Apply suggestions from code review

Co-authored-by: Alex Ford <[email protected]>

Author: maikypedia

ruby/ql/lib/codeql/ruby/frameworks/Erb.qll

@@ -9,15 +9,15 @@ private import codeql.ruby.Concepts
 /**
  * Provides templating for embedding Ruby code into text files, allowing dynamic content generation in web applications.
  */
-module ERB {
+module Erb {
   /**
    * Flow summary for `ERB.new`. This method wraps a template string, compiling it.
    */
   private class TemplateSummary extends SummarizedCallable {
     TemplateSummary() { this = "ERB.new" }
 
     override MethodCall getACall() {
-      result = API::getTopLevelMember("ERB").getAMethodCall("new").asExpr().getExpr()
+      result = any(ErbTemplateNewCall c).asExpr().getExpr()
     }
 
     override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
@@ -26,18 +26,18 @@ module ERB {
   }
 
   /** A call to `ERB.new`, considered as a template construction. */
-  private class ERBTemplateNewCall extends TemplateConstruction::Range, DataFlow::CallNode {
-    ERBTemplateNewCall() { this = API::getTopLevelMember("ERB").getAMethodCall("new") }
+  private class ErbTemplateNewCall extends TemplateConstruction::Range, DataFlow::CallNode {
+    ERBTemplateNewCall() { this = API::getTopLevelMember("ERB").getAnInstantiation() }
 
     override DataFlow::Node getTemplate() { result = this.getArgument(0) }
   }
 
   /** A call to `ERB.new(foo).result(binding)`, considered as a template rendering. */
-  private class ERBTemplateRendering extends TemplateRendering::Range, DataFlow::CallNode {
-    DataFlow::Node template;
+  private class ErbTemplateRendering extends TemplateRendering::Range, DataFlow::CallNode {
+    private DataFlow::Node template;
 
-    ERBTemplateRendering() {
-      exists(ERBTemplateNewCall templateConstruction |
+    ErbTemplateRendering() {
+      exists(ErbTemplateNewCall templateConstruction |
         this = templateConstruction.getAMethodCall("result") and
         template = templateConstruction.getTemplate()
       )

ruby/ql/lib/codeql/ruby/frameworks/Slim.qll

@@ -13,7 +13,7 @@ module Slim {
   /** A call to `Slim::Template.new`, considered as a template construction. */
   private class SlimTemplateNewCall extends TemplateConstruction::Range, DataFlow::CallNode {
     SlimTemplateNewCall() {
-      this = API::getTopLevelMember("Slim").getMember("Template").getAMethodCall("new")
+      this = API::getTopLevelMember("Slim").getMember("Template").getAnInstantiation()
     }
 
     override DataFlow::Node getTemplate() {
@@ -24,7 +24,7 @@ module Slim {
 
   /** A call to `Slim::Template.new{ foo }.render`, considered as a template rendering */
   private class SlimTemplateRendering extends TemplateRendering::Range, DataFlow::CallNode {
-    DataFlow::Node template;
+    private DataFlow::Node template;
 
     SlimTemplateRendering() {
       exists(SlimTemplateNewCall templateConstruction |

ruby/ql/lib/codeql/ruby/security/TemplateInjectionCustomizations.qll

@@ -43,6 +43,6 @@ module TemplateInjection {
    * An inclusion check against an array of constant strings, considered as a
    * sanitizer-guard.
    */
-  class StringConstArrayInclusionCallAsSanitizer extends Sanitizer,
+  private class StringConstArrayInclusionCallAsSanitizer extends Sanitizer,
     StringConstArrayInclusionCallBarrier { }
 }