Add change note, minor docs improvement

joefarebrother · joefarebrother · commit b924de631fef · 2022-03-11T17:58:52.000Z
diff --git a/java/ql/src/Security/CWE/CWE-532/SensitiveInfoLog.java b/java/ql/src/Security/CWE/CWE-532/SensitiveInfoLog.java
@@ -14,5 +14,6 @@ public static void main(String[] args) {
         String password = "Pass@0rd";
 
         // GOOD: user password is never written to debug log
+        logger.debug("User password changed")
     }
 }
diff --git a/java/ql/src/Security/CWE/CWE-532/SensitiveInfoLog.ql b/java/ql/src/Security/CWE/CWE-532/SensitiveInfoLog.ql
@@ -5,7 +5,7 @@
  * @kind path-problem
  * @problem.severity warning
  * @precision medium
- * @id java/sensitiveinfo-in-logfile
+ * @id java/sensitive-log
  * @tags security
  *       external/cwe/cwe-532
  */
diff --git a/java/ql/src/change-notes/2022-03-11-sensitive-logging.md b/java/ql/src/change-notes/2022-03-11-sensitive-logging.md
@@ -0,0 +1,4 @@
+---
+category: newQuery
+---
+* The query "Insertion of sensitive information into log files" (`java/sensitive-logging`) has been promoted from experimental to the main query pack. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/3090).

Original file line number	Diff line number	Diff line change
`@@ -14,5 +14,6 @@ public static void main(String[] args) {`
`14`	`14`	`String password = "Pass@0rd";`
`15`	`15`
`16`	`16`	`// GOOD: user password is never written to debug log`
	`17`	`+ logger.debug("User password changed")`
`17`	`18`	`}`
`18`	`19`	`}`
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: newQuery
 +---
 +* The query "Insertion of sensitive information into log files" (`java/sensitive-logging`) has been promoted from experimental to the main query pack. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/3090).