Add SqlSanitization to Concepts and turn private

ruby/ql/lib/codeql/ruby/Concepts.qll

@@ -78,6 +78,19 @@ module SqlExecution {
   }
 }
 
+  /**
+   * A data-flow node that performs SQL sanitization. 
+   */
+  class SqlSanitization extends DataFlow::Node instanceof SqlSanitization::Range { }
+
+  /** Provides a class for modeling new SQL sanitization APIs. */
+  module SqlSanitization {
+    /**
+     * A data-flow node that performs SQL sanitization. 
+     */
+    abstract class Range extends DataFlow::Node { }
+  }
+
 /**
  * A data-flow node that executes a regular expression.
  *

ruby/ql/lib/codeql/ruby/Frameworks.qll

@@ -32,3 +32,4 @@ private import codeql.ruby.frameworks.Slim
 private import codeql.ruby.frameworks.Sinatra
 private import codeql.ruby.frameworks.Twirp
 private import codeql.ruby.frameworks.Sqlite3
+private import codeql.ruby.frameworks.Mysql2

ruby/ql/lib/codeql/ruby/security/SqlInjectionCustomizations.qll

@@ -57,7 +57,7 @@ module SqlInjection {
   /**
    * A call to `Mysql2::Client.escape`, considered as a sanitizer.
    */
-  class Mysql2EscapeSanitization extends Sanitizer {
+  private class Mysql2EscapeSanitization extends Sanitizer {
     Mysql2EscapeSanitization() {
       this = API::getTopLevelMember("Mysql2").getMember("Client").getAMethodCall("escape")
     }
@@ -66,7 +66,7 @@ module SqlInjection {
   /**
    * A call to `SQLite3::Database.quote`, considered as a sanitizer.
    */
-  class SQLite3EscapeSanitization extends Sanitizer {
+  private class SQLite3EscapeSanitization extends Sanitizer {
     SQLite3EscapeSanitization() {
       this = API::getTopLevelMember("SQLite3").getMember("Database").getAMethodCall("quote")
     }