OASIS Static Analysis Results Interchange Format (SARIF) TC Public Documents

Number of Documents Show last documents per workgroup
Document Descriptions
OASIS Static Analysis Results Interchange Format (SARIF) TC   (Showing 10 of 200)
Document Name # Size State Submitter Date Action
0
--
OASIS Standard
Paul Knight
2020-03-27
OS: Static Analysis Results Interchange Format (SARIF) Version 2.1.0 OASIS Standard 27 March 2020 https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.docx https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.pdf JSON schemas: https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/
0
13K
Draft
Chet Ensign
2020-03-12
SARIF V2.1.0 Candidate OASIS Standard 01 completed its 60 day public review and received comments. The TC chose to make changes to the COS to address the comments. The change log can be found as 'Editor's report 2020-02-26.md' in the ZIP file with the revised file at [1]. The log of the comments and their resolution can be found at https://www.oasis-open.org/committees/document.php?document_id=66786&wg_abbrev=sarif which contains PDFs for each of the JIRA issues logged from the review. The TC judges these changes to be non-material and only in response to comments received as required by the OASIS TC Process. Passing this ballot will result in TC Admin publishing SARIF V2.1.0 COS02 and submitting it to the OASIS membership in the call for consent. This ballot requires a Special Majority Vote. The TC roster currently lists 8 voting members. In order to pass, at least 6 (2/3 x 8) members have to vote Yes and no more than 2 (1/4 x 8) members may vote No. This is explained in TC Process section 3.4.3, Balloting for OASIS Standard approval [2]. [1] URI to the Candidate OASIS Standard https://www.oasis-open.org/committees/document.php?document_id=66750&wg_abbrev=sarif [2] https://www.oasis-open.org/policies-guidelines/tc-process#cos-Submission-ballotingOS
0
--
Committee Draft
Paul Knight
2020-03-12
COS02: Static Analysis Results Interchange Format (SARIF) Version 2.1.0 Candidate OASIS Standard 02 12 March 2020 https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/sarif-v2.1.0-cos02.docx https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/sarif-v2.1.0-cos02.html https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/sarif-v2.1.0-cos02.pdf JSON schemas: https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/
0
1MB
Draft
David Keaton
2020-03-04
The SARIF TC users github to track its comments. OASIS requires a PDF snapshot of each github comment that was addressed, because github can be altered. This is the collection of github issue snapshots for the SARIF v2.1.0 Candidate OASIS Standard comment period. For an index into these comments and links to the actual issues on github, see the Editor's Report in the SARIF v2.1.0 revised Candidate OASIS Standard package.
0
16K
Draft
David Keaton
2020-03-04
1. The SARIF TC judges the changes in the referenced document to be non-material. 2. The TC approves the changes in the referenced document. 3. The TC requests a Special Majority Vote to proceed to a Call for Consent so that the document can become an OASIS Standard.
0
3MB
Draft
David Keaton
2020-02-26
This is the document after addressing the comments from the Candidate OASIS Standard public comment period.
0
14K
Draft
Chet Ensign
2019-12-18
The Static Analysis Results Interchange Format (SARIF) Version 2.1 CS01 [1] was approved as a Committee Specification on 23 July 2019. The TC has received 3 Statements of Use from the Software Assurance Marketplace (SWAMP) Project, GrammaTech, and Microsoft [2]. Do you now approve submitting this Committee Specification to the OASIS membership for consideration as a Candidate OASIS Standard? Approving this ballot will result in a 60-day public review after which, if no comments are received, the COS will be submitted to a membership-wide call for consent. If comments are received, the TC will be asked to vote by Special Majority Ballot on whether to continue to the membership vote. This is explained in TC Process section 3.4.2, Public Review of a Candidate OASIS Standard [3]. This ballot requires a Special Majority Vote [4]. The TC roster currently lists 8 voting members. In order to pass, at least 6 (2/3 x 8) members have to vote Yes and no more than 2 (1/4 x 8) members may vote No. [1] URI to the Committee Specification: http://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html [2] Links to Statements of Use - Software Assurance Marketplace (SWAMP) Project - https://www.oasis-open.org/committees/document.php?document_id=65816&wg_abbrev=sarif - GrammaTech Inc. - https://www.oasis-open.org/committees/document.php?document_id=66130&wg_abbrev=sarif - Microsoft - https://www.oasis-open.org/committees/document.php?document_id=66346&wg_abbrev=sarif [3] http://www.oasis-open.org/policies-guidelines/tc-process#OASISstandard [4] Special Majority Vote: http://www.oasis-open.org/committees/process-2010-07-28.php#dSpecialMajority
0
--
Committee Draft
Paul Knight
2019-12-18
COS01: Static Analysis Results Interchange Format (SARIF) Version 2.1.0 Candidate OASIS Standard 01 18 December 2019 https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos01/sarif-v2.1.0-cos01.docx https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos01/sarif-v2.1.0-cos01.html https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos01/sarif-v2.1.0-cos01.pdf JSON schemas: https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos01/schemas/
0
22K
Draft
David Keaton
2019-12-09
1. The TC requests a Special Majority Vote to advance SARIF Version 2.1.0 to Candidate OASIS Standard. For that purpose, we also approve the following statements. --- 2. The TC certifies that all SARIF Version 2.1.0 schema and XML instances are well-formed and that expressions are valid. --- 3. Clear English-language summary of the specification: Static Analysis Results Interchange Format (SARIF) is a standard output format for static analysis tools. A static analysis tool is a program that examines programming artifacts in order to detect problems, without executing the program. A standard output format allows results to be combined across runs of the same tool, and across runs of tools from multiple vendors, to get a more complete picture of the aspects of a program that need improvement. --- 4. Relationship of this specification to similar work: The Object Management Group's Tool Output Integration Format (TOIF) is an existing standard that integrates diverse static analysis result formats into the lowest common denominator representation, as one form of evidence in a software assurance system. By contrast, SARIF accommodates deep, precise expression of static analysis results to provide full support for the capabilities of advanced static analysis systems, enabling the sharing of sophisticated visualization and processing components that previously were specific to individual static analysis tools. --- 5. The TC approves the three Statements of Use that are attached to this ballot, noting that they are from OASIS Organizational Members.
0
1MB
Draft
David Keaton
2019-12-02