Remove uses of deprecated Tag types

src/file_analysis/Analyzer.cc

@@ -15,13 +15,13 @@ Analyzer::~Analyzer()
 	DBG_LOG(DBG_FILE_ANALYSIS, "Destroy file analyzer %s", file_mgr->GetComponentName(tag).c_str());
 	}
 
-void Analyzer::SetAnalyzerTag(const file_analysis::Tag& arg_tag)
+void Analyzer::SetAnalyzerTag(const zeek::Tag& arg_tag)
 	{
 	assert(! tag || tag == arg_tag);
 	tag = arg_tag;
 	}
 
-Analyzer::Analyzer(file_analysis::Tag arg_tag, RecordValPtr arg_args, File* arg_file)
+Analyzer::Analyzer(zeek::Tag arg_tag, RecordValPtr arg_args, File* arg_file)
 	: tag(arg_tag), args(std::move(arg_args)), file(arg_file), got_stream_delivery(false),
 	  skip(false)
 	{

src/file_analysis/Analyzer.h

@@ -4,7 +4,7 @@
 
 #include <sys/types.h> // for u_char
 
-#include "zeek/file_analysis/Tag.h"
+#include "zeek/Tag.h"
 
 namespace zeek
 	{
@@ -81,7 +81,7 @@ public:
 	/**
 	 * @return the analyzer type enum value.
 	 */
-	file_analysis::Tag Tag() const { return tag; }
+	zeek::Tag Tag() const { return tag; }
 
 	/**
 	 * Returns the analyzer instance's internal ID. These IDs are unique
@@ -106,7 +106,7 @@ public:
 	 * did not receive a name or tag. The method cannot be used to change
 	 * an existing tag.
 	 */
-	void SetAnalyzerTag(const file_analysis::Tag& tag);
+	void SetAnalyzerTag(const zeek::Tag& tag);
 
 	/**
 	 * @return true if the analyzer has ever seen a stream-wise delivery.
@@ -141,7 +141,7 @@ protected:
 	 *        tunable options, if any, related to a particular analyzer type.
 	 * @param arg_file the file to which the the analyzer is being attached.
 	 */
-	Analyzer(file_analysis::Tag arg_tag, RecordValPtr arg_args, File* arg_file);
+	Analyzer(zeek::Tag arg_tag, RecordValPtr arg_args, File* arg_file);
 
 	/**
 	 * Constructor.  Only derived classes are meant to be instantiated.
@@ -156,7 +156,7 @@ protected:
 
 private:
 	ID id; /**< Unique instance ID. */
-	file_analysis::Tag tag; /**< The particular type of the analyzer instance. */
+	zeek::Tag tag; /**< The particular type of the analyzer instance. */
 	RecordValPtr args; /**< \c AnalyzerArgs val gives tunable analyzer params. */
 	File* file; /**< The file to which the analyzer is attached. */
 	bool got_stream_delivery;

src/file_analysis/AnalyzerSet.cc

@@ -42,14 +42,14 @@ AnalyzerSet::~AnalyzerSet()
 	delete analyzer_hash;
 	}
 
-Analyzer* AnalyzerSet::Find(const file_analysis::Tag& tag, RecordValPtr args)
+Analyzer* AnalyzerSet::Find(const zeek::Tag& tag, RecordValPtr args)
 	{
 	auto key = GetKey(tag, std::move(args));
 	Analyzer* rval = analyzer_map.Lookup(key.get());
 	return rval;
 	}
 
-bool AnalyzerSet::Add(const file_analysis::Tag& tag, RecordValPtr args)
+bool AnalyzerSet::Add(const zeek::Tag& tag, RecordValPtr args)
 	{
 	auto key = GetKey(tag, args);
 
@@ -71,7 +71,7 @@ bool AnalyzerSet::Add(const file_analysis::Tag& tag, RecordValPtr args)
 	return true;
 	}
 
