Switched to the direct API rather than the purl lookup

The purl lookup was much slower. Needs more work to turn a purl into an ecosyste.ms registry and name. Currently hardcoded to npm and doesn't work with namespaced packages.
snyk · Apr 19, 2023 · 0c71516 · 0c71516
1 parent 61be7d3
commit 0c71516
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -28,7 +28,7 @@ Not a comprehensive list, but a few things that need work if we want to share mo
 * Map ecosyste.ms data to CycloneDX schema
 * Enrichment using other backends, eg. ClearlyDefined or deps.dev
 * UI for `enrich` command
-* Investigate package lookup performance, maybe swap to use the direct API vs the purl lookup
+* Currently hardcoded to npm, as the purl ecostste.ms API is slow. Just needs mapping purl types to ecosyste.ms registries/names
 
 ## Ecosyste.ms utilities
 

diff --git a/internal/commands/enrich.go b/internal/commands/enrich.go
@@ -51,7 +51,8 @@ func NewEnrichCommand(logger *log.Logger) *cobra.Command {
 					update := query(purl)
 					logger.Printf("Looking up: %s", i)
 					// TODO catch out of range error in runtime
-					component.Description = *(*update.JSON200)[0].Description
+					component.Description = *(*update.JSON200).Description
+
 					newcs = append(newcs, component)
 				}(component.PackageURL)
 			}
@@ -66,7 +67,7 @@ func NewEnrichCommand(logger *log.Logger) *cobra.Command {
 	return &cmd
 }
 
-func query(i packageurl.PackageURL) packages.LookupPackageResponse {
+func query(i packageurl.PackageURL) packages.GetRegistryPackageResponse {
 	resp, err := parlay.GetPackageData(i)
 	if err != nil {
 		panic(err)