Skip to content

Java: Create new Android Intent Redirection query #6397

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 31 commits into from
Nov 4, 2021
Merged

Java: Create new Android Intent Redirection query #6397

merged 31 commits into from
Nov 4, 2021

Conversation

atorralba
Copy link
Contributor

@atorralba atorralba commented Aug 2, 2021
edited
Loading

Created a query that detects the ability to start arbitrary Android components (activities or services) based on user input. This is a risk because it greatly increases the attack surface and exposes components not intended to be consumed from outside the application (like not exported content providers).

The query looks for user-provided intents (e.g. (Intent) getIntent().getParcelableExtra("extra_intent")) flowing into functions that start other components (e.g. startActivity, startService).

The vulnerability and its remediation are further explained here: https://support.google.com/faqs/answer/9267555?hl=en

To Consider

The query uses a DataFlow configuration to discard Intents being directly used in the sinks, because those come with predefined components, e.g.

Intent intent = getIntent();
startActivity(intent); // data flow, not vulnerable
Intent fwdIntent = (Intent) intent.getParcelableExtra("fwd_intent");
startActivity(fwdIntent); // taint flow, vulnerable

Also, an additional TaintTracking configuration is used to handle an exception to the above, by which those original Intents get their component changed with tainted data, e.g.

Intent intent = getIntent();
intent.setClassName(intent.getStringExtra("packageName"), intent.getStringExtra("className"));
startActivity(intent); // vulnerable

Find edge cases the query doesn't currently support (MISSING results) in AndroidIntentRedirectionTest.ql.

Evaluation

The query finds 1 TP result in an intentionally vulnerable application.

It also finds 8 more TP and potentially vulnerable results in open source projects.

@atorralba atorralba requested a review from a team as a code owner August 2, 2021 14:11
intrigus-lgtm
intrigus-lgtm reviewed Aug 2, 2021
View reviewed changes
intrigus-lgtm
intrigus-lgtm reviewed Aug 2, 2021
View reviewed changes
Marcono1234
Marcono1234 reviewed Aug 3, 2021
View reviewed changes
@atorralba atorralba dismissed a stale review via fea6114 August 4, 2021 09:24
smowton
smowton reviewed Aug 9, 2021
View reviewed changes
@github-actions
Copy link
Contributor

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged. The differences can be found in the comparison artifact of this workflow run.

@atorralba atorralba added the ready-for-doc-review This PR requires and is ready for review from the GitHub docs team. label Aug 17, 2021
@jmarlena
Copy link

@atorralba Heads up, I've added this issue to the docs-content review board. ⚡

guntrip
guntrip previously approved these changes Aug 19, 2021
View reviewed changes
Copy link
Contributor

@guntrip guntrip left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👋 I'm reviewing for docs-content.

This looks good. I've added one suggested change for a typo, a question about the id, and a potential issue with the example the .qhelp file (which might just be my misunderstanding).

atorralba
atorralba commented Aug 19, 2021
View reviewed changes
@atorralba
Copy link
Contributor Author

Thanks for your review @stevecat! Your comments were addressed in 38ebeba, let me know if something needs further improvement :)

@github-actions
Copy link
Contributor

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged. The differences can be found in the comparison artifact of this workflow run.

@github-actions
Copy link
Contributor

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged. The differences can be found in the comparison artifact of this workflow run.

ethanpalm
ethanpalm previously approved these changes Aug 30, 2021
View reviewed changes
Copy link
Contributor

@ethanpalm ethanpalm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Made one small suggestion but this looks good from a docs perspective ⚡ Please let me know if my review gets dismissed by any further changes 😄

@github-actions
Copy link
Contributor

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged. The differences can be found in the comparison artifact of this workflow run.

@smowton
Copy link
Contributor

smowton commented Sep 14, 2021

Suggest #6599 should go before this PR because it contains detailed Intent models that could then be removed from this PR

@atorralba
Copy link
Contributor Author

Suggest #6599 should go before this PR because it contains detailed Intent models that could then be removed from this PR

I think there's no collision because #6599 focuses on CSV models related to Intent extras and here we are working with the Intent components (package, class and so on). But I agree that it could be merged before this one and then we can just merge both sets of models.

