Move the definition of isSink to the base class:

Holds if `sink` is a known taint sink or an "effective" sink.

Author: tiferet

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll

@@ -39,6 +39,13 @@ abstract class AtmConfig extends JS::TaintTracking::Configuration {
    */
   override predicate isSource(JS::DataFlow::Node source) { this.isKnownSource(source) }
 
+  /**
+   * Holds if `sink` is a known taint sink or an "effective" sink (a candidate to be classified by an ML model).
+   */
+  override predicate isSink(JS::DataFlow::Node sink) {
+    this.isKnownSink(sink) or this.isEffectiveSink(sink)
+  }
+
   /**
    * EXPERIMENTAL. This API may change in the future.
    *

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/SqlInjectionATM.qll

@@ -21,10 +21,6 @@ class Configuration extends AtmConfig {
    * query, except additional sinks have been added using the sink endpoint filter.
    */
 
-  override predicate isSink(DataFlow::Node sink) {
-    sink instanceof SqlInjection::Sink or isEffectiveSink(sink)
-  }
-
   override predicate isSanitizer(DataFlow::Node node) {
     super.isSanitizer(node) or
     node instanceof SqlInjection::Sanitizer

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll

@@ -21,11 +21,6 @@ class Configuration extends AtmConfig {
    * except additional ATM sinks have been added to the `isSink` predicate.
    */
 
-  override predicate isSink(DataFlow::Node sink) {
-    sink instanceof DomBasedXss::Sink or
-    isEffectiveSink(sink)
-  }
-
   override predicate isSanitizer(DataFlow::Node node) {
     super.isSanitizer(node) or
     node instanceof DomBasedXss::Sanitizer