Skip to content

Invalid purls when scanning Rust(cargo) repository #1172

New issue
New issue
Open
#1410
Open
Invalid purls when scanning Rust(cargo) repository#1172
#1410
Labels
detector:rustThe Rust Cargo detectorgood first issueGood for newcomersstatus:readyReady to start implementationtype:bugBug fix of existing functionality
@kennylam91

Description

@kennylam91
kennylam91
opened on Jun 13, 2024

Hi guys,
When I scan a Rust(cargo) repository (e.g https://github.com/rust-lang/rustlings), the sbom file result contains these purls:

pkg:cargo//[email protected]#
pkg:cargo//[email protected]#
pkg:cargo//[email protected]#
pkg:cargo//[email protected]#
pkg:cargo//[email protected]#

As per purl-specification, these purls seem not to be valid with //
And when extracting them, the name info would include a slash (e.g /ryu instead of ryu)

Metadata

Metadata

Assignees

No one assigned

    Labels

    detector:rustThe Rust Cargo detectorgood first issueGood for newcomersstatus:readyReady to start implementationtype:bugBug fix of existing functionality

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions