syft/syft/formats/spdxjson/test-fixtures/snapshot/TestSPDXJSONImageEncoder.golden

{
 "spdxVersion": "SPDX-2.3",
 "dataLicense": "CC0-1.0",
 "SPDXID": "SPDXRef-DOCUMENT",
 "name": "user-image-input",
 "documentNamespace": "https://anchore.com/syft/image/user-image-input-5b9aac79-334c-4d6a-b2e6-95a819c1d45a",
 "creationInfo": {
  "licenseListVersion": "3.20",
  "creators": [
   "Organization: Anchore, Inc",
   "Tool: syft-v0.42.0-bogus"
  ],
  "created": "2023-06-05T18:49:14Z"
 },
 "packages": [
  {
   "name": "package-1",
   "SPDXID": "SPDXRef-Package-python-package-1-125840abc1c66dd7",
   "versionInfo": "1.0.1",
   "downloadLocation": "NOASSERTION",
   "filesAnalyzed": false,
   "sourceInfo": "acquired package info from installed python package manifest file: /somefile-1.txt",
   "licenseConcluded": "NOASSERTION",
   "licenseDeclared": "MIT",
   "copyrightText": "NOASSERTION",
   "externalRefs": [
    {
     "referenceCategory": "SECURITY",
     "referenceType": "cpe23Type",
     "referenceLocator": "cpe:2.3:*:some:package:1:*:*:*:*:*:*:*"
    },
    {
     "referenceCategory": "PACKAGE-MANAGER",
     "referenceType": "purl",
     "referenceLocator": "a-purl-1"
    }
   ]
  },
  {
   "name": "package-2",
   "SPDXID": "SPDXRef-Package-deb-package-2-958443e2d9304af4",
   "versionInfo": "2.0.1",
   "downloadLocation": "NOASSERTION",
   "filesAnalyzed": false,
   "sourceInfo": "acquired package info from DPKG DB: /somefile-2.txt",
   "licenseConcluded": "NOASSERTION",
   "licenseDeclared": "NOASSERTION",
   "copyrightText": "NOASSERTION",
   "externalRefs": [
    {
     "referenceCategory": "SECURITY",
     "referenceType": "cpe23Type",
     "referenceLocator": "cpe:2.3:*:some:package:2:*:*:*:*:*:*:*"
    },
    {
     "referenceCategory": "PACKAGE-MANAGER",
     "referenceType": "purl",
     "referenceLocator": "pkg:deb/debian/package-2@2.0.1"
    }
   ]
  }
 ],
 "relationships": [
  {
   "spdxElementId": "SPDXRef-DOCUMENT",
   "relatedSpdxElement": "SPDXRef-DOCUMENT",
   "relationshipType": "DESCRIBES"
  }
 ]
}