Is your feature request related to a problem? Please describe.
Right now only GroupId, ArtifactId, and Version are used as unique identifiers. Without Type, we can have duplications (especially during uploads). This may lead to problems the larger the database gets. This is to distinguish the type "jar" and "py" or other files.
Describe the solution you'd like
The "type" information is included in the BOM files (CycloneDX). In some cases, it may be missing though (e.g. Tern where it should be "Docker").
Describe alternatives you've considered
N/A
Additional context
A decision needs to be made on how to handle the data coming from the BOM file in case the "type" is not available for some reason.
Is your feature request related to a problem? Please describe. Right now only GroupId, ArtifactId, and Version are used as unique identifiers. Without Type, we can have duplications (especially during uploads). This may lead to problems the larger the database gets. This is to distinguish the type "jar" and "py" or other files.
Describe the solution you'd like The "type" information is included in the BOM files (CycloneDX). In some cases, it may be missing though (e.g. Tern where it should be "Docker").
Describe alternatives you've considered N/A
Additional context A decision needs to be made on how to handle the data coming from the BOM file in case the "type" is not available for some reason.