OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

sarif message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Raw chat trace for November 28th

Agenda for November 28, 2018
MEETING OF OASIS SARIF TECHNICAL COMMITTEE

Time
09:30-11:30 PST
17:30-19:30 UTC
Meeting Chat Location
http://webconf.soaphub.org/conf/room/sarif
Meeting Audio and Screen Sharing
https://meet.lync.com/microsoft/mikefan/PVGVRRPG
1. Opening Activities
1.1 Opening comments (Co-Chair Keaton)
1.2 Introduction of participants/roll call (Co-Chair Cartey)
1.3 Procedures for this meeting (Co-Chair Keaton)
1.4 Approval of agenda (Co-Chair Keaton)
1.5 Approval of previous minutes [Minutes of 2018-11-14 Meeting#27] (Co-Chair Keaton) 
1.6 Review of action items and resolutions (Secretary Hagen)
1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
1.7.1 Prospective members attending their first meeting
1.7.2 Members attaining voting rights at the end of this meeting
1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends 1.7.4 Members who previously lost voting rights who are attending this meeting 
1.7.5 Members who have declared a leave of absence
2. Timeline Status
2.1 Note where we are on the schedule [SARIF TC Timeline] (Co-Chair Keaton)
- Working on CSD 2, with 51 open issues, 2 more than previous agenda snapshot 
3. Future Meetings
3.1 Future meeting schedule (Co-Chair Keaton)
Scheduled teleconferences (Wednesdays at 09:30 PST / 17:30 UTC for two hours) 
December 12
January 9
Face-to-face meeting
January 24-25, location TBD
4. Call for new officer (Co-Chair Keaton)
Because Stefan Hagen has announced his departure at the end of December, we need a volunteer for a new secretary. If someone volunteers now, they can work with Stefan for a while to get used to the job before the handoff. 
5. Document Progress (Co-Editors Golding and Fanning)
5.1 Editors' report
5.2 Approval of changes
Location of change drafts:
https://github.com/oasis-tcs/sarif-spec/tree/master/Documents/ChangeDrafts/Active
Discuss the following items individually, then vote on them together unless someone would like to separate out an issue for individual vote. 
5.2.1 Version control details not strongly associated with results [#248]
5.2.2 Provide optional result.rank value of 0.0 to 100.0 [#280]
5.2.3 Ensure spec conforms to philosophy around not specifying result mgmt. behavior [#186] 5.2.4 Rename fileVersion to dottedQuadFileVersion and specify format constraint [#274] 
5.2.5 logicalLocation.kind: remove "package" and "function" [#279]
5.2.6 baselineState s/be present on all results or none [#284]
5.2.7 Provide a mechanism to associate a result with an invocation [#285]
5.2.8 ruleConfiguration.defaultLevel should not contain an 'open' value [#288] 5.2.9 Specify optional property file.sourceLanguage to guide in syntax-driven colorization of snippets [#286] 
5.3 Discussions
5.3.1 Review list of proposed issues to cut (and provide opportunity for TC members to retain specific issues) 
5.3.2 Define default for resultProvenance.lastDetectionTimeUtc [#287]
5.3.3 Consider: 'review' or 'audit' result level. and reconsider 'note' [#215] 
5.3.4 Add result.useful and result.suppressionReasons [#268]
5.3.5 Any other document items that need to be discussed
6. Other Business
7. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end) 7.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton) 
7.2 Review of Decisions Reached (Secretary Hagen)
7.3 Review of Action Items (Secretary Hagen)
8. Next Meeting
December 12, 2018 / 09:30-11:30 PST / 17:30-19:30 UTC
9. Adjournment
[Co-Chair] David Keaton: 1.4 Approval of agenda
Michael C. Fanning: proposal to amend agenda
Michael C. Fanning: Move #286 source languages to first discussion item.
anonymous morphed into Larry Golding
Michael C. Fanning: Add #188 columnKind as first change approval item.
Michael C. Fanning: Remove #248 version control provenance entirely.
[Co-Chair] David Keaton: APPROVED as amended
[Co-Chair] David Keaton: 1.5 Approval of previous minutes
[Co-Chair] David Keaton: APPROVED
[Co-Chair] David Keaton: 1.7 Identification of SARIF TC voting members
[Co-Chair] David Keaton: Sunny needs to join to retain voting rights
Luke Cartey: Sunny Chatterjee needs to join to keep voting rights
Chris Meyer regains voting rights
David Ammons will gain voting rights if he joins
Michael C. Fanning: Need to resolve all open issues if CSD2 is our final draft 
Michael C. Fanning: Only editorial changes accepted after final review
Michael C. Fanning: Face to face meeting is 1/24 and 1/25, a Thursday and friday 
Michael C. Fanning: MicroFocus or Microsoft to host
Michael C. Fanning: We will finalize this decision before the next meeting.
Michael C. Fanning: David, Michael and Yekaterina to close
[Co-Chair] David Keaton: 1.7 Identification of SARIF TC voting members
Michael C. Fanning: Stefan is departing as secretary
Michael C. Fanning: We need a replacement. Note taking is a primary responsibility Michael C. Fanning: An early volunteer will be able to shadow Stefan before he leaves 
Michael C. Fanning: No one has currently stepped forward
Michael C. Fanning: Would be preferable to close on this before the next meeting 
[Co-Chair] David Keaton: 5. Document Progress
[Co-Chair] David Keaton: 5.1 Editors' report
[Co-Chair] David Keaton: 5.2 Approval of changes
