_string()
 
 	_ = URL(string: "file:///foo/bar/\(account_no).csv") // GOOD (local, so not transmitted)
-	_ = URL(string: "ftp://example.com/\(account_no).csv") // BAD
+	_ = URL(string: "ftp://example.com/\(account_no).csv") // $ Alert[swift/cleartext-transmission]
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.expected b/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.expected
index c3ed50e498cb..9c412f25ceeb 100644
--- a/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.expected
+++ b/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.expected
@@ -1,3 +1,19 @@
+#select
+| testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | This operation stores 'password' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | password |
+| testNSUbiquitousKeyValueStore.swift:42:40:42:40 | x | testNSUbiquitousKeyValueStore.swift:41:24:41:24 | x | testNSUbiquitousKeyValueStore.swift:42:40:42:40 | x | This operation stores 'x' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:41:24:41:24 | x | x |
+| testNSUbiquitousKeyValueStore.swift:45:40:45:40 | y | testNSUbiquitousKeyValueStore.swift:44:10:44:22 | call to getPassword() | testNSUbiquitousKeyValueStore.swift:45:40:45:40 | y | This operation stores 'y' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:44:10:44:22 | call to getPassword() | call to getPassword() |
+| testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | This operation stores '.password' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | .password |
+| testNSUbiquitousKeyValueStore.swift:59:40:59:40 | x | testNSUbiquitousKeyValueStore.swift:55:10:55:10 | passwd | testNSUbiquitousKeyValueStore.swift:59:40:59:40 | x | This operation stores 'x' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:55:10:55:10 | passwd | passwd |
+| testNSUbiquitousKeyValueStore.swift:60:40:60:40 | y | testNSUbiquitousKeyValueStore.swift:56:10:56:10 | passwd | testNSUbiquitousKeyValueStore.swift:60:40:60:40 | y | This operation stores 'y' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:56:10:56:10 | passwd | passwd |
+| testNSUbiquitousKeyValueStore.swift:61:40:61:40 | z | testNSUbiquitousKeyValueStore.swift:57:10:57:10 | passwd | testNSUbiquitousKeyValueStore.swift:61:40:61:40 | z | This operation stores 'z' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:57:10:57:10 | passwd | passwd |
+| testUserDefaults.swift:28:15:28:15 | password | testUserDefaults.swift:28:15:28:15 | password | testUserDefaults.swift:28:15:28:15 | password | This operation stores 'password' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:28:15:28:15 | password | password |
+| testUserDefaults.swift:42:28:42:28 | x | testUserDefaults.swift:41:24:41:24 | x | testUserDefaults.swift:42:28:42:28 | x | This operation stores 'x' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:41:24:41:24 | x | x |
+| testUserDefaults.swift:45:28:45:28 | y | testUserDefaults.swift:44:10:44:22 | call to getPassword() | testUserDefaults.swift:45:28:45:28 | y | This operation stores 'y' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:44:10:44:22 | call to getPassword() | call to getPassword() |
+| testUserDefaults.swift:49:28:49:30 | .password | testUserDefaults.swift:49:28:49:30 | .password | testUserDefaults.swift:49:28:49:30 | .password | This operation stores '.password' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:49:28:49:30 | .password | .password |
+| testUserDefaults.swift:59:28:59:28 | x | testUserDefaults.swift:55:10:55:10 | passwd | testUserDefaults.swift:59:28:59:28 | x | This operation stores 'x' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:55:10:55:10 | passwd | passwd |
+| testUserDefaults.swift:60:28:60:28 | y | testUserDefaults.swift:56:10:56:10 | passwd | testUserDefaults.swift:60:28:60:28 | y | This operation stores 'y' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:56:10:56:10 | passwd | passwd |
+| testUserDefaults.swift:61:28:61:28 | z | testUserDefaults.swift:57:10:57:10 | passwd | testUserDefaults.swift:61:28:61:28 | z | This operation stores 'z' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:57:10:57:10 | passwd | passwd |
+| testUserDefaults.swift:82:28:82:40 | .value | testUserDefaults.swift:82:28:82:31 | .password | testUserDefaults.swift:82:28:82:40 | .value | This operation stores '.value' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:82:28:82:31 | .password | .password |
 edges
 | file://:0:0:0:0 | self | file://:0:0:0:0 | .value | provenance | Config |
 | testNSUbiquitousKeyValueStore.swift:41:24:41:24 | x | testNSUbiquitousKeyValueStore.swift:42:40:42:40 | x | provenance |  |
@@ -45,19 +61,3 @@ nodes
 | testUserDefaults.swift:82:28:82:40 | .value | semmle.label | .value |
 subpaths
 | testUserDefaults.swift:82:28:82:31 | .password | testUserDefaults.swift:74:7:74:7 | self | file://:0:0:0:0 | .value | testUserDefaults.swift:82:28:82:40 | .value |
-#select
-| testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | This operation stores 'password' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:28:12:28:12 | password | password |
-| testNSUbiquitousKeyValueStore.swift:42:40:42:40 | x | testNSUbiquitousKeyValueStore.swift:41:24:41:24 | x | testNSUbiquitousKeyValueStore.swift:42:40:42:40 | x | This operation stores 'x' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:41:24:41:24 | x | x |
-| testNSUbiquitousKeyValueStore.swift:45:40:45:40 | y | testNSUbiquitousKeyValueStore.swift:44:10:44:22 | call to getPassword() | testNSUbiquitousKeyValueStore.swift:45:40:45:40 | y | This operation stores 'y' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:44:10:44:22 | call to getPassword() | call to getPassword() |
-| testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | This operation stores '.password' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:49:40:49:42 | .password | .password |
-| testNSUbiquitousKeyValueStore.swift:59:40:59:40 | x | testNSUbiquitousKeyValueStore.swift:55:10:55:10 | passwd | testNSUbiquitousKeyValueStore.swift:59:40:59:40 | x | This operation stores 'x' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:55:10:55:10 | passwd | passwd |
-| testNSUbiquitousKeyValueStore.swift:60:40:60:40 | y | testNSUbiquitousKeyValueStore.swift:56:10:56:10 | passwd | testNSUbiquitousKeyValueStore.swift:60:40:60:40 | y | This operation stores 'y' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:56:10:56:10 | passwd | passwd |
-| testNSUbiquitousKeyValueStore.swift:61:40:61:40 | z | testNSUbiquitousKeyValueStore.swift:57:10:57:10 | passwd | testNSUbiquitousKeyValueStore.swift:61:40:61:40 | z | This operation stores 'z' in iCloud. It may contain unencrypted sensitive data from $@. | testNSUbiquitousKeyValueStore.swift:57:10:57:10 | passwd | passwd |
-| testUserDefaults.swift:28:15:28:15 | password | testUserDefaults.swift:28:15:28:15 | password | testUserDefaults.swift:28:15:28:15 | password | This operation stores 'password' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:28:15:28:15 | password | password |
-| testUserDefaults.swift:42:28:42:28 | x | testUserDefaults.swift:41:24:41:24 | x | testUserDefaults.swift:42:28:42:28 | x | This operation stores 'x' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:41:24:41:24 | x | x |
-| testUserDefaults.swift:45:28:45:28 | y | testUserDefaults.swift:44:10:44:22 | call to getPassword() | testUserDefaults.swift:45:28:45:28 | y | This operation stores 'y' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:44:10:44:22 | call to getPassword() | call to getPassword() |
-| testUserDefaults.swift:49:28:49:30 | .password | testUserDefaults.swift:49:28:49:30 | .password | testUserDefaults.swift:49:28:49:30 | .password | This operation stores '.password' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:49:28:49:30 | .password | .password |
-| testUserDefaults.swift:59:28:59:28 | x | testUserDefaults.swift:55:10:55:10 | passwd | testUserDefaults.swift:59:28:59:28 | x | This operation stores 'x' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:55:10:55:10 | passwd | passwd |
-| testUserDefaults.swift:60:28:60:28 | y | testUserDefaults.swift:56:10:56:10 | passwd | testUserDefaults.swift:60:28:60:28 | y | This operation stores 'y' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:56:10:56:10 | passwd | passwd |
-| testUserDefaults.swift:61:28:61:28 | z | testUserDefaults.swift:57:10:57:10 | passwd | testUserDefaults.swift:61:28:61:28 | z | This operation stores 'z' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:57:10:57:10 | passwd | passwd |
-| testUserDefaults.swift:82:28:82:40 | .value | testUserDefaults.swift:82:28:82:31 | .password | testUserDefaults.swift:82:28:82:40 | .value | This operation stores '.value' in the user defaults database. It may contain unencrypted sensitive data from $@. | testUserDefaults.swift:82:28:82:31 | .password | .password |
diff --git a/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.qlref b/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.qlref
index 574e0e172326..dfb639f1beab 100644
--- a/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-312/CleartextStoragePreferences.ql
+query: queries/Security/CWE-312/CleartextStoragePreferences.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift
index 060d6c5041ef..da4d50543040 100644
--- a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift
+++ b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift
@@ -164,24 +164,24 @@ class MyRemoteLogger {
 // --- tests ---
 
 func test1(password: String, passwordHash : String, passphrase: String, pass_phrase: String) {
-    print(password) // $ Alert
-    print(password, separator: "") // $ Alert
-    print("", separator: password) // $ Alert
-    print(password, separator: "", terminator: "") // $ Alert
-    print("", separator: password, terminator: "") // $ Alert
-    print("", separator: "", terminator: password) // $ Alert
+    print(password) // $ Alert[swift/cleartext-logging]
+    print(password, separator: "") // $ Alert[swift/cleartext-logging]
+    print("", separator: password) // $ Alert[swift/cleartext-logging]
+    print(password, separator: "", terminator: "") // $ Alert[swift/cleartext-logging]
+    print("", separator: password, terminator: "") // $ Alert[swift/cleartext-logging]
+    print("", separator: "", terminator: password) // $ Alert[swift/cleartext-logging]
     print(passwordHash) // safe
 
-    debugPrint(password) // $ Alert
+    debugPrint(password) // $ Alert[swift/cleartext-logging]
 
-    dump(password) // $ Alert
+    dump(password) // $ Alert[swift/cleartext-logging]
 
-    NSLog(password) // $ Alert
-    NSLog("%@", password) // $ Alert
-    NSLog("%@ %@", "", password) // $ Alert
-    NSLog("\(password)") // $ Alert
-    NSLogv("%@", getVaList([password])) // $ Alert
-    NSLogv("%@ %@", getVaList(["", password])) // $ Alert
+    NSLog(password) // $ Alert[swift/cleartext-logging]
+    NSLog("%@", password) // $ Alert[swift/cleartext-logging]
+    NSLog("%@ %@", "", password) // $ Alert[swift/cleartext-logging]
+    NSLog("\(password)") // $ Alert[swift/cleartext-logging]
+    NSLogv("%@", getVaList([password])) // $ Alert[swift/cleartext-logging]
+    NSLogv("%@ %@", getVaList(["", password])) // $ Alert[swift/cleartext-logging]
     NSLog(passwordHash) // safe
     NSLogv("%@", getVaList([passwordHash])) // safe
 
@@ -217,12 +217,12 @@ func test1(password: String, passwordHash : String, passphrase: String, pass_phr
     log.fault("\(password, privacy: .public)") // $ MISSING: Alert
     log.fault("\(passwordHash, privacy: .public)") // safe
 
-    NSLog(passphrase) // $ Alert
-    NSLog(pass_phrase) // $ Alert
+    NSLog(passphrase) // $ Alert[swift/cleartext-logging]
+    NSLog(pass_phrase) // $ Alert[swift/cleartext-logging]
 
     os_log("%@", log: .default, type: .default, "") // safe
-    os_log("%@", log: .default, type: .default, password) // $ Alert
-    os_log("%@ %@ %@", log: .default, type: .default, "", "", password) // $ Alert
+    os_log("%@", log: .default, type: .default, password) // $ Alert[swift/cleartext-logging]
+    os_log("%@ %@ %@", log: .default, type: .default, "", "", password) // $ Alert[swift/cleartext-logging]
 }
 
 class MyClass {
@@ -237,15 +237,15 @@ func test3(x: String) {
 	// alternative evidence of sensitivity...
 
 	NSLog(x) // $ MISSING: Alert
-	doSomething(password: x); // $ Source
-	NSLog(x) // $ Alert
+	doSomething(password: x); // $ Source[swift/cleartext-logging]
+	NSLog(x) // $ Alert[swift/cleartext-logging]
 
-	let y = getPassword(); // $ Source
-	NSLog(y) // $ Alert
+	let y = getPassword(); // $ Source[swift/cleartext-logging]
+	NSLog(y) // $ Alert[swift/cleartext-logging]
 
 	let z = MyClass()
 	NSLog(z.harmless) // safe
-	NSLog(z.password) // $ Alert
+	NSLog(z.password) // $ Alert[swift/cleartext-logging]
 }
 
 struct MyOuter {
@@ -260,7 +260,7 @@ struct MyOuter {
 func test3(mo : MyOuter) {
 	// struct members...
 
-	NSLog(mo.password.value) // $ Alert
+	NSLog(mo.password.value) // $ Alert[swift/cleartext-logging]
 	NSLog(mo.harmless.value) // safe
 }
 
@@ -283,40 +283,40 @@ func test4(harmless: String, password: String) {
 	print(harmless, to: &myString1)
 	print(myString1) // safe
 
-	print(password, to: &myString2) // $ Source
-	print(myString2) // $ Alert
+	print(password, to: &myString2) // $ Source[swift/cleartext-logging]
+	print(myString2) // $ Alert[swift/cleartext-logging]
 
-	print("log: " + password, to: &myString3) // $ Source
-	print(myString3) // $ Alert
+	print("log: " + password, to: &myString3) // $ Source[swift/cleartext-logging]
+	print(myString3) // $ Alert[swift/cleartext-logging]
 
 	debugPrint(harmless, to: &myString4)
 	debugPrint(myString4) // safe
 
-	debugPrint(password, to: &myString5) // $ Source
-	debugPrint(myString5) // $ Alert
+	debugPrint(password, to: &myString5) // $ Source[swift/cleartext-logging]
+	debugPrint(myString5) // $ Alert[swift/cleartext-logging]
 
 	dump(harmless, to: &myString6)
 	dump(myString6) // safe
 
-	dump(password, to: &myString7) // $ Source
-	dump(myString7) // $ Alert
+	dump(password, to: &myString7) // $ Source[swift/cleartext-logging]
+	dump(myString7) // $ Alert[swift/cleartext-logging]
 
 	myString8.write(harmless)
 	print(myString8)
 
-	myString9.write(password) // $ Source
-	print(myString9) // $ Alert
+	myString9.write(password) // $ Source[swift/cleartext-logging]
+	print(myString9) // $ Alert[swift/cleartext-logging]
 
 	myString10.write(harmless)
-	myString10.write(password) // $ Source
+	myString10.write(password) // $ Source[swift/cleartext-logging]
 	myString10.write(harmless)
-	print(myString10) // $ Alert
+	print(myString10) // $ Alert[swift/cleartext-logging]
 
 	harmless.write(to: &myString11)
 	print(myString11)
 
-	password.write(to: &myString12) // $ Source
-	print(myString12) // $ Alert
+	password.write(to: &myString12) // $ Source[swift/cleartext-logging]
+	print(myString12) // $ Alert[swift/cleartext-logging]
 
 	print(password, to: &myString13) // $ safe - only printed to another string
 	debugPrint(password, to: &myString13) // $ safe - only printed to another string
@@ -331,59 +331,59 @@ func test5(password: String, caseNum: Int) {
 
 	switch caseNum {
 	case 0:
-		assert(false, password) // $ Alert
+		assert(false, password) // $ Alert[swift/cleartext-logging]
 	case 1:
-		assertionFailure(password) // $ Alert
+		assertionFailure(password) // $ Alert[swift/cleartext-logging]
 	case 2:
-		precondition(false, password) // $ Alert
+		precondition(false, password) // $ Alert[swift/cleartext-logging]
 	case 3:
-		preconditionFailure(password) // $ Alert
+		preconditionFailure(password) // $ Alert[swift/cleartext-logging]
 	default:
-		fatalError(password) // $ Alert
+		fatalError(password) // $ Alert[swift/cleartext-logging]
 	}
 }
 
 func test6(passwordString: String) {
-    let e = NSException(name: NSExceptionName("exception"), reason: "\(passwordString) is incorrect!", userInfo: nil) // $ Alert
+    let e = NSException(name: NSExceptionName("exception"), reason: "\(passwordString) is incorrect!", userInfo: nil) // $ Alert[swift/cleartext-logging]
     e.raise()
 
