Description
Currently, build specs are stored and retrieved partly based on the purl of the artifact but without the version component. As a result, running Macaron on different versions of the same artifact causes new results to overwrite previous results.
Additionally, the output path for build specs normalizes all special characters to underscores (_). This may cause path overlaps in cases where different meaningful characters are present in the artifact name, such as periods (.). For example, both foo.bar and foo_bar would map to foo_bar, causing collisions. The file naming strategy should preserve certain valid characters (such as .) and only sanitize those strictly necessary for file system safety, to avoid these issues.
Description
Currently, build specs are stored and retrieved partly based on the purl of the artifact but without the version component. As a result, running Macaron on different versions of the same artifact causes new results to overwrite previous results.
Additionally, the output path for build specs normalizes all special characters to underscores (
_). This may cause path overlaps in cases where different meaningful characters are present in the artifact name, such as periods (.). For example, bothfoo.barandfoo_barwould map tofoo_bar, causing collisions. The file naming strategy should preserve certain valid characters (such as.) and only sanitize those strictly necessary for file system safety, to avoid these issues.