From 8801b5147a11929c415f19b232f8b7b2b28d1d93 Mon Sep 17 00:00:00 2001
From: Ayan Sinha Mahapatra <ayansmahapatra@gmail.com>
Date: Tue, 29 Oct 2024 13:52:02 +0530
Subject: [PATCH 1/3] Bump scancode-toolkit version to v32.3.0

Signed-off-by: Ayan Sinha Mahapatra <ayansmahapatra@gmail.com>
---
 setup.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup.cfg b/setup.cfg
index b76a30bea..00b424042 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -72,7 +72,7 @@ install_requires =
     # Docker
     container-inspector==33.0.0
     # ScanCode-toolkit
-    scancode-toolkit[packages]==32.2.1
+    scancode-toolkit[packages]==32.3.0
     extractcode[full]==31.0.0
     commoncode==32.0.0
     packageurl-python==0.15.6

From dde1fc5b7a9d0bc3db1d0a65b1585a530bb20065 Mon Sep 17 00:00:00 2001
From: Ayan Sinha Mahapatra <ayansmahapatra@gmail.com>
Date: Mon, 21 Oct 2024 14:52:35 +0700
Subject: [PATCH 2/3] Rename dependency and license match attributes

* Rename is_resolved to is_pinned for dependencies
* Rename spdx_license_expression to license_expression_spdx for license matches

Signed-off-by: Ayan Sinha Mahapatra <ayansmahapatra@gmail.com>
---
 scanpipe/admin.py                             |   4 +-
 scanpipe/api/serializers.py                   |   4 +-
 scanpipe/filters.py                           |   8 +-
 ...ename_discovered_dependencies_attribute.py |  44 +++
 scanpipe/models.py                            |   6 +-
 scanpipe/pipelines/find_vulnerabilities.py    |   2 +-
 scanpipe/pipes/purldb.py                      |   4 +-
 scanpipe/pipes/resolve.py                     |   2 +-
 .../templates/scanpipe/dependency_list.html   |   4 +-
 .../templates/scanpipe/project_charts.html    |   6 +-
 scanpipe/tests/__init__.py                    |   6 +-
 .../data/asgiref/asgiref-3.3.0_fixtures.json  |  36 +-
 ...asgiref-3.3.0_load_inventory_expected.json |  40 +-
 .../asgiref-3.3.0_scanpipe_output.json        |  36 +-
 .../asgiref/asgiref-3.3.0_toolkit_scan.json   |  40 +-
 .../asgiref-3.3.0_walk_test_fixtures.json     |  36 +-
 .../tests/data/d2d/about_files/expected.json  |   2 +-
 .../tests/data/d2d/flume-ng-node-d2d.json     | 158 ++++----
 .../resolved_dependencies_cocoapods.json      | 122 +++---
 ...ved_dependencies_npm_inspect_packages.json |  40 +-
 .../resolved_dependencies_nuget.json          | 336 ++++++++---------
 .../resolved_dependencies_pip.json            |  58 +--
 ..._dependencies_poetry_inspect_packages.json |  54 +--
 ...d_dependencies_swift_inspect_packages.json |  40 +-
 .../docker/alpine_3_15_4_scan_codebase.json   |  28 +-
 .../data/docker/centos_scan_codebase.json     | 346 ++++++++++--------
 .../data/docker/debian_scan_codebase.json     |  14 +-
 .../gcr_io_distroless_base_scan_codebase.json |  26 +-
 .../openpdf-parent-1.3.11_scan_package.json   |  50 +--
 .../data/manifests/package.expected.json      |  12 +-
 .../request_post_response.json                |   2 +-
 .../rootfs/basic-rootfs_root_filesystems.json |  14 +-
 ...-0.6.0-py3-none-any.whl_scan_codebase.json |  50 +--
 .../scancode/is-npm-1.0.0_scan_codebase.json  |  10 +-
 .../scancode/is-npm-1.0.0_scan_package.json   |  16 +-
 .../is-npm-1.0.0_scan_package_summary.json    |   4 +-
 .../data/scancode/is-npm-1.0.0_summary.json   |   4 +-
 .../multiple-is-npm-1.0.0_scan_package.json   |  28 +-
 ...ple-is-npm-1.0.0_scan_package_summary.json |   4 +-
 .../scancode/package_assembly_codebase.json   |   4 +-
 scanpipe/tests/pipes/test_input.py            |   2 +-
 scanpipe/tests/pipes/test_resolve.py          |   2 +-
 scanpipe/tests/test_api.py                    |   2 +-
 scanpipe/tests/test_filters.py                |   6 +-
 scanpipe/tests/test_models.py                 |   4 +-
 scanpipe/views.py                             |   8 +-
 46 files changed, 904 insertions(+), 820 deletions(-)
 create mode 100644 scanpipe/migrations/0068_rename_discovered_dependencies_attribute.py

diff --git a/scanpipe/admin.py b/scanpipe/admin.py
index 628ef564e..f8272c44d 100644
--- a/scanpipe/admin.py
+++ b/scanpipe/admin.py
@@ -152,7 +152,7 @@ class DiscoveredDependencyAdmin(ScanPipeBaseAdmin):
         "scope",
         "is_runtime",
         "is_optional",
-        "is_resolved",
+        "is_pinned",
         "is_direct",
         "project",
     ]
@@ -171,7 +171,7 @@ class DiscoveredDependencyAdmin(ScanPipeBaseAdmin):
         "scope",
         "is_runtime",
         "is_optional",
-        "is_resolved",
+        "is_pinned",
         "is_direct",
     ]
     ordering = ["project", "dependency_uid"]
diff --git a/scanpipe/api/serializers.py b/scanpipe/api/serializers.py
index 5da4f1186..ded09bef5 100644
--- a/scanpipe/api/serializers.py
+++ b/scanpipe/api/serializers.py
@@ -268,7 +268,7 @@ def get_discovered_dependencies_summary(self, project):
             "total": base_qs.count(),
             "is_runtime": base_qs.filter(is_runtime=True).count(),
             "is_optional": base_qs.filter(is_optional=True).count(),
-            "is_resolved": base_qs.filter(is_resolved=True).count(),
+            "is_pinned": base_qs.filter(is_pinned=True).count(),
         }
 
     def get_codebase_relations_summary(self, project):
@@ -448,7 +448,7 @@ class Meta:
             "scope",
             "is_runtime",
             "is_optional",
-            "is_resolved",
+            "is_pinned",
             "is_direct",
             "dependency_uid",
             "for_package_uid",
diff --git a/scanpipe/filters.py b/scanpipe/filters.py
index a440bba5e..8c8be0eeb 100644
--- a/scanpipe/filters.py
+++ b/scanpipe/filters.py
@@ -739,7 +739,7 @@ class DependencyFilterSet(FilterSetUtilsMixin, django_filters.FilterSet):
         "scope",
         "is_runtime",
         "is_optional",
-        "is_resolved",
+        "is_pinned",
         "is_direct",
         "datasource_id",
         "is_vulnerable",
@@ -760,7 +760,7 @@ class DependencyFilterSet(FilterSetUtilsMixin, django_filters.FilterSet):
             "scope",
             "is_runtime",
             "is_optional",
-            "is_resolved",
+            "is_pinned",
             "is_direct",
             "for_package",
             "resolved_to_package",
@@ -775,7 +775,7 @@ class DependencyFilterSet(FilterSetUtilsMixin, django_filters.FilterSet):
     datasource_id = ModelFieldValuesFilter()
     is_runtime = StrictBooleanFilter()
     is_optional = StrictBooleanFilter()
-    is_resolved = StrictBooleanFilter()
+    is_pinned = StrictBooleanFilter()
     is_direct = StrictBooleanFilter()
     is_vulnerable = IsVulnerable(field_name="affected_by_vulnerabilities")
 
@@ -794,7 +794,7 @@ class Meta:
             "scope",
             "is_runtime",
             "is_optional",
-            "is_resolved",
+            "is_pinned",
             "is_direct",
             "datasource_id",
             "is_vulnerable",
diff --git a/scanpipe/migrations/0068_rename_discovered_dependencies_attribute.py b/scanpipe/migrations/0068_rename_discovered_dependencies_attribute.py
new file mode 100644
index 000000000..f8a03e3b0
--- /dev/null
+++ b/scanpipe/migrations/0068_rename_discovered_dependencies_attribute.py
@@ -0,0 +1,44 @@
+# Generated by Django 5.0.7 on 2024-10-21 07:51
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("scanpipe", "0067_discoveredpackage_notes"),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name="discovereddependency",
+            options={
+                "ordering": [
+                    "-is_runtime",
+                    "-is_pinned",
+                    "is_optional",
+                    "dependency_uid",
+                    "for_package",
+                    "datafile_resource",
+                    "datasource_id",
+                ],
+                "verbose_name": "discovered dependency",
+                "verbose_name_plural": "discovered dependencies",
+            },
+        ),
+        migrations.RemoveIndex(
+            model_name="discovereddependency",
+            name="scanpipe_di_is_reso_10570c_idx",
+        ),
+        migrations.RenameField(
+            model_name="discovereddependency",
+            old_name="is_resolved",
+            new_name="is_pinned",
+        ),
+        migrations.AddIndex(
+            model_name="discovereddependency",
+            index=models.Index(
+                fields=["is_pinned"], name="scanpipe_di_is_pinn_5667b2_idx"
+            ),
+        ),
+    ]
diff --git a/scanpipe/models.py b/scanpipe/models.py
index 9dc86428f..fd84836f0 100644
--- a/scanpipe/models.py
+++ b/scanpipe/models.py
@@ -3700,7 +3700,7 @@ class DiscoveredDependency(
         default=False,
         help_text=_("True if this dependency is an optional dependency"),
     )
-    is_resolved = models.BooleanField(
+    is_pinned = models.BooleanField(
         default=False,
         help_text=_(
             "True if this dependency version requirement has been pinned "
@@ -3722,7 +3722,7 @@ class Meta:
         verbose_name_plural = "discovered dependencies"
         ordering = [
             "-is_runtime",
-            "-is_resolved",
+            "-is_pinned",
             "is_optional",
             "dependency_uid",
             "for_package",
@@ -3733,7 +3733,7 @@ class Meta:
             models.Index(fields=["scope"]),
             models.Index(fields=["is_runtime"]),
             models.Index(fields=["is_optional"]),
-            models.Index(fields=["is_resolved"]),
+            models.Index(fields=["is_pinned"]),
             models.Index(fields=["is_direct"]),
         ]
         constraints = [
diff --git a/scanpipe/pipelines/find_vulnerabilities.py b/scanpipe/pipelines/find_vulnerabilities.py
index 7a6323b98..6a48812a2 100644
--- a/scanpipe/pipelines/find_vulnerabilities.py
+++ b/scanpipe/pipelines/find_vulnerabilities.py
@@ -62,7 +62,7 @@ def lookup_packages_vulnerabilities(self):
 
     def lookup_dependencies_vulnerabilities(self):
         """Check for vulnerabilities for each of the project's discovered dependency."""
-        dependencies = self.project.discovereddependencies.filter(is_resolved=True)
+        dependencies = self.project.discovereddependencies.filter(is_pinned=True)
         vulnerablecode.fetch_vulnerabilities(
             packages=dependencies,
             ignore_set=self.project.ignored_vulnerabilities_set,
diff --git a/scanpipe/pipes/purldb.py b/scanpipe/pipes/purldb.py
index ba1d2181a..801e79325 100644
--- a/scanpipe/pipes/purldb.py
+++ b/scanpipe/pipes/purldb.py
@@ -289,7 +289,7 @@ def feed_purldb(packages, chunk_size, logger=logger.info):
 
 def get_unique_resolved_purls(project):
     """Return PURLs from project's resolved DiscoveredDependencies."""
-    packages_resolved = project.discovereddependencies.filter(is_resolved=True)
+    packages_resolved = project.discovereddependencies.filter(is_pinned=True)
 
     distinct_results = packages_resolved.values("type", "namespace", "name", "version")
 
@@ -300,7 +300,7 @@ def get_unique_resolved_purls(project):
 def get_unique_unresolved_purls(project):
     """Return PURLs from project's unresolved DiscoveredDependencies."""
     packages_unresolved = project.discovereddependencies.filter(
-        is_resolved=False
+        is_pinned=False
     ).exclude(extracted_requirement="*")
 
     distinct_unresolved_results = packages_unresolved.values(
diff --git a/scanpipe/pipes/resolve.py b/scanpipe/pipes/resolve.py
index e841176de..55bf93197 100644
--- a/scanpipe/pipes/resolve.py
+++ b/scanpipe/pipes/resolve.py
@@ -151,7 +151,7 @@ def create_dependencies_from_packages_extra_data(project):
                 resolved_to_package=resolved_to_package,
                 datafile_resource=datafile_resource,
                 is_runtime=True,
-                is_resolved=True,
+                is_pinned=True,
                 is_direct=True,
             )
             created_count += 1
diff --git a/scanpipe/templates/scanpipe/dependency_list.html b/scanpipe/templates/scanpipe/dependency_list.html
index 92a3de0b6..b089df1a6 100644
--- a/scanpipe/templates/scanpipe/dependency_list.html
+++ b/scanpipe/templates/scanpipe/dependency_list.html
@@ -52,10 +52,10 @@
               <a href="?is_optional={{ dependency.is_optional }}" class="is-black-link">{{ dependency.is_optional }}</a>
             </td>
             <td>
-              <a href="?is_resolved={{ dependency.is_resolved }}" class="is-black-link">{{ dependency.is_resolved }}</a>
+              <a href="?is_pinned={{ dependency.is_pinned }}" class="is-black-link">{{ dependency.is_pinned }}</a>
             </td>
             <td>
-              <a href="?is_resolved={{ dependency.is_direct }}" class="is-black-link">{{ dependency.is_direct }}</a>
+              <a href="?is_direct={{ dependency.is_direct }}" class="is-black-link">{{ dependency.is_direct }}</a>
             </td>
             <td>
               {% if dependency.for_package %}
diff --git a/scanpipe/templates/scanpipe/project_charts.html b/scanpipe/templates/scanpipe/project_charts.html
index 9da3108ac..20db76198 100644
--- a/scanpipe/templates/scanpipe/project_charts.html
+++ b/scanpipe/templates/scanpipe/project_charts.html
@@ -35,7 +35,7 @@ <h3 id="dependency-charts" class="title is-4 has-text-centered">
       <div id="dependency_is_optional_chart" data-url="{{ dependencies_url }}" data-lookup_field="is_optional"></div>
     </div>
     <div class="column">
-      <div id="dependency_is_resolved_chart" data-url="{{ dependencies_url }}" data-lookup_field="is_resolved"></div>
+      <div id="dependency_is_pinned_chart" data-url="{{ dependencies_url }}" data-lookup_field="is_pinned"></div>
     </div>
   </div>
 {% endif %}
@@ -82,7 +82,7 @@ <h3 class="title is-4 has-text-centered mb-3">
   {{ dependency_type|json_script:"dependency_type" }}
   {{ dependency_is_runtime|json_script:"dependency_is_runtime" }}
   {{ dependency_is_optional|json_script:"dependency_is_optional" }}
-  {{ dependency_is_resolved|json_script:"dependency_is_resolved" }}
+  {{ dependency_is_pinned|json_script:"dependency_is_pinned" }}
   <script>
     let makeChart = function(data_source_id, element_id, title) {
       let data_source = document.getElementById(data_source_id);
@@ -159,7 +159,7 @@ <h3 class="title is-4 has-text-centered mb-3">
       makeChart("dependency_type", "#dependency_type_chart", "Package\nType");
       makeChart("dependency_is_runtime", "#dependency_is_runtime_chart", "Runtime\nDependencies");
       makeChart("dependency_is_optional", "#dependency_is_optional_chart", "Optional\nDependencies");
-      makeChart("dependency_is_resolved", "#dependency_is_resolved_chart", "Resolved\nDependencies");
+      makeChart("dependency_is_pinned", "#dependency_is_pinned_chart", "Pinned\nDependencies");
     {% endif %}
     {% if project.resource_count %}
       makeChart("file_programming_language", "#programming_language_chart", "Programming\nLanguage");
diff --git a/scanpipe/tests/__init__.py b/scanpipe/tests/__init__.py
index 217fa51b5..ecb919194 100644
--- a/scanpipe/tests/__init__.py
+++ b/scanpipe/tests/__init__.py
@@ -193,7 +193,7 @@ def make_dependency(project, **extra):
     "scope": "install",
     "is_runtime": True,
     "is_optional": False,
-    "is_resolved": False,
+    "is_pinned": False,
     "dependency_uid": "pkg:pypi/dask?uuid=e656b571-7d3f-46d1-b95b-8f037aef9692",
     "for_package_uid": for_package_uid,
     "datafile_path": "daglib-0.3.2.tar.gz-extract/daglib-0.3.2/PKG-INFO",
@@ -207,7 +207,7 @@ def make_dependency(project, **extra):
     "scope": "dependencies",
     "is_runtime": True,
     "is_optional": False,
-    "is_resolved": True,
+    "is_pinned": True,
     "dependency_uid": (
         "pkg:gem/appraisal@2.2.0?uuid=1907f061-911b-4980-a2d4-ae1a9ed871a9"
     ),
@@ -223,7 +223,7 @@ def make_dependency(project, **extra):
     "scope": "install",
     "is_runtime": True,
     "is_optional": False,
-    "is_resolved": False,
+    "is_pinned": False,
     "dependency_uid": "pkg:pypi/dask?uuid=e656b571-7d3f-46d1-b95b-8f037aef9692",
     "for_package_uid": for_package_uid,
     "datafile_path": "daglib-0.3.2.tar.gz-extract/daglib-0.3.2/PKG-INFO",
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json
index cc0e1c6aa..16670cd4f 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json
@@ -131,7 +131,7 @@
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_resolved": false,
+            "is_pinned": false,
             "resolved_package": {},
             "extracted_requirement": "pytest; extra == \"tests\""
           },
@@ -142,7 +142,7 @@
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_resolved": false,
+            "is_pinned": false,
             "resolved_package": {},
             "extracted_requirement": "pytest-asyncio; extra == \"tests\""
           }
@@ -299,7 +299,7 @@
                 "rule_relevance": 99,
                 "rule_identifier": "bsd-new_89.RULE",
                 "license_expression": "bsd-new",
-                "spdx_license_expression": "BSD-3-Clause"
+                "license_expression_spdx": "BSD-3-Clause"
               }
             ],
             "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -321,7 +321,7 @@
                 "rule_relevance": 99,
                 "rule_identifier": "pypi_bsd_license.RULE",
                 "license_expression": "bsd-new",
-                "spdx_license_expression": "BSD-3-Clause"
+                "license_expression_spdx": "BSD-3-Clause"
               }
             ],
             "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -545,7 +545,7 @@
             "rule_relevance": 100,
             "rule_identifier": "bsd-new_683.RULE",
             "license_expression": "bsd-new",
-            "spdx_license_expression": "BSD-3-Clause"
+            "license_expression_spdx": "BSD-3-Clause"
           }
         ],
         "identifier": "bsd_new-72cae3bc-4423-3a9e-be84-ee8bb5120a4d",
@@ -695,7 +695,7 @@
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_resolved": false,
+            "is_pinned": false,
             "resolved_package": {},
             "extracted_requirement": "pytest; extra == \"tests\""
           },
@@ -706,7 +706,7 @@
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_resolved": false,
+            "is_pinned": false,
             "resolved_package": {},
             "extracted_requirement": "pytest-asyncio; extra == \"tests\""
           }
@@ -863,7 +863,7 @@
                 "rule_relevance": 99,
                 "rule_identifier": "bsd-new_89.RULE",
                 "license_expression": "bsd-new",
-                "spdx_license_expression": "BSD-3-Clause"
+                "license_expression_spdx": "BSD-3-Clause"
               }
             ],
             "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -885,7 +885,7 @@
                 "rule_relevance": 99,
                 "rule_identifier": "pypi_bsd_license.RULE",
                 "license_expression": "bsd-new",
-                "spdx_license_expression": "BSD-3-Clause"
+                "license_expression_spdx": "BSD-3-Clause"
               }
             ],
             "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1285,7 +1285,7 @@
             "rule_relevance": 100,
             "rule_identifier": "apache-2.0_174.RULE",
             "license_expression": "apache-2.0",
-            "spdx_license_expression": "Apache-2.0"
+            "license_expression_spdx": "Apache-2.0"
           }
         ],
         "identifier": "apache_2_0-5a90b5fa-5d10-5a98-d2a7-ef089c46a900",
@@ -1483,7 +1483,7 @@
             "rule_relevance": 99,
             "rule_identifier": "bsd-new_89.RULE",
             "license_expression": "bsd-new",
-            "spdx_license_expression": "BSD-3-Clause"
+            "license_expression_spdx": "BSD-3-Clause"
           }
         ],
         "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -1505,7 +1505,7 @@
             "rule_relevance": 99,
             "rule_identifier": "pypi_bsd_license.RULE",
             "license_expression": "bsd-new",
-            "spdx_license_expression": "BSD-3-Clause"
+            "license_expression_spdx": "BSD-3-Clause"
           }
         ],
         "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1616,7 +1616,7 @@
             "rule_relevance": 99,
             "rule_identifier": "bsd-new_89.RULE",
             "license_expression": "bsd-new",
-            "spdx_license_expression": "BSD-3-Clause"
+            "license_expression_spdx": "BSD-3-Clause"
           }
         ],
         "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -1638,7 +1638,7 @@
             "rule_relevance": 99,
             "rule_identifier": "pypi_bsd_license.RULE",
             "license_expression": "bsd-new",
-            "spdx_license_expression": "BSD-3-Clause"
+            "license_expression_spdx": "BSD-3-Clause"
           }
         ],
         "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1728,7 +1728,7 @@
     "datasource_id": "pypi_wheel",
     "is_runtime": true,
     "is_optional": true,
-    "is_resolved": false,
+    "is_pinned": false,
     "is_direct": true
   }
 },
@@ -1753,7 +1753,7 @@
     "datasource_id": "pypi_wheel",
     "is_runtime": true,
     "is_optional": true,
-    "is_resolved": false,
+    "is_pinned": false,
     "is_direct": true
   }
 },
@@ -1778,7 +1778,7 @@
     "datasource_id": "pypi_wheel_metadata",
     "is_runtime": true,
     "is_optional": true,
-    "is_resolved": false,
+    "is_pinned": false,
     "is_direct": true
   }
 },
@@ -1803,7 +1803,7 @@
     "datasource_id": "pypi_wheel_metadata",
     "is_runtime": true,
     "is_optional": true,
-    "is_resolved": false,
+    "is_pinned": false,
     "is_direct": true
   }
 }
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json
index 65a1fabe8..d1a635366 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json
@@ -96,7 +96,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -118,7 +118,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_bsd_license.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -217,7 +217,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -239,7 +239,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_bsd_license.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -280,7 +280,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -296,7 +296,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -312,7 +312,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -328,7 +328,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -425,7 +425,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest; extra == \"tests\""
             },
@@ -436,7 +436,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest-asyncio; extra == \"tests\""
             }
@@ -579,7 +579,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "bsd-new_89.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -601,7 +601,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "pypi_bsd_license.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -769,7 +769,7 @@
               "rule_relevance": 100,
               "rule_identifier": "bsd-new_683.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-72cae3bc-4423-3a9e-be84-ee8bb5120a4d",
@@ -840,7 +840,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -861,7 +861,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_bsd_license.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -936,7 +936,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest; extra == \"tests\""
             },
@@ -947,7 +947,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest-asyncio; extra == \"tests\""
             }
@@ -1090,7 +1090,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "bsd-new_89.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -1112,7 +1112,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "pypi_bsd_license.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1545,7 +1545,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_174.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-5a90b5fa-5d10-5a98-d2a7-ef089c46a900",
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json
index 9d9e55066..982bd09fa 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json
@@ -112,7 +112,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -134,7 +134,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_bsd_license.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -236,7 +236,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -258,7 +258,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_bsd_license.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -300,7 +300,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest?uuid=0928ca6e-d50e-439a-847d-ecb1366a8f2a",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
@@ -316,7 +316,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest?uuid=94372d19-8ab8-4b16-b6a7-72478e0b4cc4",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
@@ -332,7 +332,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=ccd9eb22-778d-4bd4-af59-8b63e4163b22",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
@@ -348,7 +348,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=e751ec65-9351-4949-ae8f-5bc1a9efa336",
       "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
@@ -451,7 +451,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest; extra == \"tests\""
             },
@@ -462,7 +462,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest-asyncio; extra == \"tests\""
             }
@@ -619,7 +619,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "bsd-new_89.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -641,7 +641,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "pypi_bsd_license.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -825,7 +825,7 @@
               "rule_relevance": 100,
               "rule_identifier": "bsd-new_683.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-72cae3bc-4423-3a9e-be84-ee8bb5120a4d",
@@ -950,7 +950,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest; extra == \"tests\""
             },
@@ -961,7 +961,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest-asyncio; extra == \"tests\""
             }
@@ -1118,7 +1118,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "bsd-new_89.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -1140,7 +1140,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "pypi_bsd_license.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1617,7 +1617,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_174.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-5a90b5fa-5d10-5a98-d2a7-ef089c46a900",
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json
index ce51bcaa9..9a2ffbaa6 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json
@@ -85,7 +85,7 @@
           "matches": [
             {
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause",
+              "license_expression_spdx": "BSD-3-Clause",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl",
               "start_line": 1,
               "end_line": 1,
@@ -107,7 +107,7 @@
           "matches": [
             {
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause",
+              "license_expression_spdx": "BSD-3-Clause",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl",
               "start_line": 1,
               "end_line": 1,
@@ -203,7 +203,7 @@
           "matches": [
             {
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause",
+              "license_expression_spdx": "BSD-3-Clause",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
               "start_line": 1,
               "end_line": 1,
@@ -225,7 +225,7 @@
           "matches": [
             {
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause",
+              "license_expression_spdx": "BSD-3-Clause",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
               "start_line": 1,
               "end_line": 1,
@@ -275,7 +275,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -290,7 +290,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -305,7 +305,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -320,7 +320,7 @@
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -531,7 +531,7 @@
               "matches": [
                 {
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause",
+                  "license_expression_spdx": "BSD-3-Clause",
                   "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl",
                   "start_line": 1,
                   "end_line": 1,
@@ -553,7 +553,7 @@
               "matches": [
                 {
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause",
+                  "license_expression_spdx": "BSD-3-Clause",
                   "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl",
                   "start_line": 1,
                   "end_line": 1,
@@ -718,7 +718,7 @@
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -729,7 +729,7 @@
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -1120,7 +1120,7 @@
           "matches": [
             {
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0",
+              "license_expression_spdx": "Apache-2.0",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref/timeout.py",
               "start_line": 2,
               "end_line": 2,
@@ -1251,7 +1251,7 @@
           "matches": [
             {
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause",
+              "license_expression_spdx": "BSD-3-Clause",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/LICENSE",
               "start_line": 4,
               "end_line": 27,
@@ -1364,7 +1364,7 @@
               "matches": [
                 {
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause",
+                  "license_expression_spdx": "BSD-3-Clause",
                   "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
                   "start_line": 1,
                   "end_line": 1,
@@ -1386,7 +1386,7 @@
               "matches": [
                 {
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause",
+                  "license_expression_spdx": "BSD-3-Clause",
                   "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
                   "start_line": 1,
                   "end_line": 1,
@@ -1551,7 +1551,7 @@
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -1562,7 +1562,7 @@
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -1587,7 +1587,7 @@
           "matches": [
             {
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause",
+              "license_expression_spdx": "BSD-3-Clause",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
               "start_line": 8,
               "end_line": 8,
@@ -1608,7 +1608,7 @@
           "matches": [
             {
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause",
+              "license_expression_spdx": "BSD-3-Clause",
               "from_file": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
               "start_line": 16,
               "end_line": 16,
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json
index d044a0103..3fcff2acb 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json
@@ -131,7 +131,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest; extra == \"tests\""
             },
@@ -142,7 +142,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest-asyncio; extra == \"tests\""
             }
@@ -299,7 +299,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "bsd-new_89.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -321,7 +321,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "pypi_bsd_license.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -545,7 +545,7 @@
               "rule_relevance": 100,
               "rule_identifier": "bsd-new_683.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-72cae3bc-4423-3a9e-be84-ee8bb5120a4d",
@@ -695,7 +695,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest; extra == \"tests\""
             },
@@ -706,7 +706,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "pytest-asyncio; extra == \"tests\""
             }
@@ -863,7 +863,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "bsd-new_89.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -885,7 +885,7 @@
                   "rule_relevance": 99,
                   "rule_identifier": "pypi_bsd_license.RULE",
                   "license_expression": "bsd-new",
-                  "spdx_license_expression": "BSD-3-Clause"
+                  "license_expression_spdx": "BSD-3-Clause"
                 }
               ],
               "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1285,7 +1285,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_174.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-5a90b5fa-5d10-5a98-d2a7-ef089c46a900",
@@ -1483,7 +1483,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -1505,7 +1505,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_bsd_license.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1616,7 +1616,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -1638,7 +1638,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_bsd_license.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-f4e99f86-00ab-18d9-a65d-a3a12767dcf5",
@@ -1728,7 +1728,7 @@
       "datasource_id": "pypi_wheel",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true
     }
   },
@@ -1753,7 +1753,7 @@
       "datasource_id": "pypi_wheel",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true
     }
   },
@@ -1778,7 +1778,7 @@
       "datasource_id": "pypi_wheel_metadata",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true
     }
   },
@@ -1803,7 +1803,7 @@
       "datasource_id": "pypi_wheel_metadata",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true
     }
   }
diff --git a/scanpipe/tests/data/d2d/about_files/expected.json b/scanpipe/tests/data/d2d/about_files/expected.json
index 80768aa84..fd5552c05 100644
--- a/scanpipe/tests/data/d2d/about_files/expected.json
+++ b/scanpipe/tests/data/d2d/about_files/expected.json
@@ -598,7 +598,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
diff --git a/scanpipe/tests/data/d2d/flume-ng-node-d2d.json b/scanpipe/tests/data/d2d/flume-ng-node-d2d.json
index 57d57ae45..aa64ffe23 100644
--- a/scanpipe/tests/data/d2d/flume-ng-node-d2d.json
+++ b/scanpipe/tests/data/d2d/flume-ng-node-d2d.json
@@ -440,7 +440,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -651,7 +651,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -719,7 +719,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -787,7 +787,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -855,7 +855,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -923,7 +923,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -991,7 +991,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -1059,7 +1059,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -1127,7 +1127,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -1195,7 +1195,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -1263,7 +1263,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -1331,7 +1331,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-4bde3f57-78aa-4201-96bf-531cba09e7de",
@@ -1548,7 +1548,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1563,7 +1563,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 99.0,
@@ -1578,7 +1578,7 @@
               "rule_relevance": 99,
               "rule_identifier": "maven_pom_12.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             },
             {
               "score": 100.0,
@@ -1593,7 +1593,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1608,7 +1608,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1623,7 +1623,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1638,7 +1638,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_19.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -1653,7 +1653,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.1_40.RULE",
               "license_expression": "lgpl-2.1",
-              "spdx_license_expression": "LGPL-2.1-only"
+              "license_expression_spdx": "LGPL-2.1-only"
             },
             {
               "score": 99.0,
@@ -1668,7 +1668,7 @@
               "rule_relevance": 99,
               "rule_identifier": "pypi_public_domain.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             },
             {
               "score": 100.0,
@@ -1683,7 +1683,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_188.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1698,7 +1698,7 @@
               "rule_relevance": 100,
               "rule_identifier": "maven_pom_1.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1713,7 +1713,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1728,7 +1728,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1743,7 +1743,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1758,7 +1758,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1773,7 +1773,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1788,7 +1788,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1803,7 +1803,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1818,7 +1818,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1833,7 +1833,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1848,7 +1848,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1863,7 +1863,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1878,7 +1878,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1893,7 +1893,7 @@
               "rule_relevance": 100,
               "rule_identifier": "cddl-1.0_or_gpl-2.0_with_classpath-exception-2.0_1.RULE",
               "license_expression": "cddl-1.0 OR gpl-2.0 WITH classpath-exception-2.0",
-              "spdx_license_expression": "CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0"
+              "license_expression_spdx": "CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0"
             },
             {
               "score": 100.0,
@@ -1908,7 +1908,7 @@
               "rule_relevance": 100,
               "rule_identifier": "maven_pom_21.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             },
             {
               "score": 100.0,
@@ -1923,7 +1923,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1938,7 +1938,7 @@
               "rule_relevance": 100,
               "rule_identifier": "maven_pom_1.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1953,7 +1953,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1968,7 +1968,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -1983,7 +1983,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -1998,7 +1998,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2013,7 +2013,7 @@
               "rule_relevance": 100,
               "rule_identifier": "mit_51.RULE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             },
             {
               "score": 100.0,
@@ -2028,7 +2028,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2043,7 +2043,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2058,7 +2058,7 @@
               "rule_relevance": 100,
               "rule_identifier": "maven_pom_5.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2073,7 +2073,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2088,7 +2088,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2103,7 +2103,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2118,7 +2118,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2133,7 +2133,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2148,7 +2148,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2163,7 +2163,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2178,7 +2178,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2193,7 +2193,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_209.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2208,7 +2208,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_209.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2223,7 +2223,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_209.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2238,7 +2238,7 @@
               "rule_relevance": 100,
               "rule_identifier": "maven_pom_5.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2253,7 +2253,7 @@
               "rule_relevance": 100,
               "rule_identifier": "maven_pom_5.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2268,7 +2268,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2283,7 +2283,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_143.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2298,7 +2298,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2313,7 +2313,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2328,7 +2328,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2343,7 +2343,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2358,7 +2358,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2373,7 +2373,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2388,7 +2388,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2403,7 +2403,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2418,7 +2418,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2433,7 +2433,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2448,7 +2448,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2463,7 +2463,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2478,7 +2478,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_203.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             },
             {
               "score": 100.0,
@@ -2493,7 +2493,7 @@
               "rule_relevance": 100,
               "rule_identifier": "epl-1.0_20.RULE",
               "license_expression": "epl-1.0",
-              "spdx_license_expression": "EPL-1.0"
+              "license_expression_spdx": "EPL-1.0"
             },
             {
               "score": 100.0,
@@ -2508,7 +2508,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0_212.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0_and_bsd_new_and_epl_1_0_and_lgpl_2_1_and_public_domain_and__cddl_1_0_or_gpl_2_0_with_classpath_exception_2_0__and_mit-89f48bad-a653-527d-8324-71e8d9738745",
@@ -2817,7 +2817,7 @@
               "rule_relevance": 100,
               "rule_identifier": "apache-2.0.LICENSE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-ab23f79b-ec38-9a8a-9b23-85059407f34d",
@@ -2927,7 +2927,7 @@
               "rule_relevance": 95,
               "rule_identifier": "apache-2.0_product_includes_2.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-482220ca-c07b-bf59-66ed-6e7eaf9f3b1e",
diff --git a/scanpipe/tests/data/dependencies/resolved_dependencies_cocoapods.json b/scanpipe/tests/data/dependencies/resolved_dependencies_cocoapods.json
index 7e808fd4b..57c53794d 100644
--- a/scanpipe/tests/data/dependencies/resolved_dependencies_cocoapods.json
+++ b/scanpipe/tests/data/dependencies/resolved_dependencies_cocoapods.json
@@ -1287,7 +1287,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AFNetworking/NSURLSession@2.7.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": null,
@@ -1303,7 +1303,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AFNetworking/NSURLSession@2.7.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/AFNetworkActivityLogger@2.0.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1319,7 +1319,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AFNetworking/Serialization@2.7.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/AFNetworking/NSURLConnection@2.7.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1335,7 +1335,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AFNetworking/Serialization@2.7.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/AFNetworking/NSURLSession@2.7.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1351,7 +1351,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/ISO8601DateFormatter@0.7.1?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/Aerodramus@2.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1367,7 +1367,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AppAuth/Core@1.7.3?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/AppAuth/ExternalUserAgent@1.7.3?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1383,7 +1383,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AppAuth/ExternalUserAgent@1.7.3?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/AppAuth@1.7.3?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1399,7 +1399,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AppCenter/Core@5.0.3?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/AppCenterReactNativeShared@5.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1415,7 +1415,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/Appboy-iOS-SDK/ContentCards@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1431,7 +1431,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/Appboy-iOS-SDK/InAppMessage@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1447,7 +1447,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/Appboy-iOS-SDK/NewsFeed@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1463,7 +1463,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/Appboy-iOS-SDK/NewsFeed@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/Appboy-iOS-SDK/UI@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1479,7 +1479,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/Appboy-iOS-SDK/UI@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/Appboy-iOS-SDK@4.4.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1495,7 +1495,7 @@
       "scope": "requires",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:cocoapods/AppCenterReactNativeShared@5.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:cocoapods/appcenter-core@5.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1637,10 +1637,10 @@
               "purl": "pkg:cocoapods/Aerodramus@2.0.0",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Aerodramus",
@@ -1669,10 +1669,10 @@
                     "purl": "pkg:cocoapods/ISO8601DateFormatter@0.7.1",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "0.7.1"
                   }
@@ -1702,10 +1702,10 @@
               "purl": "pkg:cocoapods/AFNetworkActivityLogger@2.0.4",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "AFNetworkActivityLogger",
@@ -1734,10 +1734,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/NSURLConnection@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "~> 2.0"
                   },
@@ -1745,10 +1745,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/NSURLSession@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "~> 2.0"
                   }
@@ -1778,10 +1778,10 @@
               "purl": "pkg:cocoapods/AFNetworking/NSURLConnection@2.7.0",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "NSURLConnection",
@@ -1808,10 +1808,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/Reachability@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "2.7.0"
                   },
@@ -1819,10 +1819,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/Security@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "2.7.0"
                   },
@@ -1830,10 +1830,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/Serialization@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "2.7.0"
                   }
@@ -1863,10 +1863,10 @@
               "purl": "pkg:cocoapods/AFNetworking/NSURLSession@2.7.0",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "NSURLSession",
@@ -1893,10 +1893,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/Reachability@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "2.7.0"
                   },
@@ -1904,10 +1904,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/Security@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "2.7.0"
                   },
@@ -1915,10 +1915,10 @@
                     "purl": "pkg:cocoapods/AFNetworking/Serialization@2.7.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "2.7.0"
                   }
@@ -1948,10 +1948,10 @@
               "purl": "pkg:cocoapods/AFNetworking/Reachability@2.7.0",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Reachability",
@@ -1999,10 +1999,10 @@
               "purl": "pkg:cocoapods/AFNetworking/Security@2.7.0",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Security",
@@ -2050,10 +2050,10 @@
               "purl": "pkg:cocoapods/AFNetworking/Serialization@2.7.0",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Serialization",
@@ -2101,10 +2101,10 @@
               "purl": "pkg:cocoapods/Analytics@4.1.8",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Analytics",
@@ -2154,10 +2154,10 @@
               "purl": "pkg:cocoapods/AppAuth@1.7.3",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "AppAuth",
@@ -2186,10 +2186,10 @@
                     "purl": "pkg:cocoapods/AppAuth/Core@1.7.3",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "= 1.7.3"
                   },
@@ -2197,10 +2197,10 @@
                     "purl": "pkg:cocoapods/AppAuth/ExternalUserAgent@1.7.3",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "= 1.7.3"
                   }
@@ -2230,10 +2230,10 @@
               "purl": "pkg:cocoapods/AppAuth/Core@1.7.3",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Core",
@@ -2281,10 +2281,10 @@
               "purl": "pkg:cocoapods/AppAuth/ExternalUserAgent@1.7.3",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "ExternalUserAgent",
@@ -2311,10 +2311,10 @@
                     "purl": "pkg:cocoapods/AppAuth/Core@1.7.3",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "1.7.3"
                   }
@@ -2344,10 +2344,10 @@
               "purl": "pkg:cocoapods/Appboy-iOS-SDK@4.4.4",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Appboy-iOS-SDK",
@@ -2376,10 +2376,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/UI@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "= 4.4.4"
                   }
@@ -2409,10 +2409,10 @@
               "purl": "pkg:cocoapods/Appboy-iOS-SDK/ContentCards@4.4.4",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "ContentCards",
@@ -2439,10 +2439,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.4.4"
                   }
@@ -2472,10 +2472,10 @@
               "purl": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Core",
@@ -2523,10 +2523,10 @@
               "purl": "pkg:cocoapods/Appboy-iOS-SDK/InAppMessage@4.4.4",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "InAppMessage",
@@ -2553,10 +2553,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.4.4"
                   }
@@ -2586,10 +2586,10 @@
               "purl": "pkg:cocoapods/Appboy-iOS-SDK/NewsFeed@4.4.4",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "NewsFeed",
@@ -2616,10 +2616,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.4.4"
                   }
@@ -2649,10 +2649,10 @@
               "purl": "pkg:cocoapods/Appboy-iOS-SDK/UI@4.4.4",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "UI",
@@ -2679,10 +2679,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/ContentCards@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.4.4"
                   },
@@ -2690,10 +2690,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/Core@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.4.4"
                   },
@@ -2701,10 +2701,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/InAppMessage@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.4.4"
                   },
@@ -2712,10 +2712,10 @@
                     "purl": "pkg:cocoapods/Appboy-iOS-SDK/NewsFeed@4.4.4",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.4.4"
                   }
@@ -2745,10 +2745,10 @@
               "purl": "pkg:cocoapods/appcenter-core@5.0.0",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "appcenter-core",
@@ -2777,10 +2777,10 @@
                     "purl": "pkg:cocoapods/AppCenterReactNativeShared@5.0.0",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "~> 5.0"
                   }
@@ -2810,10 +2810,10 @@
               "purl": "pkg:cocoapods/AppCenter/Core@5.0.3",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Core",
@@ -2861,10 +2861,10 @@
               "purl": "pkg:cocoapods/AppCenterReactNativeShared@5.0.0",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "AppCenterReactNativeShared",
@@ -2893,10 +2893,10 @@
                     "purl": "pkg:cocoapods/AppCenter/Core@5.0.3",
                     "scope": "requires",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": true,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "= 5.0.3"
                   }
@@ -2926,10 +2926,10 @@
               "purl": "pkg:cocoapods/Base64@1.1.2",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Base64",
@@ -2977,10 +2977,10 @@
               "purl": "pkg:cocoapods/boost@1.76.0",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "boost",
@@ -3030,10 +3030,10 @@
               "purl": "pkg:cocoapods/ISO8601DateFormatter@0.7.1",
               "scope": "requires",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "ISO8601DateFormatter",
@@ -3083,10 +3083,10 @@
               "purl": "pkg:cocoapods/Pulley@2.6.2",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Pulley",
@@ -3136,10 +3136,10 @@
               "purl": "pkg:cocoapods/SwiftyJSON@5.0.2",
               "scope": "requires",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "SwiftyJSON",
diff --git a/scanpipe/tests/data/dependencies/resolved_dependencies_npm_inspect_packages.json b/scanpipe/tests/data/dependencies/resolved_dependencies_npm_inspect_packages.json
index 962cc6c37..02d314fb5 100644
--- a/scanpipe/tests/data/dependencies/resolved_dependencies_npm_inspect_packages.json
+++ b/scanpipe/tests/data/dependencies/resolved_dependencies_npm_inspect_packages.json
@@ -175,7 +175,7 @@
               "rule_relevance": 100,
               "rule_identifier": "package-manifest-unknown-cb9ea49fe36cb2e1ba6d87c68e1195a492f762cf",
               "license_expression": "unknown",
-              "spdx_license_expression": "LicenseRef-scancode-unknown"
+              "license_expression_spdx": "LicenseRef-scancode-unknown"
             }
           ],
           "identifier": "unknown-0669ac45-20f6-defd-ec9f-2b6aafc9f944",
@@ -408,7 +408,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:npm/athena-express?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/create-athena-partition@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -424,7 +424,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/bluebird?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/csvtojson@2.0.10?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -440,7 +440,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/csvtojson?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/athena-express@6.0.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -456,7 +456,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/is-utf8?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/strip-bom@2.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -472,7 +472,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/lodash?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/csvtojson@2.0.10?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -488,7 +488,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/strip-bom?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/csvtojson@2.0.10?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -627,10 +627,10 @@
               "purl": "pkg:npm/athena-express",
               "scope": "dependencies",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "^6.0.4"
             }
@@ -660,7 +660,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "package-manifest-unknown-cb9ea49fe36cb2e1ba6d87c68e1195a492f762cf",
                   "license_expression": "unknown",
-                  "spdx_license_expression": "LicenseRef-scancode-unknown"
+                  "license_expression_spdx": "LicenseRef-scancode-unknown"
                 }
               ],
               "identifier": "unknown-0669ac45-20f6-defd-ec9f-2b6aafc9f944",
@@ -742,10 +742,10 @@
               "purl": "pkg:npm/athena-express@6.0.4",
               "scope": "dependencies",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "athena-express",
@@ -773,10 +773,10 @@
                     "purl": "pkg:npm/csvtojson",
                     "scope": "dependencies",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "^2.0.10"
                   }
@@ -806,10 +806,10 @@
               "purl": "pkg:npm/bluebird@3.7.2",
               "scope": "dependencies",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "bluebird",
@@ -858,10 +858,10 @@
               "purl": "pkg:npm/csvtojson@2.0.10",
               "scope": "dependencies",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "csvtojson",
@@ -889,10 +889,10 @@
                     "purl": "pkg:npm/bluebird",
                     "scope": "dependencies",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "^3.5.1"
                   },
@@ -900,10 +900,10 @@
                     "purl": "pkg:npm/lodash",
                     "scope": "dependencies",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "^4.17.3"
                   },
@@ -911,10 +911,10 @@
                     "purl": "pkg:npm/strip-bom",
                     "scope": "dependencies",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "^2.0.0"
                   }
@@ -944,10 +944,10 @@
               "purl": "pkg:npm/is-utf8@0.2.1",
               "scope": "dependencies",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "is-utf8",
@@ -996,10 +996,10 @@
               "purl": "pkg:npm/lodash@4.17.21",
               "scope": "dependencies",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "lodash",
@@ -1048,10 +1048,10 @@
               "purl": "pkg:npm/strip-bom@2.0.0",
               "scope": "dependencies",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "strip-bom",
@@ -1079,10 +1079,10 @@
                     "purl": "pkg:npm/is-utf8",
                     "scope": "dependencies",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "^0.2.0"
                   }
diff --git a/scanpipe/tests/data/dependencies/resolved_dependencies_nuget.json b/scanpipe/tests/data/dependencies/resolved_dependencies_nuget.json
index 02c99b376..69ae8621d 100644
--- a/scanpipe/tests/data/dependencies/resolved_dependencies_nuget.json
+++ b/scanpipe/tests/data/dependencies/resolved_dependencies_nuget.json
@@ -1706,7 +1706,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Options.DataAnnotations@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": null,
@@ -1722,7 +1722,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.ComponentModel.Annotations@5.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/McMaster.Extensions.CommandLineUtils@4.0.1?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1738,7 +1738,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/McMaster.Extensions.Hosting.CommandLine@4.0.1?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1754,7 +1754,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1770,7 +1770,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1786,7 +1786,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration.CommandLine@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1802,7 +1802,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration.EnvironmentVariables@6.0.1?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1818,7 +1818,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration.FileExtensions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1834,7 +1834,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Text.Json@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration.Json@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1850,7 +1850,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.FileProviders.Physical@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration.UserSecrets@6.0.1?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1866,7 +1866,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1882,7 +1882,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.DependencyInjection@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1898,7 +1898,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1914,7 +1914,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.FileProviders.Physical@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1930,7 +1930,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1946,7 +1946,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Options@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Hosting@6.0.1?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1962,7 +1962,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Options.ConfigurationExtensions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Logging.Configuration@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1978,7 +1978,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Text.Json@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Logging.Console@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -1994,7 +1994,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Logging.Debug@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2010,7 +2010,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Diagnostics.EventLog@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Logging.EventLog@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2026,7 +2026,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Text.Json@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Logging.EventSource@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2042,7 +2042,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Diagnostics.DiagnosticSource@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2058,7 +2058,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Options.ConfigurationExtensions@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2074,7 +2074,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.ComponentModel.Annotations@5.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Options.DataAnnotations@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2090,7 +2090,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Options@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2106,7 +2106,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2122,7 +2122,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/System.Diagnostics.DiagnosticSource@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2138,7 +2138,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/System.Text.Encodings.Web@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2154,7 +2154,7 @@
       "scope": "net6.0",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:nuget/System.Text.Encodings.Web@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:nuget/System.Text.Json@6.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -2295,10 +2295,10 @@
               "purl": "pkg:nuget/McMaster.Extensions.Hosting.CommandLine@4.0.1",
               "scope": "net6.0",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "McMaster.Extensions.Hosting.CommandLine",
@@ -2326,10 +2326,10 @@
                     "purl": "pkg:nuget/McMaster.Extensions.CommandLineUtils@4.0.1",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "4.0.1"
                   },
@@ -2337,10 +2337,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2348,10 +2348,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -2381,10 +2381,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Hosting@6.0.1",
               "scope": "net6.0",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Hosting",
@@ -2412,10 +2412,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2423,10 +2423,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2434,10 +2434,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2445,10 +2445,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.CommandLine@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2456,10 +2456,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.EnvironmentVariables@6.0.1",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.1"
                   },
@@ -2467,10 +2467,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.FileExtensions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2478,10 +2478,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Json@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2489,10 +2489,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.UserSecrets@6.0.1",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.1"
                   },
@@ -2500,10 +2500,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2511,10 +2511,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2522,10 +2522,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2533,10 +2533,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Physical@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2544,10 +2544,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2555,10 +2555,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2566,10 +2566,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2577,10 +2577,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2588,10 +2588,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Console@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2599,10 +2599,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Debug@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2610,10 +2610,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.EventLog@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2621,10 +2621,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.EventSource@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2632,10 +2632,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -2665,10 +2665,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Options.DataAnnotations@6.0.0",
               "scope": "net6.0",
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Options.DataAnnotations",
@@ -2696,10 +2696,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2707,10 +2707,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2718,10 +2718,10 @@
                     "purl": "pkg:nuget/System.ComponentModel.Annotations@5.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "5.0.0"
                   }
@@ -2751,10 +2751,10 @@
               "purl": "pkg:nuget/McMaster.Extensions.CommandLineUtils@4.0.1",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "McMaster.Extensions.CommandLineUtils",
@@ -2782,10 +2782,10 @@
                     "purl": "pkg:nuget/System.ComponentModel.Annotations@5.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "5.0.0"
                   }
@@ -2815,10 +2815,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration",
@@ -2846,10 +2846,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -2857,10 +2857,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -2890,10 +2890,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration.Abstractions",
@@ -2921,10 +2921,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -2954,10 +2954,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration.Binder",
@@ -2985,10 +2985,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3018,10 +3018,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration.CommandLine@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration.CommandLine",
@@ -3049,10 +3049,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3060,10 +3060,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3093,10 +3093,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration.EnvironmentVariables@6.0.1",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration.EnvironmentVariables",
@@ -3124,10 +3124,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3135,10 +3135,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3168,10 +3168,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration.FileExtensions@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration.FileExtensions",
@@ -3199,10 +3199,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3210,10 +3210,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3221,10 +3221,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3232,10 +3232,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Physical@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3243,10 +3243,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3276,10 +3276,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Json@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration.Json",
@@ -3307,10 +3307,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3318,10 +3318,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3329,10 +3329,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.FileExtensions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3340,10 +3340,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3351,10 +3351,10 @@
                     "purl": "pkg:nuget/System.Text.Json@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3384,10 +3384,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Configuration.UserSecrets@6.0.1",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Configuration.UserSecrets",
@@ -3415,10 +3415,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3426,10 +3426,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Json@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3437,10 +3437,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3448,10 +3448,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Physical@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3481,10 +3481,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.DependencyInjection",
@@ -3512,10 +3512,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3523,10 +3523,10 @@
                     "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3556,10 +3556,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.DependencyInjection.Abstractions",
@@ -3608,10 +3608,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.FileProviders.Abstractions",
@@ -3639,10 +3639,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3672,10 +3672,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Physical@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.FileProviders.Physical",
@@ -3703,10 +3703,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3714,10 +3714,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileSystemGlobbing@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3725,10 +3725,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3758,10 +3758,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.FileSystemGlobbing@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.FileSystemGlobbing",
@@ -3810,10 +3810,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Hosting.Abstractions",
@@ -3841,10 +3841,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3852,10 +3852,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3863,10 +3863,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -3896,10 +3896,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Logging",
@@ -3927,10 +3927,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3938,10 +3938,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3949,10 +3949,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3960,10 +3960,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -3971,10 +3971,10 @@
                     "purl": "pkg:nuget/System.Diagnostics.DiagnosticSource@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4004,10 +4004,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Logging.Abstractions",
@@ -4056,10 +4056,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Logging.Configuration@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Logging.Configuration",
@@ -4087,10 +4087,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4098,10 +4098,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4109,10 +4109,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4120,10 +4120,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4131,10 +4131,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4142,10 +4142,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4153,10 +4153,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4164,10 +4164,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options.ConfigurationExtensions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4197,10 +4197,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Logging.Console@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Logging.Console",
@@ -4228,10 +4228,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4239,10 +4239,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4250,10 +4250,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4261,10 +4261,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Configuration@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4272,10 +4272,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4283,10 +4283,10 @@
                     "purl": "pkg:nuget/System.Text.Json@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4316,10 +4316,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Logging.Debug@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Logging.Debug",
@@ -4347,10 +4347,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4358,10 +4358,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4369,10 +4369,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4402,10 +4402,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Logging.EventLog@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Logging.EventLog",
@@ -4433,10 +4433,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4444,10 +4444,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4455,10 +4455,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4466,10 +4466,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4477,10 +4477,10 @@
                     "purl": "pkg:nuget/System.Diagnostics.EventLog@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4510,10 +4510,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Logging.EventSource@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Logging.EventSource",
@@ -4541,10 +4541,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4552,10 +4552,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4563,10 +4563,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4574,10 +4574,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4585,10 +4585,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4596,10 +4596,10 @@
                     "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4607,10 +4607,10 @@
                     "purl": "pkg:nuget/System.Text.Json@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4640,10 +4640,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Options",
@@ -4671,10 +4671,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4682,10 +4682,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4715,10 +4715,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Options.ConfigurationExtensions@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Options.ConfigurationExtensions",
@@ -4746,10 +4746,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4757,10 +4757,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4768,10 +4768,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4779,10 +4779,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Options@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -4790,10 +4790,10 @@
                     "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4823,10 +4823,10 @@
               "purl": "pkg:nuget/Microsoft.Extensions.Primitives@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "Microsoft.Extensions.Primitives",
@@ -4854,10 +4854,10 @@
                     "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -4887,10 +4887,10 @@
               "purl": "pkg:nuget/System.ComponentModel.Annotations@5.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "System.ComponentModel.Annotations",
@@ -4939,10 +4939,10 @@
               "purl": "pkg:nuget/System.Diagnostics.DiagnosticSource@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "System.Diagnostics.DiagnosticSource",
@@ -4970,10 +4970,10 @@
                     "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -5003,10 +5003,10 @@
               "purl": "pkg:nuget/System.Diagnostics.EventLog@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "System.Diagnostics.EventLog",
@@ -5055,10 +5055,10 @@
               "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "System.Runtime.CompilerServices.Unsafe",
@@ -5107,10 +5107,10 @@
               "purl": "pkg:nuget/System.Text.Encodings.Web@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "System.Text.Encodings.Web",
@@ -5138,10 +5138,10 @@
                     "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
@@ -5171,10 +5171,10 @@
               "purl": "pkg:nuget/System.Text.Json@6.0.0",
               "scope": "net6.0",
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "System.Text.Json",
@@ -5202,10 +5202,10 @@
                     "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   },
@@ -5213,10 +5213,10 @@
                     "purl": "pkg:nuget/System.Text.Encodings.Web@6.0.0",
                     "scope": "net6.0",
                     "is_direct": true,
+                    "is_pinned": true,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
                     "resolved_package": {},
                     "extracted_requirement": "6.0.0"
                   }
diff --git a/scanpipe/tests/data/dependencies/resolved_dependencies_pip.json b/scanpipe/tests/data/dependencies/resolved_dependencies_pip.json
index d7fb60e8c..5f7dd15ef 100644
--- a/scanpipe/tests/data/dependencies/resolved_dependencies_pip.json
+++ b/scanpipe/tests/data/dependencies/resolved_dependencies_pip.json
@@ -77,7 +77,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-bsd_simplified_or_apache_2_0-4e6ba7864502b4956354d47c70173db3283d1005",
               "license_expression": "bsd-simplified OR apache-2.0",
-              "spdx_license_expression": "BSD-2-Clause OR Apache-2.0"
+              "license_expression_spdx": "BSD-2-Clause OR Apache-2.0"
             }
           ],
           "identifier": "bsd_simplified_or_apache_2_0-dd30dee1-b8d2-187f-c9f9-69fd2ff5e39a",
@@ -205,7 +205,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-apache_2_0_and_bsd_new_and_mit-5a0e0d1daea60cb9191d19fe5324c57e89cbcbf8",
               "license_expression": "apache-2.0 AND bsd-new AND mit",
-              "spdx_license_expression": "Apache-2.0 AND BSD-3-Clause AND MIT"
+              "license_expression_spdx": "Apache-2.0 AND BSD-3-Clause AND MIT"
             }
           ],
           "identifier": "apache_2_0_and_bsd_new_and_mit-4d4f1034-453c-8cde-3ab0-bd35ddc243e6",
@@ -282,7 +282,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-apache_2_0_and_bsd_new_and_mit-5a0e0d1daea60cb9191d19fe5324c57e89cbcbf8",
               "license_expression": "apache-2.0 AND bsd-new AND mit",
-              "spdx_license_expression": "Apache-2.0 AND BSD-3-Clause AND MIT"
+              "license_expression_spdx": "Apache-2.0 AND BSD-3-Clause AND MIT"
             }
           ],
           "identifier": "apache_2_0_and_bsd_new_and_mit-4d4f1034-453c-8cde-3ab0-bd35ddc243e6",
@@ -320,7 +320,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/attrs?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -336,7 +336,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/attrs?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -352,7 +352,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/attrs?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -368,7 +368,7 @@
       "scope": "testing",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/packaging?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/setuptools@70.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -384,7 +384,7 @@
       "scope": "",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/packaging@21.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -400,7 +400,7 @@
       "scope": "",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/packaging@21.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -416,7 +416,7 @@
       "scope": "",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/packaging@21.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -432,7 +432,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pyparsing?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/packaging@21.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -448,7 +448,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semantic-version?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -464,7 +464,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semantic-version?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -480,7 +480,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semantic-version?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -496,7 +496,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semver?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -512,7 +512,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semver?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -528,7 +528,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semver?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -544,7 +544,7 @@
       "scope": "",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/setuptools@70.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -560,7 +560,7 @@
       "scope": "",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/setuptools@70.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -576,7 +576,7 @@
       "scope": "",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/setuptools@70.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -718,10 +718,10 @@
               "purl": "pkg:pypi/packaging@21.0",
               "scope": null,
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "packaging",
@@ -749,10 +749,10 @@
                     "purl": "pkg:pypi/pyparsing",
                     "scope": "install",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": ">=2.0.2"
                   }
@@ -782,7 +782,7 @@
                         "rule_relevance": 100,
                         "rule_identifier": "spdx-license-identifier-bsd_simplified_or_apache_2_0-4e6ba7864502b4956354d47c70173db3283d1005",
                         "license_expression": "bsd-simplified OR apache-2.0",
-                        "spdx_license_expression": "BSD-2-Clause OR Apache-2.0"
+                        "license_expression_spdx": "BSD-2-Clause OR Apache-2.0"
                       }
                     ],
                     "identifier": "bsd_simplified_or_apache_2_0-dd30dee1-b8d2-187f-c9f9-69fd2ff5e39a",
@@ -805,10 +805,10 @@
               "purl": "pkg:pypi/setuptools@70.1.0",
               "scope": null,
               "is_direct": true,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "setuptools",
@@ -843,10 +843,10 @@
                     "purl": "pkg:pypi/packaging",
                     "scope": "testing",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": true,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": ">=23.2"
                   }
@@ -876,10 +876,10 @@
               "purl": "pkg:pypi/attrs",
               "scope": "install",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": null
             },
@@ -887,10 +887,10 @@
               "purl": "pkg:pypi/semantic-version",
               "scope": "install",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": null
             },
@@ -898,12 +898,12 @@
               "purl": "pkg:pypi/semver",
               "scope": "install",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {
                 "python_version": "< 3.8"
               },
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": null
             }
@@ -933,7 +933,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "spdx-license-identifier-apache_2_0_and_bsd_new_and_mit-5a0e0d1daea60cb9191d19fe5324c57e89cbcbf8",
                   "license_expression": "apache-2.0 AND bsd-new AND mit",
-                  "spdx_license_expression": "Apache-2.0 AND BSD-3-Clause AND MIT"
+                  "license_expression_spdx": "Apache-2.0 AND BSD-3-Clause AND MIT"
                 }
               ],
               "identifier": "apache_2_0_and_bsd_new_and_mit-4d4f1034-453c-8cde-3ab0-bd35ddc243e6",
diff --git a/scanpipe/tests/data/dependencies/resolved_dependencies_poetry_inspect_packages.json b/scanpipe/tests/data/dependencies/resolved_dependencies_poetry_inspect_packages.json
index 90d829e50..aeda3db1d 100644
--- a/scanpipe/tests/data/dependencies/resolved_dependencies_poetry_inspect_packages.json
+++ b/scanpipe/tests/data/dependencies/resolved_dependencies_poetry_inspect_packages.json
@@ -330,7 +330,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx_license_id_apache-2.0_for_apache-2.0.RULE",
               "license_expression": "apache-2.0",
-              "spdx_license_expression": "Apache-2.0"
+              "license_expression_spdx": "Apache-2.0"
             }
           ],
           "identifier": "apache_2_0-d66ab77d-a5cc-7104-e702-dc7df61fe9e8",
@@ -367,7 +367,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/attrs?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -383,7 +383,7 @@
       "scope": "diagrams",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/jinja2?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/pyparsing@3.1.2?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -399,7 +399,7 @@
       "scope": "dev",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/mypy?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/attrs@21.4.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -415,7 +415,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/packaging?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -431,7 +431,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/pyparsing?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/packaging@21.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -447,7 +447,7 @@
       "scope": "diagrams",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/railroad-diagrams?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/pyparsing@3.1.2?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -463,7 +463,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semantic-version?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -479,7 +479,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/semver?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/univers@0.1.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -495,7 +495,7 @@
       "scope": "doc",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/sphinx?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/semantic-version@2.10.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -511,7 +511,7 @@
       "scope": "doc",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/sphinx-rtd-theme?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/semantic-version@2.10.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -688,10 +688,10 @@
               "purl": "pkg:pypi/attrs@21.4.0",
               "scope": null,
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "attrs",
@@ -719,10 +719,10 @@
                     "purl": "pkg:pypi/mypy",
                     "scope": "dev",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": false,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": null
                   }
@@ -752,10 +752,10 @@
               "purl": "pkg:pypi/packaging@21.0",
               "scope": null,
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "packaging",
@@ -783,10 +783,10 @@
                     "purl": "pkg:pypi/pyparsing",
                     "scope": "dependencies",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": ">=2.0.2"
                   }
@@ -816,10 +816,10 @@
               "purl": "pkg:pypi/pyparsing@3.1.2",
               "scope": null,
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "pyparsing",
@@ -847,10 +847,10 @@
                     "purl": "pkg:pypi/jinja2",
                     "scope": "diagrams",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": false,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": null
                   },
@@ -858,10 +858,10 @@
                     "purl": "pkg:pypi/railroad-diagrams",
                     "scope": "diagrams",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": false,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": null
                   }
@@ -891,10 +891,10 @@
               "purl": "pkg:pypi/semantic-version@2.10.0",
               "scope": null,
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "semantic-version",
@@ -922,10 +922,10 @@
                     "purl": "pkg:pypi/sphinx",
                     "scope": "doc",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": false,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": null
                   },
@@ -933,10 +933,10 @@
                     "purl": "pkg:pypi/sphinx-rtd-theme",
                     "scope": "doc",
                     "is_direct": true,
+                    "is_pinned": false,
                     "extra_data": {},
                     "is_runtime": false,
                     "is_optional": false,
-                    "is_resolved": false,
                     "resolved_package": {},
                     "extracted_requirement": null
                   }
@@ -966,10 +966,10 @@
               "purl": "pkg:pypi/semver@2.13.0",
               "scope": null,
               "is_direct": false,
+              "is_pinned": true,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": true,
               "resolved_package": {
                 "md5": null,
                 "name": "semver",
@@ -1112,10 +1112,10 @@
               "purl": "pkg:pypi/attrs",
               "scope": "dependencies",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "^21.2.0"
             },
@@ -1123,10 +1123,10 @@
               "purl": "pkg:pypi/packaging",
               "scope": "dependencies",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "21.0"
             },
@@ -1134,10 +1134,10 @@
               "purl": "pkg:pypi/semantic-version",
               "scope": "dependencies",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "^2.8.5"
             },
@@ -1145,10 +1145,10 @@
               "purl": "pkg:pypi/semver",
               "scope": "dependencies",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "^2.13.0"
             }
@@ -1178,7 +1178,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "spdx_license_id_apache-2.0_for_apache-2.0.RULE",
                   "license_expression": "apache-2.0",
-                  "spdx_license_expression": "Apache-2.0"
+                  "license_expression_spdx": "Apache-2.0"
                 }
               ],
               "identifier": "apache_2_0-d66ab77d-a5cc-7104-e702-dc7df61fe9e8",
diff --git a/scanpipe/tests/data/dependencies/resolved_dependencies_swift_inspect_packages.json b/scanpipe/tests/data/dependencies/resolved_dependencies_swift_inspect_packages.json
index bcb708fd6..f45ddbf73 100644
--- a/scanpipe/tests/data/dependencies/resolved_dependencies_swift_inspect_packages.json
+++ b/scanpipe/tests/data/dependencies/resolved_dependencies_swift_inspect_packages.json
@@ -171,7 +171,7 @@
               "rule_relevance": 100,
               "rule_identifier": "package-manifest-unknown-cb9ea49fe36cb2e1ba6d87c68e1195a492f762cf",
               "license_expression": "unknown",
-              "spdx_license_expression": "LicenseRef-scancode-unknown"
+              "license_expression_spdx": "LicenseRef-scancode-unknown"
             }
           ],
           "identifier": "unknown-0669ac45-20f6-defd-ec9f-2b6aafc9f944",
@@ -404,7 +404,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:npm/athena-express?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/create-athena-partition@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -420,7 +420,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/bluebird?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/csvtojson@2.0.10?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -436,7 +436,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/csvtojson?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/athena-express@6.0.4?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -452,7 +452,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/is-utf8?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/strip-bom@2.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -468,7 +468,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/lodash?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/csvtojson@2.0.10?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -484,7 +484,7 @@
       "scope": "dependencies",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "dependency_uid": "pkg:npm/strip-bom?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/csvtojson@2.0.10?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -626,7 +626,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
+              "is_pinned": false,
               "resolved_package": {},
               "extracted_requirement": "^6.0.4"
             }
@@ -656,7 +656,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "package-manifest-unknown-cb9ea49fe36cb2e1ba6d87c68e1195a492f762cf",
                   "license_expression": "unknown",
-                  "spdx_license_expression": "LicenseRef-scancode-unknown"
+                  "license_expression_spdx": "LicenseRef-scancode-unknown"
                 }
               ],
               "identifier": "unknown-0669ac45-20f6-defd-ec9f-2b6aafc9f944",
@@ -741,7 +741,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "resolved_package": {
                 "md5": null,
                 "name": "athena-express",
@@ -772,7 +772,7 @@
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
+                    "is_pinned": true,
                     "resolved_package": {},
                     "extracted_requirement": "^2.0.10"
                   }
@@ -805,7 +805,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "resolved_package": {
                 "md5": null,
                 "name": "bluebird",
@@ -857,7 +857,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "resolved_package": {
                 "md5": null,
                 "name": "csvtojson",
@@ -888,7 +888,7 @@
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
+                    "is_pinned": true,
                     "resolved_package": {},
                     "extracted_requirement": "^3.5.1"
                   },
@@ -899,7 +899,7 @@
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
+                    "is_pinned": true,
                     "resolved_package": {},
                     "extracted_requirement": "^4.17.3"
                   },
@@ -910,7 +910,7 @@
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
+                    "is_pinned": true,
                     "resolved_package": {},
                     "extracted_requirement": "^2.0.0"
                   }
@@ -943,7 +943,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "resolved_package": {
                 "md5": null,
                 "name": "is-utf8",
@@ -995,7 +995,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "resolved_package": {
                 "md5": null,
                 "name": "lodash",
@@ -1047,7 +1047,7 @@
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "resolved_package": {
                 "md5": null,
                 "name": "strip-bom",
@@ -1078,7 +1078,7 @@
                     "extra_data": {},
                     "is_runtime": true,
                     "is_optional": false,
-                    "is_resolved": true,
+                    "is_pinned": true,
                     "resolved_package": {},
                     "extracted_requirement": "^0.2.0"
                   }
diff --git a/scanpipe/tests/data/docker/alpine_3_15_4_scan_codebase.json b/scanpipe/tests/data/docker/alpine_3_15_4_scan_codebase.json
index d049bb77a..6a47adf3d 100644
--- a/scanpipe/tests/data/docker/alpine_3_15_4_scan_codebase.json
+++ b/scanpipe/tests/data/docker/alpine_3_15_4_scan_codebase.json
@@ -156,7 +156,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx_license_id_gpl-2.0-only_for_gpl-2.0.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-7541c21a-b2c9-c697-2794-bf0cfcdf32f9",
@@ -275,7 +275,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-1b937028f397e2c5fe4eb6a0abd781ab80f9eeff",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-704ced38-ea60-e53b-6c20-390fe781b1c3",
@@ -514,7 +514,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx_license_id_gpl-2.0-only_for_gpl-2.0.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-7541c21a-b2c9-c697-2794-bf0cfcdf32f9",
@@ -598,7 +598,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx_license_id_gpl-2.0-only_for_gpl-2.0.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-7541c21a-b2c9-c697-2794-bf0cfcdf32f9",
@@ -693,7 +693,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mpl_2_0_and_mit-5514313e881fb20dc746d1ac1e3a53a643c808d7",
               "license_expression": "mpl-2.0 AND mit",
-              "spdx_license_expression": "MPL-2.0 AND MIT"
+              "license_expression_spdx": "MPL-2.0 AND MIT"
             }
           ],
           "identifier": "mpl_2_0_and_mit-0ec4a3d2-4f7b-39d7-f14f-8bb7666de6d5",
@@ -788,7 +788,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-openssl_ssleay-b5dd48b21e3399670d584d4ade9a9791a24c58cd",
               "license_expression": "openssl-ssleay",
-              "spdx_license_expression": "OpenSSL"
+              "license_expression_spdx": "OpenSSL"
             }
           ],
           "identifier": "openssl_ssleay-602fb366-4d56-7dcd-cac5-129d99473599",
@@ -907,7 +907,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-bsd_simplified_and_bsd_new-dc707a661bb1da34ff773b7e9955e0235b3b3f74",
               "license_expression": "bsd-simplified AND bsd-new",
-              "spdx_license_expression": "BSD-2-Clause AND BSD-3-Clause"
+              "license_expression_spdx": "BSD-2-Clause AND BSD-3-Clause"
             }
           ],
           "identifier": "bsd_simplified_and_bsd_new-571c460d-b906-8e23-30cd-5429d912eee3",
@@ -991,7 +991,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-isc_and__bsd_new_or_mit-7471dfe24fdc3b7a8943273ac320469f644d2688",
               "license_expression": "isc AND (bsd-new OR mit)",
-              "spdx_license_expression": "ISC AND (BSD-3-Clause OR MIT)"
+              "license_expression_spdx": "ISC AND (BSD-3-Clause OR MIT)"
             }
           ],
           "identifier": "isc_and__bsd_new_or_mit-00412b1c-2d3c-5fef-ddd7-9c04aca09dd5",
@@ -1086,7 +1086,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-openssl_ssleay-b5dd48b21e3399670d584d4ade9a9791a24c58cd",
               "license_expression": "openssl-ssleay",
-              "spdx_license_expression": "OpenSSL"
+              "license_expression_spdx": "OpenSSL"
             }
           ],
           "identifier": "openssl_ssleay-602fb366-4d56-7dcd-cac5-129d99473599",
@@ -1181,7 +1181,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-1b937028f397e2c5fe4eb6a0abd781ab80f9eeff",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-704ced38-ea60-e53b-6c20-390fe781b1c3",
@@ -1276,7 +1276,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit_and_bsd_new_and_gpl_2_0_plus-a42688b31c355df3bef97265e8ca20360250716e",
               "license_expression": "mit AND bsd-new AND gpl-2.0-plus",
-              "spdx_license_expression": "MIT AND BSD-3-Clause AND GPL-2.0-or-later"
+              "license_expression_spdx": "MIT AND BSD-3-Clause AND GPL-2.0-or-later"
             }
           ],
           "identifier": "mit_and_bsd_new_and_gpl_2_0_plus-f5dc1480-e57f-fd40-8614-8d2a83cd4bb9",
@@ -1360,7 +1360,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx_license_id_gpl-2.0-only_for_gpl-2.0.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-7541c21a-b2c9-c697-2794-bf0cfcdf32f9",
@@ -1444,7 +1444,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx_license_id_gpl-2.0-only_for_gpl-2.0.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-7541c21a-b2c9-c697-2794-bf0cfcdf32f9",
@@ -1528,7 +1528,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-zlib-2023583c09c2e5aa14d564036e304041c0f1ace3",
               "license_expression": "zlib",
-              "spdx_license_expression": "Zlib"
+              "license_expression_spdx": "Zlib"
             }
           ],
           "identifier": "zlib-f742edbd-d484-7a19-19f0-f4582738f149",
diff --git a/scanpipe/tests/data/docker/centos_scan_codebase.json b/scanpipe/tests/data/docker/centos_scan_codebase.json
index 8e51b1a60..e72198bca 100644
--- a/scanpipe/tests/data/docker/centos_scan_codebase.json
+++ b/scanpipe/tests/data/docker/centos_scan_codebase.json
@@ -172,7 +172,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -353,7 +353,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -427,7 +427,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -1544,7 +1544,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -1765,7 +1765,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -1898,7 +1898,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -2335,7 +2335,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0_bare_single_word.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-3aa0fcde-6d7f-a8e2-6494-7f9352e6aafb",
@@ -3276,7 +3276,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -4257,7 +4257,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -4950,7 +4950,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -5163,7 +5163,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -5536,7 +5536,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -5551,7 +5551,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-3.0-plus_14.RULE",
               "license_expression": "lgpl-3.0-plus",
-              "spdx_license_expression": "LGPL-3.0-or-later"
+              "license_expression_spdx": "LGPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus_and_lgpl_3_0_plus-04edc589-8dd8-8fbf-7213-440169dd8333",
@@ -5748,7 +5748,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -5937,7 +5937,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -144048,7 +144048,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -144063,7 +144063,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -144078,7 +144078,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus_and_gpl_2_0_plus_and_lgpl_2_0_plus-d1dd0a3a-45b6-933d-86cb-cf97a1892743",
@@ -145131,7 +145131,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -146462,8 +146462,8 @@
       "sha512": "",
       "copyright": "",
       "holder": "",
-      "declared_license_expression": "lgpl-2.0-plus AND gpl-2.0-plus AND public-domain",
-      "declared_license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later AND LicenseRef-scancode-public-domain",
+      "declared_license_expression": "(lgpl-2.0-plus AND gpl-2.0-plus) AND public-domain",
+      "declared_license_expression_spdx": "(LGPL-2.0-or-later AND GPL-2.0-or-later) AND LicenseRef-scancode-public-domain",
       "license_detections": [
         {
           "matches": [
@@ -146480,7 +146480,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -146495,7 +146495,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -146510,7 +146510,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -146525,8 +146525,15 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
-            },
+              "license_expression_spdx": "GPL-2.0-or-later"
+            }
+          ],
+          "identifier": "lgpl_2_0_plus_and_gpl_2_0_plus-52cb9589-60c0-462b-d95e-0cb26c1b6894",
+          "license_expression": "lgpl-2.0-plus AND gpl-2.0-plus",
+          "license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later"
+        },
+        {
+          "matches": [
             {
               "score": 70.0,
               "matcher": "2-aho",
@@ -146540,12 +146547,12 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
-          "identifier": "lgpl_2_0_plus_and_gpl_2_0_plus_and_public_domain-edb22018-eed0-112e-dadf-9feb53cac05a",
-          "license_expression": "lgpl-2.0-plus AND gpl-2.0-plus AND public-domain",
-          "license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later AND LicenseRef-scancode-public-domain"
+          "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
+          "license_expression": "public-domain",
+          "license_expression_spdx": "LicenseRef-scancode-public-domain"
         }
       ],
       "other_license_expression": "",
@@ -152695,8 +152702,8 @@
       "sha512": "",
       "copyright": "",
       "holder": "",
-      "declared_license_expression": "lgpl-2.0-plus AND gpl-2.0-plus AND public-domain",
-      "declared_license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later AND LicenseRef-scancode-public-domain",
+      "declared_license_expression": "(lgpl-2.0-plus AND gpl-2.0-plus) AND public-domain",
+      "declared_license_expression_spdx": "(LGPL-2.0-or-later AND GPL-2.0-or-later) AND LicenseRef-scancode-public-domain",
       "license_detections": [
         {
           "matches": [
@@ -152713,7 +152720,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -152728,7 +152735,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -152743,7 +152750,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -152758,8 +152765,15 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
-            },
+              "license_expression_spdx": "GPL-2.0-or-later"
+            }
+          ],
+          "identifier": "lgpl_2_0_plus_and_gpl_2_0_plus-52cb9589-60c0-462b-d95e-0cb26c1b6894",
+          "license_expression": "lgpl-2.0-plus AND gpl-2.0-plus",
+          "license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later"
+        },
+        {
+          "matches": [
             {
               "score": 70.0,
               "matcher": "2-aho",
@@ -152773,12 +152787,12 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
-          "identifier": "lgpl_2_0_plus_and_gpl_2_0_plus_and_public_domain-edb22018-eed0-112e-dadf-9feb53cac05a",
-          "license_expression": "lgpl-2.0-plus AND gpl-2.0-plus AND public-domain",
-          "license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later AND LicenseRef-scancode-public-domain"
+          "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
+          "license_expression": "public-domain",
+          "license_expression_spdx": "LicenseRef-scancode-public-domain"
         }
       ],
       "other_license_expression": "",
@@ -153264,8 +153278,8 @@
       "sha512": "",
       "copyright": "",
       "holder": "",
-      "declared_license_expression": "lgpl-2.0-plus AND gpl-2.0-plus AND public-domain",
-      "declared_license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later AND LicenseRef-scancode-public-domain",
+      "declared_license_expression": "(lgpl-2.0-plus AND gpl-2.0-plus) AND public-domain",