@atorralba atorralba mentioned this pull request Sep 30, 2021
Merged
atorralba and others added 16 commits October 18, 2021 11:07
@atorralba @Marcono1234
Update java/ql/src/semmle/code/java/security/AndroidIntentRedirection…
d797359 
….qll

Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
@atorralba
Undo autoformatting
9604f88
@atorralba
Use CSV models
21b70a0
@atorralba
Add guard sanitizer for component name checks
9a537f9
@atorralba
Move sinks to security library
f902204
@atorralba
Add intermediate dataflow
aa2cdb7 
Make sure that source intents are obtained from another intent's extras
@atorralba @guntrip
Apply suggestions from code review
28369d1 
Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com>
@atorralba
Improve intermediate flow to add more potential sources
2ab7a55
@atorralba
Add tests for Intent and ComponentName summaries
8263524
@atorralba
Move files to new location
445da1e
@atorralba
Add full path reconstruction from RemoteFlowSource to sink
1496310
@atorralba
Remove unnecessary import
4dd9e7d 
Add comment
@atorralba
Refactor to actually build the full flows from src to sink
bc6c13b 
Add more tests for edge cases
@atorralba
Add test and check for another edge case
e7983fb
@atorralba @ethanpalm
Update java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp
28ae4c2 
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com>
@atorralba
Add more sinks
d1d2d61 
Also, fix things after rebase
@atorralba atorralba force-pushed the atorralba/android-intent-redirect-query branch from 43c721b to d1d2d61 Compare October 18, 2021 10:00
@github-actions
Copy link
Contributor

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged. The differences can be found in the comparison artifact of this workflow run.

@github-actions
Copy link
Contributor

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged. The differences can be found in the comparison artifact of this workflow run.

@aschackmull
Copy link
Contributor

Two comments, otherwise LGTM.

@atorralba @aschackmull
Apply suggestions from code review
fd92c4e 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
@github-actions
Copy link
Contributor

