OASIS Static Analysis Results Interchange Format (SARIF) TC Meeting #12 March 14, 2018

Acting chair: David

Chat transcript from room: sarif
From 2018-03-14 16:38 UTC until 18:24 UTC

1. Call to Order and Welcome

Chair: Called the meeting to order @ 16:38 UTC.

2. Roll call

All participants recorded their attendance on the OASIS meeting calendar - quorum was reached.

All participants were kindly encouraged to registrate themselves to optimize the use of the shared time during the meeting in one of two ways:
Either click the link with the text "Register my attendance" on the top of the event page or directly visit the per event direct "record my attendace link":
https://www.oasis-open.org/apps/org/workgroup/sarif/record_my_attendance.php?event_id=47087&confirmed=1, Thanks

Details cf. normative attendance sheet for this meeting (event_id=47087).

2.1 Participants

2.1.1 Voting Members present

David Keaton (Individual)
Henny Sipma (Kestrel Technology)
Jim Kupsch (SWAMP)
Laurence Golding (Individual)
Luke Cartey (Semmle)
Mel Llaguno (Synopsys)
Michael Fanning (Microsoft)
Paul Anderson (GrammaTech, Inc.)
Stefan Hagen (Individual)
Vamshi Basupalli (SWAMP)
Yekaterina ONeil (Micro Focus)

2.1.2 Members present

Note: Despite the (mis-)calculations of the tool in the TC workspace, it is sufficient to participate in two subsequent meetings of a TC to obtain voting rights after that meeting.

Everett Maus (Microsoft)
Hendrik Buchwald (RIPS Technologies)
Paul Brookes (Microsoft)

2.1.3 Observers present

Note: Observers of this committee that are ready to become Members should follow the specific instructions displayed the OASIS Open Notices tab.

None.

2.2 Voting Right Changes Effective After The Roll call of this Meeting

2.2.1 Members who gained Voting Rights

Hendrik Buchwald (RIPS Technologies)

2.2.2 Members who lost Voting Rights

Sunny Chatterjee (Microsoft)

3. Review Agenda

Agenda draft published at https://www.oasis-open.org/committees/download.php/62683/agenda_20180314.html - content given below to support the reader:

Agenda for March 14, 2018
MEETING OF OASIS SARIF TECHNICAL COMMITTEE
Time 09:30-11:30 PDT (16:30-18:30 UTC)
Note: The US will be on daylight savings time and the EU will not.
Meeting Chat Location http://webconf.soaphub.org/conf/room/sarif
Meeting Audio https://meet.lync.com/microsoft/mikefan/9YDFKCQK
1. Opening Activities

1.1 Opening comments (Co-Chair Keaton)
1.2 Introduction of participants/roll call (Co-Chair Cartey)
1.3 Procedures for this meeting (Co-Chair Keaton)
1.4 Approval of agenda (Co-Chair Keaton)
1.5 Approval of previous minutes [Minutes of 2018-02-28 Meeting#11] (Co-Chair Keaton)
1.6 Review of action items and resolutions (Secretary Hagen)
1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
1.7.1 Prospective members attending their first meeting
1.7.2 Members attaining voting rights at the end of this meeting
1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends
1.7.4 Members who previously lost voting rights who are attending this meeting
1.7.5 Members who have declared a leave of absence
2. Timeline Status

2.1 Note where we are on the schedule [SARIF TC Timeline] (Co-Chair Keaton)
         - 24 open issues marked CSD.1 and scheduled to close 12 at this meeting
3. Future Meetings

3.1 Future meeting schedule (Co-Chair Keaton)
Scheduled teleconference (Wednesday at 09:30 PDT / 16:30 UTC)
March 28 (US & EU both on daylight savings time)
Proposed teleconferences (Wednesdays at 09:30 PDT / 16:30 UTC)
April 4
April 18
4. Document Progress (Co-Editors Golding and Fanning)

4.1 Editors' report
4.2 Approval of changes
4.2.1 Guiding principles: allow duplicate representations [PR#114]
4.2.2 Do we want an array of computed fingerprints on result? [#10]
4.2.3 Document how converters should provide notifications [#15]
4.2.4 Clarify requirement for format of URI-valued properties for nested files [#23]
4.2.5 Document rule.configuration [#29]
4.2.6 Clarify that the keys in the run.files dictionary must be distinct when normalized [#63]
4.2.7 run.files keys can collide if specified by relative URLs [#64]
4.2.8 Clarify encoding requirements for properties that contain text from source files [#76]
4.2.9 Enable localization for all message strings [#84]
4.2.10 file object's contents property [#97]
4.2.11 Opportunistic change: redefinition of invocation.responseFiles property [see change for #76/#97]
4.2.12 Opportunitic change: improvement to definition of replacement object [see change for #76/#97]
4.2.13 run.invocation should be an array of invocation objects [#102]
4.2.14 Specify how to treat a file that contains interleaved stdout/stderr [#110]
4.2.15 invocation object should record process outcome [#115]
4.3 Discussions
4.3.1 Review code flow proposals [#80]
4.3.2 Review rank/metrics/etc. proposals as raised by Nick Mansourov [#58] [#44]
         - Note: #58 is not a CSD.1 issue
5. Other Business

6. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end)

6.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton)
6.2 Review of Decisions Reached (Secretary Hagen)
6.3 Review of Action Items (Secretary Hagen)
7. Next Meeting

March 28, 2018 / 09:30-11:30 PDT / 16:30-18:30 UTC
Note: The US and EU will both be on daylight savings time.
8. Adjournment
Note: Issue URLs are constructed by appending the issue number (without the '#') to the base URL https://github.com/oasis-tcs/sarif-spec/issues/
Pull requests similarly refer to base URL https://github.com/oasis-tcs/sarif-spec/pull/ but to better distinguish from issues, they are encoded as PR#$number, wher $number represents the number of the pull request.

Agenda approved unchanged as published

David: April 4 and April 18 approved as meeting dates. All will be on daylight savings time.

4. Approval of previous minutes from 2018-02-28 Meeting #11

Minutes at https://www.oasis-open.org/committees/download.php/62630/sarif-minutes-20180228-meeting-11.html

Minutes approved unchanged as published

5. Future Meetings

5.1 Future meeting schedule (Teleconferences)

April 04 (US & EU daylight savings time) - Proposed teleconference (Wednesday at 09:30 US Pacific time)
April 18 (US & EU daylight savings time) - Proposed teleconference (Wednesday at 09:30 US Pacific time)

David: Decision: April 4 and April 18 approved as meeting dates (All will be on daylight savings time).

6. Document Progress

6.1 Editors' report

Nothing noted

6.2 Approval of changes

David: Decision: All changes in the subsections of approved as amended.

6.2.1 PR#114 - Guiding principles: allow duplicate representations [PR#114]

Discussed and approved as amended (cf. section 6.2)

6.2.2 #10 - Do we want an array of computed fingerprints on result? [#10]

David: Action: Larry to create a new issue to make Instance ID an array.

Discussed and approved as amended (cf. section 6.2)

6.2.3 #15 - Document how converters should provide notifications [#15]

Discussed and approved as amended (cf. section 6.2)

6.2.4 #23 - Clarify requirement for format of URI-valued properties for nested files [#23]

David: Action: Larry to consider changing "absolute path" to something more descriptive.

Discussed and approved as amended (cf. section 6.2)

6.2.5 #29 - Document rule.configuration [#29]

David: Typo: In 3.30.4, "properties" should say "parameters".

Discussed and approved as amended (cf. section 6.2)

6.2.6 #63 - Clarify that the keys in the run.files dictionary must be distinct when normalized [#63]

David: Editorial correction: Since # delimits path within container, a URI base ID cannot contain a #.

David: Action: Editors to file an issue to handle multiple distinct files at the same location at different points during the run.

Discussed and approved as amended (cf. section 6.2)

6.2.7 #64 - run.files keys can collide if specified by relative URLs [#64]

Discussed and approved as amended (cf. section 6.2)

6.2.8 #76 - Clarify encoding requirements for properties that contain text from source files [#76]

David: 4.2.8 to be discussed with 4.2.10 (cf. section 6.2.10)

David: 4.2.8, 4.2.10, 4.2.11, 4.2.12 (one change covers all of these)

Discussed and approved as amended (cf. section 6.2)

6.2.9 #84 - Enable localization for all message strings [#84]

Discussed and approved as amended (cf. section 6.2)

6.2.10 #97 - file object's contents property [#97]

Discussed and approved as amended (cf. section 6.2)

6.2.11 Opportunistic change: redefinition of invocation.responseFiles property [see change for #76/#97]

Discussed and approved as amended (cf. section 6.2)

6.2.12 Opportunitic change: improvement to definition of replacement object [see change for #76/#97]

Discussed and approved as amended (cf. section 6.2)

6.2.13 #102 - run.invocation should be an array of invocation objects [#102]

Discussed and approved as amended (cf. section 6.2)

6.2.14 #110 - Specify how to treat a file that contains interleaved stdout/stderr [#110]

Discussed and approved as amended (cf. section 6.2)

6.2.15 #115 - invocation object should record process outcome [#115]

Discussed and approved as amended (cf. section 6.2)

6.3 Discussions

6.3.1 #80 - Code flow enhancements

David: Discussed graph traversals

7. Any Other Business

No other business

8. Resolutions and Decisions reached

8.1 Review of Decisions Reached

Nothing noted here - for decisions see in sections above.

8.2 Review of Action Items

  1. Larry to create a new issue to make Instance ID an array.
  2. Larry to consider changing "absolute path" to something more descriptive.
  3. Editors to file an issue to handle multiple distinct files at the same location at different points during the run.

9. Next meetings

April 04, 2018 / 09:30-11:30 PDT / 16:30-18:30 UTC
April 18, 2018 / 09:30-11:30 PDT / 16:30-18:30 UTC

10. Adjourn

The meeting was adjourned at 18:24 UTC.