-Analyzer* AnalyzerSet::QueueAdd(const file_analysis::Tag& tag, RecordValPtr args)
+Analyzer* AnalyzerSet::QueueAdd(const zeek::Tag& tag, RecordValPtr args)
 	{
 	auto key = GetKey(tag, args);
 	file_analysis::Analyzer* a = InstantiateAnalyzer(tag, std::move(args));
@@ -105,12 +105,12 @@ void AnalyzerSet::AddMod::Abort()
 	delete a;
 	}
 
-bool AnalyzerSet::Remove(const file_analysis::Tag& tag, RecordValPtr args)
+bool AnalyzerSet::Remove(const zeek::Tag& tag, RecordValPtr args)
 	{
 	return Remove(tag, GetKey(tag, std::move(args)));
 	}
 
-bool AnalyzerSet::Remove(const file_analysis::Tag& tag, std::unique_ptr<zeek::detail::HashKey> key)
+bool AnalyzerSet::Remove(const zeek::Tag& tag, std::unique_ptr<zeek::detail::HashKey> key)
 	{
 	auto a = (file_analysis::Analyzer*)analyzer_map.Remove(key.get());
 
@@ -134,7 +134,7 @@ bool AnalyzerSet::Remove(const file_analysis::Tag& tag, std::unique_ptr<zeek::de
 	return true;
 	}
 
-bool AnalyzerSet::QueueRemove(const file_analysis::Tag& tag, RecordValPtr args)
+bool AnalyzerSet::QueueRemove(const zeek::Tag& tag, RecordValPtr args)
 	{
 	auto key = GetKey(tag, std::move(args));
 	auto rval = analyzer_map.Lookup(key.get());
@@ -147,7 +147,7 @@ bool AnalyzerSet::RemoveMod::Perform(AnalyzerSet* set)
 	return set->Remove(tag, std::move(key));
 	}
 
-std::unique_ptr<zeek::detail::HashKey> AnalyzerSet::GetKey(const file_analysis::Tag& t,
+std::unique_ptr<zeek::detail::HashKey> AnalyzerSet::GetKey(const zeek::Tag& t,
                                                            RecordValPtr args) const
 	{
 	auto lv = make_intrusive<ListVal>(TYPE_ANY);

src/file_analysis/AnalyzerSet.h

@@ -6,7 +6,7 @@
 #include <queue>
 
 #include "zeek/Dict.h"
-#include "zeek/file_analysis/Tag.h"
+#include "zeek/Tag.h"
 
 namespace zeek
 	{
@@ -55,7 +55,7 @@ public:
 	 * @param args an \c AnalyzerArgs record.
 	 * @return pointer to an analyzer instance, or a null pointer if not found.
 	 */
-	Analyzer* Find(const file_analysis::Tag& tag, RecordValPtr args);
+	Analyzer* Find(const zeek::Tag& tag, RecordValPtr args);
 
 	/**
 	 * Attach an analyzer to #file immediately.
@@ -63,7 +63,7 @@ public:
 	 * @param args an \c AnalyzerArgs value which specifies an analyzer.
 	 * @return true if analyzer was instantiated/attached, else false.
 	 */
-	bool Add(const file_analysis::Tag& tag, RecordValPtr args);
+	bool Add(const zeek::Tag& tag, RecordValPtr args);
 
 	/**
 	 * Queue the attachment of an analyzer to #file.
@@ -72,7 +72,7 @@ public:
 	 * @return if successful, a pointer to a newly instantiated analyzer else
 	 * a null pointer.  The caller does *not* take ownership of the memory.
 	 */
-	file_analysis::Analyzer* QueueAdd(const file_analysis::Tag& tag, RecordValPtr args);
+	file_analysis::Analyzer* QueueAdd(const zeek::Tag& tag, RecordValPtr args);
 
 	/**
 	 * Remove an analyzer from #file immediately.
@@ -80,7 +80,7 @@ public:
 	 * @param args an \c AnalyzerArgs value which specifies an analyzer.
 	 * @return false if analyzer didn't exist and so wasn't removed, else true.
 	 */
-	bool Remove(const file_analysis::Tag& tag, RecordValPtr args);
+	bool Remove(const zeek::Tag& tag, RecordValPtr args);
 
