OASIS Static Analysis Results Interchange Format (SARIF) TC

I pushed a change draft for Issue #29 , “Document rule.configuration”   Documents/ChangeDrafts/Active/sarif-v2.0-issue-29-rule-configuration.docx   The SARIF SDK defines a property rule.configuration whose value is one of enabled / disabled / unknown . The property says whether the rule was enabled during the run. Compliance systems can use this information to determine whether the tool ran all the rules required by corporate policy.   Even though this has been in the SDK for a long time, we somehow neglected to document it.   I added this item to the Agenda that’s checked into the repo, and I’ll move for its adoption at the next TC meeting.   Thanks, Larry  

After discussion with Michael, we now have in mind a more comprehensive design for rule configuration. Please hold off on reviewing this change draft.   Thanks, Larry   From: sarif@lists.oasis-open.org <sarif@lists.oasis-open.org> On Behalf Of Larry Golding (Comcast) Sent: Tuesday, March 6, 2018 2:25 PM To: sarif@lists.oasis-open.org Subject: [sarif] Change draft for #29: Document rule.configuration   I pushed a change draft for Issue #29 , “Document rule.configuration”   Documents/ChangeDrafts/Active/sarif-v2.0-issue-29-rule-configuration.docx   The SARIF SDK defines a property rule.configuration whose value is one of enabled / disabled / unknown . The property says whether the rule was enabled during the run. Compliance systems can use this information to determine whether the tool ran all the rules required by corporate policy.   Even though this has been in the SDK for a long time, we somehow neglected to document it.   I added this item to the Agenda that’s checked into the repo, and I’ll move for its adoption at the next TC meeting.   Thanks, Larry