From c70f5912ac09adcffc9b6e3e604dce4c79ca6c1b Mon Sep 17 00:00:00 2001 From: Stefan Hagen Date: Wed, 13 Nov 2024 20:25:38 +0100 Subject: [PATCH 1/6] Minutes of meeting 2024-11-14 - [ x] pre-meeting draft - [ ] editor report - [ ] aligned with agenda draft - [ ] post-meeting draft - [ ] ready for review --- meeting_minutes/241114_SARIF_TC_93.md | 166 ++++++++++++++++++++++++++ 1 file changed, 166 insertions(+) create mode 100644 meeting_minutes/241114_SARIF_TC_93.md diff --git a/meeting_minutes/241114_SARIF_TC_93.md b/meeting_minutes/241114_SARIF_TC_93.md new file mode 100644 index 00000000..28987355 --- /dev/null +++ b/meeting_minutes/241114_SARIF_TC_93.md @@ -0,0 +1,166 @@ +# 1. Opening Activities + +## 1.1 Opening comments (Co-Chair David) + +## 1.2 Introduction of participants/roll call (Co-Chair David) + +Quorum requires participation of five or more of the nine voting members. + +| First Name | Last Name | Company | Role(s) | Present | +|:-----------|:--------------|:------------------------|:---------------------------|:--------| +| Aditya | Sharad | Microsoft | Voting Member | ??? | +| Alexandre | Dulaunoy | CIRCL | Member | ?? | +| Andras | Iklody | CIRCL | Member | ?? | +| Arjun | Gopalakrishna | Microsoft | Voting Member | ??? | +| Charles | Wilson | Torc Robotics, Inc. | Member | ?? | +| Chris | Meyer | Microsoft | Member | ?? | +| David | Keaton | Individual | Co-Chair | ??? | +| David | Malcolm | Red Hat | Voting Member | ??? | +| Eddy | Nakamura | Microsoft | Member | ?? | +| Kevin | Greene | Mitre Corporation | Member | ?? | +| Luke | Cartey | Microsoft | Co-Chair | ?? | +| Mary | Martin | Microsoft | Member | ?? | +| Michael | Fanning | Microsoft | Member | ?? | +| Michael | Omokoh | Microsoft | Voting Member | ??? | +| Nathan | Baird | Microsoft | Voting Member | ?? | +| Paul | Brookes | Microsoft | Member | ?? | +| Paul | Seay | Northrop Grumman | Member | ?? | +| Ross | Wollman | Microsoft | Member | ?? | +| Stefan | Hagen | Individual | Secretary, taking notes ♬ | ??? | +| Thanassis | Avgerinos | ForAllSecure Inc | Voting Member | ??? | +| Tim | Hudson | Cryptsoft Pty Ltd. | Member | ?? | +| Vadim | Okun | NIST | Observer | ?? | + +... of the nine voting members present - quorum was ... + +## 1.3 Procedures for this meeting (Co-Chair David) + +## 1.4 Approval of agenda (Co-Chair David) + +* [Agenda for November 14, 2024](https://www.oasis-open.org/committees/download.php/docid/) + +The agenda was ... + +## 1.5 Approval of previous minutes (Co-Chair David) + +* [Minutes of 2024-10-10 Meeting #92](https://www.oasis-open.org/committees/download.php/72271/) + +The minutes were ... + +## 1.6 Review of action items and resolutions (Secretary Stefan) + +* ACTION on David Malcolm to comment on #588 sketching a proposal for #line directives + * ... +* ACTION on David Malcolm to update issue #588 (support of diagrams in SARIF) + * ... +* ACTION on Stefan to provide prose explaining the use of `guid`s in another new issue and to provide an implementation per pull request + (cf. [Provide prose explaining the use of guids across all occurrences #648](https://github.com/oasis-tcs/sarif-spec/issues/648) + * ... +* ACTION on Stefan to research the history and status of #564 + "Question: How to represent results from deep in revision control history?" + * ... +* ACTION on Stefan to create an editor text for the proposal in + [Suggestions for more threadFlowLocation "kinds" property values #530](https://github.com/oasis-tcs/sarif-spec/issues/530) + * ... +* ACTION on Stefan to try to propose text in context for + [Consider r-using the "relevant to understanding the result" wording also in notifications/relatedLocation #649](https://github.com/oasis-tcs/sarif-spec/issues/649) + * ... +* ACTION on Stefan to try to add that informative statement to the issue and the text per + [Is any escaping of URIs within "3.11.6 Messages with embedded