Concepts

Within dependency-management-data, there are certain names we give different concepts.

You can find their brief description below, and there is more information available on their linked pages.

• Advisory: A way to flag the usage of a given package as potentially risky, or at least requiring review.
• Datasource: A source of data that can be queried by dependency-management-data.
• Policy: A way to flag organisational restrictions around the use of certain software.
• Report: A pre-configured query to flag specific package data.
• Sensitive Package: A way to mark a package as 'sensitive', such that the package's details should not be processed through any external systems.