The "findlib" software provides a scheme to manage reusable software components in the form of libraries, and includes tools that support this scheme. A library installed as a findlib component is also called a package. The point is that the findlib scheme allows it to store metainformation about the library, especially how it can be used in programs. The packages are kept in the filesystem hierarchy, but the directory structure is defined by findlib, and there is no way to deviate from this standard. The library contains functions to look the directory up that stores a package, to query metainformation about a package, and to retrieve dependency information about multiple packages. There is also a tool that allows the user to enter queries on the command-line. In order to simplify compilation and linkage, there are new frontends of the various OCaml compilers that can directly deal with packages.
Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.
The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.
Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.
Problem reports, updates or suggestions for this package should be reported with send-pr.