New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Modify from_string for golang purls #115
Conversation
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
51749fd
to
def9b4e
Compare
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks: some nits for you consideration!
src/packageurl/__init__.py
Outdated
@@ -518,7 +518,7 @@ def from_string(cls, purl: str) -> "PackageURL": | |||
# and the namespace in an npm purl is | |||
# different from others because it starts with `@` | |||
# so we need to handle this case separately | |||
if type == "npm" and path.startswith("@"): | |||
if type.lower() == "npm" and path.startswith("@"): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lower the type earlier only once, since this must be always lowered. Do it there https://github.com/package-url/packageurl-python/pull/115/files#diff-1ac2b399571df74798b2fbfab357ffa8cce45a332f1e69b6f1ccf86811d44ba6R502
src/packageurl/__init__.py
Outdated
@@ -530,7 +530,10 @@ def from_string(cls, purl: str) -> "PackageURL": | |||
ns_name_parts = ns_name.split("/") | |||
ns_name_parts = [seg for seg in ns_name_parts if seg and seg.strip()] | |||
name = "" | |||
if not namespace and len(ns_name_parts) > 1: | |||
if type.lower() == "golang": |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I really do not like these warts for each type: npm, now golang .... sigh ... eventually we will need to bubble these issue up in the spec. They have little impact since they do not change the purl, only how a purl is interpreted.... But for golang there is the issue of legacy that uses a subpath.
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Add migrations, documentation and warnings in CHANGELOG for the above changes. Create a branch for migrations in VCIO, scancode.io and PurlDB for the above changes in golang. |
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
* Revert changes from #115 Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com> * Add CHANGELOG Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com> * Bump version to 0.13.0 Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com> --------- Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
0.12.0 (2023-12-08) ------------------- - Modified `PackageURL.from_string` to properly handle golang purls. package-url/packageurl-python#115 - Improve support for PyPI URLs in `url2purl`. package-url/packageurl-python#128 - Return the "gem" type instead of "rubygems" for "https://rubygems.org/" URLs in `url2purl`. The `pkg:rubygems/` purls are backward-compatible in `purl2url`. package-url/packageurl-python#114 0.11.3 (2023-12-08) -------------------- - Add support for GitLab "/archive/" URLs in `url2purl`. package-url/packageurl-python#133
0.13.0 (2023-12-08) - Revert changes from package-url/packageurl-python#115
Golang packages does not have a definitive way to store namespace and name of a package. sometimes name can have two or more than two '/' separated components and same is also the case for namespace so for that reason we should totally drop namespaces for golang purls and store the whole purl name in name.