Predicate restrictAlertsTo

Holds if the query may restrict its computation to only produce alerts that match the given line ranges. This predicate is used for implementing diff-informed queries for pull requests in GitHub Code Scanning.

This predicate is active if and only if it is nonempty. If this predicate is inactive, it has no effect. If it is active, queries may omit alerts that don’t have a matching (see below) primary or related location (in SARIF terminology). Queries are still allowed to produce alerts that have no matching locations, but they are not required to do so.

An alert location is a match if it matches a row in this predicate. If lineStart and lineEnd are both 0, the row specifies a whole-file match, and a location is a match if its file path matches filePath. Otherwise, the row specifies a line-range match, and a location is a match if its file path matches filePath, and its character range intersects with the range from the beginning of lineStart to the end of lineEnd.

• filePath: alert location file path (absolute).
• lineStart: inclusive start of the line range (1-based).
• lineEnd: inclusive end of the line range (1-based).

Note that even if an alert has no matching locations for this filtering predicate, it could still have matching locations for other filtering predicates in this module. In that case, queries must still produce such an alert. An alert can be omitted only if (1) there is at least one active filtering predicate, and (2) it has no matching locations for any active filtering predicate.

See also: restrictAlertsToExactLocation.