refactor: const for purl type pypi (#754)

Signed-off-by: Jan Kowalleck <[email protected]>

cyclonedx_py/_internal/__init__.py

@@ -74,3 +74,6 @@ class PropertyName(Enum):
     # see https://github.com/CycloneDX/cyclonedx-property-taxonomy/blob/main/cdx/pipenv.md
     PipenvCategory = 'cdx:pipenv:category'
     # endregion pipenv
+
+
+PurlTypePypi = 'pypi'

cyclonedx_py/_internal/environment.py

@@ -31,7 +31,7 @@
 from packageurl import PackageURL
 from packaging.requirements import Requirement
 
-from . import BomBuilder, PropertyName
+from . import BomBuilder, PropertyName, PurlTypePypi
 from .cli_common import add_argument_mc_type, add_argument_pyproject
 from .utils.cdx import licenses_fixup, make_bom
 from .utils.packaging import metadata2extrefs, metadata2licenses, normalize_packagename
@@ -236,8 +236,12 @@ def __component_add_extref_and_purl(self, component: 'Component',
             del packagesource_extref
         if packagesource is None or not packagesource.url.startswith('file://'):
             # no purl for locals and unpublished packages
-            component.purl = PackageURL('pypi', name=component.name, version=component.version,
-                                        qualifiers=purl_qs, subpath=purl_subpath)
+            component.purl = PackageURL(
+                type=PurlTypePypi,
+                name=component.name,
+                version=component.version,
+                qualifiers=purl_qs,
+                subpath=purl_subpath)
 
     @staticmethod
     def __py_interpreter(value: str) -> str:

cyclonedx_py/_internal/pipenv.py

@@ -28,7 +28,7 @@
 from cyclonedx.model.component import Component, ComponentType
 from packageurl import PackageURL
 
-from . import BomBuilder, PropertyName
+from . import BomBuilder, PropertyName, PurlTypePypi
 from .cli_common import add_argument_mc_type, add_argument_pyproject
 from .utils.args import arparse_split
 from .utils.cdx import make_bom
@@ -172,11 +172,12 @@ def _make_bom(self, root_c: Optional['Component'],
                         version=package_data['version'][2:] if 'version' in package_data else None,
                         external_references=self.__make_extrefs(package_name, package_data, source_urls),
                     )
-                    component.purl = PackageURL(type='pypi',
-                                                name=component.name,
-                                                version=component.version,
-                                                qualifiers=self.__purl_qualifiers4lock(package_data, source_urls)
-                                                ) if not self.__is_local(package_data) else None
+                    component.purl = PackageURL(
+                        type=PurlTypePypi,
+                        name=component.name,
+                        version=component.version,
+                        qualifiers=self.__purl_qualifiers4lock(package_data, source_urls)
+                    ) if not self.__is_local(package_data) else None
                     self._logger.info('add component for package %r', package_name)
                     self._logger.debug('add component: %r', component)
                     bom.components.add(component)

cyclonedx_py/_internal/poetry.py

@@ -30,7 +30,7 @@
 from cyclonedx.model.dependency import Dependency
 from packageurl import PackageURL
 
-from . import BomBuilder, PropertyName
+from . import BomBuilder, PropertyName, PurlTypePypi
 from .cli_common import add_argument_mc_type
 from .utils.cdx import make_bom
 from .utils.packaging import normalize_packagename
@@ -417,11 +417,12 @@ def __make_component4lock(self, package: 'T_NameDict') -> 'Component':
                     value=source['resolved_reference']
                 ) if is_vcs and 'resolved_reference' in source else None,
             ]),
-            purl=PackageURL(type='pypi',
-                            name=package['name'],
-                            version=package['version'],
-                            qualifiers=self.__purl_qualifiers4lock(package)
-                            ) if not is_local else None
+            purl=PackageURL(
+                type=PurlTypePypi,
+                name=package['name'],
+                version=package['version'],
+                qualifiers=self.__purl_qualifiers4lock(package)
+            ) if not is_local else None
         )
 
     def __purl_qualifiers4lock(self, package: 'T_NameDict') -> 'T_NameDict':

cyclonedx_py/_internal/requirements.py

@@ -29,7 +29,7 @@
 from packageurl import PackageURL
 from pip_requirements_parser import RequirementsFile  # type:ignore[import-untyped]
 
-from . import BomBuilder, PropertyName
+from . import BomBuilder, PropertyName, PurlTypePypi
 from .cli_common import add_argument_mc_type, add_argument_pyproject
 from .utils.cdx import make_bom
 from .utils.io import io2file
@@ -218,7 +218,9 @@ def _make_component(self, req: 'InstallRequirement',
             name=name or 'unknown',
             version=version,
             purl=PackageURL(
-                type='pypi', name=req.name, version=version,
+                type=PurlTypePypi,
+                name=req.name,
+                version=version,
                 qualifiers=purl_qualifiers
             ) if not is_local and name else None,
             external_references=external_references,