From 053e311b39d10ce166f6dfdc07a55ce258990cac Mon Sep 17 00:00:00 2001
From: Jono Yang <jyang@nexb.com>
Date: Tue, 2 Aug 2022 01:13:22 +0000
Subject: [PATCH] Update test expectations #447

Signed-off-by: Jono Yang <jyang@nexb.com>
---
 .../data/alpine_3_15_4_scan_codebase.json     |  78 +++---
 ...asgiref-3.3.0_load_inventory_expected.json |  48 ++--
 .../data/basic-rootfs_root_filesystems.json   |  10 +-
 scanpipe/tests/data/centos_scan_codebase.json | 234 ++++++++--------
 scanpipe/tests/data/debian_scan_codebase.json |  10 +-
 .../minitag.tar-expected-scan.json            |  16 +-
 .../data/is-npm-1.0.0_scan_codebase.json      |   1 +
 .../tests/data/is-npm-1.0.0_scan_package.json |   4 +-
 .../is-npm-1.0.0_scan_package_summary.json    |   1 +
 .../multiple-is-npm-1.0.0_scan_package.json   | 260 +++++++++---------
 ...ple-is-npm-1.0.0_scan_package_summary.json |   1 +
 scanpipe/tests/test_pipelines.py              |   4 +-
 12 files changed, 340 insertions(+), 327 deletions(-)

diff --git a/scanpipe/tests/data/alpine_3_15_4_scan_codebase.json b/scanpipe/tests/data/alpine_3_15_4_scan_codebase.json
index e9d127593..58e2acdb1 100644
--- a/scanpipe/tests/data/alpine_3_15_4_scan_codebase.json
+++ b/scanpipe/tests/data/alpine_3_15_4_scan_codebase.json
@@ -117,7 +117,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=dfa1379357a321e638feef1cd8d55ab03d020f45",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "gpl-2.0",
       "declared_license": "GPL-2.0-only",
       "notice_text": "",
       "manifest_path": "",
@@ -185,7 +185,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=aab68f8c9ab434a46710de8e12fb3206e2930a59",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "mit",
       "declared_license": "MIT",
       "notice_text": "",
       "manifest_path": "",
@@ -373,7 +373,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=1ac3c1bb29eeff083c621cf6b27ad12ab93cb73a",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "gpl-2.0",
       "declared_license": "GPL-2.0-only",
       "notice_text": "",
       "manifest_path": "",
@@ -406,7 +406,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=2745de7e1b09e663b477a8141b84f7d81a049963",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "gpl-2.0",
       "declared_license": "GPL-2.0-only",
       "notice_text": "",
       "manifest_path": "",
@@ -450,7 +450,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=709b70bcb72738cfedc510bba08141b012038167",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "mpl-2.0 AND mit",
       "declared_license": "MPL-2.0 AND MIT",
       "notice_text": "",
       "manifest_path": "",
@@ -494,7 +494,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=455e966899a9358fc94f5bce633afe8a1942095c",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "openssl-ssleay",
       "declared_license": "OpenSSL",
       "notice_text": "",
       "manifest_path": "",
@@ -562,7 +562,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=60424133be2e79bbfeff3d58147a22886f817ce2",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "bsd-simplified AND bsd-new",
       "declared_license": "BSD-2-Clause AND BSD-3-Clause",
       "notice_text": "",
       "manifest_path": "",
@@ -595,7 +595,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=91c7a9f3aa296b6d462c5634e7658ebdbff65bb9",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "isc AND (bsd-new OR mit)",
       "declared_license": "ISC AND (BSD-3-Clause OR MIT)",
       "notice_text": "",
       "manifest_path": "",
@@ -639,7 +639,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=455e966899a9358fc94f5bce633afe8a1942095c",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "openssl-ssleay",
       "declared_license": "OpenSSL",
       "notice_text": "",
       "manifest_path": "",
@@ -683,7 +683,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=bf5bbfdbf780092f387b7abe401fbfceda90c84d",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "mit",
       "declared_license": "MIT",
       "notice_text": "",
       "manifest_path": "",
@@ -727,7 +727,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=bf5bbfdbf780092f387b7abe401fbfceda90c84d",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "mit AND bsd-new AND gpl-2.0-plus",
       "declared_license": "MIT BSD GPL2+",
       "notice_text": "",
       "manifest_path": "",
@@ -760,7 +760,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=86b3d4fbb0a760febf3476f9a58abf8d0f728d5c",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "gpl-2.0",
       "declared_license": "GPL-2.0-only",
       "notice_text": "",
       "manifest_path": "",
@@ -793,7 +793,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=2745de7e1b09e663b477a8141b84f7d81a049963",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "gpl-2.0",
       "declared_license": "GPL-2.0-only",
       "notice_text": "",
       "manifest_path": "",
@@ -826,7 +826,7 @@
       "code_view_url": "",
       "vcs_url": "git+http://git.alpinelinux.org/aports/commit/?id=74148808679f47ad96dc99e83ef73acfdeec1642",
       "copyright": "",
-      "license_expression": "",
+      "license_expression": "zlib",
       "declared_license": "Zlib",
       "notice_text": "",
       "manifest_path": "",
@@ -1658,7 +1658,7 @@
       "for_packages": [
         "pkg:alpine/alpine-baselayout@3.2.0-r18?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/profile.d/color_prompt.sh.disabled",
+      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/profile.d/README",
       "sha1": "",
       "md5": "",
       "extra_data": {},
@@ -1672,8 +1672,8 @@
       "status": "system-package",
       "tag": "img-06c7c4-layer-01-40e48c",
       "type": "file",
-      "name": "color_prompt.sh.disabled",
-      "extension": ".disabled",
+      "name": "README",
+      "extension": "",
       "programming_language": "",
       "mime_type": "inode/x-empty",
       "is_binary": false,
@@ -1687,7 +1687,7 @@
       "for_packages": [
         "pkg:alpine/alpine-baselayout@3.2.0-r18?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/profile.d/locale.sh",
+      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/profile.d/color_prompt.sh.disabled",
       "sha1": "",
       "md5": "",
       "extra_data": {},
@@ -1701,9 +1701,9 @@
       "status": "system-package",
       "tag": "img-06c7c4-layer-01-40e48c",
       "type": "file",
-      "name": "locale.sh",
-      "extension": ".sh",
-      "programming_language": "Bash",
+      "name": "color_prompt.sh.disabled",
+      "extension": ".disabled",
+      "programming_language": "",
       "mime_type": "inode/x-empty",
       "is_binary": false,
       "is_text": true,
@@ -1716,7 +1716,7 @@
       "for_packages": [
         "pkg:alpine/alpine-baselayout@3.2.0-r18?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/profile.d/README",
+      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/profile.d/locale.sh",
       "sha1": "",
       "md5": "",
       "extra_data": {},
@@ -1730,9 +1730,9 @@
       "status": "system-package",
       "tag": "img-06c7c4-layer-01-40e48c",
       "type": "file",
-      "name": "README",
-      "extension": "",
-      "programming_language": "",
+      "name": "locale.sh",
+      "extension": ".sh",
+      "programming_language": "Bash",
       "mime_type": "inode/x-empty",
       "is_binary": false,
       "is_text": true,
@@ -1888,9 +1888,9 @@
     },
     {
       "for_packages": [
-        "pkg:alpine/libcrypto1.1@1.1.1n-r0?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
+        "pkg:alpine/ca-certificates-bundle@20211220-r0?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl1.1/ct_log_list.cnf.dist",
+      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl/certs/ca-certificates.crt",
       "sha1": "",
       "md5": "",
       "extra_data": {},
@@ -1904,8 +1904,8 @@
       "status": "system-package",
       "tag": "img-06c7c4-layer-01-40e48c",
       "type": "file",
-      "name": "ct_log_list.cnf.dist",
-      "extension": ".dist",
+      "name": "ca-certificates.crt",
+      "extension": ".crt",
       "programming_language": "",
       "mime_type": "inode/x-empty",
       "is_binary": false,
@@ -1919,7 +1919,7 @@
       "for_packages": [
         "pkg:alpine/libcrypto1.1@1.1.1n-r0?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl1.1/openssl.cnf",
+      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl1.1/ct_log_list.cnf.dist",
       "sha1": "",
       "md5": "",
       "extra_data": {},
@@ -1933,8 +1933,8 @@
       "status": "system-package",
       "tag": "img-06c7c4-layer-01-40e48c",
       "type": "file",
-      "name": "openssl.cnf",
-      "extension": ".cnf",
+      "name": "ct_log_list.cnf.dist",
+      "extension": ".dist",
       "programming_language": "",
       "mime_type": "inode/x-empty",
       "is_binary": false,
@@ -1948,7 +1948,7 @@
       "for_packages": [
         "pkg:alpine/libcrypto1.1@1.1.1n-r0?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl1.1/openssl.cnf.dist",
+      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl1.1/openssl.cnf",
       "sha1": "",
       "md5": "",
       "extra_data": {},
@@ -1962,8 +1962,8 @@
       "status": "system-package",
       "tag": "img-06c7c4-layer-01-40e48c",
       "type": "file",
-      "name": "openssl.cnf.dist",
-      "extension": ".dist",
+      "name": "openssl.cnf",
+      "extension": ".cnf",
       "programming_language": "",
       "mime_type": "inode/x-empty",
       "is_binary": false,
@@ -1975,9 +1975,9 @@
     },
     {
       "for_packages": [
-        "pkg:alpine/ca-certificates-bundle@20211220-r0?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
+        "pkg:alpine/libcrypto1.1@1.1.1n-r0?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl/certs/ca-certificates.crt",
+      "path": "alpine_3_15_4.tar.gz-extract/40e48c8ef2450e6a9e8d50b846a58ede43f1b01dd351d2bdd7dca14c5c033f20/etc/ssl1.1/openssl.cnf.dist",
       "sha1": "",
       "md5": "",
       "extra_data": {},
@@ -1991,8 +1991,8 @@
       "status": "system-package",
       "tag": "img-06c7c4-layer-01-40e48c",
       "type": "file",
-      "name": "ca-certificates.crt",
-      "extension": ".crt",
+      "name": "openssl.cnf.dist",
+      "extension": ".dist",
       "programming_language": "",
       "mime_type": "inode/x-empty",
       "is_binary": false,
diff --git a/scanpipe/tests/data/asgiref-3.3.0_load_inventory_expected.json b/scanpipe/tests/data/asgiref-3.3.0_load_inventory_expected.json
index d4785dbe2..b9002bb86 100644
--- a/scanpipe/tests/data/asgiref-3.3.0_load_inventory_expected.json
+++ b/scanpipe/tests/data/asgiref-3.3.0_load_inventory_expected.json
@@ -900,9 +900,9 @@
     },
     {
       "for_packages": [],
-      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/top_level.txt",
-      "sha1": "612390bd0d0227c009f9c99b479878adf7ac2f23",
