From aa7fbce2dd31871209302ef13aa152c1bb1d4343 Mon Sep 17 00:00:00 2001
From: David Anson <david@dlaa.me>
Date: Fri, 2 Oct 2020 13:33:05 -0700
Subject: [PATCH] Update code to fix or document false positives for CodeQL
 warnings.

---
 example/typescript/type-check.ts | 2 ++
 helpers/helpers.js               | 3 +++
 test/markdownlint-test.js        | 4 ++--
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/example/typescript/type-check.ts b/example/typescript/type-check.ts
index d366ae64..d58cde50 100644
--- a/example/typescript/type-check.ts
+++ b/example/typescript/type-check.ts
@@ -36,6 +36,8 @@ function assertLintResults(results: markdownlint.LintResults) {
   assert(!results["string"][0].fixInfo.deleteCount);
   assert.equal(results["string"][0].fixInfo.insertText, "\n");
   assert.equal(results["../bad.md"].length, 2);
+  // Deliberate assignment to unused variable validates types
+  // False-positive for js/useless-assignment-to-local
   results = {
     "key": [
       {
diff --git a/helpers/helpers.js b/helpers/helpers.js
index 87c49acf..989974d0 100644
--- a/helpers/helpers.js
+++ b/helpers/helpers.js
@@ -61,6 +61,8 @@ module.exports.isObject = function isObject(obj) {
 // Example: Contains nothing, whitespace, or comments
 const blankLineRe = />|(?:<!--.*?-->)/g;
 module.exports.isBlankLine = function isBlankLine(line) {
+  // Call to String.replace follows best practices and is not a security check
+  // False-positive for js/incomplete-multi-character-sanitization
   return !line || !line.trim() || !line.replace(blankLineRe, "").trim();
 };
 
@@ -355,6 +357,7 @@ function forEachInlineCodeSpan(input, handler) {
     let currentTicks = 0;
     let state = "normal";
     // Deliberate <= so trailing 0 completes the last span (ex: "text `code`")
+    // False-positive for js/index-out-of-bounds
     for (; index <= input.length; index++) {
       const char = input[index];
       // Ignore backticks in link destination
diff --git a/test/markdownlint-test.js b/test/markdownlint-test.js
index 7c78d6dd..9ab8c050 100644
--- a/test/markdownlint-test.js
+++ b/test/markdownlint-test.js
@@ -809,10 +809,10 @@ tape("readme", (test) => {
         ) {
           if (!seenRelated) {
             seenRelated = true;
-          } else if (seenRelated && !seenRules) {
+          } else if (!seenRules) {
             seenRules = true;
             inRules = true;
-          } else if (seenRelated && seenRules && !seenTags) {
+          } else if (!seenTags) {
             seenTags = true;
             inTags = true;
           }