lgtm,codescanning
* Reads from `java.net.http.WebSocket` have been added as sources of tainted data for all
  security queries.