-      "md5": "680e61db4d95c8d9501b7a49fa2bf0b2",
+      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/WHEEL",
+      "sha1": "ddd91bc89b15fc5c66e0fa259392955c74ba041f",
+      "md5": "5ccc7519eb42f1dfceee6e7d685f1ff5",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -914,8 +914,8 @@
       "status": "",
       "tag": "",
       "type": "file",
-      "name": "top_level.txt",
-      "extension": ".txt",
+      "name": "WHEEL",
+      "extension": "",
       "programming_language": "",
       "mime_type": "text/plain",
       "is_binary": false,
@@ -927,9 +927,9 @@
     },
     {
       "for_packages": [],
-      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/WHEEL",
-      "sha1": "ddd91bc89b15fc5c66e0fa259392955c74ba041f",
-      "md5": "5ccc7519eb42f1dfceee6e7d685f1ff5",
+      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/top_level.txt",
+      "sha1": "612390bd0d0227c009f9c99b479878adf7ac2f23",
+      "md5": "680e61db4d95c8d9501b7a49fa2bf0b2",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -941,8 +941,8 @@
       "status": "",
       "tag": "",
       "type": "file",
-      "name": "WHEEL",
-      "extension": "",
+      "name": "top_level.txt",
+      "extension": ".txt",
       "programming_language": "",
       "mime_type": "text/plain",
       "is_binary": false,
@@ -954,9 +954,9 @@
     },
     {
       "for_packages": [],
-      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref/compatibility.py",
-      "sha1": "9c74e64e9a71903bb227907ea1806eac77e52434",
-      "md5": "5231077fd0628314246fcba7817b561e",
+      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref/__init__.py",
+      "sha1": "91bc786d907bf3ca8b8e6277063107975780f9ca",
+      "md5": "4910b756f4e611055140e80f757d9325",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -968,10 +968,10 @@
       "status": "",
       "tag": "",
       "type": "file",
-      "name": "compatibility.py",
+      "name": "__init__.py",
       "extension": ".py",
       "programming_language": "Python",
-      "mime_type": "text/x-script.python",
+      "mime_type": "text/plain",
       "is_binary": false,
       "is_text": true,
       "is_archive": false,
@@ -981,9 +981,9 @@
     },
     {
       "for_packages": [],
-      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref/current_thread_executor.py",
-      "sha1": "aacf7e5e2e5ba78ccfb67fa10e9e6b22c3935c9b",
-      "md5": "b4c45f37055d88dd11b15eb4de51b074",
+      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref/compatibility.py",
+      "sha1": "9c74e64e9a71903bb227907ea1806eac77e52434",
+      "md5": "5231077fd0628314246fcba7817b561e",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -995,7 +995,7 @@
       "status": "",
       "tag": "",
       "type": "file",
-      "name": "current_thread_executor.py",
+      "name": "compatibility.py",
       "extension": ".py",
       "programming_language": "Python",
       "mime_type": "text/x-script.python",
@@ -1008,9 +1008,9 @@
     },
     {
       "for_packages": [],
-      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref/__init__.py",
-      "sha1": "91bc786d907bf3ca8b8e6277063107975780f9ca",
-      "md5": "4910b756f4e611055140e80f757d9325",
+      "path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref/current_thread_executor.py",
+      "sha1": "aacf7e5e2e5ba78ccfb67fa10e9e6b22c3935c9b",
+      "md5": "b4c45f37055d88dd11b15eb4de51b074",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -1022,10 +1022,10 @@
       "status": "",
       "tag": "",
       "type": "file",
-      "name": "__init__.py",
+      "name": "current_thread_executor.py",
       "extension": ".py",
       "programming_language": "Python",
-      "mime_type": "text/plain",
+      "mime_type": "text/x-script.python",
       "is_binary": false,
       "is_text": true,
       "is_archive": false,
diff --git a/scanpipe/tests/data/basic-rootfs_root_filesystems.json b/scanpipe/tests/data/basic-rootfs_root_filesystems.json
index fcb095efc..39893f828 100644
--- a/scanpipe/tests/data/basic-rootfs_root_filesystems.json
+++ b/scanpipe/tests/data/basic-rootfs_root_filesystems.json
@@ -66,8 +66,8 @@
       "bug_tracking_url": "",
       "code_view_url": "",
       "vcs_url": "",
-      "copyright": "",
-      "license_expression": "",
+      "copyright": "Copyright (c) 1998-2016 Free Software Foundation, Inc.\nCopyright (c) 2001 by Pradeep Padala\nCopyright (c) 1994 X Consortium\nCopyright (c) 1980, 1991, 1992, 1993 The Regents of the University of California\nCopyright 1996-2007 by Thomas E. Dickey",
+      "license_expression": "x11-fsf AND x11-xconsortium AND bsd-new AND x11-fsf",
       "declared_license": "",
       "notice_text": "",
       "manifest_path": "",
@@ -105,9 +105,9 @@
       "bug_tracking_url": "",
       "code_view_url": "",
       "vcs_url": "",
-      "copyright": "",
-      "license_expression": "",
-      "declared_license": "",
+      "copyright": "Copyright 2013 Jiri Pirko <jiri@resnulli.us>\nCopyright 2014 Andrew Ayer <agwa@andrewayer.name>",
+      "license_expression": "(lgpl-2.1-plus AND lgpl-2.1-plus AND lgpl-2.1) AND (lgpl-2.1-plus AND lgpl-2.1-plus AND lgpl-2.1)",
+      "declared_license": "['LGPL-2.1+', 'LGPL-2.1+', 'LGPL-2.1+']",
       "notice_text": "",
       "manifest_path": "",
       "contains_source_code": null,
diff --git a/scanpipe/tests/data/centos_scan_codebase.json b/scanpipe/tests/data/centos_scan_codebase.json
