From 3ef557c5c8c722a987a431a7e6ec872dae95fff8 Mon Sep 17 00:00:00 2001
From: Abhinav <abhinav.raj@privado.ai>
Date: Sat, 19 Nov 2022 11:08:33 +0530
Subject: [PATCH 01/12] patch: update firstname rule

---
 rules/sources/personal_identification.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sources/personal_identification.yaml b/rules/sources/personal_identification.yaml
index 718555c5..4f9ac323 100644
--- a/rules/sources/personal_identification.yaml
+++ b/rules/sources/personal_identification.yaml
@@ -15,7 +15,7 @@ sources:
     isSensitive: False
     sensitivity: low
     patterns:
-      - "(?i).*(?:first|given|full)[^\\s/(;)#|,=!>]{0,5}name"
+      - "(?i).*((?:first|given)[^\\s/(;)#|,=!>]{0,5}|full)name"
     tags:
       law: GDPR
   

From df616efb30ffae8ddc8126b12c2caeb13afd34bd Mon Sep 17 00:00:00 2001
From: Abhinav <abhinav.raj@privado.ai>
Date: Mon, 21 Nov 2022 16:21:12 +0530
Subject: [PATCH 02/12] patch: update address rule

---
 rules/sources/contact_data.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sources/contact_data.yaml b/rules/sources/contact_data.yaml
index 30377284..f14883d5 100644
--- a/rules/sources/contact_data.yaml
+++ b/rules/sources/contact_data.yaml
@@ -5,7 +5,7 @@ sources:
     isSensitive: False
     sensitivity: medium
     patterns:
-      - "(?i)(.*(?<!(ip|mac|email|server|logical|physical|port|public|private)[-_]?)address)|(?:home|house|billing|mailing|shipping|contact|delivery|office|person|policyholder|insurer|claimant)[^\\s/(;)#|,=!>]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line"
+      - "(?i)(.*(?<!(ip|mac|email|server|logical|physical|port|public|private|inet|cc|bcc|to|data)[-_]?)address)|(?:home|house|billing|mailing|shipping|contact|delivery|office|person|policyholder|insurer|claimant)[^\\s/(;)#|,=!>]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line]"
     tags:
       law: GDPR
   

From ec4c62f22cf484a18527b53e531e3bc776403209 Mon Sep 17 00:00:00 2001
From: Abhinav <abhinav.raj@privado.ai>
Date: Fri, 25 Nov 2022 10:45:02 +0530
Subject: [PATCH 03/12] patch: update address rule to elminiate FP

---
 rules/sources/contact_data.yaml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/rules/sources/contact_data.yaml b/rules/sources/contact_data.yaml
index f14883d5..06851321 100644
--- a/rules/sources/contact_data.yaml
+++ b/rules/sources/contact_data.yaml
@@ -2,10 +2,8 @@ sources:
   - id: Data.Sensitive.ContactData.Address
     name: Address
     category: Contact Data
-    isSensitive: False
-    sensitivity: medium
     patterns:
-      - "(?i)(.*(?<!(ip|mac|email|server|logical|physical|port|public|private|inet|cc|bcc|to|data)[-_]?)address)|(?:home|house|billing|mailing|shipping|contact|delivery|office|person|policyholder|insurer|claimant)[^\\s/(;)#|,=!>]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line]"
+      - "(?i)(.*(?<!(ip|mac|email|server|logical|physical|port|public|private|inet|cc|bcc|to|data|internet|host)[-_]?)address)|(?:home|house|billing|mailing|shipping|contact|delivery|office|person|policyholder|insurer|claimant)[^\\s/(;)#|,=!>]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line]"
     tags:
       law: GDPR
   

From b3e0f3bd3abc1d3dbaec877b028fe7d8d56c5581 Mon Sep 17 00:00:00 2001
From: Abhinav <abhinav.raj@privado.ai>
Date: Sat, 26 Nov 2022 12:05:51 +0530
Subject: [PATCH 04/12] fix: incorrect rules

---
 rules/sources/contact_data.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/rules/sources/contact_data.yaml b/rules/sources/contact_data.yaml
index 06851321..d0f045e4 100644
--- a/rules/sources/contact_data.yaml
+++ b/rules/sources/contact_data.yaml
@@ -2,6 +2,8 @@ sources:
   - id: Data.Sensitive.ContactData.Address
     name: Address
     category: Contact Data
+    isSensitive: False
+    sensitivity: medium
     patterns:
       - "(?i)(.*(?<!(ip|mac|email|server|logical|physical|port|public|private|inet|cc|bcc|to|data|internet|host)[-_]?)address)|(?:home|house|billing|mailing|shipping|contact|delivery|office|person|policyholder|insurer|claimant)[^\\s/(;)#|,=!>]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line]"
     tags:

