From ce1b55dc90e6ebacda24c634a777017edc56836c Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Tue, 29 Aug 2023 21:47:32 +0530
Subject: [PATCH 1/2] Ignore version-less purl when version range is missing

- Do not attempt to index version-less purl where vers range is missing

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 packagedb/api.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/packagedb/api.py b/packagedb/api.py
index b633b72d..120a2d4e 100644
--- a/packagedb/api.py
+++ b/packagedb/api.py
@@ -695,17 +695,21 @@ def get_resolved_purls(packages):
     for items in packages or []:
         purl = items.get('purl')
         vers = items.get('vers')
-        
+
         try:
             parsed_purl = PackageURL.from_string(purl)
         except ValueError:
-            unsupported_purls.add(purl)
+            unsupported_purls.add(purl) if purl else None
             continue
 
         if parsed_purl.version:
             unique_resolved_purls.add(purl)
             continue
 
+        if not vers:
+            unsupported_purls.add(purl)
+            continue
+
         if resolved:= resolve_versions(parsed_purl, vers):
             unique_resolved_purls.update(resolved)
         else:
@@ -720,6 +724,9 @@ def resolve_versions(parsed_purl, vers):
     Take version-less purl along with vers range and return
     list of all the purls satisfying the vers range.
     """
+    if not parsed_purl or not vers:
+        return
+
     try:
         version_range = VersionRange.from_string(vers)
     except ValueError:

From 839c6d9d98d47bdfffae11247bcb95787b7adfff Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Wed, 30 Aug 2023 00:13:40 +0530
Subject: [PATCH 2/2] Address review

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 packagedb/api.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/packagedb/api.py b/packagedb/api.py
index 120a2d4e..3a2aa981 100644
--- a/packagedb/api.py
+++ b/packagedb/api.py
@@ -696,10 +696,13 @@ def get_resolved_purls(packages):
         purl = items.get('purl')
         vers = items.get('vers')
 
+        if not purl:
+            continue
+
         try:
             parsed_purl = PackageURL.from_string(purl)
         except ValueError:
-            unsupported_purls.add(purl) if purl else None
+            unsupported_purls.add(purl)
             continue
 
         if parsed_purl.version: