From 8f8e2442a06eadc85e8ae5d501cb6ec90de548d4 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Thu, 27 Mar 2025 16:13:31 +0100 Subject: [PATCH 1/4] qualifier: `vers` Signed-off-by: Jan Kowalleck --- PURL-SPECIFICATION.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/PURL-SPECIFICATION.rst b/PURL-SPECIFICATION.rst index 32aa48f8..356990d4 100644 --- a/PURL-SPECIFICATION.rst +++ b/PURL-SPECIFICATION.rst @@ -420,6 +420,10 @@ download URL, VCS URL or checksums in an API, database or web form. With this warning, the known ``key`` and ``value`` defined here are valid for use in all package types: +- ``vers`` is a replacement for the component ``version``. + This allows to define a version range, instead of a single version. + The value of this qualifier MUST comply to `version range spec `_. + - ``repository_url`` is an extra URL for an alternative, non-default package repository or registry. When a package does not come from the default public package repository for its ``type`` a ``purl`` may be qualified with this extra From a7b640920b70732d41483387bcfeb3c13a4e1933 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Thu, 27 Mar 2025 16:49:11 +0100 Subject: [PATCH 2/4] docs: reword docs for qualifier `vers` Signed-off-by: Jan Kowalleck --- PURL-SPECIFICATION.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/PURL-SPECIFICATION.rst b/PURL-SPECIFICATION.rst index 356990d4..270f9574 100644 --- a/PURL-SPECIFICATION.rst +++ b/PURL-SPECIFICATION.rst @@ -420,9 +420,9 @@ download URL, VCS URL or checksums in an API, database or web form. With this warning, the known ``key`` and ``value`` defined here are valid for use in all package types: -- ``vers`` is a replacement for the component ``version``. - This allows to define a version range, instead of a single version. - The value of this qualifier MUST comply to `version range spec `_. +- ``vers`` allows to define a version range, instead of a single version. + The value MUST comply to `version range spec `_. + This qualifier is mutual exclusive to the component ``version``! - ``repository_url`` is an extra URL for an alternative, non-default package repository or registry. When a package does not come from the default public From 1d149e50c026e64a87370a3845e7ab9d4a5842f5 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Thu, 27 Mar 2025 16:56:51 +0100 Subject: [PATCH 3/4] docs: reword docs for qualifier `vers` Signed-off-by: Jan Kowalleck --- PURL-SPECIFICATION.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/PURL-SPECIFICATION.rst b/PURL-SPECIFICATION.rst index 270f9574..9114fb37 100644 --- a/PURL-SPECIFICATION.rst +++ b/PURL-SPECIFICATION.rst @@ -420,9 +420,9 @@ download URL, VCS URL or checksums in an API, database or web form. With this warning, the known ``key`` and ``value`` defined here are valid for use in all package types: -- ``vers`` allows to define a version range, instead of a single version. - The value MUST comply to `version range spec `_. - This qualifier is mutual exclusive to the component ``version``! +- ``vers`` allows the specification of a version range. + The value MUST adhere to the `Version Range Specification `_. + This qualifier is mutually exclusive with the ``version`` component. - ``repository_url`` is an extra URL for an alternative, non-default package repository or registry. When a package does not come from the default public From a115e877b352acd5adeb0a7b5061052265489e9e Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Wed, 2 Apr 2025 19:18:40 +0200 Subject: [PATCH 4/4] Update PURL-SPECIFICATION.rst --- PURL-SPECIFICATION.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/PURL-SPECIFICATION.rst b/PURL-SPECIFICATION.rst index 9114fb37..886c882a 100644 --- a/PURL-SPECIFICATION.rst +++ b/PURL-SPECIFICATION.rst @@ -423,6 +423,9 @@ all package types: - ``vers`` allows the specification of a version range. The value MUST adhere to the `Version Range Specification `_. This qualifier is mutually exclusive with the ``version`` component. + For example:: + + pkg:pypi/django?vers=vers%3Apypi%2F%3E%3D1.11.0%7C%21%3D1.11.1%7C%3C2.0.0 - ``repository_url`` is an extra URL for an alternative, non-default package repository or registry. When a package does not come from the default public