+      "declared_license_expression_spdx": "(LGPL-2.0-or-later AND GPL-2.0-or-later) AND LicenseRef-scancode-public-domain",
       "license_detections": [
         {
           "matches": [
@@ -153282,7 +153296,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -153297,7 +153311,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -153312,7 +153326,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -153327,8 +153341,15 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
-            },
+              "license_expression_spdx": "GPL-2.0-or-later"
+            }
+          ],
+          "identifier": "lgpl_2_0_plus_and_gpl_2_0_plus-52cb9589-60c0-462b-d95e-0cb26c1b6894",
+          "license_expression": "lgpl-2.0-plus AND gpl-2.0-plus",
+          "license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later"
+        },
+        {
+          "matches": [
             {
               "score": 70.0,
               "matcher": "2-aho",
@@ -153342,12 +153363,12 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
-          "identifier": "lgpl_2_0_plus_and_gpl_2_0_plus_and_public_domain-edb22018-eed0-112e-dadf-9feb53cac05a",
-          "license_expression": "lgpl-2.0-plus AND gpl-2.0-plus AND public-domain",
-          "license_expression_spdx": "LGPL-2.0-or-later AND GPL-2.0-or-later AND LicenseRef-scancode-public-domain"
+          "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
+          "license_expression": "public-domain",
+          "license_expression_spdx": "LicenseRef-scancode-public-domain"
         }
       ],
       "other_license_expression": "",
@@ -153416,7 +153437,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-3.0-plus_14.RULE",
               "license_expression": "lgpl-3.0-plus",
-              "spdx_license_expression": "LGPL-3.0-or-later"
+              "license_expression_spdx": "LGPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -153431,7 +153452,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_3_0_plus_and_gpl_2_0_plus-796f6213-0ca4-e2bd-f5af-b21d99ff27b8",
@@ -153628,7 +153649,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -155121,7 +155142,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -155136,7 +155157,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus_and_lgpl_2_0_plus-15922501-bf35-9d4d-9875-123994337acf",
@@ -155469,7 +155490,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -155484,7 +155505,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus_and_lgpl_2_0_plus-e09a8f4e-2efd-fd71-8dff-6696659f6ffc",
@@ -155761,7 +155782,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -155966,7 +155987,7 @@
               "rule_relevance": 100,
               "rule_identifier": "package-manifest-unknown-b9931200c2f732e2ea95da8f66af5f41a403ecf7",
               "license_expression": "unknown",
-              "spdx_license_expression": "LicenseRef-scancode-unknown"
+              "license_expression_spdx": "LicenseRef-scancode-unknown"
             }
           ],
           "identifier": "unknown-215a841a-e3aa-2ed9-9dfb-b6db7f0096e1",
@@ -156040,7 +156061,7 @@
               "rule_relevance": 100,
               "rule_identifier": "package-manifest-unknown-b9931200c2f732e2ea95da8f66af5f41a403ecf7",
               "license_expression": "unknown",
-              "spdx_license_expression": "LicenseRef-scancode-unknown"
+              "license_expression_spdx": "LicenseRef-scancode-unknown"
             }
           ],
           "identifier": "unknown-215a841a-e3aa-2ed9-9dfb-b6db7f0096e1",
@@ -156114,7 +156135,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -156711,7 +156732,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -156924,7 +156945,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -157073,7 +157094,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -157670,7 +157691,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -157685,7 +157706,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus_and_lgpl_2_0_plus-e09a8f4e-2efd-fd71-8dff-6696659f6ffc",
@@ -157826,7 +157847,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -158399,7 +158420,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus-0c21f411-1d2f-7a2d-6b54-b6e1f666206c",
@@ -158484,7 +158505,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -158601,7 +158622,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -158782,7 +158803,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -158797,7 +158818,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus_and_gpl_3_0_plus-29035417-3ce2-cedc-014d-7f72256345ec",
@@ -158994,7 +159015,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -159119,7 +159140,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -159252,7 +159273,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0_bare_single_word.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-3aa0fcde-6d7f-a8e2-6494-7f9352e6aafb",
@@ -159553,7 +159574,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -159686,7 +159707,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -159819,7 +159840,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -159952,7 +159973,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0_35.RULE",
               "license_expression": "lgpl-2.0",
-              "spdx_license_expression": "LGPL-2.0-only"
+              "license_expression_spdx": "LGPL-2.0-only"
             }
           ],
           "identifier": "lgpl_2_0-e5b8c579-7133-6625-70ab-b164f363acf4",
@@ -160109,7 +160130,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0_35.RULE",
               "license_expression": "lgpl-2.0",
-              "spdx_license_expression": "LGPL-2.0-only"
+              "license_expression_spdx": "LGPL-2.0-only"
             }
           ],
           "identifier": "lgpl_2_0-e5b8c579-7133-6625-70ab-b164f363acf4",
@@ -160674,7 +160695,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -161223,7 +161244,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -161372,7 +161393,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -161387,7 +161408,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -161402,7 +161423,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -161417,7 +161438,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus_and_gpl_2_0_plus_and_lgpl_2_0_plus-8116dc70-40ae-4977-f896-723241169fe6",
@@ -161582,7 +161603,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -161771,7 +161792,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -162152,7 +162173,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -162167,7 +162188,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-3.0-plus_14.RULE",
               "license_expression": "lgpl-3.0-plus",
-              "spdx_license_expression": "LGPL-3.0-or-later"
+              "license_expression_spdx": "LGPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -162182,7 +162203,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus_and_lgpl_3_0_plus_and_gpl_3_0_plus-292bbbd2-65bb-29f3-8ef7-e15309b8d0a0",
@@ -162547,7 +162568,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-3.0-plus_14.RULE",
               "license_expression": "lgpl-3.0-plus",
-              "spdx_license_expression": "LGPL-3.0-or-later"
+              "license_expression_spdx": "LGPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -162562,7 +162583,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -162577,7 +162598,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "lgpl_3_0_plus_and_gpl_2_0_plus_and_gpl_3_0_plus-b30968c9-8feb-3d77-93e1-ac797de3ae2f",
@@ -162790,7 +162811,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -162939,7 +162960,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -163128,7 +163149,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -163261,7 +163282,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -163394,7 +163415,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -164167,7 +164188,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -164300,7 +164321,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -164441,7 +164462,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -164582,7 +164603,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -164747,7 +164768,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -164872,7 +164893,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus-0c21f411-1d2f-7a2d-6b54-b6e1f666206c",
@@ -165037,7 +165058,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -165178,7 +165199,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -165343,7 +165364,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -165532,7 +165553,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -165547,7 +165568,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -165562,7 +165583,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -165577,7 +165598,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus_and_gpl_2_0_plus_and_lgpl_2_0_plus-8116dc70-40ae-4977-f896-723241169fe6",
@@ -165902,7 +165923,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -165917,7 +165938,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus_and_lgpl_2_0_plus-15922501-bf35-9d4d-9875-123994337acf",
@@ -166098,7 +166119,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -166113,7 +166134,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-3.0-plus_14.RULE",
               "license_expression": "lgpl-3.0-plus",
-              "spdx_license_expression": "LGPL-3.0-or-later"
+              "license_expression_spdx": "LGPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus_and_lgpl_3_0_plus-04edc589-8dd8-8fbf-7213-440169dd8333",
@@ -166286,7 +166307,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -166451,7 +166472,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -166584,7 +166605,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -166757,8 +166778,15 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
-            },
+              "license_expression_spdx": "LGPL-2.0-or-later"
+            }
+          ],
+          "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
+          "license_expression": "lgpl-2.0-plus",
+          "license_expression_spdx": "LGPL-2.0-or-later"
+        },
+        {
+          "matches": [
             {
               "score": 70.0,
               "matcher": "2-aho",
@@ -166772,12 +166800,12 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
-          "identifier": "lgpl_2_0_plus_and_public_domain-02359411-b720-c8b7-b1ae-d873e94c1d6f",
-          "license_expression": "lgpl-2.0-plus AND public-domain",
-          "license_expression_spdx": "LGPL-2.0-or-later AND LicenseRef-scancode-public-domain"
+          "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
+          "license_expression": "public-domain",
+          "license_expression_spdx": "LicenseRef-scancode-public-domain"
         }
       ],
       "other_license_expression": "",
@@ -166977,7 +167005,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -167222,7 +167250,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -167371,7 +167399,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -167480,7 +167508,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus-0c21f411-1d2f-7a2d-6b54-b6e1f666206c",
@@ -167613,7 +167641,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -167754,7 +167782,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-3.0-plus_14.RULE",
               "license_expression": "lgpl-3.0-plus",
-              "spdx_license_expression": "LGPL-3.0-or-later"
+              "license_expression_spdx": "LGPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -167769,7 +167797,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "lgpl_3_0_plus_and_gpl_3_0_plus-9a91e2f8-9a7f-27de-c18a-1480d1e42d41",
@@ -167966,7 +167994,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -169371,7 +169399,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -169800,7 +169828,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-3.0-plus_14.RULE",
               "license_expression": "lgpl-3.0-plus",
-              "spdx_license_expression": "LGPL-3.0-or-later"
+              "license_expression_spdx": "LGPL-3.0-or-later"
             },
             {
               "score": 100.0,
@@ -169815,7 +169843,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_3_0_plus_and_gpl_2_0_plus-796f6213-0ca4-e2bd-f5af-b21d99ff27b8",
@@ -170068,7 +170096,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -170201,7 +170229,7 @@
               "rule_relevance": 100,
               "rule_identifier": "package-manifest-unknown-1468f5c04ce66bed92859f134fea3273baa9ba43",
               "license_expression": "unknown",
-              "spdx_license_expression": "LicenseRef-scancode-unknown"
+              "license_expression_spdx": "LicenseRef-scancode-unknown"
             }
           ],
           "identifier": "unknown-05bb2066-4eaa-d2aa-1cf0-4f433d8d41aa",
@@ -170518,7 +170546,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-openssl_ssleay-03d817701afe404cc2df5eb4625e37d9869edb1e",
               "license_expression": "openssl-ssleay",
-              "spdx_license_expression": "OpenSSL"
+              "license_expression_spdx": "OpenSSL"
             }
           ],
           "identifier": "openssl_ssleay-84d820dd-f1ab-1bf0-0c65-5743d8ae36f1",
@@ -170843,7 +170871,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -171136,7 +171164,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -171301,7 +171329,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -171498,7 +171526,7 @@
               "rule_relevance": 99,
               "rule_identifier": "bsd-new_89.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-261898a0-0118-87c4-7092-14e4ff134882",
@@ -171703,7 +171731,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -172116,7 +172144,7 @@
               "rule_relevance": 100,
               "rule_identifier": "mpl-2.0_93.RULE",
               "license_expression": "mpl-2.0",
-              "spdx_license_expression": "MPL-2.0"
+              "license_expression_spdx": "MPL-2.0"
             }
           ],
           "identifier": "mpl_2_0-ef5bc63c-f824-4dcf-6a6e-ff839eb4a4ed",
@@ -172225,7 +172253,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -172414,7 +172442,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0_bare_single_word.RULE",
               "license_expression": "gpl-2.0",
-              "spdx_license_expression": "GPL-2.0-only"
+              "license_expression_spdx": "GPL-2.0-only"
             }
           ],
           "identifier": "gpl_2_0-3aa0fcde-6d7f-a8e2-6494-7f9352e6aafb",
@@ -172683,7 +172711,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus-0c21f411-1d2f-7a2d-6b54-b6e1f666206c",
@@ -174744,7 +174772,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-2.0-plus_bare_single_word.RULE",
               "license_expression": "gpl-2.0-plus",
-              "spdx_license_expression": "GPL-2.0-or-later"
+              "license_expression_spdx": "GPL-2.0-or-later"
             },
             {
               "score": 100.0,
@@ -174759,7 +174787,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "gpl_2_0_plus_and_lgpl_2_0_plus-e09a8f4e-2efd-fd71-8dff-6696659f6ffc",
@@ -174908,7 +174936,7 @@
               "rule_relevance": 100,
               "rule_identifier": "gpl-3.0-plus_28.RULE",
               "license_expression": "gpl-3.0-plus",
-              "spdx_license_expression": "GPL-3.0-or-later"
+              "license_expression_spdx": "GPL-3.0-or-later"
             }
           ],
           "identifier": "gpl_3_0_plus-992c2826-32f7-0923-117b-352e9394de25",
@@ -175417,7 +175445,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -175790,7 +175818,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -175923,7 +175951,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.0-plus_68.RULE",
               "license_expression": "lgpl-2.0-plus",
-              "spdx_license_expression": "LGPL-2.0-or-later"
+              "license_expression_spdx": "LGPL-2.0-or-later"
             }
           ],
           "identifier": "lgpl_2_0_plus-90b39762-6d8b-2776-3bac-1588e2316c8d",
@@ -176168,7 +176196,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -191085,7 +191113,7 @@
               "rule_relevance": 70,
               "rule_identifier": "public-domain_bare_words.RULE",
               "license_expression": "public-domain",
-              "spdx_license_expression": "LicenseRef-scancode-public-domain"
+              "license_expression_spdx": "LicenseRef-scancode-public-domain"
             }
           ],
           "identifier": "public_domain-3dd945ae-65df-7d90-6467-60f8ecf2eb77",
@@ -191210,7 +191238,7 @@
               "rule_relevance": 100,
               "rule_identifier": "zlib_24.RULE",
               "license_expression": "zlib",
-              "spdx_license_expression": "Zlib"
+              "license_expression_spdx": "Zlib"
             }
           ],
           "identifier": "zlib-2014212f-1de3-71a0-4d8b-f6ed439930e1",
diff --git a/scanpipe/tests/data/docker/debian_scan_codebase.json b/scanpipe/tests/data/docker/debian_scan_codebase.json
index f2a2c57d7..52bf7e72c 100644
--- a/scanpipe/tests/data/docker/debian_scan_codebase.json
+++ b/scanpipe/tests/data/docker/debian_scan_codebase.json
@@ -158,7 +158,7 @@
               "rule_relevance": 100,
               "rule_identifier": "x11-fsf.LICENSE",
               "license_expression": "x11-fsf",
-              "spdx_license_expression": "X11-distribute-modifications-variant"
+              "license_expression_spdx": "X11-distribute-modifications-variant"
             }
           ],
           "identifier": "x11_fsf-5f3d72c2-fa6a-2f7b-b859-17e7567c1724",
@@ -180,7 +180,7 @@
               "rule_relevance": 100,
               "rule_identifier": "x11-xconsortium_2.RULE",
               "license_expression": "x11-xconsortium",
-              "spdx_license_expression": "X11"
+              "license_expression_spdx": "X11"
             }
           ],
           "identifier": "x11_xconsortium-8bc3e205-5f29-ecad-90bc-2f492c65be46",
@@ -202,7 +202,7 @@
               "rule_relevance": 100,
               "rule_identifier": "bsd-new_19.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-ccc98c3a-92d4-e7a3-e0ba-798328cb6b98",
@@ -224,7 +224,7 @@
               "rule_relevance": 100,
               "rule_identifier": "x11-xconsortium_41.RULE",
               "license_expression": "x11-xconsortium",
-              "spdx_license_expression": "X11"
+              "license_expression_spdx": "X11"
             }
           ],
           "identifier": "x11_xconsortium-4a366de0-e107-017e-0783-8145953fe45e",
@@ -353,7 +353,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.1-plus_108.RULE",
               "license_expression": "lgpl-2.1-plus",
-              "spdx_license_expression": "LGPL-2.1-or-later"
+              "license_expression_spdx": "LGPL-2.1-or-later"
             },
             {
               "score": 100.0,
@@ -368,7 +368,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.1-plus_93.RULE",
               "license_expression": "lgpl-2.1-plus",
-              "spdx_license_expression": "LGPL-2.1-or-later"
+              "license_expression_spdx": "LGPL-2.1-or-later"
             },
             {
               "score": 100.0,
@@ -383,7 +383,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.1_314.RULE",
               "license_expression": "lgpl-2.1",
-              "spdx_license_expression": "LGPL-2.1-only"
+              "license_expression_spdx": "LGPL-2.1-only"
             }
           ],
           "identifier": "lgpl_2_1_plus_and_lgpl_2_1-1018860f-b475-01e3-bdd4-39bf3444650e",
diff --git a/scanpipe/tests/data/docker/gcr_io_distroless_base_scan_codebase.json b/scanpipe/tests/data/docker/gcr_io_distroless_base_scan_codebase.json
index 9edeb6a2b..29c099762 100644
--- a/scanpipe/tests/data/docker/gcr_io_distroless_base_scan_codebase.json
+++ b/scanpipe/tests/data/docker/gcr_io_distroless_base_scan_codebase.json
@@ -17961,7 +17961,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "gpl-2.0-plus_22.RULE",
                   "license_expression": "gpl-2.0-plus",
-                  "spdx_license_expression": "GPL-2.0-or-later"
+                  "license_expression_spdx": "GPL-2.0-or-later"
                 },
                 {
                   "score": 100.0,
@@ -17976,7 +17976,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "gpl-2.0-plus_25.RULE",
                   "license_expression": "gpl-2.0-plus",
-                  "spdx_license_expression": "GPL-2.0-or-later"
+                  "license_expression_spdx": "GPL-2.0-or-later"
                 },
                 {
                   "score": 100.0,
@@ -17991,7 +17991,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "gpl-2.0_1166.RULE",
                   "license_expression": "gpl-2.0",
-                  "spdx_license_expression": "GPL-2.0-only"
+                  "license_expression_spdx": "GPL-2.0-only"
                 }
               ],
               "identifier": "gpl_2_0_plus_and_gpl_2_0-c60cf274-d3ce-d029-06f8-cdf674420dbe",
@@ -18013,7 +18013,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "mpl-2.0_75.RULE",
                   "license_expression": "mpl-2.0",
-                  "spdx_license_expression": "MPL-2.0"
+                  "license_expression_spdx": "MPL-2.0"
                 },
                 {
                   "score": 100.0,
@@ -18028,7 +18028,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "mpl-2.0.LICENSE",
                   "license_expression": "mpl-2.0",
-                  "spdx_license_expression": "MPL-2.0"
+                  "license_expression_spdx": "MPL-2.0"
                 }
               ],
               "identifier": "mpl_2_0-a4e80716-0ace-81d4-b4b0-3d29c3a0f1e2",
@@ -61868,7 +61868,13 @@
       "percentage_of_license_text": null,
       "copyrights": [],
       "holders": [],
-      "authors": [],
+      "authors": [
+        {
+          "author": "Santiago Vila <sanvila@debian.org>",
+          "end_line": 5,
+          "start_line": 5
+        }
+      ],
       "package_data": [],
       "for_packages": [],
       "emails": [
@@ -61909,7 +61915,13 @@
       "percentage_of_license_text": null,
       "copyrights": [],
       "holders": [],
-      "authors": [],
+      "authors": [
+        {
+          "author": "Marco d'Itri <md@linux.it>",
+          "end_line": 4,
+          "start_line": 4
+        }
+      ],
       "package_data": [],
       "for_packages": [],
       "emails": [
diff --git a/scanpipe/tests/data/manifests/openpdf-parent-1.3.11_scan_package.json b/scanpipe/tests/data/manifests/openpdf-parent-1.3.11_scan_package.json
index 5582c1598..5db7295b7 100644
--- a/scanpipe/tests/data/manifests/openpdf-parent-1.3.11_scan_package.json
+++ b/scanpipe/tests/data/manifests/openpdf-parent-1.3.11_scan_package.json
@@ -14,12 +14,12 @@
         "--summary": true
       },
       "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.",
-      "output_format_version": "3.2.0",
+      "output_format_version": "4.0.0",
       "message": null,
       "errors": [],
       "warnings": [],
       "extra_data": {
-        "spdx_license_list_version": "3.24",
+        "spdx_license_list_version": "3.25",
         "files_count": 1
       }
     }
@@ -91,7 +91,7 @@
           "matches": [
             {
               "license_expression": "mpl-2.0 OR lgpl-3.0",
-              "spdx_license_expression": "MPL-2.0 OR LGPL-3.0-only",
+              "license_expression_spdx": "MPL-2.0 OR LGPL-3.0-only",
               "from_file": "codebase/openpdf-parent-1.3.11.pom.xml",
               "start_line": 1,
               "end_line": 4,
@@ -139,7 +139,7 @@
       "scope": "test",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -154,7 +154,7 @@
       "scope": "test",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -169,7 +169,7 @@
       "scope": "test",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -184,7 +184,7 @@
       "scope": "test",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -199,7 +199,7 @@
       "scope": "test",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -214,7 +214,7 @@
       "scope": "test",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -229,7 +229,7 @@
       "scope": "test",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -244,7 +244,7 @@
       "scope": "dependencymanagement",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -259,7 +259,7 @@
       "scope": "dependencymanagement",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -274,7 +274,7 @@
       "scope": "dependencymanagement",
       "is_runtime": false,
       "is_optional": false,
-      "is_resolved": true,
+      "is_pinned": true,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -426,7 +426,7 @@
               "matches": [
                 {
                   "license_expression": "mpl-2.0 OR lgpl-3.0",
-                  "spdx_license_expression": "MPL-2.0 OR LGPL-3.0-only",
+                  "license_expression_spdx": "MPL-2.0 OR LGPL-3.0-only",
                   "from_file": "codebase/openpdf-parent-1.3.11.pom.xml",
                   "start_line": 1,
                   "end_line": 4,
@@ -462,7 +462,7 @@
               "scope": "test",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -473,7 +473,7 @@
               "scope": "test",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -484,7 +484,7 @@
               "scope": "test",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -495,7 +495,7 @@
               "scope": "test",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -506,7 +506,7 @@
               "scope": "test",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -517,7 +517,7 @@
               "scope": "test",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -528,7 +528,7 @@
               "scope": "test",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -539,7 +539,7 @@
               "scope": "dependencymanagement",
               "is_runtime": false,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -550,7 +550,7 @@
               "scope": "dependencymanagement",
               "is_runtime": false,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -561,7 +561,7 @@
               "scope": "dependencymanagement",
               "is_runtime": false,
               "is_optional": false,
-              "is_resolved": true,
+              "is_pinned": true,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -591,7 +591,7 @@
           "matches": [
             {
               "license_expression": "mpl-2.0 OR lgpl-3.0",
-              "spdx_license_expression": "MPL-2.0 OR LGPL-3.0-only",
+              "license_expression_spdx": "MPL-2.0 OR LGPL-3.0-only",
               "from_file": "codebase/openpdf-parent-1.3.11.pom.xml",
               "start_line": 11,
               "end_line": 22,
diff --git a/scanpipe/tests/data/manifests/package.expected.json b/scanpipe/tests/data/manifests/package.expected.json
index dccc3fe6e..82812bb8b 100644
--- a/scanpipe/tests/data/manifests/package.expected.json
+++ b/scanpipe/tests/data/manifests/package.expected.json
@@ -71,7 +71,7 @@
         "scope": "dependencies",
         "is_runtime": true,
         "is_optional": false,
-        "is_resolved": false,
+        "is_pinned": false,
         "resolved_package": {},
         "extra_data": {}
       },
@@ -81,7 +81,7 @@
         "scope": "dependencies",
         "is_runtime": true,
         "is_optional": false,
-        "is_resolved": false,
+        "is_pinned": false,
         "resolved_package": {},
         "extra_data": {}
       },
@@ -91,7 +91,7 @@
         "scope": "dependencies",
         "is_runtime": true,
         "is_optional": false,
-        "is_resolved": false,
+        "is_pinned": false,
         "resolved_package": {},
         "extra_data": {}
       },
@@ -101,7 +101,7 @@
         "scope": "devDependencies",
         "is_runtime": false,
         "is_optional": true,
-        "is_resolved": false,
+        "is_pinned": false,
         "resolved_package": {},
         "extra_data": {}
       },
@@ -111,7 +111,7 @@
         "scope": "devDependencies",
         "is_runtime": false,
         "is_optional": true,
-        "is_resolved": false,
+        "is_pinned": false,
         "resolved_package": {},
         "extra_data": {}
       },
@@ -121,7 +121,7 @@
         "scope": "devDependencies",
         "is_runtime": false,
         "is_optional": true,
-        "is_resolved": false,
+        "is_pinned": false,
         "resolved_package": {},
         "extra_data": {}
       }
diff --git a/scanpipe/tests/data/matchcode/match_to_matchcode/request_post_response.json b/scanpipe/tests/data/matchcode/match_to_matchcode/request_post_response.json
index f03603af0..2d57b1c2f 100644
--- a/scanpipe/tests/data/matchcode/match_to_matchcode/request_post_response.json
+++ b/scanpipe/tests/data/matchcode/match_to_matchcode/request_post_response.json
@@ -41,7 +41,7 @@
         "total": 0,
         "is_runtime": 0,
         "is_optional": 0,
-        "is_resolved": 0
+        "is_pinned": 0
     },
     "codebase_relations_summary": {}
 }
diff --git a/scanpipe/tests/data/rootfs/basic-rootfs_root_filesystems.json b/scanpipe/tests/data/rootfs/basic-rootfs_root_filesystems.json
index e10a045c3..aade28c99 100644
--- a/scanpipe/tests/data/rootfs/basic-rootfs_root_filesystems.json
+++ b/scanpipe/tests/data/rootfs/basic-rootfs_root_filesystems.json
@@ -115,7 +115,7 @@
               "rule_relevance": 100,
               "rule_identifier": "x11-fsf.LICENSE",
               "license_expression": "x11-fsf",
-              "spdx_license_expression": "X11-distribute-modifications-variant"
+              "license_expression_spdx": "X11-distribute-modifications-variant"
             }
           ],
           "identifier": "x11_fsf-5f3d72c2-fa6a-2f7b-b859-17e7567c1724",
@@ -137,7 +137,7 @@
               "rule_relevance": 100,
               "rule_identifier": "x11-xconsortium_2.RULE",
               "license_expression": "x11-xconsortium",
-              "spdx_license_expression": "X11"
+              "license_expression_spdx": "X11"
             }
           ],
           "identifier": "x11_xconsortium-8bc3e205-5f29-ecad-90bc-2f492c65be46",
@@ -159,7 +159,7 @@
               "rule_relevance": 100,
               "rule_identifier": "bsd-new_19.RULE",
               "license_expression": "bsd-new",
-              "spdx_license_expression": "BSD-3-Clause"
+              "license_expression_spdx": "BSD-3-Clause"
             }
           ],
           "identifier": "bsd_new-ccc98c3a-92d4-e7a3-e0ba-798328cb6b98",
@@ -181,7 +181,7 @@
               "rule_relevance": 100,
               "rule_identifier": "x11-xconsortium_41.RULE",
               "license_expression": "x11-xconsortium",
-              "spdx_license_expression": "X11"
+              "license_expression_spdx": "X11"
             }
           ],
           "identifier": "x11_xconsortium-4a366de0-e107-017e-0783-8145953fe45e",
@@ -274,7 +274,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.1-plus_108.RULE",
               "license_expression": "lgpl-2.1-plus",
-              "spdx_license_expression": "LGPL-2.1-or-later"
+              "license_expression_spdx": "LGPL-2.1-or-later"
             },
             {
               "score": 100.0,
@@ -289,7 +289,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.1-plus_93.RULE",
               "license_expression": "lgpl-2.1-plus",
-              "spdx_license_expression": "LGPL-2.1-or-later"
+              "license_expression_spdx": "LGPL-2.1-or-later"
             },
             {
               "score": 100.0,
@@ -304,7 +304,7 @@
               "rule_relevance": 100,
               "rule_identifier": "lgpl-2.1_314.RULE",
               "license_expression": "lgpl-2.1",
-              "spdx_license_expression": "LGPL-2.1-only"
+              "license_expression_spdx": "LGPL-2.1-only"
             }
           ],
           "identifier": "lgpl_2_1_plus_and_lgpl_2_1-1018860f-b475-01e3-bdd4-39bf3444650e",
diff --git a/scanpipe/tests/data/scancode/daglib-0.6.0-py3-none-any.whl_scan_codebase.json b/scanpipe/tests/data/scancode/daglib-0.6.0-py3-none-any.whl_scan_codebase.json
index b916d67e4..223d18de9 100644
--- a/scanpipe/tests/data/scancode/daglib-0.6.0-py3-none-any.whl_scan_codebase.json
+++ b/scanpipe/tests/data/scancode/daglib-0.6.0-py3-none-any.whl_scan_codebase.json
@@ -89,7 +89,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -111,7 +111,7 @@
               "rule_relevance": 100,
               "rule_identifier": "pypi_mit_license.RULE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-24a5293c-14d7-5403-efac-1a8b7532c0e8",
@@ -199,7 +199,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -221,7 +221,7 @@
               "rule_relevance": 100,
               "rule_identifier": "pypi_mit_license.RULE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-24a5293c-14d7-5403-efac-1a8b7532c0e8",
@@ -260,7 +260,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/dask?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -276,7 +276,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": false,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/dask?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -292,7 +292,7 @@
       "scope": "graphviz",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/graphviz?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -308,7 +308,7 @@
       "scope": "graphviz",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/graphviz?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -324,7 +324,7 @@
       "scope": "ipycytoscape",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/ipycytoscape?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -340,7 +340,7 @@
       "scope": "ipycytoscape",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/ipycytoscape?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -356,7 +356,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/networkx?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -372,7 +372,7 @@
       "scope": "install",
       "is_runtime": true,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:pypi/networkx?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:pypi/daglib@0.6.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -455,10 +455,10 @@
               "purl": "pkg:pypi/dask",
               "scope": "install",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<2023.0.0,>=2022.7.1"
             },
@@ -466,10 +466,10 @@
               "purl": "pkg:pypi/graphviz",
               "scope": "graphviz",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<0.21,>=0.20"
             },
@@ -477,10 +477,10 @@
               "purl": "pkg:pypi/ipycytoscape",
               "scope": "ipycytoscape",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<2.0.0,>=1.3.3"
             },
@@ -488,10 +488,10 @@
               "purl": "pkg:pypi/networkx",
               "scope": "install",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<3.0.0,>=2.8.5"
             }
@@ -578,7 +578,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT"
+                  "license_expression_spdx": "MIT"
                 }
               ],
               "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -600,7 +600,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "pypi_mit_license.RULE",
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT"
+                  "license_expression_spdx": "MIT"
                 }
               ],
               "identifier": "mit-24a5293c-14d7-5403-efac-1a8b7532c0e8",
@@ -769,7 +769,7 @@
               "rule_relevance": 100,
               "rule_identifier": "mit.LICENSE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-cacd5c0c-204a-85c2-affc-e4c125b2492a",
@@ -873,10 +873,10 @@
               "purl": "pkg:pypi/dask",
               "scope": "install",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": false,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<2023.0.0,>=2022.7.1"
             },
@@ -884,10 +884,10 @@
               "purl": "pkg:pypi/graphviz",
               "scope": "graphviz",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<0.21,>=0.20"
             },
@@ -895,10 +895,10 @@
               "purl": "pkg:pypi/ipycytoscape",
               "scope": "ipycytoscape",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<2.0.0,>=1.3.3"
             },
@@ -906,10 +906,10 @@
               "purl": "pkg:pypi/networkx",
               "scope": "install",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "<3.0.0,>=2.8.5"
             }
@@ -996,7 +996,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT"
+                  "license_expression_spdx": "MIT"
                 }
               ],
               "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -1018,7 +1018,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "pypi_mit_license.RULE",
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT"
+                  "license_expression_spdx": "MIT"
                 }
               ],
               "identifier": "mit-24a5293c-14d7-5403-efac-1a8b7532c0e8",
diff --git a/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_codebase.json b/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_codebase.json
index ab995794f..a4dd341da 100644
--- a/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_codebase.json
+++ b/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_codebase.json
@@ -92,7 +92,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -133,7 +133,7 @@
       "scope": "devDependencies",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "dependency_uid": "pkg:npm/ava?uuid=fixed-uid-done-for-testing-5642512d1758",
       "for_package_uid": "pkg:npm/is-npm@1.0.0?uuid=fixed-uid-done-for-testing-5642512d1758",
@@ -363,10 +363,10 @@
               "purl": "pkg:npm/ava",
               "scope": "devDependencies",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": false,
               "resolved_package": {},
               "extracted_requirement": "0.0.3"
             }
@@ -396,7 +396,7 @@
                   "rule_relevance": 100,
                   "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT"
+                  "license_expression_spdx": "MIT"
                 }
               ],
               "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
@@ -460,7 +460,7 @@
               "rule_relevance": 100,
               "rule_identifier": "mit_30.RULE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-3fce6ea2-8abd-6c6b-3ede-a37af7c6efee",
diff --git a/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package.json b/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package.json
index db1010775..3081eadbd 100644
--- a/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package.json
+++ b/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package.json
@@ -14,12 +14,12 @@
         "--summary": true
       },
       "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.",
-      "output_format_version": "3.2.0",
+      "output_format_version": "4.0.0",
       "message": null,
       "errors": [],
       "warnings": [],
       "extra_data": {
-        "spdx_license_list_version": "3.24",
+        "spdx_license_list_version": "3.25",
         "files_count": 3
       }
     }
@@ -98,7 +98,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/package/package.json",
               "start_line": 1,
               "end_line": 1,
@@ -148,7 +148,7 @@
       "scope": "devDependencies",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -379,7 +379,7 @@
               "matches": [
                 {
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT",
+                  "license_expression_spdx": "MIT",
                   "from_file": "codebase/package/package.json",
                   "start_line": 1,
                   "end_line": 1,
@@ -417,7 +417,7 @@
               "scope": "devDependencies",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -447,7 +447,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/package/package.json",
               "start_line": 5,
               "end_line": 5,
@@ -526,7 +526,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/package/readme.md",
               "start_line": 28,
               "end_line": 30,
diff --git a/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package_summary.json b/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package_summary.json
index a683ec1a0..4f7ff1b45 100644
--- a/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package_summary.json
+++ b/scanpipe/tests/data/scancode/is-npm-1.0.0_scan_package_summary.json
@@ -92,7 +92,7 @@
               "rule_relevance": 100,
               "rule_identifier": "mit_30.RULE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-3fce6ea2-8abd-6c6b-3ede-a37af7c6efee",
@@ -209,7 +209,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
diff --git a/scanpipe/tests/data/scancode/is-npm-1.0.0_summary.json b/scanpipe/tests/data/scancode/is-npm-1.0.0_summary.json
index 8b323454b..04ad576e1 100644
--- a/scanpipe/tests/data/scancode/is-npm-1.0.0_summary.json
+++ b/scanpipe/tests/data/scancode/is-npm-1.0.0_summary.json
@@ -95,7 +95,7 @@
               "rule_relevance": 100,
               "rule_identifier": "mit_30.RULE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-3fce6ea2-8abd-6c6b-3ede-a37af7c6efee",
@@ -216,7 +216,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
diff --git a/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package.json b/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package.json
index fcba01031..c560a27e6 100644
--- a/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package.json
+++ b/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package.json
@@ -14,12 +14,12 @@
         "--summary": true
       },
       "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.",
-      "output_format_version": "3.2.0",
+      "output_format_version": "4.0.0",
       "message": null,
       "errors": [],
       "warnings": [],
       "extra_data": {
-        "spdx_license_list_version": "3.24",
+        "spdx_license_list_version": "3.25",
         "files_count": 6
       }
     }
@@ -98,7 +98,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/is-npm/package.json",
               "start_line": 1,
               "end_line": 1,
@@ -186,7 +186,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/is-npm/node_modules/is-npm/package.json",
               "start_line": 1,
               "end_line": 1,
@@ -236,7 +236,7 @@
       "scope": "devDependencies",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -251,7 +251,7 @@
       "scope": "devDependencies",
       "is_runtime": false,
       "is_optional": true,
-      "is_resolved": false,
+      "is_pinned": false,
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
@@ -592,7 +592,7 @@
               "matches": [
                 {
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT",
+                  "license_expression_spdx": "MIT",
                   "from_file": "codebase/is-npm/node_modules/is-npm/package.json",
                   "start_line": 1,
                   "end_line": 1,
@@ -630,7 +630,7 @@
               "scope": "devDependencies",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -660,7 +660,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/is-npm/node_modules/is-npm/package.json",
               "start_line": 5,
               "end_line": 5,
@@ -739,7 +739,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/is-npm/node_modules/is-npm/readme.md",
               "start_line": 28,
               "end_line": 30,
@@ -862,7 +862,7 @@
               "matches": [
                 {
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT",
+                  "license_expression_spdx": "MIT",
                   "from_file": "codebase/is-npm/package.json",
                   "start_line": 1,
                   "end_line": 1,
@@ -900,7 +900,7 @@
               "scope": "devDependencies",
               "is_runtime": false,
               "is_optional": true,
-              "is_resolved": false,
+              "is_pinned": false,
               "is_direct": true,
               "resolved_package": {},
               "extra_data": {}
@@ -930,7 +930,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/is-npm/package.json",
               "start_line": 5,
               "end_line": 5,
@@ -1009,7 +1009,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "codebase/is-npm/readme.md",
               "start_line": 28,
               "end_line": 30,
diff --git a/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package_summary.json b/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package_summary.json
index dd045cd1e..493ae5e4f 100644
--- a/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package_summary.json
+++ b/scanpipe/tests/data/scancode/multiple-is-npm-1.0.0_scan_package_summary.json
@@ -116,7 +116,7 @@
               "rule_relevance": 100,
               "rule_identifier": "mit_30.RULE",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-3fce6ea2-8abd-6c6b-3ede-a37af7c6efee",
@@ -233,7 +233,7 @@
               "rule_relevance": 100,
               "rule_identifier": "spdx-license-identifier-mit-5da48780aba670b0860c46d899ed42a0f243ff06",
               "license_expression": "mit",
-              "spdx_license_expression": "MIT"
+              "license_expression_spdx": "MIT"
             }
           ],
           "identifier": "mit-a822f434-d61f-f2b1-c792-8b8cb9e7b9bf",
diff --git a/scanpipe/tests/data/scancode/package_assembly_codebase.json b/scanpipe/tests/data/scancode/package_assembly_codebase.json
index 1df477a57..496456958 100644
--- a/scanpipe/tests/data/scancode/package_assembly_codebase.json
+++ b/scanpipe/tests/data/scancode/package_assembly_codebase.json
@@ -62,7 +62,7 @@
           "matches": [
             {
               "license_expression": "mit",
-              "spdx_license_expression": "MIT",
+              "license_expression_spdx": "MIT",
               "from_file": "package_assembly_codebase.tar.gz-extract/test/get_package_resources/package.json",
               "start_line": 1,
               "end_line": 1,
@@ -238,7 +238,7 @@
               "matches": [
                 {
                   "license_expression": "mit",
-                  "spdx_license_expression": "MIT",
+                  "license_expression_spdx": "MIT",
                   "from_file": "package_assembly_codebase.tar.gz-extract/test/get_package_resources/package.json",
                   "start_line": 1,
                   "end_line": 1,
diff --git a/scanpipe/tests/pipes/test_input.py b/scanpipe/tests/pipes/test_input.py
index d52c76698..d81f92e24 100644
--- a/scanpipe/tests/pipes/test_input.py
+++ b/scanpipe/tests/pipes/test_input.py
@@ -174,7 +174,7 @@ def test_scanpipe_pipes_input_clean_xlsx_data_to_model_data_dependency(self):
             "scope": "install",
             "is_runtime": "True",
             "is_optional": None,
-            "is_resolved": None,
+            "is_pinned": None,
             "dependency_uid": "pkg:pypi/typing-extensions?uuid=57a6f83a-1763",
             "for_package_uid": "pkg:pypi/asgiref@3.6.0?uuid=0aa676d0-240c-4838",
             "datafile_path": "asgiref-3.6.0.dist-info/METADATA",
diff --git a/scanpipe/tests/pipes/test_resolve.py b/scanpipe/tests/pipes/test_resolve.py
index b48fd88c1..c0bdff537 100644
--- a/scanpipe/tests/pipes/test_resolve.py
+++ b/scanpipe/tests/pipes/test_resolve.py
@@ -248,7 +248,7 @@ def test_scanpipe_resolve_create_dependencies_from_packages_extra_data(self):
         self.assertEqual(parent, dependency.for_package)
         self.assertEqual(child, dependency.resolved_to_package)
         self.assertTrue(dependency.is_runtime)
-        self.assertTrue(dependency.is_resolved)
+        self.assertTrue(dependency.is_pinned)
         self.assertTrue(dependency.is_direct)
         self.assertFalse(dependency.is_optional)
 
