Within dependency-management-data, there are certain names we give different concepts.
You can find their brief description below, and there is more information available on their linked pages.
- Advisory: A way to flag the usage of a given package as potentially risky, or at least requiring review.
- Datasource: A source of data that can be queried by dependency-management-data.
- Policy: A way to flag organisational restrictions around the use of certain software.
- Report: A pre-configured query to flag specific package data.
- Sensitive Package: A way to mark a package as 'sensitive', such that the package's details should not be processed through any external systems.