fix: purl parser bug to handle maven group:name convention

2025-12-10 00:22:08 -06:00 · 2024-01-17 17:24:29 +05:30 · 2024-01-17 17:24:29 +05:30 · debca4218b
commit debca4218b
parent 1dba6fdd8e
2 changed files with 46 additions and 0 deletions
--- a/pkg/common/purl/purl.go
+++ b/pkg/common/purl/purl.go
@ -52,6 +52,8 @@ func purlBuildLockfilePackageName(ecosystem lockfile.Ecosystem, group, name stri
 	switch ecosystem {
 	case lockfile.GoEcosystem, lockfile.NpmEcosystem:
 		return fmt.Sprintf("%s/%s", group, name)
+	case lockfile.MavenEcosystem:
+		return fmt.Sprintf("%s:%s", group, name)
 	default:
 		return name
 	}
--- a/pkg/readers/purl_reader_test.go
+++ b/pkg/readers/purl_reader_test.go
@ -26,3 +26,47 @@ func TestPurlReader(t *testing.T) {

 	assert.Nil(t, err)
 }
+
+func TestPurlReaderWithMultiplePURLS(t *testing.T) {
+	cases := []struct {
+		name      string
+		purl      string
+		ecosystem string
+		pkgName   string
+		version   string
+	}{
+		{
+			"Maven PURL",
+			"pkg:maven/org.apache.commons/commons-lang3@3.8.1",
+			"Maven",
+			"org.apache.commons:commons-lang3",
+			"3.8.1",
+		},
+		{
+			"Maven PURL log4j",
+			"pkg:maven/log4j/log4j@1.2.17",
+			"Maven",
+			"log4j:log4j",
+			"1.2.17",
+		},
+	}
+
+	for _, test := range cases {
+		t.Run(test.name, func(t *testing.T) {
+			reader, err := NewPurlReader(test.purl)
+			assert.Nil(t, err)
+
+			err = reader.EnumManifests(func(pm *models.PackageManifest, pr PackageReader) error {
+				assert.Equal(t, 1, len(pm.Packages))
+				assert.NotNil(t, pm.Packages[0])
+				assert.Equal(t, test.pkgName, pm.Packages[0].Name)
+				assert.Equal(t, test.version, pm.Packages[0].Version)
+				assert.Equal(t, test.ecosystem, string(pm.Packages[0].Ecosystem))
+
+				return nil
+			})
+
+			assert.Nil(t, err)
+		})
+	}
+}