meta-dependencytrack icon indicating copy to clipboard operation
meta-dependencytrack copied to clipboard
verified publisher icon bgnetworks

Normalize names for related packages

Open hellbent opened this issue 3 years ago • 0 comments

Currently we emit package with duplicate names such as:

    {
      "name": "foo:a foo:b foo:c",
      "version": "7.78.0",
      "cpe": "cpe:2.3:a:foo:a:7.78.0:*:*:*:*:*:*:*"
    },
    {
      "name": "foo:a foo:b foo:c",
      "version": "7.78.0",
      "cpe": "cpe:2.3:a:foo:b:7.78.0:*:*:*:*:*:*:*"
    },
    {
      "name": "foo:a foo:b foo:c",
      "version": "7.78.0",
      "cpe": "cpe:2.3:a:foo:c:7.78.0:*:*:*:*:*:*:*"
    },

These should have three distinct names:

    {
      "name": "foo:a",
      "version": "7.78.0",
      "cpe": "cpe:2.3:a:foo:a:7.78.0:*:*:*:*:*:*:*"
    },
    {
      "name": "foo:b",
      "version": "7.78.0",
      "cpe": "cpe:2.3:a:foo:b:7.78.0:*:*:*:*:*:*:*"
    },
    {
      "name": "foo:c",
      "version": "7.78.0",
      "cpe": "cpe:2.3:a:foo:c:7.78.0:*:*:*:*:*:*:*"
    },

hellbent avatar May 13 '22 23:05 hellbent