kpfleming/pkg-proxy
1
0
Fork 0
forked from mirrors/pkg-proxy
Code Pull requests Activity
pkg-proxy/internal/database/types.go

108 lines
5.3 KiB
Go
Raw Permalink Normal View History

Hello world
2026-01-20 21:52:44 +00:00
package database
import (
"database/sql"
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
"strings"
Hello world
2026-01-20 21:52:44 +00:00
"time"
)
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
// Package represents a package in the database.
// Schema is compatible with git-pkgs.
Hello world
2026-01-20 21:52:44 +00:00
type Package struct {
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
ID int64 `db:"id" json:"id"`
PURL string `db:"purl" json:"purl"`
Ecosystem string `db:"ecosystem" json:"ecosystem"`
Name string `db:"name" json:"name"`
LatestVersion sql.NullString `db:"latest_version" json:"latest_version,omitempty"`
License sql.NullString `db:"license" json:"license,omitempty"`
Description sql.NullString `db:"description" json:"description,omitempty"`
Homepage sql.NullString `db:"homepage" json:"homepage,omitempty"`
RepositoryURL sql.NullString `db:"repository_url" json:"repository_url,omitempty"`
RegistryURL sql.NullString `db:"registry_url" json:"registry_url,omitempty"`
SupplierName sql.NullString `db:"supplier_name" json:"supplier_name,omitempty"`
SupplierType sql.NullString `db:"supplier_type" json:"supplier_type,omitempty"`
Source sql.NullString `db:"source" json:"source,omitempty"`
EnrichedAt sql.NullTime `db:"enriched_at" json:"enriched_at,omitempty"`
VulnsSyncedAt sql.NullTime `db:"vulns_synced_at" json:"vulns_synced_at,omitempty"`
CreatedAt time.Time `db:"created_at" json:"created_at"`
UpdatedAt time.Time `db:"updated_at" json:"updated_at"`
Hello world
2026-01-20 21:52:44 +00:00
}
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
// Version represents a package version in the database.
// Schema is compatible with git-pkgs.
Hello world
2026-01-20 21:52:44 +00:00
type Version struct {
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
ID int64 `db:"id" json:"id"`
PURL string `db:"purl" json:"purl"`
PackagePURL string `db:"package_purl" json:"package_purl"`
License sql.NullString `db:"license" json:"license,omitempty"`
PublishedAt sql.NullTime `db:"published_at" json:"published_at,omitempty"`
Integrity sql.NullString `db:"integrity" json:"integrity,omitempty"`
Yanked bool `db:"yanked" json:"yanked"`
Source sql.NullString `db:"source" json:"source,omitempty"`
EnrichedAt sql.NullTime `db:"enriched_at" json:"enriched_at,omitempty"`
CreatedAt time.Time `db:"created_at" json:"created_at"`
UpdatedAt time.Time `db:"updated_at" json:"updated_at"`
Hello world
2026-01-20 21:52:44 +00:00
}
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
// Version extracts the version string from the PURL.
// e.g., "pkg:npm/lodash@4.17.21" -> "4.17.21"
func (v *Version) Version() string {
if idx := strings.LastIndex(v.PURL, "@"); idx >= 0 {
return v.PURL[idx+1:]
}
return ""
}
// Artifact represents a cached artifact in the database.
// This table is proxy-specific and not part of git-pkgs.
Hello world
2026-01-20 21:52:44 +00:00
type Artifact struct {
Add sqlx with SQLite default and PostgreSQL option Replace raw database/sql with jmoiron/sqlx for cleaner query handling. Support both SQLite (default) and PostgreSQL as configurable backends. Configuration via: - CLI flags: -database-driver, -database-path, -database-url - Environment: PROXY_DATABASE_DRIVER, PROXY_DATABASE_PATH, PROXY_DATABASE_URL - Config file: database.driver, database.path, database.url Tests run against both databases when PROXY_DATABASE_URL is set.
