C++: Silence ExtractionRecoverableWarnings when BMN is active#21588
Merged
jketema merged 2 commits intogithub:mainfrom Mar 30, 2026
Merged
C++: Silence ExtractionRecoverableWarnings when BMN is active#21588jketema merged 2 commits intogithub:mainfrom
ExtractionRecoverableWarnings when BMN is active#21588jketema merged 2 commits intogithub:mainfrom
Conversation
jketema
force-pushed
the
jketema/compiler-error-bmn
branch
from
07b2165 to
0f8e39a
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR reduces SARIF output noise for C++ build-mode: none (BMN) databases by filtering out ExtractionRecoverableWarning diagnostics from the extractor, while keeping ExtractionUnknownProblem results to retain signal for more serious/opaque extraction failures.
Changes:
- Update the
cpp/diagnostics/extraction-warningsdiagnostic query to suppressExtractionRecoverableWarnings when BMN is active. - Extend the extraction-problem hierarchy with a
getCompilation()accessor to support build-mode-based filtering. - Add a change note documenting the diagnostics behavior change and its SARIF-size impact.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| cpp/ql/src/change-notes/2026-03-30-warning-diagnostics.md | Documents the BMN-specific change to extraction warning diagnostics and SARIF size impact. |
| cpp/ql/src/Diagnostics/ExtractionWarnings.ql | Filters out recoverable extraction warnings when build-mode: none is used. |
| cpp/ql/src/Diagnostics/ExtractionProblems.qll | Adds compilation association plumbing to extraction problems to enable BMN filtering. |
| --- | ||
| category: minorAnalysis | ||
| --- | ||
| * The "Extraction warnings" (`cpp/diagnostics/extraction-warnings`) diagnostics query no longer yields `ExtractionRecoverableWarning`s for `build-mode: none` databases. The results were found to significantly increase the sizes of the produced SARIF files, making them unprocessable in some cases. |
There was a problem hiding this comment.
The change note sentence is a bit awkward/grammatically off ("increase the sizes of the produced SARIF files"). Consider rephrasing to something like "increase the size of the produced SARIF files" for clarity.
Suggested change
| * The "Extraction warnings" (`cpp/diagnostics/extraction-warnings`) diagnostics query no longer yields `ExtractionRecoverableWarning`s for `build-mode: none` databases. The results were found to significantly increase the sizes of the produced SARIF files, making them unprocessable in some cases. | |
| * The "Extraction warnings" (`cpp/diagnostics/extraction-warnings`) diagnostics query no longer yields `ExtractionRecoverableWarning`s for `build-mode: none` databases. The results were found to significantly increase the size of the produced SARIF files, making them unprocessable in some cases. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Some context: all warnings/errors produced by the extractor are output to the SARIF by means of this query. This is mostly done to allow for initial debugging when we receive a SARIF file from a customer. In BMN the expectation is that there will always be warnings/errors coming from the extractor, and they are likely not very helpful for further debugging.
This PR silences the warnigs/errors in the case of BMN. The
ExtractionUnknownProblemare kept, because they indicate more serious problems that we may want to track.With these changes I'm able to successfully run BMN DCA with the code-scanning and security extended query suites.
I also ran a QA experiment (27/3/2026) which shows a few projects we can now handle, which we could not handle before. The set of projects is identical to the set found when completely turning off off warnings and errors emitted from the extractor (QA experiment from 24/3/2026).