RubyGems - purl - Versions diffs - 1.2.0 → 1.4.0 - Mend

purl 1.2.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

data/lib/purl/package_url.rb CHANGED Viewed

@@ -74,13 +74,13 @@ module Purl
     def initialize(type:, name:, namespace: nil, version: nil, qualifiers: nil, subpath: nil)
       @type = validate_and_normalize_type(type)
       @name = validate_name(name)
-      @namespace = validate_namespace(namespace) if namespace
+      @namespace = validate_namespace(namespace)
       @version = validate_version(version) if version
       @qualifiers = validate_qualifiers(qualifiers) if qualifiers
       @subpath = validate_subpath(subpath) if subpath
-      # Type-specific validation
-      validate_type_specific_rules
+      # Apply post-validation normalization that depends on other components
+      apply_post_validation_normalization
     end
     # Parse a PURL string into a PackageURL object
@@ -407,7 +407,7 @@ module Purl
         # PyPI names are case-insensitive and _ should be normalized to -
         name_str.downcase.gsub("_", "-")
       when "mlflow"
-        # MLflow name normalization is deferred until after qualifiers are set
+        # MLflow name normalization happens after qualifiers are validated
         name_str
       when "composer"
         # Composer names should be lowercase
@@ -418,6 +418,16 @@ module Purl
     end
     def validate_namespace(namespace)
+      # Check namespace requirements from spec
+      if namespace_required_for_type?(@type) && namespace.nil?
+        raise ValidationError.new(
+          "#{@type.capitalize} PURLs require a namespace per the type definition",
+          component: :namespace,
+          value: namespace,
+          rule: "#{@type.downcase} packages need namespace"
+        )
+      end
       return nil if namespace.nil?
       namespace_str = namespace.to_s.strip
@@ -516,111 +526,35 @@ module Purl
       subpath_str
     end
-    def validate_type_specific_rules
-      case @type.downcase
-      when "conan"
-        validate_conan_specific_rules
-      when "cran"
-        validate_cran_specific_rules
-      when "swift"
-        validate_swift_specific_rules
-      when "cpan"
-        validate_cpan_specific_rules
-      when "mlflow"
-        validate_mlflow_specific_rules
+    def apply_post_validation_normalization
+      # MLflow names are case sensitive or insensitive based on repository per spec
+      if @type&.downcase == "mlflow" && @qualifiers && @qualifiers["repository_url"] && @qualifiers["repository_url"].include?("azuredatabricks")
+        # Databricks MLflow is case insensitive - normalize to lowercase per spec
+        @name = @name.downcase
       end
+      # Other MLflow repositories (like Azure ML) are case sensitive - no normalization needed
     end
-    def validate_conan_specific_rules
-      # For conan packages, if a namespace is present WITHOUT any qualifiers at all,
-      # it's ambiguous. However, any qualifiers (including build settings) make it unambiguous.
-      # According to the official spec, user/channel are only required if the package was published with them.
-      if @namespace && (@qualifiers.nil? || @qualifiers.empty?)
-        raise ValidationError.new(
-          "Conan PURLs with namespace require qualifiers to be unambiguous",
-          component: :qualifiers,
-          value: @qualifiers,
-          rule: "conan packages with namespace need qualifiers for disambiguation"
-        )
-      end
+    def namespace_required_for_type?(type)
+      return false unless type
-      # If channel qualifier is present without namespace, user qualifier is also needed (test case 31)
-      # But if namespace is present, channel alone can be valid (test case 29)
-      if @qualifiers && @qualifiers["channel"] && @qualifiers["user"].nil? && @namespace.nil?
-        raise ValidationError.new(
-          "Conan PURLs with 'channel' qualifier require 'user' qualifier to be unambiguous",
-          component: :qualifiers,
-          value: @qualifiers,
-          rule: "conan packages with channel need user qualifier"
-        )
-      end
-    end
-    def validate_cran_specific_rules
-      # CRAN packages require a version to be unambiguous
-      if @version.nil?
-        raise ValidationError.new(
-          "CRAN PURLs require a version to be unambiguous",
-          component: :version,
-          value: @version,
-          rule: "cran packages need version"
-        )
-      end
-    end
-    def validate_swift_specific_rules
-      # Swift packages require a namespace to be unambiguous
-      if @namespace.nil?
-        raise ValidationError.new(
-          "Swift PURLs require a namespace to be unambiguous",
-          component: :namespace,
-          value: @namespace,
-          rule: "swift packages need namespace"
-        )
-      end
+      # Read from purl-types.json (included in gem)
+      types_data = self.class.purl_types_data
+      type_config = types_data.dig("types", type.downcase)
+      return false unless type_config
-      # Swift packages require a version to be unambiguous
-      if @version.nil?
-        raise ValidationError.new(
-          "Swift PURLs require a version to be unambiguous",
-          component: :version,
-          value: @version,
-          rule: "swift packages need version"
-        )
-      end
-    end
-    def validate_mlflow_specific_rules
-      # MLflow names are case sensitive or insensitive based on repository
-      if @qualifiers && @qualifiers["repository_url"] && @qualifiers["repository_url"].include?("azuredatabricks")
-        # Azure Databricks MLflow is case insensitive - normalize to lowercase
-        @name = @name.downcase
-      end
-      # Other MLflow repositories are case sensitive - no normalization needed
+      # Check namespace_requirement field
+      type_config["namespace_requirement"] == "required"
     end
-    def validate_cpan_specific_rules
-      # CPAN has complex rules about module vs distribution names
-      # These test cases are checking for specific invalid patterns
-      # Case 51: "Perl-Version" should be invalid (module name like distribution name)
-      if @name == "Perl-Version"
-        raise ValidationError.new(
-          "CPAN module name 'Perl-Version' conflicts with distribution naming",
-          component: :name,
-          value: @name,
-          rule: "cpan module vs distribution name conflict"
-        )
-      end
-      # Case 52: namespace with distribution-like name should be invalid
-      if @namespace == "GDT" && @name == "URI::PackageURL"
-        raise ValidationError.new(
-          "CPAN distribution name 'GDT/URI::PackageURL' has invalid format",
-          component: :name,
-          value: "#{@namespace}/#{@name}",
-          rule: "cpan distribution vs module name conflict"
-        )
+    def self.purl_types_data
+      @purl_types_data ||= begin
+        require "json"
+        types_file = File.join(File.dirname(__FILE__), "..", "..", "purl-types.json")
+        JSON.parse(File.read(types_file))
+      rescue
+        # Fallback to empty structure if file can't be read
+        {"types" => {}}
       end
     end

