Add Runtime Support for Private Namespaces in the CDEvents SDKs

[dsanyika]

Currently, CDEvents SDKs do not support runtime addition of custom event schemas. The schemas are compiled into the SDK at build time, meaning organizations cannot dynamically extend CDEvents without modifying the SDK source code.

This issue is not limited to a single SDK as both the Rust and Go SDKs share this limitation.

To facilitate private namespace events, SDKs should allow users to register custom schemas dynamically at runtime, instead of relying solely on the CDEvents GitHub repository for event definitions.

Proposed Solution:

• Implement an API for event registration at runtime in the SDKs
• The API should allow users to provide a URI-based schema reference or load the JSON schema directly
• Adopt a STRICT definition for the base CDEvent structure to ensure custom events are compatible with CDEvents
• Ensure the solution is consistent across SDKs (Go, Rust, Java, Python, etc.)
• Maintain schema validation compatibility with the official CDEvents specification

Use Cases:

1. A company wants to introduce internal event types (e.g., com.example.ourSubject.internalPredicate.0.0.1) without modifying CDEvents SDKs.
2. A team experiments with adjust schemas of new CDEventsX events and wants immediate SDK support without waiting for the next SDK release.
3. A SDLC tool vendor needs to override a CDEvent definition to add internal metadata not appropriate customData.
4. An open source supply chain security tool wants to emit event types not yet supported in the standard CDEvent types

Impact:

• Enhances CDEvents adoption by supporting custom and experimental events without modifying SDK source code.
• Improves developer experience, making CDEvents more extensible.