github-actions bot commented Nov 4, 2021

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    Android,``android.*``,45,285,70,,,3,67,,,
+    Android,``android.*``,45,308,93,,,3,67,,,
-    Totals,,175,5341,408,13,6,10,107,33,1,66
+    Totals,,175,5364,431,13,6,10,107,33,1,66
  • Changes to framework-coverage-java.csv:
- package,sink,source,summary,sink:bean-validation,sink:create-file,sink:groovy,sink:header-splitting,sink:information-leak,sink:jexl,sink:jndi-injection,sink:ldap,sink:mvel,sink:ognl-injection,sink:open-url,sink:set-hostname-verifier,sink:sql,sink:url-open-stream,sink:url-redirect,sink:xpath,sink:xslt,sink:xss,source:contentprovider,source:remote,summary:taint,summary:value
+ package,sink,source,summary,sink:bean-validation,sink:create-file,sink:groovy,sink:header-splitting,sink:information-leak,sink:intent-start,sink:jexl,sink:jndi-injection,sink:ldap,sink:mvel,sink:ognl-injection,sink:open-url,sink:set-hostname-verifier,sink:sql,sink:url-open-stream,sink:url-redirect,sink:xpath,sink:xslt,sink:xss,source:contentprovider,source:remote,summary:taint,summary:value
+ android.app,7,,,,,,,,7,,,,,,,,,,,,,,,,,
- android.content,8,27,73,,,,,,,,,,,,,8,,,,,,27,,8,65
+ android.content,24,27,96,,,,,,16,,,,,,,,8,,,,,,27,,31,65
- android.database,59,,30,,,,,,,,,,,,,59,,,,,,,,30,
+ android.database,59,,30,,,,,,,,,,,,,,59,,,,,,,,30,
- android.net,,,60,,,,,,,,,,,,,,,,,,,,,45,15
+ android.net,,,60,,,,,,,,,,,,,,,,,,,,,,45,15
- android.os,,,122,,,,,,,,,,,,,,,,,,,,,41,81
+ android.os,,,122,,,,,,,,,,,,,,,,,,,,,,41,81
- android.util,,16,,,,,,,,,,,,,,,,,,,,,16,,
+ android.util,,16,,,,,,,,,,,,,,,,,,,,,,16,,
- android.webkit,3,2,,,,,,,,,,,,,,,,,,,3,,2,,
+ android.webkit,3,2,,,,,,,,,,,,,,,,,,,,3,,2,,
- cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.fasterxml.jackson.databind,,,6,,,,,,,,,,,,,,,,,,,,,6,
+ com.fasterxml.jackson.databind,,,6,,,,,,,,,,,,,,,,,,,,,,6,
- com.google.common.base,,,85,,,,,,,,,,,,,,,,,,,,,62,23
+ com.google.common.base,,,85,,,,,,,,,,,,,,,,,,,,,,62,23
- com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,17
+ com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,17
- com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,2,551
+ com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,2,551
- com.google.common.io,6,,73,,,,,,,,,,,,,,6,,,,,,,72,1
+ com.google.common.io,6,,73,,,,,,,,,,,,,,,6,,,,,,,72,1
- com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,3,,,,,,,,,,,,
+ com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,3,,,,,,,,,,,,
- com.unboundid.ldap.sdk,17,,,,,,,,,,17,,,,,,,,,,,,,,
+ com.unboundid.ldap.sdk,17,,,,,,,,,,,17,,,,,,,,,,,,,,
- flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,1
+ flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,,1
- groovy.lang,26,,,,,26,,,,,,,,,,,,,,,,,,,
+ groovy.lang,26,,,,,26,,,,,,,,,,,,,,,,,,,,
- groovy.util,5,,,,,5,,,,,,,,,,,,,,,,,,,
+ groovy.util,5,,,,,5,,,,,,,,,,,,,,,,,,,,
- jakarta.faces.context,2,7,,,,,,,,,,,,,,,,,,,2,,7,,
+ jakarta.faces.context,2,7,,,,,,,,,,,,,,,,,,,,2,,7,,
- jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,100,23
+ jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,,100,23
- jakarta.ws.rs.client,1,,,,,,,,,,,,,1,,,,,,,,,,,
+ jakarta.ws.rs.client,1,,,,,,,,,,,,,,1,,,,,,,,,,,
- jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,9,,
+ jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,9,,
- jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,2,,,,,,94,55
+ jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,,2,,,,,,94,55
- java.beans,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ java.beans,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- java.io,3,,27,,3,,,,,,,,,,,,,,,,,,,26,1
+ java.io,3,,27,,3,,,,,,,,,,,,,,,,,,,,26,1
- java.lang,,,51,,,,,,,,,,,,,,,,,,,,,41,10
+ java.lang,,,51,,,,,,,,,,,,,,,,,,,,,,41,10
