github
Enhancement: add support for suppressing CodeQL alerts on the next line
Currently code-identifier comments of a deviation are required to be on the same line as the CodeQL alert it refers to, which can cause code-formatters (clang-format etc.) to break very long lines into multiple lines that may require further position adjustment from the user for the deviation comments.
Therefore, a feature for suppressing CodeQL alerts on the NEXT line would be inevitable in the future, similar to clang-tidys NOLINTNEXTLINE` feature.
Current State: Lets say there is a function with a return type that generates a CodeQL alert which should be ignored by a deviation comment:
ReturnTypeGeneratesAnAlert MyLongFunction(ParamType1 p1, ParamType2 p2, ParamType3 p3) { // DeviationCommentForReturnType
...
}
Due to the line length limit, clang-format may reformat the line into:
ReturnTypeGeneratesAnAlert
MyLongFunction(ParamType1 p1, ParamType2 p2, ParamType3 p3) { // DeviationCommentForReturnType
...
}
which needs to be manually repositioned to the following way by the user (otherwise the CodeQL alert will be re-triggered):
ReturnTypeGeneratesAnAlert // DeviationCommentForReturnType
MyLongFunction(ParamType1 p1, ParamType2 p2, ParamType3 p3) {
...
}
Proposed Solution:
Introduce NOCODEQLNEXTLINE or similar feature for suppressing CodeQL alerts on the next line:
// NOCODEQLNEXTLINE(DeviationCommentForReturnType)
ReturnTypeGeneratesAnAlert MyLongFunction(ParamType1 p1, ParamType2 p2, ParamType3 p3) {
...
}