data/lib/purl/registry_url.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
+require "addressable/template"
 module Purl
   class RegistryURL
     # Load registry patterns from JSON configuration
@@ -27,8 +29,7 @@ module Purl
       # Get the default registry for this type from the extended config
       default_registry = type_config["default_registry"]
-      # Use route_patterns directly from our extended registry config
-      route_patterns = config["route_patterns"] || []
+      # Route patterns are replaced by URI templates
       # Build reverse regex from template or use legacy format
       reverse_regex = nil
@@ -45,10 +46,13 @@ module Purl
       {
         base_url: config["base_url"] || (default_registry ? default_registry + config["path_template"]&.split('/:').first : nil),
-        route_patterns: route_patterns,
         reverse_regex: reverse_regex,
         pattern: build_generation_lambda(type, config, default_registry),
-        reverse_parser: reverse_regex ? build_reverse_parser(type, config) : nil
+        reverse_parser: reverse_regex ? build_reverse_parser(type, config) : nil,
+        uri_template: config["uri_template"] ? Addressable::Template.new(config["uri_template"]) : nil,
+        uri_template_no_namespace: config["uri_template_no_namespace"] ? Addressable::Template.new(config["uri_template_no_namespace"]) : nil,
+        uri_template_with_version: config["uri_template_with_version"] ? Addressable::Template.new(config["uri_template_with_version"]) : nil,
+        uri_template_with_version_no_namespace: config["uri_template_with_version_no_namespace"] ? Addressable::Template.new(config["uri_template_with_version_no_namespace"]) : nil
       }
     end
@@ -376,18 +380,41 @@ module Purl
       pattern_config = REGISTRY_PATTERNS[type.to_s.downcase]
       return [] unless pattern_config
-      pattern_config[:route_patterns] || []
+      # Generate route patterns from URI templates
+      patterns = []
+      if pattern_config[:uri_template]
+        patterns << uri_template_to_route_pattern(pattern_config[:uri_template])
+      end
+      if pattern_config[:uri_template_no_namespace]
+        patterns << uri_template_to_route_pattern(pattern_config[:uri_template_no_namespace])
+      end
+      if pattern_config[:uri_template_with_version]
+        patterns << uri_template_to_route_pattern(pattern_config[:uri_template_with_version])
+      end
+      if pattern_config[:uri_template_with_version_no_namespace]
+        patterns << uri_template_to_route_pattern(pattern_config[:uri_template_with_version_no_namespace])
+      end
+      patterns.uniq
     end
     def self.all_route_patterns
       result = {}
       REGISTRY_PATTERNS.each do |type, config|
-        if config[:route_patterns]
-          result[type] = config[:route_patterns]
-        end
+        patterns = route_patterns_for(type)
+        result[type] = patterns unless patterns.empty?
       end
       result
     end
+    private_class_method def self.uri_template_to_route_pattern(template)
+      # Convert URI template format {variable} to route pattern format :variable
+      template.pattern.gsub(/\{([^}]+)\}/, ':\1')
+    end
     def initialize(purl)
       @purl = purl
@@ -408,8 +435,12 @@ module Purl
         if base_url
           # Use custom base URL with the same URL structure
           generate_with_custom_base_url(base_url, pattern_config)
+        elsif pattern_config[:uri_template]
+          # Use URI template if available
+          template = select_uri_template(pattern_config, include_version: false)
+          generate_with_uri_template(template)
         else
-          # Use default base URL
+          # Fall back to legacy lambda pattern
           pattern_config[:pattern].call(@purl)
         end
       rescue MissingRegistryInfoError
@@ -420,27 +451,121 @@ module Purl
     end
     def generate_with_version(base_url: nil)
-      registry_url = generate(base_url: base_url)
+      return generate(base_url: base_url) unless @purl.version
+      pattern_config = REGISTRY_PATTERNS[@purl.type.downcase]
+      if base_url
+        # Use custom base URL with version
+        generate_with_custom_base_url_and_version(base_url, pattern_config)
+      elsif pattern_config[:uri_template_with_version] || pattern_config[:uri_template]
