The draft-05 core and validation specifications were intended to be more clear and readable rewrites of draft-04, to give us a strong base for draft-06 changes. Implementors should not implement or advertise support for “draft-05”.
Implementations that supported “draft-05” by implementing proposals from right after the publication of draft-04 should either remove that support or give it a different name to avoid confusion.
Essentially, don't use draft-5, and you shouldn't even find an implementation that supports it.
We certinly don't want to add confusion over that by allowing a draft-5 URL.
"Also, is there any reason not to suggest that https links be used everywhere ($schema/$ref/id)? "
I'm a little confused by this. Could you maybe expand a little to make sure I'm not making any incorrect assumptions please?
Cheers
Ben
Hi Nathan,Please see our FAQ in the draft-6 release notes: http://json-schema.org/draft-06/json-schema-release-notes.html#q-what-happened-to-draft-05Q: What happened to draft-05?
The draft-05 core and validation specifications were intended to be more clear and readable rewrites of draft-04, to give us a strong base for draft-06 changes. Implementors should not implement or advertise support for “draft-05”.
Implementations that supported “draft-05” by implementing proposals from right after the publication of draft-04 should either remove that support or give it a different name to avoid confusion.
Essentially, don't use draft-5, and you shouldn't even find an implementation that supports it.
We certinly don't want to add confusion over that by allowing a draft-5 URL.
"Also, is there any reason not to suggest that https links be used everywhere ($schema/$ref/id)? "
I'm a little confused by this. Could you maybe expand a little to make sure I'm not making any incorrect assumptions please?
Cheers
Ben
On Wednesday, 30 October 2019 09:45:41 UTC, Nathan Herring wrote:For schemas using Draft-05, I expect that most will have a line like OpenAPI v3's "$schema" that expressly refers to http://json-schema.org/draft-04/schema#. Although they're equivalent schema with different validation IIUC, they cannot place a reference to https://json-schema.org/draft-05/schema# because that 404s. Is there a reason not to place a 303 redirect there?Also, is there any reason not to suggest that https links be used everywhere ($schema/$ref/id)?
--
You received this message because you are subscribed to the Google Groups "JSON Schema" group.
To unsubscribe from this group and stop receiving emails from it, send an email to json-schema...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/json-schema/78a68712-8535-4ed1-b5f5-3e9a316b0474%40googlegroups.com.
On Thu, Oct 31, 2019 at 10:18 AM Ben Hutton (@Relequestual) <b...@sanger.ac.uk> wrote:Hi Nathan,Please see our FAQ in the draft-6 release notes: http://json-schema.org/draft-06/json-schema-release-notes.html#q-what-happened-to-draft-05Q: What happened to draft-05?
The draft-05 core and validation specifications were intended to be more clear and readable rewrites of draft-04, to give us a strong base for draft-06 changes. Implementors should not implement or advertise support for “draft-05”.
Implementations that supported “draft-05” by implementing proposals from right after the publication of draft-04 should either remove that support or give it a different name to avoid confusion.
Essentially, don't use draft-5, and you shouldn't even find an implementation that supports it.
We certinly don't want to add confusion over that by allowing a draft-5 URL.
Makes sense. I can follow up with OpenAPI, since they specifically advertise they use Wright Draft 00 here.
On Thu, Oct 31, 2019 at 11:14 AM Nathan Herring <nher...@google.com> wrote:On Thu, Oct 31, 2019 at 10:18 AM Ben Hutton (@Relequestual) <b...@sanger.ac.uk> wrote:Hi Nathan,Please see our FAQ in the draft-6 release notes: http://json-schema.org/draft- 06/json-schema-release-notes. html#q-what-happened-to-draft- 05Q: What happened to draft-05?
The draft-05 core and validation specifications were intended to be more clear and readable rewrites of draft-04, to give us a strong base for draft-06 changes. Implementors should not implement or advertise support for “draft-05”.
Implementations that supported “draft-05” by implementing proposals from right after the publication of draft-04 should either remove that support or give it a different name to avoid confusion.
Essentially, don't use draft-5, and you shouldn't even find an implementation that supports it.
We certinly don't want to add confusion over that by allowing a draft-5 URL.
Makes sense. I can follow up with OpenAPI, since they specifically advertise they use Wright Draft 00 here.
"Also, is there any reason not to suggest that https links be used everywhere ($schema/$ref/id)? "
I'm a little confused by this. Could you maybe expand a little to make sure I'm not making any incorrect assumptions please?
This is about ensuring that parsers/validators chasing off-document links use TLS where available. None of the $schema entries I've found have used "https://json-schema/draft-04/ schema#" and at least the one validator I'm familiar with (https://github.com/java-json- tools/json-schema-validator) will chase links directly without an option to enforce TLS on all "http" scheme URIs. https://github.com/java- json-tools/json-schema-core/ blob/master/src/main/java/com/ github/fge/jsonschema/core/ load/download/ DefaultURIDownloader.java
Cheers
Ben
On Wednesday, 30 October 2019 09:45:41 UTC, Nathan Herring wrote:
For schemas using Draft-05, I expect that most will have a line like OpenAPI v3's "$schema" that expressly refers to http://json-schema.org/draft- 04/schema#. Although they're equivalent schema with different validation IIUC, they cannot place a reference to https://json-schema.org/ draft-05/schema# because that 404s. Is there a reason not to place a 303 redirect there?
Also, is there any reason not to suggest that https links be used everywhere ($schema/$ref/id)?