packageurl-python
packageurl-python copied to clipboard
package-url
Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and other generous sponsors...
- enabled mypy - added type hints to __init__.py to make reviewing easier and more gradual - moved linting and type checking to a dedicated CI job Relates #99
hey 😄 Thanks for the great project 🚀 We are using both your project and CycloneDX to create SBOMs. I would like to know, if you are interested in adding...
- added support for Python 3.11, there was nothing special to do like deprecation warnings - moved linting to a dedicated GHA job, so it will be run only on...
See https://github.com/nexB/skeleton and https://github.com/nexB/fetchcode/ for examples
``` >>> purl = "pkg:alpine/openssl@0?arch=aarch64&distroversion=edge&reponame=main" >>> purl_to_lookups(purl_str=purl) {'type': 'alpine', 'name': 'openssl', 'version': '0', 'qualifiers': 'arch=aarch64&distroversion=edge&reponame=main'} ```
PackageURL.from_string("pkg:npm/@babel/core") The purl is identified as a wrong one.
The current implementation uses a namedtuple for PackageURL but this is an implementation detail that should be relied uppon. We should have a method to create a new purl from...
Metadata
Owner
Metadata
Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and other generous sponsors...