{"id":50695764,"url":"https://github.com/hngprojects/vulnwatch-api","last_synced_at":"2026-06-09T06:08:40.899Z","repository":{"id":357916559,"uuid":"1238241143","full_name":"hngprojects/vulnwatch-api","owner":"hngprojects","description":null,"archived":false,"fork":false,"pushed_at":"2026-06-05T15:10:50.000Z","size":2359,"stargazers_count":1,"open_issues_count":3,"forks_count":1,"subscribers_count":0,"default_branch":"dev","last_synced_at":"2026-06-05T16:13:11.760Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hngprojects.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-14T00:21:34.000Z","updated_at":"2026-06-05T09:04:56.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/hngprojects/vulnwatch-api","commit_stats":null,"previous_names":["hngprojects/vulnwatch-api"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/hngprojects/vulnwatch-api","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hngprojects%2Fvulnwatch-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hngprojects%2Fvulnwatch-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hngprojects%2Fvulnwatch-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hngprojects%2Fvulnwatch-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hngprojects","download_url":"https://codeload.github.com/hngprojects/vulnwatch-api/tar.gz/refs/heads/dev","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hngprojects%2Fvulnwatch-api/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34093841,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-09T02:00:06.510Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-09T06:08:40.138Z","updated_at":"2026-06-09T06:08:40.893Z","avatar_url":"https://github.com/hngprojects.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Vulnwatch\n\nVulnwatch is a scalable, event-driven domain security scanning platform. It allows users to register domains, verify ownership via DNS records, and trigger asynchronous security scans. The core feature of the platform is its ability to not only scan for vulnerabilities but also process the results through an AI translation layer to generate human-readable Remediation Cards.\n\n## 🏗 System Architecture\n\nThe system is built on a distributed microservice architecture to decouple client-facing web traffic from heavy, long-running AI tasks.\n\n- **Frontend (Client Layer):** Split into two separate Next.js repositories (Landing Page \u0026 Dashboard WebApp) to optimize deployment. It communicates exclusively via REST HTTP. Authentication supports both email/password and Google OAuth.\n- **Core API (The Front Door):** A C# .NET API. It handles all frontend traffic, user sessions (JWT), domain management, and Postgres database writes. When a user requests a scan, the C# API creates a pending record and drops a job into the message broker.\n- **Message Broker:** A Redis queue that facilitates lightning-fast internal communication between the microservices.\n- **AI Worker (The Engine):** A headless Java Spring Boot service listening to Redis. It picks up scan jobs, executes the AI translation for the remediation steps, updates the Postgres database, and completes the lifecycle.\n\n## 🚀 Getting Started\n\nFollow these steps to set up the Vulnwatch backend locally.\n\n### Prerequisites\n\n- [Docker \u0026 Docker Compose](https://www.docker.com/get-started)\n- [.NET 8 SDK](https://dotnet.microsoft.com/download)\n- [Java 17 (JDK)](https://adoptium.net/)\n- Maven (for running the Java worker)\n- An IDE (e.g., Rider, IntelliJ, or VS Code)\n\n### Setup Instructions\n\n1. **Clone the repository**\n   ```bash\n   git clone \u003crepository-url\u003e\n   cd vulnwatch-be\n   ```\n\n2. **Spin up Infrastructure**\n   Vulnwatch uses PostgreSQL and Redis. You can start these using Docker Compose:\n   ```bash\n   docker-compose up -d\n   ```\n\n3. **Run the Core API (.NET)**\n   Navigate to the API directory and run the application:\n   ```bash\n   cd api-dotnet/src/Web\n   dotnet run\n   ```\n   The API will be available for handling REST requests and will apply pending EF Core migrations on startup.\n\n4. **Run the AI Worker (Java)**\n   In a new terminal, navigate to the worker directory and run the Spring Boot application:\n   ```bash\n   cd worker-java\n   ./mvnw spring-boot:run\n   ```\n   The worker will start listening to the Redis queue for incoming scan jobs.\n\n## 📂 Project Structure\n\n- `api-dotnet/`: The main API layer built with C# and Clean Architecture.\n- `worker-java/`: Background workers built with Java and Spring Boot.\n- `shared/`: JSON schemas for shared contracts (e.g., Redis payloads).\n- `docs/`: Additional documentation and onboarding guides.\n\n## 🗃 Schema Migrations\n\nThe .NET API uses EF Core migrations stored in `api-dotnet/src/Infrastructure/Migrations`.\n\n- Create a migration:\n  ```bash\n  dotnet ef migrations add \u003cMigrationName\u003e --project api-dotnet/src/Infrastructure/Infrastructure.csproj --startup-project api-dotnet/src/Infrastructure/Infrastructure.csproj --output-dir Migrations\n  ```\n- Apply migrations manually:\n  ```bash\n  dotnet ef database update --project api-dotnet/src/Infrastructure/Infrastructure.csproj --startup-project api-dotnet/src/Infrastructure/Infrastructure.csproj\n  ```\n\n## 💡 Contributing\n\nFor more detailed information on how to contribute, please refer to the [Onboarding Guide](docs/onboarding/getting-started.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhngprojects%2Fvulnwatch-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhngprojects%2Fvulnwatch-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhngprojects%2Fvulnwatch-api/lists"}