-    NSException.raise(NSExceptionName("exception"), format: "\(passwordString) is incorrect!", arguments: getVaList([])) // $ Alert
-    NSException.raise(NSExceptionName("exception"), format: "%s is incorrect!", arguments: getVaList([passwordString])) // $ Alert
+    NSException.raise(NSExceptionName("exception"), format: "\(passwordString) is incorrect!", arguments: getVaList([])) // $ Alert[swift/cleartext-logging]
+    NSException.raise(NSExceptionName("exception"), format: "%s is incorrect!", arguments: getVaList([passwordString])) // $ Alert[swift/cleartext-logging]
 
-    _ = dprintf(0, "\(passwordString) is incorrect!") // $ Alert
-    _ = dprintf(0, "%s is incorrect!", passwordString) // $ Alert
-    _ = dprintf(0, "%s: %s is incorrect!", "foo", passwordString) // $ Alert
-    _ = vprintf("\(passwordString) is incorrect!", getVaList([])) // $ Alert
-    _ = vprintf("%s is incorrect!", getVaList([passwordString])) // $ Alert
-    _ = vfprintf(nil, "\(passwordString) is incorrect!", getVaList([])) // $ Alert
-    _ = vfprintf(nil, "%s is incorrect!", getVaList([passwordString])) // $ Alert
+    _ = dprintf(0, "\(passwordString) is incorrect!") // $ Alert[swift/cleartext-logging]
+    _ = dprintf(0, "%s is incorrect!", passwordString) // $ Alert[swift/cleartext-logging]
+    _ = dprintf(0, "%s: %s is incorrect!", "foo", passwordString) // $ Alert[swift/cleartext-logging]
+    _ = vprintf("\(passwordString) is incorrect!", getVaList([])) // $ Alert[swift/cleartext-logging]
+    _ = vprintf("%s is incorrect!", getVaList([passwordString])) // $ Alert[swift/cleartext-logging]
+    _ = vfprintf(nil, "\(passwordString) is incorrect!", getVaList([])) // $ Alert[swift/cleartext-logging]
+    _ = vfprintf(nil, "%s is incorrect!", getVaList([passwordString])) // $ Alert[swift/cleartext-logging]
     _ = vasprintf_l(nil, nil, "\(passwordString) is incorrect!", getVaList([])) // good (`sprintf` is not logging)
     _ = vasprintf_l(nil, nil, "%s is incorrect!", getVaList([passwordString])) // good (`sprintf` is not logging)
 }
 
 func test7(authKey: String, authKey2: Int, authKey3: Float, password: String, secret: String) {
-    log(message: authKey) // $ Alert
-    log(message: String(authKey2)) // $ Alert
+    log(message: authKey) // $ Alert[swift/cleartext-logging]
+    log(message: String(authKey2)) // $ Alert[swift/cleartext-logging]
     logging(message: authKey) // $ MISSING: Alert
     logfile(file: 0, message: authKey) // $ MISSING: Alert
-    logMessage(NSString(string: authKey)) // $ Alert
-    logInfo(authKey) // $ Alert
-    logError(errorMsg: authKey) // $ Alert
+    logMessage(NSString(string: authKey)) // $ Alert[swift/cleartext-logging]
+    logInfo(authKey) // $ Alert[swift/cleartext-logging]
+    logError(errorMsg: authKey) // $ Alert[swift/cleartext-logging]
     harmless(authKey) // GOOD: not logging
     _ = logarithm(authKey3) // GOOD: not logging
     doLogin(login: authKey) // GOOD: not logging
 
     let logger = LogFile()
-    let msg = "authKey: " + authKey // $ Source
-    logger.log(msg) // $ Alert
-    logger.trace(msg) // $ Alert
-    logger.debug(msg) // $ Alert
-    logger.info(NSString(string: msg)) // $ Alert
-    logger.notice(msg) // $ Alert
-    logger.warning(msg) // $ Alert
-    logger.error(msg) // $ Alert
-    logger.critical(msg) // $ Alert
-    logger.fatal(msg) // $ Alert
+    let msg = "authKey: " + authKey // $ Source[swift/cleartext-logging]
+    logger.log(msg) // $ Alert[swift/cleartext-logging]
+    logger.trace(msg) // $ Alert[swift/cleartext-logging]
+    logger.debug(msg) // $ Alert[swift/cleartext-logging]
+    logger.info(NSString(string: msg)) // $ Alert[swift/cleartext-logging]
+    logger.notice(msg) // $ Alert[swift/cleartext-logging]
+    logger.warning(msg) // $ Alert[swift/cleartext-logging]
+    logger.error(msg) // $ Alert[swift/cleartext-logging]
+    logger.critical(msg) // $ Alert[swift/cleartext-logging]
+    logger.fatal(msg) // $ Alert[swift/cleartext-logging]
 
     let logic = Logic()
     logic.addInt(authKey2) // GOOD: not logging
diff --git a/swift/ql/test/query-tests/Security/CWE-312/testNSUbiquitousKeyValueStore.swift b/swift/ql/test/query-tests/Security/CWE-312/testNSUbiquitousKeyValueStore.swift
index 20627a6483be..8715eaa34726 100644
--- a/swift/ql/test/query-tests/Security/CWE-312/testNSUbiquitousKeyValueStore.swift
+++ b/swift/ql/test/query-tests/Security/CWE-312/testNSUbiquitousKeyValueStore.swift
@@ -25,7 +25,7 @@ func doSomething(password: String) { }
 func test1(password: String, passwordHash : String) {
 	let store = NSUbiquitousKeyValueStore.default
 
-	store.set(password, forKey: "myKey") // BAD
+	store.set(password, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 	store.set(passwordHash, forKey: "myKey") // GOOD (not sensitive)
 }
 
@@ -38,27 +38,27 @@ func test3(x: String) {
 	// alternative evidence of sensitivity...
 
 	NSUbiquitousKeyValueStore.default.set(x, forKey: "myKey") // BAD [NOT REPORTED]
-	doSomething(password: x);
-	NSUbiquitousKeyValueStore.default.set(x, forKey: "myKey") // BAD
+	doSomething(password: x); // $ Source[swift/cleartext-storage-preferences]
+	NSUbiquitousKeyValueStore.default.set(x, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 
-	let y = getPassword();
-	NSUbiquitousKeyValueStore.default.set(y, forKey: "myKey") // BAD
+	let y = getPassword(); // $ Source[swift/cleartext-storage-preferences]
+	NSUbiquitousKeyValueStore.default.set(y, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 
 	let z = MyClass()
 	NSUbiquitousKeyValueStore.default.set(z.harmless, forKey: "myKey") // GOOD (not sensitive)
-	NSUbiquitousKeyValueStore.default.set(z.password, forKey: "myKey") // BAD
+	NSUbiquitousKeyValueStore.default.set(z.password, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 }
 
 func test4(passwd: String) {
 	// sanitizers...
 
-	var x = passwd;
-	var y = passwd;
-	var z = passwd;
+	var x = passwd; // $ Source[swift/cleartext-storage-preferences]
+	var y = passwd; // $ Source[swift/cleartext-storage-preferences]
+	var z = passwd; // $ Source[swift/cleartext-storage-preferences]
 
-	NSUbiquitousKeyValueStore.default.set(x, forKey: "myKey") // BAD
-	NSUbiquitousKeyValueStore.default.set(y, forKey: "myKey") // BAD
-	NSUbiquitousKeyValueStore.default.set(z, forKey: "myKey") // BAD
+	NSUbiquitousKeyValueStore.default.set(x, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
+	NSUbiquitousKeyValueStore.default.set(y, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
+	NSUbiquitousKeyValueStore.default.set(z, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 
 	x = encrypt(x);
 	hash(data: &y);
diff --git a/swift/ql/test/query-tests/Security/CWE-312/testUserDefaults.swift b/swift/ql/test/query-tests/Security/CWE-312/testUserDefaults.swift
index 10a1a04eedf4..cae889e562d3 100644
--- a/swift/ql/test/query-tests/Security/CWE-312/testUserDefaults.swift
+++ b/swift/ql/test/query-tests/Security/CWE-312/testUserDefaults.swift
@@ -25,7 +25,7 @@ func doSomething(password: String) { }
 func test1(password: String, passwordHash : String) {
 	let defaults = UserDefaults.standard
 
-	defaults.set(password, forKey: "myKey") // BAD
+	defaults.set(password, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 	defaults.set(passwordHash, forKey: "myKey") // GOOD (not sensitive)
 }
 
@@ -38,27 +38,27 @@ func test3(x: String) {
 	// alternative evidence of sensitivity...
 
 	UserDefaults.standard.set(x, forKey: "myKey") // BAD [NOT REPORTED]
-	doSomething(password: x);
-	UserDefaults.standard.set(x, forKey: "myKey") // BAD
+	doSomething(password: x); // $ Source[swift/cleartext-storage-preferences]
+	UserDefaults.standard.set(x, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 
-	let y = getPassword();
-	UserDefaults.standard.set(y, forKey: "myKey") // BAD
+	let y = getPassword(); // $ Source[swift/cleartext-storage-preferences]
+	UserDefaults.standard.set(y, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 
 	let z = MyClass()
 	UserDefaults.standard.set(z.harmless, forKey: "myKey") // GOOD (not sensitive)
-	UserDefaults.standard.set(z.password, forKey: "myKey") // BAD
+	UserDefaults.standard.set(z.password, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 }
 
 func test4(passwd: String) {
 	// sanitizers...
 
-	var x = passwd;
-	var y = passwd;
-	var z = passwd;
+	var x = passwd; // $ Source[swift/cleartext-storage-preferences]
+	var y = passwd; // $ Source[swift/cleartext-storage-preferences]
+	var z = passwd; // $ Source[swift/cleartext-storage-preferences]
 
-	UserDefaults.standard.set(x, forKey: "myKey") // BAD
-	UserDefaults.standard.set(y, forKey: "myKey") // BAD
-	UserDefaults.standard.set(z, forKey: "myKey") // BAD
+	UserDefaults.standard.set(x, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
+	UserDefaults.standard.set(y, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
+	UserDefaults.standard.set(z, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 
 	x = encrypt(x);
 	hash(data: &y);
@@ -79,6 +79,6 @@ struct MyOuter {
 }
 
 func test5(mo : MyOuter) {
-	UserDefaults.standard.set(mo.password.value, forKey: "myKey") // BAD
+	UserDefaults.standard.set(mo.password.value, forKey: "myKey") // $ Alert[swift/cleartext-storage-preferences]
 	UserDefaults.standard.set(mo.harmless.value, forKey: "myKey") // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-327/ECBEncryption.qlref b/swift/ql/test/query-tests/Security/CWE-327/ECBEncryption.qlref
index ac56a6338b0f..bee507b1cd09 100644
--- a/swift/ql/test/query-tests/Security/CWE-327/ECBEncryption.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-327/ECBEncryption.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-327/ECBEncryption.ql
\ No newline at end of file
+query: queries/Security/CWE-327/ECBEncryption.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-327/test.swift b/swift/ql/test/query-tests/Security/CWE-327/test.swift
index 382269905612..2eb39595b938 100644
--- a/swift/ql/test/query-tests/Security/CWE-327/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-327/test.swift
@@ -36,7 +36,7 @@ func getRandomArray() -> Array<UInt8> {
 }
 
 func getECBBlockMode() -> BlockMode {
-	return ECB()
+	return ECB() // $ Source
 }
 
 func getCBCBlockMode() ->  BlockMode {
@@ -47,18 +47,18 @@ func getCBCBlockMode() ->  BlockMode {
 
 func test1() {
 	let key: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05, 0xaf, 0x46, 0x58, 0x2d, 0x66, 0x52, 0x10, 0xae, 0x86, 0xd3, 0x8e, 0x8f]
-	let ecb = ECB()
+	let ecb = ECB() // $ Source
 	let iv = getRandomArray()
 	let cbc = CBC(iv: iv)
 	let padding = Padding.noPadding
 
 	// AES test cases
-	let ab1 = AES(key: key, blockMode: ecb, padding: padding) // BAD
-	let ab2 = AES(key: key, blockMode: ecb) // BAD
-	let ab3 = AES(key: key, blockMode: ECB(), padding: padding) // BAD
-	let ab4 = AES(key: key, blockMode: ECB()) // BAD
-	let ab5 = AES(key: key, blockMode: getECBBlockMode(), padding: padding) // BAD
-	let ab6 = AES(key: key, blockMode: getECBBlockMode()) // BAD
+	let ab1 = AES(key: key, blockMode: ecb, padding: padding) // $ Alert
+	let ab2 = AES(key: key, blockMode: ecb) // $ Alert
+	let ab3 = AES(key: key, blockMode: ECB(), padding: padding) // $ Alert
+	let ab4 = AES(key: key, blockMode: ECB()) // $ Alert
+	let ab5 = AES(key: key, blockMode: getECBBlockMode(), padding: padding) // $ Alert
+	let ab6 = AES(key: key, blockMode: getECBBlockMode()) // $ Alert
 
 	let ag1 = AES(key: key, blockMode: cbc, padding: padding) // GOOD
 	let ag2 = AES(key: key, blockMode: cbc) // GOOD
@@ -68,9 +68,9 @@ func test1() {
 	let ag6 = AES(key: key, blockMode: getCBCBlockMode()) // GOOD
 
