From 3a8b3e83d2af3f84af8bca469f721fb51e16063a Mon Sep 17 00:00:00 2001
From: Douglas Coburn <douglas@dactbc.com>
Date: Sat, 23 Aug 2025 16:33:39 -0700
Subject: [PATCH 1/3] fix: include namespace in deduplicated purl construction

Fix purl deduplication logic to properly handle namespace and inputPurl fields.
Previously, Maven packages were missing namespace in the returned purl field.

- Use inputPurl when available and complete
- Append version to incomplete inputPurl
- Construct proper purl with namespace when building from scratch
---
 pyproject.toml           |  2 +-
 socketdev/core/dedupe.py | 24 +++++++++++++++++++++++-
 socketdev/version.py     |  2 +-
 3 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index f3d17d2..9839a5f 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketdev"
-version = "3.0.0"
+version = "3.0.1"
 requires-python = ">= 3.9"
 dependencies = [
     'requests',
diff --git a/socketdev/core/dedupe.py b/socketdev/core/dedupe.py
index 1c285cf..38cf14b 100644
--- a/socketdev/core/dedupe.py
+++ b/socketdev/core/dedupe.py
@@ -61,7 +61,29 @@ def alert_identity(alert: dict) -> tuple:
         base = package_group[0]
         base["releases"] = sorted(releases)
         base["alerts"] = list(alert_map.values())
-        base["purl"] = f"pkg:{base.get('type', 'unknown')}/{base.get('name', 'unknown')}@{base.get('version', '0.0.0')}"
+        
+        # Use inputPurl if available and complete, otherwise construct proper purl with namespace
+        if "inputPurl" in base and "@" in base["inputPurl"]:
+            # inputPurl has version, use it as-is
+            base["purl"] = base["inputPurl"]
+        else:
+            # Construct purl properly with namespace and version
+            purl_type = base.get('type', 'unknown')
+            namespace = base.get('namespace')
+            name = base.get('name', 'unknown')
+            version = base.get('version', '0.0.0')
+            
+            # Start with inputPurl if available (without version) or construct from scratch
+            if "inputPurl" in base and not "@" in base["inputPurl"]:
+                # inputPurl exists but lacks version, append it
+                base["purl"] = f"{base['inputPurl']}@{version}"
+            else:
+                # Construct complete purl from components
+                if namespace:
+                    base["purl"] = f"pkg:{purl_type}/{namespace}/{name}@{version}"
+                else:
+                    base["purl"] = f"pkg:{purl_type}/{name}@{version}"
+        
         return base
 
     @staticmethod
diff --git a/socketdev/version.py b/socketdev/version.py
index 528787c..0552768 100644
--- a/socketdev/version.py
+++ b/socketdev/version.py
@@ -1 +1 @@
-__version__ = "3.0.0"
+__version__ = "3.0.1"

From 14d4a4c78f7fbde291c602cf9b979ffecf8e1c44 Mon Sep 17 00:00:00 2001
From: Douglas Coburn <douglas@dactbc.com>
Date: Sat, 23 Aug 2025 16:40:27 -0700
Subject: [PATCH 2/3] Added in templates

---
 .github/PULL_REQUEST_TEMPLATE.md             |  5 +++++
 .github/PULL_REQUEST_TEMPLATE/bug-fix.md     | 19 +++++++++++++++++++
 .github/PULL_REQUEST_TEMPLATE/feature.md     | 16 ++++++++++++++++
 .github/PULL_REQUEST_TEMPLATE/improvement.md | 10 ++++++++++
 pyproject.toml                               |  2 +-
 socketdev/version.py                         |  2 +-
 6 files changed, 52 insertions(+), 2 deletions(-)
 create mode 100644 .github/PULL_REQUEST_TEMPLATE.md
 create mode 100644 .github/PULL_REQUEST_TEMPLATE/bug-fix.md
 create mode 100644 .github/PULL_REQUEST_TEMPLATE/feature.md
 create mode 100644 .github/PULL_REQUEST_TEMPLATE/improvement.md

diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000..db131ed
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,5 @@
+Click on the "Preview" tab and select appropriate PR template:
+
+[New Feature](?expand=1&template=feature.md)
+[Bug Fix](?expand=1&template=bug-fix.md)
+[Improvement](?expand=1&template=improvement.md)
diff --git a/.github/PULL_REQUEST_TEMPLATE/bug-fix.md b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md
new file mode 100644
index 0000000..19413c0
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md
@@ -0,0 +1,19 @@
+<!--Description: Briefly describe the bug and its impact. If there's a related Linear ticket or Sentry issue, link it here. ⬇️ -->
+
+## Root Cause
+<!-- Concise explanation of what caused the bug ⬇️ -->
+
+
+
+## Fix
+<!-- Explain how your changes address the bug ⬇️ -->
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog, Leave blank otherwise. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-sdk-template-bug-fix -->
diff --git a/.github/PULL_REQUEST_TEMPLATE/feature.md b/.github/PULL_REQUEST_TEMPLATE/feature.md
new file mode 100644
index 0000000..e25f0e7
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE/feature.md
@@ -0,0 +1,16 @@
+<!-- Description: Briefly describe the new feature you're introducing ⬇️ -->
+
+
+## Why?
+<!-- Explain the motivation behind this feature and its expected benefits ⬇️ -->
+
+
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-sdk-template-feature -->
diff --git a/.github/PULL_REQUEST_TEMPLATE/improvement.md b/.github/PULL_REQUEST_TEMPLATE/improvement.md
new file mode 100644
index 0000000..fe9a87d
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE/improvement.md
@@ -0,0 +1,10 @@
+<!-- Description: Briefly describe the code improvement you're making. This could include things like lint fixes, adding monitoring dashboards, optimizing scripts, refactoring, etc. ⬇️ -->
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-sdk-template-improvement -->
diff --git a/pyproject.toml b/pyproject.toml
index 9839a5f..75738be 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketdev"
-version = "3.0.1"
+version = "3.0.2"
 requires-python = ">= 3.9"
 dependencies = [
     'requests',
diff --git a/socketdev/version.py b/socketdev/version.py
index 0552768..131942e 100644
--- a/socketdev/version.py
+++ b/socketdev/version.py
@@ -1 +1 @@
-__version__ = "3.0.1"
+__version__ = "3.0.2"

From e503f0f14ab2764dc7c5514295c0ba1fee6d28e7 Mon Sep 17 00:00:00 2001
From: Douglas <douglas@socket.dev>
Date: Sat, 23 Aug 2025 17:05:51 -0700
Subject: [PATCH 3/3] Update .github/PULL_REQUEST_TEMPLATE/bug-fix.md

Co-authored-by: Philipp Burckhardt <pburckhardt@outlook.com>
---
 .github/PULL_REQUEST_TEMPLATE/bug-fix.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/PULL_REQUEST_TEMPLATE/bug-fix.md b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md
index 19413c0..cb7dd00 100644
--- a/.github/PULL_REQUEST_TEMPLATE/bug-fix.md
+++ b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md
@@ -1,4 +1,4 @@
-<!--Description: Briefly describe the bug and its impact. If there's a related Linear ticket or Sentry issue, link it here. ⬇️ -->
+<!--Description: Briefly describe the bug and its impact. ⬇️ -->
 
 ## Root Cause
 <!-- Concise explanation of what caused the bug ⬇️ -->