Meeting 2024-04-04 minutes

meeting_minutes/240404_SARIF_TC_86.md

@@ -0,0 +1,163 @@
+# 1. Opening Activities
+
+## 1.1 Opening comments (Co-Chair David)
+
+## 1.2 Introduction of participants/roll call (Co-Chair David)
+
+Quorum requires participation of five or more of the nine voting members (including the officers).
+
+| First Name | Last Name | Company                 | Role(s)                 | Present |
+|:-----------|:----------|:------------------------|:------------------------|:--------|
+| Adar       | Weidman   | JFrog                   | Member                  | Yes     |
+| Aditya     | Sharad    | Microsoft               | Voting Member           | Yes     |
+| Alexandre  | Dulaunoy  | CIRCL                   | Member                  | No      |
+| Andras     | Iklody    | CIRCL                   | Member                  | No      |
+| Charles    | Wilson    | Motional AD             | Voting Member           | Yes     |
+| Chris      | Meyer     | Microsoft               | Member                  | No      |
+| David      | Keaton    | Individual              | Co-Chair                | Yes     |
+| David      | Malcolm   | Red Hat                 | Voting Member           | Yes     |
+| Duncan     | Sparrell  | sFractal Consulting LLC | Member                  | No      |
+| Eddy       | Nakamura  | Microsoft               | Member                  | No      |
+| Jeff       | Williams  | Contrast Security       | Member                  | No      |
+| Kevin      | Greene    | Mitre Corporation       | Member                  | No      |
+| Lori       | Lorusso   | JFrog                   | Observer                | No      |
+| Luke       | Cartey    | Microsoft               | Co-Chair                | No      |
+| Mary       | Martin    | Microsoft               | Member                  | No      |
+| Michael    | Fanning   | Microsoft               | Member                  | No      |
+| Nathan     | Baird     | Microsoft               | Voting Member           | No      |
+| Paul       | Brookes   | Microsoft               | Member                  | No      |
+| Paul       | Seay      | Northrop Grumman,       | Member                  | No      |
+| Ross       | Wollman   | Microsoft               | Member                  | No      |
+| Stacy      | Wray      | Microsoft               | Voting Member           | Yes     |
+| Stefan     | Hagen     | Individual              | Secretary, scribe       | Yes     |
+| Stephen    | Chin      | JFrog                   | Member                  | No      |
+| Thanassis  | Avgerinos | ForAllSecure Inc        | Voting Member           | Yes     |
+| Tim        | Hudson    | Cryptsoft Pty Ltd.      | Member                  | No      |
+| Vadim      | Okun      | NIST                    | Observer                | No      |
+
+Seven of the nine voting members present - quorum reached.
+
+## 1.3 Procedures for this meeting (Co-Chair David)
+
+## 1.4 Approval of agenda (Co-Chair David)
+
+* [Agenda for April 4, 2024](https://www.oasis-open.org/committees/download.php/71757/)
+
+The agenda was approved.
+
+## 1.5 Approval of previous minutes (Co-Chair David)
+
+* [Minutes of 2024-03-07 Meeting #85](https://www.oasis-open.org/committees/download.php/71733/)
+
+The minutes were approved.
+
+## 1.6 Review of action items and resolutions (Secretary Stefan)
+
+* ACTION on Aditya to organize label renovation
+  * DONE
+* ACTION on Charles to start the list of links to SARIF-related activities on the TC repo wiki
+  * DONE
+* ACTION on Michael to triage old issues
+  * Stefan to take over
+* ACTION on Nathan to add content to the future.md file https://github.com/oasis-tcs/sarif-spec/pull/626
+  * ONGOING
+
+## 1.7 Identification of SARIF TC voting members (Co-Chair David)
+
+### 1.7.1 Prospective voting members attending their first meeting
+
+### 1.7.2 Members attaining voting rights at the end of this meeting
+
+* Adar Weidman
+
+### 1.7.3 Members losing voting rights if they have not joined this meeting by the time it ends
+
+### 1.7.4 Members who previously lost voting rights who are attending this meeting
+
+### 1.7.5 Members who have declared a leave of absence
+
+# 2. Future Meetings
+
+## 2.1 Future meeting schedule (Co-Chair David)
+
+- Scheduled Teleconference (Thursday at 08:00 PT / 15:00 UTC for 1.5 hours)
+    ```
+    May 2, 2024
+    ```
+- Proposed Teleconference (Thursday at 08:00 PT / 15:00 UTC for 1.5 hours)
+    ```
+    June 6, 2024
+    ```
+
+# 3. Discussion
+
+## 3.1 Outreach
+
+### 3.1.1 Official SARIF logo?
+
+* All discuss who might be willing to design a logo?
+* David Malcolm offers to make some inquiries inside Red Hat
+* David Malcolm asks on who to ask for changes on sarif.io website?
+
+## 3.2 Review current state of ecosystem ongoing work
+
+### 3.2.1 Related activities (OPENSSF, etc.)
+
+* None
+
+### 3.2.2 Other Ecosystem Items
+
+* None
+
+## 3.3 Review outcomes of subgroup discussions
+
+* No editor meeting since previous meeting
+* Stefan expresses the wish to create pull requests with the existing issues containing proposals together with Stacy
+* All welcome to do that and then discuss within agenda item 3.4
+
+## 3.4 Discuss the list of small non-breaking changes for SARIF v2.2
+
+* Aditya reports on progress on precision addition
+* Stefan suggests to also use an email label on issues that should be notified to the mailing list for TC wide reach
+
+## 3.5 Review Roadmap [Future.md](https://github.com/oasis-tcs/sarif-spec/blob/main/Future.md)
+
+* [Small initial addition of Observability analysis for field compatibility #626](https://github.com/oasis-tcs/sarif-spec/pull/626)
+  * No objection to merging - David Keaton will merge after the meeting
+
+## 3.6 Discuss SARIF's relationship to other relevant standards
+
+* Charles: Mentions some threat model related standard possibly relevant and will provide information
+
+# 4. Other Business
+
+* Acronym meaning changes postponed to version 3 discussion (#603 on GitHub)
+
+# 5. Resolutions and Decisions reached (by 10 minutes prior to scheduled meeting end)
+
+## 5.1 End debate of other issues by 10 minutes prior to scheduled meeting end and follow the agenda from this point (Co-Chair David)
+
+## 5.2 Review of Decisions Reached (Co-Chair David)
+
+* DECISION to next meet after May on June, 6
+
+## 5.3 Review of Action Items (Co-Chair David)
+
+* Ongoing ACTIONS (from former meetings):
+  * ACTION on Stefan to triage old issues
+* ACTION on Stacy to inquire on providing a logo from within their organization 
+  * DONE
+    * Stacy: Michael will start a discussion within the MS graphics departments
+* ACTION on David Malcolm to inquire on providing a logo from within their organization 
+* ACTION on Charles to provide information on some threat model related standard possibly relevant to SARIF
+* ACTION on David Keaton to add an agenda item on acronym expansion of SARIF (#603 on GitHub)
+
+# 7. Next Meeting
+
+  ```
+  May 2, 2024 08:00-09:30 PT / 15:00-16:30 UTC
+  ```
+
+# 8. Adjournment
+
+Meeting was adjourned.