purl 1.7.0 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 02a4895e51ce7c9ace65a53d97fd8d4c5d288d7137daa71c9e8b8a778595e6cb
-  data.tar.gz: 55d348a442e23a0ffddc2b236bc1be22c9cf29d8eac0ce3ff289ce637e1ba6f5
+  metadata.gz: e6632d8fa11800fb9a4b376c1555505ba87047f98de52a42103c27c2d2b46e2a
+  data.tar.gz: c248313079783e3d5ac6c9e7dfc8663067671d4a19356757cd493e4fb23c2d8f
 SHA512:
-  metadata.gz: 4f8ff4ff13c1184c4b1adf6950fc1d04acedb8ce2cbbf4d62f2430455567e98f8b153b5493732919e1921a55132a2f3f51b61157b6eba85e207e6675d8675771
-  data.tar.gz: 9f203b73ef705fe70a27de5aae3b85558bd34204a2362a7429c441dc7f66d4a5ae403741fcb36471ab33e972868e4d31e6121a5eeaf23fb88832e3d38fec1e9c
+  metadata.gz: fc9b6cdde9d6efe15a93cd6760ec3c88aa8be1594d962682c9c27642c72408ebd242d2fa4cbbfc9f87e72e135f337bac8fbc278c69f991f4cbf7d5b3388a4b1b
+  data.tar.gz: db4bffcde1032b421fba9b68d717bad523482b2d457b304c997606d538bee59bbfbe185bc9f456c8e72a4150ed74f5bd80d38d757bfeba41ae533ff5260c7ffb

data/CHANGELOG.md

@@ -7,6 +7,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.7.1] - 2026-01-14
+
+### Added
+- ecosyste.ms API URL generation for packages and versions
+  - `ecosystems_registry` method returns the ecosyste.ms registry name for a PURL type
+  - `ecosystems_api_url` method generates the full API URL (version URL if version present, otherwise package URL)
+  - `ecosystems_package_api_url` method generates package API URL
+  - `ecosystems_version_api_url` method generates version API URL
+- New `ecosystems_registry` field in purl-types.json for types where the registry name differs from the registry URL host
+
 ## [1.7.0] - 2026-01-02
 
 ### Added

data/README.md

@@ -466,6 +466,30 @@ puts Purl.download_supported_types
 #     "npm", "nuget", "pub", "swift"]
 ```
 
+### ecosyste.ms API URLs
+
+Generate API URLs for the packages.ecosyste.ms service:
+
+```ruby
+# Get the ecosyste.ms registry name for a package type
+purl = Purl.parse("pkg:gem/rake@13.3.1")
+purl.ecosystems_registry  # => "rubygems.org"
+
+# Generate API URLs
+purl.ecosystems_api_url          # => "https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/rake/versions/13.3.1"
+purl.ecosystems_package_api_url  # => "https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/rake"
+purl.ecosystems_version_api_url  # => "https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/rake/versions/13.3.1"
+
+# Works with namespaced packages
+purl = Purl.parse("pkg:npm/@babel/core@7.20.0")
+purl.ecosystems_registry  # => "npmjs.org"
+purl.ecosystems_api_url   # => "https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/%40babel%2Fcore/versions/7.20.0"
+
+# Without version, returns package URL
+purl = Purl.parse("pkg:cargo/serde")
+purl.ecosystems_api_url  # => "https://packages.ecosyste.ms/api/v1/registries/crates.io/packages/serde"
+```
+
 ### Reverse Parsing: Registry URLs to PURLs
 
 ```ruby

data/Rakefile

@@ -790,12 +790,146 @@ namespace :benchmark do
     puts "✅ Registry URL benchmarks completed!"
   end
   
