OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

sarif message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Raw chat trace from 2018-09-26

anonymous morphed into Paul Anderson
anonymous morphed into Luke Cartey
Please change your name from 'anonymous' using the Settings button
anonymous morphed into [Co-Chair] David Keaton
[Co-Chair] David Keaton: Time
09:30-11:30 PDT
16:30-18:30 UTC
Meeting Chat Location
http://webconf.soaphub.org/conf/room/sarif
Meeting Audio
https://meet.lync.com/microsoft/mikefan/0WBKZZD2
1. Opening Activities
1.1 Opening comments (Co-Chair Keaton)
1.2 Introduction of participants/roll call (Co-Chair Cartey)
1.3 Procedures for this meeting (Co-Chair Keaton)
1.4 Approval of agenda (Co-Chair Keaton)
1.5 Approval of previous minutes [Minutes of 2018-09-12 Meeting#23] (Co-Chair Keaton) 
1.6 Review of action items and resolutions (Secretary Hagen)
1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
1.7.1 Prospective members attending their first meeting
1.7.2 Members attaining voting rights at the end of this meeting
1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends 1.7.4 Members who previously lost voting rights who are attending this meeting 
1.7.5 Members who have declared a leave of absence
2. Timeline Status
2.1 Note where we are on the schedule [SARIF TC Timeline] (Co-Chair Keaton)
         - Working on CSD 2, with 57 open issues, 1 less than last time
3. Future Meetings
3.1 Future meeting schedule (Co-Chair Keaton)
Scheduled teleconferences (Wednesdays at 09:30 PDT / 16:30 UTC for two hours) 
October 10
October 24
Proposed teleconferences (Wednesdays at 09:30 PST / 17:30 UTC for two hours)
Note that these dates are after daylight savings time ends.
November 14
November 28
December 12
January 9
Proposed face-to-face meeting
January 23-24, location TBD
4. Document Progress (Co-Editors Golding and Fanning)
4.1 Editors' report
4.2 Approval of changes
Discuss the following items individually, then vote on them together unless someone would like to separate out an issue for individual vote. 
4.2.1 Consider making file.hashes a dictionary [#243]
4.2.2 Consider removing type inconsistency with message property in exception object [#240] 
4.2.3 Rename startTime/endTime to startTimeUtc and endTimeUtc [#242]
4.2.4 Rename versionControlDetails.uri to repositoryUri or projectUri [#244]
4.2.5 Objects without property bags [#238]
4.2.6 Wrap externalized files with contextual information [#235]
4.2.7 Consider making originalUriBaseIds a dictionary of file location objects [#234] 
4.2.8 Why is the 'results' array required? [#232]
4.2.9 We do not have an automationGuid to match automationLogicalId [#229]
4.2.10 Suggestion: require uriBaseId to be case-insensitive [#208]
4.2.11 Changes to threadflowLocation [#202] [#194]
4.3 Discussions
4.3.1 Any other document items that need to be discussed
5. Other Business
6. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end) 6.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton) 
6.2 Review of Decisions Reached (Secretary Hagen)
6.3 Review of Action Items (Secretary Hagen)
7. Next Meeting
October 10, 2018 / 09:30-11:30 PDT / 16:30-18:30 UTC
8. Adjournment
[Co-Chair] David Keaton: 1.4 Approval of agenda
[Co-Chair] David Keaton: APPROVED
[Co-Chair] David Keaton: 1.5 Approval of previous minutes
Paul Anderson: Sorry to have to do this again, but I do have to drop off after about an hour. 
[Co-Chair] David Keaton: APPROVED
[Co-Chair] David Keaton: 1.7 Identification of SARIF TC voting members
[Co-Chair] David Keaton: Sunny Chatterjee and Chris Meyer need to attend today to retain voting rights. 
[Co-Chair] David Keaton: 3. Future Meetings
[Co-Chair] David Keaton: Approved list of proposed teleconferences.
[Co-Chair] David Keaton: 4. Document Progress
Paul Seay: What would be your time zone preference for that meeting?
[Co-Chair] David Keaton: For the face-to-face meeting? Any time zone is great. 
Paul Seay: Can you provide details of expectations of a host?
[Co-Chair] David Keaton: Will do, after this meeting.
Paul Seay: Thanks.
[Co-Chair] David Keaton: 4.2.1 Consider making file.hashes a dictionary [#243] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/243
[Co-Chair] David Keaton: Make it a string-to-string dictionary and remove the hash object. [Co-Chair] David Keaton: 4.2.2 Consider removing type inconsistency with message property in exception object [#240] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/240
[Co-Chair] David Keaton: 4.2.3 Rename startTime/endTime to startTimeUtc and endTimeUtc [#242] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/242
[Co-Chair] David Keaton: Semantics for revisionTimeUtc is not what was intended. 
[Co-Chair] David Keaton: Proposal: use syncTimeUtc instead.
[Co-Chair] David Keaton: Change sematics to explain that it is not a revision time. 
[Co-Chair] David Keaton: Revised proposal: asOfTimeUtc
[Co-Chair] David Keaton: 4.2.4 Rename versionControlDetails.uri to repositoryUri or projectUri [#244] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/244
[Co-Chair] David Keaton: 4.2.5 Objects without property bags [#238]
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/238
[Co-Chair] David Keaton: 4.2.6 Wrap externalized files with contextual information [#235] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/235
[Co-Chair] David Keaton: Larry: Version of the external file format should be version of the SARIF specification. 
[Co-Chair] David Keaton: Larry: remove propertyName
[Co-Chair] David Keaton: Larry: remove propertySchema
[Co-Chair] David Keaton: Michael: update "properties" property due to above edits 
[Co-Chair] David Keaton: Correction: "property value" property
[Co-Chair] David Keaton: Also remove the section on "properties" property.
[Co-Chair] David Keaton: Jim: would like an instance GUID for each external file [Co-Chair] David Keaton: Jim: for relative URIs, make them relative to this SARIF file [Co-Chair] David Keaton: 4.2.7 Consider making originalUriBaseIds a dictionary of file location objects [#234] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/234
[Co-Chair] David Keaton: From Larry's e-mail on this topic:
[Co-Chair] David Keaton: The idea is to be able to specify a hierarchy of URI base ids under a common root. With the current design, you have to say this: 



