Identifier: Use package manger type if it cannot be mapped to a purl …

…type The PURL specification has the issue that types and providers are not separated [1]. ORT uses the package manager type as opposed to using the PURL type that e.g. Nexus IQ requires. If a package manager type cannot be mapped to a PURL type ORT should fallback to the package manager type instead of breaking the calling code by returning `null`. [1] package-url/purl-spec#33 Signed-off-by: Marcel Bochtler <marcel.bochtler@bosch.io>
boschglobal · Dec 1, 2020 · 708b84d · 708b84d
1 parent e3398fe
commit 708b84d
Showing 1 changed file with 16 additions and 15 deletions.
diff --git a/model/src/main/kotlin/Identifier.kt b/model/src/main/kotlin/Identifier.kt
@@ -131,7 +131,7 @@ data class Identifier(
     fun toPurl() = "".takeIf { this == EMPTY }
         ?: buildString {
             append("pkg:")
-            val purlType = getPurlType()?.toString() ?: type.toLowerCase()
+            val purlType = getPurlType().toString()
             append(purlType)
 
             if (namespace.isNotEmpty()) {
@@ -147,22 +147,23 @@ data class Identifier(
         }
 
     /**
-     * Map a package manager type as to a package url using the package type.
-     * Returns null when package manager cannot be mapped to a package type.
+     * Map a package manager type to the String representation of the respective [PurlType].
+     * Falls back to the lower case package manager type if the [PurlType] cannot be determined unambiguously.
+     *
+     * E.g. PIP to [PurlType.PYPI] or Gradle to [PurlType.MAVEN].
      */
     fun getPurlType() = when (type.toLowerCase()) {
-        "bower" -> PurlType.BOWER
-        "bundler" -> PurlType.GEM
-        "cargo" -> PurlType.CARGO
-        "carthage", "pub", "spdx", "stack" -> null
-        "composer" -> PurlType.COMPOSER
-        "conan" -> PurlType.CONAN
-        "dep", "glide", "godep", "gomod" -> PurlType.GOLANG
-        "dotnet", "nuget" -> PurlType.NUGET
-        "gradle", "maven", "sbt" -> PurlType.MAVEN
-        "npm", "yarn" -> PurlType.NPM
-        "pip", "pipenv" -> PurlType.PYPI
-        else -> null
+        "bower" -> PurlType.BOWER.toString()
+        "bundler" -> PurlType.GEM.toString()
+        "cargo" -> PurlType.CARGO.toString()
+        "composer" -> PurlType.COMPOSER.toString()
+        "conan" -> PurlType.CONAN.toString()
+        "dep", "glide", "godep", "gomod" -> PurlType.GOLANG.toString()
+        "dotnet", "nuget" -> PurlType.NUGET.toString()
+        "gradle", "maven", "sbt" -> PurlType.MAVEN.toString()
+        "npm", "yarn" -> PurlType.NPM.toString()
+        "pip", "pipenv" -> PurlType.PYPI.toString()
+        else -> type.toLowerCase()
     }
 
     enum class PurlType(private val value: String) {