 	/**
 	 * Queue the removal of an analyzer from #file.
@@ -88,7 +88,7 @@ public:
 	 * @param args an \c AnalyzerArgs value which specifies an analyzer.
 	 * @return true if analyzer exists at time of call, else false;
 	 */
-	bool QueueRemove(const file_analysis::Tag& tag, RecordValPtr args);
+	bool QueueRemove(const zeek::Tag& tag, RecordValPtr args);
 
 	/**
 	 * Perform all queued modifications to the current analyzer set.
@@ -146,8 +146,7 @@ protected:
 	 * @param args an \c AnalyzerArgs value which specifies an analyzer.
 	 * @return the hash key calculated from \a args
 	 */
-	std::unique_ptr<zeek::detail::HashKey> GetKey(const file_analysis::Tag& tag,
-	                                              RecordValPtr args) const;
+	std::unique_ptr<zeek::detail::HashKey> GetKey(const zeek::Tag& tag, RecordValPtr args) const;
 
 	/**
 	 * Create an instance of a file analyzer.
@@ -155,8 +154,7 @@ protected:
 	 * @param args an \c AnalyzerArgs value which specifies an analyzer.
 	 * @return a new file analyzer instance.
 	 */
-	file_analysis::Analyzer* InstantiateAnalyzer(const file_analysis::Tag& tag,
-	                                             RecordValPtr args) const;
+	file_analysis::Analyzer* InstantiateAnalyzer(const zeek::Tag& tag, RecordValPtr args) const;
 
 	/**
 	 * Insert an analyzer instance in to the set.
@@ -171,7 +169,7 @@ protected:
 	 *        just used for debugging messages.
 	 * @param key the hash key which represents the analyzer's \c AnalyzerArgs.
 	 */
-	bool Remove(const file_analysis::Tag& tag, std::unique_ptr<zeek::detail::HashKey> key);
+	bool Remove(const zeek::Tag& tag, std::unique_ptr<zeek::detail::HashKey> key);
 
 private:
 	File* file; /**< File which owns the set */
@@ -234,7 +232,7 @@ private:
 		 * @param arg_a an analyzer instance to add to an analyzer set.
 		 * @param arg_key hash key representing the analyzer's \c AnalyzerArgs.
 		 */
-		RemoveMod(const file_analysis::Tag& arg_tag, std::unique_ptr<zeek::detail::HashKey> arg_key)
+		RemoveMod(const zeek::Tag& arg_tag, std::unique_ptr<zeek::detail::HashKey> arg_key)
 			: Modification(), tag(arg_tag), key(std::move(arg_key))
 			{
 			}
@@ -243,7 +241,7 @@ private:
 		void Abort() override { }
 
 	protected:
-		file_analysis::Tag tag;
+		zeek::Tag tag;
 		std::unique_ptr<zeek::detail::HashKey> key;
 		};
 

src/file_analysis/Component.h

@@ -4,7 +4,7 @@
 
 #include "zeek/zeek-config.h"
 
-#include "zeek/file_analysis/Tag.h"
+#include "zeek/Tag.h"
 #include "zeek/plugin/Component.h"
 #include "zeek/plugin/TaggedComponent.h"
 
@@ -47,15 +47,15 @@ public:
 	 *
 	 * @param subtype A subtype associated with this component that
 	 * further distinguishes it. The subtype will be integrated into the
-	 * analyzer::Tag that the manager associates with this analyzer, and
-	 * analyzer instances can accordingly access it via analyzer::Tag().
+	 * Tag that the manager associates with this analyzer, and
+	 * analyzer instances can accordingly access it via Tag().
 	 * If not used, leave at zero.
 	 *
 	 * @param enabled If false the analyzer starts out as disabled and
 	 * hence won't be used. It can still be enabled later via the
 	 * manager, including from script-land.
 	 */
-	Component(const std::string& name, factory_function factory, Tag::subtype_t subtype = 0,
+	Component(const std::string& name, factory_function factory, zeek::Tag::subtype_t subtype = 0,
 	          bool enabled = true);
 
