Fails to return the version if dependencies are specified

[ajmalab]

The from_string() method does not parse purls with dependencies specified properly.

Steps to recreate:

• Parse: pkg:npm/@promster/[email protected]([email protected])([email protected])
• Will return: {'type': 'npm', 'namespace': '@promster', 'name': '[email protected]([email protected])(typescript', 'version': '4.9.4)', 'qualifiers': None, 'subpath': None}

The name is parsed as[email protected]([email protected])(typescript and the version as '4.9.4). Ideally the name should be express, version 7.0.6.

[pombredanne]

@ajmalab Sorry for the late reply! I have never seen dependencies specified this way and this is not part of the PURL spec so far. Can you tell me where you got these from?

Now if you want to encode this the PURL would end up this way:

>>> from packageurl import *
>>> a="pkg:npm/@promster/express"; b="7.0.6([email protected])([email protected])"
>>> purl = PackageURL(type="npm", namespace="@promster", name="express", version="7.0.6([email protected])([email protected])")
>>> purl.to_string()
'pkg:npm/%40promster/[email protected]%28prom-client%4014.1.1%29%28typescript%404.9.4%29'

This would be rather odd to do. Can you tell me what you trying to achieve and which tool you may use?