+  desc "Benchmark hot paths (to_s, equality, known_type?, type_info, supported_types)"
+  task :hotpaths do
+    require "benchmark"
+    require_relative "lib/purl"
+
+    iterations = 10_000
+
+    sample_purls = [
+      "pkg:gem/rails@7.0.0",
+      "pkg:npm/@babel/core@7.20.0?arch=x64&dev=true#lib/index.js",
+      "pkg:maven/org.apache.commons/commons-lang3@3.12.0?classifier=sources",
+      "pkg:cargo/rand@0.7.2",
+      "pkg:pypi/django@4.0.0",
+      "pkg:docker/nginx@sha256:abc123def",
+      "pkg:golang/github.com/gorilla/mux@1.8.0",
+    ]
+
+    parsed = sample_purls.map { |p| Purl.parse(p) }
+
+    puts "Hot Path Benchmarks (#{iterations} iterations)"
+    puts "=" * 50
+
+    Benchmark.bm(28) do |x|
+      x.report("to_s") do
+        iterations.times { parsed.each(&:to_s) }
+      end
+
+      x.report("== (equal)") do
+        pairs = parsed.map { |p| [p, Purl.parse(p.to_s)] }
+        iterations.times { pairs.each { |a, b| a == b } }
+      end
+
+      x.report("hash") do
+        iterations.times { parsed.each(&:hash) }
+      end
+
+      types = %w[gem npm maven cargo pypi docker golang unknown fake_type]
+      x.report("known_type?") do
+        iterations.times { types.each { |t| Purl.known_type?(t) } }
+      end
+
+      info_types = %w[gem npm maven cargo pypi]
+      x.report("type_info") do
+        1_000.times { info_types.each { |t| Purl.type_info(t) } }
+      end
+
+      x.report("all_type_info") do
+        100.times { Purl.all_type_info }
+      end
+
+      x.report("download_supported_types") do
+        iterations.times { Purl::DownloadURL.supported_types }
+      end
+
+      x.report("supported_reverse_types") do
+        iterations.times { Purl::RegistryURL.supported_reverse_types }
+      end
+
+      x.report("registry_supported_types") do
+        iterations.times { Purl::RegistryURL.supported_types }
+      end
+
+      x.report("parse (simple)") do
+        iterations.times { Purl.parse("pkg:gem/rails@7.0.0") }
+      end
+
+      x.report("parse (complex)") do
+        iterations.times { Purl.parse("pkg:npm/@babel/core@7.20.0?arch=x64&dev=true#lib/index.js") }
+      end
+
+      x.report("parse (namespaced)") do
+        iterations.times { Purl.parse("pkg:maven/org.apache.commons/commons-lang3@3.12.0") }
+      end
+
+      x.report("from_url (domain match)") do
+        1_000.times { Purl.from_registry_url("https://rubygems.org/gems/rails") }
+      end
+
+      x.report("from_url (type hint)") do
+        1_000.times { Purl.from_registry_url("https://gems.internal.com/gems/rails", type: "gem") }
+      end
+    end
+  end
+
+  desc "Benchmark memory allocations for hot paths"
+  task :memory do
+    require "memory_profiler"
+    require_relative "lib/purl"
+
+    sample_purls = [
+      "pkg:gem/rails@7.0.0",
+      "pkg:npm/@babel/core@7.20.0?arch=x64&dev=true#lib/index.js",
+      "pkg:maven/org.apache.commons/commons-lang3@3.12.0?classifier=sources",
+      "pkg:cargo/rand@0.7.2",
+      "pkg:pypi/django@4.0.0",
+      "pkg:docker/nginx@sha256:abc123def",
+      "pkg:golang/github.com/gorilla/mux@1.8.0",
+    ]
+
+    parsed = sample_purls.map { |p| Purl.parse(p) }
+
+    benchmarks = {
+      "parse (simple)" => -> { Purl.parse("pkg:gem/rails@7.0.0") },
+      "parse (complex)" => -> { Purl.parse("pkg:npm/@babel/core@7.20.0?arch=x64&dev=true#lib/index.js") },
+      "parse (namespaced)" => -> { Purl.parse("pkg:maven/org.apache.commons/commons-lang3@3.12.0") },
+      "to_s" => -> { parsed.each(&:to_s) },
+      "to_s (cold)" => -> { sample_purls.map { |p| Purl.parse(p) }.each(&:to_s) },
+      "== (equal)" => -> { parsed.each_cons(2) { |a, b| a == b } },
+      "known_type?" => -> { %w[gem npm maven cargo pypi].each { |t| Purl.known_type?(t) } },
+      "type_info" => -> { %w[gem npm maven].each { |t| Purl.type_info(t) } },
+      "supported_types" => -> { Purl::RegistryURL.supported_types },
+      "supported_reverse_types" => -> { Purl::RegistryURL.supported_reverse_types },
+      "download_supported_types" => -> { Purl::DownloadURL.supported_types },
+      "from_url (domain match)" => -> { Purl.from_registry_url("https://rubygems.org/gems/rails") },
+      "from_url (type hint)" => -> { Purl.from_registry_url("https://gems.internal.com/gems/rails", type: "gem") },
+    }
+
+    puts "Memory Allocation Benchmarks"
+    puts "=" * 70
+    printf "%-30s %10s %10s %10s\n", "Benchmark", "Objects", "Memsize", "Strings"
+    puts "-" * 70
+
+    benchmarks.each do |name, block|
+      report = MemoryProfiler.report { 100.times { block.call } }
+      printf "%-30s %10d %10d %10d\n",
+        name,
+        report.total_allocated,
+        report.total_allocated_memsize,
+        report.strings_allocated.size
+    end
+  end
+
   desc "Run all benchmarks"
-  task all: [:parse, :types, :registry] do
+  task all: [:parse, :types, :registry, :hotpaths] do
     puts
-    puts "🎉 All benchmarks completed!"
+    puts "All benchmarks completed!"
     puts "   Use 'rake benchmark:parse' for parsing performance"
-    puts "   Use 'rake benchmark:types' for type comparison"  
+    puts "   Use 'rake benchmark:types' for type comparison"
     puts "   Use 'rake benchmark:registry' for URL generation"
+    puts "   Use 'rake benchmark:hotpaths' for memoization and lookup paths"
+    puts "   Use 'rake benchmark:memory' for memory allocations"
   end
 end