 	/**

src/file_analysis/File.cc

@@ -79,7 +79,7 @@ void File::StaticInit()
 	}
 
 File::File(const std::string& file_id, const std::string& source_name, Connection* conn,
-           analyzer::Tag tag, bool is_orig)
+           zeek::Tag tag, bool is_orig)
 	: id(file_id), val(nullptr), file_reassembler(nullptr), stream_offset(0),
 	  reassembly_max_buffer(0), did_metadata_inference(false), reassembly_enabled(false),
 	  postpone_timeout(false), done(false), analyzers(this)
@@ -246,7 +246,7 @@ void File::ScheduleInactivityTimer() const
 		new detail::FileTimer(run_state::network_time, id, GetTimeoutInterval()));
 	}
 
-bool File::AddAnalyzer(file_analysis::Tag tag, RecordValPtr args)
+bool File::AddAnalyzer(zeek::Tag tag, RecordValPtr args)
 	{
 	DBG_LOG(DBG_FILE_ANALYSIS, "[%s] Queuing addition of %s analyzer", id.c_str(),
 	        file_mgr->GetComponentName(tag).c_str());
@@ -257,7 +257,7 @@ bool File::AddAnalyzer(file_analysis::Tag tag, RecordValPtr args)
 	return analyzers.QueueAdd(tag, std::move(args)) != nullptr;
 	}
 
-bool File::RemoveAnalyzer(file_analysis::Tag tag, RecordValPtr args)
+bool File::RemoveAnalyzer(zeek::Tag tag, RecordValPtr args)
 	{
 	DBG_LOG(DBG_FILE_ANALYSIS, "[%s] Queuing remove of %s analyzer", id.c_str(),
 	        file_mgr->GetComponentName(tag).c_str());

src/file_analysis/File.h

@@ -119,7 +119,7 @@ public:
 	 * @param args an \c AnalyzerArgs value representing a file analyzer.
 	 * @return false if analyzer can't be instantiated, else true.
 	 */
-	bool AddAnalyzer(file_analysis::Tag tag, RecordValPtr args);
+	bool AddAnalyzer(zeek::Tag tag, RecordValPtr args);
 
 	/**
 	 * Queues removal of an analyzer.
@@ -127,7 +127,7 @@ public:
 	 * @param args an \c AnalyzerArgs value representing a file analyzer.
 	 * @return true if analyzer was active at time of call, else false.
 	 */
-	bool RemoveAnalyzer(file_analysis::Tag tag, RecordValPtr args);
+	bool RemoveAnalyzer(zeek::Tag tag, RecordValPtr args);
 
 	/**
 	 * Signal that this analyzer can be deleted once it's safe to do so.
@@ -223,7 +223,7 @@ protected:
 	 *        direction.
 	 */
 	File(const std::string& file_id, const std::string& source_name, Connection* conn = nullptr,
-	     analyzer::Tag tag = analyzer::Tag::Error, bool is_orig = false);
+	     zeek::Tag tag = zeek::Tag::Error, bool is_orig = false);
 
 	/**
 	 * Updates the "conn_ids" and "conn_uids" fields in #val record with the

src/file_analysis/Manager.cc

@@ -87,7 +87,7 @@ void Manager::SetHandle(const string& handle)
 	current_file_id = HashHandle(handle);
 	}
 
-string Manager::DataIn(const u_char* data, uint64_t len, uint64_t offset, const analyzer::Tag& tag,
+string Manager::DataIn(const u_char* data, uint64_t len, uint64_t offset, const zeek::Tag& tag,
                        Connection* conn, bool is_orig, const string& precomputed_id,
                        const string& mime_type)
 	{
@@ -117,7 +117,7 @@ string Manager::DataIn(const u_char* data, uint64_t len, uint64_t offset, const
 	return id;
 	}
 
