DJC: Ensure that we can run a scan from a PURL in DejaCode

[pombredanne]

When we get results from a front-end ScanCode.io, we may have only PURLs, with little to no extra data.
In particular we may miss the download URL in "skinny" scan results from the "inspect package" pipeline.

PurlDB knows how to collect metadata and run scans on the archives of a package using a PURL input. We need the same from DejaCode.

[DennisClark]

This may require accessing data in private repos.

[tdruez]

PR #133 introduces support for PURLs in the "Add Package" feature.

One or more PURL(s) can be submitted in place, or along download URL(s) in the "Add Package" modal.

If the PURL type is supported by the packageurl library purl2url, a download URL will be generated for creating the package and submitting a scan. If the download URL cannot be determined, the package is still created.

The second improvement is the addition of PurlDB lookup during the Add Package process.
Regardless if a Download URL or a PURL is provided, the PurlDB will be use to find the existing package there, and will use all the available data from the PurlDB to create the package.

[DennisClark]

@tdruez I tried a couple of PURLs from the PurlDB to add a new package but keep getting "Error: error" on the submission form. Please see attached screenshot.

[tdruez]

@DennisClark I cannot reproduce the error on my side, the Packages are successfully added.
Could you try to refresh your browser cache just in case?

[DennisClark]

@tdruez Success! browser cache refreshed (which I thought I had done earlier, but never mind) and creating a new package from a PURL went quickly and smoothly. Looks good to me.

[DennisClark]

@tdruez I also verified that the Add Package from a PURL will not create a duplicate Package if it already exists.

[tdruez]

Feature merged and deployed.