Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ and nexB for https://www.aboutcode.org/ Chat is at https://gitter.im/aboutcode-org/discuss
Working on fetchcode/package.py and related files for the metadata command output data, including adding cocoapods download support, I have used the api_url key for one of the three cocoapods podspec URLs:
Most cocoapods seem to have a GitHub repo, and thus my use of api_url for cocoapods podspec files prevents using that key for the "https://api.github.com/repos" JSON data (if available). The only other URL key I see that perhaps could be used by cocoapods PURLs is api_data_url. I don't recall seeing any info() output where api_data_url had a value, but maybe I missed it.
An example of a cocoapod with a podspec URL and a "https://api.github.com/repos" JSON file:
Is there a preferred set of keys to use for cocoapods that have both a podspec URL and a GitHub repo (and thus might also have "https://api.github.com/repos" data)?
Working on fetchcode/package.py and related files for the
metadata
command output data, including adding cocoapods download support, I have used theapi_url
key for one of the three cocoapods podspec URLs:f"https://raw.githubusercontent.com/CocoaPods/Specs/master/Specs/{hashed_path}/{name}/{tag}/{name}.podspec.json"
Some (many?) PURLs with a GitHub repo define their
api_url
key using the"https://api.github.com/repos"
path which leads to JSON data, e.g.,Most cocoapods seem to have a GitHub repo, and thus my use of
api_url
for cocoapods podspec files prevents using that key for the"https://api.github.com/repos"
JSON data (if available). The only other URL key I see that perhaps could be used by cocoapods PURLs isapi_data_url
. I don't recall seeing any info() output whereapi_data_url
had a value, but maybe I missed it.An example of a cocoapod with a podspec URL and a
"https://api.github.com/repos"
JSON file:pkg:cocoapods/ZendeskSDK@4.0.1
Is there a preferred set of keys to use for cocoapods that have both a podspec URL and a GitHub repo (and thus might also have
"https://api.github.com/repos"
data)?