Skip to content
Snippets Groups Projects
  • Jamie Tanna's avatar
    1bda10f0
    feat(renovate): derive `package_type` and `package_url` on imports · 1bda10f0
    Jamie Tanna authored
    Right now, we consume Package URLs (pURLs) for SBOM datasources, and
    have the ability to derive the pURL for a Renovate dependency but it's
    not persisted, and is only used when performing lookups to systems that
    require a pURL, or for `renovate-to-sbom`.
    
    To make this data available for other use-cases, we can derive the
    `package_type` and `package_url` as part of an import of Renovate data
    and then store it in the database.
    
    As this is derived, this is likely to be subtly wrong for some types, so
    we'll look at improving them as-and-when we discover incorrect
    categorisation.
    
    This also requires refactoring the parameter to
    `newRenovateDependenciesQuery` as it's no longer getting a full Renovate
    row, as we don't query the `package_type` or `package_url`.
    
    Closes #436, and a step towards #446.
    1bda10f0
    History
    feat(renovate): derive `package_type` and `package_url` on imports
    Jamie Tanna authored
    Right now, we consume Package URLs (pURLs) for SBOM datasources, and
    have the ability to derive the pURL for a Renovate dependency but it's
    not persisted, and is only used when performing lookups to systems that
    require a pURL, or for `renovate-to-sbom`.
    
    To make this data available for other use-cases, we can derive the
    `package_type` and `package_url` as part of an import of Renovate data
    and then store it in the database.
    
    As this is derived, this is likely to be subtly wrong for some types, so
    we'll look at improving them as-and-when we discover incorrect
    categorisation.
    
    This also requires refactoring the parameter to
    `newRenovateDependenciesQuery` as it's no longer getting a full Renovate
    row, as we don't query the `package_type` or `package_url`.
    
    Closes #436, and a step towards #446.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.