mix irving

Hi @patrickkettner I'm essentially asking if you can see any problems with the following as standard ways to reference chrome extensions as purls (package URLs): - `pkg:chrome/[email protected]` - `pkg:chrome/[email protected]` -...

I think the idea of an `engines` query in interesting. Is this what the `prodversion` query is used to resolve on the `updatecheck` API? (we're guessing from the outside!). I...

> Only the latest version of an item is publicly available, but specifying a URL may be a good way to ensure an update isn't unexpected? @patrickkettner can you clarify...

@patrickkettner , polite bump on this ❤️

I think your suggestion of `minimum_chrome_version` is interesting. I'm hesitant to add it to this spec without clarity about how/ whether this actually works with any of the google APIs...

@pombredanne I think all outstanding comments/ question have been resolved on this @patrickkettner if you'd like to leave a review confirming your position on this that might help accelerate this...

As I raised here : https://github.com/package-url/purl-spec/pull/671#discussion_r2377128615 , I'm really interested in how we keep consumers of PURLs safe from things like typosquat attacks. Some context is I work in security...

Update: after some great input from community, have opted to close https://github.com/package-url/purl-spec/pull/671 in favour of this proposal ❤️