-string Manager::DataIn(const u_char* data, uint64_t len, const analyzer::Tag& tag, Connection* conn,
+string Manager::DataIn(const u_char* data, uint64_t len, const zeek::Tag& tag, Connection* conn,
                        bool is_orig, const string& precomputed_id, const string& mime_type)
 	{
 	string id = precomputed_id.empty() ? GetFileID(tag, conn, is_orig) : precomputed_id;
@@ -145,7 +145,7 @@ string Manager::DataIn(const u_char* data, uint64_t len, const analyzer::Tag& ta
 void Manager::DataIn(const u_char* data, uint64_t len, const string& file_id, const string& source,
                      const string& mime_type)
 	{
-	File* file = GetFile(file_id, nullptr, analyzer::Tag::Error, false, false, source.c_str());
+	File* file = GetFile(file_id, nullptr, zeek::Tag::Error, false, false, source.c_str());
 
 	if ( ! file )
 		return;
@@ -162,7 +162,7 @@ void Manager::DataIn(const u_char* data, uint64_t len, const string& file_id, co
 void Manager::DataIn(const u_char* data, uint64_t len, uint64_t offset, const string& file_id,
                      const string& source, const string& mime_type)
 	{
-	File* file = GetFile(file_id, nullptr, analyzer::Tag::Error, false, false, source.c_str());
+	File* file = GetFile(file_id, nullptr, zeek::Tag::Error, false, false, source.c_str());
 
 	if ( ! file )
 		return;
@@ -176,13 +176,13 @@ void Manager::DataIn(const u_char* data, uint64_t len, uint64_t offset, const st
 		RemoveFile(file->GetID());
 	}
 
-void Manager::EndOfFile(const analyzer::Tag& tag, Connection* conn)
+void Manager::EndOfFile(const zeek::Tag& tag, Connection* conn)
 	{
 	EndOfFile(tag, conn, true);
 	EndOfFile(tag, conn, false);
 	}
 
-void Manager::EndOfFile(const analyzer::Tag& tag, Connection* conn, bool is_orig)
+void Manager::EndOfFile(const zeek::Tag& tag, Connection* conn, bool is_orig)
 	{
 	// Don't need to create a file if we're just going to remove it right away.
 	RemoveFile(GetFileID(tag, conn, is_orig));
@@ -193,7 +193,7 @@ void Manager::EndOfFile(const string& file_id)
 	RemoveFile(file_id);
 	}
 
-string Manager::Gap(uint64_t offset, uint64_t len, const analyzer::Tag& tag, Connection* conn,
+string Manager::Gap(uint64_t offset, uint64_t len, const zeek::Tag& tag, Connection* conn,
                     bool is_orig, const string& precomputed_id)
 	{
 	string id = precomputed_id.empty() ? GetFileID(tag, conn, is_orig) : precomputed_id;
@@ -206,7 +206,7 @@ string Manager::Gap(uint64_t offset, uint64_t len, const analyzer::Tag& tag, Con
 	return id;
 	}
 
-string Manager::SetSize(uint64_t size, const analyzer::Tag& tag, Connection* conn, bool is_orig,
+string Manager::SetSize(uint64_t size, const zeek::Tag& tag, Connection* conn, bool is_orig,
                         const string& precomputed_id)
 	{
 	string id = precomputed_id.empty() ? GetFileID(tag, conn, is_orig) : precomputed_id;
@@ -283,8 +283,7 @@ bool Manager::SetExtractionLimit(const string& file_id, RecordValPtr args, uint6
 	return file->SetExtractionLimit(std::move(args), n);
 	}
 
-bool Manager::AddAnalyzer(const string& file_id, const file_analysis::Tag& tag,
-                          RecordValPtr args) const
+bool Manager::AddAnalyzer(const string& file_id, const zeek::Tag& tag, RecordValPtr args) const
 	{
 	File* file = LookupFile(file_id);
 
@@ -294,8 +293,7 @@ bool Manager::AddAnalyzer(const string& file_id, const file_analysis::Tag& tag,
 	return file->AddAnalyzer(tag, std::move(args));
 	}
 
-bool Manager::RemoveAnalyzer(const string& file_id, const file_analysis::Tag& tag,
-                             RecordValPtr args) const
+bool Manager::RemoveAnalyzer(const string& file_id, const zeek::Tag& tag, RecordValPtr args) const
 	{
 	File* file = LookupFile(file_id);
 
