purl for datatables incorrect - Githubissues

RetireJS / retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

https://retirejs.github.io/retire.js/

Other

3.6k stars 412 forks source link

purl for datatables incorrect #413

Closed rashmimehta300 closed 1 year ago

rashmimehta300 commented 1 year ago

Retire.js version: (retire --version): 4.3.1

node version: (node --version): 18.13.0

Description: purl in cyclonedxBOM is incorrect pkg:npm/datatables@1.13.4 Expected behaviour: purl in cyclonedxBOM should be pkg:npm/datatables.net@1.13.4

If this is a false positive or false negative:

How did you run the tool? Command line? Browser extension?
Can you provide a link to the file(s) containing the libraries?
Are the libraries bundeled with a minifier? If so which one?