-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use package URLs for packages #32
Comments
@pombredanne Can you please elaborate this issue a bit more? |
Sure, the first step would be to understand the spec at https://github.com/package-url/purl-spec then contemplate how this could be integrated in the code here |
@pombredanne I am on it. Will get back very soon. |
@pombredanne I have gone through the spec at https://github.com/package-url/purl-spec and developed a basic understanding about package URLs. |
@lohani2280 actually the 1st step would likely to deal with the data models and structure and use a package url throughout for proper. The package url package has a contrib module with a django model mixin that should be good for starters. The update to the API would come rather naturally from that and should be accepting a purl and return vulnerabilities. |
@pombredanne Currently requesting the server with package name/version returns the vulnerabilities associated with that package. Present way of requesting the server is- By |
@lohani2280 yes, once purls are added to the models and used throughout, then the API should use these as opposed to name version (and we could also later accept too the set of discrete purl fields too) |
See https://github.com/package-url
The text was updated successfully, but these errors were encountered: