From 20a557478882ad39686844cb1c1cef70f951fab3 Mon Sep 17 00:00:00 2001 From: Meet Soni <92802561+inosmeet@users.noreply.github.com> Date: Wed, 26 Jun 2024 23:35:57 +0530 Subject: [PATCH] feat: improved purl for productinfo (#4222) * feat: improved purl for productinfo Signed-off-by: Meet Soni * fix: improved default parameter type Signed-off-by: Meet Soni --------- Signed-off-by: Meet Soni --- cve_bin_tool/parsers/__init__.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cve_bin_tool/parsers/__init__.py b/cve_bin_tool/parsers/__init__.py index 3ab34a0dcd..ae0e0c79e2 100644 --- a/cve_bin_tool/parsers/__init__.py +++ b/cve_bin_tool/parsers/__init__.py @@ -90,12 +90,13 @@ def find_vendor(self, product, version): ) return vendorlist - def generate_purl(self, product, vendor="", qualifier={}, subpath=None): + def generate_purl(self, product, vendor="", version="", qualifier={}, subpath=None): """Generate purl string based on various components.""" purl = PackageURL( type=self.purl_pkg_type, namespace=vendor, name=product, + version=version, qualifiers=qualifier, subpath=subpath, ) @@ -132,8 +133,8 @@ def find_vendor_from_purl(self, purl, ver) -> tuple[list[ScanInfo], bool]: else: return vendorlist, False - purl_with_ver = f"{str(purl)}@{ver}" for vendor, product in vendors: + purl_with_ver = self.generate_purl(product, vendor, ver) vendorlist.append( ScanInfo( ProductInfo( @@ -190,7 +191,6 @@ def deduplication(self, purl, vendorlist) -> list[ScanInfo]: item.product_info.product, item.product_info.version, item.file_path, - item.product_info.purl, ), item.file_path, )