Added change note, adjusted spacing in comment

2025-12-16 16:53:25 +01:00 · 2025-11-17 11:02:59 +00:00
parent 0c0fbc1457
commit 528c451007
2 changed files with 5 additions and 1 deletions
--- a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
@@ -47,7 +47,7 @@ private class TypeType extends RefType {
 /**
 * A sanitizer that may remove sensitive information from a string before logging.
 *
- *  It allows for substring operations taking the first N (or last N, for Kotlin) characters, limited to 7 or fewer.
+ * It allows for substring operations taking the first N (or last N, for Kotlin) characters, limited to 7 or fewer.
 */
 private class SensitiveLoggerSanitizerCalled extends SensitiveLoggerBarrier {
  SensitiveLoggerSanitizerCalled() {
--- a/java/ql/src/change-notes/2025-11-17-sensitive-logging-new-sanitizers.md
+++ b/java/ql/src/change-notes/2025-11-17-sensitive-logging-new-sanitizers.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Calls to `substring` (for Java), `take` (for Kotlin) and similar functions, when called with a fixed length less than or equal to 7, are now treated as sanitizers for the `java/sensitive-log` query.