[Buildroot] [PATCH 0/7] Add PURL support
Peter Korsgaard
peter at korsgaard.com
Wed Apr 16 19:07:38 UTC 2025
>>>>> "Thomas" == Thomas Perale via buildroot <buildroot at buildroot.org> writes:
> This patch series add support for the PURL.
> https://github.com/package-url/purl-spec
Nice!
> PURL are a software identifier similar to CPE.
> More information on PURL can be found in the first patch of the series.
> After testing the usage of PURL with DependencyTrack and
> https://ossindex.sonatype.org I can see that it improves the tracking
> of CVEs and version bump
Out of interest, how does it help (do you have an example?)
Does a PURL match complicate anything if we add a local (security) patch
to a package?
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list