Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Expose more Details of Purl and Cpe for writing #381

Merged
merged 5 commits into from
Oct 29, 2023
Merged

Conversation

koa
Copy link
Contributor

@koa koa commented Mar 23, 2023

No description provided.

@koa koa requested a review from a team as a code owner March 23, 2023 13:55
@lfrancke
Copy link
Contributor

Hi,
would you mind adding your sign off/DCO as per these instructions?

https://github.com/CycloneDX/cyclonedx-rust-cargo/runs/12224035251

Thank you

koa added 3 commits August 27, 2023 15:31
Signed-off-by: akoenig <[email protected]>
Signed-off-by: akoenig <[email protected]>
Copy link
Contributor

@Shnatsel Shnatsel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs one change, other than that looks good. Thanks!

@@ -60,6 +60,12 @@ impl Validate for Purl {
}
}

impl<'a> From<PackageUrl<'a>> for Purl {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PackageUrl crate currently has version 0.3.0, not 1.0 or something like that. It is likely that they will bump the version frequently. If we provide a From<PackageUrl> implementation, that will expose the PackageUrl type in the public API, and require an incompatible SemVer change to this crate every time the SemVer of PackageUrl is bumped.

Could you provide a FromStr implementation instead?

@Shnatsel
Copy link
Contributor

Thanks! Just needs a signoff with git rebase HEAD~5 --signoff and then git push --force, and I can merge!

@lfrancke lfrancke merged commit 201f225 into CycloneDX:main Oct 29, 2023
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants