Comprehensive proposal documents for each standards body and
framework integration submission:

- LFAI-PROPOSAL.md — LF AI & Data Foundation Sandbox (PR microsoft#102)
- COSAI-WS4-PROPOSAL.md — CoSAI/OASIS WS4 RFC (Issue microsoft#42)
- OWASP-ASI-PROPOSAL.md — OWASP ASI code samples (PR microsoft#2)
- MAF-INTEGRATION-PROPOSAL.md — Microsoft Agent Framework (Issue #4440)
- GOOGLE-ADK-PROPOSAL.md — Google ADK GovernancePlugin (Issue #4543)
- OPENLIT-INTEGRATION-PROPOSAL.md — OpenLit instrumentation (PR microsoft#1037)

Co-authored-by: Copilot <[email protected]>

…ing, dependency pinning (microsoft#102)

- Fix py/incomplete-url-substring-sanitization (2 alerts): Use urlparse for
  proper domain validation instead of substring check in test assertions
- Fix py/clear-text-logging-sensitive-data (10 alerts): Replace _redact()
  with hash-based redaction using SHA-256 digests to break taint chain while
  preserving correlation capability across 4 example files
- Fix PinnedDependenciesID in CI workflows (8 alerts): Pin ruff, pytest,
  pytest-asyncio, safety, build, pyyaml to version ranges in ci.yml,
  publish.yml, and policy-validation.yml
- Fix PinnedDependenciesID in Dockerfiles (20+ alerts): Add upper-bound
  version constraints to all requirements.txt files used by Dockerfiles
- Fix PinnedDependenciesID in shell scripts (4 alerts): Pin package versions
  in quickstart.sh, build_and_publish.sh, gh-agent-os, run-demo.sh

32 files changed, 47 alerts addressed.

Co-authored-by: Copilot <[email protected]>