diff --git a/scanpipe/tests/test_api.py b/scanpipe/tests/test_api.py
index d403e69a8..3c56d3df6 100644
--- a/scanpipe/tests/test_api.py
+++ b/scanpipe/tests/test_api.py
@@ -213,7 +213,7 @@ def test_scanpipe_api_project_detail(self):
             "total": 1,
             "is_runtime": 1,
             "is_optional": 0,
-            "is_resolved": 0,
+            "is_pinned": 0,
         }
         self.assertEqual(expected, response.data["discovered_dependencies_summary"])
 
diff --git a/scanpipe/tests/test_filters.py b/scanpipe/tests/test_filters.py
index 9a503e469..30a882def 100644
--- a/scanpipe/tests/test_filters.py
+++ b/scanpipe/tests/test_filters.py
@@ -244,11 +244,11 @@ def test_scanpipe_filters_dependency_filterset(self):
         d1 = DiscoveredDependency.create_from_data(self.project1, dependency_data1)
         d2 = DiscoveredDependency.create_from_data(self.project1, dependency_data2)
 
-        filterset = DependencyFilterSet(data={"is_resolved": ""})
+        filterset = DependencyFilterSet(data={"is_pinned": ""})
         self.assertEqual(2, len(filterset.qs))
-        filterset = DependencyFilterSet(data={"is_resolved": True})
+        filterset = DependencyFilterSet(data={"is_pinned": True})
         self.assertEqual([d2], list(filterset.qs))
-        filterset = DependencyFilterSet(data={"is_resolved": False})
+        filterset = DependencyFilterSet(data={"is_pinned": False})
         self.assertEqual([d1], list(filterset.qs))
 
         filterset = DependencyFilterSet(data={"type": ""})
diff --git a/scanpipe/tests/test_models.py b/scanpipe/tests/test_models.py
index 9e1758627..ed2d95620 100644
--- a/scanpipe/tests/test_models.py
+++ b/scanpipe/tests/test_models.py
@@ -2031,7 +2031,7 @@ def test_scanpipe_webhook_subscription_model_get_payload(self):
                     "total": 0,
                     "is_runtime": 0,
                     "is_optional": 0,
-                    "is_resolved": 0,
+                    "is_pinned": 0,
                 },
                 "codebase_relations_summary": {},
                 "results_url": f"/api/projects/{self.project1.uuid}/results/",
@@ -2723,7 +2723,7 @@ def test_scanpipe_discovered_dependency_model_create_from_data(self):
         self.assertEqual("install", dependency.scope)
         self.assertTrue(dependency.is_runtime)
         self.assertFalse(dependency.is_optional)
-        self.assertFalse(dependency.is_resolved)
+        self.assertFalse(dependency.is_pinned)
         self.assertEqual(
             "pkg:pypi/dask?uuid=e656b571-7d3f-46d1-b95b-8f037aef9692",
             dependency.dependency_uid,
diff --git a/scanpipe/views.py b/scanpipe/views.py
index 56ec8ad37..16c224dae 100644
--- a/scanpipe/views.py
+++ b/scanpipe/views.py
@@ -902,7 +902,7 @@ def get_context_data(self, **kwargs):
             },
             "dependency": {
                 "queryset": project.discovereddependencies,
-                "fields": ["type", "is_runtime", "is_optional", "is_resolved"],
+                "fields": ["type", "is_runtime", "is_optional", "is_pinned"],
             },
         }
 
@@ -1576,8 +1576,8 @@ class DiscoveredDependencyListView(
             "filter_fieldname": "is_optional",
         },
         {
-            "field_name": "is_resolved",
-            "filter_fieldname": "is_resolved",
+            "field_name": "is_pinned",
+            "filter_fieldname": "is_pinned",
         },
         {
             "field_name": "is_direct",
@@ -2096,7 +2096,7 @@ class DiscoveredDependencyDetailsView(
                 "resolved_to_package_uid",
                 "is_runtime",
                 "is_optional",
-                "is_resolved",
+                "is_pinned",
                 "is_direct",
             ],
             "icon_class": "fa-solid fa-info-circle",

From 2d8fa78590714c6d4d1d782fdad54ff811382035 Mon Sep 17 00:00:00 2001
From: Ayan Sinha Mahapatra <ayansmahapatra@gmail.com>
Date: Wed, 30 Oct 2024 17:36:20 +0530
Subject: [PATCH 3/3] Regen scancode scan fixtures

Signed-off-by: Ayan Sinha Mahapatra <ayansmahapatra@gmail.com>
---
 .../data/asgiref/asgiref-3.3.0.spdx.json      |  42 +++----
 .../data/asgiref/asgiref-3.3.0_fixtures.json  | 109 +++++++++---------
 ...asgiref-3.3.0_load_inventory_expected.json |  24 ++--
 .../asgiref-3.3.0_scanpipe_output.json        |  94 +++++++--------
 .../asgiref/asgiref-3.3.0_toolkit_scan.json   |  86 +++++++-------
 .../asgiref-3.3.0_walk_test_fixtures.json     | 109 +++++++++---------
 .../data/cyclonedx/asgiref-3.3.0.cdx.json     |  22 ++--
 .../scancode/package_assembly_codebase.json   |  24 ++--
 scanpipe/tests/pipes/test_output.py           |   2 +-
 9 files changed, 261 insertions(+), 251 deletions(-)

diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0.spdx.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0.spdx.json
index 0554dc617..0485436e8 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0.spdx.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0.spdx.json
@@ -3,7 +3,7 @@
   "dataLicense": "CC0-1.0",
   "SPDXID": "SPDXRef-DOCUMENT",
   "name": "scancodeio_asgiref",
-  "documentNamespace": "https://scancode.io/spdxdocs/2f5f5927-2cad-4ecb-9043-fda5337bd501",
+  "documentNamespace": "https://scancode.io/spdxdocs/24c1b665-7fb2-4e0c-8785-cba72fb35df0",
   "creationInfo": {
     "created": "2000-01-01T01:02:03Z",
     "creators": [
@@ -14,7 +14,7 @@
   "packages": [
     {
       "name": "asgiref",
-      "SPDXID": "SPDXRef-scancodeio-discoveredpackage-75b6bb66-de86-4a35-a780-bc1f635f11f4",
+      "SPDXID": "SPDXRef-scancodeio-discoveredpackage-101147dd-f8a7-4ea3-87a1-01b9b0af5d4f",
       "downloadLocation": "NOASSERTION",
       "licenseConcluded": "BSD-3-Clause",
       "copyrightText": "NOASSERTION",
@@ -33,7 +33,7 @@
     },
     {
       "name": "asgiref",
-      "SPDXID": "SPDXRef-scancodeio-discoveredpackage-d10827fc-bcd1-4c10-ad6c-972dd4defa9c",
+      "SPDXID": "SPDXRef-scancodeio-discoveredpackage-b5035991-5b4b-40be-b68b-1c9c528078cd",
       "downloadLocation": "NOASSERTION",
       "licenseConcluded": "BSD-3-Clause",
       "copyrightText": "NOASSERTION",
@@ -52,7 +52,7 @@
     },
     {
       "name": "pytest",
-      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=0928ca6e-d50e-439a-847d-ecb1366a8f2a",
+      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=cfa26c80-95fc-4da3-a290-5e7403d0d9bc",
       "downloadLocation": "NOASSERTION",
       "licenseConcluded": "NOASSERTION",
       "copyrightText": "NOASSERTION",
@@ -68,7 +68,7 @@
     },
     {
       "name": "pytest",
-      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=94372d19-8ab8-4b16-b6a7-72478e0b4cc4",
+      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=bfafc414-739f-4747-bfb0-1b3ad03d62c7",
       "downloadLocation": "NOASSERTION",
       "licenseConcluded": "NOASSERTION",
       "copyrightText": "NOASSERTION",
@@ -84,7 +84,7 @@
     },
     {
       "name": "pytest-asyncio",
-      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=ccd9eb22-778d-4bd4-af59-8b63e4163b22",
+      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=68b8d3cb-eddb-4727-b6cb-707dde279301",
       "downloadLocation": "NOASSERTION",
       "licenseConcluded": "NOASSERTION",
       "copyrightText": "NOASSERTION",
@@ -100,7 +100,7 @@
     },
     {
       "name": "pytest-asyncio",
-      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=e751ec65-9351-4949-ae8f-5bc1a9efa336",
+      "SPDXID": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=570878e1-aa7c-46bc-9216-122b73b34f9b",
       "downloadLocation": "NOASSERTION",
       "licenseConcluded": "NOASSERTION",
       "copyrightText": "NOASSERTION",
@@ -116,33 +116,33 @@
     }
   ],
   "documentDescribes": [
-    "SPDXRef-scancodeio-discoveredpackage-75b6bb66-de86-4a35-a780-bc1f635f11f4",
-    "SPDXRef-scancodeio-discoveredpackage-d10827fc-bcd1-4c10-ad6c-972dd4defa9c",
-    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=0928ca6e-d50e-439a-847d-ecb1366a8f2a",
-    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=94372d19-8ab8-4b16-b6a7-72478e0b4cc4",
-    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=ccd9eb22-778d-4bd4-af59-8b63e4163b22",
-    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=e751ec65-9351-4949-ae8f-5bc1a9efa336"
+    "SPDXRef-scancodeio-discoveredpackage-101147dd-f8a7-4ea3-87a1-01b9b0af5d4f",
+    "SPDXRef-scancodeio-discoveredpackage-b5035991-5b4b-40be-b68b-1c9c528078cd",
+    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=cfa26c80-95fc-4da3-a290-5e7403d0d9bc",
+    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=bfafc414-739f-4747-bfb0-1b3ad03d62c7",
+    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=68b8d3cb-eddb-4727-b6cb-707dde279301",
+    "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=570878e1-aa7c-46bc-9216-122b73b34f9b"
   ],
   "files": [],
   "relationships": [
     {
-      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=0928ca6e-d50e-439a-847d-ecb1366a8f2a",
-      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-75b6bb66-de86-4a35-a780-bc1f635f11f4",
+      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=cfa26c80-95fc-4da3-a290-5e7403d0d9bc",
+      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-101147dd-f8a7-4ea3-87a1-01b9b0af5d4f",
       "relationshipType": "DEPENDENCY_OF"
     },
     {
-      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=94372d19-8ab8-4b16-b6a7-72478e0b4cc4",
-      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-d10827fc-bcd1-4c10-ad6c-972dd4defa9c",
+      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest?uuid=bfafc414-739f-4747-bfb0-1b3ad03d62c7",
+      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-b5035991-5b4b-40be-b68b-1c9c528078cd",
       "relationshipType": "DEPENDENCY_OF"
     },
     {
-      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=ccd9eb22-778d-4bd4-af59-8b63e4163b22",
-      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-75b6bb66-de86-4a35-a780-bc1f635f11f4",
+      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=68b8d3cb-eddb-4727-b6cb-707dde279301",
+      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-101147dd-f8a7-4ea3-87a1-01b9b0af5d4f",
       "relationshipType": "DEPENDENCY_OF"
     },
     {
-      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=e751ec65-9351-4949-ae8f-5bc1a9efa336",
-      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-d10827fc-bcd1-4c10-ad6c-972dd4defa9c",
+      "spdxElementId": "SPDXRef-scancodeio-discovereddependency-pkg:pypi/pytest-asyncio?uuid=570878e1-aa7c-46bc-9216-122b73b34f9b",
+      "relatedSpdxElement": "SPDXRef-scancodeio-discoveredpackage-b5035991-5b4b-40be-b68b-1c9c528078cd",
       "relationshipType": "DEPENDENCY_OF"
     }
   ],
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json
index 16670cd4f..99128c376 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_fixtures.json
@@ -1,13 +1,13 @@
 [
 {
   "model": "scanpipe.project",
-  "pk": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+  "pk": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
   "fields": {
     "extra_data": {},
-    "created_date": "2024-06-27T14:35:14.839Z",
+    "created_date": "2024-10-30T10:37:43.288Z",
     "name": "asgiref",
-    "slug": "asgiref-2f5f5927",
-    "work_directory": "/tmp/tmp4olqovm8/projects/asgiref-2f5f5927",
+    "slug": "asgiref-24c1b665",
+    "work_directory": "/tmp/tmppvadhlgm/projects/asgiref-24c1b665",
     "is_archived": false,
     "notes": "",
     "settings": {}
@@ -15,21 +15,22 @@
 },
 {
   "model": "scanpipe.run",
-  "pk": "41bd06fa-6e75-45e9-8476-5602d1c1433f",
+  "pk": "311727fe-1d8d-4324-b298-976582616a9f",
   "fields": {
     "task_id": null,
     "task_start_date": null,
     "task_end_date": null,
     "task_exitcode": null,
     "task_output": "",
-    "log": "2024-06-27 14:35:14.84 Pipeline [scan_codebase] starting\n2024-06-27 14:35:14.84 Step [download_missing_inputs] starting\n2024-06-27 14:35:14.84 Step [download_missing_inputs] completed in 0 seconds\n2024-06-27 14:35:14.84 Step [copy_inputs_to_codebase_directory] starting\n2024-06-27 14:35:14.84 Step [copy_inputs_to_codebase_directory] completed in 0 seconds\n2024-06-27 14:35:14.84 Step [extract_archives] starting\n2024-06-27 14:35:14.89 Step [extract_archives] completed in 0 seconds\n2024-06-27 14:35:14.89 Step [collect_and_create_codebase_resources] starting\n2024-06-27 14:35:14.96 Step [collect_and_create_codebase_resources] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [flag_empty_files] starting\n2024-06-27 14:35:14.96 Step [flag_empty_files] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [flag_ignored_resources] starting\n2024-06-27 14:35:14.96 Step [flag_ignored_resources] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [scan_for_application_packages] starting\n2024-06-27 14:35:14.98 Progress: 11% (2/18)\n2024-06-27 14:35:14.99 Progress: 22% (4/18)\n2024-06-27 14:35:14.99 Progress: 33% (6/18)\n2024-06-27 14:35:14.99 Progress: 44% (8/18)\n2024-06-27 14:35:14.99 Progress: 55% (10/18)\n2024-06-27 14:35:14.99 Progress: 66% (12/18)\n2024-06-27 14:35:14.99 Progress: 77% (14/18)\n2024-06-27 14:35:14.99 Progress: 88% (16/18)\n2024-06-27 14:35:17.74 Progress: 100% (18/18)\n2024-06-27 14:35:17.94 Step [scan_for_application_packages] completed in 3 seconds\n2024-06-27 14:35:17.94 Step [scan_for_files] starting\n2024-06-27 14:37:12.49 Progress: 12% (2/16) ETA: 840 seconds (14.0 minutes)\n2024-06-27 14:37:12.97 Progress: 25% (4/16) ETA: 345 seconds (5.8 minutes)\n2024-06-27 14:37:13.21 Progress: 37% (6/16) ETA: 196 seconds (3.3 minutes)\n2024-06-27 14:37:13.26 Progress: 50% (8/16) ETA: 115 seconds (1.9 minutes)\n2024-06-27 14:37:13.47 Progress: 62% (10/16) ETA: 71 seconds (1.2 minutes)\n2024-06-27 14:37:13.57 Progress: 75% (12/16) ETA: 39 seconds\n2024-06-27 14:37:13.64 Progress: 87% (14/16) ETA: 17 seconds\n2024-06-27 14:37:13.99 Progress: 100% (16/16)\n2024-06-27 14:37:14.17 Step [scan_for_files] completed in 116 seconds (1.9 minutes)\n2024-06-27 14:37:14.17 Pipeline completed in 119 seconds (2.0 minutes)\n",
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "log": "2024-10-30 10:37:43.294 Pipeline [scan_codebase] starting\n2024-10-30 10:37:43.295 Step [download_missing_inputs] starting\n2024-10-30 10:37:43.296 Step [download_missing_inputs] completed in 0 seconds\n2024-10-30 10:37:43.297 Step [copy_inputs_to_codebase_directory] starting\n2024-10-30 10:37:43.298 Step [copy_inputs_to_codebase_directory] completed in 0 seconds\n2024-10-30 10:37:43.298 Step [extract_archives] starting\n2024-10-30 10:37:43.355 Step [extract_archives] completed in 0 seconds\n2024-10-30 10:37:43.356 Step [collect_and_create_codebase_resources] starting\n2024-10-30 10:37:43.524 Step [collect_and_create_codebase_resources] completed in 0 seconds\n2024-10-30 10:37:43.525 Step [flag_empty_files] starting\n2024-10-30 10:37:43.527 Step [flag_empty_files] completed in 0 seconds\n2024-10-30 10:37:43.528 Step [flag_ignored_resources] starting\n2024-10-30 10:37:43.529 Step [flag_ignored_resources] completed in 0 seconds\n2024-10-30 10:37:43.530 Step [scan_for_application_packages] starting\n2024-10-30 10:37:43.550 Progress: 11% (2/18)\n2024-10-30 10:37:43.563 Progress: 22% (4/18)\n2024-10-30 10:37:43.566 Progress: 33% (6/18)\n2024-10-30 10:37:43.567 Progress: 44% (8/18)\n2024-10-30 10:37:43.568 Progress: 55% (10/18)\n2024-10-30 10:37:43.569 Progress: 66% (12/18)\n2024-10-30 10:37:43.569 Progress: 77% (14/18)\n2024-10-30 10:37:43.569 Progress: 88% (16/18)\n2024-10-30 10:37:46.313 Progress: 100% (18/18)\n2024-10-30 10:37:46.475 Step [scan_for_application_packages] completed in 3 seconds\n2024-10-30 10:37:46.477 Step [scan_for_files] starting\n2024-10-30 10:37:54.667 Progress: 12% (2/16) ETA: 60 seconds\n2024-10-30 10:37:54.684 Progress: 25% (4/16) ETA: 25 seconds\n2024-10-30 10:37:54.772 Progress: 37% (6/16) ETA: 14 seconds\n2024-10-30 10:37:54.813 Progress: 50% (8/16) ETA: 8 seconds\n2024-10-30 10:37:54.879 Progress: 62% (10/16) ETA: 5 seconds\n2024-10-30 10:37:54.987 Progress: 75% (12/16) ETA: 3 seconds\n2024-10-30 10:37:55.147 Progress: 87% (14/16) ETA: 1 seconds\n2024-10-30 10:37:55.341 Progress: 100% (16/16)\n2024-10-30 10:37:55.465 Step [scan_for_files] completed in 9 seconds\n2024-10-30 10:37:55.466 Pipeline completed in 12 seconds\n",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "pipeline_name": "scan_codebase",
-    "created_date": "2024-06-27T14:35:14.841Z",
+    "created_date": "2024-10-30T10:37:43.293Z",
     "scancodeio_version": "",
     "description": "Scan a codebase for application packages, licenses, and copyrights.",
     "current_step": "",
-    "selected_groups": null
+    "selected_groups": null,
+    "selected_steps": null
   }
 },
 {
@@ -41,7 +42,7 @@
     "sha256": "a5098bc870b80e7b872bff60bb363c7f2c2c89078759f6c47b53ff8c525a152e",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -128,23 +129,23 @@
             "purl": "pkg:pypi/pytest",
             "scope": "tests",
             "is_direct": true,
+            "is_pinned": false,
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_pinned": false,
             "resolved_package": {},
-            "extracted_requirement": "pytest; extra == \"tests\""
+            "extracted_requirement": null
           },
           {
             "purl": "pkg:pypi/pytest-asyncio",
             "scope": "tests",
             "is_direct": true,
+            "is_pinned": false,
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_pinned": false,
             "resolved_package": {},
-            "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+            "extracted_requirement": null
           }
         ],
         "download_url": null,
@@ -350,7 +351,7 @@
     "sha256": "",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -394,7 +395,7 @@
     "sha256": "",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -438,7 +439,7 @@
     "sha256": "",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -482,7 +483,7 @@
     "sha256": "6e89108c2cf0c0446174188f76f60465ae1c1f14f83427807df40d52a27cb2c8",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -526,7 +527,7 @@
     "sha256": "b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "bsd-new",
     "detected_license_expression_spdx": "BSD-3-Clause",
     "license_detections": [
@@ -605,7 +606,7 @@
     "sha256": "70f98f4eb9f6068b192b5464fcdf69e29a8ff09962bfce84bbb052baeee44f33",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -692,23 +693,23 @@
             "purl": "pkg:pypi/pytest",
             "scope": "tests",
             "is_direct": true,
+            "is_pinned": false,
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_pinned": false,
             "resolved_package": {},
-            "extracted_requirement": "pytest; extra == \"tests\""
+            "extracted_requirement": null
           },
           {
             "purl": "pkg:pypi/pytest-asyncio",
             "scope": "tests",
             "is_direct": true,
+            "is_pinned": false,
             "extra_data": {},
             "is_runtime": true,
             "is_optional": true,
-            "is_pinned": false,
             "resolved_package": {},
-            "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+            "extracted_requirement": null
           }
         ],
         "download_url": null,
@@ -914,7 +915,7 @@
     "sha256": "11546323af45e6a5639bf620a9c4d73e74c0bf705f494af4595007b923f75e8a",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -958,7 +959,7 @@
     "sha256": "2c1983592aa38f0bfb0afacc73ddc5b46ce10e8e89ceaa9fed1e5fc6361b608d",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1002,7 +1003,7 @@
     "sha256": "30f49b9094bff904a42caeec32515715fe625a56dc48bd7c0e3d9988c0ad4bd7",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1046,7 +1047,7 @@
     "sha256": "fa4651a3b79201a4dc44a4096cd49ec8f427e912ea0ee05c666357b413a8afe7",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1090,7 +1091,7 @@
     "sha256": "ee0fcf4a8e6fa9df8a4643bb48e82892d496afce44b6c8b8aea2721755545e1c",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1134,7 +1135,7 @@
     "sha256": "3151f66c476208c3154cb6c4fb557a2a253bab82f0ab33fb3c8b9f7976be9e33",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1178,7 +1179,7 @@
     "sha256": "ddd445b778c097fc75c2bf69ad964cbadd3bd6999d1dd2306d39d401855e8e3e",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1222,7 +1223,7 @@
     "sha256": "ddbc8d455eceb68fc583c67e7c4ad0277c867fb39095c51ec5b37f70342e8334",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1266,7 +1267,7 @@
     "sha256": "126c3e3a8a75a517d2739612304607804cf5f34da63fa25d03a6f11f7edb6f2f",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "apache-2.0",
     "detected_license_expression_spdx": "Apache-2.0",
     "license_detections": [
@@ -1349,7 +1350,7 @@
     "sha256": "f8bd1ea3fb8afddabb10f8efd66796d41446cad51168ef4d3c44b19c973d0ad0",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1393,7 +1394,7 @@
     "sha256": "885267fee0fea687875a02ceb929ca095312d47aaa57e20e4ce382f397caaf4d",
     "sha512": "",
     "extra_data": {},
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "detected_license_expression": "",
     "detected_license_expression_spdx": "",
     "license_detections": [],
@@ -1447,7 +1448,7 @@
       "Documentation": "https://asgi.readthedocs.io/",
       "Further Documentation": "https://docs.djangoproject.com/en/stable/topics/async/#async-adapter-functions"
     },
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "compliance_alert": "",
     "affected_by_vulnerabilities": [],
     "filename": "",
@@ -1536,10 +1537,10 @@
         "email": "foundation@djangoproject.com"
       }
     ],
-    "uuid": "75b6bb66-de86-4a35-a780-bc1f635f11f4",
+    "uuid": "101147dd-f8a7-4ea3-87a1-01b9b0af5d4f",
     "missing_resources": [],
     "modified_resources": [],
-    "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
+    "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb",
     "keywords": [
       "Development Status :: 5 - Production/Stable",
       "Environment :: Web Environment",
@@ -1554,6 +1555,7 @@
       "Programming Language :: Python :: 3.8",
       "Topic :: Internet :: WWW/HTTP"
     ],
+    "notes": "",
     "source_packages": [],
     "tag": "",
     "codebase_resources": [
@@ -1580,7 +1582,7 @@
       "Documentation": "https://asgi.readthedocs.io/",
       "Further Documentation": "https://docs.djangoproject.com/en/stable/topics/async/#async-adapter-functions"
     },
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "compliance_alert": "",
     "affected_by_vulnerabilities": [],
     "filename": "",
@@ -1669,10 +1671,10 @@
         "email": "foundation@djangoproject.com"
       }
     ],
-    "uuid": "d10827fc-bcd1-4c10-ad6c-972dd4defa9c",
+    "uuid": "b5035991-5b4b-40be-b68b-1c9c528078cd",
     "missing_resources": [],
     "modified_resources": [],
-    "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
+    "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9",
     "keywords": [
       "Development Status :: 5 - Production/Stable",
       "Environment :: Web Environment",
@@ -1687,6 +1689,7 @@
       "Programming Language :: Python :: 3.8",
       "Topic :: Internet :: WWW/HTTP"
     ],
+    "notes": "",
     "source_packages": [],
     "tag": "",
     "codebase_resources": [
@@ -1718,12 +1721,12 @@
     "qualifiers": "",
     "subpath": "",
     "affected_by_vulnerabilities": [],
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-    "dependency_uid": "pkg:pypi/pytest?uuid=0928ca6e-d50e-439a-847d-ecb1366a8f2a",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+    "dependency_uid": "pkg:pypi/pytest?uuid=cfa26c80-95fc-4da3-a290-5e7403d0d9bc",
     "for_package": 1,
     "resolved_to_package": null,
     "datafile_resource": 1,
-    "extracted_requirement": "pytest; extra == \"tests\"",
+    "extracted_requirement": "",
     "scope": "tests",
     "datasource_id": "pypi_wheel",
     "is_runtime": true,
@@ -1743,12 +1746,12 @@
     "qualifiers": "",
     "subpath": "",
     "affected_by_vulnerabilities": [],
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-    "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=ccd9eb22-778d-4bd4-af59-8b63e4163b22",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+    "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=68b8d3cb-eddb-4727-b6cb-707dde279301",
     "for_package": 1,
     "resolved_to_package": null,
     "datafile_resource": 1,
-    "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+    "extracted_requirement": "",
     "scope": "tests",
     "datasource_id": "pypi_wheel",
     "is_runtime": true,
@@ -1768,12 +1771,12 @@
     "qualifiers": "",
     "subpath": "",
     "affected_by_vulnerabilities": [],
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-    "dependency_uid": "pkg:pypi/pytest?uuid=94372d19-8ab8-4b16-b6a7-72478e0b4cc4",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+    "dependency_uid": "pkg:pypi/pytest?uuid=bfafc414-739f-4747-bfb0-1b3ad03d62c7",
     "for_package": 2,
     "resolved_to_package": null,
     "datafile_resource": 7,
-    "extracted_requirement": "pytest; extra == \"tests\"",
+    "extracted_requirement": "",
     "scope": "tests",
     "datasource_id": "pypi_wheel_metadata",
     "is_runtime": true,
@@ -1793,12 +1796,12 @@
     "qualifiers": "",
     "subpath": "",
     "affected_by_vulnerabilities": [],
-    "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-    "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=e751ec65-9351-4949-ae8f-5bc1a9efa336",
+    "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+    "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=570878e1-aa7c-46bc-9216-122b73b34f9b",
     "for_package": 2,
     "resolved_to_package": null,
     "datafile_resource": 7,
-    "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+    "extracted_requirement": "",
     "scope": "tests",
     "datasource_id": "pypi_wheel_metadata",
     "is_runtime": true,
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json
index d1a635366..c6cff1ba8 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_load_inventory_expected.json
@@ -276,7 +276,7 @@
   "dependencies": [
     {
       "purl": "pkg:pypi/pytest",
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -292,7 +292,7 @@
     },
     {
       "purl": "pkg:pypi/pytest",
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -308,7 +308,7 @@
     },
     {
       "purl": "pkg:pypi/pytest-asyncio",
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -324,7 +324,7 @@
     },
     {
       "purl": "pkg:pypi/pytest-asyncio",
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -422,23 +422,23 @@
               "purl": "pkg:pypi/pytest",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest; extra == \"tests\""
+              "extracted_requirement": null
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+              "extracted_requirement": null
             }
           ],
           "download_url": null,
@@ -933,23 +933,23 @@
               "purl": "pkg:pypi/pytest",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest; extra == \"tests\""
+              "extracted_requirement": null
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+              "extracted_requirement": null
             }
           ],
           "download_url": null,
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json
index 982bd09fa..3fbc82f35 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_scanpipe_output.json
@@ -2,18 +2,18 @@
   "headers": [
     {
       "tool_name": "scanpipe",
-      "tool_version": "v34.6.2-11-g72cef36",
+      "tool_version": "v34.8.2-2-gdde1fc5b",
       "other_tools": [
-        "pkg:pypi/scancode-toolkit@32.2.0"
+        "pkg:pypi/scancode-toolkit@v34.8.2-2-gdde1fc5b"
       ],
       "notice": "Generated with ScanCode.io and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied.\nNo content created from ScanCode.io should be considered or used as legal advice.\nConsult an Attorney for any legal advice.\nScanCode.io is a free software code scanning tool from nexB Inc. and others\nlicensed under the Apache License version 2.0.\nScanCode is a trademark of nexB Inc.\nVisit https://github.com/nexB/scancode.io for support and download.\n",
-      "uuid": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-      "created_date": "2024-06-27T14:35:14.839Z",
+      "uuid": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+      "created_date": "2024-10-30T10:37:43.288Z",
       "notes": "",
       "settings": {},
       "input_sources": [
         {
-          "uuid": "0a1db27f-b451-48b6-9ba6-87770e62fd50",
+          "uuid": "ddfe7f00-0bd7-4a5e-a5f7-3ff8bf088b00",
           "filename": "asgiref-3.3.0-py3-none-any.whl",
           "download_url": "",
           "is_uploaded": true,
@@ -28,15 +28,17 @@
           "pipeline_name": "scan_codebase",
           "status": "not_started",
           "description": "Scan a codebase for application packages, licenses, and copyrights.",
-          "uuid": "41bd06fa-6e75-45e9-8476-5602d1c1433f",
-          "created_date": "2024-06-27T14:35:14.841444Z",
+          "selected_groups": null,
+          "selected_steps": null,
+          "uuid": "311727fe-1d8d-4324-b298-976582616a9f",
+          "created_date": "2024-10-30T10:37:43.293477Z",
           "scancodeio_version": "",
           "task_id": null,
           "task_start_date": null,
           "task_end_date": null,
           "task_exitcode": null,
           "task_output": "",
-          "log": "2024-06-27 14:35:14.84 Pipeline [scan_codebase] starting\n2024-06-27 14:35:14.84 Step [download_missing_inputs] starting\n2024-06-27 14:35:14.84 Step [download_missing_inputs] completed in 0 seconds\n2024-06-27 14:35:14.84 Step [copy_inputs_to_codebase_directory] starting\n2024-06-27 14:35:14.84 Step [copy_inputs_to_codebase_directory] completed in 0 seconds\n2024-06-27 14:35:14.84 Step [extract_archives] starting\n2024-06-27 14:35:14.89 Step [extract_archives] completed in 0 seconds\n2024-06-27 14:35:14.89 Step [collect_and_create_codebase_resources] starting\n2024-06-27 14:35:14.96 Step [collect_and_create_codebase_resources] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [flag_empty_files] starting\n2024-06-27 14:35:14.96 Step [flag_empty_files] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [flag_ignored_resources] starting\n2024-06-27 14:35:14.96 Step [flag_ignored_resources] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [scan_for_application_packages] starting\n2024-06-27 14:35:14.98 Progress: 11% (2/18)\n2024-06-27 14:35:14.99 Progress: 22% (4/18)\n2024-06-27 14:35:14.99 Progress: 33% (6/18)\n2024-06-27 14:35:14.99 Progress: 44% (8/18)\n2024-06-27 14:35:14.99 Progress: 55% (10/18)\n2024-06-27 14:35:14.99 Progress: 66% (12/18)\n2024-06-27 14:35:14.99 Progress: 77% (14/18)\n2024-06-27 14:35:14.99 Progress: 88% (16/18)\n2024-06-27 14:35:17.74 Progress: 100% (18/18)\n2024-06-27 14:35:17.94 Step [scan_for_application_packages] completed in 3 seconds\n2024-06-27 14:35:17.94 Step [scan_for_files] starting\n2024-06-27 14:37:12.49 Progress: 12% (2/16) ETA: 840 seconds (14.0 minutes)\n2024-06-27 14:37:12.97 Progress: 25% (4/16) ETA: 345 seconds (5.8 minutes)\n2024-06-27 14:37:13.21 Progress: 37% (6/16) ETA: 196 seconds (3.3 minutes)\n2024-06-27 14:37:13.26 Progress: 50% (8/16) ETA: 115 seconds (1.9 minutes)\n2024-06-27 14:37:13.47 Progress: 62% (10/16) ETA: 71 seconds (1.2 minutes)\n2024-06-27 14:37:13.57 Progress: 75% (12/16) ETA: 39 seconds\n2024-06-27 14:37:13.64 Progress: 87% (14/16) ETA: 17 seconds\n2024-06-27 14:37:13.99 Progress: 100% (16/16)\n2024-06-27 14:37:14.17 Step [scan_for_files] completed in 116 seconds (1.9 minutes)\n2024-06-27 14:37:14.17 Pipeline completed in 119 seconds (2.0 minutes)\n",
+          "log": "2024-10-30 10:37:43.294 Pipeline [scan_codebase] starting\n2024-10-30 10:37:43.295 Step [download_missing_inputs] starting\n2024-10-30 10:37:43.296 Step [download_missing_inputs] completed in 0 seconds\n2024-10-30 10:37:43.297 Step [copy_inputs_to_codebase_directory] starting\n2024-10-30 10:37:43.298 Step [copy_inputs_to_codebase_directory] completed in 0 seconds\n2024-10-30 10:37:43.298 Step [extract_archives] starting\n2024-10-30 10:37:43.355 Step [extract_archives] completed in 0 seconds\n2024-10-30 10:37:43.356 Step [collect_and_create_codebase_resources] starting\n2024-10-30 10:37:43.524 Step [collect_and_create_codebase_resources] completed in 0 seconds\n2024-10-30 10:37:43.525 Step [flag_empty_files] starting\n2024-10-30 10:37:43.527 Step [flag_empty_files] completed in 0 seconds\n2024-10-30 10:37:43.528 Step [flag_ignored_resources] starting\n2024-10-30 10:37:43.529 Step [flag_ignored_resources] completed in 0 seconds\n2024-10-30 10:37:43.530 Step [scan_for_application_packages] starting\n2024-10-30 10:37:43.550 Progress: 11% (2/18)\n2024-10-30 10:37:43.563 Progress: 22% (4/18)\n2024-10-30 10:37:43.566 Progress: 33% (6/18)\n2024-10-30 10:37:43.567 Progress: 44% (8/18)\n2024-10-30 10:37:43.568 Progress: 55% (10/18)\n2024-10-30 10:37:43.569 Progress: 66% (12/18)\n2024-10-30 10:37:43.569 Progress: 77% (14/18)\n2024-10-30 10:37:43.569 Progress: 88% (16/18)\n2024-10-30 10:37:46.313 Progress: 100% (18/18)\n2024-10-30 10:37:46.475 Step [scan_for_application_packages] completed in 3 seconds\n2024-10-30 10:37:46.477 Step [scan_for_files] starting\n2024-10-30 10:37:54.667 Progress: 12% (2/16) ETA: 60 seconds\n2024-10-30 10:37:54.684 Progress: 25% (4/16) ETA: 25 seconds\n2024-10-30 10:37:54.772 Progress: 37% (6/16) ETA: 14 seconds\n2024-10-30 10:37:54.813 Progress: 50% (8/16) ETA: 8 seconds\n2024-10-30 10:37:54.879 Progress: 62% (10/16) ETA: 5 seconds\n2024-10-30 10:37:54.987 Progress: 75% (12/16) ETA: 3 seconds\n2024-10-30 10:37:55.147 Progress: 87% (14/16) ETA: 1 seconds\n2024-10-30 10:37:55.341 Progress: 100% (16/16)\n2024-10-30 10:37:55.465 Step [scan_for_files] completed in 9 seconds\n2024-10-30 10:37:55.466 Pipeline completed in 12 seconds\n",
           "execution_time": null
         }
       ],
@@ -55,6 +57,7 @@
       "tag": "",
       "primary_language": "Python",