2026-01-29 16:06:56 +00:00
ID int64 `db:"id" json:"id"`
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
VersionPURL string `db:"version_purl" json:"version_purl"`
Add sqlx with SQLite default and PostgreSQL option Replace raw database/sql with jmoiron/sqlx for cleaner query handling. Support both SQLite (default) and PostgreSQL as configurable backends. Configuration via: - CLI flags: -database-driver, -database-path, -database-url - Environment: PROXY_DATABASE_DRIVER, PROXY_DATABASE_PATH, PROXY_DATABASE_URL - Config file: database.driver, database.path, database.url Tests run against both databases when PROXY_DATABASE_URL is set.
2026-01-29 16:06:56 +00:00
Filename string `db:"filename" json:"filename"`
UpstreamURL string `db:"upstream_url" json:"upstream_url"`
StoragePath sql.NullString `db:"storage_path" json:"storage_path,omitempty"`
ContentHash sql.NullString `db:"content_hash" json:"content_hash,omitempty"`
Size sql.NullInt64 `db:"size" json:"size,omitempty"`
ContentType sql.NullString `db:"content_type" json:"content_type,omitempty"`
FetchedAt sql.NullTime `db:"fetched_at" json:"fetched_at,omitempty"`
HitCount int64 `db:"hit_count" json:"hit_count"`
LastAccessedAt sql.NullTime `db:"last_accessed_at" json:"last_accessed_at,omitempty"`
CreatedAt time.Time `db:"created_at" json:"created_at"`
UpdatedAt time.Time `db:"updated_at" json:"updated_at"`
Hello world
2026-01-20 21:52:44 +00:00
}
Align database schema with git-pkgs for compatibility The proxy can now use an existing git-pkgs database as a starting point. Packages and versions tables match git-pkgs schema, using PURL-based references instead of integer IDs. The proxy adds its own artifacts table for caching functionality.
2026-01-29 16:44:01 +00:00
// IsCached returns true if the artifact has been fetched and stored locally.
Hello world
2026-01-20 21:52:44 +00:00
func (a *Artifact) IsCached() bool {
return a.StoragePath.Valid && a.FetchedAt.Valid
}
Add Container, Debian, RPM handlers and enrichment API Adds proxy support for Docker/OCI container registries, Debian/APT repositories, and RPM/Yum repositories. Includes a new enrichment API for package metadata, vulnerability scanning, and outdated detection. Updates the dashboard with Tailwind CSS, dark mode support, and a security overview section showing vulnerability counts.
2026-01-29 19:35:15 +00:00
Add mirror command and API for selective package mirroring Add a `proxy mirror` CLI command and `/api/mirror` API endpoints that pre-populate the cache from various input sources: individual PURLs, SBOM files (CycloneDX and SPDX), or full registry enumeration. The mirror reuses the existing handler.Proxy.GetOrFetchArtifact() pipeline so cached artifacts are identical to those fetched on demand. A bounded worker pool controls download parallelism. Metadata caching is opt-in via `cache_metadata: true` in config (or PROXY_CACHE_METADATA=true). The mirror command always enables it. When enabled, upstream metadata responses are stored for offline fallback with ETag-based conditional revalidation. New internal/mirror package with Source interface, PURLSource, SBOMSource, RegistrySource, and async JobStore. New metadata_cache database table for offline metadata serving.
2026-03-19 21:06:02 +00:00
// MetadataCacheEntry represents a cached metadata blob for offline serving.
type MetadataCacheEntry struct {
Fix metadata caching, 404 propagation, mirror progress, and registry stubs - ProxyCached now stores upstream Last-Modified in the cache and uses it (along with ETag) for conditional request handling, returning 304 when client validators match. Adds Content-Length to cached responses. - Handlers calling FetchOrCacheMetadata (pypi, composer, pub, nuget) now check for ErrUpstreamNotFound and return 404 instead of 502, matching the existing npm and cargo behavior. - Mirror jobs report live progress via a periodic callback while running, so API polls return real counts instead of zeroed progress. - Registry mirroring removed from CLI flags, API acceptance, README, and docs since every enumerator was a stub returning "not yet implemented". - Added tests for the conditional metadata path (ETag/If-None-Match, Last-Modified/If-Modified-Since, 304 responses, header omission).
