From 475d67a4df65b61e5117cc56ebf99c9a061af7ff Mon Sep 17 00:00:00 2001
From: Jami Cogswell <jcogs33@Jamis-MacBook-Pro.local>
Date: Sat, 30 Jul 2022 17:47:45 -0400
Subject: [PATCH] minor updates, removed comments

---
 .../src/Security/CWE/CWE-489/DebuggableAttributeTrue.ql   | 8 ++------
 java/ql/src/Security/CWE/CWE-489/DebuggableFalse.xml      | 2 +-
 java/ql/src/Security/CWE/CWE-489/DebuggableTrue.xml       | 2 +-
 3 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/java/ql/src/Security/CWE/CWE-489/DebuggableAttributeTrue.ql b/java/ql/src/Security/CWE/CWE-489/DebuggableAttributeTrue.ql
index 287307e66ed..3e5991edbbb 100644
--- a/java/ql/src/Security/CWE/CWE-489/DebuggableAttributeTrue.ql
+++ b/java/ql/src/Security/CWE/CWE-489/DebuggableAttributeTrue.ql
@@ -17,9 +17,5 @@ from AndroidXmlAttribute androidXmlAttr
 where
   androidXmlAttr.getName() = "debuggable" and
   androidXmlAttr.getValue() = "true" and
-  not androidXmlAttr.getLocation().getFile().getAbsolutePath().matches("%/build%") // USE THIS (from speaking with Tony) - 11 MRVA results
-//not androidXmlAttr.getLocation().toString().matches("%build%") // my original query - 2 MRVA results
-//not androidXmlAttr.getLocation().toString().matches("%/build%") // 11 MRVA results
-//not androidXmlAttr.getLocation().getFile().getAbsolutePath().matches("%build%") // 2 MRVA results...
-// comment for test commit to new branch
-select androidXmlAttr, "The 'debuggable' attribute is enabled."
+  not androidXmlAttr.getLocation().getFile().getRelativePath().matches("%/build%")
+select androidXmlAttr, "The 'android:debuggable' attribute is enabled."
diff --git a/java/ql/src/Security/CWE/CWE-489/DebuggableFalse.xml b/java/ql/src/Security/CWE/CWE-489/DebuggableFalse.xml
index 7de19373bf3..55a835139ec 100644
--- a/java/ql/src/Security/CWE/CWE-489/DebuggableFalse.xml
+++ b/java/ql/src/Security/CWE/CWE-489/DebuggableFalse.xml
@@ -1,5 +1,5 @@
 <manifest ... >
-    <!-- GOOD: 'android:debuggable' set to false -->
+    <!-- GOOD: 'android:debuggable' set to 'false' -->
     <application
         android:debuggable="false">
         <activity ... >
diff --git a/java/ql/src/Security/CWE/CWE-489/DebuggableTrue.xml b/java/ql/src/Security/CWE/CWE-489/DebuggableTrue.xml
index 3700d5356ba..4484c32c98f 100644
--- a/java/ql/src/Security/CWE/CWE-489/DebuggableTrue.xml
+++ b/java/ql/src/Security/CWE/CWE-489/DebuggableTrue.xml
@@ -1,5 +1,5 @@
 <manifest ... >
-    <!-- BAD: 'android:debuggable' set to true -->
+    <!-- BAD: 'android:debuggable' set to 'true' -->
     <application
         android:debuggable="true">
         <activity ... >