[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Raw chat trace of meeting #7 - 2017-NOV-29
[15:51] Room information was updated by: Stefan Hagen
Agenda for November 29, 2017
MEETING OF OASIS SARIF TC
Time
09:30-11:30 PST
17:30-19:30 UTC
Meeting Chat Location
http://webconf.soaphub.org/conf/room/sarif
Meeting Audio
https://meet.lync.com/microsoft/mikefan/WJPTRG1B
1. Opening Activities
1.1 Opening comments (Co-Chair Keaton)
1.2 Introduction of participants/roll call (Co-Chair Cartey)
1.3 Procedures for this meeting (Co-Chair Keaton)
1.4 Approval of agenda (Co-Chair Keaton)
URL = https://www.oasis-open.org/committees/download.php/62100/agenda_20171129.html
1.5 Approval of previous minutes [Minutes of 2017-11-08 Meeting#6] (Co-Chair Keaton)
URL = https://www.oasis-open.org/committees/download.php/61988/sarif-minutes-20171108-meeting-6.html
1.6 Review of action items and resolutions (Secretary Hagen)
1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
1.7.1 Prospective members attending their first meeting
1.7.2 Members attaining voting rights at the end of this meeting
1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends
1.7.4 Members who previously lost voting rights who are attending this meeting
1.7.5 Members who have declared a leave of absence
2. Future Meetings
2.1 Future meeting schedule (Co-Chair Keaton)
Teleconferences (Wednesdays at 09:30 PST / 17:30 UTC):
December 13
January 10
Face-to-face meeting
January 22-23 (tentative)
3. Resolution of github issues (Co-Editor Fanning)
3.1 Editors' report
3.2 Approval of reviewed changes
3.2.1 Consider adding namespaces to tags [#56]
3.2.2 Add a help property to rule [#27]
3.3 Announce final review of proposals
3.3.1 Consider specifying a format for links embedded in our plain text messages [#61]
3.3.2 Should we allow formatting in messages? [#33]
3.3.3 Rejected: Consider URL protocol to reference internal files and provide an associated region [#57]
3.3.4 Consider providing a physicalLocation on a stack frame [#69]
3.3.5 Announcement of any other issues ready for review
3.4 Resolve items discussed at earlier meetings
3.4.1 Consider adding 'rank' or 'probability' property [#58]
3.5 Begin discussions
3.5.1 Extensions to code flows
3.5.1.1 Add ACL.annotations member [#30]
3.5.1.2 Represent exceptions in code flows [#28]
3.5.1.3 Should the result object support graph information? [#46]
3.5.2 Consider restructuring SARIF to be location, not results-focused [#55]
3.5.3 Consider a tool validation or 'selectivity' annotation [#59]
4. Other Business
5. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end)
5.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton)
5.2 Review of Decisions Reached (Secretary Hagen)
5.3 Review of Action Items (Secretary Hagen)
6. Next Meeting
December 13, 2017 / 09:30-11:30 PST / 17:30-19:30 UTC
7. Adjournment
All participants were kindly encouraged to registrate themselves to optimize the use of the shared time during the meeting in one of two ways
Either click the link with the text "Register my attendance" on the top of the event page or directly visit the per event direct "record my attendace link":
https://www.oasis-open.org/apps/org/workgroup/sarif/record_my_attendance.php?event_id=46134&confirmed=1
[18:33] Stefan Hagen: Meeting started
[18:34] Stefan Hagen: roll call
[18:36] Stefan Hagen: Voting Members: 13 of 18 (72%) (used for quorum calculation)
[18:36] Stefan Hagen: Contributing Members: 16 of 33 (48%)
[18:36] Stefan Hagen: Contributing Companies: 11 of 21 (52%)
Voting Companies: 8 of 11 (72%)
