Python(Go) - pipenv/venv - Details of Document and root package are not matching with the repo against which SPDX file is generated

[niruautomation]

@lfpratik Tool Version I cloned the code from master on 14-06-2021, build the tool and verified the ticket Test Repo https://github.com/lfpratik/spdx-pipenv-demo OS Windows 10

1. Followed all prerequisite steps as per https://confluence.linuxfoundation.org/display/PROD/SPDX+-+Python+Module+-+Prerequisites+For+Windows
2. Followed Prerequisite and Steps as per below screenshot
3. Execute ./spdx-sbom-generator
4. Observed that SPDX file is generated but details of Document and root package are not matching with the repo against which SPDX file is generated

[lfpratik]

@niruautomation, the following output, is expected. This is generated on Linux Machine. I will take a look of the windows issue.

SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: spdx-pipenv-demo-0.0.1 DocumentNamespace: http://spdx.org/spdxpackages/spdx-pipenv-demo-0.0.1-649d8602-227d-4afe-a07f-20ddfdece7b7 Creator: Tool: spdx-sbom-generator-0.0.1 Created: 2021-06-14T10:59:24Z

Package representing the spdx-pipenv-demo

PackageName: spdx-pipenv-demo SPDXID: SPDXRef-Package-spdx-pipenv-demo PackageVersion: 0.0.1 PackageSupplier: NOASSERTION PackageDownloadLocation: NOASSERTION FilesAnalyzed: false PackageChecksum: SHA1: 3bd71887b1244298ae19ca516df14f39061c668d PackageHomePage: https://github.com/lfpratik/spdx-pipenv-demo PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION PackageLicenseComments: NOASSERTION PackageComment: NOASSERTION

[niruautomation]

@lfpratik As discussed the issue is observed with SPDX file generated for venv as well

[niruautomation]

Verified that the issue is fixed bom-pyenv.spdx.txt bom-pipenv.spdx.txt