Move JndiInjectionSanitizer to importable file

Add change note

java/ql/lib/change-notes/2023-03-23-jndi-sanitizer.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Added the extensible abstract class `JndiInjectionSanitizer`. Now this class can be extended to add more sanitizers to the `java/jndi-injection` query.

java/ql/lib/semmle/code/java/security/JndiInjection.qll

@@ -9,6 +9,9 @@ private import semmle.code.java.frameworks.SpringLdap
 /** A data flow sink for unvalidated user input that is used in JNDI lookup. */
 abstract class JndiInjectionSink extends DataFlow::Node { }
 
+/** A sanitizer for JNDI injection vulnerabilities. */
+abstract class JndiInjectionSanitizer extends DataFlow::Node { }
+
 /**
  * A unit class for adding additional taint steps.
  *

java/ql/lib/semmle/code/java/security/JndiInjectionQuery.qll

@@ -17,8 +17,8 @@ class JndiInjectionFlowConfig extends TaintTracking::Configuration {
   override predicate isSink(DataFlow::Node sink) { sink instanceof JndiInjectionSink }
 
   override predicate isSanitizer(DataFlow::Node node) {
-    node.getType() instanceof PrimitiveType or node.getType() instanceof BoxedType 
-    or
+    node.getType() instanceof PrimitiveType or
+    node.getType() instanceof BoxedType or
     node instanceof JndiInjectionSanitizer
   }
 
@@ -27,12 +27,6 @@ class JndiInjectionFlowConfig extends TaintTracking::Configuration {
   }
 }
 
-/**
- * A Class to be extended for Sanitizer Customizations 
- */
-
-abstract class JndiInjectionSanitizer extends DataFlow::Node { }
-
 /**
  * A method that does a JNDI lookup when it receives a `SearchControls` argument with `setReturningObjFlag` = `true`
  */