[18:36] Stefan Hagen: CompanyName ascendingRole
Company Name ascending Role
SWAMP Vamshi Basupalli Voting Member
RIPS Technologies Hendrik Buchwald Member
Semmle Luke Cartey Chair
Microsoft Michael Fanning Voting Member
Individual Laurence Golding Voting Member
Individual Stefan Hagen Secretary
Micro Focus Larry Hines Voting Member
Individual David Keaton Chair
SWAMP Jim Kupsch Voting Member
Synopsys Mel Llaguno Voting Member
Object Management Group Nikolai Mansourov Member
Security Compass Pooya Mehregan Voting Member
Micro Focus Yekaterina O'Neil Voting Member
Microsoft Andrew Pardoe Voting Member
Kestrel Technology Henny Sipma Voting Member
CA Technologies Chris Wysopal Member
[18:36] Stefan Hagen: 1.4 Approval of agenda (Co-Chair Keaton)
URL = https://www.oasis-open.org/committees/download.php/62100/agenda_20171129.html
[18:37] Stefan Hagen: mike moves to approve the agenda seconded by Laurence
[18:37] Stefan Hagen: No discussion, no objections. Agenda approved
[18:37] Stefan Hagen: 1.5 Approval of previous minutes [Minutes of 2017-11-08 Meeting#6] (Co-Chair Keaton)
URL = https://www.oasis-open.org/committees/download.php/61988/sarif-minutes-20171108-meeting-6.html
[18:37] Stefan Hagen: Laurence moves to a approve, mike seconds.
[18:37] Stefan Hagen: No discussions, no objections. Minutes approved unchanged as published
[18:37] Stefan Hagen: No discussions, no objections. Minutes approved unchanged as published
[18:38] Stefan Hagen: 1.6 Review of action items and resolutions (Secretary Hagen)
1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
[18:38] Stefan Hagen: Alternatives to embedding links started on the mailing list
[18:38] Stefan Hagen: Laurence: There is a proposal discussed later
[18:38] Stefan Hagen: 1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
1.7.1 Prospective members attending their first meeting
1.7.2 Members attaining voting rights at the end of this meeting
1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends
1.7.4 Members who previously lost voting rights who are attending this meeting
1.7.5 Members who have declared a leave of absence
[18:39] Stefan Hagen: At end of meeting Hendrik will become voting member.
[18:39] Stefan Hagen: Kenny Prole will lose voting rights if he does not join before end
[18:39] Stefan Hagen: 2. Future Meetings
2.1 Future meeting schedule (Co-Chair Keaton)
Teleconferences (Wednesdays at 09:30 PST / 17:30 UTC):
December 13
January 10
Face-to-face meeting
January 22-23 (tentative)
[18:39] Stefan Hagen: 3. Resolution of github issues (Co-Editor Fanning)
3.1 Editors' report
[18:40] Laurence Golding: https://github.com/oasis-tcs/sarif-spec/blob/master/EditorsReports/Editor's%20report%202017-11-29.md
[18:40] Stefan Hagen: HTTP/404
[18:41] Stefan Hagen: https://github.com/oasis-tcs/sarif-spec/blob/master/EditorsReports/Editor's%20report%202017-11-29.md
[18:41] Stefan Hagen: HTTP/200
[18:42] Stefan Hagen: Laurence walks all through the editor report
[18:44] Stefan Hagen: 3.2 Approval of reviewed changes
3.2.1 Consider adding namespaces to tags [#56]
[18:45] Stefan Hagen: Laurence moves to adopt the changes proposed in ä56. Luke seconds
[18:46] Stefan Hagen: No discussion, no objections, the motion carries. issue #56 is resolved as proposed
[18:46] Stefan Hagen: 3.2.2 Add a help property to rule [#27]
[18:47] Stefan Hagen: Laurence moves to resolve the issue #27 as proposed. someone seconds.
[18:47] Stefan Hagen: No discussion, no objections, the motion carries. Issue #27 is resolved as proposed
[18:47] Stefan Hagen: All are happy.
