Merge pull request github#8476 from RasmusWL/shared-concepts-scaffolding

Python/JS/Ruby: Shared concepts scaffolding

Author: RasmusWL

config/identical-files.json

@@ -519,6 +519,11 @@
     "javascript/ql/lib/semmle/javascript/frameworks/data/internal/AccessPathSyntax.qll",
     "ruby/ql/lib/codeql/ruby/dataflow/internal/AccessPathSyntax.qll"
   ],
+  "Concepts Python/Ruby/JS": [
+    "python/ql/lib/semmle/python/internal/ConceptsShared.qll",
+    "ruby/ql/lib/codeql/ruby/internal/ConceptsShared.qll",
+    "javascript/ql/lib/semmle/javascript/internal/ConceptsShared.qll"
+  ],
   "Hostname Regexp queries": [
     "javascript/ql/src/Security/CWE-020/HostnameRegexpShared.qll",
     "python/ql/src/Security/CWE-020/HostnameRegexpShared.qll",
@@ -544,4 +549,4 @@
     "javascript/ql/lib/semmle/javascript/security/dataflow/HttpToFileAccessCustomizations.qll",
     "ruby/ql/lib/codeql/ruby/security/HttpToFileAccessCustomizations.qll"
   ]
-}
+}

javascript/ql/lib/semmle/javascript/internal/ConceptsImports.qll

@@ -0,0 +1,6 @@
+/**
+ * This file contains imports required for the JavaScript version of `ConceptsShared.qll`.
+ * Since they are language-specific, they can't be placed directly in that file, as it is shared between languages.
+ */
+
+import semmle.javascript.dataflow.DataFlow::DataFlow as DataFlow

javascript/ql/lib/semmle/javascript/internal/ConceptsShared.qll

@@ -0,0 +1,13 @@
+/**
+ * Provides Concepts which are shared across languages.
+ *
+ * Each language has a language specific `Concepts.qll` file that can import the
+ * shared concepts from this file. A language can either re-export the concept directly,
+ * or can add additional member-predicates that are needed for that language.
+ *
+ * Moving forward, `Concepts.qll` will be the staging ground for brand new concepts from
+ * each language, but we will maintain a discipline of moving those concepts to
+ * `ConceptsShared.qll` ASAP.
+ */
+
+private import ConceptsImports

python/ql/lib/semmle/python/internal/ConceptsImports.qll

@@ -0,0 +1,6 @@
+/**
+ * This file contains imports required for the Python version of `ConceptsShared.qll`.
+ * Since they are language-specific, they can't be placed directly in that file, as it is shared between languages.
+ */
+
+import semmle.python.dataflow.new.DataFlow

python/ql/lib/semmle/python/internal/ConceptsShared.qll

@@ -0,0 +1,13 @@
+/**
+ * Provides Concepts which are shared across languages.
+ *
+ * Each language has a language specific `Concepts.qll` file that can import the
+ * shared concepts from this file. A language can either re-export the concept directly,
+ * or can add additional member-predicates that are needed for that language.
+ *
+ * Moving forward, `Concepts.qll` will be the staging ground for brand new concepts from
+ * each language, but we will maintain a discipline of moving those concepts to
+ * `ConceptsShared.qll` ASAP.
+ */
+
+private import ConceptsImports

ruby/ql/lib/codeql/ruby/internal/ConceptsImports.qll

@@ -0,0 +1,6 @@
+/**
+ * This file contains imports required for the Ruby version of `ConceptsShared.qll`.
+ * Since they are language-specific, they can't be placed directly in that file, as it is shared between languages.
+ */
+
+import codeql.ruby.DataFlow

ruby/ql/lib/codeql/ruby/internal/ConceptsShared.qll

@@ -0,0 +1,13 @@
+/**
+ * Provides Concepts which are shared across languages.
+ *
+ * Each language has a language specific `Concepts.qll` file that can import the
+ * shared concepts from this file. A language can either re-export the concept directly,
+ * or can add additional member-predicates that are needed for that language.
+ *
+ * Moving forward, `Concepts.qll` will be the staging ground for brand new concepts from
+ * each language, but we will maintain a discipline of moving those concepts to
+ * `ConceptsShared.qll` ASAP.
+ */
+
+private import ConceptsImports