Trustify-ui

May 26, 2026 · View on GitHub

contributions welcome

Trustify UI Component

Build and Test Status

branchlast merge CIlast merge image buildnightly CI
mainCI (repo level)Multiple Architecture Image BuildNightly CI (repo level @main)
branchlast merge e2e CInightly e2e CI
mainCI (e2e Trustify CI)Nightly CI (e2e trustify CI @main)

Usage

Trustify UI provides a web interface for software supply chain security:

  • Advisories — Browse, search, and filter security advisories (CVE, RHSA, GHSA) with severity and status tracking
  • Vulnerabilities — View vulnerability details, related advisories, and affected products
  • SBOMs — Upload and inspect Software Bills of Materials; explore package dependencies
  • Packages — Search packages across ecosystems and view associated SBOMs and vulnerabilities
  • Products — Manage product definitions and track their security posture
  • Importers — Configure and monitor data import jobs from external vulnerability and SBOM sources

Access the application at http://localhost:3000 (development) or your deployed URL. Authentication is optional and controlled by the AUTH_REQUIRED environment variable.

Development

Requisites

NodeJS >= 22. Use nvm to install NodeJS

nvm install 22
nvm use 22
  • Backend. Clone trustify and there execute:
cargo run --bin trustd

It will start the backend in http://localhost:8080

Install dependencies

npm ci

Init the dev server

npm run start:dev

Open browser at http://localhost:3000

Environment variables

ENV VARDescriptionDefault value
TRUSTIFY_API_URLSet Trustification API URLhttp://localhost:8080
AUTH_REQUIREDEnable/Disable authenticationtrue
OIDC_CLIENT_IDSet Oidc Clientfrontend
OIDC_SERVER_URLSet Oidc Server URLhttp://localhost:8090/realms/trustify
OIDC_SCOPESet Oidc Scopeopenid

Crate

Note

When using the crate it is expected to build the UI always in Prod mode

Contributing

We welcome contributions! Please read our Contributing Guidelines before submitting changes.