github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/format/spdxjson/test-fixtures/snapshot/TestSPDXRelationshipOrder.golden (about) 1 { 2 "spdxVersion": "SPDX-2.3", 3 "dataLicense": "CC0-1.0", 4 "SPDXID": "SPDXRef-DOCUMENT", 5 "name": "user-image-input", 6 "documentNamespace":"redacted", 7 "creationInfo": { 8 "licenseListVersion":"redacted", 9 "creators": [ 10 "Organization: Anchore, Inc", 11 "Tool: syft-v0.42.0-bogus" 12 ], 13 "created":"redacted" 14 }, 15 "packages": [ 16 { 17 "name": "package-1", 18 "SPDXID": "SPDXRef-Package-python-package-1-80210ebcba92e632", 19 "versionInfo": "1.0.1", 20 "supplier": "NOASSERTION", 21 "downloadLocation": "NOASSERTION", 22 "filesAnalyzed": false, 23 "sourceInfo": "acquired package info from installed python package manifest file: /somefile-1.txt", 24 "licenseConcluded": "NOASSERTION", 25 "licenseDeclared": "MIT", 26 "copyrightText": "NOASSERTION", 27 "externalRefs": [ 28 { 29 "referenceCategory": "SECURITY", 30 "referenceType": "cpe23Type", 31 "referenceLocator": "cpe:2.3:*:some:package:1:*:*:*:*:*:*:*" 32 }, 33 { 34 "referenceCategory": "PACKAGE-MANAGER", 35 "referenceType": "purl", 36 "referenceLocator": "a-purl-1" 37 } 38 ] 39 }, 40 { 41 "name": "package-2", 42 "SPDXID": "SPDXRef-Package-deb-package-2-4b756c6f6fb127a3", 43 "versionInfo": "2.0.1", 44 "supplier": "NOASSERTION", 45 "downloadLocation": "NOASSERTION", 46 "filesAnalyzed": false, 47 "sourceInfo": "acquired package info from DPKG DB: /somefile-2.txt", 48 "licenseConcluded": "NOASSERTION", 49 "licenseDeclared": "NOASSERTION", 50 "copyrightText": "NOASSERTION", 51 "externalRefs": [ 52 { 53 "referenceCategory": "SECURITY", 54 "referenceType": "cpe23Type", 55 "referenceLocator": "cpe:2.3:*:some:package:2:*:*:*:*:*:*:*" 56 }, 57 { 58 "referenceCategory": "PACKAGE-MANAGER", 59 "referenceType": "purl", 60 "referenceLocator": "pkg:deb/debian/package-2@2.0.1" 61 } 62 ] 63 }, 64 { 65 "name": "user-image-input", 66 "SPDXID": "SPDXRef-DocumentRoot-Image-user-image-input", 67 "versionInfo": "sha256:2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368", 68 "supplier": "NOASSERTION", 69 "downloadLocation": "NOASSERTION", 70 "filesAnalyzed": false, 71 "checksums": [ 72 { 73 "algorithm": "SHA256", 74 "checksumValue": "2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368" 75 } 76 ], 77 "licenseConcluded": "NOASSERTION", 78 "licenseDeclared": "NOASSERTION", 79 "externalRefs": [ 80 { 81 "referenceCategory": "PACKAGE-MANAGER", 82 "referenceType": "purl", 83 "referenceLocator": "pkg:oci/user-image-input@sha256:2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368?arch=" 84 } 85 ], 86 "primaryPackagePurpose": "CONTAINER" 87 } 88 ], 89 "files": [ 90 { 91 "fileName": "/a1/f6", 92 "SPDXID": "SPDXRef-File-a1-f6-9c2f7510199b17f6", 93 "fileTypes": [ 94 "OTHER" 95 ], 96 "checksums": [ 97 { 98 "algorithm": "SHA1", 99 "checksumValue": "0000000000000000000000000000000000000000" 100 } 101 ], 102 "licenseConcluded": "NOASSERTION", 103 "licenseInfoInFiles": [ 104 "NOASSERTION" 105 ], 106 "copyrightText": "" 107 }, 108 { 109 "fileName": "/d1/f3", 110 "SPDXID": "SPDXRef-File-d1-f3-c6f5b29dca12661f", 111 "fileTypes": [ 112 "OTHER" 113 ], 114 "checksums": [ 115 { 116 "algorithm": "SHA1", 117 "checksumValue": "0000000000000000000000000000000000000000" 118 } 119 ], 120 "licenseConcluded": "NOASSERTION", 121 "licenseInfoInFiles": [ 122 "NOASSERTION" 123 ], 124 "copyrightText": "" 125 }, 126 { 127 "fileName": "/d2/f4", 128 "SPDXID": "SPDXRef-File-d2-f4-c641caa71518099f", 129 "fileTypes": [ 130 "OTHER" 131 ], 132 "checksums": [ 133 { 134 "algorithm": "SHA1", 135 "checksumValue": "0000000000000000000000000000000000000000" 136 } 137 ], 138 "licenseConcluded": "NOASSERTION", 139 "licenseInfoInFiles": [ 140 "NOASSERTION" 141 ], 142 "copyrightText": "" 143 }, 144 { 145 "fileName": "/f1", 146 "SPDXID": "SPDXRef-File-f1-5265a4dde3edbf7c", 147 "fileTypes": [ 148 "OTHER" 149 ], 150 "checksums": [ 151 { 152 "algorithm": "SHA1", 153 "checksumValue": "0000000000000000000000000000000000000000" 154 } 155 ], 156 "licenseConcluded": "NOASSERTION", 157 "licenseInfoInFiles": [ 158 "NOASSERTION" 159 ], 160 "copyrightText": "" 161 }, 162 { 163 "fileName": "/f2", 164 "SPDXID": "SPDXRef-File-f2-f9e49132a4b96ccd", 165 "fileTypes": [ 166 "OTHER" 167 ], 168 "checksums": [ 169 { 170 "algorithm": "SHA1", 171 "checksumValue": "0000000000000000000000000000000000000000" 172 } 173 ], 174 "licenseConcluded": "NOASSERTION", 175 "licenseInfoInFiles": [ 176 "NOASSERTION" 177 ], 178 "copyrightText": "" 179 }, 180 { 181 "fileName": "/z1/f5", 182 "SPDXID": "SPDXRef-File-z1-f5-839d99ee67d9d174", 183 "fileTypes": [ 184 "OTHER" 185 ], 186 "checksums": [ 187 { 188 "algorithm": "SHA1", 189 "checksumValue": "0000000000000000000000000000000000000000" 190 } 191 ], 192 "licenseConcluded": "NOASSERTION", 193 "licenseInfoInFiles": [ 194 "NOASSERTION" 195 ], 196 "copyrightText": "" 197 } 198 ], 199 "relationships": [ 200 { 201 "spdxElementId": "SPDXRef-Package-python-package-1-80210ebcba92e632", 202 "relatedSpdxElement": "SPDXRef-File-f1-5265a4dde3edbf7c", 203 "relationshipType": "CONTAINS" 204 }, 205 { 206 "spdxElementId": "SPDXRef-Package-python-package-1-80210ebcba92e632", 207 "relatedSpdxElement": "SPDXRef-File-z1-f5-839d99ee67d9d174", 208 "relationshipType": "CONTAINS" 209 }, 210 { 211 "spdxElementId": "SPDXRef-Package-python-package-1-80210ebcba92e632", 212 "relatedSpdxElement": "SPDXRef-File-a1-f6-9c2f7510199b17f6", 213 "relationshipType": "CONTAINS" 214 }, 215 { 216 "spdxElementId": "SPDXRef-Package-python-package-1-80210ebcba92e632", 217 "relatedSpdxElement": "SPDXRef-File-d2-f4-c641caa71518099f", 218 "relationshipType": "CONTAINS" 219 }, 220 { 221 "spdxElementId": "SPDXRef-Package-python-package-1-80210ebcba92e632", 222 "relatedSpdxElement": "SPDXRef-File-d1-f3-c6f5b29dca12661f", 223 "relationshipType": "CONTAINS" 224 }, 225 { 226 "spdxElementId": "SPDXRef-Package-python-package-1-80210ebcba92e632", 227 "relatedSpdxElement": "SPDXRef-File-f2-f9e49132a4b96ccd", 228 "relationshipType": "CONTAINS" 229 }, 230 { 231 "spdxElementId": "SPDXRef-DocumentRoot-Image-user-image-input", 232 "relatedSpdxElement": "SPDXRef-Package-python-package-1-80210ebcba92e632", 233 "relationshipType": "CONTAINS" 234 }, 235 { 236 "spdxElementId": "SPDXRef-DocumentRoot-Image-user-image-input", 237 "relatedSpdxElement": "SPDXRef-Package-deb-package-2-4b756c6f6fb127a3", 238 "relationshipType": "CONTAINS" 239 }, 240 { 241 "spdxElementId": "SPDXRef-DOCUMENT", 242 "relatedSpdxElement": "SPDXRef-DocumentRoot-Image-user-image-input", 243 "relationshipType": "DESCRIBES" 244 } 245 ] 246 }