Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[gomod] Propagate the effect of the 'goproxy_url' config option to SBOM #577

Open
eskultety opened this issue Jul 18, 2024 · 0 comments
Open

[gomod] Propagate the effect of the 'goproxy_url' config option to SBOM #577

eskultety opened this issue Jul 18, 2024 · 0 comments
Labels
bug Something isn't working gomod Pull requests/issues related to the gomod handling module my first issue Good for newcomers

Comments

@eskultety
Copy link
Member

If consumers use a private goproxy, then without formatting it to the PURL the generic package locator is not accurate to describe the package location.
The PURL spec sadly doesn't mention anything that would be even remotely related to what we need here with repository_url/download_url being the closest having a different meaning.
We'll probably have to come up with a custom qualifier, i.e. proxy to denote that a proxy was used to locate the package given its identifier.
@eskultety eskultety added the bug Something isn't working label Jul 18, 2024
@eskultety eskultety added my first issue Good for newcomers gomod Pull requests/issues related to the gomod handling module labels Sep 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working gomod Pull requests/issues related to the gomod handling module my first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eskultety