Open benmss opened 4 months ago
The PackageURL spec includes a list of requirements for a type to be considered valid:
type
The package type is composed only of ASCII letters and numbers, '.', '+' and '-' (period, plus, and dash)
The type cannot start with a number
Therefore, the following should not be possible:
PackageURL.from_string("pkg:111_^5/example") PackageURL(type='111_^5', namespace=None, name='example', version=None, qualifiers={}, subpath=None)
Spec taken from: https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst
The PackageURL spec includes a list of requirements for a
typeto be considered valid:Therefore, the following should not be possible:
Spec taken from: https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst