Keshav Priyadarshi
Keshav Priyadarshi
`send_scan_project_results` in `purldb-scan-queue-worker` isn't able to properly send the large scan results. This issue fixed the critical problems: - https://github.com/nexB/purldb/issues/362 And we can still improve this, using some of these...
The current timeout of 5 seconds is insufficient for fetching archives like https://www.busybox.net/downloads/busybox-1.01.tar.bz2, https://www.uclibc.org/downloads/uClibc-0.9.30.tar.gz since these websites are bit slow in their response.
It would be nice to have a config (with path patterns) to ignore and silence some recurring Resources flagged as "requires-review". This would be different from the regular ignores. This...
Currently, the ABOUT file matching step only matches the deployed resources. However, there are scenarios in which the corresponding development resource also exists. In such cases, the development resource should...
The current univers `VersionRange` includes the pre-release versions. While this behavior is desirable when dealing with version ranges in a security advisory, it is not appropriate for the version range...
- support normalization of range expression from GitHub, Snyk, GitLab - Discrete range normalization for OSV, DEPS, VulerableCode
Our current implementation of VersionRange assumes that information regarding the logical operation (AND/OR) can be inferred by the order in which the constraints are arranged (currently, we arrange them in...
```python >>> from univers.versions import SemverVersion >>> SemverVersion("1.0.0-beta").next_major() SemverVersion(string='1.0.0') ``` ```python >>> SemverVersion("1.0.0-beta").next_minor() SemverVersion(string='1.0.0') ``` ```python >>> SemverVersion("1.0.0-beta").next_patch() SemverVersion(string='1.0.0') ``` This is likely a bug in [python-semanticversion](https://github.com/rbarrois/python-semanticversion) ### Edit This...
```python >>> from univers.versions import SemverVersion >>> from univers.version_range import VersionRange >>> >>> range = VersionRange.from_string("vers:npm/>=1.2.3|>1.2.4") >>> >>> SemverVersion("1.2.5") in range Traceback (most recent call last): File "", line 1,...
[pub.dev](https://pub.dev) essentially uses Semver with minor deviations, which they have explained in detail here: - https://dart.dev/tools/pub/versioning#semantic-versions - https://github.com/dart-lang/pub_semver/blob/master/README.md#semantics They have implemented [pub_semver](https://github.com/dart-lang/pub_semver), but unfortunately, it is only available in Dart.