Open
Description
Some Packages have changed their namespace over time. One example is pkg:maven/log4j/[email protected], where (if I understand the progression) the 2.x versions have a different namespace, e.g., pkg:maven/org.apache.logging.log4j/[email protected]. (I think this GitHub repo is related to this relationship.)
It would be useful to create a mapping for these Packages, perhaps in the Package class, so that a query for the fixed versions of a potentially affected Package will return all relevant namespaces for that Package.