Fixes for deb #636
Fixes for deb #636
Conversation
prabhu
commented
Aug 23, 2025
prabhu
commented
- Corrected Typos: The non-standard attribute is_case_sensitve has been corrected to the standard case_sensitive in both the namespace_definition and name_definition.
- Defined Requirements: The name_definition and version_definition are now correctly marked as "required", as they are mandatory components for a valid deb purl.
- Added Normalization Rules: To programmatically enforce the lowercasing requirement, normalization_rules have been added to both the namespace_definition and name_definition.
- Expanded Qualifiers: The qualifiers_definition has been updated to include the distro and repository_url keys. The requirement for all qualifiers has been explicitly set to "optional".
Signed-off-by: Prabhu Subramanian <[email protected]>
| "case_sensitive": false, | ||
| "note": "The name is not case sensitive and must be lowercased.", | ||
| "normalization_rules": [ | ||
| "It is not case sensitive and must be lowercased." | ||
| ] |
There was a problem hiding this comment.
| "case_sensitive": false, | |
| "note": "The name is not case sensitive and must be lowercased.", | |
| "normalization_rules": [ | |
| "It is not case sensitive and must be lowercased." | |
| ] | |
| "case_sensitive": true |
The name is case sensitive and must not be lowercased.
root@96d7edba8206:/# apt install COWSAY
Error: Unable to locate package COWSAY
root@96d7edba8206:/# apt install cowsay
Installing:
cowsay
Installing dependencies:
libgdbm-compat4t64 libgdbm6t64 libperl5.40 libtext-charwidth-perl netbase perl perl-modules-5.40
Suggested packages:
filters gdbm-l10n perl-doc | libterm-readline-perl-perl libtap-harness-archive-perl
cowsay-off sensible-utils libterm-readline-gnu-perl make
Summary:
Upgrading: 0, Installing: 8, Removing: 0, Not Upgrading: 0
Download size: 7596 kB
Space needed: 53.6 MB / 68.9 GB available
Continue? [Y/n]
| { | ||
| "key": "distro", | ||
| "requirement": "optional", | ||
| "description": "The distribution name, codename, or suite." | ||
| }, |
There was a problem hiding this comment.
The distribution name is already in the namespace. If there is going to be a distribution in the qualifier there needs to be a clear explanation of how these are different and what it means when there is or is not a value here.
| { | ||
| "key": "repository_url", | ||
| "requirement": "optional", | ||
| "description": "Base URL for the package repository." |
There was a problem hiding this comment.
If apt is going to have a repository URL description then it should have more definition than this because the way packages are arranged is more complicated than in other package types. If a package is in http://deb.debian.org/debian-security suite trixie-security, what is the value for repository_url? Where does the trixie-security part go? Is that what's supposed to go in distro? If that's the distro value then either it needs very clear disambiguation or it needs to be renamed to not be distro so people don't put "debian" or "ubuntu" (what people typically think of as a Linux distro) there.
|
Needs to be rebased as of #640 |
3 participants
