diff --git a/docs/Producing effective SARIF.md b/docs/Producing effective SARIF.md
index a2c166f17..d87cf095a 100644
--- a/docs/Producing effective SARIF.md	
+++ b/docs/Producing effective SARIF.md	
@@ -371,10 +371,14 @@ In result messages, use the 'message.id' and 'message.arguments' properties rath
 
 #### Description
 
+Provide 'versionControlProvenance' to record which version of the code was analyzed, and to enable paths to be expressed relative to the root of the repository.
+
 #### Messages
 
 ##### `Default`: note
 
+This run does not provide 'versionControlProvenance'. As a result, it is not possible to determine which version of code was analyzed, nor to map relative paths to their locations within the repository.
+
 ---
 
 ### Rule `SARIF2004.OptimizeFileSize`
diff --git a/docs/Rule factoring.xlsx b/docs/Rule factoring.xlsx
index ae17dc8e0..911cb5d13 100644
Binary files a/docs/Rule factoring.xlsx and b/docs/Rule factoring.xlsx differ
diff --git a/src/Sarif.Multitool/Rules/RuleResources.Designer.cs b/src/Sarif.Multitool/Rules/RuleResources.Designer.cs
index 57d1f078c..8ecf66420 100644
--- a/src/Sarif.Multitool/Rules/RuleResources.Designer.cs
+++ b/src/Sarif.Multitool/Rules/RuleResources.Designer.cs
@@ -425,7 +425,7 @@ internal static string SARIF2002_ProvideMessageArguments_Warning_Default_Text {
         }
         
         /// <summary>
-        ///   Looks up a localized string similar to Placeholder_SARIF2003_ProvideVersionControlProvenance_FullDescription_Text.
+        ///   Looks up a localized string similar to Provide &apos;versionControlProvenance&apos; to record which version of the code was analyzed, and to enable paths to be expressed relative to the root of the repository..
         /// </summary>
         internal static string SARIF2003_ProvideVersionControlProvenance_FullDescription_Text {
             get {
@@ -434,7 +434,7 @@ internal static string SARIF2003_ProvideVersionControlProvenance_FullDescription
         }
         
         /// <summary>
-        ///   Looks up a localized string similar to {0}: Placeholder.
+        ///   Looks up a localized string similar to {0}: This run does not provide &apos;versionControlProvenance&apos;. As a result, it is not possible to determine which version of code was analyzed, nor to map relative paths to their locations within the repository..
         /// </summary>
         internal static string SARIF2003_ProvideVersionControlProvenance_Note_Default_Text {
             get {
diff --git a/src/Sarif.Multitool/Rules/RuleResources.resx b/src/Sarif.Multitool/Rules/RuleResources.resx
index 6f2e7d0d1..5b7e7fad1 100644
--- a/src/Sarif.Multitool/Rules/RuleResources.resx
+++ b/src/Sarif.Multitool/Rules/RuleResources.resx
@@ -280,10 +280,10 @@ Many tools follow a conventional format for the 'reportingDescriptor.id' propert
     <value>{0}: The 'message' property of this result contains a 'text' property. Consider replacing it with 'id' and 'arguments' properties. This potentially reduces the log file size, allows the message text to be improved without modifying the log file, and enables localization.</value>
   </data>
   <data name="SARIF2003_ProvideVersionControlProvenance_FullDescription_Text" xml:space="preserve">
-    <value>Placeholder_SARIF2003_ProvideVersionControlProvenance_FullDescription_Text</value>
+    <value>Provide 'versionControlProvenance' to record which version of the code was analyzed, and to enable paths to be expressed relative to the root of the repository.</value>
   </data>
   <data name="SARIF2003_ProvideVersionControlProvenance_Note_Default_Text" xml:space="preserve">
-    <value>{0}: Placeholder</value>
+    <value>{0}: This run does not provide 'versionControlProvenance'. As a result, it is not possible to determine which version of code was analyzed, nor to map relative paths to their locations within the repository.</value>
   </data>
   <data name="SARIF2004_OptimizeFileSize_Warning_EliminateIdOnlyRules_Text" xml:space="preserve">
     <value>Placeholder_SARIF2004_OptimizeFileSize_Warning_EliminateIdOnlyRules_Text</value>
diff --git a/src/Sarif.Multitool/Rules/SARIF2003.ProvideVersionControlProvenance.cs b/src/Sarif.Multitool/Rules/SARIF2003.ProvideVersionControlProvenance.cs
index c36838c84..1f8bc9ffc 100644
--- a/src/Sarif.Multitool/Rules/SARIF2003.ProvideVersionControlProvenance.cs
+++ b/src/Sarif.Multitool/Rules/SARIF2003.ProvideVersionControlProvenance.cs
@@ -13,7 +13,8 @@ public class ProvideVersionControlProvenance : SarifValidationSkimmerBase
         public override string Id => RuleId.ProvideVersionControlProvenance;
 
         /// <summary>
-        /// Placeholder
+        /// Provide 'versionControlProvenance' to record which version of the code was analyzed,
+        /// and to enable paths to be expressed relative to the root of the repository.
         /// </summary>
         public override MultiformatMessageString FullDescription => new MultiformatMessageString { Text = RuleResources.SARIF2003_ProvideVersionControlProvenance_FullDescription_Text };
 
@@ -27,7 +28,9 @@ protected override void Analyze(Run run, string runPointer)
         {
             if (run.VersionControlProvenance == null || run.VersionControlProvenance.Count == 0)
             {
-                // {0}: Placeholder
+                // {0}: This run does not provide 'versionControlProvenance'. As a result, it is
+                // not possible to determine which version of code was analyzed, nor to map
+                // relative paths to their locations within the repository.
                 LogResult(
                     runPointer,
                     nameof(RuleResources.SARIF2003_ProvideVersionControlProvenance_Note_Default_Text));
diff --git a/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2003.ProvideVersionControlProvenance_Invalid.sarif b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2003.ProvideVersionControlProvenance_Invalid.sarif
index 7a32c3e14..0361642c2 100644
--- a/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2003.ProvideVersionControlProvenance_Invalid.sarif
+++ b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2003.ProvideVersionControlProvenance_Invalid.sarif
@@ -11,14 +11,14 @@
               "id": "SARIF2003",
               "name": "ProvideVersionControlProvenance",
               "shortDescription": {
-                "text": "Placeholder_SARIF2003_ProvideVersionControlProvenance_FullDescription_Text."
+                "text": "Provide 'versionControlProvenance' to record which version of the code was analyzed, and to enable paths to be expressed relative to the root of the repository."
               },
               "fullDescription": {
-                "text": "Placeholder_SARIF2003_ProvideVersionControlProvenance_FullDescription_Text"
+                "text": "Provide 'versionControlProvenance' to record which version of the code was analyzed, and to enable paths to be expressed relative to the root of the repository."
               },
               "messageStrings": {
                 "Note_Default": {
-                  "text": "{0}: Placeholder"
+                  "text": "{0}: This run does not provide 'versionControlProvenance'. As a result, it is not possible to determine which version of code was analyzed, nor to map relative paths to their locations within the repository."
                 }
               },
               "helpUri": "http://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html"