OASIS Static Analysis Results Interchange Format (SARIF) TC

 View Only
  • 1.  New errata bundle

    Posted 06-13-2023 01:04
    Sorry for the delay in sending out the new errata bundle. The new version contains the fixes agreed at the last meeting. * Moved the anyOf block addition to "region" to make valid JSON. * Enumerate the schemas explicitly under the artifacts section and at each use. * Put version before $schema in the examples to match the document's suggestion. Github issue #568 and the Errata itself have also been updated to reflect those changes that were not already covered. It turns out that the original SARIF standard referred explicitly to each schema file when it was used. That was lost during the transition away from github URLs. It has now been restored, with the correct URL references. To see all the schema URLs, you can search for "schemas/" without the quotes. David


  • 2.  RE: [sarif] New errata bundle

    Posted 06-13-2023 19:48
    Not sure how important this is, but there is a misspelling in both doc files: "determinisitc" should be "deterministic". Also, the shorter doc file contains "changes to be included in Sarif upon approval" -- should this be "changes to be included in SARIF upon approval" instead? k