data/lib/purl/download_url.rb

@@ -159,12 +159,10 @@ module Purl
     NAMESPACE_REQUIRED_TYPES = %w[maven elm github gitlab bitbucket luarocks swift].freeze
 
     def self.supported_types
-      DOWNLOAD_PATTERNS.keys.select do |k|
+      @supported_types ||= DOWNLOAD_PATTERNS.keys.select do |k|
         pattern = DOWNLOAD_PATTERNS[k]
-        # Skip types with notes (they're not really supported)
         next false if pattern[:note]
 
-        # Test with appropriate namespace for types that need it
         namespace = if NAMESPACE_REQUIRED_TYPES.include?(k)
           k == "swift" ? "github.com/test" : "test"
         end
@@ -174,7 +172,7 @@ module Purl
         rescue
           false
         end
-      end.sort
+      end.sort.freeze
     end
 
     def self.supports?(type)

data/lib/purl/ecosystems_url.rb

@@ -0,0 +1,102 @@
+# frozen_string_literal: true
+
+module Purl
+  class EcosystemsURL
+    API_BASE = "https://packages.ecosyste.ms/api/v1"
+    NAMESPACED_PACKAGE_TYPES = %w[npm composer maven golang swift elm clojars].freeze
+
+    def self.registry_name(purl)
+      new(purl).registry_name
+    end
+
+    def self.api_url(purl)
+      new(purl).api_url
+    end
+
+    def self.package_api_url(purl)
+      new(purl).package_api_url
+    end
+
+    def self.version_api_url(purl)
+      new(purl).version_api_url
+    end
+
+    def initialize(purl)
+      @purl = purl.is_a?(PackageURL) ? purl : PackageURL.parse(purl.to_s)
+    end
+
+    def registry_name
+      # Check for explicit ecosystems_registry in config first
+      type_config = Purl.type_config(@purl.type)
+      return type_config["ecosystems_registry"] if type_config&.dig("ecosystems_registry")
+
+      # Fall back to extracting host from registry_url
+      return nil unless @purl.supports_registry_url?
+
+      host = URI.parse(@purl.registry_url).host
+      host.sub(/^www\./, "")
+    rescue URI::InvalidURIError, RegistryError
+      nil
+    end
+
+    def api_url
+      @purl.version ? version_api_url : package_api_url
+    end
+
+    def package_api_url
+      registry = registry_name
+      return nil unless registry
+
+      name = package_name_for_api
+      "#{API_BASE}/registries/#{registry}/packages/#{encode_path_segment(name)}"
+    end
+
+    def version_api_url
+      registry = registry_name
+      return nil unless registry
+      return nil unless @purl.version
+
+      name = package_name_for_api
+      "#{API_BASE}/registries/#{registry}/packages/#{encode_path_segment(name)}/versions/#{encode_path_segment(@purl.version)}"
+    end
+
+    private
+
+    def package_name_for_api
+      # Some ecosystems use namespace/name format
+      if @purl.namespace && namespaced_package_types.include?(@purl.type.downcase)
+        "#{@purl.namespace}/#{@purl.name}"
+      else
+        @purl.name
+      end
+    end
+
+    def namespaced_package_types
+      NAMESPACED_PACKAGE_TYPES
+    end
+
+    def encode_path_segment(str)
+      URI.encode_www_form_component(str)
+    end
+
+    attr_reader :purl
+  end
+
+  class PackageURL
+    def ecosystems_registry
+      EcosystemsURL.registry_name(self)
+    end
+
+    def ecosystems_api_url
+      EcosystemsURL.api_url(self)
+    end
+
+    def ecosystems_package_api_url
+      EcosystemsURL.package_api_url(self)
+    end
+
+    def ecosystems_version_api_url
+      EcosystemsURL.version_api_url(self)
+    end
+  end
+end

