regexp based narrowing in ql results colums

[anticomputer]

Is your feature request related to a problem? Please describe. When triaging large sets of findings not being able to narrow the finding set down to a specific area of the results listing requires you to edit and re-run your queries to e.g. match a specific file or case, this is time consuming and interrupts more general code assessment workflows a bit.

Describe the solution you'd like Add a regexp based result narrower to ql results columns. Ideally this narrower is easily accessible and allows for rapid narrowing and un-narrowing of results listings.

e.g. if I have 5000 findings and 300 of those findings are in bla.c I'd like to go "bla.c." and have the results listing narrowed to those 300 findings.

Describe alternatives you've considered Manual editing and then rerunning the actual query to narrow.

Additional context N/A

[aeisenberg]

This might be easier to implement if we focus only on SARIF (alert) results. These files are read completely into memory before we display a page of results. Non-alert queries are loaded form BQRS files, which are paged in from disk. These are difficult to filter since we only read one page of the file before displaying.