index ceb791904..445c55651 100644
--- a/scanpipe/tests/data/centos_scan_codebase.json
+++ b/scanpipe/tests/data/centos_scan_codebase.json
@@ -186473,41 +186473,10 @@
       "package_data": []
     },
     {
-      "for_packages": [
-        "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
-      ],
-      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/Basenames",
-      "sha1": "5c43fdc391c9e65b52f120243d457080192eca00",
-      "md5": "1fd49559da5d29138518f1ecfe480dd2",
-      "extra_data": {},
-      "copyrights": [],
-      "holders": [],
-      "authors": [],
-      "licenses": [],
-      "license_expressions": [],
-      "emails": [],
-      "urls": [],
-      "status": "system-package",
-      "tag": "img-c967b7-layer-01-a10cf7",
-      "type": "file",
-      "name": "Basenames",
-      "extension": "",
-      "programming_language": "",
-      "mime_type": "application/octet-stream",
-      "is_binary": true,
-      "is_text": false,
-      "is_archive": false,
-      "is_key_file": false,
-      "is_media": false,
-      "package_data": []
-    },
-    {
-      "for_packages": [
-        "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
-      ],
-      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/Conflictname",
-      "sha1": "c41423b1874e06f4d78af413bb3c431b7559d2b2",
-      "md5": "1bfe2a53c31a4f95c5741843f92fb118",
+      "for_packages": [],
+      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/.dbenv.lock",
+      "sha1": "",
+      "md5": "",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -186516,27 +186485,25 @@
       "license_expressions": [],
       "emails": [],
       "urls": [],
-      "status": "system-package",
+      "status": "ignored-empty-file",
       "tag": "img-c967b7-layer-01-a10cf7",
       "type": "file",
-      "name": "Conflictname",
-      "extension": "",
+      "name": ".dbenv.lock",
+      "extension": ".lock",
       "programming_language": "",
-      "mime_type": "application/octet-stream",
-      "is_binary": true,
-      "is_text": false,
+      "mime_type": "inode/x-empty",
+      "is_binary": false,
+      "is_text": true,
       "is_archive": false,
       "is_key_file": false,
       "is_media": false,
       "package_data": []
     },
     {
-      "for_packages": [
-        "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
-      ],
-      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/__db.001",
-      "sha1": "c1d37450bad3fdb663e6adcc41589c926a689493",
-      "md5": "207400bf857ed379b9cbd1ad7e00313e",
+      "for_packages": [],
+      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/.rpm.lock",
+      "sha1": "",
+      "md5": "",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -186545,15 +186512,15 @@
       "license_expressions": [],
       "emails": [],
       "urls": [],
-      "status": "system-package",
+      "status": "ignored-empty-file",
       "tag": "img-c967b7-layer-01-a10cf7",
       "type": "file",
-      "name": "__db.001",
-      "extension": ".001",
+      "name": ".rpm.lock",
+      "extension": ".lock",
       "programming_language": "",
-      "mime_type": "application/octet-stream",
-      "is_binary": true,
-      "is_text": false,
+      "mime_type": "inode/x-empty",
+      "is_binary": false,
+      "is_text": true,
       "is_archive": false,
       "is_key_file": false,
       "is_media": false,
@@ -186563,9 +186530,9 @@
       "for_packages": [
         "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/__db.002",
-      "sha1": "dbbe3665209726f17692eeb22d9947556095a60d",
-      "md5": "8ed39e14582e7d514c26ce2db09c132c",
+      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/Basenames",
+      "sha1": "5c43fdc391c9e65b52f120243d457080192eca00",
+      "md5": "1fd49559da5d29138518f1ecfe480dd2",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -186577,8 +186544,8 @@
       "status": "system-package",
       "tag": "img-c967b7-layer-01-a10cf7",
       "type": "file",
-      "name": "__db.002",
-      "extension": ".002",
+      "name": "Basenames",
+      "extension": "",
       "programming_language": "",
       "mime_type": "application/octet-stream",
       "is_binary": true,
@@ -186592,9 +186559,9 @@
       "for_packages": [
         "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
       ],
-      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/__db.003",
-      "sha1": "d2c19ae9b3924bb3df8f5c5dfc10163829a1a20c",
-      "md5": "a6b95fa049d7bca73756401893375ade",
+      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/Conflictname",
+      "sha1": "c41423b1874e06f4d78af413bb3c431b7559d2b2",
+      "md5": "1bfe2a53c31a4f95c5741843f92fb118",
       "extra_data": {},
       "copyrights": [],
       "holders": [],
@@ -186606,8 +186573,8 @@
       "status": "system-package",
       "tag": "img-c967b7-layer-01-a10cf7",
       "type": "file",
-      "name": "__db.003",
-      "extension": ".003",
+      "name": "Conflictname",
+      "extension": "",
       "programming_language": "",
       "mime_type": "application/octet-stream",
       "is_binary": true,
@@ -186617,33 +186584,6 @@
       "is_media": false,
       "package_data": []
     },
-    {
-      "for_packages": [],
-      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/.dbenv.lock",
-      "sha1": "",
-      "md5": "",
-      "extra_data": {},
-      "copyrights": [],
-      "holders": [],
-      "authors": [],
-      "licenses": [],
