search

google / deps.dev

Resources for the deps.dev API
https://deps.dev
Apache License 2.0
230 stars 16 forks source link

purlLookupBatch Fails Entire Batch If Any Repo Is Missing #96

Open nathannaveen opened 4 days ago

nathannaveen commented 4 days ago

Hi, we at GUAC https://github.com/guacsec/guac are trying to use new API, deps.dev/api/v3alpha, but there seams to be an issue with the purlLookupBatch.

If any of the repos passed to the batch request aren't contained in the deps.dev database, the entire batch query returns nil.

So the only way to check whether a purl is contained in the deps.dev database is to manually do a purlLookup for each individual purl. If we do this, we don't really need to use the purlLookupBatch functionality.

sarnesjo-google commented 4 days ago

Hi @nathannaveen!

Do you have an example of a batch that reproduces this issue?

Also, please note that not all purl types are supported (docs):

Supported values for type are cargo, golang, maven, npm, nuget and pypi.