Participants registered: Company Name ascending Role GrammaTech, Inc. Paul Anderson Voting Member SWAMP Vamshi Basupalli Voting Member Microsoft Paul Brookes Voting Member Semmle Luke Cartey Chair Microsoft Sunny Chatterjee Voting Member Microsoft Michael Fanning Voting Member Individual Laurence Golding Voting Member Individual Stefan Hagen Secretary Individual David Keaton Chair Micro Focus Yekaterina O'Neil Voting Member Microsoft Jordyn Puryear Member Kestrel Technology Henny Sipma Voting Member [18:30] [Co-Chair] David Keaton: Time 09:30-11:30 PDT / 16:30-18:30 UTC Meeting Chat Location Meeting Audio 1. Opening Activities 1.1 Opening comments (Co-Chair Keaton) 1.2 Introduction of participants/roll call (Co-Chair Cartey) 1.3 Procedures for this meeting (Co-Chair Keaton) 1.4 Approval of agenda (Co-Chair Keaton) 1.5 Approval of previous minutes [Minutes of 2018-05-16 Meeting#17] (Co-Chair Keaton) 1.6 Review of action items and resolutions (Secretary Hagen) 1.7 Identification of SARIF TC voting members (Co-Chair Cartey) 1.7.1 Prospective members attending their first meeting 1.7.2 Members attaining voting rights at the end of this meeting 1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends 1.7.4 Members who previously lost voting rights who are attending this meeting 1.7.5 Members who have declared a leave of absence 2. Timeline Status 2.1 Note where we are on the schedule [SARIF TC Timeline] (Co-Chair Keaton) - 10 open issues marked CSD.1, 9 less than noted in the last meeting's agenda 3. Future Meetings 3.1 Future meeting schedule (Co-Chair Keaton) Scheduled teleconferences (Wednesdays at 09:30 PDT / 16:30 UTC) June 6 June 20 June 27 4. Document Progress (Co-Editors Golding and Fanning) 4.1 Editors' report 4.2 Approval of changes Discuss the following items individually, then vote on them together unless someone would like to separate out an issue for individual vote. 4.2.1 Roles for edited files (modification to previously approved change) [#160] [#143] Replace this: * "generatedFile": the file was generated by the build with this: * "uncontrolledFile": The file is not under version control. 4.2.2 Region-related changes [#93] [#171] 4.2.3 Support nested graphs [#149] 4.2.4 fileLocation uri property should be a URI reference [#176] 4.3 Discussions 4.3.1 SARIF MIME type (Co-Chair Cartey) 4.3.2 Agree on how to express normative statements about out-of-band components. In particular: how to express the desire for the Engineering System to make it possible to determine the baseline run. 4.3.3 Any other new issues that need to be discussed 5. Other Business 6. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end) 6.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton) 6.2 Review of Decisions Reached (Secretary Hagen) 6.3 Review of Action Items (Secretary Hagen) 7. Next Meeting June 6, 2018 / 09:30-11:30 PDT / 16:30-18:30 UTC 8. Adjournment Meeting is quorate [18:35] [Co-Chair] David Keaton: 1.2 Introduction of participants/roll call [18:37] [Co-Chair] David Keaton: 1.3 Procedures for this meeting [18:37] [Co-Chair] David Keaton: 1.4 Approval of agenda [18:39] [Co-Chair] David Keaton: Add agenda item 4.2.5, issue #181, Hierarchical property bag property names [18:40] [Co-Chair] David Keaton: Agenda adopted as amended. [18:40] [Co-Chair] David Keaton: 1.5 Approval of previous minutes [18:40] [Co-Chair] David Keaton: Approved. [18:40] [Co-Chair] David Keaton: 1.6 Review of action items and resolutions [18:42] [Co-Chair] David Keaton: 1.7 Identification of SARIF TC voting members [18:42] [Co-Chair] David Keaton: 2. Timeline Status [18:42] [Co-Chair] David Keaton: 3. Future Meetings [18:43] [Co-Chair] David Keaton: 4. Document Progress [18:43] [Co-Chair] David Keaton: 4.1 Editors' report [18:44] Stefan Hagen: URL = ' [18:44] Stefan Hagen: Larry walks all through the Editor's report [18:59] Stefan Hagen: 4.2.1 Roles for edited files (modification to previously approved change) [#160] [#143] Replace this: * "generatedFile": the file was generated by the build with this: * "uncontrolledFile": The file is not under version control. 