fix(fossid-webapp): Return empty PURL when artifact name is empty

[nnobelis]

The packageurl-jvm library throws MalformedPackageURLException when the name component is empty. This can happen for snippets with empty artifact names.
Return an empty string early when the name is blank.

This is a fixup for f1eadd8.

[sschuberth]

I'd prefer to inline this.

[nnobelis]

Writing:

when {
              snippet.purl != null -> snippet.purl

Does not work because it returns String? (Kotlin cannot make a smart cast to String maybe ?)

[sschuberth]

Weird that smart-cast does not work in this case. Then I'd prefer

snippet.purl != null -> checkNotNull(snippet.purl)

[sschuberth]

This is a fixup for 334810d.

Is this really a fixup for that commit? Because this change is specific to FossID.

@maennchen, should you commit 334810d maybe have been Pub-specific as well? In what context exactly did you come across the issue?

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 57.97%. Comparing base (6159101) to head (5b1ebe1).

Additional details and impacted files

@@            Coverage Diff            @@
##               main   #11537   +/-   ##
=========================================
  Coverage     57.97%   57.97%           
  Complexity     1730     1730           
=========================================
  Files           349      349           
  Lines         12993    12993           
  Branches       1263     1263           
=========================================
  Hits           7533     7533           
  Misses         4995     4995           
  Partials        465      465           

Flag	Coverage Δ
funTest-external-tools	14.18% <ø> (ø)
funTest-no-external-tools	30.87% <ø> (ø)
test-ubuntu-24.04	42.55% <ø> (ø)
test-windows-2025	42.53% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[nnobelis]

Is this really a fixup for that commit? Because this change is specific to FossID.

It's a fixup for c14f781 maybe?

[maennchen]

@nnobelis f1eadd8 would make more sense.

@sschuberth The commit 334810d was specifically targeting a failing test in the Pub Plugin.

The fix here makes sense. It was already wrong before f1eadd8 since it would've created an invalid purl without a name. It would probably be good to add a test for this specific behavior.

[sschuberth]

@sschuberth The commit 334810d was specifically targeting a failing test in the Pub Plugin.

@maennchen, so my point is, instead of

ort/model/src/main/kotlin/utils/PurlExtensions.kt

Lines 93 to 95 in 4af9208

	// Avoid a `MalformedPackageURLException` and behave like for `Identifier.EMPTY` in case of exotic packages like
	// Pub SDK packages (e.g., sky_engine) where the name is not explicitly set.
	if (name.isEmpty()) return ""

should we rather change something in the Pub analyzer so that such invalid PURLs are not being created in the first place?

[maennchen]

@sschuberth I'm not a 100% sure anymore from the top of my head. But I think Pub is creating an Identifier with no name and not a purl directly. But fixing the Identifier name would for sure be good.

[sschuberth]

But fixing the Identifier name would for sure be good.

See #11538.

[sschuberth]

This can be combined as mappedSnippets.shouldBeSingleton {.