From 657623076dd3adc3d7e999b725c791ce2cc4278e Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 25 May 2023 06:17:01 +0000
Subject: [PATCH 1/3] chore(deps): update dependency packageurl-dotnet to
v1.3.0
---
Directory.Packages.props | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Directory.Packages.props b/Directory.Packages.props
index 98a2577a7..572462f41 100644
--- a/Directory.Packages.props
+++ b/Directory.Packages.props
@@ -27,7 +27,7 @@
-
+
From 5fd853e5ac861ff1d8e8ad8a1459f98b0589e458 Mon Sep 17 00:00:00 2001
From: Justin Perez
Date: Fri, 2 Jun 2023 12:18:26 -0700
Subject: [PATCH 2/3] fix: proper case in purl urls
---
.../TypedComponent/LinuxComponent.cs | 4 ++--
.../TypedComponent/NpmComponent.cs | 4 ++--
.../TypedComponent/PodComponent.cs | 2 +-
.../PurlGenerationTests.cs | 10 +++++-----
4 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/LinuxComponent.cs b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/LinuxComponent.cs
index 42d494ddc..ff676cc96 100644
--- a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/LinuxComponent.cs
+++ b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/LinuxComponent.cs
@@ -1,4 +1,4 @@
-namespace Microsoft.ComponentDetection.Contracts.TypedComponent;
+namespace Microsoft.ComponentDetection.Contracts.TypedComponent;
using PackageUrl;
public class LinuxComponent : TypedComponent
@@ -45,7 +45,7 @@ public override PackageURL PackageUrl
if (packageType != null)
{
- return new PackageURL(packageType, this.Distribution, this.Name, this.Version, null, null);
+ return new PackageURL(packageType, this.Distribution.ToLower(), this.Name, this.Version, null, null);
}
return null;
diff --git a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs
index c456082b3..fb847a21c 100644
--- a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs
+++ b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs
@@ -1,4 +1,4 @@
-namespace Microsoft.ComponentDetection.Contracts.TypedComponent;
+namespace Microsoft.ComponentDetection.Contracts.TypedComponent;
using Microsoft.ComponentDetection.Contracts.Internal;
using PackageUrl;
@@ -29,5 +29,5 @@ public NpmComponent(string name, string version, string hash = null, NpmAuthor a
public override string Id => $"{this.Name} {this.Version} - {this.Type}";
- public override PackageURL PackageUrl => new PackageURL("npm", null, this.Name, this.Version, null, null);
+ public override PackageURL PackageUrl => new PackageURL("npm", null, this.Name.ToLower(), this.Version, null, null);
}
diff --git a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/PodComponent.cs b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/PodComponent.cs
index 02b129274..b8b56de1a 100644
--- a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/PodComponent.cs
+++ b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/PodComponent.cs
@@ -1,4 +1,4 @@
-namespace Microsoft.ComponentDetection.Contracts.TypedComponent;
+namespace Microsoft.ComponentDetection.Contracts.TypedComponent;
using System.Collections.Generic;
using PackageUrl;
diff --git a/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs b/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs
index e61d0a7cc..5e8b63a0b 100644
--- a/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs
+++ b/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs
@@ -1,4 +1,4 @@
-namespace Microsoft.ComponentDetection.Contracts.Tests;
+namespace Microsoft.ComponentDetection.Contracts.Tests;
using FluentAssertions;
using Microsoft.ComponentDetection.Contracts.TypedComponent;
using Microsoft.VisualStudio.TestTools.UnitTesting;
@@ -95,9 +95,9 @@ public void CocoaPodNameShouldSupportPurl()
var packageThree = new PodComponent("googleUtilities", "7.5.2");
packageOne.PackageUrl.Type.Should().Be("cocoapods");
- packageOne.PackageUrl.ToString().Should().Be("pkg:cocoapods/afnetworking@4.0.1");
- packageTwo.PackageUrl.ToString().Should().Be("pkg:cocoapods/mapsindoors@3.24.0");
- packageThree.PackageUrl.ToString().Should().Be("pkg:cocoapods/googleutilities@7.5.2");
+ packageOne.PackageUrl.ToString().Should().Be("pkg:cocoapods/AFNetworking@4.0.1");
+ packageTwo.PackageUrl.ToString().Should().Be("pkg:cocoapods/MapsIndoors@3.24.0");
+ packageThree.PackageUrl.ToString().Should().Be("pkg:cocoapods/googleUtilities@7.5.2");
}
[TestMethod]
@@ -106,6 +106,6 @@ public void CocoaPodNameShouldPurlWithCustomQualifier()
// https://github.com/package-url/purl-spec/blob/b8ddd39a6d533b8895f3b741f2e62e2695d82aa4/PURL-TYPES.rst#cocoapods
var packageOne = new PodComponent("AFNetworking", "4.0.1", "https://custom_repo.example.com/path/to/repo/specs.git");
- packageOne.PackageUrl.ToString().Should().Be("pkg:cocoapods/afnetworking@4.0.1?repository_url=https://custom_repo.example.com/path/to/repo/specs.git");
+ packageOne.PackageUrl.ToString().Should().Be("pkg:cocoapods/AFNetworking@4.0.1?repository_url=https://custom_repo.example.com/path/to/repo/specs.git");
}
}
From fcb9d82d839fff0ee1db04f4f951c3069a20bbc4 Mon Sep 17 00:00:00 2001
From: Justin Perez
Date: Mon, 5 Jun 2023 06:45:52 -0700
Subject: [PATCH 3/3] fix: npm purl spec
---
.../TypedComponent/NpmComponent.cs | 2 +-
.../PurlGenerationTests.cs | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs
index fb847a21c..94c82e7ca 100644
--- a/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs
+++ b/src/Microsoft.ComponentDetection.Contracts/TypedComponent/NpmComponent.cs
@@ -29,5 +29,5 @@ public NpmComponent(string name, string version, string hash = null, NpmAuthor a
public override string Id => $"{this.Name} {this.Version} - {this.Type}";
- public override PackageURL PackageUrl => new PackageURL("npm", null, this.Name.ToLower(), this.Version, null, null);
+ public override PackageURL PackageUrl => new PackageURL("npm", null, this.Name, this.Version, null, null);
}
diff --git a/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs b/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs
index 5e8b63a0b..863ff97f5 100644
--- a/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs
+++ b/test/Microsoft.ComponentDetection.Contracts.Tests/PurlGenerationTests.cs
@@ -9,12 +9,12 @@ namespace Microsoft.ComponentDetection.Contracts.Tests;
public class PurlGenerationTests
{
[TestMethod]
- public void NpmPackageNameShouldBeLowerCase()
+ public void NpmPackageNameShouldBeCaseSentitive()
{
// According to the spec package name should not have uppercase letters
// https://github.com/package-url/purl-spec/blame/180c46d266c45aa2bd81a2038af3f78e87bb4a25/README.rst#L656
var npmComponent = new NpmComponent("TEST", "1.2.3");
- npmComponent.PackageUrl.Name.Should().Be("test");
+ npmComponent.PackageUrl.Name.Should().Be("TEST");
}
[TestMethod]