codeql icon indicating copy to clipboard operation
codeql copied to clipboard
verified publisher icon github

Java: add diagnostic query indicating low database quality

Open smowton opened this issue 1 year ago • 4 comments

smowton avatar Jun 21 '24 16:06 smowton

Here's the TSP updated with the latest text: https://github.com/smowton/test-diagnostics-from-ql/security/code-scanning/tools/CodeQL/status/configurations/api/0a0e717e7702ad6128802b437a72832333465cec67163ebe61b8292092f457c4

smowton avatar Jun 25 '24 15:06 smowton

Also, does this affect C# as well? Should we make the same change for that language, too?

aeisenberg avatar Jun 25 '24 21:06 aeisenberg

Also, does this affect C# as well? Should we make the same change for that language, too?

It does, but we just shipped to public beta to C# and we want to wait a little while to look at the data to see where we put the line for 🟡 / 🟢

coadaflorin avatar Jun 26 '24 08:06 coadaflorin

Green is meant to indicate that the quality of the database is close to a traced database. Yellow is meant to indicate that it is not. For both Java and C#, 95% seems to be a sensible threshold based on that principle. This may result in more % of databases being flagged for C#, but that makes sense, as it's consistent with the data.

yo-h avatar Jun 26 '24 15:06 yo-h