@@ -305,8 +303,8 @@ bool Manager::RemoveAnalyzer(const string& file_id, const file_analysis::Tag& ta
 	return file->RemoveAnalyzer(tag, std::move(args));
 	}
 
-File* Manager::GetFile(const string& file_id, Connection* conn, const analyzer::Tag& tag,
-                       bool is_orig, bool update_conn, const char* source_name)
+File* Manager::GetFile(const string& file_id, Connection* conn, const zeek::Tag& tag, bool is_orig,
+                       bool update_conn, const char* source_name)
 	{
 	if ( file_id.empty() )
 		return nullptr;
@@ -417,7 +415,7 @@ bool Manager::IsIgnored(const string& file_id)
 	return ignored.find(file_id) != ignored.end();
 	}
 
-string Manager::GetFileID(const analyzer::Tag& tag, Connection* c, bool is_orig)
+string Manager::GetFileID(const zeek::Tag& tag, Connection* c, bool is_orig)
 	{
 	current_file_id.clear();
 
@@ -437,7 +435,7 @@ string Manager::GetFileID(const analyzer::Tag& tag, Connection* c, bool is_orig)
 	return current_file_id;
 	}
 
-bool Manager::IsDisabled(const analyzer::Tag& tag)
+bool Manager::IsDisabled(const zeek::Tag& tag)
 	{
 	if ( ! disabled )
 		disabled = id::find_const("Files::disable")->AsTableVal();

src/file_analysis/Manager.h

@@ -8,7 +8,7 @@
 
 #include "zeek/RuleMatcher.h"
 #include "zeek/RunState.h"
-#include "zeek/analyzer/Tag.h"
+#include "zeek/Tag.h"
 #include "zeek/file_analysis/Component.h"
 #include "zeek/file_analysis/FileTimer.h"
 #include "zeek/plugin/ComponentManager.h"
@@ -110,7 +110,7 @@ public:
 	 *         the \c get_file_handle script-layer event).  An empty string
 	 *         indicates the associate file is not going to be analyzed further.
 	 */
-	std::string DataIn(const u_char* data, uint64_t len, uint64_t offset, const analyzer::Tag& tag,
+	std::string DataIn(const u_char* data, uint64_t len, uint64_t offset, const zeek::Tag& tag,
 	                   Connection* conn, bool is_orig, const std::string& precomputed_file_id = "",
 	                   const std::string& mime_type = "");
 
@@ -136,7 +136,7 @@ public:
 	 *         the \c get_file_handle script-layer event).  An empty string
 	 *         indicates the associated file is not going to be analyzed further.
 	 */
-	std::string DataIn(const u_char* data, uint64_t len, const analyzer::Tag& tag, Connection* conn,
+	std::string DataIn(const u_char* data, uint64_t len, const zeek::Tag& tag, Connection* conn,
 	                   bool is_orig, const std::string& precomputed_file_id = "",
 	                   const std::string& mime_type = "");
 
@@ -183,7 +183,7 @@ public:
 	 * @param tag network protocol over which the file data is transferred.
 	 * @param conn network connection over which the file data is transferred.
 	 */
-	void EndOfFile(const analyzer::Tag& tag, Connection* conn);
+	void EndOfFile(const zeek::Tag& tag, Connection* conn);
 
 	/**
 	 * Signal the end of file data being transferred over a connection in
@@ -191,7 +191,7 @@ public:
 	 * @param tag network protocol over which the file data is transferred.
 	 * @param conn network connection over which the file data is transferred.
 	 */
-	void EndOfFile(const analyzer::Tag& tag, Connection* conn, bool is_orig);
+	void EndOfFile(const zeek::Tag& tag, Connection* conn, bool is_orig);
 
 	/**
 	 * Signal the end of file data being transferred using the file identifier.
@@ -215,7 +215,7 @@ public:
 	 *         the \c get_file_handle script-layer event).  An empty string
 	 *         indicates the associate file is not going to be analyzed further.
 	 */
-	std::string Gap(uint64_t offset, uint64_t len, const analyzer::Tag& tag, Connection* conn,
+	std::string Gap(uint64_t offset, uint64_t len, const zeek::Tag& tag, Connection* conn,
 	                bool is_orig, const std::string& precomputed_file_id = "");
 
