Reiview suggestions - add doc comment, reword description, simplify a part

java/ql/lib/semmle/code/java/security/StaticInitializationVectorQuery.qll

@@ -1,3 +1,5 @@
+/** Definitions for the Static Initialization Vector query. */
+
 import java
 import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.dataflow.TaintTracking2
@@ -73,9 +75,7 @@ private class ArrayUpdateConfig extends TaintTracking2::Configuration {
     source.asExpr() instanceof StaticByteArrayCreation
   }
 
-  override predicate isSink(DataFlow::Node sink) {
-    exists(ArrayUpdate update | update.getArray() = sink.asExpr())
-  }
+  override predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(ArrayUpdate upd).getArray() }
 }
 
 /**

java/ql/src/Security/CWE/CWE-1204/StaticInitializationVector.ql

@@ -1,12 +1,7 @@
 /**
  * @name Using a static initialization vector for encryption
- * @description A cipher needs an initialization vector (IV) in some cases,
- *              for example, when CBC or GCM modes are used. IVs are used to randomize the encryption,
- *              therefore they should be unique and ideally unpredictable.
- *              Otherwise, the same plaintexts result in same ciphertexts under a given secret key.
- *              If a static IV is used for encryption, this lets an attacker learn
- *              if the same data pieces are transferred or stored,
- *              or this can help the attacker run a dictionary attack.
+ * @description An initialization vector (IV) used for ciphers of certain modes (such as CBC or GCM) should be unique and unpredicateble.
+ *              Otherwise, if the same IV is used with a the same secret key then the same plaintext results in same ciphertext, which weakens the encryption.
  * @kind path-problem
  * @problem.severity warning
  * @precision high