Merge pull request #22 from package-url/migrate-vers

Migrate vers to its own repo

Author: pombredanne

…ub/workflows/generate-index-and-docs.yml .github/workflows/validate-docs.yml.github/workflows/generate-index-and-docs.yml renamed to .github/workflows/validate-docs.yml .github/workflows/generate-index-and-docs.yml renamed to .github/workflows/validate-docs.yml

@@ -3,7 +3,7 @@ name: Check and generate PURL Type Docs and Index
 on:
   push:
     paths:
-      - "types/*.json"
+      - "schemes/*.json"
       - "schemas/*.json"
       - "etc/"
     branches:
@@ -13,7 +13,7 @@ on:
 permissions: { }
 
 jobs:
-  generate-index-and-docs:
+  validate-docs:
     runs-on: ubuntu-latest
     permissions:
       content: write
@@ -33,13 +33,3 @@ jobs:
       - name: Validate code and data formats
         run: make check
 
-      - name: Generate index and docs
-        run: make gendocs
-
-      - name: Commit and push changes
-        run: |
-          git config --global user.name "github-actions[bot]"
-          git config --global user.email "github-actions[bot]@users.noreply.github.com"
-          git add types/ types-doc/
-          git commit -s -m "Generate updated PURL type documentation" || echo "No changes to commit"
-          git push

ADOPTERS.rst

@@ -3,24 +3,19 @@ Adopters
 
 (alphabetical order)
 
+- `Common Security Advisory Framework (CSAF)
+  <https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#31232-branches-type---name-under-product-version-range>`_:
+  A language to exchange Security Advisories.
 - `CycloneDX <https://github.com/CycloneDX>`_: A lightweight software
   bill-of-material (SBOM) specification
-- `GitHub Dependency Submission API <https://docs.github.com/en/rest/dependency-graph/dependency-submission>`_: allows third-party tools
-  to submit dependency data to GitHub for inclusion in a repository's dependency graph.
-- `OWASP Dependency-Track <https://www.owasp.org/index.php/OWASP_Dependency_Track_Project>`_:
-  Open source component analysis platform
-- `OSS Index <https://ossindex.sonatype.org>`_: A free catalog of Open Source
-  Components and scanning tools to help developers identify vulnerable components
-- `OSS Review Toolkit <https://oss-review-toolkit.org/>`_: A suite of tools to
-  assist with automating Open Source compliance checks.
-- `OSV Schema <https://ossf.github.io/osv-schema/>`_ and `OSV.dev <https://osv.dev>`_:
-  Open Source Vulnerability Schema and distributed vulnerability database
-- `ReversingLabs Spectra Assure <https://www.reversinglabs.com/products/software-supply-chain-security>`_:
-  Software supply chain security platform for the enterprise to detect threats and exposures
-- `Scancode Toolkit <https://github.com/nexB/scancode-toolkit>`_: Reports
-  `purl` from parsed package manifests using https://github.com/package-url/packageurl-python
-- `Sonatype Nexus Lifecycle <https://www.sonatype.com/product-nexus-lifecycle>`_:
-  Enterprise grade Open Source component management
-- `SPDX <https://spdx.dev>`_: A data exchange standard for human-readable and
-  machine-processable software bill-of-materials (SBOM)
+- `Scancode.io <https://github.com/aboutcode-org/scancode.io>`_: Collects
+  ``VERS`` from scanned and matched packages using https://github.com/aboutcode-org/univers
+- `Scancode Toolkit <https://github.com/aboutcode-org/scancode-toolkit>`_: Collects
+  ``VERS`` from parsed package manifests using https://github.com/aboutcode-org/univers
+- `univers <https://github.com/aboutcode-org/univers>`_: A Python implementation of VERS
+- `URI-PackageURL <https://github.com/giterlizzi/perl-URI-PackageURL/tree/master/lib/URI/VersionRange>`_:
+  A Perl implementation of PURL and VERS
+- `versatile <https://github.com/nscuro/versatile>`_: A Java implementation of VERS
+- `vers <https://github.com/andrew/vers/>`_: A Ruby implementation of VERS
+
 

Makefile

@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: MIT
 # Copyright (c) the purl authors
-# Visit https://github.com/package-url/purl-spec and https://packageurl.org for support
+# Visit https://github.com/package-url/vers-spec and https://packageurl.org for support
 
 PYTHON_EXE?=python3
 VENV_LOCATION=venv
@@ -39,7 +39,7 @@ formatcode:
 formatjson:
 	@echo "-> Format JSON files"
 	@${ACTIVATE} python etc/scripts/format_json.py schemas/
-	@${ACTIVATE} python etc/scripts/format_json.py types/
+	@${ACTIVATE} python etc/scripts/format_json.py schemes/
 	@${ACTIVATE} python etc/scripts/format_json.py tests/
 
 format: formatcode formatjson
@@ -49,9 +49,9 @@ checkjson:
 	@echo "-> Validate JSON schemas"
 	@${ACTIVATE} check-jsonschema --check-metaschema --verbose schemas/*.json
 	@echo "-> Validate JSON data files against the schemas"
-	@${ACTIVATE} check-jsonschema --schemafile schemas/purl-types-index.schema.json --verbose purl-types-index.json
-	@${ACTIVATE} check-jsonschema --schemafile schemas/purl-type-definition.schema.json --verbose types/*-definition.json
-	@${ACTIVATE} check-jsonschema --schemafile schemas/purl-test.schema.json --verbose tests/*/*-test.json
+	@${ACTIVATE} check-jsonschema --schemafile schemas/vers-schemes-index.schema.json --verbose vers-schemes-index.json
+	@${ACTIVATE} check-jsonschema --schemafile schemas/vers-scheme-definition.schema.json --verbose schemes/*-definition.json
+	@${ACTIVATE} check-jsonschema --schemafile schemas/vers-test.schema.json --verbose tests/*/*-test.json
 
 checkcode:
 	@echo "-> Run Ruff linter validation (pycodestyle, bandit, isort, and more)"
@@ -70,14 +70,14 @@ clean:
 gencode:
 	@echo "-> Generate Python code from schemas"
 	@${ACTIVATE} ${CODEGEN} \
-	    --input schemas/purl-types-index.schema.json \
-	    --output etc/scripts/purl_types_index.py
+	    --input schemas/vers-schemes-index.schema.json \
+	    --output etc/scripts/vers_schemes_index.py
 	@${ACTIVATE} ${CODEGEN} \
-	    --input schemas/purl-type-definition.schema.json \
-	    --output etc/scripts/purl_type_definition.py
+	    --input schemas/vers-scheme-definition.schema.json \
+	    --output etc/scripts/vers_scheme_definition.py
 	@${ACTIVATE} ${CODEGEN} \
-	    --input schemas/purl-test.schema.json \
-	    --output etc/scripts/purl_test.py
+	    --input schemas/vers-test.schema.json \
+	    --output etc/scripts/vers_test.py
 	@echo "-> Run Black format for generated code"
 	@${ACTIVATE} black -l 100 --preview --enable-unstable-feature string_processing etc/scripts/*.py