Skip to content

Commit

Permalink
chore: relax urlencoding on purl qualifier values
Browse files Browse the repository at this point in the history
  • Loading branch information
@ctron
ctron committed Jan 17, 2025
1 parent 99002aa commit 3f0d86a
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 14 deletions.
39 changes: 34 additions & 5 deletions common/src/purl.rs
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use packageurl::PackageUrl;
use percent_encoding::{utf8_percent_encode, NON_ALPHANUMERIC};
use percent_encoding::{utf8_percent_encode, AsciiSet, CONTROLS};
use serde::{
de::{Error, Visitor},
Deserialize, Deserializer, Serialize, Serializer,
Expand Down Expand Up @@ -143,6 +143,35 @@ impl Visitor<'_> for PurlVisitor {
}
}

const QUERY_ENCODE_SET: &AsciiSet = &CONTROLS
.add(b' ') // Space must be encoded as %20 or +.
.add(b'"') // Double quote
.add(b'#') // Fragment identifier
.add(b'<') // Less than
.add(b'>') // Greater than
.add(b'[') // Left square bracket
.add(b']') // Right square bracket
.add(b'{') // Left curly brace
.add(b'}') // Right curly brace
.add(b'|') // Pipe
.add(b'\\') // Backslash
.add(b'^') // Caret
.add(b'`') // Backtick
.add(b'~') // Tilde
.add(b'@') // At sign
.add(b'!') // Exclamation mark
.add(b'$') // Dollar sign
.add(b'&') // Ampersand
.add(b'\'') // Single quote
.add(b'(') // Left parenthesis
.add(b')') // Right parenthesis
.add(b'*') // Asterisk
.add(b'+') // Plus
.add(b',') // Comma
.add(b';') // Semicolon
.add(b'=') // Equals
.add(b'%'); // Percent itself.

impl Display for Purl {
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
let ns = if let Some(ns) = &self.namespace {
Expand All @@ -158,7 +187,7 @@ impl Display for Purl {
"?{}",
self.qualifiers
.iter()
.map(|(k, v)| format!("{}={}", k, utf8_percent_encode(v, NON_ALPHANUMERIC)))
.map(|(k, v)| format!("{}={}", k, utf8_percent_encode(v, QUERY_ENCODE_SET)))
.collect::<Vec<_>>()
.join("&")
)
Expand Down Expand Up @@ -251,7 +280,7 @@ mod tests {
async fn purl_oci() -> Result<(), anyhow::Error> {
let purl: Purl = serde_json::from_str(
r#"
"pkg:oci/ose-cluster-network-operator@sha256:0170ba5eebd557fd9f477d915bb7e0d4c1ad6cd4c1852d4b1ceed7a2817dd5d2?repository_url=registry.redhat.io%2Fopenshift4%2Fose%2Dcluster%2Dnetwork%2Doperator&tag=v4%2E11%2E0%2D202403090037%2Ep0%2Eg33da9fb%2Eassembly%2Estream%2Eel8"
"pkg:oci/ose-cluster-network-operator@sha256:0170ba5eebd557fd9f477d915bb7e0d4c1ad6cd4c1852d4b1ceed7a2817dd5d2?repository_url=registry.redhat.io/openshift4/ose-cluster-network-operator&tag=v4.11.0-202403090037.p0.g33da9fb.assembly.stream.el8"
"#,
)
.unwrap();
Expand All @@ -274,12 +303,12 @@ mod tests {
Some(&"v4.11.0-202403090037.p0.g33da9fb.assembly.stream.el8".to_string())
);

let purl: Purl = "pkg:oci/ose-cluster-network-operator@sha256:0170ba5eebd557fd9f477d915bb7e0d4c1ad6cd4c1852d4b1ceed7a2817dd5d2?repository_url=registry%2Eredhat%2Eio%2Eopenshift4%2Eose%2Dcluster%2Dnetwork%2Doperator&tag=v4%2E11%2E0%2D202403090037%2Ep0%2Eg33da9fb%2Eassembly%2Estream%2Eel8".try_into()?;
let purl: Purl = "pkg:oci/ose-cluster-network-operator@sha256:0170ba5eebd557fd9f477d915bb7e0d4c1ad6cd4c1852d4b1ceed7a2817dd5d2?repository_url=registry.redhat.io/openshift4/ose-cluster-network-operator&tag=v4.11.0-202403090037.p0.g33da9fb.assembly.stream.el8".try_into()?;
let json = serde_json::to_string(&purl).unwrap();

