diff --git a/.github/workflows/generate-index-and-docs.yml b/.github/workflows/validate-docs.yml similarity index 57% rename from .github/workflows/generate-index-and-docs.yml rename to .github/workflows/validate-docs.yml index f6937aa..7999c34 100644 --- a/.github/workflows/generate-index-and-docs.yml +++ b/.github/workflows/validate-docs.yml @@ -3,7 +3,7 @@ name: Check and generate PURL Type Docs and Index on: push: paths: - - "types/*.json" + - "schemes/*.json" - "schemas/*.json" - "etc/" branches: @@ -13,7 +13,7 @@ on: permissions: { } jobs: - generate-index-and-docs: + validate-docs: runs-on: ubuntu-latest permissions: content: write @@ -33,13 +33,3 @@ jobs: - name: Validate code and data formats run: make check - - name: Generate index and docs - run: make gendocs - - - name: Commit and push changes - run: | - git config --global user.name "github-actions[bot]" - git config --global user.email "github-actions[bot]@users.noreply.github.com" - git add types/ types-doc/ - git commit -s -m "Generate updated PURL type documentation" || echo "No changes to commit" - git push diff --git a/ADOPTERS.rst b/ADOPTERS.rst index b95f79e..667c36a 100644 --- a/ADOPTERS.rst +++ b/ADOPTERS.rst @@ -3,24 +3,19 @@ Adopters (alphabetical order) +- `Common Security Advisory Framework (CSAF) + `_: + A language to exchange Security Advisories. - `CycloneDX `_: A lightweight software bill-of-material (SBOM) specification -- `GitHub Dependency Submission API `_: allows third-party tools - to submit dependency data to GitHub for inclusion in a repository's dependency graph. -- `OWASP Dependency-Track `_: - Open source component analysis platform -- `OSS Index `_: A free catalog of Open Source - Components and scanning tools to help developers identify vulnerable components -- `OSS Review Toolkit `_: A suite of tools to - assist with automating Open Source compliance checks. -- `OSV Schema `_ and `OSV.dev `_: - Open Source Vulnerability Schema and distributed vulnerability database -- `ReversingLabs Spectra Assure `_: - Software supply chain security platform for the enterprise to detect threats and exposures -- `Scancode Toolkit `_: Reports - `purl` from parsed package manifests using https://github.com/package-url/packageurl-python -- `Sonatype Nexus Lifecycle `_: - Enterprise grade Open Source component management -- `SPDX `_: A data exchange standard for human-readable and - machine-processable software bill-of-materials (SBOM) +- `Scancode.io `_: Collects + ``VERS`` from scanned and matched packages using https://github.com/aboutcode-org/univers +- `Scancode Toolkit `_: Collects + ``VERS`` from parsed package manifests using https://github.com/aboutcode-org/univers +- `univers `_: A Python implementation of VERS +- `URI-PackageURL `_: + A Perl implementation of PURL and VERS +- `versatile `_: A Java implementation of VERS +- `vers `_: A Ruby implementation of VERS + diff --git a/Makefile b/Makefile index 0290b52..f54c065 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # SPDX-License-Identifier: MIT # Copyright (c) the purl authors -# Visit https://github.com/package-url/purl-spec and https://packageurl.org for support +# Visit https://github.com/package-url/vers-spec and https://packageurl.org for support PYTHON_EXE?=python3 VENV_LOCATION=venv @@ -39,7 +39,7 @@ formatcode: formatjson: @echo "-> Format JSON files" @${ACTIVATE} python etc/scripts/format_json.py schemas/ - @${ACTIVATE} python etc/scripts/format_json.py types/ + @${ACTIVATE} python etc/scripts/format_json.py schemes/ @${ACTIVATE} python etc/scripts/format_json.py tests/ format: formatcode formatjson @@ -49,9 +49,9 @@ checkjson: @echo "-> Validate JSON schemas" @${ACTIVATE} check-jsonschema --check-metaschema --verbose schemas/*.json @echo "-> Validate JSON data files against the schemas" - @${ACTIVATE} check-jsonschema --schemafile schemas/purl-types-index.schema.json --verbose purl-types-index.json - @${ACTIVATE} check-jsonschema --schemafile schemas/purl-type-definition.schema.json --verbose types/*-definition.json - @${ACTIVATE} check-jsonschema --schemafile schemas/purl-test.schema.json --verbose tests/*/*-test.json + @${ACTIVATE} check-jsonschema --schemafile schemas/vers-schemes-index.schema.json --verbose vers-schemes-index.json + @${ACTIVATE} check-jsonschema --schemafile schemas/vers-scheme-definition.schema.json --verbose schemes/*-definition.json + @${ACTIVATE} check-jsonschema --schemafile schemas/vers-test.schema.json --verbose tests/*/*-test.json checkcode: @echo "-> Run Ruff linter validation (pycodestyle, bandit, isort, and more)" @@ -70,14 +70,14 @@ clean: gencode: @echo "-> Generate Python code from schemas" @${ACTIVATE} ${CODEGEN} \ - --input schemas/purl-types-index.schema.json \ - --output etc/scripts/purl_types_index.py + --input schemas/vers-schemes-index.schema.json \ + --output etc/scripts/vers_schemes_index.py @${ACTIVATE} ${CODEGEN} \ - --input schemas/purl-type-definition.schema.json \ - --output etc/scripts/purl_type_definition.py + --input schemas/vers-scheme-definition.schema.json \ + --output etc/scripts/vers_scheme_definition.py @${ACTIVATE} ${CODEGEN} \ - --input schemas/purl-test.schema.json \ - --output etc/scripts/purl_test.py + --input schemas/vers-test.schema.json \ + --output etc/scripts/vers_test.py @echo "-> Run Black format for generated code" @${ACTIVATE} black -l 100 --preview --enable-unstable-feature string_processing etc/scripts/*.py diff --git a/PURL-SPECIFICATION.rst b/PURL-SPECIFICATION.rst deleted file mode 100644 index e7bb0c9..0000000 --- a/PURL-SPECIFICATION.rst +++ /dev/null @@ -1,559 +0,0 @@ -Package URL specification v1.0.X -================================ - -The Package URL core specification defines a versioned and formalized format, -syntax, and rules used to represent and validate ``purl``. - -A ``purl`` or package URL is an attempt to standardize existing approaches to -reliably identify and locate software packages. - -A ``purl`` is a URL string used to identify and locate a software package in a -mostly universal and uniform way across programming languages, package managers, -packaging conventions, tools, APIs and databases. - -Such a package URL is useful to reliably reference the same software package -using a simple and expressive syntax and conventions based on familiar URLs. - -See ``_ for registered type definitions. - -Check also this short ``purl`` presentation (with video) at FOSDEM 2018 -https://fosdem.org/2018/schedule/event/purl/ for an overview. - - -``purl`` stands for **package URL**. - -A ``purl`` is a URL composed of seven components:: - - scheme:type/namespace/name@version?qualifiers#subpath - -Components are separated by a specific character for unambiguous parsing. - -The definition for each components is: - -- **scheme**: this is the URL scheme with the constant value of "pkg". One of - the primary reason for this single scheme is to facilitate the future official - registration of the "pkg" scheme for package URLs. Required. -- **type**: the package "type" or package "protocol" such as maven, npm, nuget, - gem, pypi, etc. Required. -- **namespace**: some name prefix such as a Maven groupid, a Docker image owner, - a GitHub user or organization. Optional and type-specific. -- **name**: the name of the package. Required. -- **version**: the version of the package. Optional. -- **qualifiers**: extra qualifying data for a package such as an OS, - architecture, a distro, etc. Optional and type-specific. -- **subpath**: extra subpath within a package, relative to the package root. - Optional. - - -Components are designed such that they form a hierarchy from the most significant -on the left to the least significant components on the right. - - -A ``purl`` must NOT contain a URL Authority i.e. there is no support for -``username``, ``password``, ``host`` and ``port`` components. A ``namespace`` segment may -sometimes look like a ``host`` but its interpretation is specific to a ``type``. - - -Some ``purl`` examples -~~~~~~~~~~~~~~~~~~~~~~ - -:: - - pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c - pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie - pkg:gem/ruby-advisory-db-check@0.12.4 - pkg:github/package-url/purl-spec@244fd47e07d1004f0aed9c - pkg:golang/google.golang.org/genproto#googleapis/api/annotations - pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?packaging=sources - pkg:npm/foobar@12.3.1 - pkg:nuget/EnterpriseLibrary.Common@6.0.1304 - pkg:pypi/django@1.11.1 - pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25 - - -A ``purl`` is a URL -~~~~~~~~~~~~~~~~~~~ - -- A ``purl`` is a valid URL and URI that conforms to the URL definitions or - specifications at: - - - https://tools.ietf.org/html/rfc3986 - - https://en.wikipedia.org/wiki/URL#Syntax - - https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Syntax - - https://url.spec.whatwg.org/ - -- This is a valid URL because it is a locator even though it has no Authority - URL component: each ``type`` has a default repository location when defined. - -- The ``purl`` components are mapped to these URL components: - - - ``purl`` ``scheme``: this is a URL ``scheme`` with a constant value: ``pkg`` - - ``purl`` ``type``, ``namespace``, ``name`` and ``version`` components: these are - collectively mapped to a URL ``path`` - - ``purl`` ``qualifiers``: this maps to a URL ``query`` - - ``purl`` ``subpath``: this is a URL ``fragment`` - - In a ``purl`` there is no support for a URL Authority (e.g. NO - ``username``, ``password``, ``host`` and ``port`` components). - -- Special URL schemes as defined in https://url.spec.whatwg.org/ such as - ``file://``, ``https://``, ``http://`` and ``ftp://`` are NOT valid ``purl`` types. - They are valid URL or URI schemes but they are not ``purl``. - They may be used to reference URLs in separate attributes outside of a ``purl`` - or in a ``purl`` qualifier. - -- Version control system (VCS) URLs such ``git://``, ``svn://``, ``hg://`` or as - defined in Python pip or SPDX download locations are NOT valid ``purl`` types. - They are valid URL or URI schemes but they are not ``purl``. - They are a closely related, compact and uniform way to reference VCS URLs. - They may be used as references in separate attributes outside of a ``purl`` or - in a ``purl`` qualifier. - - -Rules for each ``purl`` component -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -A ``purl`` string is an ASCII URL string composed of seven components. - -Except as expressly stated otherwise in this section, each component: - -- MAY be composed of any of the characters defined in the "`Permitted characters`_" section -- MUST be encoded as defined in the "`Character encoding`_" section - -The "lowercase" rules are defined in the "`Case folding`_" section. - -The rules for each component are: - -- **scheme**: - - - The ``scheme`` is a constant with the value "pkg". - - The ``scheme`` MUST be followed by an unencoded colon ':'. - - ``purl`` parsers MUST accept URLs where the ``scheme`` and colon ':' are - followed by one or more slash '/' characters, such as 'pkg://', and MUST - ignore and remove all such '/' characters. - - -- **type**: - - - The package ``type`` MUST be composed only of ASCII letters and numbers, - period '.', and dash '-'. - - The ``type`` MUST start with an ASCII letter. - - The ``type`` MUST NOT be percent-encoded. - - The ``type`` is case insensitive. The canonical form is lowercase. - - -- **namespace**: - - - The ``namespace`` is optional, unless required by the package's ``type`` definition. - - If present, the ``namespace`` MAY contain one or more segments, separated - by a single unencoded slash '/' character. - - All leading and trailing slashes '/' are not significant and SHOULD be - stripped in the canonical form. They are not part of the ``namespace``. - - Each ``namespace`` segment MUST be a percent-encoded string. - - When percent-decoded, a segment: - - - MUST NOT contain any slash '/' characters - - MUST NOT be empty - - MAY contain any Unicode character other than '/' unless the package's - ``type`` definition provides otherwise. - - - A URL host or Authority MUST NOT be used as a ``namespace``. Use instead a - ``repository_url`` qualifier. Note however that for some types, the - ``namespace`` may look like a host. - - -- **name**: - - - The ``name`` is prefixed by a single slash '/' separator when the - ``namespace`` is not empty. - - All leading and trailing slashes '/' are not significant and SHOULD be - stripped in the canonical form. They are not part of the ``name``. - - A ``name`` MUST be a percent-encoded string. - - When percent-decoded, a ``name`` MAY contain any Unicode character unless - the package's ``type`` definition provides otherwise. - - -- **version**: - - - The ``version`` is prefixed by a '@' separator when not empty. - - This '@' is not part of the ``version``. - - A ``version`` MUST be a percent-encoded string. - - When percent-decoded, a ``version`` MAY contain any Unicode character unless - the package's ``type`` definition provides otherwise. - - A ``version`` is a plain and opaque string. - - -- **qualifiers**: - - - The ``qualifiers`` component MUST be prefixed by an unencoded question - mark '?' separator when not empty. This '?' separator is not part of the - ``qualifiers`` component. - - The ``qualifiers`` component is composed of one or more ``key=value`` - pairs. Multiple ``key=value`` pairs MUST be separated by an - unencoded ampersand '&'. This '&' separator is not part of an - individual ``qualifier``. - - - A ``key`` and ``value`` MUST be separated by the unencoded equal sign '=' - character. This '=' separator is not part of the ``key`` or ``value``. - - A ``value`` MUST NOT be an empty string: a ``key=value`` pair with an - empty ``value`` is the same as if no ``key=value`` pair exists for this - ``key``. - - - For each ``key=value`` pair: - - - The ``key`` MUST be composed only of lowercase ASCII letters and numbers, - period '.', dash '-' and underscore '_'. - - A ``key`` MUST start with an ASCII letter. - - A ``key`` MUST NOT be percent-encoded. - - Each ``key`` MUST be unique among all the keys of the ``qualifiers`` - component. - - A ``value`` MAY contain any Unicode character and all characters MUST be - encoded as described in the "Character encoding" section. - - -- **subpath**: - - - The ``subpath`` string is prefixed by a '#' separator when not empty - - This '#' is not part of the ``subpath`` - - The ``subpath`` contains zero or more segments, separated by slash '/' - - Leading and trailing slashes '/' are not significant and SHOULD be stripped - in the canonical form - - Each ``subpath`` segment MUST be a percent-encoded string - - When percent-decoded, a segment: - - - MUST NOT contain any slash '/' characters - - MUST NOT be empty - - MUST NOT be any of '..' or '.' - - MAY contain any Unicode character other than '/' unless the package's - ``type`` definition provides otherwise. - - - The ``subpath`` MUST be interpreted as relative to the root of the package - - -Permitted characters -~~~~~~~~~~~~~~~~~~~~ - -A canonical ``purl`` is composed of these permitted ASCII characters: - -- the Alphanumeric Characters: ``A to Z``, ``a to z``, ``0 to 9``, -- the Punctuation Characters: ``.-_~`` (period '.', - dash '-', underscore '_' and tilde '~'), -- the Percent Character: ``%`` (percent sign '%'), and -- the Separator Characters ``:/@?=&#`` (colon ':', slash '/', at sign '@', - question mark '?', equal sign '=', ampersand '&' and pound sign '#'). - - -``purl`` separators -~~~~~~~~~~~~~~~~~~~ - -This is how each of the Separator Characters is used: - -- ':' (colon) is the separator between ``scheme`` and ``type`` -- '/' (slash) is the separator between ``type``, ``namespace`` and ``name`` -- '/' (slash) is the separator between ``subpath`` segments -- '@' (at sign) is the separator between ``name`` and ``version`` -- '?' (question mark) is the separator before ``qualifiers`` -- '=' (equals) is the separator between a ``key`` and a ``value`` of a - ``qualifier`` -- '&' (ampersand) is the separator between ``qualifiers`` (each being a - ``key=value`` pair) -- '#' (number sign) is the separator before ``subpath`` - - -Character encoding -~~~~~~~~~~~~~~~~~~ - -- In the "Rules for each ``purl`` component" section, each component - defines when and how to apply percent-encoding and decoding to its content. -- When percent-encoding is required by a component definition, the component - string MUST first be encoded as UTF-8. -- In the component string, each "data octet" MUST be replaced by the - percent-encoded "character triplet" applying the percent-encoding mechanism - defined in RFC 3986 section 2.1 (https://datatracker.ietf.org/doc/html/rfc3986#section-2.1), - including the RFC definition of "data octet" and "character triplet", - and using these definitions for RFC's "allowed set" and "delimiters": - - - "allowed set" is composed of the Alphanumeric Characters and the - Punctuation Characters - - "delimiters" is composed of the Separator Characters - -- The following characters MUST NOT be percent-encoded: - - - the Alphanumeric Characters, - - the Punctuation Characters, - - the Separator Characters when being used as ``purl`` separators, - - the colon ':', whether used as a Separator Character or otherwise, and - - the percent sign '%' when used to represent a percent-encoded character. - -- Where the space ' ' is permitted, it MUST be percent-encoded as '%20'. -- With the exception of the percent-encoding mechanism, the rules regarding - percent-encoding are defined by this specification alone. - -Case folding -~~~~~~~~~~~~ - -References to "lowercase" in this specification refer to the **culture-invariant** -full case mapping defined in -`Section 3.13.2 of the Unicode Standard `_. - -When applied to the ASCII character set, this operation converts uppercase -Latin letters (``A to Z``) to their corresponding lowercase forms (``a to z``). -All other ASCII characters remain unchanged. - -How to build ``purl`` string from its components -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Building a ``purl`` ASCII string works from left to right, from ``type`` to -``subpath``. - -Note: some extra type-specific normalizations are required. -See the "Registered types section" for details. - -To build a ``purl`` string from its components: - - -- Start a ``purl`` string with the "pkg:" ``scheme`` as a lowercase ASCII string - -- Append the ``type`` string to the ``purl`` as an unencoded lowercase ASCII string - - - Append '/' to the ``purl`` - -- If the ``namespace`` is not empty: - - - Strip the ``namespace`` from leading and trailing '/' - - Split on '/' as segments - - Apply type-specific normalization to each segment if needed - - UTF-8-encode each segment if needed in your programming language - - Percent-encode each segment - - Join the segments with '/' - - Append this to the ``purl`` - - Append '/' to the ``purl`` - - Strip the ``name`` from leading and trailing '/' - - Apply type-specific normalization to the ``name`` if needed - - UTF-8-encode the ``name`` if needed in your programming language - - Append the percent-encoded ``name`` to the ``purl`` - -- If the ``namespace`` is empty: - - - Apply type-specific normalization to the ``name`` if needed - - UTF-8-encode the ``name`` if needed in your programming language - - Append the percent-encoded ``name`` to the ``purl`` - -- If the ``version`` is not empty: - - - Append '@' to the ``purl`` - - UTF-8-encode the ``version`` if needed in your programming language - - Append the percent-encoded version to the ``purl`` - -- If the ``qualifiers`` are not empty and not composed only of key/value pairs - where the ``value`` is empty: - - - Append '?' to the ``purl`` - - Build a list from all key/value pair: - - - Discard any pair where the ``value`` is empty. - - UTF-8-encode each ``value`` if needed in your programming language - - If the ``key`` is ``checksum`` and this is a list of checksums join this - list with a ',' to create this qualifier ``value`` - - Create a string by joining the lowercased ``key``, the equal '=' sign and - the percent-encoded ``value`` to create a qualifier - - - Sort this list of qualifier strings lexicographically - - Join this list of qualifier strings with a '&' ampersand - - Append this string to the ``purl`` - -- If the ``subpath`` is not empty and not composed only of empty, '.' and '..' - segments: - - - Append '#' to the ``purl`` - - Strip the ``subpath`` from leading and trailing '/' - - Split this on '/' as segments - - Discard empty, '.' and '..' segments - - Percent-encode each segment - - UTF-8-encode each segment if needed in your programming language - - Join the segments with '/' - - Append this to the ``purl`` - - -How to parse a ``purl`` string in its components -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Parsing a ``purl`` ASCII string into its components works from right to left, -from ``subpath`` to ``type``. - -Note: some extra type-specific normalizations are required. -See the "Registered types section" for details. - -To parse a ``purl`` string in its components: - -- Split the ``purl`` string once from right on '#' - - - The left side is the ``remainder`` - - Strip the right side from leading and trailing '/' - - Split this on '/' - - Discard any empty string segment from that split - - Percent-decode each segment - - Discard any '.' or '..' segment from that split - - UTF-8-decode each segment if needed in your programming language - - Join segments back with a '/' - - This is the ``subpath`` - -- Split the ``remainder`` once from right on '?' - - - The left side is the ``remainder`` - - The right side is the ``qualifiers`` string - - Split the ``qualifiers`` on '&'. Each part is a ``key=value`` pair - - For each pair, split the ``key=value`` once from left on '=': - - - The ``key`` is the lowercase left side - - The ``value`` is the percent-decoded right side - - UTF-8-decode the ``value`` if needed in your programming language - - Discard any key/value pairs where the value is empty - - If the ``key`` is ``checksum``, split the ``value`` on ',' to create - a list of checksums - - - This list of key/value is the ``qualifiers`` object - -- Split the ``remainder`` once from left on ':' - - - The left side lowercased is the ``scheme`` - - The right side is the ``remainder`` - -- Strip all leading and trailing '/' characters (e.g., '/', '//', '///' and - so on) from the ``remainder`` - - - Split this once from left on '/' - - The left side lowercased is the ``type`` - - The right side is the ``remainder`` - -- Split the ``remainder`` once from right on '@' - - - The left side is the ``remainder`` - - Percent-decode the right side. This is the ``version``. - - UTF-8-decode the ``version`` if needed in your programming language - - This is the ``version`` - -- Split the ``remainder`` once from right on '/' - - - The left side is the ``remainder`` - - Strip all leading characters (e.g., '/', '//' and so on) - from the right side - - Percent-decode the right side. This is the ``name`` - - UTF-8-decode this ``name`` if needed in your programming language - - Apply type-specific normalization to the ``name`` if needed - - This is the ``name`` - -- Split the ``remainder`` on '/' - - - Strip all leading '/' characters (e.g., '/', '//' and so on) - from that split - - Discard any empty segment from that split - - Percent-decode each segment - - UTF-8-decode each segment if needed in your programming language - - Apply type-specific normalization to each segment if needed - - Join segments back with a '/' - - This is the ``namespace`` - - -Registered ``purl`` types -~~~~~~~~~~~~~~~~~~~~ - -There are several registered ``purl`` package type definitions tracked in the -separate ``_ document. - -Known ``qualifiers`` key/value pairs -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Note: Do not abuse ``qualifiers``: it can be tempting to use many qualifier -keys but their usage should be limited to the bare minimum for proper package -identification to ensure that a ``purl`` stays compact and readable in most cases. - -Additional, separate external attributes stored outside of a ``purl`` are the -preferred mechanism to convey extra long and optional information such as a -download URL, VCS URL or checksums in an API, database or web form. - - -With this warning, the known ``key`` and ``value`` defined here are valid for use in -all package types: - -- ``vers`` allows the specification of a version range. - The value MUST adhere to the `Version Range Specification `_. - This qualifier is mutually exclusive with the ``version`` component. - For example:: - - pkg:pypi/django?vers=vers:pypi%2F%3E%3D1.11.0%7C%21%3D1.11.1%7C%3C2.0.0 - -- ``repository_url`` is an extra URL for an alternative, non-default package - repository or registry. When a package does not come from the default public - package repository for its ``type`` a ``purl`` may be qualified with this extra - URL. The default repository or registry of a ``type`` is documented in the - "Registered ``purl`` types" section. - -- ``download_url`` is an extra URL for a direct package web download URL to - optionally qualify a ``purl``. - -- ``vcs_url`` is an extra URL for a package version control system URL to - optionally qualify a ``purl``. The syntax for this URL should be as defined in - Python pip or the SPDX specification. See - https://github.com/spdx/spdx-spec/blob/cfa1b9d08903/chapters/3-package-information.md#37-package-download-location - - - TODO: incorporate the details from SPDX here. - -- ``file_name`` is an extra file name of a package archive. - -- ``checksum`` is a qualifier for one or more checksums stored as a - comma-separated list. Each item in the ``value`` is in form of - ``lowercase_algorithm:hex_encoded_lowercase_value`` such as - ``sha1:ad9503c3e994a4f611a4892f2e67ac82df727086``. - For example (with checksums truncated for brevity) :: - - checksum=sha1:ad9503c3e994a4f,sha256:41bf9088b3a1e6c1ef1d - - -Tests -~~~~~ - -To support the language-neutral testing of ``purl`` implementations, a test suite -is provided as JSON document named ``test-suite-data.json``. This JSON document -contains an array of objects. Each object represents a test with these key/value -pairs some of which may not be normalized: - -- **purl**: a ``purl`` string. -- **canonical**: the same ``purl`` string in canonical, normalized form -- **type**: the ``type`` corresponding to this ``purl``. -- **namespace**: the ``namespace`` corresponding to this ``purl``. -- **name**: the ``name`` corresponding to this ``purl``. -- **version**: the ``version`` corresponding to this ``purl``. -- **qualifiers**: the ``qualifiers`` corresponding to this ``purl`` as an object of - {key: value} qualifier pairs. -- **subpath**: the ``subpath`` corresponding to this ``purl``. -- **is_invalid**: a boolean flag set to true if the test should report an - error - -To test ``purl`` parsing and building, a tool can use this test suite and for -every listed test object, run these tests: - -- parsing the test canonical ``purl`` then re-building a ``purl`` from these parsed - components should return the test canonical ``purl`` - -- parsing the test ``purl`` should return the components parsed from the test - canonical ``purl`` - -- parsing the test ``purl`` then re-building a ``purl`` from these parsed components - should return the test canonical ``purl`` - -- building a ``purl`` from the test components should return the test canonical ``purl`` - - -License -~~~~~~~ - -This document is licensed under the MIT license - -Definitions -~~~~~~~~~~~ - -[ASCII] See, e.g., - - - American National Standards Institute, "Coded Character Set -- 7-bit - American Standard Code for Information Interchange", ANSI X3.4, 1986. - - https://en.wikipedia.org/wiki/ASCII. diff --git a/PURL-TYPES.rst b/PURL-TYPES.rst deleted file mode 100644 index bd63b3d..0000000 --- a/PURL-TYPES.rst +++ /dev/null @@ -1,126 +0,0 @@ -Package-URL Type definitions -============================ - -Each package manager, platform, type, or ecosystem has its own conventions and -protocols to identify, locate, and provision software packages. - -The package **type** is the component of a Package-URL that is used to capture -this information with a short string such as ``maven``, ``npm``, ``nuget``, ``gem``, -``pypi``, etc. - -These are registered ``PURL`` package type definitions. - -Definitions can also include types reserved for future use. - -See also https://github.com/package-url/purl-spec and -``_ for the Package URL specification. - -This document no longer contains a manually maintained list of PURL types. - -Instead, all PURL type definitions are now maintained in a simple JSON document with -automatically generated documentation. - - -Where to find PURL Type information --------------------------------------- - -- In the JSON Index listing of all defined PURL types at: - `/purl-types-index.json `_ - -- In individual JSON files, one for each PURL type definition at: - `/types `_ - -- As Markdown documentation, generated from for each PURL type JSON definition at: - `/types-doc `_ - - -How PURL Types are maintained ------------------------------- - -All PURL type definitions are maintained as JSON definition files and JSON test files in the PURL -specification repository. These JSON files serve as the source of truth and define the -structure of each PURL type, including: - -- Namespace and name formatting rules -- Supported qualifiers -- Repository requirements -- Mapping of PURL concepts to the native ecosystem concepts - -On commit, a job automatically: - -- Checks that all JSON files are schema-valid -- Formats all the JSON files -- Generates the ``purl-types-index.json`` file containing a list of defined registered PURL types -- Generates human-readable documentation for each type - - -How to Propose a New PURL Type ------------------------------- - -To propose a new PURL type, create an **issue** and a corresponding **pull request** to the -repository with: - - - a new JSON definition file under `types/`. - - a new JSON test file file under `tests/types/`. - - -Ensure that your proposal follows the **PURL Type Definition Schema** and includes all required -fields. For this see the README-dev.rst for details to run local checks. - - - -Other candidate types to define -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -- ``android`` for Android apk packages: -- ``apache`` for Apache projects packages: -- ``atom`` for Atom packages: -- ``bower`` for Bower JavaScript packages: -- ``brew`` for Homebrew packages: -- ``buildroot`` for Buildroot packages -- ``carthage`` for Cocoapods Cocoa packages: -- ``chef`` for Chef packages: -- ``chocolatey`` for Chocolatey packages -- ``clojars`` for Clojure packages: -- ``coreos`` for CoreOS packages: -- ``crystal`` for Crystal Shards packages: -- ``ctan`` for CTAN TeX packages: -- ``drupal`` for Drupal packages: -- ``dtype`` for DefinitelyTyped TypeScript type definitions: -- ``dub`` for D packages: -- ``ebuild`` for Gentoo Linux portage packages: -- ``eclipse`` for Eclipse projects packages: -- ``elm`` for Elm packages: -- ``gitea`` for Gitea-based packages: -- ``gitlab`` for GitLab-based packages: -- ``gradle`` for Gradle plugins -- ``guix`` for Guix packages: -- ``haxe`` for Haxe packages: -- ``helm`` for Kubernetes packages -- ``julia`` for Julia packages: -- ``melpa`` for Emacs packages -- ``meteor`` for Meteor JavaScript packages: -- ``nim`` for Nim packages: -- ``nix`` for Nixos packages: -- ``opam`` for OCaml packages: -- ``openwrt`` for OpenWRT packages: -- ``osgi`` for OSGi bundle packages: -- ``p2`` for Eclipse p2 packages: -- ``pear`` for Pear PHP packages: -- ``pecl`` for PECL PHP packages: -- ``perl6`` for Perl 6 module packages: -- ``platformio`` for PlatformIO packages: -- ``puppet`` for Puppet Forge packages: -- ``sourceforge`` for Sourceforge-based packages: -- ``sublime`` for Sublime packages: -- ``terraform`` for Terraform modules -- ``vagrant`` for Vagrant boxes -- ``vim`` for Vim scripts packages: -- ``wordpress`` for Wordpress packages: -- ``yocto`` for Yocto recipe packages: - - -License -~~~~~~~ - -This document is licensed under the MIT license. diff --git a/README-dev.rst b/README-dev.rst index 79f2ed1..7da6295 100644 --- a/README-dev.rst +++ b/README-dev.rst @@ -6,7 +6,7 @@ We use some code: - to validate the JSON schemas for correctness and format them, and - to validate that the test suite data files are schema-valid. -To setup an environment to contribute to the Package-URL spec and standard, follow these +To setup an environment to contribute to the VERS spec and standard, follow these instructions:: Setup @@ -26,7 +26,7 @@ To validate that the schemas and data files are correct, run:: To regenerate the Python utility model code from the JSON schemas, then regenerate the -PURL type documentation from the JSON PURL type definition files, run:: +VERS type documentation from the JSON VERS scheme definition files, run:: make generate make docs diff --git a/README.rst b/README.rst index b93c024..6550ade 100644 --- a/README.rst +++ b/README.rst @@ -2,173 +2,33 @@ Context ======= We build and release software by massively consuming and producing software -packages such as NPMs, RPMs, Rubygems, etc. - -Each package manager, platform, type or ecosystem has its own conventions and -protocols to identify, locate and provision software packages. +packages such as npms, RPMs, Rubygems, etc. Problem ======= +Each package manager, platform, type or ecosystem has its own conventions and +protocols to identify, locate and provision software packages. And another set of +conventions to define dependent version ranges and how to compare two package versions. When tools, APIs and databases process or store multiple package types, it is difficult to reference the same software package across tools in a uniform way. +This is a problem that Package-URL (PURL) tries to solve. -For example, these tools, specifications and API use relatively similar -approaches to identify and locate software packages, each with subtle -differences in syntax, naming and conventions: - -- Grafeas uses a scheme, namespace, name and version in a URL-like string. - https://github.com/Grafeas/Grafeas - -- Here.com OSRK uses a package manager, name and version field and a colon- - separated URL-like string - https://github.com/heremaps/oss-review-toolkit - -- JFrog XRay uses a scheme, namespace, name and version in a URL-like string - https://www.jfrog.com/confluence/display/XRAY/Xray+REST+API#XrayRESTAPI-ComponentIdentifiers - -- Libraries.io uses a platform, name and version - https://libraries.io/ - -- OpenShift fabric8 analytics uses ecosystem, name and version - https://github.com/fabric8-analytics/ - -- ScanCode and AboutCode.org use a type, name and version - https://github.com/nexB/scancode-toolkit - -- SPDX has an appendix for external repository references and uses a type and a - locator with a type-specific syntax for component separators in a URL-like - string - https://spdx.github.io/spdx-spec/latest/package-information/ - -- versioneye uses a type, name and version - https://github.com/versioneye/ - -- Sonatype Lifecycle uses a format id followed by format specific coordinates. - https://links.sonatype.com/products/nxiq/doc/component-identifier - - -Solution -======== - -A `purl` or package URL is an attempt to standardize existing approaches to -reliably identify and locate software packages. - -A `purl` is a URL string used to identify and locate a software package in a -mostly universal and uniform way across programming languages, package managers, -packaging conventions, tools, APIs and databases. - -Such a package URL is useful to reliably reference the same software package -using a simple and expressive syntax and conventions based on familiar URLs. - - -Check also this short `purl` presentation (with video) at FOSDEM 2018 -https://fosdem.org/2018/schedule/event/purl/ for an overview. - - -purl -~~~~~ - -`purl` stands for **package URL**. - -A `purl` is a URL composed of seven components:: - - scheme:type/namespace/name@version?qualifiers#subpath - -Components are separated by a specific character for unambiguous parsing. - -The definition for each components is: - -- **scheme**: this is the URL scheme with the constant value of "pkg". One of - the primary reason for this single scheme is to facilitate the future official - registration of the "pkg" scheme for package URLs. Required. -- **type**: the package "type" or package "protocol" such as maven, npm, nuget, - gem, pypi, etc. Required. -- **namespace**: some name prefix such as a Maven groupid, a Docker image owner, - a GitHub user or organization. Optional and type-specific. -- **name**: the name of the package. Required. -- **version**: the version of the package. Optional. -- **qualifiers**: extra qualifying data for a package such as an OS, - architecture, a distro, etc. Optional and type-specific. -- **subpath**: extra subpath within a package, relative to the package root. - Optional. - - -Components are designed such that they form a hierarchy from the most significant component -on the left to the least significant component on the right. - - -A `purl` must NOT contain a URL Authority i.e. there is no support for -`username`, `password`, `host` and `port` components. A `namespace` segment may -sometimes look like a `host` but its interpretation is specific to a `type`. - - -Some `purl` examples -~~~~~~~~~~~~~~~~~~~~ - -:: - - pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c - - pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie - - pkg:docker/cassandra@sha256:244fd47e07d1004f0aed9c - pkg:docker/customer/dockerimage@sha256:244fd47e07d1004f0aed9c?repository_url=gcr.io - - pkg:gem/jruby-launcher@1.1.2?platform=java - pkg:gem/ruby-advisory-db-check@0.12.4 - - pkg:github/package-url/purl-spec@244fd47e07d1004f0aed9c - - pkg:golang/google.golang.org/genproto#googleapis/api/annotations - - pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?packaging=sources - pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?repository_url=repo.spring.io/release - - pkg:npm/%40angular/animation@12.3.1 - pkg:npm/foobar@12.3.1 - - pkg:nuget/EnterpriseLibrary.Common@6.0.1304 - - pkg:pypi/django@1.11.1 - - pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25 - pkg:rpm/opensuse/curl@7.56.1-1.1.?arch=i386&distro=opensuse-tumbleweed - -(NB: some checksums are truncated for brevity) +The problem of versions and version ranges is what this Version Range Specifier (VERS) tries to +solve. VERS grew from PURL and complements PURL. Specification details ~~~~~~~~~~~~~~~~~~~~~ -The `purl` specification consists of a core syntax definition and independent -type definitions: - -- `Package URL core `_: Defines a versioned and - formalized format, syntax, and rules used to represent and validate `purl`. +The `VERS` specification consists of a core syntax definition and versioning scheme definitions +stored in a single document: -- `Type definitions `_: Defines `purl` types (e.g. maven, npm, - cargo, rpm, etc) independent of the core specification. Definitions also - include types reserved for future use. - - -Known implementations -~~~~~~~~~~~~~~~~~~~~~ +- `VERS core `_: Defines the format, syntax, and rules used to represent and + validate `VERS`. -- .NET: https://github.com/package-url/packageurl-dotnet -- Erlang / Elixir: https://github.com/erlef/purl -- Go: https://github.com/package-url/packageurl-go -- Java: https://github.com/package-url/packageurl-java, - https://github.com/sonatype/package-url-java -- JavaScript: https://github.com/package-url/packageurl-js -- Kotlin: https://github.com/iseki0/PUrlKt -- Perl: https://github.com/giterlizzi/perl-URI-PackageURL -- PHP: https://github.com/package-url/packageurl-php -- Python: https://github.com/package-url/packageurl-python -- Ruby: https://github.com/package-url/packageurl-ruby -- Rust: https://github.com/package-url/packageurl.rs -- Swift: https://github.com/package-url/packageurl-swift +And of a collection of JSON test data stored in the tests/ directory Users, adopters and links diff --git a/etc/scripts/generate_index_and_docs.py b/etc/scripts/generate_index_and_docs.py deleted file mode 100644 index f50df2e..0000000 --- a/etc/scripts/generate_index_and_docs.py +++ /dev/null @@ -1,167 +0,0 @@ -#!/usr/bin/env python - -import json -from pathlib import Path - -""" -Generate Markdown documents, one for each PURL type definition JSON document. -""" - - -def generate_purl_syntax(definition) -> str: - """ - Return a PURL syntax template generated dynamically from a definition object, using required, - optional, and prohibited component definitions. - """ - - namespace = definition.get("namespace_definition", {}).get("requirement", "optional") - if namespace in ["required", "optional"]: - namespace = "/" - else: - namespace = "" - - purl_syntax = f"pkg:{definition['type']}{namespace}/@?#" - - return purl_syntax - - -def get_yes_no(value): - """Return a human-readable yes/no from a boolean value""" - return "Yes" if value else "No" - - -def generate_documentation(definition) -> str: - """ - Return a documentation for a PURL type definition. - """ - lines = [] - lines.append("") - lines.append("") - - lines.append(f"# PURL Type Definition: {definition['type']}") - lines.append("") - lines.append(f"- **Type Name:** {definition['type_name']}") - lines.append(f"- **Description:** {definition['description']}") - lines.append(f"- **Schema ID:** `{definition['$id']}`") - lines.append("") - - # Generate PURL Syntax - purl_syntax = generate_purl_syntax(definition) - lines.append("## PURL Syntax") - lines.append("") - lines.append("The structure of a PURL for this package type is:") - lines.append("") - lines.append(f" {purl_syntax}") - lines.append("") - - # Repository comes 1st - lines.append("## Repository Information") - lines.append("") - repository = definition["repository"] - use_repository = repository["use_repository"] - lines.append(f"- **Use Repository:** {get_yes_no(use_repository)}") - if default_repository_url := repository.get("default_repository_url"): - lines.append(f"- **Default Repository URL:** {default_repository_url}") - if note := repository.get("note"): - lines.append(f"- **Note:** {note}") - lines.append("") - - # PURL Components (Each gets its own section) - for key in [ - "namespace_definition", - "name_definition", - "version_definition", - "subpath_definition", - ]: - component = definition.get(key) - if not component: - continue - - component_label = (" ".join(key.split("_"))).capitalize() - lines.append(f"## {component_label}") - lines.append("") - - if req := component.get("requirement"): - # only for namespace - lines.append(f"- **Requirement:** {req.capitalize()}") - - if permitted_characters := component.get("permitted_characters"): - lines.append(f"- **Permitted Characters:** `{permitted_characters}`") - - if case_sensitive := component.get("case_sensitive"): - lines.append(f"- **Case Sensitive:** {get_yes_no(case_sensitive)}") - - if normalization_rules := component.get("normalization_rules"): - lines.append(f"- **Normalization rules:**") - for rule in normalization_rules: - lines.append(f" - {rule}") - - if native_name := component.get("native_name"): - lines.append(f"- **Native Label:** {native_name}") - - if note := component.get("note"): - lines.append(f"- **Note:** `{note}`") - - lines.append("") - - if qualifiers := definition.get("qualifiers_definition"): - lines.append("## Qualifiers Definition") - lines.append("") - lines.append("| Key | Requirement | Native name | Default Value | Description |") - lines.append("|------|-------------|-------------|---------------|-------------|") - for qualifier in qualifiers: - key = qualifier["key"] - req = qualifier.get("requirement", "optional").capitalize() - native = qualifier.get("native_name", "") - default = qualifier.get("default_value", "") - description = qualifier.get("description", "") - lines.append(f"| {key} | {req} | {native} | {default} | {description} |") - lines.append("") - - lines.append("## Examples") - lines.append("") - for example in definition["examples"]: - lines.append(f"- `{example}`") - lines.append("") - - if reference_urls := definition.get("reference_urls"): - lines.append("## Reference URLs") - lines.append("") - for url in reference_urls: - lines.append(f"- `{url}`") - lines.append("") - - if note := definition.get("note"): - lines.append("## Note") - lines.append("") - lines.append(note) - lines.append("") - - return "\n".join(lines) - - -if __name__ == "__main__": - import sys - - if len(sys.argv) == 2: - selected_types = f"{sys.argv[1]}-definition.json" - else: - selected_types = "*-definition.json" - - types = [] - types_dir = Path("types") - - for filepath in types_dir.glob(selected_types): - data = json.loads(filepath.read_text()) - ptype = data["type"] - types.append(ptype) - md = generate_documentation(data) - mddoc = Path("types-doc") / f"{ptype}-definition.md" - mddoc.write_text(md, newline="\n") - print(f"PURL Type Documentation generated for {mddoc}") - - idxdoc = Path("purl-types-index.json") - idx = json.dumps(sorted(types), indent=2) + "\n" - idxdoc.write_text(idx, newline="\n") - print(f"PURL Types Index generated at {idxdoc}") diff --git a/etc/scripts/git-split-file.sh b/etc/scripts/git-split-file.sh deleted file mode 100755 index 630b0cf..0000000 --- a/etc/scripts/git-split-file.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -# -# from https://gitlab.inria.fr/-/snippets/520 - -# Git: copy files keeping history -# -# Authored by David SHERMAN -# -# Make copies of a file while preserving git history, so that git blame can find the original commits. -# -# git blame heuristically walks the history to recover which commits were responsible for different -# parts of a file. Its heuristics usually work if you move a file, but doesn't if you copy it: the -# copy will appear to have been created ex nihilo by the commit. This script makes copies of a file -# using git mv but keeps the original, which is then moved back to its original name. By keeping -# this complete history, git blame is able to walk back to the original commits, in both the copies -# and the original. -# -# Note that this will add N+3 commits to the history, where N is the number of new copies. -# -# The use case is when you need to split a file into pieces: make a history-preserving copy of the -# original for each piece, then delete the extraneous parts in each copy. - - - -if [ ! \( -f "$1" -a $# -ge 2 -a -d $(dirname "$2") \) ]; then - cat 1>&2 <<-"EOF" - Usage: $0 ORIGINAL copy1 [... copyN] - - Copy ORIGINAL, preserving history for git blame - New history will have N+3 commits - EOF - exit 1 -fi - -ORIGINAL="$1"; shift -KEEP=$(mktemp ./"$1".XXXXXXXX) -MESSAGE="Copy $ORIGINAL to $@ keep history" -SPLIT="" - -# Remember current commit -ROOT=$(git rev-parse HEAD) - -# Create branch where $2 has $ORIGINAL's history -for f in "$@"; do - git reset --soft $ROOT - git checkout $ROOT "$ORIGINAL" - git mv -f "$ORIGINAL" "$f" - git commit --signoff -n -m "$MESSAGE: create $f" - SPLIT="$(git rev-parse HEAD) $SPLIT" -done - -# Go back to initial branch and move $ORIGINAL out of the way -git reset --hard HEAD^ -git mv "$ORIGINAL" -f "$KEEP" -git commit --signoff -n -m "* $MESSAGE: keep $ORIGINAL" - -# Merge $2's branch back into the original -git merge $SPLIT -m "* $MESSAGE: merge" -git commit --signoff -a -n -m "$MESSAGE: merge" - -# Move $ORIGINAL back where it was -git mv "$KEEP" "$ORIGINAL" -git commit --signoff -n -m "$MESSAGE" - -# Report -echo -e \\nNew history $(git rev-parse --short $ROOT)..$(git rev-parse --short HEAD) -exit 0 diff --git a/etc/scripts/purl_test.py b/etc/scripts/purl_test.py deleted file mode 100644 index 00e8110..0000000 --- a/etc/scripts/purl_test.py +++ /dev/null @@ -1,96 +0,0 @@ -# SPDX-License-Identifier: MIT -# Copyright (c) the purl authors -# -# Permission is hereby granted, free of charge, to any person obtaining a copy of -# this software and associated documentation files (the "Software"), to deal in -# the Software without restriction, including without limitation the rights to -# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -# the Software, and to permit persons to whom the Software is furnished to do so, -# subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in all -# copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -# -# Visit https://github.com/package-url/purl-spec and https://packageurl.org for support - - -from __future__ import annotations - -from typing import Any -from typing import Literal -from typing import Optional - -from pydantic import BaseModel -from pydantic import ConfigDict -from pydantic import Field - - -class PurlComponents(BaseModel): - model_config = ConfigDict( - extra="forbid", - ) - type: Optional[str] = Field(None, description="Package-URL type component.", title="PURL type") - namespace: Optional[str] = Field( - None, description="Package-URL namespace decoded component.", title="PURL namespace" - ) - name: Optional[str] = Field( - None, description="Package-URL name decoded component.", title="PURL name" - ) - version: Optional[str] = Field( - None, description="Package-URL version decoded component.", title="PURL version" - ) - qualifiers: Optional[dict[str, Any]] = Field( - None, - description="Package-URL qualifiers decoded component as an object.", - title="PURL qualifiers", - ) - subpath: Optional[str] = Field( - None, description="Package-URL subpath decoded component.", title="PURL subpath" - ) - - -class PurlTest(BaseModel): - description: str = Field( - ..., description="A description for this test.", title="Test description" - ) - test_group: Literal["base", "advanced"] = Field( - ..., description="The group of this test like 'base' or 'advanced'.", title="Test group" - ) - test_type: Literal["build", "parse", "roundtrip"] = Field( - ..., description="The type of this test like 'build' or 'parse'.", title="Test type" - ) - expected_failure: Optional[bool] = Field( - False, - description="true if this test input is expected to fail to be processed.", - title="Expected failure", - ) - expected_failure_reason: Optional[str] = Field( - None, - description="The reason why this test is is expected to fail if expected_failure is true.", - title="Expected failure reason", - ) - - -class PurlTestDefinition(BaseModel): - model_config = ConfigDict( - extra="forbid", - ) - field_schema: Optional[Any] = Field( - None, - alias="$schema", - description="Contains the URL of the JSON schema for Package-URL tests.", - title="JSON schema", - ) - tests: Optional[list[PurlTest]] = Field( - None, - description="A list of Package-URL build and parse tests.", - min_length=1, - title="Test suite", - ) diff --git a/etc/scripts/purl_type_definition.py b/etc/scripts/purl_type_definition.py deleted file mode 100644 index ec560aa..0000000 --- a/etc/scripts/purl_type_definition.py +++ /dev/null @@ -1,199 +0,0 @@ -# SPDX-License-Identifier: MIT -# Copyright (c) the purl authors -# -# Permission is hereby granted, free of charge, to any person obtaining a copy of -# this software and associated documentation files (the "Software"), to deal in -# the Software without restriction, including without limitation the rights to -# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -# the Software, and to permit persons to whom the Software is furnished to do so, -# subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in all -# copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -# -# Visit https://github.com/package-url/purl-spec and https://packageurl.org for support - - -from __future__ import annotations - -from typing import Any -from typing import Literal -from typing import Optional - -from pydantic import AnyUrl -from pydantic import BaseModel -from pydantic import ConfigDict -from pydantic import Field -from pydantic import RootModel - - -class Example(RootModel[str]): - root: str = Field(..., pattern="^pkg:[a-z][a-z0-9-\\.]+/.*$") - - -class PackageUrlTypeDefinition(BaseModel): - model_config = ConfigDict( - extra="forbid", - ) - field_schema: Optional[Any] = Field( - None, - alias="$schema", - description="Contains the URL of the JSON schema for Package-URL type definition.", - title="JSON schema", - ) - field_id: str = Field( - ..., - alias="$id", - description="The unique identifier URI for this PURL type definition.", - pattern="^https:\\/\\/packageurl\\.org/types/[a-z0-9-]+-definition\\.json$", - title="PURL type definition id", - ) - type: str = Field( - ..., - description="The type string for this Package-URL type.", - examples=["maven", "npm", "pypi"], - pattern="^[a-z][a-z0-9-\\.]+$", - title="PURL type", - ) - type_name: str = Field( - ..., - description="The name for this PURL type.", - examples=["Apache Maven", "Python Package"], - title="Type name", - ) - description: str = Field( - ..., description="The description of this PURL type.", title="Description" - ) - repository: Repository = Field( - ..., description="Package repository usage for this PURL type.", title="Repository" - ) - namespace_definition: NamespaceDefinition = Field( - ..., - description="Definition of the namespace component for this PURL type.", - title="Namespace definition", - ) - name_definition: PurlComponentDefinition = Field( - ..., - description="Definition of the name component for this PURL type.", - title="Name definition", - ) - version_definition: Optional[PurlComponentDefinition] = Field( - None, - description="Definition of the version component for this PURL type.", - title="Version definition", - ) - qualifiers_definition: Optional[list[QualifiersDefinitionItem]] = Field( - None, - description="Definition for the qualifiers specific to this PURL type.", - title="Qualifiers definition", - ) - subpath_definition: Optional[PurlComponentDefinition] = Field( - None, - description="Definition for the subpath for this PURL type.", - title="Subpath definition", - ) - examples: list[Example] = Field( - ..., - description="Example of valid, canonical PURLs for this package type.", - min_length=1, - title="PURL examples", - ) - note: Optional[str] = Field(None, description="Note about this PURL type.", title="Note") - reference_urls: Optional[list[AnyUrl]] = Field( - None, - description="Optional list of informational reference URLs about this PURL type.", - title="Reference URLs", - ) - - -class PurlComponentDefinition(BaseModel): - permitted_characters: Optional[str] = Field( - None, - description=( - "Regular expression (ECMA-262 dialect) defining the 'Permitted characters' for this" - " component of this Package-URL type. If provided, this must be a subset of the" - " 'Permitted characters' defined in the PURL specification." - ), - title="Permitted characters in this PURL component", - ) - case_sensitive: Optional[bool] = Field( - True, - description=( - "true if this PURL component is case sensitive. If false, the canonical form must be" - " lowercased." - ), - title="Case sensitive", - ) - normalization_rules: Optional[list[str]] = Field( - None, - description=( - "List of rules to normalize this component for this PURL type. These are plain text," - " unstructured rules as some require programming and cannot be enforced only with a" - " schema. Tools are expected to apply these rules programmatically." - ), - title="Normalization rules", - ) - native_name: Optional[str] = Field( - None, - description=( - "The native name of this PURL component in the package ecosystem. For instance, the" - " 'namespace' for the 'maven' type is 'groupId', and 'scope' for the 'npm' PURL type." - ), - title="Native name", - ) - note: Optional[str] = Field(None, description="Extra note text.", title="Note") - - -class QualifiersDefinitionItem(BaseModel): - model_config = ConfigDict( - extra="forbid", - ) - key: str = Field(..., description="The key for the qualifier.", title="Qualifier key") - requirement: Optional[Requirement] = None - description: str = Field( - ..., description="The description of this qualifier.", title="Description" - ) - default_value: Optional[str] = Field( - None, - description="The optional default value of this qualifier if not provided.", - title="Default value", - ) - native_name: Optional[str] = Field( - None, description="The equivalent native name for this qualifier key.", title="Native name" - ) - - -class Repository(BaseModel): - model_config = ConfigDict( - extra="forbid", - ) - use_repository: bool = Field( - ..., - description="true if this PURL type use a public package repository.", - title="Use repository", - ) - default_repository_url: Optional[AnyUrl] = Field( - None, - description="The default public repository URL for this PURL type", - title="Default repository URL", - ) - note: Optional[str] = Field(None, description="Extra note text.", title="Note") - - -class Requirement(RootModel[Literal["required", "optional", "prohibited"]]): - root: Literal["required", "optional", "prohibited"] = Field( - ..., - description="States if this PURL component is required, optional, or prohibited.", - title="Component requirement", - ) - - -class NamespaceDefinition(PurlComponentDefinition): - requirement: Requirement diff --git a/etc/scripts/purl_types_index.py b/etc/scripts/purl_types_index.py deleted file mode 100644 index 168f805..0000000 --- a/etc/scripts/purl_types_index.py +++ /dev/null @@ -1,35 +0,0 @@ -# SPDX-License-Identifier: MIT -# Copyright (c) the purl authors -# -# Permission is hereby granted, free of charge, to any person obtaining a copy of -# this software and associated documentation files (the "Software"), to deal in -# the Software without restriction, including without limitation the rights to -# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -# the Software, and to permit persons to whom the Software is furnished to do so, -# subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in all -# copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -# -# Visit https://github.com/package-url/purl-spec and https://packageurl.org for support - - -from __future__ import annotations - -from pydantic import Field -from pydantic import RootModel - - -class PackageUrlTypesList(RootModel[list[str]]): - root: list[str] = Field( - ..., - description="A list of the registered Package-URL types.", - title="Package-URL types list.", - ) diff --git a/etc/scripts/remove_duplicate_tests.py b/etc/scripts/remove_duplicate_tests.py deleted file mode 100644 index d9f49e3..0000000 --- a/etc/scripts/remove_duplicate_tests.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright (c) the purl authors -# SPDX-License-Identifier: MIT -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in all -# copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -# SOFTWARE. - -# Visit https://github.com/package-url/packageurl-python for support and -# download. - -import json -from pathlib import Path - - -def remove_duplicates(test_dir: Path): - """Remove duplicates""" - - for test_file in test_dir.glob("*.json"): - try: - test_data = json.loads(test_file.read_text()) - except Exception as e: - raise Exception(test_file) from e - - new_tests = [] - - for test in test_data["tests"]: - if test in new_tests: - continue - else: - new_tests.append(test) - - test_data["tests"] = new_tests - test_file.write_text(json.dumps(test_data, indent=2) + "\n") - - -if __name__ == "__main__": - import sys - - test_dir = sys.argv[1] - remove_duplicates(Path(test_dir)) diff --git a/faq.rst b/faq.rst index 4f0716e..9da1527 100644 --- a/faq.rst +++ b/faq.rst @@ -1,93 +1,3 @@ Frequently Asked Questions ========================== -Scheme -~~~~~~ - -**QUESTION**: Can the ``scheme`` component be followed by a colon and two slashes, like a URI? - -**ANSWER**: No. Since a ``purl`` never contains a URL Authority, its ``scheme`` should not be -suffixed with double slash as in 'pkg://' and should use 'pkg:' instead. Otherwise this would be an -invalid URI per RFC 3986 at https://tools.ietf.org/html/rfc3986#section-3.3:: - - If a URI does not contain an authority component, then the path - cannot begin with two slash characters ("//"). - -This rule applies to all slash '/' characters between the ``scheme``'s colon separator and the -``type`` component, e.g., ':/', '://', ':///' et al. - -In its canonical form, a ``purl`` must not use any such ':/' ``scheme`` suffix and may only use ':' -as a ``scheme`` suffix. This means that: - -- ``purl`` parsers must accept URLs such as 'pkg://' and must ignore and remove all such '/' - characters. - -- ``purl`` builders should not create invalid URLs with one or more slash '/' characters between - 'pkg:' and the ``type`` component. - -For example, although these two purls are strictly equivalent, the first is in canonical form, while -the second -- with a '//' between 'pkg:' and the ``type`` 'gem' -- is an acceptable purl but is an -invalid URI/URL per RFC 3986:: - - pkg:gem/ruby-advisory-db-check@0.12.4 - - pkg://gem/ruby-advisory-db-check@0.12.4 - - -**QUESTION**: Is the colon between ``scheme`` and ``type`` encoded? Can it be encoded? If yes, how? - -**ANSWER**: The "Rules for each ``purl`` component" section provides that the ``scheme`` MUST be -followed by an unencoded colon ':'. - -In this case, the colon ':' between ``scheme`` and ``type`` is being used as a separator, and -consequently should be used as-is, never encoded and never requiring any decoding. Moreover, it -should be a parsing error if the colon ':' does not come directly after 'pkg'. Tools are welcome to -recover from this error to help with malformed purls, but that's not a requirement. - - -Type -~~~~ - -**QUESTION**: What behavior is expected from a purl spec implementation if a ``type`` contains a -character like a slash '/' or a colon ':'? - -**ANSWER**: The "Rules for each purl component" section provides that the package ``type`` that list -allowed characters: - - MUST be composed only of ASCII letters and numbers, period '.', and dash '-'. - -As a result, a purl spec implementation must return an error when encountering a ``type`` that -contains a prohibited character. - - -Version -~~~~~~~ - -**QUESTION**: How do package ``types`` handle the comparison and sorting of versions? - -**ANSWER**: Some package ``types`` use versioning conventions such as SemVer for NPMs or NEVRA -conventions for RPMS. A ``type`` may define a procedure to compare and sort versions, but there is -no reliable and uniform way to do such comparison consistently. - - -Plus -~~~~ - -**QUESTION**: Can a PURL contain a plus character '+'? - -**ANSWER**: Decoded individual components can contain a plus. The encoded, canonical form can never -contain an unencoded plus. - - -Qualifiers -~~~~~~~~~~~ - -**QUESTION**: What is the qualifier for a checksum like a SHA1? - -**ANSWER**: The spec was originally ambiguous and used ``checksum`` (singular) in one place and -``checksums`` (plural) in other places. This has been discussed extensively in issues and PRs such as -https://github.com/package-url/purl-spec/issues/73 and https://github.com/package-url/purl- -spec/pull/209 and the official form is ``checksum`` (singular). When writing a lenient parser, -consider accepting both ``checksum`` (singular) and ``checksums`` (plural) when reading a PURL, and -always emit ``checksum`` (singular) when writing a PURL. - diff --git a/meetings/2025-01-22.md b/meetings/2025-01-22.md deleted file mode 100644 index 1e2fc39..0000000 --- a/meetings/2025-01-22.md +++ /dev/null @@ -1,54 +0,0 @@ - - - -# Agenda for the PURL community meeting on 2025-01-22 - -- **Host**: Remote -- **Dates and times**: - - 17:00 to 18:00 UTC - - 18:00 to 19:00 CEST (Europe/Brussels) - - 12:00 to 13:00 EDT (America/New_York) - - 09:00 to 10:00 PDT (America/Los Angeles) - - 02:00 to 03:00 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - component-focused encoding etc. https://docs.google.com/spreadsheets/d/1biOCUY4eCqQaYmfGDHVrASV9igYEzct6 - - master issues/PRs https://docs.google.com/spreadsheets/d/1H2QAcADLaMNgcR5BMK7bQxzH5D3X-SdO - -## Attendees -- Philippe Ombredanne, creator of PURL, Lead maintainer of AboutCode, TC54-TG2 convener -- Adam Herzog, AboutCode -- John Horan, AboutCode -- Martin Prpic, Red Hat -- Doug Clarke, Oracle -- Jan Kowalleck, Sovereign Tech Agency - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Philippe: not an official Ecma call. -- Preliminary matters, proposed agenda. -- Updating overview: - - GitHub project board (link in agenda above) - - component-focused encoding etc. (link in agenda above) - - master issues/PRs (link in agenda above) - - Implementation of RFC 2119/8174 but without using "not/NOT" -- Philippe: shared the project board - - PR 373 re RFC 2119/8174 – good comments, but many unrelated to the narrow focus - - Eventually will be parsed into separate narrow issues → narrow PRs - - Contributions to individual items would be very helpful - - Philippe walked us briefly through the board and the "encoding" gSheet, described how the logistics of the process could work, and created and fleshed out some new items → new focused issues, illustrating the process. Goal: a simple PR. Quick view of the scheme-focused PR 361. - - Hope to finalize core spec updating by the end of March ideally (and earlier if possible). - - Martin: would like to take on one of these – "Clarify spec for version" (issue 380). Philippe: inviting Martin to join the project; done. - - Jan: will take on the subpath component – "Clarify spec for subpath" (issue 379). -- Philippe: Brief recap. A JSON Schema is a goal going forward. -- The meeting was adjourned. diff --git a/meetings/2025-02-05.md b/meetings/2025-02-05.md deleted file mode 100644 index 4e326b0..0000000 --- a/meetings/2025-02-05.md +++ /dev/null @@ -1,38 +0,0 @@ -# Agenda for the PURL community meeting on 2025-02-05 - -- **Host**: Remote -- **Dates and times**: - - 17:00 to 18:00 UTC - - 18:00 to 19:00 CEST (Europe/Brussels) - - 12:00 to 13:00 EDT (America/New_York) - - 09:00 to 10:00 PDT (America/Los Angeles) - - 02:00 to 03:00 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-01-22 meeting -- https://github.com/package-url/purl-spec/blob/master/meetings/2025-01-22.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - component-focused encoding etc. https://docs.google.com/spreadsheets/d/1biOCUY4eCqQaYmfGDHVrASV9igYEzct6 - - master issues/PRs https://docs.google.com/spreadsheets/d/1H2QAcADLaMNgcR5BMK7bQxzH5D3X-SdO - -## Attendees -- Philippe Ombredanne, creator of PURL, Lead maintainer of AboutCode, TC54-TG2 convener -- John Horan, AboutCode -- Martin Prpic, Red Hat - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Philippe, Martin and John reviewed the 'scheme' and 'type' PRs in detail. - - Discussion of using negatives like NOT in the spec – when used sparingly, NOT is clearer and more concise than rewording to avoid the term. - - Consider whether, and if so how, to address encoding in the spec, e.g., streamline or remove the "Character encoding" section and address encoding in the "How to parse a purl string in its components" section, with details in the FAQ. - - Martin will explore how the draft FAQ can be improved, perhaps converting it to a cleaner, more concise set of clarifications rather than the current question/answer structure. - - John will clean up the draft FAQ in the 'scheme' and 'type' PRs to remove placeholder entries, update the test-suite-data.json file as needed for the 'type' PR, implement the various suggested changes for the 'scheme' and 'type' PRs, and then turn to the 'qualifiers' update. - -- The meeting was adjourned. diff --git a/meetings/2025-02-19.md b/meetings/2025-02-19.md deleted file mode 100644 index a00039b..0000000 --- a/meetings/2025-02-19.md +++ /dev/null @@ -1,48 +0,0 @@ -# Agenda for the PURL community meeting on 2025-02-19 - -- **Host**: Remote -- **Dates and times**: - - 17:00 to 17:30 UTC - - 18:00 to 18:30 CEST (Europe/Brussels) - - 12:00 to 12:30 EDT (America/New_York) - - 09:00 to 09:30 PDT (America/Los Angeles) - - 02:00 to 02:30 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-02-05 meeting -- https://github.com/package-url/purl-spec/blob/master/meetings/2025-02-05.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - Component-focused encoding etc. https://docs.google.com/spreadsheets/d/1biOCUY4eCqQaYmfGDHVrASV9igYEzct6 - - Open issues/PRs https://docs.google.com/spreadsheets/d/1H2QAcADLaMNgcR5BMK7bQxzH5D3X-SdO - -## Attendees -- Philippe Ombredanne, PURL, AboutCode, TC54-TG2 convener -- John Horan, AboutCode -- Martin Prpic, Red Hat -- Jaime Rodríguez-Guerra, Quansight -- Immanuel Kunz, Fraunhofer AISEC -- Joshua Kugler, Adobe - - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Agenda items: - - Philippe: update spec work - - Jaime: Discuss https://github.com/package-url/purl-spec/issues/386 - - Martin: create nicer docs site, perhaps reserve package-url.com + github site -- Philippe: casing of 'purl' still a work-in-progress. -- Martin: addressed the deletion of the "Character encoding" section and matters related to explaining with clarity what characters are permitted in each component and related details for percent-encoding etc. Discussion followed re characters, proper encoding etc. Examples: how does one normalize a purl? Where in the core spec do the details for each of the components belong? Strict validation for incoming purl strings? Separate sections for each would be helpful. Consider informing users about problems with their purl strings. -- We reviewed and merged several core spec PRs. -- We reviewed the "Character encoding" PR (https://github.com/package-url/purl-spec/pull/389). -- Joshua introduced himself, summarized his current purl work and issue(s). He and Philippe discussed encoding, implementation and related issues including crisp, clean details for character handling, component-by-component (see, e.g., packageurl-python PR 178 – https://github.com/package-url/packageurl-python/pull/178). Philippe: goal includes queryable dataset of all known purls. -- Philippe discussed various version-related issues/PRs and possible approaches. -- Jaime discussed his usage of purls and the role and identification of dependencies, including how vers fits in. See issue #386 (link above). Question: could there be a single identifier containing a complete version range? Philippe: there's a project re identifying purls for all C/C++ packages that could be relevant. Jaime: see also PEP 725. -- The meeting was adjourned. diff --git a/meetings/2025-03-05.md b/meetings/2025-03-05.md deleted file mode 100644 index fc34e73..0000000 --- a/meetings/2025-03-05.md +++ /dev/null @@ -1,53 +0,0 @@ -# Agenda for the PURL community meeting on 2025-03-05 - -- **Host**: Remote -- **Dates and times**: - - 17:00 to 17:30 UTC - - 18:00 to 18:30 CEST (Europe/Brussels) - - 12:00 to 12:30 EST (America/New_York) - - 09:00 to 09:30 PST (America/Los Angeles) - - 02:00 to 02:30 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-02-19 meeting -- https://github.com/package-url/purl-spec/blob/master/meetings/2025-02-19.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - Component-focused encoding etc. https://docs.google.com/spreadsheets/d/1biOCUY4eCqQaYmfGDHVrASV9igYEzct6 - - Open issues/PRs https://docs.google.com/spreadsheets/d/1H2QAcADLaMNgcR5BMK7bQxzH5D3X-SdO - -## Attendees -- Philippe Ombredanne, PURL, AboutCode, TC54-TG2 convener -- John Horan, AboutCode -- Michael Herzog, AboutCode -- David Walluck -- Immanuel Kunz, Fraunhofer AISEC -- Joshua Kugler, Adobe -- Jaime Rodríguez-Guerra, Quansight -- Steve Springett, OWASP Foundation / ServiceNow - - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Agenda items: - - David: general info plus Java focus - - Immanuel: version range - - John: qualifiers/character encoding update - - Joshua: general info plus a spec ambiguity they're working through - - Michael: nothing in particular - - Philippe: qualifiers PR - - Jaime: follow-up from last meeting - - Reply to https://github.com/package-url/purl-spec/issues/386#issuecomment-2636210323 - - https://github.com/package-url/purl-spec/issues/222 - - Steve: nothing in particular -- Philippe: Let's start with Immanuel's PR: https://github.com/package-url/purl-spec/pull/343 . Discussion followed on this and several issues from other participants. -- Philippe: qualifiers. Discussion of percent-encoding, need for clarity. Philippe: should be simple and clear and expressed in the "Character encoding" section. -- Philippe: Let's turn to Steve's JSON Schema PR. Steve: The PR includes markdown automatically generated from the JSON. Philippe: `.rst` vs `.md` but that's minor. Explored examples. Steve: normalization is also an important issue and there are behaviors/definitions that are incorrect (e.g., upper vs lower casing). Joshua: Invalid names can be/are an issue. Philippe: need to avoid changing rules rather than simply clarifying the spec. Steve: if we move forward with describing types with JSON, there are issues to address. Philippe and Steve discussed. Brief discussion of YAML. Steve: looking for an answer on `.md` vs. `.rst`. -- The meeting was adjourned. diff --git a/meetings/2025-03-19.md b/meetings/2025-03-19.md deleted file mode 100644 index ec80437..0000000 --- a/meetings/2025-03-19.md +++ /dev/null @@ -1,61 +0,0 @@ -# Agenda for the PURL community meeting on 2025-03-19 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 16:30 UTC - - 17:00 to 17:30 CET (Europe/Brussels) - - 12:00 to 12:30 EDT (America/New_York) - - 09:00 to 09:30 PDT (America/Los Angeles) - - 01:00 to 01:30 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-03-05 meeting -- https://github.com/package-url/purl-spec/blob/master/meetings/2025-03-05.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - Component-focused encoding etc. https://docs.google.com/spreadsheets/d/1biOCUY4eCqQaYmfGDHVrASV9igYEzct6 - - Open issues/PRs https://docs.google.com/spreadsheets/d/1H2QAcADLaMNgcR5BMK7bQxzH5D3X-SdO - -## Attendees -- Philippe Ombredanne, PURL, AboutCode, TC54-TG2 convener -- John Horan, AboutCode -- David Walluck -- Joshua Kugler, Adobe -- Jaime Rodríguez-Guerra, Quansight -- Martin Prpic, Red Hat -- Jan Kowalleck, Sovereign Tech Agency -- Immanuel Kunz, Fraunhofer AISEC - - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Agenda items: - - Joshua: nothing in particular - - Jan: various topics - - Martin: qualifiers and percent encoding - - David: several topics; general concern: the Java implementation and its test suite. - - John: qualifiers and percent encoding – PR 398 (https://github.com/package-url/purl-spec/pull/398). - - Jaime: - - discuss #386 (https://github.com/package-url/purl-spec/issues/386) + #362 (https://github.com/package-url/purl-spec/issues/362) (similar proposals about "requirements PURLs"), - - and also #222 (https://github.com/package-url/purl-spec/issues/222) (pkg:abstract/* PURLs) -- Philippe: Let's look at PR 398 (https://github.com/package-url/purl-spec/pull/398). - - Character encoding section. - - Discussion re permitted characters in a PURL/purl string. Some version schemes (e.g., semver) use '+'. (See https://semver.org/spec/v2.0.0.html#spec-item-10.) - - Many of the participants: we can and should simplify the encoding requirements. ':', '@' and many other characters present some challenges. - - Extensive discussion re restructuring character encoding to define default encoding rule(s). - - The "How to parse" section is also implicated by the encoding rules and rewriting. - - Phillipe and John to discuss and prepare a crisp proposal for the group's consideration and feedback. - - Philippe: RFC 3986 is invaluable but at times extremely complex. -- Also discussed splitting the test suite between core and types – PR 428 (https://github.com/package-url/purl-spec/pull/428). Jan and others: we need flexibility in how we use the various objects in the test suite. -- Jaime: Re PEP 725 (https://peps.python.org/pep-0725/) – we need something that is ecosystem-agnostic –- single source of truth. Vendored dependencies present a challenge. -- Discussion of versions ranges. See, e.g., https://github.com/package-url/purl-spec/issues/362 and https://github.com/package-url/purl-spec/issues/386. -- PR 422 – Philippe understands this can be useful in certain corner cases. -- Issue 222 – Jaime asked Philippe to consider abstract PURL types. -- The meeting was adjourned. diff --git a/meetings/2025-04-02.md b/meetings/2025-04-02.md deleted file mode 100644 index 24fc4a3..0000000 --- a/meetings/2025-04-02.md +++ /dev/null @@ -1,55 +0,0 @@ -# Agenda for the PURL community meeting on 2025-04-02 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 16:30 UTC - - 18:00 to 18:30 CEST (Europe/Brussels) - - 12:00 to 12:30 EDT (America/New_York) - - 09:00 to 09:30 PDT (America/Los Angeles) - - 01:00 to 01:30 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-03-19 meeting -- https://github.com/package-url/purl-spec/blob/master/meetings/2025-03-19.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - Component-focused encoding etc. https://docs.google.com/spreadsheets/d/1biOCUY4eCqQaYmfGDHVrASV9igYEzct6 - - Open issues/PRs https://docs.google.com/spreadsheets/d/1H2QAcADLaMNgcR5BMK7bQxzH5D3X-SdO - -## Attendees -- Philippe Ombredanne, PURL, AboutCode, TC54-TG2 convener -- John Horan, AboutCode -- Joshua Kugler, Adobe -- Jan Kowalleck, CycloneDX, Sovereign Tech Agency, TC54 member -- Immanuel Kunz, Fraunhofer AISEC -- Michael Herzog, AboutCode -- Doug Clarke -- Geo (George) Masters - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - Joshua: nothing in particular - - Jan: there are PRs that need to be reviewed - - Immanuel: new PR 434 (https://github.com/package-url/purl-spec/pull/434) - - Philippe: character encoding - - Michael: nothing in particular - - Doug: nothing but perhaps could help with PR reviews -- Philippe: Re Jan's point about PRs that need reviews – there's a lot of work going on; and new PRs have continued to be opened. Jan: we need to keep the issues and PRs narrowly focused –- there is too much commentary that is not relevant to the specific topic at issue, which interferes with an efficient and focused resolution of the PRs. Philippe: agreed; we are working on splitting encoding and applying the narrow focus going forward. Resolving encoding should open up many other issues/PRs to be addressed and resolved. We all contribute to the unwanted expansion of discussions beyond the narrow focus we need. - - Philippe: PR 416 (https://github.com/package-url/purl-spec/pull/416) as an example: fixing encoding in tests is premature until encoding has been agreed upon and resolved. Jan: on the other hand, when that PR was created, it could nonetheless have easily been resolved at the time. Philippe: agreed but resolving and merging encoding is critical. -- Philippe: PR 398 (https://github.com/package-url/purl-spec/pull/398) is ready to be merged. -- Philippe: Next, the new encoding PR 439 (https://github.com/package-url/purl-spec/pull/439). Jan: UTF-8 before percent-encoding –- this should already be clarified. Philippe: what other characters MUST NOT be encoded? Jan and Philippe discussed various characters, e.g., '/'. Philippe walked us through the current "Character encoding" language. George: what about the '@'? Philippe: not ambiguous when used as the first character of a namespace, e.g., by `npm`. George: no ambiguity issue re namespace, but the language is a bit unclear in the encoding section. Philippe: note that each component can further define encoding applied to its content. Philippe: approved and merged PR 439. Philippe approved and merged PR 416 as well. -- Philippe: next we'll look at namespace, name and subpath. Jan: thinks he is done with subpath (https://github.com/package-url/purl-spec/pull/394). Philippe: will review soon but not right now. -- Philippe: Immanuel had asked to address PR 434 (add 'intdot' versioning scheme). (Immanuel had to leave meanwhile.) Philippe and Jan discussed. PR 434 was merged. -- Jan: PR 440 (https://github.com/package-url/purl-spec/pull/440) – fixing a link. Approved and merged. -- Michael: at some point we might want to consider future versions and how we manage that process. -- Philippe discussed the Better-PURL project – https://github.com/orgs/aboutcode-org/projects/19/views/1. George: PURL validator is invaluable. -- Philippe: and Joshua's PR 178 (https://github.com/package-url/packageurl-python/pull/178) will be merged by the end of the week. -- The meeting was adjourned. diff --git a/meetings/2025-04-16.md b/meetings/2025-04-16.md deleted file mode 100644 index 2623fbc..0000000 --- a/meetings/2025-04-16.md +++ /dev/null @@ -1,59 +0,0 @@ -# Agenda for the PURL community meeting on 2025-04-16 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 16:30 UTC - - 18:00 to 18:30 CEST (Europe/Brussels) - - 12:00 to 12:30 EDT (America/New_York) - - 09:00 to 09:30 PDT (America/Los Angeles) - - 01:00 to 01:30 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-04-02 meeting -- https://github.com/package-url/purl-spec/blob/master/meetings/2025-04-02.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - Component-focused encoding etc. https://docs.google.com/spreadsheets/d/1biOCUY4eCqQaYmfGDHVrASV9igYEzct6 - - Open issues/PRs https://docs.google.com/spreadsheets/d/1H2QAcADLaMNgcR5BMK7bQxzH5D3X-SdO - -## Attendees -- Philippe Ombredanne, PURL, AboutCode, TC54-TG2 convener -- John Horan, AboutCode -- Joshua Kugler, Adobe -- Martin Prpic, Red Hat -- Michael Herzog, AboutCode -- Jan Kowalleck, CycloneDX, Sovereign Tech Agency, TC54 member -- George Masters - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - Joshua: nothing in particular - - Martin: percent-encoding of qualifiers in packageurl-python implementation - - John: issue/PR status - - Michael: milestones, actual spec target document structure - - Jan: milestones, subpath issue he had to reopen for related issues - - George: just observing - - Philippe: recent developments -- Philippe: - - Summarized developments at conferences he attended last week; lots of interest, discussions re PURLs. - - CVE/MITRE funding status. Martin: situation less alarming than some might think – CVE Program exists regardless of particular MITRE funding questions, and new initiatives are being explored. CVE is a global, not exclusively American, program, with many CNAs and other interested parties around the globe. Philippe: idea re spec similar to PURL but for vulnerabilities. Martin: might fragment the ecosystem. Why not use a VEX standard instead? -- Martin: Questions re encoding and qualifiers. Test suite and libraries do not follow the encoding spec. Questions include whether the colon ':' must be percent-encoded, which Martin understood was the case. John: the last encoding update expressly provides that "all characters MUST be encoded except for the colon ':'." -- John: Brief update on recent progress. -- Martin: Brief overview of VulnCon last week. Software ID was an active topic. He gave a PURL presentation, will share link when available. C/C++ standardization needs attention. Philippe agrees. -- Jan: Questions re the subpath tickets under the newly-reopened parent issue https://github.com/package-url/purl-spec/issues/379. - - One topic: PR 458 (https://github.com/package-url/purl-spec/pull/458) – don't limit path delimiters to the slash '/' – there are other path delimiters. (See, e.g., https://en.wikipedia.org/wiki/Path_(computing).) Philippe: thinks this was not supported before, just POSIX, could introduce problems. Jan: question is how to craft the subpath, and wants to point out there are more delimiters than just the slash '/'. Joshua: understands that Python, for example, assigns the correct subpath delimiter behind the scenes. Detailed discussion ensued. We'll continue this discussion offline. - - Next: PR 449 (https://github.com/package-url/purl-spec/pull/449) was discussed. Philippe: will think about these two PRs together. These might raise more questions than they clarify. The clarity of POSIX is very appealing. -- Jan: Re the 1.0-draft milestone – proposes that this not include type-related issues/PRs. - - Michael: yes, makes sense, and he has drafted a document to help organize the issues/PRs. Michael summarized his proposal re core-spec vs. PURL types including perhaps a minimal spec for types. - - Philippe: that is consistent with Steve's proposal re a JSON Schema that would address types. (See https://github.com/package-url/purl-spec/pull/401.) - - In addition, Michael will adapt the CycloneDX document to our PURL work to provide an initial sense of the structure and will share his work when ready. - - Philippe: see also Steve's example at https://github.com/Ecma-TC54/ECMA-xxx-PURL. -- The meeting was adjourned. diff --git a/meetings/2025-04-30.md b/meetings/2025-04-30.md deleted file mode 100644 index 51b4a01..0000000 --- a/meetings/2025-04-30.md +++ /dev/null @@ -1,68 +0,0 @@ -# Agenda for the PURL community meeting on 2025-04-30 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 16:30 UTC - - 18:00 to 18:30 CEST (Europe/Brussels) - - 12:00 to 12:30 EDT (America/New_York) - - 09:00 to 09:30 PDT (America/Los Angeles) - - 01:00 to 01:30 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ydj-qwbs-iiv - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-04-16 meeting -- https://github.com/package-url/purl-spec/blob/main/meetings/2025-04-16.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - Open issues/PRs -- https://docs.google.com/spreadsheets/d/1RKw0XB-xAPsZ09Uzj1W4ycYIvS1BVOyD/ - - Component-focused encoding etc. -- https://docs.google.com/spreadsheets/d/1cqAclXllebhejarivBfCHUxW_4v1i8bf - -## Attendees -- Philippe Ombredanne, PURL, AboutCode, TC54-TG2 convener -- Steve Springett, OWASP Foundation / ServiceNow -- Matt Rutkowski, IBM -- Michael Herzog, AboutCode -- John Horan, AboutCode -- Joshua Kugler, Adobe -- Pavel Shukhman -- George Masters - -## Notes -- Meeting minutes are being kept and will be published, but the meeting is not being recorded. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- The participants agreed with the proposal that for future PURL community meetings, we'll use a different Google Meet URL – https://meet.google.com/vwc-duqp-hcm (also being used for the TC54-TG2 meetings) – and use the built-in video recording capabilities to record the meetings. We'll make the recordings available via a shared Google Workspace folder but will not be posting them to YouTube. -- Michael: We'll use a shared Gdrive for a new "purl-spec" folder, which will include some relevant files that had been maintained on GitHub but given their size were not really appropriate for GH. This will serve as a sort of supplement to GitHub issues/tickets. Those files include a proposed timeline for the spec, which will be available soon for review and comments. Among the topics covered is a spec for types. Philippe: good idea, but beware of fractured docs. Michael: acknowledged, but note that some files, e.g., some .xlsx files, can simply be too large for storage on GitHub. -- Additional agenda items: - - John: The latest updated language for the "Character encoding" section and related lead-in in the "Rules for each purl component" section. https://github.com/package-url/purl-spec/pull/461 - - Joshua: Interested in the status of the next packageurl-python release - - Steve: Working on updating the code for the TC54-TG2 and PURL community schedules, hope to publish later today – John will provide Steve with the Google Meet recording-capable URL we'll use going forward. - - Pavel: The namespace in the `oci` type – see https://github.com/package-url/purl-spec/issues/425. The relevant issues include how a slash '/' is used and encoded. - - Matt: nothing today - - George: nothing today - - Michael: already addressed (see just above in these minutes) -- Philippe: re Michael's mention of types, remember that Steve has a mini schema, structured, machine-readable. Steve – Jan has been working on dividing the `type`-related specs into separate files; perhaps it would be most efficient to also put the related test cases there? Philippe: Yes, it makes good sense to have them all in one place; and per John's comment we'll also have our existing (to be updated) tests separately, which handle, e.g., tests for various components, characters between components and so on. -- Philippe: re encoding, should we consider including in the core-spec an extract of the language from RFC 3986 section 2.1 (our cite re the percent-encoding mechanism)? - - Steve: suggested keeping the current URL citation we have, since the underlying source will need to be referenceable in the final spec. - - John: we currently include a URL for the publicly-available text from datatracker.ietf.org (https://datatracker.ietf.org/doc/html/rfc3986#section-2.1), thinks the official text might not be publicly available. - - Matt: going forward we also need just one form of canonical PURL as a reference, e.g., for validation purposes. - - Steve: We can add that requirement in the conformance section of the spec. - - Philippe: Getting back to the current character-encoding PR, he will respond to the various comments @ppkarwasz has provided wrt John's latest update to the PR. -- Matt: canonical validation is critical. - - Steve: wouldn't be that hard. - - Matt: maybe have a GitHub repo for validation – an automated system. Philippe: We have code in the PurlDB to do that, currently under development. See, e.g., https://github.com/aboutcode-org/purldb/issues/614 and https://github.com/aboutcode-org/purldb/issues/614. This can be hosted or deployed locally. Matt: hosted with a nice front end is always great, but GitHub is free. - - Steve: strength of formal standard for PURL– could theoretically validate all PURLs in a BOM – data validation as well as against the spec; maybe build a browser-based tool using WebAssembly, which is what they do in CycloneDX. Matt: just have to be concerned re the language bindings, as Pavel suggested earlier. Philippe: There are several relevant questions this should answer and data that could be provided: - 1. Is the syntax of a PURL correct? - 2. Is the content correct? - 3. Does the PURL/package exist upstream? - 4. Can you provide me with the metadata for that PURL? - - Philippe: this will be able to be accessed via a local DB or through a remote query; plus we plan to build a consolidated dataset of all PURLs that can be used offline. We already have the code to collect this data; the goal of the project is to distribute via multiple GitHub Actions. For now, we plan to make this available with the Python, Go and Rust libraries, able to be used in an app to do offline validation. Matt: need to evaluate each step separately and carefully. Philippe: agreed – he will put this all in an issue so that it's clear. -- Steve: CycloneDX's web tool handles validation – it needs some updating, and they can add the PURL to the validation capabilities. The CycloneDX authoring tool could also have PURL added in the future. -- Matt: The most likely use case is someone who wants to validate PURLs within an SBOM - seems much more likely than a use case to validate PURLs individually. -- Michael: The validation of PURLs in an SBOM should be handled by the respective CycloneDX or SPDX SBOM validation tools because a PURL-only tool would need to include SBOM extraction/analysis tools to find the PURL data within an SBOM and there are some differences in the existing SBOM validation tools based on the CycloneDX or SPDX versions. A better approach would be to provide a PURL validation library to support the existing CycloneDX and SPDX validation tools. -- Steve: In addition, every implementation should be required to validate PURLs. Pavel: maybe choose a representative implementation? -- The meeting was adjourned. diff --git a/meetings/2025-05-14.md b/meetings/2025-05-14.md deleted file mode 100644 index 1a0bb13..0000000 --- a/meetings/2025-05-14.md +++ /dev/null @@ -1,125 +0,0 @@ -# Agenda for the PURL community meeting on 2025-05-14 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 16:30 UTC - - 18:00 to 18:30 CEST (Europe/Brussels) - - 12:00 to 12:30 EDT (America/New_York) - - 09:00 to 09:30 PDT (America/Los Angeles) - - 01:00 to 01:30 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/vwc-duqp-hcm - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWliM3RyZXRpdmI4NXFoYXR1MzRkdmg0a3ZfMjAyNTAxMjJUMTcwMDAwWiBjX2Q4YjE1NDIwZGZmMTdiNzk1OWUyOWE1MWFlMzI0MDk1MWNiZTM4ZGIxZGFlNDU5NzJhODVjOWE3MTEyMDQyMDVAZw&tmsrc=c_d8b15420dff17b7959e29a51ae3240951cbe38db1dae45972a85c9a711204205%40group.calendar.google.com&scp=ALL) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Minutes of the 2025-04-30 meeting -- https://github.com/package-url/purl-spec/blob/master/meetings/2025-04-30.md -- Overview of current core spec updating - - GitHub project board https://github.com/orgs/package-url/projects/1/views/1 - - Open issues/PRs – https://docs.google.com/spreadsheets/d/1RKw0XB-xAPsZ09Uzj1W4ycYIvS1BVOyD/ - - Component-focused encoding etc. -- https://docs.google.com/spreadsheets/d/1cqAclXllebhejarivBfCHUxW_4v1i8bf - -## Attendees -- Martin Prpič, Red Hat -- Matt Rutkowski, IBM -- Michael Herzog, AboutCode -- Joshua Kugler, Adobe -- Pavel Shukhman -- Jaime Rodríguez-Guerra, Quansight -- Immanuel Kunz, Fraunhofer AISEC -- John Horan, AboutCode - -## Notes -- Meeting minutes are being kept and will be published; and we'll record the - meeting to vet the usefulness of Google Meet video and Gemini "note-taking" - in preparing the minutes. -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - Martin Prpič: do the proposed changes to the "Character encoding" section - impact the version component updating? Plus various organizational - questions. - - Joshua: waiting on new Python implementation release - - Immanuel: PRs 470 (https://github.com/package-url/purl-spec/pull/470) - and 443 (https://github.com/package-url/purl-spec/pull/443) - - Pavel: TEA work – use of multiple PURLs for same package/ecosystem - - Jaime: Python implementation – needs to reopen and review PRs 184 (https://github.com/package-url/packageurl-python/pull/184) - and 186 (https://github.com/package-url/packageurl-python/pull/186) - - Matt: no - - Michael: no - - John: no -- Martin Prpič: Regarding the version component updating, are there any changes - in the proposed "Character encoding" update PR 461 (https://github.com/package-url/purl-spec/pull/461) - that, once merged, would impact the version component updating? John: none - comes to mind. Martin: will review issues attached to issue 380 ("Clarify - spec for version" -- https://github.com/package-url/purl-spec/issues/380) - and close if they are resolved with the latest character encoding spec update. -- Martin also raised the question of updating the test suite after the - character-encoding update is approved and merged. Martin and John discussed - the critical role of accurate tests in validating the updated spec, noting - that if that is meant to be part of the 1.0 release, the test-related work - needs to be integrated into the tentative schedule. Martin also suggested - requiring that changes proposed for the core spec be accompanied by - corresponding changes to the test suite contents. -- Martin Prpič: Various organizational questions/suggestions -- - - Consider creating a dedicated PURL website that would contain a - visually-pleasing rendered version of the specification. Michael: Maybe - something GitHub generates? We discussed some ideas along these lines at - the last TC54-TG2 meeting including doing something similar to the - document-generation approach taken by CycloneDX. Matt noted that at the - TG2 meeting he'd suggested using docusaurus (https://docusaurus.io/), a - documentation generator. Matt has actually created a local copy and - instantiated a default website, though he would need maintainer or - committer access to the `purl-spec` GitHub site so he can activate the pages. - - Use markdown instead of rst. `.md` files can be converted to various - outputs we want, e.g., using Pandoc (https://github.com/jgm/pandoc). - MkDocs (https://squidfunk.github.io/mkdocs-material/) is `.md`-based and - worth considering. Michael will open an issue so we can discuss what's - involved. Matt: make sure Steve (Springett) has the opportunity to weigh - in. Michael has prepared some documentation ideas (https://docs.google.com/document/d/1HbCPSnIBuemlHePHRiy_6F1kYwI-RMIr/edit?usp=drive_link&ouid=109207805937002014344&rtpof=true&sd=true) and proposed adding the - website discussion to the TG2 meeting agenda. Matt also pasted a link to - the `docx2md` repo (https://github.com/dogatana/docx2md) in case we need - to convert `.docx` files to `.md`. - - Extend this PURL community meeting to one hour. Martin: We can use the - additional 30 minutes, as our recent meetings have shown. John: great - idea, will do. - - Use the same gdoc as a running record for each meeting, keeping the - previous meeting notes in that gdoc as an ongoing record. Valuable as a - record, easy to find, and gives everyone the opportunity to review and - add agenda items in advance of a meeting. John: Another excellent idea, - will do. -- Joshua: Still waiting for the next Python implementation release. John will - do his best to move this forward. Michael noted that Philippe is currently - on leave, so the release will not happen this week. Michael also suggested - that milestones could be used in the future to track releases and included - issues. -- Immanuel: Would like to discuss two PRs, 470 (https://github.com/package-url/purl-spec/pull/470) - and 443 (https://github.com/package-url/purl-spec/pull/443). Jan (Kowalleck) - made many of the most significant comments but is not present today, so - Michael proposed adding the discussion about Immanuel's PRs to the agenda for - the next TG2 meeting (scheduled for 2025-05-23 14:00 to 15:00 UTC; the Google - Meet URL is https://meet.google.com/vwc-duqp-hcm). Immanuel is available and - Michael and John will alert Jan. -- Pavel: Is it possible for a single PURL to represent a single release - containing both a Docker image and a Maven package? Michael: There is - currently nothing planned for this. Pavel: Is it acceptable to have two - separate PURLs for the same package, e.g., a GitHub type and a Maven type? - Martin: it is perfectly acceptable to have multiple PURLs representing the - same software, e.g., identical Docker images in different repositories. - Michael echoed this, noting that PURL granularity can vary, and the key is to - avoid overloading the PURL. -- Jaime: Currently working on the Python implementation (https://github.com/package-url/packageurl-python) - and needs to reopen PR 184 (https://github.com/package-url/packageurl-python/pull/184). - In addition, PR 186 (https://github.com/package-url/packageurl-python/pull/186) - – which contains tests requested by Philippe (Ombredanne, not able to attend today) - – needs to be reviewed. John reopened PR 184. Jaime asked that, if possible, - PR 186 be reviewed before the next `packageurl-python` release (i.e., the - same release Joshua is waiting for) so it can be included in that release. - Jaime noted PR 186 is related to `purl-spec` PR 433 (both concern `vers` - as a qualifier). -- Michael suggested that we consider a process by which an issue/PR raised - during the PURL community meeting would be prioritized to be covered in the - biweekly TC54-TG2 meeting if not already resolved. -- The meeting was adjourned. diff --git a/meetings/2025-05-28.md b/meetings/2025-05-28.md deleted file mode 100644 index e62a088..0000000 --- a/meetings/2025-05-28.md +++ /dev/null @@ -1,62 +0,0 @@ -# Agenda for the PURL community meeting on 2025-05-28 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 17:00 UTC - - 18:00 to 19:00 CEST (Europe/Brussels) - - 12:00 to 13:00 EDT (America/New_York) - - 09:00 to 10:00 PDT (America/Los Angeles) - - 01:00 to 02:00 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ryq-aimn-ghd - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MnFlaXE3a2VqcnJqcTRkN2Vtb2EyMW4xbnRfMjAyNTA1MjhUMTYwMDAwWiBjX2MwODYxYWJlYmRmNjllZjBkZmVjNjgxM2IyN2JmYzdjMjk3ZDU5MThiM2EyZTk3NmZjYTdiYmViMzg1OGE5YjNAZw&tmsrc=c_c0861abebdf69ef0dfec6813b27bfc7c297d5918b3a2e976fca7bbeb3858a9b3%40group.calendar.google.com) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Review minutes of the 2025-05-14 meeting – [not approved and merged at the time of the call; subsequently approved, merged and available at https://github.com/package-url/purl-spec/blob/main/meetings/2025-05-14.md] -- Overview of current core spec updating - - GitHub project board – https://github.com/orgs/package-url/projects/1/views/1 - - Open issues/PRs – https://docs.google.com/spreadsheets/d/1RKw0XB-xAPsZ09Uzj1W4ycYIvS1BVOyD/ -- Discuss schema for PURL types – see *Add Schema that defines PURL types* – https://github.com/package-url/purl-spec/pull/401 -- Review *Update "Character encoding" and related provisions* – https://github.com/package-url/purl-spec/pull/461 -- Review *Clarify namespace and name components* – https://github.com/package-url/purl-spec/pull/453 - -## Attendees -- Philippe Ombredanne, creator of PURL, Lead maintainer of AboutCode, TC54-TG2 convener -- Jon Moroney -- Matt Rutkowski, IBM -- Immanuel Kunz, Fraunhofer AISEC -- George Masters -- Michael Herzog, AboutCode -- John Horan, AboutCode - -## Notes -- Meeting minutes are being kept and will be published, and the meeting will be recorded with Google Meet video and Gemini "note-taking". -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - Matt: website help for the spec - - Jon: nothing atm; worked on the GitHub advisory database, mappings, lots of discussion re PURLs; now at Red Hat - - Immanuel: 2 open PRs re vers - - Michael: planning, milestones - - Philippe: catching up - - John: character encoding and namespace-name PRs - - George: nothing atm -- Matt: he manages an IBM-wide course for students to get involved in open source. Several students based in Ireland, interested in helping with a static hosted website for the specification and related documentation. Hopes to get started next Wed. in a call with the students, with a focus on using Pandoc for initial conversion to .md and Docusaurus for the website generation, emphasizing automation. -- Michael noted that he has started an outreach document (https://docs.google.com/document/d/1eEw4oMTDLSeJP7pbWIFl83IPJ2dfCDnd/edit). The CycloneDX website provides an interesting example of how we might approach the spec website. Matt: keep as much as possible in .md format. -- Jon M.: Are generating and parsing PURLs part of the spec? Philippe: yes, these are part of the spec but we need a streamlined structure, also planning to incorporate a JSON Schema for PURL types. -- Philippe and Matt discussed migrating from .rst to .md and potential content for the website beyond the specification. -- Philippe: the Common Security Advisory Framework (https://www.csaf.io/) is now an ISO standard, making (transitively) PURL an ISO standard as well since CSAF incorporates PURL and VERS. -- Philippe: re Immanuel's 2 PRs, 470 – https://github.com/package-url/purl-spec/pull/470 and 443 – https://github.com/package-url/purl-spec/pull/443, Philippe has merged one, will merge the other. He, Immanuel and Jon M. discussed various version schemes as well as the need to be able to specify multiple version ranges in security advisories, and Philippe noted that `vers` is designed to address this need. -- John H. provided an update on the namespace-name and character-encoding PRs. -- Michael: He and John H. have been working on a practical plan. Michael summarized the various deadlines for the PURL v0.90 and v1.0 work, with a near-term focus on finishing v0.90 by June 30. He and Philippe noted that the `type` JSON Schema will be part of the core spec – the v0.90 and ultimately 1.0 standard – while individual `type` definitions will be handled separately, each in its own .json file. -- Michael, Philippe and Jon M. discussed the merits of JSON vs. YAML. -- Michael reiterated the importance of the timeline, and Philippe agreed to review and refine the milestones. -- Philippe and Jon M. discussed the implications of adding new types. -- Michael introduced an outreach plan (https://docs.google.com/document/d/1eEw4oMTDLSeJP7pbWIFl83IPJ2dfCDnd/edit) covering the website and mailing lists. -- Michael emphasized the importance of validation testing beyond the basic test suite and finding ways to reach out to owners of various implementations. -- John H. noted that the "how to parse" and "how to build" sections in the core spec need attention. -- Philippe shared a draft blog post idea about the problems with CVE and the defunding of CVE.org (https://github.com/aboutcode-org/www.aboutcode.org/issues/3). -- The meeting was adjourned. diff --git a/meetings/2025-06-11.md b/meetings/2025-06-11.md deleted file mode 100644 index f32bc0c..0000000 --- a/meetings/2025-06-11.md +++ /dev/null @@ -1,99 +0,0 @@ -# Agenda for the PURL community meeting on 2025-06-11 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 17:00 UTC - - 18:00 to 19:00 CEST (Europe/Brussels) - - 12:00 to 13:00 EDT (America/New_York) - - 09:00 to 10:00 PDT (America/Los Angeles) - - 01:00 to 02:00 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ryq-aimn-ghd - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MnFlaXE3a2VqcnJqcTRkN2Vtb2EyMW4xbnRfMjAyNTA2MTFUMTYwMDAwWiBjX2MwODYxYWJlYmRmNjllZjBkZmVjNjgxM2IyN2JmYzdjMjk3ZDU5MThiM2EyZTk3NmZjYTdiYmViMzg1OGE5YjNAZw&tmsrc=c_c0861abebdf69ef0dfec6813b27bfc7c297d5918b3a2e976fca7bbeb3858a9b3%40group.calendar.google.com) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Review minutes of the 2025-05-28 meeting – [not yet approved and merged] -- Overview of current core spec updating - - GitHub project board – https://github.com/orgs/package-url/projects/1/views/1 - - Open issues/PRs – https://docs.google.com/spreadsheets/d/1RKw0XB-xAPsZ09Uzj1W4ycYIvS1BVOyD/ - -## Attendees -- Philippe Ombredanne, creator of PURL, Lead maintainer of AboutCode, TC54-TG2 convener -- Jon Moroney -- Tom Alrich -- Matt Rutkowski, IBM -- Salve J. Nilsen (CPANSec) -- Michael Herzog, AboutCode -- John Horan, AboutCode - -## Notes -- Meeting minutes are being kept and will be published, and the meeting will be - recorded with Google Meet video and Gemini "note-taking". -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - John: spec update - - Jon: nothing atm - - Michael: standard vs spec timelines - - Salve: share PURL discussions from CNA meeting he attended last Friday - - Tom: nothing atm - - Matt: website status - - Philippe: spec status update, misc. events -- Michael clarified the distinction between the PURL Ecma standard and the core - specification. - - We have companion milestones: PURL Ecma-Standard v0.90 https://github.com/package-url/purl-spec/milestone/8 - and PURL Core-Spec v0.90 https://github.com/package-url/purl-spec/milestone/1. - The goal: a v0.90 final draft of the standard – covering components, - character- encoding rules, and a PURL type definition (as a JSON Schema) - – by June 30 for submission to Ecma by September 1. No parsing, testing - etc. – that is part of the core spec. - - The core spec timeline will probably have an August milestone to assess - where we are and what if any changes might be needed in moving the PURL - standard from v0.90 to v1.0. - - December is a slow month for launches so we're thinking of a PURL 1.0 - launch in January, encompassing parsing, testing, website integration, - governance for PURL types, and infrastructure. -- Michael discussed a vulnerability working group meeting the prior day that - focused on PURLs for proprietary packages. - - It was clear that one type is not sufficient – there can be multiple types - for that purpose. One proposal, for example, was a DNS-based type. The - conclusion: there's as much variety in proprietary software as in open - source and we need governance and ways to manage multiple types for - proprietary software. The question is what are the criteria for registering - various PURL types for proprietary, with use case examples/explanations. - - Tom summarized some of the past discussions on the topic including types - for software stores and the `swid` type; and he and Michael discussed how - multiple types could address the varying needs of proprietary software - providers. Philippe noted that re proprietary software, it's the vendor - that defines the namespace, whether through an app store or otherwise. - Michael emphasized the "virtuous cycle" where vendors use their defined - PURLs when reporting vulnerabilities. - - Matt stressed the importance of a common identification system for all - packages and snippets for ease of automation, and emphasized the need to - identify proprietary packages and reference internal systems without - customer-facing implications. Jon M. noted that it would be helpful if a - proprietary provider who wants to register a new PURL type would provide - examples of how to construct an appropriate identifier with that type. - Matt agreed and gave CycloneDX's property taxonomy as an example. Tom: - proprietary vendors have all sorts of different ways to distribute their - software. Philippe: re Jon's point re discoverability, a PURL could - include the internal location of the package. Matt: PURL is really an - identifier, and identifiers are domain specific – PURL is not a URL. - Leave each identifier to its own domain and allow PURL to represent domains - that are proprietary. Philippe. Yes, completely. -- John H. summarized recent progress merging the character-encoding, namespace-name and version PRs, and opening a small subpath PR to ensure that all seven components define their respective sets of permitted characters. He also noted ongoing discussions and PRs related to building, serializing, and parsing, which are crucial for creating syntactically correct tests and being able to validate PURLs. -- Philippe: there are two issues we need to discuss in the next week or so, both involving breaking compatibility. - - Not encoding slashes '/', which could improve the look of PURLs for Go packages and relax slash usage in qualifiers (e.g., for alternate repository URLs). He needs to check whether that proposed change would create any problems. - - The second issue would be not encoding the "@" sign in the namespace for npm scopes. Jon M. clarified that npm scope is more of a naming convention and suggested it's better to think of that portion of the npm PURL as just part of the name. -- Following up on Jon M.'s comment re the npm namespace, Philippe suggested we consider a single "namespace-name" string with type-specific interpretations, since some package types don't inherently have a separate namespace and name. -- Matt: website status – renders well on mobile, good accessibility and other scores from Lighthouse testing (https://github.com/GoogleChrome/lighthouse). His developers are ready for feedback; Michael will create a Google doc with some basic ideas. Philippe will make Matt a maintainer of the purl-spec repo. -- Salve shared feedback from a recent CNA meeting for open source software CNAs at which PURL was discussed – warm discussion, strong opinions re PURL expectations, some slightly unrealistic perhaps, including two PURL-related pull requests he considers problematic re version ranges and the use of `generic` and `swid` PURLs. Jon M., Salve and Philippe discussed in detail. See https://github.com/CVEProject/cve-schema/pull/409 and https://github.com/CVEProject/cve-schema/pull/407. Philippe: `generic` is an escape hatch, a last resort at best. Salve clarified that he was referring to the `vers` spec and not the PURL `version` component, noting that in handling version ranges, `vers` was particularly useful in identifying a range of packages affected by a particular vulnerability. -- Salve suggested updating the FAQ file with various use cases for PURLs across the supply chain to provide clearer guidance and address misunderstandings, especially for projects like the Linux kernel and curl that don't distribute traditional packages. Philippe: re `vers` – not incompatible with Salve's proposal, can map them to one another. Salve: `vers` solves a real problem. Jon: semantic versioning PR – https://github.com/CVEProject/cve-schema/pull/371 – independent scheme can be put into the CVE schema. CVE group wants to alter what semantic versioning means and could seek to alter what `vers` means as well. The group agreed to continue this conversation with the CVE group. -- Jon: first question when he got into PURLs – what is a package? Seems very foundational. See https://github.com/package-url/purl-spec/discussions/359. Philippe gave examples of his views re what is/is not a package. Salve: spent much time last year re what a package is. He listed several criteria: a namespace, associated metadata, a unique name within that namespace – discoverable somehow within that ecosystem/namespace. Cannot have 2+ packages with the same name. Jon: agrees 100%: namespace is needed; the question is what is the best fit for the needs. Salve: not complicated – each publisher needs to decide so PURL can be matched to package, especially when vulnerabilities are involved. Philippe: important and urgent and deserves a separate discussion. -- Philippe: there have been some discussions re a type for C/C++. Salve: same problem re the namespace constraint; Jon M. agreed. Philippe provided a link to a Google Doc with extensive discussion on this topic, including input from Red Hat. https://docs.google.com/document/d/112Jbpoc-yXMmsYUOSFyAgqglcTYjKS7F The participants also discussed the various ways C/C++ has been/is being consumed. -- The participants discussed a wide range of topics regarding package vulnerabilities, including discoverability, VEX, disclosures, and security.txt as an existing standard that could potentially be extended to include CVEs or OSV references. -- Philippe asked and Salve agreed to open a PR re his suggestion that the FAQ be expanded. See Salve's PR: https://github.com/package-url/purl-spec/issues/486. Michael will prepare a proposal re a separate meeting or meetings to address the `vers` specification/standard. Philippe emphasized the importance of following up re PURL in CVEs with Greg Kroah-Hartman (Linux kernel) and Daniel Stenberg (curl). -- The meeting was adjourned. diff --git a/meetings/2025-06-25.md b/meetings/2025-06-25.md deleted file mode 100644 index f21be1b..0000000 --- a/meetings/2025-06-25.md +++ /dev/null @@ -1,65 +0,0 @@ -# Agenda for the PURL community meeting on 2025-06-25 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 17:00 UTC - - 18:00 to 19:00 CEST (Europe/Brussels) - - 12:00 to 13:00 EDT (America/New_York) - - 09:00 to 10:00 PDT (America/Los Angeles) - - 01:00 to 02:00 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ryq-aimn-ghd - - [Meeting invite](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MnFlaXE3a2VqcnJqcTRkN2Vtb2EyMW4xbnRfMjAyNTA2MjVUMTYwMDAwWiBjX2MwODYxYWJlYmRmNjllZjBkZmVjNjgxM2IyN2JmYzdjMjk3ZDU5MThiM2EyZTk3NmZjYTdiYmViMzg1OGE5YjNAZw&tmsrc=c_c0861abebdf69ef0dfec6813b27bfc7c297d5918b3a2e976fca7bbeb3858a9b3%40group.calendar.google.com) - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- Review minutes of the 2025-06-11 meeting – https://github.com/package-url/purl-spec/blob/main/meetings/2025-06-11.md -- GitHub project board – https://github.com/orgs/package-url/projects/1/views/1 -- Open issues/PRs – https://docs.google.com/spreadsheets/d/1RKw0XB-xAPsZ09Uzj1W4ycYIvS1BVOyD/ -- Next TG2 meeting rescheduled from July 4 to July 3 due to US holiday -- Mailing list - see https://github.com/package-url/purl-spec/discussions/488 - -## Attendees -- Philippe Ombredanne, creator of PURL, Lead maintainer of AboutCode, TC54-TG2 convener -- Jon Moroney -- Jaime Rodríguez-Guerra, Quansight -- Matt Rutkowski, IBM -- Michael Herzog, AboutCode -- John Horan, AboutCode - -## Notes -- Meeting minutes are being kept and will be published, and the meeting will be recorded with Google Meet video and Gemini "note-taking". -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - Philippe: various announcements, status - - John: nothing atm - - Jon: nothing atm - - Matt: nothing atm - - Michael: mailing list, rescheduled July 4 TC54-TG2 mtg (to July 3), June 30 target date status/steps - - Jaime: - - https://github.com/package-url/packageurl-python/pull/191 - - https://github.com/package-url/packageurl-python/pull/186 - - https://github.com/aboutcode-org/univers/pull/157 -- Philippe noted that he joined John Bresser on a 2025-06-23 podcast to discuss PURL. https://opensourcesecurity.io/2025/2025-06-purl-philippe-ombredanne/ -- Jaime: discussed his 3 PRs with Philippe. - - PR 191 (package-url/packageurl-python). Philippe approved and merged. - - PR 186 (package-url/packageurl-python). Jaime: problem with a `univers` import/reliance (type hints). He and Philippe discussed and agreed a simple solution was the addition of a `py.typed` file to `univers`. https://github.com/aboutcode-org/univers/pull/159/files - - PR 157 (aboutcode-org/univers). Philippe said Jaime's proposed changes would be welcome. -- Michael explained the purpose of the new package-url/community repo https://github.com/package-url/community – for project infrastructure and operational matters, distinct from the governance repo – and provided a link to the PackageURL website issue he'd opened as issue 1. https://github.com/package-url/community/issues/1 -- Michael discussed the need for a mailing list, e.g., for broader outreach and announcements. See https://github.com/package-url/purl-spec/discussions/488. He suggested groups.io and Google Groups as potential options and is looking for feedback. -- Michael and John are triaging the PURL Ecma-standard v0.90 milestone's issues and PRs, looking to differentiate between discussions and actionable items. We have added various reports on the milestones to the shared Google Drive purl-spec folder, e.g. PURL Ecma-Standard v0.90 open issues/PRs. Michael asked John to create a discussion item to document their approach. -- The group discussed messaging platform candidates, including Slack, Gitter, and Zulip https://zulip.com/. Matt suggested we pick a single, preferred messaging mechanism and focus on effective calendaring management – keep up-to-date. -- Based on the 2025-06-20 TC54-TG2 meeting, Michael said he planned to start a Google Document, with Steve Springett's approval, as a target for the actual standard document, which Steve would then convert. Matt inquired about tagging releases or branches for automation purposes. Matt, Michael and Philippe discussed the need for more programmatic access and tagging. Matt advocated for a minimalistic approach using Markdown and GitHub issues/PRs for documentation and maintenance, reiterating the need for a tag for stable reference. -- Michael outlined his plan to break down the current specification to clearly define the scope of the standard and avoid duplication of information, aiming for individual Markdown documents managed in GitHub. Philippe and Jon discussed Forgejo, noting its adoption by Fedora as a potential replacement for existing systems and its distributed model, which deviates from GitHub's fork and pull request model. The origins and forks of the software (Gitea vs Gogs vs Forgejo) were briefly discussed. -- Matt: the website requires CI automation – can we provide him with a tag he can use to automate off the tag? Maybe a tag branch? Discussed with Philippe and Michael. Michael: standard vs specification. Matt: release tags could reflect formal boundaries or even interim status. -- Matt and Philippe discussed availability of a hosted service. Philippe suggested AboutCode could potentially shoulder some of the burden, ideally aiming for a distributed model similar to old SourceForge mirrors. -- Michael returned to focused standard vs. broader specification (containing the standard). Standard is critical near-term focus. Philippe will decide which issues to move to discussions. Michael differentiated between items needed by September 1st (standard) and those by December 1st (like branding), encouraging continued progress on all fronts. -- Design discussion, e.g., use of some form of pearl as icon for PURL/Package-URL. Matt suggested that PURL could be treated like YAML, where the acronym itself becomes the name, and proposed a colorized pearl image as a potential icon. Michael recalled previous ideas for imagery, including packages and various animals. Michael confirmed creating an issue for Matt to work on the website, providing a concrete starting point. Matt will forward it to his developers. -- Michael noted that the Cyclone DX site served as a reference point for the proposed website layout. -- Matt asked whether PURL could be used as an identifier for CycloneDX 2.0. His view: everything that can be represented as a CycloneDX 'component' can be identified with a PURL, even hardware assets. - - Matt, Jon, Michael, and Philippe discussed in detail. Jon: skeptical, including re PURL for hardware – advocated for purpose-built identifiers. Philippe: there are several other proposals re different uses of PURL, e.g., software vs hardware, open source software vs. proprietary software. C/C++. Oracle internal use, DNS use. Jon: how would one represent a PURL for proprietary software, e.g., vendor vs vendor – maybe types is not the right component for this? - - Matt reiterated the need to represent hardware assets in a fully compliant stack and suggested PURL could be a valuable identifier to avoid reversing ID boundaries. Jon raised a concern about the impact on consumers of SBOMs if PURL's meaning expands to include hardware, potentially complicating interpretation logic. Michael suggested that type definitions could address the distinction between software and hardware. Jon questioned how to create a type definition for hardware. Michael proposed "service" as a potential adjacent type to software. A detailed discussion followed concerning a range of related topics. -- The meeting was adjourned. diff --git a/meetings/2025-07-09.md b/meetings/2025-07-09.md deleted file mode 100644 index 7f70a8d..0000000 --- a/meetings/2025-07-09.md +++ /dev/null @@ -1,63 +0,0 @@ -# Agenda for the PURL community meeting on 2025-07-09 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 17:00 UTC - - 18:00 to 19:00 CEST (Europe/Brussels) - - 12:00 to 13:00 EDT (America/New_York) - - 09:00 to 10:00 PDT (America/Los Angeles) - - 01:00 to 02:00 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ryq-aimn-ghd - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- GitHub project board – https://github.com/orgs/package-url/projects/1/views/1 -- Open issues/PRs – https://docs.google.com/spreadsheets/d/1RKw0XB-xAPsZ09Uzj1W4ycYIvS1BVOyD/ - -## Attendees -- Philippe Ombredanne, creator of PURL, Lead maintainer of AboutCode, TC54-TG2 convener -- Jon Moroney -- Immanuel Kunz -- Tom Alrich -- Matt Rutkowski, IBM -- Michael Herzog, AboutCode -- John Horan, AboutCode - -## Notes -- Meeting minutes are being kept and will be published, and the meeting will be recorded with Google Meet video and Gemini "note-taking". -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - Michael: PURL types update; a number of organizational topics to discuss if time permits, e.g., repo structuring, should VERS be separated from PURL (e.g., separate meetings, since they'll be on different schedules) - - John: nothing atm - - Jon: Can he help with any asynchronous work? - - Immanuel: 3 open PRs (1 already has an approval) - - Tom: CVE.org - - Philippe: PURL type schemas, Thomas Schmidt discussion re JSON Schema etc. - - Matt: there are 2 developers working on the website, internships end in 2 weeks but would like to keep working on this; they'll join call on 23rd to present their work (John H. will add to agenda for July 23rd meeting) -- Summary - - Michael Herzog discussed plans for reorganizing the purl-spec repo post-v0.90 release, including the potential separation of VERS into its own repo, which Jon Moroney supported for technical reasons, while Philippe Ombredanne preferred a single repository but acknowledged the benefits. - - Philippe provided an update on the PURL type JSON Schema, including his draft PR, and discussed JSON Schema versions as well. Philippe plans to stay on JSON Schema draft 7 for now, despite recommendations to switch to the 2020 version, while Matt Rutkowski raised concerns about tooling support. - - Matt emphasized the importance of normalization rules for PURL types to automate testing, but this does not seem to be practical for v1.0 with the Sept 1 deadline to submit the proposed PURL Standard to Ecma. - - Philippe outlined the PURL type definition structure and proposed a new schema for PURL tests, while Immanuel Kunz noted his three open PRs. Tom Alrich reported that the CVE Quality Working Group is incorporating PURL into their schema, and Tom, Jon and others discussed CPE and proprietary software identifiers. - - Michael proposed reorganizing the purl-spec repository and addressed the need to clarify the licensing for the PURL specification, and Philippe emphasized the need for community approval for any license change. -- **Meeting Agenda and Volunteers** Michael Herzog introduced organizational topics for the repo after the v0.90 release, including potentially separating and scheduling different meetings for VERS due to their distinct standards and timelines (00:00:00). Jon Moroney volunteered for asynchronous work to help move things along (00:01:07). Matt Rutkowski announced that their two interns working on the website plan to present their progress at the next meeting on the 23rd (00:04:46). -- **PURL Type Schemas Update** Philippe Ombredanne provided an update on PURL types, sharing a draft PR with three schemas. One schema is for a list of PURL types, serving as an index that could be generated when new types are added (00:05:42). -- **JSON Schema Version Discussion** Philippe Ombredanne noted that the current draft uses an older JSON schema (draft 7) but, based on discussions with Thomas Schmidt, recommends switching to the 2020 version (six years old) for its expressiveness and widespread tool support (00:08:34). Matt Rutkowski expressed concerns about tooling support for versions beyond draft 7 in the open-source community, particularly for Go and JavaScript-based tools used for the website generator (00:11:45). Jon Moroney suggested identifying which languages and tooling ecosystems are critical to forge a path forward, agreeing that moving to a newer schema is a reasonable goal (00:13:01). Philippe Ombredanne stated their intent to stay on draft 7 for now, but noted that switching to a newer version would simplify things (00:14:59). -- **Normalization Rules for PURL Types** Matt Rutkowski emphasized the importance of built-in normalization capabilities to enable consistent comparison of objects in a Bill of Materials at different points in time and suggested adding an identifier or a defined key for unambiguous normalization [this point applies more to an SBOM object than a PURL definition] (00:17:45). Philippe Ombredanne acknowledged the need to rework the normalization section in the schema, as some rules are difficult to formalize, citing the "PyPI" example where underscores replace dashes (00:19:51). Jon Moroney agreed with Matt Rutkowski on defining clear normalization rules, suggesting that such rules would be PURL type-dependent and could be defined on a per-type basis in the spec (00:26:02). -- **Over-Specification and Timelines** Michael Herzog raised a concern about over-specifying in the current phase of the PURL project, emphasizing that it will be much harder to undo things once something is proposed for the standard (00:25:17). Philippe Ombredanne agreed on the need to avoid going into deep rabbit holes with overly formal definitions that might be regretted later, especially given the September 1st timeline (00:32:05). -- **PURL Type Definition Structure** Philippe Ombredanne outlined the structure of the PURL type definition, which includes fields for a specific package type (e.g., npm), a name, a description, and a list of reference URLs (00:30:49). The definition also specifies requirements for components like namespace, name, and version, allowing for formal definitions with regular expressions while trying to avoid over-complication (00:32:05). -- **PURL Examples and Test Suite Schema** Philippe Ombredanne showed that PURL examples are currently defined as an array of strings. Matt Rutkowski questioned if they could be self-validating against the PURL type itself, suggesting an "array of PURL types" (00:35:25). Philippe Ombredanne acknowledged that a self-validating PURL type schema is a goal but unlikely to be achieved by the September 1st deadline. Philippe Ombredanne introduced a new schema for PURL tests, drawing inspiration from CSAF, which defines parsing tests with input (a string) and expected output (components), allowing for formal validation of canonical PURLs (00:36:31). -- **Test Suite Targets** Philippe Ombredanne proposed the notion of "targets" for tests, separating essential tests for core specification conformance from tests for "funky" or recovery-parsing PURLs. This separation would help implementers distinguish between conforming to the base spec and supporting recovery capabilities, avoiding current ambiguities (00:40:25). Matt Rutkowski observed that PURL seems to be a right-sized specification for exploring this testing ecosystem, which Cyclone could benefit from (00:42:01). -- **Immanuel's Pull Requests** Immanuel Kunz mentioned having three open PRs in PURL, with one already approved and the other two having ongoing conversations (00:01:07). Philippe Ombredanne confirmed that the non-controversial PRs could be merged, while the others just need a bit more review (00:44:58). -- **CVE Quality Working Group and Software Identifiers** Tom Alrich reported that the CVE Quality Working Group (QWG) is moving quickly to incorporate PURL into their schema, with a preliminary meeting with the board scheduled (00:46:03). Jon Moroney elaborated that this is part of a larger RFD (Request for Discussions) process, a new decision-making framework (00:47:23). Two identifiers, Omnibor and PURL, are being proposed, with the idea of vendoring a tagged version of PURL once 0.90 is in place (00:48:45). -- **CPE and Proprietary Software** Tom Alrich mentioned that NIST has indicated they will not continue to fix CPE (Common Platform Enumeration), which has been trying to be too many things. Jon Moroney suggested that CPE's future might primarily be for proprietary software, where vendors can register namespaces, as PURL and Omnibor do not handle proprietary software well due to the lack of visibility for naming (00:51:04). Tom Alrich referenced a proposal from the SBOM Forum for a SWID-based software tag created by suppliers for proprietary software, which would serve as the source of truth for PURL (00:52:12). Jon Moroney argued that without a managed registry for such identifiers, they become arbitrary strings that are difficult to validate and lead to namespace conflicts (00:53:19) (00:57:41). -- **Registry for Proprietary Software Identifiers** Michael Herzog highlighted that the concept of supplier registries and master lists for physical goods (like in hardware manufacturing) provides a concreteness that is lacking in software, making it difficult to achieve the same level of certainty (00:55:26). Jon Moroney emphasized that without a registered component and a way to look it up, security researchers inspecting proprietary software might invent names, leading to namespace conflicts that are impossible to unwind (00:56:51). -- **Product Unique Identification and European Cyber Resilience Act** Philippe Ombredanne introduced the European Cyber Resilience Act, noting that it mandates unique identification for products placed on the market. This regulation will require commercial vendors to provide a unique name for their products, necessitating a public registry or a discoverable system for these unique identifiers (00:59:15). Jon Moroney acknowledged the potential for multiple vendor-specific solutions but agreed that as long as definitions are clear, the system should function effectively (01:00:34). -- **Repository Structure Reorganization** Michael Herzog proposed a significant reorganization of the PURL spec repository to prepare for version 0.90, including switching to markdown and creating separate files for different sections of the standard (01:01:37). This new structure aims to improve manageability and align with how other standards, like ECMA, SPDX, and Cyclone DX, organize their documentation (01:02:56) (01:04:50). Jon Moroney supported this initiative and suggested creating individual files for each PURL type within a dedicated directory (01:05:43). -- **License Discussion** Michael Herzog highlighted the need to address the licensing for the PURL specification, noting confusion regarding the use of BSD3 clause in the ECMA part and MIT for other components (01:07:17). He suggested that MIT might be problematic for specifications due to its lack of patent language, favoring Apache or Community Specification License for better patent protection. Philippe Ombredanne emphasized the importance of community approval for any license change and reiterated the need for a license that offers robust patent protection, despite the low perceived risk of patent assertion (01:08:10). -- **Separation of VERS Repository** Michael Herzog raised the idea of splitting the 'vers' component into a separate repository, a proposal supported by Jon Moroney for technical reasons, allowing independent iteration and better product management (01:10:02) (01:11:51). Philippe Ombredanne, while preferring a single repository, acknowledged the technical benefits of separation, including facilitating independent development and testing of PURL and Vers specifications (01:10:59) (01:16:26). The team agreed to continue discussion and aim for a decision by the next TG2 meeting, with a focus on increasing Vers implementations and formalizing tests (01:11:51). -- The meeting was adjourned. diff --git a/meetings/2025-07-23.md b/meetings/2025-07-23.md deleted file mode 100644 index 87a7f11..0000000 --- a/meetings/2025-07-23.md +++ /dev/null @@ -1,67 +0,0 @@ -# Agenda for the PURL community meeting on 2025-07-23 - -- **Host**: Remote -- **Dates and times**: - - 16:00 to 17:00 UTC - - 18:00 to 19:00 CEST (Europe/Brussels) - - 12:00 to 13:00 EDT (America/New_York) - - 09:00 to 10:00 PDT (America/Los Angeles) - - 01:00 to 02:00 JST (Tokyo, Japan) - -- **Attendee information**: - - https://meet.google.com/ryq-aimn-ghd - -## Agenda items -- Opening of the meeting and welcome -- Meetings will follow the Ecma TC54 Code of Conduct https://github.com/Ecma-TC54/tg2/blob/main/CODE_OF_CONDUCT.md -- GitHub project board – https://github.com/orgs/package-url/projects/1/views/1 -- Website presentation by Matt Rutkowski and colleagues -- Jaime: Request for new univers release to unblock https://github.com/package-url/packageurl-python/pull/186 -- Jaime: How (late am I) to propose modifications to the conda type? - - Related discussion in the conda community: https://github.com/conda/ceps/pull/63#discussion_r2200716517 - -## Attendees -- Philippe Ombredanne, creator of PURL, Lead maintainer of AboutCode, TC54-TG2 convener -- Jon Moroney -- Immanuel Kunz -- Tom Alrich -- Matt Rutkowski, IBM -- Michael Herzog, AboutCode -- John Horan, AboutCode -- Jaime Rodríguez-Guerra, Quansight -- Abul Hasan Sheik Madhar Ali, IBM Intern -- Steve Springett, ServiceNow / OWASP Foundation -- Ralf Duli, IBM Intern -- Nisha Kumar, Oracle -- Joshua Kugler - -## Notes -- Meeting minutes are being kept and will be published, and the meeting will be recorded with Google Meet video and Gemini "note-taking". -- Our code of conduct (link in agenda above) applies to this meeting. -- Introductions. -- Additional agenda items: - - Jaime: Request for new univers release to unblock https://github.com/package-url/packageurl-python/pull/186 -- Summary - - Matt Rutkowski announced a website presentation by interns Abul Hasan Sheik Madhar Ali and Ralf