[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: raw chat trace of meeting #8 on 2018-JAN-10
[18:32] Stefan Hagen: 1. Opening Activities
1.1 Opening comments (Co-Chair Keaton)
[18:33] Stefan Hagen: 1.2 Introduction of participants/roll call (Co-Chair Cartey)
[18:35] Henny Sipma: yes, Henny is here, but I don't have a microphone right now
[18:37] Stefan Hagen: 1.3 Procedures for this meeting (Co-Chair Keaton)
[18:37] Stefan Hagen: 1.4 Approval of agenda (Co-Chair Keaton)
URL = https://www.oasis-open.org/committees/download.php/62278/agenda_20180110.html
[18:37] Stefan Hagen: Laurence moves to approve. Michael Seconds
[18:38] Stefan Hagen: No discussion. No objection. Agenda approved
[18:38] Stefan Hagen: No discussion. No objection. Agenda approved
[18:38] Stefan Hagen: 1.5 Approval of previous minutes [Minutes of 2017-11-29 Meeting#7] (Co-Chair Keaton)
URL = https://www.oasis-open.org/committees/download.php/62128/sarif-minutes-20171129-meeting-7.html
[18:38] Stefan Hagen: Laurence moves, Michael seconds. Minutes approved unchanged as published
[18:38] Stefan Hagen: 1.6 Review of action items and resolutions (Secretary Hagen)
* Laurence did incorporate the changes for "Consider specifying a format for links embedded in our plain text messages [#61]" from the previous meeting
* Editors formed a consolidated proposal for issues #61, #33, and #69 to be discussed this meeting
* Ongoing action on Luke and the editors will work on examples for the extensions to code flows
* Laurence added an issue for JSON ordering and further hints after the meeting: Issue #70 "Document recommendations for serialization order"
URL = https://github.com/oasis-tcs/sarif-spec/issues/70
* Ongoing action on Nikolai to write proposal for rank
[18:39] Stefan Hagen: 1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
1.7.1 Prospective members attending their first meeting
1.7.2 Members attaining voting rights at the end of this meeting
1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends
1.7.4 Members who previously lost voting rights who are attending this meeting
1.7.5 Members who have declared a leave of absence
[18:40] Stefan Hagen: End of meeting Chris will regain voting rights
[18:40] Stefan Hagen: 2. Future Meetings
2.1 Future meeting schedule (Co-Chair Keaton)
Proposed face-to-face meeting
February 8-9 suggested, Redmond, WA
[Doodle poll to select from several options]
[18:40] Stefan Hagen: 9 people can attempt when meeting at February 1st ... suggested to select that option?
[18:40] Stefan Hagen: Michael (host) will make it work!
[18:41] Stefan Hagen: Michael moves to meet on January 31, Februar 1st in redmond
[18:41] Stefan Hagen: Laurence seconds
[18:41] Stefan Hagen: no objections unanimous consent motion carries
[18:42] Stefan Hagen: Thanks to Microsoft to make this possible!
[18:42] Stefan Hagen: Proposed teleconferences (Wednesdays at 09:30 US Pacific time):
February 21 (standard time)
March 7 (standard time)
March 21 (US daylight / EU standard)
April 4 (daylight savings time)
April 18 (daylight savings time)
May 2 (daylight savings time)
May 16 (daylight savings time)
May 30 (daylight savings time)
[18:42] Stefan Hagen: David suggests to only now decide on the first, and decide the rest during the face 2 face
[18:43] Stefan Hagen: Laurence suggests to meet sooner than February 21, to enable progress after the face to face
[18:43] Stefan Hagen: All check the calendar
[18:44] Stefan Hagen: Any objections to meet on February 14?