- java.net,10,3,7,,,,,,,,,,,10,,,,,,,,,3,7,
+ java.net,10,3,7,,,,,,,,,,,,10,,,,,,,,,3,7,
- java.nio,10,,4,,10,,,,,,,,,,,,,,,,,,,4,
+ java.nio,10,,4,,10,,,,,,,,,,,,,,,,,,,,4,
- java.sql,7,,,,,,,,,,,,,,,7,,,,,,,,,
+ java.sql,7,,,,,,,,,,,,,,,,7,,,,,,,,,
- java.util,,,429,,,,,,,,,,,,,,,,,,,,,15,414
+ java.util,,,429,,,,,,,,,,,,,,,,,,,,,,15,414
- javax.faces.context,2,7,,,,,,,,,,,,,,,,,,,2,,7,,
+ javax.faces.context,2,7,,,,,,,,,,,,,,,,,,,,2,,7,,
- javax.json,,,123,,,,,,,,,,,,,,,,,,,,,100,23
+ javax.json,,,123,,,,,,,,,,,,,,,,,,,,,,100,23
- javax.management.remote,2,,,,,,,,,2,,,,,,,,,,,,,,,
+ javax.management.remote,2,,,,,,,,,,2,,,,,,,,,,,,,,,
- javax.naming,7,,,,,,,,,6,1,,,,,,,,,,,,,,
+ javax.naming,7,,,,,,,,,,6,1,,,,,,,,,,,,,,
- javax.net.ssl,2,,,,,,,,,,,,,,2,,,,,,,,,,
+ javax.net.ssl,2,,,,,,,,,,,,,,,2,,,,,,,,,,
- javax.script,1,,,,,,,,,,,1,,,,,,,,,,,,,
+ javax.script,1,,,,,,,,,,,,1,,,,,,,,,,,,,
- javax.servlet,4,21,2,,,,3,1,,,,,,,,,,,,,,,21,2,
+ javax.servlet,4,21,2,,,,3,1,,,,,,,,,,,,,,,,21,2,
- javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,1,,
+ javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,,1,,
- javax.ws.rs.client,1,,,,,,,,,,,,,1,,,,,,,,,,,
+ javax.ws.rs.client,1,,,,,,,,,,,,,,1,,,,,,,,,,,
- javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,9,,
+ javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,9,,
- javax.ws.rs.core,3,,149,,,,1,,,,,,,,,,,2,,,,,,94,55
+ javax.ws.rs.core,3,,149,,,,1,,,,,,,,,,,,2,,,,,,94,55
- javax.xml.transform,1,,6,,,,,,,,,,,,,,,,,1,,,,6,
+ javax.xml.transform,1,,6,,,,,,,,,,,,,,,,,,1,,,,6,
- javax.xml.xpath,3,,,,,,,,,,,,,,,,,,3,,,,,,
+ javax.xml.xpath,3,,,,,,,,,,,,,,,,,,,3,,,,,,
- jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,10
+ jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,10
- net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,5,,,,,
+ net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,5,,,,,
- ognl,6,,,,,,,,,,,,6,,,,,,,,,,,,
+ ognl,6,,,,,,,,,,,,,6,,,,,,,,,,,,
- org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,6,
+ org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,6,
- org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,17,783
+ org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,17,783
- org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,17,783
+ org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,17,783
- org.apache.commons.io,,,22,,,,,,,,,,,,,,,,,,,,,22,
+ org.apache.commons.io,,,22,,,,,,,,,,,,,,,,,,,,,,22,
- org.apache.commons.jexl2,15,,,,,,,,15,,,,,,,,,,,,,,,,
+ org.apache.commons.jexl2,15,,,,,,,,,15,,,,,,,,,,,,,,,,
- org.apache.commons.jexl3,15,,,,,,,,15,,,,,,,,,,,,,,,,
+ org.apache.commons.jexl3,15,,,,,,,,,15,,,,,,,,,,,,,,,,
- org.apache.commons.lang3,,,423,,,,,,,,,,,,,,,,,,,,,292,131
+ org.apache.commons.lang3,,,423,,,,,,,,,,,,,,,,,,,,,,292,131
- org.apache.commons.ognl,6,,,,,,,,,,,,6,,,,,,,,,,,,
+ org.apache.commons.ognl,6,,,,,,,,,,,,,6,,,,,,,,,,,,
- org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,220,52
+ org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,,220,52
- org.apache.directory.ldap.client.api,1,,,,,,,,,,1,,,,,,,,,,,,,,
+ org.apache.directory.ldap.client.api,1,,,,,,,,,,,1,,,,,,,,,,,,,,
- org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.hc.core5.http,1,2,39,,,,,,,,,,,,,,,,,,1,,2,39,
+ org.apache.hc.core5.http,1,2,39,,,,,,,,,,,,,,,,,,,1,,2,39,
- org.apache.hc.core5.net,,,2,,,,,,,,,,,,,,,,,,,,,2,
+ org.apache.hc.core5.net,,,2,,,,,,,,,,,,,,,,,,,,,,2,
- org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,18,6
+ org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,,18,6
- org.apache.http,27,3,70,,,,,,,,,,,25,,,,,,,2,,3,62,8
+ org.apache.http,27,3,70,,,,,,,,,,,,25,,,,,,,2,,3,62,8
- org.apache.ibatis.jdbc,6,,,,,,,,,,,,,,,6,,,,,,,,,
+ org.apache.ibatis.jdbc,6,,,,,,,,,,,,,,,,6,,,,,,,,,
