tessl/pypi-packageurl-python
A purl aka. Package URL parser and builder
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/pypi-packageurl-python@0.17.0index.mddocs/
PackageURL Python
A comprehensive Python library for parsing and building Package URLs (PURLs) - standardized identifiers for software packages across different ecosystems. This library provides robust parsing, validation, and construction of PURLs according to the official specification, with additional utilities for framework integration and URL inference.
Package Information
- Package Name: packageurl-python
- Language: Python
- Installation:
pip install packageurl-python
Core Imports
from packageurl import PackageURLAdditional components:
from packageurl import normalize, normalize_qualifiers, quote, unquote
from packageurl.utils import get_golang_purl
from packageurl.contrib.url2purl import url2purl, purl_router
from packageurl.contrib.purl2url import get_repo_url, get_download_urlBasic Usage
from packageurl import PackageURL
# Parse a PURL string
purl = PackageURL.from_string("pkg:maven/org.apache.commons/io@1.3.4")
print(purl.to_dict())
# {'type': 'maven', 'namespace': 'org.apache.commons', 'name': 'io', 'version': '1.3.4', 'qualifiers': {}, 'subpath': None}
# Create a PURL object directly
purl = PackageURL(type="pypi", name="django", version="3.2.0")
print(str(purl))
# pkg:pypi/django@3.2.0
# Convert back to string
print(purl.to_string())
# pkg:pypi/django@3.2.0
# Create with qualifiers
purl_with_qualifiers = PackageURL(
type="npm",
name="lodash",
version="4.17.21",
qualifiers={"arch": "x64", "os": "linux"}
)
print(str(purl_with_qualifiers))
# pkg:npm/lodash@4.17.21?arch=x64&os=linux
# Convert to dictionary
print(purl.to_dict())
# {'type': 'pypi', 'namespace': None, 'name': 'django', 'version': '3.2.0', 'qualifiers': {}, 'subpath': None}Architecture
The library follows a layered architecture:
- Core PackageURL Class: Main PURL object with parsing, construction, and serialization
- Normalization Functions: Component-wise validation and normalization
- Utilities: Helper functions for specific ecosystems (Go, etc.)
- Contrib Modules: Framework integrations and URL conversion utilities
Capabilities
Core PURL Operations
Essential PackageURL parsing, construction, and manipulation functionality. Includes the main PackageURL class and normalization functions for building and validating package identifiers.
class PackageURL:
def __init__(self, type=None, namespace=None, name=None, version=None, qualifiers=None, subpath=None): ...
@classmethod
def from_string(cls, purl: str) -> 'PackageURL': ...
def to_string(self, encode=True) -> str: ...
def to_dict(self, encode=False, empty=None) -> dict: ...
def normalize(type, namespace, name, version, qualifiers, subpath, encode=True): ...
def normalize_qualifiers(qualifiers, encode=True): ...Framework Integrations
Database model mixins and query utilities for Django and SQLAlchemy frameworks, enabling seamless integration of PackageURL fields into web applications and ORM models.
# Django integration
class PackageURLMixin: ...
class PackageURLQuerySetMixin: ...
# SQLAlchemy integration
class PackageURLMixin: ...URL Conversion Utilities
Bidirectional conversion between arbitrary URLs and PackageURLs, including repository URL inference and download URL generation for various package ecosystems.
def url2purl(url): ...
def get_repo_url(purl): ...
def get_download_url(purl): ...
def get_inferred_urls(purl): ...Ecosystem-Specific Utilities
Helper functions for specific package ecosystems and specialized use cases, including Go module handling and custom routing functionality.
def get_golang_purl(go_package: str): ...
class Router: ...Types
class PackageURL:
"""Package URL object representing a standardized package identifier."""
type: str # Package type (e.g., 'maven', 'npm', 'pypi')
namespace: str | None # Package namespace/group
name: str # Package name
version: str | None # Package version
qualifiers: dict[str, str] # Additional qualifiers as key-value pairs
subpath: str | None # Subpath within package
SCHEME: str = "pkg" # PURL scheme constant