search

package-url / purl-spec

A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
https://github.com/package-url/purl-spec
Other
680 stars 157 forks source link

Alpine/apk package type? #159

Closed rnjudge closed 1 year ago

rnjudge commented 2 years ago

Alpine/apk is a popular packaging format, yet there is no entry for this in the purl spec. According to https://ossindex.sonatype.org/component/pkg:alpine/ there is an expected method for entering purls for alpine packages. For example, pkg:alpine/libxml2 seems to be the preferred way compared to pkg:apk/alpine/libxml2 but I can't seem to find any justification for this in the purl repo or from ossindex.

Is there a reason the purl spec does not have an entry for alpine packages yet? If ossindex is supporting the alpine purl then it seems necessary to also have this as a supported type in the purl repo.

stevespringett commented 2 years ago

The Alpine apk purl type has not yet been defined. It's currently under consideration. Refer to https://github.com/package-url/purl-spec/blob/master/PURL-TYPES.rst. If you'd like to help us define the purl type, it would be most appreciated.

apk was not chosen due to a known conflict with Android which also uses the term apk.

Foxboron commented 2 years ago

Please see https://github.com/package-url/purl-spec/pull/171

afaik Andoid is moving away from using apk to use aab in the future so this conflict should not be an issue I think.

rnjudge commented 1 year ago

apk has been added to the purl spec, so we can close this issue :) Thanks!