Duli, showcasing backend functionality and future styling. - - Philippe Ombredanne provided an update on a major pull request for the PURL type JSON Schema, which will transition to a structured, generated single file for each package type and will simplify documentation. - - Michael Herzog emphasized the urgency of merging the JSON Schema PR to facilitate progress towards the PURL Spec 0.90 release. - - Jaime Rodríguez-Guerra requested a release for the univers project to unblock work on PEP 725, which Philippe Ombredanne agreed to handle. - - The team discussed the JSON Schema version, with Michael Herzog proposing Draft 7 for immediate use. -- **Website Presentation** Matt Rutkowski announced a website presentation by the interns, Abul Hasan Sheik Madhar Ali and Ralph, who are working on the project (00:00:00). They presented the current backend functionality, which includes converting files to markdown and generating a sidebar for PURL specs (00:04:58). -- **Website Styling and Future Plans** Abul Hasan Sheik Madhar Ali mentioned that the front end styling will match CycloneDX styles and colors, with the project built primarily on Docusaurus (00:05:52). Matt Rutkowski elaborated on the front page plan, which includes a rotating GIF showing different implementations. Michael Herzog noted that a pending major PR will convert everything to MD as native, which should simplify future work (00:07:06). -- **Community Engagement and PRs** Michael Herzog mentioned the importance of having real people working on the project and Philippe Ombredanne acknowledged the great work by the interns and Matt Rutkowski (00:08:03). Michael Herzog noted that a color scheme or logo for PURL is not yet finalized, but the CycloneDX one is a good starting point (00:09:25). The team plans to target the next two-week community meeting to review the website again (00:12:40). -- **OpenSSF Persona website** Jaime Rodríguez-Guerra shared that the OpenSSF Persona website also uses Docusaurus after migrating from Sphinx, emphasizing attention to accessibility details like contrast issues and navigation (00:09:25). They offered assistance and a blog post checklist for those interested in similar work (00:10:38). -- **JSON Schema Pull Request** Philippe Ombredanne provided an update on the major pull request for the type JSON Schema, which involves building a JSON Schema to validate package types and extract test files (00:13:43). This will transition from a blob of text to a structured, generated single file for each package type (00:15:04). Philippe Ombredanne highlighted that the new JSON Schema will simplify the process and generate clear, unambiguous definitions, reducing "poetic license" in PURL type definitions. The schema also generates documentation, which can be adapted or used to generate different outputs (00:16:54). -- **Impact on Existing PRs and Migration Plan** Philippe Ombredanne acknowledged that the new schema will affect existing pull requests on package types, requiring some additional work for conversion (00:18:27). Michael Herzog clarified that they will prioritize merging the PR and then assist contributors with updating their existing PRs rather than asking them to redo the work (00:20:01). -- **Test Suite Enhancements** Philippe Ombredanne explained that the new structure includes companion test files for each JSON file, designed to be explicit and reduce ambiguity, with tests ported from previous JSON files (00:22:38). They introduced the concept of "test groups" to differentiate between base conformance and advanced parser features (00:24:07). -- **Definition of Base vs. Advanced Tests** Steve Springett inquired about the refinement of "base" versus "advanced" test definitions, and Philippe Ombredanne clarified that a test is considered "advanced" if the input is not strictly decoded components or a canonical PURL (00:25:44) (00:28:12). They noted that tests can also be marked as "expected to fail" with a reason provided (00:27:01). -- **Urgency of Merging the PR** Michael Herzog emphasized the urgency of merging the large JSON Schema PR to facilitate feedback and progress towards the new structure and the PURL Spec 0.90 release (00:29:51) (00:35:05). They plan to restructure the repository and move the VERS Spec to a separate repository (00:36:40). -- **Reviewing the PR and JSON Schema** Jon Moroney offered to review the JSON Schema PR by Friday, focusing on substantive comments (00:30:37). Philippe Ombredanne encouraged this, explaining the structure of the JSON Schema and the tests (00:31:42). -- **Test Suite Execution** Jon Moroney asked about running the test suite, to which Philippe Ombredanne responded that existing implementations use the old test suite, and the new schema will require updates to the code but should simplify adoption (00:32:50). Michael Herzog stressed that the priority is getting the schema right for the Ecma standard (00:35:05). -- **Versioned PURL Spec and Community Engagement** Michael Herzog reiterated the plan to release PURL Spec version 0.90 after Philippe Ombredanne's PR and other restructuring tasks are complete (00:20:01) (00:36:40). They also discussed re-engaging with various package communities to encourage ownership of PURL type data (00:41:49). -- **univers Release Request** Jaime Rodríguez-Guerra requested a release for univers PR 159 (https://github.com/aboutcode-org/univers/pull/159) as the py.type marker file had been merged but not yet released (00:40:03). Philippe Ombredanne confirmed they would take care of the release immediately (00:40:59). -- **cve-schema Updates and JSON Schema Version** Jon Moroney stated there were no major updates on the cve-schema (https://github.com/CVEProject/cve-schema), with the focus on supporting the 0.90 release (00:42:38). Michael Herzog brought up the need to finalize the JSON Schema version, noting discussions around Draft 7 versus 2020 (00:43:47). -- **JSON Schema Version Decision** Jon Moroney mentioned that the Go library was a blocking issue for moving to Draft 2020. Michael Herzog proposed going with Draft 7 unless there are objections, as it's the most compatible version, and they can update later (00:45:29). Steve Springett added that CycloneDX is contemplating moving to 2020 for their 2.0 version but is still exploring its capabilities (00:46:16). -- **Ajv for Strict Validation** Steve Springett mentioned using Ajv (https://github.com/ajv-validator/ajv), a JavaScript library, for strict validation of schemas in CycloneDX, which catches minor issues that most JSON parsers might ignore (00:49:51). Jon Moroney supported Ajv, noting its use in the CVE world (00:51:08). -- **PURL Logo** Abul Hasan Sheik Madhar Ali inquired about a PURL logo for the website. Philippe Ombredanne directed them to an old issue with various logo suggestions, including some professional-looking ones from Steve Springett (https://github.com/package-url/purl-spec/issues/19), and encouraged them to mock something up (00:55:40). -- The meeting was adjourned. diff --git a/purl-types-index.json b/purl-types-index.json deleted file mode 100644 index d7c170f..0000000 --- a/purl-types-index.json +++ /dev/null @@ -1,34 +0,0 @@ -[ - "alpm", - "apk", - "bitbucket", - "bitnami", - "cargo", - "cocoapods", - "composer", - "conan", - "conda", - "cpan", - "cran", - "deb", - "docker", - "gem", - "generic", - "github", - "golang", - "hackage", - "hex", - "huggingface", - "luarocks", - "maven", - "mlflow", - "npm", - "nuget", - "oci", - "pub", - "pypi", - "qpkg", - "rpm", - "swid", - "swift" -] diff --git a/schemas/purl-type-definition.schema.json b/schemas/purl-type-definition.schema.json deleted file mode 100644 index 06b5535..0000000 --- a/schemas/purl-type-definition.schema.json +++ /dev/null @@ -1,256 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "title": "Package-URL Type Definition", - "description": "Schema to specify a Package-URL (PURL) type as a structured definition.", - "type": "object", - "additionalProperties": false, - "definitions": { - "requirement": { - "title": "Component requirement", - "description": "States if this PURL component is required, optional, or prohibited.", - "type": "string", - "enum": [ - "required", - "optional", - "prohibited" - ], - "meta:enum": { - "required": "This PURL component is required for this PURL type.", - "optional": "This PURL component is optional for this PURL type.", - "prohibited": "This PURL component is prohibited: it must not be present for this PURL type." - } - }, - "purl_component_definition": { - "title": "PURL component definition", - "description": "PURL component definition properties that apply to most PURL components", - "type": "object", - "properties": { - "permitted_characters": { - "title": "Permitted characters in this PURL component", - "description": "Regular expression (ECMA-262 dialect) defining the 'Permitted characters' for this component of this Package-URL type. If provided, this must be a subset of the 'Permitted characters' defined in the PURL specification.", - "type": "string", - "format": "regex" - }, - "case_sensitive": { - "title": "Case sensitive", - "description": "true if this PURL component is case sensitive. If false, the canonical form must be lowercased.", - "type": "boolean", - "default": true - }, - "normalization_rules": { - "title": "Normalization rules", - "description": "List of rules to normalize this component for this PURL type. These are plain text, unstructured rules as some require programming and cannot be enforced only with a schema. Tools are expected to apply these rules programmatically.", - "type": "array", - "uniqueItems": true, - "items": { - "type": "string" - } - }, - "native_name": { - "title": "Native name", - "description": "The native name of this PURL component in the package ecosystem. For instance, the 'namespace' for the 'maven' type is 'groupId', and 'scope' for the 'npm' PURL type.", - "type": "string" - }, - "note": { - "title": "Note", - "description": "Extra note text.", - "type": "string" - } - } - } - }, - "required": [ - "$id", - "type", - "type_name", - "description", - "repository", - "namespace_definition", - "name_definition", - "examples" - ], - "properties": { - "$schema": { - "title": "JSON schema", - "description": "Contains the URL of the JSON schema for Package-URL type definition.", - "constant": "https://packageurl.org/schemas/purl-type.schema-1.0.json", - "format": "uri" - }, - "$id": { - "title": "PURL type definition id", - "description": "The unique identifier URI for this PURL type definition.", - "type": "string", - "pattern": "^https:\\/\\/packageurl\\.org/types/[a-z0-9-]+-definition\\.json$" - }, - "type": { - "title": "PURL type", - "description": "The type string for this Package-URL type.", - "type": "string", - "pattern": "^[a-z][a-z0-9-\\.]+$", - "examples": [ - "maven", - "npm", - "pypi" - ] - }, - "type_name": { - "title": "Type name", - "description": "The name for this PURL type.", - "type": "string", - "examples": [ - "Apache Maven", - "Python Package" - ] - }, - "description": { - "title": "Description", - "description": "The description of this PURL type.", - "type": "string" - }, - "repository": { - "title": "Repository", - "description": "Package repository usage for this PURL type.", - "type": "object", - "additionalProperties": false, - "required": [ - "use_repository" - ], - "properties": { - "use_repository": { - "title": "Use repository", - "description": "true if this PURL type use a public package repository.", - "type": "boolean", - "default": false - }, - "default_repository_url": { - "title": "Default repository URL", - "description": "The default public repository URL for this PURL type", - "type": "string", - "format": "uri" - }, - "note": { - "title": "Note", - "description": "Extra note text.", - "type": "string" - } - } - }, - "namespace_definition": { - "title": "Namespace definition", - "description": "Definition of the namespace component for this PURL type.", - "type": "object", - "required": [ - "requirement" - ], - "properties": { - "requirement": { - "$ref": "#/definitions/requirement" - } - }, - "allOf": [ - { - "$ref": "#/definitions/purl_component_definition" - } - ] - }, - "name_definition": { - "title": "Name definition", - "description": "Definition of the name component for this PURL type.", - "type": "object", - "allOf": [ - { - "$ref": "#/definitions/purl_component_definition" - } - ] - }, - "version_definition": { - "title": "Version definition", - "description": "Definition of the version component for this PURL type.", - "type": "object", - "allOf": [ - { - "$ref": "#/definitions/purl_component_definition" - } - ] - }, - "qualifiers_definition": { - "title": "Qualifiers definition", - "description": "Definition for the qualifiers specific to this PURL type.", - "type": "array", - "additionalItems": false, - "uniqueItems": true, - "items": { - "title": "Qualifiers definition", - "description": "Definition of a qualifier specific to this PURL type.", - "type": "object", - "additionalProperties": false, - "required": [ - "key", - "description" - ], - "properties": { - "key": { - "title": "Qualifier key", - "description": "The key for the qualifier.", - "type": "string" - }, - "requirement": { - "$ref": "#/definitions/requirement" - }, - "description": { - "title": "Description", - "description": "The description of this qualifier.", - "type": "string" - }, - "default_value": { - "title": "Default value", - "description": "The optional default value of this qualifier if not provided.", - "type": "string" - }, - "native_name": { - "title": "Native name", - "description": "The equivalent native name for this qualifier key.", - "type": "string" - } - } - } - }, - "subpath_definition": { - "title": "Subpath definition", - "description": "Definition for the subpath for this PURL type.", - "type": "object", - "allOf": [ - { - "$ref": "#/definitions/purl_component_definition" - } - ] - }, - "examples": { - "title": "PURL examples", - "description": "Example of valid, canonical PURLs for this package type.", - "type": "array", - "uniqueItems": true, - "minItems": 1, - "items": { - "type": "string", - "pattern": "^pkg:[a-z][a-z0-9-\\.]+/.*$" - } - }, - "note": { - "title": "Note", - "description": "Note about this PURL type.", - "type": "string" - }, - "reference_urls": { - "title": "Reference URLs", - "description": "Optional list of informational reference URLs about this PURL type.", - "type": "array", - "uniqueItems": true, - "items": { - "type": "string", - "format": "uri" - } - } - } -} diff --git a/schemas/purl-types-index.schema.json b/schemas/purl-types-index.schema.json deleted file mode 100644 index 4ea932c..0000000 --- a/schemas/purl-types-index.schema.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://purl-spec.org/schemas/purl-type-index.schema-1.0.json", - "title": "Package-URL types list.", - "description": "A list of the registered Package-URL types.", - "type": "array", - "additionalItems": false, - "items": { - "type": "string" - } -} diff --git a/schemas/purl-test.schema.json b/schemas/vers-test.schema.json similarity index 100% rename from schemas/purl-test.schema.json rename to schemas/vers-test.schema.json diff --git a/tests/spec/specification-test.json b/tests/spec/specification-test.json deleted file mode 100644 index fcf0d87..0000000 --- a/tests/spec/specification-test.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "a scheme is always required", - "test_group": "base", - "test_type": "parse", - "input": "EnterpriseLibrary.Common@6.0.1304", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "a scheme is always required", - "test_group": "base", - "test_type": "parse", - "input": "EnterpriseLibrary.Common@6.0.1304", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "a scheme is always required", - "test_group": "base", - "test_type": "build", - "input": { - "type": null, - "namespace": null, - "name": "EnterpriseLibrary.Common", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "a type is always required", - "test_group": "base", - "test_type": "parse", - "input": "pkg:EnterpriseLibrary.Common@6.0.1304", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "a type is always required", - "test_group": "base", - "test_type": "parse", - "input": "pkg:EnterpriseLibrary.Common@6.0.1304", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "a type is always required", - "test_group": "base", - "test_type": "build", - "input": { - "type": null, - "namespace": null, - "name": "EnterpriseLibrary.Common", - "version": "6.0.1304", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "check for invalid character in type", - "test_group": "base", - "test_type": "parse", - "input": "pkg:n&g?inx/nginx@0.8.9", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "check for null type", - "test_group": "base", - "test_type": "build", - "input": { - "type": null, - "namespace": null, - "name": "nginx", - "version": "0.8.9", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from null type" - }, - { - "description": "check for type that starts with number", - "test_group": "base", - "test_type": "parse", - "input": "pkg:3nginx/nginx@0.8.9", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl type (cannot start with number)" - }, - { - "description": "check for type that starts with number", - "test_group": "base", - "test_type": "build", - "input": { - "type": null, - "namespace": null, - "name": "nginx", - "version": "0.8.9", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "check for colon in type", - "test_group": "base", - "test_type": "parse", - "input": "pkg:nginx:a/nginx@0.8.9", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "check for colon in type", - "test_group": "base", - "test_type": "build", - "input": { - "type": null, - "namespace": null, - "name": "nginx", - "version": "0.8.9", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - } - ] -} diff --git a/tests/types/alpm-test.json b/tests/types/alpm-test.json deleted file mode 100644 index 92d75e7..0000000 --- a/tests/types/alpm-test.json +++ /dev/null @@ -1,140 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:alpm/arch/pacman@6.0.1-1?arch=x86_64", - "expected_output": { - "type": "alpm", - "namespace": "arch", - "name": "pacman", - "version": "6.0.1-1", - "qualifiers": { - "arch": "x86_64" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:alpm/arch/pacman@6.0.1-1?arch=x86_64", - "expected_output": "pkg:alpm/arch/pacman@6.0.1-1?arch=x86_64", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "alpm", - "namespace": "arch", - "name": "pacman", - "version": "6.0.1-1", - "qualifiers": { - "arch": "x86_64" - }, - "subpath": null - }, - "expected_output": "pkg:alpm/arch/pacman@6.0.1-1?arch=x86_64", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:alpm/arch/python-pip@21.0-1?arch=any", - "expected_output": { - "type": "alpm", - "namespace": "arch", - "name": "python-pip", - "version": "21.0-1", - "qualifiers": { - "arch": "any" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:alpm/arch/python-pip@21.0-1?arch=any", - "expected_output": "pkg:alpm/arch/python-pip@21.0-1?arch=any", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "alpm", - "namespace": "arch", - "name": "python-pip", - "version": "21.0-1", - "qualifiers": { - "arch": "any" - }, - "subpath": null - }, - "expected_output": "pkg:alpm/arch/python-pip@21.0-1?arch=any", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:alpm/arch/containers-common@1:0.47.4-4?arch=x86_64", - "expected_output": { - "type": "alpm", - "namespace": "arch", - "name": "containers-common", - "version": "1:0.47.4-4", - "qualifiers": { - "arch": "x86_64" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:alpm/arch/containers-common@1:0.47.4-4?arch=x86_64", - "expected_output": "pkg:alpm/arch/containers-common@1:0.47.4-4?arch=x86_64", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "alpm", - "namespace": "arch", - "name": "containers-common", - "version": "1:0.47.4-4", - "qualifiers": { - "arch": "x86_64" - }, - "subpath": null - }, - "expected_output": "pkg:alpm/arch/containers-common@1:0.47.4-4?arch=x86_64", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/apk-test.json b/tests/types/apk-test.json deleted file mode 100644 index a2f4506..0000000 --- a/tests/types/apk-test.json +++ /dev/null @@ -1,95 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:apk/alpine/curl@7.83.0-r0?arch=x86", - "expected_output": { - "type": "apk", - "namespace": "alpine", - "name": "curl", - "version": "7.83.0-r0", - "qualifiers": { - "arch": "x86" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:apk/alpine/curl@7.83.0-r0?arch=x86", - "expected_output": "pkg:apk/alpine/curl@7.83.0-r0?arch=x86", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "apk", - "namespace": "alpine", - "name": "curl", - "version": "7.83.0-r0", - "qualifiers": { - "arch": "x86" - }, - "subpath": null - }, - "expected_output": "pkg:apk/alpine/curl@7.83.0-r0?arch=x86", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:apk/alpine/apk@2.12.9-r3?arch=x86", - "expected_output": { - "type": "apk", - "namespace": "alpine", - "name": "apk", - "version": "2.12.9-r3", - "qualifiers": { - "arch": "x86" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:apk/alpine/apk@2.12.9-r3?arch=x86", - "expected_output": "pkg:apk/alpine/apk@2.12.9-r3?arch=x86", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "apk", - "namespace": "alpine", - "name": "apk", - "version": "2.12.9-r3", - "qualifiers": { - "arch": "x86" - }, - "subpath": null - }, - "expected_output": "pkg:apk/alpine/apk@2.12.9-r3?arch=x86", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/bintray-test.json b/tests/types/bintray-test.json deleted file mode 100644 index d6a56c1..0000000 --- a/tests/types/bintray-test.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "ensure namespace allows multiple segments. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:bintray/apache/couchdb/couchdb-mac@2.3.0", - "expected_output": "pkg:bintray/apache/couchdb/couchdb-mac@2.3.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "ensure namespace allows multiple segments. Input is not a valida PURL", - "test_group": "advanced", - "test_type": "parse", - "input": "pkg:bintray/apache/couchdb/couchdb-mac@2.3.0", - "expected_output": { - "type": "bintray", - "namespace": "apache/couchdb", - "name": "couchdb-mac", - "version": "2.3.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "ensure namespace allows multiple segments. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:bintray/apache/couchdb/couchdb-mac@2.3.0", - "expected_output": "pkg:bintray/apache/couchdb/couchdb-mac@2.3.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "ensure namespace allows multiple segments", - "test_group": "base", - "test_type": "build", - "input": { - "type": "bintray", - "namespace": "apache/couchdb", - "name": "couchdb-mac", - "version": "2.3.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:bintray/apache/couchdb/couchdb-mac@2.3.0", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/bitbucket-test.json b/tests/types/bitbucket-test.json deleted file mode 100644 index 8bc5c01..0000000 --- a/tests/types/bitbucket-test.json +++ /dev/null @@ -1,96 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "bitbucket namespace and name should be lowercased. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:bitbucket/birKenfeld/pyGments-main@244fd47e07d1014f0aed9c", - "expected_output": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "bitbucket namespace and name should be lowercased", - "test_group": "base", - "test_type": "parse", - "input": "pkg:bitbucket/birKenfeld/pyGments-main@244fd47e07d1014f0aed9c", - "expected_output": { - "type": "bitbucket", - "namespace": "birkenfeld", - "name": "pygments-main", - "version": "244fd47e07d1014f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "bitbucket namespace and name should be lowercased. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_output": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "bitbucket namespace and name should be lowercased", - "test_group": "base", - "test_type": "build", - "input": { - "type": "bitbucket", - "namespace": "birkenfeld", - "name": "pygments-main", - "version": "244fd47e07d1014f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_output": { - "type": "bitbucket", - "namespace": "birkenfeld", - "name": "pygments-main", - "version": "244fd47e07d1014f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_output": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "bitbucket", - "namespace": "birkenfeld", - "name": "pygments-main", - "version": "244fd47e07d1014f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/bitnami-test.json b/tests/types/bitnami-test.json deleted file mode 100644 index 497e7f1..0000000 --- a/tests/types/bitnami-test.json +++ /dev/null @@ -1,189 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:bitnami/wordpress?distro=debian-12", - "expected_output": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": null, - "qualifiers": { - "distro": "debian-12" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:bitnami/wordpress?distro=debian-12", - "expected_output": "pkg:bitnami/wordpress?distro=debian-12", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": null, - "qualifiers": { - "distro": "debian-12" - }, - "subpath": null - }, - "expected_output": "pkg:bitnami/wordpress?distro=debian-12", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:bitnami/wordpress@6.2.0?distro=debian-12", - "expected_output": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": "6.2.0", - "qualifiers": { - "distro": "debian-12" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:bitnami/wordpress@6.2.0?distro=debian-12", - "expected_output": "pkg:bitnami/wordpress@6.2.0?distro=debian-12", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": "6.2.0", - "qualifiers": { - "distro": "debian-12" - }, - "subpath": null - }, - "expected_output": "pkg:bitnami/wordpress@6.2.0?distro=debian-12", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=debian-12", - "expected_output": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": "6.2.0", - "qualifiers": { - "arch": "arm64", - "distro": "debian-12" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=debian-12", - "expected_output": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=debian-12", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": "6.2.0", - "qualifiers": { - "arch": "arm64", - "distro": "debian-12" - }, - "subpath": null - }, - "expected_output": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=debian-12", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=photon-4", - "expected_output": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": "6.2.0", - "qualifiers": { - "arch": "arm64", - "distro": "photon-4" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=photon-4", - "expected_output": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=photon-4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "bitnami", - "namespace": null, - "name": "wordpress", - "version": "6.2.0", - "qualifiers": { - "arch": "arm64", - "distro": "photon-4" - }, - "subpath": null - }, - "expected_output": "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=photon-4", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/cargo-test.json b/tests/types/cargo-test.json deleted file mode 100644 index d29d89f..0000000 --- a/tests/types/cargo-test.json +++ /dev/null @@ -1,128 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cargo/rand@0.7.2", - "expected_output": { - "type": "cargo", - "namespace": null, - "name": "rand", - "version": "0.7.2", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cargo/rand@0.7.2", - "expected_output": "pkg:cargo/rand@0.7.2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cargo", - "namespace": null, - "name": "rand", - "version": "0.7.2", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cargo/rand@0.7.2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cargo/clap@2.33.0", - "expected_output": { - "type": "cargo", - "namespace": null, - "name": "clap", - "version": "2.33.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cargo/clap@2.33.0", - "expected_output": "pkg:cargo/clap@2.33.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cargo", - "namespace": null, - "name": "clap", - "version": "2.33.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cargo/clap@2.33.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cargo/structopt@0.3.11", - "expected_output": { - "type": "cargo", - "namespace": null, - "name": "structopt", - "version": "0.3.11", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cargo/structopt@0.3.11", - "expected_output": "pkg:cargo/structopt@0.3.11", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cargo", - "namespace": null, - "name": "structopt", - "version": "0.3.11", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cargo/structopt@0.3.11", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/cocoapods-test.json b/tests/types/cocoapods-test.json deleted file mode 100644 index 3bbfa6d..0000000 --- a/tests/types/cocoapods-test.json +++ /dev/null @@ -1,169 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cocoapods/AFNetworking@4.0.1", - "expected_output": { - "type": "cocoapods", - "namespace": null, - "name": "AFNetworking", - "version": "4.0.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cocoapods/AFNetworking@4.0.1", - "expected_output": "pkg:cocoapods/AFNetworking@4.0.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cocoapods", - "namespace": null, - "name": "AFNetworking", - "version": "4.0.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cocoapods/AFNetworking@4.0.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cocoapods/MapsIndoors@3.24.0", - "expected_output": { - "type": "cocoapods", - "namespace": null, - "name": "MapsIndoors", - "version": "3.24.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cocoapods/MapsIndoors@3.24.0", - "expected_output": "pkg:cocoapods/MapsIndoors@3.24.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cocoapods", - "namespace": null, - "name": "MapsIndoors", - "version": "3.24.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cocoapods/MapsIndoors@3.24.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cocoapods/ShareKit@2.0#Twitter", - "expected_output": { - "type": "cocoapods", - "namespace": null, - "name": "ShareKit", - "version": "2.0", - "qualifiers": null, - "subpath": "Twitter" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cocoapods/ShareKit@2.0#Twitter", - "expected_output": "pkg:cocoapods/ShareKit@2.0#Twitter", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cocoapods", - "namespace": null, - "name": "ShareKit", - "version": "2.0", - "qualifiers": null, - "subpath": "Twitter" - }, - "expected_output": "pkg:cocoapods/ShareKit@2.0#Twitter", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cocoapods/GoogleUtilities@7.5.2#NSData+zlib", - "expected_output": { - "type": "cocoapods", - "namespace": null, - "name": "GoogleUtilities", - "version": "7.5.2", - "qualifiers": null, - "subpath": "NSData+zlib" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cocoapods/GoogleUtilities@7.5.2#NSData+zlib", - "expected_output": "pkg:cocoapods/GoogleUtilities@7.5.2#NSData+zlib", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cocoapods", - "namespace": null, - "name": "GoogleUtilities", - "version": "7.5.2", - "qualifiers": null, - "subpath": "NSData+zlib" - }, - "expected_output": "pkg:cocoapods/GoogleUtilities@7.5.2#NSData+zlib", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/composer-test.json b/tests/types/composer-test.json deleted file mode 100644 index 9e37fd2..0000000 --- a/tests/types/composer-test.json +++ /dev/null @@ -1,121 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid packagist purl", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:composer/guzzlehttp/promises@2.0.2", - "expected_output": "pkg:composer/guzzlehttp/promises@2.0.2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid packagist purl", - "test_group": "base", - "test_type": "parse", - "input": "pkg:composer/guzzlehttp/promises@2.0.2", - "expected_output": { - "type": "composer", - "namespace": "guzzlehttp", - "name": "promises", - "version": "2.0.2", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "composer names are not case sensitive. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:composer/Laravel/Laravel@5.5.0", - "expected_output": "pkg:composer/laravel/laravel@5.5.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "composer names are not case sensitive", - "test_group": "base", - "test_type": "parse", - "input": "pkg:composer/Laravel/Laravel@5.5.0", - "expected_output": { - "type": "composer", - "namespace": "laravel", - "name": "laravel", - "version": "5.5.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "composer names are not case sensitive. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:composer/laravel/laravel@5.5.0", - "expected_output": "pkg:composer/laravel/laravel@5.5.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "composer names are not case sensitive", - "test_group": "base", - "test_type": "build", - "input": { - "type": "composer", - "namespace": "laravel", - "name": "laravel", - "version": "5.5.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:composer/laravel/laravel@5.5.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:composer/laravel/laravel@5.5.0", - "expected_output": { - "type": "composer", - "namespace": "laravel", - "name": "laravel", - "version": "5.5.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:composer/laravel/laravel@5.5.0", - "expected_output": "pkg:composer/laravel/laravel@5.5.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "composer", - "namespace": "laravel", - "name": "laravel", - "version": "5.5.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:composer/laravel/laravel@5.5.0", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/conan-test.json b/tests/types/conan-test.json deleted file mode 100644 index 4a3ba69..0000000 --- a/tests/types/conan-test.json +++ /dev/null @@ -1,328 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid conan purl. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:conan/cctz@2.3", - "expected_output": "pkg:conan/cctz@2.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conan purl", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/cctz@2.3", - "expected_output": { - "type": "conan", - "namespace": null, - "name": "cctz", - "version": "2.3", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conan purl. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:conan/cctz@2.3", - "expected_output": "pkg:conan/cctz@2.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conan purl", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conan", - "namespace": null, - "name": "cctz", - "version": "2.3", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:conan/cctz@2.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conan purl with namespace and qualifier channel. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:conan/bincrafters/cctz@2.3?channel=stable", - "expected_output": "pkg:conan/bincrafters/cctz@2.3?channel=stable", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conan purl with namespace and qualifier channel", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/bincrafters/cctz@2.3?channel=stable", - "expected_output": { - "type": "conan", - "namespace": "bincrafters", - "name": "cctz", - "version": "2.3", - "qualifiers": { - "channel": "stable" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conan purl with namespace and qualifier channel. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:conan/bincrafters/cctz@2.3?channel=stable", - "expected_output": "pkg:conan/bincrafters/cctz@2.3?channel=stable", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conan purl with namespace and qualifier channel", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conan", - "namespace": "bincrafters", - "name": "cctz", - "version": "2.3", - "qualifiers": { - "channel": "stable" - }, - "subpath": null - }, - "expected_output": "pkg:conan/bincrafters/cctz@2.3?channel=stable", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "invalid conan purl only namespace", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/bincrafters/cctz@2.3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid conan purl only namespace", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/bincrafters/cctz@2.3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "invalid conan purl only namespace", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conan", - "namespace": "bincrafters", - "name": "cctz", - "version": "2.3", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "invalid conan purl only channel qualifier", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/cctz@2.3?channel=stable", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid conan purl only channel qualifier", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/cctz@2.3?channel=stable", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "invalid conan purl only channel qualifier", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conan", - "namespace": null, - "name": "cctz", - "version": "2.3", - "qualifiers": { - "channel": "stable" - }, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/openssl@3.0.3", - "expected_output": { - "type": "conan", - "namespace": null, - "name": "openssl", - "version": "3.0.3", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:conan/openssl@3.0.3", - "expected_output": "pkg:conan/openssl@3.0.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conan", - "namespace": null, - "name": "openssl", - "version": "3.0.3", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:conan/openssl@3.0.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/openssl.org/openssl@3.0.3?user=bincrafters&channel=stable", - "expected_output": { - "type": "conan", - "namespace": "openssl.org", - "name": "openssl", - "version": "3.0.3", - "qualifiers": { - "channel": "stable", - "user": "bincrafters" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:conan/openssl.org/openssl@3.0.3?user=bincrafters&channel=stable", - "expected_output": "pkg:conan/openssl.org/openssl@3.0.3?user=bincrafters&channel=stable", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conan", - "namespace": "openssl.org", - "name": "openssl", - "version": "3.0.3", - "qualifiers": { - "channel": "stable", - "user": "bincrafters" - }, - "subpath": null - }, - "expected_output": "pkg:conan/openssl.org/openssl@3.0.3?user=bincrafters&channel=stable", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conan/openssl.org/openssl@3.0.3?arch=x86_64&build_type=Debug&compiler=Visual%20Studio&compiler.runtime=MDd&compiler.version=16&os=Windows&shared=True&rrev=93a82349c31917d2d674d22065c7a9ef9f380c8e&prev=b429db8a0e324114c25ec387bfd8281f330d7c5c", - "expected_output": { - "type": "conan", - "namespace": "openssl.org", - "name": "openssl", - "version": "3.0.3", - "qualifiers": { - "arch": "x86_64", - "build_type": "Debug", - "compiler": "Visual Studio", - "compiler.runtime": "MDd", - "compiler.version": "16", - "os": "Windows", - "prev": "b429db8a0e324114c25ec387bfd8281f330d7c5c", - "rrev": "93a82349c31917d2d674d22065c7a9ef9f380c8e", - "shared": "True" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:conan/openssl.org/openssl@3.0.3?arch=x86_64&build_type=Debug&compiler=Visual%20Studio&compiler.runtime=MDd&compiler.version=16&os=Windows&shared=True&rrev=93a82349c31917d2d674d22065c7a9ef9f380c8e&prev=b429db8a0e324114c25ec387bfd8281f330d7c5c", - "expected_output": "pkg:conan/openssl.org/openssl@3.0.3?arch=x86_64&build_type=Debug&compiler=Visual%20Studio&compiler.runtime=MDd&compiler.version=16&os=Windows&shared=True&rrev=93a82349c31917d2d674d22065c7a9ef9f380c8e&prev=b429db8a0e324114c25ec387bfd8281f330d7c5c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conan", - "namespace": "openssl.org", - "name": "openssl", - "version": "3.0.3", - "qualifiers": { - "arch": "x86_64", - "build_type": "Debug", - "compiler": "Visual Studio", - "compiler.runtime": "MDd", - "compiler.version": "16", - "os": "Windows", - "prev": "b429db8a0e324114c25ec387bfd8281f330d7c5c", - "rrev": "93a82349c31917d2d674d22065c7a9ef9f380c8e", - "shared": "True" - }, - "subpath": null - }, - "expected_output": "pkg:conan/openssl.org/openssl@3.0.3?arch=x86_64&build_type=Debug&compiler=Visual%20Studio&compiler.runtime=MDd&compiler.version=16&os=Windows&shared=True&rrev=93a82349c31917d2d674d22065c7a9ef9f380c8e&prev=b429db8a0e324114c25ec387bfd8281f330d7c5c", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/conda-test.json b/tests/types/conda-test.json deleted file mode 100644 index a148142..0000000 --- a/tests/types/conda-test.json +++ /dev/null @@ -1,116 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid conda purl with qualifiers. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_output": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conda purl with qualifiers", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_output": { - "type": "conda", - "namespace": null, - "name": "absl-py", - "version": "0.4.1", - "qualifiers": { - "build": "py36h06a4308_0", - "channel": "main", - "subdir": "linux-64", - "type": "tar.bz2" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conda purl with qualifiers. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_output": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid conda purl with qualifiers", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conda", - "namespace": null, - "name": "absl-py", - "version": "0.4.1", - "qualifiers": { - "build": "py36h06a4308_0", - "channel": "main", - "subdir": "linux-64", - "type": "tar.bz2" - }, - "subpath": null - }, - "expected_output": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_output": { - "type": "conda", - "namespace": null, - "name": "absl-py", - "version": "0.4.1", - "qualifiers": { - "build": "py36h06a4308_0", - "channel": "main", - "subdir": "linux-64", - "type": "tar.bz2" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_output": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "conda", - "namespace": null, - "name": "absl-py", - "version": "0.4.1", - "qualifiers": { - "build": "py36h06a4308_0", - "channel": "main", - "subdir": "linux-64", - "type": "tar.bz2" - }, - "subpath": null - }, - "expected_output": "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/cpan-test.json b/tests/types/cpan-test.json deleted file mode 100644 index b48e64a..0000000 --- a/tests/types/cpan-test.json +++ /dev/null @@ -1,560 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "cpan distribution name are case sensitive. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_output": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan distribution name are case sensitive", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_output": { - "type": "cpan", - "namespace": "DROLSKY", - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan distribution name are case sensitive. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_output": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan distribution name are case sensitive", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": "DROLSKY", - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan module name are case sensitive. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:cpan/URI::PackageURL@2.11", - "expected_output": "pkg:cpan/URI::PackageURL@2.11", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan module name are case sensitive", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/URI::PackageURL@2.11", - "expected_output": { - "type": "cpan", - "namespace": null, - "name": "URI::PackageURL", - "version": "2.11", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan module name are case sensitive. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/URI::PackageURL@2.11", - "expected_output": "pkg:cpan/URI::PackageURL@2.11", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan module name are case sensitive", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "URI::PackageURL", - "version": "2.11", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/URI::PackageURL@2.11", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan module name like distribution name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/Perl-Version@1.013", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "cpan module name like distribution name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/Perl-Version@1.013", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "cpan module name like distribution name", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "Perl-Version", - "version": "1.013", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "cpan distribution name like module name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/GDT/URI::PackageURL@2.11", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "cpan distribution name like module name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/GDT/URI::PackageURL", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "cpan distribution name like module name", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": "GDT", - "name": "URI::PackageURL", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "cpan valid module name. