A question about handling commented functional code. There are many third party libraries used in repositories, so if a developer decides to comment any amount of code inside one or more of the files from these libraries, should we consider this a functional commented code vulnerability?
-Investigating about the topic I learned that when a developer uncomments the code it may cause bugs or not compile at all because it wasn’t updated for too long. However I didn’t find anything specific about comments in third party libraries.
-I checked the code in internet and comparing I found out that in my particular case the developer edited a considerable amount of code. The commented parts aren’t commented in the original library code. I noticed the original code is 400 lines shorter.
-Considering this analysis, I think that when developers edit much of the file, it may be better to consider the commented functional code a vulnerability.