Enable encoding of Maven registries.

ossf / osv-schema

Open Source Vulnerability schema.

https://ossf.github.io/osv-schema/

Apache License 2.0

182 stars 79 forks source link

Enable encoding of Maven registries. #231

Closed oliverchang closed 6 months ago

oliverchang commented 7 months ago

Fixes #208.

oliverchang commented 7 months ago

@darakian @cuixq for review as well.

cuixq commented 7 months ago

LGTM!

oliverchang commented 7 months ago

Thanks @cuixq and @chrisbloom7 :)

@darakian do you have any comments on this? Wanted to hear your thoughts also.

darakian commented 7 months ago

@oliverchang, sorry for the delay. My only comment is that I think it's worth adding a fully formed example for an alternate registry. Using the first artifact I see on maven.google.com; I believe this could be Maven:maven.google.com/android.arch.core:common

Otherwise, looks good to me 👍

oliverchang commented 6 months ago

@oliverchang, sorry for the delay. My only comment is that I think it's worth adding a fully formed example for an alternate registry. Using the first artifact I see on maven.google.com; I believe this could be Maven:maven.google.com/android.arch.core:common

Otherwise, looks good to me 👍

Thanks! Hm, the group ID / artifact ID is not part of the ecosystem string here. It's instead part of the name field. Perhaps I could clarify that the name is in the groupID:artifactID format ?