Skip to content

extractor/os/rpm: add Mageia ecosystem mapping#2183

Open
zhaochunhong516-lang wants to merge 2 commits into
google:mainfrom
zhaochunhong516-lang:fix-mageia-rpm-ecosystem
Open

extractor/os/rpm: add Mageia ecosystem mapping#2183
zhaochunhong516-lang wants to merge 2 commits into
google:mainfrom
zhaochunhong516-lang:fix-mageia-rpm-ecosystem

Conversation

@zhaochunhong516-lang

@zhaochunhong516-lang zhaochunhong516-lang commented Jun 4, 2026

Copy link
Copy Markdown

OSV-SCALIBR Mageia RPM ecosystem notes

Candidate issue: #2177

Why this is a good 5 USD experiment target

  • Public, legal, and reviewable.
  • Open issue with a concrete bug report.
  • Maintainer-quality repository rather than a noisy bounty farm.
  • Small code surface: RPM ecosystem mapping only.
  • Existing EcosystemMageia constant is already valid in inventory/osvecosystem/parsed.go.
  • Open PR scan found AlmaLinux/SUSE-related RPM PRs, but no obvious Mageia PR.

Proposed issue/PR summary

Add Mageia handling to the RPM ecosystem mapper so packages extracted from Mageia systems are mapped to the OSV Mageia ecosystem with the distro version as suffix.

Patch summary

  • In extractor/filesystem/os/ecosystem/ecosystem.go, add OSID == "mageia" handling in the *rpmmeta.Metadata branch.
  • In extractor/filesystem/os/ecosystem/ecosystem_test.go, add a Mageia RPM regression case expecting Mageia:9.

Validation target

go test ./extractor/filesystem/os/ecosystem

Validated on 2026-06-04 with Go toolchain download/cache redirected to /private/tmp:

GOTOOLCHAIN=auto GOPATH=/private/tmp/codex-gopath GOCACHE=/private/tmp/codex-go-cache GOMODCACHE=/private/tmp/codex-go-mod go test ./extractor/filesystem/os/ecosystem

Result:

ok  	github.com/google/osv-scalibr/extractor/filesystem/os/ecosystem	0.460s

PR body draft

## Summary

- Map RPM metadata with `OSID == "mageia"` to the OSV `Mageia` ecosystem.
- Preserve `OSVersionID` as the ecosystem suffix so Mageia 9 packages produce `Mageia:9`.
- Add a focused RPM ecosystem regression test.

Fixes #2177.

## Tests

- `go test ./extractor/filesystem/os/ecosystem`

## AI disclosure

I used AI assistance to inspect the issue, identify the existing RPM ecosystem mapping pattern, and prepare this focused patch. I reviewed the change and validation target before submission.

@google-cla

google-cla Bot commented Jun 4, 2026

Copy link
Copy Markdown

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@zhaochunhong516-lang