You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a schema identifier to CSAF v2.1 (and later) data files with a MAY (to minimize backward incompatibility for strict CSAF v2.0 files which are not allowed to carry extra keys)
Ideally this should be simply something like SARIF does with a $schema key and a value of type URL. Example of such a SARIF file:
Thomas Schmidt proposed a motion, as detailed in this OASIS mailing list archive, to incorporate a schema identifier into CSAF v2.1 and subsequent data files, in line with the suggestion made in this GitHub issue. Thomas Schaffer seconded the motion. There were no discussions or objections raised, and consequently, the motion was automatically passed on November 1, 2023, at 20:00 UTC.
Proposal
Ideally this should be simply something like SARIF does with a
$schema
key and a value of type URL. Example of such a SARIF file:The canonical value will be the matching eternal schema URL hosted at docs.oasis-open.org
Rationale
Currently the consumer of CSAF files has to know what schema they relate to.
The text was updated successfully, but these errors were encountered: