From 2c0a3b4d3a3f86b95d80cf25e2edd5b088a8eaf8 Mon Sep 17 00:00:00 2001
From: behnazh-w <behnaz.hassanshahi@oracle.com>
Date: Sun, 10 Sep 2023 17:12:20 +1000
Subject: [PATCH] fix: encode PURL qualifiers as a normalized string

This PR sets ``encode=True`` to encode qualifiers as a normalized
string because SQLite doesn't support ``dict`` type.

It also adds exception handling for deserializing a PURL string while
initializing a Component instance.

Signed-off-by: behnazh-w <behnaz.hassanshahi@oracle.com>
---
 src/macaron/database/table_definitions.py | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/macaron/database/table_definitions.py b/src/macaron/database/table_definitions.py
index 1ee628ea5..cab711938 100644
--- a/src/macaron/database/table_definitions.py
+++ b/src/macaron/database/table_definitions.py
@@ -24,7 +24,7 @@
 
 from macaron.database.database_manager import ORMBase
 from macaron.database.rfc3339_datetime import RFC3339DateTime
-from macaron.errors import CUEExpectationError, CUERuntimeError
+from macaron.errors import CUEExpectationError, CUERuntimeError, InvalidPURLError
 from macaron.slsa_analyzer.provenance.expectations.cue import cue_validator
 from macaron.slsa_analyzer.provenance.expectations.expectation import Expectation
 from macaron.slsa_analyzer.slsa_req import ReqName
@@ -172,9 +172,21 @@ def __init__(self, purl: str, analysis: Analysis, repository: "Repository | None
             The corresponding analysis.
         repository: Repository | None
             The corresponding repository.
+
+        Raises
+        ------
+        InvalidPURLError
+            If the PURL provided from the user is invalid.
         """
-        purl_parts = PackageURL.from_string(purl)
-        purl_kwargs = purl_parts.to_dict()
+        try:
+            purl_parts = PackageURL.from_string(purl)
+        except ValueError as error:
+            raise InvalidPURLError(f"The package url {purl} is not valid.") from error
+
+        # We set ``encode=True`` to encode qualifiers as a normalized string because SQLite doesn't support ``dict`` type.
+        # TODO: Explore the ``dbm`` or ``shelve`` packages to support dict type, which are part of the Python standard library.
+        purl_kwargs = purl_parts.to_dict(encode=True)
+
         super().__init__(purl=purl, analysis=analysis, repository=repository, **purl_kwargs)
 
     @property