Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature request: name to purl for rpm/deb #62

Open
armijnhemel opened this issue Sep 2, 2021 · 8 comments
Open

feature request: name to purl for rpm/deb #62

armijnhemel opened this issue Sep 2, 2021 · 8 comments

Comments

@armijnhemel
Copy link

It would be very useful if it would be possible to supply a name of a package and then get a purl object.

For example. I would like to do something like:

>>> purl_object = packageurl.PackageURL.from_package_name('vim_8.1.0875-5_amd64.deb')

and get a correct purl object.

@pombredanne
Copy link
Member

@armijnhemel that's a great feature!
@TG1999 what do you think?

@TG1999
Copy link
Collaborator

TG1999 commented Sep 15, 2021

Yes sure @pombredanne , can we get some sample input and outputs, so we can think of a mapping for same

@armijnhemel
Copy link
Author

I realize that from a plain package you cannot determine the distro such as "debian" or "fedora". I think it would be acceptable to assume that this would be supplied as a parameter or to set it to a generic value, which can later be changed or overridden.

@armijnhemel
Copy link
Author

Package to purl string could be like this:

babeld_1.8.3-1_amd64.deb -> pkg:deb/[email protected]?arch=amd64
bash-5.1.0-2.fc34.x86_64.rpm -> pkg:rpm/fedora/[email protected]?arch=x86_64

Optionally, because there is 'fc34' in the name you could conclude that it is Fedora 34, but I wouldn't do that, as I can see that there are packages in Fedora 34 that have fc33 in the name.

Currently when feeding these purl strings to PackageURL.from_string gives me:

packageurl.PackageURL.from_string('pkg:rpm/[email protected]?arch=x86_64')
PackageURL(type='rpm', namespace=None, name='bash', version='5.1.0-2', qualifiers={'arch': 'x86_64'}, subpath=None)

so I could imagine the identical output for the proposed method:

packageurl.PackageURL.from_package_name('bash-5.1.0-2.fc34.x86_64.rpm')
PackageURL(type='rpm', namespace=None, name='bash', version='5.1.0-2', qualifiers={'arch': 'x86_64'}, subpath=None)

@pombredanne
Copy link
Member

@armijnhemel thanks! that's clear.

@pombredanne
Copy link
Member

@armijnhemel would this be only for .deb and .rpm?

@armijnhemel
Copy link
Author

@armijnhemel would this be only for .deb and .rpm?

For now yes. In the future I could also envision ipkg (extension: ipk) and possibly others (Python wheel, etc.).

@pombredanne
Copy link
Member

FWIW, we have a lot of these in url2purl... but for full URLs, not mere package archives

>>> url2purl("https://files.pythonhosted.org/packages/a1/eb/b37ef5647243ade8308f7bb46b1a45e6204790c163cbd8cf6df990d5c1c1/boolean.py-3.8.tar.gz")
PackageURL(type='pypi', namespace=None, name='boolean.py', version='3.8', qualifiers={}, subpath=None)

and not yet for debian and RPMs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants