Add change note and fix some QLDocs

Author: atorralba

java/change-notes/2021-05-06-unsafe-android-access-query.md

@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The query "Unsafe resource fetching in Android webview" (`java/android/unsafe-android-webview-fetch`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/3706)

java/ql/src/semmle/code/java/security/UnsafeAndroidAccess.qll

@@ -8,7 +8,7 @@ import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.ExternalFlow
 
 /**
- * A sink that represents a method that fetches a web resource.
+ * A sink that represents a method that fetches a web resource in Android.
  *
  * Extend this class to add your own Unsafe Resource Fetching sinks.
  */

java/ql/test/query-tests/security/CWE-749/UnsafeAndroidAccessTest.ql

@@ -5,7 +5,7 @@ import TestUtilities.InlineExpectationsTest
 import semmle.code.java.security.UnsafeAndroidAccess
 
 class Conf extends TaintTracking::Configuration {
-  Conf() { this = "qltest:cwe:jexl-injection" }
+  Conf() { this = "qltest:cwe:unsafe-android-access" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }