Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support private npm packages that contain / in the name #164

Open
eredwine opened this issue Aug 7, 2024 · 0 comments
Open

Support private npm packages that contain / in the name #164

eredwine opened this issue Aug 7, 2024 · 0 comments

Comments

@eredwine
Copy link

eredwine commented Aug 7, 2024

While working with PackageURL.from_string, I came across a purl string that looked like this: pkg:npm/@stencil/core/[email protected].
PackageURL.from_string("pkg:npm/@stencil/core/[email protected]") failed with the following error:

Traceback (most recent call last):
  File "/repos/sw-factory/hoppr/hoppr/./test.py", line 7, in <module>
    purl = PackageURL.from_string(unquote("pkg:npm/@stencil/core/[email protected]"))
  File "/repos/sw-factory/hoppr/hoppr/venv/lib/python3.10/site-packages/packageurl/__init__.py", line 538, in from_string
    raise ValueError(f"purl is missing the required name component: {repr(purl)}")
ValueError: purl is missing the required name component: 'pkg:npm/@stencil/core/[email protected]'

I know that the purl should be pkg:npm/%40stencil/core%[email protected] according to the spec. But, I also noticed that PackageURL.from_string already has special logic to handle npm purl types whose namespace begins with @. But, the special logic breaks down in the case where the name field contains a /.

In the if block there are two cases where name could end up being empty. The first is if remainder is an empty string after the version logic. The second is if namespace is set and len(ns_name_parts) is greater than 1. I would expect the former to be an actual error while the latter is a weird corner case when dealing with invalid purls like pkg:npm/@stencil/core/[email protected].

So, I was hoping to fix the weird corner case by treating ns_name as the name field if namespace has already been set via the if type == "npm" and path.startswith("@") step.

        name = ""
        if not namespace and len(ns_name_parts) > 1:
            name = ns_name_parts[-1]
            ns = ns_name_parts[0:-1]
            namespace = "/".join(ns)
        # If a namespace has already been set then the remainder is the name
        elif namespace:
            name = ns_name
        elif len(ns_name_parts) == 1:
            name = ns_name_parts[0]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant