From 63c87693236a52b7ab41b16c56dd5adc3f1f5811 Mon Sep 17 00:00:00 2001 From: Chuan-kai Lin Date: Tue, 3 Dec 2024 12:26:35 -0800 Subject: [PATCH] AlertFiltering: prohibit partial filtering This documentation-only commit clarifies that a query should either ignore restrictAlertsTo completely or apply restrictAlertsTo filtering to all alerts. This update eliminates the ambiguity on whether a query may choose to apply restrictAlertsTo filtering to only some alerts but not others (it may not). --- shared/util/codeql/util/AlertFiltering.qll | 3 +++ 1 file changed, 3 insertions(+) diff --git a/shared/util/codeql/util/AlertFiltering.qll b/shared/util/codeql/util/AlertFiltering.qll index d1778304b733..6ca62e50af22 100644 --- a/shared/util/codeql/util/AlertFiltering.qll +++ b/shared/util/codeql/util/AlertFiltering.qll @@ -17,6 +17,9 @@ private import codeql.util.Location * - endLine: End line number (starting with 1, inclusive) to restrict alerts to. * * If startLine and endLine are both 0, accept alerts anywhere in the file. + * + * A query should either completely ignore this predicate (i.e., perform no filtering whatsoever), + * or only return alerts that meet the filtering criteria as specified above. */ extensible predicate restrictAlertsTo(string filePath, int startLine, int endLine);