-      "license_expressions": [],
-      "emails": [],
-      "urls": [],
-      "status": "ignored-empty-file",
-      "tag": "img-c967b7-layer-01-a10cf7",
-      "type": "file",
-      "name": ".dbenv.lock",
-      "extension": ".lock",
-      "programming_language": "",
-      "mime_type": "inode/x-empty",
-      "is_binary": false,
-      "is_text": true,
-      "is_archive": false,
-      "is_key_file": false,
-      "is_media": false,
-      "package_data": []
-    },
     {
       "for_packages": [
         "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
@@ -186957,33 +186897,6 @@
       "is_media": false,
       "package_data": []
     },
-    {
-      "for_packages": [],
-      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/.rpm.lock",
-      "sha1": "",
-      "md5": "",
-      "extra_data": {},
-      "copyrights": [],
-      "holders": [],
-      "authors": [],
-      "licenses": [],
-      "license_expressions": [],
-      "emails": [],
-      "urls": [],
-      "status": "ignored-empty-file",
-      "tag": "img-c967b7-layer-01-a10cf7",
-      "type": "file",
-      "name": ".rpm.lock",
-      "extension": ".lock",
-      "programming_language": "",
-      "mime_type": "inode/x-empty",
-      "is_binary": false,
-      "is_text": true,
-      "is_archive": false,
-      "is_key_file": false,
-      "is_media": false,
-      "package_data": []
-    },
     {
       "for_packages": [
         "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
@@ -187151,6 +187064,93 @@
       "is_key_file": false,
       "is_media": false,
       "package_data": []
+    },
+    {
+      "for_packages": [
+        "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
+      ],
+      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/__db.001",
+      "sha1": "c1d37450bad3fdb663e6adcc41589c926a689493",
+      "md5": "207400bf857ed379b9cbd1ad7e00313e",
+      "extra_data": {},
+      "copyrights": [],
+      "holders": [],
+      "authors": [],
+      "licenses": [],
+      "license_expressions": [],
+      "emails": [],
+      "urls": [],
+      "status": "system-package",
+      "tag": "img-c967b7-layer-01-a10cf7",
+      "type": "file",
+      "name": "__db.001",
+      "extension": ".001",
+      "programming_language": "",
+      "mime_type": "application/octet-stream",
+      "is_binary": true,
+      "is_text": false,
+      "is_archive": false,
+      "is_key_file": false,
+      "is_media": false,
+      "package_data": []
+    },
+    {
+      "for_packages": [
+        "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
+      ],
+      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/__db.002",
+      "sha1": "dbbe3665209726f17692eeb22d9947556095a60d",
+      "md5": "8ed39e14582e7d514c26ce2db09c132c",
+      "extra_data": {},
+      "copyrights": [],
+      "holders": [],
+      "authors": [],
+      "licenses": [],
+      "license_expressions": [],
+      "emails": [],
+      "urls": [],
+      "status": "system-package",
+      "tag": "img-c967b7-layer-01-a10cf7",
+      "type": "file",
+      "name": "__db.002",
+      "extension": ".002",
+      "programming_language": "",
+      "mime_type": "application/octet-stream",
+      "is_binary": true,
+      "is_text": false,
+      "is_archive": false,
+      "is_key_file": false,
+      "is_media": false,
+      "package_data": []
+    },
+    {
+      "for_packages": [
+        "pkg:rpm/rpm@4.14.2?arch=x86_64&uuid=fixed-uid-done-for-testing-5642512d1758"
+      ],
+      "path": "centos.tar.gz-extract/a10cf747c363a52be048f884c084a25e03280d54a7ac02e17dbd8c5ad160e9bd/var/lib/rpm/__db.003",
+      "sha1": "d2c19ae9b3924bb3df8f5c5dfc10163829a1a20c",
+      "md5": "a6b95fa049d7bca73756401893375ade",
+      "extra_data": {},
+      "copyrights": [],
+      "holders": [],
+      "authors": [],
+      "licenses": [],
+      "license_expressions": [],
+      "emails": [],
+      "urls": [],
+      "status": "system-package",
+      "tag": "img-c967b7-layer-01-a10cf7",
+      "type": "file",
+      "name": "__db.003",
+      "extension": ".003",
+      "programming_language": "",
+      "mime_type": "application/octet-stream",
+      "is_binary": true,
+      "is_text": false,
+      "is_archive": false,
+      "is_key_file": false,
+      "is_media": false,
+      "package_data": []
     }
   ]
 }
\ No newline at end of file
diff --git a/scanpipe/tests/data/debian_scan_codebase.json b/scanpipe/tests/data/debian_scan_codebase.json
index d0be4f669..1af8da67b 100644
--- a/scanpipe/tests/data/debian_scan_codebase.json
+++ b/scanpipe/tests/data/debian_scan_codebase.json
@@ -116,8 +116,8 @@
       "bug_tracking_url": "",
       "code_view_url": "",
       "vcs_url": "",
-      "copyright": "",
-      "license_expression": "",
+      "copyright": "Copyright (c) 1998-2016 Free Software Foundation, Inc.\nCopyright (c) 2001 by Pradeep Padala\nCopyright (c) 1994 X Consortium\nCopyright (c) 1980, 1991, 1992, 1993 The Regents of the University of California\nCopyright 1996-2007 by Thomas E. Dickey",
+      "license_expression": "x11-fsf AND x11-xconsortium AND bsd-new AND x11-fsf",
       "declared_license": "",
       "notice_text": "",
       "manifest_path": "",
@@ -187,9 +187,9 @@
       "bug_tracking_url": "",
       "code_view_url": "",
       "vcs_url": "",
-      "copyright": "",
-      "license_expression": "",
-      "declared_license": "",
+      "copyright": "Copyright 2013 Jiri Pirko <jiri@resnulli.us>\nCopyright 2014 Andrew Ayer <agwa@andrewayer.name>",
+      "license_expression": "(lgpl-2.1-plus AND lgpl-2.1-plus AND lgpl-2.1) AND (lgpl-2.1-plus AND lgpl-2.1-plus AND lgpl-2.1)",
+      "declared_license": "['LGPL-2.1+', 'LGPL-2.1+', 'LGPL-2.1+']",
       "notice_text": "",
       "manifest_path": "",
       "contains_source_code": null,
diff --git a/scanpipe/tests/data/image-with-symlinks/minitag.tar-expected-scan.json b/scanpipe/tests/data/image-with-symlinks/minitag.tar-expected-scan.json
index f23dcbcfb..58f617c70 100644
--- a/scanpipe/tests/data/image-with-symlinks/minitag.tar-expected-scan.json
+++ b/scanpipe/tests/data/image-with-symlinks/minitag.tar-expected-scan.json
@@ -74,6 +74,7 @@
     }
   ],
   "packages": [],
+  "dependencies": [],
   "files": [
     {
       "for_packages": [],
@@ -91,7 +92,7 @@
       "status": "no-licenses",
       "tag": "img-592e8d-layer-01-887ac3",
       "type": "file",
-      "name": "libcrypto.so.1.0",
+      "name": "libcrypto.so.1.0.0",
       "extension": ".0",
       "programming_language": "",
       "mime_type": "application/x-sharedlib",
@@ -99,7 +100,8 @@
       "is_text": false,
       "is_archive": false,
       "is_key_file": false,
-      "is_media": false
+      "is_media": false,
+      "package_data": []
     },
     {
       "for_packages": [],
@@ -117,7 +119,7 @@
       "status": "no-licenses",
       "tag": "img-592e8d-layer-01-887ac3",
       "type": "file",
-      "name": "libssl.so.1.0",
+      "name": "libssl.so.1.0.0",
       "extension": ".0",
       "programming_language": "",
       "mime_type": "application/x-sharedlib",
@@ -125,7 +127,8 @@
       "is_text": false,
       "is_archive": false,
       "is_key_file": false,
-      "is_media": false
+      "is_media": false,
+      "package_data": []
     },
     {
       "for_packages": [],
@@ -143,7 +146,7 @@
       "status": "no-licenses",
       "tag": "img-592e8d-layer-01-887ac3",
       "type": "file",
-      "name": "pkgdata",
+      "name": "pkgdata.inc",
       "extension": ".inc",
       "programming_language": "PHP",
       "mime_type": "text/plain",
@@ -151,7 +154,8 @@
       "is_text": true,
       "is_archive": false,
       "is_key_file": false,
-      "is_media": false
+      "is_media": false,
+      "package_data": []
     }
   ]
 }
\ No newline at end of file
diff --git a/scanpipe/tests/data/is-npm-1.0.0_scan_codebase.json b/scanpipe/tests/data/is-npm-1.0.0_scan_codebase.json
index dc2831dd7..3a622a10a 100644
--- a/scanpipe/tests/data/is-npm-1.0.0_scan_codebase.json
+++ b/scanpipe/tests/data/is-npm-1.0.0_scan_codebase.json
@@ -258,6 +258,7 @@
             {
               "purl": "pkg:npm/ava",
               "scope": "devDependencies",
+              "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
               "is_resolved": false,
diff --git a/scanpipe/tests/data/is-npm-1.0.0_scan_package.json b/scanpipe/tests/data/is-npm-1.0.0_scan_package.json
index 3244b07d7..528e3d44d 100644
--- a/scanpipe/tests/data/is-npm-1.0.0_scan_package.json
+++ b/scanpipe/tests/data/is-npm-1.0.0_scan_package.json
@@ -34,6 +34,7 @@
       "is_optional": true,
       "is_resolved": false,
       "resolved_package": {},
+      "extra_data": {},
       "dependency_uid": "pkg:npm/ava?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/is-npm@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "datafile_path": "codebase/package/package.json",
@@ -356,7 +357,8 @@
               "is_runtime": false,
               "is_optional": true,
               "is_resolved": false,
-              "resolved_package": {}
+              "resolved_package": {},
+              "extra_data": {}
             }
           ],
           "repository_homepage_url": "https://www.npmjs.com/package/is-npm",
diff --git a/scanpipe/tests/data/is-npm-1.0.0_scan_package_summary.json b/scanpipe/tests/data/is-npm-1.0.0_scan_package_summary.json
index 2ef409c24..4a050c3e1 100644
--- a/scanpipe/tests/data/is-npm-1.0.0_scan_package_summary.json
+++ b/scanpipe/tests/data/is-npm-1.0.0_scan_package_summary.json
@@ -153,6 +153,7 @@
             {
               "purl": "pkg:npm/ava",
               "scope": "devDependencies",
+              "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
               "is_resolved": false,
diff --git a/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package.json b/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package.json
index fb74ce19d..c31fe3c0a 100644
--- a/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package.json
+++ b/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package.json
@@ -34,6 +34,7 @@
       "is_optional": true,
       "is_resolved": false,
       "resolved_package": {},
+      "extra_data": {},
       "dependency_uid": "pkg:npm/ava?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/is-npm@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "datafile_path": "codebase/is-npm/package.json",
@@ -47,6 +48,7 @@
       "is_optional": true,
       "is_resolved": false,
       "resolved_package": {},
+      "extra_data": {},
       "dependency_uid": "pkg:npm/ava?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/is-npm@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "datafile_path": "codebase/is-npm/node_modules/is-npm/package.json",
@@ -307,7 +309,123 @@
       "scan_errors": []
     },
     {
-      "path": "codebase/is-npm/package.json",
+      "path": "codebase/is-npm/node_modules",
+      "type": "directory",
+      "name": "node_modules",
+      "base_name": "node_modules",
+      "extension": "",
+      "sha1": null,
+      "md5": null,
+      "sha256": null,
+      "mime_type": null,
+      "programming_language": null,
+      "is_binary": false,
+      "is_text": false,
+      "is_archive": false,
+      "is_media": false,
+      "is_source": false,
+      "is_script": false,
+      "licenses": [],
+      "license_expressions": [],
+      "percentage_of_license_text": 0,
+      "copyrights": [],
+      "holders": [],
+      "authors": [],
+      "package_data": [],
+      "for_packages": [],
+      "emails": [],
+      "urls": [],
+      "is_legal": false,
+      "is_manifest": false,
+      "is_readme": false,
+      "is_top_level": true,
+      "is_key_file": false,
+      "is_license_text": false,
+      "files_count": 3,
+      "dirs_count": 1,
+      "size_count": 1187,
+      "scan_errors": []
+    },
+    {
+      "path": "codebase/is-npm/node_modules/is-npm",
+      "type": "directory",
+      "name": "is-npm",
+      "base_name": "is-npm",
+      "extension": "",
+      "sha1": null,
+      "md5": null,
+      "sha256": null,
+      "mime_type": null,
+      "programming_language": null,
+      "is_binary": false,
+      "is_text": false,
+      "is_archive": false,
+      "is_media": false,
+      "is_source": false,
+      "is_script": false,
+      "licenses": [],
+      "license_expressions": [],
+      "percentage_of_license_text": 0,
+      "copyrights": [],
+      "holders": [],
+      "authors": [],
+      "package_data": [],
+      "for_packages": [],
+      "emails": [],
+      "urls": [],
+      "is_legal": false,
+      "is_manifest": false,
+      "is_readme": false,
+      "is_top_level": false,
+      "is_key_file": false,
+      "is_license_text": false,
+      "files_count": 3,
+      "dirs_count": 0,
+      "size_count": 1187,
+      "scan_errors": []
+    },
+    {
+      "path": "codebase/is-npm/node_modules/is-npm/index.js",
+      "type": "file",
+      "name": "index.js",
+      "base_name": "index",
+      "extension": ".js",
+      "sha1": "ecce1fc677fa7d20fc5593b63db45e45c5e8768a",
+      "md5": "bc4b18b0c8c32b94883d6fc1d675e919",
+      "sha256": "4044efe5626e2fbc40d3d7ce8b263b831d7644ac179e20cdf15b2794f8934030",
+      "mime_type": "text/plain",
+      "programming_language": "JavaScript",
+      "is_binary": false,
+      "is_text": true,
+      "is_archive": false,
+      "is_media": false,
+      "is_source": true,
+      "is_script": false,
+      "licenses": [],
+      "license_expressions": [],
+      "percentage_of_license_text": 0,
+      "copyrights": [],
+      "holders": [],
+      "authors": [],
+      "package_data": [],
+      "for_packages": [
+        "pkg:npm/is-npm@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758"
+      ],
+      "emails": [],
+      "urls": [],
+      "is_legal": false,
+      "is_manifest": false,
+      "is_readme": false,
+      "is_top_level": false,
+      "is_key_file": false,
+      "is_license_text": false,
+      "files_count": 0,
+      "dirs_count": 0,
+      "size_count": 0,
+      "scan_errors": []
+    },
+    {
+      "path": "codebase/is-npm/node_modules/is-npm/package.json",
       "type": "file",
       "name": "package.json",
       "base_name": "package",
@@ -425,7 +543,8 @@
               "is_runtime": false,
               "is_optional": true,
               "is_resolved": false,
-              "resolved_package": {}
+              "resolved_package": {},
+              "extra_data": {}
             }
           ],
           "repository_homepage_url": "https://www.npmjs.com/package/is-npm",
@@ -455,8 +574,8 @@
       "is_legal": false,
       "is_manifest": true,
       "is_readme": false,
-      "is_top_level": true,
-      "is_key_file": true,
+      "is_top_level": false,
+      "is_key_file": false,
       "is_license_text": false,
       "files_count": 0,
       "dirs_count": 0,
@@ -464,7 +583,7 @@
       "scan_errors": []
     },
     {
-      "path": "codebase/is-npm/readme.md",
+      "path": "codebase/is-npm/node_modules/is-npm/readme.md",
       "type": "file",
       "name": "readme.md",
       "base_name": "readme",
@@ -570,122 +689,6 @@
       "is_legal": false,
       "is_manifest": false,
       "is_readme": true,
-      "is_top_level": true,
-      "is_key_file": true,
-      "is_license_text": false,
-      "files_count": 0,
-      "dirs_count": 0,
-      "size_count": 0,
-      "scan_errors": []
-    },
-    {
-      "path": "codebase/is-npm/node_modules",
-      "type": "directory",
-      "name": "node_modules",
-      "base_name": "node_modules",
-      "extension": "",
-      "sha1": null,
-      "md5": null,
-      "sha256": null,
-      "mime_type": null,
-      "programming_language": null,
-      "is_binary": false,
-      "is_text": false,
-      "is_archive": false,
-      "is_media": false,
-      "is_source": false,
-      "is_script": false,
-      "licenses": [],
-      "license_expressions": [],
-      "percentage_of_license_text": 0,
-      "copyrights": [],
-      "holders": [],
-      "authors": [],
-      "package_data": [],
-      "for_packages": [],
-      "emails": [],
-      "urls": [],
-      "is_legal": false,
-      "is_manifest": false,
-      "is_readme": false,
-      "is_top_level": true,