- org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.shiro.jndi,1,,,,,,,,,1,,,,,,,,,,,,,,,
+ org.apache.shiro.jndi,1,,,,,,,,,,1,,,,,,,,,,,,,,,
- org.codehaus.groovy.control,1,,,,,1,,,,,,,,,,,,,,,,,,,
+ org.codehaus.groovy.control,1,,,,,1,,,,,,,,,,,,,,,,,,,,
- org.dom4j,20,,,,,,,,,,,,,,,,,,20,,,,,,
+ org.dom4j,20,,,,,,,,,,,,,,,,,,,20,,,,,,
- org.hibernate,7,,,,,,,,,,,,,,,7,,,,,,,,,
+ org.hibernate,7,,,,,,,,,,,,,,,,7,,,,,,,,,
- org.jooq,1,,,,,,,,,,,,,,,1,,,,,,,,,
+ org.jooq,1,,,,,,,,,,,,,,,,1,,,,,,,,,
- org.json,,,236,,,,,,,,,,,,,,,,,,,,,198,38
+ org.json,,,236,,,,,,,,,,,,,,,,,,,,,,198,38
- org.mvel2,16,,,,,,,,,,,16,,,,,,,,,,,,,
+ org.mvel2,16,,,,,,,,,,,,16,,,,,,,,,,,,,
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,26
- org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,13
+ org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,,13
- org.springframework.http,14,,70,,,,,,,,,,,14,,,,,,,,,,60,10
+ org.springframework.http,14,,70,,,,,,,,,,,,14,,,,,,,,,,60,10
- org.springframework.jdbc.core,10,,,,,,,,,,,,,,,10,,,,,,,,,
+ org.springframework.jdbc.core,10,,,,,,,,,,,,,,,,10,,,,,,,,,
- org.springframework.jdbc.object,9,,,,,,,,,,,,,,,9,,,,,,,,,
+ org.springframework.jdbc.object,9,,,,,,,,,,,,,,,,9,,,,,,,,,
- org.springframework.jndi,1,,,,,,,,,1,,,,,,,,,,,,,,,
+ org.springframework.jndi,1,,,,,,,,,,1,,,,,,,,,,,,,,,
- org.springframework.ldap,42,,,,,,,,,28,14,,,,,,,,,,,,,,
+ org.springframework.ldap,42,,,,,,,,,,28,14,,,,,,,,,,,,,,
- org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,6,,
+ org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,,6,,
- org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,32
+ org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,,32
- org.springframework.util,,,139,,,,,,,,,,,,,,,,,,,,,87,52
+ org.springframework.util,,,139,,,,,,,,,,,,,,,,,,,,,,87,52
- org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,13,
+ org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,,13,
- org.springframework.web.client,13,3,,,,,,,,,,,,13,,,,,,,,,3,,
+ org.springframework.web.client,13,3,,,,,,,,,,,,,13,,,,,,,,,3,,
- org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,8,,
+ org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,,8,,
- org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,12,13,
+ org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,,12,13,
- org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,2,,,,,,,,,,,
+ org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,,2,,,,,,,,,,,
- org.springframework.web.util,,,163,,,,,,,,,,,,,,,,,,,,,138,25
+ org.springframework.web.util,,,163,,,,,,,,,,,,,,,,,,,,,,138,25
- org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,3,,
+ org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,3,,
- play.mvc,,4,,,,,,,,,,,,,,,,,,,,,4,,
+ play.mvc,,4,,,,,,,,,,,,,,,,,,,,,,4,,
- ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,3,
+ ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,3,
- ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,6,4,
+ ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,6,4,
- ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,10,10,
+ ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,10,10,
- ratpack.exec,,,26,,,,,,,,,,,,,,,,,,,,,,26
+ ratpack.exec,,,26,,,,,,,,,,,,,,,,,,,,,,,26
- ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,3,
+ ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,,3,
- ratpack.func,,,5,,,,,,,,,,,,,,,,,,,,,,5
+ ratpack.func,,,5,,,,,,,,,,,,,,,,,,,,,,,5
- ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,6,4,
+ ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,,6,4,
- ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,10,10,
+ ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,,10,10,
- ratpack.util,,,5,,,,,,,,,,,,,,,,,,,,,,5
+ ratpack.util,,,5,,,,,,,,,,,,,,,,,,,,,,,5

