Tony Torralba

If DCA is happy and FP ratio looks good, let's go for a doc review and merge. @github/docs-content-codeql please review the full qhelp file, not just the changes, since it...

Is there anything else blocking the merge of this query, other than https://github.com/github/codeql/pull/8541#discussion_r834217496? Needs a docs review maybe?

@aschackmull could you take a look at the dataflow logic in this query, and see if something can be improved?

> have you identified the pain points? @joefarebrother do you remember where the issue was in JDK regarding performance?

I got the same problem, and I just wanted to give another workaround that solved it for me. I just modified the following in `common.py`, function `external_command`: ~~~~python return stdout.decode('utf-8').strip('\n').split('\n')...

@aschackmull I introduced a new parameterized module [here](https://github.com/github/codeql/pull/10177/files#diff-38978229f15815dd860ec9f3696f469770f85b8082736b808072ef64be18a834R15-R43). If you have the chance to review it, let me know if something doesn't look right.

Hey @vlkl-sap, thanks for the feedback! > Would it make sense to rename `AllowListGuard` and `BlockListGuard` to `AllowPrefixGuard` and `BlockPrefixGuard` respectively? `BlockListGuard` actually handles both prefixes and a few restricted...

> Are these duplicates? Indeed they are! One of those two should have been the `!= -1` case. See the recent commits for fixes to all the issues you mentioned....

> > This branch has conflicts that must be resolved > > Conflicting files > > java/ql/src/Security/CWE/CWE-022/TaintedPathCommon.qll Thanks @yo-h! Conflict resolved.

Thanks for the review @aschackmull 🙏. Comments addressed in 00fe0c1.