OASIS Static Analysis Results Interchange Format (SARIF) TC

  • 1.  Errata ready for full TC review

    Posted 05-20-2023 01:18
    The document bundle I just added to the TC's OASIS document repository is the proposed SARIF errata after substantial cleanup and after being reviewed by a small group of people. It is now ready for review by the full TC. At next week's SARIF teleconference, we will discuss submitting this to OASIS for a 15-day public review. We could hold a vote at next month's teleconference, or if people feel comfortable with what we have, we could vote earlier than that. David


  • 2.  Re: [sarif] Errata ready for full TC review

    Posted 05-20-2023 10:04
    Thanks a lot, David. On Sat, May 20, 2023, at 03:18, David Keaton wrote:       The document bundle I just added to the TC's OASIS document  repository is the proposed SARIF errata after substantial cleanup and  after being reviewed by a small group of people.  It is now ready for  review by the full TC.       At next week's SARIF teleconference, we will discuss submitting  this to OASIS for a 15-day public review.  We could hold a vote at next  month's teleconference, or if people feel comfortable with what we have,  we could vote earlier than that. David [...] I reviewed the errata docx file and created the following issue #577 along the way: Errata01 section 3.13.3, 4.3.2 (note 2 both) and title page - verify Schema URL is well chosen https://github.com/oasis-tcs/sarif-spec/issues/577 As clearly stated in there:     I am OK with not touching the current errata package. So, I am OK with progressing the documents albeit reading statements like semantics of the file system make me uncomfortable. It does not help reading those broad statements within a single sentence twice ;-) ... but that may only be me and it took us IMO long enough to provide these few errata. PS: Can we please move to markdown for writing the next version of the spec? I am volunteering as editor, if that helps. Providing diffs is so much easier with text. For this review I had to convert both documents (with accepted changes) to PDF and then diff these to have any way to see the intended differences (and esp. not differences the word app claimed I did on the document ...) Best, Stefan Stefan Hagen, Emmetten, Nidwalden, Switzerland. orcid: https://orcid.org/0000-0003-4206-892X read: https://stefan-hagen.website write: stefan@hagen.digital


  • 3.  Re: [sarif] Errata ready for full TC review

    Posted 05-20-2023 11:58
    Oops, reviewing the schema unfortunately surfaced a blocker (I think): On Sat, May 20, 2023, at 12:03, Stefan Hagen wrote: Thanks a lot, David. On Sat, May 20, 2023, at 03:18, David Keaton wrote:       The document bundle I just added to the TC's OASIS document  repository is the proposed SARIF errata after substantial cleanup and  after being reviewed by a small group of people.  It is now ready for  review by the full TC.       At next week's SARIF teleconference, we will discuss submitting  this to OASIS for a 15-day public review.  We could hold a vote at next  month's teleconference, or if people feel comfortable with what we have,  we could vote earlier than that. David [...] I reviewed the errata docx file and created the following issue #577 along the way: Errata01 section 3.13.3, 4.3.2 (note 2 both) and title page - verify Schema URL is well chosen https://github.com/oasis-tcs/sarif-spec/issues/577 As clearly stated in there:     I am OK with not touching the current errata package. So, I am OK with progressing the documents albeit reading statements like semantics of the file system make me uncomfortable. It does not help reading those broad statements within a single sentence twice ;-) ... but that may only be me and it took us IMO long enough to provide these few errata. PS: Can we please move to markdown for writing the next version of the spec? I am volunteering as editor, if that helps. Providing diffs is so much easier with text. For this review I had to convert both documents (with accepted changes) to PDF and then diff these to have any way to see the intended differences (and esp. not differences the word app claimed I did on the document ...) Best, Stefan [...] I reviewed the errata complete schema file for SARIF itself and created issue #578: Errata01 schema addition to region is invalid https://github.com/oasis-tcs/sarif-spec/issues/578 I propose someone fixes the schema file (as provided in the issue, updates the schema diff, and uploads a new errata package so we can still decide to progress during the next meeting (or move then to progress after the fix has applied). Without that change I am sure we do not want to progress the errata. All the best, Stefan Stefan Hagen, Emmetten, Nidwalden, Switzerland. orcid: https://orcid.org/0000-0003-4206-892X read: https://stefan-hagen.website write: stefan@hagen.digital


  • 4.  Re: [sarif] Errata ready for full TC review

    Posted 05-25-2023 02:28
    I would like to discuss the schema issues from the review, including this one, during the errata portion of the meeting agenda so we can gather everyone for a high-bandwidth discussion. David On 2023-05-20 05:57, Stefan Hagen wrote: Oops, reviewing the schema unfortunately surfaced a blocker (I think): I reviewed the errata complete schema file for SARIF itself and created issue #578: "Errata01 schema addition to region is invalid" https://github.com/oasis-tcs/sarif-spec/issues/578 < https://github.com/oasis-tcs/sarif-spec/issues/578 > I propose someone fixes the schema file (as provided in the issue, updates the schema diff, and uploads a new errata package so we can still decide to progress during the next meeting (or move then to progress after the fix has applied). Without that change I am sure we do not want to progress the errata. All the best, Stefan Stefan Hagen, Emmetten, Nidwalden, Switzerland. orcid: https://orcid.org/0000-0003-4206-892X read: https://stefan-hagen.website write: stefan@hagen.digital