Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix PURL test failures, migrate cyclonedx-bom to purl crate #746

Merged
merged 7 commits into from
Jul 17, 2024
Merged

Fix PURL test failures, migrate cyclonedx-bom to purl crate #746

merged 7 commits into from
Jul 17, 2024

Conversation

Shnatsel
Copy link
Contributor

@Shnatsel Shnatsel commented Jul 16, 2024
edited
Loading

cargo cyclonedx

Drop our custom percent encoding machinery now that the purl crate implements this for us. This was one hell of a rabbit hole, and it is a testament to the quality of the purl crate that they are actually handling this nonsense correctly now.

Fixes #745

cyclonedx-bom

Migrate from the very incomplete packageurl to the purl crate already used by cargo cyclonedx. We used to have two different PURL crates in the tree, this brings the number back to one. Also provide a more informative error message on validation errors.

Fixes #636

This is all still semver-compatible, because the packageurl crate was never actually exposed to the outside world. But this is a PR against main because I cannot be bothered to backport this.

@Shnatsel Shnatsel requested a review from a team as a code owner July 16, 2024 09:18
@Shnatsel
Migrate to purl crate from packageurl, expose namespace in PURL c…
b06aad2 
…onstructor

Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
@Shnatsel
Revert upgrade of purl to 0.1.3
ef3251b 
Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
@Shnatsel
More informative validation error message for PURL
2a589c6 
Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
@Shnatsel
Drop namespace from the naive constructor. Let the users who need it …
934b88d 
…just use the `purl` crate.

Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
@Shnatsel
Require purl v0.1.3
21a3406 
Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
@Shnatsel
Drop custom urlencoding machinery now that purl crate implements it…
c1a6cad 
… for us

Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
@Shnatsel
Drop obsolete comment about the namespace
28b687d 
Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
@Shnatsel Shnatsel mentioned this pull request Jul 16, 2024
Closed
@lfrancke
Copy link
Contributor

Thank you for this. It looks good to me.

Should phylum-dev/purl#11 be closed if it's handled now?
They don't seem to have a changelog or release notes but I do see upstream commits on this.

@Shnatsel
Copy link
Contributor Author

Good point, I closed the upstream issue.

@Shnatsel Shnatsel merged commit 00c6f77 into CycloneDX:main Jul 17, 2024
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

cargo cyclonedx tests fail after upgrading to purl 0.1.3 Switch from packageurl to purl crate
2 participants
@Shnatsel @lfrancke