Move the definition of isSource to the base class:

A long as we're not boosting sources, `isSource` is identical to `isKnownSource`.

Author: tiferet

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll

@@ -33,6 +33,12 @@ abstract class AtmConfig extends JS::TaintTracking::Configuration {
   bindingset[this]
   AtmConfig() { any() }
 
+  /**
+   * Holds if `source` is a relevant taint source. When sources are not boosted, `isSource` is equivalent to
+   * `isKnownSource` (i.e there are no "effective" sources to be classified by an ML model).
+   */
+  override predicate isSource(JS::DataFlow::Node source) { this.isKnownSource(source) }
+
   /**
    * EXPERIMENTAL. This API may change in the future.
    *

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/NosqlInjectionATM.qll

@@ -25,8 +25,6 @@ class Configuration extends AtmConfig {
    * generalised to cover the sinks predicted by ATM.
    */
 
-  override predicate isSource(DataFlow::Node source) { source instanceof NosqlInjection::Source }
-
   override predicate isSource(DataFlow::Node source, DataFlow::FlowLabel label) {
     TaintedObject::isSource(source, label)
   }

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/SqlInjectionATM.qll

@@ -16,11 +16,10 @@ class Configuration extends AtmConfig {
 
   override EndpointType getASinkEndpointType() { result instanceof SqlInjectionSinkType }
 
-  /**
+  /*
    * This is largely a copy of the taint tracking configuration for the standard SQL injection
    * query, except additional sinks have been added using the sink endpoint filter.
    */
-  override predicate isSource(DataFlow::Node source) { source instanceof SqlInjection::Source }
 
   override predicate isSink(DataFlow::Node sink) {
     sink instanceof SqlInjection::Sink or isEffectiveSink(sink)

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll

@@ -16,11 +16,10 @@ class Configuration extends AtmConfig {
 
   override EndpointType getASinkEndpointType() { result instanceof TaintedPathSinkType }
 
-  /**
+  /*
    * This is largely a copy of the taint tracking configuration for the standard path injection
    * query, except additional ATM sinks have been added to the `isSink` predicate.
    */
-  override predicate isSource(DataFlow::Node source) { source instanceof TaintedPath::Source }
 
   override predicate isSink(DataFlow::Node sink, DataFlow::FlowLabel label) {
     label = sink.(TaintedPath::Sink).getAFlowLabel()

javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll

@@ -1,6 +1,7 @@
 /**
  * For internal use only.
  *
+ * A taint-tracking configuration for reasoning about XSS vulnerabilities.
  * Defines shared code used by the XSS boosted query.
  */
 
@@ -15,13 +16,10 @@ class Configuration extends AtmConfig {
 
   override EndpointType getASinkEndpointType() { result instanceof XssSinkType }
 
-  /**
-   * A taint-tracking configuration for reasoning about XSS vulnerabilities.
-   *
+  /*
    * This is largely a copy of the taint tracking configuration for the standard XSSThroughDom query,
    * except additional ATM sinks have been added to the `isSink` predicate.
    */
-  override predicate isSource(DataFlow::Node source) { source instanceof DomBasedXss::Source }
 
   override predicate isSink(DataFlow::Node sink) {
     sink instanceof DomBasedXss::Sink or