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/tree/master/Documents/ChangeDrafts/Active 
[Co-Chair] David Keaton: 5.2.0 (amended agenda) [#188]
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/188
[Co-Chair] David Keaton: 5.2.1 skipped because of amended agenda
[Co-Chair] David Keaton: 5.2.2 Provide optional result.rank value of 0.0 to 100.0 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/280
Michael C. Fanning: for #280, we should mention that the rank property cannot be comparable/commensurable across tools Michael C. Fanning: From Paul, a rank property could be useful as a default on a rule 
Michael C. Fanning: Amend #280 to accept this change
[Co-Chair] David Keaton: 5.2.3 Ensure spec conforms to philosophy around not specifying result mgmt. behavior [#186] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/186
[Co-Chair] David Keaton: 5.2.4 Rename fileVersion to dottedQuadFileVersion and specify format constraint [#274] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/274
Michael C. Fanning: #274 accept and fix typo of property name, it should be dottedQuadFileVersion [Co-Chair] David Keaton: 5.2.5 logicalLocation.kind: remove "package" and "function" [#279] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/279
Michael C. Fanning: #279 add language for handling nested types, they SHALL be categorized as types Michael C. Fanning: #279 please describe rationale which is primarily to resolve name collisions across logical locations Michael C. Fanning: there are at least two other rationales possible for this kind, to truly specify the identity of a construct (e.g., it is an event) 
Michael C. Fanning: or to assist in results grouping
Michael C. Fanning: TODO: consider XML and JSON domains as well
Michael C. Fanning: Luke has assumed co-chair responsibilities so David can weigh in on this position Michael C. Fanning: David notes that if we want to address C, we are incomplete Michael C. Fanning: C has a notion of a member and this isn't a function, such as a union member 
Michael C. Fanning: Could we consider an even more generic name?
Michael C. Fanning: David objects to removing function for now
Michael C. Fanning: for #279 we will retain function
Michael C. Fanning: I will open a tracking issue on 'kind' for results grouping, XML and JSON domains, and can we find a magical general term that absorbs function/member? 
Larry Golding: #279: rationale: resolve name collisions
Larry Golding: #279: nested type => "type"
Michael C. Fanning: David now assumes co-chair responsibilities for remaining agenda [Co-Chair] David Keaton: 5.2.6 baselineState s/be present on all results or none [#284] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/284
Michael C. Fanning: #284, Jim notes that we have no notion of a 'changed' result. An issue relates to a previous occurrence, with some delta that qualifies it Michael C. Fanning: from TC discussion, we're not sure this kind of marker would provide value Michael C. Fanning: due to the range of data that is required to drive results mgmt. decisions 
Paul Anderson: I'm afraid I have to drop off early today. Thanks!
Michael C. Fanning: 3.22.2 is the relevant section if anyone wants to follow
Michael C. Fanning: up
[Co-Chair] David Keaton: 5.2.7 Provide a mechanism to associate a result with an invocation [#285] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/285
[Co-Chair] David Keaton: 5.2.8 ruleConfiguration.defaultLevel should not contain an 'open' value [#288] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/288
[Co-Chair] David Keaton: 5.2.9 skipped because of amended agenda
Michael C. Fanning: #285 no change
Michael C. Fanning: #288 accepted no change
[Co-Chair] David Keaton: Editors propose motion: approve 5.2.0 and 5.2.2 through 5.2.8 as amended (details to follow if necessary) 
[Co-Chair] David Keaton: Larry: so moved, changes captured in  notes above
[Co-Chair] David Keaton: Michael: second
[Co-Chair] David Keaton: APPROVED
[Co-Chair] David Keaton: 5.3 Discussions
[Co-Chair] David Keaton: 5.3.0 (amended agenda) Specify optional property file.sourceLanguage to guide in syntax-driven colorization of snippets [#286] 
[Co-Chair] David Keaton: https://github.com/oasis-tcs/sarif-spec/issues/286
Michael C. Fanning: To further qualify notes above, Paul's suggestion to add a default rule rank will resolve to a property named, defaultRank. 
Michael C. Fanning: david we can hear you
Larry Golding: David can't hear us any more
[Co-Chair] David Keaton: Drat. My audio is out. Luke, would you please take over? I suggest a motion to validate what we think we approved. 
Michael C. Fanning: Larry moves amendment to #280 to add rule.defaultRank
Michael C. Fanning: Michael seconds the motion
Michael C. Fanning: no discussion or objections it is approved
[Co-Chair] David Keaton: APPROVED
Michael C. Fanning: review of decisions: we approved 5.2.0 and 5.2.2 through 5.2.8 Michael C. Fanning: action items, decide on face to face location before next meeting, david, Michael yekaterian Larry Golding: Action: David/Michael/Katrina to resolve F2F meeting location. 
Michael C. Fanning: next meeting on 12/12
Michael C. Fanning: larry moves to adjourn
Michael C. Fanning: michael seconds
Michael C. Fanning: no objection or discussion, we are adjounred
[Co-Chair] David Keaton: ADJOURNED

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]