macaron icon indicating copy to clipboard operation
macaron copied to clipboard
verified publisher icon oracle

Support PURL aliases in the data model

Open behnazh-w opened this issue 2 years ago • 1 comments

The PURL specification allows multiple PURL strings pointing to the same software component:

pkg:maven/org.apache.xmlgraphics/[email protected]

can be equivalent to

pkg:github.com/apache/xmlgraphics-batik@7464826697a268a20d6f871bf265915a71214a91

We need to support such aliases in the data model and load the same component from the database. One way to add support can be to add a new mapped object for PURL aliases, with a foreign key to the Component object.

behnazh-w avatar Aug 04 '23 03:08 behnazh-w

At the moment, the implementation for determining the output directory for the report files relies on the PURL string (implementation here). This could potentially make the reports of two alias PURL strings got stored into two different places:

  • pkg:maven/org.apache.xmlgraphics/[email protected] -> <output>/reports/maven/org_apache_xmlgraphics/batik_anim
  • pkg:github.com/apache/xmlgraphics-batik@7464826697a268a20d6f871bf265915a71214a91 -> <output>/reports/github_com/apache/xmlgraphics-batik

Therefore, we also need to make the behavior consistent when encountering alias PURL strings.

tromai avatar Aug 11 '23 04:08 tromai