Add JSON-LD example

Adds a JSON-LD example and GitHub actions to validate them

Signed-off-by: Joshua Watt <[email protected]>

.github/workflows/validate_examples.yml

@@ -0,0 +1,29 @@
+on:
+  - pull_request
+  - push
+
+jobs:
+  validate-examples:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
+      - name: Install dependencies
+        run: |
+          python3 -m pip install pyshacl==0.25.0 check-jsonschema==0.28.1
+      - name: Check files
+        run: |
+          set -e
+          for f in examples/jsonld/*.json; do
+            echo "Checking $f"
+
+            check-jsonschema \
+              -v \
+              --schemafile https://spdx.org/schema/3.0.0/spdx-json-schema.json \
+              $f
+
+            pyshacl \
+              -s https://spdx.org/rdf/3.0.0/spdx-model.ttl \
+              -e https://spdx.org/rdf/3.0.0/spdx-model.ttl \
+              $f
+          done
+

examples/jsonld/package_sbom.json

@@ -0,0 +1,88 @@
+{
+    "@context": "https://spdx.org/rdf/3.0.0/spdx-context.jsonld",
+    "@graph": [
+        {
+            "type": "CreationInfo",
+            "@id": "_:creationinfo",
+            "createdBy": [
+                "http://spdx.example.com/Agent/JoshuaWatt"
+            ],
+            "specVersion": "3.0.0",
+            "created": "2024-03-06T00:00:00Z"
+        },
+        {
+            "type": "Person",
+            "spdxId": "http://spdx.example.com/Agent/JoshuaWatt",
+            "name": "Joshua Watt",
+            "creationInfo": "_:creationinfo",
+            "externalIdentifier": [
+                {
+                    "type": "ExternalIdentifier",
+                    "externalIdentifierType": "email",
+                    "identifier": "[email protected]"
+                }
+            ]
+        },
+        {
+            "type": "SpdxDocument",
+            "spdxId": "http://spdx.example.com/Document1",
+            "creationInfo": "_:creationinfo",
+            "rootElement": [
+                "http://spdx.example.com/BOM1"
+            ],
+            "profileConformance": [
+                "core",
+                "software"
+            ]
+        },
+        {
+            "type": "software_Sbom",
+            "spdxId": "http://spdx.example.com/BOM1",
+            "creationInfo": "_:creationinfo",
+            "rootElement": [
+                "http://spdx.example.com/Package1"
+            ],
+            "software_sbomType": [
+                "build"
+            ]
+        },
+        {
+            "type": "software_Package",
+            "spdxId": "http://spdx.example.com/Package1",
+            "creationInfo": "_:creationinfo",
+            "name": "my-package",
+            "software_packageVersion": "1.0",
+            "software_downloadLocation": "http://dl.example.com/my-package_1.0.0.tar",
+            "builtTime": "2024-03-06T00:00:00Z",
+            "originatedBy": [
+                "http://spdx.example.com/Agent/JoshuaWatt"
+            ]
+        },
+        {
+            "type": "software_File",
+            "spdxId": "http://spdx.example.com/Package1/myprogram",
+            "creationInfo": "_:creationinfo",
+            "name": "myprogram",
+            "software_primaryPurpose": "executable",
+            "software_additionalPurpose": [
+                "application"
+            ],
+            "software_copyrightText": "Copyright 2024, Joshua Watt",
+            "builtTime": "2024-03-06T00:00:00Z",
+            "originatedBy": [
+                "http://spdx.example.com/Agent/JoshuaWatt"
+            ]
+        },
+        {
+            "type": "Relationship",
+            "spdxId": "http://spdx.example.com/Relationship/1",
+            "creationInfo": "_:creationinfo",
+            "from": "http://spdx.example.com/Package1",
+            "relationshipType": "contains",
+            "to": [
+                "http://spdx.example.com/Package1/myprogram"
+            ],
+            "completeness": "complete"
+        }
+    ]
+}