rob05c opened a new pull request #5923: URL: https://github.com/apache/trafficcontrol/pull/5923
"Fixes" codeql false positives. None of these are actual issues. Checking for overflows is deceptive and not useful. For example, the Parent Rank being `2147483649` is no more invalid than `2147483645`, but we don't have a hard limit on Parent Rank, so there's no sane max we can impose. But this is the path of least resistance. Much as it frustrates me to make code worse for bad tools, this will make people and tools stop bothering us every few months to fix things they don't have the context to understand aren't issues. No new tests, code already has tests, and any specific tests around the overflow would be deceptive, misleading, and fallacious. No docs, no interface change. No changelog, no interface change, and these aren't real bugs. - [x] This PR is not related to any other Issue ## Which Traffic Control components are affected by this PR? - Traffic Ops ORT ## What is the best way to verify this PR? Run tests. Observe code is obviously identical in behavior, except for overflows astronomically larger than valid values. ## If this is a bug fix, what versions of Traffic Control are affected? Not a bug fix. ## The following criteria are ALL met by this PR - [x] This PR includes tests OR I have explained why tests are unnecessary - [x] This PR includes documentation OR I have explained why documentation is unnecessary - [x] This PR includes an update to CHANGELOG.md OR such an update is not necessary - [x] This PR includes any and all required license headers - [x] This PR **DOES NOT FIX A SERIOUS SECURITY VULNERABILITY** (see [the Apache Software Foundation's security guidelines](https://www.apache.org/security/) for details) ## Additional Information -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