[18:44] Stefan Hagen: Katrina will not be available
[18:45] Stefan Hagen: Hendrik w.r.t. the face to face: Is it possible to attend remotely (as Stefan also kindly requested remote access) and being 9 hours ahead of Redmond
[18:47] Stefan Hagen: Michael will try to provide telecom access and all may be able to concentrate some special parts in the morning to ease participation for European participants (timezone)
[18:48] Stefan Hagen: Poona also not able to participate in face to facee on site
[18:48] Stefan Hagen: michael moves for february 14, Laurence seconds
[18:48] Stefan Hagen: no discussion, no objection. Motion carries
[18:49] Stefan Hagen: 3. Resolution of github issues (Co-Editor Fanning)
3.1 Editors' report
URL = https://github.com/oasis-tcs/sarif-spec/blob/master/EditorsReports/Editor%27s%20report%202018-01-10.md
[18:49] Stefan Hagen: Laurence presents the editor's report
[18:53] Stefan Hagen: 3.2 Approval of reviewed changes
3.2.1 run.lang property needs a default value [#72]
[18:54] Stefan Hagen: 3.2.2 Consider providing a physicalLocation on a stack frame [#69]
3.2.3 Consider specifying a format for links embedded in our plain text messages [#61]
3.2.4 Should we allow formatting in messages? [#33]
3.2.5 Approval of miscellaneous editorial changes [change draft]
[18:57] Stefan Hagen: Jim proposes to change SHOULD NOT into SHALL NOT in some section
[18:58] Stefan Hagen: Laurence agrees
[18:59] Stefan Hagen: Both discuss the specifics
[18:59] Stefan Hagen: Jim especially would like to prohibit the file protocol
[19:00] Stefan Hagen: ... as when opening a eb page, the browser tries to open files on the local computer
[19:00] Stefan Hagen: s/ eb/web/
[19:01] Stefan Hagen: All discuss
[19:07] Stefan Hagen: Chair in Speakerqueue
[19:10] Stefan Hagen: David asks if we are discussion issue 61?
[19:10] Stefan Hagen: Yes we discuss 61
[19:11] Stefan Hagen: David suggests to take issue 61 out of the vote
[19:12] Stefan Hagen: Michael alternatively suggests we approve the changes to #61 and subsequently someone opens an issue to change the SHOULD NOT into a SHALL NOT
[19:13] Stefan Hagen: Laurence suggests still a variant: Move all issues and include the single change from SHOULD NOT into SHALL NOT. And then put a new issue w.r.t. the URL topic (security)
[19:13] Stefan Hagen: Laurence moves that all issues 72, 69, 61, and 33 be resolved with the single change from SHOULD NOT to SHALL NOT. Michael seconds
[19:14] Stefan Hagen: no discussion, no objections, motion carries
[19:14] Stefan Hagen: 3.3 Announce final review of proposals
3.3.1 Announcement of any issues ready for review
[19:14] Stefan Hagen: 3.3 Announce final review of proposals
3.3.1 Announcement of any issues ready for review
[19:15] Stefan Hagen: Larry walks all through changes like alphabetising terms and ensuring syntax is harmonised
[19:16] Stefan Hagen: David suggests, that things like alphabetising is purely editorial, later present this to all in future meeting
[19:16] Stefan Hagen: Laurence shortly explains, that the grammar representation is in need to be harmonised
[19:17] Stefan Hagen: David suggests to go ahead and present in future meeting
[19:17] Stefan Hagen: Laurence opened issue #74 for writing the conformance section
[19:18] Larry Golding: http://docs.oasis-open.org/templates/TCHandbook/ConformanceGuidelines.html
[19:18] Stefan Hagen: Laurence offers some links for seeding the discussion
[19:18] Larry Golding: https://www.oasis-open.org/apps/org/workgroup/ioc/download.php/305/conformance_requirements-v1.pdf?referring_url=%2Fkws
[19:20] Stefan Hagen: Finally #75 there is a bug in the spec revision about uniqueness of locations in some cases
[19:21] Michael C. Fanning: https://github.com/oasis-tcs/sarif-spec/issues/71
[19:21] Stefan Hagen: Brought to the table here by Laurence
[19:22] Stefan Hagen: ... issue #75 i.e.
[19:22] Stefan Hagen: Michael shortly presents a list of fresh issues
[19:24] Stefan Hagen: Michael will send a mail at the end of the week containing a proposal about next steps
[19:24] Stefan Hagen: 3.4 Resolve items discussed at earlier meetings
3.4.1 Consider adding 'rank' or 'probability' property [#58]
[19:25] Stefan Hagen: Michael asks, if there is still need for discussion
[19:26] Stefan Hagen: Laurence reminds, that Nikolai had expressed interest and is not present today
[19:26] Stefan Hagen: Michael suggests to send a mail, otherwise table that
[19:26] Stefan Hagen: 3.4.2 Extensions to code flows
3.4.2.1 Add ACL.annotations member [#30]
3.4.2.2 Represent exceptions in code flows [#28]
3.4.2.3 Should the result object support graph information? [#46]
[19:27] Stefan Hagen: First annotated code location #30
[19:27] Stefan Hagen: Michael presents the current state of proposal / discussion
[19:29] Stefan Hagen: Laurence adds a summary
[19:36] Stefan Hagen: Speakerqueu has Paul Luke Mel and Katrina
[19:37] Stefan Hagen: All discuss
[19:38] Michael C. Fanning: https://github.com/oasis-tcs/sarif-spec/issues/30
[19:43] Stefan Hagen: Speaker queue holds Mel and Katrina
[19:47] Stefan Hagen: All still discuss issue #30
[19:47] Stefan Hagen: SpeakerQueue has Katrina and Jim
[19:54] Luke Cartey: I'm afraid I need to drop off the call now - apologies for not being able to stay for the last half an hour
[19:57] Stefan Hagen: Speaker queue empty
[19:58] Stefan Hagen: 3.4.2.2 Represent exceptions in code flows [#28]
https://github.com/oasis-tcs/sarif-spec/issues/28
[19:59] Stefan Hagen: Michael shortly introduces the issue and history of it
[20:02] Stefan Hagen: Speaker queue has Katrina and Paul
[20:02] Stefan Hagen: All discuss
[20:04] Stefan Hagen: Speaker queue empty
[20:04] Stefan Hagen: Jim in Speakerqueue
[20:07] Stefan Hagen: 3.4.2.3 Should the result object support graph information? [#46]
https://github.com/oasis-tcs/sarif-spec/issues/46
[20:08] Stefan Hagen: Michael summarises the issue
[20:09] Michael C. Fanning: https://github.com/oasis-tcs/sarif-spec/issues/71
[20:09] Stefan Hagen: #71 is related to #46
[20:14] anonymous morphed into Mel Llaguno
[20:15] Stefan Hagen: Speaker queue: Paul
[20:16] Stefan Hagen: Laurence enters Speakerqueue
[20:17] Stefan Hagen: All discuss. Paul mentions the possible enormous amount of data and parser tasks if including graphs (esp. if not constrained graphs of what)
[20:18] Stefan Hagen: Speaker queue empty
[20:18] Stefan Hagen: Jim enters Speakerqueue
[20:19] Stefan Hagen: time check 10 minutes meeting time left
[20:21] Stefan Hagen: 3.4.3 Consider restructuring SARIF to be location, not results-focused [#55]
https://github.com/oasis-tcs/sarif-spec/issues/55
Skipped
3.5 Begin discussions
3.5.1 Consider a tool validation or 'selectivity' annotation [#59]
https://github.com/oasis-tcs/sarif-spec/issues/59
Skipped
4. Other Business
[20:22] Stefan Hagen: None
5. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end)
5.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton)
5.2 Review of Decisions Reached (Secretary Hagen)
* Face to face 2018-01-31 and 2018-02-01 agreed
* Issues 72, 69, 61, and 33 be resolved with the single change from SHOULD NOT to SHALL NOT
5.3 Review of Action Items (Secretary Hagen)
* Ongoing action on Luke and the editors will work on examples for the extensions to code flows
* Ongoing action on Nikolai to write proposal for rank
6. Next Meeting
January 31 - February 01, 2018, Redmond, WA (in-person)
7. Adjournment
[20:25] Stefan Hagen: Meeting adjourned
Meeting Attendees
Company Name Role
------------------- ------------------- -------------
GrammaTech, Inc. Paul Anderson Voting Member
SWAMP Vamshi Basupalli Voting Member
RIPS Technologies Hendrik Buchwald Member
Semmle Luke Cartey Chair
Microsoft Michael Fanning Voting Member
Individual Laurence Golding Voting Member
Mitre Corporation Kevin Greene Member
Individual Stefan Hagen Secretary
Micro Focus Larry Hines Voting Member
Individual David Keaton Chair
SWAMP Jim Kupsch Voting Member
Synopsys Mel Llaguno Voting Member
Security Compass Pooya Mehregan Voting Member
Micro Focus Yekaterina O'Neil Voting Member
Kestrel Technology Henny Sipma Voting Member
CA Technologies Chris Wysopal Member
------------------- ------------------- -------------
Meeting Statistics
Quorum rule 51% of voting members
Achieved quorum yes
Individual Attendance
Contributing Members: 16 of 33 (48%)
Voting Members: 13 of 18 (72%) (used for quorum calculation)
Company Attendance
Contributing Companies: 12 of 21 (57%)
Voting Companies: 9 of 11 (81%)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]