tdruez
tdruez
Note that we have support for the `https://*.sourceforge.net/project/scribus/scribus/1.6.0/scribus-1.6.0.tar.gz` URLs in the packageurl library, returning `pkg:sourceforge/scribus/[email protected]` We simply have to add support for this URL syntax: `https://sourceforge.net/projects/scribus/files/scribus/1.6.0/scribus-1.6.0.tar.gz/download`
@DennisClark I've added support for those type of URLs in the purl library, see https://github.com/package-url/packageurl-python/issues/139 Also, as @pombredanne suggested, we are now using the final redirect URL to extract the...
@DennisClark I've added support for the following URLs format: - https://sourceforge.net/projects/turbovnc/files/3.1/turbovnc-3.1.tar.gz/download - https://sourceforge.net/projects/ventoy/files/v1.0.96/Ventoy%201.0.96%20release%20source%20code.tar.gz/download - https://sourceforge.net/projects/geoserver/files/GeoServer/2.23.4/geoserver-2.23.4-war.zip/download You can give it another try.
@DennisClark changes available for review: - `Ventoy%201.0.96%20release%20source%20code.tar.gz` is now properly unquoted - Added support for `https://sourceforge.net/projects/spacesniffer/files/spacesniffer_1_3_0_2.zip/download` > one other observation, which is not directly related to this issue, but something...
@DennisClark The feature is only available when selecting 1 or more Packages from the list and using the "Add to Product" action. I'm not sure how we would be able...
@quepop There's already a `pipes/alpine.py` pipes module in which you can add the new functions. For the pipeline, what about "alpine_packages.py", unless it's too specific?
@quepop what about adding the `extra_data` field on the `DiscoveredPackage` model, for consistency with `Project` and `CodebaseResource` models? Let me know if that would work for you and I'll make...
@quepop `extra_data` added on the DiscoveredPackage model https://github.com/nexB/scancode.io/pull/222 Make sure to use the `DiscoveredPackage.update_extra_data()` API, see https://github.com/nexB/scancode.io/blob/main/scanpipe/models.py#L197
> a key, legal file with the word "notice" in their lowered file name As a side note, the `is_legal` is only true when the filename "starts or ends with",...
@JonoYang We want consistency across all endpoints. The `sort` parameter on collect should work the same way it does on the packages endpoint. https://github.com/nexB/purldb/blob/main/packagedb/api.py#L334