OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

sarif message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Change draft for #194 and #202: Improvements to threadFlowLocation

I pushed a change draft that covers Issue #194: “Did we break code flows in v2?” and Issue #202: “Restore threadFlowLocation.kind.” #202 is a subset of #194.

 

Documents/ChangeDrafts/Active/sarif-v2.0-issues-194-202-threadFlowLocation-changes.docx

 

The changes are as follows:

  • Restore threadFlowLocation.kind.
  • Make kind an array of unique strings rather than a single string.
  • Include kind values for exceptions ("try", "throw", "catch", "rethrow", and "finally") and for “tainted data” analysis ("source", "sanitizer", and "sink").
  • Allow arbitrary kind values if none of the defined values is appropriate.
  • Clarify that viewers should not use kind to determine indentation; they should only use indentLevel for that.
  • Do not require kind values to occur as matched pairs (for example, matching "call" with "callReturn").
  • Call out the intended use of kind to guide display (for example, with icons).

 

We will move its adoption at TC #24 on Wednesday September 26th.

 

Thanks,

Larry

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]