Graph Model

Neo4j data model and relationships

Overview

Polaris uses Neo4j, a graph database, to model the relationships between technologies, systems, teams, and version constraints. This enables powerful queries about technology usage and compliance.

Graph Visualization

Core Nodes

Technology

Approved technologies with versions and metadata

System

Deployable applications and services

Component

SBOM entries (libraries, packages)

Team

Organizational teams

VersionConstraint

Version range constraints for technologies

License

Software licenses

Version

Specific versions of technologies

Repository

Source code repositories

AuditLog

Change tracking entries

Key Relationships

Team stewards TechnologySTEWARDED_BY

Technical governance responsibility

Team owns SystemOWNS

Operational ownership

Team uses TechnologyUSES

Actual technology usage by a team

Team approves Technology or VersionAPPROVES

TIME framework approval

Team maintains RepositoryMAINTAINS

Repository maintenance responsibility

Technology has VersionHAS_VERSION

Version tracking per technology

Component is version of TechnologyIS_VERSION_OF

Component to technology mapping

System uses ComponentUSES

System dependency on a component. Carries scope (runtime, required, dev, optional, excluded, or null) and isDirect (true for root-level deps, false for transitive). Scope and isDirect are computed by BFS propagation at ingest time.

System has source in RepositoryHAS_SOURCE_IN

Source code location

VersionConstraint governs TechnologyGOVERNS

Constraint scope

AuditLog performed by UserPERFORMED_BY

Who made the change

AuditLog audits EntityAUDITS

What was changed

Query Examples

Find all systems using a deprecated technology

List teams affected by a license rule change

Trace component dependencies across systems

Identify compliance violations

Track all changes made by a specific user

Find all direct runtime dependencies of a system

Find all systems that use a component at runtime vs. dev-only