 	// Blowfish test cases
-	let bb1 = Blowfish(key: key, blockMode: ecb, padding: padding) // BAD
-	let bb2 = Blowfish(key: key, blockMode: ECB(), padding: padding) // BAD
-	let bb3 = Blowfish(key: key, blockMode: getECBBlockMode(), padding: padding) // BAD
+	let bb1 = Blowfish(key: key, blockMode: ecb, padding: padding) // $ Alert
+	let bb2 = Blowfish(key: key, blockMode: ECB(), padding: padding) // $ Alert
+	let bb3 = Blowfish(key: key, blockMode: getECBBlockMode(), padding: padding) // $ Alert
 
 	let bg1 = Blowfish(key: key, blockMode: cbc, padding: padding) // GOOD
 	let bg2 = Blowfish(key: key, blockMode: CBC(iv: iv), padding: padding) // GOOD
diff --git a/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.expected b/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.expected
index 273f26164fd7..2b0eed8d0c2b 100644
--- a/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.expected
+++ b/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.expected
@@ -1,3 +1,52 @@
+#select
+| testCryptoKit.swift:84:47:84:47 | passwd | testCryptoKit.swift:84:47:84:47 | passwd | testCryptoKit.swift:84:47:84:47 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:84:47:84:47 | passwd | password (passwd) |
+| testCryptoKit.swift:85:52:85:52 | passwd | testCryptoKit.swift:85:52:85:52 | passwd | testCryptoKit.swift:85:52:85:52 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:85:52:85:52 | passwd | password (passwd) |
+| testCryptoKit.swift:91:36:91:36 | passwd | testCryptoKit.swift:91:36:91:36 | passwd | testCryptoKit.swift:91:36:91:36 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:91:36:91:36 | passwd | password (passwd) |
+| testCryptoKit.swift:92:45:92:45 | passwd | testCryptoKit.swift:92:45:92:45 | passwd | testCryptoKit.swift:92:45:92:45 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:92:45:92:45 | passwd | password (passwd) |
+| testCryptoKit.swift:98:44:98:44 | passwd | testCryptoKit.swift:98:44:98:44 | passwd | testCryptoKit.swift:98:44:98:44 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:98:44:98:44 | passwd | password (passwd) |
+| testCryptoKit.swift:99:53:99:53 | passwd | testCryptoKit.swift:99:53:99:53 | passwd | testCryptoKit.swift:99:53:99:53 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:99:53:99:53 | passwd | password (passwd) |
+| testCryptoKit.swift:105:37:105:37 | passwd | testCryptoKit.swift:105:37:105:37 | passwd | testCryptoKit.swift:105:37:105:37 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:105:37:105:37 | passwd | password (passwd) |
+| testCryptoKit.swift:106:46:106:46 | passwd | testCryptoKit.swift:106:46:106:46 | passwd | testCryptoKit.swift:106:46:106:46 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:106:46:106:46 | passwd | password (passwd) |
+| testCryptoKit.swift:112:37:112:37 | passwd | testCryptoKit.swift:112:37:112:37 | passwd | testCryptoKit.swift:112:37:112:37 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:112:37:112:37 | passwd | password (passwd) |
+| testCryptoKit.swift:113:46:113:46 | passwd | testCryptoKit.swift:113:46:113:46 | passwd | testCryptoKit.swift:113:46:113:46 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:113:46:113:46 | passwd | password (passwd) |
+| testCryptoKit.swift:119:37:119:37 | passwd | testCryptoKit.swift:119:37:119:37 | passwd | testCryptoKit.swift:119:37:119:37 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:119:37:119:37 | passwd | password (passwd) |
+| testCryptoKit.swift:120:46:120:46 | passwd | testCryptoKit.swift:120:46:120:46 | passwd | testCryptoKit.swift:120:46:120:46 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:120:46:120:46 | passwd | password (passwd) |
+| testCryptoKit.swift:129:23:129:23 | passwd | testCryptoKit.swift:129:23:129:23 | passwd | testCryptoKit.swift:129:23:129:23 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:129:23:129:23 | passwd | password (passwd) |
+| testCryptoKit.swift:138:23:138:23 | passwd | testCryptoKit.swift:138:23:138:23 | passwd | testCryptoKit.swift:138:23:138:23 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:138:23:138:23 | passwd | password (passwd) |
+| testCryptoKit.swift:147:23:147:23 | passwd | testCryptoKit.swift:147:23:147:23 | passwd | testCryptoKit.swift:147:23:147:23 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:147:23:147:23 | passwd | password (passwd) |
+| testCryptoKit.swift:156:23:156:23 | passwd | testCryptoKit.swift:156:23:156:23 | passwd | testCryptoKit.swift:156:23:156:23 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:156:23:156:23 | passwd | password (passwd) |
+| testCryptoKit.swift:165:23:165:23 | passwd | testCryptoKit.swift:165:23:165:23 | passwd | testCryptoKit.swift:165:23:165:23 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:165:23:165:23 | passwd | password (passwd) |
+| testCryptoKit.swift:174:32:174:32 | passwd | testCryptoKit.swift:174:32:174:32 | passwd | testCryptoKit.swift:174:32:174:32 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:174:32:174:32 | passwd | password (passwd) |
+| testCryptoKit.swift:183:32:183:32 | passwd | testCryptoKit.swift:183:32:183:32 | passwd | testCryptoKit.swift:183:32:183:32 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:183:32:183:32 | passwd | password (passwd) |
+| testCryptoKit.swift:192:32:192:32 | passwd | testCryptoKit.swift:192:32:192:32 | passwd | testCryptoKit.swift:192:32:192:32 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:192:32:192:32 | passwd | password (passwd) |
+| testCryptoKit.swift:201:32:201:32 | passwd | testCryptoKit.swift:201:32:201:32 | passwd | testCryptoKit.swift:201:32:201:32 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:201:32:201:32 | passwd | password (passwd) |
+| testCryptoKit.swift:210:32:210:32 | passwd | testCryptoKit.swift:210:32:210:32 | passwd | testCryptoKit.swift:210:32:210:32 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:210:32:210:32 | passwd | password (passwd) |
+| testCryptoKit.swift:220:49:220:49 | passwordData | testCryptoKit.swift:220:49:220:49 | passwordData | testCryptoKit.swift:220:49:220:49 | passwordData | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:220:49:220:49 | passwordData | password (passwordData) |
+| testCryptoKit.swift:224:33:224:57 | call to Data.init(_:) | testCryptoKit.swift:224:38:224:38 | passwordString | testCryptoKit.swift:224:33:224:57 | call to Data.init(_:) | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:224:38:224:38 | passwordString | password (passwordString) |
+| testCryptoSwift.swift:154:30:154:30 | passwdArray | testCryptoSwift.swift:154:30:154:30 | passwdArray | testCryptoSwift.swift:154:30:154:30 | passwdArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:154:30:154:30 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:157:31:157:31 | passwdArray | testCryptoSwift.swift:157:31:157:31 | passwdArray | testCryptoSwift.swift:157:31:157:31 | passwdArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:157:31:157:31 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:160:47:160:47 | passwdArray | testCryptoSwift.swift:160:47:160:47 | passwdArray | testCryptoSwift.swift:160:47:160:47 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:160:47:160:47 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:163:47:163:47 | passwdArray | testCryptoSwift.swift:163:47:163:47 | passwdArray | testCryptoSwift.swift:163:47:163:47 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:163:47:163:47 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:167:20:167:20 | passwdArray | testCryptoSwift.swift:167:20:167:20 | passwdArray | testCryptoSwift.swift:167:20:167:20 | passwdArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:167:20:167:20 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:170:21:170:21 | passwdArray | testCryptoSwift.swift:170:21:170:21 | passwdArray | testCryptoSwift.swift:170:21:170:21 | passwdArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:170:21:170:21 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:173:23:173:23 | passwdArray | testCryptoSwift.swift:173:23:173:23 | passwdArray | testCryptoSwift.swift:173:23:173:23 | passwdArray | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:173:23:173:23 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:176:21:176:21 | passwdArray | testCryptoSwift.swift:176:21:176:21 | passwdArray | testCryptoSwift.swift:176:21:176:21 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:176:21:176:21 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:179:21:179:21 | passwdArray | testCryptoSwift.swift:179:21:179:21 | passwdArray | testCryptoSwift.swift:179:21:179:21 | passwdArray | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:179:21:179:21 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:183:9:183:9 | passwdArray | testCryptoSwift.swift:183:9:183:9 | passwdArray | testCryptoSwift.swift:183:9:183:9 | passwdArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:183:9:183:9 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:186:9:186:9 | passwdArray | testCryptoSwift.swift:186:9:186:9 | passwdArray | testCryptoSwift.swift:186:9:186:9 | passwdArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:186:9:186:9 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:189:9:189:9 | passwdArray | testCryptoSwift.swift:189:9:189:9 | passwdArray | testCryptoSwift.swift:189:9:189:9 | passwdArray | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:189:9:189:9 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:192:9:192:9 | passwdArray | testCryptoSwift.swift:192:9:192:9 | passwdArray | testCryptoSwift.swift:192:9:192:9 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:192:9:192:9 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:195:9:195:9 | passwdArray | testCryptoSwift.swift:195:9:195:9 | passwdArray | testCryptoSwift.swift:195:9:195:9 | passwdArray | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:195:9:195:9 | passwdArray | password (passwdArray) |
+| testCryptoSwift.swift:201:9:201:9 | passwdData | testCryptoSwift.swift:201:9:201:9 | passwdData | testCryptoSwift.swift:201:9:201:9 | passwdData | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:201:9:201:9 | passwdData | password (passwdData) |
+| testCryptoSwift.swift:204:9:204:9 | passwdData | testCryptoSwift.swift:204:9:204:9 | passwdData | testCryptoSwift.swift:204:9:204:9 | passwdData | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:204:9:204:9 | passwdData | password (passwdData) |
+| testCryptoSwift.swift:207:9:207:9 | passwdData | testCryptoSwift.swift:207:9:207:9 | passwdData | testCryptoSwift.swift:207:9:207:9 | passwdData | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:207:9:207:9 | passwdData | password (passwdData) |
+| testCryptoSwift.swift:210:9:210:9 | passwdData | testCryptoSwift.swift:210:9:210:9 | passwdData | testCryptoSwift.swift:210:9:210:9 | passwdData | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:210:9:210:9 | passwdData | password (passwdData) |
+| testCryptoSwift.swift:213:9:213:9 | passwdData | testCryptoSwift.swift:213:9:213:9 | passwdData | testCryptoSwift.swift:213:9:213:9 | passwdData | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:213:9:213:9 | passwdData | password (passwdData) |
+| testCryptoSwift.swift:219:9:219:9 | passwd | testCryptoSwift.swift:219:9:219:9 | passwd | testCryptoSwift.swift:219:9:219:9 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:219:9:219:9 | passwd | password (passwd) |
+| testCryptoSwift.swift:222:9:222:9 | passwd | testCryptoSwift.swift:222:9:222:9 | passwd | testCryptoSwift.swift:222:9:222:9 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:222:9:222:9 | passwd | password (passwd) |
+| testCryptoSwift.swift:225:9:225:9 | passwd | testCryptoSwift.swift:225:9:225:9 | passwd | testCryptoSwift.swift:225:9:225:9 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:225:9:225:9 | passwd | password (passwd) |
+| testCryptoSwift.swift:228:9:228:9 | passwd | testCryptoSwift.swift:228:9:228:9 | passwd | testCryptoSwift.swift:228:9:228:9 | passwd | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:228:9:228:9 | passwd | password (passwd) |
+| testCryptoSwift.swift:231:9:231:9 | passwd | testCryptoSwift.swift:231:9:231:9 | passwd | testCryptoSwift.swift:231:9:231:9 | passwd | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:231:9:231:9 | passwd | password (passwd) |
 edges
 | testCryptoKit.swift:224:38:224:38 | passwordString | testCryptoKit.swift:224:38:224:53 | .utf8 | provenance |  |
 | testCryptoKit.swift:224:38:224:53 | .utf8 | testCryptoKit.swift:224:33:224:57 | call to Data.init(_:) | provenance |  |
@@ -53,52 +102,3 @@ nodes
 | testCryptoSwift.swift:228:9:228:9 | passwd | semmle.label | passwd |
 | testCryptoSwift.swift:231:9:231:9 | passwd | semmle.label | passwd |
 subpaths
-#select
-| testCryptoKit.swift:84:47:84:47 | passwd | testCryptoKit.swift:84:47:84:47 | passwd | testCryptoKit.swift:84:47:84:47 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:84:47:84:47 | passwd | password (passwd) |
-| testCryptoKit.swift:85:52:85:52 | passwd | testCryptoKit.swift:85:52:85:52 | passwd | testCryptoKit.swift:85:52:85:52 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:85:52:85:52 | passwd | password (passwd) |
-| testCryptoKit.swift:91:36:91:36 | passwd | testCryptoKit.swift:91:36:91:36 | passwd | testCryptoKit.swift:91:36:91:36 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:91:36:91:36 | passwd | password (passwd) |
-| testCryptoKit.swift:92:45:92:45 | passwd | testCryptoKit.swift:92:45:92:45 | passwd | testCryptoKit.swift:92:45:92:45 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:92:45:92:45 | passwd | password (passwd) |
-| testCryptoKit.swift:98:44:98:44 | passwd | testCryptoKit.swift:98:44:98:44 | passwd | testCryptoKit.swift:98:44:98:44 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:98:44:98:44 | passwd | password (passwd) |
-| testCryptoKit.swift:99:53:99:53 | passwd | testCryptoKit.swift:99:53:99:53 | passwd | testCryptoKit.swift:99:53:99:53 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:99:53:99:53 | passwd | password (passwd) |
-| testCryptoKit.swift:105:37:105:37 | passwd | testCryptoKit.swift:105:37:105:37 | passwd | testCryptoKit.swift:105:37:105:37 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:105:37:105:37 | passwd | password (passwd) |
-| testCryptoKit.swift:106:46:106:46 | passwd | testCryptoKit.swift:106:46:106:46 | passwd | testCryptoKit.swift:106:46:106:46 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:106:46:106:46 | passwd | password (passwd) |
-| testCryptoKit.swift:112:37:112:37 | passwd | testCryptoKit.swift:112:37:112:37 | passwd | testCryptoKit.swift:112:37:112:37 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:112:37:112:37 | passwd | password (passwd) |
-| testCryptoKit.swift:113:46:113:46 | passwd | testCryptoKit.swift:113:46:113:46 | passwd | testCryptoKit.swift:113:46:113:46 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:113:46:113:46 | passwd | password (passwd) |
-| testCryptoKit.swift:119:37:119:37 | passwd | testCryptoKit.swift:119:37:119:37 | passwd | testCryptoKit.swift:119:37:119:37 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:119:37:119:37 | passwd | password (passwd) |
-| testCryptoKit.swift:120:46:120:46 | passwd | testCryptoKit.swift:120:46:120:46 | passwd | testCryptoKit.swift:120:46:120:46 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:120:46:120:46 | passwd | password (passwd) |
-| testCryptoKit.swift:129:23:129:23 | passwd | testCryptoKit.swift:129:23:129:23 | passwd | testCryptoKit.swift:129:23:129:23 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:129:23:129:23 | passwd | password (passwd) |
-| testCryptoKit.swift:138:23:138:23 | passwd | testCryptoKit.swift:138:23:138:23 | passwd | testCryptoKit.swift:138:23:138:23 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:138:23:138:23 | passwd | password (passwd) |
-| testCryptoKit.swift:147:23:147:23 | passwd | testCryptoKit.swift:147:23:147:23 | passwd | testCryptoKit.swift:147:23:147:23 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:147:23:147:23 | passwd | password (passwd) |
-| testCryptoKit.swift:156:23:156:23 | passwd | testCryptoKit.swift:156:23:156:23 | passwd | testCryptoKit.swift:156:23:156:23 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:156:23:156:23 | passwd | password (passwd) |
-| testCryptoKit.swift:165:23:165:23 | passwd | testCryptoKit.swift:165:23:165:23 | passwd | testCryptoKit.swift:165:23:165:23 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:165:23:165:23 | passwd | password (passwd) |
-| testCryptoKit.swift:174:32:174:32 | passwd | testCryptoKit.swift:174:32:174:32 | passwd | testCryptoKit.swift:174:32:174:32 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:174:32:174:32 | passwd | password (passwd) |
-| testCryptoKit.swift:183:32:183:32 | passwd | testCryptoKit.swift:183:32:183:32 | passwd | testCryptoKit.swift:183:32:183:32 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:183:32:183:32 | passwd | password (passwd) |
-| testCryptoKit.swift:192:32:192:32 | passwd | testCryptoKit.swift:192:32:192:32 | passwd | testCryptoKit.swift:192:32:192:32 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:192:32:192:32 | passwd | password (passwd) |
-| testCryptoKit.swift:201:32:201:32 | passwd | testCryptoKit.swift:201:32:201:32 | passwd | testCryptoKit.swift:201:32:201:32 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:201:32:201:32 | passwd | password (passwd) |
-| testCryptoKit.swift:210:32:210:32 | passwd | testCryptoKit.swift:210:32:210:32 | passwd | testCryptoKit.swift:210:32:210:32 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:210:32:210:32 | passwd | password (passwd) |
-| testCryptoKit.swift:220:49:220:49 | passwordData | testCryptoKit.swift:220:49:220:49 | passwordData | testCryptoKit.swift:220:49:220:49 | passwordData | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:220:49:220:49 | passwordData | password (passwordData) |
-| testCryptoKit.swift:224:33:224:57 | call to Data.init(_:) | testCryptoKit.swift:224:38:224:38 | passwordString | testCryptoKit.swift:224:33:224:57 | call to Data.init(_:) | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:224:38:224:38 | passwordString | password (passwordString) |
-| testCryptoSwift.swift:154:30:154:30 | passwdArray | testCryptoSwift.swift:154:30:154:30 | passwdArray | testCryptoSwift.swift:154:30:154:30 | passwdArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:154:30:154:30 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:157:31:157:31 | passwdArray | testCryptoSwift.swift:157:31:157:31 | passwdArray | testCryptoSwift.swift:157:31:157:31 | passwdArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:157:31:157:31 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:160:47:160:47 | passwdArray | testCryptoSwift.swift:160:47:160:47 | passwdArray | testCryptoSwift.swift:160:47:160:47 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:160:47:160:47 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:163:47:163:47 | passwdArray | testCryptoSwift.swift:163:47:163:47 | passwdArray | testCryptoSwift.swift:163:47:163:47 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:163:47:163:47 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:167:20:167:20 | passwdArray | testCryptoSwift.swift:167:20:167:20 | passwdArray | testCryptoSwift.swift:167:20:167:20 | passwdArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:167:20:167:20 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:170:21:170:21 | passwdArray | testCryptoSwift.swift:170:21:170:21 | passwdArray | testCryptoSwift.swift:170:21:170:21 | passwdArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:170:21:170:21 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:173:23:173:23 | passwdArray | testCryptoSwift.swift:173:23:173:23 | passwdArray | testCryptoSwift.swift:173:23:173:23 | passwdArray | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:173:23:173:23 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:176:21:176:21 | passwdArray | testCryptoSwift.swift:176:21:176:21 | passwdArray | testCryptoSwift.swift:176:21:176:21 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:176:21:176:21 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:179:21:179:21 | passwdArray | testCryptoSwift.swift:179:21:179:21 | passwdArray | testCryptoSwift.swift:179:21:179:21 | passwdArray | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:179:21:179:21 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:183:9:183:9 | passwdArray | testCryptoSwift.swift:183:9:183:9 | passwdArray | testCryptoSwift.swift:183:9:183:9 | passwdArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:183:9:183:9 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:186:9:186:9 | passwdArray | testCryptoSwift.swift:186:9:186:9 | passwdArray | testCryptoSwift.swift:186:9:186:9 | passwdArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:186:9:186:9 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:189:9:189:9 | passwdArray | testCryptoSwift.swift:189:9:189:9 | passwdArray | testCryptoSwift.swift:189:9:189:9 | passwdArray | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:189:9:189:9 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:192:9:192:9 | passwdArray | testCryptoSwift.swift:192:9:192:9 | passwdArray | testCryptoSwift.swift:192:9:192:9 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:192:9:192:9 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:195:9:195:9 | passwdArray | testCryptoSwift.swift:195:9:195:9 | passwdArray | testCryptoSwift.swift:195:9:195:9 | passwdArray | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:195:9:195:9 | passwdArray | password (passwdArray) |
-| testCryptoSwift.swift:201:9:201:9 | passwdData | testCryptoSwift.swift:201:9:201:9 | passwdData | testCryptoSwift.swift:201:9:201:9 | passwdData | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:201:9:201:9 | passwdData | password (passwdData) |
-| testCryptoSwift.swift:204:9:204:9 | passwdData | testCryptoSwift.swift:204:9:204:9 | passwdData | testCryptoSwift.swift:204:9:204:9 | passwdData | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:204:9:204:9 | passwdData | password (passwdData) |
-| testCryptoSwift.swift:207:9:207:9 | passwdData | testCryptoSwift.swift:207:9:207:9 | passwdData | testCryptoSwift.swift:207:9:207:9 | passwdData | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:207:9:207:9 | passwdData | password (passwdData) |
-| testCryptoSwift.swift:210:9:210:9 | passwdData | testCryptoSwift.swift:210:9:210:9 | passwdData | testCryptoSwift.swift:210:9:210:9 | passwdData | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:210:9:210:9 | passwdData | password (passwdData) |
-| testCryptoSwift.swift:213:9:213:9 | passwdData | testCryptoSwift.swift:213:9:213:9 | passwdData | testCryptoSwift.swift:213:9:213:9 | passwdData | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:213:9:213:9 | passwdData | password (passwdData) |
-| testCryptoSwift.swift:219:9:219:9 | passwd | testCryptoSwift.swift:219:9:219:9 | passwd | testCryptoSwift.swift:219:9:219:9 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:219:9:219:9 | passwd | password (passwd) |
-| testCryptoSwift.swift:222:9:222:9 | passwd | testCryptoSwift.swift:222:9:222:9 | passwd | testCryptoSwift.swift:222:9:222:9 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:222:9:222:9 | passwd | password (passwd) |
-| testCryptoSwift.swift:225:9:225:9 | passwd | testCryptoSwift.swift:225:9:225:9 | passwd | testCryptoSwift.swift:225:9:225:9 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoSwift.swift:225:9:225:9 | passwd | password (passwd) |
-| testCryptoSwift.swift:228:9:228:9 | passwd | testCryptoSwift.swift:228:9:228:9 | passwd | testCryptoSwift.swift:228:9:228:9 | passwd | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:228:9:228:9 | passwd | password (passwd) |
-| testCryptoSwift.swift:231:9:231:9 | passwd | testCryptoSwift.swift:231:9:231:9 | passwd | testCryptoSwift.swift:231:9:231:9 | passwd | Insecure hashing algorithm (SHA3) depends on $@. | testCryptoSwift.swift:231:9:231:9 | passwd | password (passwd) |
diff --git a/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.qlref b/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.qlref
index b2cfaab1f5cc..24744b4a4250 100644
--- a/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-328/WeakPasswordHashing.ql
+query: queries/Security/CWE-328/WeakPasswordHashing.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-328/WeakSensitiveDataHashing.qlref b/swift/ql/test/query-tests/Security/CWE-328/WeakSensitiveDataHashing.qlref
index 85270fde2999..d76eeef6c2f2 100644
--- a/swift/ql/test/query-tests/Security/CWE-328/WeakSensitiveDataHashing.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-328/WeakSensitiveDataHashing.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-328/WeakSensitiveDataHashing.ql
+query: queries/Security/CWE-328/WeakSensitiveDataHashing.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift b/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift
index 6869805e65aa..2f08fb62d905 100644
--- a/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift
+++ b/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift
@@ -81,43 +81,43 @@ enum Insecure {
 // --- tests ---
 
