github.com/google/osv-scalibr@v0.4.1/extractor/filesystem/sbom/spdx/testdata/sbom.spdx.rdf (about) 1 2 <rdf:RDF 3 xmlns:spdx="http://spdx.org/rdf/terms#" 4 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 5 xmlns:doap="http://usefulinc.com/ns/doap#" 6 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"> 7 <spdx:SpdxDocument rdf:about="http://example.org/documents/examplesbom-1.0.1#SPDXRef-DOCUMENT"> 8 <spdx:creationInfo> 9 <spdx:CreationInfo> 10 <spdx:created>2023-04-28T15:44:16Z</spdx:created> 11 <spdx:creator>Person: John Doe</spdx:creator> 12 <spdx:licenseListVersion>3.18</spdx:licenseListVersion> 13 </spdx:CreationInfo> 14 </spdx:creationInfo> 15 <spdx:relationship> 16 <spdx:Relationship> 17 <spdx:relatedSpdxElement> 18 <spdx:Package rdf:about="http://example.org/documents/examplesbom-1.0.1#SPDXRef-nginx"> 19 <spdx:summary>Nginx</spdx:summary> 20 <spdx:copyrightText>NOASSERTION</spdx:copyrightText> 21 <spdx:licenseConcluded rdf:resource="http://spdx.org/rdf/terms#noassertion"/> 22 <spdx:description>Nginx 1.21.1</spdx:description> 23 <spdx:licenseDeclared rdf:resource="http://spdx.org/rdf/terms#noassertion"/> 24 <spdx:filesAnalyzed rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean" 25 >false</spdx:filesAnalyzed> 26 <spdx:downloadLocation>http://example.org/nginx.rar</spdx:downloadLocation> 27 <spdx:externalRef> 28 <spdx:ExternalRef> 29 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/> 30 <spdx:referenceType rdf:resource="http://spdx.org/rdf/references/cpe23Type"/> 31 <spdx:referenceLocator>cpe:2.3:a:nginx:nginx:1.21.1</spdx:referenceLocator> 32 </spdx:ExternalRef> 33 </spdx:externalRef> 34 <spdx:name>Nginx</spdx:name> 35 </spdx:Package> 36 </spdx:relatedSpdxElement> 37 <spdx:relationshipType rdf:resource="http://spdx.org/rdf/terms#relationshipType_describes"/> 38 </spdx:Relationship> 39 </spdx:relationship> 40 <spdx:relationship> 41 <spdx:Relationship> 42 <spdx:relatedSpdxElement> 43 <spdx:Package rdf:about="http://example.org/documents/examplesbom-1.0.1#SPDXRef-openssl"> 44 <spdx:summary>openssl</spdx:summary> 45 <spdx:copyrightText>NOASSERTION</spdx:copyrightText> 46 <spdx:description>openssl 1.1.1</spdx:description> 47 <spdx:licenseDeclared rdf:resource="http://spdx.org/rdf/terms#noassertion"/> 48 <spdx:filesAnalyzed rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</spdx:filesAnalyzed> 49 <spdx:externalRef> 50 <spdx:ExternalRef> 51 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/> 52 <spdx:referenceType rdf:resource="http://spdx.org/rdf/references/purl"/> 53 <spdx:referenceLocator>pkg:generic/openssl@1.1.1l</spdx:referenceLocator> 54 </spdx:ExternalRef> 55 </spdx:externalRef> 56 <spdx:licenseConcluded rdf:resource="http://spdx.org/rdf/terms#noassertion"/> 57 <spdx:name>openssl</spdx:name> 58 <spdx:downloadLocation>http://example.org/nginx.rar</spdx:downloadLocation> 59 </spdx:Package> 60 </spdx:relatedSpdxElement> 61 <spdx:relationshipType rdf:resource="http://spdx.org/rdf/terms#relationshipType_describes"/> 62 </spdx:Relationship> 63 </spdx:relationship> 64 <spdx:name>examplesbom</spdx:name> 65 <spdx:specVersion>SPDX-2.3</spdx:specVersion> 66 </spdx:SpdxDocument> 67 </rdf:RDF>