4.2.2 Region-related changes [#93] [#171] [19:01] Stefan Hagen: **action** on editors to bundle line separator + column definition behaviour as optional properties in the log file as described in the spec [19:01] Stefan Hagen: 4.2.3 Support nested graphs [#149] [19:03] Stefan Hagen: Larry presents status of issue / proposal to the TC [19:18] Stefan Hagen: 4.2.4 fileLocation uri property should be a URI reference [#176] [19:22] Stefan Hagen: Larry presents status of issue / proposal to the TC [19:27] Stefan Hagen: 4.2.5 Hierarchical property bag property names [19:34] Stefan Hagen: Michael moves that we accept all changes discussed i the subsections of 4.2, Larry seconds. [19:34] Stefan Hagen: No discussion, no objections, unanimous consent. The motion carries and the changes are approved [19:34] Stefan Hagen: 4.3 Discussions 4.3.1 SARIF MIME type (Co-Chair Cartey) [19:35] Stefan Hagen: Luke presents the status of discussion on the SARIF MIME type [19:38] Luke Cartey: I propose a motion to 1. Agree to proceed with the process of registering a MIME type. [19:38] Luke Cartey: 2. Agree in principle to a MIME type of "application/sarif+json". [19:38] Stefan Hagen: Seconded [19:39] Stefan Hagen: Larry moves to amend by removing the words in principe [19:39] Stefan Hagen: seconded [19:39] Stefan Hagen: no objections [19:39] Stefan Hagen: back to original motion with words in principal removed from 2. part [19:40] Stefan Hagen: No discussion, no objections, unanimous consent. The motion carries [19:40] Stefan Hagen: **Action** on Luke to contact Robin Cover and to follow up what to do for implementing this [19:40] Stefan Hagen: **Action** on Larry to describe the MIME type in the spec (#182 created issue) Luke takes chair, so David can participate in discussion on next issue [19:41] Stefan Hagen: 4.3.2 Agree on how to express normative statements about out-of-band components. In particular: how to express the desire for the Engineering System to make it possible to determine the baseline run. [19:42] Stefan Hagen: Larry presents the status as developed over the last weeks [19:44] Stefan Hagen: David describes why he thinks, basing conformance requirements on out of band artefacts. [19:54] Stefan Hagen: All discuss the options suggested by David as presented and shared online during the meeting [20:06] Stefan Hagen: **Action** on Larry to apply the #186 related to the found resolution of David's concerns (going in direction of undefined behaviour) [20:08] Stefan Hagen: David again takes the chair from Luke (who took over during previous issues discussion) [20:09] Stefan Hagen: Michael walks all through the open issues for CSD01 [20:10] Stefan Hagen: issue #158 result.correlationId ... [20:11] Stefan Hagen: Introduce result.correlationId and clarify purpose of result.fingerprints array is the title [20:11] Stefan Hagen: Suggested is to triage the remaining issues (as preferred by Larry) [20:11] Stefan Hagen: Filtering issues on open and neither CSD01 nor CSD02 tag [20:12] Stefan Hagen: Filter finds 20 issues [20:12] Stefan Hagen: All triage these issues [20:20] Stefan Hagen: 4.3.3 Any other new issues that need to be discussed [20:21] Stefan Hagen: Larry suggests that we might need to re-triage, as the amount of open issues seems to not be closable in 2 weeks time [20:21] Stefan Hagen: 5. Other Business 6. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end) 6.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton) 6.2 Review of Decisions Reached (Secretary Hagen) None noted (besides the decisions documented in 4.2 on the resolved issues) 6.3 Review of Action Items (Secretary Hagen) **Actions**: * on editors to bundle line separator + column definition behaviour as optional properties in the log file as described in the spec #183 and #184 * action on Larry to Publish v2 SARIF JSON schema to assist in editor/other online validation #185 * on Luke to contact Robin Cover and to follow up what to do for implementing this * on Larry to describe the MIME type in the spec (#182 created issue) * on Larry to apply the #186 related to the found resolution of David's concerns (going in direction of undefined behaviour) [20:22] Stefan Hagen: Larry #182 will be deferred to CSD02 so the action is gone [20:23] Stefan Hagen: Nett meeting in one week time June 06 [20:23] Stefan Hagen: Meetgin adjourned by chair