@github-actions
Copy link
Contributor

github-actions bot commented Nov 4, 2021

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    Android,``android.*``,45,285,70,,,3,67,,,
+    Android,``android.*``,45,308,93,,,3,67,,,
-    Totals,,175,5341,408,13,6,10,107,33,1,66
+    Totals,,175,5364,431,13,6,10,107,33,1,66
  • Changes to framework-coverage-java.csv:
- package,sink,source,summary,sink:bean-validation,sink:create-file,sink:groovy,sink:header-splitting,sink:information-leak,sink:jexl,sink:jndi-injection,sink:ldap,sink:mvel,sink:ognl-injection,sink:open-url,sink:set-hostname-verifier,sink:sql,sink:url-open-stream,sink:url-redirect,sink:xpath,sink:xslt,sink:xss,source:contentprovider,source:remote,summary:taint,summary:value
+ package,sink,source,summary,sink:bean-validation,sink:create-file,sink:groovy,sink:header-splitting,sink:information-leak,sink:intent-start,sink:jexl,sink:jndi-injection,sink:ldap,sink:mvel,sink:ognl-injection,sink:open-url,sink:set-hostname-verifier,sink:sql,sink:url-open-stream,sink:url-redirect,sink:xpath,sink:xslt,sink:xss,source:contentprovider,source:remote,summary:taint,summary:value
+ android.app,7,,,,,,,,7,,,,,,,,,,,,,,,,,
- android.content,8,27,73,,,,,,,,,,,,,8,,,,,,27,,8,65
+ android.content,24,27,96,,,,,,16,,,,,,,,8,,,,,,27,,31,65
- android.database,59,,30,,,,,,,,,,,,,59,,,,,,,,30,
+ android.database,59,,30,,,,,,,,,,,,,,59,,,,,,,,30,
- android.net,,,60,,,,,,,,,,,,,,,,,,,,,45,15
+ android.net,,,60,,,,,,,,,,,,,,,,,,,,,,45,15
- android.os,,,122,,,,,,,,,,,,,,,,,,,,,41,81
+ android.os,,,122,,,,,,,,,,,,,,,,,,,,,,41,81
- android.util,,16,,,,,,,,,,,,,,,,,,,,,16,,
+ android.util,,16,,,,,,,,,,,,,,,,,,,,,,16,,
- android.webkit,3,2,,,,,,,,,,,,,,,,,,,3,,2,,
+ android.webkit,3,2,,,,,,,,,,,,,,,,,,,,3,,2,,
- cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- com.fasterxml.jackson.databind,,,6,,,,,,,,,,,,,,,,,,,,,6,
+ com.fasterxml.jackson.databind,,,6,,,,,,,,,,,,,,,,,,,,,,6,
- com.google.common.base,,,85,,,,,,,,,,,,,,,,,,,,,62,23
+ com.google.common.base,,,85,,,,,,,,,,,,,,,,,,,,,,62,23
- com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,17
+ com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,17
- com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,2,551
+ com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,2,551
- com.google.common.io,6,,73,,,,,,,,,,,,,,6,,,,,,,72,1
+ com.google.common.io,6,,73,,,,,,,,,,,,,,,6,,,,,,,72,1
- com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,3,,,,,,,,,,,,
+ com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,3,,,,,,,,,,,,
- com.unboundid.ldap.sdk,17,,,,,,,,,,17,,,,,,,,,,,,,,
+ com.unboundid.ldap.sdk,17,,,,,,,,,,,17,,,,,,,,,,,,,,
- flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,1
+ flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,,1
- groovy.lang,26,,,,,26,,,,,,,,,,,,,,,,,,,
+ groovy.lang,26,,,,,26,,,,,,,,,,,,,,,,,,,,
- groovy.util,5,,,,,5,,,,,,,,,,,,,,,,,,,
+ groovy.util,5,,,,,5,,,,,,,,,,,,,,,,,,,,
- jakarta.faces.context,2,7,,,,,,,,,,,,,,,,,,,2,,7,,
+ jakarta.faces.context,2,7,,,,,,,,,,,,,,,,,,,,2,,7,,
- jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,100,23
+ jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,,100,23
- jakarta.ws.rs.client,1,,,,,,,,,,,,,1,,,,,,,,,,,
+ jakarta.ws.rs.client,1,,,,,,,,,,,,,,1,,,,,,,,,,,
- jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,9,,
+ jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,9,,
- jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,2,,,,,,94,55
+ jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,,2,,,,,,94,55
- java.beans,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ java.beans,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- java.io,3,,27,,3,,,,,,,,,,,,,,,,,,,26,1
+ java.io,3,,27,,3,,,,,,,,,,,,,,,,,,,,26,1
- java.lang,,,51,,,,,,,,,,,,,,,,,,,,,41,10
+ java.lang,,,51,,,,,,,,,,,,,,,,,,,,,,41,10
- java.net,10,3,7,,,,,,,,,,,10,,,,,,,,,3,7,
+ java.net,10,3,7,,,,,,,,,,,,10,,,,,,,,,3,7,
- java.nio,10,,4,,10,,,,,,,,,,,,,,,,,,,4,
+ java.nio,10,,4,,10,,,,,,,,,,,,,,,,,,,,4,
- java.sql,7,,,,,,,,,,,,,,,7,,,,,,,,,
+ java.sql,7,,,,,,,,,,,,,,,,7,,,,,,,,,
- java.util,,,429,,,,,,,,,,,,,,,,,,,,,15,414