From d2fb1b6c831eb1e0f47c9df179b67d51b56b0495 Mon Sep 17 00:00:00 2001
From: Khemraj Rathore <khemraj.rathore@privado.ai>
Date: Thu, 1 Dec 2022 16:45:39 +0530
Subject: [PATCH 05/12] add - backup for unresolved

---
 config/semantics/java.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/config/semantics/java.yaml b/config/semantics/java.yaml
index 7d63ac59..d375cbc2 100644
--- a/config/semantics/java.yaml
+++ b/config/semantics/java.yaml
@@ -7,9 +7,17 @@ semantics:
   - signature: "android.text.TextUtils.isEmpty:boolean(java.lang.String)"
     flow: "1->-1"
   
+  - signature: "android.text.TextUtils.isEmpty:<unresolvedSignature>(1)"
+    flow: "1->-1"
+  
   - signature: "org.apache.http.HttpResponse.getStatusLine:org.apache.http.StatusLine()"
     flow: "0->0"
 
+  - signature: "org.apache.http.HttpResponse.getStatusLine:<unresolvedSignature>(0)"
+    flow: "0->0"
+
   - signature: "org.apache.http.StatusLine.getStatusCode:boolean()"
 
+  - signature: "org.apache.http.StatusLine.getStatusCode:<unresolvedSignature>(0)"
+
   
\ No newline at end of file

From 67b444bad500a438ce27113da852c5a7f47e18cf Mon Sep 17 00:00:00 2001
From: Khemraj Rathore <khemraj.rathore@privado.ai>
Date: Thu, 1 Dec 2022 16:47:32 +0530
Subject: [PATCH 06/12] remove flow for isEmpty - android semantic

---
 config/semantics/java.yaml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/config/semantics/java.yaml b/config/semantics/java.yaml
index d375cbc2..ac218d3a 100644
--- a/config/semantics/java.yaml
+++ b/config/semantics/java.yaml
@@ -5,10 +5,8 @@
 
 semantics:
   - signature: "android.text.TextUtils.isEmpty:boolean(java.lang.String)"
-    flow: "1->-1"
   
   - signature: "android.text.TextUtils.isEmpty:<unresolvedSignature>(1)"
-    flow: "1->-1"
   
   - signature: "org.apache.http.HttpResponse.getStatusLine:org.apache.http.StatusLine()"
     flow: "0->0"

From 751c0fbfcfc7721d5fa0f3eb747d2021ca3e62e3 Mon Sep 17 00:00:00 2001
From: Khemraj Rathore <khemraj.rathore@privado.ai>
Date: Sat, 3 Dec 2022 21:46:14 +0530
Subject: [PATCH 07/12] add - semantic for persistence entity

---
 config/semantics/java.yaml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/config/semantics/java.yaml b/config/semantics/java.yaml
index ac218d3a..e37ddc85 100644
--- a/config/semantics/java.yaml
+++ b/config/semantics/java.yaml
@@ -18,4 +18,8 @@ semantics:
 
   - signature: "org.apache.http.StatusLine.getStatusCode:<unresolvedSignature>(0)"
 
-  
\ No newline at end of file
+  - signature: "javax.persistence.Query.setParameter:<unresolvedSignature>(2)"
+    flow: "1->0 2->0"
+  
+  - signature: "javax.persistence.EntityManager.find:<unresolvedSignature>(2)"
+    flow: "0->-1 1->-1 2->-1"
\ No newline at end of file

From 305960253c0fe1a0867591911f4349ce6b3bc9ed Mon Sep 17 00:00:00 2001
From: Khemraj Rathore <khemraj.rathore@privado.ai>
Date: Mon, 12 Dec 2022 13:32:51 +0530
Subject: [PATCH 08/12] fix - remove detection of remoteAddress in personal
 address

---
 rules/sources/contact_data.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sources/contact_data.yaml b/rules/sources/contact_data.yaml
index d0f045e4..c56f4469 100644
--- a/rules/sources/contact_data.yaml
+++ b/rules/sources/contact_data.yaml
@@ -5,7 +5,7 @@ sources:
     isSensitive: False
     sensitivity: medium
     patterns:
-      - "(?i)(.*(?<!(ip|mac|email|server|logical|physical|port|public|private|inet|cc|bcc|to|data|internet|host)[-_]?)address)|(?:home|house|billing|mailing|shipping|contact|delivery|office|person|policyholder|insurer|claimant)[^\\s/(;)#|,=!>]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line]"
+      - "(?i)(.*(?<!(ip|mac|email|server|logical|physical|port|public|private|inet|cc|bcc|to|data|internet|host|remote)[-_]?)address)|(?:home|house|billing|mailing|shipping|contact|delivery|office|person|policyholder|insurer|claimant)[^\\s/(;)#|,=!>]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line]"
     tags:
       law: GDPR
   

From 8d50f4db23de63050b7a9ccffe63fdc41293514b Mon Sep 17 00:00:00 2001
From: Khemraj Rathore <khemraj.rathore@privado.ai>
Date: Mon, 12 Dec 2022 16:07:45 +0530
Subject: [PATCH 09/12] add - trace in logging

