codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

Set `java/string-concatenation-in-loop` as having `high` precision

Open sampart opened this issue 1 year ago • 2 comments

@yoff and I ran this query against the top 100 java repos with MRVA. Looking through a decent sample of the results, we found no false positives. Is that sufficient testing to increase the precision here?

sampart avatar Jun 26 '24 14:06 sampart

Let's get https://github.com/github/codeql/pull/16859 merged first

sampart avatar Jun 27 '24 09:06 sampart

Let's get #16859 merged first

Agreed. I have converted this to draft in the meantime.

yoff avatar Jun 27 '24 15:06 yoff