-      "is_key_file": false,
-      "is_license_text": false,
-      "files_count": 3,
-      "dirs_count": 1,
-      "size_count": 1187,
-      "scan_errors": []
-    },
-    {
-      "path": "codebase/is-npm/node_modules/is-npm",
-      "type": "directory",
-      "name": "is-npm",
-      "base_name": "is-npm",
-      "extension": "",
-      "sha1": null,
-      "md5": null,
-      "sha256": null,
-      "mime_type": null,
-      "programming_language": null,
-      "is_binary": false,
-      "is_text": false,
-      "is_archive": false,
-      "is_media": false,
-      "is_source": false,
-      "is_script": false,
-      "licenses": [],
-      "license_expressions": [],
-      "percentage_of_license_text": 0,
-      "copyrights": [],
-      "holders": [],
-      "authors": [],
-      "package_data": [],
-      "for_packages": [],
-      "emails": [],
-      "urls": [],
-      "is_legal": false,
-      "is_manifest": false,
-      "is_readme": false,
-      "is_top_level": false,
-      "is_key_file": false,
-      "is_license_text": false,
-      "files_count": 3,
-      "dirs_count": 0,
-      "size_count": 1187,
-      "scan_errors": []
-    },
-    {
-      "path": "codebase/is-npm/node_modules/is-npm/index.js",
-      "type": "file",
-      "name": "index.js",
-      "base_name": "index",
-      "extension": ".js",
-      "sha1": "ecce1fc677fa7d20fc5593b63db45e45c5e8768a",
-      "md5": "bc4b18b0c8c32b94883d6fc1d675e919",
-      "sha256": "4044efe5626e2fbc40d3d7ce8b263b831d7644ac179e20cdf15b2794f8934030",
-      "mime_type": "text/plain",
-      "programming_language": "JavaScript",
-      "is_binary": false,
-      "is_text": true,
-      "is_archive": false,
-      "is_media": false,
-      "is_source": true,
-      "is_script": false,
-      "licenses": [],
-      "license_expressions": [],
-      "percentage_of_license_text": 0,
-      "copyrights": [],
-      "holders": [],
-      "authors": [],
-      "package_data": [],
-      "for_packages": [
-        "pkg:npm/is-npm@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758"
-      ],
-      "emails": [],
-      "urls": [],
-      "is_legal": false,
-      "is_manifest": false,
-      "is_readme": false,
       "is_top_level": false,
       "is_key_file": false,
       "is_license_text": false,
@@ -695,7 +698,7 @@
       "scan_errors": []
     },
     {
-      "path": "codebase/is-npm/node_modules/is-npm/package.json",
+      "path": "codebase/is-npm/package.json",
       "type": "file",
       "name": "package.json",
       "base_name": "package",
@@ -813,7 +816,8 @@
               "is_runtime": false,
               "is_optional": true,
               "is_resolved": false,
-              "resolved_package": {}
+              "resolved_package": {},
+              "extra_data": {}
             }
           ],
           "repository_homepage_url": "https://www.npmjs.com/package/is-npm",
@@ -843,8 +847,8 @@
       "is_legal": false,
       "is_manifest": true,
       "is_readme": false,
-      "is_top_level": false,
-      "is_key_file": false,
+      "is_top_level": true,
+      "is_key_file": true,
       "is_license_text": false,
       "files_count": 0,
       "dirs_count": 0,
@@ -852,7 +856,7 @@
       "scan_errors": []
     },
     {
-      "path": "codebase/is-npm/node_modules/is-npm/readme.md",
+      "path": "codebase/is-npm/readme.md",
       "type": "file",
       "name": "readme.md",
       "base_name": "readme",
@@ -958,8 +962,8 @@
       "is_legal": false,
       "is_manifest": false,
       "is_readme": true,
-      "is_top_level": false,
-      "is_key_file": false,
+      "is_top_level": true,
+      "is_key_file": true,
       "is_license_text": false,
       "files_count": 0,
       "dirs_count": 0,
diff --git a/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package_summary.json b/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package_summary.json
index a0d16a5f5..84c35e295 100644
--- a/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package_summary.json
+++ b/scanpipe/tests/data/multiple-is-npm-1.0.0_scan_package_summary.json
@@ -161,6 +161,7 @@
             {
               "purl": "pkg:npm/ava",
               "scope": "devDependencies",
+              "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
               "is_resolved": false,
diff --git a/scanpipe/tests/test_pipelines.py b/scanpipe/tests/test_pipelines.py
index 1eb0d7f15..5a6e1cc55 100644
--- a/scanpipe/tests/test_pipelines.py
+++ b/scanpipe/tests/test_pipelines.py
@@ -398,7 +398,7 @@ def test_scanpipe_docker_pipeline_alpine_integration_test(self):
         exitcode, out = pipeline.execute()
         self.assertEqual(0, exitcode, msg=out)
 
-        self.assertEqual(109, project1.codebaseresources.count())
+        self.assertEqual(411, project1.codebaseresources.count())
         self.assertEqual(14, project1.discoveredpackages.count())
         self.assertEqual(0, project1.discovereddependencys.count())
 
@@ -495,7 +495,7 @@ def test_scanpipe_docker_pipeline_distroless_debian_integration_test(self):
         exitcode, out = pipeline.execute()
         self.assertEqual(0, exitcode, msg=out)
 
-        self.assertEqual(2302, project1.codebaseresources.count())
+        self.assertEqual(2305, project1.codebaseresources.count())
         self.assertEqual(6, project1.discoveredpackages.count())
         self.assertEqual(0, project1.discovereddependencys.count())