I have pushed a new change draft: Documents/ChangeDrafts/Active/sarif-v2.0-issue-29-rule-configuration.docx rule.configuration is now an object, with properties as in this example (included in the draft): { # A rule object (§3.29) "id": "SA2707", "name": { "text": "LimitSourceLineLength " }, "shortDescription": { "text": "Limit source line length for readability." }, "configuration": { "enabled": true, "defaultLevel": "warning", "parameters": { "maxLength": 120 } } } Please review this new draft! Thanks, Larry From: Larry Golding (Comcast) <
larrygolding@comcast.net> Sent: Wednesday, March 7, 2018 10:11 AM To: '
sarif@lists.oasis-open.org' <
sarif@lists.oasis-open.org> Subject: RE: [sarif] Change draft for #29: Document rule.configuration After discussion with Michael, we now have in mind a more comprehensive design for rule configuration. Please hold off on reviewing this change draft. Thanks, Larry From:
sarif@lists.oasis-open.org <
sarif@lists.oasis-open.org > On Behalf Of Larry Golding (Comcast) Sent: Tuesday, March 6, 2018 2:25 PM To:
sarif@lists.oasis-open.org Subject: [sarif] Change draft for #29: Document rule.configuration I pushed a change draft for Issue #29 , “Document rule.configuration” Documents/ChangeDrafts/Active/sarif-v2.0-issue-29-rule-configuration.docx The SARIF SDK defines a property rule.configuration whose value is one of enabled / disabled / unknown . The property says whether the rule was enabled during the run. Compliance systems can use this information to determine whether the tool ran all the rules required by corporate policy. Even though this has been in the SDK for a long time, we somehow neglected to document it. I added this item to the Agenda that’s checked into the repo, and I’ll move for its adoption at the next TC meeting. Thanks, Larry