github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/sbom/spdx/testdata/happy/with-files-in-relationships-bom.json

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/sbom/spdx/testdata/happy/with-files-in-relationships-bom.json (about)

     1  {
     2    "spdxVersion": "SPDX-2.3",
     3    "dataLicense": "CC0-1.0",
     4    "SPDXID": "SPDXRef-DOCUMENT",
     5    "name": "app",
     6    "documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/app-8e571278-2221-4dcd-bc56-0b256210fa91",
     7    "creationInfo": {
     8      "licenseListVersion": "",
     9      "creators": [
    10        "Organization: aquasecurity",
    11        "Tool: trivy-dev"
    12      ],
    13      "created": "2023-05-31T05:58:45Z"
    14    },
    15    "packages": [
    16      {
    17        "name": "app",
    18        "SPDXID": "SPDXRef-Filesystem-13b142ca391a006e",
    19        "downloadLocation": "NONE",
    20        "copyrightText": "",
    21        "attributionTexts": [
    22          "SchemaVersion: 2"
    23        ],
    24        "primaryPackagePurpose": "SOURCE"
    25      },
    26      {
    27        "name": "node-pkg",
    28        "SPDXID": "SPDXRef-Application-24f8a80152e2c0fc",
    29        "downloadLocation": "NONE",
    30        "sourceInfo": "Node.js",
    31        "copyrightText": "",
    32        "primaryPackagePurpose": "APPLICATION"
    33      },
    34      {
    35        "name": "yargs-parser",
    36        "SPDXID": "SPDXRef-Package-c3508825bf3861d8",
    37        "versionInfo": "21.1.1",
    38        "supplier": "NOASSERTION",
    39        "downloadLocation": "NONE",
    40        "licenseConcluded": "ISC",
    41        "licenseDeclared": "ISC",
    42        "copyrightText": "",
    43        "externalRefs": [
    44          {
    45            "referenceCategory": "PACKAGE-MANAGER",
    46            "referenceType": "purl",
    47            "referenceLocator": "pkg:npm/yargs-parser@21.1.1"
    48          }
    49        ],
    50        "attributionTexts": [
    51          "PkgID: yargs-parser@21.1.1"
    52        ],
    53        "primaryPackagePurpose": "LIBRARY"
    54      }
    55    ],
    56    "files": [
    57      {
    58        "fileName": "node_modules/yargs-parser/package.json",
    59        "SPDXID": "SPDXRef-File-51bb5f929ef68877",
    60        "checksums": [
    61          {
    62            "algorithm": "SHA1",
    63            "checksumValue": "69e70ec702f9df4ff64024b5fdea4644f1ce6c97"
    64          }
    65        ],
    66        "copyrightText": ""
    67      }
    68    ],
    69    "relationships": [
    70      {
    71        "spdxElementId": "SPDXRef-DOCUMENT",
    72        "relatedSpdxElement": "SPDXRef-Filesystem-13b142ca391a006e",
    73        "relationshipType": "DESCRIBES"
    74      },
    75      {
    76        "spdxElementId": "SPDXRef-Filesystem-13b142ca391a006e",
    77        "relatedSpdxElement": "SPDXRef-Application-24f8a80152e2c0fc",
    78        "relationshipType": "CONTAINS"
    79      },
    80      {
    81        "spdxElementId": "SPDXRef-Application-24f8a80152e2c0fc",
    82        "relatedSpdxElement": "SPDXRef-Package-c3508825bf3861d8",
    83        "relationshipType": "CONTAINS"
    84      },
    85      {
    86        "spdxElementId": "SPDXRef-Package-c3508825bf3861d8",
    87        "relatedSpdxElement": "SPDXRef-File-51bb5f929ef68877",
    88        "relationshipType": "CONTAINS"
    89      }
    90    ]
    91  }