Skip to content

Jofo0/DepVis2

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

297 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DepVis v2

Quick Start

Using Deployed App

You access can this application on web without local deaployment. It is currently deployed on http://147.251.115.226:8080/.

There are some projects already created, which makes it easy to look trough the features.

Local Quick Start

To run this locally you can copy-paste the commands below to start up the solution in Docker:

git clone https://github.com/Jofo0/DepVis2.git
cd DepVis2
cp '.env example' .env
docker compose --profile app up -d --build

Then open http://localhost:8080/.

First project

To test the features, using https://github.com/Jofo0/DepVis2 as a first project is a good start.

Description

DepVis v2 is a tool for visualizing and analyzing open-source dependencies and vulnerabilities using a Git repository URL as input.

It leverages Trivy to scan repositories, supporting a wide range of ecosystems (see supported languages: https://trivy.dev/docs/latest/guide/coverage/language/#supported-languages).

This tool was developed as part of the Master's thesis
"DepVis v2: A Graph-Based Visualization Tool for Software Dependencies"
by Jozef Gajdoš at FI MUNI.

Features

  • Graph-based visualization of dependencies
  • Detailed list of dependencies
  • Vulnerability detection with detailed insights
  • Full branch history scanning
  • Comparison of branches and tags

Running The App

Pre-requisites

  1. Docker Installed Locally
  2. Fill out the .env file. There is an example .env file that you can use as a template.

Build the application

  1. To build this app you need to run docker compose --profile app up -d --build in this folder.
  2. If you want to deploy only the infrastructure run docker compose up only.
  3. You can then access the application at this url.

Updating the app

  1. To update the application run sh update-app.sh
  2. This will pull the latest code from the repository, build the docker image and restart the application.

Usage

  1. To use the application, create a new project, enter the link to the Git repository you want to analyze in the input field, select all branches or tags you want analyzed.
  2. After you create the project, the application will start analyzing the repository. This may take some time depending on the size of the repository and the number of dependencies.
  3. Once the analysis is complete, you can view the results in multiple pages containing graph visualization of the dependencies, list of dependencies, list of vulnerabilities and more.

Screenshots

Dashboard Image Packages Image Vulnerabilities Image Graph Image

About

DepVis v2 is a SCA tool for visualization and analysis of open source dependencies and vulnerabilities using a link to the Git repository as the input

Topics

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors