Tony Torralba

> Looks like there's a performance problem somewhere. I've rebased main and run DCA again, to make sure that a) it wasn't a one-time thing and b) we benefit from...

DCA looks good now, with the exception of some increased tuple counts (I'm not sure we can do much about that?). There's some increase (and also some decrease) in some...

> Should there be a test for this? Good point @tamasvajk, thanks! I had to create a `.jar` file to test the stub generation, since our usual stubs are source...

Thanks for the review @tamasvajk @smowton and sorry for the delay. Comments addressed in [f860ae8](https://github.com/github/codeql/pull/8695/commits/f860ae8c82f6ee2747a5148750057ce75886e6b1).

> > This branch has conflicts that must be resolved > > Conflicting files > > java/ql/src/Security/CWE/CWE-022/TaintedPathCommon.qll Fixed, thanks @yo-h! Although this will need another rebase once https://github.com/github/codeql/pull/10177 is merged.

Thanks for the review @felicitymay! 🙏 All comments addressed. > I notice that [java/ql/test/query-tests/security/CWE-441/UnsafeContentUriResolutionTest.expected](https://github.com/github/codeql/pull/10223/files#diff-ed37b6f66a93b152b7676e264e092a52de80d489c0f5a84614a269a0dc0d4ed4) is an empty file. Is this intended? Yes, this file is needed so that tests execute...

@aschackmull would you mind re-approving please?

Thanks for the thorough review @felicitymay! Suggestions applied.

Hey @pwntester, thanks for this! I added some more CSV rows for the fluent methods of `StringJoiner`, tests, and a change note.

Thanks @Marcono1234, those are good suggestions. I had doubts about `setEmptyValue` and that's why I didn't add it in the first place, but even if taint would only get propagated...