Ruby: add missing qldoc comments for SQL injection query

nickrolfe · nickrolfe · commit b91b3148a485 · 2022-11-10T15:26:42.000Z
diff --git a/ruby/ql/lib/codeql/ruby/security/SqlInjectionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/SqlInjectionCustomizations.qll
@@ -13,10 +13,13 @@ private import codeql.ruby.dataflow.RemoteFlowSources
  * vulnerabilities, as well as extension points for adding your own.
  */
 module SqlInjection {
+  /** A data flow source for SQL injection vulnerabilities. */
   abstract class Source extends DataFlow::Node { }
 
+  /** A data flow sink for SQL injection vulnerabilities. */
   abstract class Sink extends DataFlow::Node { }
 
+  /** A sanitizer for SQL injection vulnerabilities. */
   abstract class Sanitizer extends DataFlow::Node { }
 
   /**
diff --git a/ruby/ql/lib/codeql/ruby/security/SqlInjectionQuery.qll b/ruby/ql/lib/codeql/ruby/security/SqlInjectionQuery.qll
@@ -7,6 +7,9 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.TaintTracking
 import SqlInjectionCustomizations::SqlInjection
 
+/**
+ * A taint-tracking configuration for detecting SQL injection vulnerabilities.
+ */
 class Configuration extends TaintTracking::Configuration {
   Configuration() { this = "SqlInjectionConfiguration" }
 