data/lib/purl/lookup.rb

@@ -99,17 +99,39 @@ module Purl
 
     private
 
-    def make_request(uri)
-      http = Net::HTTP.new(uri.host, uri.port)
-      http.use_ssl = true
-      http.read_timeout = @timeout
-      http.open_timeout = @timeout
-      
+    def http_for(uri)
+      key = "#{uri.host}:#{uri.port}"
+      @connections ||= {}
+      @connections[key] ||= begin
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = (uri.scheme == "https")
+        http.read_timeout = @timeout
+        http.open_timeout = @timeout
+        http.start
+        http
+      end
+    end
+
+    def reset_connection(uri)
+      key = "#{uri.host}:#{uri.port}"
+      old = @connections&.delete(key)
+      old&.finish rescue nil
+    end
+
+    def close
+      return unless @connections
+      @connections.each_value { |http| http.finish rescue nil }
+      @connections.clear
+    end
+
+    def make_request(uri, retried: false)
+      http = http_for(uri)
+
       request = Net::HTTP::Get.new(uri)
       request["User-Agent"] = @user_agent
-      
+
       response = http.request(request)
-      
+
       case response.code.to_i
       when 200
         JSON.parse(response.body)
@@ -118,6 +140,10 @@ module Purl
       else
         raise LookupError, "API request failed with status #{response.code}"
       end
+    rescue IOError, Errno::EPIPE, Errno::ECONNRESET => e
+      raise LookupError, "Connection failed: #{e.message}" if retried
+      reset_connection(uri)
+      make_request(uri, retried: true)
     rescue JSON::ParserError => e
       raise LookupError, "Failed to parse API response: #{e.message}"
     rescue Timeout::Error, Net::OpenTimeout, Net::ReadTimeout => e

data/lib/purl/package_url.rb

@@ -48,8 +48,14 @@ module Purl
     # @return [String, nil] subpath within the package
     attr_reader :subpath
 
+    # Fast-path decode: skip URI.decode_www_form_component when no encoding present
+    def self.fast_decode(str)
+      str.include?("%") || str.include?("+") ? URI.decode_www_form_component(str) : str
+    end
+
     VALID_TYPE_CHARS = /\A[a-zA-Z0-9\.\+\-]+\z/.freeze
     VALID_QUALIFIER_KEY_CHARS = /\A[a-zA-Z0-9\.\-_]+\z/.freeze
+    STARTS_WITH_DIGIT = /\A\d/.freeze
 
     # Create a new PackageURL instance
     #
@@ -133,7 +139,7 @@ module Purl
           
           unless subpath_clean.empty?
             # Decode each component separately to handle paths properly
-            subpath_components = subpath_clean.split("/").map { |part| URI.decode_www_form_component(part) }
+            subpath_components = subpath_clean.split("/").map { |part| fast_decode(part) }
             subpath = subpath_components.join("/")
           end
         end
@@ -147,7 +153,7 @@ module Purl
         at_index = path_and_version_part.rindex("@")
         path_part = path_and_version_part[0...at_index]
         version_part = path_and_version_part[at_index + 1..-1]
-        version = URI.decode_www_form_component(version_part) unless version_part.empty?
+        version = fast_decode(version_part) unless version_part.empty?
       else
         path_part = path_and_version_part
       end
@@ -161,7 +167,7 @@ module Purl
       raise MalformedUrlError, "PURL path cannot be empty" if path_components.empty? || path_components == [""]
 
       # First component is always the type
-      type = URI.decode_www_form_component(path_components.shift)
+      type = fast_decode(path_components.shift)
       raise MalformedUrlError, "PURL must have a name component" if path_components.empty?
       
