Skip to content

Sbom-tool generates cargo purl strings with extra "/" char #1050

New issue
New issue
Open
Open
Sbom-tool generates cargo purl strings with extra "/" char#1050
Labels
acceptedWe are working on this and hope to release it into the product
@henrylyons

Description

@henrylyons
henrylyons
opened on May 13, 2025

The sbom-tool generates cargo purl references with an extra "/", for crates pulled from the default repository (https://crates.io). Example: pkg:cargo//unicode-ident@1.0.18

This behavior does not repro for other package managers, such as NuGet. Also, the cargo purl strings do not conform to the purl specification: https://github.com/package-url/purl-spec/blob/main/PURL-TYPES.rst

Metadata

Metadata

Assignees

No one assigned

    Labels

    acceptedWe are working on this and hope to release it into the product

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions