purl-spec
purl-spec copied to clipboard
package-url
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
The notes in the specification about percent encoding of ":" are a bit confusing: ``` the '#', '?', '@' and ':' characters must NOT be encoded when used as separators....
Since the language is called Go, even though its domain is golang.org, it would be nice (and short) if the package identifier for Go modules was "go" rather than "golang".
According to the spec: > checksum is a qualifier for one or more checksums stored as a comma-separated list. Each item in the value is in form of lowercase_algorithm:hex_encoded_lowercase_value and...
Many companies run private deployments of package registries, and the names of packages in those registries are often both: 1. Entirely unrelated to the corresponding package with the same name...
Why can't each type of purl simply have a name that might (or might not) be hierarchical? The resulting purl would be the same, e.g. `github:package-url/purl-spec@244fd47e07d1004f0aed9c`, but it would be...
1. Correct versions that included a purl with an un-encoded colon in the version (test-suite-data.json:88). Per [purl-spec#character-encoding](https://github.com/package-url/purl-spec#character-encoding) > the '#', '?', '@' and ':' characters must NOT be encoded when...
There are projects who regularly publish their canonical releases on ftp. A typical example would be something like `ftp://ftp.gnu.org/gnu/gcc/gcc-7.2.0/gcc-7.2.0.tar.gz`. Are there plans for such a type? (because the spec now...
See https://github.com/NuGet/Home/issues/6180#issuecomment-347056033 for details as reported by @anangaur
Generating SPDX/CycloneDX SBOMs for systems relying on Machine Learning brings in a new set of package managers (aka model registries in ML speak). We wanted to discuss the addition of...
Metadata
Owner
Metadata
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby