search

aboutcode-org / purldb

Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ and nexB for https://www.aboutcode.org/ Chat is at https://gitter.im/aboutcode-org/discuss
https://purldb.readthedocs.io/
35 stars 23 forks source link

Improve package collection request queue logic #502

Closed JonoYang closed 4 months ago

JonoYang commented 4 months ago

It would be good to set priority of when packages get collected/scanned depending on the input purl.

In the case where the user uses the collect endpoint (GET /api/collect/?purl=pkg:npm/asdf@1.0.2), we would add pkg:npm/asdf@1.0.2 to the top of the priority and scan queue. In the case of the /api/collect/index_packages/ endpoint, the purls with exact versions will be at the top of the priority and scan queue. The purls that do not have versions specified will be added at the end of both queues and processed first-in first-out.

JonoYang commented 4 months ago

This has been merged into main