Added fixes for the Github Comment workflow (#5)

Author: dacoburn

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "socketsecurity"
-version = "0.0.76"
+version = "0.0.77"
 requires-python = ">= 3.9"
 dependencies = [
     'requests',

socketsecurity/core/__init__.py

@@ -25,7 +25,7 @@
 
 
 __author__ = 'socket.dev'
-__version__ = '0.0.76'
+__version__ = '0.0.77'
 __all__ = [
     "Core",
     "log",

socketsecurity/core/github.py

@@ -280,15 +280,23 @@ def get_ignore_options(comments: dict) -> [bool, list]:
                     ignore_all = True
                 else:
                     command = command.lstrip("ignore").strip()
-                    name, version = command.split("@")
-                    data = f"{name}, {version}"
+                    name, version = command.rsplit("@", 1)
+                    ecosystem, name = name.split("/", 1)
+                    data = (ecosystem, name, version)
                     ignore_commands.append(data)
         return ignore_all, ignore_commands
 
     @staticmethod
-    def is_ignore(pkg_name: str, pkg_version: str, name: str, version: str) -> bool:
+    def is_ignore(
+            pkg_ecosystem: str,
+            pkg_name: str,
+            pkg_version: str,
+            ecosystem: str,
+            name: str,
+            version: str
+    ) -> bool:
         result = False
-        if pkg_name == name and (pkg_version == version or version == "*"):
+        if pkg_ecosystem == ecosystem and pkg_name == name and (pkg_version == version or version == "*"):
             result = True
         return result
 
@@ -317,13 +325,13 @@ def process_security_comment(comment: GithubComment, comments) -> str:
             if "start-socket-alerts-table" in line:
                 start = True
             elif start and "end-socket-alerts-table" not in line and not Github.is_heading_line(line) and line != '':
-                title, package, introduced_by, manifest = line.lstrip("|").rstrip("|").split("|")
+                title, package, introduced_by, manifest = line.strip("|").split("|")
                 details, _ = package.split("](")
-                ecosystem, details = details.split("/", 1)
+                pkg_ecosystem, details = details.strip("[").split("/", 1)
                 pkg_name, pkg_version = details.split("@")
                 ignore = False
-                for name, version in ignore_commands:
-                    if ignore_all or Github.is_ignore(pkg_name, pkg_version, name, version):
+                for ecosystem, name, version in ignore_commands:
+                    if ignore_all or Github.is_ignore(pkg_ecosystem, pkg_name, pkg_version, ecosystem, name, version):
                         ignore = True
                 if not ignore:
                     lines.append(line)

socketsecurity/core/messages.py

@@ -146,9 +146,10 @@ def create_security_alert_table(diff: Diff, md: MdUtils) -> (MdUtils, list, dict
             if ignore not in ignore_commands:
                 ignore_commands.append(ignore)
             manifest_str, sources = Messages.create_sources(alert, "console")
+            purl_url = f"[{alert.purl}]({alert.url})"
             row = [
                 alert.title,
-                alert.url,
+                purl_url,
                 ", ".join(sources),
                 manifest_str
             ]