-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate Package managers #93
Conversation
- Fetch all versions for a given PURL Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@keshav-space I've left some suggestions to avoid accessing a dictionary multiple times for the same key-value pair.
https://crates.io/policies#crawlers Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
4fbba5e
to
6faf263
Compare
Thanks @JonoYang, made changes as per your suggestions. |
LGTM... we need to find a better name for this module, may be "package_versions.py" for now? Beyond this we need to have a better design. Here are some thoughts (to track in new issue(s)):
We also need to make the migration for VulnerableCode with this new code. Can you start a PR in parallel so we avoid duplicating code. In VCIO you could use a temp requirements in setup.cfg such as |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. See fedback
Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
Signed-off-by: Keshav Priyadarshi <[email protected]>
a314803
to
128d8bc
Compare
package_managers.py is now renamed to
We're tracking this here: aboutcode-org/purldb#233
Added PR for this here: aboutcode-org/vulnerablecode#1354 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@keshav-space I left some comments regarding adding comments or docstring tests.
Signed-off-by: Keshav Priyadarshi <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@keshav-space I think this looks good!
This PR migrates existing package managers code in VulnerableCode to FetchCode, also refactor and streamline the consumption using purl router.