You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Turns out our `PURLToPackage` function was returning incorrect results
for ecosystems that contain a namespace like golang, the returned result
was simply missing the full namespace (github.com/author/...). When
adding the namespace, there's also some exceptions with some ecosystems
(e.g. Maven uses `:`, debian and alpine repeats their name in their
namespace, etc).
This also moves the `PURLToPackage` to the `models` package instead of
`osvscanner`, deprecating the existing one in `osvscanner` because:
- Makes more sense, it actually has nothing to do with the scanner
itself, but is converting between PURLs and a structure under `model`.
- Prevents cyclic imports when used elsewhere (in the offline scanning
PR, and in the upcoming PURL parsing PR that I'm currently working on)
Also added additional tests to clarify behavior and prevent regressions
in the future.
0 commit comments