[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: #390: URIs are not redactable
I created and pushed a revised change draft for
Issue #390, “Make certain invocation and versionControlDetails properties redactable”, based on feedback that allowing URIs to be redactable is a burden on SARIF consumers: As part of this revision, we now allow the
uri property of a top-level entry in originalUriBaseIds (which is required to be an absolute URI, and hence subject to security and determinism concerns) to be omitted. We also incorporate feedback from Jim Kupsch
that “nested artifact” URIs can’t be required to start with "/", and we incorporate his explanation of that point. Please take a look. We still plan to open the CSD 2 ballot on Monday. Thanks, Larry |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]