       "description": "ASGI specs, helper code, and adapters\nasgiref\n=======\n\n.. image:: https://api.travis-ci.org/django/asgiref.svg\n    :target: https://travis-ci.org/django/asgiref\n\n.. image:: https://img.shields.io/pypi/v/asgiref.svg\n    :target: https://pypi.python.org/pypi/asgiref\n\nASGI is a standard for Python asynchronous web apps and servers to communicate\nwith each other, and positioned as an asynchronous successor to WSGI. You can\nread more at https://asgi.readthedocs.io/en/latest/\n\nThis package includes ASGI base libraries, such as:\n\n* Sync-to-async and async-to-sync function wrappers, ``asgiref.sync``\n* Server base classes, ``asgiref.server``\n* A WSGI-to-ASGI adapter, in ``asgiref.wsgi``\n\n\nFunction wrappers\n-----------------\n\nThese allow you to wrap or decorate async or sync functions to call them from\nthe other style (so you can call async functions from a synchronous thread,\nor vice-versa).\n\nIn particular:\n\n* AsyncToSync lets a synchronous subthread stop and wait while the async\n  function is called on the main thread's event loop, and then control is\n  returned to the thread when the async function is finished.\n\n* SyncToAsync lets async code call a synchronous function, which is run in\n  a threadpool and control returned to the async coroutine when the synchronous\n  function completes.\n\nThe idea is to make it easier to call synchronous APIs from async code and\nasynchronous APIs from synchronous code so it's easier to transition code from\none style to the other. In the case of Channels, we wrap the (synchronous)\nDjango view system with SyncToAsync to allow it to run inside the (asynchronous)\nASGI server.\n\nNote that exactly what threads things run in is very specific, and aimed to\nkeep maximum compatibility with old synchronous code. See\n\"Synchronous code & Threads\" below for a full explanation. By default,\n``sync_to_async`` will run all synchronous code in the program in the same\nthread for safety reasons; you can disable this for more performance with\n``@sync_to_async(thread_sensitive=False)``, but make sure that your code does\nnot rely on anything bound to threads (like database connections) when you do.\n\n\nThreadlocal replacement\n-----------------------\n\nThis is a drop-in replacement for ``threading.local`` that works with both\nthreads and asyncio Tasks. Even better, it will proxy values through from a\ntask-local context to a thread-local context when you use ``sync_to_async``\nto run things in a threadpool, and vice-versa for ``async_to_sync``.\n\nIf you instead want true thread- and task-safety, you can set\n``thread_critical`` on the Local object to ensure this instead.\n\n\nServer base classes\n-------------------\n\nIncludes a ``StatelessServer`` class which provides all the hard work of\nwriting a stateless server (as in, does not handle direct incoming sockets\nbut instead consumes external streams or sockets to work out what is happening).\n\nAn example of such a server would be a chatbot server that connects out to\na central chat server and provides a \"connection scope\" per user chatting to\nit. There's only one actual connection, but the server has to separate things\ninto several scopes for easier writing of the code.\n\nYou can see an example of this being used in `frequensgi <https://github.com/andrewgodwin/frequensgi>`_.\n\n\nWSGI-to-ASGI adapter\n--------------------\n\nAllows you to wrap a WSGI application so it appears as a valid ASGI application.\n\nSimply wrap it around your WSGI application like so::\n\n    asgi_application = WsgiToAsgi(wsgi_application)\n\nThe WSGI application will be run in a synchronous threadpool, and the wrapped\nASGI application will be one that accepts ``http`` class messages.\n\nPlease note that not all extended features of WSGI may be supported (such as\nfile handles for incoming POST bodies).\n\n\nDependencies\n------------\n\n``asgiref`` requires Python 3.5 or higher.\n\n\nContributing\n------------\n\nPlease refer to the\n`main Channels contributing docs <https://github.com/django/channels/blob/master/CONTRIBUTING.rst>`_.\n\n\nTesting\n'''''''\n\nTo run tests, make sure you have installed the ``tests`` extra with the package::\n\n    cd asgiref/\n    pip install -e .[tests]\n    pytest\n\n\nBuilding the documentation\n''''''''''''''''''''''''''\n\nThe documentation uses `Sphinx <http://www.sphinx-doc.org>`_::\n\n    cd asgiref/docs/\n    pip install sphinx\n\nTo build the docs, you can use the default tools::\n\n    sphinx-build -b html . _build/html  # or `make html`, if you've got make set up\n    cd _build/html\n    python -m http.server\n\n...or you can use ``sphinx-autobuild`` to run a server and rebuild/reload\nyour documentation changes automatically::\n\n    pip install sphinx-autobuild\n    sphinx-autobuild . _build/html\n\n\nImplementation Details\n----------------------\n\nSynchronous code & threads\n''''''''''''''''''''''''''\n\nThe ``asgiref.sync`` module provides two wrappers that let you go between\nasynchronous and synchronous code at will, while taking care of the rough edges\nfor you.\n\nUnfortunately, the rough edges are numerous, and the code has to work especially\nhard to keep things in the same thread as much as possible. Notably, the\nrestrictions we are working with are:\n\n* All synchronous code called through ``SyncToAsync`` and marked with\n  ``thread_sensitive`` should run in the same thread as each other (and if the\n  outer layer of the program is synchronous, the main thread)\n\n* If a thread already has a running async loop, ``AsyncToSync`` can't run things\n  on that loop if it's blocked on synchronous code that is above you in the\n  call stack.\n\nThe first compromise you get to might be that ``thread_sensitive`` code should\njust run in the same thread and not spawn in a sub-thread, fulfilling the first\nrestriction, but that immediately runs you into the second restriction.\n\nThe only real solution is to essentially have a variant of ThreadPoolExecutor\nthat executes any ``thread_sensitive`` code on the outermost synchronous\nthread - either the main thread, or a single spawned subthread.\n\nThis means you now have two basic states:\n\n* If the outermost layer of your program is synchronous, then all async code\n  run through ``AsyncToSync`` will run in a per-call event loop in arbitary\n  sub-threads, while all ``thread_sensitive`` code will run in the main thread.\n\n* If the outermost layer of your program is asynchronous, then all async code\n  runs on the main thread's event loop, and all ``thread_sensitive`` synchronous\n  code will run in a single shared sub-thread.\n\nCruicially, this means that in both cases there is a thread which is a shared\nresource that all ``thread_sensitive`` code must run on, and there is a chance\nthat this thread is currently blocked on its own ``AsyncToSync`` call. Thus,\n``AsyncToSync`` needs to act as an executor for thread code while it's blocking.\n\nThe ``CurrentThreadExecutor`` class provides this functionality; rather than\nsimply waiting on a Future, you can call its ``run_until_future`` method and\nit will run submitted code until that Future is done. This means that code\ninside the call can then run code on your thread.\n\n\nMaintenance and Security\n------------------------\n\nTo report security issues, please contact security@djangoproject.com. For GPG\nsignatures and more security process information, see\nhttps://docs.djangoproject.com/en/dev/internals/security/.\n\nTo report bugs or request new features, please open a new GitHub issue.\n\nThis repository is part of the Channels project. For the shepherd and maintenance team, please see the\n`main Channels readme <https://github.com/django/channels/blob/master/README.rst>`_.",
+      "notes": "",
       "release_date": null,
       "parties": [
         {
@@ -154,7 +157,7 @@
         "Documentation": "https://asgi.readthedocs.io/",
         "Further Documentation": "https://docs.djangoproject.com/en/stable/topics/async/#async-adapter-functions"
       },
-      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
+      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb",
       "is_private": false,
       "is_virtual": false,
       "datasource_ids": [
@@ -179,6 +182,7 @@
       "tag": "",
       "primary_language": "Python",
       "description": "ASGI specs, helper code, and adapters\nasgiref\n=======\n\n.. image:: https://api.travis-ci.org/django/asgiref.svg\n    :target: https://travis-ci.org/django/asgiref\n\n.. image:: https://img.shields.io/pypi/v/asgiref.svg\n    :target: https://pypi.python.org/pypi/asgiref\n\nASGI is a standard for Python asynchronous web apps and servers to communicate\nwith each other, and positioned as an asynchronous successor to WSGI. You can\nread more at https://asgi.readthedocs.io/en/latest/\n\nThis package includes ASGI base libraries, such as:\n\n* Sync-to-async and async-to-sync function wrappers, ``asgiref.sync``\n* Server base classes, ``asgiref.server``\n* A WSGI-to-ASGI adapter, in ``asgiref.wsgi``\n\n\nFunction wrappers\n-----------------\n\nThese allow you to wrap or decorate async or sync functions to call them from\nthe other style (so you can call async functions from a synchronous thread,\nor vice-versa).\n\nIn particular:\n\n* AsyncToSync lets a synchronous subthread stop and wait while the async\n  function is called on the main thread's event loop, and then control is\n  returned to the thread when the async function is finished.\n\n* SyncToAsync lets async code call a synchronous function, which is run in\n  a threadpool and control returned to the async coroutine when the synchronous\n  function completes.\n\nThe idea is to make it easier to call synchronous APIs from async code and\nasynchronous APIs from synchronous code so it's easier to transition code from\none style to the other. In the case of Channels, we wrap the (synchronous)\nDjango view system with SyncToAsync to allow it to run inside the (asynchronous)\nASGI server.\n\nNote that exactly what threads things run in is very specific, and aimed to\nkeep maximum compatibility with old synchronous code. See\n\"Synchronous code & Threads\" below for a full explanation. By default,\n``sync_to_async`` will run all synchronous code in the program in the same\nthread for safety reasons; you can disable this for more performance with\n``@sync_to_async(thread_sensitive=False)``, but make sure that your code does\nnot rely on anything bound to threads (like database connections) when you do.\n\n\nThreadlocal replacement\n-----------------------\n\nThis is a drop-in replacement for ``threading.local`` that works with both\nthreads and asyncio Tasks. Even better, it will proxy values through from a\ntask-local context to a thread-local context when you use ``sync_to_async``\nto run things in a threadpool, and vice-versa for ``async_to_sync``.\n\nIf you instead want true thread- and task-safety, you can set\n``thread_critical`` on the Local object to ensure this instead.\n\n\nServer base classes\n-------------------\n\nIncludes a ``StatelessServer`` class which provides all the hard work of\nwriting a stateless server (as in, does not handle direct incoming sockets\nbut instead consumes external streams or sockets to work out what is happening).\n\nAn example of such a server would be a chatbot server that connects out to\na central chat server and provides a \"connection scope\" per user chatting to\nit. There's only one actual connection, but the server has to separate things\ninto several scopes for easier writing of the code.\n\nYou can see an example of this being used in `frequensgi <https://github.com/andrewgodwin/frequensgi>`_.\n\n\nWSGI-to-ASGI adapter\n--------------------\n\nAllows you to wrap a WSGI application so it appears as a valid ASGI application.\n\nSimply wrap it around your WSGI application like so::\n\n    asgi_application = WsgiToAsgi(wsgi_application)\n\nThe WSGI application will be run in a synchronous threadpool, and the wrapped\nASGI application will be one that accepts ``http`` class messages.\n\nPlease note that not all extended features of WSGI may be supported (such as\nfile handles for incoming POST bodies).\n\n\nDependencies\n------------\n\n``asgiref`` requires Python 3.5 or higher.\n\n\nContributing\n------------\n\nPlease refer to the\n`main Channels contributing docs <https://github.com/django/channels/blob/master/CONTRIBUTING.rst>`_.\n\n\nTesting\n'''''''\n\nTo run tests, make sure you have installed the ``tests`` extra with the package::\n\n    cd asgiref/\n    pip install -e .[tests]\n    pytest\n\n\nBuilding the documentation\n''''''''''''''''''''''''''\n\nThe documentation uses `Sphinx <http://www.sphinx-doc.org>`_::\n\n    cd asgiref/docs/\n    pip install sphinx\n\nTo build the docs, you can use the default tools::\n\n    sphinx-build -b html . _build/html  # or `make html`, if you've got make set up\n    cd _build/html\n    python -m http.server\n\n...or you can use ``sphinx-autobuild`` to run a server and rebuild/reload\nyour documentation changes automatically::\n\n    pip install sphinx-autobuild\n    sphinx-autobuild . _build/html\n\n\nImplementation Details\n----------------------\n\nSynchronous code & threads\n''''''''''''''''''''''''''\n\nThe ``asgiref.sync`` module provides two wrappers that let you go between\nasynchronous and synchronous code at will, while taking care of the rough edges\nfor you.\n\nUnfortunately, the rough edges are numerous, and the code has to work especially\nhard to keep things in the same thread as much as possible. Notably, the\nrestrictions we are working with are:\n\n* All synchronous code called through ``SyncToAsync`` and marked with\n  ``thread_sensitive`` should run in the same thread as each other (and if the\n  outer layer of the program is synchronous, the main thread)\n\n* If a thread already has a running async loop, ``AsyncToSync`` can't run things\n  on that loop if it's blocked on synchronous code that is above you in the\n  call stack.\n\nThe first compromise you get to might be that ``thread_sensitive`` code should\njust run in the same thread and not spawn in a sub-thread, fulfilling the first\nrestriction, but that immediately runs you into the second restriction.\n\nThe only real solution is to essentially have a variant of ThreadPoolExecutor\nthat executes any ``thread_sensitive`` code on the outermost synchronous\nthread - either the main thread, or a single spawned subthread.\n\nThis means you now have two basic states:\n\n* If the outermost layer of your program is synchronous, then all async code\n  run through ``AsyncToSync`` will run in a per-call event loop in arbitary\n  sub-threads, while all ``thread_sensitive`` code will run in the main thread.\n\n* If the outermost layer of your program is asynchronous, then all async code\n  runs on the main thread's event loop, and all ``thread_sensitive`` synchronous\n  code will run in a single shared sub-thread.\n\nCruicially, this means that in both cases there is a thread which is a shared\nresource that all ``thread_sensitive`` code must run on, and there is a chance\nthat this thread is currently blocked on its own ``AsyncToSync`` call. Thus,\n``AsyncToSync`` needs to act as an executor for thread code while it's blocking.\n\nThe ``CurrentThreadExecutor`` class provides this functionality; rather than\nsimply waiting on a Future, you can call its ``run_until_future`` method and\nit will run submitted code until that Future is done. This means that code\ninside the call can then run code on your thread.\n\n\nMaintenance and Security\n------------------------\n\nTo report security issues, please contact security@djangoproject.com. For GPG\nsignatures and more security process information, see\nhttps://docs.djangoproject.com/en/dev/internals/security/.\n\nTo report bugs or request new features, please open a new GitHub issue.\n\nThis repository is part of the Channels project. For the shepherd and maintenance team, please see the\n`main Channels readme <https://github.com/django/channels/blob/master/README.rst>`_.",
+      "notes": "",
       "release_date": null,
       "parties": [
         {
@@ -278,7 +282,7 @@
         "Documentation": "https://asgi.readthedocs.io/",
         "Further Documentation": "https://docs.djangoproject.com/en/stable/topics/async/#async-adapter-functions"
       },
-      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
+      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9",
       "is_private": false,
       "is_virtual": false,
       "datasource_ids": [
@@ -296,14 +300,14 @@
   "dependencies": [
     {
       "purl": "pkg:pypi/pytest",
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
       "is_pinned": false,
       "is_direct": true,
-      "dependency_uid": "pkg:pypi/pytest?uuid=0928ca6e-d50e-439a-847d-ecb1366a8f2a",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
+      "dependency_uid": "pkg:pypi/pytest?uuid=cfa26c80-95fc-4da3-a290-5e7403d0d9bc",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb",
       "resolved_to_package_uid": null,
       "datafile_path": "asgiref-3.3.0-py3-none-any.whl",
       "datasource_id": "pypi_wheel",
@@ -312,14 +316,14 @@
     },
     {
       "purl": "pkg:pypi/pytest",
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
       "is_pinned": false,
       "is_direct": true,
-      "dependency_uid": "pkg:pypi/pytest?uuid=94372d19-8ab8-4b16-b6a7-72478e0b4cc4",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
+      "dependency_uid": "pkg:pypi/pytest?uuid=bfafc414-739f-4747-bfb0-1b3ad03d62c7",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9",
       "resolved_to_package_uid": null,
       "datafile_path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
       "datasource_id": "pypi_wheel_metadata",
@@ -328,14 +332,14 @@
     },
     {
       "purl": "pkg:pypi/pytest-asyncio",
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
       "is_pinned": false,
       "is_direct": true,
-      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=ccd9eb22-778d-4bd4-af59-8b63e4163b22",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
+      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=68b8d3cb-eddb-4727-b6cb-707dde279301",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb",
       "resolved_to_package_uid": null,
       "datafile_path": "asgiref-3.3.0-py3-none-any.whl",
       "datasource_id": "pypi_wheel",
@@ -344,14 +348,14 @@
     },
     {
       "purl": "pkg:pypi/pytest-asyncio",
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
       "is_pinned": false,
       "is_direct": true,
-      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=e751ec65-9351-4949-ae8f-5bc1a9efa336",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
+      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=570878e1-aa7c-46bc-9216-122b73b34f9b",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9",
       "resolved_to_package_uid": null,
       "datafile_path": "asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
       "datasource_id": "pypi_wheel_metadata",
@@ -448,23 +452,23 @@
               "purl": "pkg:pypi/pytest",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest; extra == \"tests\""
+              "extracted_requirement": null
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+              "extracted_requirement": null
             }
           ],
           "download_url": null,
@@ -660,7 +664,7 @@
         }
       ],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01"
+        "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb"
       ],
       "emails": [],
       "urls": [],
@@ -853,7 +857,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -947,23 +951,23 @@
               "purl": "pkg:pypi/pytest",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest; extra == \"tests\""
+              "extracted_requirement": null
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+              "extracted_requirement": null
             }
           ],
           "download_url": null,
@@ -1159,7 +1163,7 @@
         }
       ],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1200,7 +1204,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1241,7 +1245,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1282,7 +1286,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1323,7 +1327,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1364,7 +1368,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1405,7 +1409,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1446,7 +1450,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1487,7 +1491,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1528,7 +1532,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1569,7 +1573,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
@@ -1633,7 +1637,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [
@@ -1690,7 +1694,7 @@
       "authors": [],
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
       "emails": [],
       "urls": [],
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json
index 9a2ffbaa6..630442eb6 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_toolkit_scan.json
@@ -2,7 +2,7 @@
   "headers": [
     {
       "tool_name": "scancode-toolkit",
-      "tool_version": "32.2.0",
+      "tool_version": "v34.8.2-2-gdde1fc5b",
       "options": {
         "--copyright": true,
         "--info": true,
@@ -10,10 +10,10 @@
         "--package": true
       },
       "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.",
-      "start_timestamp": "2024-06-27T143714.174406",
-      "end_timestamp": "2024-06-27T143719.047147",
-      "output_format_version": "3.2.0",
-      "duration": 4.87275767326355,
+      "start_timestamp": "2024-10-30T103755.467677",
+      "end_timestamp": "2024-10-30T103758.903734",
+      "output_format_version": "4.0.0",
+      "duration": 3.4360711574554443,
       "message": null,
       "errors": [],
       "warnings": [],
@@ -21,11 +21,11 @@
         "system_environment": {
           "operating_system": "linux",
           "cpu_architecture": "64",
-          "platform": "Linux-5.15.0-112-generic-x86_64-with-glibc2.35",
-          "platform_version": "#122-Ubuntu SMP Thu May 23 07:48:21 UTC 2024",
-          "python_version": "3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0]"
+          "platform": "Linux-5.15.0-124-generic-x86_64-with-glibc2.35",
+          "platform_version": "#134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024",
+          "python_version": "3.10.12 (main, Sep 11 2024, 15:47:36) [GCC 11.4.0]"
         },
-        "spdx_license_list_version": "3.24",
+        "spdx_license_list_version": "3.25",
         "files_count": 15
       }
     }
@@ -140,7 +140,7 @@
       "repository_homepage_url": "https://pypi.org/project/asgiref",
       "repository_download_url": "https://pypi.org/packages/source/a/asgiref/asgiref-3.3.0.tar.gz",
       "api_data_url": "https://pypi.org/pypi/asgiref/3.3.0/json",
-      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8d155673-d3d9-4b6f-882c-df1618a23c6a",
+      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=fac2bdaf-1d00-43f3-b5b7-c395336a7565",
       "datafile_paths": [
         "codebase/asgiref-3.3.0-py3-none-any.whl"
       ],
@@ -258,7 +258,7 @@
       "repository_homepage_url": "https://pypi.org/project/asgiref",
       "repository_download_url": "https://pypi.org/packages/source/a/asgiref/asgiref-3.3.0.tar.gz",
       "api_data_url": "https://pypi.org/pypi/asgiref/3.3.0/json",
-      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3",
+      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0",
       "datafile_paths": [
         "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA"
       ],
@@ -271,7 +271,7 @@
   "dependencies": [
     {
       "purl": "pkg:pypi/pytest",
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": null,
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -279,14 +279,14 @@
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
-      "dependency_uid": "pkg:pypi/pytest?uuid=e80a74b5-6001-486d-ac15-f173a2fd5143",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8d155673-d3d9-4b6f-882c-df1618a23c6a",
+      "dependency_uid": "pkg:pypi/pytest?uuid=87cf340d-95bf-4819-a2ce-e8cdf4ff5cc3",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=fac2bdaf-1d00-43f3-b5b7-c395336a7565",
       "datafile_path": "codebase/asgiref-3.3.0-py3-none-any.whl",
       "datasource_id": "pypi_wheel"
     },
     {
       "purl": "pkg:pypi/pytest-asyncio",
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": null,
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -294,14 +294,14 @@
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
-      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=e68b22aa-e25c-43c5-b985-2f1ff4fd524b",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8d155673-d3d9-4b6f-882c-df1618a23c6a",
+      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=ff452dbb-f683-444c-ad4f-ecb98b85cea9",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=fac2bdaf-1d00-43f3-b5b7-c395336a7565",
       "datafile_path": "codebase/asgiref-3.3.0-py3-none-any.whl",
       "datasource_id": "pypi_wheel"
     },
     {
       "purl": "pkg:pypi/pytest",
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": null,
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -309,14 +309,14 @@
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
-      "dependency_uid": "pkg:pypi/pytest?uuid=e7398026-732a-4dc0-aa85-73676a43a504",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3",
+      "dependency_uid": "pkg:pypi/pytest?uuid=43014bc3-e108-443f-8d50-983915b5e99c",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0",
       "datafile_path": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
       "datasource_id": "pypi_wheel_metadata"
     },
     {
       "purl": "pkg:pypi/pytest-asyncio",
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": null,
       "scope": "tests",
       "is_runtime": true,
       "is_optional": true,
@@ -324,8 +324,8 @@
       "is_direct": true,
       "resolved_package": {},
       "extra_data": {},
-      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=2ef16dc6-0efa-4000-a6a2-1c6e828fac4b",
-      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3",
+      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=558fa005-5802-4a70-beee-98cc40913be7",
+      "for_package_uid": "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0",
       "datafile_path": "codebase/asgiref-3.3.0-py3-none-any.whl-extract/asgiref-3.3.0.dist-info/METADATA",
       "datasource_id": "pypi_wheel_metadata"
     }
@@ -463,7 +463,7 @@
       "base_name": "asgiref-3.3.0-py3-none-any",
       "extension": ".whl",
       "size": 19948,
-      "date": "2024-06-27",
+      "date": "2024-10-30",
       "sha1": "c03f67211a311b13d1294ac8af7cb139ee34c4f9",
       "md5": "5bce1df6dedc53a41a9a6b40d7b1699e",
       "sha256": "a5098bc870b80e7b872bff60bb363c7f2c2c89078759f6c47b53ff8c525a152e",
@@ -714,7 +714,7 @@
           "dependencies": [
             {
               "purl": "pkg:pypi/pytest",
-              "extracted_requirement": "pytest; extra == \"tests\"",
+              "extracted_requirement": null,
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
@@ -725,7 +725,7 @@
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+              "extracted_requirement": null,
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
@@ -743,7 +743,7 @@
         }
       ],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=8d155673-d3d9-4b6f-882c-df1618a23c6a"
+        "pkg:pypi/asgiref@3.3.0?uuid=fac2bdaf-1d00-43f3-b5b7-c395336a7565"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -850,7 +850,7 @@
       "is_script": false,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -887,7 +887,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -924,7 +924,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -961,7 +961,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -998,7 +998,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -1035,7 +1035,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -1072,7 +1072,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -1109,7 +1109,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": "apache-2.0",
       "detected_license_expression_spdx": "Apache-2.0",
@@ -1168,7 +1168,7 @@
       "is_script": true,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -1240,7 +1240,7 @@
       "is_script": false,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": "bsd-new",
       "detected_license_expression_spdx": "BSD-3-Clause",
@@ -1547,7 +1547,7 @@
           "dependencies": [
             {
               "purl": "pkg:pypi/pytest",
-              "extracted_requirement": "pytest; extra == \"tests\"",
+              "extracted_requirement": null,
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
@@ -1558,7 +1558,7 @@
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+              "extracted_requirement": null,
               "scope": "tests",
               "is_runtime": true,
               "is_optional": true,
@@ -1576,7 +1576,7 @@
         }
       ],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": "bsd-new",
       "detected_license_expression_spdx": "BSD-3-Clause",
@@ -1662,7 +1662,7 @@
       "is_script": false,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -1699,7 +1699,7 @@
       "is_script": false,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
@@ -1736,7 +1736,7 @@
       "is_script": false,
       "package_data": [],
       "for_packages": [
-        "pkg:pypi/asgiref@3.3.0?uuid=d213d84b-a5e9-4cb3-9a8a-fd1146e156a3"
+        "pkg:pypi/asgiref@3.3.0?uuid=d83e05f4-c9e1-445a-ba7d-a563477c55f0"
       ],
       "detected_license_expression": null,
       "detected_license_expression_spdx": null,
diff --git a/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json b/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json
index 3fcff2acb..1af26c58e 100644
--- a/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json
+++ b/scanpipe/tests/data/asgiref/asgiref-3.3.0_walk_test_fixtures.json
@@ -1,13 +1,13 @@
 [
   {
     "model": "scanpipe.project",
-    "pk": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+    "pk": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
     "fields": {
       "extra_data": {},
-      "created_date": "2024-06-27T14:35:14.839Z",
+      "created_date": "2024-10-30T10:37:43.288Z",
       "name": "asgiref",
-      "slug": "asgiref-2f5f5927",
-      "work_directory": "/tmp/tmp4olqovm8/projects/asgiref-2f5f5927",
+      "slug": "asgiref-24c1b665",
+      "work_directory": "/tmp/tmppvadhlgm/projects/asgiref-24c1b665",
       "is_archived": false,
       "notes": "",
       "settings": {}
@@ -15,21 +15,22 @@
   },
   {
     "model": "scanpipe.run",
-    "pk": "41bd06fa-6e75-45e9-8476-5602d1c1433f",
+    "pk": "311727fe-1d8d-4324-b298-976582616a9f",
     "fields": {
       "task_id": null,
       "task_start_date": null,
       "task_end_date": null,
       "task_exitcode": null,
       "task_output": "",
-      "log": "2024-06-27 14:35:14.84 Pipeline [scan_codebase] starting\n2024-06-27 14:35:14.84 Step [download_missing_inputs] starting\n2024-06-27 14:35:14.84 Step [download_missing_inputs] completed in 0 seconds\n2024-06-27 14:35:14.84 Step [copy_inputs_to_codebase_directory] starting\n2024-06-27 14:35:14.84 Step [copy_inputs_to_codebase_directory] completed in 0 seconds\n2024-06-27 14:35:14.84 Step [extract_archives] starting\n2024-06-27 14:35:14.89 Step [extract_archives] completed in 0 seconds\n2024-06-27 14:35:14.89 Step [collect_and_create_codebase_resources] starting\n2024-06-27 14:35:14.96 Step [collect_and_create_codebase_resources] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [flag_empty_files] starting\n2024-06-27 14:35:14.96 Step [flag_empty_files] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [flag_ignored_resources] starting\n2024-06-27 14:35:14.96 Step [flag_ignored_resources] completed in 0 seconds\n2024-06-27 14:35:14.96 Step [scan_for_application_packages] starting\n2024-06-27 14:35:14.98 Progress: 11% (2/18)\n2024-06-27 14:35:14.99 Progress: 22% (4/18)\n2024-06-27 14:35:14.99 Progress: 33% (6/18)\n2024-06-27 14:35:14.99 Progress: 44% (8/18)\n2024-06-27 14:35:14.99 Progress: 55% (10/18)\n2024-06-27 14:35:14.99 Progress: 66% (12/18)\n2024-06-27 14:35:14.99 Progress: 77% (14/18)\n2024-06-27 14:35:14.99 Progress: 88% (16/18)\n2024-06-27 14:35:17.74 Progress: 100% (18/18)\n2024-06-27 14:35:17.94 Step [scan_for_application_packages] completed in 3 seconds\n2024-06-27 14:35:17.94 Step [scan_for_files] starting\n2024-06-27 14:37:12.49 Progress: 12% (2/16) ETA: 840 seconds (14.0 minutes)\n2024-06-27 14:37:12.97 Progress: 25% (4/16) ETA: 345 seconds (5.8 minutes)\n2024-06-27 14:37:13.21 Progress: 37% (6/16) ETA: 196 seconds (3.3 minutes)\n2024-06-27 14:37:13.26 Progress: 50% (8/16) ETA: 115 seconds (1.9 minutes)\n2024-06-27 14:37:13.47 Progress: 62% (10/16) ETA: 71 seconds (1.2 minutes)\n2024-06-27 14:37:13.57 Progress: 75% (12/16) ETA: 39 seconds\n2024-06-27 14:37:13.64 Progress: 87% (14/16) ETA: 17 seconds\n2024-06-27 14:37:13.99 Progress: 100% (16/16)\n2024-06-27 14:37:14.17 Step [scan_for_files] completed in 116 seconds (1.9 minutes)\n2024-06-27 14:37:14.17 Pipeline completed in 119 seconds (2.0 minutes)\n",
