Filter alerts by pr-diff-range JSON file

cklin · cklin · commit 7a327857c3be · 2025-02-13T11:49:10.000-08:00
diff --git a/src/upload-lib.ts b/src/upload-lib.ts
@@ -578,6 +578,7 @@ export async function uploadFiles(
     features,
     logger,
   );
+  sarif = filterAlertsByDiffRange(sarif);
   sarif = await fingerprints.addFingerprints(sarif, checkoutPath, logger);
 
   const analysisKey = await api.getAnalysisKey();
@@ -848,3 +849,57 @@ export class InvalidSarifUploadError extends Error {
     super(message);
   }
 }
+
+function filterAlertsByDiffRange(sarif: SarifFile): SarifFile {
+  const diffRangeFilePath = path.join(
+    actionsUtil.getTemporaryDirectory(),
+    "pr-diff-range",
+    "pr-diff-range.json",
+  );
+
+  if (!fs.existsSync(diffRangeFilePath)) {
+    return sarif;
+  }
+
+  const diffRanges = JSON.parse(
+    fs.readFileSync(diffRangeFilePath, "utf8"),
+  ) as Array<{
+    path: string;
+    startLine: number;
+    endLine: number;
+  }>;
+
+  // CodeQL always uses forward slashes as the path separator, so on Windows we
+  // need to replace any backslashes with forward slashes.
+  const checkoutPath = actionsUtil
+    .getRequiredInput("checkout_path")
+    .replaceAll(path.sep, "/");
+
+  for (const run of sarif.runs) {
+    if (run.results) {
+      run.results = run.results.filter((result) => {
+        const locations = [
+          ...(result.locations || []).map((loc) => loc.physicalLocation),
+          ...(result.relatedLocations || []).map((loc) => loc.physicalLocation),
+        ];
+
+        return locations.some((physicalLocation) => {
+          const uri = physicalLocation?.artifactLocation?.uri;
+          const startLine = physicalLocation?.region?.startLine;
+          if (!uri || !startLine) {
+            return false;
+          }
+          const locationPath = path.join(checkoutPath, uri);
+          return diffRanges.some(
+            (range) =>
+              range.path === locationPath &&
+              ((range.startLine <= startLine && range.endLine >= startLine) ||
+                (range.startLine === 0 && range.endLine === 0)),
+          );
+        });
+      });
+    }
+  }
+
+  return sarif;
+}
diff --git a/src/util.ts b/src/util.ts
@@ -96,6 +96,16 @@ export interface SarifResult {
       };
     };
   }>;
+  relatedLocations?: Array<{
+    physicalLocation: {
+      artifactLocation: {
+        uri: string;
+      };
+      region?: {
+        startLine?: number;
+      };
+    };
+  }>;
   partialFingerprints: {
     primaryLocationLineHash?: string;
   };