 	/**
@@ -233,7 +233,7 @@ public:
 	 *         the \c get_file_handle script-layer event).  An empty string
 	 *         indicates the associate file is not going to be analyzed further.
 	 */
-	std::string SetSize(uint64_t size, const analyzer::Tag& tag, Connection* conn, bool is_orig,
+	std::string SetSize(uint64_t size, const zeek::Tag& tag, Connection* conn, bool is_orig,
 	                    const std::string& precomputed_file_id = "");
 
 	/**
@@ -298,8 +298,7 @@ public:
 	 * @param args a \c AnalyzerArgs value which describes a file analyzer.
 	 * @return false if the analyzer failed to be instantiated, else true.
 	 */
-	bool AddAnalyzer(const std::string& file_id, const file_analysis::Tag& tag,
-	                 RecordValPtr args) const;
+	bool AddAnalyzer(const std::string& file_id, const zeek::Tag& tag, RecordValPtr args) const;
 
 	/**
 	 * Queue removal of an analyzer for a given file identifier.
@@ -308,8 +307,7 @@ public:
 	 * @param args a \c AnalyzerArgs value which describes a file analyzer.
 	 * @return true if the analyzer is active at the time of call, else false.
 	 */
-	bool RemoveAnalyzer(const std::string& file_id, const file_analysis::Tag& tag,
-	                    RecordValPtr args) const;
+	bool RemoveAnalyzer(const std::string& file_id, const zeek::Tag& tag, RecordValPtr args) const;
 
 	/**
 	 * Tells whether analysis for a file is active or ignored.
@@ -379,7 +377,7 @@ protected:
 	 *         connection-related fields.
 	 */
 	File* GetFile(const std::string& file_id, Connection* conn = nullptr,
-	              const analyzer::Tag& tag = analyzer::Tag::Error, bool is_orig = false,
+	              const zeek::Tag& tag = zeek::Tag::Error, bool is_orig = false,
 	              bool update_conn = true, const char* source_name = nullptr);
 
 	/**
@@ -409,7 +407,7 @@ protected:
 	 * @return #current_file_id, which is a hash of a unique file handle string
 	 *         set by a \c get_file_handle event handler.
 	 */
-	std::string GetFileID(const analyzer::Tag& tag, Connection* c, bool is_orig);
+	std::string GetFileID(const zeek::Tag& tag, Connection* c, bool is_orig);
 
 	/**
 	 * Check if analysis is available for files transferred over a given
@@ -419,7 +417,7 @@ protected:
 	 * @return whether file analysis is disabled for the analyzer given by
 	 *         \a tag.
 	 */
-	static bool IsDisabled(const analyzer::Tag& tag);
+	static bool IsDisabled(const zeek::Tag& tag);
 
 private:
 	using TagSet = std::set<Tag>;

src/file_analysis/analyzer/x509/X509Common.cc

@@ -17,7 +17,7 @@
 namespace zeek::file_analysis::detail
 	{
 
-X509Common::X509Common(const file_analysis::Tag& arg_tag, RecordValPtr arg_args,
+X509Common::X509Common(const zeek::Tag& arg_tag, RecordValPtr arg_args,
                        file_analysis::File* arg_file)
 	: file_analysis::Analyzer(arg_tag, std::move(arg_args), arg_file)
 	{

src/file_analysis/analyzer/x509/X509Common.h

@@ -49,8 +49,7 @@ public:
 	                              Reporter* reporter);
 
 protected:
-	X509Common(const file_analysis::Tag& arg_tag, RecordValPtr arg_args,
-	           file_analysis::File* arg_file);
+	X509Common(const zeek::Tag& arg_tag, RecordValPtr arg_args, file_analysis::File* arg_file);
 
 	void ParseExtension(X509_EXTENSION* ex, const EventHandlerPtr& h, bool global);
 	void ParseSignedCertificateTimestamps(X509_EXTENSION* ext);