1. Proposed title of this feature request
   2. What is the nature and description of the request?
   3. Why does the customer need this? (List the business requirements here)
   4. List any affected packages or components.

1. Clarification on vuln scanning support for JavaScript

2. Update documentation for clarity.

3. Customers are confused about what, exactly, is supported from a "JavaScript" vulnerability scanning perspective. The docs page https://docs.openshift.com/acs/4.0/operating/examine-images-for-vulnerabilities.html lists "package.json" for "JavaScript" but this is a bit incomplete.

As far as I understand, ACS Scanning can identify modules for NPM (Node Package Manager) for server-side Node.js JavaScript. It cannot identify components in other JavaScript modules like front-end frameworks like React.

The phrase "Node.js" isn't listed anywhere that I have found.