github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/format/spdxjson/test-fixtures/snapshot/TestSPDXJSONImageEncoder.golden (about) 1 { 2 "spdxVersion": "SPDX-2.3", 3 "dataLicense": "CC0-1.0", 4 "SPDXID": "SPDXRef-DOCUMENT", 5 "name": "user-image-input", 6 "documentNamespace":"redacted", 7 "creationInfo": { 8 "licenseListVersion":"redacted", 9 "creators": [ 10 "Organization: Anchore, Inc", 11 "Tool: syft-v0.42.0-bogus" 12 ], 13 "created":"redacted" 14 }, 15 "packages": [ 16 { 17 "name": "package-1", 18 "SPDXID": "SPDXRef-Package-python-package-1-80210ebcba92e632", 19 "versionInfo": "1.0.1", 20 "supplier": "NOASSERTION", 21 "downloadLocation": "NOASSERTION", 22 "filesAnalyzed": false, 23 "sourceInfo": "acquired package info from installed python package manifest file: /somefile-1.txt", 24 "licenseConcluded": "NOASSERTION", 25 "licenseDeclared": "MIT", 26 "copyrightText": "NOASSERTION", 27 "externalRefs": [ 28 { 29 "referenceCategory": "SECURITY", 30 "referenceType": "cpe23Type", 31 "referenceLocator": "cpe:2.3:*:some:package:1:*:*:*:*:*:*:*" 32 }, 33 { 34 "referenceCategory": "PACKAGE-MANAGER", 35 "referenceType": "purl", 36 "referenceLocator": "a-purl-1" 37 } 38 ] 39 }, 40 { 41 "name": "package-2", 42 "SPDXID": "SPDXRef-Package-deb-package-2-4b756c6f6fb127a3", 43 "versionInfo": "2.0.1", 44 "supplier": "NOASSERTION", 45 "downloadLocation": "NOASSERTION", 46 "filesAnalyzed": false, 47 "sourceInfo": "acquired package info from DPKG DB: /somefile-2.txt", 48 "licenseConcluded": "NOASSERTION", 49 "licenseDeclared": "NOASSERTION", 50 "copyrightText": "NOASSERTION", 51 "externalRefs": [ 52 { 53 "referenceCategory": "SECURITY", 54 "referenceType": "cpe23Type", 55 "referenceLocator": "cpe:2.3:*:some:package:2:*:*:*:*:*:*:*" 56 }, 57 { 58 "referenceCategory": "PACKAGE-MANAGER", 59 "referenceType": "purl", 60 "referenceLocator": "pkg:deb/debian/package-2@2.0.1" 61 } 62 ] 63 }, 64 { 65 "name": "user-image-input", 66 "SPDXID": "SPDXRef-DocumentRoot-Image-user-image-input", 67 "versionInfo": "sha256:2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368", 68 "supplier": "NOASSERTION", 69 "downloadLocation": "NOASSERTION", 70 "filesAnalyzed": false, 71 "checksums": [ 72 { 73 "algorithm": "SHA256", 74 "checksumValue": "2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368" 75 } 76 ], 77 "licenseConcluded": "NOASSERTION", 78 "licenseDeclared": "NOASSERTION", 79 "externalRefs": [ 80 { 81 "referenceCategory": "PACKAGE-MANAGER", 82 "referenceType": "purl", 83 "referenceLocator": "pkg:oci/user-image-input@sha256:2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368?arch=" 84 } 85 ], 86 "primaryPackagePurpose": "CONTAINER" 87 } 88 ], 89 "relationships": [ 90 { 91 "spdxElementId": "SPDXRef-DocumentRoot-Image-user-image-input", 92 "relatedSpdxElement": "SPDXRef-Package-python-package-1-80210ebcba92e632", 93 "relationshipType": "CONTAINS" 94 }, 95 { 96 "spdxElementId": "SPDXRef-DocumentRoot-Image-user-image-input", 97 "relatedSpdxElement": "SPDXRef-Package-deb-package-2-4b756c6f6fb127a3", 98 "relationshipType": "CONTAINS" 99 }, 100 { 101 "spdxElementId": "SPDXRef-DOCUMENT", 102 "relatedSpdxElement": "SPDXRef-DocumentRoot-Image-user-image-input", 103 "relationshipType": "DESCRIBES" 104 } 105 ] 106 }