diff --git a/scanpipe/pipes/resolve.py b/scanpipe/pipes/resolve.py
index 0a409dd88c..ec66c4cd14 100644
--- a/scanpipe/pipes/resolve.py
+++ b/scanpipe/pipes/resolve.py
@@ -366,6 +366,10 @@ def spdx_relationship_to_dependency_data(spdx_relationship):
         for_package_uid = spdx_relationship.spdx_id
         resolve_to_package_uid = spdx_relationship.related_spdx_id
 
+    # SPDXRef-DOCUMENT represents the project; treat as project-level dependency
+    if for_package_uid == "SPDXRef-DOCUMENT":
+        for_package_uid = None
+
     dependency_data = {
         "for_package_uid": for_package_uid,
         "resolve_to_package_uid": resolve_to_package_uid,
diff --git a/scanpipe/tests/pipes/test_resolve.py b/scanpipe/tests/pipes/test_resolve.py
index 2c7aa33bcb..e4a78afa9d 100644
--- a/scanpipe/tests/pipes/test_resolve.py
+++ b/scanpipe/tests/pipes/test_resolve.py
@@ -376,3 +376,22 @@ def test_scanpipe_resolve_get_manifest_headers(self):
         ]
         headers = resolve.get_manifest_headers(resource)
         self.assertEqual(expected, list(headers.keys()))
+
+    def test_spdx_document_root_becomes_project_dependency(self):
+        spdx_relationship_data = {
+            "spdxElementId": "SPDXRef-DOCUMENT",
+            "relatedSpdxElement": "SPDXRef-packageA",
+            "relationshipType": "DEPENDS_ON",
+        }
+
+        spdx_relationship = spdx.Relationship.from_data(spdx_relationship_data)
+
+        dependency_data = resolve.spdx_relationship_to_dependency_data(
+            spdx_relationship
+        )
+
+        self.assertIsNone(dependency_data["for_package_uid"])
+        self.assertEqual(
+            "SPDXRef-packageA",
+            dependency_data["resolve_to_package_uid"],
+        )