+ java.util,,,429,,,,,,,,,,,,,,,,,,,,,,15,414
- javax.faces.context,2,7,,,,,,,,,,,,,,,,,,,2,,7,,
+ javax.faces.context,2,7,,,,,,,,,,,,,,,,,,,,2,,7,,
- javax.json,,,123,,,,,,,,,,,,,,,,,,,,,100,23
+ javax.json,,,123,,,,,,,,,,,,,,,,,,,,,,100,23
- javax.management.remote,2,,,,,,,,,2,,,,,,,,,,,,,,,
+ javax.management.remote,2,,,,,,,,,,2,,,,,,,,,,,,,,,
- javax.naming,7,,,,,,,,,6,1,,,,,,,,,,,,,,
+ javax.naming,7,,,,,,,,,,6,1,,,,,,,,,,,,,,
- javax.net.ssl,2,,,,,,,,,,,,,,2,,,,,,,,,,
+ javax.net.ssl,2,,,,,,,,,,,,,,,2,,,,,,,,,,
- javax.script,1,,,,,,,,,,,1,,,,,,,,,,,,,
+ javax.script,1,,,,,,,,,,,,1,,,,,,,,,,,,,
- javax.servlet,4,21,2,,,,3,1,,,,,,,,,,,,,,,21,2,
+ javax.servlet,4,21,2,,,,3,1,,,,,,,,,,,,,,,,21,2,
- javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,1,,
+ javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,,1,,
- javax.ws.rs.client,1,,,,,,,,,,,,,1,,,,,,,,,,,
+ javax.ws.rs.client,1,,,,,,,,,,,,,,1,,,,,,,,,,,
- javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,9,,
+ javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,9,,
- javax.ws.rs.core,3,,149,,,,1,,,,,,,,,,,2,,,,,,94,55
+ javax.ws.rs.core,3,,149,,,,1,,,,,,,,,,,,2,,,,,,94,55
- javax.xml.transform,1,,6,,,,,,,,,,,,,,,,,1,,,,6,
+ javax.xml.transform,1,,6,,,,,,,,,,,,,,,,,,1,,,,6,
- javax.xml.xpath,3,,,,,,,,,,,,,,,,,,3,,,,,,
+ javax.xml.xpath,3,,,,,,,,,,,,,,,,,,,3,,,,,,
- jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,10
+ jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,10
- net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,5,,,,,
+ net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,5,,,,,
- ognl,6,,,,,,,,,,,,6,,,,,,,,,,,,
+ ognl,6,,,,,,,,,,,,,6,,,,,,,,,,,,
- org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,6,
+ org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,6,
- org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,17,783
+ org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,17,783
- org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,17,783
+ org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,17,783
- org.apache.commons.io,,,22,,,,,,,,,,,,,,,,,,,,,22,
+ org.apache.commons.io,,,22,,,,,,,,,,,,,,,,,,,,,,22,
- org.apache.commons.jexl2,15,,,,,,,,15,,,,,,,,,,,,,,,,
+ org.apache.commons.jexl2,15,,,,,,,,,15,,,,,,,,,,,,,,,,
- org.apache.commons.jexl3,15,,,,,,,,15,,,,,,,,,,,,,,,,
+ org.apache.commons.jexl3,15,,,,,,,,,15,,,,,,,,,,,,,,,,
- org.apache.commons.lang3,,,423,,,,,,,,,,,,,,,,,,,,,292,131
+ org.apache.commons.lang3,,,423,,,,,,,,,,,,,,,,,,,,,,292,131
- org.apache.commons.ognl,6,,,,,,,,,,,,6,,,,,,,,,,,,
+ org.apache.commons.ognl,6,,,,,,,,,,,,,6,,,,,,,,,,,,
- org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,220,52
+ org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,,220,52
- org.apache.directory.ldap.client.api,1,,,,,,,,,,1,,,,,,,,,,,,,,
+ org.apache.directory.ldap.client.api,1,,,,,,,,,,,1,,,,,,,,,,,,,,
- org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.hc.core5.http,1,2,39,,,,,,,,,,,,,,,,,,1,,2,39,
+ org.apache.hc.core5.http,1,2,39,,,,,,,,,,,,,,,,,,,1,,2,39,
- org.apache.hc.core5.net,,,2,,,,,,,,,,,,,,,,,,,,,2,
+ org.apache.hc.core5.net,,,2,,,,,,,,,,,,,,,,,,,,,,2,
- org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,18,6
+ org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,,18,6
- org.apache.http,27,3,70,,,,,,,,,,,25,,,,,,,2,,3,62,8
+ org.apache.http,27,3,70,,,,,,,,,,,,25,,,,,,,2,,3,62,8
- org.apache.ibatis.jdbc,6,,,,,,,,,,,,,,,6,,,,,,,,,
+ org.apache.ibatis.jdbc,6,,,,,,,,,,,,,,,,6,,,,,,,,,
- org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.shiro.jndi,1,,,,,,,,,1,,,,,,,,,,,,,,,
+ org.apache.shiro.jndi,1,,,,,,,,,,1,,,,,,,,,,,,,,,
- org.codehaus.groovy.control,1,,,,,1,,,,,,,,,,,,,,,,,,,
+ org.codehaus.groovy.control,1,,,,,1,,,,,,,,,,,,,,,,,,,,
- org.dom4j,20,,,,,,,,,,,,,,,,,,20,,,,,,
+ org.dom4j,20,,,,,,,,,,,,,,,,,,,20,,,,,,
- org.hibernate,7,,,,,,,,,,,,,,,7,,,,,,,,,
+ org.hibernate,7,,,,,,,,,,,,,,,,7,,,,,,,,,
- org.jooq,1,,,,,,,,,,,,,,,1,,,,,,,,,
+ org.jooq,1,,,,,,,,,,,,,,,,1,,,,,,,,,
- org.json,,,236,,,,,,,,,,,,,,,,,,,,,198,38
+ org.json,,,236,,,,,,,,,,,,,,,,,,,,,,198,38
- org.mvel2,16,,,,,,,,,,,16,,,,,,,,,,,,,