 func testHashMethods(passwd : UnsafeRawBufferPointer, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
-    var hash = Crypto.Insecure.MD5.hash(data: passwd)  // BAD
-    hash = Crypto.Insecure.MD5.hash(bufferPointer: passwd)  // BAD
-    hash = Crypto.Insecure.MD5.hash(data: cert)   // BAD
+    var hash = Crypto.Insecure.MD5.hash(data: passwd) // $ Alert[swift/weak-password-hashing]
+    hash = Crypto.Insecure.MD5.hash(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing]
+    hash = Crypto.Insecure.MD5.hash(data: cert) // $ Alert[swift/weak-sensitive-data-hashing]
     hash = Crypto.Insecure.MD5.hash(data: encrypted_passwd)  // GOOD  (not sensitive)
-    hash = Crypto.Insecure.MD5.hash(data: account_no)   // BAD
-    hash = Crypto.Insecure.MD5.hash(data: credit_card_no)   // BAD
+    hash = Crypto.Insecure.MD5.hash(data: account_no) // $ Alert[swift/weak-sensitive-data-hashing]
+    hash = Crypto.Insecure.MD5.hash(data: credit_card_no) // $ Alert[swift/weak-sensitive-data-hashing]
 
-    hash = Insecure.MD5.hash(data: passwd)  // BAD
-    hash = Insecure.MD5.hash(bufferPointer: passwd)  // BAD
-    hash = Insecure.MD5.hash(data: cert)   // BAD
+    hash = Insecure.MD5.hash(data: passwd) // $ Alert[swift/weak-password-hashing]
+    hash = Insecure.MD5.hash(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing]
+    hash = Insecure.MD5.hash(data: cert) // $ Alert[swift/weak-sensitive-data-hashing]
     hash = Insecure.MD5.hash(data: encrypted_passwd)  // GOOD  (not sensitive)
-    hash = Insecure.MD5.hash(data: account_no)   // BAD
-    hash = Insecure.MD5.hash(data: credit_card_no)   // BAD
+    hash = Insecure.MD5.hash(data: account_no) // $ Alert[swift/weak-sensitive-data-hashing]
+    hash = Insecure.MD5.hash(data: credit_card_no) // $ Alert[swift/weak-sensitive-data-hashing]
 
-    hash = Crypto.Insecure.SHA1.hash(data: passwd)  // BAD
-    hash = Crypto.Insecure.SHA1.hash(bufferPointer: passwd)  // BAD
-    hash = Crypto.Insecure.SHA1.hash(data: cert)   // BAD
+    hash = Crypto.Insecure.SHA1.hash(data: passwd) // $ Alert[swift/weak-password-hashing]
+    hash = Crypto.Insecure.SHA1.hash(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing]
+    hash = Crypto.Insecure.SHA1.hash(data: cert) // $ Alert[swift/weak-sensitive-data-hashing]
     hash = Crypto.Insecure.SHA1.hash(data: encrypted_passwd)  // GOOD  (not sensitive)
-    hash = Crypto.Insecure.SHA1.hash(data: account_no)   // BAD
-    hash = Crypto.Insecure.SHA1.hash(data: credit_card_no)   // BAD
+    hash = Crypto.Insecure.SHA1.hash(data: account_no) // $ Alert[swift/weak-sensitive-data-hashing]
+    hash = Crypto.Insecure.SHA1.hash(data: credit_card_no) // $ Alert[swift/weak-sensitive-data-hashing]
 
-    hash = Crypto.SHA256.hash(data: passwd)   // BAD, not a computationally expensive hash
-    hash = Crypto.SHA256.hash(bufferPointer: passwd)   // BAD, not a computationally expensive hash
+    hash = Crypto.SHA256.hash(data: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
+    hash = Crypto.SHA256.hash(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash = Crypto.SHA256.hash(data: cert)   // GOOD, computationally expensive hash not required
     hash = Crypto.SHA256.hash(data: encrypted_passwd)   // GOOD, not sensitive
     hash = Crypto.SHA256.hash(data: account_no)   // GOOD, computationally expensive hash not required
     hash = Crypto.SHA256.hash(data: credit_card_no)   // GOOD, computationally expensive hash not required
 
-    hash = Crypto.SHA384.hash(data: passwd)   // BAD, not a computationally expensive hash
-    hash = Crypto.SHA384.hash(bufferPointer: passwd)   // BAD, not a computationally expensive hash
+    hash = Crypto.SHA384.hash(data: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
+    hash = Crypto.SHA384.hash(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash = Crypto.SHA384.hash(data: cert)   // GOOD, computationally expensive hash not required
     hash = Crypto.SHA384.hash(data: encrypted_passwd)   // GOOD, not sensitive
     hash = Crypto.SHA384.hash(data: account_no)   // GOOD, computationally expensive hash not required
     hash = Crypto.SHA384.hash(data: credit_card_no)   // GOOD, computationally expensive hash not required
 
-    hash = Crypto.SHA512.hash(data: passwd)   // BAD, not a computationally expensive hash
-    hash = Crypto.SHA512.hash(bufferPointer: passwd)   // BAD, not a computationally expensive hash
+    hash = Crypto.SHA512.hash(data: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
+    hash = Crypto.SHA512.hash(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash = Crypto.SHA512.hash(data: cert)   // GOOD, computationally expensive hash not required
     hash = Crypto.SHA512.hash(data: encrypted_passwd)   // GOOD, not sensitive
     hash = Crypto.SHA512.hash(data: account_no)   // GOOD, computationally expensive hash not required
@@ -126,25 +126,25 @@ func testHashMethods(passwd : UnsafeRawBufferPointer, cert: String, encrypted_pa
 
 func testMD5UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
     var hash = Crypto.Insecure.MD5()
-    hash.update(data: passwd)  // BAD
-    hash.update(data: cert)  // BAD
+    hash.update(data: passwd) // $ Alert[swift/weak-password-hashing]
+    hash.update(data: cert) // $ Alert[swift/weak-sensitive-data-hashing]
     hash.update(data: encrypted_passwd)  // GOOD  (not sensitive)
-    hash.update(data: account_no)   // BAD
-    hash.update(data: credit_card_no)   // BAD
+    hash.update(data: account_no) // $ Alert[swift/weak-sensitive-data-hashing]
+    hash.update(data: credit_card_no) // $ Alert[swift/weak-sensitive-data-hashing]
 }
 
 func testSHA1UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
     var hash = Crypto.Insecure.SHA1()
-    hash.update(data: passwd)  // BAD
-    hash.update(data: cert)  // BAD
+    hash.update(data: passwd) // $ Alert[swift/weak-password-hashing]
+    hash.update(data: cert) // $ Alert[swift/weak-sensitive-data-hashing]
     hash.update(data: encrypted_passwd)  // GOOD  (not sensitive)
-    hash.update(data: account_no)   // BAD
-    hash.update(data: credit_card_no)   // BAD
+    hash.update(data: account_no) // $ Alert[swift/weak-sensitive-data-hashing]
+    hash.update(data: credit_card_no) // $ Alert[swift/weak-sensitive-data-hashing]
 }
 
 func testSHA256UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
     var hash = Crypto.SHA256()
-    hash.update(data: passwd)  // BAD, not a computationally expensive hash
+    hash.update(data: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash.update(data: cert)  // GOOD
     hash.update(data: encrypted_passwd)   // GOOD  (not sensitive)
     hash.update(data: account_no)   // GOOD
@@ -153,7 +153,7 @@ func testSHA256UpdateWithData(passwd : String, cert: String, encrypted_passwd :
 
 func testSHA384UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
     var hash = Crypto.SHA384()
-    hash.update(data: passwd)  // BAD, not a computationally expensive hash
+    hash.update(data: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash.update(data: cert)  // GOOD
     hash.update(data: encrypted_passwd)   // GOOD  (not sensitive)
     hash.update(data: account_no)   // GOOD
@@ -162,7 +162,7 @@ func testSHA384UpdateWithData(passwd : String, cert: String, encrypted_passwd :
 
 func testSHA512UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
     var hash = Crypto.SHA512()
-    hash.update(data: passwd)  // BAD, not a computationally expensive hash
+    hash.update(data: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash.update(data: cert)  // GOOD
     hash.update(data: encrypted_passwd)   // GOOD  (not sensitive)
     hash.update(data: account_no)   // GOOD
@@ -171,25 +171,25 @@ func testSHA512UpdateWithData(passwd : String, cert: String, encrypted_passwd :
 
 func testMD5UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer, cert: UnsafeRawBufferPointer, encrypted_passwd : UnsafeRawBufferPointer, account_no : UnsafeRawBufferPointer, credit_card_no : UnsafeRawBufferPointer) {
     var hash = Crypto.Insecure.MD5()
-    hash.update(bufferPointer: passwd)  // BAD
-    hash.update(bufferPointer: cert)  // BAD
+    hash.update(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing]
+    hash.update(bufferPointer: cert) // $ Alert[swift/weak-sensitive-data-hashing]
     hash.update(bufferPointer: encrypted_passwd)  // GOOD  (not sensitive)
-    hash.update(bufferPointer: account_no)   // BAD
-    hash.update(bufferPointer: credit_card_no)   // BAD
+    hash.update(bufferPointer: account_no) // $ Alert[swift/weak-sensitive-data-hashing]
+    hash.update(bufferPointer: credit_card_no) // $ Alert[swift/weak-sensitive-data-hashing]
 }
 
 func testSHA1UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer, cert: UnsafeRawBufferPointer, encrypted_passwd : UnsafeRawBufferPointer, account_no : UnsafeRawBufferPointer, credit_card_no : UnsafeRawBufferPointer) {
     var hash = Crypto.Insecure.SHA1()
-    hash.update(bufferPointer: passwd)  // BAD
-    hash.update(bufferPointer: cert)  // BAD
+    hash.update(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing]
+    hash.update(bufferPointer: cert) // $ Alert[swift/weak-sensitive-data-hashing]
     hash.update(bufferPointer: encrypted_passwd)  // GOOD  (not sensitive)
-    hash.update(bufferPointer: account_no)   // BAD
-    hash.update(bufferPointer: credit_card_no)   // BAD
+    hash.update(bufferPointer: account_no) // $ Alert[swift/weak-sensitive-data-hashing]
+    hash.update(bufferPointer: credit_card_no) // $ Alert[swift/weak-sensitive-data-hashing]
 }
 
 func testSHA256UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer, cert: UnsafeRawBufferPointer, encrypted_passwd : UnsafeRawBufferPointer, account_no : UnsafeRawBufferPointer, credit_card_no : UnsafeRawBufferPointer) {
     var hash = Crypto.SHA256()
-    hash.update(bufferPointer: passwd)  // BAD, not a computationally expensive hash
+    hash.update(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash.update(bufferPointer: cert)  // GOOD
     hash.update(bufferPointer: encrypted_passwd)  // GOOD  (not sensitive)
     hash.update(bufferPointer: account_no)   // GOOD
@@ -198,7 +198,7 @@ func testSHA256UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer,
 
 func testSHA384UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer, cert: UnsafeRawBufferPointer, encrypted_passwd : UnsafeRawBufferPointer, account_no : UnsafeRawBufferPointer, credit_card_no : UnsafeRawBufferPointer) {
     var hash = Crypto.SHA384()
-    hash.update(bufferPointer: passwd)  // BAD, not a computationally expensive hash
+    hash.update(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash.update(bufferPointer: cert)  // GOOD
     hash.update(bufferPointer: encrypted_passwd)  // GOOD  (not sensitive)
     hash.update(bufferPointer: account_no)   // GOOD
@@ -207,7 +207,7 @@ func testSHA384UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer,
 
 func testSHA512UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer, cert: UnsafeRawBufferPointer, encrypted_passwd : UnsafeRawBufferPointer, account_no : UnsafeRawBufferPointer, credit_card_no : UnsafeRawBufferPointer) {
     var hash = Crypto.SHA512()
-    hash.update(bufferPointer: passwd)  // BAD, not a computationally expensive hash
+    hash.update(bufferPointer: passwd) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
     hash.update(bufferPointer: cert)  // GOOD
     hash.update(bufferPointer: encrypted_passwd)  // GOOD  (not sensitive)
     hash.update(bufferPointer: account_no)   // GOOD
@@ -217,30 +217,30 @@ func testSHA512UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer,
 func testBadExample(passwordString: String) {
     // this is the "bad" example from the .qhelp
     let passwordData = Data(passwordString.utf8)
-    let passwordHash = Crypto.SHA512.hash(data: passwordData) // BAD, not a computationally expensive hash
+    let passwordHash = Crypto.SHA512.hash(data: passwordData) // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
 
     // ...
 