---
 rules/sinks/leakages/logs/java.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sinks/leakages/logs/java.yaml b/rules/sinks/leakages/logs/java.yaml
index d4cddbe9..1c34fea3 100644
--- a/rules/sinks/leakages/logs/java.yaml
+++ b/rules/sinks/leakages/logs/java.yaml
@@ -15,7 +15,7 @@ sinks:
   - id: Leakages.Log.Debug
     name: Log Debug
     patterns:
-      - "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(debug|log|[.](d|v)[:]).*"
+      - "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(debug|log|trace|[.](d|v|t)[:]).*"
     tags:
   
   - id: Leakages.Log.Info

From 8fb4cbcb388ed9027e8d7e0f7c352e53b9073cc7 Mon Sep 17 00:00:00 2001
From: Khemraj Rathore <khemraj.rathore@privado.ai>
Date: Mon, 12 Dec 2022 17:24:09 +0530
Subject: [PATCH 10/12] fix - remove getBody, getStatusCode from sendgrid match

---
 rules/sinks/third_parties/sdk/sendgrid/java.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sinks/third_parties/sdk/sendgrid/java.yaml b/rules/sinks/third_parties/sdk/sendgrid/java.yaml
index 6d050b62..a5663c33 100644
--- a/rules/sinks/third_parties/sdk/sendgrid/java.yaml
+++ b/rules/sinks/third_parties/sdk/sendgrid/java.yaml
@@ -9,5 +9,5 @@ sinks:
     domains:
       - "sendgrid.com"
     patterns:
-      - "(?i)(clj-sendgrid|com[.]flozano[.]sendgrid|com[.]sendgrid[.]labs|com[.]sendgrid).*"
+      - "(?i)(clj-sendgrid|com[.]flozano[.]sendgrid|com[.]sendgrid[.]labs|com[.]sendgrid).*(?<!getbody|getStatusCode):.*"
     tags:

From d75361d9ed904b741eba0d889e9219038bb07a40 Mon Sep 17 00:00:00 2001
From: Abhinav <abhinav.raj@privado.ai>
Date: Tue, 13 Dec 2022 13:12:40 +0530
Subject: [PATCH 11/12] patch: fix VPA address rule

---
 rules/sources/financial_data.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sources/financial_data.yaml b/rules/sources/financial_data.yaml
index fd66f23a..d80f818c 100644
--- a/rules/sources/financial_data.yaml
+++ b/rules/sources/financial_data.yaml
@@ -36,7 +36,7 @@ sources:
     isSensitive: False
     sensitivity: high
     patterns:
-      - "(?i).*(virtual[^\\s/(;)#|,=!>]{0,5}payment[^\\s/(;)#|,=!>]{0,5}address|virtual[^\\s/(;)#|,=!>]{0,5}payment|upi[-_\\[<'.]{0,2}id)|(merchant|payee|payment|retailer|dealer|seller|vendor)[-_]{0,1}vpa|vpa[-_]{0,1}id"
+      - "(?i).*(virtual[^\\s/(;)#|,=!>]{0,5}payment[^\\s/(;)#|,=!>]{0,5}address|virtual[^\\s/(;)#|,=!>]{0,5}payment|upi[-_\\[<'.]{0,2}id)|(merchant|payee|payment|retailer|dealer|seller|vendor)[-_]{0,1}vpa|vpa[-_]{0,1}id])"
     tags:
       law: GDPR
 

From 857a7674096cc78021dbdfada986f88c54ff5db1 Mon Sep 17 00:00:00 2001
From: Abhinav <abhinav.raj@privado.ai>
Date: Tue, 13 Dec 2022 17:43:19 +0530
Subject: [PATCH 12/12] patch: update vpa rule

---
 rules/sources/financial_data.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/sources/financial_data.yaml b/rules/sources/financial_data.yaml
index d80f818c..862a90cf 100644
--- a/rules/sources/financial_data.yaml
+++ b/rules/sources/financial_data.yaml
@@ -36,7 +36,7 @@ sources:
     isSensitive: False
     sensitivity: high
     patterns:
-      - "(?i).*(virtual[^\\s/(;)#|,=!>]{0,5}payment[^\\s/(;)#|,=!>]{0,5}address|virtual[^\\s/(;)#|,=!>]{0,5}payment|upi[-_\\[<'.]{0,2}id)|(merchant|payee|payment|retailer|dealer|seller|vendor)[-_]{0,1}vpa|vpa[-_]{0,1}id])"
+      - "(?i).*(virtual[^\\s/(;)#|,=!>]{0,5}payment[^\\s/(;)#|,=!>]{0,5}address|virtual[^\\s/(;)#|,=!>]{0,5}payment|upi[-_<'.]{0,2}id)|(merchant|payee|payment|retailer|dealer|seller|vendor)[-_]{0,1}vpa|vpa[-_]{0,1}id"
     tags:
       law: GDPR