Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changes to toolComponent properties #336

Closed
michaelcfanning opened this issue Feb 27, 2019 · 3 comments
Closed

Changes to toolComponent properties #336

michaelcfanning opened this issue Feb 27, 2019 · 3 comments
Labels
2.1.0-CSD.1 Will be fixed in SARIF v2.1.0 CSD.1. e-ballot impact-non-breaking-change merged Changes merged into provisional draft. resolved-fixed sdk-code-complete

Comments

@michaelcfanning
Copy link
Contributor

michaelcfanning commented Feb 27, 2019
edited
Loading

EBALLOT PROPOSAL: add several descriptive strings to toolComponent that help describe it. This information may be displayed in context of a results management system (which, for example, might provide a brief description of a tool along with a current set of scan results).

API IMPACT:
In the tool object:

  • Add a organization property of type string: the company or organization that produced the tool
  • Add a product property of type string: a product suite to which the tool belongs,
  • Add a shortDescription property of type multiformatMessageString: a brief, multiformat description of the tool
  • Add a fullDescription property of type multiformatMessageString: a comprehensive multiformat description of the tool
  • Convert artifactIndex to an array of artifact locations named artifactIndices
@michaelcfanning michaelcfanning changed the title Add additional properties to toolComponent Add additional descriptive properties to toolComponent Feb 27, 2019
@oasis-tcs oasis-tcs deleted a comment from kupsch Feb 28, 2019
@michaelcfanning michaelcfanning changed the title Add additional descriptive properties to toolComponent Changes to toolComponent properties Mar 1, 2019
@michaelcfanning michaelcfanning mentioned this issue Mar 1, 2019
Closed
@harleenkohli harleenkohli mentioned this issue Mar 5, 2019
Merged
@kupsch
Copy link

kupsch commented Mar 7, 2019

In addition to the above, it would be useful to add the additional two properties

  • releaseDate timestamp of when the tool was released
  • toolUri URI for more information about the tool (vendors page), not just a download link

ghost pushed a commit that referenced this issue Mar 17, 2019
Change draft + merge for #179+#336: toolComponent
7e041bf
@ghost ghost added change-draft-available merged Changes merged into provisional draft. labels Mar 17, 2019
@ghost ghost self-assigned this Mar 17, 2019
@ghost
Copy link

ghost commented Mar 22, 2019
edited by ghost
Loading

E-BALLOT #3 PROPOSAL

The change draft for the combined issues #179 and #336 defines a toolComponent object with the following properties, as well as related changes to the tool object.

SCHEMA CHANGES

  • In the tool object:

    • Remove the never-used sarifLoggerVersion property.
    • Add a property driver of type toolComponent, required.
    • Add a property extensions of type toolComponent[], optional, minItems: 0, default: empty array
    • Move all other properties to the toolComponent object (name, fullName, version, semanticVersion, dottedQuadFileVersion, and downloadUri) to the toolComponent object (defined next).

  • Define a toolComponent object with the following properties:

    • All the properties moved from the tool object (name, fullName, version, semanticVersion, dottedQuadFileVersion, and downloadUri).
    • guid of type string.
    • releaseDateUtc of type string in date-time format -- the component's release date.
    • informationUri of type string in uri format, optional.
    • organization of type string, optional -- the company or organization that produced the component, e.g., "Example Corporation".
    • product of type string, optional -- the name of the product containing the component, e.g., "Example Corp SecurityScanner".
    • productSuite of type string, optional -- the name of the suite of products containing the component, e.g., "Example Corp Code Quality Tools".
    • shortDescription of type multiformatMessageString, optional -- a brief description of the component.
    • fullDescription of type multiformatMessageString, optional -- a comprehensive description of the component.
    • artifactIndices of type integer[], optional, default: empty array -- references to the files which comprise the component.

@ghost
Copy link

ghost commented Apr 6, 2019

Neglected to close after e-ballot-2. Appeared again and approved in e-ballot-3.

@ghost ghost closed this as completed Apr 6, 2019
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2.1.0-CSD.1 Will be fixed in SARIF v2.1.0 CSD.1. e-ballot impact-non-breaking-change merged Changes merged into provisional draft. resolved-fixed sdk-code-complete
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@michaelcfanning @kupsch