Make it possible to trust some modules There are cases where it makes sense to trust some modules. For example, a company using a frequent release pace may want to trust their company artifacts (changing often so painful to update the configuration) more than the external dependencies.
This gives the opportunity to tell what are the trusted modules. The configuration requires at least a group name, but modules can be trusted on the whole (group, name, version, file name) tuple.
It is also possible to use regular expressions, for example one could use: