This public review of SARIF v2.0 csprd02 is being withdrawn, but will be
replaced very shortly with a public review of SARIF v2.1.0 csprd01.
Please submit any comments you may be preparing to the public review for
SARIF v2.1.0 csprd01.
On Mon, Jun 3, 2019 at 5:40 PM Paul Knight <
paul.knight@oasis-open.org>
wrote:
> OASIS members and other interested parties,
>
> OASIS and the OASIS Static Analysis Results Interchange Format (SARIF) TC
> [1] are pleased to announce that Static Analysis Results Interchange Format
> (SARIF) Version 2.0 is now available for public review and comment. This is
> the second public review for SARIF v2.0.
>
> Software developers use a variety of tools to assess the quality of their
> programs. These tools can report results on qualities such as validity,
> security, performance, compliance with legal requirements, etc. To form an
> overall picture of program quality, developers often need to aggregate the
> results produced by all of these tools, a task made difficult when each
> tool produces output in a different format.
>
> SARIF defines a standard format for the output of static analysis tools in
> order to:
> · Comprehensively capture the range of data produced by commonly used
> static analysis tools.
> · Reduce the cost and complexity of aggregating the results of various
> analysis tools into common workflows.
> · Represent analysis results for all kinds of programming artifacts,
> including source code and object code.
>
> The documents and related files are available here:
>
> Static Analysis Results Interchange Format (SARIF) Version 2.0
> Committee Specification Draft 02 / Public Review Draft 02
> 27 May 2019
>
> Editable source (Authoritative):
>
>
https://docs.oasis-open.org/sarif/sarif/v2.0/csprd02/sarif-v2.0-csprd02.docx>
> HTML:
>
>
https://docs.oasis-open.org/sarif/sarif/v2.0/csprd02/sarif-v2.0-csprd02.html>
> PDF:
>
https://docs.oasis-open.org/sarif/sarif/v2.0/csprd02/sarif-v2.0-csprd02.pdf>
> JSON schemas:
>
https://docs.oasis-open.org/sarif/sarif/v2.0/csprd02/schemas/>
> For your convenience, OASIS provides a complete package of the
> specification document and any related files in ZIP distribution files. You
> can download the ZIP file at:
>
>
https://docs.oasis-open.org/sarif/sarif/v2.0/csprd02/sarif-v2.0-csprd02.zip>
> How to Provide Feedback
>
> OASIS and the SARIF TC value your feedback. We solicit input from
> developers, users and others, whether OASIS members or not, for the sake of
> improving the interoperability and quality of its technical work.
>
> The public review starts 04 June 2019 at 00:00 UTC and ends 18 June 2019
> at 23:59 UTC.
>
> This specification was previously submitted for public review [2]. This
> 15-day review is limited in scope to changes made from the previous review.
> Changes are highlighted in red-lined file included in the package [3].
>
> Comments may be submitted to the TC by any person through the use of the
> OASIS TC Comment Facility which can be used by following the instructions
> on the TC's "Send A Comment" page (
>
https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=sarif).>
> Comments submitted by TC non-members for this work and for other work of
> this TC are publicly archived and can be viewed at:
>
https://lists.oasis-open.org/archives/sarif-comment/>
> All comments submitted to OASIS are subject to the OASIS Feedback License,
> which ensures that the feedback you provide carries the same obligations at
> least as the obligations of the TC members. In connection with this public
> review, we call your attention to the OASIS IPR Policy [4] applicable
> especially [5] to the work of this technical committee. All members of the
> TC should be familiar with this document, which may create obligations
> regarding the disclosure and availability of a member's patent, copyright,
> trademark and license rights that read on an approved OASIS specification.
>
> OASIS invites any persons who know of any such claims to disclose these if
> they may be essential to the implementation of the above specification, so
> that notice of them may be posted to the notice page for this TC's work.
>
> Additional information about the specification and the SARIF TC can be
> found at the TC's public home page:
>
https://www.oasis-open.org/committees/sarif/>
> ========== Additional references:
> [1] OASIS Static Analysis Results Interchange Format (SARIF) TC
>
https://www.oasis-open.org/committees/sarif/>
> [2] Previous public review:
> - 30-day public review, 22 June 2018:
>
https://lists.oasis-open.org/archives/sarif/201806/msg00083.html> - Comment resolution log:
>
>
https://docs.oasis-open.org/sarif/sarif/v2.0/csprd01/sarif-v2.0-csprd01-comment-resolution-log.txt>
> [3] Red-lined version (PDF):
>
>
https://docs.oasis-open.org/sarif/sarif/v2.0/csprd02/sarif-v2.0-csprd02-DIFF.pdf>
> [4]
https://www.oasis-open.org/who/intellectualproperty.php>
> [5]
https://www.oasis-open.org/committees/sarif/ipr.php>
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-RAND-Mode> RF on RAND Mode
> --
> Paul Knight <
paul.knight@oasis-open.org>....Document Process Analyst
> <https://www.oasis-open.org/people/staff/paul-knight>...mobile: +1
> 781-883-1783
> OASIS <https://www.oasis-open.org/> - Advancing open standards for the
> information society
>
--
Paul Knight <
paul.knight@oasis-open.org>....Document Process Analyst
<https://www.oasis-open.org/people/staff/paul-knight>...mobile: +1
781-883-1783
OASIS <https://www.oasis-open.org/> - Advancing open standards for the
information society