       # Handle empty name component (trailing slash case)
@@ -175,29 +181,29 @@ module Purl
           # All non-type components become namespace
           name = nil
           if path_components.length == 1
-            namespace = URI.decode_www_form_component(path_components[0])
+            namespace = fast_decode(path_components[0])
           else
-            namespace = path_components.map { |part| URI.decode_www_form_component(part) }.join("/")
+            namespace = path_components.map { |part| fast_decode(part) }.join("/")
           end
         end
       else
         # Normal parsing logic
         # For simple cases like gem/rails, there's just the name
-        # For namespaced cases like npm/@babel/core, @babel is namespace, core is name  
+        # For namespaced cases like npm/@babel/core, @babel is namespace, core is name
         if path_components.length == 1
           # Simple case: just type/name
-          name = URI.decode_www_form_component(path_components[0])
+          name = fast_decode(path_components[0])
           namespace = nil
         else
           # Multiple components - assume last is name, others are namespace
-          name = URI.decode_www_form_component(path_components.pop)
-          
+          name = fast_decode(path_components.pop)
+
           # Everything else is namespace
           if path_components.length == 1
-            namespace = URI.decode_www_form_component(path_components[0])
+            namespace = fast_decode(path_components[0])
           else
             # Multiple remaining components - treat as namespace joined together
-            namespace = path_components.map { |part| URI.decode_www_form_component(part) }.join("/")
+            namespace = path_components.map { |part| fast_decode(part) }.join("/")
           end
         end
       end
@@ -223,6 +229,8 @@ module Purl
     #   purl = PackageURL.new(type: "gem", name: "rails", version: "7.0.0")
     #   puts purl.to_s  # "pkg:gem/rails@7.0.0"
     def to_s
+      return @canonical if @canonical
+
       parts = ["pkg:", type.downcase]
       
       if namespace
@@ -236,11 +244,10 @@ module Purl
       parts << "/" << URI.encode_www_form_component(name)
       
       if version
-        # Special handling for version encoding - don't encode colon in certain contexts
         encoded_version = case type&.downcase
         when "docker"
           # Docker versions with sha256: should not encode the colon
-          version.gsub("sha256:", "sha256:")
+          version
         else
           URI.encode_www_form_component(version)
         end
@@ -268,7 +275,7 @@ module Purl
         parts << "?" << query_parts.join("&")
       end
       
-      parts.join
+      @canonical = parts.join.freeze
     end
 
     # Convert the PackageURL to a hash representation
@@ -427,7 +434,7 @@ module Purl
         )
       end
       
-      if type_str.match?(/\A\d/)
+      if type_str.match?(STARTS_WITH_DIGIT)
         raise InvalidTypeError.new(
           "Type cannot start with a number",
           component: :type,
@@ -446,18 +453,15 @@ module Purl
       name_str = name.to_s.strip
       raise InvalidNameError.new("Name cannot contain only whitespace", component: :name, value: name) if name_str.empty?
       
-      # Apply type-specific normalization
-      case @type&.downcase
+      # Apply type-specific normalization (@type is already lowercased)
+      case @type
       when "bitbucket", "github"
         name_str.downcase
       when "pypi"
-        # PyPI names are case-insensitive and _ should be normalized to -
         name_str.downcase.gsub("_", "-")
       when "mlflow"
-        # MLflow name normalization happens after qualifiers are validated
         name_str
       when "composer"
-        # Composer names should be lowercase
         name_str.downcase
       else
         name_str
@@ -482,7 +486,7 @@ module Purl
       
       # Check that decoded namespace segments don't contain '/'
       namespace_str.split("/").each do |segment|
-        decoded_segment = URI.decode_www_form_component(segment)
+        decoded_segment = self.class.fast_decode(segment)
         if decoded_segment.include?("/")
           raise InvalidNamespaceError.new(
             "Namespace segments cannot contain '/' after URL decoding",
@@ -493,12 +497,11 @@ module Purl
         end
       end
       
-      # Apply type-specific normalization
-      case @type&.downcase
+      # Apply type-specific normalization (@type is already lowercased)
+      case @type
       when "bitbucket", "github"
         namespace_str.downcase
       when "composer"
-        # Composer namespaces should be lowercase
         namespace_str.downcase
       else
         namespace_str
@@ -511,10 +514,9 @@ module Purl
       version_str = version.to_s.strip
       return nil if version_str.empty?
       
