OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

sarif message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [sarif] RE: New TC comment: Issue #429, missing constraint

Larry,
As long as only editorial changes are made, the current draft should reflect your best current thinking, even if you have changed your mind along the way. It is fine to revert the change if that is what you currently believe is best. You can explain your reasoning at Wednesday's meeting (or before) and the committee can discuss it before deciding whether to ask for a Special Majority Vote for Committee Specification. 

					David

On 2019-07-07 20:08, Larry Golding (Myriad Consulting Inc) wrote:
Hmmm. I see that I had previously decided /not/ to take this change. In the heat of editing this afternoon, I did make this change â it seemed at the time an obvious bug that needed fixing.
*David,* please let me know whether to revert this change in the draft I just pushed. 

Larry
*From:* sarif@lists.oasis-open.org <sarif@lists.oasis-open.org> *On Behalf Of *Larry Golding (Myriad Consulting Inc) 
*Sent:* Friday, June 14, 2019 5:38 PM
*To:* OASIS SARIF TC Discussion List <sarif@lists.oasis-open.org>
*Subject:* [sarif] New TC comment: Issue #429, missing constraint
*Importance:* High
I noticed and filed Issue #429 <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Foasis-tcs%2Fsarif-spec%2Fissues%2F429&data=02%7C01%7Cv-lgold%40microsoft.com%7C52449c5b679449d2bd8508d6f129aeb3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636961558658965200&sdata=J9f8YnTE8knQhKiKY0Zh3NFf4YXk%2Fiu3jGT6cVAjMJU%3D&reserved=0>, âMissing constraint: result.ruleId == result.rule.idâ:
The spec correctly says that if |result.ruleIndex|Âand |result.rule.index|Âare both present, they must be equal. But it does /not/Âsay that if |result.ruleId|Âand |result.rule.id|Âare both present, they must be equal. It /should/Âsay that.
I was sure Iâd said that, but I just canât find it in Â3.27.5, result.ruleId property.
It would be a substantive change to add this constraint. I propose /not/ to take this change (and trigger another comment period). Itâs not like somebodyâs likely to create a SARIF file that looks like this: 

results: [

 Â {

 ÂÂÂ ruleId: CS0001,

 ÂÂÂ rule: {

 ÂÂÂÂÂid: CS0002

 ÂÂÂ },

 ÂÂÂ ...

Itâs just that we should have explicitly prohibited it.

Larry

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]