From e93983a23b2641dfc3dfbb8e86438a1e7ab4522e Mon Sep 17 00:00:00 2001 From: Gabe Stocco <98900+gfs@users.noreply.github.com> Date: Wed, 2 Mar 2022 17:13:17 -0800 Subject: [PATCH] cocoapods, cran, vsm and cpan packages should not be lowered (#18) * Dont lower cocoa, cpan, vsm and cran package names Cocoapods, CPAN, VSM and CRAN package managers are case sensitive and need the original name string - when the name is automatically lowered you cannot find the packages in the responsitory. * Update PackageUrl.cs * Update PackageUrl.cs Some managers also have case sensitive namespaces * Remove static from ValidateNamespace * Update PackageUrl.cs * Fix namespace switch * Add missing semicolon. * Per discussion. Remove all lowering and replace Removes the ToLower and the Replace methods which were modifying the ValidateName and ValidateNamespace methods. * Revert "Per discussion. Remove all lowering and replace" This reverts commit aa1a1071bae0202bd525392e448cdd174796bede. * Add Tests * Update src/PackageUrl.cs Co-authored-by: Adeel Mujahid <3840695+am11@users.noreply.github.com> * Update PackageUrl.cs Co-authored-by: Adeel Mujahid <3840695+am11@users.noreply.github.com> --- src/PackageUrl.cs | 21 +++++----- tests/TestAssets/test-suite-data.json | 60 +++++++++++++++++++++++++++ 2 files changed, 71 insertions(+), 10 deletions(-) diff --git a/src/PackageUrl.cs b/src/PackageUrl.cs index 0fc5ff0..c6f6a85 100644 --- a/src/PackageUrl.cs +++ b/src/PackageUrl.cs @@ -255,13 +255,17 @@ private static string ValidateType(string type) return type.ToLower(); } - private static string ValidateNamespace(string @namespace) + private string ValidateNamespace(string @namespace) { if (@namespace == null) { return null; } - return WebUtility.UrlDecode(@namespace.ToLower()); + return Type switch + { + "vsm" or "cran" => WebUtility.UrlDecode(@namespace), + _ => WebUtility.UrlDecode(@namespace.ToLower()) + }; } private string ValidateName(string name) @@ -270,15 +274,12 @@ private string ValidateName(string name) { throw new MalformedPackageUrlException("The PackageURL name specified is invalid"); } - if (Type == "pypi") - { - name = name.Replace('_', '-'); - } - if (Type == "nuget") + return Type switch { - return name; - } - return name.ToLower(); + "nuget" or "cocoapods" or "cpan" or "vsm" or "cran" => name, + "pypi" => name.Replace('_', '-').ToLower(), + _ => name.ToLower() + }; } private static SortedDictionary ValidateQualifiers(string qualifiers) diff --git a/tests/TestAssets/test-suite-data.json b/tests/TestAssets/test-suite-data.json index 0ea3bcf..5386254 100644 --- a/tests/TestAssets/test-suite-data.json +++ b/tests/TestAssets/test-suite-data.json @@ -277,5 +277,65 @@ "qualifiers": null, "subpath": null, "is_invalid": false + }, + { + "description": "cocoapods names are case sensitive", + "purl": "pkg:cocoapods/MapsIndoors@3.24.0", + "canonical_purl": "pkg:cocoapods/MapsIndoors@3.24.0", + "type": "cocoapods", + "namespace": null, + "name": "MapsIndoors", + "version": "3.24.0", + "qualifiers": null, + "subpath": null, + "is_invalid": false + }, + { + "description": "cpan names are case sensitive", + "purl": "pkg:cpan/Perl-Version@1.013", + "canonical_purl": "pkg:cpan/Perl-Version@1.013", + "type": "cpan", + "namespace": null, + "name": "Perl-Version", + "version": "1.013", + "qualifiers": null, + "subpath": null, + "is_invalid": false + }, + { + "description": "cran names are case sensitive", + "purl": "pkg:cran/MixTwice@2.0", + "canonical_purl": "pkg:cran/MixTwice@2.0", + "type": "cran", + "namespace": null, + "name": "MixTwice", + "version": "2.0", + "qualifiers": null, + "subpath": null, + "is_invalid": false + }, + { + "description": "Visual Studio Marketplace namespaces are case sensitive", + "purl": "pkg:vsm/MS-CST-E/vscode-devskim@0.6.8", + "canonical_purl": "pkg:vsm/MS-CST-E/vscode-devskim@0.6.8", + "type": "vsm", + "namespace": "MS-CST-E", + "name": "vscode-devskim", + "version": "0.6.8", + "qualifiers": null, + "subpath": null, + "is_invalid": false + }, + { + "description": "Visual Studio Marketplace names are case sensitive", + "purl": "pkg:vsm/ritwickdey/LiveServer@5.7.4", + "canonical_purl": "pkg:vsm/ritwickdey/LiveServer@5.7.4", + "type": "vsm", + "namespace": "ritwickdey", + "name": "LiveServer", + "version": "5.7.4", + "qualifiers": null, + "subpath": null, + "is_invalid": false } ]