+        # Use version-specific URI template if available
+        template = select_uri_template(pattern_config, include_version: true)
+        generate_with_uri_template(template, include_version: true)
+      else
+        # Fall back to legacy version handling
+        registry_url = generate(base_url: base_url)
+        case @purl.type.downcase
+        when "npm"
+          "#{registry_url}/v/#{@purl.version}"
+        when "pypi"
+          "#{registry_url}#{@purl.version}/"
+        when "gem"
+          "#{registry_url}/versions/#{@purl.version}"
+        when "maven"
+          "#{registry_url}/#{@purl.version}"
+        when "nuget"
+          "#{registry_url}/#{@purl.version}"
+        else
+          registry_url
+        end
+      end
+    end
+    private
+    def select_uri_template(pattern_config, include_version: false)
+      if include_version
+        if @purl.namespace && pattern_config[:uri_template_with_version]
+          pattern_config[:uri_template_with_version]
+        elsif !@purl.namespace && pattern_config[:uri_template_with_version_no_namespace]
+          pattern_config[:uri_template_with_version_no_namespace]
+        elsif pattern_config[:uri_template_with_version]
+          pattern_config[:uri_template_with_version]
+        elsif @purl.namespace && pattern_config[:uri_template]
+          pattern_config[:uri_template]
+        elsif !@purl.namespace && pattern_config[:uri_template_no_namespace]
+          pattern_config[:uri_template_no_namespace]
+        else
+          pattern_config[:uri_template]
+        end
+      else
+        if @purl.namespace && pattern_config[:uri_template]
+          pattern_config[:uri_template]
+        elsif !@purl.namespace && pattern_config[:uri_template_no_namespace]
+          pattern_config[:uri_template_no_namespace]
+        else
+          pattern_config[:uri_template]
+        end
+      end
+    end
+    def generate_with_uri_template(template, include_version: false)
+      variables = {
+        name: @purl.name
+      }
+      # Add namespace if present and required
+      if @purl.namespace
+        variables[:namespace] = @purl.namespace
+      end
+      # Add version if requested and present
+      if include_version && @purl.version
+        variables[:version] = @purl.version
+      end
+      # Handle namespace requirements based on package type
+      case @purl.type.downcase
+      when "composer", "maven", "swift", "elm"
+        unless @purl.namespace
+          raise MissingRegistryInfoError.new(
+            "#{@purl.type.capitalize} packages require a namespace",
+            type: @purl.type,
+            missing: "namespace"
+          )
+        end
+      end
+      # Build the URL manually to avoid encoding issues with special characters like @
+      result = template.pattern
+      variables.each do |key, value|
+        result = result.gsub("{#{key}}", value.to_s)
+      end
+      result
+    end
+    def generate_with_custom_base_url_and_version(custom_base_url, pattern_config)
+      # For now, fall back to the existing custom base URL method and add version
+      base_result = generate_with_custom_base_url(custom_base_url, pattern_config)
       case @purl.type.downcase
       when "npm"
-        @purl.version ? "#{registry_url}/v/#{@purl.version}" : registry_url
+        "#{base_result}/v/#{@purl.version}"
       when "pypi"
-        @purl.version ? "#{registry_url}#{@purl.version}/" : registry_url
+        "#{base_result}#{@purl.version}/"
       when "gem"
-        @purl.version ? "#{registry_url}/versions/#{@purl.version}" : registry_url
-      when "maven"
-        @purl.version ? "#{registry_url}/#{@purl.version}" : registry_url
-      when "nuget"
-        @purl.version ? "#{registry_url}/#{@purl.version}" : registry_url
+        "#{base_result}/versions/#{@purl.version}"
+      when "maven", "nuget"
+        "#{base_result}/#{@purl.version}"
       else
-        # For other types, just return the base URL since version-specific URLs vary
-        registry_url
+        base_result
       end
     end
-    private
     def generate_with_custom_base_url(custom_base_url, pattern_config)
       # Replace the base URL in the pattern lambda

data/lib/purl/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Purl
-  VERSION = "1.2.0"
+  VERSION = "1.4.0"
 end