fix: include namespace in deduplicated purl construction

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,5 @@
+Click on the "Preview" tab and select appropriate PR template:
+
+[New Feature](?expand=1&template=feature.md)
+[Bug Fix](?expand=1&template=bug-fix.md)
+[Improvement](?expand=1&template=improvement.md)

.github/PULL_REQUEST_TEMPLATE/bug-fix.md

@@ -0,0 +1,19 @@
+<!--Description: Briefly describe the bug and its impact. If there's a related Linear ticket or Sentry issue, link it here. ⬇️ -->
+
+## Root Cause
+<!-- Concise explanation of what caused the bug ⬇️ -->
+
+
+
+## Fix
+<!-- Explain how your changes address the bug ⬇️ -->
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog, Leave blank otherwise. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-sdk-template-bug-fix -->

.github/PULL_REQUEST_TEMPLATE/feature.md

@@ -0,0 +1,16 @@
+<!-- Description: Briefly describe the new feature you're introducing ⬇️ -->
+
+
+## Why?
+<!-- Explain the motivation behind this feature and its expected benefits ⬇️ -->
+
+
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-sdk-template-feature -->

.github/PULL_REQUEST_TEMPLATE/improvement.md

@@ -0,0 +1,10 @@
+<!-- Description: Briefly describe the code improvement you're making. This could include things like lint fixes, adding monitoring dashboards, optimizing scripts, refactoring, etc. ⬇️ -->
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-sdk-template-improvement -->

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketdev"
-version = "3.0.0"
+version = "3.0.2"
 requires-python = ">= 3.9"
 dependencies = [
     'requests',

socketdev/core/dedupe.py

@@ -61,7 +61,29 @@ def alert_identity(alert: dict) -> tuple:
         base = package_group[0]
         base["releases"] = sorted(releases)
         base["alerts"] = list(alert_map.values())
-        base["purl"] = f"pkg:{base.get('type', 'unknown')}/{base.get('name', 'unknown')}@{base.get('version', '0.0.0')}"
+
+        # Use inputPurl if available and complete, otherwise construct proper purl with namespace
+        if "inputPurl" in base and "@" in base["inputPurl"]:
+            # inputPurl has version, use it as-is
+            base["purl"] = base["inputPurl"]
+        else:
+            # Construct purl properly with namespace and version
+            purl_type = base.get('type', 'unknown')
+            namespace = base.get('namespace')
+            name = base.get('name', 'unknown')
+            version = base.get('version', '0.0.0')
+
+            # Start with inputPurl if available (without version) or construct from scratch
+            if "inputPurl" in base and not "@" in base["inputPurl"]:
+                # inputPurl exists but lacks version, append it
+                base["purl"] = f"{base['inputPurl']}@{version}"
+            else:
+                # Construct complete purl from components
+                if namespace:
+                    base["purl"] = f"pkg:{purl_type}/{namespace}/{name}@{version}"
+                else:
+                    base["purl"] = f"pkg:{purl_type}/{name}@{version}"
+
         return base
 
     @staticmethod

socketdev/version.py

@@ -1 +1 @@
-__version__ = "3.0.0"
+__version__ = "3.0.2"