From 94064987c3fa6bb2e09ad338be1b43efa73b6fa3 Mon Sep 17 00:00:00 2001 From: Yannic Bonenberger Date: Wed, 11 Feb 2026 12:49:47 +0100 Subject: [PATCH] Use `safe` instead of `.replace()` for percent-encoding Note that this incorrectly classifies `/` as safe character when it should be encoded for backward compatibility with the existing test suite. It seems like the spec testsuite may be inconsistent whether `/` should be encoded or not (e.g., Bazel does while Maven doesn't). --- src/packageurl/__init__.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/packageurl/__init__.py b/src/packageurl/__init__.py index 3bfae87..cff703c 100644 --- a/src/packageurl/__init__.py +++ b/src/packageurl/__init__.py @@ -80,10 +80,9 @@ def quote(s: AnyStr) -> str: byte or unicode string. """ s_bytes = s.encode("utf-8") if isinstance(s, str) else s - quoted = _percent_quote(s_bytes) + quoted = _percent_quote(s_bytes, safe=':/') if not isinstance(quoted, str): quoted = quoted.decode("utf-8") - quoted = quoted.replace("%3A", ":") return quoted