OASIS Static Analysis Results Interchange Format (SARIF) TC

Please review proposed spec language for Issue #66 (traceability)

  • 1.  Please review proposed spec language for Issue #66 (traceability)

    Posted 01-20-2018 19:40
    Issue #66 : Enable traceability from converted SARIF file to original analysis tool log file   The Change Draft for this change is available in the GitHub repo at DocumentsChangeDraftssarif-v2.0-issue-66-traceability.docx   The language in the draft differs a little from what I proposed in the repo, because I realized I’d omitted a couple of necessary properties. I ended up with four properties on the run object, describing the invocation of the tool that converted the static analysis tool’s log file to the SARIF format. So I proposed to group those four properties into a new object called conversion . (The two properties I’d originally omitted were conversion.invocation and conversion.uriBaseId ).   As usual, you can find the changes by starting at the top of the document and clicking the Next button on the Review tab in the ribbon.   The agenda for our next meeting (the face-to-face meeting) will include a proposal to approve the changes in this change draft.   Thanks, Larry