Reference: Glossary

ADPThe Advanced Development Pack (ADP) is an add-on feature to Nexus Lifecycle that provides development teams an automated, policy-based dependency management solution.
ALPThe Advanced Legal Pack (ALP) is an add-on to Nexus Lifecycle that helps legal teams streamline open-source software (OSS) license compliance, mitigate license risk, and expedite feedback with development teams.
A-nameAuthoritative Name matching. A-name only scans files included in the application. As a result, dependency files not in the final application are omitted from the scan. By identifying the exact files in an application the scan reduces the number of false-positive results.
Archive FileFrom Wikipedia: An archive file is a file that is composed of one or more computer files along with metadata. Archive files are used to collect multiple data files together into a single file for easier portability and storage, or simply to compress files to use less storage space. Archive files often store directory structures, error detection and correction information, arbitrary comments, and sometimes use built-in encryption.
Archive FormatFrom Wikipedia: An archive format is the file format of an archive file. Some formats are well-defined by their authors and have become conventions supported by multiple vendors and communities.
ArtifactFrom Maven: An artifact is something that is either produced or used by a project. Examples of artifacts produced by Maven for a project include JARs, source and binary distributions, WARs. Each artifact is uniquely identified by a group id and an artifact ID which is unique within a group.
Application Composition Report(Also commonly referred to as "scan report" and "build report.") A point-in-time report representing risk associated with component usage for a specific application. The report includes information on how the application complies with the policies your team, or business, has established.
AssetAssets are the material addition to component metadata. These files provide basic information about components.
Central RepositoryFrom The Central Repository is the default repository for Apache Maven, SBT, and other build systems and can be easily used from Apache Ant/Ivy, Gradle, and many other tools.
CIPComponent Information Panel. <More here please>
ComponentOn the Nexus Platform, the term component describes items like a package, library, binary, container, or any other resource used as part of your software application. In different tool-chains, components are called artifact, package, bundle, archive, and so on.
Continuous Delivery (CD)
Continuous delivery is an extension of continuous integration. It focuses on automating the software delivery process so that teams can easily and confidently deploy their code to production at any time. For more information, please see An Introduction to Continuous Integration, Delivery, and Deployment from DigitalOcean.
Continuous Integration (CI)
Continuous integration is a practice that encourages developers to integrate their code into the main branch of a shared repository early and often. For more information, please see An Introduction to Continuous Integration, Delivery, and Deployment from DigitalOcean.
DevOpsThe basis of DevOps is to unify software development (Dev) and software operation (Ops). The main characteristic of the DevOps movement is to strongly advocate automation and monitoring at all steps of software development, from integration, testing, and releasing to deployment and infrastructure management. For more information, please see What is DevOps from AWS.
Direct Dependency
File FormatFrom Wikipedia: A file format is a standard way that information is encoded for storage in a computer file. It specifies how bits are used to encode information in a digital storage medium. File formats may be either proprietary or free and may be either unpublished or open.
FirewallThe Nexus Firewall is a tool that prevents bad components from entering your software supply chain through a Repository Manager. The term firewall usually refers to a network firewall that inspects and blocks network traffic based on a set of rules. The Nexus Firewall applies this concept to repository management. 
Group RepositoryA repository that allows you to combine multiple repositories and other repository groups in a single repository. This in turn means that your users can rely on a single URL for their configuration needs, while the administrators can add more repositories and therefore components to the repository group.
Hosted RepositoryA repository that stores components in the repository manager as the authoritative location for these components.
IaCInfrastructure as Code. Infrastructure as Code is a means of expressing cloud infrastructure using code, which can be run against cloud provider APIs to create, configure, and modify cloud infrastructure. IaC is used in place of the cloud provider console.
InnersourceInnersource, a term discovered and coined in 2000, defines the use of open source development best practices and the establishment of an open source-like culture within organizations. Many organizations still develop proprietary code while adopting the Innersource methodology of using open source components in development.
InnerSource ComponentAn InnerSource component, a term our product teams have adopted and use when speaking to customers, is an internally built and shared component within an organization that includes both proprietary and open-source code. These ‘InnerSource components’ are the result of companies using open source software and adopting best practices of Innersource.
ManifestManifest scans use the project’s build file to identify dependencies and policy violations. They rely on coordinate-based matching to determine which components the project uses. Since manifest scans don’t need the actual files to scan an application, this is an effective way to scan applications when dependency files are unavailable.
MavenFrom Apache Maven: A software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting, and documentation from a central piece of information.
MTTRMean Time to Resolution. The average time it takes to fully resolve a failure.
npmFrom npm is the package manager for JavaScript. npm makes it easy for JavaScript developers to reuse code other developers have shared.
NuGetFrom Microsoft Docs: For .NET, the mechanism for sharing code is NuGet, which defines how packages for .NET are created, hosted, and consumed, and provides the tools for each of those roles.
Open SourceThe term "open source" refers to something people can modify and share because its design is publicly accessible. Open-source software is software with source code that anyone can inspect, modify, and enhance. See for more information.
Package Format

A type of archive file that consists of programs and accompanying metadata needed by package managers like npm and YUM, or build tools like Maven, to consume that content. 

Package ManagerFrom Wikipedia: A package manager or package management system is a collection of software tools that automates the process of installing, upgrading, configuring, and removing computer programs for a computer's operating system in a consistent manner.
pom file
Proxy RepositoryA repository that is linked to a remote repository. Any request for a component is verified against the local content of the proxy repository. If no local component is found, the request is forwarded to the remote repository. The component is then retrieved and stored locally in the repository manager, which acts as a cache. Subsequent requests for the same component are then fulfilled from the local storage, therefore eliminating the network bandwidth and time overhead of retrieving the component from the remote repository again.
RepositoryFrom Wikipedia, a storage location where components such as packages, libraries, binaries, or containers are retrieved and installed.
Repository ManagerA dedicated server application used to manage all the repositories your development teams utilize throughout the course of development.
Root OrganizationIn IQ Server, the Root Organization is at the top of the system hierarchy that allows you to set policy globally across all organizations and applications.
Provisioning ToolFrom Quora: Provisioning tools are used to install and manage large quantities of computers. When clustering computers, it is generally desirable to keep the hardware and software as homogenous as possible. This helps to ensure that performance is consistent and that the individual nodes will play nicely with each other. Provisioning tools make managing the software side of clusters easier.
SBOMSoftware Bill of Materials. Produced from the Application Composition Report, this is an inventory of all of the open-source components in your application.

Software Development Life Cycle (SDLC)

The SDLC is composed of a number of defined and distinct work phases used by systems engineers and developers to plan, design, build, test, and deliver software. For more information, please see SDLC - Overview from Tutorials Point.
Source ControlA version control system designed to track changes in source code and other text files during the development of a piece of software. For more information, please see Git's About Version Control.
Transitive Dependency