assert_eq!(
json,
r#""pkg:oci/ose-cluster-network-operator@sha256:0170ba5eebd557fd9f477d915bb7e0d4c1ad6cd4c1852d4b1ceed7a2817dd5d2?repository_url=registry%2Eredhat%2Eio%2Eopenshift4%2Eose%2Dcluster%2Dnetwork%2Doperator&tag=v4%2E11%2E0%2D202403090037%2Ep0%2Eg33da9fb%2Eassembly%2Estream%2Eel8""#
r#""pkg:oci/ose-cluster-network-operator@sha256:0170ba5eebd557fd9f477d915bb7e0d4c1ad6cd4c1852d4b1ceed7a2817dd5d2?repository_url=registry.redhat.io/openshift4/ose-cluster-network-operator&tag=v4.11.0-202403090037.p0.g33da9fb.assembly.stream.el8""#
);
Ok(())
}
Expand Down
7 changes: 5 additions & 2 deletions modules/analysis/src/endpoints.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -295,7 +295,7 @@ mod test {
);
assert_eq!(
response["items"][0]["ancestors"][0]["purl"],
Value::from(["pkg:maven/com.redhat.quarkus.platform/[email protected]?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=pom"])
Value::from(["pkg:maven/com.redhat.quarkus.platform/[email protected]?repository_url=https://maven.repository.redhat.com/ga/&type=pom"])
);

assert_eq!(&response["total"], 2);
Expand Down Expand Up @@ -518,7 +518,10 @@ mod test {
"GeneratedFrom",
response["items"][0]["ancestors"][0]["relationship"]
);
assert_eq!(src, response["items"][0]["ancestors"][0]["purl"]);
assert_eq!(
Value::from(vec![Value::from(src)]),
response["items"][0]["ancestors"][0]["purl"]
);

Ok(())
}
Expand Down
14 changes: 7 additions & 7 deletions modules/fundamental/src/ai/service/tools/package_info.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,10 +279,10 @@ mod tests {

assert_tool_contains(
tool.clone(),
"pkg:maven/org.jboss.logging/[email protected]?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=jar",
"pkg:maven/org.jboss.logging/[email protected]?repository_url=https://maven.repository.redhat.com/ga/&type=jar",
r#"
{
"identifier": "pkg:maven/org.jboss.logging/[email protected]?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=jar",
"identifier": "pkg:maven/org.jboss.logging/[email protected]?repository_url=https://maven.repository.redhat.com/ga/&type=jar",
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"name": "commons-logging-jboss-logging",
"version": "1.0.0.Final-redhat-1",
Expand All @@ -304,7 +304,7 @@ mod tests {
"commons-logging-jboss-logging",
r#"
{
"identifier": "pkg:maven/org.jboss.logging/[email protected]?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=jar",
"identifier": "pkg:maven/org.jboss.logging/[email protected]?repository_url=https://maven.repository.redhat.com/ga/&type=jar",
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"name": "commons-logging-jboss-logging",
"version": "1.0.0.Final-redhat-1",
Expand All @@ -330,25 +330,25 @@ There are multiple that match:
{
"items": [
{
"identifier": "pkg:maven/io.quarkus/quarkus-resteasy-reactive-jsonb-common-deployment@2.13.8.Final-redhat-00004?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=jar",
"identifier": "pkg:maven/io.quarkus/quarkus-resteasy-reactive-jsonb-common-deployment@2.13.8.Final-redhat-00004?repository_url=https://maven.repository.redhat.com/ga/&type=jar",
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"name": "quarkus-resteasy-reactive-jsonb-common-deployment",
"version": "2.13.8.Final-redhat-00004"
},
{
"identifier": "pkg:maven/io.quarkus/[email protected]?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=jar",
"identifier": "pkg:maven/io.quarkus/[email protected]?repository_url=https://maven.repository.redhat.com/ga/&type=jar",
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"name": "quarkus-resteasy-reactive-jsonb",
"version": "2.13.8.Final-redhat-00004"
},
{
"identifier": "pkg:maven/io.quarkus/[email protected]?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=jar",
"identifier": "pkg:maven/io.quarkus/[email protected]?repository_url=https://maven.repository.redhat.com/ga/&type=jar",
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"name": "quarkus-resteasy-reactive-jsonb-common",
"version": "2.13.8.Final-redhat-00004"
},
{
"identifier": "pkg:maven/io.quarkus/quarkus-resteasy-reactive-jsonb-deployment@2.13.8.Final-redhat-00004?repository_url=https%3A%2F%2Fmaven%2Erepository%2Eredhat%2Ecom%2Fga%2F&type=jar",
"identifier": "pkg:maven/io.quarkus/quarkus-resteasy-reactive-jsonb-deployment@2.13.8.Final-redhat-00004?repository_url=https://maven.repository.redhat.com/ga/&type=jar",
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"name": "quarkus-resteasy-reactive-jsonb-deployment",
"version": "2.13.8.Final-redhat-00004"
Expand Down

0 comments on commit 3f0d86a

Please sign in to comment.