OASIS Static Analysis Results Interchange Format (SARIF) TC Meeting #18 May 30, 2018

Acting chair: David

Chat transcript from room: sarif
From 2018-05-30 16:35 UTC until 18:23 UTC

1. Call to Order and Welcome

Chair: Called the meeting to order @ 16:35 UTC.

2. Roll call

All participants recorded their attendance on the OASIS meeting calendar - quorum was reached.

All participants were kindly encouraged to registrate themselves to optimize the use of the shared time during the meeting in one of two ways:
Either click the link with the text "Register my attendance" on the top of the event page or directly visit the per event direct "record my attendace link":
https://www.oasis-open.org/apps/org/workgroup/sarif/record_my_attendance.php?event_id=47364&confirmed=1, Thanks

Details cf. normative attendance sheet for this meeting (event_id=47364).

2.1 Participants

David Keaton      (Individual)          - Chair
Henny Sipma       (Kestrel Technology)  - Voting Member
Laurence Golding  (Individual)          - Voting Member
Luke Cartey       (Semmle)              - Chair
Michael Fanning   (Microsoft)           - Voting Member
Paul Anderson     (GrammaTech, Inc.)    - Voting Member
Paul Brooks       (Microsoft)           - Voting Member
Stefan Hagen      (Individual)          - Secretary
Sunny Chaterjee   (Microsoft)           - Voting Member
Vamshi Basupalli  (SWAMP)               - Voting Member
Yekaterina O'Neil (Micro Focus)         - Member

3. Review Agenda

Agenda draft published at https://www.oasis-open.org/committees/download.php/63092/agenda_20180516.html - content given below to support the reader:

Agenda for May 16, 2018
MEETING OF OASIS SARIF TECHNICAL COMMITTEE
Time 09:30-11:30 PDT / 16:30-18:30 UTC
Meeting Chat Location http://webconf.soaphub.org/conf/room/sarif
Meeting Audio https://meet.lync.com/microsoft/mikefan/YJ4RP6MD
1. Opening Activities
1.1 Opening comments (Co-Chair Keaton)
1.2 Introduction of participants/roll call (Co-Chair Cartey)
1.3 Procedures for this meeting (Co-Chair Keaton)
1.4 Approval of agenda (Co-Chair Keaton)
1.5 Approval of previous minutes [Minutes of 2018-05-16 Meeting#17] (Co-Chair Keaton)
1.6 Review of action items and resolutions (Secretary Hagen)
1.7 Identification of SARIF TC voting members (Co-Chair Cartey)
1.7.1 Prospective members attending their first meeting
1.7.2 Members attaining voting rights at the end of this meeting
1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends
1.7.4 Members who previously lost voting rights who are attending this meeting
1.7.5 Members who have declared a leave of absence
2. Timeline Status
2.1 Note where we are on the schedule [SARIF TC Timeline] (Co-Chair Keaton)
         - 10 open issues marked CSD.1, 9 less than noted in the last meeting's agenda
3. Future Meetings
3.1 Future meeting schedule (Co-Chair Keaton)
Scheduled teleconferences (Wednesdays at 09:30 PDT / 16:30 UTC)
June 6
June 20
June 27
4. Document Progress (Co-Editors Golding and Fanning)
4.1 Editors' report
4.2 Approval of changes
Discuss the following items individually, then vote on them together unless someone would like to separate out an issue for individual vote.
4.2.1 Roles for edited files (modification to previously approved change) [#160] [#143]
Replace this:
* "generatedFile": the file was generated by the build
with this:
* "uncontrolledFile": The file is not under version control.
4.2.2 Region-related changes [#93] [#171]
4.2.3 Support nested graphs [#149]
4.2.4 fileLocation uri property should be a URI reference [#176]
4.3 Discussions
4.3.1 SARIF MIME type (Co-Chair Cartey)
4.3.2 Agree on how to express normative statements about out-of-band components.
In particular: how to express the desire for the Engineering System to make it possible to determine the baseline run.
4.3.3 Any other new issues that need to be discussed
5. Other Business
6. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end)
6.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair Keaton)
6.2 Review of Decisions Reached (Secretary Hagen)
6.3 Review of Action Items (Secretary Hagen)
7. Next Meeting
June 6, 2018 / 09:30-11:30 PDT / 16:30-18:30 UTC
8. Adjournment

Note: Issue URLs are constructed by appending the issue number (without the '#') to the base URL https://github.com/oasis-tcs/sarif-spec/issues/
Pull requests similarly refer to base URL https://github.com/oasis-tcs/sarif-spec/pull/ but to better distinguish from issues, they are encoded as PR#$number, wher $number represents the number of the pull request.

David: Add agenda item 4.2.5, issue #181, Hierarchical property bag property names

Agenda adopted as amended

4. Approval of previous minutes

4.1 Approval of minutes from 2018-05-16 Meeting #17

Minutes at https://www.oasis-open.org/committees/download.php/63159/sarif-minutes-20180516-meeting-17.html

Minutes approved unchanged as published

5. Future Meetings

5.1 Future meeting schedule (Teleconferences)

Scheduled teleconferences (Wednesdays at 09:30 PDT / 16:30 UTC)

June 6
June 20

6. Document Progress

6.1 Editor's report

Laurence walks all through the editors' report at:
https://github.com/oasis-tcs/sarif-spec/blob/master/EditorsReports/Editor's%20report%202018-05-30.md

6.2 Approval of issue closure

Discuss the following items individually, then vote on them together unless someone would like to separate out an issue for individual vote.

Michael moves to accept all the changes covered in the subsections of this section 6.2 according to the amended agenda, seconded

No discussion, no objections, unanimous consent. The motion carries and the changes are approved

6.2.1 #160 / #143 - Roles for edited files (modification to previously approved change) [#160] [#143]

Replace this:
* "generatedFile": the file was generated by the build
with this:
* "uncontrolledFile": The file is not under version control.

No discussion

Approved (cf. section 6.2)

6.2.2 #93 / #171 - Region-related changes [#93] [#171]

Action on editors to bundle line separator + column definition behaviour as optional properties in the log file as described in the spec

No discussion

Approved (cf. section 6.2)

6.2.3 #149 - Support nested graphs [#149]

Laurence presents status of issue / proposal to the TC.

No discussion

Approved (cf. section 6.2)

6.2.4 #176 - fileLocation uri property should be a URI reference [#176]

Laurence presents status of issue / proposal to the TC

No discussion

Approved (cf. section 6.2)

6.2.5 #181 - Hierarchical property bag property names [#181]

No discussion

Approved (cf. section 6.2)

6.3 Discussions

6.3.1 SARIF MIME type

Luke presents the status of discussion on the SARIF MIME type

Luke: I move to 1. Agree to proceed with the process of registering a MIME type. and 2. Agree in principle to a MIME type of "application/sarif+json". Seconded

Laurence moves to amend by removing the words "in principle", seconded

No objections

Back to original motion with words in principal removed from 2. part

No discussion, no objections, unanimous consent. The motion carries

Action on Luke to contact Robin Cover and to follow up what to do for implementing the agreed plan

Actionon Larry to describe the MIME type in the spec (#182 created issue) - but later removed, as issue re-targeted to CSD02

6.3.2 Agree on how to express normative statements about out-of-band components.

Reference: E-Mail to TC list - https://lists.oasis-open.org/archives/sarif/201805/msg00162.html

Luke: acts as chair, so David can participate in discussion on next issue

Topic in particular: how to express the desire for the Engineering System to make it possible to determine the baseline run.

Laurence presents the status as developed over the last weeks

David describes why he thinks, basing conformance requirements on out of band artefacts.

All discuss the options suggested by David as presented and shared online during the meeting

Action on Laurence to apply the #186 related to the found resolution of David's concerns (going in direction of undefined behaviour)

David again takes the chair role from Luke (who took over during discussion related to section 6.3.2)

6.3.3 Any other new issues that need to be discussed

Michael walks all through the open issues for CSD01

Issue #158 result.correlationId #158 Introduce result.correlationId and clarify purpose of result.fingerprints array is the title

Laurence: proposes to triage the remaining issues, esp. filtering issues on open and neither CSD01 nor CSD02 tag, as this filter finds 20 issues

All triage these issues

Laurence: suggests that we might need to re-triage, as the amount of open issues seems to not be closable in 2 weeks time

7. Any Other Business

None

8. Resolutions and Decisions reached

8.1 Review of Decisions Reached

Nothing noted here - for decisions see in sections above.

8.2 Review of Action Items

  1. Action on editors to bundle line separator + column definition behaviour as optional properties in the log file as described in the spec #183 and #184
  2. Action action on Larry to Publish v2 SARIF JSON schema to assist in editor/other online validation #185
  3. Action on Luke to contact Robin Cover and to follow up what to do for implementing the MIME type decision of this meeting
  4. Action on Larry to apply the #186 related to the found resolution of David's concerns (going in direction of undefined behaviour)

9. Next meeting

June 30, 2018 / 09:30-11:30 PDT / 16:30-18:30 UTC

10. Adjourn

The meeting was adjourned at 18:23 UTC.