Apply suggestions from code review

- Update CleartextStorage library to latest refactor
- Move change note to new location

java/ql/lib/change-notes/2021-08-10-cleartext-storage-sharedprefs-query.md

@@ -0,0 +1,4 @@
+---
+category: newQuery
+---
+* The query "Cleartext storage of sensitive information using `SharedPreferences` on Android" (`java/android/cleartext-storage-shared-prefs`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/4675).

java/ql/lib/semmle/code/java/security/CleartextStorageSharedPrefsQuery.qll

@@ -45,7 +45,7 @@ class SharedPreferencesEditorMethodAccess extends Storable, MethodAccess {
 }
 
 /**
- * Holds if `input` is not encrypted and is the second argument of a setter method
+ * Holds if `input` is the second argument of a setter method
  * called on `editor`, which is an instance of `SharedPreferences$Editor`
  * .
  */
@@ -53,7 +53,6 @@ private predicate sharedPreferencesInput(DataFlow::Node editor, Expr input) {
   exists(MethodAccess m |
     m.getMethod() instanceof PutSharedPreferenceMethod and
     input = m.getArgument(1) and
-    not exists(EncryptedValueFlowConfig conf | conf.hasFlow(_, DataFlow::exprNode(input))) and
     editor.asExpr() = m.getQualifier()
   )
 }
@@ -91,14 +90,3 @@ private class EncryptedSensitiveMethodAccess extends MethodAccess {
     this.getMethod().getName().toLowerCase().matches(["%encrypt%", "%hash%"])
   }
 }
-
-/** Flow configuration for encryption methods flowing to inputs of `SharedPreferences`. */
-private class EncryptedValueFlowConfig extends DataFlow4::Configuration {
-  EncryptedValueFlowConfig() { this = "SensitiveStorage::EncryptedValueFlowConfig" }
-
-  override predicate isSource(DataFlow::Node src) {
-    src.asExpr() instanceof EncryptedSensitiveMethodAccess
-  }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof SharedPrefsCleartextStorageSink }
-}