LGTM.com - false positive

[brettz9]

Description of the false positive

I have some intervening code from the false initialization which sets the variable via: alreadyIncluded ||=

URL to the alert on the project page on LGTM.com

https://lgtm.com/projects/g/gajus/eslint-plugin-jsdoc/snapshot/f7786b18f88c7bdec62b0108da6a9593fa6bd919/files/src/bin/generateRule.js#xa93feca38ebd7fb9:1

[adityasharad]

Thank you for reporting this! Is it possible for offsets to be empty? In that case the findIndex loop will not run, and alreadyIncluded will not be updated. In other cases, however, this does look like a false positive.

Our current focus is on improving our security analysis. Because your report does not relate to a security query, we will put this on our backlog and prioritize it if we get enough reports of the same underlying issue in other projects. We'll let you know here as soon as it's fixed.

GitHub Code Scanning and lgtm.com have facilities for suppressing individual alerts or disabling a query in case this alert is affecting your workflows.

[brettz9]

Thank you for reporting this! Is it possible for offsets to be empty?

Only in some cases. The code has full coverage so it is coming out true in some cases.

Our current focus is on improving our security analysis. Because your report does not relate to a security query, we will put this on our backlog and prioritize it if we get enough reports of the same underlying issue in other projects. We'll let you know here as soon as it's fixed.

Ok, thank you.

GitHub Code Scanning and lgtm.com have facilities for suppressing individual alerts or disabling a query in case this alert is affecting your workflows.

Sure, thank you.