{"id":20513470,"url":"https://github.com/defectdojo/ui2-incubating","last_synced_at":"2025-04-13T23:53:16.596Z","repository":{"id":45033352,"uuid":"375070730","full_name":"DefectDojo/ui2-incubating","owner":"DefectDojo","description":null,"archived":false,"fork":false,"pushed_at":"2022-01-13T08:30:03.000Z","size":1208,"stargazers_count":0,"open_issues_count":0,"forks_count":4,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-04-12T07:29:35.109Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DefectDojo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-06-08T16:10:14.000Z","updated_at":"2022-01-13T08:30:07.000Z","dependencies_parsed_at":"2022-09-10T18:41:25.072Z","dependency_job_id":null,"html_url":"https://github.com/DefectDojo/ui2-incubating","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fui2-incubating","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fui2-incubating/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fui2-incubating/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fui2-incubating/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DefectDojo","download_url":"https://codeload.github.com/DefectDojo/ui2-incubating/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248799899,"owners_count":21163401,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-15T21:11:15.997Z","updated_at":"2025-04-13T23:53:16.573Z","avatar_url":"https://github.com/DefectDojo.png","language":"JavaScript","readme":"# Defect Dojo UI V2 - GSOC 2021\n\nThis Repository contains all the work done by [Me(Aniket Bhat)](https://github.com/AniketBhat) during the GSOC 2021 period. \n\n[Defect Dojo](https://www.defectdojo.org/) is a open source vulnerability management and automation software. A [demo](https://demo.defectdojo.org/login?next=/) can be found here to tinker with the current implementation. \n\n## Abstract\nDefect Dojo is a widely used software for management and analysis of workflows and automation. It was initially developed to be server side rendered with the Django stack. This approach although a more tranditional approach can cause a problem while dealing with lower bandwidth's and just the turn around time of a single request. Every click would ensure the whole page is rendered again. The main aim of this project was to deliver a modern UI with the architecture of the front\n\n## Project Requirements\n\nWe used an agile methodology to keep track of requirements and development time using [JIRA](https://defectdojo.atlassian.net/jira/software/projects/UIV2/boards/9) software.\n\n1. Build a packageable open source standard frontend application in React\n2. Dockerise the React Application \n3. Implement Basic Authentication Flow using the Django API v2.\n4. Code and Deliver Core Functionality Screens (Product, Engagement, Finding) \n\n## Work Done\n1. This repository holds all the code that was done during GSOC 2021 and will be forked moving further.\n2. 16 screens were broken down into 4 base reusable components. \n\n| Component Name \t| Screen Name \t| Number of Screens \t|\n|-------------------------\t|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------\t|-------------------\t|\n| BaseTableComponent \t| Product -\u003e Product List \u003cbr /\u003eProduct -\u003e Product Type \u003c/br\u003e Engagement -\u003e Active Engagement \u003cbr/\u003eEngagement -\u003e All Engagements \t| 4 \t|\n| ModalComponent \t| Products -\u003e Add/Edit Product \u003cbr/\u003eProducts -\u003e Add/Edit Product Type \u003cbr/\u003eEngagements -\u003e Add/Edit Engagement \u003cbr/\u003eEngagements -\u003e Add/Edit Test Type \u003cbr/\u003e Engagements -\u003e Add/Edit environments \t| 5 \t|\n| TabListComponent \t| Engagements -\u003e Test Types \u003cbr/\u003e Engagements -\u003e Environments \t| 2 \t|\n| SelectionTableComponent \t| Findings -\u003e Open Findings \u003cbr/\u003e Findings -\u003e All Findings \u003cbr/\u003eFindings -\u003e Closed Findings \u003cbr/\u003eFindings -\u003e Risk Accepted Findings\u003cbr/\u003e Endpoints -\u003e All EndPoints \t| 5 \t|\n\n 3. The components were coded and used across each of these screens\n 4. Basic Authentication was used to navigate all the protected routes.\n\nBelow is the working demo of the completed work.\n\n\nhttps://user-images.githubusercontent.com/64396289/130352547-299c6678-99f8-4a6f-a3c8-a179694ba83e.mov\n\n\n\n## Lessons/Learnings\nIt was a fun experience coding a summer project and there were many blockers and learnings along the way. Mainly:\n1. CORS tokens and Man in the middle attack precaution.\n1. React State Management\n1. React Routing for Security\n2. Building an Overlay React Modal which taught me about navigation state management.\n3. REST principles.\n4. Agile Methodologies\n5. Frontend And Backend Architecture Practices.\n6. Learning to set up Github Actions.\n7. Learning about docker and deployment technologies.\n# Setup for local development\nSpinning up the local ReactJS environment on port 3000 and a local DefectDojo backend will create CORS conflicts and the react application will start on 3001.\nk## Assumptions\n- Your local react app runs on port 3001.\n- You have a local DefectDojo instance running at localhost port 8080.\n\n### Browser extension\nFor development purposes only, you can install a browser extension such as [this one](https://chrome.google.com/webstore/detail/moesif-origin-cors-change/digfbfaphojjndkpccljibejjbppifbc).\n\n### Rebuild the DefectDojo docker images with some CORS packages and config\nAppend the following line to the bottom of your `requirements.txt` file:\n\n```\ndjango-cors-headers==3.7.0\n```\n\nCreate (from the template) or modify your `dojo/settings/local_settings.py` file with:\n\n```\nINSTALLED_APPS += (\n 'corsheaders'\n)\n```\n\nand your middleware section, such as:\n\n```\nMIDDLEWARE = [\n 'corsheaders.middleware.CorsMiddleware',\n]\n```\n\nAdd the following environment variable (change the origin per your url, such as local hostname for example)\n```\nCORS_ALLOWED_ORIGINS = [\n \"http://localhost:3000\"\n]\n```\n\nAlternatively, you can consider using `CORS_ALLOW_ALL_ORIGINS = True`.\n\nThen, rebuild your local images: `docker-compose build` and relaunch: `docker-compose stop` and `docker-compose up -d`.\n\n## Available Scripts\n\nIn the project directory, you can run:\n\n### `yarn install`\n\n### `yarn start`\n\nRuns the app in the development mode.\\\nOpen [http://localhost:3000](http://localhost:3000) to view it in the browser.\n\nThe page will reload if you make edits.\\\nYou will also see any lint errors in the console.\n\n### `yarn test`\n\nLaunches the test runner in the interactive watch mode.\\\nSee the section about [running tests](https://facebook.github.io/create-react-app/docs/running-tests) for more information.\n\n### `yarn build`\n\nBuilds the app for production to the `build` folder.\\\nIt correctly bundles React in production mode and optimizes the build for the best performance.\n\nThe build is minified and the filenames include the hashes.\\\nYour app is ready to be deployed!\n\nSee the section about [deployment](https://facebook.github.io/create-react-app/docs/deployment) for more information.\n\n### `yarn eject`\n\n**Note: this is a one-way operation. Once you `eject`, you can’t go back!**\n\nIf you aren’t satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project.\n\nInstead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you’re on your own.\n\nYou don’t have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn’t feel obligated to use this feature. However we understand that this tool wouldn’t be useful if you couldn’t customize it when you are ready for it.\n## Contributors \n\n* Aniket Bhat\n* Fred (mentor)\n* Damien (mentor)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdefectdojo%2Fui2-incubating","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdefectdojo%2Fui2-incubating","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdefectdojo%2Fui2-incubating/lists"}