Downgrade IncorrectIntegerConversionQuery precision to high

jsoref · jsoref · commit a9e07a88aff1 · 2024-09-24T22:08:00.000-04:00
`very-high` implies near 0 false positives and we have run into a number and an entire class

Signed-off-by: Josh Soref &lt;2119212+jsoref@users.noreply.github.com&gt;
diff --git a/go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.ql b/go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.ql
@@ -10,7 +10,7 @@
  * @tags security
  *       external/cwe/cwe-190
  *       external/cwe/cwe-681
- * @precision very-high
+ * @precision high
  */
 
 import go
diff --git a/go/ql/src/change-notes/2024-09-24-incorrect-integer-conversion-query-precision.md b/go/ql/src/change-notes/2024-09-24-incorrect-integer-conversion-query-precision.md
@@ -0,0 +1,4 @@
+---
+category: queryMetadata
+---
+* The precision of the `go/incorrect-integer-conversion-query` query was decreased from `very-high` to `high`, since there is at least one known class of false positives involving dynamic bounds checking.

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: queryMetadata
 +---
 +* The precision of the `go/incorrect-integer-conversion-query` query was decreased from `very-high` to `high`, since there is at least one known class of false positives involving dynamic bounds checking.