+ org.mvel2,16,,,,,,,,,,,,16,,,,,,,,,,,,,
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,26
- org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,13
+ org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,,13
- org.springframework.http,14,,70,,,,,,,,,,,14,,,,,,,,,,60,10
+ org.springframework.http,14,,70,,,,,,,,,,,,14,,,,,,,,,,60,10
- org.springframework.jdbc.core,10,,,,,,,,,,,,,,,10,,,,,,,,,
+ org.springframework.jdbc.core,10,,,,,,,,,,,,,,,,10,,,,,,,,,
- org.springframework.jdbc.object,9,,,,,,,,,,,,,,,9,,,,,,,,,
+ org.springframework.jdbc.object,9,,,,,,,,,,,,,,,,9,,,,,,,,,
- org.springframework.jndi,1,,,,,,,,,1,,,,,,,,,,,,,,,
+ org.springframework.jndi,1,,,,,,,,,,1,,,,,,,,,,,,,,,
- org.springframework.ldap,42,,,,,,,,,28,14,,,,,,,,,,,,,,
+ org.springframework.ldap,42,,,,,,,,,,28,14,,,,,,,,,,,,,,
- org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,6,,
+ org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,,6,,
- org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,32
+ org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,,32
- org.springframework.util,,,139,,,,,,,,,,,,,,,,,,,,,87,52
+ org.springframework.util,,,139,,,,,,,,,,,,,,,,,,,,,,87,52
- org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,13,
+ org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,,13,
- org.springframework.web.client,13,3,,,,,,,,,,,,13,,,,,,,,,3,,
+ org.springframework.web.client,13,3,,,,,,,,,,,,,13,,,,,,,,,3,,
- org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,8,,
+ org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,,8,,
- org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,12,13,
+ org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,,12,13,
- org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,2,,,,,,,,,,,
+ org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,,2,,,,,,,,,,,
- org.springframework.web.util,,,163,,,,,,,,,,,,,,,,,,,,,138,25
+ org.springframework.web.util,,,163,,,,,,,,,,,,,,,,,,,,,,138,25
- org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,1,
+ org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,1,
- org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,3,,
+ org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,3,,
- play.mvc,,4,,,,,,,,,,,,,,,,,,,,,4,,
+ play.mvc,,4,,,,,,,,,,,,,,,,,,,,,,4,,
- ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,3,
+ ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,3,
- ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,6,4,
+ ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,6,4,
- ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,10,10,
+ ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,10,10,
- ratpack.exec,,,26,,,,,,,,,,,,,,,,,,,,,,26
+ ratpack.exec,,,26,,,,,,,,,,,,,,,,,,,,,,,26
- ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,3,
+ ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,,3,
- ratpack.func,,,5,,,,,,,,,,,,,,,,,,,,,,5
+ ratpack.func,,,5,,,,,,,,,,,,,,,,,,,,,,,5
- ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,6,4,
+ ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,,6,4,
- ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,10,10,
+ ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,,10,10,
- ratpack.util,,,5,,,,,,,,,,,,,,,,,,,,,,5
+ ratpack.util,,,5,,,,,,,,,,,,,,,,,,,,,,,5

@atorralba atorralba merged commit f4704f1 into github:main Nov 4, 2021
@atorralba atorralba deleted the atorralba/android-intent-redirect-query branch November 4, 2021 09:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smowton smowton smowton left review comments

@aschackmull aschackmull aschackmull approved these changes

@guntrip guntrip guntrip left review comments

+3 more reviewers

@Marcono1234 Marcono1234 Marcono1234 left review comments

@intrigus-lgtm intrigus-lgtm intrigus-lgtm left review comments

@ethanpalm ethanpalm ethanpalm left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
documentation Java ready-for-doc-review This PR requires and is ready for review from the GitHub docs team.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@atorralba @jmarlena @smowton @aschackmull @Marcono1234 @guntrip @ethanpalm @intrigus-lgtm