Skip to content

Refine Purl type schema #514

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pombredanne merged 150 commits into from
Jul 26, 2025
Merged

Refine Purl type schema #514

pombredanne merged 150 commits into from
Jul 26, 2025

Conversation

@pombredanne
Copy link
Member

@pombredanne pombredanne commented Jul 2, 2025
edited
Loading

This PR refines the schema for:

on top of @stevespringett PR:

Key changes:

  • Use a flatter structure with less nesting
  • Use more verbose name for each attribute
  • Add new schema for tests
  • Clarify that regex patterns are using ECMA262 as specified in the JONS schema spec
  • Convert all PURL types to valid definition JSON
  • Convert all PURL tests to valid test JSON.
  • All tests that cover all the PURL types
  • Updated scripts and add Makefile with test and formatting targets

stevespringett and others added 12 commits March 1, 2025 09:59
@stevespringett
Initial check-in of purl type definition support
b65812b 
Signed-off-by: Steve Springett <steve@springett.us>
@stevespringett
Added index and doc generation
d5d170e 
Signed-off-by: Steve Springett <steve@springett.us>
@stevespringett
Removed description from index and added note to all docs
4e5ae33 
Signed-off-by: Steve Springett <steve@springett.us>
@stevespringett
Updated Maven definition
532f7d2 
Signed-off-by: Steve Springett <steve@springett.us>
@stevespringett
Simplified case normalization
d13aefd 
Signed-off-by: Steve Springett <steve@springett.us>
@stevespringett
Added npm definition
950dc67 
Signed-off-by: Steve Springett <steve@springett.us>
@stevespringett
Added auto-generated files - these will be overwritten once the GitHu…
aa5fb80 
…b action is activated.

Signed-off-by: Steve Springett <steve@springett.us>
@stevespringett
Added SWID definition
59347ce 
Signed-off-by: Steve Springett <steve@springett.us>
@pombredanne
Change README files case
e1833aa 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Remove description from the index
305664c 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Remove URL from index.
254c0b3 
We only need a list of types and I find it less brittle avoiding to
hardcode URLs.

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve JSON schema definition
3ba7bf9 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne pombredanne marked this pull request as draft July 2, 2025 15:37
@giterlizzi giterlizzi mentioned this pull request Jul 2, 2025
Open
@mjherzog mjherzog added this to the PURL Ecma-Standard v0.90 milestone Jul 2, 2025
@mjherzog mjherzog added 1 high priority Ecma standard Part of the Ecma standard for PURL labels Jul 2, 2025
mjherzog
mjherzog reviewed Jul 2, 2025
View reviewed changes
@pombredanne
Update schemas to separate tests
5c1e926 
Also ensure theta schemas are valid and formatted

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
This was referenced Jul 9, 2025
Closed
Closed
pombredanne and others added 9 commits July 13, 2025 09:19
@pombredanne
Improve schemas
1e154c8 
* Ensure all schemas are valid and formatted
* Organize properties fields in a consistent manner: title, description,
  type.
* Add title to all property definitions

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Refine .ignore
d305de2 
Ignore Python artifacts

Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
@pombredanne
Move doc script to etc/ directory
4c3b4e6 
Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
@pombredanne
Make license text usable as a code header
6a92f1c 
Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
@pombredanne
Rename purl-type.schema.json
f5f3ab4 
Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
@pombredanne
Rename index to plural
d564f48 
This is for many types

Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
@pombredanne
Rename definition with a proper name suffix
95ceb9e 
This ensure we can distinguish a definition, a test and an index JSON
file with a simple glob. This helps with making processing simple.

Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
@pombredanne
Refine schema organization
3816f76 
Also migrate existing defintions to new schema

Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
@pombredanne
Add new Makefile and dev doc
2f4f849 
This enable the validation of schemas and instances with make check
Next this will also allow for CI checks.

Signed-off-by: Philippe Ombredanne <pombredanne@aboutcode.org>
This was referenced Jul 26, 2025
Open
Draft
Closed
Open
@ppkarwasz ppkarwasz mentioned this pull request Jul 27, 2025
Closed
This was referenced Jul 27, 2025
Closed
Open
This was referenced Jul 28, 2025
Closed
Closed
Closed
@darakian darakian mentioned this pull request Jul 28, 2025
Merged
darakian added a commit to darakian/purl-spec that referenced this pull request Jul 28, 2025
@darakian
Replace Known with Registered for purl types
919af8b 
Based on the comment here
package-url#514 (comment)
the word choice when listing purl types should be changed from known to registered.
@darakian darakian mentioned this pull request Jul 28, 2025
Merged
giterlizzi added a commit to giterlizzi/perl-URI-PackageURL that referenced this pull request Jul 28, 2025
@giterlizzi
Added support for official tests
c810959 
package-url/purl-spec#514
@giterlizzi giterlizzi mentioned this pull request Jul 29, 2025
Closed
jkowalleck
jkowalleck reviewed Jul 30, 2025
View reviewed changes
test-suite-data.json
Copy link
Member

