C#: Add query and test case for supported external taint.

Author: michaelnebel

csharp/ql/src/Telemetry/ExternalAPI.qll

@@ -73,7 +73,7 @@ class ExternalAPI extends Callable {
   }
 
   /** Holds if this API has a supported summary. */
-  private predicate hasSummary() {
+  predicate hasSummary() {
     this.getUnboundDeclaration() = any(SummarizedCallable sc) or
     defaultAdditionalTaintStep(this.getAnInput(), _)
   }

csharp/ql/src/Telemetry/SupportedExternalTaint.ql

@@ -0,0 +1,17 @@
+/**
+ * @name Supported flow steps in external libraries
+ * @description A list of 3rd party APIs detected as flow steps. Excludes test and generated code.
+ * @kind metric
+ * @tags summary
+ * @id csharp/telemetry/supported-external-api-taint
+ */
+
+import csharp
+import ExternalAPI
+
+from ExternalAPI api, int usages
+where
+  not api.isUninteresting() and
+  api.hasSummary() and
+  usages = strictcount(Call c | c.getTarget() = api)
+select api.getInfo() as info, usages order by usages desc

csharp/ql/test/query-tests/Telemetry/LibraryUsage/SupportedExternalTaint.expected

@@ -0,0 +1 @@
+| System.Private.CoreLib.dll#System.Collections.Generic#List<>.Add(object) | 2 |

csharp/ql/test/query-tests/Telemetry/LibraryUsage/SupportedExternalTaint.qlref

@@ -0,0 +1 @@
+Telemetry/SupportedExternalTaint.ql