-    if Crypto.SHA512.hash(data: Data(passwordString.utf8)) == passwordHash { // BAD, not a computationally expensive hash
+    if Crypto.SHA512.hash(data: Data(passwordString.utf8)) == passwordHash { // $ Alert[swift/weak-password-hashing] // BAD, not a computationally expensive hash
 	    // ...
     }
 }
 
 func testWithFlowAndMetatypes(cardNumber: String) {
-    let value1 = Data(cardNumber.utf8);
-    let _digest1 = Insecure.MD5.hash(data: value1); // BAD
+    let value1 = Data(cardNumber.utf8); // $ Source[swift/weak-sensitive-data-hashing]
+    let _digest1 = Insecure.MD5.hash(data: value1); // $ Alert[swift/weak-sensitive-data-hashing]
 
-    let value2 = Data(cardNumber.utf8);
+    let value2 = Data(cardNumber.utf8); // $ Source[swift/weak-sensitive-data-hashing]
     let hasher2 = Insecure.MD5.self; // metatype
-    let _digest2 = hasher2.hash(data: value2); // BAD
+    let _digest2 = hasher2.hash(data: value2); // $ Alert[swift/weak-sensitive-data-hashing]
 
-    let value3 = Data(cardNumber.utf8);
-    let _digest3 = (Insecure.MD5.self).hash(data: value3); // BAD
+    let value3 = Data(cardNumber.utf8); // $ Source[swift/weak-sensitive-data-hashing]
+    let _digest3 = (Insecure.MD5.self).hash(data: value3); // $ Alert[swift/weak-sensitive-data-hashing]
 
-    let value4 = Data(cardNumber.utf8);
+    let value4 = Data(cardNumber.utf8); // $ Source[swift/weak-sensitive-data-hashing]
     testReceiver1(value: value4);
 
-    let value5 = Data(cardNumber.utf8);
+    let value5 = Data(cardNumber.utf8); // $ Source[swift/weak-sensitive-data-hashing]
     testReceiver2(hasher: Insecure.MD5.self, value: value5);
 
     let value6 = Data(cardNumber.utf8);
@@ -248,11 +248,11 @@ func testWithFlowAndMetatypes(cardNumber: String) {
 }
 
 func testReceiver1(value: Data) {
-    let _digest = Insecure.MD5.hash(data: value); // BAD
+    let _digest = Insecure.MD5.hash(data: value); // $ Alert[swift/weak-sensitive-data-hashing]
 }
 
 func testReceiver2(hasher: Insecure.MD5.Type, value: Data) {
-    let _digest = hasher.hash(data: value); // BAD
+    let _digest = hasher.hash(data: value); // $ Alert[swift/weak-sensitive-data-hashing]
 }
 
 func testReceiver3<H: HashFunction>(hasher: H.Type, value: Data) {
diff --git a/swift/ql/test/query-tests/Security/CWE-328/testCryptoSwift.swift b/swift/ql/test/query-tests/Security/CWE-328/testCryptoSwift.swift
index 15043bc15f68..a6f4584230e7 100644
--- a/swift/ql/test/query-tests/Security/CWE-328/testCryptoSwift.swift
+++ b/swift/ql/test/query-tests/Security/CWE-328/testCryptoSwift.swift
@@ -150,83 +150,83 @@ extension String {
 
 func testArrays(harmlessArray: Array<UInt8>, phoneNumberArray: Array<UInt8>, passwdArray: Array<UInt8>) {
     _ = MD5().calculate(for: harmlessArray) // GOOD (not sensitive)
-    _ = MD5().calculate(for: phoneNumberArray) // BAD
-    _ = MD5().calculate(for: passwdArray) // BAD
+    _ = MD5().calculate(for: phoneNumberArray) // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = MD5().calculate(for: passwdArray) // $ Alert[swift/weak-password-hashing]
     _ = SHA1().calculate(for: harmlessArray) // GOOD (not sensitive)
-    _ = SHA1().calculate(for: phoneNumberArray) // BAD
-    _ = SHA1().calculate(for: passwdArray) // BAD
+    _ = SHA1().calculate(for: phoneNumberArray) // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = SHA1().calculate(for: passwdArray) // $ Alert[swift/weak-password-hashing]
     _ = SHA2(variant: .sha512).calculate(for: harmlessArray) // GOOD
     _ = SHA2(variant: .sha512).calculate(for: phoneNumberArray) // GOOD
-    _ = SHA2(variant: .sha512).calculate(for: passwdArray) // BAD
+    _ = SHA2(variant: .sha512).calculate(for: passwdArray) // $ Alert[swift/weak-password-hashing]
     _ = SHA3(variant: .sha512).calculate(for: harmlessArray) // GOOD
     _ = SHA3(variant: .sha512).calculate(for: phoneNumberArray) // GOOD
-    _ = SHA3(variant: .sha512).calculate(for: passwdArray) // BAD
+    _ = SHA3(variant: .sha512).calculate(for: passwdArray) // $ Alert[swift/weak-password-hashing]
 
     _ = Digest.md5(harmlessArray) // GOOD (not sensitive)
-    _ = Digest.md5(phoneNumberArray) // BAD
-    _ = Digest.md5(passwdArray) // BAD
+    _ = Digest.md5(phoneNumberArray) // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = Digest.md5(passwdArray) // $ Alert[swift/weak-password-hashing]
     _ = Digest.sha1(harmlessArray) // GOOD (not sensitive)
-    _ = Digest.sha1(phoneNumberArray) // BAD
-    _ = Digest.sha1(passwdArray) // BAD
+    _ = Digest.sha1(phoneNumberArray) // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = Digest.sha1(passwdArray) // $ Alert[swift/weak-password-hashing]
     _ = Digest.sha512(harmlessArray) // GOOD (not sensitive)
     _ = Digest.sha512(phoneNumberArray) // GOOD
-    _ = Digest.sha512(passwdArray) // BAD
+    _ = Digest.sha512(passwdArray) // $ Alert[swift/weak-password-hashing]
     _ = Digest.sha2(harmlessArray, variant: .sha512) // GOOD (not sensitive)
     _ = Digest.sha2(phoneNumberArray, variant: .sha512) // GOOD
-    _ = Digest.sha2(passwdArray, variant: .sha512) // BAD
+    _ = Digest.sha2(passwdArray, variant: .sha512) // $ Alert[swift/weak-password-hashing]
     _ = Digest.sha3(harmlessArray, variant: .sha512) // GOOD (not sensitive)
     _ = Digest.sha3(phoneNumberArray, variant: .sha512) // GOOD
-    _ = Digest.sha3(passwdArray, variant: .sha512) // BAD
+    _ = Digest.sha3(passwdArray, variant: .sha512) // $ Alert[swift/weak-password-hashing]
 
     _ = harmlessArray.md5() // GOOD (not sensitive)
-    _ = phoneNumberArray.md5() // BAD
-    _ = passwdArray.md5() // BAD
+    _ = phoneNumberArray.md5() // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = passwdArray.md5() // $ Alert[swift/weak-password-hashing]
     _ = harmlessArray.sha1() // GOOD (not sensitive)
-    _ = phoneNumberArray.sha1() // BAD
-    _ = passwdArray.sha1() // BAD
+    _ = phoneNumberArray.sha1() // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = passwdArray.sha1() // $ Alert[swift/weak-password-hashing]
     _ = harmlessArray.sha512() // GOOD
     _ = phoneNumberArray.sha512() // GOOD
-    _ = passwdArray.sha512() // BAD
+    _ = passwdArray.sha512() // $ Alert[swift/weak-password-hashing]
     _ = harmlessArray.sha2(.sha512) // GOOD
     _ = phoneNumberArray.sha2(.sha512) // GOOD
-    _ = passwdArray.sha2(.sha512) // BAD
+    _ = passwdArray.sha2(.sha512) // $ Alert[swift/weak-password-hashing]
     _ = harmlessArray.sha3(.sha512) // GOOD
     _ = phoneNumberArray.sha3(.sha512) // GOOD
-    _ = passwdArray.sha3(.sha512) // BAD
+    _ = passwdArray.sha3(.sha512) // $ Alert[swift/weak-password-hashing]
 }
 
 func testData(harmlessData: Data, medicalData: Data, passwdData: Data) {
     _ = harmlessData.md5() // GOOD (not sensitive)
-    _ = medicalData.md5() // BAD
-    _ = passwdData.md5() // BAD
+    _ = medicalData.md5() // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = passwdData.md5() // $ Alert[swift/weak-password-hashing]
     _ = harmlessData.sha1() // GOOD (not sensitive)
-    _ = medicalData.sha1() // BAD
-    _ = passwdData.sha1() // BAD
+    _ = medicalData.sha1() // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = passwdData.sha1() // $ Alert[swift/weak-password-hashing]
     _ = harmlessData.sha512() // GOOD
     _ = medicalData.sha512() // GOOD
-    _ = passwdData.sha512() // BAD
+    _ = passwdData.sha512() // $ Alert[swift/weak-password-hashing]
     _ = harmlessData.sha2(.sha512) // GOOD
     _ = medicalData.sha2(.sha512) // GOOD
-    _ = passwdData.sha2(.sha512) // BAD
+    _ = passwdData.sha2(.sha512) // $ Alert[swift/weak-password-hashing]
     _ = harmlessData.sha3(.sha512) // GOOD
     _ = medicalData.sha3(.sha512) // GOOD
-    _ = passwdData.sha3(.sha512) // BAD
+    _ = passwdData.sha3(.sha512) // $ Alert[swift/weak-password-hashing]
 }
 
 func testStrings(creditCardNumber: String, passwd: String) {
     _ = "harmless".md5() // GOOD (not sensitive)
-    _ = creditCardNumber.md5() // BAD
-    _ = passwd.md5() // BAD
+    _ = creditCardNumber.md5() // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = passwd.md5() // $ Alert[swift/weak-password-hashing]
     _ = "harmless".sha1() // GOOD (not sensitive)
-    _ = creditCardNumber.sha1() // BAD
-    _ = passwd.sha1() // BAD
+    _ = creditCardNumber.sha1() // $ Alert[swift/weak-sensitive-data-hashing]
+    _ = passwd.sha1() // $ Alert[swift/weak-password-hashing]
     _ = "harmless".sha512() // GOOD
     _ = creditCardNumber.sha512() // GOOD
-    _ = passwd.sha512() // BAD
+    _ = passwd.sha512() // $ Alert[swift/weak-password-hashing]
     _ = "harmless".sha2(.sha512) // GOOD
     _ = creditCardNumber.sha2(.sha512) // GOOD
-    _ = passwd.sha2(.sha512) // BAD
+    _ = passwd.sha2(.sha512) // $ Alert[swift/weak-password-hashing]
     _ = "harmless".sha3(.sha512) // GOOD
     _ = creditCardNumber.sha3(.sha512) // GOOD
-    _ = passwd.sha3(.sha512) // BAD
+    _ = passwd.sha3(.sha512) // $ Alert[swift/weak-password-hashing]
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.expected b/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.expected
index 1a26f9211971..04dafbd0b5e9 100644
--- a/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.expected
+++ b/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.expected
@@ -1,3 +1,27 @@
+#select
+| tests.swift:101:16:101:16 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:101:16:101:16 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:104:16:104:40 | ... .+(_:_:) ... | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:104:16:104:40 | ... .+(_:_:) ... | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:106:16:106:16 | "..." | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:106:16:106:16 | "..." | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:109:16:109:39 | ... ? ... : ... | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:109:16:109:39 | ... ? ... : ... | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:110:16:110:37 | ... ? ... : ... | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:110:16:110:37 | ... ? ... : ... | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:113:24:113:24 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:113:24:113:24 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:114:45:114:45 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:114:45:114:45 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:120:19:120:19 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:120:19:120:19 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:126:40:126:40 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:126:40:126:40 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:131:39:131:39 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:131:39:131:39 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:137:40:137:40 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:137:40:137:40 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:144:16:144:16 | remoteInput | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:144:16:144:16 | remoteInput | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:147:39:147:39 | regexStr | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:147:39:147:39 | regexStr | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:162:17:162:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:162:17:162:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:164:17:164:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:164:17:164:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:167:17:167:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:167:17:167:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:170:17:170:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:170:17:170:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:173:17:173:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:173:17:173:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:176:17:176:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:176:17:176:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:179:17:179:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:179:17:179:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:182:17:182:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:182:17:182:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:185:17:185:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:185:17:185:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
+| tests.swift:190:21:190:21 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:190:21:190:21 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
 edges
 | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:101:16:101:16 | taintedString | provenance |  |
 | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:104:16:104:40 | ... .+(_:_:) ... | provenance |  |
@@ -48,27 +72,3 @@ nodes
 | tests.swift:185:17:185:17 | taintedString | semmle.label | taintedString |
 | tests.swift:190:21:190:21 | taintedString | semmle.label | taintedString |
 subpaths
-#select
-| tests.swift:101:16:101:16 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:101:16:101:16 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:104:16:104:40 | ... .+(_:_:) ... | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:104:16:104:40 | ... .+(_:_:) ... | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:106:16:106:16 | "..." | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:106:16:106:16 | "..." | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:109:16:109:39 | ... ? ... : ... | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:109:16:109:39 | ... ? ... : ... | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:110:16:110:37 | ... ? ... : ... | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:110:16:110:37 | ... ? ... : ... | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:113:24:113:24 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:113:24:113:24 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:114:45:114:45 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:114:45:114:45 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:120:19:120:19 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:120:19:120:19 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:126:40:126:40 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:126:40:126:40 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:131:39:131:39 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:131:39:131:39 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:137:40:137:40 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:137:40:137:40 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:144:16:144:16 | remoteInput | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:144:16:144:16 | remoteInput | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:147:39:147:39 | regexStr | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:147:39:147:39 | regexStr | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:162:17:162:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:162:17:162:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:164:17:164:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:164:17:164:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:167:17:167:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:167:17:167:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:170:17:170:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:170:17:170:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:173:17:173:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:173:17:173:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:176:17:176:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:176:17:176:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:179:17:179:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:179:17:179:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:182:17:182:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:182:17:182:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:185:17:185:17 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:185:17:185:17 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
-| tests.swift:190:21:190:21 | taintedString | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | tests.swift:190:21:190:21 | taintedString | This regular expression is constructed from a $@. | tests.swift:95:22:95:46 | call to String.init(contentsOf:) | user-provided value |
diff --git a/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.qlref b/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.qlref
index 6171cd820742..edd571a6692b 100644
--- a/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-730/RegexInjection.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-730/RegexInjection.ql
+query: queries/Security/CWE-730/RegexInjection.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-730/tests.swift b/swift/ql/test/query-tests/Security/CWE-730/tests.swift
index 234821d46aca..8de36a7f9f36 100644
--- a/swift/ql/test/query-tests/Security/CWE-730/tests.swift
+++ b/swift/ql/test/query-tests/Security/CWE-730/tests.swift
@@ -92,59 +92,59 @@ extension String {
 
 func regexInjectionTests(cond: Bool, varString: String, myUrl: URL) throws {
 	let constString = ".*"
-	let taintedString = String(contentsOf: myUrl) // tainted
+	let taintedString = String(contentsOf: myUrl) // $ Source // tainted
 
