JS: Port CodeInjection

javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionQuery.qll

@@ -13,7 +13,28 @@ import CodeInjectionCustomizations::CodeInjection
 /**
  * A taint-tracking configuration for reasoning about code injection vulnerabilities.
  */
-class Configuration extends TaintTracking::Configuration {
+module CodeInjectionConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof Source }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
+
+  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
+    // HTML sanitizers are insufficient protection against code injection
+    node1 = node2.(HtmlSanitizerCall).getInput()
+  }
+}
+
+/**
+ * Taint-tracking for reasoning about code injection vulnerabilities.
+ */
+module CodeInjectionFlow = TaintTracking::Global<CodeInjectionConfig>;
+
+/**
+ * DEPRRECATED. Use the `CodeInjectionFlow` module instead.
+ */
+deprecated class Configuration extends TaintTracking::Configuration {
   Configuration() { this = "CodeInjection" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof Source }
@@ -25,8 +46,7 @@ class Configuration extends TaintTracking::Configuration {
     node instanceof Sanitizer
   }
 
-  override predicate isAdditionalTaintStep(DataFlow::Node src, DataFlow::Node trg) {
-    // HTML sanitizers are insufficient protection against code injection
-    src = trg.(HtmlSanitizerCall).getInput()
+  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
+    CodeInjectionConfig::isAdditionalFlowStep(node1, node2)
   }
 }