Fixed composition model

Signed-off-by: Steve Springett <[email protected]>

Author: stevespringett

schema/2.0/model/cyclonedx-composition-2.0.schema.json

@@ -6,6 +6,13 @@
   "$comment" : "OWASP CycloneDX is an Ecma International standard (ECMA-424) developed in collaboration between the OWASP Foundation and Ecma Technical Committee 54 (TC54). The standard is published under a royalty-free patent policy. This JSON schema is the reference implementation and is licensed under the Apache License 2.0.",
   "$defs": {
     "compositions": {
+      "type": "array",
+      "items": {"$ref": "#/$defs/composition"},
+      "uniqueItems": true,
+      "title": "Compositions",
+      "description": "Compositions describe constituent parts (including components, services, and dependency relationships) and their completeness. The completeness of vulnerabilities expressed in a BOM may also be described."
+    },
+    "composition": {
       "type": "object",
       "title": "Compositions",
       "required": [