 	// --- Regex ---
 
 	_ = try Regex(constString).firstMatch(in: varString)
 	_ = try Regex(varString).firstMatch(in: varString)
-	_ = try Regex(taintedString).firstMatch(in: varString) // BAD
+	_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert
 
 	_ = try Regex("(a|" + constString + ")").firstMatch(in: varString)
-	_ = try Regex("(a|" + taintedString + ")").firstMatch(in: varString) // BAD
+	_ = try Regex("(a|" + taintedString + ")").firstMatch(in: varString) // $ Alert
 	_ = try Regex("(a|\(constString))").firstMatch(in: varString)
-	_ = try Regex("(a|\(taintedString))").firstMatch(in: varString) // BAD
+	_ = try Regex("(a|\(taintedString))").firstMatch(in: varString) // $ Alert
 
 	_ = try Regex(cond ? constString : constString).firstMatch(in: varString)
-	_ = try Regex(cond ? taintedString : constString).firstMatch(in: varString) // BAD
-	_ = try Regex(cond ? constString : taintedString).firstMatch(in: varString) // BAD
+	_ = try Regex(cond ? taintedString : constString).firstMatch(in: varString) // $ Alert
+	_ = try Regex(cond ? constString : taintedString).firstMatch(in: varString) // $ Alert
 
 	_ = try (cond ? Regex(constString) : Regex(constString)).firstMatch(in: varString)
-	_ = try (cond ? Regex(taintedString) : Regex(constString)).firstMatch(in: varString) // BAD
-	_ = try (cond ? Regex(constString) : Regex(taintedString)).firstMatch(in: varString) // BAD
+	_ = try (cond ? Regex(taintedString) : Regex(constString)).firstMatch(in: varString) // $ Alert
+	_ = try (cond ? Regex(constString) : Regex(taintedString)).firstMatch(in: varString) // $ Alert
 
 	// --- RangeReplaceableCollection ---
 
 	var inputVar = varString
 	inputVar.replace(constString, with: "")
-	inputVar.replace(taintedString, with: "") // BAD
+	inputVar.replace(taintedString, with: "") // $ Alert
 	inputVar.replace(constString, with: taintedString)
 
 	// --- StringProtocol ---
 
 	_ = inputVar.replacingOccurrences(of: constString, with: "", options: .regularExpression)
-	_ = inputVar.replacingOccurrences(of: taintedString, with: "", options: .regularExpression) // BAD
+	_ = inputVar.replacingOccurrences(of: taintedString, with: "", options: .regularExpression) // $ Alert
 
 	// --- NSRegularExpression ---
 
 	_ = try NSRegularExpression(pattern: constString).firstMatch(in: varString, range: NSMakeRange(0, varString.utf16.count))
-	_ = try NSRegularExpression(pattern: taintedString).firstMatch(in: varString, range: NSMakeRange(0, varString.utf16.count)) // BAD
+	_ = try NSRegularExpression(pattern: taintedString).firstMatch(in: varString, range: NSMakeRange(0, varString.utf16.count)) // $ Alert
 
 	// --- NSString ---
 
 	let nsString = NSString(string: varString)
 	_ = nsString.replacingOccurrences(of: constString, with: "", options: .regularExpression, range: NSMakeRange(0, nsString.length))
-	_ = nsString.replacingOccurrences(of: taintedString, with: "", options: .regularExpression, range: NSMakeRange(0, nsString.length)) // BAD
+	_ = nsString.replacingOccurrences(of: taintedString, with: "", options: .regularExpression, range: NSMakeRange(0, nsString.length)) // $ Alert
 
 	// --- from the qhelp ---
 
 	let remoteInput = taintedString
 	let myRegex = ".*"
 
-	_ = try Regex(remoteInput) // BAD
+	_ = try Regex(remoteInput) // $ Alert
 
 	let regexStr = "abc|\(remoteInput)"
-	_ = try NSRegularExpression(pattern: regexStr) // BAD
+	_ = try NSRegularExpression(pattern: regexStr) // $ Alert
 
 	_ = try Regex(myRegex)
 
@@ -159,35 +159,35 @@ func regexInjectionTests(cond: Bool, varString: String, myUrl: URL) throws {
 	let okSet: Set = ["abc", "def"]
 
 	if (taintedString == okInput) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	} else {
-		_ = try Regex(taintedString).firstMatch(in: varString) // BAD
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert
 	}
 	if (taintedString != okInput) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // BAD
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert
 	}
 	if (varString == okInput) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // BAD
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert
 	}
 	if (okInputs.contains(taintedString)) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if (okInputs.firstIndex(of: taintedString) != nil) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if let index = okInputs.firstIndex(of: taintedString) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if let index = okInputs.index(of: taintedString) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if (okSet.contains(taintedString)) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 
 	// --- multiple evaluations ---
 
-	let re = try Regex(taintedString) // BAD
+	let re = try Regex(taintedString) // $ Alert
 	_ = try re.firstMatch(in: varString) // (we only want to flag one location total)
 	_ = try re.firstMatch(in: varString)
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-760/ConstantSalt.qlref b/swift/ql/test/query-tests/Security/CWE-760/ConstantSalt.qlref
index 04aadc2161fc..dd7c483b0af2 100644
--- a/swift/ql/test/query-tests/Security/CWE-760/ConstantSalt.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-760/ConstantSalt.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-760/ConstantSalt.ql
+query: queries/Security/CWE-760/ConstantSalt.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift b/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift
index 51265b16c457..228e1231c99f 100644
--- a/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift
+++ b/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift
@@ -56,27 +56,27 @@ func test(myPassword: String) {
 	let myIV = Data(0)
 	let myRandomSalt1 = Data(getARandomString())
 	let myRandomSalt2 = Data(getARandomString())
-	let myConstantSalt1 = Data("abcdef123456")
-	let myConstantSalt2 = Data(0)
+	let myConstantSalt1 = Data("abcdef123456") // $ Source
+	let myConstantSalt2 = Data(0) // $ Source
 
 	let _ = myEncryptor.key(forPassword: myPassword, salt: myRandomSalt1, settings: myKeyDerivationSettings) // GOOD
-	let _ = myEncryptor.key(forPassword: myPassword, salt: myConstantSalt1, settings: myKeyDerivationSettings) // BAD
+	let _ = myEncryptor.key(forPassword: myPassword, salt: myConstantSalt1, settings: myKeyDerivationSettings) // $ Alert
 	let _ = myEncryptor.keyForPassword(myPassword, salt: myRandomSalt2, settings: myKeyDerivationSettings) // GOOD
-	let _ = myEncryptor.keyForPassword(myPassword, salt: myConstantSalt2, settings: myKeyDerivationSettings) // BAD
+	let _ = myEncryptor.keyForPassword(myPassword, salt: myConstantSalt2, settings: myKeyDerivationSettings) // $ Alert
 
 	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myRandomSalt1, hmacSalt: myRandomSalt2, handler: myHandler) // GOOD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myConstantSalt1, hmacSalt: myRandomSalt2, handler: myHandler) // BAD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myRandomSalt1, hmacSalt: myConstantSalt2, handler: myHandler) // BAD
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myConstantSalt1, hmacSalt: myRandomSalt2, handler: myHandler) // $ Alert
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myRandomSalt1, hmacSalt: myConstantSalt2, handler: myHandler) // $ Alert
 	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myRandomSalt1, HMACSalt: myRandomSalt2, handler: myHandler) // GOOD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myConstantSalt1, HMACSalt: myRandomSalt2, handler: myHandler) // BAD
-	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myRandomSalt1, HMACSalt: myConstantSalt2, handler: myHandler) // BAD
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myConstantSalt1, HMACSalt: myRandomSalt2, handler: myHandler) // $ Alert
+	let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myRandomSalt1, HMACSalt: myConstantSalt2, handler: myHandler) // $ Alert
 
 	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myRandomSalt1, hmacSalt: myRandomSalt2) // GOOD
-	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myConstantSalt1, hmacSalt: myRandomSalt2) // BAD
-	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myRandomSalt1, hmacSalt: myConstantSalt2) // BAD
+	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myConstantSalt1, hmacSalt: myRandomSalt2) // $ Alert
+	let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myPassword, iv: myIV, encryptionSalt: myRandomSalt1, hmacSalt: myConstantSalt2) // $ Alert
 	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myRandomSalt1, HMACSalt: myRandomSalt2) // GOOD
-	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myConstantSalt1, HMACSalt: myRandomSalt2) // BAD
-	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myRandomSalt1, HMACSalt: myConstantSalt2) // BAD
+	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myConstantSalt1, HMACSalt: myRandomSalt2) // $ Alert
+	let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myPassword, IV: myIV, encryptionSalt: myRandomSalt1, HMACSalt: myConstantSalt2) // $ Alert
 
 	// appending constants
 	let _ = myEncryptor.key(forPassword: myPassword, salt: Data(getARandomString() + getARandomString()), settings: myKeyDerivationSettings) // GOOD
diff --git a/swift/ql/test/query-tests/Security/CWE-760/test.swift b/swift/ql/test/query-tests/Security/CWE-760/test.swift
index 434e2daf6dad..2ad979a1fbed 100644
--- a/swift/ql/test/query-tests/Security/CWE-760/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-760/test.swift
@@ -26,7 +26,7 @@ final class Scrypt {
 
 // Helper functions
 func getConstantString() -> String {
-  "this string is constant"
+  "this string is constant" // $ Source
 }
 
 func getConstantArray() -> Array<UInt8> {
@@ -40,7 +40,7 @@ func getRandomArray() -> Array<UInt8> {
 // --- tests ---
 
 func test() {
-	let constantSalt: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05, 0xaf, 0x46, 0x58, 0x2d, 0x66, 0x52, 0x10, 0xae, 0x86, 0xd3, 0x8e, 0x8f]
+	let constantSalt: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05, 0xaf, 0x46, 0x58, 0x2d, 0x66, 0x52, 0x10, 0xae, 0x86, 0xd3, 0x8e, 0x8f] // $ Source
 	let constantStringSalt = getConstantArray()
 	let randomSalt = getRandomArray()
 	let randomArray = getRandomArray()
@@ -48,23 +48,23 @@ func test() {
 	let iterations = 120120
 
 	// HKDF test cases
-	let hkdfb1 = HKDF(password: randomArray, salt: constantSalt, info: randomArray, keyLength: 0, variant: variant) // BAD
-	let hkdfb2 = HKDF(password: randomArray, salt: constantStringSalt, info: randomArray, keyLength: 0, variant: variant) // BAD
+	let hkdfb1 = HKDF(password: randomArray, salt: constantSalt, info: randomArray, keyLength: 0, variant: variant) // $ Alert
+	let hkdfb2 = HKDF(password: randomArray, salt: constantStringSalt, info: randomArray, keyLength: 0, variant: variant) // $ Alert
 	let hkdfg1 = HKDF(password: randomArray, salt: randomSalt, info: randomArray, keyLength: 0, variant: variant) // GOOD
 
 	// PBKDF1 test cases
-	let pbkdf1b1 = PKCS5.PBKDF1(password: randomArray, salt: constantSalt, iterations: iterations, keyLength: 0) // BAD
-	let pbkdf1b2 = PKCS5.PBKDF1(password: randomArray, salt: constantStringSalt, iterations: iterations, keyLength: 0) // BAD
+	let pbkdf1b1 = PKCS5.PBKDF1(password: randomArray, salt: constantSalt, iterations: iterations, keyLength: 0) // $ Alert
+	let pbkdf1b2 = PKCS5.PBKDF1(password: randomArray, salt: constantStringSalt, iterations: iterations, keyLength: 0) // $ Alert
 	let pbkdf1g1 = PKCS5.PBKDF1(password: randomArray, salt: randomSalt, iterations: iterations, keyLength: 0) // GOOD
 
 
 	// PBKDF2 test cases
-	let pbkdf2b1 = PKCS5.PBKDF2(password: randomArray, salt: constantSalt, iterations: iterations, keyLength: 0) // BAD
-	let pbkdf2b2 = PKCS5.PBKDF2(password: randomArray, salt: constantStringSalt, iterations: iterations, keyLength: 0) // BAD
+	let pbkdf2b1 = PKCS5.PBKDF2(password: randomArray, salt: constantSalt, iterations: iterations, keyLength: 0) // $ Alert
+	let pbkdf2b2 = PKCS5.PBKDF2(password: randomArray, salt: constantStringSalt, iterations: iterations, keyLength: 0) // $ Alert
 	let pbkdf2g1 = PKCS5.PBKDF2(password: randomArray, salt: randomSalt, iterations: iterations, keyLength: 0) // GOOD
 
 	// Scrypt test cases
-	let scryptb1 = Scrypt(password: randomArray, salt: constantSalt, dkLen: 64, N: 16384, r: 8, p: 1) // BAD
-	let scryptb2 = Scrypt(password: randomArray, salt: constantStringSalt, dkLen: 64, N: 16384, r: 8, p: 1) // BAD
+	let scryptb1 = Scrypt(password: randomArray, salt: constantSalt, dkLen: 64, N: 16384, r: 8, p: 1) // $ Alert
+	let scryptb2 = Scrypt(password: randomArray, salt: constantStringSalt, dkLen: 64, N: 16384, r: 8, p: 1) // $ Alert
 	let scryptg1 = Scrypt(password: randomArray, salt: randomSalt, dkLen: 64, N: 16384, r: 8, p: 1) // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.qlref b/swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.qlref
index 81a6dda0d0f0..66492b8441e5 100644
--- a/swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.qlref
+++ b/swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.qlref
@@ -1 +1,2 @@
-queries/Security/CWE-916/InsufficientHashIterations.ql
+query: queries/Security/CWE-916/InsufficientHashIterations.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-916/test.swift b/swift/ql/test/query-tests/Security/CWE-916/test.swift
index 8786d936c1d3..5c63fc352656 100644
--- a/swift/ql/test/query-tests/Security/CWE-916/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-916/test.swift
@@ -17,7 +17,7 @@ extension PKCS5 {
 }
 
 // Helper functions
-func getLowIterationCount() -> Int { return 99999 }
+func getLowIterationCount() -> Int { return 99999 } // $ Source
 
 func getEnoughIterationCount() -> Int { return 120120 }
 
@@ -34,15 +34,15 @@ func test() {
 	let enoughIterations = getEnoughIterationCount() 
 	
 	// PBKDF1 test cases
-	let pbkdf1b1 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: lowIterations, keyLength: 0) // BAD
-	let pbkdf1b2 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: 80000, keyLength: 0) // BAD
+	let pbkdf1b1 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: lowIterations, keyLength: 0) // $ Alert
+	let pbkdf1b2 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: 80000, keyLength: 0) // $ Alert
 	let pbkdf1g1 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: enoughIterations, keyLength: 0) // GOOD
 	let pbkdf1g2 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: 120120, keyLength: 0) // GOOD
 
