Including All Query Results in .sarif File

[marktefftech]

Currently we can only use @kind problem and @kind path-problem queries with query suites. Other queries need to be run manually and they end up in a separate format (.bqrs and not .sarif).

1. There's a difference in exporting results from the UI in vscode. If you right click on a row in the query history, this is what you see for a raw query:

   

   This is what you see for a path-problem query:

   

   Notice the "View Alerts (SARIF)" option

2. You can directly run a CodeQL query like this:

   codeql database analyze ~/codeql-dbs/<db>/ queries/SampleFile.ql --format=sarif-latest --output=results.sarif

   However, with the output format set to sarif, we get this error:

   A fatal error occurred: Could not process query metadata for 
   ~/path/to/codeql-dbs/<db>/ queries/SampleFile.ql
   Error was: Cannot process query metadata for a query without the '@kind' metadata property. To learn more, see 
   https://codeql.github.com/docs/writing-codeql-queries/metadata-for-codeql-queries/ [NO_KIND_SPECIFIED]

   This error happens after we have the BQRS, the tool is just saying it can't convert the BQRS to a SARIF.

Is it possible to include all query results in the sarif file?

Thanks in advance

[marktefftech]

Edit: Added screenshots and example query commands

[aibaars]

SARIF is a static analysis results interchange format, and is meant as a common output format for static analysis tools. Therefore it is mainly designed for representing alerts/warnings/errors in source code. CodeQL is a general purpose query language and can output arbitrary table data. CodeQL uses the @kind metadata tag to determine how to interpret the table data as static analysis results when writing SARIF output. Only a limited number of @kinds can be included in SARIF (mainly problem and path-problem). If there is no @kind then CodeQL does not know how to interpret the data, and fails.