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:cpan/DateTime@1.55", - "expected_output": "pkg:cpan/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan valid module name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/DateTime@1.55", - "expected_output": { - "type": "cpan", - "namespace": null, - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan valid module name. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/DateTime@1.55", - "expected_output": "pkg:cpan/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan valid module name", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan valid module name without version. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:cpan/URI", - "expected_output": "pkg:cpan/URI", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan valid module name without version", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/URI", - "expected_output": { - "type": "cpan", - "namespace": null, - "name": "URI", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan valid module name without version. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/URI", - "expected_output": "pkg:cpan/URI", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "cpan valid module name without version", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "URI", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/URI", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/Perl::Version@1.013", - "expected_output": { - "type": "cpan", - "namespace": null, - "name": "perl::Version", - "version": "1.013", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/Perl::Version@1.013", - "expected_output": "pkg:cpan/Perl::Version@1.013", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "perl::Version", - "version": "1.013", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/Perl::Version@1.013", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_output": { - "type": "cpan", - "namespace": "DROLSKY", - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_output": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": "DROLSKY", - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/DROLSKY/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/DateTime@1.55", - "expected_output": { - "type": "cpan", - "namespace": null, - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/DateTime@1.55", - "expected_output": "pkg:cpan/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "DateTime", - "version": "1.55", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/DateTime@1.55", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/GDT/URI-PackageURL", - "expected_output": { - "type": "cpan", - "namespace": "GDT", - "name": "URI-PackageURL", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/GDT/URI-PackageURL", - "expected_output": "pkg:cpan/GDT/URI-PackageURL", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": "GDT", - "name": "URI-PackageURL", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/GDT/URI-PackageURL", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/LWP::UserAgent", - "expected_output": { - "type": "cpan", - "namespace": null, - "name": "lwp::UserAgent", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/LWP::UserAgent", - "expected_output": "pkg:cpan/LWP::UserAgent", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "lwp::UserAgent", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/LWP::UserAgent", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/OALDERS/libwww-perl@6.76", - "expected_output": { - "type": "cpan", - "namespace": "OALDERS", - "name": "libwww-perl", - "version": "6.76", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/OALDERS/libwww-perl@6.76", - "expected_output": "pkg:cpan/OALDERS/libwww-perl@6.76", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": "OALDERS", - "name": "libwww-perl", - "version": "6.76", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/OALDERS/libwww-perl@6.76", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cpan/URI", - "expected_output": { - "type": "cpan", - "namespace": null, - "name": "URI", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cpan/URI", - "expected_output": "pkg:cpan/URI", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cpan", - "namespace": null, - "name": "URI", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cpan/URI", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/cran-test.json b/tests/types/cran-test.json deleted file mode 100644 index d027639..0000000 --- a/tests/types/cran-test.json +++ /dev/null @@ -1,246 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid cran purl. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:cran/A3@0.9.1", - "expected_output": "pkg:cran/A3@0.9.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid cran purl", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/A3@0.9.1", - "expected_output": { - "type": "cran", - "namespace": null, - "name": "A3", - "version": "0.9.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid cran purl. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cran/A3@0.9.1", - "expected_output": "pkg:cran/A3@0.9.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid cran purl", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cran", - "namespace": null, - "name": "A3", - "version": "0.9.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cran/A3@0.9.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "invalid cran purl without name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/@0.9.1", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid cran purl without name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/@0.9.1", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "invalid cran purl without name", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cran", - "namespace": null, - "name": null, - "version": "0.9.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "invalid cran purl without version", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/A3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid cran purl without version", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/A3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "invalid cran purl without version", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cran", - "namespace": null, - "name": "A3", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/A3@1.0.0", - "expected_output": { - "type": "cran", - "namespace": null, - "name": "A3", - "version": "1.0.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cran/A3@1.0.0", - "expected_output": "pkg:cran/A3@1.0.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cran", - "namespace": null, - "name": "A3", - "version": "1.0.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cran/A3@1.0.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/rJava@1.0-4", - "expected_output": { - "type": "cran", - "namespace": null, - "name": "rJava", - "version": "1.0-4", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cran/rJava@1.0-4", - "expected_output": "pkg:cran/rJava@1.0-4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cran", - "namespace": null, - "name": "rJava", - "version": "1.0-4", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cran/rJava@1.0-4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:cran/caret@6.0-88", - "expected_output": { - "type": "cran", - "namespace": null, - "name": "caret", - "version": "6.0-88", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:cran/caret@6.0-88", - "expected_output": "pkg:cran/caret@6.0-88", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "cran", - "namespace": null, - "name": "caret", - "version": "6.0-88", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:cran/caret@6.0-88", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/deb-test.json b/tests/types/deb-test.json deleted file mode 100644 index 55b5fb9..0000000 --- a/tests/types/deb-test.json +++ /dev/null @@ -1,290 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "debian can use qualifiers. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_output": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "debian can use qualifiers", - "test_group": "base", - "test_type": "parse", - "input": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_output": { - "type": "deb", - "namespace": "debian", - "name": "curl", - "version": "7.50.3-1", - "qualifiers": { - "arch": "i386", - "distro": "jessie" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "debian can use qualifiers. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_output": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "debian can use qualifiers", - "test_group": "base", - "test_type": "build", - "input": { - "type": "deb", - "namespace": "debian", - "name": "curl", - "version": "7.50.3-1", - "qualifiers": { - "arch": "i386", - "distro": "jessie" - }, - "subpath": null - }, - "expected_output": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_output": { - "type": "deb", - "namespace": "debian", - "name": "curl", - "version": "7.50.3-1", - "qualifiers": { - "arch": "i386", - "distro": "jessie" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_output": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "deb", - "namespace": "debian", - "name": "curl", - "version": "7.50.3-1", - "qualifiers": { - "arch": "i386", - "distro": "jessie" - }, - "subpath": null - }, - "expected_output": "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:deb/debian/dpkg@1.19.0.4?arch=amd64&distro=stretch", - "expected_output": { - "type": "deb", - "namespace": "debian", - "name": "dpkg", - "version": "1.19.0.4", - "qualifiers": { - "arch": "amd64", - "distro": "stretch" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:deb/debian/dpkg@1.19.0.4?arch=amd64&distro=stretch", - "expected_output": "pkg:deb/debian/dpkg@1.19.0.4?arch=amd64&distro=stretch", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "deb", - "namespace": "debian", - "name": "dpkg", - "version": "1.19.0.4", - "qualifiers": { - "arch": "amd64", - "distro": "stretch" - }, - "subpath": null - }, - "expected_output": "pkg:deb/debian/dpkg@1.19.0.4?arch=amd64&distro=stretch", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:deb/ubuntu/dpkg@1.19.0.4?arch=amd64", - "expected_output": { - "type": "deb", - "namespace": "ubuntu", - "name": "dpkg", - "version": "1.19.0.4", - "qualifiers": { - "arch": "amd64" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:deb/ubuntu/dpkg@1.19.0.4?arch=amd64", - "expected_output": "pkg:deb/ubuntu/dpkg@1.19.0.4?arch=amd64", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "deb", - "namespace": "ubuntu", - "name": "dpkg", - "version": "1.19.0.4", - "qualifiers": { - "arch": "amd64" - }, - "subpath": null - }, - "expected_output": "pkg:deb/ubuntu/dpkg@1.19.0.4?arch=amd64", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:deb/debian/attr@1:2.4.47-2?arch=source", - "expected_output": { - "type": "deb", - "namespace": "debian", - "name": "attr", - "version": "1:2.4.47-2", - "qualifiers": { - "arch": "source" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:deb/debian/attr@1:2.4.47-2?arch=source", - "expected_output": "pkg:deb/debian/attr@1:2.4.47-2?arch=source", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "deb", - "namespace": "debian", - "name": "attr", - "version": "1:2.4.47-2", - "qualifiers": { - "arch": "source" - }, - "subpath": null - }, - "expected_output": "pkg:deb/debian/attr@1:2.4.47-2?arch=source", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:deb/debian/attr@1:2.4.47-2%2Bb1?arch=amd64", - "expected_output": { - "type": "deb", - "namespace": "debian", - "name": "attr", - "version": "1:2.4.47-2+b1", - "qualifiers": { - "arch": "amd64" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:deb/debian/attr@1:2.4.47-2%2Bb1?arch=amd64", - "expected_output": "pkg:deb/debian/attr@1:2.4.47-2%2Bb1?arch=amd64", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "deb", - "namespace": "debian", - "name": "attr", - "version": "1:2.4.47-2+b1", - "qualifiers": { - "arch": "amd64" - }, - "subpath": null - }, - "expected_output": "pkg:deb/debian/attr@1:2.4.47-2%2Bb1?arch=amd64", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/docker-test.json b/tests/types/docker-test.json deleted file mode 100644 index 0ecb38d..0000000 --- a/tests/types/docker-test.json +++ /dev/null @@ -1,186 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "docker uses qualifiers and hash image id as versions. Rountrip an input purl wrongly percent encoded to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:docker/customer/dockerimage@sha256%3A244fd47e07d1004f0aed9c?repository_url=gcr.io", - "expected_output": "pkg:docker/customer/dockerimage@sha256:244fd47e07d1004f0aed9c?repository_url=gcr.io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "docker uses qualifiers and hash image id as versions", - "test_group": "base", - "test_type": "parse", - "input": "pkg:docker/customer/dockerimage@sha256:244fd47e07d1004f0aed9c?repository_url=gcr.io", - "expected_output": { - "type": "docker", - "namespace": "customer", - "name": "dockerimage", - "version": "sha256:244fd47e07d1004f0aed9c", - "qualifiers": { - "repository_url": "gcr.io" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "docker uses qualifiers and hash image id as versions. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:docker/customer/dockerimage@sha256:244fd47e07d1004f0aed9c?repository_url=gcr.io", - "expected_output": "pkg:docker/customer/dockerimage@sha256:244fd47e07d1004f0aed9c?repository_url=gcr.io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "docker uses qualifiers and hash image id as versions", - "test_group": "base", - "test_type": "build", - "input": { - "type": "docker", - "namespace": "customer", - "name": "dockerimage", - "version": "sha256:244fd47e07d1004f0aed9c", - "qualifiers": { - "repository_url": "gcr.io" - }, - "subpath": null - }, - "expected_output": "pkg:docker/customer/dockerimage@sha256:244fd47e07d1004f0aed9c?repository_url=gcr.io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:docker/cassandra@latest", - "expected_output": { - "type": "docker", - "namespace": null, - "name": "cassandra", - "version": "latest", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:docker/cassandra@latest", - "expected_output": "pkg:docker/cassandra@latest", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "docker", - "namespace": null, - "name": "cassandra", - "version": "latest", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:docker/cassandra@latest", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:docker/smartentry/debian@dc437cc87d10", - "expected_output": { - "type": "docker", - "namespace": "smartentry", - "name": "debian", - "version": "dc437cc87d10", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:docker/smartentry/debian@dc437cc87d10", - "expected_output": "pkg:docker/smartentry/debian@dc437cc87d10", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "docker", - "namespace": "smartentry", - "name": "debian", - "version": "dc437cc87d10", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:docker/smartentry/debian@dc437cc87d10", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:docker/customer/dockerimage@sha256:244fd47e07d10?repository_url=gcr.io", - "expected_output": { - "type": "docker", - "namespace": "customer", - "name": "dockerimage", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "repository_url": "gcr.io" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:docker/customer/dockerimage@sha256:244fd47e07d10?repository_url=gcr.io", - "expected_output": "pkg:docker/customer/dockerimage@sha256:244fd47e07d10?repository_url=gcr.io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "docker", - "namespace": "customer", - "name": "dockerimage", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "repository_url": "gcr.io" - }, - "subpath": null - }, - "expected_output": "pkg:docker/customer/dockerimage@sha256:244fd47e07d10?repository_url=gcr.io", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/gem-test.json b/tests/types/gem-test.json deleted file mode 100644 index 0f2df1b..0000000 --- a/tests/types/gem-test.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Java gem can use a qualifier. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:gem/jruby-launcher@1.1.2?Platform=java", - "expected_output": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Java gem can use a qualifier", - "test_group": "base", - "test_type": "parse", - "input": "pkg:gem/jruby-launcher@1.1.2?Platform=java", - "expected_output": { - "type": "gem", - "namespace": null, - "name": "jruby-launcher", - "version": "1.1.2", - "qualifiers": { - "platform": "java" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Java gem can use a qualifier. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_output": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Java gem can use a qualifier", - "test_group": "base", - "test_type": "build", - "input": { - "type": "gem", - "namespace": null, - "name": "jruby-launcher", - "version": "1.1.2", - "qualifiers": { - "platform": "java" - }, - "subpath": null - }, - "expected_output": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:gem/ruby-advisory-db-check@0.12.4", - "expected_output": { - "type": "gem", - "namespace": null, - "name": "ruby-advisory-db-check", - "version": "0.12.4", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:gem/ruby-advisory-db-check@0.12.4", - "expected_output": "pkg:gem/ruby-advisory-db-check@0.12.4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "gem", - "namespace": null, - "name": "ruby-advisory-db-check", - "version": "0.12.4", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:gem/ruby-advisory-db-check@0.12.4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_output": { - "type": "gem", - "namespace": null, - "name": "jruby-launcher", - "version": "1.1.2", - "qualifiers": { - "platform": "java" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_output": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "gem", - "namespace": null, - "name": "jruby-launcher", - "version": "1.1.2", - "qualifiers": { - "platform": "java" - }, - "subpath": null - }, - "expected_output": "pkg:gem/jruby-launcher@1.1.2?platform=java", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/generic-test.json b/tests/types/generic-test.json deleted file mode 100644 index 4f6f642..0000000 --- a/tests/types/generic-test.json +++ /dev/null @@ -1,138 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:generic/openssl@1.1.10g", - "expected_output": { - "type": "generic", - "namespace": null, - "name": "openssl", - "version": "1.1.10g", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:generic/openssl@1.1.10g", - "expected_output": "pkg:generic/openssl@1.1.10g", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "generic", - "namespace": null, - "name": "openssl", - "version": "1.1.10g", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:generic/openssl@1.1.10g", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:generic/openssl@1.1.10g?download_url=https://openssl.org/source/openssl-1.1.0g.tar.gz&checksum=sha256:de4d501267da", - "expected_output": { - "type": "generic", - "namespace": null, - "name": "openssl", - "version": "1.1.10g", - "qualifiers": { - "checksum": "sha256:de4d501267da", - "download_url": "https://openssl.org/source/openssl-1.1.0g.tar.gz" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:generic/openssl@1.1.10g?download_url=https://openssl.org/source/openssl-1.1.0g.tar.gz&checksum=sha256:de4d501267da", - "expected_output": "pkg:generic/openssl@1.1.10g?download_url=https://openssl.org/source/openssl-1.1.0g.tar.gz&checksum=sha256:de4d501267da", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "generic", - "namespace": null, - "name": "openssl", - "version": "1.1.10g", - "qualifiers": { - "checksum": "sha256:de4d501267da", - "download_url": "https://openssl.org/source/openssl-1.1.0g.tar.gz" - }, - "subpath": null - }, - "expected_output": "pkg:generic/openssl@1.1.10g?download_url=https://openssl.org/source/openssl-1.1.0g.tar.gz&checksum=sha256:de4d501267da", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:generic/bitwarderl?vcs_url=git%2Bhttps://git.fsfe.org/dxtr/bitwarderl%40cc55108da32", - "expected_output": { - "type": "generic", - "namespace": null, - "name": "bitwarderl", - "version": null, - "qualifiers": { - "vcs_url": "git+https://git.fsfe.org/dxtr/bitwarderl@cc55108da32" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:generic/bitwarderl?vcs_url=git%2Bhttps://git.fsfe.org/dxtr/bitwarderl%40cc55108da32", - "expected_output": "pkg:generic/bitwarderl?vcs_url=git%2Bhttps://git.fsfe.org/dxtr/bitwarderl%40cc55108da32", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "generic", - "namespace": null, - "name": "bitwarderl", - "version": null, - "qualifiers": { - "vcs_url": "git+https://git.fsfe.org/dxtr/bitwarderl@cc55108da32" - }, - "subpath": null - }, - "expected_output": "pkg:generic/bitwarderl?vcs_url=git%2Bhttps://git.fsfe.org/dxtr/bitwarderl%40cc55108da32", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/github-test.json b/tests/types/github-test.json deleted file mode 100644 index fa2c881..0000000 --- a/tests/types/github-test.json +++ /dev/null @@ -1,137 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "github namespace and name should be lowercased. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:github/Package-url/purl-Spec@244fd47e07d1004f0aed9c", - "expected_output": "pkg:github/package-url/purl-spec@244fd47e07d1004f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "github namespace and name should be lowercased", - "test_group": "base", - "test_type": "parse", - "input": "pkg:github/Package-url/purl-Spec@244fd47e07d1004f0aed9c", - "expected_output": { - "type": "github", - "namespace": "package-url", - "name": "purl-spec", - "version": "244fd47e07d1004f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "github namespace and name should be lowercased. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:github/package-url/purl-spec@244fd47e07d1004f0aed9c", - "expected_output": "pkg:github/package-url/purl-spec@244fd47e07d1004f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "github namespace and name should be lowercased", - "test_group": "base", - "test_type": "build", - "input": { - "type": "github", - "namespace": "package-url", - "name": "purl-spec", - "version": "244fd47e07d1004f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:github/package-url/purl-spec@244fd47e07d1004f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:github/package-url/purl-spec@244fd47e07d1004", - "expected_output": { - "type": "github", - "namespace": "package-url", - "name": "purl-spec", - "version": "244fd47e07d1004", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:github/package-url/purl-spec@244fd47e07d1004", - "expected_output": "pkg:github/package-url/purl-spec@244fd47e07d1004", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "github", - "namespace": "package-url", - "name": "purl-spec", - "version": "244fd47e07d1004", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:github/package-url/purl-spec@244fd47e07d1004", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:github/package-url/purl-spec@244fd47e07d1004#everybody/loves/dogs", - "expected_output": { - "type": "github", - "namespace": "package-url", - "name": "purl-spec", - "version": "244fd47e07d1004", - "qualifiers": null, - "subpath": "everybody/loves/dogs" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:github/package-url/purl-spec@244fd47e07d1004#everybody/loves/dogs", - "expected_output": "pkg:github/package-url/purl-spec@244fd47e07d1004#everybody/loves/dogs", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "github", - "namespace": "package-url", - "name": "purl-spec", - "version": "244fd47e07d1004", - "qualifiers": null, - "subpath": "everybody/loves/dogs" - }, - "expected_output": "pkg:github/package-url/purl-spec@244fd47e07d1004#everybody/loves/dogs", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/golang-test.json b/tests/types/golang-test.json deleted file mode 100644 index 11da72b..0000000 --- a/tests/types/golang-test.json +++ /dev/null @@ -1,228 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid go purl without version and with subpath. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:GOLANG/google.golang.org/genproto#/googleapis/api/annotations/", - "expected_output": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid go purl without version and with subpath", - "test_group": "base", - "test_type": "parse", - "input": "pkg:GOLANG/google.golang.org/genproto#/googleapis/api/annotations/", - "expected_output": { - "type": "golang", - "namespace": "google.golang.org", - "name": "genproto", - "version": null, - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid go purl without version and with subpath. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_output": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid go purl without version and with subpath", - "test_group": "base", - "test_type": "build", - "input": { - "type": "golang", - "namespace": "google.golang.org", - "name": "genproto", - "version": null, - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_output": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid go purl with version and subpath. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:GOLANG/google.golang.org/genproto@abcdedf#/googleapis/api/annotations/", - "expected_output": "pkg:golang/google.golang.org/genproto@abcdedf#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid go purl with version and subpath", - "test_group": "base", - "test_type": "parse", - "input": "pkg:GOLANG/google.golang.org/genproto@abcdedf#/googleapis/api/annotations/", - "expected_output": { - "type": "golang", - "namespace": "google.golang.org", - "name": "genproto", - "version": "abcdedf", - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid go purl with version and subpath. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:golang/google.golang.org/genproto@abcdedf#googleapis/api/annotations", - "expected_output": "pkg:golang/google.golang.org/genproto@abcdedf#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid go purl with version and subpath", - "test_group": "base", - "test_type": "build", - "input": { - "type": "golang", - "namespace": "google.golang.org", - "name": "genproto", - "version": "abcdedf", - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_output": "pkg:golang/google.golang.org/genproto@abcdedf#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c", - "expected_output": { - "type": "golang", - "namespace": "github.com/gorilla", - "name": "context", - "version": "234fd47e07d1004f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c", - "expected_output": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "golang", - "namespace": "github.com/gorilla", - "name": "context", - "version": "234fd47e07d1004f0aed9c", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_output": { - "type": "golang", - "namespace": "google.golang.org", - "name": "genproto", - "version": null, - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_output": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "golang", - "namespace": "google.golang.org", - "name": "genproto", - "version": null, - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_output": "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c#api", - "expected_output": { - "type": "golang", - "namespace": "github.com/gorilla", - "name": "context", - "version": "234fd47e07d1004f0aed9c", - "qualifiers": null, - "subpath": "api" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c#api", - "expected_output": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c#api", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "golang", - "namespace": "github.com/gorilla", - "name": "context", - "version": "234fd47e07d1004f0aed9c", - "qualifiers": null, - "subpath": "api" - }, - "expected_output": "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c#api", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/hackage-test.json b/tests/types/hackage-test.json deleted file mode 100644 index d8d88cf..0000000 --- a/tests/types/hackage-test.json +++ /dev/null @@ -1,212 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid hackage purl. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_output": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid hackage purl", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_output": { - "type": "hackage", - "namespace": null, - "name": "AC-HalfInteger", - "version": "1.2.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid hackage purl. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_output": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid hackage purl", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hackage", - "namespace": null, - "name": "AC-HalfInteger", - "version": "1.2.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "name and version are always required", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hackage", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "name and version are always required", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hackage", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "name and version are always required", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hackage", - "namespace": null, - "name": null, - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hackage/a50@0.5", - "expected_output": { - "type": "hackage", - "namespace": null, - "name": "a50", - "version": "0.5", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hackage/a50@0.5", - "expected_output": "pkg:hackage/a50@0.5", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hackage", - "namespace": null, - "name": "a50", - "version": "0.5", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:hackage/a50@0.5", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_output": { - "type": "hackage", - "namespace": null, - "name": "AC-HalfInteger", - "version": "1.2.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_output": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hackage", - "namespace": null, - "name": "AC-HalfInteger", - "version": "1.2.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:hackage/AC-HalfInteger@1.2.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hackage/3d-graphics-examples@0.0.0.2", - "expected_output": { - "type": "hackage", - "namespace": null, - "name": "3d-graphics-examples", - "version": "0.0.0.2", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hackage/3d-graphics-examples@0.0.0.2", - "expected_output": "pkg:hackage/3d-graphics-examples@0.0.0.2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hackage", - "namespace": null, - "name": "3d-graphics-examples", - "version": "0.0.0.2", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:hackage/3d-graphics-examples@0.0.0.2", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/hex-test.json b/tests/types/hex-test.json deleted file mode 100644 index 5d58d63..0000000 --- a/tests/types/hex-test.json +++ /dev/null @@ -1,173 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hex/jason@1.1.2", - "expected_output": { - "type": "hex", - "namespace": null, - "name": "jason", - "version": "1.1.2", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hex/jason@1.1.2", - "expected_output": "pkg:hex/jason@1.1.2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hex", - "namespace": null, - "name": "jason", - "version": "1.1.2", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:hex/jason@1.1.2", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hex/acme/foo@2.3.", - "expected_output": { - "type": "hex", - "namespace": "acme", - "name": "foo", - "version": "2.3.", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hex/acme/foo@2.3.", - "expected_output": "pkg:hex/acme/foo@2.3.", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hex", - "namespace": "acme", - "name": "foo", - "version": "2.3.", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:hex/acme/foo@2.3.", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hex/phoenix_html@2.13.3#priv/static/phoenix_html.js", - "expected_output": { - "type": "hex", - "namespace": null, - "name": "phoenix_html", - "version": "2.13.3", - "qualifiers": null, - "subpath": "priv/static/phoenix_html.js" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hex/phoenix_html@2.13.3#priv/static/phoenix_html.js", - "expected_output": "pkg:hex/phoenix_html@2.13.3#priv/static/phoenix_html.js", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hex", - "namespace": null, - "name": "phoenix_html", - "version": "2.13.3", - "qualifiers": null, - "subpath": "priv/static/phoenix_html.js" - }, - "expected_output": "pkg:hex/phoenix_html@2.13.3#priv/static/phoenix_html.js", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:hex/bar@1.2.3?repository_url=https://myrepo.example.com", - "expected_output": { - "type": "hex", - "namespace": null, - "name": "bar", - "version": "1.2.3", - "qualifiers": { - "repository_url": "https://myrepo.example.com" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:hex/bar@1.2.3?repository_url=https://myrepo.example.com", - "expected_output": "pkg:hex/bar@1.2.3?repository_url=https://myrepo.example.com", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "hex", - "namespace": null, - "name": "bar", - "version": "1.2.3", - "qualifiers": { - "repository_url": "https://myrepo.example.com" - }, - "subpath": null - }, - "expected_output": "pkg:hex/bar@1.2.3?repository_url=https://myrepo.example.com", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/huggingface-test.json b/tests/types/huggingface-test.json deleted file mode 100644 index 4849193..0000000 --- a/tests/types/huggingface-test.json +++ /dev/null @@ -1,245 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "minimal Hugging Face model. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_output": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "minimal Hugging Face model", - "test_group": "base", - "test_type": "parse", - "input": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_output": { - "type": "huggingface", - "namespace": null, - "name": "distilbert-base-uncased", - "version": "043235d6088ecd3dd5fb5ca3592b6913fd516027", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "minimal Hugging Face model. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_output": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "minimal Hugging Face model", - "test_group": "base", - "test_type": "build", - "input": { - "type": "huggingface", - "namespace": null, - "name": "distilbert-base-uncased", - "version": "043235d6088ecd3dd5fb5ca3592b6913fd516027", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with staging endpoint. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_output": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with staging endpoint", - "test_group": "base", - "test_type": "parse", - "input": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_output": { - "type": "huggingface", - "namespace": "microsoft", - "name": "deberta-v3-base", - "version": "559062ad13d311b87b2c455e67dcd5f1c8f65111", - "qualifiers": { - "repository_url": "https://hub-ci.huggingface.co" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with staging endpoint. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_output": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with staging endpoint", - "test_group": "base", - "test_type": "build", - "input": { - "type": "huggingface", - "namespace": "microsoft", - "name": "deberta-v3-base", - "version": "559062ad13d311b87b2c455e67dcd5f1c8f65111", - "qualifiers": { - "repository_url": "https://hub-ci.huggingface.co" - }, - "subpath": null - }, - "expected_output": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with various cases. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:huggingface/EleutherAI/gpt-neo-1.3B@797174552AE47F449AB70B684CABCB6603E5E85E", - "expected_output": "pkg:huggingface/EleutherAI/gpt-neo-1.3B@797174552ae47f449ab70b684cabcb6603e5e85e", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with various cases", - "test_group": "base", - "test_type": "parse", - "input": "pkg:huggingface/EleutherAI/gpt-neo-1.3B@797174552AE47F449AB70B684CABCB6603E5E85E", - "expected_output": { - "type": "huggingface", - "namespace": "EleutherAI", - "name": "gpt-neo-1.3B", - "version": "797174552ae47f449ab70b684cabcb6603e5e85e", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with various cases. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:huggingface/EleutherAI/gpt-neo-1.3B@797174552ae47f449ab70b684cabcb6603e5e85e", - "expected_output": "pkg:huggingface/EleutherAI/gpt-neo-1.3B@797174552ae47f449ab70b684cabcb6603e5e85e", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Hugging Face model with various cases", - "test_group": "base", - "test_type": "build", - "input": { - "type": "huggingface", - "namespace": "EleutherAI", - "name": "gpt-neo-1.3B", - "version": "797174552ae47f449ab70b684cabcb6603e5e85e", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:huggingface/EleutherAI/gpt-neo-1.3B@797174552ae47f449ab70b684cabcb6603e5e85e", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_output": { - "type": "huggingface", - "namespace": null, - "name": "distilbert-base-uncased", - "version": "043235d6088ecd3dd5fb5ca3592b6913fd516027", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_output": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "huggingface", - "namespace": null, - "name": "distilbert-base-uncased", - "version": "043235d6088ecd3dd5fb5ca3592b6913fd516027", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_output": { - "type": "huggingface", - "namespace": "microsoft", - "name": "deberta-v3-base", - "version": "559062ad13d311b87b2c455e67dcd5f1c8f65111", - "qualifiers": { - "repository_url": "https://hub-ci.huggingface.co" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_output": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "huggingface", - "namespace": "microsoft", - "name": "deberta-v3-base", - "version": "559062ad13d311b87b2c455e67dcd5f1c8f65111", - "qualifiers": { - "repository_url": "https://hub-ci.huggingface.co" - }, - "subpath": null - }, - "expected_output": "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/luarocks-test.json b/tests/types/luarocks-test.json deleted file mode 100644 index a822563..0000000 --- a/tests/types/luarocks-test.json +++ /dev/null @@ -1,132 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:luarocks/luasocket@3.1.0-1", - "expected_output": { - "type": "luarocks", - "namespace": null, - "name": "luasocket", - "version": "3.1.0-1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:luarocks/luasocket@3.1.0-1", - "expected_output": "pkg:luarocks/luasocket@3.1.0-1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "luarocks", - "namespace": null, - "name": "luasocket", - "version": "3.1.0-1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:luarocks/luasocket@3.1.0-1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:luarocks/hisham/luafilesystem@1.8.0-1", - "expected_output": { - "type": "luarocks", - "namespace": "hisham", - "name": "luafilesystem", - "version": "1.8.0-1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:luarocks/hisham/luafilesystem@1.8.0-1", - "expected_output": "pkg:luarocks/hisham/luafilesystem@1.8.0-1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "luarocks", - "namespace": "hisham", - "name": "luafilesystem", - "version": "1.8.0-1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:luarocks/hisham/luafilesystem@1.8.0-1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:luarocks/username/packagename@0.1.0-1?repository_url=https://example.com/private_rocks_server/", - "expected_output": { - "type": "luarocks", - "namespace": "username", - "name": "packagename", - "version": "0.1.0-1", - "qualifiers": { - "repository_url": "https://example.com/private_rocks_server/" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:luarocks/username/packagename@0.1.0-1?repository_url=https://example.com/private_rocks_server/", - "expected_output": "pkg:luarocks/username/packagename@0.1.0-1?repository_url=https://example.com/private_rocks_server/", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "luarocks", - "namespace": "username", - "name": "packagename", - "version": "0.1.0-1", - "qualifiers": { - "repository_url": "https://example.com/private_rocks_server/" - }, - "subpath": null - }, - "expected_output": "pkg:luarocks/username/packagename@0.1.0-1?repository_url=https://example.com/private_rocks_server/", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/maven-test.json b/tests/types/maven-test.json deleted file mode 100644 index e8ad9f6..0000000 --- a/tests/types/maven-test.json +++ /dev/null @@ -1,903 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid maven purl. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.commons/io@1.3.4", - "expected_output": "pkg:maven/org.apache.commons/io@1.3.4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/org.apache.commons/io@1.3.4", - "expected_output": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": "1.3.4", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.commons/io@1.3.4", - "expected_output": "pkg:maven/org.apache.commons/io@1.3.4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": "1.3.4", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.commons/io@1.3.4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "basic valid maven purl without version. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "basic valid maven purl without version", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/org.apache.commons/io", - "expected_output": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "basic valid maven purl without version. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "basic valid maven purl without version", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven often uses qualifiers. Rountrip an input purl to canonical using mixedcase type", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:Maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources&repositorY_url=https://repo.spring.io/release", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources&repository_url=https://repo.spring.io/release", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven often uses qualifiers here mixedcase type", - "test_group": "advanced", - "test_type": "parse", - "input": "pkg:Maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources&repositorY_url=https://repo.spring.io/release", - "expected_output": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "classifier": "sources", - "repository_url": "https://repo.spring.io/release" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven often uses qualifiers. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources&repository_url=repo.spring.io/release", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources&repository_url=repo.spring.io/release", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven often uses qualifiers", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "classifier": "sources", - "repository_url": "repo.spring.io/release" - }, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources&repository_url=repo.spring.io/release", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven pom reference. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:Maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom&repositorY_url=repo.spring.io/release", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?repository_url=repo.spring.io/release&type=pom", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven pom reference", - "test_group": "base", - "test_type": "parse", - "input": "pkg:Maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom&repositorY_url=repo.spring.io/release", - "expected_output": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "type": "pom", - "repository_url": "repo.spring.io/release" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven pom reference. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=war&repository_url=https://repo.spring.io/release", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?repository_url=https://repo.spring.io/release&type=war", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven pom reference", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "classifier": "foo", - "repository_url": "repo.spring.io/release" - }, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=foo&repository_url=repo.spring.io/release", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven can come with a type qualifier. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:Maven/net.sf.jacob-project/jacob@1.14.3?classifier=x86&type=dll", - "expected_output": "pkg:maven/net.sf.jacob-project/jacob@1.14.3?classifier=x86&type=dll", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven can come with a type qualifier", - "test_group": "base", - "test_type": "parse", - "input": "pkg:Maven/net.sf.jacob-project/jacob@1.14.3?classifier=x86&type=dll", - "expected_output": { - "type": "maven", - "namespace": "net.sf.jacob-project", - "name": "jacob", - "version": "1.14.3", - "qualifiers": { - "classifier": "x86", - "type": "dll" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven can come with a type qualifier. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/net.sf.jacob-project/jacob@1.14.3?classifier=x86&type=dll", - "expected_output": "pkg:maven/net.sf.jacob-project/jacob@1.14.3?classifier=x86&type=dll", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "maven can come with a type qualifier", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "net.sf.jacob-project", - "name": "jacob", - "version": "1.14.3", - "qualifiers": { - "classifier": "x86", - "type": "dll" - }, - "subpath": null - }, - "expected_output": "pkg:maven/net.sf.jacob-project/jacob@1.14.3?classifier=x86&type=dll", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "a name is required", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/@1.3.4", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "a name is required", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/@1.3.4", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "a name is required", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": null, - "name": null, - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "slash / after type is not significant. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:/maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "slash / after type is not significant", - "test_group": "base", - "test_type": "parse", - "input": "pkg:/maven/org.apache.commons/io", - "expected_output": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "slash / after type is not significant. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "slash / after type is not significant", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "double slash // after type is not significant. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg://maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "double slash // after type is not significant", - "test_group": "base", - "test_type": "parse", - "input": "pkg://maven/org.apache.commons/io", - "expected_output": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "double slash // after type is not significant. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "double slash // after type is not significant", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "slash /// after type is not significant. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:///maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "slash /// after type is not significant", - "test_group": "base", - "test_type": "parse", - "input": "pkg:///maven/org.apache.commons/io", - "expected_output": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "slash /// after type is not significant. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.commons/io", - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "slash /// after type is not significant", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.commons/io", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl with case sensitive namespace and name. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:maven/HTTPClient/HTTPClient@0.3-3", - "expected_output": "pkg:maven/HTTPClient/HTTPClient@0.3-3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl with case sensitive namespace and name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/HTTPClient/HTTPClient@0.3-3", - "expected_output": { - "type": "maven", - "namespace": "HTTPClient", - "name": "HTTPClient", - "version": "0.3-3", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl with case sensitive namespace and name. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/HTTPClient/HTTPClient@0.3-3", - "expected_output": "pkg:maven/HTTPClient/HTTPClient@0.3-3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl with case sensitive namespace and name", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "HTTPClient", - "name": "HTTPClient", - "version": "0.3-3", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:maven/HTTPClient/HTTPClient@0.3-3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl containing a space in the version and qualifier. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:maven/mygroup/myartifact@1.0.0%20Final?mykey=my%20value", - "expected_output": "pkg:maven/mygroup/myartifact@1.0.0%20Final?mykey=my%20value", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl containing a space in the version and qualifier", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/mygroup/myartifact@1.0.0%20Final?mykey=my%20value", - "expected_output": { - "type": "maven", - "namespace": "mygroup", - "name": "myartifact", - "version": "1.0.0 Final", - "qualifiers": { - "mykey": "my value" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl containing a space in the version and qualifier. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/mygroup/myartifact@1.0.0%20Final?mykey=my%20value", - "expected_output": "pkg:maven/mygroup/myartifact@1.0.0%20Final?mykey=my%20value", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid maven purl containing a space in the version and qualifier", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "mygroup", - "name": "myartifact", - "version": "1.0.0 Final", - "qualifiers": { - "mykey": "my value" - }, - "subpath": null - }, - "expected_output": "pkg:maven/mygroup/myartifact@1.0.0%20Final?mykey=my%20value", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "invalid encoded colon : between scheme and type", - "test_group": "base", - "test_type": "parse", - "input": "pkg%3Amaven/org.apache.commons/io", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid encoded colon : between scheme and type", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.commons", - "name": "io", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1", - "expected_output": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom", - "expected_output": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "type": "pom" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "type": "pom" - }, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources", - "expected_output": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "classifier": "sources" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "classifier": "sources" - }, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=zip&classifier=dist", - "expected_output": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "classifier": "dist", - "type": "zip" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=zip&classifier=dist", - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=zip&classifier=dist", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "org.apache.xmlgraphics", - "name": "batik-anim", - "version": "1.9.1", - "qualifiers": { - "classifier": "dist", - "type": "zip" - }, - "subpath": null - }, - "expected_output": "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=zip&classifier=dist", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x86&type=dll", - "expected_output": { - "type": "maven", - "namespace": "net.sf.jacob-projec", - "name": "jacob", - "version": "1.14.3", - "qualifiers": { - "classifier": "x86", - "type": "dll" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x86&type=dll", - "expected_output": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x86&type=dll", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "net.sf.jacob-projec", - "name": "jacob", - "version": "1.14.3", - "qualifiers": { - "classifier": "x86", - "type": "dll" - }, - "subpath": null - }, - "expected_output": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x86&type=dll", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x64&type=dll", - "expected_output": { - "type": "maven", - "namespace": "net.sf.jacob-projec", - "name": "jacob", - "version": "1.14.3", - "qualifiers": { - "classifier": "x64", - "type": "dll" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x64&type=dll", - "expected_output": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x64&type=dll", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "net.sf.jacob-projec", - "name": "jacob", - "version": "1.14.3", - "qualifiers": { - "classifier": "x64", - "type": "dll" - }, - "subpath": null - }, - "expected_output": "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x64&type=dll", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:maven/groovy/groovy@1.0?repository_url=https://maven.google.com", - "expected_output": { - "type": "maven", - "namespace": "groovy", - "name": "groovy", - "version": "1.0", - "qualifiers": { - "repository_url": "https://maven.google.com" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:maven/groovy/groovy@1.0?repository_url=https://maven.google.com", - "expected_output": "pkg:maven/groovy/groovy@1.0?repository_url=https://maven.google.com", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "maven", - "namespace": "groovy", - "name": "groovy", - "version": "1.0", - "qualifiers": { - "repository_url": "https://maven.google.com" - }, - "subpath": null - }, - "expected_output": "pkg:maven/groovy/groovy@1.0?repository_url=https://maven.google.com", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/mlflow-test.json b/tests/types/mlflow-test.json deleted file mode 100644 index 71f5170..0000000 --- a/tests/types/mlflow-test.json +++ /dev/null @@ -1,265 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "MLflow model tracked in Azure Databricks (case insensitive). Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:mlflow/CreditFraud@3?repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_output": "pkg:mlflow/creditfraud@3?repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model tracked in Azure Databricks (case insensitive)", - "test_group": "base", - "test_type": "parse", - "input": "pkg:mlflow/CreditFraud@3?repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_output": { - "type": "mlflow", - "namespace": null, - "name": "creditfraud", - "version": "3", - "qualifiers": { - "repository_url": "https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model tracked in Azure Databricks (case insensitive). Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:mlflow/creditfraud@3?repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_output": "pkg:mlflow/creditfraud@3?repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model tracked in Azure Databricks (case insensitive)", - "test_group": "base", - "test_type": "build", - "input": { - "type": "mlflow", - "namespace": null, - "name": "creditfraud", - "version": "3", - "qualifiers": { - "repository_url": "https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow" - }, - "subpath": null - }, - "expected_output": "pkg:mlflow/creditfraud@3?repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model tracked in Azure ML (case sensitive). Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:mlflow/CreditFraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_output": "pkg:mlflow/CreditFraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model tracked in Azure ML (case sensitive)", - "test_group": "base", - "test_type": "parse", - "input": "pkg:mlflow/CreditFraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_output": { - "type": "mlflow", - "namespace": null, - "name": "CreditFraud", - "version": "3", - "qualifiers": { - "repository_url": "https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model tracked in Azure ML (case sensitive). Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:mlflow/CreditFraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_output": "pkg:mlflow/CreditFraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model tracked in Azure ML (case sensitive)", - "test_group": "base", - "test_type": "build", - "input": { - "type": "mlflow", - "namespace": null, - "name": "CreditFraud", - "version": "3", - "qualifiers": { - "repository_url": "https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace" - }, - "subpath": null - }, - "expected_output": "pkg:mlflow/CreditFraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model with unique identifiers. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_output": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model with unique identifiers", - "test_group": "base", - "test_type": "parse", - "input": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_output": { - "type": "mlflow", - "namespace": null, - "name": "trafficsigns", - "version": "10", - "qualifiers": { - "model_uuid": "36233173b22f4c89b451f1228d700d49", - "run_id": "410a3121-2709-4f88-98dd-dba0ef056b0a", - "repository_url": "https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model with unique identifiers. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a", - "expected_output": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "MLflow model with unique identifiers", - "test_group": "base", - "test_type": "build", - "input": { - "type": "mlflow", - "namespace": null, - "name": "trafficsigns", - "version": "10", - "qualifiers": { - "model_uuid": "36233173b22f4c89b451f1228d700d49", - "run_id": "410a3121-2709-4f88-98dd-dba0ef056b0a", - "repository_url": "https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow" - }, - "subpath": null - }, - "expected_output": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:mlflow/creditfraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_output": { - "type": "mlflow", - "namespace": null, - "name": "creditfraud", - "version": "3", - "qualifiers": { - "repository_url": "https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:mlflow/creditfraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_output": "pkg:mlflow/creditfraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "mlflow", - "namespace": null, - "name": "creditfraud", - "version": "3", - "qualifiers": { - "repository_url": "https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace" - }, - "subpath": null - }, - "expected_output": "pkg:mlflow/creditfraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_output": { - "type": "mlflow", - "namespace": null, - "name": "trafficsigns", - "version": "10", - "qualifiers": { - "model_uuid": "36233173b22f4c89b451f1228d700d49", - "repository_url": "https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "run_id": "410a3121-2709-4f88-98dd-dba0ef056b0a" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_output": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "mlflow", - "namespace": null, - "name": "trafficsigns", - "version": "10", - "qualifiers": { - "model_uuid": "36233173b22f4c89b451f1228d700d49", - "repository_url": "https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "run_id": "410a3121-2709-4f88-98dd-dba0ef056b0a" - }, - "subpath": null - }, - "expected_output": "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/npm-test.json b/tests/types/npm-test.json deleted file mode 100644 index 7167f42..0000000 --- a/tests/types/npm-test.json +++ /dev/null @@ -1,259 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "npm can be scoped. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:npm/%40angular/animation@12.3.1", - "expected_output": "pkg:npm/%40angular/animation@12.3.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "npm can be scoped", - "test_group": "base", - "test_type": "parse", - "input": "pkg:npm/%40angular/animation@12.3.1", - "expected_output": { - "type": "npm", - "namespace": "@angular", - "name": "animation", - "version": "12.3.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "npm can be scoped. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:npm/%40angular/animation@12.3.1", - "expected_output": "pkg:npm/%40angular/animation@12.3.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "npm can be scoped", - "test_group": "base", - "test_type": "build", - "input": { - "type": "npm", - "namespace": "@angular", - "name": "animation", - "version": "12.3.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:npm/%40angular/animation@12.3.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "checks for invalid qualifier keys", - "test_group": "base", - "test_type": "parse", - "input": "pkg:npm/myartifact@1.0.0?in%20production=true", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "checks for invalid qualifier keys", - "test_group": "base", - "test_type": "build", - "input": { - "type": "npm", - "namespace": null, - "name": "myartifact", - "version": "1.0.0", - "qualifiers": { - "in production": "true" - }, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:npm/foobar@12.3.1", - "expected_output": { - "type": "npm", - "namespace": null, - "name": "foobar", - "version": "12.3.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:npm/foobar@12.3.1", - "expected_output": "pkg:npm/foobar@12.3.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "npm", - "namespace": null, - "name": "foobar", - "version": "12.3.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:npm/foobar@12.3.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:npm/%40angular/animation@12.3.1", - "expected_output": { - "type": "npm", - "namespace": "@angular", - "name": "animation", - "version": "12.3.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:npm/%40angular/animation@12.3.1", - "expected_output": "pkg:npm/%40angular/animation@12.3.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "npm", - "namespace": "@angular", - "name": "animation", - "version": "12.3.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:npm/%40angular/animation@12.3.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:npm/mypackage@12.4.5?vcs_url=git://host.com/path/to/repo.git%404345abcd34343", - "expected_output": { - "type": "npm", - "namespace": null, - "name": "mypackage", - "version": "12.4.5", - "qualifiers": { - "vcs_url": "git://host.com/path/to/repo.git@4345abcd34343" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:npm/mypackage@12.4.5?vcs_url=git://host.com/path/to/repo.git%404345abcd34343", - "expected_output": "pkg:npm/mypackage@12.4.5?vcs_url=git://host.com/path/to/repo.git%404345abcd34343", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "npm", - "namespace": null, - "name": "mypackage", - "version": "12.4.5", - "qualifiers": { - "vcs_url": "git://host.com/path/to/repo.git@4345abcd34343" - }, - "subpath": null - }, - "expected_output": "pkg:npm/mypackage@12.4.5?vcs_url=git://host.com/path/to/repo.git%404345abcd34343", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid npm purl without version and with subpath, scope unencoded", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:npm/@babel/core#/googleapis/api/annotations/", - "expected_output": "pkg:npm/%40babel/core#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid npm purl without version and with subpath, scope unencoded", - "test_group": "advanced", - "test_type": "parse", - "input": "pkg:npm/@babel/core#/googleapis/api/annotations/", - "expected_output": { - "type": "npm", - "namespace": "@babel", - "name": "core", - "version": null, - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid npm purl without version and with subpath, scope unencoded", - "test_group": "base", - "test_type": "parse", - "input": "pkg:npm/%40babel/core#/googleapis/api/annotations/", - "expected_output": { - "type": "npm", - "namespace": "@babel", - "name": "core", - "version": null, - "qualifiers": null, - "subpath": "googleapis/api/annotations" - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid npm purl without namespace and with subpath", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:npm/core@2.0.1#/googleapis/api/annotations/", - "expected_output": "pkg:npm/core@2.0.1#googleapis/api/annotations", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/nuget-test.json b/tests/types/nuget-test.json deleted file mode 100644 index 67d9791..0000000 --- a/tests/types/nuget-test.json +++ /dev/null @@ -1,96 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "nuget names are case sensitive. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:Nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_output": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "nuget names are case sensitive", - "test_group": "base", - "test_type": "parse", - "input": "pkg:Nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_output": { - "type": "nuget", - "namespace": null, - "name": "EnterpriseLibrary.Common", - "version": "6.0.1304", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "nuget names are case sensitive. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_output": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "nuget names are case sensitive", - "test_group": "base", - "test_type": "build", - "input": { - "type": "nuget", - "namespace": null, - "name": "EnterpriseLibrary.Common", - "version": "6.0.1304", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_output": { - "type": "nuget", - "namespace": null, - "name": "EnterpriseLibrary.Common", - "version": "6.0.1304", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_output": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "nuget", - "namespace": null, - "name": "EnterpriseLibrary.Common", - "version": "6.0.1304", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:nuget/EnterpriseLibrary.Common@6.0.1304", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/oci-test.json b/tests/types/oci-test.json deleted file mode 100644 index ccf8332..0000000 --- a/tests/types/oci-test.json +++ /dev/null @@ -1,193 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=docker.io/library/debian&arch=amd64&tag=latest", - "expected_output": { - "type": "oci", - "namespace": null, - "name": "debian", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "arch": "amd64", - "repository_url": "docker.io/library/debian", - "tag": "latest" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=docker.io/library/debian&arch=amd64&tag=latest", - "expected_output": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=docker.io/library/debian&arch=amd64&tag=latest", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "oci", - "namespace": null, - "name": "debian", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "arch": "amd64", - "repository_url": "docker.io/library/debian", - "tag": "latest" - }, - "subpath": null - }, - "expected_output": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=docker.io/library/debian&arch=amd64&tag=latest", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=ghcr.io/debian&tag=bullseye", - "expected_output": { - "type": "oci", - "namespace": null, - "name": "debian", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "repository_url": "ghcr.io/debian", - "tag": "bullseye" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=ghcr.io/debian&tag=bullseye", - "expected_output": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=ghcr.io/debian&tag=bullseye", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "oci", - "namespace": null, - "name": "debian", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "repository_url": "ghcr.io/debian", - "tag": "bullseye" - }, - "subpath": null - }, - "expected_output": "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=ghcr.io/debian&tag=bullseye", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:oci/static@sha256%3A244fd47e07d10?repository_url=gcr.io/distroless/static&tag=latest", - "expected_output": { - "type": "oci", - "namespace": null, - "name": "static", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "repository_url": "gcr.io/distroless/static", - "tag": "latest" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:oci/static@sha256%3A244fd47e07d10?repository_url=gcr.io/distroless/static&tag=latest", - "expected_output": "pkg:oci/static@sha256%3A244fd47e07d10?repository_url=gcr.io/distroless/static&tag=latest", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "oci", - "namespace": null, - "name": "static", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "repository_url": "gcr.io/distroless/static", - "tag": "latest" - }, - "subpath": null - }, - "expected_output": "pkg:oci/static@sha256%3A244fd47e07d10?repository_url=gcr.io/distroless/static&tag=latest", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:oci/hello-wasm@sha256%3A244fd47e07d10?tag=v1", - "expected_output": { - "type": "oci", - "namespace": null, - "name": "hello-wasm", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "tag": "v1" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:oci/hello-wasm@sha256%3A244fd47e07d10?tag=v1", - "expected_output": "pkg:oci/hello-wasm@sha256%3A244fd47e07d10?tag=v1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "oci", - "namespace": null, - "name": "hello-wasm", - "version": "sha256:244fd47e07d10", - "qualifiers": { - "tag": "v1" - }, - "subpath": null - }, - "expected_output": "pkg:oci/hello-wasm@sha256%3A244fd47e07d10?tag=v1", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/pub-test.json b/tests/types/pub-test.json deleted file mode 100644 index ef8daf2..0000000 --- a/tests/types/pub-test.json +++ /dev/null @@ -1,87 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:pub/characters@1.2.0", - "expected_output": { - "type": "pub", - "namespace": null, - "name": "characters", - "version": "1.2.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:pub/characters@1.2.0", - "expected_output": "pkg:pub/characters@1.2.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "pub", - "namespace": null, - "name": "characters", - "version": "1.2.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:pub/characters@1.2.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:pub/flutter@0.0.0", - "expected_output": { - "type": "pub", - "namespace": null, - "name": "flutter", - "version": "0.0.0", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:pub/flutter@0.0.0", - "expected_output": "pkg:pub/flutter@0.0.0", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "pub", - "namespace": null, - "name": "flutter", - "version": "0.0.0", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:pub/flutter@0.0.0", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/pypi-test.json b/tests/types/pypi-test.json deleted file mode 100644 index 23eb979..0000000 --- a/tests/types/pypi-test.json +++ /dev/null @@ -1,227 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "pypi names have special rules and not case sensitive. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:PYPI/Django_package@1.11.1.dev1", - "expected_output": "pkg:pypi/django-package@1.11.1.dev1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "pypi names have special rules and not case sensitive", - "test_group": "base", - "test_type": "parse", - "input": "pkg:PYPI/Django_package@1.11.1.dev1", - "expected_output": { - "type": "pypi", - "namespace": null, - "name": "django-package", - "version": "1.11.1.dev1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "pypi names have special rules and not case sensitive. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:pypi/django-package@1.11.1.dev1", - "expected_output": "pkg:pypi/django-package@1.11.1.dev1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "pypi names have special rules and not case sensitive", - "test_group": "base", - "test_type": "build", - "input": { - "type": "pypi", - "namespace": null, - "name": "django-package", - "version": "1.11.1.dev1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:pypi/django-package@1.11.1.dev1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:pypi/django@1.11.1", - "expected_output": { - "type": "pypi", - "namespace": null, - "name": "django", - "version": "1.11.1", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:pypi/django@1.11.1", - "expected_output": "pkg:pypi/django@1.11.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "pypi", - "namespace": null, - "name": "django", - "version": "1.11.1", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:pypi/django@1.11.1", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:pypi/django@1.11.1?filename=Django-1.11.1.tar.gz", - "expected_output": { - "type": "pypi", - "namespace": null, - "name": "django", - "version": "1.11.1", - "qualifiers": { - "filename": "Django-1.11.1.tar.gz" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:pypi/django@1.11.1?filename=Django-1.11.1.tar.gz", - "expected_output": "pkg:pypi/django@1.11.1?filename=Django-1.11.1.tar.gz", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "pypi", - "namespace": null, - "name": "django", - "version": "1.11.1", - "qualifiers": { - "filename": "Django-1.11.1.tar.gz" - }, - "subpath": null - }, - "expected_output": "pkg:pypi/django@1.11.1?filename=Django-1.11.1.tar.gz", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:pypi/django@1.11.1?filename=Django-1.11.1-py2.py3-none-any.whl", - "expected_output": { - "type": "pypi", - "namespace": null, - "name": "django", - "version": "1.11.1", - "qualifiers": { - "filename": "Django-1.11.1-py2.py3-none-any.whl" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:pypi/django@1.11.1?filename=Django-1.11.1-py2.py3-none-any.whl", - "expected_output": "pkg:pypi/django@1.11.1?filename=Django-1.11.1-py2.py3-none-any.whl", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "pypi", - "namespace": null, - "name": "django", - "version": "1.11.1", - "qualifiers": { - "filename": "Django-1.11.1-py2.py3-none-any.whl" - }, - "subpath": null - }, - "expected_output": "pkg:pypi/django@1.11.1?filename=Django-1.11.1-py2.py3-none-any.whl", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:pypi/django-allauth@12.23", - "expected_output": { - "type": "pypi", - "namespace": null, - "name": "django-allauth", - "version": "12.23", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:pypi/django-allauth@12.23", - "expected_output": "pkg:pypi/django-allauth@12.23", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "pypi", - "namespace": null, - "name": "django-allauth", - "version": "12.23", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:pypi/django-allauth@12.23", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/qpkg-test.json b/tests/types/qpkg-test.json deleted file mode 100644 index 9450bf3..0000000 --- a/tests/types/qpkg-test.json +++ /dev/null @@ -1,87 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:qpkg/blackberry/com.qnx.sdp@7.0.0.SGA201702151847", - "expected_output": { - "type": "qpkg", - "namespace": "blackberry", - "name": "com.qnx.sdp", - "version": "7.0.0.SGA201702151847", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:qpkg/blackberry/com.qnx.sdp@7.0.0.SGA201702151847", - "expected_output": "pkg:qpkg/blackberry/com.qnx.sdp@7.0.0.SGA201702151847", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "qpkg", - "namespace": "blackberry", - "name": "com.qnx.sdp", - "version": "7.0.0.SGA201702151847", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:qpkg/blackberry/com.qnx.sdp@7.0.0.SGA201702151847", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:qpkg/blackberry/com.qnx.qnx710.foo.bar.qux@0.0.4.01449T202205040833L", - "expected_output": { - "type": "qpkg", - "namespace": "blackberry", - "name": "com.qnx.qnx710.foo.bar.qux", - "version": "0.0.4.01449T202205040833L", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:qpkg/blackberry/com.qnx.qnx710.foo.bar.qux@0.0.4.01449T202205040833L", - "expected_output": "pkg:qpkg/blackberry/com.qnx.qnx710.foo.bar.qux@0.0.4.01449T202205040833L", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "qpkg", - "namespace": "blackberry", - "name": "com.qnx.qnx710.foo.bar.qux", - "version": "0.0.4.01449T202205040833L", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:qpkg/blackberry/com.qnx.qnx710.foo.bar.qux@0.0.4.01449T202205040833L", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/rpm-test.json b/tests/types/rpm-test.json deleted file mode 100644 index 8087b57..0000000 --- a/tests/types/rpm-test.json +++ /dev/null @@ -1,157 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "rpm often use qualifiers. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:Rpm/fedora/curl@7.50.3-1.fc25?Arch=i386&Distro=fedora-25", - "expected_output": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "rpm often use qualifiers", - "test_group": "base", - "test_type": "parse", - "input": "pkg:Rpm/fedora/curl@7.50.3-1.fc25?Arch=i386&Distro=fedora-25", - "expected_output": { - "type": "rpm", - "namespace": "fedora", - "name": "curl", - "version": "7.50.3-1.fc25", - "qualifiers": { - "arch": "i386", - "distro": "fedora-25" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "rpm often use qualifiers. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_output": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "rpm often use qualifiers", - "test_group": "base", - "test_type": "build", - "input": { - "type": "rpm", - "namespace": "fedora", - "name": "curl", - "version": "7.50.3-1.fc25", - "qualifiers": { - "arch": "i386", - "distro": "fedora-25" - }, - "subpath": null - }, - "expected_output": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_output": { - "type": "rpm", - "namespace": "fedora", - "name": "curl", - "version": "7.50.3-1.fc25", - "qualifiers": { - "arch": "i386", - "distro": "fedora-25" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_output": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "rpm", - "namespace": "fedora", - "name": "curl", - "version": "7.50.3-1.fc25", - "qualifiers": { - "arch": "i386", - "distro": "fedora-25" - }, - "subpath": null - }, - "expected_output": "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:rpm/centerim@4.22.10-1.el6?arch=i686&epoch=1&distro=fedora-25", - "expected_output": { - "type": "rpm", - "namespace": null, - "name": "centerim", - "version": "4.22.10-1.el6", - "qualifiers": { - "arch": "i686", - "distro": "fedora-25", - "epoch": "1" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:rpm/centerim@4.22.10-1.el6?arch=i686&epoch=1&distro=fedora-25", - "expected_output": "pkg:rpm/centerim@4.22.10-1.el6?arch=i686&epoch=1&distro=fedora-25", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "rpm", - "namespace": null, - "name": "centerim", - "version": "4.22.10-1.el6", - "qualifiers": { - "arch": "i686", - "distro": "fedora-25", - "epoch": "1" - }, - "subpath": null - }, - "expected_output": "pkg:rpm/centerim@4.22.10-1.el6?arch=i686&epoch=1&distro=fedora-25", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/swid-test.json b/tests/types/swid-test.json deleted file mode 100644 index dd942d8..0000000 --- a/tests/types/swid-test.json +++ /dev/null @@ -1,140 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swid/Acme/example.com/Enterprise+Server@1.0.0?tag_id=75b8c285-fa7b-485b-b199-4745e3004d0d", - "expected_output": { - "type": "swid", - "namespace": "Acme/example.com", - "name": "Enterprise+Server", - "version": "1.0.0", - "qualifiers": { - "tag_id": "75b8c285-fa7b-485b-b199-4745e3004d0d" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:swid/Acme/example.com/Enterprise+Server@1.0.0?tag_id=75b8c285-fa7b-485b-b199-4745e3004d0d", - "expected_output": "pkg:swid/Acme/example.com/Enterprise+Server@1.0.0?tag_id=75b8c285-fa7b-485b-b199-4745e3004d0d", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swid", - "namespace": "Acme/example.com", - "name": "Enterprise+Server", - "version": "1.0.0", - "qualifiers": { - "tag_id": "75b8c285-fa7b-485b-b199-4745e3004d0d" - }, - "subpath": null - }, - "expected_output": "pkg:swid/Acme/example.com/Enterprise+Server@1.0.0?tag_id=75b8c285-fa7b-485b-b199-4745e3004d0d", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swid/Fedora@29?tag_id=org.fedoraproject.Fedora-29", - "expected_output": { - "type": "swid", - "namespace": null, - "name": "Fedora", - "version": "29", - "qualifiers": { - "tag_id": "org.fedoraproject.Fedora-29" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:swid/Fedora@29?tag_id=org.fedoraproject.Fedora-29", - "expected_output": "pkg:swid/Fedora@29?tag_id=org.fedoraproject.Fedora-29", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swid", - "namespace": null, - "name": "Fedora", - "version": "29", - "qualifiers": { - "tag_id": "org.fedoraproject.Fedora-29" - }, - "subpath": null - }, - "expected_output": "pkg:swid/Fedora@29?tag_id=org.fedoraproject.Fedora-29", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swid/Adobe+Systems+Incorporated/Adobe+InDesign@CC?tag_id=CreativeCloud-CS6-Win-GM-MUL", - "expected_output": { - "type": "swid", - "namespace": "Adobe+Systems+Incorporated", - "name": "Adobe+InDesign", - "version": "CC", - "qualifiers": { - "tag_id": "CreativeCloud-CS6-Win-GM-MUL" - }, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:swid/Adobe+Systems+Incorporated/Adobe+InDesign@CC?tag_id=CreativeCloud-CS6-Win-GM-MUL", - "expected_output": "pkg:swid/Adobe+Systems+Incorporated/Adobe+InDesign@CC?tag_id=CreativeCloud-CS6-Win-GM-MUL", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swid", - "namespace": "Adobe+Systems+Incorporated", - "name": "Adobe+InDesign", - "version": "CC", - "qualifiers": { - "tag_id": "CreativeCloud-CS6-Win-GM-MUL" - }, - "subpath": null - }, - "expected_output": "pkg:swid/Adobe+Systems+Incorporated/Adobe+InDesign@CC?tag_id=CreativeCloud-CS6-Win-GM-MUL", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/tests/types/swift-test.json b/tests/types/swift-test.json deleted file mode 100644 index ef3d1fb..0000000 --- a/tests/types/swift-test.json +++ /dev/null @@ -1,239 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-test.schema-1.0.json", - "tests": [ - { - "description": "valid swift purl. Rountrip an input purl to canonical.", - "test_group": "advanced", - "test_type": "roundtrip", - "input": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_output": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid swift purl", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_output": { - "type": "swift", - "namespace": "github.com/Alamofire", - "name": "Alamofire", - "version": "5.4.3", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid swift purl. Rountrip a canonical input to canonical output.", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_output": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "valid swift purl", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swift", - "namespace": "github.com/Alamofire", - "name": "Alamofire", - "version": "5.4.3", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "invalid swift purl without namespace", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/Alamofire@5.4.3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid swift purl without namespace", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/Alamofire@5.4.3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "invalid swift purl without namespace", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swift", - "namespace": null, - "name": "Alamofire", - "version": "5.4.3", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "invalid swift purl without name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/github.com/Alamofire/@5.4.3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid swift purl without name", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/github.com/Alamofire/@5.4.3", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "invalid swift purl without name", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swift", - "namespace": "github.com/Alamofire", - "name": null, - "version": "5.4.3", - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "invalid swift purl without version", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/github.com/Alamofire/Alamofire", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid purl input" - }, - { - "description": "invalid swift purl without version", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/github.com/Alamofire/Alamofire", - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to parse a PURL from invalid canonical purl input" - }, - { - "description": "invalid swift purl without version", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swift", - "namespace": "github.com/Alamofire", - "name": "Alamofire", - "version": null, - "qualifiers": null, - "subpath": null - }, - "expected_output": null, - "expected_failure": true, - "expected_failure_reason": "Should fail to build a PURL from invalid input components" - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_output": { - "type": "swift", - "namespace": "github.com/Alamofire", - "name": "Alamofire", - "version": "5.4.3", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_output": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swift", - "namespace": "github.com/Alamofire", - "name": "Alamofire", - "version": "5.4.3", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Parse test for PURL", - "test_group": "base", - "test_type": "parse", - "input": "pkg:swift/github.com/RxSwiftCommunity/RxFlow@2.12.4", - "expected_output": { - "type": "swift", - "namespace": "github.com/RxSwiftCommunity", - "name": "RxFlow", - "version": "2.12.4", - "qualifiers": null, - "subpath": null - }, - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Rountrip test for PURL", - "test_group": "base", - "test_type": "roundtrip", - "input": "pkg:swift/github.com/RxSwiftCommunity/RxFlow@2.12.4", - "expected_output": "pkg:swift/github.com/RxSwiftCommunity/RxFlow@2.12.4", - "expected_failure": false, - "expected_failure_reason": null - }, - { - "description": "Build test for PURL", - "test_group": "base", - "test_type": "build", - "input": { - "type": "swift", - "namespace": "github.com/RxSwiftCommunity", - "name": "RxFlow", - "version": "2.12.4", - "qualifiers": null, - "subpath": null - }, - "expected_output": "pkg:swift/github.com/RxSwiftCommunity/RxFlow@2.12.4", - "expected_failure": false, - "expected_failure_reason": null - } - ] -} diff --git a/types-doc/README.md b/types-doc/README.md deleted file mode 100644 index 3b77539..0000000 --- a/types-doc/README.md +++ /dev/null @@ -1,10 +0,0 @@ -###Auto-Generated PURL Type Documentation - -This directory contains **human-readable documentation** generated from the **reference -machine-readable JSON PURL type definitions** found in `types/`. - -**Do not manually edit these files!** - -These documents are **automatically generated** and will be **overwritten** in future updates. - -All modifications should be made in the reference JSON files located in `types/`. diff --git a/types-doc/alpm-definition.md b/types-doc/alpm-definition.md deleted file mode 100644 index 16e22f5..0000000 --- a/types-doc/alpm-definition.md +++ /dev/null @@ -1,52 +0,0 @@ - - -# PURL Type Definition: alpm - -- **Type Name:** Arch Linux package -- **Description:** Arch Linux packages and other users of the libalpm/pacman package manager. -- **Schema ID:** `https://packageurl.org/types/github-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:alpm//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no default package repository; this should be implied either from the distro qualifiers key or using a repository base url as repository_url qualifiers key. - -## Namespace definition - -- **Requirement:** Required -- **Normalization rules:** - - It is not case sensitive and must be lowercased. -- **Native Label:** vendor -- **Note:** `The namespace is the vendor such as arch, arch32, archarm, manjaro or msys.` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is the package name. It is not case sensitive and must be lowercased.` - -## Version definition - -- **Case Sensitive:** Yes -- **Normalization rules:** - - normalize version as specified in vercmp(8) at https://man.archlinux.org/man/vercmp.8#DESCRIPTION as part of alpm. -- **Native Label:** version -- **Note:** `The version is the version of the package as specified in vercmp(8) at (https://man.archlinux.org/man/vercmp.8#DESCRIPTION as part of alpm.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| arch | Optional | arch | | The arch is the qualifiers key for a package architecture. | - -## Examples - -- `pkg:alpm/arch/pacman@6.0.1-1?arch=x86_64` -- `pkg:alpm/arch/python-pip@21.0-1?arch=any` -- `pkg:alpm/arch/containers-common@1:0.47.4-4?arch=x86_64` diff --git a/types-doc/apk-definition.md b/types-doc/apk-definition.md deleted file mode 100644 index 55e4076..0000000 --- a/types-doc/apk-definition.md +++ /dev/null @@ -1,50 +0,0 @@ - - -# PURL Type Definition: apk - -- **Type Name:** APK-based packages -- **Description:** Alpine Linux APK-based packages -- **Schema ID:** `https://packageurl.org/types/bitbucket-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:apk//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no default package repository; this should be implied either from the distro qualifiers key or using a repository base url as repository_url qualifiers key. - -## Namespace definition - -- **Requirement:** Required -- **Native Label:** vendor -- **Note:** `The namespace is the vendor such as alpine or openwrt. It is not case sensitive and must be lowercased.` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is the package name. It is not case sensitive and must be lowercased.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is a package version as expected by apk.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| arch | Optional | | | The arch is the qualifiers key for a package architecture. | - -## Examples - -- `pkg:apk/alpine/curl@7.83.0-r0?arch=x86` -- `pkg:apk/alpine/apk@2.12.9-r3?arch=x86` - -## Note - -not to be confused with Android packages with a .apk extension. diff --git a/types-doc/bitbucket-definition.md b/types-doc/bitbucket-definition.md deleted file mode 100644 index 78ff44d..0000000 --- a/types-doc/bitbucket-definition.md +++ /dev/null @@ -1,39 +0,0 @@ - - -# PURL Type Definition: bitbucket - -- **Type Name:** Bitbucket -- **Description:** Bitbucket-based packages -- **Schema ID:** `https://packageurl.org/types/bitbucket-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:bitbucket//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://bitbucket.org - -## Namespace definition - -- **Requirement:** Required -- **Native Label:** user or organization -- **Note:** `The namespace is the user or organization. It is not case sensitive and must be lowercased.