minor updates, removed comments

Jami Cogswell · Jami Cogswell · commit 475d67a4df65 · 2022-08-15T15:50:00.000-04:00
diff --git a/java/ql/src/Security/CWE/CWE-489/DebuggableAttributeTrue.ql b/java/ql/src/Security/CWE/CWE-489/DebuggableAttributeTrue.ql
@@ -17,9 +17,5 @@ from AndroidXmlAttribute androidXmlAttr
 where
   androidXmlAttr.getName() = "debuggable" and
   androidXmlAttr.getValue() = "true" and
-  not androidXmlAttr.getLocation().getFile().getAbsolutePath().matches("%/build%") // USE THIS (from speaking with Tony) - 11 MRVA results
-//not androidXmlAttr.getLocation().toString().matches("%build%") // my original query - 2 MRVA results
-//not androidXmlAttr.getLocation().toString().matches("%/build%") // 11 MRVA results
-//not androidXmlAttr.getLocation().getFile().getAbsolutePath().matches("%build%") // 2 MRVA results...
-// comment for test commit to new branch
-select androidXmlAttr, "The 'debuggable' attribute is enabled."
+  not androidXmlAttr.getLocation().getFile().getRelativePath().matches("%/build%")
+select androidXmlAttr, "The 'android:debuggable' attribute is enabled."
diff --git a/java/ql/src/Security/CWE/CWE-489/DebuggableFalse.xml b/java/ql/src/Security/CWE/CWE-489/DebuggableFalse.xml
@@ -1,5 +1,5 @@
 <manifest ... >
-    <!-- GOOD: 'android:debuggable' set to false -->
+    <!-- GOOD: 'android:debuggable' set to 'false' -->
     <application
         android:debuggable="false">
         <activity ... >
diff --git a/java/ql/src/Security/CWE/CWE-489/DebuggableTrue.xml b/java/ql/src/Security/CWE/CWE-489/DebuggableTrue.xml
@@ -1,5 +1,5 @@
 <manifest ... >
-    <!-- BAD: 'android:debuggable' set to true -->
+    <!-- BAD: 'android:debuggable' set to 'true' -->
     <application
         android:debuggable="true">
         <activity ... >
