Toni Pokki

I've seen false positives for - java/sql-injection - java/log-injection - java/tainted-arithmetic So far it seems that almost any query that checks on unsanitized user input.

Sorry, I was a bit unclear. The above example with `Integer id` can cause `java/tainted-arithmetic` issue. While if the id would be `String` it can cause `java/sql-injection`.

Created a small demo app in [here](https://github.com/tpokki/test-001/tree/8c59a1cc0510d9f8ef11f33a84681dec72ed5523/src/main/java/com/example/demo/rest). Also noticed that the CodeQL does not even detect and report the flow thru `ApiV1`, as it does not have `@Path` annotation in...

Yes, that summaries my findings/questions so far in regards of jaxrs and javax.validations.

I came across with this same issue, and noticed that as a workaround I could just create some dummy `.tf` file in the dependency project. ``` touch environments/local/dev/k8s/something.tf ``` And...

@xsteadfastx, if you use the `pkgerrors.MarshalStack`, it can only print stack traces for errors that are from `github.com/pkg/errors`. That is, it won't print stack traces to any arbitrary `error` you...

This is probably more of issue in helm than in loki: https://stackoverflow.com/a/76483966/1336443 > helm3 keeps the release state in secret, the last release helm state contains the old API autoscaling/v2beta1,...