-      # Apply type-specific normalization
-      case @type&.downcase
+      # Apply type-specific normalization (@type is already lowercased)
+      case @type
       when "huggingface"
-        # HuggingFace versions (git commit hashes) should be lowercase
         version_str.downcase
       else
         version_str
@@ -574,35 +576,28 @@ module Purl
     end
 
     def apply_post_validation_normalization
-      # MLflow names are case sensitive or insensitive based on repository per spec
-      if @type&.downcase == "mlflow" && @qualifiers && @qualifiers["repository_url"] && @qualifiers["repository_url"].include?("azuredatabricks")
+      if @type == "mlflow" && @qualifiers && @qualifiers["repository_url"] && @qualifiers["repository_url"].include?("azuredatabricks")
         # Databricks MLflow is case insensitive - normalize to lowercase per spec
         @name = @name.downcase
       end
       # Other MLflow repositories (like Azure ML) are case sensitive - no normalization needed
     end
 
+    def self.namespace_required_types
+      @namespace_required_types ||= begin
+        config = Purl.load_types_config
+        types = config["types"].select { |_, v| v["namespace_requirement"] == "required" }.keys
+        Set.new(types).freeze
+      end
+    end
+
     def namespace_required_for_type?(type)
       return false unless type
-      
-      # Read from purl-types.json (included in gem)
-      types_data = self.class.purl_types_data
-      type_config = types_data.dig("types", type.downcase)
-      return false unless type_config
-      
-      # Check namespace_requirement field
-      type_config["namespace_requirement"] == "required"
+      self.class.namespace_required_types.include?(type.downcase)
     end
 
     def self.purl_types_data
-      @purl_types_data ||= begin
-        require "json"
-        types_file = File.join(File.dirname(__FILE__), "..", "..", "purl-types.json")
-        JSON.parse(File.read(types_file))
-      rescue
-        # Fallback to empty structure if file can't be read
-        {"types" => {}}
-      end
+      Purl.load_types_config
     end
 
     def self.parse_qualifiers(query_string)

data/lib/purl/registry_url.rb

@@ -7,10 +7,7 @@ module Purl
     # Load registry patterns from JSON configuration
     def self.load_registry_patterns
       @registry_patterns ||= begin
-        # Load extended registry configs
-        config_path = File.join(__dir__, "..", "..", "purl-types.json")
-        require "json"
-        config = JSON.parse(File.read(config_path))
+        config = Purl.load_types_config
         patterns = {}
         
         config["types"].each do |type, type_config|
@@ -44,9 +41,21 @@ module Purl
         end
       end
       
+      # Precompute domain-agnostic regex for from_url with type: hint
+      domain_agnostic_regex = nil
+      if reverse_regex
+        original_source = reverse_regex.source
+        if config["reverse_regex"].start_with?("/")
+          domain_agnostic_regex = Regexp.new("^https?://[^/]+" + config["reverse_regex"])
+        elsif original_source =~ /\^https?:\/\/[^\/]+(.+)$/
+          domain_agnostic_regex = Regexp.new("^https?://[^/]+" + $1)
+        end
+      end
+
       {
         base_url: config["base_url"] || (default_registry ? default_registry + config["path_template"]&.split('/:').first : nil),
         reverse_regex: reverse_regex,
+        domain_agnostic_regex: domain_agnostic_regex,
         pattern: build_generation_lambda(type, config, default_registry),
         reverse_parser: reverse_regex ? build_reverse_parser(type, config) : nil,
         uri_template: config["uri_template"] ? Addressable::Template.new(config["uri_template"]) : nil,
@@ -58,11 +67,7 @@ module Purl
 
     # Load types config (needed for accessing default_registry)
     def self.load_types_config
-      @types_config ||= begin
-        config_path = File.join(__dir__, "..", "..", "purl-types.json")
-        require "json"
-        JSON.parse(File.read(config_path))
-      end
+      Purl.load_types_config
     end
 
     def self.build_generation_lambda(type, config, default_registry = nil)
@@ -294,8 +299,10 @@ module Purl
       new(purl).generate(base_url: base_url)
     end
 
