Ed
It's intentional, see
https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-045-2018.txt
After noticing this I noticed that one of my less trusted templates was being used as the template for default-mgmt-dvm. In this less trusted template I had browser add-ons, libre office, print drivers in addition to other less trusted software.
I changed the template to one I trust more...
I found another article after a search: https://www.qubes-os.org/doc/salt/
I haven't used salt for any configurations (I believe when I installed whonix-14 it was prior to "default-mgmt-dvm" being visible), however I have done numerous updates on my templates and Dom0.
What are the implications? What mistakes did I make?
Thank you to any one with insight they are willing to share...
All good...thanks!
Happy new year Qubes and to those that make this OS happen...really appreciate it!