links" needed? #657](https://github.com/oasis-tcs/sarif-spec/issues/657) + * ... +* ACTION on Thanassis to provide info on justificationTypes from SBOM initiatives (research) + * ... + +## 1.7 Identification of SARIF TC voting members (Co-Chair David) + +### 1.7.1 Prospective voting members attending their first meeting + +### 1.7.2 Members attaining voting rights at the end of this meeting + +### 1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends + +### 1.7.4 Members who previously lost voting rights who are attending this meeting + +### 1.7.5 Members who have declared a leave of absence + +# 2. Future Meetings + +## 2.1 Future meeting schedule (Co-Chair David) + +- Scheduled Teleconference (Thursday at 08:00 PT / 16:00 UTC for 1.5 hours) + ``` + December 12, 2024 + ``` + - Proposed Teleconference (Thursday at 08:00 PT / 16:00 UTC for 1.5 hours) + ``` + TBD + ``` + +# 3. Discussion + +## 3.1 Review current state of ecosystem ongoing work + +### 3.1.1 Related activities (OPENSSF, etc.) + +... + +### 3.1.2 Other Ecosystem Items + +* ... + +## 3.2 Review outcomes of subgroup discussions + +* No editor meeting and no new editor revision for this month +* ... + +## 3.3 Discuss the list of small non-breaking changes for SARIF v2.2 + +### 3.3.1 Editor's report + +... + +Only one editor currently active and waiting for approved proposals to edit into the specification draft. + +### 3.3.2 Approval of changes + +N/A + +### 3.3.3 Additional discussion + +* ... + +## 3.4 Review Roadmap [Future.md](https://github.com/oasis-tcs/sarif-spec/blob/main/Future.md) + +... + +## 3.5 Discuss SARIF's relationship to other relevant standards + +... + +# 4. Other Business + +... + +# 5. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end) + +## 5.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair David) + +## 5.2 Review of Decisions Reached (Secretary Stefan) + +* DECISION to ... + +## 5.3 Review of Action Items (Secretary Stefan) + +* Ongoing ACTIONS (from former meetings): + * ACTION on ... +* ACTION on ... + +# 7. Next Meeting + + ``` + December 12, 2024 + ``` + +# 8. Adjournment + +Meeting was ... From afbdde3056ddae3a57729b5b8b3761fae122acdd Mon Sep 17 00:00:00 2001 From: Stefan Hagen Date: Wed, 13 Nov 2024 23:07:05 +0100 Subject: [PATCH 2/6] Added result of analysis (an action item) --- meeting_minutes/241114_SARIF_TC_93.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meeting_minutes/241114_SARIF_TC_93.md b/meeting_minutes/241114_SARIF_TC_93.md index 28987355..5144d7f0 100644 --- a/meeting_minutes/241114_SARIF_TC_93.md +++ b/meeting_minutes/241114_SARIF_TC_93.md @@ -58,7 +58,10 @@ The minutes were ... * ... * ACTION on Stefan to research the history and status of #564 "Question: How to represent results from deep in revision control history?" - * ... + * The TC shall discuss the matter as unfortunately the issue has never been documented + as being discussed within the TC (Stefan assessed all minutes documents from + the proposed first meeting to discuss the matter onwards) + * DONE * ACTION on Stefan to create an editor text for the proposal in [Suggestions for more threadFlowLocation "kinds" property values #530](https://github.com/oasis-tcs/sarif-spec/issues/530) * ... From ad650ef49d9582cf23b80ca5f2c8950d5fee8dca Mon Sep 17 00:00:00 2001 From: Stefan Hagen Date: Thu, 14 Nov 2024 08:40:28 +0100 Subject: [PATCH 3/6] Closed action item on escaping of URIs question (#657) --- meeting_minutes/241114_SARIF_TC_93.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meeting_minutes/241114_SARIF_TC_93.md b/meeting_minutes/241114_SARIF_TC_93.md index 5144d7f0..8991763c 100644 --- a/meeting_minutes/241114_SARIF_TC_93.md +++ b/meeting_minutes/241114_SARIF_TC_93.md @@ -70,7 +70,9 @@ The minutes were ... * ... * ACTION on Stefan to try to add that informative statement to the issue and the text per [Is any escaping of URIs within "3.11.6 Messages with embedded links" needed? #657](https://github.com/oasis-tcs/sarif-spec/issues/657) - * ... + * TL;DR; No - provided clarification (on [RFC choice](https://github.com/oasis-tcs/sarif-spec/issues/657#issuecomment-2475582112)) and + [proposal answering the question](https://github.com/oasis-tcs/sarif-spec/issues/657#issuecomment-2475620829) both in the ticket + * DONE * ACTION on Thanassis to provide info on justificationTypes from SBOM initiatives (research) * ... From f31cdbd039c8b0e2199ad97100e47d56d9a5215d Mon Sep 17 00:00:00 2001 From: Stefan Hagen Date: Thu, 14 Nov 2024 14:31:52 +0100 Subject: [PATCH 4/6] Action status updates and editor report --- meeting_minutes/241114_SARIF_TC_93.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/meeting_minutes/241114_SARIF_TC_93.md b/meeting_minutes/241114_SARIF_TC_93.md index 8991763c..f7ed7aa9 100644 --- a/meeting_minutes/241114_SARIF_TC_93.md +++ b/meeting_minutes/241114_SARIF_TC_93.md @@ -55,7 +55,7 @@ The minutes were ... * ... * ACTION on Stefan to provide prose explaining the use of `guid`s in another new issue and to provide an implementation per pull request (cf. [Provide prose explaining the use of guids across all occurrences #648](https://github.com/oasis-tcs/sarif-spec/issues/648) - * ... + * ONGOING - still reading through all 92 locations of GUIDs in SARIF v2.1 to best derive claims associated with a top-level GUID * ACTION on Stefan to research the history and status of #564 "Question: How to represent results from deep in revision control history?" * The TC shall discuss the matter as unfortunately the issue has never been documented @@ -64,10 +64,10 @@ The minutes were ... * DONE * ACTION on Stefan to create an editor text for the proposal in [Suggestions for more threadFlowLocation "kinds" property values #530](https://github.com/oasis-tcs/sarif-spec/issues/530) - * ... + * ONGOING - in queue * ACTION on Stefan to try to propose text in context for - [Consider r-using the "relevant to understanding the result" wording also in notifications/relatedLocation #649](https://github.com/oasis-tcs/sarif-spec/issues/649) - * ... + [Consider using the "relevant to understanding the result" wording also in notifications/relatedLocation #649](https://github.com/oasis-tcs/sarif-spec/issues/649) + * ONGOING - in queue * ACTION on Stefan to try to add that informative statement to the issue and the text per [Is any escaping of URIs within "3.11.6 Messages with embedded links" needed? #657](https://github.com/oasis-tcs/sarif-spec/issues/657) * TL;DR; No - provided clarification (on [RFC choice](https://github.com/oasis-tcs/sarif-spec/issues/657#issuecomment-2475582112)) and @@ -96,6 +96,7 @@ The minutes were ... ``` December 12, 2024 ``` + regrets: Stefan - Proposed Teleconference (Thursday at 08:00 PT / 16:00 UTC for 1.5 hours) ``` TBD @@ -122,9 +123,7 @@ The minutes were ... ### 3.3.1 Editor's report -... - -Only one editor currently active and waiting for approved proposals to edit into the specification draft. +Working on actions to produce proposals. ### 3.3.2 Approval of changes From 0e38964d2c0efc987de66e141cc02793467633c0 Mon Sep 17 00:00:00 2001 From: Stefan Hagen Date: Thu, 14 Nov 2024 15:33:04 +0100 Subject: [PATCH 5/6] Synced with agenda draft and carried over actions --- meeting_minutes/241114_SARIF_TC_93.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/meeting_minutes/241114_SARIF_TC_93.md b/meeting_minutes/241114_SARIF_TC_93.md index f7ed7aa9..9641360a 100644 --- a/meeting_minutes/241114_SARIF_TC_93.md +++ b/meeting_minutes/241114_SARIF_TC_93.md @@ -37,7 +37,7 @@ Quorum requires participation of five or more of the nine voting members. ## 1.4 Approval of agenda (Co-Chair David) -* [Agenda for November 14, 2024](https://www.oasis-open.org/committees/download.php/docid/) +* [Agenda for November 14, 2024](https://www.oasis-open.org/committees/download.php/72357/) The agenda was ... @@ -99,7 +99,7 @@ The minutes were ... regrets: Stefan - Proposed Teleconference (Thursday