{

  "originalUriBaseIds": {

    "SOURCE_ROOT": "file:///C:/repos/MyProject/src/",

    "TEST_SOURCE_ROOT": "file:///C:/repos/MyProject/src/tests/",

    "BIN_ROOT": "file:///C:/repos/MyProject/bin"

  },

  ...

}



With the proposed design, you can say this:



{

  "originalUriBaseIds": {

    "PROJECT_ROOT": {

      "uri": "file:///C:/repos/MyProject/"

    },

    "SOURCE_ROOT": {

      "uri": "src/"

      "uriBaseId": "PROJECT_ROOT"

    },

    "TEST_SOURCE_ROOT": {

      "uri": " tests/",

      "uriBaseId": "SOURCE_ROOT"

    },

    "BIN_ROOT": {

      "uri": "bin/",

      "uriBaseId": "PROJECT_ROOT"

    }

  },

  ...

}
Now only one of the original uriBaseIds is non-deterministic, and a consumer that rebases URIs from one machine to another need only prompt the user for one location. 
[Co-Chair] David Keaton: 4.2.8 Why is the 'results' array required? [#232]
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/232
[Co-Chair] David Keaton: Jim: would like the results array to be optionally absent (e.g. if the run failed after initial configuration succeeded) [Co-Chair] David Keaton: 4.2.9 We do not have an automationGuid to match automationLogicalId [#229] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/229
[Co-Chair] David Keaton: Michael: table this for discussion later
[Co-Chair] David Keaton: 4.2.10 Suggestion: require uriBaseId to be case-insensitive [#208] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/208
Larry Golding: I move to accept the following changes, with the specified amendments: 

===================================================================================
#243 file.hashes a dictionary

Amended:
--------
string-string dictionary, remove Hash object.

===================================================================================
#240 exception.message consistency

No changes

===================================================================================
#242 utc times

Amended:
--------
versionControlDetails.revisionTimeUtc => asOfTimeUtc
Change semantics to clarify that it's an arbitrary time, not necessarily a "commit". 

===================================================================================
#244 versionControlDetails.uri => repositoryUri

No changes

===================================================================================
#238 Ubiquitous property bags

No changes

===================================================================================
#235 externalizedProperties

Amended:
--------
The version of the external file format => the version of the SARIF specification. 
Remove propertySchema, propertyName
Update "The property value property" to not refer to "propertyName" which is gone. 
Remove 3.11.3 properties property
Remove braces on runInstanceGuid
Define externalFile object
  fileLocation, required
Semantics: if fileLocation.uri is a relative reference and uriBaseId is missing, it's interpreted relative to the root file location. 
  instanceGuid, required
Add instanceGuid to external file schema, required.
Action: MF: New issue: should resources use the deconstructed file mechanism IN ADDITION TO existing "probing" mechanism? 

===================================================================================
#234 originalUriBaseIds dictionary

No changes

===================================================================================
#232 condition for missing results[]

Amended:
Missing only if tool failed to start.
SHALL BE absent => MAY BE

===================================================================================
[Co-Chair] David Keaton: APPROVED
Michael C. Fanning1: I have filed issue #252 to track the resource probing discussion 
[Co-Chair] David Keaton: Adjourned

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]