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "log": "2024-10-30 10:37:43.294 Pipeline [scan_codebase] starting\n2024-10-30 10:37:43.295 Step [download_missing_inputs] starting\n2024-10-30 10:37:43.296 Step [download_missing_inputs] completed in 0 seconds\n2024-10-30 10:37:43.297 Step [copy_inputs_to_codebase_directory] starting\n2024-10-30 10:37:43.298 Step [copy_inputs_to_codebase_directory] completed in 0 seconds\n2024-10-30 10:37:43.298 Step [extract_archives] starting\n2024-10-30 10:37:43.355 Step [extract_archives] completed in 0 seconds\n2024-10-30 10:37:43.356 Step [collect_and_create_codebase_resources] starting\n2024-10-30 10:37:43.524 Step [collect_and_create_codebase_resources] completed in 0 seconds\n2024-10-30 10:37:43.525 Step [flag_empty_files] starting\n2024-10-30 10:37:43.527 Step [flag_empty_files] completed in 0 seconds\n2024-10-30 10:37:43.528 Step [flag_ignored_resources] starting\n2024-10-30 10:37:43.529 Step [flag_ignored_resources] completed in 0 seconds\n2024-10-30 10:37:43.530 Step [scan_for_application_packages] starting\n2024-10-30 10:37:43.550 Progress: 11% (2/18)\n2024-10-30 10:37:43.563 Progress: 22% (4/18)\n2024-10-30 10:37:43.566 Progress: 33% (6/18)\n2024-10-30 10:37:43.567 Progress: 44% (8/18)\n2024-10-30 10:37:43.568 Progress: 55% (10/18)\n2024-10-30 10:37:43.569 Progress: 66% (12/18)\n2024-10-30 10:37:43.569 Progress: 77% (14/18)\n2024-10-30 10:37:43.569 Progress: 88% (16/18)\n2024-10-30 10:37:46.313 Progress: 100% (18/18)\n2024-10-30 10:37:46.475 Step [scan_for_application_packages] completed in 3 seconds\n2024-10-30 10:37:46.477 Step [scan_for_files] starting\n2024-10-30 10:37:54.667 Progress: 12% (2/16) ETA: 60 seconds\n2024-10-30 10:37:54.684 Progress: 25% (4/16) ETA: 25 seconds\n2024-10-30 10:37:54.772 Progress: 37% (6/16) ETA: 14 seconds\n2024-10-30 10:37:54.813 Progress: 50% (8/16) ETA: 8 seconds\n2024-10-30 10:37:54.879 Progress: 62% (10/16) ETA: 5 seconds\n2024-10-30 10:37:54.987 Progress: 75% (12/16) ETA: 3 seconds\n2024-10-30 10:37:55.147 Progress: 87% (14/16) ETA: 1 seconds\n2024-10-30 10:37:55.341 Progress: 100% (16/16)\n2024-10-30 10:37:55.465 Step [scan_for_files] completed in 9 seconds\n2024-10-30 10:37:55.466 Pipeline completed in 12 seconds\n",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "pipeline_name": "scan_codebase",
-      "created_date": "2024-06-27T14:35:14.841Z",
+      "created_date": "2024-10-30T10:37:43.293Z",
       "scancodeio_version": "",
       "description": "Scan a codebase for application packages, licenses, and copyrights.",
       "current_step": "",
-      "selected_groups": null
+      "selected_groups": null,
+      "selected_steps": null
     }
   },
   {
@@ -41,7 +42,7 @@
       "sha256": "a5098bc870b80e7b872bff60bb363c7f2c2c89078759f6c47b53ff8c525a152e",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -128,23 +129,23 @@
               "purl": "pkg:pypi/pytest",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest; extra == \"tests\""
+              "extracted_requirement": null
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+              "extracted_requirement": null
             }
           ],
           "download_url": null,
@@ -350,7 +351,7 @@
       "sha256": "",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -394,7 +395,7 @@
       "sha256": "",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -438,7 +439,7 @@
       "sha256": "",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -482,7 +483,7 @@
       "sha256": "6e89108c2cf0c0446174188f76f60465ae1c1f14f83427807df40d52a27cb2c8",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -526,7 +527,7 @@
       "sha256": "b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "bsd-new",
       "detected_license_expression_spdx": "BSD-3-Clause",
       "license_detections": [
@@ -605,7 +606,7 @@
       "sha256": "70f98f4eb9f6068b192b5464fcdf69e29a8ff09962bfce84bbb052baeee44f33",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -692,23 +693,23 @@
               "purl": "pkg:pypi/pytest",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest; extra == \"tests\""
+              "extracted_requirement": null
             },
             {
               "purl": "pkg:pypi/pytest-asyncio",
               "scope": "tests",
               "is_direct": true,
+              "is_pinned": false,
               "extra_data": {},
               "is_runtime": true,
               "is_optional": true,
-              "is_pinned": false,
               "resolved_package": {},
-              "extracted_requirement": "pytest-asyncio; extra == \"tests\""
+              "extracted_requirement": null
             }
           ],
           "download_url": null,
@@ -914,7 +915,7 @@
       "sha256": "11546323af45e6a5639bf620a9c4d73e74c0bf705f494af4595007b923f75e8a",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -958,7 +959,7 @@
       "sha256": "2c1983592aa38f0bfb0afacc73ddc5b46ce10e8e89ceaa9fed1e5fc6361b608d",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1002,7 +1003,7 @@
       "sha256": "30f49b9094bff904a42caeec32515715fe625a56dc48bd7c0e3d9988c0ad4bd7",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1046,7 +1047,7 @@
       "sha256": "fa4651a3b79201a4dc44a4096cd49ec8f427e912ea0ee05c666357b413a8afe7",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1090,7 +1091,7 @@
       "sha256": "ee0fcf4a8e6fa9df8a4643bb48e82892d496afce44b6c8b8aea2721755545e1c",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1134,7 +1135,7 @@
       "sha256": "3151f66c476208c3154cb6c4fb557a2a253bab82f0ab33fb3c8b9f7976be9e33",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1178,7 +1179,7 @@
       "sha256": "ddd445b778c097fc75c2bf69ad964cbadd3bd6999d1dd2306d39d401855e8e3e",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1222,7 +1223,7 @@
       "sha256": "ddbc8d455eceb68fc583c67e7c4ad0277c867fb39095c51ec5b37f70342e8334",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1266,7 +1267,7 @@
       "sha256": "126c3e3a8a75a517d2739612304607804cf5f34da63fa25d03a6f11f7edb6f2f",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "apache-2.0",
       "detected_license_expression_spdx": "Apache-2.0",
       "license_detections": [
@@ -1349,7 +1350,7 @@
       "sha256": "f8bd1ea3fb8afddabb10f8efd66796d41446cad51168ef4d3c44b19c973d0ad0",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1393,7 +1394,7 @@
       "sha256": "885267fee0fea687875a02ceb929ca095312d47aaa57e20e4ce382f397caaf4d",
       "sha512": "",
       "extra_data": {},
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "detected_license_expression": "",
       "detected_license_expression_spdx": "",
       "license_detections": [],
@@ -1447,7 +1448,7 @@
         "Documentation": "https://asgi.readthedocs.io/",
         "Further Documentation": "https://docs.djangoproject.com/en/stable/topics/async/#async-adapter-functions"
       },
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "compliance_alert": "",
       "affected_by_vulnerabilities": [],
       "filename": "",
@@ -1536,10 +1537,10 @@
           "email": "foundation@djangoproject.com"
         }
       ],
-      "uuid": "75b6bb66-de86-4a35-a780-bc1f635f11f4",
+      "uuid": "101147dd-f8a7-4ea3-87a1-01b9b0af5d4f",
       "missing_resources": [],
       "modified_resources": [],
-      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
+      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb",
       "keywords": [
         "Development Status :: 5 - Production/Stable",
         "Environment :: Web Environment",
@@ -1554,6 +1555,7 @@
         "Programming Language :: Python :: 3.8",
         "Topic :: Internet :: WWW/HTTP"
       ],
+      "notes": "",
       "source_packages": [],
       "tag": "",
       "codebase_resources": [
@@ -1580,7 +1582,7 @@
         "Documentation": "https://asgi.readthedocs.io/",
         "Further Documentation": "https://docs.djangoproject.com/en/stable/topics/async/#async-adapter-functions"
       },
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "compliance_alert": "",
       "affected_by_vulnerabilities": [],
       "filename": "",
@@ -1669,10 +1671,10 @@
           "email": "foundation@djangoproject.com"
         }
       ],
-      "uuid": "d10827fc-bcd1-4c10-ad6c-972dd4defa9c",
+      "uuid": "b5035991-5b4b-40be-b68b-1c9c528078cd",
       "missing_resources": [],
       "modified_resources": [],
-      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
+      "package_uid": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9",
       "keywords": [
         "Development Status :: 5 - Production/Stable",
         "Environment :: Web Environment",
@@ -1687,6 +1689,7 @@
         "Programming Language :: Python :: 3.8",
         "Topic :: Internet :: WWW/HTTP"
       ],
+      "notes": "",
       "source_packages": [],
       "tag": "",
       "codebase_resources": [
@@ -1718,12 +1721,12 @@
       "qualifiers": "",
       "subpath": "",
       "affected_by_vulnerabilities": [],
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-      "dependency_uid": "pkg:pypi/pytest?uuid=0928ca6e-d50e-439a-847d-ecb1366a8f2a",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+      "dependency_uid": "pkg:pypi/pytest?uuid=cfa26c80-95fc-4da3-a290-5e7403d0d9bc",
       "for_package": 1,
       "resolved_to_package": null,
       "datafile_resource": 1,
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "datasource_id": "pypi_wheel",
       "is_runtime": true,
@@ -1743,12 +1746,12 @@
       "qualifiers": "",
       "subpath": "",
       "affected_by_vulnerabilities": [],
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=ccd9eb22-778d-4bd4-af59-8b63e4163b22",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=68b8d3cb-eddb-4727-b6cb-707dde279301",
       "for_package": 1,
       "resolved_to_package": null,
       "datafile_resource": 1,
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "datasource_id": "pypi_wheel",
       "is_runtime": true,
@@ -1768,12 +1771,12 @@
       "qualifiers": "",
       "subpath": "",
       "affected_by_vulnerabilities": [],
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-      "dependency_uid": "pkg:pypi/pytest?uuid=94372d19-8ab8-4b16-b6a7-72478e0b4cc4",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+      "dependency_uid": "pkg:pypi/pytest?uuid=bfafc414-739f-4747-bfb0-1b3ad03d62c7",
       "for_package": 2,
       "resolved_to_package": null,
       "datafile_resource": 7,
-      "extracted_requirement": "pytest; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "datasource_id": "pypi_wheel_metadata",
       "is_runtime": true,
@@ -1793,12 +1796,12 @@
       "qualifiers": "",
       "subpath": "",
       "affected_by_vulnerabilities": [],
-      "project": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
-      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=e751ec65-9351-4949-ae8f-5bc1a9efa336",
+      "project": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
+      "dependency_uid": "pkg:pypi/pytest-asyncio?uuid=570878e1-aa7c-46bc-9216-122b73b34f9b",
       "for_package": 2,
       "resolved_to_package": null,
       "datafile_resource": 7,
-      "extracted_requirement": "pytest-asyncio; extra == \"tests\"",
+      "extracted_requirement": "",
       "scope": "tests",
       "datasource_id": "pypi_wheel_metadata",
       "is_runtime": true,
diff --git a/scanpipe/tests/data/cyclonedx/asgiref-3.3.0.cdx.json b/scanpipe/tests/data/cyclonedx/asgiref-3.3.0.cdx.json
index fb68235f7..5db9407d0 100644
--- a/scanpipe/tests/data/cyclonedx/asgiref-3.3.0.cdx.json
+++ b/scanpipe/tests/data/cyclonedx/asgiref-3.3.0.cdx.json
@@ -6,7 +6,7 @@
   "version": 1,
   "metadata": {
     "component": {
-      "bom-ref": "2f5f5927-2cad-4ecb-9043-fda5337bd501",
+      "bom-ref": "24c1b665-7fb2-4e0c-8785-cba72fb35df0",
       "name": "asgiref",
       "type": "library"
     },
@@ -26,7 +26,7 @@
   },
   "components": [
     {
-      "bom-ref": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01",
+      "bom-ref": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb",
       "copyright": "",
       "description": "ASGI specs, helper code, and adapters\nasgiref\n=======\n\n.. image:: https://api.travis-ci.org/django/asgiref.svg\n    :target: https://travis-ci.org/django/asgiref\n\n.. image:: https://img.shields.io/pypi/v/asgiref.svg\n    :target: https://pypi.python.org/pypi/asgiref\n\nASGI is a standard for Python asynchronous web apps and servers to communicate\nwith each other, and positioned as an asynchronous successor to WSGI. You can\nread more at https://asgi.readthedocs.io/en/latest/\n\nThis package includes ASGI base libraries, such as:\n\n* Sync-to-async and async-to-sync function wrappers, ``asgiref.sync``\n* Server base classes, ``asgiref.server``\n* A WSGI-to-ASGI adapter, in ``asgiref.wsgi``\n\n\nFunction wrappers\n-----------------\n\nThese allow you to wrap or decorate async or sync functions to call them from\nthe other style (so you can call async functions from a synchronous thread,\nor vice-versa).\n\nIn particular:\n\n* AsyncToSync lets a synchronous subthread stop and wait while the async\n  function is called on the main thread's event loop, and then control is\n  returned to the thread when the async function is finished.\n\n* SyncToAsync lets async code call a synchronous function, which is run in\n  a threadpool and control returned to the async coroutine when the synchronous\n  function completes.\n\nThe idea is to make it easier to call synchronous APIs from async code and\nasynchronous APIs from synchronous code so it's easier to transition code from\none style to the other. In the case of Channels, we wrap the (synchronous)\nDjango view system with SyncToAsync to allow it to run inside the (asynchronous)\nASGI server.\n\nNote that exactly what threads things run in is very specific, and aimed to\nkeep maximum compatibility with old synchronous code. See\n\"Synchronous code & Threads\" below for a full explanation. By default,\n``sync_to_async`` will run all synchronous code in the program in the same\nthread for safety reasons; you can disable this for more performance with\n``@sync_to_async(thread_sensitive=False)``, but make sure that your code does\nnot rely on anything bound to threads (like database connections) when you do.\n\n\nThreadlocal replacement\n-----------------------\n\nThis is a drop-in replacement for ``threading.local`` that works with both\nthreads and asyncio Tasks. Even better, it will proxy values through from a\ntask-local context to a thread-local context when you use ``sync_to_async``\nto run things in a threadpool, and vice-versa for ``async_to_sync``.\n\nIf you instead want true thread- and task-safety, you can set\n``thread_critical`` on the Local object to ensure this instead.\n\n\nServer base classes\n-------------------\n\nIncludes a ``StatelessServer`` class which provides all the hard work of\nwriting a stateless server (as in, does not handle direct incoming sockets\nbut instead consumes external streams or sockets to work out what is happening).\n\nAn example of such a server would be a chatbot server that connects out to\na central chat server and provides a \"connection scope\" per user chatting to\nit. There's only one actual connection, but the server has to separate things\ninto several scopes for easier writing of the code.\n\nYou can see an example of this being used in `frequensgi <https://github.com/andrewgodwin/frequensgi>`_.\n\n\nWSGI-to-ASGI adapter\n--------------------\n\nAllows you to wrap a WSGI application so it appears as a valid ASGI application.\n\nSimply wrap it around your WSGI application like so::\n\n    asgi_application = WsgiToAsgi(wsgi_application)\n\nThe WSGI application will be run in a synchronous threadpool, and the wrapped\nASGI application will be one that accepts ``http`` class messages.\n\nPlease note that not all extended features of WSGI may be supported (such as\nfile handles for incoming POST bodies).\n\n\nDependencies\n------------\n\n``asgiref`` requires Python 3.5 or higher.\n\n\nContributing\n------------\n\nPlease refer to the\n`main Channels contributing docs <https://github.com/django/channels/blob/master/CONTRIBUTING.rst>`_.\n\n\nTesting\n'''''''\n\nTo run tests, make sure you have installed the ``tests`` extra with the package::\n\n    cd asgiref/\n    pip install -e .[tests]\n    pytest\n\n\nBuilding the documentation\n''''''''''''''''''''''''''\n\nThe documentation uses `Sphinx <http://www.sphinx-doc.org>`_::\n\n    cd asgiref/docs/\n    pip install sphinx\n\nTo build the docs, you can use the default tools::\n\n    sphinx-build -b html . _build/html  # or `make html`, if you've got make set up\n    cd _build/html\n    python -m http.server\n\n...or you can use ``sphinx-autobuild`` to run a server and rebuild/reload\nyour documentation changes automatically::\n\n    pip install sphinx-autobuild\n    sphinx-autobuild . _build/html\n\n\nImplementation Details\n----------------------\n\nSynchronous code & threads\n''''''''''''''''''''''''''\n\nThe ``asgiref.sync`` module provides two wrappers that let you go between\nasynchronous and synchronous code at will, while taking care of the rough edges\nfor you.\n\nUnfortunately, the rough edges are numerous, and the code has to work especially\nhard to keep things in the same thread as much as possible. Notably, the\nrestrictions we are working with are:\n\n* All synchronous code called through ``SyncToAsync`` and marked with\n  ``thread_sensitive`` should run in the same thread as each other (and if the\n  outer layer of the program is synchronous, the main thread)\n\n* If a thread already has a running async loop, ``AsyncToSync`` can't run things\n  on that loop if it's blocked on synchronous code that is above you in the\n  call stack.\n\nThe first compromise you get to might be that ``thread_sensitive`` code should\njust run in the same thread and not spawn in a sub-thread, fulfilling the first\nrestriction, but that immediately runs you into the second restriction.\n\nThe only real solution is to essentially have a variant of ThreadPoolExecutor\nthat executes any ``thread_sensitive`` code on the outermost synchronous\nthread - either the main thread, or a single spawned subthread.\n\nThis means you now have two basic states:\n\n* If the outermost layer of your program is synchronous, then all async code\n  run through ``AsyncToSync`` will run in a per-call event loop in arbitary\n  sub-threads, while all ``thread_sensitive`` code will run in the main thread.\n\n* If the outermost layer of your program is asynchronous, then all async code\n  runs on the main thread's event loop, and all ``thread_sensitive`` synchronous\n  code will run in a single shared sub-thread.\n\nCruicially, this means that in both cases there is a thread which is a shared\nresource that all ``thread_sensitive`` code must run on, and there is a chance\nthat this thread is currently blocked on its own ``AsyncToSync`` call. Thus,\n``AsyncToSync`` needs to act as an executor for thread code while it's blocking.\n\nThe ``CurrentThreadExecutor`` class provides this functionality; rather than\nsimply waiting on a Future, you can call its ``run_until_future`` method and\nit will run submitted code until that Future is done. This means that code\ninside the call can then run code on your thread.\n\n\nMaintenance and Security\n------------------------\n\nTo report security issues, please contact security@djangoproject.com. For GPG\nsignatures and more security process information, see\nhttps://docs.djangoproject.com/en/dev/internals/security/.\n\nTo report bugs or request new features, please open a new GitHub issue.\n\nThis repository is part of the Channels project. For the shepherd and maintenance team, please see the\n`main Channels readme <https://github.com/django/channels/blob/master/README.rst>`_.",
       "externalReferences": [
@@ -56,7 +56,7 @@
         },
         {
           "name": "aboutcode:package_uid",
-          "value": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01"
+          "value": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb"
         },
         {
           "name": "aboutcode:primary_language",
@@ -68,7 +68,7 @@
       "version": "3.3.0"
     },
     {
-      "bom-ref": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
+      "bom-ref": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9",
       "copyright": "",
       "description": "ASGI specs, helper code, and adapters\nasgiref\n=======\n\n.. image:: https://api.travis-ci.org/django/asgiref.svg\n    :target: https://travis-ci.org/django/asgiref\n\n.. image:: https://img.shields.io/pypi/v/asgiref.svg\n    :target: https://pypi.python.org/pypi/asgiref\n\nASGI is a standard for Python asynchronous web apps and servers to communicate\nwith each other, and positioned as an asynchronous successor to WSGI. You can\nread more at https://asgi.readthedocs.io/en/latest/\n\nThis package includes ASGI base libraries, such as:\n\n* Sync-to-async and async-to-sync function wrappers, ``asgiref.sync``\n* Server base classes, ``asgiref.server``\n* A WSGI-to-ASGI adapter, in ``asgiref.wsgi``\n\n\nFunction wrappers\n-----------------\n\nThese allow you to wrap or decorate async or sync functions to call them from\nthe other style (so you can call async functions from a synchronous thread,\nor vice-versa).\n\nIn particular:\n\n* AsyncToSync lets a synchronous subthread stop and wait while the async\n  function is called on the main thread's event loop, and then control is\n  returned to the thread when the async function is finished.\n\n* SyncToAsync lets async code call a synchronous function, which is run in\n  a threadpool and control returned to the async coroutine when the synchronous\n  function completes.\n\nThe idea is to make it easier to call synchronous APIs from async code and\nasynchronous APIs from synchronous code so it's easier to transition code from\none style to the other. In the case of Channels, we wrap the (synchronous)\nDjango view system with SyncToAsync to allow it to run inside the (asynchronous)\nASGI server.\n\nNote that exactly what threads things run in is very specific, and aimed to\nkeep maximum compatibility with old synchronous code. See\n\"Synchronous code & Threads\" below for a full explanation. By default,\n``sync_to_async`` will run all synchronous code in the program in the same\nthread for safety reasons; you can disable this for more performance with\n``@sync_to_async(thread_sensitive=False)``, but make sure that your code does\nnot rely on anything bound to threads (like database connections) when you do.\n\n\nThreadlocal replacement\n-----------------------\n\nThis is a drop-in replacement for ``threading.local`` that works with both\nthreads and asyncio Tasks. Even better, it will proxy values through from a\ntask-local context to a thread-local context when you use ``sync_to_async``\nto run things in a threadpool, and vice-versa for ``async_to_sync``.\n\nIf you instead want true thread- and task-safety, you can set\n``thread_critical`` on the Local object to ensure this instead.\n\n\nServer base classes\n-------------------\n\nIncludes a ``StatelessServer`` class which provides all the hard work of\nwriting a stateless server (as in, does not handle direct incoming sockets\nbut instead consumes external streams or sockets to work out what is happening).\n\nAn example of such a server would be a chatbot server that connects out to\na central chat server and provides a \"connection scope\" per user chatting to\nit. There's only one actual connection, but the server has to separate things\ninto several scopes for easier writing of the code.\n\nYou can see an example of this being used in `frequensgi <https://github.com/andrewgodwin/frequensgi>`_.\n\n\nWSGI-to-ASGI adapter\n--------------------\n\nAllows you to wrap a WSGI application so it appears as a valid ASGI application.\n\nSimply wrap it around your WSGI application like so::\n\n    asgi_application = WsgiToAsgi(wsgi_application)\n\nThe WSGI application will be run in a synchronous threadpool, and the wrapped\nASGI application will be one that accepts ``http`` class messages.\n\nPlease note that not all extended features of WSGI may be supported (such as\nfile handles for incoming POST bodies).\n\n\nDependencies\n------------\n\n``asgiref`` requires Python 3.5 or higher.\n\n\nContributing\n------------\n\nPlease refer to the\n`main Channels contributing docs <https://github.com/django/channels/blob/master/CONTRIBUTING.rst>`_.\n\n\nTesting\n'''''''\n\nTo run tests, make sure you have installed the ``tests`` extra with the package::\n\n    cd asgiref/\n    pip install -e .[tests]\n    pytest\n\n\nBuilding the documentation\n''''''''''''''''''''''''''\n\nThe documentation uses `Sphinx <http://www.sphinx-doc.org>`_::\n\n    cd asgiref/docs/\n    pip install sphinx\n\nTo build the docs, you can use the default tools::\n\n    sphinx-build -b html . _build/html  # or `make html`, if you've got make set up\n    cd _build/html\n    python -m http.server\n\n...or you can use ``sphinx-autobuild`` to run a server and rebuild/reload\nyour documentation changes automatically::\n\n    pip install sphinx-autobuild\n    sphinx-autobuild . _build/html\n\n\nImplementation Details\n----------------------\n\nSynchronous code & threads\n''''''''''''''''''''''''''\n\nThe ``asgiref.sync`` module provides two wrappers that let you go between\nasynchronous and synchronous code at will, while taking care of the rough edges\nfor you.\n\nUnfortunately, the rough edges are numerous, and the code has to work especially\nhard to keep things in the same thread as much as possible. Notably, the\nrestrictions we are working with are:\n\n* All synchronous code called through ``SyncToAsync`` and marked with\n  ``thread_sensitive`` should run in the same thread as each other (and if the\n  outer layer of the program is synchronous, the main thread)\n\n* If a thread already has a running async loop, ``AsyncToSync`` can't run things\n  on that loop if it's blocked on synchronous code that is above you in the\n  call stack.\n\nThe first compromise you get to might be that ``thread_sensitive`` code should\njust run in the same thread and not spawn in a sub-thread, fulfilling the first\nrestriction, but that immediately runs you into the second restriction.\n\nThe only real solution is to essentially have a variant of ThreadPoolExecutor\nthat executes any ``thread_sensitive`` code on the outermost synchronous\nthread - either the main thread, or a single spawned subthread.\n\nThis means you now have two basic states:\n\n* If the outermost layer of your program is synchronous, then all async code\n  run through ``AsyncToSync`` will run in a per-call event loop in arbitary\n  sub-threads, while all ``thread_sensitive`` code will run in the main thread.\n\n* If the outermost layer of your program is asynchronous, then all async code\n  runs on the main thread's event loop, and all ``thread_sensitive`` synchronous\n  code will run in a single shared sub-thread.\n\nCruicially, this means that in both cases there is a thread which is a shared\nresource that all ``thread_sensitive`` code must run on, and there is a chance\nthat this thread is currently blocked on its own ``AsyncToSync`` call. Thus,\n``AsyncToSync`` needs to act as an executor for thread code while it's blocking.\n\nThe ``CurrentThreadExecutor`` class provides this functionality; rather than\nsimply waiting on a Future, you can call its ``run_until_future`` method and\nit will run submitted code until that Future is done. This means that code\ninside the call can then run code on your thread.\n\n\nMaintenance and Security\n------------------------\n\nTo report security issues, please contact security@djangoproject.com. For GPG\nsignatures and more security process information, see\nhttps://docs.djangoproject.com/en/dev/internals/security/.\n\nTo report bugs or request new features, please open a new GitHub issue.\n\nThis repository is part of the Channels project. For the shepherd and maintenance team, please see the\n`main Channels readme <https://github.com/django/channels/blob/master/README.rst>`_.",
       "evidence": {
@@ -105,7 +105,7 @@
         },
         {
           "name": "aboutcode:package_uid",
-          "value": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+          "value": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
         },
         {
           "name": "aboutcode:primary_language",
@@ -120,23 +120,23 @@
   "dependencies": [
     {
       "dependsOn": [
-        "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a",
-        "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01"
+        "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb",
+        "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
       ],
-      "ref": "2f5f5927-2cad-4ecb-9043-fda5337bd501"
+      "ref": "24c1b665-7fb2-4e0c-8785-cba72fb35df0"
     },
     {
-      "ref": "pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+      "ref": "pkg:pypi/asgiref@3.3.0?uuid=88392e1d-11f6-4190-9769-d4f287d98bfb"
     },
     {
-      "ref": "pkg:pypi/asgiref@3.3.0?uuid=8203628e-74ff-42c0-b96d-cdd2c56a0f01"
+      "ref": "pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
     }
   ],
   "vulnerabilities": [
     {
       "affects": [
         {
-          "ref": "urn:cdx:pkg:pypi/asgiref@3.3.0?uuid=6dc8a3e1-c9d2-41a0-aa6c-99999115001a"
+          "ref": "urn:cdx:pkg:pypi/asgiref@3.3.0?uuid=b74aab25-38e6-4fad-bf99-0946f5548cc9"
         }
       ],
       "bom-ref": "BomRef",
diff --git a/scanpipe/tests/data/scancode/package_assembly_codebase.json b/scanpipe/tests/data/scancode/package_assembly_codebase.json
index 496456958..35217e34a 100644
--- a/scanpipe/tests/data/scancode/package_assembly_codebase.json
+++ b/scanpipe/tests/data/scancode/package_assembly_codebase.json
@@ -2,16 +2,16 @@
   "headers": [
     {
       "tool_name": "scancode-toolkit",
-      "tool_version": "32.2.0",
+      "tool_version": "v34.8.2-2-gdde1fc5b",
       "options": {
         "--info": true,
         "--package": true
       },
       "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.",
-      "start_timestamp": "2024-06-27T143719.216423",
-      "end_timestamp": "2024-06-27T143719.360348",
-      "output_format_version": "3.2.0",
-      "duration": 0.1439366340637207,
+      "start_timestamp": "2024-10-30T103759.040160",
+      "end_timestamp": "2024-10-30T103759.204940",
+      "output_format_version": "4.0.0",
+      "duration": 0.1647934913635254,
       "message": null,
       "errors": [],
       "warnings": [],
@@ -19,11 +19,11 @@
         "system_environment": {
           "operating_system": "linux",
           "cpu_architecture": "64",
-          "platform": "Linux-5.15.0-112-generic-x86_64-with-glibc2.35",
-          "platform_version": "#122-Ubuntu SMP Thu May 23 07:48:21 UTC 2024",
-          "python_version": "3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0]"
+          "platform": "Linux-5.15.0-124-generic-x86_64-with-glibc2.35",
+          "platform_version": "#134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024",
+          "python_version": "3.10.12 (main, Sep 11 2024, 15:47:36) [GCC 11.4.0]"
         },
-        "spdx_license_list_version": "3.24",
+        "spdx_license_list_version": "3.25",
         "files_count": 3
       }
     }
@@ -91,7 +91,7 @@
       "repository_homepage_url": "https://www.npmjs.com/package/test",
       "repository_download_url": "https://registry.npmjs.org/test/-/test-0.1.0.tgz",
       "api_data_url": "https://registry.npmjs.org/test/0.1.0",
-      "package_uid": "pkg:npm/test@0.1.0?uuid=c92f1e83-0543-4669-9482-56a54db489e8",
+      "package_uid": "pkg:npm/test@0.1.0?uuid=ac80a119-4b74-40cd-93e4-679195145723",
       "datafile_paths": [
         "package_assembly_codebase.tar.gz-extract/test/get_package_resources/package.json"
       ],
@@ -274,7 +274,7 @@
         }
       ],
       "for_packages": [
-        "pkg:npm/test@0.1.0?uuid=c92f1e83-0543-4669-9482-56a54db489e8"
+        "pkg:npm/test@0.1.0?uuid=ac80a119-4b74-40cd-93e4-679195145723"
       ],
       "files_count": 0,
       "dirs_count": 0,
@@ -303,7 +303,7 @@
       "is_script": false,
       "package_data": [],
       "for_packages": [
-        "pkg:npm/test@0.1.0?uuid=c92f1e83-0543-4669-9482-56a54db489e8"
+        "pkg:npm/test@0.1.0?uuid=ac80a119-4b74-40cd-93e4-679195145723"
       ],
       "files_count": 0,
       "dirs_count": 0,
diff --git a/scanpipe/tests/pipes/test_output.py b/scanpipe/tests/pipes/test_output.py
index 388a5585e..ca1c0b5b8 100644
--- a/scanpipe/tests/pipes/test_output.py
+++ b/scanpipe/tests/pipes/test_output.py
@@ -243,7 +243,7 @@ def test_scanpipe_pipes_outputs_to_cyclonedx(self, regen=FIXTURES_REGEN):
 
         project = Project.objects.get(name="asgiref")
         package = project.discoveredpackages.get(
-            uuid="d10827fc-bcd1-4c10-ad6c-972dd4defa9c"
+            uuid="b5035991-5b4b-40be-b68b-1c9c528078cd"
         )
 
         package.other_license_expression_spdx = "Apache-2.0 AND LicenseRef-test"