search

nexB / purldb

Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ and nexB for https://www.aboutcode.org/ Chat is at https://gitter.im/aboutcode-org/discuss
https://purldb.readthedocs.io/
29 stars 20 forks source link

Add endpoint to create or update a package set #205 #346

Closed 404-geek closed 4 months ago

404-geek commented 4 months ago

I have crafted an api for updating a package set with purl entry.

Below is the approach which I have taken.

Take a list of packages (where each item is a dictionary containing PURL and content_type).

If uuid is given then all purls will be added to package set if it exists else a new set would be created and all the purls will be added to that new set.

Note: There is also a slight addition to the logic where a purl already exists in the database and so there are no changes done to the purl entry it is passed as it is.

Request example:

{
          "purls": [
            {"purl": "pkg:npm/less@1.0.32", "content_type": 1}
          ],
          "uuid" : "b67ceb49-1538-481f-a572-431062f382gg"
        }

Please feel free to suggest any changes to the approach or if anything false has been assumed/coded.

pombredanne commented 4 months ago

Thanks! Please add a DCO signoff and take the time to read https://aboutcode.readthedocs.io/en/latest/contributing/writing_good_commit_messages.html