Bug Uncontrolled data used in path expression (again)

[fronobulax]

Two instances show up in KoLmafiaCLI.java. They started appearing about 14 hours ago whereas the code flagged was last changed about a week ago. Can someone confirm that the CodeQL scanner has changed or been updated recently?

I'll be looking at this momentarily but I'd like some assurance that I didn't do something wrong a week ago that only got noticed now

 

[gausie]

I cannot give that assurance but I'm sure it just doesn't do full codebase scans without files being recently edited or something.

 

[fronobulax]

I cannot give that assurance but I'm sure it just doesn't do full codebase scans without files being recently edited or something.

I feel betrayed (although it is not clear by what) since I thought all of these had been fixed and when one shows up about a week after the last time the code in question was changed I wonder. It is certainly possible that some more recent change changed some "pathing". PR does address this so....