+    SUPPORTED_TYPES = REGISTRY_PATTERNS.keys.sort.freeze
+
     def self.supported_types
-      REGISTRY_PATTERNS.keys.sort
+      SUPPORTED_TYPES
     end
 
     def self.supports?(type)
@@ -307,39 +314,20 @@ module Purl
       if type
         normalized_type = type.to_s.downcase
         config = REGISTRY_PATTERNS[normalized_type]
-        
-        if config && config[:reverse_regex] && config[:reverse_parser]
-          # Create a domain-agnostic version of the regex by replacing the base domain
-          original_regex = config[:reverse_regex].source
-          
-          # For simplified JSON patterns that start with /, create domain-agnostic regex
-          domain_agnostic_regex = nil
-          if original_regex.start_with?("/")
-            # Domain-agnostic pattern - match any domain with this path
-            domain_agnostic_regex = Regexp.new("^https?://[^/]+" + original_regex)
-          else
-            # Legacy full regex pattern
-            if original_regex =~ /\^https?:\/\/[^\/]+(.+)$/
-              path_pattern = $1
-              # Create domain-agnostic regex that matches any domain with the same path structure
-              domain_agnostic_regex = Regexp.new("^https?://[^/]+" + path_pattern)
-            end
-          end
-            
-          if domain_agnostic_regex
-            match = registry_url.match(domain_agnostic_regex)
-            if match
-              parsed_data = config[:reverse_parser].call(match)
-              return PackageURL.new(
-                type: parsed_data[:type],
-                namespace: parsed_data[:namespace],
-                name: parsed_data[:name],
-                version: parsed_data[:version]
-              )
-            end
+
+        if config && config[:domain_agnostic_regex] && config[:reverse_parser]
+          match = registry_url.match(config[:domain_agnostic_regex])
+          if match
+            parsed_data = config[:reverse_parser].call(match)
+            return PackageURL.new(
+              type: parsed_data[:type],
+              namespace: parsed_data[:namespace],
+              name: parsed_data[:name],
+              version: parsed_data[:version]
+            )
           end
         end
-        
+
         # If specified type didn't work, fall through to normal domain-matching logic
       end
       
@@ -368,12 +356,14 @@ module Purl
       
       raise UnsupportedTypeError.new(
         error_message,
-        supported_types: REGISTRY_PATTERNS.keys.select { |k| REGISTRY_PATTERNS[k][:reverse_regex] }
+        supported_types: SUPPORTED_REVERSE_TYPES
       )
     end
 
+    SUPPORTED_REVERSE_TYPES = REGISTRY_PATTERNS.select { |_, config| config[:reverse_regex] }.keys.sort.freeze
+
     def self.supported_reverse_types
-      REGISTRY_PATTERNS.select { |_, config| config[:reverse_regex] }.keys.sort
+      SUPPORTED_REVERSE_TYPES
     end
 
     def self.route_patterns_for(type)

data/lib/purl/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Purl
-  VERSION = "1.7.0"
+  VERSION = "1.8.0"
 end

data/lib/purl.rb

@@ -2,13 +2,6 @@
 
 require_relative "purl/version"
 require_relative "purl/errors"
-require_relative "purl/package_url"
-require_relative "purl/registry_url"
-require_relative "purl/download_url"
-require_relative "purl/lookup"
-require_relative "purl/lookup_formatter"
-require_relative "purl/advisory"
-require_relative "purl/advisory_formatter"
 
 # The main PURL (Package URL) module providing functionality to parse,
 # validate, and generate package URLs according to the PURL specification.
@@ -36,18 +29,49 @@ require_relative "purl/advisory_formatter"
 module Purl
   # Base error class for all PURL-related errors
   class Error < StandardError; end
-  
+
+  # Deep-freeze a parsed JSON structure so callers don't need defensive dups
+  def self.deep_freeze(obj)
+    case obj
+    when Hash
+      obj.each_value { |v| deep_freeze(v) }
+      obj.freeze
+    when Array
+      obj.each { |v| deep_freeze(v) }
+      obj.freeze
+    when String
+      obj.freeze
+    end
+    obj
+  end
+
   # Load PURL types configuration from JSON file
   def self.load_types_config
     @types_config ||= begin
       config_path = File.join(__dir__, "..", "purl-types.json")
       require "json"
-      JSON.parse(File.read(config_path))
+      deep_freeze(JSON.parse(File.read(config_path)))
     end
   end
+end
+
+require_relative "purl/package_url"
+require_relative "purl/registry_url"
+require_relative "purl/download_url"
+require_relative "purl/ecosystems_url"
+require_relative "purl/lookup"
+require_relative "purl/lookup_formatter"
+require_relative "purl/advisory"
+require_relative "purl/advisory_formatter"
+
+module Purl
 