at 08:00 PT / 16:00 UTC for 1.5 hours) ``` - TBD + January 9, 2025 ``` # 3. Discussion @@ -156,6 +156,10 @@ N/A ## 5.3 Review of Action Items (Secretary Stefan) * Ongoing ACTIONS (from former meetings): + * ACTION on Stefan to create an editor text for the proposal in + [Suggestions for more threadFlowLocation "kinds" property values #530](https://github.com/oasis-tcs/sarif-spec/issues/530) + * ACTION on Stefan to try to propose text in context for + [Consider using the "relevant to understanding the result" wording also in notifications/relatedLocation #649](https://github.com/oasis-tcs/sarif-spec/issues/649) * ACTION on ... * ACTION on ... From 9310ca5d80d76c3735aa18fca71754a33197c62e Mon Sep 17 00:00:00 2001 From: Stefan Hagen Date: Thu, 14 Nov 2024 18:28:32 +0100 Subject: [PATCH 6/6] Post-meeting draft --- meeting_minutes/241114_SARIF_TC_93.md | 130 +++++++++++++++++--------- 1 file changed, 88 insertions(+), 42 deletions(-) diff --git a/meeting_minutes/241114_SARIF_TC_93.md b/meeting_minutes/241114_SARIF_TC_93.md index 9641360a..5bb81afb 100644 --- a/meeting_minutes/241114_SARIF_TC_93.md +++ b/meeting_minutes/241114_SARIF_TC_93.md @@ -8,30 +8,30 @@ Quorum requires participation of five or more of the nine voting members. | First Name | Last Name | Company | Role(s) | Present | |:-----------|:--------------|:------------------------|:---------------------------|:--------| -| Aditya | Sharad | Microsoft | Voting Member | ??? | -| Alexandre | Dulaunoy | CIRCL | Member | ?? | -| Andras | Iklody | CIRCL | Member | ?? | -| Arjun | Gopalakrishna | Microsoft | Voting Member | ??? | -| Charles | Wilson | Torc Robotics, Inc. | Member | ?? | -| Chris | Meyer | Microsoft | Member | ?? | -| David | Keaton | Individual | Co-Chair | ??? | -| David | Malcolm | Red Hat | Voting Member | ??? | -| Eddy | Nakamura | Microsoft | Member | ?? | -| Kevin | Greene | Mitre Corporation | Member | ?? | -| Luke | Cartey | Microsoft | Co-Chair | ?? | -| Mary | Martin | Microsoft | Member | ?? | -| Michael | Fanning | Microsoft | Member | ?? | -| Michael | Omokoh | Microsoft | Voting Member | ??? | -| Nathan | Baird | Microsoft | Voting Member | ?? | -| Paul | Brookes | Microsoft | Member | ?? | -| Paul | Seay | Northrop Grumman | Member | ?? | -| Ross | Wollman | Microsoft | Member | ?? | -| Stefan | Hagen | Individual | Secretary, taking notes ♬ | ??? | -| Thanassis | Avgerinos | ForAllSecure Inc | Voting Member | ??? | -| Tim | Hudson | Cryptsoft Pty Ltd. | Member | ?? | -| Vadim | Okun | NIST | Observer | ?? | - -... of the nine voting members present - quorum was ... +| Aditya | Sharad | Microsoft | Voting Member | YES | +| Alexandre | Dulaunoy | CIRCL | Member | NO | +| Andras | Iklody | CIRCL | Member | NO | +| Arjun | Gopalakrishna | Microsoft | Voting Member | YES | +| Charles | Wilson | Torc Robotics, Inc. | Member | NO | +| Chris | Meyer | Microsoft | Member | NO | +| David | Keaton | Individual | Co-Chair | YES | +| David | Malcolm | Red Hat | Voting Member | YES | +| Eddy | Nakamura | Microsoft | Member | NO | +| Kevin | Greene | Mitre Corporation | Member | NO | +| Luke | Cartey | Microsoft | Co-Chair | NO | +| Mary | Martin | Microsoft | Member | NO | +| Michael | Fanning | Microsoft | Member | NO | +| Michael | Omokoh | Microsoft | Voting Member | NO | +| Nathan | Baird | Microsoft | Voting Member | YES | +| Paul | Brookes | Microsoft | Member | NO | +| Paul | Seay | Northrop Grumman | Member | NO | +| Ross | Wollman | Microsoft | Member | NO | +| Stefan | Hagen | Individual | Secretary, taking notes ♬ | YES | +| Thanassis | Avgerinos | ForAllSecure Inc | Voting Member | YES | +| Tim | Hudson | Cryptsoft Pty Ltd. | Member | NO | +| Vadim | Okun | NIST | Observer | NO | + +Seven of the nine voting members present - quorum was reached. ## 1.3 Procedures for this meeting (Co-Chair David) @@ -39,24 +39,25 @@ Quorum requires participation of five or more of the nine voting members. * [Agenda for November 14, 2024](https://www.oasis-open.org/committees/download.php/72357/) -The agenda was ... +The agenda was approved. ## 1.5 Approval of previous minutes (Co-Chair David) * [Minutes of 2024-10-10 Meeting #92](https://www.oasis-open.org/committees/download.php/72271/) -The minutes were ... +The minutes were approved. ## 1.6 Review of action items and resolutions (Secretary Stefan) * ACTION on David Malcolm to comment on #588 sketching a proposal for #line directives - * ... + * ONGOING * ACTION on David Malcolm to update issue #588 (support of diagrams in SARIF) - * ... + * ONGOING * ACTION on Stefan to provide prose explaining the use of `guid`s in another new issue and to provide an implementation per pull request (cf. [Provide prose explaining the use of guids across all occurrences #648](https://github.com/oasis-tcs/sarif-spec/issues/648) * ONGOING - still reading through all 92 locations of GUIDs in SARIF v2.1 to best derive claims associated with a top-level GUID -* ACTION on Stefan to research the history and status of #564 +* ACTION on Stefan to research the history and status of + [Question: How to represent results from deep in revision control history? #564](https://github.com/oasis-tcs/sarif-spec/issues/564) "Question: How to represent results from deep in revision control history?" * The TC shall discuss the matter as unfortunately the issue has never been documented as being discussed within the TC (Stefan assessed all minutes documents from @@ -74,7 +75,7 @@ The minutes were ... [proposal answering the question](https://github.com/oasis-tcs/sarif-spec/issues/657#issuecomment-2475620829) both in the ticket * DONE * ACTION on Thanassis to provide info on justificationTypes from SBOM initiatives (research) - * ... + * ONGOING - Suggests to present next meeting ## 1.7 Identification of SARIF TC voting members (Co-Chair David) @@ -108,16 +109,17 @@ The minutes were ... ### 3.1.1 Related activities (OPENSSF, etc.) -... +None ### 3.1.2 Other Ecosystem Items -* ... +* David Malcolm: SARIF support in GCC now supports text and SARIF as report formats + in parallel (before the selection was mutual exclusive) ## 3.2 Review outcomes of subgroup discussions * No editor meeting and no new editor revision for this month -* ... +* No other subgroup discussions ## 3.3 Discuss the list of small non-breaking changes for SARIF v2.2 @@ -127,23 +129,62 @@ Working on actions to produce proposals. ### 3.3.2 Approval of changes -N/A +None ### 3.3.3 Additional discussion -* ... +* [Is any escaping of URIs within "3.11.6 Messages with embedded links" needed? #657](https://github.com/oasis-tcs/sarif-spec/issues/657) + * All discuss + * David Malcolm: GCC SARIF always produces messages in plain text format + * Aditya: Verified that the GitHub parser and browsers can deal with parentheses but + is in favor of adding some informative text suggesting to consider URL percent encoding + such characters + * Thanassis: confirms that unbalanced parentheses break the links +* [Question: How to represent results from deep in revision control history? #564](https://github.com/oasis-tcs/sarif-spec/issues/564) + * Stefan: Thinks this is a valid use case + * Aditya: Informs about the GitHub API to address blobs + * https://docs.github.com/en/rest/git/blobs?apiVersion=2022-11-28 + * Nathan: Suggests that maybe open ended version strings might help +* [UTF8 bytes count support as columnKind? #466](https://github.com/oasis-tcs/sarif-spec/issues/466) + * All discuss + * Proposal is to add other columnKinds (cf. ticket ) + * David Malcolm to propose a wording for the proposal (using bytes and maybe a unicode column number) +* [Suggestions for more threadFlowLocation "kinds" property values #530](https://github.com/oasis-tcs/sarif-spec/issues/530) + * All: remove the to be discussed as the design is already approved +* [location.id within a notification object #540](https://github.com/oasis-tcs/sarif-spec/issues/540) + * All discuss +* [Consider adding reportingDescriptor.uiLabel property #567](https://github.com/oasis-tcs/sarif-spec/issues/567) + * Aditya: Proposed to use a different element instead as noted in his [comment](https://github.com/oasis-tcs/sarif-spec/issues/567#issuecomment-2405513811) suggesting to close the issue +* [Clarify use (or extend design) of SARIF to express hierarchical diagnostics. #572](https://github.com/oasis-tcs/sarif-spec/issues/572) + * All discuss + * David Malcolm assumes there will still be some iterations before something can be proposed + * David Keaton explains two approaches of standardization, one where the standard goes first, then implementations follow + or alternatively the implementers go first (maybe each one differently) and then standardization tries to harmonize; + and he thinks this issues looks like the second strategy might match + * Stefan mentions JSON Path RFC as a very good and useful example for the second approach + * Nathan: This issue looks like a graph approach and although he has no use for that currently it may be useful + * All look forward to see examples from David Malcolms GCC extension + * David Malcolm shares (experimental quality): + * [Screenshot of text version of output](https://gcc.gnu.org/bugzilla/attachment.cgi?id=59580) + * [and a mockup](https://gcc.gnu.org/bugzilla/attachment.cgi?id=59598) + * [and a SARIF example](https://gcc.gnu.org/bugzilla/attachment.cgi?id=58852) + * [Consider adding bucketized 'justification' field for suppression object. #574](https://github.com/oasis-tcs/sarif-spec/issues/574) + * All discuss if the enumerations would be mutual exclusive and that the change would be non-breaking + * Stefan: Will provide a text + * Aditya: Here are the + [dismissal types GitHub currently provides in the UI](https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/resolving-code-scanning-alerts#dismissing-alerts) essentially 3 choices: Won't fix, FP, used in tests. ## 3.4 Review Roadmap [Future.md](https://github.com/oasis-tcs/sarif-spec/blob/main/Future.md) -... +Skipped ## 3.5 Discuss SARIF's relationship to other relevant standards -... +Skipped # 4. Other Business -... +None # 5. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end) @@ -151,17 +192,22 @@ N/A ## 5.2 Review of Decisions Reached (Secretary Stefan) -* DECISION to ... +* DECISION to meet on January, 9 in 2025 as next meeting after the December 2024 meeting ## 5.3 Review of Action Items (Secretary Stefan) * Ongoing ACTIONS (from former meetings): + * ACTION on David Malcolm to comment on #588 sketching a proposal for #line directives + * ACTION on David Malcolm to update issue #588 (support of diagrams in SARIF) * ACTION on Stefan to create an editor text for the proposal in [Suggestions for more threadFlowLocation "kinds" property values #530](https://github.com/oasis-tcs/sarif-spec/issues/530) * ACTION on Stefan to try to propose text in context for [Consider using the "relevant to understanding the result" wording also in notifications/relatedLocation #649](https://github.com/oasis-tcs/sarif-spec/issues/649) - * ACTION on ... -* ACTION on ... + * ACTION on Thanassis to provide info on justificationTypes from SBOM initiatives (research) +* ACTION on Aditya to provide an informal text to guide escaping of URIs +* ACTION on David to propose additional text on 3.14.27 columnKind property for issue [UTF8 bytes count support as columnKind? #466](https://github.com/oasis-tcs/sarif-spec/issues/466) +* ACTION on David to propose a text for issue [location.id within a notification object #540](https://github.com/oasis-tcs/sarif-spec/issues/540) +* ACTION on Stefan to provide a text for [Consider adding bucketized 'justification' field for suppression object. #574](https://github.com/oasis-tcs/sarif-spec/issues/574) # 7. Next Meeting @@ -171,4 +217,4 @@ N/A # 8. Adjournment -Meeting was ... +Meeting was adjourned.