git.stella-ops.org/tests/AirGap/StellaOps.AirGap.Importer.Tests/Reconciliation/Fixtures/sample.spdx.json

{
  "spdxVersion": "SPDX-2.3",
  "dataLicense": "CC0-1.0",
  "SPDXID": "SPDXRef-DOCUMENT",
  "name": "test-app-sbom",
  "documentNamespace": "https://example.com/test-app/1.0.0",
  "creationInfo": {
    "created": "2025-01-15T10:00:00Z",
    "creators": [
      "Tool: syft-1.0.0"
    ]
  },
  "documentDescribes": [
    "SPDXRef-Package-test-app"
  ],
  "packages": [
    {
      "SPDXID": "SPDXRef-Package-test-app",
      "name": "test-app",
      "versionInfo": "1.0.0",
      "downloadLocation": "NOASSERTION",
      "filesAnalyzed": false,
      "checksums": [
        {
          "algorithm": "SHA256",
          "checksumValue": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
        }
      ]
    },
    {
      "SPDXID": "SPDXRef-Package-zlib",
      "name": "zlib",
      "versionInfo": "1.2.11",
      "downloadLocation": "NOASSERTION",
      "filesAnalyzed": false,
      "checksums": [
        {
          "algorithm": "SHA256",
          "checksumValue": "c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1"
        }
      ],
      "externalRefs": [
        {
          "referenceCategory": "PACKAGE-MANAGER",
          "referenceType": "purl",
          "referenceLocator": "pkg:generic/zlib@1.2.11"
        }
      ]
    },
    {
      "SPDXID": "SPDXRef-Package-openssl",
      "name": "openssl",
      "versionInfo": "3.0.0",
      "downloadLocation": "NOASSERTION",
      "filesAnalyzed": false,
      "checksums": [
        {
          "algorithm": "SHA256",
          "checksumValue": "919b4a3e65a8deade6b3c94dd44cb98e0f65a1785a787689c23e6b5c0b4edfea"
        }
      ],
      "externalRefs": [
        {
          "referenceCategory": "PACKAGE-MANAGER",
          "referenceType": "purl",
          "referenceLocator": "pkg:generic/openssl@3.0.0"
        }
      ]
    }
  ],
  "relationships": [
    {
      "spdxElementId": "SPDXRef-DOCUMENT",
      "relatedSpdxElement": "SPDXRef-Package-test-app",
      "relationshipType": "DESCRIBES"
    },
    {
      "spdxElementId": "SPDXRef-Package-test-app",
      "relatedSpdxElement": "SPDXRef-Package-zlib",
      "relationshipType": "DEPENDS_ON"
    },
    {
      "spdxElementId": "SPDXRef-Package-test-app",
      "relatedSpdxElement": "SPDXRef-Package-openssl",
      "relationshipType": "DEPENDS_ON"
    }
  ]
}