@jkowalleck jkowalleck Jul 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this file was referenced here:

purl-spec/PURL-SPECIFICATION.rst

Lines 515 to 518 in 395319f

To support the language-neutral testing of ``purl`` implementations, a test suite
is provided as JSON document named ``test-suite-data.json``. This JSON document
contains an array of objects. Each object represents a test with these key/value
pairs some of which may not be normalized:

the reference need to change.

@jkowalleck jkowalleck mentioned this pull request Jul 30, 2025
Closed
@mjherzog
Copy link
Member

mjherzog commented Jul 30, 2025

@jkowalleck We are planning a major PR to replace PURL-SPECIFICATION.rst with more granular documentation files (markdown format) and clean up obsolete references like this. See #520 for an explanation of the target structure.

@jkowalleck jkowalleck mentioned this pull request Jul 31, 2025
Closed
2 tasks
@johnmhoran johnmhoran mentioned this pull request Aug 1, 2025
Closed
@hv-singh hv-singh mentioned this pull request Aug 21, 2025
Open
@jkowalleck jkowalleck mentioned this pull request Oct 1, 2025
Merged
This was referenced Oct 5, 2025
Closed
Closed
@mjherzog mjherzog mentioned this pull request Oct 30, 2025
Closed
@YanWittmann YanWittmann mentioned this pull request Nov 13, 2025
Open
@mjherzog mjherzog mentioned this pull request Nov 21, 2025
Open
chenrui333 added a commit to chenrui333/purl-spec that referenced this pull request Jan 31, 2026
@chenrui333
feat: Add Homebrew (brew) PURL type definition
19609ac 
Introduce `pkg:brew` as a registered PURL type using the post-package-url#514
JSON type-definition framework.

Key design decisions:
- version: optional (matches real-world usage like pkg:brew/go)
- namespace: optional (represents Homebrew tap, e.g., homebrew/core)
- qualifier: repository_url (consistent with docker, oci types)
- @ encoding: formula names with @ (e.g., postgresql@12) use %40

Test cases cover:
- Simple formula with/without version
- Versioned formulas with @ in name (percent-encoding)
- Namespace (tap) usage for homebrew/core, homebrew/cask
- Third-party taps with repository_url qualifier

Real-world usage validated against:
- Homebrew/brew (official sbom.rb)
- anchore/syft
- endoflife.date (versionless purls)

Signed-off-by: Rui Chen <rui@chenrui.dev>
@chenrui333 chenrui333 mentioned this pull request Jan 31, 2026
Open
chenrui333 added a commit to chenrui333/purl-spec that referenced this pull request Jan 31, 2026
@chenrui333
Add Homebrew (brew) PURL type definition
58a0813 
Introduce `pkg:brew` as a registered PURL type using the post-package-url#514
JSON type-definition framework.

Key design decisions:
- version: optional (matches real-world usage like pkg:brew/go)
- namespace: optional (represents Homebrew tap, e.g., homebrew/core)
- qualifier: repository_url (consistent with docker, oci types)
- @ encoding: formula names with @ (e.g., postgresql@12) use %40

Test cases cover:
- Simple formula with/without version
- Versioned formulas with @ in name (percent-encoding)
- Namespace (tap) usage for homebrew/core, homebrew/cask
- Third-party taps with repository_url qualifier

Real-world usage validated against:
- Homebrew/brew (official sbom.rb)
- anchore/syft
- endoflife.date (versionless purls)

Signed-off-by: Rui Chen <rui@chenrui.dev>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkowalleck jkowalleck jkowalleck requested changes

@mjherzog mjherzog mjherzog approved these changes

@stevespringett stevespringett stevespringett approved these changes

@mrutkows mrutkows Awaiting requested review from mrutkows

@johnmhoran johnmhoran Awaiting requested review from johnmhoran

@ppkarwasz ppkarwasz Awaiting requested review from ppkarwasz

+2 more reviewers

@darakian darakian darakian left review comments

@matt-phylum matt-phylum matt-phylum left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

1 high priority Ecma standard Part of the Ecma standard for PURL

Projects

None yet

Milestone

PURL Ecma-Standard v1.0

Development

Successfully merging this pull request may close these issues.

8 participants

@pombredanne @mjherzog @jkowalleck @darakian @stevespringett @ppkarwasz @matt-phylum