   # Known PURL types loaded from JSON configuration
   KNOWN_TYPES = load_types_config["types"].keys.sort.freeze
+
+  # Set for O(1) lookups
+  require "set"
+  KNOWN_TYPES_SET = Set.new(KNOWN_TYPES).freeze
   
   # Convenience method for parsing PURL strings
   #
@@ -123,7 +147,7 @@ module Purl
   #   Purl.known_type?("gem")     # true
   #   Purl.known_type?("unknown") # false
   def self.known_type?(type)
-    KNOWN_TYPES.include?(type.to_s.downcase)
+    KNOWN_TYPES_SET.include?(type.to_s.downcase)
   end
 
   # Get comprehensive type information including registry support
@@ -144,12 +168,13 @@ module Purl
   #   puts info[:description]  # "Ruby gems from RubyGems.org"
   def self.type_info(type)
     normalized_type = type.to_s.downcase
+    config = type_config(normalized_type)
     {
       type: normalized_type,
       known: known_type?(normalized_type),
-      description: type_description(normalized_type),
-      default_registry: default_registry(normalized_type),
-      examples: type_examples(normalized_type),
+      description: config ? config["description"] : nil,
+      default_registry: config ? config["default_registry"] : nil,
+      examples: config ? (config["examples"] || []) : [],
       registry_url_generation: RegistryURL.supports?(normalized_type),
       reverse_parsing: RegistryURL.supported_reverse_types.include?(normalized_type),
       download_url_generation: DownloadURL.supports?(normalized_type),
@@ -191,8 +216,8 @@ module Purl
   def self.type_config(type)
     config = load_types_config["types"][type.to_s.downcase]
     return nil unless config
-    
-    config.dup # Return a copy to prevent modification
+
+    config
   end
 
   # Get human-readable description for a type

data/purl-types.json

@@ -222,6 +222,7 @@
     "golang": {
       "description": "Go packages",
       "default_registry": "https://pkg.go.dev",
+      "ecosystems_registry": "proxy.golang.org",
       "examples": [
         "pkg:golang/github.com/gorilla/context@234fd47e07d1004f0aed9c",
         "pkg:golang/google.golang.org/genproto#googleapis/api/annotations",
@@ -319,7 +320,8 @@
     "maven": {
       "description": "PURL type for Maven JARs and related artifacts.",
       "default_registry": "https://repo.maven.apache.org/maven2",
-      "namespace_requirement": "required", 
+      "ecosystems_registry": "repo1.maven.org",
+      "namespace_requirement": "required",
       "examples": [
         "pkg:maven/org.apache.commons/commons-lang3@3.12.0",
         "pkg:maven/junit/junit@4.13.2",
@@ -349,6 +351,7 @@
     "npm": {
       "description": "PURL type for npm packages.",
       "default_registry": "https://registry.npmjs.org",
+      "ecosystems_registry": "npmjs.org",
       "namespace_requirement": "optional",
       "examples": [
         "pkg:npm/@babel/core@7.20.0",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: purl
 version: !ruby/object:Gem::Version
-  version: 1.7.0
+  version: 1.8.0
 platform: ruby
 authors:
 - Andrew Nesbitt
@@ -46,6 +46,7 @@ files:
 - lib/purl/advisory.rb
 - lib/purl/advisory_formatter.rb
 - lib/purl/download_url.rb
+- lib/purl/ecosystems_url.rb
 - lib/purl/errors.rb
 - lib/purl/lookup.rb
 - lib/purl/lookup_formatter.rb
@@ -75,7 +76,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 4.0.1
+rubygems_version: 4.0.6
 specification_version: 4
 summary: Parse and convert package urls (purls)
 test_files: []