Normalize namespace and name when encoding purl strings
What does this MR do and why?
Normalize namespace and name when encoding purl strings.
This is a spec non-conformance issue, as the spec says the following:
If the
namespace
is not empty:
- Strip the
namespace
from leading and trailing '/'- Split on '/' as segments
- Apply type-specific normalization to each segment if needed
- UTF-8-encode each segment if needed in your programming language
- Percent-encode each segment
- Join the segments with '/'
- Append this to the
purl
- Append '/' to the
purl
- Strip the
name
from leading and trailing '/'- Apply type-specific normalization to the
name
if needed- UTF-8-encode the
name
if needed in your programming language- Append the percent-encoded
name
to thepurl
If the
namespace
is empty:
- Apply type-specific normalization to the
name
if needed- UTF-8-encode the
name
if needed in your programming language- Append the percent-encoded
name
to thepurl
Sbom::PackageUrl#to_s
is currently only used in tests, so this bug is not user-facing and
does not need a changelog entry.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Brian Williams