` - -## Name definition - -- **Native Label:** repository name -- **Note:** `The name is the repository name. It is not case sensitive and must be lowercased.` - -## Version definition - -- **Native Label:** commit or tag -- **Note:** `The version is a commit or tag.` - -## Examples - -- `pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c` diff --git a/types-doc/bitnami-definition.md b/types-doc/bitnami-definition.md deleted file mode 100644 index 9d5e3ea..0000000 --- a/types-doc/bitnami-definition.md +++ /dev/null @@ -1,48 +0,0 @@ - - -# PURL Type Definition: bitnami - -- **Type Name:** Bitnami -- **Description:** Bitnami-based packages -- **Schema ID:** `https://packageurl.org/types/bitname-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:bitnami/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://downloads.bitnami.com/files/stacksmith - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is the component name. It must be lowercased.` - -## Version definition - -- **Native Label:** full package version, including version and revision -- **Note:** `The version is the full Bitnami package version, including version and revision.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| arch | Optional | | amd64 | The arch is the qualifiers key for a package architecture. Available values are amd64 (default) and arm64. | -| distro | Optional | | | The distro is the qualifiers key for the distribution associated to the package. | - -## Examples - -- `pkg:bitnami/wordpress?distro=debian-12` -- `pkg:bitnami/wordpress@6.2.0?distro=debian-12` -- `pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=debian-12` -- `pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=photon-4` diff --git a/types-doc/cargo-definition.md b/types-doc/cargo-definition.md deleted file mode 100644 index 4dfc926..0000000 --- a/types-doc/cargo-definition.md +++ /dev/null @@ -1,40 +0,0 @@ - - -# PURL Type Definition: cargo - -- **Type Name:** Cargo -- **Description:** Cargo packages for Rust -- **Schema ID:** `https://packageurl.org/types/cargo-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:cargo/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://crates.io/ - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is the repository name.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is the package version.` - -## Examples - -- `pkg:cargo/rand@0.7.2` -- `pkg:cargo/clap@2.33.0` -- `pkg:cargo/structopt@0.3.11` diff --git a/types-doc/cocoapods-definition.md b/types-doc/cocoapods-definition.md deleted file mode 100644 index 8b30c26..0000000 --- a/types-doc/cocoapods-definition.md +++ /dev/null @@ -1,46 +0,0 @@ - - -# PURL Type Definition: cocoapods - -- **Type Name:** CocoaPods -- **Description:** CocoaPods pods -- **Schema ID:** `https://packageurl.org/types/cocoapods-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:cocoapods/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://cdn.cocoapods.org/ - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Case Sensitive:** Yes -- **Native Label:** pod name -- **Note:** `The name is the pod name and is case sensitive, cannot contain whitespace, a plus (+) character, or begin with a period (.).` - -## Version definition - -- **Native Label:** package version -- **Note:** `The version is the package version.` - -## Subpath definition - -- **Note:** `The purl subpath is used to represent a pods subspec (if present).` - -## Examples - -- `pkg:cocoapods/AFNetworking@4.0.1` -- `pkg:cocoapods/MapsIndoors@3.24.0` -- `pkg:cocoapods/ShareKit@2.0#Twitter` -- `pkg:cocoapods/GoogleUtilities@7.5.2#NSData+zlib` diff --git a/types-doc/composer-definition.md b/types-doc/composer-definition.md deleted file mode 100644 index fa0c45a..0000000 --- a/types-doc/composer-definition.md +++ /dev/null @@ -1,38 +0,0 @@ - - -# PURL Type Definition: composer - -- **Type Name:** Composer -- **Description:** Composer PHP packages -- **Schema ID:** `https://packageurl.org/types/composer-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:composer//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://packagist.org - -## Namespace definition - -- **Requirement:** Required -- **Native Label:** vendor -- **Note:** `The namespace is the vendor. The namespace is not case sensitive and must be lowercased.` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is not case sensitive and must be lowercased. Private, local packages may have no name. In this case you cannot create a purl for these.` - -## Version definition - -- **Native Label:** version - -## Examples - -- `pkg:composer/laravel/laravel@5.5.0` diff --git a/types-doc/conan-definition.md b/types-doc/conan-definition.md deleted file mode 100644 index 8db0891..0000000 --- a/types-doc/conan-definition.md +++ /dev/null @@ -1,54 +0,0 @@ - - -# PURL Type Definition: conan - -- **Type Name:** Conan C/C++ packages -- **Description:** Conan C/C++ packages. The purl is designed to closely resemble the Conan-native /@/ syntax for package references as specified in https://docs.conan.io/en/1.46/cheatsheet.html#package-terminology -- **Schema ID:** `https://packageurl.org/types/conan-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:conan//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://center.conan.io - -## Namespace definition - -- **Requirement:** Optional -- **Native Label:** vendor -- **Note:** `The vendor of the package.` - -## Name definition - -- **Native Label:** package-name -- **Note:** `The Conan .` - -## Version definition - -- **Native Label:** package-version -- **Note:** `The Conan .` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| user | Optional | user | | The Conan . Only required if the Conan package was published with . | -| channel | Optional | channel | | The Conan . Only required if the Conan package was published with Conan . | -| rrev | Optional | recipe revision | | The Conan recipe revision (optional). If omitted, the purl refers to the latest recipe revision available for the given version. | -| prev | Optional | package revision | | The Conan package revision (optional). If omitted, the purl refers to the latest package revision available for the given version and recipe revision. | - -## Examples - -- `pkg:conan/openssl@3.0.3` -- `pkg:conan/openssl.org/openssl@3.0.3?user=bincrafters&channel=stable` -- `pkg:conan/openssl.org/openssl@3.0.3?arch=x86_64&build_type=Debug&compiler=Visual%20Studio&compiler.runtime=MDd&compiler.version=16&os=Windows&shared=True&rrev=93a82349c31917d2d674d22065c7a9ef9f380c8e&prev=b429db8a0e324114c25ec387bfd8281f330d7c5c` - -## Note - -Additional qualifiers can be used to distinguish Conan packages with different settings or options, e.g. os=Linux, build_type=Debug or shared=True. If no additional qualifiers are used to distinguish Conan packages build with different settings or options, then the purl is ambiguous and it is up to the user to work out which package is being referred to (e.g. with context information). diff --git a/types-doc/conda-definition.md b/types-doc/conda-definition.md deleted file mode 100644 index 33716d2..0000000 --- a/types-doc/conda-definition.md +++ /dev/null @@ -1,47 +0,0 @@ - - -# PURL Type Definition: conda - -- **Type Name:** Conda -- **Description:** conda is for Conda packages -- **Schema ID:** `https://packageurl.org/types/conda-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:conda/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://repo.anaconda.com - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namspace` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is the package name.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is the package version.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| build | Optional | | | the build string. | -| channel | Optional | | | the package stored location. | -| subdir | Optional | | | the associated platform. | -| type | Optional | | | package type. | - -## Examples - -- `pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2` diff --git a/types-doc/cpan-definition.md b/types-doc/cpan-definition.md deleted file mode 100644 index ae7dbd2..0000000 --- a/types-doc/cpan-definition.md +++ /dev/null @@ -1,56 +0,0 @@ - - -# PURL Type Definition: cpan - -- **Type Name:** CPAN -- **Description:** CPAN Perl packages -- **Schema ID:** `https://packageurl.org/types/cpan-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:cpan//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://www.cpan.org/ - -## Namespace definition - -- **Requirement:** Optional -- **Note:** `- To refer to a CPAN distribution name, the namespace MUST be present. In this case, the namespace is the CPAN id of the author/publisher. It MUST be written uppercase, followed by the distribution name in the name component. A distribution name MUST NOT contain the string ::. -- To refer to a CPAN module, the namespace MUST be absent. The module name MAY contain zero or more :: strings, and the module name MUST NOT contain a - -` - -## Name definition - -- **Case Sensitive:** Yes -- **Native Label:** module or distribution name -- **Note:** `The name is the module or distribution name and is case sensitive.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is the module or distribution version.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| repository_url | Optional | | | CPAN/MetaCPAN/BackPAN/DarkPAN repository base URL | -| download_url | Optional | | | URL of package or distribution | -| vcs_url | Optional | | | extra URL for a package version control system | -| ext | Optional | | tar.gz | file extension | - -## Examples - -- `pkg:cpan/Perl::Version@1.013` -- `pkg:cpan/DROLSKY/DateTime@1.55` -- `pkg:cpan/DateTime@1.55` -- `pkg:cpan/GDT/URI-PackageURL` -- `pkg:cpan/LWP::UserAgent` -- `pkg:cpan/OALDERS/libwww-perl@6.76` -- `pkg:cpan/URI` diff --git a/types-doc/cran-definition.md b/types-doc/cran-definition.md deleted file mode 100644 index 32742cd..0000000 --- a/types-doc/cran-definition.md +++ /dev/null @@ -1,40 +0,0 @@ - - -# PURL Type Definition: cran - -- **Type Name:** CRAN -- **Description:** CRAN R packages -- **Schema ID:** `https://packageurl.org/types/cran-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:cran/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://cran.r-project.org - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is the package name and is case sensitive, but there cannot be two packages on CRAN with the same name ignoring case.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is the package version.` - -## Examples - -- `pkg:cran/A3@1.0.0` -- `pkg:cran/rJava@1.0-4` -- `pkg:cran/caret@6.0-88` diff --git a/types-doc/deb-definition.md b/types-doc/deb-definition.md deleted file mode 100644 index 6955ce3..0000000 --- a/types-doc/deb-definition.md +++ /dev/null @@ -1,49 +0,0 @@ - - -# PURL Type Definition: deb - -- **Type Name:** Debian package -- **Description:** Debian packages, Debian derivatives, and Ubuntu packages -- **Schema ID:** `https://packageurl.org/types/deb-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:deb//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no default package repository, this should be implied either from the distro qualifiers key or using a base url as a repository_url qualifiers key. - -## Namespace definition - -- **Requirement:** Required -- **Native Label:** vendor -- **Note:** `The namespace is the "vendor" name such as "debian" or "ubuntu". It is not case sensitive and must be lowercased.` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is not case sensitive and must be lowercased.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is the version of the binary (or source) package.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| arch | Optional | | | arch is the qualifiers key for a package architecture. The special value arch=source identifies a Debian source package that usually consists of a Debian Source control file (.dsc) and corresponding upstream and Debian sources. The dpkg-query command can print the name and version of the corresponding source package of a binary package, e.g. dpkg-query -f ${source:Package} ${source:Version} -W | - -## Examples - -- `pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie` -- `pkg:deb/debian/dpkg@1.19.0.4?arch=amd64&distro=stretch` -- `pkg:deb/ubuntu/dpkg@1.19.0.4?arch=amd64` -- `pkg:deb/debian/attr@1:2.4.47-2?arch=source` -- `pkg:deb/debian/attr@1:2.4.47-2%2Bb1?arch=amd64` diff --git a/types-doc/docker-definition.md b/types-doc/docker-definition.md deleted file mode 100644 index 854651c..0000000 --- a/types-doc/docker-definition.md +++ /dev/null @@ -1,38 +0,0 @@ - - -# PURL Type Definition: docker - -- **Type Name:** Docker image -- **Description:** for Docker images -- **Schema ID:** `https://packageurl.org/types/docker-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:docker//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://hub.docker.com - -## Namespace definition - -- **Requirement:** Optional -- **Note:** `The namespace is the registry/user/organization if present.` - -## Name definition - -- **Native Label:** name - -## Version definition - -- **Note:** `The version should be the image id sha256 or a tag. Since tags can be moved, a sha256 image id is preferred.` - -## Examples - -- `pkg:docker/cassandra@latest` -- `pkg:docker/smartentry/debian@dc437cc87d10` -- `pkg:docker/customer/dockerimage@sha256%3A244fd47e07d10?repository_url=gcr.io` diff --git a/types-doc/gem-definition.md b/types-doc/gem-definition.md deleted file mode 100644 index 7cf65bb..0000000 --- a/types-doc/gem-definition.md +++ /dev/null @@ -1,43 +0,0 @@ - - -# PURL Type Definition: gem - -- **Type Name:** RubyGems -- **Description:** RubyGems -- **Schema ID:** `https://packageurl.org/types/generic-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:gem/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://rubygems.org - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `There is no namespace` - -## Name definition - -- **Native Label:** name - -## Version definition - -- **Native Label:** version - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| platform | Optional | platform | ruby | qualifiers key is used to specify an alternative platform. such as java for JRuby. The implied default is ruby for Ruby MRI. | - -## Examples - -- `pkg:gem/ruby-advisory-db-check@0.12.4` -- `pkg:gem/jruby-launcher@1.1.2?platform=java` diff --git a/types-doc/generic-definition.md b/types-doc/generic-definition.md deleted file mode 100644 index 861e285..0000000 --- a/types-doc/generic-definition.md +++ /dev/null @@ -1,45 +0,0 @@ - - -# PURL Type Definition: generic - -- **Type Name:** Generic Package -- **Description:** The generic type is for plain, generic packages that do not fit anywhere else such as for "upstream-from-distro" packages. In particular this is handy for a plain version control repository such as a bare git repo in combination with a vcs_url. -- **Schema ID:** `https://packageurl.org/types/generic-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:generic//@?# - -## Repository Information - -- **Use Repository:** No -- **Note:** There is no default repository. - -## Namespace definition - -- **Requirement:** Optional -- **Note:** `there is no generic namespace definition` - -## Name definition - -- **Note:** `as for other type, the name component is mandatory. In the worst case it can be a file or directory name.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| download_url | Optional | | | A download_url and checksum may be provided in qualifiers or as separate attributes outside of a purl for proper identification and location. | -| checksum | Optional | | | A checksum may be provided in qualifiers or as separate attributes outside of a purl for proper identification and location. | - -## Examples - -- `pkg:generic/openssl@1.1.10g` -- `pkg:generic/openssl@1.1.10g?download_url=https://openssl.org/source/openssl-1.1.0g.tar.gz&checksum=sha256:de4d501267da` -- `pkg:generic/bitwarderl?vcs_url=git%2Bhttps://git.fsfe.org/dxtr/bitwarderl%40cc55108da32` - -## Note - -When possible another or a new purl type should be used instead of using the generic type and eventually contributed back to this specification. Example have been truncated for brevity diff --git a/types-doc/github-definition.md b/types-doc/github-definition.md deleted file mode 100644 index 35a055b..0000000 --- a/types-doc/github-definition.md +++ /dev/null @@ -1,40 +0,0 @@ - - -# PURL Type Definition: github - -- **Type Name:** GitHub -- **Description:** GitHub-based packages -- **Schema ID:** `https://packageurl.org/types/github-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:github//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://github.com - -## Namespace definition - -- **Requirement:** Required -- **Native Label:** user or organization -- **Note:** `The namespace is the user or organization. It is not case sensitive and must be lowercased.` - -## Name definition - -- **Native Label:** repository name -- **Note:** `The name is the repository name. It is not case sensitive and must be lowercased.` - -## Version definition - -- **Native Label:** commit or tag -- **Note:** `The version is a commit or tag.` - -## Examples - -- `pkg:github/package-url/purl-spec@244fd47e07d1004` -- `pkg:github/package-url/purl-spec@244fd47e07d1004#everybody/loves/dogs` diff --git a/types-doc/golang-definition.md b/types-doc/golang-definition.md deleted file mode 100644 index 612e9f9..0000000 --- a/types-doc/golang-definition.md +++ /dev/null @@ -1,46 +0,0 @@ - - -# PURL Type Definition: golang - -- **Type Name:** Go package -- **Description:** Go packages -- **Schema ID:** `https://packageurl.org/types/golang-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:golang//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no default package repository, this is implied in the namespace using the go get command conventions. In practice the go module proxy acts as a public defulat repository. - -## Namespace definition - -- **Requirement:** Required -- **Note:** `The namespace must be lowercased.` - -## Name definition - -- **Note:** `The name must be lowercased.` - -## Version definition - -- **Note:** `The version is often empty when a commit is not specified and should be the commit in most cases when available.` - -## Subpath definition - -- **Note:** `The subpath is used to point to a subpath inside a package.` - -## Examples - -- `pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c` -- `pkg:golang/google.golang.org/genproto#googleapis/api/annotations` -- `pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c#api` - -## Note - -the current definition predates Go modules and has several practical problems, and in particular it is impossible to determine what is a module and what is a package short of having full access to the source code or making an API call to the Go module proxy. diff --git a/types-doc/hackage-definition.md b/types-doc/hackage-definition.md deleted file mode 100644 index 330000f..0000000 --- a/types-doc/hackage-definition.md +++ /dev/null @@ -1,43 +0,0 @@ - - -# PURL Type Definition: hackage - -- **Type Name:** Haskell package -- **Description:** Haskell packages -- **Schema ID:** `https://packageurl.org/types/hackage-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:hackage/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://hackage.haskell.org - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Case Sensitive:** Yes -- **Normalization rules:** - - Apply kebab-case -- **Native Label:** name -- **Note:** `The name is case sensitive and use kebab-case.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is package version.` - -## Examples - -- `pkg:hackage/a50@0.5` -- `pkg:hackage/AC-HalfInteger@1.2.1` -- `pkg:hackage/3d-graphics-examples@0.0.0.2` diff --git a/types-doc/hex-definition.md b/types-doc/hex-definition.md deleted file mode 100644 index 54c8e31..0000000 --- a/types-doc/hex-definition.md +++ /dev/null @@ -1,41 +0,0 @@ - - -# PURL Type Definition: hex - -- **Type Name:** Hex -- **Description:** Hex packages -- **Schema ID:** `https://packageurl.org/types/hex-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:hex//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://repo.hex.pm - -## Namespace definition - -- **Requirement:** Optional -- **Native Label:** organization for private packages -- **Note:** `The namespace is optional; it may be used to specify the organization for private packages on hex.pm. It is not case sensitive and must be lowercased.` - -## Name definition - -- **Native Label:** name -- **Note:** `The name is not case sensitive and must be lowercased.` - -## Version definition - -- **Native Label:** version - -## Examples - -- `pkg:hex/jason@1.1.2` -- `pkg:hex/acme/foo@2.3.` -- `pkg:hex/phoenix_html@2.13.3#priv/static/phoenix_html.js` -- `pkg:hex/bar@1.2.3?repository_url=https://myrepo.example.com` diff --git a/types-doc/huggingface-definition.md b/types-doc/huggingface-definition.md deleted file mode 100644 index a0bb91d..0000000 --- a/types-doc/huggingface-definition.md +++ /dev/null @@ -1,42 +0,0 @@ - - -# PURL Type Definition: huggingface - -- **Type Name:** HuggingFace models -- **Description:** Hugging Face ML models -- **Schema ID:** `https://packageurl.org/types/huggingfaces-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:huggingface//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** The default repository is https://huggingface.co. - -## Namespace definition - -- **Requirement:** Required -- **Case Sensitive:** Yes -- **Native Label:** model repository username or organization -- **Note:** `The namespace is the model repository username or organization, if present. It is case sensitive.` - -## Name definition - -- **Case Sensitive:** Yes -- **Native Label:** model repository name -- **Note:** `The name is the model repository name. It is case sensitive.` - -## Version definition - -- **Native Label:** model revision Git commit hash -- **Note:** `The version is the model revision Git commit hash. It is case insensitive and must be lowercased in the package URL.` - -## Examples - -- `pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027` -- `pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co` diff --git a/types-doc/luarocks-definition.md b/types-doc/luarocks-definition.md deleted file mode 100644 index b56662c..0000000 --- a/types-doc/luarocks-definition.md +++ /dev/null @@ -1,47 +0,0 @@ - - -# PURL Type Definition: luarocks - -- **Type Name:** LuaRocks -- **Description:** Lua packages installed with LuaRocks -- **Schema ID:** `https://packageurl.org/types/luarocks-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:luarocks//@?# - -## Repository Information - -- **Use Repository:** Yes - -## Namespace definition - -- **Requirement:** Optional -- **Native Label:** user manifest -- **Note:** `The user manifest under which the package is registered. If not given, the root manifest is assumed. It is case insensitive, but lowercase is encouraged since namespaces are normalized to ASCII lowercase.` - -## Name definition - -- **Native Label:** name -- **Note:** `The LuaRocks package name. It is case insensitive, but lowercase is encouraged since package names are normalized to ASCII lowercase.` - -## Version definition - -- **Case Sensitive:** Yes -- **Native Label:** full package version, including module version and rockspec revision -- **Note:** `The full LuaRocks package version, including module version and rockspec revision. It is case sensitive, and lowercase must be used to avoid compatibility issues with older LuaRocks versions. The full version number is required to uniquely identify a version.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| repository_url | Optional | | | The LuaRocks rocks server to be used; useful in case a private server is used (optional). If omitted, https://luarocks.org as default server is assumed. | - -## Examples - -- `pkg:luarocks/luasocket@3.1.0-1` -- `pkg:luarocks/hisham/luafilesystem@1.8.0-1` -- `pkg:luarocks/username/packagename@0.1.0-1?repository_url=https://example.com/private_rocks_server/` diff --git a/types-doc/maven-definition.md b/types-doc/maven-definition.md deleted file mode 100644 index 0f803af..0000000 --- a/types-doc/maven-definition.md +++ /dev/null @@ -1,55 +0,0 @@ - - -# PURL Type Definition: maven - -- **Type Name:** Maven -- **Description:** PURL type for Maven JARs and related artifacts. -- **Schema ID:** `https://packageurl.org/types/maven-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:maven//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://repo.maven.apache.org/maven2/ -- **Note:** The Maven Central repository is the public repository for Apache Maven packages. This repository is also mirrored at https://repo1.maven.org/maven2/. Use the standard repository_url qualifier to point to another repository - -## Namespace definition - -- **Requirement:** Required -- **Case Sensitive:** Yes -- **Native Label:** groupId -- **Note:** `The group id is the namespace.` - -## Name definition - -- **Case Sensitive:** Yes -- **Native Label:** artifactId -- **Note:** `The artifact id is the name.` - -## Version definition - -- **Case Sensitive:** Yes -- **Native Label:** version - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| classifier | Optional | classifier | | The maven classifier as defined in the POM documentation. | -| type | Optional | type | jar | The maven type as defined in the POM documentation. Note that Maven uses a concept / coordinate called packaging which does not map directly 1:1 to a file extension. In this use case, we need to construct a link to one of many possible artifacts. Maven itself uses type in a dependency declaration when needed to disambiguate between them. | - -## Examples - -- `pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1` -- `pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom` -- `pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources` -- `pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=zip&classifier=dist` -- `pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x86&type=dll` -- `pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x64&type=dll` -- `pkg:maven/groovy/groovy@1.0?repository_url=https://maven.google.com` diff --git a/types-doc/mlflow-definition.md b/types-doc/mlflow-definition.md deleted file mode 100644 index 0608b6a..0000000 --- a/types-doc/mlflow-definition.md +++ /dev/null @@ -1,45 +0,0 @@ - - -# PURL Type Definition: mlflow - -- **Type Name:** -- **Description:** MLflow ML models (Azure ML, Databricks, etc.) -- **Schema ID:** `https://packageurl.org/types/mlflow-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:mlflow/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** The repository is the MLflow tracking URI. There is no default. Some examples include Azure ML https://.api.azureml.ms/mlflow/v1.0/subscriptions//resourceGroups//providers/Microsoft.MachineLearningServices/workspaces/ and Azure Databricks https://adb-..azuredatabricks.net/api/2.0/mlflow and AWS Databricks https://dbc--.cloud.databricks.com/api/2.0/mlflow and GCP Databricks https://..gcp.databricks.com/api/2.0/mlflow - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Note:** `The name is the model name. Case sensitivity depends on the server implementation, such as for Azure ML, it is case sensitive and must be kept as-is in the package URL; and for Databricks, it is case insensitive and must be lowercased in the package URL.` - -## Version definition - -- **Native Label:** version -- **Note:** `The version is the model version.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| model_uuid | Optional | model_uuid | | model_uuid as defined in the MLflow documentation. | -| run_id | Optional | run_id | | run_id as defined in the MLflow documentation. | - -## Examples - -- `pkg:mlflow/creditfraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace` -- `pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow` diff --git a/types-doc/npm-definition.md b/types-doc/npm-definition.md deleted file mode 100644 index 63c8b63..0000000 --- a/types-doc/npm-definition.md +++ /dev/null @@ -1,42 +0,0 @@ - - -# PURL Type Definition: npm - -- **Type Name:** Node NPM packages -- **Description:** PURL type for npm packages. -- **Schema ID:** `https://packageurl.org/types/npm-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:npm//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://registry.npmjs.org/ -- **Note:** The default repository is the npm Registry at https://registry.npmjs.org - -## Namespace definition - -- **Requirement:** Optional -- **Native Label:** scope -- **Note:** `The namespace is used for the scope of a scoped NPM package. The npm scope @ sign prefix is always percent encoded, as it was in the early days of npm scope.` - -## Name definition - -- **Native Label:** name -- **Note:** `Per the package.json spec, new package 'must not have uppercase letters in the name', therefore the name must be lowercased. The npm name used to be case sensitive in the early days for some old packages.` - -## Version definition - -- **Case Sensitive:** Yes -- **Native Label:** version - -## Examples - -- `pkg:npm/foobar@12.3.1` -- `pkg:npm/%40angular/animation@12.3.1` -- `pkg:npm/mypackage@12.4.5?vcs_url=git://host.com/path/to/repo.git%404345abcd34343` diff --git a/types-doc/nuget-definition.md b/types-doc/nuget-definition.md deleted file mode 100644 index 3a5a964..0000000 --- a/types-doc/nuget-definition.md +++ /dev/null @@ -1,43 +0,0 @@ - - -# PURL Type Definition: nuget - -- **Type Name:** NuGet -- **Description:** NuGet .NET packages -- **Schema ID:** `https://packageurl.org/types/nuget-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:nuget/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://www.nuget.org - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Case Sensitive:** Yes -- **Native Label:** version -- **Note:** `Technically the name is case-perserving, but case-insensitive, and NuGet packages archives are case-perserving, while some NuGet API calls demand to lowercase the package name.` - -## Version definition - -- **Native Label:** version -- **Note:** `The NuGet version is semver-like but may contain more than three segments` - -## Examples - -- `pkg:nuget/EnterpriseLibrary.Common@6.0.1304` - -## Note - -There is no namespace per se even if the common convention is to use dot-separated package names where the first segment is namespace-like. diff --git a/types-doc/oci-definition.md b/types-doc/oci-definition.md deleted file mode 100644 index 47e8b75..0000000 --- a/types-doc/oci-definition.md +++ /dev/null @@ -1,51 +0,0 @@ - - -# PURL Type Definition: oci - -- **Type Name:** OCI image -- **Description:** For artifacts stored in registries that conform to the OCI Distribution Specification https://github.com/opencontainers/distribution-spec including container images built by Docker and others -- **Schema ID:** `https://packageurl.org/types/oci-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:oci/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no canonical package repository for OCI artifacts. Therefore oci purls must be registry agnostic by default. To specify the repository, provide a repository_url value. - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `OCI purls do not contain a namespace, although, repository_url may contain a namespace as part of the physical location of the package.` - -## Name definition - -- **Note:** `The name is not case sensitive and must be lowercased. The name is the last fragment of the repository name. For example if the repository name is library/debian then the name is debian.` - -## Version definition - -- **Note:** `The version is the sha256:hex_encoded_lowercase_digest of the artifact and is required to uniquely identify the artifact.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| arch | Optional | | | key for a package architecture, when relevant. | -| repository_url | Optional | | | A repository URL where the artifact may be found, but not intended as the only location. This value is encouraged to identify a location the content may be fetched. | -| tag | Optional | | | artifact tag that may have been associated with the digest at the time. | - -## Examples - -- `pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=docker.io/library/debian&arch=amd64&tag=latest` -- `pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=ghcr.io/debian&tag=bullseye` -- `pkg:oci/static@sha256%3A244fd47e07d10?repository_url=gcr.io/distroless/static&tag=latest` -- `pkg:oci/hello-wasm@sha256%3A244fd47e07d10?tag=v1` - -## Reference URLs - -- `https://github.com/opencontainers/distribution-spec` diff --git a/types-doc/pub-definition.md b/types-doc/pub-definition.md deleted file mode 100644 index 103d362..0000000 --- a/types-doc/pub-definition.md +++ /dev/null @@ -1,41 +0,0 @@ - - -# PURL Type Definition: pub - -- **Type Name:** Pub -- **Description:** Dart and Flutter pub packages -- **Schema ID:** `https://packageurl.org/types/pub-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:pub/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://pub.dartlang.org - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Permitted Characters:** `^[a-z0-9_]` -- **Normalization rules:** - - Replace non-[a-z] letters, non-[0-9] digits with underscore _ -- **Native Label:** name -- **Note:** `Pub normalizes all package names to be lowercase and using underscores. The only allowed characters are [a-z0-9_]. More information on pub naming and versioning is available in the pubspec documentation https://dart.dev/tools/pub/pubspec` - -## Version definition - -- **Native Label:** version - -## Examples - -- `pkg:pub/characters@1.2.0` -- `pkg:pub/flutter@0.0.0` diff --git a/types-doc/pypi-definition.md b/types-doc/pypi-definition.md deleted file mode 100644 index 1c1745d..0000000 --- a/types-doc/pypi-definition.md +++ /dev/null @@ -1,50 +0,0 @@ - - -# PURL Type Definition: pypi - -- **Type Name:** PyPI -- **Description:** Python packages -- **Schema ID:** `https://packageurl.org/types/pypi-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:pypi/@?# - -## Repository Information - -- **Use Repository:** Yes -- **Default Repository URL:** https://pypi.org -- **Note:** Previously https://pypi.python.org - -## Namespace definition - -- **Requirement:** Prohibited -- **Note:** `there is no namespace` - -## Name definition - -- **Normalization rules:** - - Replace underscore _ with dash - - - Replace dot . with underscore _ when used in distribution (sdist, wheel) names -- **Native Label:** name -- **Note:** `PyPI treats - and _ as the same character and is not case sensitive. Therefore a PyPI package name must be lowercased and underscore _ replaced with a dash -. Note that PyPI itself is preserving the case of package names. When used in distribution and wheel names, the dot . is replaced with an underscore _` - -## Version definition - -- **Native Label:** version - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| file_name | Optional | | | The file_name qualifier selects a particular distribution file (case-sensitive). For naming convention, see the Python Packaging User Guide on source distributions https://packaging.python.org/en/latest/specifications/source-distribution-format/#source-distribution-file-name and on binary distributions https://packaging.python.org/en/latest/specifications/binary-distribution-format/#file-name-convention and the rules for platform compatibility tags https://packaging.python.org/en/latest/specifications/platform-compatibility-tags/ | - -## Examples - -- `pkg:pypi/django@1.11.1` -- `pkg:pypi/django@1.11.1?filename=Django-1.11.1.tar.gz` -- `pkg:pypi/django@1.11.1?filename=Django-1.11.1-py2.py3-none-any.whl` -- `pkg:pypi/django-allauth@12.23` diff --git a/types-doc/qpkg-definition.md b/types-doc/qpkg-definition.md deleted file mode 100644 index 69b678a..0000000 --- a/types-doc/qpkg-definition.md +++ /dev/null @@ -1,34 +0,0 @@ - - -# PURL Type Definition: qpkg - -- **Type Name:** QNX package -- **Description:** QNX packages -- **Schema ID:** `https://packageurl.org/types/qpkg-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:qpkg//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no default package repository, this should be implied either from the namespace or using a repository base URL as repository_url qualifiers key. - -## Namespace definition - -- **Requirement:** Required -- **Native Label:** vendor -- **Note:** `The namespace is the vendor of the package. It is not case sensitive and must be lowercased.` - -## Name definition - -- **Native Label:** name - -## Examples - -- `pkg:qpkg/blackberry/com.qnx.sdp@7.0.0.SGA201702151847` -- `pkg:qpkg/blackberry/com.qnx.qnx710.foo.bar.qux@0.0.4.01449T202205040833L` diff --git a/types-doc/rpm-definition.md b/types-doc/rpm-definition.md deleted file mode 100644 index 2192d43..0000000 --- a/types-doc/rpm-definition.md +++ /dev/null @@ -1,48 +0,0 @@ - - -# PURL Type Definition: rpm - -- **Type Name:** RPM -- **Description:** RPM packages -- **Schema ID:** `https://packageurl.org/types/rpm-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:rpm//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no default package repository, this should be implied either from the distro qualifiers key or using a repository base URL as repository_url qualifiers key. - -## Namespace definition - -- **Requirement:** Required -- **Native Label:** vendor -- **Note:** `The namespace is the vendor such as Fedora or OpenSUSE. It is not case sensitive and must be lowercased.` - -## Name definition - -- **Case Sensitive:** Yes -- **Native Label:** name -- **Note:** `The name is the RPM name and is case sensitive.` - -## Version definition - -- **Native Label:** version-release -- **Note:** `The version is the combined version and release of an RPM.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| epoch | Optional | | | (optional for RPMs) is a qualifier as its not required for unique identification, but when the epoch exists we strongly encourage using it. | -| arch | Optional | | | the qualifiers key for a package architecture. | - -## Examples - -- `pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25` -- `pkg:rpm/centerim@4.22.10-1.el6?arch=i686&epoch=1&distro=fedora-25` diff --git a/types-doc/swid-definition.md b/types-doc/swid-definition.md deleted file mode 100644 index 59800db..0000000 --- a/types-doc/swid-definition.md +++ /dev/null @@ -1,60 +0,0 @@ - - -# PURL Type Definition: swid - -- **Type Name:** Software Identification (SWID) Tag -- **Description:** PURL type for ISO-IEC 19770-2 Software Identification (SWID) tags. -- **Schema ID:** `https://packageurl.org/types/swid-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:swid//@?# - -## Repository Information - -- **Use Repository:** No -- **Note:** There is no default package repository. - -## Namespace definition - -- **Requirement:** Optional -- **Case Sensitive:** Yes -- **Native Label:** softwareCreator -- **Note:** `The namespace is the optional name and regid of the entity with a role of softwareCreator. If specified, name is required and is the first segment in the namespace. If regid is known, it must be specified as the second segment in the namespace. A maximum of two segments are supported.` - -## Name definition - -- **Requirement:** Required -- **Case Sensitive:** Yes -- **Native Label:** SoftwareIdentity/name -- **Note:** `The name is the name as defined in the SWID SoftwareIdentity element.` - -## Version definition - -- **Requirement:** Optional -- **Case Sensitive:** Yes -- **Native Label:** SoftwareIdentity/version -- **Note:** `The version is the version as defined in the SWID SoftwareIdentity element.` - -## Qualifiers Definition - -| Key | Requirement | Native name | Default Value | Description | -|------|-------------|-------------|---------------|-------------| -| tag_id | Required | | | The qualifier tag_id must not be empty and corresponds to the tagId as defined in the SWID SoftwareIdentity element. Per the SWID specification, GUIDs are recommended. If a GUID is used, it must be lowercase. If a GUID is not used, the tag_id qualifier is case aware but not case sensitive. | -| tag_version | Optional | | | The qualifier tag_version is an optional integer and corresponds to the tagVersion as defined in the SWID SoftwareIdentity element. If not specified, defaults to 0. | -| patch | Optional | | | The qualifier patch is optional and corresponds to the patch as defined in the SWID SoftwareIdentity element. If not specified, defaults to false. | -| tag_creator_name | Optional | | | The qualifier tag_creator_name is optional. If the tag creator is different from the software creator, the tag_creator_name qualifier should be specified. | -| tag_creator_regid | Optional | | | The qualifier tag_creator_regid is optional. If the tag creator is different from the software creator, the tag_creator_regid qualifier should be specified. | - -## Examples - -- `pkg:swid/Acme/example.com/Enterprise+Server@1.0.0?tag_id=75b8c285-fa7b-485b-b199-4745e3004d0d` -- `pkg:swid/Fedora@29?tag_id=org.fedoraproject.Fedora-29` -- `pkg:swid/Adobe+Systems+Incorporated/Adobe+InDesign@CC?tag_id=CreativeCloud-CS6-Win-GM-MUL` - -## Note - -Use of known qualifiers key/value pairs such as download_url can be used to specify where the package was retrieved from. diff --git a/types-doc/swift-definition.md b/types-doc/swift-definition.md deleted file mode 100644 index 4d67dbc..0000000 --- a/types-doc/swift-definition.md +++ /dev/null @@ -1,40 +0,0 @@ - - -# PURL Type Definition: swift - -- **Type Name:** Swift packages -- **Description:** Swift packages -- **Schema ID:** `https://packageurl.org/types/swift-definition.json` - -## PURL Syntax - -The structure of a PURL for this package type is: - - pkg:swift//@?# - -## Repository Information - -- **Use Repository:** Yes -- **Note:** There is no default package repository, this should be implied from namespace. - -## Namespace definition - -- **Requirement:** Required -- **Case Sensitive:** Yes -- **Note:** `The namespace is source host and user/organization and is required.` - -## Name definition - -- **Case Sensitive:** Yes -- **Native Label:** repository name - -## Version definition - -- **Case Sensitive:** Yes -- **Native Label:** package version - -## Examples - -- `pkg:swift/github.com/Alamofire/Alamofire@5.4.3` -- `pkg:swift/github.com/RxSwiftCommunity/RxFlow@2.12.4` diff --git a/types/README.md b/types/README.md deleted file mode 100644 index 1ea0836..0000000 --- a/types/README.md +++ /dev/null @@ -1,41 +0,0 @@ -### PURL Type Definitions - -This directory contains the machine-readable definitions of all registered Package-URL (PURL) types, -one JSON file for each type. These JSON files serve as the reference for PURL type specifications. - -## Contents - -- **index.json**: The index of all registered PURL types as a simple list of types. -- Definitions: **-definition.json**: The definition for a specific PURL type (e.g., - maven-definition.json, npm-definition.json). -- Tests: **-test.json**: The test suite for a specific PURL type. - -## Definitions - -Each JSON file named *-definition.json in this directory follows the standard PURL Type Definition -Schema, ensuring: - -- Consistency across all PURL types. -- Machine-readability for validation and automation. -- Standardized structure defining namespace, name, version, qualifiers, subpath, and repository behavior. - -## Tests - -Each JSON file named *-test.json in this directory follows the standard PURL Test Schema, ensuring: - -- Consistency across all PURL types tests -- Machine-readability for automation such that tools can all use the same tests. -- Two levels (aka. groups) of tests: one for the base conformance to the PURL spec and one for - advanced processing including flexible, recovering parsing of invalid PURL. - - -## Usage - -- These JSON files are the the authoritative source for defining, validating and tesing PURL types. -- They should be referenced by tools, libraries, and documentation generators. - -## Contributions - -- Modifications must be made to these JSON files directly. -- The type definitions, tests and index and validated for consistency on commit. -- Documentation files are generated from these JSON files. diff --git a/types/alpm-definition.json b/types/alpm-definition.json deleted file mode 100644 index 97ac24b..0000000 --- a/types/alpm-definition.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/github-definition.json", - "type": "alpm", - "type_name": "Arch Linux package", - "description": "Arch Linux packages and other users of the libalpm/pacman package manager.", - "repository": { - "use_repository": true, - "note": "There is no default package repository; this should be implied either from the distro qualifiers key or using a repository base url as repository_url qualifiers key." - }, - "namespace_definition": { - "requirement": "required", - "note": "The namespace is the vendor such as arch, arch32, archarm, manjaro or msys.", - "case_sensitive": false, - "native_name": "vendor", - "normalization_rules": [ - "It is not case sensitive and must be lowercased." - ] - }, - "name_definition": { - "note": "The name is the package name. It is not case sensitive and must be lowercased.", - "case_sensitive": false, - "native_name": "name" - }, - "version_definition": { - "native_name": "version", - "note": "The version is the version of the package as specified in vercmp(8) at (https://man.archlinux.org/man/vercmp.8#DESCRIPTION as part of alpm.", - "case_sensitive": true, - "normalization_rules": [ - "normalize version as specified in vercmp(8) at https://man.archlinux.org/man/vercmp.8#DESCRIPTION as part of alpm." - ] - }, - "qualifiers_definition": [ - { - "key": "arch", - "requirement": "optional", - "native_name": "arch", - "description": "The arch is the qualifiers key for a package architecture." - } - ], - "examples": [ - "pkg:alpm/arch/pacman@6.0.1-1?arch=x86_64", - "pkg:alpm/arch/python-pip@21.0-1?arch=any", - "pkg:alpm/arch/containers-common@1:0.47.4-4?arch=x86_64" - ] -} diff --git a/types/apk-definition.json b/types/apk-definition.json deleted file mode 100644 index c05b3a3..0000000 --- a/types/apk-definition.