2026-04-01 20:14:11 +01:00
ID int64 `db:"id" json:"id"`
Ecosystem string `db:"ecosystem" json:"ecosystem"`
Name string `db:"name" json:"name"`
StoragePath string `db:"storage_path" json:"storage_path"`
ETag sql.NullString `db:"etag" json:"etag,omitempty"`
ContentType sql.NullString `db:"content_type" json:"content_type,omitempty"`
Size sql.NullInt64 `db:"size" json:"size,omitempty"`
LastModified sql.NullTime `db:"last_modified" json:"last_modified,omitempty"`
FetchedAt sql.NullTime `db:"fetched_at" json:"fetched_at,omitempty"`
CreatedAt time.Time `db:"created_at" json:"created_at"`
UpdatedAt time.Time `db:"updated_at" json:"updated_at"`
Add mirror command and API for selective package mirroring Add a `proxy mirror` CLI command and `/api/mirror` API endpoints that pre-populate the cache from various input sources: individual PURLs, SBOM files (CycloneDX and SPDX), or full registry enumeration. The mirror reuses the existing handler.Proxy.GetOrFetchArtifact() pipeline so cached artifacts are identical to those fetched on demand. A bounded worker pool controls download parallelism. Metadata caching is opt-in via `cache_metadata: true` in config (or PROXY_CACHE_METADATA=true). The mirror command always enables it. When enabled, upstream metadata responses are stored for offline fallback with ETag-based conditional revalidation. New internal/mirror package with Source interface, PURLSource, SBOMSource, RegistrySource, and async JobStore. New metadata_cache database table for offline metadata serving.
2026-03-19 21:06:02 +00:00
}
Add Container, Debian, RPM handlers and enrichment API Adds proxy support for Docker/OCI container registries, Debian/APT repositories, and RPM/Yum repositories. Includes a new enrichment API for package metadata, vulnerability scanning, and outdated detection. Updates the dashboard with Tailwind CSS, dark mode support, and a security overview section showing vulnerability counts.
2026-01-29 19:35:15 +00:00
// Vulnerability represents a cached vulnerability record.
type Vulnerability struct {
Apply 'go fmt' as suggested in CONTRIBUTING.md.
2026-04-18 07:43:22 -04:00
ID int64 `db:"id" json:"id"`
VulnID string `db:"vuln_id" json:"vuln_id"`
Ecosystem string `db:"ecosystem" json:"ecosystem"`
PackageName string `db:"package_name" json:"package_name"`
Severity sql.NullString `db:"severity" json:"severity,omitempty"`
Summary sql.NullString `db:"summary" json:"summary,omitempty"`
FixedVersion sql.NullString `db:"fixed_version" json:"fixed_version,omitempty"`
Add Container, Debian, RPM handlers and enrichment API Adds proxy support for Docker/OCI container registries, Debian/APT repositories, and RPM/Yum repositories. Includes a new enrichment API for package metadata, vulnerability scanning, and outdated detection. Updates the dashboard with Tailwind CSS, dark mode support, and a security overview section showing vulnerability counts.
2026-01-29 19:35:15 +00:00
CVSSScore sql.NullFloat64 `db:"cvss_score" json:"cvss_score,omitempty"`
Apply 'go fmt' as suggested in CONTRIBUTING.md.
2026-04-18 07:43:22 -04:00
References sql.NullString `db:"references" json:"references,omitempty"`
FetchedAt sql.NullTime `db:"fetched_at" json:"fetched_at,omitempty"`
CreatedAt time.Time `db:"created_at" json:"created_at"`
UpdatedAt time.Time `db:"updated_at" json:"updated_at"`
Add Container, Debian, RPM handlers and enrichment API Adds proxy support for Docker/OCI container registries, Debian/APT repositories, and RPM/Yum repositories. Includes a new enrichment API for package metadata, vulnerability scanning, and outdated detection. Updates the dashboard with Tailwind CSS, dark mode support, and a security overview section showing vulnerability counts.
2026-01-29 19:35:15 +00:00
}
Copy permalink