[18:47] Stefan Hagen: 3.3 Announce final review of proposals
[18:47] Stefan Hagen: 3.3.1 Consider specifying a format for links embedded in our plain text messages [#61]
[18:52] Stefan Hagen: All discuss the issue
[18:57] Stefan Hagen: Consensus seems to have been reached, Laurence will incorporate the changes from the meeting
[18:58] Stefan Hagen:
Updated participation info during call:
Company Name ascending Role
SWAMP Vamshi Basupalli Voting Member
RIPS Technologies Hendrik Buchwald Member
Semmle Luke Cartey Chair
Microsoft Sunny Chatterjee Voting Member
Microsoft Michael Fanning Voting Member
Individual Laurence Golding Voting Member
Individual Stefan Hagen Secretary
Micro Focus Larry Hines Voting Member
Individual David Keaton Chair
SWAMP Jim Kupsch Voting Member
Synopsys Mel Llaguno Voting Member
Object Management Group Nikolai Mansourov Member
Security Compass Pooya Mehregan Voting Member
Micro Focus Yekaterina O'Neil Voting Member
Microsoft Andrew Pardoe Voting Member
Kestrel Technology Henny Sipma Voting Member
CA Technologies Chris Wysopal Member
Meeting Statistics
Quorum rule 51% of voting members
Achieved quorum yes
Individual Attendance
Contributing Members: 17 of 33 (51%)
Voting Members: 14 of 18 (77%) (used for quorum calculation)
Company Attendance
Contributing Companies: 11 of 21 (52%)
Voting Companies: 8 of 11 (72%)
[18:58] Stefan Hagen: 3.3.2 Should we allow formatting in messages? [#33]
[18:59] Stefan Hagen: Mike shortly introduces the status
[18:59] Stefan Hagen: Laurence explains the current proposal
[19:04] Stefan Hagen: All discuss the consequences like precluding generators constructing multiple formats per run etc.
[19:06] Stefan Hagen: Michael mentions, that as last resort for one off needs, one can always put this in the property bag
[19:15] Stefan Hagen: Luke mentions, that implementers and users of the spec may always fall back on plain text, if markdown is deemed to insecure, but others may use markdown for emphasising, display enhancements etc.
[19:15] Stefan Hagen: 3.3.3 Rejected: Consider URL protocol to reference internal files and provide an associated region [#57]
[19:15] Stefan Hagen: Acceptable to everyone to table this issue
[19:16] Stefan Hagen: Stefan moves to close issue #57 as won't fix, Laurence seconds
[19:16] Stefan Hagen: No discussion, no objection, motion carries, issue #57 closed as won't fix
[19:17] Stefan Hagen: 3.3.4 Consider providing a physicalLocation on a stack frame [#69]
[19:17] Stefan Hagen: Michael shortly summarises current status
[19:19] Stefan Hagen: Laurence details on why stack frame was not catering for all location attributes initially, but then it was considered to be worthwhile to add physical locations and hint at possibly missing attributes in that case
[19:21] Stefan Hagen: 3.3.5 Announcement of any other issues ready for review
[19:21] Stefan Hagen: 3.4 Resolve items discussed at earlier meetings
3.4.1 Consider adding 'rank' or 'probability' property [#58]
[19:21] Stefan Hagen: 3.4 Resolve items discussed at earlier meetings
3.4.1 Consider adding 'rank' or 'probability' property [#58]
[19:21] Stefan Hagen: Laurence summarises the current proposal
[19:23] Stefan Hagen: All discuss the bounded rank proposal
[19:42] Stefan Hagen: Laurence will update the issue proposals / drafts to reflective discussion outcome
[19:44] Stefan Hagen: All express the will to not specify properties, that will presumably not hold enough semantics
[19:46] Stefan Hagen: Michael suggests to bundle these issues for next teleconference and in the meantime start a discussion on github.
[19:46] Stefan Hagen: Nikolai offers to start a writeup, as he will not be able to participate on December, 13 for the teleconference.
[19:46] Stefan Hagen: Action on the editors and Nikolai to start a discussion track on github
[19:49] Stefan Hagen: Laurence moves to resolve issues #61, #33, and #69 as proposed including the resolution reached in this meeting and kindly requests from the editors supported by Nikolai that they will form a consolidated proposal to be discussed next meeting, second by stefan
[19:49] Stefan Hagen: No discussion, no objections, the motion carries.
[19:49] Stefan Hagen: No discussion, no objections, the motion carries.
[19:50] Stefan Hagen: 3.5 Begin discussions
3.5.1 Extensions to code flows
3.5.1.1 Add ACL.annotations member [#30]
3.5.1.2 Represent exceptions in code flows [#28]
3.5.1.3 Should the result object support graph information? [#46]
[19:50] Stefan Hagen: Summarised all shortly by Michael
[19:51] Stefan Hagen: 3.5.2 Consider restructuring SARIF to be location, not results-focused [#55]
3.5.3 Consider a tool validation or 'selectivity' annotation [#59]
[19:51] Stefan Hagen: Michael also kindly asks all members, having specific ideas in these regards, to please send mail to the list
[19:53] Stefan Hagen: All discuss the extensions to code flow
[20:01] Stefan Hagen: Luke and the editors will work on examples for the extensions
[20:01] Stefan Hagen: 3.5.2 Consider restructuring SARIF to be location, not results-focused [#55]
[20:01] Stefan Hagen: Michael summarises the issue
[20:05] Stefan Hagen: All discuss the issue and strong feelings about the proposal
[20:07] Stefan Hagen: Luke and Stefan inside speaker queue with Luke in pole position
[20:08] Stefan Hagen: Luke withdrew, Nikolai entered
[20:15] Stefan Hagen: Stefan suggests to somehow suggest ordering hints in or aside of the spec
[20:15] Stefan Hagen: Laurence takes the action to file an issue.
[20:15] Stefan Hagen: Stefan suggests that this could also become a nonstandard track note async produced thus not slowing down the main spec
[20:16] Stefan Hagen: Nikolai suggests some language / patterns as accepted by a community he is engaged with
[20:18] Stefan Hagen: Knowledge discovery metamodel - Representation of datatypes in KDM is aligned with ISO standard ISO/IEC 11404 (see also General Purpose Datatypes).
[20:19] Stefan Hagen: All discuss that a tabled idea has already been implemented in the ISO standard ISO/IEC 11404 note from wikipedia "ISO/IEC 11404, General Purpose Datatypes (GPD), are a collection of datatypes defined independently of any particular programming language or implementation. These datatypes can be used to describe interfaces to existing libraries without having to specify the language (such as Fortran or C).
The first edition of this standard was published in 1996 under the title "Language-independent datatypes". The standard was revised by the responsible ISO sub-committee (JTC1/SC22 - Information Technology - Programming languages). The revised version has the new title "General Purpose Datatypes"."
[20:19] Stefan Hagen: Michael has entered the speakerqueue
[20:20] Stefan Hagen: Freely available from ISO under the usual license agreement: http://standards.iso.org/ittf/PubliclyAvailableStandards/c039479_ISO_IEC_11404_2007(E).zip
[20:22] Stefan Hagen: Michael mentions that one could get back on BSON for random access support as another scenario for efficient access to SARIF files
4. Other Business
None
5. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end)
5.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton)
5.2 Review of Decisions Reached (Secretary Hagen)
1 Issue #56 is resolved as proposed
2 Issue #27 is resolved as proposed
3 Issue #57 closed as won't fix
5.3 Review of Action Items (Secretary Hagen)
[20:23] Stefan Hagen:
1 Action on Laurence to incorporate the changes for "Consider specifying a format for links embedded in our plain text messages [#61]" from the meeting
2 Action on the editors supported by Nikolai to form a consolidated proposal for issues #61, #33, and #69 to be discussed next meeting
3 Action on Luke and the editors will work on examples for the extensions to code flows
4 Action on Laurence to add an issue for JSON ordering and further hints
5 Action on Nikolai to write proposal for rank
[20:24] Stefan Hagen: 6. Next Meeting
December 13, 2017 / 09:30-11:30 PST / 17:30-19:30 UTC
7. Adjournment
[20:25] Stefan Hagen: Laurence moves to adjourn, mike seconds.
[20:25] Stefan Hagen: Meeting adjourned
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]