SARIF URI vs. external property file

[KalleOlaviNiemitalo]

[SARIF-v2.1.0-Errata01] §3.10.3 (URIs that use the sarif scheme) says:

The sarif URI scheme consists of only a scheme (with the value sarif) and a path component. The path component is interpreted as a JSON pointer [RFC6901] into the SARIF document containing the URI.

However, the term "SARIF document" is not defined. Does it mean the result of combining the SARIF log file with every referenced external property file, or does it mean only a single SARIF log file or external property file?

In other words:

• In a SARIF log file, can a SARIF URI reference an object that actually resides in an external property file, as if the SARIF producer had written it into the SARIF log file itself? I think the answer is yes.
• In an external property file, can a SARIF URI reference an object that resides in the same external property file, without regard to what is in the SARIF log file that references the external property file? I think the answer is no.

I was thinking that a SARIF producer could be distributed with an external property file in which the externalProperties object would have driver, extensions, and translations properties (§3.15.3) that describe the SARIF producer. However, if SARIF URIs in such an external property file are not resolved against the external property file itself, then it is not possible to reliably reference an element of the extensions property of the external property file, because the SARIF URI has to be written like sarif:/runs/0/tool/extensions/0 and then its meaning depends on whether there are extensions listed in the SARIF log file too.

I suppose the index property of the toolComponentReference object (§3.54.4) already has the same problem; if an external property file contains a toolComponentReference object that has an index property, then the SARIF consumer will resolve it against the SARIF log file, and it may not be possible to use the same external property file with multiple SARIF log files that list different numbers of extensions. So an external property file is apparently not a good format for a SARIF producer to publish its metadata in a static manner.