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/bitbucket-definition.json", - "type": "apk", - "type_name": "APK-based packages", - "description": "Alpine Linux APK-based packages", - "repository": { - "use_repository": true, - "note": "There is no default package repository; this should be implied either from the distro qualifiers key or using a repository base url as repository_url qualifiers key." - }, - "namespace_definition": { - "requirement": "required", - "note": "The namespace is the vendor such as alpine or openwrt. It is not case sensitive and must be lowercased.", - "native_name": "vendor", - "case_sensitive": false - }, - "name_definition": { - "note": "The name is the package name. It is not case sensitive and must be lowercased.", - "native_name": "name", - "case_sensitive": false - }, - "version_definition": { - "note": "The version is a package version as expected by apk.", - "native_name": "version" - }, - "qualifiers_definition": [ - { - "key": "arch", - "description": "The arch is the qualifiers key for a package architecture." - } - ], - "examples": [ - "pkg:apk/alpine/curl@7.83.0-r0?arch=x86", - "pkg:apk/alpine/apk@2.12.9-r3?arch=x86" - ], - "note": "not to be confused with Android packages with a .apk extension." -} diff --git a/types/bitbucket-definition.json b/types/bitbucket-definition.json deleted file mode 100644 index b3e9ad0..0000000 --- a/types/bitbucket-definition.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/bitbucket-definition.json", - "type": "bitbucket", - "type_name": "Bitbucket", - "description": "Bitbucket-based packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://bitbucket.org" - }, - "namespace_definition": { - "requirement": "required", - "note": "The namespace is the user or organization. It is not case sensitive and must be lowercased.", - "native_name": "user or organization", - "is_case_sensitve": false - }, - "name_definition": { - "note": "The name is the repository name. It is not case sensitive and must be lowercased.", - "native_name": "repository name", - "is_case_sensitve": false - }, - "version_definition": { - "note": "The version is a commit or tag.", - "native_name": "commit or tag" - }, - "examples": [ - "pkg:bitbucket/birkenfeld/pygments-main@244fd47e07d1014f0aed9c" - ] -} diff --git a/types/bitnami-definition.json b/types/bitnami-definition.json deleted file mode 100644 index 5409706..0000000 --- a/types/bitnami-definition.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/bitname-definition.json", - "type": "bitnami", - "type_name": "Bitnami", - "description": "Bitnami-based packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://downloads.bitnami.com/files/stacksmith" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "note": "The name is the component name. It must be lowercased.", - "case_sensitive": false, - "native_name": "name" - }, - "version_definition": { - "native_name": "full package version, including version and revision", - "note": "The version is the full Bitnami package version, including version and revision." - }, - "qualifiers_definition": [ - { - "key": "arch", - "description": "The arch is the qualifiers key for a package architecture. Available values are amd64 (default) and arm64.", - "default_value": "amd64" - }, - { - "key": "distro", - "description": "The distro is the qualifiers key for the distribution associated to the package." - } - ], - "examples": [ - "pkg:bitnami/wordpress?distro=debian-12", - "pkg:bitnami/wordpress@6.2.0?distro=debian-12", - "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=debian-12", - "pkg:bitnami/wordpress@6.2.0?arch=arm64&distro=photon-4" - ] -} diff --git a/types/cargo-definition.json b/types/cargo-definition.json deleted file mode 100644 index a862b1f..0000000 --- a/types/cargo-definition.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/cargo-definition.json", - "type": "cargo", - "type_name": "Cargo", - "description": "Cargo packages for Rust", - "repository": { - "use_repository": true, - "default_repository_url": "https://crates.io/" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "native_name": "name", - "is_case_sensitve": true, - "note": "The name is the repository name." - }, - "version_definition": { - "native_name": "version", - "note": "The version is the package version." - }, - "examples": [ - "pkg:cargo/rand@0.7.2", - "pkg:cargo/clap@2.33.0", - "pkg:cargo/structopt@0.3.11" - ] -} diff --git a/types/cocoapods-definition.json b/types/cocoapods-definition.json deleted file mode 100644 index 99ddc22..0000000 --- a/types/cocoapods-definition.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/cocoapods-definition.json", - "type": "cocoapods", - "type_name": "CocoaPods", - "description": "CocoaPods pods", - "repository": { - "use_repository": true, - "default_repository_url": "https://cdn.cocoapods.org/" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "case_sensitive": true, - "native_name": "pod name", - "note": "The name is the pod name and is case sensitive, cannot contain whitespace, a plus (+) character, or begin with a period (.)." - }, - "version_definition": { - "native_name": "package version", - "note": "The version is the package version." - }, - "subpath_definition": { - "note": "The purl subpath is used to represent a pods subspec (if present)." - }, - "examples": [ - "pkg:cocoapods/AFNetworking@4.0.1", - "pkg:cocoapods/MapsIndoors@3.24.0", - "pkg:cocoapods/ShareKit@2.0#Twitter", - "pkg:cocoapods/GoogleUtilities@7.5.2#NSData+zlib" - ] -} diff --git a/types/composer-definition.json b/types/composer-definition.json deleted file mode 100644 index 7ea05b9..0000000 --- a/types/composer-definition.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/composer-definition.json", - "type": "composer", - "type_name": "Composer", - "description": "Composer PHP packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://packagist.org" - }, - "namespace_definition": { - "requirement": "required", - "case_sensitive": false, - "native_name": "vendor", - "note": "The namespace is the vendor. The namespace is not case sensitive and must be lowercased." - }, - "name_definition": { - "case_sensitive": false, - "native_name": "name", - "note": "The name is not case sensitive and must be lowercased. Private, local packages may have no name. In this case you cannot create a purl for these." - }, - "version_definition": { - "native_name": "version" - }, - "examples": [ - "pkg:composer/laravel/laravel@5.5.0" - ] -} diff --git a/types/conan-definition.json b/types/conan-definition.json deleted file mode 100644 index 0060479..0000000 --- a/types/conan-definition.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/conan-definition.json", - "type": "conan", - "type_name": "Conan C/C++ packages", - "description": "Conan C/C++ packages. The purl is designed to closely resemble the Conan-native /@/ syntax for package references as specified in https://docs.conan.io/en/1.46/cheatsheet.html#package-terminology", - "repository": { - "use_repository": true, - "default_repository_url": "https://center.conan.io" - }, - "namespace_definition": { - "requirement": "optional", - "native_name": "vendor", - "note": "The vendor of the package." - }, - "name_definition": { - "native_name": "package-name", - "note": "The Conan ." - }, - "version_definition": { - "native_name": "package-version", - "note": "The Conan ." - }, - "qualifiers_definition": [ - { - "key": "user", - "native_name": "user", - "requirement": "optional", - "description": "The Conan . Only required if the Conan package was published with ." - }, - { - "key": "channel", - "native_name": "channel", - "requirement": "optional", - "description": "The Conan . Only required if the Conan package was published with Conan ." - }, - { - "key": "rrev", - "native_name": "recipe revision", - "requirement": "optional", - "description": "The Conan recipe revision (optional). If omitted, the purl refers to the latest recipe revision available for the given version." - }, - { - "key": "prev", - "native_name": "package revision", - "requirement": "optional", - "description": "The Conan package revision (optional). If omitted, the purl refers to the latest package revision available for the given version and recipe revision." - } - ], - "note": "Additional qualifiers can be used to distinguish Conan packages with different settings or options, e.g. os=Linux, build_type=Debug or shared=True. If no additional qualifiers are used to distinguish Conan packages build with different settings or options, then the purl is ambiguous and it is up to the user to work out which package is being referred to (e.g. with context information).", - "examples": [ - "pkg:conan/openssl@3.0.3", - "pkg:conan/openssl.org/openssl@3.0.3?user=bincrafters&channel=stable", - "pkg:conan/openssl.org/openssl@3.0.3?arch=x86_64&build_type=Debug&compiler=Visual%20Studio&compiler.runtime=MDd&compiler.version=16&os=Windows&shared=True&rrev=93a82349c31917d2d674d22065c7a9ef9f380c8e&prev=b429db8a0e324114c25ec387bfd8281f330d7c5c" - ] -} diff --git a/types/conda-definition.json b/types/conda-definition.json deleted file mode 100644 index 202da1d..0000000 --- a/types/conda-definition.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/conda-definition.json", - "type": "conda", - "type_name": "Conda", - "description": "conda is for Conda packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://repo.anaconda.com" - }, - "namespace_definition": { - "note": "there is no namspace", - "requirement": "prohibited" - }, - "name_definition": { - "native_name": "name", - "note": "The name is the package name." - }, - "version_definition": { - "native_name": "version", - "note": "The version is the package version." - }, - "qualifiers_definition": [ - { - "key": "build", - "description": "the build string." - }, - { - "key": "channel", - "description": "the package stored location." - }, - { - "key": "subdir", - "description": "the associated platform." - }, - { - "key": "type", - "description": "package type." - } - ], - "examples": [ - "pkg:conda/absl-py@0.4.1?build=py36h06a4308_0&channel=main&subdir=linux-64&type=tar.bz2" - ] -} diff --git a/types/cpan-definition.json b/types/cpan-definition.json deleted file mode 100644 index d82113d..0000000 --- a/types/cpan-definition.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/cpan-definition.json", - "type": "cpan", - "type_name": "CPAN", - "description": "CPAN Perl packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://www.cpan.org/" - }, - "namespace_definition": { - "requirement": "optional", - "note": "- To refer to a CPAN distribution name, the namespace MUST be present. In this case, the namespace is the CPAN id of the author/publisher. It MUST be written uppercase, followed by the distribution name in the name component. A distribution name MUST NOT contain the string ::.\n- To refer to a CPAN module, the namespace MUST be absent. The module name MAY contain zero or more :: strings, and the module name MUST NOT contain a -\n" - }, - "name_definition": { - "case_sensitive": true, - "native_name": "module or distribution name", - "note": "The name is the module or distribution name and is case sensitive." - }, - "version_definition": { - "note": "The version is the module or distribution version.", - "native_name": "version" - }, - "qualifiers_definition": [ - { - "key": "repository_url", - "description": "CPAN/MetaCPAN/BackPAN/DarkPAN repository base URL" - }, - { - "key": "download_url", - "description": "URL of package or distribution" - }, - { - "key": "vcs_url", - "description": "extra URL for a package version control system" - }, - { - "key": "ext", - "description": "file extension", - "default_value": "tar.gz" - } - ], - "examples": [ - "pkg:cpan/Perl::Version@1.013", - "pkg:cpan/DROLSKY/DateTime@1.55", - "pkg:cpan/DateTime@1.55", - "pkg:cpan/GDT/URI-PackageURL", - "pkg:cpan/LWP::UserAgent", - "pkg:cpan/OALDERS/libwww-perl@6.76", - "pkg:cpan/URI" - ] -} diff --git a/types/cran-definition.json b/types/cran-definition.json deleted file mode 100644 index 828fcc1..0000000 --- a/types/cran-definition.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/cran-definition.json", - "type": "cran", - "type_name": "CRAN", - "description": "CRAN R packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://cran.r-project.org" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "native_name": "name", - "is_case_sensitve": true, - "note": "The name is the package name and is case sensitive, but there cannot be two packages on CRAN with the same name ignoring case." - }, - "version_definition": { - "native_name": "version", - "note": "The version is the package version." - }, - "examples": [ - "pkg:cran/A3@1.0.0", - "pkg:cran/rJava@1.0-4", - "pkg:cran/caret@6.0-88" - ] -} diff --git a/types/deb-definition.json b/types/deb-definition.json deleted file mode 100644 index 75ee570..0000000 --- a/types/deb-definition.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/deb-definition.json", - "type": "deb", - "type_name": "Debian package", - "description": "Debian packages, Debian derivatives, and Ubuntu packages", - "repository": { - "use_repository": true, - "note": "There is no default package repository, this should be implied either from the distro qualifiers key or using a base url as a repository_url qualifiers key." - }, - "namespace_definition": { - "native_name": "vendor", - "is_case_sensitve": false, - "note": "The namespace is the \"vendor\" name such as \"debian\" or \"ubuntu\". It is not case sensitive and must be lowercased.", - "requirement": "required" - }, - "name_definition": { - "native_name": "name", - "is_case_sensitve": false, - "note": "The name is not case sensitive and must be lowercased." - }, - "version_definition": { - "native_name": "version", - "note": "The version is the version of the binary (or source) package." - }, - "qualifiers_definition": [ - { - "key": "arch", - "description": "arch is the qualifiers key for a package architecture. The special value arch=source identifies a Debian source package that usually consists of a Debian Source control file (.dsc) and corresponding upstream and Debian sources. The dpkg-query command can print the name and version of the corresponding source package of a binary package, e.g. dpkg-query -f ${source:Package} ${source:Version} -W " - } - ], - "examples": [ - "pkg:deb/debian/curl@7.50.3-1?arch=i386&distro=jessie", - "pkg:deb/debian/dpkg@1.19.0.4?arch=amd64&distro=stretch", - "pkg:deb/ubuntu/dpkg@1.19.0.4?arch=amd64", - "pkg:deb/debian/attr@1:2.4.47-2?arch=source", - "pkg:deb/debian/attr@1:2.4.47-2%2Bb1?arch=amd64" - ] -} diff --git a/types/docker-definition.json b/types/docker-definition.json deleted file mode 100644 index 0c19d59..0000000 --- a/types/docker-definition.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/docker-definition.json", - "type": "docker", - "type_name": "Docker image", - "description": "for Docker images", - "repository": { - "use_repository": true, - "default_repository_url": "https://hub.docker.com" - }, - "namespace_definition": { - "note": "The namespace is the registry/user/organization if present.", - "requirement": "optional" - }, - "name_definition": { - "native_name": "name" - }, - "version_definition": { - "note": "The version should be the image id sha256 or a tag. Since tags can be moved, a sha256 image id is preferred." - }, - "examples": [ - "pkg:docker/cassandra@latest", - "pkg:docker/smartentry/debian@dc437cc87d10", - "pkg:docker/customer/dockerimage@sha256%3A244fd47e07d10?repository_url=gcr.io" - ] -} diff --git a/types/gem-definition.json b/types/gem-definition.json deleted file mode 100644 index 23c6eb6..0000000 --- a/types/gem-definition.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/generic-definition.json", - "type": "gem", - "type_name": "RubyGems", - "description": "RubyGems", - "repository": { - "use_repository": true, - "default_repository_url": "https://rubygems.org" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "There is no namespace" - }, - "name_definition": { - "native_name": "name" - }, - "version_definition": { - "native_name": "version" - }, - "qualifiers_definition": [ - { - "key": "platform", - "native_name": "platform", - "requirement": "optional", - "default_value": "ruby", - "description": "qualifiers key is used to specify an alternative platform. such as java for JRuby. The implied default is ruby for Ruby MRI." - } - ], - "examples": [ - "pkg:gem/ruby-advisory-db-check@0.12.4", - "pkg:gem/jruby-launcher@1.1.2?platform=java" - ] -} diff --git a/types/generic-definition.json b/types/generic-definition.json deleted file mode 100644 index 6e0a5be..0000000 --- a/types/generic-definition.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/generic-definition.json", - "type": "generic", - "type_name": "Generic Package", - "description": "The generic type is for plain, generic packages that do not fit anywhere else such as for \"upstream-from-distro\" packages. In particular this is handy for a plain version control repository such as a bare git repo in combination with a vcs_url.", - "repository": { - "use_repository": false, - "note": "There is no default repository." - }, - "namespace_definition": { - "requirement": "optional", - "note": "there is no generic namespace definition" - }, - "name_definition": { - "note": "as for other type, the name component is mandatory. In the worst case it can be a file or directory name." - }, - "qualifiers_definition": [ - { - "key": "download_url", - "description": "A download_url and checksum may be provided in qualifiers or as separate attributes outside of a purl for proper identification and location." - }, - { - "key": "checksum", - "description": "A checksum may be provided in qualifiers or as separate attributes outside of a purl for proper identification and location." - } - ], - "note": "When possible another or a new purl type should be used instead of using the generic type and eventually contributed back to this specification. Example have been truncated for brevity", - "examples": [ - "pkg:generic/openssl@1.1.10g", - "pkg:generic/openssl@1.1.10g?download_url=https://openssl.org/source/openssl-1.1.0g.tar.gz&checksum=sha256:de4d501267da", - "pkg:generic/bitwarderl?vcs_url=git%2Bhttps://git.fsfe.org/dxtr/bitwarderl%40cc55108da32" - ] -} diff --git a/types/github-definition.json b/types/github-definition.json deleted file mode 100644 index 1dd6a43..0000000 --- a/types/github-definition.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/github-definition.json", - "type": "github", - "type_name": "GitHub", - "description": "GitHub-based packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://github.com" - }, - "namespace_definition": { - "requirement": "required", - "case_sensitive": false, - "native_name": "user or organization", - "note": "The namespace is the user or organization. It is not case sensitive and must be lowercased." - }, - "name_definition": { - "case_sensitive": false, - "native_name": "repository name", - "note": "The name is the repository name. It is not case sensitive and must be lowercased." - }, - "version_definition": { - "native_name": "commit or tag", - "note": "The version is a commit or tag." - }, - "examples": [ - "pkg:github/package-url/purl-spec@244fd47e07d1004", - "pkg:github/package-url/purl-spec@244fd47e07d1004#everybody/loves/dogs" - ] -} diff --git a/types/golang-definition.json b/types/golang-definition.json deleted file mode 100644 index a5c4fd5..0000000 --- a/types/golang-definition.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/golang-definition.json", - "type": "golang", - "type_name": "Go package", - "description": "Go packages", - "repository": { - "use_repository": true, - "note": "There is no default package repository, this is implied in the namespace using the go get command conventions. In practice the go module proxy acts as a public defulat repository." - }, - "namespace_definition": { - "requirement": "required", - "case_sensitive": false, - "note": "The namespace must be lowercased." - }, - "name_definition": { - "case_sensitive": false, - "note": "The name must be lowercased." - }, - "subpath_definition": { - "note": "The subpath is used to point to a subpath inside a package." - }, - "note": "the current definition predates Go modules and has several practical problems, and in particular it is impossible to determine what is a module and what is a package short of having full access to the source code or making an API call to the Go module proxy.", - "version_definition": { - "note": "The version is often empty when a commit is not specified and should be the commit in most cases when available." - }, - "examples": [ - "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c", - "pkg:golang/google.golang.org/genproto#googleapis/api/annotations", - "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c#api" - ] -} diff --git a/types/hackage-definition.json b/types/hackage-definition.json deleted file mode 100644 index 1556b69..0000000 --- a/types/hackage-definition.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/hackage-definition.json", - "type": "hackage", - "type_name": "Haskell package", - "description": "Haskell packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://hackage.haskell.org" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "case_sensitive": true, - "native_name": "name", - "normalization_rules": [ - "Apply kebab-case" - ], - "note": "The name is case sensitive and use kebab-case." - }, - "version_definition": { - "native_name": "version", - "note": "The version is package version." - }, - "examples": [ - "pkg:hackage/a50@0.5", - "pkg:hackage/AC-HalfInteger@1.2.1", - "pkg:hackage/3d-graphics-examples@0.0.0.2" - ] -} diff --git a/types/hex-definition.json b/types/hex-definition.json deleted file mode 100644 index 21b2f7c..0000000 --- a/types/hex-definition.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/hex-definition.json", - "type": "hex", - "type_name": "Hex", - "description": "Hex packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://repo.hex.pm" - }, - "namespace_definition": { - "requirement": "optional", - "case_sensitive": false, - "native_name": "organization for private packages", - "note": "The namespace is optional; it may be used to specify the organization for private packages on hex.pm. It is not case sensitive and must be lowercased." - }, - "name_definition": { - "case_sensitive": false, - "native_name": "name", - "note": "The name is not case sensitive and must be lowercased." - }, - "version_definition": { - "native_name": "version" - }, - "examples": [ - "pkg:hex/jason@1.1.2", - "pkg:hex/acme/foo@2.3.", - "pkg:hex/phoenix_html@2.13.3#priv/static/phoenix_html.js", - "pkg:hex/bar@1.2.3?repository_url=https://myrepo.example.com" - ] -} diff --git a/types/huggingface-definition.json b/types/huggingface-definition.json deleted file mode 100644 index 256fd86..0000000 --- a/types/huggingface-definition.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/huggingfaces-definition.json", - "type": "huggingface", - "type_name": "HuggingFace models", - "description": "Hugging Face ML models", - "repository": { - "use_repository": true, - "note": "The default repository is https://huggingface.co." - }, - "namespace_definition": { - "requirement": "required", - "case_sensitive": true, - "native_name": "model repository username or organization", - "note": "The namespace is the model repository username or organization, if present. It is case sensitive." - }, - "name_definition": { - "case_sensitive": true, - "native_name": "model repository name", - "note": "The name is the model repository name. It is case sensitive." - }, - "version_definition": { - "case_sensitive": false, - "native_name": "model revision Git commit hash", - "note": "The version is the model revision Git commit hash. It is case insensitive and must be lowercased in the package URL." - }, - "examples": [ - "pkg:huggingface/distilbert-base-uncased@043235d6088ecd3dd5fb5ca3592b6913fd516027", - "pkg:huggingface/microsoft/deberta-v3-base@559062ad13d311b87b2c455e67dcd5f1c8f65111?repository_url=https://hub-ci.huggingface.co" - ] -} diff --git a/types/luarocks-definition.json b/types/luarocks-definition.json deleted file mode 100644 index 1132e33..0000000 --- a/types/luarocks-definition.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/luarocks-definition.json", - "type": "luarocks", - "type_name": "LuaRocks", - "description": "Lua packages installed with LuaRocks", - "repository": { - "use_repository": true - }, - "namespace_definition": { - "case_sensitive": false, - "native_name": "user manifest", - "note": "The user manifest under which the package is registered. If not given, the root manifest is assumed. It is case insensitive, but lowercase is encouraged since namespaces are normalized to ASCII lowercase.", - "requirement": "optional" - }, - "name_definition": { - "case_sensitive": false, - "native_name": "name", - "note": "The LuaRocks package name. It is case insensitive, but lowercase is encouraged since package names are normalized to ASCII lowercase." - }, - "version_definition": { - "case_sensitive": true, - "native_name": "full package version, including module version and rockspec revision", - "note": "The full LuaRocks package version, including module version and rockspec revision. It is case sensitive, and lowercase must be used to avoid compatibility issues with older LuaRocks versions. The full version number is required to uniquely identify a version." - }, - "qualifiers_definition": [ - { - "key": "repository_url", - "description": "The LuaRocks rocks server to be used; useful in case a private server is used (optional). If omitted, https://luarocks.org as default server is assumed." - } - ], - "examples": [ - "pkg:luarocks/luasocket@3.1.0-1", - "pkg:luarocks/hisham/luafilesystem@1.8.0-1", - "pkg:luarocks/username/packagename@0.1.0-1?repository_url=https://example.com/private_rocks_server/" - ] -} diff --git a/types/maven-definition.json b/types/maven-definition.json deleted file mode 100644 index e4acbcf..0000000 --- a/types/maven-definition.json +++ /dev/null @@ -1,51 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/maven-definition.json", - "type": "maven", - "type_name": "Maven", - "description": "PURL type for Maven JARs and related artifacts.", - "repository": { - "use_repository": true, - "default_repository_url": "https://repo.maven.apache.org/maven2/", - "note": "The Maven Central repository is the public repository for Apache Maven packages. This repository is also mirrored at https://repo1.maven.org/maven2/. Use the standard repository_url qualifier to point to another repository" - }, - "namespace_definition": { - "requirement": "required", - "case_sensitive": true, - "native_name": "groupId", - "note": "The group id is the namespace." - }, - "name_definition": { - "case_sensitive": true, - "native_name": "artifactId", - "note": "The artifact id is the name." - }, - "version_definition": { - "case_sensitive": true, - "native_name": "version" - }, - "qualifiers_definition": [ - { - "key": "classifier", - "requirement": "optional", - "description": "The maven classifier as defined in the POM documentation.", - "native_name": "classifier" - }, - { - "key": "type", - "requirement": "optional", - "description": "The maven type as defined in the POM documentation. Note that Maven uses a concept / coordinate called packaging which does not map directly 1:1 to a file extension. In this use case, we need to construct a link to one of many possible artifacts. Maven itself uses type in a dependency declaration when needed to disambiguate between them.", - "native_name": "type", - "default_value": "jar" - } - ], - "examples": [ - "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1", - "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=pom", - "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?classifier=sources", - "pkg:maven/org.apache.xmlgraphics/batik-anim@1.9.1?type=zip&classifier=dist", - "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x86&type=dll", - "pkg:maven/net.sf.jacob-projec/jacob@1.14.3?classifier=x64&type=dll", - "pkg:maven/groovy/groovy@1.0?repository_url=https://maven.google.com" - ] -} diff --git a/types/mlflow-definition.json b/types/mlflow-definition.json deleted file mode 100644 index 7cd6548..0000000 --- a/types/mlflow-definition.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/mlflow-definition.json", - "type": "mlflow", - "type_name": "", - "description": "MLflow ML models (Azure ML, Databricks, etc.)", - "repository": { - "use_repository": true, - "note": "The repository is the MLflow tracking URI. There is no default. Some examples include Azure ML https://.api.azureml.ms/mlflow/v1.0/subscriptions//resourceGroups//providers/Microsoft.MachineLearningServices/workspaces/ and Azure Databricks https://adb-..azuredatabricks.net/api/2.0/mlflow and AWS Databricks https://dbc--.cloud.databricks.com/api/2.0/mlflow and GCP Databricks https://..gcp.databricks.com/api/2.0/mlflow" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "note": "The name is the model name. Case sensitivity depends on the server implementation, such as for Azure ML, it is case sensitive and must be kept as-is in the package URL; and for Databricks, it is case insensitive and must be lowercased in the package URL." - }, - "version_definition": { - "native_name": "version", - "note": "The version is the model version." - }, - "qualifiers_definition": [ - { - "key": "model_uuid", - "native_name": "model_uuid", - "description": "model_uuid as defined in the MLflow documentation." - }, - { - "key": "run_id", - "native_name": "run_id", - "description": "run_id as defined in the MLflow documentation." - } - ], - "examples": [ - "pkg:mlflow/creditfraud@3?repository_url=https://westus2.api.azureml.ms/mlflow/v1.0/subscriptions/a50f2011-fab8-4164-af23-c62881ef8c95/resourceGroups/TestResourceGroup/providers/Microsoft.MachineLearningServices/workspaces/TestWorkspace", - "pkg:mlflow/trafficsigns@10?model_uuid=36233173b22f4c89b451f1228d700d49&run_id=410a3121-2709-4f88-98dd-dba0ef056b0a&repository_url=https://adb-5245952564735461.0.azuredatabricks.net/api/2.0/mlflow" - ] -} diff --git a/types/npm-definition.json b/types/npm-definition.json deleted file mode 100644 index 0bf4c9c..0000000 --- a/types/npm-definition.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type.schema-1.0.json", - "$id": "https://packageurl.org/types/npm-definition.json", - "type": "npm", - "type_name": "Node NPM packages", - "description": "PURL type for npm packages.", - "repository": { - "use_repository": true, - "default_repository_url": "https://registry.npmjs.org/", - "note": "The default repository is the npm Registry at https://registry.npmjs.org" - }, - "namespace_definition": { - "requirement": "optional", - "case_sensitive": false, - "native_name": "scope", - "note": "The namespace is used for the scope of a scoped NPM package. The npm scope @ sign prefix is always percent encoded, as it was in the early days of npm scope." - }, - "name_definition": { - "case_sensitive": false, - "native_name": "name", - "note": "Per the package.json spec, new package 'must not have uppercase letters in the name', therefore the name must be lowercased. The npm name used to be case sensitive in the early days for some old packages." - }, - "version_definition": { - "case_sensitive": true, - "native_name": "version" - }, - "examples": [ - "pkg:npm/foobar@12.3.1", - "pkg:npm/%40angular/animation@12.3.1", - "pkg:npm/mypackage@12.4.5?vcs_url=git://host.com/path/to/repo.git%404345abcd34343" - ] -} diff --git a/types/nuget-definition.json b/types/nuget-definition.json deleted file mode 100644 index 80927f5..0000000 --- a/types/nuget-definition.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/nuget-definition.json", - "type": "nuget", - "type_name": "NuGet", - "description": "NuGet .NET packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://www.nuget.org" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "native_name": "version", - "case_sensitive": true, - "note": "Technically the name is case-perserving, but case-insensitive, and NuGet packages archives are case-perserving, while some NuGet API calls demand to lowercase the package name." - }, - "version_definition": { - "native_name": "version", - "note": "The NuGet version is semver-like but may contain more than three segments" - }, - "note": "There is no namespace per se even if the common convention is to use dot-separated package names where the first segment is namespace-like.", - "examples": [ - "pkg:nuget/EnterpriseLibrary.Common@6.0.1304" - ] -} diff --git a/types/oci-definition.json b/types/oci-definition.json deleted file mode 100644 index 1977787..0000000 --- a/types/oci-definition.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/oci-definition.json", - "type": "oci", - "type_name": "OCI image", - "description": "For artifacts stored in registries that conform to the OCI Distribution Specification https://github.com/opencontainers/distribution-spec including container images built by Docker and others", - "repository": { - "use_repository": true, - "note": "There is no canonical package repository for OCI artifacts. Therefore oci purls must be registry agnostic by default. To specify the repository, provide a repository_url value." - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "OCI purls do not contain a namespace, although, repository_url may contain a namespace as part of the physical location of the package." - }, - "name_definition": { - "case_sensitive": false, - "note": "The name is not case sensitive and must be lowercased. The name is the last fragment of the repository name. For example if the repository name is library/debian then the name is debian." - }, - "version_definition": { - "case_sensitive": false, - "note": "The version is the sha256:hex_encoded_lowercase_digest of the artifact and is required to uniquely identify the artifact." - }, - "qualifiers_definition": [ - { - "key": "arch", - "description": "key for a package architecture, when relevant." - }, - { - "key": "repository_url", - "description": "A repository URL where the artifact may be found, but not intended as the only location. This value is encouraged to identify a location the content may be fetched." - }, - { - "key": "tag", - "description": "artifact tag that may have been associated with the digest at the time." - } - ], - "reference_urls": [ - "https://github.com/opencontainers/distribution-spec" - ], - "examples": [ - "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=docker.io/library/debian&arch=amd64&tag=latest", - "pkg:oci/debian@sha256%3A244fd47e07d10?repository_url=ghcr.io/debian&tag=bullseye", - "pkg:oci/static@sha256%3A244fd47e07d10?repository_url=gcr.io/distroless/static&tag=latest", - "pkg:oci/hello-wasm@sha256%3A244fd47e07d10?tag=v1" - ] -} diff --git a/types/pub-definition.json b/types/pub-definition.json deleted file mode 100644 index 8e1694a..0000000 --- a/types/pub-definition.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/pub-definition.json", - "type": "pub", - "type_name": "Pub", - "description": "Dart and Flutter pub packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://pub.dartlang.org" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "native_name": "name", - "case_sensitive": false, - "permitted_characters": "^[a-z0-9_]", - "normalization_rules": [ - "Replace non-[a-z] letters, non-[0-9] digits with underscore _" - ], - "note": "Pub normalizes all package names to be lowercase and using underscores. The only allowed characters are [a-z0-9_]. More information on pub naming and versioning is available in the pubspec documentation https://dart.dev/tools/pub/pubspec" - }, - "version_definition": { - "native_name": "version" - }, - "examples": [ - "pkg:pub/characters@1.2.0", - "pkg:pub/flutter@0.0.0" - ] -} diff --git a/types/pypi-definition.json b/types/pypi-definition.json deleted file mode 100644 index bec2625..0000000 --- a/types/pypi-definition.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/pypi-definition.json", - "type": "pypi", - "type_name": "PyPI", - "description": "Python packages", - "repository": { - "use_repository": true, - "default_repository_url": "https://pypi.org", - "note": "Previously https://pypi.python.org" - }, - "namespace_definition": { - "requirement": "prohibited", - "note": "there is no namespace" - }, - "name_definition": { - "native_name": "name", - "case_sensitive": false, - "normalization_rules": [ - "Replace underscore _ with dash -", - "Replace dot . with underscore _ when used in distribution (sdist, wheel) names" - ], - "note": "PyPI treats - and _ as the same character and is not case sensitive. Therefore a PyPI package name must be lowercased and underscore _ replaced with a dash -. Note that PyPI itself is preserving the case of package names. When used in distribution and wheel names, the dot . is replaced with an underscore _" - }, - "version_definition": { - "case_sensitive": false, - "native_name": "version" - }, - "qualifiers_definition": [ - { - "key": "file_name", - "requirement": "optional", - "description": "The file_name qualifier selects a particular distribution file (case-sensitive). For naming convention, see the Python Packaging User Guide on source distributions https://packaging.python.org/en/latest/specifications/source-distribution-format/#source-distribution-file-name and on binary distributions https://packaging.python.org/en/latest/specifications/binary-distribution-format/#file-name-convention and the rules for platform compatibility tags https://packaging.python.org/en/latest/specifications/platform-compatibility-tags/" - } - ], - "examples": [ - "pkg:pypi/django@1.11.1", - "pkg:pypi/django@1.11.1?filename=Django-1.11.1.tar.gz", - "pkg:pypi/django@1.11.1?filename=Django-1.11.1-py2.py3-none-any.whl", - "pkg:pypi/django-allauth@12.23" - ] -} diff --git a/types/qpkg-definition.json b/types/qpkg-definition.json deleted file mode 100644 index 16277bd..0000000 --- a/types/qpkg-definition.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/qpkg-definition.json", - "type": "qpkg", - "type_name": "QNX package", - "description": "QNX packages", - "repository": { - "use_repository": true, - "note": "There is no default package repository, this should be implied either from the namespace or using a repository base URL as repository_url qualifiers key." - }, - "namespace_definition": { - "case_sensitive": false, - "native_name": "vendor", - "note": "The namespace is the vendor of the package. It is not case sensitive and must be lowercased.", - "requirement": "required" - }, - "name_definition": { - "native_name": "name" - }, - "examples": [ - "pkg:qpkg/blackberry/com.qnx.sdp@7.0.0.SGA201702151847", - "pkg:qpkg/blackberry/com.qnx.qnx710.foo.bar.qux@0.0.4.01449T202205040833L" - ] -} diff --git a/types/rpm-definition.json b/types/rpm-definition.json deleted file mode 100644 index 4e52acd..0000000 --- a/types/rpm-definition.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/rpm-definition.json", - "type": "rpm", - "type_name": "RPM", - "description": "RPM packages", - "repository": { - "use_repository": true, - "note": "There is no default package repository, this should be implied either from the distro qualifiers key or using a repository base URL as repository_url qualifiers key." - }, - "namespace_definition": { - "case_sensitive": false, - "native_name": "vendor", - "note": "The namespace is the vendor such as Fedora or OpenSUSE. It is not case sensitive and must be lowercased.", - "requirement": "required" - }, - "name_definition": { - "case_sensitive": true, - "note": "The name is the RPM name and is case sensitive.", - "native_name": "name" - }, - "version_definition": { - "note": "The version is the combined version and release of an RPM.", - "native_name": "version-release" - }, - "qualifiers_definition": [ - { - "key": "epoch", - "requirement": "optional", - "description": "(optional for RPMs) is a qualifier as its not required for unique identification, but when the epoch exists we strongly encourage using it." - }, - { - "key": "arch", - "description": "the qualifiers key for a package architecture." - } - ], - "examples": [ - "pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386&distro=fedora-25", - "pkg:rpm/centerim@4.22.10-1.el6?arch=i686&epoch=1&distro=fedora-25" - ] -} diff --git a/types/swid-definition.json b/types/swid-definition.json deleted file mode 100644 index 4d26ba9..0000000 --- a/types/swid-definition.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type.schema-1.0.json", - "$id": "https://packageurl.org/types/swid-definition.json", - "type": "swid", - "type_name": "Software Identification (SWID) Tag", - "description": "PURL type for ISO-IEC 19770-2 Software Identification (SWID) tags.", - "repository": { - "use_repository": false, - "note": "There is no default package repository." - }, - "namespace_definition": { - "requirement": "optional", - "case_sensitive": true, - "native_name": "softwareCreator", - "note": "The namespace is the optional name and regid of the entity with a role of softwareCreator. If specified, name is required and is the first segment in the namespace. If regid is known, it must be specified as the second segment in the namespace. A maximum of two segments are supported." - }, - "name_definition": { - "requirement": "required", - "case_sensitive": true, - "native_name": "SoftwareIdentity/name", - "note": "The name is the name as defined in the SWID SoftwareIdentity element." - }, - "version_definition": { - "requirement": "optional", - "case_sensitive": true, - "native_name": "SoftwareIdentity/version", - "note": "The version is the version as defined in the SWID SoftwareIdentity element." - }, - "qualifiers_definition": [ - { - "key": "tag_id", - "requirement": "required", - "description": "The qualifier tag_id must not be empty and corresponds to the tagId as defined in the SWID SoftwareIdentity element. Per the SWID specification, GUIDs are recommended. If a GUID is used, it must be lowercase. If a GUID is not used, the tag_id qualifier is case aware but not case sensitive." - }, - { - "key": "tag_version", - "requirement": "optional", - "description": "The qualifier tag_version is an optional integer and corresponds to the tagVersion as defined in the SWID SoftwareIdentity element. If not specified, defaults to 0." - }, - { - "key": "patch", - "requirement": "optional", - "description": "The qualifier patch is optional and corresponds to the patch as defined in the SWID SoftwareIdentity element. If not specified, defaults to false." - }, - { - "key": "tag_creator_name", - "requirement": "optional", - "description": "The qualifier tag_creator_name is optional. If the tag creator is different from the software creator, the tag_creator_name qualifier should be specified." - }, - { - "key": "tag_creator_regid", - "requirement": "optional", - "description": "The qualifier tag_creator_regid is optional. If the tag creator is different from the software creator, the tag_creator_regid qualifier should be specified." - } - ], - "note": "Use of known qualifiers key/value pairs such as download_url can be used to specify where the package was retrieved from.", - "examples": [ - "pkg:swid/Acme/example.com/Enterprise+Server@1.0.0?tag_id=75b8c285-fa7b-485b-b199-4745e3004d0d", - "pkg:swid/Fedora@29?tag_id=org.fedoraproject.Fedora-29", - "pkg:swid/Adobe+Systems+Incorporated/Adobe+InDesign@CC?tag_id=CreativeCloud-CS6-Win-GM-MUL" - ] -} diff --git a/types/swift-definition.json b/types/swift-definition.json deleted file mode 100644 index 55054b3..0000000 --- a/types/swift-definition.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "$schema": "https://packageurl.org/schemas/purl-type-definition.schema-1.0.json", - "$id": "https://packageurl.org/types/swift-definition.json", - "type": "swift", - "type_name": "Swift packages", - "description": "Swift packages", - "repository": { - "use_repository": true, - "note": "There is no default package repository, this should be implied from namespace." - }, - "namespace_definition": { - "requirement": "required", - "note": "The namespace is source host and user/organization and is required.", - "case_sensitive": true - }, - "name_definition": { - "case_sensitive": true, - "native_name": "repository name" - }, - "version_definition": { - "case_sensitive": true, - "native_name": "package version" - }, - "examples": [ - "pkg:swift/github.com/Alamofire/Alamofire@5.4.3", - "pkg:swift/github.com/RxSwiftCommunity/RxFlow@2.12.4" - ] -}