osv-schema icon indicating copy to clipboard operation
osv-schema copied to clipboard
verified publisher icon ossf

Additional range types for versions conforming to the RPM and Debian versioning standards

Open andrewpollock opened this issue 1 year ago • 2 comments

Would it make sense to add additional range types for RPM and dpkg/Debian versioning standards?

The benefit being that the expectations and treatment of these ranges would be explicit.

References:

  • https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/
  • https://rpm-software-management.github.io/rpm/manual/spec.html
  • https://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-version

andrewpollock avatar Jul 16 '24 01:07 andrewpollock

Makes sense to me. A reference implementation of comparing RPM versions can be found in the RPM source code.

For clients using Go there is an implementation here: https://github.com/knqyf263/go-rpm-version

jasinner avatar Aug 21 '24 00:08 jasinner

Hmm, the intention was that the ECOSYSTEM range would cover these. There are a lot of different versioning schemes out there, and we made the explicit decision to avoid having to catalogue all of these, particularly when they're tied to the underlying ecosystem already.

oliverchang avatar Aug 21 '24 00:08 oliverchang