One of our current discussion topics is whether the existing SARIF codeFlow object can represent the rich information produced by tools which trace execution paths through the code. It would help to have sample log files from such tools to review at our upcoming meeting. If any of you have log files like that, could you please send them directly to Mike Fanning (
mikefan@microsoft.com ) and me, Larry Golding (
larrygolding@comcast.net )? Michael thought that some of you are likely to be able to supply logs like that: Yekaterina O’Neil – Fortify Paul Anderson – CodeSonar? Mel Llaguno – Synopsis Luke Cartey – Semmle Mike Fanning – Static Driver Verifier (SDV) Jim Kupsch – SWAMP-compatible tools? Henny Sipma – Kestrel … but the request is to any and all of you who can help. Thanks, Larry