Open prabhu opened 4 months ago
The vers specification is lacking some guidance regarding version specifiers with problematic symbols such as brackets.
https://github.com/package-url/purl-spec/blob/master/VERSION-RANGE-SPEC.rst
Example:
vers:foo/<=2.0\(0.249\) vers:foo/!=10.4\(2\) vers:foo/>2.1\(0.474\)|<2.2\(1.145\)
NVD feeds escapes such characters with a double slash. We currently store them escaped with a single slash, but not sure what the correct approach must be.
The vers specification is lacking some guidance regarding version specifiers with problematic symbols such as brackets.
https://github.com/package-url/purl-spec/blob/master/VERSION-RANGE-SPEC.rst
Example:
NVD feeds escapes such characters with a double slash. We currently store them escaped with a single slash, but not sure what the correct approach must be.