From 62a8a4bf76cd618b87984d006c53fbaa3fdd252d Mon Sep 17 00:00:00 2001
From: Ridwan Hoq <ridwanhoq@microsoft.com>
Date: Sat, 2 Dec 2023 00:05:47 +0000
Subject: [PATCH 1/3] add ./ as a valid test case

Signed-off-by: Ridwan Hoq <ridwanhoq@microsoft.com>
---
 packageurl_test.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/packageurl_test.go b/packageurl_test.go
index f8f21e8..ad93762 100644
--- a/packageurl_test.go
+++ b/packageurl_test.go
@@ -486,6 +486,19 @@ func TestNormalize(t *testing.T) {
 			Subpath: "/sub/../path/",
 		},
 		wantErr: true,
+	}, {
+		name: "'./' is a valid subpath prefix",
+		input: packageurl.PackageURL{
+			Type:    "npm",
+			Name:    "pkg",
+			Subpath: "./sub/path",
+		},
+		want: packageurl.PackageURL{
+			Type:       "npm",
+			Name:       "pkg",
+			Qualifiers: packageurl.Qualifiers{},
+			Subpath:    "./sub/path",
+		},
 	}, {
 		name: "known type namespace adjustments",
 		input: packageurl.PackageURL{

From 322020f75714912d9fff2ceeb026fca5fed6a2af Mon Sep 17 00:00:00 2001
From: Ridwan Hoq <ridwanhoq@microsoft.com>
Date: Sat, 2 Dec 2023 00:09:42 +0000
Subject: [PATCH 2/3] add ../ as a valid prefix test

Signed-off-by: Ridwan Hoq <ridwanhoq@microsoft.com>
---
 packageurl_test.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/packageurl_test.go b/packageurl_test.go
index ad93762..db4151b 100644
--- a/packageurl_test.go
+++ b/packageurl_test.go
@@ -499,6 +499,19 @@ func TestNormalize(t *testing.T) {
 			Qualifiers: packageurl.Qualifiers{},
 			Subpath:    "./sub/path",
 		},
+	}, {
+		name: "'../' is a valid subpath prefix",
+		input: packageurl.PackageURL{
+			Type:    "npm",
+			Name:    "pkg",
+			Subpath: "../sub/path",
+		},
+		want: packageurl.PackageURL{
+			Type:       "npm",
+			Name:       "pkg",
+			Qualifiers: packageurl.Qualifiers{},
+			Subpath:    "../sub/path",
+		},
 	}, {
 		name: "known type namespace adjustments",
 		input: packageurl.PackageURL{

From 6f82665e37f1727dbb812a1249f45ac9413eafc1 Mon Sep 17 00:00:00 2001
From: Ridwan Hoq <ridwanhoq@microsoft.com>
Date: Sat, 2 Dec 2023 00:10:06 +0000
Subject: [PATCH 3/3] enable valid prefix

Signed-off-by: Ridwan Hoq <ridwanhoq@microsoft.com>
---
 packageurl.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packageurl.go b/packageurl.go
index d200ab5..0dd89a7 100644
--- a/packageurl.go
+++ b/packageurl.go
@@ -457,8 +457,8 @@ func (p *PackageURL) Normalize() error {
 	}
 	subpath := strings.Trim(p.Subpath, "/")
 	segs := strings.Split(p.Subpath, "/")
-	for _, s := range segs {
-		if s == "." || s == ".." {
+	for i, s := range segs {
+		if (s == "." || s == "..") && i != 0 {
 			return fmt.Errorf("invalid Package URL subpath: %q", p.Subpath)
 		}
 	}