Tushar Goel
Tushar Goel
@pombredanne @armijnhemel if we check this reference https://cve.report/qid/501765 they also have stated `Affected Package versions prior to 1.11.3-r0`
@armijnhemel makes sense!
relates to https://github.com/nexB/vulnerablecode/issues/859
IMO it's better to register data sources by hand as done in vulnerablecode rather than this
Cool stuff, will surely try this out :D
Yes sure @pombredanne , can we get some sample input and outputs, so we can think of a mapping for same
@tclasen one work around for now could be to use fetchcode for this, since many package types are not supported in purl2url ``` >>> from fetchcode.package import * >>> pkgs...
Please rebase with the latest main
@ziadhany please add CHANGEOLG for this PR
Please see my review comment, otherwise this looks good to me. Please rebase your branch