 
 	// PBKDF2 test cases
-	let pbkdf2b1 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: lowIterations, keyLength: 0) // BAD
-	let pbkdf2b2 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: 80000, keyLength: 0) // BAD
+	let pbkdf2b1 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: lowIterations, keyLength: 0) // $ Alert
+	let pbkdf2b2 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: 80000, keyLength: 0) // $ Alert
 	let pbkdf2g1 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: enoughIterations, keyLength: 0) // GOOD
 	let pbkdf2g2 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: 120120, keyLength: 0) // GOOD
 }

From b10abb63d99f788e2126aa19c7c0d29651f8d2c9 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Tue, 16 Jun 2026 00:28:40 +0100
Subject: [PATCH 3/5] Add SPURIOUS and MISSING to some comments

---
 .../Security/CWE-020/SemiAnchoredRegex.swift  |  2 +-
 .../Security/CWE-020/UnanchoredUrlRegex.swift | 14 +++++------
 .../query-tests/Security/CWE-020/test.swift   | 16 ++++++-------
 .../query-tests/Security/CWE-089/other.swift  |  6 ++---
 .../CWE-134/UncontrolledFormatString.swift    |  2 +-
 .../Security/CWE-311/testAlamofire.swift      | 24 +++++++++----------
 .../Security/CWE-311/testCoreData.swift       | 12 +++++-----
 .../Security/CWE-311/testCoreData2.swift      | 14 +++++------
 .../Security/CWE-311/testRealm2.swift         |  4 ++--
 .../Security/CWE-311/testSwiftUI.swift        |  2 +-
 .../Security/CWE-311/testURL.swift            | 20 ++++++++--------
 .../Security/CWE-328/testCryptoKit.swift      |  2 +-
 .../query-tests/Security/CWE-730/tests.swift  | 12 +++++-----
 .../Security/CWE-760/rncryptor.swift          |  4 ++--
 14 files changed, 67 insertions(+), 67 deletions(-)

diff --git a/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift b/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift
index d5d2f68be48f..d588e1d6439e 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift
+++ b/swift/ql/test/query-tests/Security/CWE-020/SemiAnchoredRegex.swift
@@ -104,7 +104,7 @@ func realWorld(input: String) throws {
 	_ = try Regex(#"^mouse|touch|click|contextmenu|drop|dragover|dragend"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex(#"^xxx:|yyy:"#).ignoresCase().firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
 	_ = try Regex(#"_xxx|_yyy|_zzz$"#).firstMatch(in: input) // $ Alert[swift/missing-regexp-anchor] // BAD (missing anchor)
-	_ = try Regex(#"em|%$"#).firstMatch(in: input) // BAD (missing anchor) [NOT DETECTED] - not flagged at the moment due to the anchor not being for letters
+	_ = try Regex(#"em|%$"#).firstMatch(in: input) // $ MISSING: Alert[swift/missing-regexp-anchor] // BAD (missing anchor) [NOT DETECTED] - not flagged at the moment due to the anchor not being for letters
 
 	// the following are MAYBE OK due to apparent complexity; not flagged
 	_ = try Regex(#"(?:^[#?]?|&)([^=&]+)(?:=([^&]*))?"#).firstMatch(in: input)
diff --git a/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift b/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
index d096338401f6..683fc7213c33 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
+++ b/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
@@ -104,25 +104,25 @@ func tests(url: String, secure: Bool) throws {
 	_ = try NSRegularExpression(pattern: "verygood.com/?id=" + #"https?:\/\/good.com\/([0-9]+)"#).matches(in: url, range: urlRange)[0] // OK
 
 	_ = try NSRegularExpression(pattern: #"\.com|\.org"#).matches(in: input, range: inputRange) // OK, has no domain name
-	_ = try NSRegularExpression(pattern: #"example\.com|whatever"#).matches(in: input, range: inputRange) // $ Alert[swift/missing-regexp-anchor] // OK, the other disjunction doesn't match a hostname [FALSE POSITIVE]
+	_ = try NSRegularExpression(pattern: #"example\.com|whatever"#).matches(in: input, range: inputRange) // $ SPURIOUS: Alert[swift/missing-regexp-anchor] // OK, the other disjunction doesn't match a hostname [FALSE POSITIVE]
 
 	// tests for the `isLineAnchoredHostnameRegExp` case
 
 	let attackUrl1 =  "evil.com/blabla?\ngood.com"
 	let attackUrl1Range = NSMakeRange(0, attackUrl1.utf16.count)
 	_ = try NSRegularExpression(pattern: "^good\\.com$").matches(in: attackUrl1, range: attackUrl1Range) // OK
-	_ = try NSRegularExpression(pattern: "^good\\.com$", options: .anchorsMatchLines).matches(in: attackUrl1, range: attackUrl1Range) // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
+	_ = try NSRegularExpression(pattern: "^good\\.com$", options: .anchorsMatchLines).matches(in: attackUrl1, range: attackUrl1Range) // $ MISSING: Alert[swift/missing-regexp-anchor] // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
 	_ = try NSRegularExpression(pattern: "(?i)^good\\.com$").matches(in: attackUrl1, range: attackUrl1Range) // OK
-	_ = try NSRegularExpression(pattern: "(?i)^good\\.com$", options: .anchorsMatchLines).matches(in: attackUrl1, range: attackUrl1Range) // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
+	_ = try NSRegularExpression(pattern: "(?i)^good\\.com$", options: .anchorsMatchLines).matches(in: attackUrl1, range: attackUrl1Range) // $ MISSING: Alert[swift/missing-regexp-anchor] // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
 	_ = try NSRegularExpression(pattern: "^good\\.com$|^another\\.com$").matches(in: attackUrl1, range: attackUrl1Range) // OK
-	_ = try NSRegularExpression(pattern: "^good\\.com$|^another\\.com$", options: .anchorsMatchLines).matches(in: attackUrl1, range: attackUrl1Range) // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
+	_ = try NSRegularExpression(pattern: "^good\\.com$|^another\\.com$", options: .anchorsMatchLines).matches(in: attackUrl1, range: attackUrl1Range) // $ MISSING: Alert[swift/missing-regexp-anchor] // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
 
 	let attackUrl2 =  "evil.com/blabla?\ngood.com/"
 	let attackUrl2Range = NSMakeRange(0, attackUrl2.utf16.count)
 	_ = try NSRegularExpression(pattern: "^good\\.com/").matches(in: attackUrl2, range: attackUrl2Range) // OK
-	_ = try NSRegularExpression(pattern: "^good\\.com/", options: .anchorsMatchLines).matches(in: attackUrl2, range: attackUrl2Range) // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
+	_ = try NSRegularExpression(pattern: "^good\\.com/", options: .anchorsMatchLines).matches(in: attackUrl2, range: attackUrl2Range) // $ MISSING: Alert[swift/missing-regexp-anchor] // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
 	_ = try NSRegularExpression(pattern: "(?i)^good\\.com/").matches(in: attackUrl2, range: attackUrl2Range) // OK
-	_ = try NSRegularExpression(pattern: "(?i)^good\\.com/", options: .anchorsMatchLines).matches(in: attackUrl2, range: attackUrl2Range) // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
+	_ = try NSRegularExpression(pattern: "(?i)^good\\.com/", options: .anchorsMatchLines).matches(in: attackUrl2, range: attackUrl2Range) // $ MISSING: Alert[swift/missing-regexp-anchor] // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
 	_ = try NSRegularExpression(pattern: "^good\\.com/|^another\\.com/").matches(in: attackUrl2, range: attackUrl2Range) // OK
-	_ = try NSRegularExpression(pattern: "^good\\.com/|^another\\.com/", options: .anchorsMatchLines).matches(in: attackUrl2, range: attackUrl2Range) // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
+	_ = try NSRegularExpression(pattern: "^good\\.com/|^another\\.com/", options: .anchorsMatchLines).matches(in: attackUrl2, range: attackUrl2Range) // $ MISSING: Alert[swift/missing-regexp-anchor] // BAD [NOT DETECTED]: with the .anchorsMatchLines option this matches the attack URL
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-020/test.swift b/swift/ql/test/query-tests/Security/CWE-020/test.swift
index 321f5fcd56c8..384d58754761 100644
--- a/swift/ql/test/query-tests/Security/CWE-020/test.swift
+++ b/swift/ql/test/query-tests/Security/CWE-020/test.swift
@@ -73,8 +73,8 @@ func testHostnames(myUrl: URL) throws {
 	_ = try Regex(#"^https?://api.example.com/"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 	_ = try Regex(#"^http[s]?://?sub1\.sub2\.example\.com/f/(.+)"#).firstMatch(in: tainted) // GOOD (it has a capture group after the TLD, so should be ignored)
 	_ = try Regex(#"^https://[a-z]*.example.com$"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
-	_ = try Regex(#"^(example.dev|example.com)"#).firstMatch(in: tainted) // $ Alert[swift/missing-regexp-anchor] // GOOD (any extended hostname wouldn't be included in the capture group) [FALSE POSITIVE]
-	_ = try Regex(#"^protos?://(localhost|.+.example.net|.+.example-a.com|.+.example-b.com|.+.example.internal)"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] Alert[swift/incomplete-hostname-regexp] Alert[swift/incomplete-hostname-regexp] Alert[swift/missing-regexp-anchor] // BAD (incomplete hostname x3, missing anchor x 1)
+	_ = try Regex(#"^(example.dev|example.com)"#).firstMatch(in: tainted) // $ SPURIOUS: Alert[swift/missing-regexp-anchor] // GOOD (any extended hostname wouldn't be included in the capture group) [FALSE POSITIVE]
+	_ = try Regex(#"^protos?://(localhost|.+.example.net|.+.example-a.com|.+.example-b.com|.+.example.internal)"#).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] Alert[swift/missing-regexp-anchor] // BAD (incomplete hostname x3, missing anchor x 1)
 
 	_ = try Regex(#"^http://(..|...)\.example\.com/index\.html"#).firstMatch(in: tainted) // GOOD (wildcards are intentional)
 	_ = try Regex(#"^http://.\.example\.com/index\.html"#).firstMatch(in: tainted) // GOOD (the wildcard is intentional)
@@ -85,7 +85,7 @@ func testHostnames(myUrl: URL) throws {
 
 	_ = try Regex(id(id(id(#"test.example.com$"#)))).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 
-	let hostname = #"test.example.com$"# // BAD (incomplete hostname) [NOT DETECTED]
+	let hostname = #"test.example.com$"# // $ MISSING: Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname) [NOT DETECTED]
 	_ = try Regex("\(hostname)").firstMatch(in: tainted)
 
 	var domain = MyDomain("")
@@ -97,17 +97,17 @@ func testHostnames(myUrl: URL) throws {
 	}
 	_ = try convert1(MyDomain(#"test.example.com$"#)).firstMatch(in: tainted) // $ Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname)
 
-	let domains = [ MyDomain(#"test.example.com$"#) ]  // BAD (incomplete hostname) [NOT DETECTED]
+	let domains = [ MyDomain(#"test.example.com$"#) ]  // $ MISSING: Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname) [NOT DETECTED]
 	func convert2(_ domain: MyDomain) throws -> Regex<AnyRegexOutput> {
 		return try Regex(domain.hostname)
 	}
 	_ = try domains.map({ try convert2($0).firstMatch(in: tainted) })
 
 	let primary = "example.com$"
-	_ = try Regex("test." + primary).firstMatch(in: tainted) // BAD (incomplete hostname) [NOT DETECTED]
-	_ = try Regex("test." + "example.com$").firstMatch(in: tainted) // BAD (incomplete hostname) [NOT DETECTED]
-	_ = try Regex(#"^http://localhost:8000|" + "^https?://.+\.example\.com/"#).firstMatch(in: tainted) // BAD (incomplete hostname) [NOT DETECTED]
-	_ = try Regex(#"^http://localhost:8000|" + "^https?://.+.example\.com/"#).firstMatch(in: tainted) // BAD (incomplete hostname) [NOT DETECTED]
+	_ = try Regex("test." + primary).firstMatch(in: tainted) // $ MISSING: Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname) [NOT DETECTED]
+	_ = try Regex("test." + "example.com$").firstMatch(in: tainted) // $ MISSING: Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname) [NOT DETECTED]
+	_ = try Regex(#"^http://localhost:8000|" + "^https?://.+\.example\.com/"#).firstMatch(in: tainted) // $ MISSING: Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname) [NOT DETECTED]
+	_ = try Regex(#"^http://localhost:8000|" + "^https?://.+.example\.com/"#).firstMatch(in: tainted) // $ MISSING: Alert[swift/incomplete-hostname-regexp] // BAD (incomplete hostname) [NOT DETECTED]
 
 	let harmless = #"^http://test.example.com"# // GOOD (never used as a regex)
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-089/other.swift b/swift/ql/test/query-tests/Security/CWE-089/other.swift
index cb36c8f8828e..0974d03937e9 100644
--- a/swift/ql/test/query-tests/Security/CWE-089/other.swift
+++ b/swift/ql/test/query-tests/Security/CWE-089/other.swift
@@ -55,9 +55,9 @@ func test_heuristic(db: MyDatabase) throws {
 	db.execute4(remoteString as! Sql) // $ Alert
 
 	db.query(sql: remoteString) // $ Alert
-	db.query(sqlLiteral: remoteString) // BAD [NOT DETECTED]
-	db.query(sqlStatement: remoteString) // BAD [NOT DETECTED]
-	db.query(sqliteStatement: remoteString) // BAD [NOT DETECTED]
+	db.query(sqlLiteral: remoteString) // $ MISSING: Alert // BAD [NOT DETECTED]
+	db.query(sqlStatement: remoteString) // $ MISSING: Alert // BAD [NOT DETECTED]
+	db.query(sqliteStatement: remoteString) // $ MISSING: Alert // BAD [NOT DETECTED]
 
 	db.doSomething(sqlIndex: Int(remoteString) ?? 0) // GOOD
 	db.doSomething(sqliteContext: remoteString as! Sql) // GOOD
diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
index dd82c70ab683..37c9b2bbca5d 100644
--- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
+++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
@@ -148,7 +148,7 @@ func tests() throws {
         _ = vasprintf_l(nil, nil, "%s", getVaList([cstr])) // GOOD: format not tainted
     })
 
-    myFormatMessage(string: tainted, "abc") // BAD [NOT DETECTED]
+    myFormatMessage(string: tainted, "abc") // $ MISSING: Alert // BAD [NOT DETECTED]
     myFormatMessage(string: "%s", tainted) // GOOD: format not tainted
 
     _ = MyString(format: tainted, "abc") // $ Alert
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
index 0bbb43d732c7..43e8e15873c1 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
@@ -159,25 +159,25 @@ func test1(username: String, password: String, email: String, harmless: String)
 	let params1 = ["value": email]
 	let params2 = ["value": harmless]
 
-	AF.request("http://example.com/", parameters: params1) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params1) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", parameters: params2) // GOOD (not sensitive)
-	AF.request("http://example.com/", parameters: params1, encoding: URLEncoding.default) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params1, encoding: URLEncoding.default) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", parameters: params2, encoding: URLEncoding.default) // GOOD (not sensitive)
-	AF.request("http://example.com/", parameters: params1, encoder: URLEncodedFormParameterEncoder.default) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params1, encoder: URLEncodedFormParameterEncoder.default) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", parameters: params2, encoder: URLEncodedFormParameterEncoder.default) // GOOD (not sensitive)
-	AF.download("http://example.com/", parameters: params1) // BAD [NOT DETECTED]
+	AF.download("http://example.com/", parameters: params1) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.download("http://example.com/", parameters: params2) // GOOD (not sensitive)
 
 	let params3 = ["values": ["...", email, "..."]]
 	let params4 = ["values": ["...", harmless, "..."]]
 
-	AF.request("http://example.com/", method:.post, parameters: params3) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", method:.post, parameters: params3) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", method:.post, parameters: params4) // GOOD (not sensitive)
 
 	let params5 = MyEncodable(value: email)
 	let params6 = MyEncodable(value: harmless)
 
-	AF.request("http://example.com/", parameters: params5) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params5) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", parameters: params6) // GOOD (not sensitive)
 
 	// request headers
@@ -187,17 +187,17 @@ func test1(username: String, password: String, email: String, harmless: String)
 	let headers1: HTTPHeaders = ["Authorization": username + ":" + password]
 	let headers2: HTTPHeaders = ["Value": harmless]
 
-	AF.request("http://example.com/", headers: headers1) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers1) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", headers: headers2) // GOOD (not sensitive)
-	AF.streamRequest("http://example.com/", headers: headers1) // BAD [NOT DETECTED]
+	AF.streamRequest("http://example.com/", headers: headers1) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.streamRequest("http://example.com/", headers: headers2) // GOOD (not sensitive)
 
 	let headers3 = HTTPHeaders(["Authorization": username + ":" + password])
 	let headers4 = HTTPHeaders(["Value": harmless])
 
-	AF.request("http://example.com/", headers: headers3) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers3) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", headers: headers4) // GOOD (not sensitive)
-	AF.download("http://example.com/", headers: headers1) // BAD [NOT DETECTED]
+	AF.download("http://example.com/", headers: headers1) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.download("http://example.com/", headers: headers2) // GOOD (not sensitive)
 
 	var headers5 = HTTPHeaders([:])
@@ -205,7 +205,7 @@ func test1(username: String, password: String, email: String, harmless: String)
 	headers5.add(name: "Authorization", value: username + ":" + password)
 	headers6.add(name: "Data", value: harmless)
 
-	AF.request("http://example.com/", headers: headers5) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers5) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", headers: headers6) // GOOD (not sensitive)
 
 	var headers7 = HTTPHeaders([:])
@@ -213,6 +213,6 @@ func test1(username: String, password: String, email: String, harmless: String)
 	headers7.update(name: "Authorization", value: username + ":" + password)
 	headers8.update(name: "Data", value: harmless)
 
-	AF.request("http://example.com/", headers: headers7) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers7) // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	AF.request("http://example.com/", headers: headers8) // GOOD (not sensitive)
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift
index 50eac08b47c4..6f1757a9e82f 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift
@@ -124,16 +124,16 @@ class SecureKeyStore {
 func test5(obj : NSManagedObject) {
 	// more variants...
 
-	obj.setValue(createSecureKey(), forKey: "myKey") // BAD [NOT DETECTED]
+	obj.setValue(createSecureKey(), forKey: "myKey") // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	obj.setValue(generateSecretKey(), forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 	obj.setValue(getCertificate(), forKey: "myKey") // $ Alert[swift/cleartext-storage-database]
 
 	let gen = KeyGen()
 	let v = gen.generate()
 
-	obj.setValue(KeyGen().generate(), forKey: "myKey") // BAD [NOT DETECTED]
-	obj.setValue(gen.generate(), forKey: "myKey") // BAD [NOT DETECTED]
-	obj.setValue(v, forKey: "myKey") // BAD [NOT DETECTED]
-	obj.setValue(KeyManager().generateKey(), forKey: "myKey") // BAD [NOT DETECTED]
-	obj.setValue(SecureKeyStore().getEncryptionKey(), forKey: "myKey") // BAD [NOT DETECTED]
+	obj.setValue(KeyGen().generate(), forKey: "myKey") // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
+	obj.setValue(gen.generate(), forKey: "myKey") // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
+	obj.setValue(v, forKey: "myKey") // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
+	obj.setValue(KeyManager().generateKey(), forKey: "myKey") // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
+	obj.setValue(SecureKeyStore().getEncryptionKey(), forKey: "myKey") // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
index 494f136d9095..9a8ecbf2488b 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
@@ -35,21 +35,21 @@ func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value:
 	// @NSManaged fields of an NSManagedObject...
 	obj.myValue = value // GOOD (not sensitive)
 	obj.myValue = bankAccountNo // $ Alert[swift/cleartext-storage-database]
-	obj.myBankAccountNumber = value // BAD [NOT DETECTED]
+	obj.myBankAccountNumber = value // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	obj.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
-	obj.myBankAccountNumber2 = value // BAD [NOT DETECTED]
+	obj.myBankAccountNumber2 = value // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	obj.myBankAccountNumber2 = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	obj.notStoredBankAccountNumber = value // GOOD (not stored in the database)
-	obj.notStoredBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
+	obj.notStoredBankAccountNumber = bankAccountNo // $ SPURIOUS: Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
 
 	maybeObj?.myValue = value // GOOD (not sensitive)
 	maybeObj?.myValue = bankAccountNo // $ Alert[swift/cleartext-storage-database]
-	maybeObj?.myBankAccountNumber = value // BAD [NOT DETECTED]
+	maybeObj?.myBankAccountNumber = value // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	maybeObj?.myBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database]
-	maybeObj?.myBankAccountNumber2 = value // BAD [NOT DETECTED]
+	maybeObj?.myBankAccountNumber2 = value // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	maybeObj?.myBankAccountNumber2 = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	maybeObj?.notStoredBankAccountNumber = value // GOOD (not stored in the database)
-	maybeObj?.notStoredBankAccountNumber = bankAccountNo // $ Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
+	maybeObj?.notStoredBankAccountNumber = bankAccountNo // $ SPURIOUS: Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
 }
 
 class testCoreData2_2 {
@@ -102,5 +102,5 @@ func testCoreData2_3(dbObj: MyManagedObject2, maybeObj: MyManagedObject2?, conta
 	var f: MyContainer?
 	f?.value = e.value
 	dbObj.myValue = e.value // $ Alert[swift/cleartext-storage-database]
-	dbObj.myValue = e.value2 // $ Alert[swift/cleartext-storage-database] // GOOD [FALSE POSITIVE]
+	dbObj.myValue = e.value2 // $ SPURIOUS: Alert[swift/cleartext-storage-database] // GOOD [FALSE POSITIVE]
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift b/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift
index 6374467750f6..e24fee191dbc 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testRealm2.swift
@@ -24,7 +24,7 @@ func test2(o: MyRealmSwiftObject3, ccn: String, socialSecurityNumber: String, ss
 	o.data = socialSecurityNumber // $ Alert[swift/cleartext-storage-database]
 	o.data = ssn // $ Alert[swift/cleartext-storage-database]
 	o.data = String(ssn_int) // $ Alert[swift/cleartext-storage-database]
-	o.data = userSSN // BAD [NOT DETECTED]
+	o.data = userSSN // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	o.data = classno // GOOD
 }
 
@@ -32,6 +32,6 @@ func test3(o: MyRealmSwiftObject3, ccn: String, creditCardNumber: String, CCN: S
 	o.data = creditCardNumber // $ Alert[swift/cleartext-storage-database]
 	o.data = CCN // $ Alert[swift/cleartext-storage-database]
 	o.data = String(int_ccn) // $ Alert[swift/cleartext-storage-database]
-	o.data = userCcn // BAD [NOT DETECTED]
+	o.data = userCcn // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	o.data = succnode // GOOD
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testSwiftUI.swift b/swift/ql/test/query-tests/Security/CWE-311/testSwiftUI.swift
index 77f025396193..1bfb09d4034f 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testSwiftUI.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testSwiftUI.swift
@@ -77,7 +77,7 @@ struct MyStruct {
 	var myView2: some View {
 		SecureField("title", text: $secureInput, prompt: nil)
 		.onSubmit {
-			_ = URL(string: "http://example.com/login?key=\(secureInput)"); // BAD [NOT DETECTED]
+			_ = URL(string: "http://example.com/login?key=\(secureInput)"); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 		}
 	}
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testURL.swift b/swift/ql/test/query-tests/Security/CWE-311/testURL.swift
index d77d3a4e5dbc..0768e2124707 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testURL.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testURL.swift
@@ -66,10 +66,10 @@ func get_certain() -> String { return "" }
 func test2() {
 	// more variants...
 
-	_ = URL(string: "http://example.com/login?key=" + get_private_key()); // BAD [NOT DETECTED]
-	_ = URL(string: "http://example.com/login?key=" + get_aes_key()); // BAD [NOT DETECTED]
-	_ = URL(string: "http://example.com/login?key=" + get_aws_key()); // BAD [NOT DETECTED]
-	_ = URL(string: "http://example.com/login?key=" + get_access_key()); // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?key=" + get_private_key()); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?key=" + get_aes_key()); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?key=" + get_aws_key()); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?key=" + get_access_key()); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?key=" + get_secret_key()); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "http://example.com/login?key=" + get_key_press()); // GOOD (not sensitive)
 	_ = URL(string: "http://example.com/login?cert=" + get_cert_string()); // $ Alert[swift/cleartext-transmission]
@@ -90,13 +90,13 @@ func test3() {
 	let auth_token = get_string()
 	let next_token = get_string()
 
-	_ = URL(string: "http://example.com/login?key=\(priv_key)"); // BAD [NOT DETECTED]
-	_ = URL(string: "http://example.com/login?key=\(private_key)"); // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?key=\(priv_key)"); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?key=\(private_key)"); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?key=\(pub_key)"); // GOOD (not sensitive)
 	_ = URL(string: "http://example.com/login?cert=\(certificate)"); // $ Alert[swift/cleartext-transmission]
-	_ = URL(string: "http://example.com/login?tok=\(secure_token)"); // BAD [NOT DETECTED]
-	_ = URL(string: "http://example.com/login?tok=\(access_token)"); // BAD [NOT DETECTED]
-	_ = URL(string: "http://example.com/login?tok=\(auth_token)"); // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?tok=\(secure_token)"); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?tok=\(access_token)"); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
+	_ = URL(string: "http://example.com/login?tok=\(auth_token)"); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	_ = URL(string: "http://example.com/login?tok=\(next_token)"); // GOOD (not sensitive)
 }
 
@@ -115,7 +115,7 @@ func test5() {
 
 	_ = URL(string: "http://example.com/login?email=\(email)"); // $ Alert[swift/cleartext-transmission]
 	_ = URL(string: "mailto:\(email)"); // GOOD (revealing your e-amil address in an e-mail is expected)
-	_ = URL(string: "mailto:info@example.com?subject=\(secret_key)"); // BAD [NOT DETECTED]
+	_ = URL(string: "mailto:info@example.com?subject=\(secret_key)"); // $ MISSING: Alert[swift/cleartext-transmission] // BAD [NOT DETECTED]
 	_ = URL(string: "mailto:info@example.com?subject=foo&cc=\(email)"); // GOOD
 
 	let phone_number = get_string()
diff --git a/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift b/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift
index 2f08fb62d905..d2faf8812248 100644
--- a/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift
+++ b/swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift
@@ -256,5 +256,5 @@ func testReceiver2(hasher: Insecure.MD5.Type, value: Data) {
 }
 
 func testReceiver3<H: HashFunction>(hasher: H.Type, value: Data) {
-    let _digest = hasher.hash(data: value); // BAD [NOT DETECTED]
+    let _digest = hasher.hash(data: value); // $ MISSING: Alert[swift/weak-sensitive-data-hashing] // BAD [NOT DETECTED]
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-730/tests.swift b/swift/ql/test/query-tests/Security/CWE-730/tests.swift
index 8de36a7f9f36..0fe6b5e9802c 100644
--- a/swift/ql/test/query-tests/Security/CWE-730/tests.swift
+++ b/swift/ql/test/query-tests/Security/CWE-730/tests.swift
@@ -159,7 +159,7 @@ func regexInjectionTests(cond: Bool, varString: String, myUrl: URL) throws {
 	let okSet: Set = ["abc", "def"]
 
 	if (taintedString == okInput) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ SPURIOUS: Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	} else {
 		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert
 	}
@@ -170,19 +170,19 @@ func regexInjectionTests(cond: Bool, varString: String, myUrl: URL) throws {
 		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert
 	}
 	if (okInputs.contains(taintedString)) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ SPURIOUS: Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if (okInputs.firstIndex(of: taintedString) != nil) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ SPURIOUS: Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if let index = okInputs.firstIndex(of: taintedString) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ SPURIOUS: Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if let index = okInputs.index(of: taintedString) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ SPURIOUS: Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 	if (okSet.contains(taintedString)) {
-		_ = try Regex(taintedString).firstMatch(in: varString) // $ Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
+		_ = try Regex(taintedString).firstMatch(in: varString) // $ SPURIOUS: Alert // GOOD (effectively sanitized by the check) [FALSE POSITIVE]
 	}
 
 	// --- multiple evaluations ---
diff --git a/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift b/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift
index 228e1231c99f..6c0c3c00988a 100644
--- a/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift
+++ b/swift/ql/test/query-tests/Security/CWE-760/rncryptor.swift
@@ -82,9 +82,9 @@ func test(myPassword: String) {
 	let _ = myEncryptor.key(forPassword: myPassword, salt: Data(getARandomString() + getARandomString()), settings: myKeyDerivationSettings) // GOOD
 	let _ = myEncryptor.key(forPassword: myPassword, salt: Data("123" + getARandomString()), settings: myKeyDerivationSettings) // GOOD
 	let _ = myEncryptor.key(forPassword: myPassword, salt: Data(getARandomString() + "abc"), settings: myKeyDerivationSettings) // GOOD
-	let _ = myEncryptor.key(forPassword: myPassword, salt: Data("123" + "abc"), settings: myKeyDerivationSettings) // BAD (constant salt) [NOT DETECTED]
+	let _ = myEncryptor.key(forPassword: myPassword, salt: Data("123" + "abc"), settings: myKeyDerivationSettings) // $ MISSING: Alert // BAD (constant salt) [NOT DETECTED]
 	let _ = myEncryptor.key(forPassword: myPassword, salt: Data("123\(getARandomString())abc"), settings: myKeyDerivationSettings) // GOOD
-	let _ = myEncryptor.key(forPassword: myPassword, salt: Data("123\("const"))abc"), settings: myKeyDerivationSettings) // BAD (constant salt) [NOT DETECTED]
+	let _ = myEncryptor.key(forPassword: myPassword, salt: Data("123\("const"))abc"), settings: myKeyDerivationSettings) // $ MISSING: Alert // BAD (constant salt) [NOT DETECTED]
 
 	var myMutableString1 = "123"
 	myMutableString1.append(getARandomString())

From 7ef19112e406bf1934c488d21c67e7b6fbd7da2e Mon Sep 17 00:00:00 2001
From: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
Date: Tue, 16 Jun 2026 14:53:18 +0200
Subject: [PATCH 4/5] Potential fix for pull request finding

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---
 swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
index 9a8ecbf2488b..334c71bd6858 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
@@ -40,7 +40,7 @@ func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value:
 	obj.myBankAccountNumber2 = value // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	obj.myBankAccountNumber2 = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	obj.notStoredBankAccountNumber = value // GOOD (not stored in the database)
-	obj.notStoredBankAccountNumber = bankAccountNo // $ SPURIOUS: Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
+	obj.notStoredBankAccountNumber = bankAccountNo // $ SPURIOUS: Alert[swift/cleartext-storage-database] // GOOD (not stored in the database) [FALSE POSITIVE]
 
 	maybeObj?.myValue = value // GOOD (not sensitive)
 	maybeObj?.myValue = bankAccountNo // $ Alert[swift/cleartext-storage-database]

From 4bfc2fd791dd24699aedbfe2f541143182697005 Mon Sep 17 00:00:00 2001
From: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
Date: Tue, 16 Jun 2026 14:53:48 +0200
Subject: [PATCH 5/5] Potential fix for pull request finding

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---
 swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
index 334c71bd6858..c935562c5f53 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift
@@ -49,7 +49,7 @@ func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value:
 	maybeObj?.myBankAccountNumber2 = value // $ MISSING: Alert[swift/cleartext-storage-database] // BAD [NOT DETECTED]
 	maybeObj?.myBankAccountNumber2 = bankAccountNo // $ Alert[swift/cleartext-storage-database]
 	maybeObj?.notStoredBankAccountNumber = value // GOOD (not stored in the database)
-	maybeObj?.notStoredBankAccountNumber = bankAccountNo // $ SPURIOUS: Alert[swift/cleartext-storage-database] // GOOD (not stored in the datbase) [FALSE POSITIVE]
+	maybeObj?.notStoredBankAccountNumber = bankAccountNo // $ SPURIOUS: Alert[swift/cleartext-storage-database] // GOOD (not stored in the database) [FALSE POSITIVE]
 }
 
 class testCoreData2_2 {