/frontend

Frontend UI for Dependency-Track

Primary LanguageVueApache License 2.0Apache-2.0

Build Status Codacy Badge License Latest (including pre-releases)

Dependency-Track Front-End

The Front-End is a Single Page Application (SPA) used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

The project is built with:

  • Vue.js
  • Bootstrap Vue
  • CoreUI

alt text

Compatibility Matrix

Always use the Front-End version that is compatible with the Dependency-Track API Server in use.

Dependency-Track API Server Front-End
v4.2 v4.2
v4.1 v1.2
v4.0 v1.1
v3.8 v1.0
v1.0 - v3.7.1 Not supported

Starting with Dependency-Track v4.2, the API Server and the Frontend now have the same major and minor (semantic) version. Patch versions however, may continue to be unique.

Binary Distributions

Pre-compiled distributions are available in two variants:

The Docker container provides the fastest, most consistent deployment option and is recommended. The Docker container includes NGINX and a pre-deployed Front-End release.

Build Setup

# Install dependencies
npm install

# Serve with hot reload at localhost:8080
npm run serve

# Build for production with minification
npm run build

# Run linter
npm run lint

# Generates a CycloneDX software bill-of-materials
npm run bom

Development Setup

In order to test with a Dependency-Track instance, the .env.development file needs to be modified and the VUE_APP_SERVER_URL property updated to reflect the base URL of a Dependency-Track server.

Deployment

Deployment Options

The front-end is deployed to a general purpose web server (e.g. NGINX or Apache). To configure the front-end for this scenario, simply change the value of API_BASE_URL in static/config.json.

{
  "API_BASE_URL": "https://drack-server.example.com"
}

Internationalization (i18n)

This project supports internationalization. Currently, only English language is supported. Pull requests to support additional languages are encouraged.

Note to developers: Textual labels are defined in src/i18n/locales/{lang}.json. Ensure that all labels are defined here and that components use i18n, not textual labels directly.

Copyright & License

Dependency-Track is Copyright (c) Steve Springett. All Rights Reserved.

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.