How.Depex.Works.mp4
-
Docker to deploy the tool.
-
Git Large Files Storage (git-lfs) for cloning correctly the seeds of the repository.
Create a .env from template.env file.
-
How to get a GitHub API key.
-
Modify the Json Web Token (JWT) secret key with your own. You can generate your own with the command node -e "console.log(require('crypto').randomBytes(32).toString('hex'))".
Create the graphs folder inside the seeds folder in the root of the project, download the graphs seed from this link, and insert it into the graphs folder.
Run command 'docker compose up --build'. The vulnerability database will be loaded with the data automatically extracted from the NVD up to the date of the release being downloaded. And it will automatically update to the present time before deploying the backend. If you want to avoid the update and the time it takes, you can comment out the lifespan function in the /backend/app/main.py file.
Enter here for the frontend Web API.
-
It is recommended to use a GUI such as MongoDB Compass to see what information is being indexed in vulnerability database.
-
You can see the graph built here, using the Neo4J browser interface.
Define these variables in an .env file that can be referenced by docker-compose.yml. Example .env file:
HTTP_PROXY=http://proxy.example.com:port
HTTPS_PROXY=https://proxy.example.com:port
NO_PROXY=localhost,127.0.0.1
Add the proxy configuration defined in the .env file, for example to the following docker-compose.yml file:
services:
app:
image: your-app-image
build: .
env_file:
- .env
ports:
- "8080:80"