Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

extend project URLs -> external references #800

Open
jkowalleck opened this issue Sep 25, 2024 · 0 comments
Open

extend project URLs -> external references #800

jkowalleck opened this issue Sep 25, 2024 · 0 comments
Labels
enhancement New feature or request good first issue Good for newcomers hacktoberfest help wanted Extra attention is needed

Comments

@jkowalleck
Copy link
Member

jkowalleck commented Sep 25, 2024

Is your feature request related to a problem? Please describe.

This tool detects project URLs and emits them in the SBOM results as "external references".
The URL types are detected based on patterns - see

__known_ulr_labels: Dict[str, ExternalReferenceType] = {
# see https://peps.python.org/pep-0345/#project-url-multiple-use
# see https://github.com/pypi/warehouse/issues/5947#issuecomment-699660629
'bugtracker': ExternalReferenceType.ISSUE_TRACKER,
'issuetracker': ExternalReferenceType.ISSUE_TRACKER,
'issues': ExternalReferenceType.ISSUE_TRACKER,
'bugreports': ExternalReferenceType.ISSUE_TRACKER,
'tracker': ExternalReferenceType.ISSUE_TRACKER,
'home': ExternalReferenceType.WEBSITE,
'homepage': ExternalReferenceType.WEBSITE,
'download': ExternalReferenceType.DISTRIBUTION,
'documentation': ExternalReferenceType.DOCUMENTATION,
'docs': ExternalReferenceType.DOCUMENTATION,
'changelog': ExternalReferenceType.RELEASE_NOTES,
'changes': ExternalReferenceType.RELEASE_NOTES,
# 'source': ExternalReferenceType.SOURCE-DISTRIBUTION,
'repository': ExternalReferenceType.VCS,
'github': ExternalReferenceType.VCS,
'chat': ExternalReferenceType.CHAT,
}

it appears that PyPI also documented the way they detect URL types: https://docs.pypi.org/project_metadata/#icons

It would be great if the PyPI heuristics could be applied, too.

Describe the solution you'd like

Have the heuristics from PyPI apply to URL type detections, so that emitted external references follow the de facto standards, too.

These heuristics work on the URL name, as well on the URL itself.

Additional context

PyPI's type classification according to https://docs.pypi.org/project_metadata/#icons

@jkowalleck jkowalleck added enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers hacktoberfest labels Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request good first issue Good for newcomers hacktoberfest help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

1 participant