The GUAC Visualizer is an experimental utility that can be used to interact with GUAC services. It acts as a way to visualize the software supply chain graph, as well as a means to explore the supply chain and prototype policies.
Table of contents
- A fresh copy of the GUAC service infrastructure through Docker Compose.
- If you haven’t already, download the main GUAC version
v0.1.2from this link.
- Follow steps 2-5 in setup.
- Download the specific GUAC visualizer version
v0.1.1from this link and extract it in the same path as your GUAC repo.
Change directories into the visualizer’s repo:
All commands run throughout this guide should be in this working directory.
Install the guac-visualizer dependencies:
The output should look like:
$ yarn install yarn install v1.22.19 warning package-lock.json found. Your project contains lock files generated by tools other than Yarn. It is advised not to mix package managers in order to avoid resolution inconsistencies caused by unsynchronized lock files. To clear this warning, remove package-lock.json. [1/4] 🔍 Resolving packages... [2/4] 🚚 Fetching packages... warning Pattern ["@apollo/client@latest"] is trying to unpack in the same destination "/Users/lumb/Library/Caches/Yarnfirstname.lastname@example.org- 9ddd355d0788374cdb900e5f40298b196176952b-integrity/node_modules/@apollo/client" as pattern ["@apollo/client@^3.7.10"]. This could result in non-deterministic behavior, skipping. [3/4] 🔗 Linking dependencies... warning "@graphql-codegen/cli > @graphql-tools/code-file-loader > @graphql-tools/graphql-tag-pluck > @email@example.com" has unmet peer dependency "@babel/core@^7.0.0-0". warning " > @firstname.lastname@example.org" has unmet peer dependency "graphql-tag@^2.0.0". warning "cosmos-over-cytoscape > email@example.com" has unmet peer dependency "webpack@^5.20.0". warning " > firstname.lastname@example.org" has incorrect peer dependency "react@>=16.8.25 <=16.13.1". warning " > email@example.com" has incorrect peer dependency "react-dom@>=16.8.25 <= 16.13.1". warning " > firstname.lastname@example.org" has incorrect peer dependency "styled-components@>=4.4.1 <= 5.1.1". warning " > email@example.com" has unmet peer dependency "react-is@>= 16.8.0". [4/4] 🔨 Building fresh packages... ✨ Done in 12.78s.
By default, the GUAC Visualizer assumes that the GraphQL server is running on http://localhost:8080/query. However, you can optionally configure the visualizer to connect to a different GraphQL endpoint or to read from a
guac.yaml config file from your curent working directory.
The output should look like:
$ yarn dev yarn run v1.22.19 $ next dev ready - started server on 0.0.0.0:3000, url: http://localhost:3000 info - Using webpack 5. Reason: Enabled by default https://nextjs.org/docs/messages/webpack5
You can then go to localhost:3000 in your browser to see the graph visualization.