OASIS Static Analysis Results Interchange Format (SARIF) TC

Raw chat trace from 2018-12-12

  • 1.  Raw chat trace from 2018-12-12

    Posted 12-12-2018 19:27
    anonymous morphed into Katrina O`Neil anonymous morphed into Larry Golding Please change your name from 'anonymous' using the Settings button anonymous morphed into [Co-Chair] David Keaton [Co-Chair] David Keaton: Agenda for December 12, 2018 MEETING OF OASIS SARIF TECHNICAL COMMITTEE Time 09:30-11:30 PST 17:30-19:30 UTC Meeting Chat Location http://webconf.soaphub.org/conf/room/sarif Meeting Audio and Screen Sharing https://meet.lync.com/microsoft/mikefan/1Y6R699C 1. Opening Activities 1.1 Opening comments (Co-Chair Keaton) 1.2 Introduction of participants/roll call (Co-Chair Cartey) 1.3 Procedures for this meeting (Co-Chair Keaton) 1.4 Approval of agenda (Co-Chair Keaton) 1.5 Approval of previous minutes [Minutes of 2018-11-28 Meeting#28] (Co-Chair Keaton) 1.6 Review of action items and resolutions (Secretary Hagen) 1.7 Identification of SARIF TC voting members (Co-Chair Cartey) 1.7.1 Prospective members attending their first meeting 1.7.2 Members attaining voting rights at the end of this meeting 1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends 1.7.4 Members who previously lost voting rights who are attending this meeting 1.7.5 Members who have declared a leave of absence 2. Timeline Status 2.1 Note where we are on the schedule [SARIF TC Timeline] (Co-Chair Keaton) - Working on CSD 2, with 36 open issues, 15 fewer than previous agenda snapshot 3. Future Meetings 3.1 Future meeting schedule (Co-Chair Keaton) Scheduled teleconferences (Wednesdays at 09:30 PST / 17:30 UTC for two hours) January 9 Face-to-face meeting January 24-25, Sunnyvale, hosted by Micro Focus [Logistical information] 4. Call for new officer (Co-Chair Keaton) Because Stefan Hagen has announced his departure at the end of December, we need a volunteer for a new secretary. If someone volunteers now, they can consult with Stefan before he departs. 5. Document Progress (Co-Editors Golding and Fanning) 5.1 Editors' report 5.2 Approval of changes Location of change drafts: https://github.com/oasis-tcs/sarif-spec/tree/master/Documents/ChangeDrafts/Active Discuss the following items individually, then vote on them together unless someone would like to separate out an issue for individual vote. 5.2.1 Version control details not strongly associated with results [#248] 5.2.2 Add rule.deprecatedIds [#293] 5.2.3 Define default for resultProvenance.lastDetectionTimeUtc [#287] 5.2.4 Specify optional property file.sourceLanguage to guide in syntax-driven colorization of snippets [#286] 5.2.5 Specify a default for result.rank [#292] 5.2.6 Move conversionProvenance under result.provenance [#297] 5.2.7 Suggestion: platform specific data to indicate file path case sensitivity [#209] 5.2.8 "index" properties should be required [#298] 5.2.9 Schema needs to be carefully scrubbed for minItems and uniqueItems use for all arrays [#270] 5.3 Discussions 5.3.1 Review issue cut list 5.3.2 Consider: 'review' or 'audit' result level. and reconsider 'note' [#215] 5.3.3 Add result.useful and result.suppressionReasons [#268] 5.3.4 Any other document items that need to be discussed 6. Other Business 7. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end) 7.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton) 7.2 Review of Decisions Reached (Secretary Hagen) 7.3 Review of Action Items (Secretary Hagen) 8. Next Meeting January 9, 2018 / 09:30-11:30 PST / 17:30-19:30 UTC 9. Adjournment [Co-Chair] David Keaton: Michael had a laptop emergency and will be in shortly. I'll wait another minute and then get started with the opening procedures. [Co-Chair] David Keaton: Agenda APPROVED [Co-Chair] David Keaton: 1.5 Approval of previous minutes Michael C. Fanning1: my microphone is off [Co-Chair] David Keaton: APPROVED Michael C. Fanning1: trying to fix [Co-Chair] David Keaton: 1.7 Identification of SARIF TC voting members [Co-Chair] David Keaton: No changes today. [Co-Chair] David Keaton: 4. Call for new officer [Co-Chair] David Keaton: Chris Meyer volunteered as the new secretary. Thank you! [Co-Chair] David Keaton: 5. Document Progress [Co-Chair] David Keaton: 5.1 Editors' report Michael C. Fanning1: can someone paste the agenda into the chat room? [Co-Chair] David Keaton: It is up above. Maybe it isn't showing you what happened earlier? [Co-Chair] David Keaton: Here is what's coming up: [Co-Chair] David Keaton: 5.2 Approval of changes Location of change drafts: https://github.com/oasis-tcs/sarif-spec/tree/master/Documents/ChangeDrafts/Active Discuss the following items individually, then vote on them together unless someone would like to separate out an issue for individual vote. 5.2.1 Version control details not strongly associated with results [#248] 5.2.2 Add rule.deprecatedIds [#293] 5.2.3 Define default for resultProvenance.lastDetectionTimeUtc [#287] 5.2.4 Specify optional property file.sourceLanguage to guide in syntax-driven colorization of snippets [#286] 5.2.5 Specify a default for result.rank [#292] 5.2.6 Move conversionProvenance under result.provenance [#297] 5.2.7 Suggestion: platform specific data to indicate file path case sensitivity [#209] 5.2.8 "index" properties should be required [#298] 5.2.9 Schema needs to be carefully scrubbed for minItems and uniqueItems use for all arrays [#270] [Co-Chair] David Keaton: Agenda link: https://www.oasis-open.org/apps/org/workgroup/sarif/download.php/64414/agenda_20181212.html [Co-Chair] David Keaton: 5.2 Approval of changes Location of change drafts: https://github.com/oasis-tcs/sarif-spec/tree/master/Documents/ChangeDrafts/Active [Co-Chair] David Keaton: 5.2.1 Version control details not strongly associated with results [#248] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/248 anonymous morphed into Chris Meyer [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Active/sarif-v2.0-issue-248-versionControlProvenance-file-mapping.docx [Co-Chair] David Keaton: 5.2.2 Add rule.deprecatedIds [#293] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/293 [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Active/sarif-v2.0-issue-293-rule.deprecatedIds.docx [Co-Chair] David Keaton: 5.2.3 Define default for resultProvenance.lastDetectionTimeUtc [#287] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/287 [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Active/sarif-v2.0-issue-287-lastDetectionTimeUtc-default-min-invocation-start-time.docx [Co-Chair] David Keaton: 5.2.4 Specify optional property file.sourceLanguage to guide in syntax-driven colorization of snippets [#286] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/286 [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Active/sarif-v2.0-issue-286-source-language.docx [Co-Chair] David Keaton: It was noted that many other languages could be specified. However, this would significantly lengthen the document. [Co-Chair] David Keaton: Those involved will continue to think about that. [Co-Chair] David Keaton: For tools that aim at particular languages, they should be permissive among the possibilities, e.g. support both "c++" and "cpp". [Co-Chair] David Keaton: We will not propose to accept this change at this time. [Co-Chair] David Keaton: 5.2.5 Specify a default for result.rank [#292] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/292 [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Active/sarif-v2.0-issue-292-rank-default-0.docx [Co-Chair] David Keaton: 5.2.6 Move conversionProvenance under result.provenance [#297] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/297 [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Active/sarif-v2.0-issue-297-provenance-refactor.docx [Co-Chair] David Keaton: 5.2.7 Suggestion: platform specific data to indicate file path case sensitivity [#209] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/209 [Co-Chair] David Keaton: We are not ready to discuss this. Michael C. Fanning2: we are pulling #209 from discussion Michael C. Fanning2: due to open concerns [Co-Chair] David Keaton: 5.2.8 "index" properties should be required [#298] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/298 [Co-Chair] David Keaton: We are not ready to discuss this. [Co-Chair] David Keaton: 5.2.9 Schema needs to be carefully scrubbed for minItems and uniqueItems use for all arrays [#270] [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/270 [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Active/sarif-v2.0-issue-270-array-scrub.docx [Co-Chair] David Keaton: My understanding of the changes we need to approve: 5.2.1-5.2.3, 5.2.5-5.2.6, 5.2.9 That is, #248, #293, #287, #292, #297, #270 Michael C. Fanning: the motion is to approve all of these without change [Co-Chair] David Keaton: APPROVED [Co-Chair] David Keaton: 5.3 Discussions [Co-Chair] David Keaton: 5.3.1 Review issue cut list [Co-Chair] David Keaton: 5.3.1 Review issue cut list [Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3Apropose-to-close [Co-Chair] David Keaton: Jim: Would like to have #44 https://github.com/oasis-tcs/sarif-spec/issues/44 [Co-Chair] David Keaton: 7.2 Review of Decisions Reached [Co-Chair] David Keaton: 7.3 Review of Action Items [Co-Chair] David Keaton: ADJOURNED