The Front-End is a Single Page Application (SPA) used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
The project is built with:
- Vue.js
- Bootstrap Vue
- CoreUI
Always use the Front-End version that is compatible with the Dependency-Track API Server in use.
Dependency-Track API Server | Front-End |
---|---|
v4.2 | v4.2 |
v4.1 | v1.2 |
v4.0 | v1.1 |
v3.8 | v1.0 |
v1.0 - v3.7.1 | Not supported |
Starting with Dependency-Track v4.2, the API Server and the Frontend now have the same major and minor (semantic) version. Patch versions however, may continue to be unique.
Pre-compiled distributions are available in two variants:
The Docker container provides the fastest, most consistent deployment option and is recommended. The Docker container includes NGINX and a pre-deployed Front-End release.
# Install dependencies
npm install
# Serve with hot reload at localhost:8080
npm run serve
# Build for production with minification
npm run build
# Run linter
npm run lint
# Generates a CycloneDX software bill-of-materials
npm run bom
In order to test with a Dependency-Track instance, the .env.development
file needs to be modified and the VUE_APP_SERVER_URL
property updated to
reflect the base URL of a Dependency-Track server.
The front-end is deployed to a general purpose web server (e.g. NGINX or Apache). To configure the front-end for this scenario, simply change the value of API_BASE_URL in static/config.json.
{
"API_BASE_URL": "https://drack-server.example.com"
}
This project supports internationalization. Currently, only English language is supported. Pull requests to support additional languages are encouraged.
Note to developers: Textual labels are defined in src/i18n/locales/{lang}.json
. Ensure that all labels are defined here and that components use i18n, not textual labels directly.
Dependency-Track is Copyright (c) OWASP Foundation. All Rights Reserved.
Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.